Juniper EX2200 Ethernet Switch

IBM Redbooks Product Guide

Published 07 March 2011, updated 13 January 2014

More options

Rate and comment

Authors: Jon Tate

Abstract

Featuring complete Layer 2 and basic Layer 3 switching capabilities, the Juniper Networks® EX2200 line of fixed configuration Ethernet switches satisfies the branch and low-density wiring closet connectivity requirements of today’s high-performance businesses. Four platform configurations are available offering 24 and forty-eight 10/100/1000BASE-T ports with or without Power over Ethernet (PoE). The PoE-enabled EX2200 models include a maximum system budget of 405 W to deliver up to 15.4 watts of standards-based 802.3af Class 3 PoE or 30 watts of standards-based 802.3at PoE+ for supporting networked devices such as telephones, video cameras, and multiple radio IEEE 802.11n wireless LAN (WLAN) access points and video phones in converged networks.

Contents

Featuring complete Layer 2 and basic Layer 3 switching capabilities, the Juniper Networks® EX2200 line of fixed configuration Ethernet switches satisfies the branch and low-density wiring closet connectivity requirements of today’s high-performance businesses. Four platform configurations are available offering 24 and forty-eight 10/100/1000BASE-T ports with or without Power over Ethernet (PoE). The PoE-enabled EX2200 models include a maximum system budget of 405 W to deliver up to 15.4 watts of standards-based 802.3af Class 3 PoE or 30 watts of standards-based 802.3at PoE+ for supporting networked devices such as telephones, video cameras, and multiple radio IEEE 802.11n wireless LAN (WLAN) access points and video phones in converged networks.

Juniper Networks EX2200 48 Port with Power over Ethernet
Figure 1. Juniper Networks EX2200 48 Port Switch with Power over Ethernet

Additional features include:

  • Four front panel small form-factor pluggable transceiver (SFP) GbE uplink ports that provide high-speed connectivity to aggregation layer switches or other upstream devices.
  • Fixed power supply and uplink ports that ensure operational simplicity.
  • Low power consumption, low acoustic fans, and a small 10-inch wide footprint that enable flexible, environmentally friendly deployment.
  • Support for L2 protocols and L3 protocols such as RIP and static routing in base license.
  • A single release train for Juniper Networks Junos® operating system ensures consistent control plane feature implementation.
  • Modular Junos OS prevents a switch reboot if a single protocol feature fails.
  • Managed through a single application, Juniper Networks Network and Security Manager.
  • Integrates with Juniper Networks Unified Access Control to provide per-user access control and policing.
  • Built-in web interface (Juniper Networks J-Web Software).


Product overview

The Juniper Networks EX2200 line of Ethernet switches offers a compact, high-performance solution for supporting today’s converged network access deployments. Each EX2200 switch includes an application-specific integrated circuit (ASIC)-based Packet Forwarding Engine (PFE) with an integrated CPU to consistently deliver wire-rate forwarding, even with all control plane features enabled.


Architecture and key components

The EX2200 occupies a single rack unit, delivering a compact solution for crowded wiring closets and access locations where space and power are at a premium. The EX2200 switch’s 10-inch depth and low acoustics also make it ideal for open office deployments.

Each EX2200 switch supports four fixed front panel GbE uplink ports with pluggable optics (purchased separately) for high-speed backbone or link aggregation connections between wiring closets and upstream aggregation switches. The EX2200 also features a front panel mode button that offers a simple interface for bringing devices up and selecting LED modes.

A dedicated rear panel RJ-45 Ethernet port is available for out-of-band management, while a rear panel USB port can be used to easily upload the Junos operating system and configuration files.


Features and benefits

In this section we discuss the features and benefits.


High-availability features

To avoid the complexities of the Spanning Tree Protocol (STP) without sacrificing network resiliency, the EX2200 employs a redundant trunk group to provide the necessary port redundancy and simplify switch configuration.

The EX2200 runs the same Junos OS used by other Juniper Networks EX Series Ethernet Switches, as well as all of Juniper’s routers and Juniper Networks SRX Series Services Gateways. By utilizing a common operating system, Juniper delivers a consistent implementation and operation of control plane features across all products.

