COMMANDO Soldier E3000 Series Stackable Routing Switches Datasheet

E3000 Switches

Product Overview

COMMANDO Soldier E3000 Series switches are L3 Aggregation and Access Series Routing Switches are fully managed L3+ having 1, 10 (SFP, SFP+) switch ports with PoE/PoE+ IEEE 802.3 af/at (15.4W, 30W) compliant or Non PoE models plus additional fiber/copper ports for physical stacking or uplink uplinks with network resiliency and high availability which delivering robust performance and intelligent switching for growing networks. This series switches are easy to deploy, use, manage and designed exclusively for enterprise-class aggregation layer and as edge networks Switches, specially built for Security, IoT, and Cloud networking needs of growing businesses, high-end campus networks for Small-Medium Business (SMB). Designed for operational simplicity to lower total cost of ownership, they enable scalable, secure, and energy-efficient business operations with intelligent and automated services. This intelligent managed routing switches designed for networks requiring High performance, High port density, High uplink bandwidth, Flexibility, Fault Tolerance, and Advanced Software features for maximum Return on Investment (ROI). Switch models are designed for stacking switches as a single virtual switch, enabling customers to have a single management plane and control plane for up to 288 access ports with full PoE/PoE+ capability on all ports, power and fan redundancy, stacking bandwidth up to 160Gbps, uplink uplinks, Layer 3 feature support static and dynamic routing, these are optimized for today’s surveillance, mobile and IoT needs. Designed for operational simplicity to lower total cost of ownership, they enable scalable, secure, and energy-efficient business operations with intelligent and automated services.

It has high performance fiber/copper 10G / 1G ports which helps it to meet the requirement of High end campus LAN, Metro/Enterprise networks. Each switch is capable to deliver 15.4W PoE, 30W PoE+ power on all ports along with automated power (ON/OFF) scheduling with IEEE 802.3af compliant PoE (Power over Ethernet), 802.3at compliant PoE+ (Power over Ethernet plus) and having power budget up to 900W. Switches are PoE/PoE+ capable to provide power across all access ports for wireless APs, security cameras, and other IoT devices which are used in surveillance. These switches are powerful and flexible enough for users to deploy PoE/PoE+ standard supplies up to 30W of power per port which is backward compatible with 15.4W PD which makes it ideal for applications using high power wireless access points, PTZ (Pan Tilt Zoom) IP cameras, Surveillance cameras, 802.11ac and 802.11ax access points, small cells, and connected LED lighting devices over longer distances up to 250 meters.

It’s software includes OSPF, RIP, Static route, QoS Traffic classification based on Layer 2, Layer 3, Layer 4, and priority information Actions including ACL, CAR, and re-marking, Queue scheduling modes such as PQ, WFQ and PQ+WRR, Congestion avoidance mechanisms, including WRED and tail drop, Traffic shaping, SNMPv1/v2c/v3, Zero Touch Provisioning (ZTP), 802.1x authentication, RADIUS and TACACS+ authentication for login, DoS, ARP, MAC address attacks, broadcast storms, and heavy-traffic and ICMP attack defenses, Remote Network Monitoring (RMON).

These switches have advanced Security features, and advanced Quality of Service (QoS), ideal for all organizations considering reliable, affordable hardware with well known CLI and simple Web managed real time interface. Automated PoE/PoE+ scheduling, Scripting capabilities, Layer 3 routing, Automatic MDIX and Auto-negotiation on all ports select the right transmission modes (half or full duplex) as well as data transmission for crossover or straight-through cables dynamically. Moreover, with its innovative energy-efficient technology, can save up to 58% of power consumption, making it an eco-friendly perfect solution for your business network. These switches come with lifetime free software upgrades and patching to enhance features and supports patching, which provides fixes for critical bugs and security vulnerabilities between regular maintenance upgrades. This support allows customers to add new features and upgrades without having to pay a single dollar.

