H3C MSR5600 Router Series
MSR5600 router series is designed to meet the new challenges and requirements that wide deployment of cloud services brings to networking. The router has the following benefits:
The router runs H3C's state-of-the-art Comware network operating system, provides intelligent service scheduling management mechanism, and supports loose coupling of service modules and dynamic loading of processes and patches.
The high-performance multicore processor with the non-blocking switching architecture enhances the concurrent service processing capability significantly.
The OAA architecture supports open applications such as CVK, VMware, WAN optimization, Lync, and third-party services.
Dual MPU system architecture allows millisecond MPU switchover and process-level backup.
Integrated routing and switching fabric technology and separation of routing and switching planes help achieving 10 Gbps data transmission.
Multiple protocol processing engines, such as data encryption engine.
Service security
● Packet filtering, including stateful filtering, MAC address filtering, IP and port number filtering, and time based filtering.
● Real-time traffic analysis.
Network security
● Comprehensive VPN technologies, including IPsec, L2TP, GRE, ADVPN, MPLS VPN, and combinations of multiple VPN technologies.
● Routing protocol security protection, such as OSPF/RIP/IS-IS/BGP authentication, OSPFv3/RIPng/IS-ISv6/BGP IPS encryption, and rich routing policy control functions.
End device access security
● Integrated terminal access binding authentication, including EAD security check authentication, 802.1X authentication, endpoint MAC address authentication, Web-based portal authentication, endpoint access static binding, and MAC address auto-learning and binding.
● ARP attack protection, including source MAC address binding, ARP defense against IP packet attacks, address conflict detection and protection, ARP packet rate limit, ARP detection, ARP packet source MAC consistency check, ARP source suppression, ARP active acknowledgment.
Device management security
● Role-based access control that allocates resources based on roles, and provides users and roles mapping.
● Control plane traffic control and filtering based on protocol type, queue, known protocol and specific protocol.
● Remote security management, such as SNMPv3, SSH, and HTTPS remote management.
● Behavior control and audit, including AAA server central authentication, command line authority and real-time report of operation records.
Uses granular identification and control to rate limit and filter application layer services and ensure bandwidth and provides detailed network statistics for network optimization.
Supports equal cost multiple path (ECMP) and unequal cost multiple path (UCMP) load balancing. UCMP allows the device to perform bandwidth-based load balancing.
Performs load balancing based on bandwidth, user, user group, service, or application by using asymmetric link, traffic load balancing, and multi-topology dynamic routing technologies.
Supports flexible bandwidth sharing based on service, user, user group, link, and user bandwidth.
Comprehensive network management methods—Supports command line and SNMP.
Zero-configuration setup and configuration rollback—enables zero-configuration batch device startup, and automatic fallback in the event of configuration errors.
Comware embedded EAA function—Monitors the internal events and status of the system's software and hardware components. If a fault occurs, it collects diagnostic information and attempts to make automatic repairs as well as sending the diagnostic information to a specific email address.
Configuration from a USB drive—provides a USB console port and supports booting and automatic configuration loading from a USB drive.
Supports 1+1 MPU redundancy.
Supports hot swapping of interface modules and 1+1 CF card backup.
Separation of the control place and forwarding plain maximizes the fault isolation capability and enhances system reliability.
Independent hardware processing module for the monitoring system and programmable components that supports online upgrade and auto loading to strengthen product reliability.
Supports bidirectional forwarding detection (BFD), which can detect faults in milliseconds and can collaborate with static routing, RIP/OSPF/BGP/ISIS dynamic routing, VRRP, and interface backup through the track module.
Supports network quality analyzer (NQA), which can collaborate with static routing, VRRP, and interface backup through the track module.
Supports multi-device redundancy and load balancing (VRRP/VRRPE).
Supports fast reroute, and GR/NSR.
Intelligent Resilient Framework 2 (IRF2)—virtualizes two devices into one logical device. This technology significantly decreases networking complexity, reduces the operation and maintenance cost, enhances bandwidth and equipment utilization, and improves management efficiency.