These attributes are fundamental to the core value of the software, enabling all Junos OS-powered products to be updated simultaneously with the same software release. All features are fully regression-tested, making each new release a true superset of the previous version. Customers can deploy the software with complete confidence that all existing capabilities will be maintained and operate in the same way.


Converged environments

The EX2200 provides the highest levels of flexibility and features in its class for the most demanding converged data, voice, and video environments, delivering a reliable platform for unifying enterprise communications.

By providing a full 15.4 watts of Class 3 PoE to VoIP telephones, closed-circuit security cameras, wireless access points, and other IP-enabled devices, the EX2200 delivers a solution for converging disparate networks onto a single IP infrastructure. The EX2200 PoE switches also support 802.3at standards-based PoE+ for powering networked devices like multiple radio IEEE 802.11n wireless access points, and video phones that might require more power than available with IEEE 802.3af.

To ease deployment, the EX2200 supports the industry-standard Link Layer Discovery Protocol (LLDP) and LLDP-Media Endpoint Discovery (LLDP-MED) protocol, enabling the switches to automatically discover Ethernet-enabled devices, determine their power requirements, and assign virtual LAN (VLAN) membership.

In addition, the EX2200 supports rich quality-of-service (QoS) functionality for prioritizing data, voice, and video traffic. The switches support eight class-of-service (CoS) queues on every port, enabling them to maintain multilevel, end-to-end traffic prioritizations. The EX2200 also supports a wide range of policy options, including strict priority, low-latency, weighted random early detection (WRED), and shaped deficit weighted round-robin (SDWRR) queuing.


Security

The EX2200 fully integrates with Juniper Networks Unified Access Control, which consolidates all aspects of a user’s identity, device, and location. This enables administrators to enforce access control and security down to the individual port or user levels.

Working as an enforcement point within UAC, the EX2200 provides both standards-based 802.1X port-level access control for multiple devices per port and Layer 2 - 4 policy enforcement based on user identity, location, and device. A user’s identity, device type, machine posture check, and location can be used to determine whether access should be granted and for how long. If access is granted, the switch assigns the user’s device to a specific VLAN based on authorization policy. The switch can also apply security policies, QoS policies, or both, or it can mirror user traffic to a central location for logging, monitoring, or threat detection by intrusion prevention systems.

The EX2200 also provides a full complement of integrated port security and threat detection features, including Dynamic Host Configuration Protocol (DHCP) snooping, Dynamic ARP Inspection (DAI), and media access control (MAC) limiting to defend against internal and external spoofing, man-in-the-middle, and denial of service (DoS) attacks.


Simplified management and operations

The EX2200 includes port profiles that allow network administrators to automatically configure ports with security, QoS, and other parameters based on the type of device connected to the port. Six preconfigured profiles are available, including default, desktop, desktop plus IP phone, WLAN access point, routed uplink, and Layer 2 uplink. Users can select from the existing profiles or create their own and apply them through the command-line interface (CLI), J-Web Software interface, or management system.

In addition, a feature called system snapshot makes a copy of all software files used to run the switch (including the Junos operating system, the active configuration and the rescue configuration) that can be used to reboot the switch at the next power-up or as a backup boot option. The Junos OS software can also be pre-installed on a flash drive and used to boot the EX2200 at any time.

Another feature, called automatic software download, enables network administrators to easily upgrade the EX2200 using the DHCP message exchange process to download and install software packages. Users simply configure the automatic software download feature on EX2200 switches acting as DHCP clients and establish a path to the server where the software package file is installed. The server then communicates the path to the software package file through DHCP server messages.

Four system management options are available for the EX2200 line. The standard Junos OS CLI management interface offers the same granular capabilities and scripting parameters found in any router powered by the Junos operating system. The EX2200 also includes the integrated J-Web interface, an embedded web-based device manager that allows users to configure, monitor, troubleshoot, and perform system maintenance on individual switches via a browser-based graphical interface.