It has a 4K-entry VLAN table which provides VLAN classification according to port-based, protocol-and-port-based, MAC-based, and Flow-based capability. It also supports IVL (Independent VLAN Learning), SVL (Shared VLAN Learning), and IVL/SVL (both Independent and Shared VLAN Learning) for flexible network topology architecture. It provides IEEE802.1ad (Q-in-Q) for double tag insertion and removal function. In additions, VLAN translation function is also supported for Metro Ethernet applications with up to 16K entries L2 MAC table are supported with 2-left 4-way hashing algorithm which can effectively reduce collision ratio. An independent 4K-entry Multicast table is used to support Multicast functions, such as IGMP snooping. The device supports a 4K-entry VLAN/Ingress/Egress Access Control List (ACL). The ACL function supports L2/L3/L4 match fields and performs configurable actions, such as Drop/Permit/Redirect/Mirror/Logging/Policing/Ingress VLAN conversion/Egress VLAN conversion/QoS remarking/VLAN tag status assignment. Per-port ingress/egress bandwidth control and per-queue egress bandwidth control are supported. The device provides three types of packet scheduling, including SP (Strict Priority), WFQ (Weighted Fair Queuing), and WRR (Weighted Round Robin). Each port has 8 physical queues and each queue provides a leaky-bucket to shape the incoming traffic into the average rate behavior. The Broadcast/Multicast/Unknown-Multicast/Unknown-Unicast storm suppression function can inhibit external and internal malicious attacks. The device supports 4-sets of port mirror configurations to mirror ingress and egress traffic. RSPAN, sFlow are also supported for traffic monitoring purposes. For network management purposes, complete MIB counters are supported to provide forwarding statistics in real time. The Link aggregation function enhances link redundancy and increases bandwidth linearly. It offers robust QoS to optimize traffic on your Business Network, these switches provide (Port-based/802.1p/DSCP) QoS to keep latency-sensitive video and voice traffic jitter-free moving smoothly. Additionally, port-based, tag-based VLAN, Voice VLANs can improve security and meet more network segmentation requirements. This series switches also have provisioning of QOS, Static and dynamic routing for IPV6 clients.

Product Highlights

COMMANDO Soldier E3000 L3 Aggregation and Access Series uplink Routing Switches are Carrier Grade high-performance switch which helps it to meet the requirement of High end campus, Metro/Enterprise networks.

Varied Port Types

Supports inbuild up to 16/24 GigaEthernet ports along with uplink ports and stacking capacity up to 288 ports.
Support varied management interfaces, include RJ-45 Console port / USB Console port.
Support Uplinks having capacity 10G/1G ports to meet requirement in surveillance and IOT networks which cover up to 120Km with fiber connectivity of SFP+/SFP up to 10G modules and also has 10G/1G copper modules.

Intelligent PoE/ PoE+ with Automated Scheduling

Automates the PoE/PoE+ requirements in networks on per port basis.
Advanced per port PoE/PoE+ controls for remote power management to automate ON/OFF of PoE/PoE+ capable devices on particular specified timing per port basis.
Auto ON/OFF PoE/PoE+ as per Scheduled time which makes them intelligent.

Higher Serviceability and Return on Investment (ROI)

Lower CAPEX: Ensures network scalability and reduces investment in devices. Lowers Total Cost of Ownership with reduced cabling (lowers Capex).
Lower OPEX: Using one physical device to implement multiple logical devices saves space in equipment room and reduces the cost of device maintenance and also no license fees (Lowers OpEx) lifetime free software upgrades and patching to enhance features and supports patching, which provides fixes for critical bugs and security vulnerabilities between regular maintenance upgrades. This support allows customers to add upgrades without having to pay a single dollar.
Supports and Use Open standard protocols, so interoperable with devices from other vendors, enabling long-term network evolution.
Supports IP packet fragmentation and reassembling, enabling oversized IP packets to travel across a WAN network without limited by the MTU. The switch can also identify fragmented packets to seamlessly interconnect with routers.

High-performance IP routing

Supports routing protocols which includes static route and dynamically learned route with protocols like Routing Information Protocol (RIP) version 1 and 2 and next generation (RIPng), Open Shortest Path First (OSPF) Version 1/2/3 also supports load balancing and for constructing scalable LANs. Support up to 16000 MAC address tables, 6000 IP routing table entries, up to 6000 host routes and dynamic routing is supported by hardware with maximum performance.
Protocol-Independent Multicast (PIM) for IP multicast routing is supported with direct route up to 4000, including PIM Sparse Mode (PIM SM), bidirectional PIM, and Source-Specific Multicast (SSM).
IPv6 addressing and routing is supported along with monitoring and troubleshooting commands.

Inter-device Link Aggregation, High Efficiency and Reliability

Support link aggregation LAG/LACP with 26 group and can extend up to 128 groups with stacking which enables links of multiple switches to aggregate into one to implement device-level link backup. Switches in an LAG all work in active state to share traffic and back up each other, enhancing system reliability.
8 Ports can be aggregated in to single LAG/LACP group which allowing flexible networking.

High Reliability and Fault tolerance

Powered by Hot-swappable power modules which supports AC/AC 1+1 redundancy.
Fans support up to 4 with front-to-back airflow design suits equipment rooms and network racks and the innovative energy conservation technologies greatly reduce power consumption.
Support Real-time environment monitoring technology to detect the chipset temperature, status of fan and power, etc.
Support LACP / VRRP / VARP / STP/RSTP/MSTP / Load-Balancing, etc. to protect the network traffic all-around effectively.

