switchboard
High-performance IPv4/IPv6 dual-stack protocol multi-layer switching
High backplane bandwidth provides non-blocking performance for all ports;
Hardware supports IPv4/IPv6 dual-protocol stack multi-layer line-speed switching, hardware handles IPv4 and IPv6 protocol messages separately, and supports various tunnel technologies (such as manual configuration tunnel, 6to4 tunnel, ISATAP tunnel, etc.). ), which can provide a flexible communication scheme between IPv6 networks according to demand planning and network status.
With the support and processing of dual protocol stacks, the existing network can be seamlessly upgraded to the next generation IPv6 scheme without changing the network architecture.
Rich and perfect routing performance and large routing table resources can meet the dynamic routing needs of large-scale networks;
RG-S3760 series hardware routing and forwarding mode based on LPM is not only suitable for large-scale network environment, but also can defend against the invasion of various network viruses, ensure the line-speed forwarding of all messages, and effectively guarantee the safety of equipment.
Flexible and complete security control strategy
It has a variety of internal mechanisms, which can effectively prevent and control virus spread and hacker attacks, such as preventing Dos attacks, anti-hacker IP scanning mechanism, checking the legality of port ARP messages, and various hardware ACL strategies. , and the network is green;
Industry-leading hardware CPU protection mechanism: the unique CPU protection strategy (CPP technology), which divides the data stream sent to the CPU and sorts the priority queue, implements bandwidth speed limit as needed, fully protects the CPU from illegal traffic occupation, malicious attacks and resource consumption, ensures the CPU security, and fully protects the switch security;
The hardware realizes the flexible binding between the port or full switch and the user's IP address and MAC address, and strictly restricts the user's access to the port or full switch;
Special hardware prevents ARP gateway and ARP host from cheating, effectively curbing the increasingly rampant ARP gateway cheating and ARP host cheating in the network, and ensuring users to surf the Internet normally;
SSH(Secure Shell) and SNMPv3 can encrypt the management information in the Telnet and SNMP processes, ensure the security of the management equipment information, and prevent hackers from attacking and controlling the equipment.
Control illegal users to use the network and ensure legitimate users to use the network reasonably, such as multi-binding, port security, time ACL, bandwidth speed limit based on data flow, etc. In order to meet the needs of enterprise network and campus network to strengthen the control of visitors and limit the communication of unauthorized users.
Strong multi-application support ability
It supports various unicast and multicast dynamic routing protocols, can adapt to different network scales and environments that require a large number of multicast services, and realizes network scalability and multi-service applications;
Support all versions of IGMPv 1/v2/v3, adapt to different multicast environments and meet the requirements of multicast security applications;
Support a variety of routing protocols, such as equivalent routing, weight routing and other rich three-layer characteristics and business characteristics, to meet the communication needs under different network link planning.
Perfect QoS policy
The QoS guarantee system based on DiffServ standard supports complete QoS policies such as 802. 1P, IP TOS, 2-7 laminar flow filtering, SP and WRR. The multi-service QoS logic based on the whole network system is realized.
It has the ability of multi-layer flow classification and flow control such as MAC flow, IP flow, application flow, etc., realizes various flow strategies such as fine flow bandwidth control and forwarding priority, and supports the network to provide services according to the quality of service characteristics of different applications and different application requirements.
high reliability
Support spanning tree protocols 802. 1d, 802. 1w, 802. 1s, fully ensure rapid convergence, improve fault tolerance, ensure stable network operation and link load balance, rationally use network channels, and provide redundant link utilization;
Support VRRP virtual router redundancy protocol to effectively ensure network stability;
Support RLDP, which can quickly detect the on-off of the link and the unidirectionality of the optical fiber link, support the loop detection function under the port, and prevent the network failure caused by the private connection of devices such as the hub under the port.
Easy to use and manage.
RG-S3760-24' s flexible Gigabit interface can flexibly meet the needs of multiple Gigabit links or multiple Gigabit servers, which is convenient for users to flexibly select and expand the network.
The SFP and electrical ports of RG-S3760- 12SFP/GT are designed in any way, and Gigabit interface modules with various specifications can be selected, which supports the mixed configuration of Gigabit copper cables and single/multimode optical fiber interface modules and the hot plug of modules, which greatly facilitates users to flexibly configure and expand the network.
