COMMANDO Marshall C3500 Series Modular Routing Switches Datasheet

C3500 Switches

Product Overview

COMMANDO Marshall C3500 Series switches are L3+ Core and Data Center Series Modular Routing Switches which are fully managed having 1, 10, 40 and 100 Gigabit Ethernet Quad Small Form-Factor Pluggable (SFP, SFP+, QSFP+, QSFP28) switch ports with PoE/PoE+ or Non PoE models plus additional fiber/copper ports for physical stacking or uplinks with network resiliency and high availability, delivering robust performance and intelligent switching for growing networks. This series switches are easy to deploy, use, manage and designed exclusively for enterprise-class core and aggregation layer data center switches, specially built for Security, IoT, and Cloud networking needs of growing businesses, data centers and high-end campus networks.

It has high performance 100G / 40G / 10G / 1G switches designed based on COMMANDO’s sixth generation Ethernet switching technology with Carrier Grade high-performance which helps it to meet the requirement of Metro/Enterprise/Data Center/HCI networks. COMMANDO Marshall C3500 meets the requirements of next generation Enterprise, Data Center, Metro and HCI (Hyper-Converged Infrastructure) networks which includes VRRP, VRRP load balancing, BFD for VRRP, BFD for BGP/IS-IS/OSPF/Static route, MPLS L2 and L3 VPN, BFD for VXLAN, Segment Routing (SR), QoS Traffic classification based on Layer 2, Layer 3, Layer 4, and priority information Actions including ACL, CAR, and re-marking, Queue scheduling modes such as PQ, WFQ, and PQ+WRR, Congestion avoidance mechanisms, including WRED and tail drop, Traffic shaping, O&M Network-wide path detection, SNMPv1/v2c/v3, Zero Touch Provisioning (ZTP), 802.1x authentication, RADIUS and TACACS+ authentication for login, DoS, ARP, MAC address attacks, broadcast storms, and heavy-traffic and ICMP attack defenses, Remote Network Monitoring (RMON).

It can be deployed in harsh environments to deliver hassle free mission-critical services for next-generation, high-performance core networking setup designed for data center networks and high-end campus networks. It also provides stable, reliable, and secure high-performance Layer 2 / Layer 3 switching capabilities to help build an elastic, virtualized, and high-quality network. VXLAN to build a non-blocking large Layer 2 network, which allows for large-scale VM migration and flexible service deployment. These switches support comprehensive virtualization capabilities along with data center service features can also be used for surveillance requirements.

The switches come with Modular uplinks, 1, 10, 40 and 100 Gigabit Ethernet (SFP, SFP+, QSFP+, QSFP28) Fiber Network Module as well as 1G/10G Copper Network Modules and are latest development of Gigabit Layer 3 Core and Data center Switch, with up to 100G Modular uplink, Intelligent managed Switches designed for networks requiring High performance, High port density, High uplink bandwidth, Flexibility, Fault Tolerance, and Advanced Software features for maximum Return on Investment (ROI). These switches have Security features, and advanced Quality of Service (QoS), ideal for all organizations considering reliable, affordable and advanced Core and Data center feature with CLI and Web managed, Advanced PoE/PoE+, Scripting capabilities and Layer 3 routing, Automatic MDIX and Auto-negotiation on all ports select the right transmission modes (half or full duplex) as well as data transmission for crossover or straight-through cables dynamically. It can save up to 58% of power consumption, making it an eco-friendly solution for your business network. Switch models are designed for stacking switches as a single virtual switch, enabling customers to have a single management plane and control plane for up to 288 access ports. With full PoE/PoE+ capability, power and fan redundancy, stacking bandwidth up to 880Gbps, Modular uplinks, Layer 3 feature support, and cold patching for the digital workplace, these are optimized for today’s surveillance, mobile and IoT needs. These switches are powerful and flexible enough for users to deploy wireless access points, surveillance cameras, IP phones and other PoE/PoE+ supported devices over longer distance up to 250 meters. It provides easy device rack and wall mounting, on boarding, configuration, monitoring, and troubleshooting. These fully managed switches can provide Layer 3 Core and Data Center features as well as supports IEEE 802.3af-compliant PoE (Power over Ethernet) and 802.3at-compliant PoE+ (Power over Ethernet plus). Each switchport is capable to deliver 15.4 W PoE or 30 W PoE+ power on all ports. PoE/PoE+ capable models provide power across all access ports for wireless APs, security cameras, and other IoT devices with power budget up to 1600W. Designed for operational simplicity to lower total cost of ownership, they enable scalable, secure, and energy-efficient business operations with intelligent and automated services. These switches come with lifetime free software upgrades and patching to enhance features and supports patching, which provides fixes for critical bugs and security vulnerabilities between regular maintenance upgrades. This support allows customers to add new features and upgrades without having to pay a single dollar.

It offers robust QoS, to optimize traffic on your Business Network, these switches provide (Port-based/802.1p/DSCP) QoS to keep latency-sensitive video and voice traffic jitter-free moving smoothly. Additionally, port-based, tag-based VLAN, Voice VLANs can improve security and meet more network segmentation requirements. This series switches also have provisioning of QOS, Static routing, IPV6 features. Moreover, with its innovative energy-efficient technology, can save up to 58% of power consumption, making it an eco-friendly perfect solution for your business network.

Product Highlights

COMMANDO Marshall C3500 Series Managed Core L3+ capable routing switches are Carrier Grade high-performance switch which helps it to meet the requirement of Metro/Enterprise/Data Center/HCI networks.

HCI (Hyper-Converged Infrastructure)

Supports 1GE/10GE/40GE/100GE ports are suitable for HCI (Hyper-Converged Infrastructure) networks. Using 1GE ports for management network and using 10G/40G/100G ports for data traffic network. With the comprehensive inter-device link aggregation with LACP, MLAG, etc.

Varied Port Types

Supports inbuild up to 24/48 Giga Ethernet ports along with Modular ports and stacking capacity up to 288ports.
Support varied management interfaces, include Console port / Inband network ports / Outband network port / USB port.
Support Uplinks having capacity 1G/10G /40G/ 100G ports to meet bandwidth hungry network requirement in data centers with fiber connectivity of SFP/SFP+/QSFP+28 up to 100G modules and also has 1G/10G copper modules.

Customized Profile for Different Deployment Scenarios

The Flexible Table Management (FTM) technology offers multiple table size configuration profiles as optimized choices for different network scenarios. Support up to 112K MAC address tables. Support up to 56K IP routing table entries.

Higher serviceability and return on investment

Lower CAPEX: Ensures network scalability and reduces investment in devices. Lowers Total Cost of Ownership with reduced cabling (lowers Capex).
Lower OPEX: Using one physical device to implement multiple logical devices saves space in a data center equipment room and reduces the cost of device maintenance and also no license fees (Lowers OpEx) lifetime free software upgrades and patching to enhance features and supports patching, which provides fixes for critical bugs and security vulnerabilities between regular maintenance upgrades. This support allows customers to add upgrades without having to pay a single dollar.
VXLAN and EVPN Enable Flexible Expansion Within and Across Data Centers.
Supports Border Gateway Protocol (2 bytes as well as 4 bytes AS numbers). Ethernet VPN (BGP-EVPN), which can run as the VXLAN control plane to simplify VXLAN deployment. BGP-EVPN triggers automatic VXLAN tunnel setup between virtual tunnel endpoints (VTEPs), removing the need for full mesh tunnel configuration. BGP-EVPN also reduces flooding of unknown traffic by advertising MAC routes on the control plane. With this protocol, large Layer 2 networks can be established for data centers.
Use Open standard protocols, so interoperable with devices from other vendors, enabling long-term network evolution.
Supports centralized and distributed VXLAN deployment and supports various VXLAN access modes, including QinQ access VXLAN and IPv6 over VXLAN. This allows for flexible customization of heterogeneous networks.
EVPN and VXLAN can be used to set up Layer 2 interconnections between data centers, enabling active-active VXLAN deployment across data centers and conserving DCI link bandwidth.
Supports IP packet fragmentation and reassembling, enabling oversized IP packets to travel across a WAN network without limited by the MTU. The switch can also identify fragmented packets to seamlessly interconnect with routers.
Supports VXLAN mapping, implementing interconnection between multiple DCs at Layer 2, unified service provisioning and O&M, and inter-DC resource sharing.
Multicast-capable Distributed Gateways Implement On-demand Traffic Forwarding VXLAN supports Layer 3 multicast. A multicast-capable gateway that functions as the VTEP node greatly reduces traffic.

High-performance IP routing

Supports routing protocols which includes static route and dynamically learned route with protocols like Routing Information Protocol (RIP) version 1 and 2 and next generation (RIPng), Open Shortest Path First (OSPF) Version 1/2/3, Border Gateway Protocol Version 4 (BGPv4) with AS Number of 2 and 4 bytes, and Intermediate System-to-Intermediate System also supports load balancing and for constructing scalable LANs. Supports up to 12288 IPv4 direct routes and up to 57344 indirect routes along with IPv6 direct route up to 2048 and indirect route up to 4096 and dynamic routing is supported by hardware with maximum performance.
Protocol-Independent Multicast (PIM) for IP multicast routing is supported with direct route up to 2048, including PIM Sparse Mode(PIM SM), bidirectional PIM, and Source-Specific Multicast (SSM).
IPv6 addressing and routing is supported along with monitoring and troubleshooting commands.

Multiprotocol label switching (MPLS)

L2 and L3 VPN with MPLS integrates multiple networks into a single MPLS domain.
VPLS: VPLS (Virtual Private LAN Service) enables enterprises to link together their Ethernet-based LANs from multiple sites via the infrastructure provided by their service provider.
EoMPLS: EoMPLS is a category of Any Transport over MPLS (AToM) to transport Layer 2 packets over an MPLS backbone.
MPLS over GRE: L3VPN over GRE and VPLS over GRE, are supported to tunnel MPLS/VPLS packets over non-MPLS networks utilizing GRE tunneling.

Inter-device Link Aggregation, High Efficiency and Reliability

Support multi-chassis link aggregation group (M-LAG), which enables links of multiple switches to aggregate into one to implement device-level link backup. Switches in an M-LAG all work in active state to share traffic and back up each other, enhancing system reliability.
Switches in an M-LAG can be upgraded independently. During the upgrade, other switches in the system take over traffic forwarding to ensure uninterrupted services.
M-LAG supports dual-homing to Ethernet, VXLAN, and IP networks, allowing for flexible networking.
VirtualizationM-LAG VS (1:16 virtualization), Cluster Switch System (CSS).

Intelligent Ethernet OAM with Complete Network Fault Management and Performance Guarantee

With the IEEE802.1ag and ITU-T Y.1731 end-to-end OAM, Ethernet service providers can monitor the services, survey the end-to end performance and ensure the service quality match the agreement. The fault management technique includes CCM, LTM and LBM. Performance targets include measure for latency and jitter. Also support remote management, network monitoring, network fault indication, remote loopback and MIB parameter retrieval according to the standard 802.3ah EFM.