L2 to L4 QoS Control

Provides 13 hardware queues per-port (8 unicast queues, 4 multicast queues, and 1 monitor queue).
Support multi-stage scheduling technology such as WDRR (Weighted Deficit Round Robin) / SP (Strict Priority) and TD (Tail Drop) / WRED (Weighted Random Early Detection) to prevent congestion.
Traffic classification based on COS/DSCP (simple classification).
Traffic classification based on ACL (complex classification), Traffic classification based on inner header of the tunnel packets.
Queue scheduling with Remark the priority fields (COS/DSCP) of the packet based on ACL or Remark the priority fields (COS/DSCP) of the packet based on the Table.
Flow redirection, Flow mirror with traffic policing based on direction (in/out) of Port, Traffic policing based on direction (in/out) of VLAN, Traffic policing based on direction (in/out) of flow, Traffic policing based on direction (in/out) of aggregated flow Queue based traffic shaping, and Port based traffic shaping.
Supports scheduling like SP (Strict Priority) scheduling, WDRR (Weighted Deficit Round Robin) scheduling, TD(Tail Drop) WRED (Weighted Random Early Detection).
Packet counts and bytes statistics based on traffic classification, Packet counts and bytes statistics based on the color after traffic, Forwarded and discarded packet counts and bytes statistics, ECN tags based on Tail Drop, ECN tags based on WRED
Support flexible queue scheduling mechanism to do the shaping for queue or port traffic.
Ingress and egress policer provide intelligent bandwidth monitoring, which support to adjust the granularity according to the port speed.
Offers high bandwidth for Triple-Play services such as IPTV, video monitoring. The built-in QoS capabilities and flexible queuing technologies guarantee high quality of services.
Rich multicast protocol set (IGMP Snooping, IGMP v1/v2, PIM-SM) support up to 1000 multicast groups and 1K logical replications per group. With SoldierOS software, IPTV service and multicast latency control are fully supported.
Supports Tunneling with L3 GRE, 6 to 4, ISATAP, IP-in-IP, Configured Tunnel.

MulticastSecurity

Supports subscriber-class / switch-class / network-class security control.
IPv4 / IPv6 / MAC ACL can filter IPv4 / IPv6 / Non-IP packet respectively. Besides that, extended IPv4/IPv6 ACL which can match Layer 4 / layer 3 / layer 2 information in one rule is available. The ACLs can apply to physical ports / VLAN / port group / VLAN group. The members of port group or VLAN group share a set of ACLs and save the TCAM resource.
ARP Inspection and IP Source Guard features prevent network from malicious ARP attack.
Support CPU Traffic Protection, Storm Control and CPU load optimization features and hardware watchdog function.
Support centralized 802.1x authentication feature to forbidden illegal user accessing network.

Convenient Management features

Support varied management interfaces, include RJ-45 console port / USB console ports/ Mini USB port.
Support SNMP v1/v2/v3, Support CLI (Command Line Interface), web management, Telnet and FTP connection.
Support SSH 2.0, SSL, etc. to ensure security of management.

System Design for Green and Energy Saving

Support Intelligent FAN speed adjustment technology with maintenance redundancy and help to build a green and energy saving switches.
IEEE 802.3az Energy Efficient Ethernet (EEE) to reduce power dissipation during periods of low packet traffic.

Features and Benefits

High-speed Performance with dual input power

Supports 10GE/1GE Fiber ports along with 10G/1G copper ports along with uplink ports and stacking capacity up to 288 ports and dual power card are suitable for critical Infrastructure networks. With the comprehensive inter-device link aggregation with LACP, LAG, etc with 16000 entries MAC address tables, up to 16MB Packet Buffer memory, 12000 bytes Jumbo Frames, Ipv4/IPv6 with 6000 static routing entries and up to 6000 entries in routing table.

Intelligent PoE/ PoE+ with Intelligent scheduling

Scheduling automate the PoE/PoE+ requirements in networks along with automatic PD detection on ports and auto PD Power rating and requirement. Advanced per port PoE/PoE+ controls for remote power management to automate ON/OFF of PoE/PoE+ capable devices on particular specified timing per port basis with auto ON/OFF PoE/PoE+ as per Scheduled time which makes them intelligent.

Auto MDIX Capabilities

Auto sensing/Auto PoE/PoE+ 10/100/1000 ports with auto MDIX capabilities which also removes speed and duplex mismatches automatically as well as covers larger physical distance with copper pairs compared to other brands best switches.

