Data Center Virtualization
The RG-S6220-H switches adopt the industry-leading Virtual Switch Unit 2.0 (VSU 2.0) technology to achieve unified network management, reduce network nodes and enhance network reliability. The failover time for link failure is within 50 to 200ms to guarantee uninterrupted operation for mission-critical applications. The cross-device link aggregation feature enables access to servers or switches to achieve active-active uplinks.
The series supports EVPN VXLAN (Ethernet VPN Virtual Extensible LAN). The network offers up to 16 million VXLAN network segments to improve the scalability problem caused by insufficient VLAN in traditional data center network. By encapsulating Layer 2 packets within UDP packets, the VXLAN technology constructs a logical Layer 2 network based on the Layer 3 network, so that users can deploy VXLAN without altering the existing network architecture and achieve flexible migration of data center host (virtual machine) by eliminating the restriction of the physical network. In addition, the network can be divided into new subnets without altering the physical topology, which is not restricted by the physical network IP address and broadcast domain. Introducing a reliable control plane protocol EVPN can achieve VTEP (VXLAN tunnel endpoint) auto discovery and authentication in order to reduce VXLAN data plane flooding and eliminates the need for multicast in the underlay network. Learning the Layer 2 and Layer 3 information of the device via the control plane enhances the robustness and scalability of the VXLAN network. The RG-S6220-H series also supports anycast gateway which facilitates optimal east-west routing, provides Layer 3 gateway redundancy and supports virtual machine migration.
Non-blocking Performance with Powerful Caching Capacity
The RG-S6220-H series is a powerful collection of line-rate switches customized to power the next-generation data centers and cloud computing. Within the 1RU configuration, the series supports up to 48 x 10G fiber/copper ports and 32 x 40G fiber ports offering line-rate forwarding from all ports. The switches employ an advanced cache scheduling mechanism to maximize the device’s cache capability, ensuring truly non-blocking transmission in the increasingly demanding data center environment.
Cost-effective 10 GE Copper Port
The RG-S6220-H series provides 10 GE access through a high-density 10 GE Base-T port. The port supports the IEEE 802.3an standard and offers a 10 GE access bandwidth using the general RJ-45 twisted pair. The easy deployment of twisted pair keeps the original cabling of the data center in place with no disruption. It is also much more cost-effective than optical fiber. The RG-S6220-H series greatly minimizes the construction costs of data centers.
IPv4/IPv6 Dual-Stack Multi-Layer Switching
The hardware of the RG-S6220-H series supports line-rate IPv4/IPv6 dual-stack multi-layer switching, and distinguishes and processes IPv4 and IPv6 protocol packets. The switches also support multiple tunneling technologies including manually configured tunnels, automatic tunnels, ISATAP tunnels and so on. The switches provide flexible IPv6 inter-network communication solutions to be realized according the requirement plan and status quo of the IPv6 networks. The switch series is also applicable to an IPv4-only or IPv6-only network, or a hybrid of IPv4 and IPv6 network, fulfilling the transition requirements from IPv4 to IPv6 network.
The series supports a wide range of IPv4 routing protocols including static routing, RIP, OSPF, and BGP4, which can be selected flexibly according to the network environment.
The series also supports an abundant list of IPv6 routing protocols, such as static routing, RIPng, OSPFv3, and BGP4+, which can be selected flexibly either to upgrade the existing network to IPv6 network or to construct a new IPv6 network.
Carrier-Class Reliability Protection
The RG-S6220-H series supports built-in redundant power modules and modularized fan components. All the interface boards, power modules, and fan modules are hot-pluggable to guarantee undisturbed switching operation. In addition, the switches support fault detection and automatic alarms for the power and fan modules. The rotation speed of the fans automatically adjusts to the ambient temperature. The switches further provide device-level and link-level reliability protection with the over-current, over-voltage, and overheating protection measures.
The RG-S6220-H switches also feature Graceful Restart (GR) and Bidirectional Forwarding (BFD) mechanisms. All the features ensure the network convergence time is unaffected even when the network bears abundant services and heavy traffic, and therefore ensure normal operation.
Flexible and Comprehensive Security Policies
The RG-S6220-H series features multiple security features, which effectively defend against and control virus flooding and hacker attacks. These features include anti-DoS attack, validity check of ARP packets on ports, and multiple hardware-based ACL policies.
The switches support hardware-based IPv6 ACLs, which can easily control IPv6 users' access to edge devices even when IPv6 users exist within an IPv4 network. It allows coexistence of IPv4 and IPv6 users on the network and can control access permissions of IPv6 users, such as restricting access to sensitive resources on the network.
The switch series adopts Ruijie’s industry-leading CPU Protection Policy (CPP) technology, which is an advanced hardware-based CPU protection mechanism, to distinguish data traffic destined to the CPU and process data according to queue priorities. The switches implement bandwidth control to protect the CPU against unauthorized traffic consumption, malicious attacks and resource consumption and hence to ensure switch security. The hardware of the RG-S6220-H series allows flexible binding of a user IP address or a MAC address to a port or a switch to strictly control user access. The switches support DHCP snooping, which allows only a DHCP response to a trusted port to prevent spoofing by unauthorized DHCP servers. Based on DHCP snooping, the switches dynamically monitor ARP packets, check user IP addresses, and directly discard packets that do not comply with the bound entries. The RG-S6220-H series effectively defends against ARP spoofing and source IP address spoofing.
The switches also support Telnet access control based on source IP addresses. The measure prevents unauthorized users or hackers from attacking or controlling devices and thereby enhances security of the device NMS. The RG-S6220-H switches also implement Secure Shell (SSH) and SNMPv3 to encrypt management information in Telnet and SNMP processes, thereby ensuring security of management device information and preventing hacker from waging attacks or controlling devices.
The series prevents unauthorized users from network access through multiple functions. These functions include multi-element binding, port security, time ACL, and bandwidth limit based on data traffic. The RG-S6220-H series highly strengthens access security and are perfect match for large-sized networks.
The RG-S6220-H series supports a family of management ports such as Console, RCMI (combo interface for MGMT and DCMI. The DCMI remotely performs device management/monitoring and controls power on/off), Out-of-Band Management, and USB ports. The switches also support SNMP v1/v2c/v3, a universal network management platform, and Ruijie’s advanced BMC service management software. In addition, the switches enable Command Line Interface (CLI), Web NMS, Telnet, and cluster management, which simplify device management and provide various encryption modes such as SSH2.0 and SSL to enhance network security.
The switches support SPAN/RSPAN mirroring and multiple mirroring observation ports, offering users high visibility and transparency for easy maintenance. The switches also provide a wide range of network traffic reports to help users optimize network structure and adjust resources deployment accordingly.
The RG-S6220-H switch series supports synchronous hash to ensure consistent hash key calculated by the bi-directional flow so that the session uplink and downlink are processed by the same device in the firewall cluster. Standard ECMP (Equal-cost multi-path routing) is adopted in the network for better flow balancing result. The switches support more than 2 devices for cluster expansion to improve cluster performance.
The switches support flexible hash. All packets of the same session are balanced to the same scheduling server. When one server fails, the traffic of the failed links can be balanced to other active links via ECMP without interrupting the current session. The traffic of the failed server will be shared equally by the active servers. One flexible hash ECMP group supports 8 member devices.
The series also supports hash perturbation to solve the hash polarization problem. For the same type of devices, the hash algorithm will calculate the same path so that the traffic cannot be balanced to all links.