Data Center Features

Support leading edge Data Center features like Priority Flow Control (PFC), Explicit Congestion Notification (ECN) and Data Center TCP, etc.
Support MLAG (Multi-Chassis Link Aggregation) to aggregate links across different devices. MLAG can build an Active-Active system to improve the reliability of the network links from single board grade to device grade. MLAG use a peer link between to devices to aggregate two devices and make them as one device logically. Ports of two different devices join the aggregate ports together and all port can transmit the data traffic. MLAG need to management the device respectively, but the configurations are easier than stacking, reboot is not required after MLAG is configured. Forwarding and configuring are processing on local device, in normal condition the traffic do NOT transmit trough the peer link, the bandwidth of peer link is not the bottleneck of the network and the latency is low.
Support overlay technology (include NVGRE/VXLAN/GENEVE etc.). Overlay can make layer 2 packets across the layer 3 networks by using NVGRE/VXLAN/ GENEVE header to encapsulate the entire Ethernet packets. Overlay resolves the problem of MAC table size limitation in traditional layer2 networks, resolves the problem of VLAN id count limitation, and resolves the problem network dynamic adjustment which cannot achieve by VLAN/VPN. Use VXLAN for example, 24 bits VNI identifier can support at most 16777215 logic networks, layer 2 networks built by VXLAN can keep the same IP/MAC etc. when move the virtue machine.
Supports RPC-API for SDN (Software Defined Network). SDN is a new architecture of network which can substantially simplify the management and maintenance by separating the control plane and data plane of the network.

High Reliability and Fault tolerance

Powered by Hot-swappable power modules which supports AC/AC 1+1 redundancy.
Fans support 4+2 redundancy, front-to-back airflow design suits data center equipment rooms, and the innovative energy conservation technologies greatly reduce power consumption.
Support Real-time environment monitoring technology to detect the chipset temperature, status of fan and power, etc.
Support LACP / VRRP / VARP / STP/RSTP/MSTP / Smart Link / BFD / ERPS / G.8031 / G.8032 / Load-Balancing, etc. to protect the network traffic all-around effectively.

L2 to L4 QoS Control

Provides 13 hardware queues per-port (8 unicast queues, 4 multicast queues, and 1 monitor queue).
Support multi-stage scheduling technology such as WDRR (Weighted Deficit Round Robin) / SP (Strict Priority) and TD (Tail Drop) / WRED (Weighted Random Early Detection) to prevent congestion.
Traffic classification based on COS/DSCP (simple classification).
Traffic classification based on ACL (complex classification), Traffic classification based on inner header of the tunnel packets.
Queue scheduling with Remark the priority fields (COS/DSCP) of the packet based on ACL or Remark the priority fields (COS/DSCP) of the packet based on the Table.
Flow redirection, Flow mirror with traffic policing based on direction (in/out) of Port, Traffic policing based on direction (in/out) of VLAN, Traffic policing based on direction (in/out) of flow, Traffic policing based on direction (in/out) of aggregated flow Queue based traffic shaping, and Port based traffic shaping.
Supports scheduling like SP (Strict Priority) scheduling, WDRR (Weighted Deficit Round Robin) scheduling, SP+WDRR mixed scheduling, TD(Tail Drop) WRED (Weighted Random Early Detection).
Packet counts and bytes statistics based on traffic classification, Packet counts and bytes statistics based on the color after traffic, Forwarded and discarded packet counts and bytes statistics, ECN tags based on Tail Drop, ECN tags based on WRED
Support flexible queue scheduling mechanism to do the shaping for queue or port traffic.
Ingress and egress policer provide intelligent bandwidth monitoring, which support to adjust the granularity according to the port speed. Both srTCM (Single Rate Three Color Marker) and trTCM (Two Rate Three Color Marker) can be supported.
Offers high bandwidth for Triple-Play services such as IPTV, video monitoring. The built-in QoS capabilities and flexible queuing technologies guarantee high quality of services.

Multicast

Rich multicast protocol set (IGMP Snooping, IGMP v1/v2, PIM-SM) support up to 2K multicast groups and 4K logical replications per group. With MarshallOS software, IPTV service and multicast latency control are fully supported.

Security

Supports subscriber-class / switch-class / network-class security control.
IPv4 / IPv6 / MAC ACL can filter IPv4 / IPv6 / Non-IP packet respectively. Besides that, extended IPv4/IPv6 ACL which can match Layer2 / layer3 / layer4 information in one rule is available. The ACLs can apply to physical ports / VLAN / port group / VLAN group. The members of port group or VLAN group share a set of ACLs and save the TCAM resource.
ARP Inspection and IP Source Guard features prevent network from malicious ARP attack.
Support CPU Traffic Protection, Storm Control and CPU load optimization features.
Support centralized 802.1x authentication feature to forbidden illegal user accessing network.

Convenient Management features

Supports RPC-API for SDN (Software Defined Network). SDN is a new architecture of network which can substantially simplify the management and maintenance by separating the control plane and data plane of the network.
Support varied management interfaces, include console port / inband network ports/ outband network port / Mini USB port.
Support SNMP v1/v2/v3, Support CLI (Command Line Interface), web management, Telnet and FTP connection.
Support OAM to make management more convenient and support SSH2.0, SSL, etc. to ensure security of management.

System Design for Green and Energy Saving

Intelligent FAN adjustment and real-time power consumption monitoring technology are provided for the cost of maintenance redundancy and help to build a green and energy saving data center.

Carrier Grade High Performance long-life chip

Designed based on COMMANDO’s sixth generation Ethernet switching technology. COMMANDO Marshall C3500 Managed L3+ Core and Data Center Series Modular Routing Switches are Carrier Grade high-performance switch which meets the requirement of Metro/Enterprise/Data Center/HCI networks.

Features and Benefits

High-speed Performance with dual input power with HCI (Hyper-Converged Infrastructure)

Supports 1GE/10GE/40GE/100GE Fiber ports along with 1G/10G copper ports along with Modular ports and stacking capacity up to 288ports and dual power card are suitable for HCI (Hyper-Converged Infrastructure) networks. Using 1GE ports for management network and using 10G/40G/100G ports for data traffic network. With the comprehensive inter-device link aggregation with LACP, MLAG, etc with 114688 entries MAC address tables, 72MB Packet Buffer memory, 10000 bytes Jumbo Frames, Ipv4/IPv6 with 14000 static routing entries and up to 56000 entries in routing table.

Data Center Features

VXLAN, EVPN, Ethernet VPN (BGP-EVPN) with automatic VXLAN tunnel setup between virtual tunnel endpoints (VTEPs), removing the need for full mesh tunnel configuration with QinQ access VXLAN, IPv6 over VXLAN, VXLAN mapping, along with unified service provisioning and O&M, and inter-DC resource sharing.

L3 Features

Supports static route, default route, dynamically learned route and dynamic routing protocol with protocols set like RIPv1, RIPv2, RIPng, OSPFv1/2/3, BGPv4, IS-IS and load balancing with VRRP. It also has PIM including PIM SM , bidirectional PIM, and Source-Specific Multicast (SSM). It also has QoS, ACLs( Port based/ IP based/ MAC Based), DHCP Server and Client, DHCP Snooping, DHCP Snooping option82 and 252, DHCP Relay. It supports L2 and L3 VPN with MPLS, VPLS, EoMPLS, and MPLS over GRE: L3 VPN over GRE and VPLS over GRE.

Watchdog Function

This ensures high availability which is used to protect a system from specific software or hardware failures that may cause the system to stop responding and self-recover from hanged state.

L2+/L2 Features

This series is having advance L2+/L2 features like Port aggregation up to 8 ports, VLAN, Voice VLAN, Spanning Tree (STP, RSTP, MST), GVRP, 802.1X authentication, centralized MAC authentication, Guest VLAN, RADIUS authentication, SSH 2.0, Port isolation, Port security, MAC address learning limit, IP Source guard, Dynamic ARP inspection, Preventing man-in-the-middle attacks and ARP DoS attacks, IP/Port/MAC binding. Flexible Software features provides wide range of Layer 2 functions like VLAN, Multicasting, and Quality of Service (QoS), Security.

Secure Networking

IEEE 802.1X port-based access control with surveillance VLAN, Port Security, Protected Port which also Prevent ARP Spoofing. L4/L3/L2 access control lists (ACLs) for granular network access control including 802.1x port authentication. ACL, L4 to L2 feature restricts access to sensitive network resources. DHCP Snooping ensures IP address allocation integrity by only allowing DHCP messages from trusted DHCP servers and dropping malformed DHCP messages with a port or MAC address mismatch. With DHCP Snooping binding and option82 and 252 enabled, it can combine dot1x and ARP. IP-MAC-Port-VID Binding, Port Security, Storm control which protect against broadcast storms. The switches support ARP attack and DoS attack prevention to safeguard the network.

Multicast

IGMP Snooping (v1,v2,v3), Multicast Listener Discovery (MLD) (v1/v2), Multicast VLAN Registration (MVR) designed for distribution of multicast traffic across segregated access networks which enables more efficient distribution of multicast streams in Layer 2 network.

QoS Features

Advanced QoS (Quality of Service) for traffic prioritization including port based, 802.1p and L4/L3/L2 DSCP based. L4/L3/L2 QoS optimize voice and video applications. Access Control List based, VLAN ID based IP precedence, COS and DSCP. Policy Based on Port & VLAN, Remark DSCP, COS/ 802.1p, Precedence, COS for SP, WRR for Scheduling and matching the IP fragmentation of message.

Easy Management

With familiar and popular Command Line interface (CLI), there is no need for engineers to be hired or additional resources to be spent on training and/or learning the switch CLI. The command set are familiar and well known in the industry. Web Graphical User Interface (Web GUI), Command Line interface (CLI), RADIUS/TACACS+ with industry standard CLI and easy to use Web GUI. Management is made easy via a Web GUI or industry-standard Command Line Interface (CLI), with administration traffic protected via SSL or SSH encryption. SNMP (v1/v2c/v3) and RMON support enables the switch to be polled for valuable status information and allows it to send traps when abnormal events occur. This series is having Layer 3 Core and Data Center features, which are highly reliable, conformance to international open standards, durable, serviceable, aesthetics, perceived quality, enhanced performance with larger range with copper cables and usability leads to value to money. Easy Management via lots of options like Web-based Graphical User Interface (WEBUI), Industry standard Command Line interface (CLI) via console, management Ethernet interface, USB via telnet, SSH, HTTP, HTTPS and Putty.

Lifetime Free Software Licensing and Upgrades

MarshallOS Software license and Upgrades are free for lifetime. Users do not have to worry about switch license expiring and software getting outdated and purchasing license (which is constant concern and worry of few other brands) This series has improved HTTP base firmware upgrade as well as CLI based upgrades which are freely available to all users without any cost or license fee for lifetime. It is easy to install, configure, monitor, and troubleshoot. It significantly reduces cost of administration and Total Cost of Ownership (TCO).

Auto MDIX Capabilities

Auto sensing/Auto PoE/PoE+ 10/100/1000 ports with auto MDIX capabilities which also removes speed and duplex mismatches automatically as well as covers larger physical distance with copper pairs compared to other brands best switches.

Flexible Service Control

With various ACLs to flexibly control ports. It also supports Port-based VLAN assignment, MAC address-based VLAN assignment, Protocol-based VLAN assignment, and Network segment-based VLAN assignment. These secure and flexible VLAN assignment modes are used in networks where users move frequently. It also supports GARP VLAN Registration Protocol (GVRP), which dynamically distributes, registers, and propagates VLAN attributes to ensure correct VLAN configuration and reduce network administrator workloads. This series switches supports SSH v1/v2/v3, RMON, port-based traffic statistics, LLDP/LLDP-MED.

Compact Design with Flexibility of additional ports

The switches provide additional deployment flexibility, fiber connectivity for easy expansion of your networks. So, you can directly connect to a high-performance storage server or deploy a long-distance uplink to another switch.

Perfect for Noise-Sensitive Environments

This series comes with fans along with Small form-factor, for silent operation. Perfect for noise sensitive environments. Fan based Switches have Temperature- and load-based fan-speed up to 10000 rpm control combines accurate monitoring with minimized system acoustic noise. The Fan based switches also feature built-in smart fans that monitor and detect temperature changes, adjusting the fan speed for maximum efficiency. At lower temperatures, the fans run at a lower speed, reducing both the power consumption and noise output of the switch.