When managing a group of EX2200 switches, the Network and Security Manager provides system-level management across all Juniper Networks switches in the network from a single console.

Finally, EX2200 fault, configuration, and performance data can be exported to leading third-party management systems such as IBM Tivoli and Computer Associates Unicenter software, providing a complete, consolidated view of network operations.

Juniper Networks EX2200 Ethernet Switch Family
Figure 2. Juniper Networks EX2200 Ethernet Switch Family

Table 1 lists ordering information.

Table 1. Ordering information
Juniper EX2200 modelsDescriptionLayer 2 throughput (Mpps)
6630010Juniper Networks EX2200-24T 24 Port 41.7 Mpps (wire speed)
6630011Juniper Networks EX2200-24P 24 Port with PoE41.7 Mpps (wire speed)
6630012Juniper Networks EX2200-48T 48 Port 77.4 Mpps (wire speed)
6630013Juniper Networks EX2200-48P 48 Port with PoE 77.4 Mpps (wire speed)


EX2200 Ethernet Switch specifications

In this section we list the EX2200 Ethernet Switch specifications.


Physical specifications

The dimensions (W x H x D) are:
  • Width
    • 17.4 in (44.1 cm) for desktop installations
    • 17.5 in (44.6 cm) with rack-mount brackets
  • Height: 1.75 in (4.45 cm) for 1U installations
  • Depth: 10 in (25.43 cm)
  • Weight
    • EX2200-24T (6630-010): 6 lb (2.7 kg)
    • EX2200-24P (6630-011): 8 lb (3.6 kg)
    • EX2200-48T (6630-012): 8 lb (3.6 kg)
    • EX2200-48P (6630-013): 10 lb (4.5 kg)
  • Environmental ranges
    • Operating temperature: 32 - 113° F (0 - 45° C)
    • Storage temperature: -40 - 158° F (-40 - 70° C)
    • Operating altitude: Up to 10,000 ft (3,048 m)
    • Non-operating altitude: Up to 16,000 ft (4,877 m)
    • Relative humidity operating: 10 - 85% (non-condensing)
    • Relative humidity non-operating: 0 - 95% (non-condensing)

Table 2 lists the power options.

Table 2. Power options
ModelMaximum system power consumption (input power without POE)Total POE power budget
6630-01050 W AC0
6630-01160 W AC405 W
6630-01276 W AC0
6630-01391 W AC405 W


Hardware specifications

The hardware specifications are:
  • Switching Engine Model: Store and forward
  • DRAM: 512 MB
  • Flash: 1 GB
  • CPU: 800 MHz ARM CPU
  • GbE port density per system:
    • 6630-010: 28 (24 host ports + four-port GbE uplinks)
    • 6630-011: 52 (48 host ports+ four-port GbE uplinks)

Table 3 lists the optics.

Table 3. Optics (transceivers)
Part numberDescription
88Y68331GE Copper RJ-45 100 m SFP
88Y68391000B-LX GbE 1310 nm 10 km SFP
88Y6830100B-FX 100Mb 1310 nm 2 km SFP
88Y68361000B-SX GbE 850 nm 550 m SFP
88Y68421000B-LH GbE 1550 nm 70 km SFP
88Y6845100BASE-BX, TX1310 nm/RX1550 nm 20 km SM SFP
88Y6848100BASE-BX, TX1550 nm/RX1310 nm 20 km SM SFP

Table 4 lists the cables.

Table 4. Cables
Part numberDescription
40K56790.6 m Blue Cat5e Cable
40K87851.5 m Blue Cat5e Cable
40K55813 m Blue Cat5e Cable
40K892710 m Blue Cat5e Cable
40K893025 m Blue Cat5e Cable
59Y1932.5M Molex DAC SFP+ Cable
59Y19361M Molex DAC SFP+ Cable
59Y19403M Molex DAC SFP+ Cable
59Y19447M Molex DAC SFP+ Cable
88Y68511 m LC-LC Fiber Cable (networking)
88Y68545 m LC-LC Fiber Cable (networking)
88Y685725m LC-LC Fiber Cable (networking)