Multichassis link aggregation—enables the device to perform load balancing and backup among multiple uplinks to increase reliability of the overall network architecture and enhance link resources efficiency.
The device can use VXLAN to provide Layer 2 network connectivity between data centers. The VXLAN solutions are easy to deploy and cost efficient. You just need to deploy one or more VXLAN-capable devices on the site edge and no modifications for the enterprise or the service provider networks are required. The VXLAN solution combined with the IPSec solution can enhance the data transmission security between data centers over the public network.
Fully compliant with the RoHS standard.
Space efficient by using separate airflow aisles designed in unique L shape for the system and power modules.
Minimizes fan tray noises and power consumption by fan tray redundancy, multi-level fan speed regulation, and fan speed adaption to the internal temperatures.
Minimizes the system power consumption by intelligent power management and flexible HMIM/MPU/interface module energy saving policy.
|
Item |
MSR5620 |
MSR5660 |
|
CPU |
1.2GHz |
1.5GHz |
|
DRAM |
SPU: 2G/2G |
SPU-400-X1: 4G/4G SPE-S1: 2G/2G SPE-S3: 8G/8G |
|
Forwarding Performance In Service (IMIX) |
7.5Gbps |
SPU-400-X1: 20Gbps SPU-600-X1+SPE-S1: 5Gbps SPU-600-X1+SPE-S3: 50Gbps SPU-600-X1+2*SPE-S1: 10Gbps SPU-600-X1+2*SPE-S3: 100Gbps |
|
IPSec performance(iMIX) |
2Gbps |
SPU-400-X1: 7Gbps SPU-600-X1+SPE-S1: 2Gbps SPU-600-X1+SPE-S3: 20Gbps SPU-600-X1+2*SPE-S1: 4Gbps SPU-600-X1+2*SPE-S3: 40Gbps |
|
Backplane bandwidth |
135Gbps |
670Gbps |
|
USB 2.0 port |
1/2, support for USB 3G/4G modem |
1/1, support for USB 3G/4G modem |
|
Fixed GE port |
3 × GE combo ports 2 × SFP+ ports |
SPU-400-X1: 10 × GE combo ports+4 × SFP+ ports SPE-S1: 4 × GE combo ports+4 × SFP ports SPE-S3: 8 × SFP+ ports |
|
Console/AUX port |
1 |
1 |
|
Management Ethernet Port |
1 |
1 |
|
SIC slot |
4 |
N/A |
|
HMIM slot |
2 |
6 |
|
DHMIM slot |
N/A |
1 |
|
Max power consumption |
450 W |
450 W |
|
Power module redundancy |
Two built-in power modules |
Support for built-in AC/DC power modules and N+1 power module redundancy |
|
Power voltage |
AC: 100 VAC to 240 VAC @ 50 Hz/60 Hz DC: –48 to –60V |
AC: 100 VAC to 240 VAC @ 50 Hz/60 Hz DC: –48 to –60V |
|
Rack height |
2 RU |
4 RU |
|
Dimensions (H × W × D) |
88.1 × 440 × 480 mm (3.47 × 17.32 × 18.90 in) |
175.1 × 440 × 480 mm (6.89 × 17.32 × 18.90 in) |
|
Operating temperature |
0ºC to 45ºC (32°F to 113°F) |
0ºC to 45ºC (32°F to 113°F) |
|
Operating humidity |
5% RH to 95% RH, non-condensing |
5% RH to 95% RH, non-condensing |
|
EMC |
FCC Part 15 (CFR 47) CLASS A ICES-003 CLASS A VCCI-3 CLASS A VCCI-4 CLASS A CISPR 22 CLASS A EN 55022 CLASS A AS/NZS CISPR22 CLASS A CISPR 24 EN 55024 EN 61000-3-2 EN 61000-3-3 EN 61000-6-1 ETSI EN 300 386 EN 301 489-1 EN 301 489-17 |