L3 Features

Supports static route, default route, dynamically learned route and dynamic routing protocol with protocols set like RIPv1, RIPv2, RIPng, OSPFv1/2/3. It also has PIM including PIM SM , bidirectional PIM, and Source-Specific Multicast (SSM). It also has QoS, ACLs( Port based/ IP based/ MAC Based), DHCP Server and Client, DHCP Snooping, DHCP Snooping option82, DHCP Relay.

Watchdog Function

This ensures high availability which is used to protect a system from specific software or hardware failures that may cause the system to stop responding and self-recover from hanged state.

L2+/L2 Features

This series is having advance L2+/L2 features like Port aggregation with 8 ports, VLAN, Voice VLAN, Surveillance VLANs Spanning Tree (STP, RSTP, MST), GVRP, 802.1X authentication, centralized MAC authentication, Guest VLAN, RADIUS authentication, SSH 2.0, Port isolation, Port security, MAC address learning limit, IP Source guard, Dynamic ARP inspection, Preventing man-in-the-middle attacks and ARP DoS attacks, IP/Port/MAC binding. Flexible Software features provides wide range of Layer 2 functions like VLAN, Multicasting, and Quality of Service (QoS), Security.

Secure Networking

IEEE 802.1X port-based access control with surveillance VLAN, Port Security, Protected Port which also Prevent ARP Spoofing. L4/L3/L2 access control lists (ACLs) for granular network access control including 802.1x port authentication. ACL, L4 to L2 feature restricts access to sensitive network resources. DHCP Snooping ensures IP address allocation integrity by only allowing DHCP messages from trusted DHCP servers and dropping malformed DHCP messages with a port or MAC address mismatch. With DHCP Snooping binding and option82 enabled, it can combine dot1x and ARP. IP-MAC-Port-VID Binding, Port Security, Storm control which protect against broadcast storms. The switches support ARP attack and DoS attack prevention to safeguard the network.

Multicast

IGMP Snooping (v1,v2,v3), Multicast Listener Discovery (MLD) (v1/v2), Multicast VLAN Registration (MVR) designed for distribution of multicast traffic across segregated access networks which enables more efficient distribution of multicast streams in Layer 2 network.

QoS Features

Advanced QoS (Quality of Service) for traffic prioritization including port based, 802.1p and L4/L3/L2 DSCP based. L4/L3/L2 QoS optimize voice and video applications. Access Control List based, VLAN ID based IP precedence, COS and DSCP. Policy Based on Port & VLAN, Remark DSCP, COS/ 802.1p, Precedence, COS for SP, WRR for Scheduling and matching the IP fragmentation of message.

Easy Management

With familiar and popular Command Line interface (CLI), there is no need for engineers to be hired or additional resources to be spent on training and/or learning the switch CLI. The command set are familiar and well known in the industry. Web Graphical User Interface (Web GUI), Command Line interface (CLI), RADIUS/TACACS+ with industry standard CLI and easy to use Web GUI. Management is made easy via a Web GUI or industry-standard Command Line Interface (CLI), with administration traffic protected via SSL or SSH encryption. SNMP (v1/v2c/v3) and RMON support enables the switch to be polled for valuable status information and allows it to send traps when abnormal events occur. This series is having Layer 3 Core and Data Center features, which are highly reliable, conformance to international open standards, durable, serviceable, aesthetics, perceived quality, enhanced performance with larger range with copper cables and usability leads to value to money. Easy Management via lots of options like Web-based Graphical User Interface (WEBUI), Industry standard Command Line interface (CLI) via console, USB console port, telnet, SSH, HTTP, HTTPS and Putty.

Lifetime Free Software Licensing and Upgrades

.

SoldierOS Software license and Upgrades are free for lifetime. Users do not have to worry about switch license expiring and software getting outdated and purchasing license (which is constant concern and worry of few other brands) This series has improved HTTP base firmware upgrade as well as CLI based upgrades which are freely available to all users without any cost or license fee for lifetime. It is easy to install, configure, monitor, and troubleshoot. It significantly reduces cost of administration and Total Cost of Ownership (TCO).

Flexible Service Control

With various ACLs to flexibly control ports. It also supports Port-based VLAN assignment, MAC address-based VLAN assignment, Protocol-based VLAN assignment, and Network segment-based VLAN assignment. These secure and flexible VLAN assignment modes are used in networks where users move frequently. It also supports GARP VLAN Registration Protocol (GVRP), which dynamically distributes, registers, and propagates VLAN attributes to ensure correct VLAN configuration and reduce network administrator workloads. This series switches supports SSH v1/v2/v3, RMON, port-based traffic statistics, LLDP/LLDP-MED.