Physical layer:
  • Physical port redundancy: Redundant Trunk Group (RTG)
  • Time-domain reflectometry (TDR) for detecting cable breaks and shorts
  • Auto MDI/MDIX (medium-dependent interface/medium-dependent interface crossover) support
  • Port speed downshift/setting maximum advertised speed on 10/100/1000BASE-T ports

Packet switching capacities:
  • 24P/24T: 56 Gbps
  • 48P/48T: 104 Gbps

Layer 2 throughput (Mpps):
  • 24 port switches: 41.7 Mpps (wire speed)
  • 48 port switches: 77.4 Mpps (wire speed)

Layer 2 switching:
  • Maximum MAC addresses per system: 8,000
  • Static MAC entries: 8,000
  • Jumbo frames: 9216 bytes
  • Number of VLANs: 1,024
  • Port-based VLAN
  • MAC-based VLAN
  • Voice VLAN
  • Compatible with Per-VLAN Spanning Tree Plus (PVST+)
  • Routed VLAN Interface (RVI )
  • IEEE 802.1AB: Link Layer Discovery Protocol (LLDP)
  • LLDP-MED with VoIP integration
  • IEEE 802.1D: Spanning Tree Protocol
  • IEEE 802.1p: CoS prioritization
  • IEEE 802.1Q: VLAN tagging
  • IEEE 802.1s: Multiple Spanning Tree Protocol (MSTP)
  • Number of MST instances supported: 64
  • IEEE 802.1w: Rapid Spanning Tree Protocol (RSTP)
  • IEEE 802.1X: Port Access Control
  • IEEE 802.3: 10BASE-T
  • IEEE 802.3u: 100BASE-T
  • IEEE 802.3ab: 1000BASE-T
  • IEEE 802.3z: 1000BASE-X
  • IEEE 802.3af: PoE
  • IEEE 802.3at: PoE+
  • IEEE 802.3x: Pause Frames/Flow Control
  • IEEE 802.3ad: Link Aggregation Control Protocol (LACP)

Layer 3 features: IPv4:
  • Maximum number of Address Resolution Protocol (ARP) entries: 2,000
  • Maximum number of IPv4 Unicast routes in hardware: 6500
  • Routing protocols: RIPv1/v2
  • Static routing
  • IP directed broadcast

Layer 3 features: IPv6 management functionality:
  • Neighbor discovery
  • Syslog
  • Telnet
  • SSH
  • J-Web
  • SNMP
  • NTP
  • DNS
  • RADIUS over IPv6

Supported RFCs:
  • RFC 2925 MIB for remote ping, trace
  • RFC 1122 Host requirements
  • RFC 768 UDP
  • RFC 791 IP
  • RFC 783 Trivial File Transfer Protocol (TFTP)
  • RFC 792 Internet Control Message Protocol (ICMP)
  • RFC 793 TCP
  • RFC 826 ARP
  • RFC 894 IP over Ethernet
  • RFC 903 Reverse ARP (RARP)
  • RFC 906 TFTP bootstrap
  • RFC 1027 Proxy ARP
  • RFC 2068 HTTP server
  • RFC 1812 Requirements for IP Version 4 routers
  • RFC 1519 Classless Interdomain Routing (CIDR)
  • RFC 1256 IPv4 ICMP Router Discovery (IRDP)
  • RFC 1058 RIP v1
  • RFC 2453 RIP v2
  • RFC 1492 TACACS+
  • RFC 2138 RADIUS authentication
  • RFC 2139 RADIUS accounting
  • RFC 3579 RADIUS Extensible Authentication Protocol (EAP) support for 802.1X
  • RFC 5176 Dynamic Authorization Extensions to RADIUS
  • RFC 2267 Network ingress filtering
  • RFC 2030 Simple Network Time Protocol (SNTP)
  • RFC 854 Telnet client and server
  • RFC 951, 1542 BootP
  • RFC 2131 BOOTP/DHCP relay agent and DHCP server
  • RFC 1591 Domain Name System (DNS)
  • RFC 2474 DiffServ Precedence, including 8 queues/port
  • RFC 2598 DiffServ Expedited Forwarding (EF)
  • RFC 2597 DiffServ Assured Forwarding (AF)
  • LLDP Media Endpoint Discovery (LLDP-MED), ANSI/TIA-1057, draft 08