Zero Maintenance

Cost efficient switches, with a reasonable PoE/PoE+ power budget up to 1600W along with PoE/PoE+ configurable scheduler to automated Power ON/OFF connected PoE/PoE+ devices as per scheduled timing with Cost of ownership is less compared to other products of same features as well as zero maintenance. Maximum power reduction for ongoing operation cost savings.

Easy Debugging and Troubleshooting

Ping, Traceroute, SNMP, RMON, Web based real time Switch ports monitoring with WEBUI and CLI can easily troubleshoot any problem in network with various show and debug commands.

Longer Distance Coverage

State of art quality switches that can serve real time high-speed performance which covers longer physical distance up to 250 meters with copper pairs compared to other brands.

Software

COMMANDO Marshall OS IP services work as core and data center switches which connect to other core switches using 100GE/40GE/10GE/1GE ports and use technologies such as VXLAN to build a non-blocking large Layer 2 network, which allows for large-scale VM migration and flexible service deployment. It comes with 100G, 40G, 10G and 1G models in a variety of form factors including PoE/PoE+ full provisioning. It delivers IPv4/IPv6 rich services for mid-enterprise edge and SMB core with mixed stacking between 100, 40, 10 and 1-GigabitEthernet. Advanced Layer 2, Layer 3 and Layer 4 feature set with no license required.

Advanced classifier-based, time-based hardware implementation for L2 (MAC), L3 (IP) and L4 (UDP/TCP transport ports) security and prioritization, Port-Channel / LAG (802.3ad - 802.1AX), MLAG, Voice VLAN with SIP, H323 and SCCP protocols detection and LLDP-MED IP phones automatic QoS and VLAN configuration, DOT1X, Comprehensive IPv4/IPv6 static and dynamic routing including Proxy ARP, OSPF,BGPv4, MPLS, Policy-based routing and automatic 6-to-4 tunneling, High performance IPv4/IPv6 multicast routing with PIM, Advanced IPv4/IPv6 security implementation including malicious code detection, DHCP Snooping, IP Source Guard protection and DoS attacks mitigation.

Well known Industry standard SNMP, RMON, MIB, LLDP, AAA, sFlow, RSPAN , Service port for out-of-band Ethernet management (OOB),

Standard RS232 straight-through serial RJ45, Standard USB port for local storage, logs, configuration or image files, Industry standard command line interface (CLI) with best known command by networking experts. Fully functional Web console (WebUI) for Network admins who prefer an easy to use, yet advance graphical interface.

Enhance Security using Traffic control MAC Filter and Port Security help restrict the traffic allowed into and out of specified ports or interfaces in the system to increase overall security and block MAC address flooding issues. DHCP Snooping monitors DHCP traffic between DHCP clients and DHCP servers to filter harmful DHCP message and builds a bindings database of (MAC address, IP address, VLAN ID, port) that are considered authorized in order to prevent DHCP server spoofing attacks IP source guard and Dynamic ARP Inspection use the DHCP snooping bindings database per port and per VLAN to drop incoming packets that do not match any binding and to enforce source IP / MAC addresses for malicious users traffic elimination.

Time-based Access Control Lists (ACLs) can be bound to ports like Layer 2 interfaces, VLANs and LAGs. In-band and out of band switch management, management ACLs on CPU interface (Control Plane ACLs) are used to define the IP/MAC or protocol through which management access is allowed for increased HTTP/HTTPS or Telnet/SSH management security. Out-of-band management is available via dedicated service port (1G RJ45 OOB) when in-band management can be prohibited via management ACLs.

Bridge protocol data unit (BPDU) Guard, Dynamic 802.1x VLAN assignment mode, TACACS+ and RADIUS enhanced administrator management provides strict "Login" and "Enable" authentication enforcement for the switch configuration, Superior quality of service with advanced classifier-based hardware implementation for Layer 2 (MAC), Layer 3 (IP) and Layer 4 (UDP/TCP transport ports) prioritization. Advanced rate limiting down to 1 Kbps granularity and minimum guaranteed bandwidth can be associated with time-based ACLs for best granularity. DiffServ feature applied to class maps. Automatic Voice over IP prioritization with protocol-based (SIP, H323 and SCCP) or OUI-based Auto-VoIP for simultaneous voice calls. UDLD detects unidirectional links physical ports (UDLD must be enabled on both sides of the link in order to detect a unidirectional link).

It can be used for various applications and network sizes in data centers and high-end campus networks, featuring network scaling, automation, programmability, and real-time visibility. Following is a summary of software features supported.

Data Center Features

VSF (Virtual Switch Framework)
Priority Flow Control (PFC), Explicit Congestion Notification (ECN) and Data Center TCP
MLAG (Multi-Chassis Link Aggregation)
Overlay technology NVGRE/VXLAN/GENEVE
RPC-API for SDN (Software Defined Network)

L3 Features

Static Route
Dynamic Routing,RIPv1/v2/v3,OSPF v1/v2/v3, BGP4
OSPFv3, BGP4+
OSPF multiple process
Policy-based Routing(PBR) for IPv4 and Ipv6
VRRP
URPF
ECMP
BFD
IGMP v1/v2/v3, IGMP Proxy,
Static Multicast Route
Multicast Receive Control
Illegal Multicast Source Detect
ARP Guard, Local ARP proxy, Proxy ARP, ARP Binding, Gratuitous ARP, ARP Limit
Anti ARP/NDP Cheat, Anti ARP/NDP Scan. Dynamic ARP Inspection (DAI)
DNS Client, DNS Relay
GRE Tunnel

IPv6 Features

6to4 Tunnel, Configured Tunnel, ISATAP Tunnel, GRE Tunnel
ICMPv6,ND,DNSv6
IPv6 LPM Routing,IPv6 Policy-based Routing (PBR)
IPv6 VRRPv3,IPv6 URPF,IPv6 RA
RIPng,OSPFv3,BGP4+
MLD Snooping,IPv6 Multicast VLAN
MLDv1/v2, IPv6 ACL, IPv6 QoS

QoS

13 Queues
SWRR, SP, WRR, DWRR, SDWRR
Traffic Classification Based on 802.1p COS, ToS, DiffServ DSCP, ACL, port number
Traffic Policing
PRI Mark/Remark

ACL

IP ACL ,MAC ACL,IP-MAC ACL
Standard and Expanded ACL Based on source/destination IP or MAC,IP Protocol,
TCP/UDP port, DSCP, ToS, IP Precedence), VLAN, Tag/Untag, CoS
REDIRECT and Accounting based ACL
Rules can be configured to port, VLAN, VLAN routing interfaces
Time Ranged ACL

Security

802.1x AAA
Port, MAC based authentication
Accounting based on time length and traffic
Guest VLAN and auto VLAN
RADIUS for IPv4 and Ipv6
TACACS+ for IPv4 and Ipv6
MAB

DHCPv4/v6 Traffic Monitor

DHCP Server/Client for IPv4/IPv6
DHCP Relay/Option 82, 252
DHCP Snooping/Option 82

L1, L2 Features

IEEE802.3(10Base-T),
IEEE802.3u(100Base-TX),
IEEE802.3z(1000BASE-X),
IEEE802.3ab(1000Base-T),
IEEE802.3ae(10GBase), IEEE802.3x,
IEEE802.3ak(10GBASE-CX4)
Port loopback detection
LLDP and LLDP-MED
UDLD
802.3ad LACP, max 128 group trunks with max 8 ports for each trunk
LACP load balance
N:1 Port Mirroring
RSPAN
ERSPAN
IEEEE802.1d(STP)
IEEEE802.1w(RSTP)
IEEEE802.1s(MSTP)
Root Guard
BPDU Guard
BPDU Tunnel
IP Source Guard
MRPP
802.1Q, 4K VLAN
MAC VLAN, Voice VLAN, Protocol VLAN, Multicast VLAN
QinQ, Selective QinQ, Flexible QinQ
GVRP
N:1 VLAN Translation
Broadcast / Multicast / Unicast Storm Control
IGMP v1/v2/v3 Snooping and L2 Query
ND Snooping
MLDv1/v2 Snooping
Port Security
Flow Control: HOL, IEEE802.3x
Bandwidth Control

Traffic Monitor

sFlow Traffic Analysis

Security Network Management

CLI, WEB, Telnet, SNMPv1/v2c/v3 through IPv4 and IPv6
Syslog and external Syslog Server HTTP SSL
SNMP MIB, SNMP TRAP
FTP/TFTP
SNTP/NTP
RMOM 1,2,3,9
Authentication by Radius/TACACS
SSH v1/v2
Dual firmware images/ Configuration files
802.3ah OAM, 802.1ag OAM

GREEN Features

IEEE 802.3az(Energy Efficient Ethernet)
Auto FAN Speed Control, Temperature Alarm
LED Shut-Off