Compact Design with Flexibility of additional ports

The switches provide additional deployment flexibility, fiber connectivity for easy expansion of your networks up to 120Km. So, you can directly connect to a high-performance storage server or deploy a long-distance uplink to another switch.

Perfect for Noise-Sensitive Environments

This series comes with fans along with Small form-factor, for silent operation. Perfect for noise sensitive environments. Fan based Switches have Temperature- and load-based fan-speed up to 10000 rpm control combines accurate monitoring with minimized system acoustic noise. The Fan based switches also feature built-in smart fans that monitor and detect temperature changes, adjusting the fan speed for maximum efficiency. At lower temperatures, the fans run at a lower speed, reducing both the power consumption and noise output of the switch.

Zero Maintenance

Cost efficient switches, with a reasonable PoE/PoE+ power budget up to 900W along with PoE/PoE+ configurable scheduler which is backward compatible with all PD to automated Power ON/OFF connected PoE/PoE+ devices as per scheduled timing with Cost of ownership is less compared to other products of same features as well as zero maintenance. Maximum power reduction for ongoing operation cost savings.

Easy Debugging and Troubleshooting

Ping, Traceroute, SNMP, RMON, Web based real time Switch ports monitoring with WEBUI and CLI can easily troubleshoot any problem in network with various show and debug commands.

State of art quality switches that can serve real time high-speed performance which covers longer physical distance up to 250 meters with copper pairs compared to other brands.

Software

COMMANDO SoldierOS IP base switches delivers IPv4/IPv6 rich services for mid-enterprise edge and SMB aggregation along with uplinks. It supports advanced Layer 2, Layer 3 and Layer 4 feature set with no license required to activate. It has advanced classifier-based, time-based hardware implementation for L2 (MAC), L3 (IP) and L4 (UDP/TCP transport ports) security and prioritization, Port-Channel / LAG (802.3ad - 802.1AX), LLDP-MED IP phones automatic, QoS and VLAN configuration, DOT1X, Comprehensive IPv4/IPv6 static and dynamic routing including Proxy ARP, OSPF, High performance IPv4/IPv6 multicast routing with PIM, Advanced IPv4/IPv6 security implementation including malicious code detection, DHCP Snooping, IP Source Guard protection and DoS attacks mitigation. Well known Industry standard SNMP, RMON, LLDP, AAA, sFlow, RSPAN , Standard RS232 straight-through serial RJ45, Standard USB port for local storage, logs, configuration or image files, Industry standard command line interface (CLI) with well known commands by networking experts. Fully functional Web console (Web GUI) for Network admins who prefer an easy to use, yet advance graphical interface.

Enhance Security using Traffic control MAC Filter and Port Security help restrict the traffic allowed into and out of specified ports or interfaces in the system to increase overall security and block MAC address and avoids flooding issues. DHCP Snooping monitors DHCP traffic between DHCP clients and DHCP servers to filter harmful DHCP message and builds a bindings database of (MAC address, IP address, VLAN ID, port) that are considered authorized in order to prevent DHCP server spoofing attacks. IP source guard and Dynamic ARP Inspection use the DHCP snooping bindings database per port and per VLAN to drop incoming packets that do not match any binding and to enforce source IP / MAC addresses for malicious users traffic elimination.

Time-based Access Control Lists (ACLs) can be bound to ports like Layer 2 interfaces, VLANs and LAGs, management ACLs on CPU interface (Control Plane ACLs) are used to define the IP/MAC or protocol through which management access is allowed for increased HTTP/HTTPS or Telnet/SSH management security. Bridge protocol data unit (BPDU) Guard, Dynamic 802.1x VLAN assignment mode, TACACS+ and RADIUS enhanced administrator management provides strict "Login" and "Enable" authentication enforcement for the switch configuration, Superior quality of service with advanced classifier-based hardware implementation for Layer 2 (MAC), Layer 3 (IP) and Layer 4 (UDP/TCP transport ports) prioritization. Advanced rate limiting with 16 Kbps granularity and minimum guaranteed bandwidth can be associated with time-based ACLs for best granularity. DiffServ feature applied to class maps. Automatic Voice over IP prioritization with protocol-based (SIP, H323 and SCCP) or OUI-based Auto-VoIP for simultaneous voice calls. UDLD detects unidirectional links physical ports (UDLD must be enabled on both sides of the link in order to detect a unidirectional link). It can be used for various applications and network sizes in data centers and high-end campus networks, featuring network scaling, automation, programmability, and real-time visibility. Following is a summary of software features