Network time protocol ensures the accuracy of switching time, and is unified with the time server in the network, which is convenient for the analysis and fault diagnosis of log information and traffic information.
Syslog facilitates the unified collection, maintenance, analysis, fault location and backup of various log information, and facilitates the maintenance and management of the administrator network;
CLI interface, convenient for advanced users to configure and use;
The Web management mode based on Java realizes the visual graphical interface management of switches and configures devices quickly and efficiently.
router
High data processing ability
Advanced PowerPC communication processor, 2G bandwidth PCI bus technology, smaller packet forwarding delay, and efficient data processing ability supporting high-density ports ensure network application in high-speed environment.
High convergence ability
R3740 can plug in four NM- 1CPOS-STM 1 modules at the same time, and each module provides 63 channels of 2M access, with a maximum of 252 channels of 2M access.
The main control board has solidified two fast Ethernet ports of10/100/1000 m, and the optical ports are optional.
Two 10/ 1000m fast Ethernet ports are solidified on the main control board. The optical port or electrical port module can be selected according to the actual situation, and broadband interconnection can be realized without purchasing any module.
The main control board can be removed and replaced, and the router can be upgraded by upgrading the main control board in the future.
high reliability
Hot plug of key components: all power supplies and fans support hot plug function, which fully meets the needs of network maintenance, upgrade and optimization;
Support backup technologies such as link backup and routing backup to improve the reliability of the whole network;
Support VRRP hot backup protocol to realize redundant backup of lines and equipment.
RPS redundant power supply support.
Modular structural design
RG-R3740 has four network/voice module slots, which support a wide range of network/voice modules with complete functions and high density, and can realize more combined applications.
Good voice support function
Support G.7 1 1, G.723, G.729 and other speech coding formats, support H.323 protocol stack, and interoperate with devices of many VOIP vendors;
Support real-time fax function;
Support voice gatekeeper function.
Good VPN function
Support IPSec VPN function;
VPN function supporting GRE;
VPDN applications supporting L2TP/PPTP;
Under NAT application, L2TP/PPTP penetration function is supported.
Perfect QoS policy
Support PQ, CQ, FIFO, WFQ, CBWFQ, LLQ, rt PQ and other congestion management queuing strategies;
Congestion avoidance strategy supporting WRED and RED;
Support GTS traffic shaping strategy;
Support the automobile traffic supervision strategy;
Support QOS strategies such as CTCP and CRTP to improve link efficiency;
Support setting voice packet priority, which can provide a multi-functional service platform that meets the requirements and has high cost performance for small and medium-sized enterprises.
High security
Perfect firewall technology, supporting access list control strategy based on source and destination IP, protocol, port and time period;
Support the binding of IP and MAC address, effectively prevent the deception of IP address;
AAA authentication technology supporting authentication, authorization and user information recording, and Radius authentication protocol;
Support routing information authentication technology in dynamic routing protocol to ensure the security and reliability of routing information in dynamic routing network;
Support PAP, CHAP authentication and callback technology in PPP protocol;
Easy to use and manage.
Using standard CLI interface, the operation is simpler;
Support SNMP protocol, TFTP upload and download configuration files to facilitate network management;
Support Telnet/Console, which is convenient for remote management and control;
Various online upgrades to reserve space for future function expansion;
Product model
RG-R3740
Fixed port (main control panel)
1 console ports
1 auxiliary ports
Two10/100/1000 m adaptive fast Ethernet ports.
2 SFP optical module slots (Gigabit Ethernet is supported, and the power port can only be selected from 1).
Main control board slot
1 main control board slot
Module slot
4 network/voice module slots
Internal aiming slot
1
Memory modulus
Non-lightning: 2M
Nand-Flash: The default value is 32M, which can be extended to 96M.
DDR-RAM: The default value is 5 12M, and the maximum value is1g..
cpu
PowerPC communication special processor
Message forwarding capability
600Kpps- 1.2Mpps
Available modules
Nm-2fe-tx: dual-port10base-t/10base-tx fast Ethernet interface module.
Nm-2 has: 2-port high-speed synchronous and asynchronous serial modules.
Nm-4 has: 4-port high-speed synchronous and asynchronous serial modules.