Security:
  • MAC limiting
  • Allowed MAC addresses (configurable per port)
  • Dynamic ARP inspection (DAI)
  • Proxy ARP
  • Static ARP support
  • DHCP snooping
  • IP source guard
  • 802.1X port-based
  • 802.1X multiple supplicants
  • 802.1X with VLAN assignment
  • 802.1X with authentication bypass access (based on host MAC address)
  • 802.1X with VoIP VLAN support
  • 802.1X dynamic ACL based on RADIUS attributes
  • 802.1X Supported EAP types: Message Digest 5 (MD5), Transport Layer Security (TLS), Tunneled Transport Layer Security (TTLS), Protected Extensible Authentication Protocol (PEAP)
  • Access control lists (ACLs) (Junos OS firewall filters)
  • Port-based ACL (PACL): Ingress
  • VLAN-based ACL (VACL): Ingress and egress
  • Router-based ACL (RACL): Ingress and egress
  • Security (continued)
  • ACL entries (ACE) in hardware per system: 1,500
  • ACL counter for denied packets
  • ACL counter for permitted packets
  • Ability to add/remove/change ACL entries in middle of list
  • (ACL editing)
  • L2-L4 ACL
  • Trusted Network Connect (TNC) certified
  • Static MAC authentication
  • MAC-RADIUS
  • Control plane DoS protection

High availability:
  • Link aggregation
  • 802.3ad (LACP) support:
    • Number of LAGs supported: 32
    • Maximum number of ports per LAG: 8
  • LAG load sharing algorithm: Bridged Unicast Traffic
    • IP: S/D MAC, S/D IP
    • TCP/UDP: S/D MAC, S/D IP, S/D Port
    • Non-IP: S/D MAC
  • LAG sharing algorithm: Routed Unicast Traffic
    • IP: S/D IP
    • TCP/UDP: S/D IP, S/D Port
  • LAG load sharing algorithm: Bridged Multicast Traffic
    • IP: S/D MAC, S/D IP
    • TCP/UDP: S/D MAC, S/D IP, S/D Port
    • Non-IP: S/D MAC
  • LAG sharing algorithm: Routed Multicast Traffic
    • IP: S/D IP
    • TCP/UDP: S/D IP, S/D Port
  • Tagged ports support in LAG

Quality of service:
  • Layer 2 QoS
  • Layer 3 QoS
  • Ingress policing: 1 rate 2 color
  • Hardware queues per port: 8
  • Scheduling methods (egress): Strict priority (SP), shaped deficit weighted round-robin (SDWRR)
  • 802.1p, DSCP /IP precedence trust and marking
  • L2-L4 classification criteria:
    • Interface
    • MAC address
    • Ethertype
    • 802.1p, VLAN
    • IP address
    • DSCP/IP precedence
    • TCP/UDP port numbers
    • And so on
  • Congestion avoidance capabilities: Tail drop
  • Multicast (Multicast capability is provided with the optional Advanced License available only from Juniper, part number EX-24-EFL)
  • IGMP snooping entries: 1,000

Services and manageability:
  • Junos OS CLI
  • Web interface (J-Web)
  • Out-of-band management: Serial, 10/100BASE-T Ethernet
  • ASCII configuration
  • Rescue configuration
  • Configuration rollback
  • Image rollback
  • Element management tools: Network and Security Manager
  • Proactive services support via Advanced Insight Solutions (AIS)
  • Simple Network Management Protocol (SNMP): v1, v2c, v3
  • Remote monitoring (RMON) (RFC 2819) Groups 1, 2, 3, 9
  • Network Time Protocol (NTP)
  • DHCP server
  • DHCP client and DHCP proxy
  • DHCP relay and helper
  • RADIUS authentication
  • TACACS+ authentication
  • SSHv2
  • Secure copy
  • HTTP/HTTPs
  • DNS resolver
  • Syslog logging
  • Temperature sensor
  • Configuration backup via FTP/secure copy

