Asterfusion NX5 series versatility switches are designed to operate either as the spine switches or the TOR switches in the 2-tier Spine-Leaf cloud data center networks. In a standard 1RU space, the Asterfusion CX532P versatility switch provides 32 ports of 100G Ethernet interfaces. As a spine switch, Asterfusion CX532P can configure each of its 32 ports as a 100G downlink port connected to a TOR switch such as Asterfusion NX3 switch; Asterfusion CX532P can also operates as a TOR switch, in which each of its 32 ports can be configured as either a 100G uplink port connected to a spine switch including CX532P itself or as a downlink port to data center servers with following port configurations :
The hardware platform of Asterfusion NX series versatility switches fully complies to the open-standard principle established by Facebook OCP (Open Compute Project), in which standard x86 computing module and third-party commercial switch chip(s) each makes of the control plane and forwarding plane of the switch hardware platform respectively. Design standards and product development specifications of Asterfusion NX versatility switches are completely open to users, thereby ensuring end users fully transparent open-standard systems and removing their concerns of invisible “black boxes”.
The forwarding plane of the Asterfusion NX versatility switches is based on the innovations from industry's most advanced programmable switch chip. Compared with legacy switch chips, the programmable switch chip offers unique advantages in terms of functional flexibilities, performance improvements, logistic simplification, capital investment protections, etc., which Asterfusion believes, will all become the inevitable requirements in future cloud network infrastructure development.
AsterNOS running on every NX versatility switch is an open, intelligent, easy-to-use, high-performance network operating system designed and developed by Asterfusion based on the genuine SDN concept in the cloud computing era. Asteria Fabric Controller (AFC) is the Cloud SDN Controller also designed and developed by Asterfusion for seamless integration with cloud data center OS such as ONOS and OpenStack. Therefore, Asterfusion Cloud Network, jointly formed by AFC and NX versatility switches running with AsterNOS, would be a genuine SDN platform for cloud data center services and applications.
In Asterfusion cloud networks, switches just like computing and storage, will completely follow the basic design principle of openness, decoupling, software-defined and standard-compliance, run on a set of common open programmable high-performance hardware platforms and also be fully integrated into an operational framework of unified management, automatic scheduling, and on-demand deployment.
In cloud networks, network control plane communicates with network data forwarding plane through a standard southbound interface and OpenFlow is one of the most widely used southbound interfaces. OpenFlow is used by the network controller to control network devices and by network devices to feedback information to the controller. OpenFlow can also specify how each network device should forward packets. There are three types of packet forwarding modes supported by OpenFlow switches in the industry and they are “Generic OpenFlow”, “Hybrid OpenFlow” and “Fusion OpenFlow”. In Hyper OpenFlow mode, both OpenFlow forwarding and L2/L3 forwarding operate concurrently in a parallel fashion inside one switch, while in Fusion OpenFlow mode, both OpenFlow forwarding and L2/L3 forwarding operate concurrently but in a serial fashion. Asterfusion NX series switches can support not only the above operation modes but also another innovative mode called “Open Fusion Flow”, in which 3 layers of forwarding logic (Ingress OpenFlow Logic, L2 / L3 Forwarding Logic and Egress OpenFlow Logic) operating concurrently in a serial fashion as shown in the following figure.
In the Open Fusion Flow mode, Asterfusion NX versatility switches can carry out various packet forwarding strategies not only for ingress traffic but also for egress traffic, improving Controllers’ flexibility in traffic forwarding control. Furthermore, in Asterfusion NX versatility switches, Ingress OpenFlow Logic is implemented as a 4-stage flow table structure while Egress OpenFlow Logic is a 2-stage. Multi-stage flow table structure extracts packet features in each stage of the flow table and then decomposes the packet matching process into multiple steps in a pipeline processing format. The pipeline processing format will improve the overall efficiency of the flow table resource utilization and hence, enrich the total number of data forwarding rules supported in Asterfusion NX switches.