Nm-8a: 8-port asynchronous serial module
Nm- 16a: 16 port asynchronous serial module
Nm-2ce 1: 2 port separable channelized ce 1 module
Nm-4cE 1: 4 port separation channelization cE 1 module
Nm- 1B-S/T: 1 port ISDN module (S/T interface)
Nm- 1B-U: 1 port ISDN module (u interface)
Nm-4b-u: 4-port ISDN module (U interface)
Nm-4 FXS: 4-port voice module (FXS interface)
Nm-8FXS: 8-port voice module (FXS interface)
Nm-4fxo: 4-port voice module (fxo interface)
Nm-1e1v1:e1voice module
AIM-VPN: hardware encryption module
NM- 1CPOS-STM 1: channelized POS module
Dimensions (width x height x depth)
442mm×118mm× 410mm, which can be installed in 19 "standard cabinet.
Power?Supply?
85VAC~265VAC, 47Hz~63Hz, supporting RPS redundant power supply.
gross power
Less than 150 watt
temperature
Working temperature: 0℃ to 40℃
Storage temperature: -40? C to 55? C
humidity
Operating humidity: 10% to 90% RH
Storage humidity: 5% to 90% relative humidity
Establish an operational foundation: build a high-speed and stable network exit.
From the bottom hardware architecture, it is guaranteed to adopt 1.3GHz /64-bit RISC high-performance dedicated network processor, 5 12M DDRII memory, support 600,000 NAT sessions, and have super capacity. It is embedded in RGNOS network operating platform independently developed by Ruijie Network, providing high performance and high stability of carrier-grade network products.
Attach importance to the line-speed forwarding capability of equipment: the packet forwarding rate is as high as 1.5Mpps, which can meet the line-speed forwarding of multiple 100 Mbps/ Gigabit optical fibers. It can still run stably in the case of gigabit DDoS attack.
Pay attention to hardware design and support: support hardware port mirroring function. The monitoring port provides monitoring function without affecting the network performance, and is compatible with common information monitoring and filtering systems. Built-in carrier-grade broadband switching power supply, with lightning protection, overvoltage and surge protection design, suitable for situations with unstable voltage.
Dual-boot image file: power failure can still be automatically restored during the upgrade process, so that you can upgrade without worry.
Do a good job of operation guarantee: do a good job of internal and external network security protection
Omni-directional ARP defense system: by scanning LAN ports and "one-key static binding", the static binding of IP/MAC in the intranet can be quickly completed. Support the MAC address learning function of closing LAN port, and refuse illegal users to surf the Internet. Support the patented technology of "trusted ARP" and realize the perfect combination of dynamic ARP binding and static ARP binding. It can intelligently verify the authenticity of ARP information, that is, it does not need static binding and will not be deceived. At the same time, the host information with ARP spoofing can be displayed hierarchically to locate the source of spoofing.
Anti-DDoS attack and unfair competition: it has the defense ability of 1000M DDoS attack. Under the attack of 100M DDoS, the CPU utilization rate is not higher than 15%, and packets can still be forwarded at line speed. Under the attack of 1000M DDoS, the CPU is stable at 90% and the device forwards normally.
Anti-intranet attack and anti-IP/ port scanning: It can defend against almost all kinds of attacks at present, such as SYN flood, UDP flood, ICMP flood, Smurf/Fraggle attack, fragmented message attack, etc. At the same time, it can record the address information of the attack host and locate the attack source; You can also blacklist intranet attack hosts, prohibit their online function, and filter attack messages through hardware without occupying CPU resources.
Hardware antivirus: filtering virus short messages by adding rules, and supporting automatic detection of shock wave and shock wave virus. It can identify and block the poisoning process of robot dog virus, and display the host information and IP address of the website with virus at the same time. NBR series router is the only router in the industry that completely blocks the robot dog virus.
Access control/filtering: Support standard and extended ACL (access control list), which can detect and filter packets according to the specified IP address range and port range, and support expert ACL and time ACL. Support domain name filtering, block illegal and malicious website access, and surf the Internet healthily.
The key to business promotion: customize intelligent functions to enhance users' online experience.
Flexible internal and external network applications: three Gigabit WAN ports realize multi-ISP line access, and the photoelectric multiplexing port meets the various forms of line access requirements of operators. VRRP hot backup protocol and line detection based on Ping/DNS realize load balancing and line backup of multiple devices and multiple broadband lines. The automatic routing function of Telecom and Netcom has realized that "Telecom data automatically takes the telecom line and Netcom data automatically takes the netcom line". Supporting the north-south route selection strategy has better practical effect.