Table 1. COMMANDO Marshall OS IP Services software Features

FunctionDescription
Standards and Protocols
  • IEEE 802.3af,Power Over Ethernet
  • IEEE 802.3at, Power Over Ethernet Plus
  • IEEE 802.3u,100BASE-TX
  • IEEE 802.3ab,1000 BASE-T
  • IEEE 802.3z,1000 BASE-X
  • IEEE 802.3ad,Static or Dynamic Link Aggregation
  • IEEE 802.3x,Full-Duplex Flow Control
  • IEEE 802.3az,EEE (Energy Efficient Ethernet)
  • IEEE 802.1q,VLAN
  • IEEE 802.1p,QoS/CoS
  • IEEE 802.1d,STP (Spanning Tree Protocol)
  • IEEE 802.1w,Rapid Spanning Tree Protocol
ETHERNET BASIC FEATURESEthernet interface operating modes: full duplex, half duplex, and auto-negotiation, Ethernet interface operating rates, Jumbo frames(10000 bytes), Flow-control tx/rx, Port based storm-control, Port-block (know-unicast/unknow-unicast/know-multicast/unknown multicast/broadcast), Uni-direction isolate, L2 Protocol Tunnel, Support DOT1X/LLDP/SLOW-PROTO/STP/RSTP/MST), Store-and-forward, Cut-through
MAC Address TableSupport auto-update, two-way learning, Automatic learning and aging of MAC addresses, Hardware Learning, Static and dynamic MAC address entries, Blackhole MAC, MAC Flapping detect, Port Bridge
VLANPort-based VLANs, 4094 Vlans, VLANs based on IEEE 802.1q, Access/Trunk, Default VLAN, VLAN Classification (port based/mac based/ip based/protocol based), Basic QinQ, Selective QinQ, VLAN Mapping 1:1 VLAN Translation, VLAN Statistics, Private VLAN, Voice VLAN, Guest VLAN
Spanning TreeSupport Rapid Spanning Tree Protocol (Default Setting),Support Spanning Tree Protocol, Support Multiple spanning Tree, Multi-instance Spanning-Tree Protocol, BPDU Filter/Guard, Root Guard, Loop Guard, Anti TC-BPDU attack
Link AggregationSupport 8 aggregation groups, and a maximum of 8 ports in each aggregation group, Static aggregation and LACP
Port MirroringSupport bi-direction port mirroring, RSPAN function for remote mirroring
Port IsolationIsolation between downlink ports without influence the communication between downlink and uplink ports
Port Flow ControlBack-pressure traffic control under Half-Duplex mode, IEEE 802.3x traffic control under Full-Duplex mode
Port Rate RestrictionPort-based ingress or egress rate limiting
DHCPDHCP Server, Client, Relay, Snooping, Option-82
Storm SuppressionSupport the suppression of broadcast storm based on forwarding rate
Multicast ControlSupport IGMPv1/2/3 and MLDv1/2 Snooping;
SecurityAttack Prevention(Land attack/Blat attack/Ping attack/TCP control flag attack), MAC & Port based Security, IP, MAC, Port based ACL, Vlan ACL, ARP binding, TCP/UDP port-based Security
QOS802.1p(Port Queuing Priority), WRR (Weighted Round Robin), Cos/Tos, QOS
PoEPoE /PoE+( IEEE 802.3af/IEEE 802.3at), Intelligent restart for PoE/PoE+ Scheduling, Timed restart as per Scheduled time
Physic Medium10/100Base-TX:UTP category 5/5e/6 cables ( Maximum 250m), 1000Base-T:UTP Category 5/5e/6 cable ( Maximum 250m ), 1000Base-SX:fiber with 850nm wavelength, supports a max transmission distance of 550m, 1000Base-LX:fiber with 1310nm / 1550nm wavelength, supports a max transmission distance of 80km, Up to 48 ports QSFP28 for 100G and can support 10G/40G/10G QSFP+ and 1G SFP.
Network Cable DeploymentSupport Auto-MDIX function, automatically identify straight forward cable and cross-over cable
Negotiation PatternSupport port auto-negotiation function (automatically negotiate transmission rate and Duplex modes)
ERPSSingle ERPS ring, Tangent ERPS rings, Tangent ERPS rings, Intersecting ERPS rings, Compatible with RRPP
G.8031G.8031-Ethernet Linear Network Protection
G.8032G.8032 v1 & v2, Single Ring, Sub Ring
Loopback DetectLoopback-detection
Layer 2 multicastIGMPv1/v2/v3 Snooping, Fast leave, Static IGMP snooping group, MVR- Multicast VLAN Registration
ARPStatic and dynamic ARP entries, Aging of ARP entries, Gratuitous ARP, Basic ARP-Proxy, Local ARP-Proxy
IPv4 Unicast RoutingIPv4 Static Routes, Blackhole Routes, Co-work with IP SLA, VRF- Virtual Routing and Forwarding, uRPF check, RIPv1/v2/ng, OSPFv2, IS-IS, IBGP, EBGP, Route-map, IPv4 prefix-list, PBR -Policy-based Routing, ICMP redirect, ICMP unreachable,ECMP(SLB), ECMP(DLB), ECMP(RR), ECMP Self-healing
IPv4 Multicast RoutingIGMPv1/v2/v3, IGMP-Proxy, IGMP SSM Mapping, PIM-SM, PIM-SSM, PIM-DM
IPv6 Basic ProtocolICMPv6, NDP, PMTU
IPv6 Unicast routingIPv6 Static Route, RIPng, OSPFv3
IPv6 Multicast routingMLD v1/v2, MLD v1/v2 Snooping, MVR6, PIM-SM v6
IP TunnelIPv6 over IPv4 Tunnel, 6to4 Tunnel, ISATAP Tunnel
IPv6 ServiceDHCPv6 Relay, DHCPv6 Snooping, IPv6 Prefix-list
Traffic classificationTraffic classification based on COS/DSCP (simple classification), Traffic classification based on ACL (complex classification), Traffic classification based on inner header of the tunnel packets
Traffic behaviorsQueue scheduling, Remark the priority fields (COS/DSCP) of the packet based on Table Map, Flow redirection, Flow mirror
Traffic policingTraffic policing based on direction(in/out) of Port, Traffic policing based on direction(in/out) of VLAN, Traffic policing based on direction(in/out) of flow, Traffic policing based on direction(in/out) of aggregated flow
Traffic shapingQueue based traffic shaping, Port based traffic shaping
Congestion managementSP- Strict Priority scheduling, WDRR - Weighted Deficit Round Robin scheduling, SP + WDRR mixed scheduling
Congestion avoidanceTD-Tail Drop, WRED - Weighted Random Early Detection
Traffic statisticsPacket counts and bytes statistics based on traffic classification, Packet counts and bytes statistics based on the color after traffic policing, Forwarded and discarded packet counts and bytes statistics
ECN (Explicit congestion notification)ECN tags based on Tail Drop, ECN tags based on WRED
BFDBFD for Static route, BFD for OSPFv2, BFD for VRRP/Track
VRRPVRRP, Track for VRRP
Smart LinkMulti-instance, Load balance, Multi-Link, Monitor-link
MLAGMLAG basic, MLAG orphan Port
VARPVARP-Virtual-ARP, VARP subnet
TunnelManual configure VxLAN tunnel, VxLAN distributed gateway, VxLAN active-active access, Interconnect across Datacenters based on VxLAN, L2 Protocol packet passthrough, Edit DSCP in VxLAN outer header, BGP EVPN, GRE Tunnel, NVGRE Tunnel, GENEVE Tunnel
DCBLLDP support DCBX TLV, PFC
AAAAuthentication, Authorization, Accounting
Dot1xPort based dot1x, MAC based dot1x, Guest VLAN
ACLMAC/IP ACL, Basic Mode ACL, Port-group ACL, VLAN-group ACL, IPv6 ACL, ACL UDF, Time Range
Port SecurityLimitation on MAC address learning on interface
VLAN SecurityLimitation on MAC address learning on VLAN
COPPBlack list/white list, Rate limit
CPU Traffic LimitCPU Traffic Limit
Prevent DDOS attackPrevent DDOS attack (ICMP Flood/Smurf/Fraggle/LAND/SYN Flood)
Login filterTelnet/SSH ACL filtering, Telnet/SSH IPv6 ACL filtering
MAC SecurityMacSec (802.1AE)
Link-Flapping detectionLink-Flapping detection
Terminal ServicesConfigurations through CLI (Command Line Interface), Banner configuration, Help information in English, Vty Terminal service
Configuration ManagementInband management interface and configuration, Outband management interface and configuration, Privileged user priority and privileged commands, Network management based on SNMPv1/v2c/v3, Public and private MIB, Public and private Trap, Configuration and management based on WEB UI, Configuration and management based on RPC-API, Smart Config-Automatically configuration when system start, Configuration and management based on OVSDB, Change the system specifications by choose different STM Profiles, eature configuration based on License, Restore factory default configuration
File SystemFile system (support directory and file management), Upload and download files through FTP or TFTP, Upload and download files through Xmodem
Debugging And MaintenancePer-module Debug features, ICMP Debug, Software process monitor: BHM- Beat Heart Monitor, Hardware Watch Dog, CPU usage display and alarm, Memory usage display and alarm, Device temperature and FAN status display and alarm, User operation logs, Management of logs, alarms, and debugging information, VCT- Virtual Cable Test, Detailed Diagnostic-information collection, Manual reboot, Schedule Reboot, Reboot Information logging, Ping, IPv6 Ping, Traceroute,Port mirror, Flow mirror, Remote mirror, Multi-destination mirror m:n, Use CPU as mirror source, Use CPU as mirror destination and analyze packet, ERSPAN, To CPU/From CPU packets statistics, Layer2 network connectivity detection - L2Ping (MAC Ping/Trace), UDLD- Unidirectional Link Detection, Unidirectional forwarding of the fiber, Port loopback, Hardware loopback internal/external, Time configuration,Time zone
Version UpgradeUpgrade with the local image file, Upgrade with the remote TFTP server, Online upgrade Uboot
MaintenanceDetect the connectivity of network cables, Uploading or downloading of the configuration data, Uploading of firmware upgrade patch, Support system logs, WEB-based reset to factory defaults
ManagementWEB-based management, CLI Management (Command Line Interface), Telnet, SNMP