Longer Distance CoverageL3 Features

Static Route
Dynamic Routing,RIPv1/v2/v3,OSPF v1/v2/v3
Policy-based Routing(PBR) for IPv4 and Ipv6
VRRP
IGMP v1/v2/v3, IGMP Proxy
Static Multicast Route
Multicast Receive Control
Illegal Multicast Source Detect
ARP Guard, Local ARP proxy, Proxy ARP, ARP Binding, Gratuitous ARP, ARP Limit
Dynamic ARP Inspection (DAI)
DNS Server, Client, DNS Relay

IPv6 Features

ICMPv6,ND,DNSv6
RIPng,OSPFv3,BGP4+
MLD Snooping,IPv6 Multicast VLAN
MLDv1/v2, IPv6 ACL, IPv6 QoS

QoS

13 Queues
SP, WRR
Traffic Classification Based on 802.1p COS, ToS, DiffServ DSCP, ACL, port number
Traffic Policing
PRI Mark/Remark
Surveillance VLAN

ACL

IP ACL ,MAC ACL,IP-MAC ACL
Standard and Expanded ACL Based on source/destination IP or MAC,IP Protocol,
TCP/UDP port, DSCP, ToS, IP Precedence), VLAN, Tag/Untag, CoS
REDIRECT and Accounting based ACL
Rules can be configured to port, VLAN, VLAN routing interfaces
Time Ranged ACL

Security

802.1x AAA
Port, MAC based authentication
Accounting based on time length and traffic
Guest VLAN and auto VLAN
RADIUS for IPv4 and Ipv6
TACACS+ for IPv4 and Ipv6

DHCPv4/v6 Traffic Monitor

DHCP Server/Client for IPv4/IPv6
DHCP Relay/Option 82
DHCP Snooping/Option 82

Tunneling

L3 GRE
6 to 4
ISATAP
IP-in-IP
Configured Tunnel

L1, L2 Features

IEEE802.3(10Base-T),
IEEE802.3u(100Base-TX),
IEEE802.3z(1000BASE-X),
IEEE802.3ab(1000Base-T),
IEEE802.3ae(10GBase), IEEE802.3x,
IEEE802.3ak(10GBASE-CX4)
Port loopback detection
LLDP and LLDP-MED
UDLD
802.3ad LACP, 26 Trunk group and with stacking can be extended to 128 trunks group with max 8 ports
LACP load balance
N:1 Port Mirroring
RSPAN
ERSPAN
IEEEE802.1d(STP)
IEEEE802.1w(RSTP)
IEEEE802.1s(MSTP)
Root Guard
BPDU Guard
BPDU Tunnel
IP Source Guard
802.1Q, 4K VLAN
MAC VLAN, Voice VLAN, Protocol VLAN, Multicast VLAN
QinQ, Selective QinQ, Flexible QinQ
GVRP
N:1 VLAN Translation
Broadcast / Multicast / Unicast Storm Control
IGMP v1/v2/v3 Snooping and L2 Query
ND Snooping
MLDv1/v2 Snooping
Port Security
Flow Control: HOL, IEEE802.3x
Bandwidth Control

Traffic Monitor

sFlow Traffic Analysis

Security Network Management

CLI, WEB, Telnet, SNMPv1/v2c/v3 through IPv4 and IPv6
Syslog and external Syslog Server HTTP SSL
SNMP MIB, SNMP TRAP
FTP/TFTP
SNTP/NTP
RMON 1,2,3,9
Authentication by Radius/TACACS
SSH v1/v2
Dual firmware images/ Configuration files

GREEN Features

IEEE 802.3az (Energy Efficient Ethernet)
Auto FAN Speed Control, Temperature Alarm
LED Shut-Off

MIB (Management Information Base) counters

TCP/IP-based MIB-II (RFC 1213)
Ethernet-like MIB (RFC 3635)
Interface Group MIB (RFC 2863)
RMON (Remote Network Monitoring) MIB (RFC 2819)
Bridge MIB (RFC 1493)
Bridge MIB Extension (RFC 2674)