Flexible bandwidth and intelligent speed limit: you can flexibly limit the upload and download rate of the whole network and a single IP or IP segment. The elastic bandwidth function will automatically and intelligently allocate the best bandwidth for each online PC in a set way according to the real-time usage of network bandwidth. When the network is busy, it automatically suppresses the download traffic that occupies a large bandwidth to ensure that the network is not stuck or slow; Allow users to download at high speed when the network is idle, make full use of network resources and improve the online experience.
Hardware acceleration of online games: Through the dual identification of game ports and message sizes, high-priority green channels can be divided for game messages, ensuring a fast game experience at all times.
Other features: VPN function supporting GRE. VPDN application supporting L2TP/PPTP. Under NAT application, it supports the penetration function of L2TP/PPTP.
Sharp tools of network management: intelligent linkage control, whole network management and monitoring meeting.
Support the patented technology of "intelligent linkage": the whole network switches (Ruijie series security switches) can be managed and configured in a unified way on NBR WEB interface. The core/access switch automatically completes the port security policy configuration and the IP/MAC/ port ternary binding of the whole network PC, and the hardware filters illegal messages such as ARP spoofing and DDoS attacks, which perfectly solves the problem of internal network integrity.
High availability full WEB interface: the unique management page and monitoring page are designed separately to realize the separation of permissions; Interface traffic, IP traffic, ARP binding, NAT session number, system log and other information. It can be displayed centrally under a monitoring page, and the IP traffic can be sorted by upload rate, download rate and IP address, so as to easily understand the network operation; Provide system event alarm page and Chinese log to quickly locate network faults.
For advanced users, it also provides command line configuration mode to realize deeper and more detailed functional application and experience the powerful routing characteristics of RGNOS operating platform.
technical parameter
Parameter description
Product model
RG-NBR3000
Solidification wan' gang
Two10/100m/1000m optical/electrical multiplexing ports (combination).
1 adaptive RJ45 port (automatic metered inhaler /MDIX).
Solidified LAN port
Five10/100m/1000m adaptive RJ45 ports (automatic metered inhaler /MDIX)
CPU processor
1.3 GHz 64-bit RISC professional network processor
Memory modulus
DDRII:5 12M
Flash: 5 12M
2M
Indicator light
Each port: link/activity (connection/work), speed (speed)
Each device: power supply, attack alarm, system status (saturated/busy/normal/idle)
network protocol
L Support TCP/IP protocol cluster and realize IP, ICMP, IGMP, TCP and UDP protocols.
L Support multiple routing protocols: static routing, RIP(V 1/V2).
L support DHCP relay and DHCP server.
I support PPPoE
L supports NAT and various NAT ALG, including FTP, H.323, DNS, etc.
I support DDNS
L support Ping and Tracert fault detection.
L support QoS(PQ, CQ, FIFO, WFQ, CBWFQ, etc. ).
Security applications: PAP, CHAP, firewall, ACL, port mirroring.
Management protocol
Chinese WEB configuration management and monitoring
Support SNMPv 1/v2.
CLI (Remote Login/Console)
TFTP upgrade and configuration file management
X-MODEM upgrade mode supporting asynchronous file transfer protocol
Network security
L thoroughly guard against ARP attacks
L anti-robot dog virus
L prevent internal network attacks/external network attacks
L support secure address binding
I stopped Wan Ping.
L prevent port scanning attacks
L prevent fragment message attacks
L prevent ICMP flood attacks.
Prevent teardrop attack
I prevent death.
Prevent land attack
L prevent Smurf/ debris attacks
L prevent Syn flooding
eigenfunction
Support flexible bandwidth (bandwidth is dynamically allocated, and the maximum upload and download rate can be set).
Support speed limit based on IP and MAC address.
Support game bandwidth guarantee (go-kart, Warcraft, Journey, etc. 16 games).
Support domain name filtering, traffic balancing and traffic monitoring.
Support the linkage management of devices in the network.
Overall dimensions (height
× length× width)
44.4 mm× 437 mm× 268 mm
input voltage
Alternating current: 100 ~ 240 volts 48/60 Hz
gross power
Less than 30W
Reference /ProductDetail.aspx? productid=244#