Datasheet
6
Link Aggregation
• 802.3ad support
- Number of Link Aggregation Groups (LAGs) supported: 64
- Maximum number of ports per LAG: 8
• LAG load-sharing algorithm—bridged or routed (unicast or
multicast) traffic:
- IP: S/D IP
- TCP/UDP: S/D IP, S/D Port
- Non-IP: S/D MAC
- Tagged ports support in LAG
Spanning Tree
• Spanning Tree Protocol (802.1D)
• Multiple Spanning Tree Protocol (MSTP) (802.1s)
• Rapid Spanning Tree Protocol (RSTP) (802.1w)
• VSTP - VLAN Spanning Tree
• BPDU protect
• Loop protect
• Root protect
Quality of Service (QoS)
• Layer 2 QoS
• Layer 3 QoS
• Rate Limiting:
- Ingress policing: 1 rate 2 color
- Egress shaping: per-queue, per-port
• Eight hardware queues per port
• Scheduling methods (egress): Strict priority (SP), shaped
deficit weighted round-robin (SDWRR)
• 802.1p remarking
• Layer 2-4 classification criteria: Interface, MAC address,
Ethertype, 802.1p, VLAN, IP address, DSCP/IP precedence, TCP/
UDP port numbers, etc.
• Congestion avoidance capabilities: Weighted tail drop eight
queues
L3 Features—IPv4
• Routing protocols: RIPv1/v2, OSPF
• Max number of IPv4 unicast routes in hardware: 8,000
• Max number of IPv4 multicast routes in hardware: 2,000
• Static routing
• Routing policy
• Virtual Router Redundancy Protocol (VRRP)
• Bidirectional Forwarding Detection (BFD) protocol
Multicast
• Internet Group Management Protocol (IGMP): v1, v2, v3
• IGMP snooping
• PIM-SM, PIM-SSM
• Multicast Source Directory Protocol (MSDP)
Access Control Lists (ACLs) (Junos OS firewall filters)
• Port-based ACL (PACL)—ingress and egress
• VLAN-based ACL (VACL)—egress
• Router-based ACL (RACL)—egress
• ACL entries (ACE) in hardware per system: 1,500
Access Control Lists (ACLs) (Junos OS firewall filters)
(continued)
• ACL counter for denied packets
• ACL counter for permitted packets
• Ability to add/remove/change ACL entries in middle of list (ACL
editing)
• Layer 2-L4 ACL
• Trusted Network Connect (TNC) certified
• MAC authentication (RADIUS)
• Control plane denial-of-service (DoS) protection
Supported RFCs
• RFC 2925 MIB for Remote Ping, Trace
• RFC 1122 Host Requirements
• RFC 768 UDP
• RFC 791 IP
• RFC 783 Trivial File Transfer Protocol (TFTP)
• RFC 792 ICMP
• RFC 793 TCP
• RFC 826 ARP
• RFC 894 IP over Ethernet
• RFC 903 RARP
• RFC 906 TFTP Bootstrap
• RFC 1027 Proxy ARP
• RFC 2068 HTTP server
• RFC 1812 Requirements for IP Version 4 Routers
• RFC 1519 Classless Interdomain Routing (CIDR)
• RFC 1256 IPv4 ICMP Router Discovery (IRDP)
• RFC 1058 RIP v1
• RFC 2453 RIP v2
• RFC 1112 IGMP v1
• RFC 2236 IGMP v2
• RFC 3618 MSDP
• RFC 4915 MT-OSPF
• RFC 3376 IGMP v3
• RFC 1492 TACACS+
• RFC 2138 RADIUS Authentication
• RFC 2139 RADIUS Accounting
• RFC 3579 RADIUS EAP support for 802.1x
• RFC 5176 Dynamic Authorization Extensions to RADIUS
• RFC 2267 Network Ingress Filtering
• RFC 2030 SNTP, Simple Network Time Protocol
• RFC 854 Telnet client and server
• RFC 951, 1542 BootP
• RFC 2131 BOOTP/DHCP relay agent and Dynamic Host
Configuration Protocol (DHCP) server
• RFC 1591 Domain Name System (DNS)
• RFC 2338 VRRP
• RFC 2328 OSPF v2 (edge mode)
• RFC 1587 OSPF not-so-stubby area (NSSA) Option
• RFC 2154 OSPF w/Digital Signatures (Password, MD-5)
• RFC 2370 OSPF Opaque link-state advertisement (LSA) Option
• RFC 3623 OSPF Graceful Restart