Table 2. C3500 Marshall OS Software Highlights

ProtocolsDescription
1. Ethernet basic features
Highlight: Ethernet
interfaceEthernet interface operating modes(full duplex, half duplex, and auto- negotiation), Ethernet interface operating rates, Jumbo Frame, Port-xconnect
Flow-controlFlow-control tx/rx
storm-controlPort based storm-control
Port-blockPort-block(know-unicast/unknow, unicast/know-multicast/unknow- multicast/broadcast)
Port-isolateL2/L3/All Port-isolate, Uni-direction isolate
L2 Protocol TunnelL2 Protocol Tunnel(support CFM/DOT1X/LLDP/SLOW- PROTO/STP/VTP
Forward modeStore-and-forward, Cut-through
Highlight: VLAN
VLAN Access modeAccess/Trunk, Default VLAN
VLAN ClassificationVLAN Classification(port based/mac based/ip based/protocal based)
QinQBasic QinQ, Selective QinQ, VLAN Mapping(1:1 VLAN Translation)
VLAN StatisticsVLAN Statistics
Private VLANPrivate VLAN
Voice VLANVoice VLAN
Guest VLANGuest VLAN
Highlight: MAC
MAC Address TableAutomatic learning and aging of MAC, addresses, Hardware Learning, Static and dynamic MAC address entries, blackhole MAC
MAC Flapping detectMAC Flapping detect
Port BridgePort Bridge
Highlight: LAG
Link aggregationStatic-LAG, LACP, MLAG, LAG load balance(SLB), LAG load balance(DLB), LAG load balance(RR), LAG Self-healing
2. Ethernet Ring protection features
Highlight: xSTP
STPSpanning-Tree Protocol
RSTPRapid Spanning-Tree Protocol
MSTPMulti-instance Spanning-Tree Protocol
Spanning-Tree Protocol ProtectionBPDU Filter/Guard, Root Guard, Loop Guard, Anti TC-BPDU attack
Highlight: ERPS
ERPSSingle ERPS ring, tangent ERPS rings, intersecting ERPS rings, compatible with RRPP
Highlight: G.8031
G.8031G.8031(Ethernet Linear Network Protection)
Highlight: G.8032
G.8032G.8032 V1 & V2, Single Ring, Sub Ring
Highlight: Loopback Detect
Loopback DetectLoopback-detection
3. Layer 2 Multicast
Highlight: Layer 2 Multicast
IGMP SnoopingIGMPv1/v2/v3 Snooping, Fast leave, Static IGMP snooping group
MVRMVR(Multicast VLAN Registration)
4. IPv4 Forwarding
Highlight: ARP
ARPStatic and dynamic ARP entries, Aging of ARP entries, Gratuitous ARP
ARP proxyBasic ARP-Proxy, Local ARP-Proxy
Highlight: IPv4 Unicast Routing
IPv4 Static RoutesIPv4 Static Routes, Blackhole Routes, Co-work with IP SLA, VRF(Virtual Routing and Forwarding), uRPF check
RIPRIPv1/v2
OSPFv2OSPFv2
IS-ISIS-IS
BGPIBGP, EBGP
Route policyRoute-map, IPv4 prefix-list
PBRPBR(Policy-based Routing)
ICMPICMP redirect, ICMP unreachable
ECMPECMP(SLB), ECMP(DLB), ECMP(RR), ECMP Self-healing
Highlight: IPv4 Multicast Routing
IGMPIGMPv1/v2/v3, IGMP-Proxy, IGMP SSM Mapping
PIMPIM-SM, PIM-SSM, PIM-DM
5. IPv6 Forwarding
Highlight: IPv6 Basic Protocol
ICMPv6ICMPv6
NDPNDP
PMTUPMTU
Highlight: IPv6 Unicast Routing
IPv6 Static RoutesIPv6 Static Routes
RIPngRIPng
OSPFv3OSPFv3
Highlight: IPv6 Multicast Routing
MLD v1/v2MLD v1/v2
MLD v1/v2 SnoopingMLD v1/v2 Snooping
MVR6MVR6
PIM-SM v6PIM-SM v6
Highlight: IP Tunnel
IPv6 over IPv4 TunnelIPv6 over IPv4 Tunnel
6to4 Tunnel6to4 Tunnel
ISATAP TunnelISATAP Tunnel
Highlight: IPv6 Service
DHCPv6DHCPv6 Relay, DHCPv6 Snooping
IPv6 Prefix ListIPv6 Prefix-list
6. Device reliability features
Highlight: BFD
BFDBFD for Static route, BFD for OSPFv2, BFD for VRRP/Track, BFD for PBR
Highlight: VRRP
VRRPVRRP, Track for VRRP
Highlight: Smart Link
Smart Linkmulti-instance, load balance, Multi-Link, Monitor-link
Highlight: MAG
MLAGMLAG basic, MLAG orphan Port
7. Ethernet OAM
Highlight: EFM
EFM (802.3ah)Auto detection, Network fault detection, Network fault handle, remote loopback
Highlight: CFM
CFM (802.1ag)Hardware CCM detect, MAC Ping, MAC Trace
Highlight: Y.1731
Y.1731Latency and jitter measure
8. QoS features
Highlight: QoS
Traffic classificationTraffic classification based on COS/DSCP (simple classification), Traffic classification based on ACL ( complex classification), Traffic classification based on inner header of the tunnel packets
Traffic behaviorsQueue scheduling, Remark the priority fields(COS/DSCP) of the packet based on ACL, Remark the priority fields(COS/DSCP) of the, packet based on Table, Flow redirection, Flow mirror
Traffic policingTraffic policing based on direction(in/out) of Port, Traffic policing based on direction(in/out) of VLAN, Traffic policing based on direction(in/out) of flow, Traffic policing based on direction(in/out) of aggregated flow
Traffic shapingQueue based traffic shaping, Port based traffic shaping
Congestion managementSP(Strict Priority)scheduling, WDRR(Weighted Deficit Round Robin)scheduling, SP + WDRR mixed scheduling
Congestion avoidanceTD (Tail Drop), WRE (Weighted Random Early Detection)
Traffic statisticsPacket counts and bytes statistics based on traffic classification, Packet counts and bytes statistics based on the color after traffic, Forwarded and discarded packet counts and bytes statistics
ECN (Explicit congestion notification)ECN tags based on Tail Drop, ECN tags based on WRED
9. Data Center
Highlight: VARP
Virtual gatewayVARP (Virtual-ARP), VARP subnet
Highlight: Tunnel
VxLANManual configure VxLAN tunnel, VxLAN distributed gateway, VxLAN active-active access, Interconnect across Datacenters based on VxLAN, L2 Protocol packet passthrough, Edit DSCP in VxLAN outer header, BGP EVPN, Support to enable/disable overlay split horizon per-VNI
GRE TunnelGRE Tunnel
NVGRE TunnelNVGRE Tunnel
GENEVE TunnelGENEVE Tunnel
Highlight: DCB
DCBXLLDP support DCBX TLV
PFCPFC
10. Metro features
Highlight: IPRAN
LDPLDP
MPLS ForwardingMPLS Forwarding
VPWSVPWS
VPLSVPLS
MPLS OAMMPLS OAM
MPLS StatsMPLS Stats
L3VPNL3VPN
ACLMPLS ACL
QoSMPLS QoS
Highlight: System Security
SSHSSHv1/v2, RSA Key generation
RADIUSRADIUS
TACAS+TACAS+
AAAAuthentication, Authorization, Accounting
Dot1xPort based dot1x, MAC based dot1x, Guest VLAN
ACLMAC/IP ACL, Basic Mode ACL, Port-group ACL, VLAN-group ACL, IPv6 ACL, ACL UDF, Time Range
ARP InspectionARP Inspection
IP Source GuardIP Source Guard
Port SecurityLimitation on MAC address learning on interface
VLAN SecurityLimitation on MAC address learning on VLAN
11. Security and Management
Control Plane Policy (COPP)Black list/white list, Rate limit
CPU Traffic LimitCPU Traffic Limit
Prevent DDOS attackPrevent DDOS attack (ICMP Flood/Smurf/Fraggle/LAND/SYN Flood)
Login filterTelnet/SSH ACL filtering, Telnet/SSH IPv6 ACL filtering
MAC SecurityMacSec (802.1AE)
Link-Flapping detectionLink-Flapping detection
Highlight: Network Management
DHCPDHCP Server, DHCP Relay, DHCP Snooping, DHCP Client, DHCP Option82, DHCP Option252
RMONRMON
sFlowsFlow v4/v5
IP SLAIP SLA
IPFIXIPFIX
Latency/Buffer MonitorLatency Monitor, Buffer Monitor
EFDElephant Flow Detection
NTPNTP(Network Time Protocol)
ErrdisableErrdisable detection and recovery
DNSStatic DNS Client
LLDPLLDP
12. Configuration and maintenance
Highlight: Terminal Services
Command Line InterfaceConfigurations through CLI (Command Line Interface)
Help informationBanner configuration, Help information in English
Terminal serviceVty Terminal service, Console Terminal service
Highlight: Configuration Management
Management interfaceInband management interface and configuration, Outband management interface and configuration
User privilege managementprivileged user priority and privileged commands
SNMPNetwork management based on SNMPv1/v2c/v3, Public and private MIB, Public and private Trap
WEBConfiguration and management based on WEB UI
RPC-APIConfiguration and management based on RPC-API
SmartConfigSmartConfig(Automatically configuration when system start)
OVSDBConfiguration and management based on OVSDB
system profile configurationchange the system specifications by choose different STM Profiles
License controlFeature configuration based on License
Restore factory default configurationRestore factory default configuration
Highlight: File System
File systemFile system(support directory and file management)
Upload and download
  • Upload and download files through FTP or TFTP
  • Upload and download files through Xmodem
Highlight: Debugging And Maintenance
Debugper-module Debug features, ICMP Debug
BHMSoftware process monitor: BHM(Beat Heart Monitor), Hardware Watch Dog
Log & alarmCPU usage display and alarm, Memory usage display and alarm, Device temperature PSU FAN status display and alarm, User operation logs, Management of logs, alarms, and debugging information
VCTVCT(Virtual Cable Test
System diagnosticsDetailed Diagnostic-information collection
RebootManual reboot, Schedule Reboot, Reboot Information logging
Network diagnosticsPing, IPv6 Ping, Traceroute
MirrorPort mirror, Flow mirror, Remote mirror, Multi-destination mirror(m:n), Use CPU as mirror source, Use CPU as mirror destination and analyze packet, ERSPAN
CPU statisticsTo CPU/From CPU packets statistics
L2 Pinglayer2 network connectivity detection - L2Ping (MAC Ping/Trace)
UDLDUDLD(Unidirectional Link Detection)
Uni directionalunidirectional forwarding of the fiber
Loopbackport loopback, hardware loopback(internal/external
System timeTime configuration, Timezone
Highlight: Version Upgrade
System software upgradeupgrade with the local image file, upgrade with the remote TFTP server
Uboot upgradeOnline upgrade Uboot

Convergence Time

By default, RSTP used for all COMMANDO MarshallOSthe maximum age (20 seconds) and forward delay (15 seconds), it takes 50 seconds for the device to converge. RSTP converges faster because it uses a handshake mechanism based on point-to-point links instead of the timer-based process used by STP.

IP multicast snooping and IGMP automatically prevent flooding of IP multicast traffic.

IEEE 802.1AB Link Layer Discovery Protocol (LLDP) facilitates easy mapping using network management applications with LLDP automated device discovery protocol

LLDP-MED (Media Endpoint Discovery) defines a standard extension of LLDP that stores values for parameters such as QoS and VLAN to configure automatically network devices such as IP phones.

STP/RSTP/MSTP for loop free network, IEEE 802.1s Multiple Spanning Tree provides high link availability by allowing multiple spanning trees; provides legacy support for IEEE 802.1d and IEEE 802.1w

IEEE 802.3ad Link Layer Discovery Protocol (LACP) and port trunking support up to 8 static, dynamic, or distributed trunks with each trunk having up to eight links (ports) per static trunk. Lag links provides easy-to-configure link redundancy of active and standby links.

Security

The AAA feature allows you to verify the identity of, grant access to, and track the actions of users. It supports Remote Access Dial-In User Service (RADIUS) or Terminal Access Controller Access-Control System Plus (TACACS+) protocols.

Based on the user ID and password combination that you provide, the switch perform local authentication or authorization using the local database or remote authentication or authorization using one or more AAA servers. A pre-shared secret key provides security for communication between the Switch and AAA servers. You can configure a common secret key for all AAA servers or for only a specific AAA server.

It supports Multiple user authentication methods

Uses an IEEE 802.1X supplicant on the client in conjunction with a RADIUS server to authenticate in accordance with industry standards.
Supports web-based and MAC-based authentication
Multiple IEEE 802.1X users per port provides authentication of multiple devices on a single port; prevents a user from piggy backing on another user’s IEEE 802.1X authentication.
Concurrent IEEE 802.1X, Web and MAC authentication schemes per port switch port will accept up to 8 sessions of IEEE 802.1X, Web and MAC authentications.
Access control lists (ACLs) provide IP Layer 3 filtering based on source and destination IP address or subnet or source and destination TCP/UDP port number.
Source-port filtering allows only specified ports to communicate with each other.
RADIUS/TACACS+ eases switch management security administration by using a password authentication server.
Secure shell encrypts all transmitted data for secure remote CLI access over IP networks.
Secure Sockets Layer (SSL) encrypts all HTTP traffic, allowing secure access to the browser-based management GUI in the switch.
Port security allows access only to specified MAC addresses, which can be learned or specified by the administrator.
MAC address lockout prevents particular configured MAC addresses from connecting to the network.
Secure FTP allows secure file transfer to and from the switch and protects against unwanted file downloads or unauthorized copying of a switch configuration file.
Switch management logon security helps secure switch CLI logon by optionally requiring either RADIUS or TACACS+ authentication.
Custom banner displays security policy when users log in to the switch.
STP BPDU port protection blocks Bridge Protocol Data Units (BPDUs) on ports that do not require BPDUs, preventing forged BPDU attacks.
DHCP protection blocks DHCP packets from unauthorized DHCP servers, preventing denial-of-service attacks.
Dynamic ARP protection blocks ARP broadcasts from unauthorized hosts, preventing eavesdropping or theft of network data.
Dynamic IP lockdown works with DHCP protection to block traffic from unauthorized hosts, preventing IP source address spoofing.
STP root guard protects the root bridge from malicious attacks or configuration mistakes.
Identity-driven ACL enables implementation of a highly granular and flexible access security policy and VLAN assignment specific to each authenticated network user.
Per-port broadcast throttling configures broadcast control selectively on heavy traffic port uplinks.
Monitor and diagnostics digital optical monitoring of SFP and 1000BASE-T transceivers allow detailed monitoring of the transceiver settings and parameters.

Effective Management

COMMANDO MarshallOS offers Network Monitoring for users to observe traffic behavior with Port Mirroring, Loop Prevention and DHCP snooping features, can identify and even locate connection problems on your business network.

Administrators can designate the priority of the traffic based on Port Priority, 802.1P and DSCP Priority, to ensure that voice and video are always clear, smooth and lag-free.
Voice VLAN, port-based VLAN and 802.1Q-based VLAN functions.
RMON provide advanced monitoring and reporting capabilities for statistics, history, alarms, and events.
Troubleshooting ingress and egress port monitoring enable more efficient problem solving.
Unidirectional Link Detection (UDLD) monitors the link between two switches and blocks the ports on both ends of the link if the link goes down at any point between the two devices.