Asterfusion NX versatility switches employee an innovative “scale-wide” architecture, which would take the CLOS switching architecture normally resided inside a legacy chassis switch system and spread it out onto the cloud network fabric in a fully mesh format between spine switches and TOR switches to help users build highly flexible on-demand expandable cloud networks. With the scale-wide architecture, users no longer have to pay excessive costs for expensive chassis-based spine switches and can take the control to plan, deploy, optimize and expand their networks back from switch vendors and firmly into their own hands.
Asterfusion scale-wide cloud networks built from NX versatility switches can not only simplify cloud network infrastructure complexity but also with powerful horizontal expansion capability, significantly reduce cloud network TCO, full-filling the fundamental goal in the cloud computing “pay-as-you-grow” cost model.
To enable the rapid, flexible and automatic update capabilities in the cloud networks, Asterfusion NX versatility switches have adopted new DevOps software product delivery model and support widely deployed DevOps tools such as NETCONF and Ansible for development, testing and production environments.
NETCONF (Network Configuration Protocol) is fairly lightweight, efficient, scalable, and secure. So, it has been widely used to replace other network management protocols such as SNMP in various data center scenarios. At the same time, DevOps platform supporting the NETCONF protocol can also establish connections with Asterfusion cloud network devices in order to remotely manage device configuration data and retrieve device status data.
Ansible can automate a large amount of repetitive work in the operating environment using its “playbook” model. Hence, Asterfusion has developed an AsterPlaybook that would comply to the Ansible standard and enable Ansible servers to easily and quickly automate the operational and maintenance work in Asterfusion cloud networks, thereby leading to significant workload reduction and productivity increase for data center administrators.
Asterfusion NX5 series versatility switches deliver 32 40/100G Ethernet ports while NX3 series deliver 48 10/25G ad 6 40/100G Ethernet ports all in a standard 1RU space. For today's cloud data centers, this interface design maximizes space efficiency and energy usage, helping users to achieve a higher ROI (Return of Investment) while reducing their TCO (Total Cost of Ownership).
With the support of the programmable switch chip, Asterfusion has developed innovative implementations of some of the most commonly used NFV (Network Function Virtualization) features and integrated them into the forwarding plane of NX versatility switches, further improving the efficiency of cloud network usage and helping users resolve degrading virtual computing performance caused by numerous inefficient software-simulated NFV nodes in the virtual computing space. The NFV features supported by Asterfusion NX versatility switches include: NAT (Network Address Translation), Layer-4 SLB (Server Load Balancing), Anti-DDoS (Distributed Denial of Service), etc.
Application visibility is a key and indispensable requirement for the optimal operations of cloud data centers. Asterfusion NX versatility switches support the IETF's newly defined In-situ Network Telemetry (INT) function. For service flows that need to be analyzed, INT function inside Asterfusion NX versatility switches would record key data plane performance parameters (such as access interfaces, timestamps, queue length, etc.) in their flow transmission paths. These key parameters can be output to AFC (Asteria Fabric Analyzer) or other third-party compatible analysis tools in a standard format for detailed backend analysis and visual presentation.
Asterfusion NX versatility switches will also collaborate with Asterfusion PX visibility switches, which contain a series of physical switches that would support the “Out-of-band Network Telemetry”(ONT) function and a virtual applet that would tap into virtual network traffic and collect traffic information between virtual machines within same physical server for the “Virtual Network Telemetry”(VNT) function (see Asterfusion PX visibility switches datasheet for more details). Through AFC, the unified management, coordination and scheduling platform, users can deploy both Asterfusion NX versatility switches and PX visibility switches at the same time and build up a large-scale cloud application visibility solution. After full replication and intelligent collection of application traffics in the cloud, homologous_homoclinic traffics would be aggregated into various back-end analysis system clusters for a comprehensive analysis, which would enable users to formulate a comprehensive “Visibility-as-a-Service, VaaS” solution to various demands and challenges currently facing in cloud data center operation and maintenance.