Table 1. COMMANDO SoldierOS IP base software Features

FunctionDescription
Standards and Protocols
  • IEEE 802.3af, Power Over Ethernet
  • IEEE 802.3at, Power Over Ethernet Plus
  • IEEE 802.3u,100BASE-TX
  • IEEE 802.3ab,1000 BASE-T
  • IEEE 802.3z,1000 BASE-X
  • IEEE 802.3ad, Static or Dynamic Link Aggregation
  • IEEE 802.3x, Full-Duplex Flow Control
  • IEEE 802.3az, EEE (Energy Efficient Ethernet)
  • IEEE 802.1q, VLAN
  • IEEE 802.1p, QoS/CoS
  • IEEE 802.1d, STP (Spanning Tree Protocol)
  • IEEE 802.1w, Rapid Spanning Tree Protocol
ETHERNET BASIC FEATURES
  • Ethernet interface operating modes: full duplex, half duplex, and auto-negotiation
  • Ethernet interface operating rates
  • Jumbo frames (12000 bytes)
  • Flow-control tx/rx
  • Port based storm-control
  • Port-block (know-unicast/unknow-unicast/know-multicast/ unknown multicast/broadcast)
  • Uni-direction isolate
  • L2 Protocol Tunnel
  • Support DOT1X/LLDP/SLOW-PROTO/STP/RSTP/MST)
  • Store-and-forward
MAC Address Table
  • Support auto-update, two-way learning
  • Automatic learning and aging of MAC addresses
  • Hardware Learning
  • Static and dynamic MAC address entries
  • Blackhole MAC
  • MAC Flapping detect
  • Port Bridge
VLAN
  • Port-based VLANs
  • 4094 Vlans
  • VLANs based on IEEE 802.1q
  • Access/Trunk
  • Default VLAN
  • VLAN Classification (port based/mac based/ip based/protocol based)
  • Basic QinQ
  • Selective QinQ
  • Selective QinQ
  • VLAN Mapping 1:1 VLAN Translation
  • VLAN Statistics
  • Private VLAN
  • Voice VLAN
  • Guest VLAN
  • Surveillance VLAN
Spanning Tree
  • Support Rapid Spanning Tree Protocol (Default Setting)
  • Support Spanning Tree Protocol
  • Support Multiple spanning Tree
  • Multi-instance Spanning-Tree Protocol
  • BPDU Filter/Guard
  • Root Guard
  • Loop Guard
  • Anti TC-BPDU attack
Link Aggregation
  • Support 26 aggregation groups can be extended to 128 groups with stacking and maximum of 8 ports in each aggregation group
  • Static aggregation and LACP
Port Mirroring
  • Support bi-direction port mirroring
  • RSPAN function for remote mirroring
Port IsolationIsolation between downlink ports without influence the communication between downlink and uplink ports
Port Flow Control
  • Back-pressure traffic control under Half-Duplex mode
  • IEEE 802.3x traffic control under Full-Duplex mode
Port Rate RestrictionPort-based ingress or egress rate limiting
DHCPDHCP Server, Client, Relay, Snooping, Option-82
Storm SuppressionSupport the suppression of broadcast storm based on forwarding rate
Multicast ControlSupport IGMPv1/2/3 and MLDv1/2 Snooping;
Security
  • Attack Prevention(Land attack/Blat attack/Ping attack/TCP control flag attack)
  • MAC & Port based Security
  • IP, MAC, Port based ACL, VLAN ACL
  • ARP binding
  • TCP/UDP port-based Security
QOS
  • 802.1p(Port Queuing Priority)
  • WRR (Weighted Round Robin)
  • Cos/Tos, QOS
PoE
  • PoE /PoE+( IEEE 802.3af/IEEE 802.3at )
  • Intelligent restart for PoE/PoE+ Scheduling
  • Timed restart as per Scheduled time
Physic Medium
  • 10/100Base-TX:UTP category 5/5e/6 cables ( Maximum 250m)
  • 1000Base-T:UTP Category 5/5e/6 cable ( Maximum 250m )
  • 1000Base-SX:fiber with 850nm wavelength, supports a max transmission distance of 550m
  • 1000Base-LX:fiber with 1310nm / 1550nm wavelength, supports a max transmission distance of 120km
  • Up to 24 ports and can support 10G QSFP+, 1G SFP.
Network Cable DeploymentSupport Auto-MDIX function, automatically identify straight forward cable and cross-over cable
Negotiation PatternSupport port auto-negotiation function (automatically negotiate transmission rate and Duplex modes)
Loopback DetectLoopback-detection
Layer 2 multicast
  • IGMPv1/v2/v3 Snooping
  • Fast leave
  • Static IGMP snooping group
  • MVR- Multicast VLAN Registration
ARP
  • Static and dynamic ARP entries
  • Aging of ARP entries
  • Gratuitous ARP
  • Basic ARP-Proxy
  • Local ARP-Proxy
IPv4 Unicast Routing
  • IPv4 Static Routes
  • RIPv1/v2/ng
  • OSPFv1/2/3
  • Route-map
  • IPv4 prefix-list
