Spec Sheet

ManualsBrandsJuniper ManualsEthernet SwitchEX4300 Network Switch

Data SheetEX4300 Ethernet Switch

- Non-IP: S/D MAC

• Tagged ports support in LAG

Layer 3 Features: IPv4

• Maximum number of ARP entries: 64,000

• Maximum number of IPv4 unicast routes in hardware: 16,000

preﬁxes; 32,000 host routes

• Maximum number of IPv4 multicast routes in hardware:

8,000 multicast groups; 16,000 multicast routes

• Routing protocols: RIPv1/v2, OSPF, BGP, IS-IS

• Static routing

• Routing policy

• Bidirectional Forwarding Detection (BFD)

• Layer 3 redundancy: Virtual Router Redundancy Protocol

(VRRP)

Layer 3 Features: IPv6

• Maximum number of Neighbor Discovery (ND) entries:

32,000

• Maximum number of IPv6 unicast routes in hardware: 4,000

preﬁxes; 15,000 host routes

• Maximum number of IPv6 multicast routes in hardware:

8,000 multicast groups; 16,000 multicast routes

• Routing protocols: RIPng, OSPFv3, IPv6, ISIS

• Static routing

Access Control Lists (ACLs) (Junos OS Firewall Filters)

• Port-based ACL (PACL): Ingress and egress

• VLAN-based ACL (VACL): Ingress and egress

• Router-based ACL (RACL): Ingress and egress

• ACL entries (ACE) in hardware per system:

- Port-based ACL (PACL) ingress: 3,072

- VLAN-based ACL (VACL) ingress: 3,500

- Router-based ACL (RACL) ingress: 7,000

- Egress shared across PACL and VACL: 512

- Egress across RACL: 1,024

• ACL counter for denied packets

• ACL counter for permitted packets

• Ability to add/remove/change ACL entries in middle of list

(ACL editing)

• L2-L4 ACL

Access Security

• 802.1X port-based

• 802.1X multiple supplicants

• 802.1X with VLAN assignment

• 802.1X with authentication bypass access (based on host

MAC address)

• 802.1X with VoIP VLAN support

• 802.1X dynamic ACL based on RADIUS attributes

• 802.1X Supported Extensible Authentication Protocol

(EAP types): Message Digest 5 (MD5), Transport Layer

Security (TLS), Tunneled TLS (TTLS), Protected Extensible

Authenticated Protocol (PEAP)

• MAC authentication (RADIUS)

• Control plane DoS protection

• Radius functionality over IPv6 for AAA

• DHCPv6 snooping

• IPv6 neighbor discovery

• IPv6 source guard

• IPv6 RA Guard

• IPv6 Neighbor Discovery Inspection

• Media Access Control security (MACsec)

High Availability

• Redundant, hot-swappable power supplies

• Redundant, ﬁeld-replaceable, hot-swappable fans

• Graceful Routing Engine switchover (GRES) for Layer 2

hitless forwarding and Layer 3 protocols on RE failover

• Graceful protocol restart (OSPF, BGP)

• Layer 2 hitless forwarding on RE failover

• Non-Stop Bridging - LACP, xSTP

• Non-Stop Routing - PIM, OSPF v2 and v3, RIP v2, RIPnG, BGP,

BGPv6, ISIS, IGMP v1, v2, v3

• Online insertion and removal (OIR) uplink module

Quality of Service

• Layer 2 QoS

• Layer 3 QoS

• Ingress policing: 1 rate 2 color

• Hardware queues per port: 12

• Scheduling methods (egress): Strict priority (SP), weighted

deﬁcit round robin (WDRR)

• 802.1p, DiCode (DSCP)/IP Precedence trust and marking

• L2-L4 classiﬁcation criteria: Interface, MAC address,

Ethertype, 802.1p, VLAN, IP address, DSCP/IP Precedence,

TCP/UDP port numbers, and more

• Congestion avoidance capabilities: Tail drop, weighted

random early detection (WRED)

Multicast

• IGMP: v1, v2, v3

• IGMP snooping

• PIM-SM, PIM-SSM, PIM-DM

Services and Manageability

• Junos OS CLI

• Web interface

• Out-of-band management: Serial; 10/100/1000BASE-T

Ethernet

• ASCII conﬁguration

• Rescue conﬁguration

• Conﬁguration rollback

• Image rollback

• LCD management

• Element management tools: Juniper Networks Network and

Security Manager (NSM)

• Remote performance monitoring

• Proactive services support via Advanced Insight Solutions

(AIS)

• SNMP: v1, v2c, v3

• RMON (RFC 2819) Groups 1, 2, 3, 9

• Network Time Protocol (NTP)

• DHCP server

• DHCP client and DHCP proxy

• DHCP relay and helper