|Hardware Specifications / Model||NX532P||NX306P-48S||NX306P-48T||NX306P-48Y|
|Fixed Ports||100G/40G Optical (QSFP28)||32||6||6||6|
|10G Optical (SFP+)||-||48||-||-|
|10G Electrical (10G BASE-T)||-||-||48||-|
|25G Optical (SFP28)||-||-||-||48|
|Switching Capacity||Switching capacity (Tbps)||6.4||2.16||2.16||3.6|
|System memory (GB, standard / optional)||8/-|
|SSD storage(GB, standard / optional, type)||64/-, mSATA|
|Console (USB, 3.0)||1||1||1||1|
|Out-of-band management Ethernet port (Electrical, 10/100/1000)||1||1||1||1|
|Hot swap redundant power supply||1+1|
|Power supply (AC/DC, W)||550/550|
|Redundant swappable fans||3+1||3+1||3+1||4+1|
|Dimensions (W × H × D, mm)||440 x 44 x 515|
Layer 2 Service
|Forwarding mode||store-and-forward mode / cut-through mode|
|Two/three-layer Ethernet interface working mode|
|Interface batch configuration function|
|Spanning Tree||IEEE802.1d Spanning Tree Protocol STP / IEEE802.1w Rapid Spanning Tree|
|Protocol RSTP / Fast Convergence Mechanism|
|802.3ad LACP||Passive and Active interface Mode / Aggregation load balancing HASH algorithm based on source IP, destination IP, source and destination IP, quintuple, source port number, destination port number, source and destination port number / outer/inner layer packet load sharing / The outer hash of the tunnel packet is enabled, including GTP, VXLAN, GRE, MPLS, etc.|
|Mirror||many-to-one mirroring / one-to-many mirroring / port-based mirroring / stream-based mirroring|
|Jumbo Frame up to 12000 Bytes|
|802.1q VLAN||Port-based VLAN (4094) / Default VLAN / Private VLAN / Access, Trunk, Hybrid mode|
|MAC address||Static/dynamic MAC address entry / MAC address automatic learning and aging / Port and VLAN-based MAC address learning restrictions|
Layer 3 Service
|ARP||Free ARP / ARP Proxy / ARP Snooping|
|DHCP v4/v6||DHCP Server / DHCP Client / DHCP Relay / DHCP Snooping / DHCP Snooping option82 / DHCP Relay option82|
|IPv6 basic features||IPv6 PMTU / ICMPv6 / IPv6 ND / IPv6 transition technology dual stack protocol, tunnel technology, 6PE|
|IPv4/v6 Static route|
|BGP / MP-BGP|
|ACL||IPv4/v6 L2 (Layer 2) ~ L4 (Layer 4) packet filtering function based on source MAC address, destination MAC address, source IP (IPv4/IPv6) address, destination IP (IPv4/IPv6) address, port, protocol, VLAN flow classification|
|ACL statistics / Layer 2 interfaces are associated with the ingress ACL|
|QoS||Best-Effort / DiffServ service type|
|Attack detection and prevention|
|TCP attack defense|
|IP Source Guard|
|ARP attack defense|
|Data Center||Converged network||802.1Qaz ETS/DCBX / 802.1Qau CN/QCN / 802.1Qbb PFC / IEEE 802.3bd|
|Virtualization||802.1Qbg (including VEB, VEPA, Multi-channel three modes) / VXLAN -BRIDGE, VXLAN-ROUTE / VXLAN-EVPN / OpenFlow v1.3 / NFV (including NAT, L4LB, Service Chaining)|
|Open and Programmable||Linux tools||Bash shell / RPM / Loadable kernel module|
|SDN||REST API / OpenStack Neutron|
|DevOps tools||NETCONF / Ansible|
|Virtual machine||KVM / QEMU / XEN|
|Container||Docker / Kubernetes / LXC|
|System Management||CLI unified interface management / REST API / WebUI|
|Multiple login methods||CLI mode / RESTful mode based on HTTP/HTTPS / SNMP|
|File system management|
|Software online upgrade|
|Network Management and Monitoring||Ping / Traceroute function|
|Time synchronization||PTP (IEEE 1588) / NTP|
|Process monitoring and maintenance|
|Log information||Diagnose, secure, hide, debug trace, etc. of log information|
|Level of log information||0-6 information level division|
|Output of log information||Output to console / monitoring terminal / log host / log file|
|Configuration and management interface||RS-232 serial console / 10/100/1000M management network port / USB port / MGMT|
|Intelligent temperature control / intelligent power supply / LED indicator|