FCC Part 15 (CFR 47) CLASS A ICES-003 CLASS A VCCI-3 CLASS A VCCI-4 CLASS A CISPR 22 CLASS A EN 55022 CLASS A AS/NZS CISPR22 CLASS A CISPR 24 EN 55024 EN 61000-3-2 EN 61000-3-3 EN 61000-6-1 ETSI EN 300 386 EN 301 489-1 EN 301 489-17 |
|
Security |
UL 60950-1 CAN/CSA C22.2 No 60950-1 IEC 60950-1 EN 60950-1/A11 AS/NZS 60950 EN 60825-1 EN 60825-2 FDA 21 CFR Subchapter J GB 4943 |
UL 60950-1 CAN/CSA C22.2 No 60950-1 IEC 60950-1 EN 60950-1/A11 AS/NZS 60950 EN 60825-1 EN 60825-2 FDA 21 CFR Subchapter J GB 4943 |
|
Item |
Specification |
|
Layer 2 switching |
Ethernet, Ethernet II, VLAN (port-based VLAN, guest VLAN), 802.3x, 802.1p, 802.1Q, 802.1X, STP (802.1D), RSTP (802.1w), MSTP (802.1s), PPP, PPPoE client, PPPoE server, HDLC, DDR, modem, and ISDN |
|
IP services |
Unicast/multicast, TCP, UDP, IP option, IP unnumbered, policy-based routing, NetStream, and sFlow ECMP UCMP |
|
IP application |
Ping, Tracert, ICMP, DHCP server, DHCP relay, DHCP client, DHCP snooping, DNS client, DNS proxy, DDNS, IP Accounting, UDP Helper, NTP, and SNTP |
|
IPv4 routing |
Static routing Dynamic routing: RIPv1/v2, OSPFv2, BGP, IS-IS Route iteration Policy routing Equal-cost multi-path routing (ECMP) Multicast routing: IGMP v1/v2/v3, PIM-DM, PIM-SM, MBGP, MSDP |
|
IPv6 |
IPv6 ND, IPv6 PMTU, IPv6 FIB, IPv6 ACL, NAT-PT, 6PE, and DS-LITE IPv6 tunneling: Manual tunneling, automatic tunneling, GRE tunnel, 6to4, ISATAP Static routing Dynamic routing: RIPng, OSPFv3, IS-ISv6, BGP4+ IPv6 multicast: MLDv1/v2, PIM-DM, PIM-SM |
|
QoS |
LR, port-based mirroring, Port Trust Mode, and port priority Committed access rate (CAR) FIFO, WFQ, CBQ Generic Traffic Shaping (GTS) Traffic classification |
|
3G/4G |
Support for 3G modems Support for TD-SCDMA, CDMA2000/EVDO, and WCDMA/HSPA+ |
|
Security |
PPPoE client & server, portal, 802.1X Local authentication, RBAC, RADIUS, TACACS+ Basic Firewall Function, ASPF, ACL, filter, connection limit IKE, IPSec ADVPN, SSL VPN, GDVPN L2TP, NAT/NAPT, PKI, RSA, SSH v1.5/2.0, URPF, mGRE, GRE ARP attack prevention AES, DES, 3DES,MD5, SHA1 Endpoint Admission Defense (EAD) EVI, VXLAN |
|
MPLS |
LDP, Static LSP L3VPN: Inter-AS MPLS VPN (Option 1/2/3), MPLS nested VPN, hierarchy of PE (HoPE), dual-homed CE, MCE, and multirole host L2VPN: Martini, Kompella, CCC PWs and static PWs MPLS TE, RSVP TE |
|
High availability |
IRF2 VRRP, VRRPv3 Muti-link load-balancing and backup NQA collaboration with routing, VRRP or interface backup BFD collaboration with MPU active/standby switchover |
|
Management and maintenance |
SNMP v1/v2c/v3, MIB, SYSLOG, RMON BiMS remote management, booting from USB drive CLI, file system, and dual image DHCP, FTP, HTTP, ICMP, UDP public, UDP private, TCP public, TCP private, and SNMP Console port login, Telnet (VTY) login, SSH login, and FTP login |
Malaysia
