Send request


The QTECH solution for building a LAN in enterprises

QTECH equipment provides an opportunity to build a data transmission network at the enterprise that meets the generally accepted standards of reliability, security and quality of data processing.

The full range of equipment allows to cover the needs of both small enterprises (up to 200 people, locally located in one place) and large corporations (enterprises with a distributed system of branches).

benefits of solving

The ability to connect users at speeds up to 1 Gbit/s is a development strategy, the need for which is due to the requirements for processing large amounts of information. The use of PoE and PoE+ technologies allows to power end devices: phones, CCTV cameras, access points.

The proposed solution has the following advantages:

- low cost of equipment;

- high performance;

- increased safety;

- scalability;

- high reliability;

- modularity and the ability to quickly deploy.

solution

solution Description. Network architecture and key hardware features:

The solution uses the classical approach of building a network-a three-level model, assuming the presence of:

1) the level of network access;

2) network aggregation levels;

3) network core level.

The network architecture is of the "star" type. The solution is based on a centralized service delivery model.

To ensure isolation of traffic inside the access switch applies the functionality of the port-isolation. Thus, it is possible to isolate the traffic of one user from another. This solution improves security and allows you to quickly localize problems. VoIP and Internet services are provided to subscribers in separate VLANs. Access switches have functionality that allows you to distribute non-tagged traffic on certain grounds in the appropriate VLAN.

Access switches are connected to distribution switches by Gigabit ports. If necessary, to upgrade bandwidth and redundant Uplink connections are aggregated into the LAG ports. On aggregation switches, subscriber traffic is concentrated and routed to the network core.

At the access layer by using productive not lockable series switches QSW-3470. This series combines 10, 28 and 52 port models; all device ports support up to 1 Gbit/s connection. The line includes models with PoE+functionality.

To provide quality of service for prioritized traffic, the switches support 8 hardware queues per port and various queue processing methods. An additional security tool at the access level is the presence of 1000 ACLs, which allow you to block traffic on a wide range of features, including L4 headers and search by package content. The switches support port aggregation to extend and reserve connections.

List of the main functions of the access switches used in the solution:

- 802.1 Q VLAN, MAC-VLAN, VOICE-VLAN

- LACP, LACP load-balancing

- DHCP snooping, IP source guard, ARP inspection, Option 82

- Port security, MAC address limit

- IGMP snooping, IGMP profile, IGMP static entry, Group limit, Drop query and report

- TELNET/SSHv2/HTTPS(SSL)

- SNMP v2/3, SNTP/NTP, SYSLOG

- TACACS authentication/accounting

- Loopback detection, storm-control

- ACL

- QoS, CoS/DSCP

- LLDP

- Jumbo frame

- Port-isolation

The complex solution uses intelligent QTECH qsw-8370 and QSW-6500 switches at the aggregation level.

Range QSW-8370 make the switch with full L3 functionality with SFP+ connectors as Uplink ports, providing operation at speeds of 10G. The switches have the opportunity to join in a stack and have a high scalability at the expense of the modules are 10G hot-swappable, allowing you to create up to 4 trunk connections to the upper level network. Productive switching matrix provides L2/L3 switching "at the speed of wires", and the possibility of completing the backup DC power supply increases reliability.

High-performance switches QSW-6500 allows you to connect to 48 ports at speeds of 10G SFP+ and 4 x 40G QSFP+, the height of the switch is 1RU. The devices have a highly efficient redundant cooling system and power backup. The hardware supports basic dynamic routing protocols and routing using a variety of policies and rules, as well as MPLS at the hardware level. Full-featured QoS with support for 8 queues per port provides differentiated management of up to 8 types of traffic.

list of basic aggregation switch functions used in the solution:

- 802.1 Q VLAN, MAC-VLAN, VOICE-VLAN, QinQ

- LACP, LACP load-balancing

- OSPF, BGP, GRE

- DHCP snooping, IP source guard, ARP inspection, Option 82

- Port security, MAC address limit

- IGMP snooping, IGMP profile, IGMP static entry, Group limit, Drop query and report

- TELNET/SSHv2/HTTPS(SSL)

- SNMP v2/3, SNTP/NTP, SYSLOG

- TACACS authentication/accounting

- Loopback detection, storm-control

- ACL

- QoS, CoS/DSCP

- LLDP

- Jumbo frame

- Port-isolation

- mirror RSPAN.

The core of the local area network is built on QTECH QSR-480 multiservice border routers. The equipment combines the functions of a border router and a device that takes into account user traffic (BRAS/BNG). On the one hand, the device is connected to at least two higher - level Internet providers, on the other-a switch that is part of the backbone of the network. BRAS interacts with two DHCP servers, one for real - time services and the other for Internet access.

Thanks to the functionality of Inter-Chassis Redundancy, the second device is used not only for redundancy: the load is distributed between the two QSR-480. In the event of a denial of service of one of the routers, subscribers from it will connect to the available. The main functions of the QSR-480 include border routing, Ethernet traffic aggregation, and subscriber management.

QSR-480 devices are built on programmable integrated circuits and support tens of thousands of users and sessions, providing significant physical and logical scalability. QTECH QSR-480 has a throughput of up to 320 Gbit/s with stable packet processing performance.

key features of QTECH QSR-480:

- the reliability of QSR-480 sessions is achieved by supporting continuous transmission and ensuring the continuity of established subscriber sessions in the event of a failure of the routing processor;

- fault-tolerant software architecture is based on a modular design that provides stability and protection against accidental failures and Protocol errors;

- operator class design is developed in accordance with operator standards and is used in operator networks around the world;

- flexible routing platform with exceptional subscriber scaling capabilities;

- use as a destination router for the organization of VPN tunnels and Ethernet aggregation.

Detailed information in the QTECH product catalogue

  • Ethernet access switches QSW-3470
  • Ethernet aggregation switches QSW-8370

Back to the list