Hardware

COMMANDO Marshall C3500 Managed L3+ Core and Data Center Series Modular Routing Switch is the data center switch built for the cloud. It uses achieve easy to deploy, use, manage and designed exclusively for enterprise-class core and aggregation layer data center switches, specially built for Security, IoT, and Cloud networking needs of growing businesses, data centers and high-end campus networks maximum throughput. All ports capable of gigabit Ethernet speed and support either PoE or PoE+ power maximum 30W per port with up to 100G QSFP28 stacking. This series has 16, 24 & 48 ports models with auto-negotiation 10/100/1000Mbps PoE (PoE+) . It has additional Combo 4/6 Ports or with flexible SFP, SFP+, QSFP+, QSFP28 Uplinks. PoE/PoE+ power supply transmission is more reliable due to design of robust network transformer which uses high current. Various power budget options like 1000W/1600W PoE+ Power for 16, 24 & 48 ports PoE Switch models. PD detection will automatically detect and provide required power for your PoE/PoE+ devices. These devices having powerful PoE budget up to 1600W (800W+800W) and flexible enough for users to deploy wireless access points, surveillance cameras, IP phones and other PoE/PoE+ supported devices. The switch also comes equipped with 4/6 SFP slots, for expanding network’s reachability.

It has Temperature Control Fan control circuitry varies the fan speed to increases or decreases the airflow needed to keep the system operating in a desired temperature by adjusting fan speeds to optimize cooling. These Energy Efficient switchesallows optimizes air circulation to provide more effective cooling throughout rack systems in data centers where the switches are used when compared to side-to-side airflow. The switches also feature built-in smart fans; internal heat sensors monitor and detect temperature changes and react accordingly by utilizing different fan speeds for different temperatures. At lower temperatures, the fans will run slower, reducing the switch’s power consumption and noise. It has Hardware watchdog support which guard against certain types of system hangs. Watchdog timer is used to escape from if something goes wrong. Based on the situation, the Switches can automatically reset itself, or recover from the failure and generate an error message in the console logs. Long life electrolytic capacitance. High Quality PCB Circuit Board and PCB Surface Treatment Using Gold Sinking Process. Rack mount design, Mounts in an EIA-standard 19-inch telco rack or equipment cabinet (Rack-mounting kit available); horizontal surface mounting; wall mounting and also having durable robust metal body. Bilateral heat dissipation. Power and ports status/ activity indicator LED lights. RJ45 Gold plated with 3U thickness.

Specifications

COMMANDO Marshall C3500 Managed L3+ Core and Data Center Series Modular Routing Switches all ports capable of gigabit Ethernet speed and support either PoE or PoE+ power maximum 30W Per port with up to 100G stacking. This series has 24 & 48 ports models with auto-negotiation 10/100/1000Mbps PoE (PoE+) with flexible SFP, SFP+ and 100GBASE-X QSFP28 ports with speed up to 1/10/40/100 Gigabit Ethernet Fiber. PoE/PoE+ power supply transmission is more reliable due to design of robust network transformer which uses high current. Various power budget options like 1000W/1600W PoE+ Power for 24 & 48 ports PoE Switch models. PD detection will automatically detect and provide required power for your PoE/PoE+ devices. These devices having powerful PoE budget up to 1600W and flexible enough for users to deploy wireless access points, surveillance cameras, IP phones and other PoE/PoE+ supported devices.

It supports Maximum Jumbo frame size 10000, MAC Address Table Capacity 114688, ARP Capacity of 12288 with IPv4 FIB of 56K. It has Temperature Control Fan control circuitry varies the fan speed up to 10000rpm to increases or decreases the airflow needed to keep the system operating in a desired temperature by adjusting fan speeds to optimize cooling. These Energy Efficient switchesallows optimizes air circulation to provide more effective cooling throughout rack systems in data centers where the switches are used when compared to side-to-side airflow. The switches also feature built-in smart fans; internal heat sensors monitor and detect temperature changes and react accordingly by utilizing different fan speeds for different temperatures. At lower temperatures, the fans will run slower, reducing the switch’s power consumption and noise.

Table 3. C3500 Marshall Hardware product highlights

1. Basic Hardware product highlights
Product PositioningData Center TOR access, Enterprise / Metro / HCI (Hyper-Converged Infrastructure) network access or aggregation
Switching MethodStore and Forwarding / Cut Through
Packet Buffer72MB
CPU Model/ Frequency1.3GHz
Flash8GB(eMMC)
Memory16GB
Hardware Configuration
Main Board Specification
  • 24/48 x up to 40GE SFP+ Port
  • 2/4/8 x 100GE QSFP28 Port
Console TypeRJ45
Outband Eth Management PortSupport RJ45 based
Inband Eth Management PortSupport
USB PortsSupport USB port
2. Performance Specification
Switching Capacity
Switching CapabilityUp to 880 Gbps
ThroughputUp to 654 Mpps
LatencyMin: 660ns, Max: 960ns
3. Hardware Summary and reboot time
Hardware Summary
  • Standard 1U 19'' Rack Mountable
  • 24/48 x 10GE SFP+ Port
  • 2/4/8 x 100GE QSFP28 Port
Software Upgrade MethodTFTP/FTP
Service interruption time when reboot system for software updateLess Than 120s
4. Power Supply and Power Requirements
Type of Power Supply
ACSupport
DCSupport
Power Supply Range
AC
  • Operating Voltage: 100 ~ 240V; 50/60Hz
  • Maximum Voltage: 90 ~ 264V; 47~63Hz
DCOperating Voltage: -48V ~ -60V
Double Power InputSupport
Power Supply Module PluggableSupport
PoE Budget Up to 1600W depending on models
Max Power Drawn by switch52W/59W
Over-current and Over-voltage Protection
Overcurrent/Overvoltage ProtectionYes
Surge Protection Level±6 kV
6. Hardware content
Hardware Size (H×W×D) in.4.36 x 44.0 x 37.0 cm (1.73 x 17.5 x 14.6 inches)
Weight (kg)Up to 15 kg (Include 2 Power Modules)
Cooling ModeFan Cooling (Front-to-Rear Airflow)
Quantity of Fans4
Fan Module PluggableNot support (Fixed fan)
Fan Module Intelligent Speed ControlSupported up to 10000rpm.
Operating Temperature Range0ºC - 45ºC

COMMANDO Marshall C3500 Managed L3+ Core and Data Center Series Modular Routing Switches Technical Specifications are as follows.

Table 4. COMMANDO Marshall C3500 Managed Core Series Technical Specifications

HighlightsTechnical SpecificationsC3500
Feature: Ethernet
JumboframeMaximum Jumbo frame size10000
Unicast MAC
  • MAC Address Table Capacity
  • MAC Learning Rate (SW)
  • MAC Learning Rate (HW)
  • Blackhole MAC address capacity
  • 114688
  • > 4000pps
  • > 10Gbps
  • 128
Multicast MACMAC address Capacity2048
VLAN
  • VLAN IDs
  • VLAN Instances
  • VLANs to enable statistics
  • 4094
  • 4094
  • 256
VLAN Mapping
  • Maximum mapping table
  • Maximum rules Number
  • 64
  • 1024
EVCMaximum EVC Number4094
Link Aggregation (Static & LACP)
  • Maximum Member Number per group
  • Maximum Group Number
  • Load balance key mode
  • Convergence time
  • 2048
  • 64
  • Static/Dlb/rr/Resilient/Self-healing
  • < 50ms
VLAN Classification
  • Maximum Rule Number
  • Maximum Group Number
  • Base MAC Capacity
  • Base IPv4 Capacity
  • Base IPv6 Capacity
  • Base Protocol Capacity
  • 4096
  • 1
  • 512
  • 448
  • 32
  • 7
Feature: Ethernet Ring protection
STPConvergence time< 30s
RSTPConvergence time< 1s
MSTP
  • Instance Number
  • Convergence time
  • 64
  • < 1s
ERPS
  • Domain Number
  • Ring Number
  • Protection instance Number per Ring
  • Switchover time
  • 16
  • 1 Primary ring/domain
  • 64
  • < 50 ms
G.8031
  • Group numbers
  • Switchover time
  • 256
  • < 50 ms
G.8032
  • Rings
  • Switchover time
  • 256
  • < 50 ms
Feature: Ethernet OAM
CFM(802.1ag)
  • Maximum Session Number
  • Maximum domain Number
  • CCM Interval types
  • CCM minimum Interval
  • Maximum Down MEP Number
  • Maximum Up MEP Number
  • Maximum LMEP Number
  • 1K
  • 8
  • 7
  • 3.3ms
  • 1024
  • 1024
  • 1024
Feature: IPv4 unicast
ARPARP Capacity12288
IPv4FIB56K
ECMPECMP Group240
PBR
  • Policy Route Map
  • Policy Based Routing ACE
  • 64
  • 256
OSPF
  • Maximum Static Neighbors
  • Maximum Summary address
  • 256
  • 2000
Feature: IPv4 multicast
IPMC
  • Multicast Routing Table
  • Number of interfaces that support
  • Multicast routing table
IGMP SnoopingMaximum Groups Number
MVR
  • Maximum Group Number
  • Maximum Member Number
Feature: IPv6 unicast
Host RouteNDP Capacity
IPv6FIBv6
Feature: IPv6 multicast
IPMC
  • Multicast Routing Table
  • Number of interfaces that support
  • Multicast routing table
MVR V6
  • Maximum Entry Number
  • Maximum Member Number
Feature: IP tunnel
IP TunnelTunnel Peer Capacity
Feature: QoS
Per-port Queue Num
  • Unicast Queue
  • Multicast Queue
  • Monitor Queue
Packet BufferSystem Packet Buffer Capacity
Granularity
  • Policer granularity
  • Queue Shape granularity
  • Port Shape granularity
Flow entry
  • Ingress Port qos ipv4 flow entries
  • Ingress Port qos ipv6 flow entries
Feature: ACL
IPv4 ACL
  • Ingress Port acl for IPv4
  • Ingress VLAN acl for IPv4
  • Egress Port acl for IPv4
  • Engress VLAN acl for IPv4
IPv6 ACL
  • Ingress Port acl for IPv6
  • Ingress VLAN acl for IPv6
  • Egress Port acl for IPv6
  • Egress VLAN acl for IPv6
MAC ACL
  • Ingress Port acl for MAC
  • Ingress VLAN acl for MAC
  • Egress Port acl for MAC
  • Egress VLAN acl for MAC
CoPPCoPP rules
UDFUDF rules
Feature: Security
IP Source Guard
  • IPv4 maximum rules Number
  • IPv6 maximum rules Number
802.1x base MACMaximum Entries
DHCP-SnoopingMaximum bound entry
Feature: IPFIX
IPFIXIPFIX Member
Feature: Reliability
BFDMaximum Session Number
S-BFDMaximum Session Number
VRRPMaximum Group Number
Smart Link
  • Maximum Group Number
  • Maximum Instance Number
  • Switchover time
Monitor Link
  • Maximum group Number
  • Maximum up-link Number per group
  • Maximum down-link Number per
MLAGMaximum MLAG Group Number
Feature: Data center
VARPVirtual IP Number per Port15
VXLAN
  • VXLAN tunnel
  • VNI
  • VTEP Peer
  • VXLAN Gateway MAC for DVR
  • 6144
  • 2000
  • 1024
  • 384

Table 5. COMMANDO Marshall C3500 Managed L3+ Core and Data Center Series Modular Routing Switches Specifications