Supported MIBs:
  • RFC 1155 Structure of Management Information (SMI)
  • RFC 1157 SNMPv1
  • RFC 1905 RFC 1907 SNMP v2c, SMIv2, and revised MIB-II
  • RFC 2570-2575 SNMPv3, user-based security, encryption, and authentication
  • RFC 2576 Coexistence between SNMP Version 1, Version 2 and Version 3
  • RFC 1212, RFC 1213, RFC 1215 MIB-II, Ethernet-like MIB, and TRAPs
  • RFC 2578 SNMP Structure of Management Information MIB
  • RFC 2579 SNMP Textual Conventions for SMIv2
  • RFC 2925 Ping/traceroute MIB
  • RFC 2665 Ethernet-like interface MIB
  • RFC 1643 Ethernet MIB
  • RFC 1493 Bridge MIB
  • RFC 2096 IPv4 Forwarding Table MIB
  • RFC 2011 SNMPv2 for IP using SMIv2
  • RFC 2012 SNMPv2 for transmission control protocol using SMIv2
  • RFC 2013 SNMPv2 for user datagram protocol using SMIv2
  • RFC 2863 Interface MIB
  • RFC 3413 SNMP Application MIB
  • RFC 3414 User-based security model for SNMPv3
  • RFC 3415 View-based Access Control Model for SNMP
  • RFC 3621 PoE-MIB (PoE switches only)
  • RFC 1724 RIPv2 MIB
  • RFC 2863 Interface Group MIB
  • RFC 2819 RMON MIB
  • RFC 2287 System Application Packages MIB
  • RFC 4188 STP and extensions MIB
  • RFC 4363 Definitions of managed objects for bridges with traffic classes, multicast filtering, and VLAN extensions
  • RFC 2922 LLDP MIB
  • Draft – blumenthal – aes – usm - 08
  • Draft – reeder - snmpv3 – usm - 3desede -00

Troubleshooting:
  • Debugging: CLI via console, Telnet, or SSH
  • Diagnostics: Show and debug command statistics
  • Traffic mirroring (port)
  • Traffic mirroring (VLAN)
  • ACL-based mirroring
  • Mirroring destination ports per system: 1
  • LAG port monitoring
  • Multiple destination ports monitored to 1 mirror (N:1)
  • Maximum number of mirroring sessions: 1
  • Mirroring to remote destination (over L2): 1 destination VLAN
  • IP tools: Extended ping and trace
  • Juniper Networks commit and rollback

Safety certifications:
  • UL-UL60950-1 (First Edition)
  • C-UL to CAN/CSA 22.2 No.60950-1 (First Edition)
  • TUV/GS to EN 60950-1, Amendment A1-A4, A11
  • CB-IEC60950-1, all country deviations

Electromagnetic compatibility certifications:
  • FCC 47CFR Part 15 Class A
  • EN 55022 Class A
  • ICES-003 Class A
  • VCCI Class A
  • AS/NZS CISPR 22 Class A
  • CISPR 22 Class A
  • EN 55024
  • EN 300386
  • CE

NEBS:
  • GR-63-Core: NEBS, Physical Protection
  • GR-1089-Core: EMC and Electrical Safety for Network Telecommunications Equipment
  • All models except EX2200-24P-4G and EX2200-48P-4G

Environmental:
  • Reduction of Hazardous Substances (ROHS) 6

Noise specifications:
  • Noise measurements based on operational tests taken from bystander position (front) and performed at 23° C in compliance with ISO 7779

Others who read this publication also read



Special Notices

This material has not been submitted to any formal IBM test and is published AS IS. It has not been the subject of rigorous review. IBM assumes no responsibility for its accuracy or completeness. The use of this information or the implementation of any of these techniques is a client responsibility and depends upon the client's ability to evaluate and integrate them into the client's operational environment.

Follow IBM Redbooks

Follow IBM Redbooks