Hardware ParameterHardware Specification
CPU FrequencyDual Core 1.3 GHz
CPU Memory DRAM (GB)16GB
Flash8 GB
Packet Buffer memory72MB
Fixed Ports
  • 24/48*10/100/1000 Base-T all ports (POE/POE+) capable.
  • Modular SFP/SFP+/QSFP 28 ports;
PoE standards supportedIEEE802.3af/IEEE802.3at power on all fixed ports.
Management portConsole port-1, Eth port (Out of band) -1
Reset Button1
Additional DC input power from UPS1
Fan Quantity4
Enclosure Type (Rack-mountable)Rack/Wall-mountable - 1U
Max PoE+ Output Power (single port)30W
Total Power Consumption52W~1600W
PoE Pin-out1/2(+),3/6(-); Customized 4/5(+),7/8(-)
Switching Capacity128 Gbps - 880 Gbps
Forwarding ModeStore and forward/Cut Through
Forwarding Rate190.4 Mpps - 1309 Mpps
Bandwidth880Gbps
MAC Address Table Size114688 entries
Jumbo frames( Bytes)10000
VLAN IDs4094
Management ACL256
Link Aggregation8
Maximum packet length9216bytes
IPv4 routes14,000 (10,000 direct routes and 4,000 indirect routes)
Routing table entries56000
IPv6 routing entries2000
Multicast routing scale1000
Switched Virtual Interfaces (SVIs)1000
QoS scale entries1000
ACL scale entries1600
Packet buffer per SKU6 MB buffers for 24- or 48-port Gigabit Ethernet models
Flexible NetFlow (FNF) entries16,000 flows on 24- and 48-port Gigabit Ethernet models
Environmental
  • Operating Temperature: 0°C~40°C (32°F~104°F)
  • Storage Temperature: -40°C~70°C (-40°F~158°F)
  • Operating Humidity: 10%~90% non-condensing
  • Storage Humidity: 5%~95% non-condensing
FRU Power inAC 100~240V 50/60hz
FRU Fan Quantity2PCS
Dimensions ( W x D x H )4.5 x 36.8 x 44.5
Input Power Supply
  • 100~240V AC, 50/60Hz
  • External Input DC Power:
Lightning Protection±6KV
Weight< 8Kg
LED IndicatorPower, System, Link/Act
Energy SavingEEE Compliant With IEEE802.3az
CertificationCE, FCC

Table 6. COMMANDO Marshall C3500 Managed L3+ Core and Data Center Series Modular Routing Switches basic Hardware Specifications

SR #Product CodeEnclosure TypePortsMain InterfaceUplink InterfacesFan (Number)
1C3500-24+ULRack/Wall mountable - 1U
  • 24 10/100/1000M ports
  • Modular Uplink slots
24 *1GEModular4
2C3500-48+ULRack/Wall mountable - 1U
  • 48 10/100/1000M ports
  • Modular Uplink slots
48 *1GEModular4
3C3500-24P+ULRack/Wall mountable - 1U
  • 24 10/100/1000M PoE+ ports
  • Modular Uplink slots
24 * 1GEModular4
4C3500-48P+ULRack/Wall mountable - 1U
  • 48 10/100/1000M PoE+ ports
  • Modular Uplink slots
48 * 1GEModular4
5C3500-24SFP+ULRack/Wall mountable - 1U
  • 24 1G SFP ports
  • Modular Uplink slots
24 * SFPModular4
6C3500-48SFP+ULRack/Wall mountable - 1U
  • 48 1G SFP ports
  • Modular Uplink slots
48 * SFPModular4
7C3500-24X+2QRack/Wall mountable - 1U
  • 24 10G SFP+ ports
  • 2 100G QSFP+ Uplink slots
24 * SFP+100G QSFP4
8C3500-24X+2CRack/Wall mountable - 1U
  • 24 10G SFP+ ports
  • 2 100G QSFP28 Uplink slots
24 SFP+100G QSFP284

COMMANDO Marshall C3500 Managed L3+ Core and Data Center Series Modular Routing Switches has additional AC input power to mitigate power supply failures. It automatically senses when the internal power supply of a connected device fails and provides power to that device, preventing loss of network traffic and support critical network infrastructure. These series Switches protect from power surges through their inline power supply automatically and have in build Surge protection of ±6KV. With this feature protect on cost and the impact to your business by losing these network devices and thus the users/servers connected to them.

Table 7. COMMANDO Marshall C3500 Managed L3+ Core and Data Center Series Modular Routing Switches Power specifications

SR. No.Product CodePower BudgetMax no. of PoE+ (IEEE 802.3at) PortsDefault Primary Power SupplyOptional secondary power supplyAvailable PoE power with additional secondary power supplyPower Input (Single/Dual)Voltage (Auto Ranging)CurrentFrequency
1C3500-24+UL96W+96WPWR-C3500-500WACAC + AC100 to 240V AC12V to 8A50 to 60 Hz
2C3500-48+UL96W+96WPWR-C3500-500WACAC + AC100 to 240V AC12V to 8A50 to 60 Hz
3C3500-24P+UL500W+500WAll ports up to 30WPWR-C3500-500WACPWR-C3500-500WAC/PWR-C3500-500WAC1000WAC + AC100 to 240V AC52V to 7.77A; 12V to 8A50 to 60 Hz
4C3500-48P+UL800W+800WAll ports up to 30WPWR-C3500-500WACPWR-C3500-800WAC/PWR-C3500-800WAC1600WAC + AC100 to 240V AC52V to 13.54A; 12V to 8A50 to 60 Hz
5C3500-24SFP+UL96W+96WPWR-C3500-500WACAC + AC100 to 240V AC12V to 8A50 to 60 Hz
6C3500-48SFP+UL96W+96WPWR-C3500-500WACAC + AC100 to 240V AC12V to 8A50 to 60 Hz
7C3500-24X+2Q96W+96WPWR-C3500-500WACAC + AC100 to 240V AC12V to 8A50 to 60 Hz
8C3500-24X+2C96W+96WPWR-C3500-500WACAC + AC100 to 240V AC12V to 8A50 to 60 Hz

Bandwidth Specifications

It uses Cut-through as well as Store-and-forward switching which means that the LAN switch copies each complete frame into the switch memory buffers and computes a cyclic redundancy check (CRC) for errors. The switching capacity (backplane bandwidth) of a switch refers to the maximum amount of data that can be transmitted between a switch interface processor or interface card and a data bus. The switching capacity indicates the total data exchange capability of the switch, Switch supports up to 880 Gbps. The stacking allows users to expand their network capacity without the hassle of managing multiple devices. Stackable switches can be added or removed. The Forwarding Rate is a measure of how many packets per second the switch can process for certain sized packets. Forwarding rate, refers to the number of network packets that can be processed by switch. The Forwarding rate is measured in Million packets per second (Mpps).

Table 8.Bandwidth Specifications

SR #Product CodeSwitching Capacity (Gbps)Packet Filtering Forwarding Rates (64-byte packet size Mpps)Mean time between failures MTBF (hours)Heat dissipation (BTU/hr)Switching Method
1C3500-24+UL648482.11404451327.57Cut-through/ Store and forward
2C3500-48+UL696517.82315915327.57Cut-through/ Store and forward
3C3500-24P+UL648482.113156161706.07Cut-through/ Store and forward
4C3500-48P+UL696517.822915642729.71Cut-through/ Store and forward
5C3500-24SFP+UL648482.11315916327.57Cut-through/ Store and forward
6C3500-48SFP+UL696517.82419515327.57Cut-through/ Store and forward
7C3500-24X+2Q640476.16416565327.57Cut-through/ Store and forward
8C3500-24X+2C880654.72316515327.57Cut-through/ Store and forward

Environmental properties specifications

Environmental properties include those physical properties which relate to the environment. Moisture, heat conductivity, the physical effect of heat, Altitude, Humidity and electrical properties depend on the environmental conditions surrounding the device.

Table 9. Environmental properties

PropertyDescription
Operation Temperature0°C to 45°C
Operating temperature and altitudes:
  • 0°C to +45°C, up to 5000 feet (1500m)
  • 0°C to +45°C, up to 10,000 feet (3000m)
  • Minimum ambient temperature for cold start is 32°F (0°C)
  • Short-term* exceptional conditions:
  • 0°C to +55°C, up to 5000 feet (1500m)
  • 0°C to +50°C, up to 10,000 feet (3000m)
  • 0°C to +45°C, at sea level with single fan failure
  • Not more than following in one-year period: 96 consecutive hours, or 360 hours total, or 15 days
Storage Temperature-20° to 70°C
Operating Humidity (relative, noncondensing)10% to 90% (Non-condensing)
Storage Humidity5% to 90%(Non-condensing)

Weight and Dimension specifications

It offers best in class from package dimensions to weight, destination, value, and shipment type. They are suitable for Industry standard Rack/Wall mounting. Industry Standard Rack/Wall mounted describes a unit of electronic equipment that is housed in a metal framework called an equipment rack. Usually, an equipment rack contains multiple "bays," each designed to hold a unit of equipment of standard dimensions.

Table 10. Weight and Dimension

Product CodeWeight (Kilograms)Weight (Pounds)Dimension (Inches (H x D x W))Dimension (Centimeters (H x D x W))
C3500-24+UL5.8Kg12.8lb1.75 x 14.5 x 17.54.5 x 36.8 x 44.5
C3500-48+UL7.8Kg17.9lb1.75 x 14.5 x 17.54.5 x 36.8 x 44.5
C3500-24P+UL5.8Kg12.8lb1.75 x 14.5 x 17.54.5 x 36.8 x 44.5
C3500-48P+UL7.8Kg17.9lb1.75 x 14.5 x 17.54.5 x 36.8 x 44.5
C3500-24SFP+UL5.8Kg12.8lb1.75 x 14.5 x 17.54.5 x 36.8 x 44.5
C3500-48SFP+UL7.8Kg17.9lb1.75 x 14.5 x 17.54.5 x 36.8 x 44.5
C3500-24X+2Q5.8Kg12.8lb1.75 x 14.5 x 17.54.5 x 36.8 x 44.5
C3500-24X+2C5.8Kg12.8lb1.75 x 14.5 x 17.54.5 x 36.8 x 44.5

SFP/SFP+/ QSFP28 ports Slotsspecifications

It has 1, 10, 40 and 100 Gigabit Ethernet fiber based Quad Small Form-Factor Pluggable (QSFP+, QSFP28) and 1, 10, 40, 100 Gigabit Ethernet Small Form-Factor Pluggable Plus (SFP/SFP+/SFP28) switches with granular port densities that fit diverse campus needs. The SFP/SFP+/ QSFP28transceiver is a compact, hot-swappable device that plugs into a physical port of a network device. SFP/SFP+/ QSFP28 optics are used in communication networks and have a transmitting side (Tx) and a receiving side (Rx). The different SFP/SFP+/QSFP28 transceivers work with different wavelengths at an appointed distance. A 1G to 100G solution with QSFP28 preconfigured for up to 100G and can support 1G/10G/40G/100G QSFP+ uplinks.

Table 11. SFP/ SFP+ Specifications

PRODUCT CODESUPPORTING SFP
CMD-SM-1GCOMMANDO CMDFiber GBIC-LX/LH, SFP, 1310nm, MMF/SMF, 550m/10km, DOM, Compatible w/ Cisco GLC-LH-SMD
CMD-MM-1GCOMMANDO GBIC-SX, SFP, 850nm, 550m, MMF, DOM, Compatible w/ Cisco GLC-SX-MMD
CMD-SM-LX-10KCOMMANDO CMDFiber 1000BASE-LX/LH, SFP, 1310nm, MMF/SMF, 550m/10km, LC, DOM
CMD-SM-LH-20KCOMMANDO CMDFiber 1000BASE-LX/LH, SFP, 1310nm, SMF, 20km, LC, DOM
CMD-SM-EX-40KCOMMANDO CMDFiber 1000BASE-EX, SFP, 1310nm, SMF, 40km, LC, DOM
CMD-SM-ZX-80KCOMMANDO CMDFiber 1000BASE-ZX, SFP, 1550nm, SMF, 80km, LC, DOM
CMD-SM-EZX-120KCOMMANDO CMDFiber 1000BASE-EZX, SFP, 1550nm, SMF, 120km, LC, DOM
CMD-ZX-1G-RGDCOMMANDO CMDFiber 1000BASE-ZX, SFP, 1550nm, 80km, SMF, DOM, Extended Distance, Rugged
CMD-LX-1G-RGDCOMMANDO CMDFiber 1000BASE-SX, SFP, 850nm, 550m, MMF, DOM, Short Wavelength, Rugged
PRODUCT CODESUPPORTING SFP
CMD-SM-1GCOMMANDO CMDFiber GBIC-LX/LH, SFP, 1310nm, MMF/SMF, 550m/10km, DOM, Compatible w/ Cisco GLC-LH-SMD
CMD-MM-1GCOMMANDO GBIC-SX, SFP, 850nm, 550m, MMF, DOM, Compatible w/ Cisco GLC-SX-MMD
CMD-SM-LX-10KCOMMANDO CMDFiber 1000BASE-LX/LH, SFP, 1310nm, MMF/SMF, 550m/10km, LC, DOM
CMD-SM-LH-20KCOMMANDO CMDFiber 1000BASE-LX/LH, SFP, 1310nm, SMF, 20km, LC, DOM
CMD-SM-EX-40KCOMMANDO CMDFiber 1000BASE-EX, SFP, 1310nm, SMF, 40km, LC, DOM
CMD-SM-ZX-80KCOMMANDO CMDFiber 1000BASE-ZX, SFP, 1550nm, SMF, 80km, LC, DOM
CMD-SM-EZX-120KCOMMANDO CMDFiber 1000BASE-EZX, SFP, 1550nm, SMF, 120km, LC, DOM
CMD-ZX-1G-RGDCOMMANDO CMDFiber 1000BASE-ZX, SFP, 1550nm, 80km, SMF, DOM, Extended Distance, Rugged
CMD-LX-1G-RGDCOMMANDO CMDFiber 1000BASE-SX, SFP, 850nm, 550m, MMF, DOM, Short Wavelength, Rugged
PRODUCT CODESUPPORTING 1GBE SFP
CMD-TCOMMANDO GBIC-T SFP, Copper, RJ-45, 100m, Standard, Compatible w/ Cisco GLC-T
PRODUCT CODESUPPORTING SFP+
CMD-SR-10GCOMMANDO CMDFiber 10GBASE-SR, SFP+, 850nm, 300m, MMF, DOM, Compatible w/ Cisco SFP-10G-SR
CMD-LR-10GCOMMANDO CMDFiber 10GBASE-LR, SFP+, 1310nm, 10km, SMF, DOM, Compatible w/ Cisco SFP-10G-LR
CMD-ER-10GCOMMANDO CMDFiber 10GBASE-ER, SFP+, 1550nm, 40km, SMF, DOM, Compatible w/ Cisco SFP-10G-ER
CMD-ZR-10GCOMMANDO 10GBASE-ZR/ZW,SFP+, 1550nm, 80km, SMF, DOM, Compatible w/ Cisco SFP-10G-ZR
PRODUCT CODESUPPORTING 1GBE SFP+
CMD-UTP-10GCOMMANDO 10GBASE-T Copper RJ-45, SFP+, Up to 100m, CAT 6a/7
PRODUCT CODESUPPORTING QSFP+
CMD-SR4SM-40GCOMMANDO CMDFiber 40GBASE-SR4, QSFP+, 850nm, 150m, MMF, MTP/MPO, DOM
CMD-LR4SM-40GCOMMANDO CMDFiber 40GBASE-LR4 and OTU3, QSFP+, 1310nm, 10km, SMF, LC duplex, DOM
PRODUCT CODESUPPORTING QSFP28+
CMD-SR4S-100GCOMMANDO CMDFiber 100GBASE-SR4, QSFP28+, 850nm, 100m, MTP/MPO-12, MMF, DOM
CMD-LR4S-100GCOMMANDO CMDFiber 100GBASE-LR4, QSFP28+, 1310nm, 10km, LC duplex, SMF, DOM

Power Supply Specifications

Power supply is a king of all electronic devices without the power supply switch cannot work. Following rating power input required to make switch work.

Table 12. Power supply specifications

Power supply rated maximum240V AC
Input-voltage range and frequency100 to 240V AC, 50 to 60 Hz
Input current12V to 8A
Power cord rating15A

Fan Specifications

It come with dual fans. On the C3500 SKUs, the fan units are field-replaceable, whereas on the fixed C3500 SKUs, the fan units are fixed.

FRU FAN MODELDESCRIPTION
FRU-FAN-30003000 rpm Temperature Control Fan module
FRU-FAN-50005000 rpm Temperature Control Fan module
FRU-FAN-1000010000 rpm Temperature Control Fan module

Included in the bundle/box

All Marshall C3500 Series Switches are made available for use globally along with accessories in the bundle to facilitate for enhance operations.

The switch box comes included with the following accessories:

1x COMMANDO Marshall C3500 Series Switch

1x Power cable

1x Console cable

1x Earthing Cable

1x Stacking Cable (0.5cm)

1x Rack/Wall mountable kit

Support and Warranty

Same-day assistance.
Comprehensive 24-hour support using common communication/chat platforms, Email and Telephone.
Provide FAQs and troubleshooting help online (self-service) through cloud-based solutions.
Highly technical and trained representatives to resolve issues.
One-year default warranty with option of warranty extension up to 5 years
Warranty and Support
Products coveredCOMMANDO Marshall C3500 Series Managed Switches
Warranty durationOne Year RTB (Return To Base) replacement warranty – optionally extendable up to 5 years.
Hardware replacementCOMMANDO, its resellers or its service center will use commercially reasonable efforts to replace the product subject to stock availability. Otherwise, a replacement will be arranged within 15 working days after receipt of the Return Materials Authorization (RMA) request.
End-of-life policyIn case of discontinuation of the product, support is limited to 3 years from announcement date.
Effective dateHardware warranty commences from the date of shipment to customer (and in case of resale by a COMMANDO reseller, not more than 90 days after original shipment by COMMANDO).
Support durationLifetime support.
COMMANDO CareCOMMANDO will provide 24x7 support for basic configuration, diagnosis, and troubleshooting of device-level problems for up to one year from the date of shipment of the originally purchased product. This support does not include solution or network-level support beyond the specific device under consideration.
Online Portal AccessWarranty allows guest access to commandonetworks.com for all available technical queries.

Ordering Information

Table 16 lists ordering information for the COMMANDO Marshall C3500 Managed L3+ Core and Data Center Series Modular Routing Switch .

To place an order, please contact your local reseller/distributor or COMMANDO Sales Representative at www.commandonetworks.com/ordering

Product CodeProduct DescriptionInterfacesPower Budget
COMMANDO Marshall 10/100/1000M Gigabit Ethernet Modular L3 Core Switches
C3500-24G+ULCOMMANDO Marshall C3500 24GE, FRU PWR 75W, Modular Uplinks, Core Switch
  • 24 10/100/1000M ports
  • Modular Uplink slots
-
C3500-48G+ULCOMMANDO Marshall C3500 48GE, FRU PWR 75W, Modular Uplinks, Core Switch
  • 48 10/100/1000M ports
  • Modular Uplink slots
-
COMMANDO Marshall 10/100/1000M Gigabit Ethernet PoE+ Modular Uplinks L3 Core Switches
C3500-24P+ULCOMMANDO Marshall C3500 24GE PoE+, FRU PWR 500W, Modular Uplinks, Core Switch
  • 24 10/100/1000M PoE+ ports
  • Modular Uplink slots
1000W
C3500-48P+ULCOMMANDO Marshall C3500 48GE PoE+, FRU PWR 800W, Modular Uplinks, Core Switch
  • 48 10/100/1000M PoE+ ports
  • Modular Uplink slots
1600W
COMMANDO Marshall 1G SFP with Modular Uplinks L3 Core Fiber Switches
C3500-24SFP+ULCOMMANDO Marshall C3500 24SFP, FRU PWR 75W, Modular Uplinks, Core Switch
  • 24 1G SFP ports
  • Modular Uplink slots
-
C3500-48SFP+ULCOMMANDO Marshall C3500 48SFP, FRU PWR 75W, Modular Uplinks, Core Switch
  • 48 1G SFP ports
  • Modular Uplink slots
-
COMMANDO Marshall 10G SFP+ with 2x 100G QSFP+ Uplinks L3 Core Fiber Switches
C3500-24X+2QCOMMANDO Marshall C3500 24x 10G SFP+, 2x 100G QSFP+ Uplinks, FRU PWR 75W, Core Fiber Switch
  • 24 10G SFP+ ports
  • 2 100G QSFP+ Uplink slots
-
COMMANDO Marshall 10G SFP+ with 2x 100G QSFP28 Uplinks L3 Core Fiber Switches
C3500-24X+2CCOMMANDO Marshall C3500 24x 10G SFP+, 2x 100G QSFP28 Uplinks, FRU PWR 75W, Core Fiber Switch
  • 24 10G SFP+ ports
  • 2 100G QSFP28 Uplink slots
-
Network Modules
Part NumberDescription
C3500-NM-BLANKNo Network Module
C3500-NM-8SFPC3500 8x 1SFP Network Module
C3500-NM-2XC3500 2x SFP+ Network Module
C3500-NM-4XC3500 4x SFP+ Network Module
C3500-NM-8XC3500 8x SFP+ Network Module
C3500-NM-2XTC3500 2x 10GE Network Module
C3500-NM-4XTC3500 4x 10GE Network Module
C3500-NM-8XTC3500 8x 10GE Network Module
C3500-NM-2X+2XTC3500 2x SFP+, 2x 10GE Network Module
C3500-NM-4X+4XTC3500 4x SFP+, 4x 10GE Network Module
C3500-NM-2QC3500 2x QSFP+ Network Module
C3500-NM-4X+2QC3500 4x SFP+, 2x 100GE Network Module
Power Supplies
Part NumberDescription
PWR-C3500-75WAC=C3500 75WAC Power Supply, Spare
PWR-C3500-500WAC=C3500 500WAC Power Supply, Spare
PWR-C3500-800WAC=C3500 800WAC Power Supply, Spare
Stacking Cables
Part NumberDescription
CAB-STACK-SFP-50CMSFP, 50CM Stacking Cable
CAB-STACK-SFP-1MSFP, 1M Stacking Cable
CAB-STACK-SFP-3MSFP, 3M Stacking Cable
CAB-STACK-SFP-5MSFP, 5M Stacking Cable
CAB-STACK-X-50CMSFP+, 50CM Stacking Cable
CAB-STACK-X-1MSFP+, 1M Stacking Cable
CAB-STACK-X-3MSFP+, 3M Stacking Cable
CAB-STACK-X-5MSFP+, 5M Stacking Cable
CAB-STACK-Q-50CMQSFP+, 50CM Stacking Cable
CAB-STACK-Q-1MQSFP+, 1M Stacking Cable
CAB-STACK-Q-3MQSFP+, 3M Stacking Cable
CAB-STACK-Q-5MQSFP+, 5M Stacking Cable
CAB-STACK-XT-50CM10GE, 50CM Stacking Cable
CAB-STACK-XT-1M10GE, 1M Stacking Cable
CAB-STACK-XT-3M10GE, 3M Stacking Cable
CAB-STACK-XT-5M10GE, 5M Stacking Cable
Power Codes
Part NumberDescription
CAB-AC-UKAC power Cord, UK, C13, BS 1363, 2.5m
CAB-AC-EUAC power Cord, Europe, C13, CEE 7, 1.5M
CAB-AC-USAC Power Code, 15A, right angle, United States
CAB-AC-CNAC Power Cord, China, 10A, IEC 320, C13 (APN=CS-PWR-CH)
CAB-AC-AUAC Power Cord, Australia/China, C13, AS 3112, 2.5m

Document History

ReleaseNew or RevisionDescribed inDate
Release 1First ReleaseFirst ReleaseJanuary 4, 2021
COMMANDO Networks Whatsapp
COMMANDO Networks Telegram