  • PBR -Policy-based Routing
  • ICMP redirect
  • ICMP unreachable
IPv4 Multicast Routing
  • IGMPv1/v2/v3
  • IGMP-Proxy
  • IGMP SSM Mapping
  • PIM-SM
  • PIM-SSM
  • PIM-DM
IPv6 Basic Protocol
  • ICMPv6
  • NDP
  • PMTU
IPv6 Unicast routing
  • IPv6 Static Route
  • RIPng
  • OSPFv3
IPv6 Multicast routing
  • MLD v1/v2
  • MLD v1/v2 Snooping
  • MVR6
  • PIM-SM v6
IP Tunnel
  • IP in IPv4 Tunnel
  • 6to4 Tunnel
  • ISATAP Tunnel
  • L3 GRE
  • Configured Tunnel
IPv6 Service
  • DHCPv6 Relay
  • DHCPv6 Snooping
  • IPv6 Prefix-list
Traffic classification
  • Traffic classification based on COS/DSCP (simple classification)
  • Traffic classification based on ACL (complex classification)
  • Traffic classification based on inner header of the tunnel packets
Traffic behaviors
  • Queue scheduling
  • Remark the priority fields (COS/DSCP) of the packet based on Table Map
  • Flow redirection
  • Flow mirror
Traffic policing
  • Traffic policing based on direction(in/out) of Port
  • Traffic policing based on direction(in/out) of VLAN
  • Traffic policing based on direction(in/out) of flow
  • Traffic policing based on direction(in/out) of aggregated flow
Traffic shaping
  • Queue based traffic shaping
  • Port based traffic shaping
Congestion management
  • SP- Strict Priority scheduling
  • WDRR - Weighted Deficit Round Robin scheduling
Congestion avoidance
  • TD-Tail Drop
  • WRED - Weighted Random Early Detection
Traffic statistics
  • Packet counts and bytes statistics based on traffic classification
  • Packet counts and bytes statistics based on the color after traffic policing
  • Forwarded and discarded packet counts and bytes statistics
VRRP
  • VRRP
  • Track for VRRP
Smart Link
  • Multi-instance
  • Load balance
  • Multi-Link
  • Monitor-link
AAA
  • Authentication
  • Authorization
  • Accounting
Dot1x
  • Port based dot1x
  • MAC based dot1x
  • Guest VLAN
ACL
  • MAC/IP ACL
  • Basic Mode ACL
  • Port-group ACL
  • VLAN-group ACL
  • IPv6 ACL
  • ACL UDF
  • Time Range
Port SecurityLimitation on MAC address learning on interface
VLAN SecurityLimitation on MAC address learning on VLAN
COPP
  • Black list/white list
  • Rate limit
CPU Traffic LimitCPU Traffic Limit
Prevent DDOS attackPrevent DDOS attack (ICMP Flood/Smurf/Fraggle/LAND/SYN Flood)
Login filter
  • Telnet/SSH ACL filtering
  • Telnet/SSH IPv6 ACL filtering
MAC SecurityMacSec (802.1AE)
Link-Flapping detectionLink-Flapping detection
Terminal Services
  • Configurations through CLI (Command Line Interface)
  • Banner configuration
  • Vty Terminal service
Configuration Management
  • USB Console management interface and configuration
  • Privileged user priority and privileged commands
  • Network management based on SNMPv1/v2c/v3
  • Public and private MIB
  • Public and private Trap
  • Configuration and management based on WEB GUI
  • Smart Config-Automatically configuration when system start
  • Restore factory default configuration
File System
  • File system (support directory and file management)
  • Upload and download files through FTP or TFTP and HTTP
Debugging And Maintenance
  • Per-module Debug features
  • ICMP Debug
  • Hardware Watch Dog
  • CPU usage display and alarm
  • Memory usage display and alarm
  • User operation logs
  • Management of logs, alarms, and debugging information
  • VCT- Virtual Cable Test
  • Detailed Diagnostic-information collection
  • Manual reboot
  • Schedule Reboot
  • Reboot Information logging
  • Ping
  • IPv6 Ping
  • Traceroute
  • Port mirror
  • Flow mirror
  • Remote mirror
  • Multi-destination mirror m:n
  • Use CPU as mirror source
  • Use CPU as mirror destination and analyze packet
  • To CPU/From CPU packets statistics
  • Layer2 network connectivity detection - L2Ping (MAC Ping/Trace)
  • UDLD- Unidirectional Link Detection
  • Unidirectional forwarding of the fiber
  • Port loopback
  • Hardware loopback internal/external
  • Time configuration
  • Time zone
Version Upgrade
  • Upgrade with the local image file
  • Upgrade with the remote TFTP server
  • Online upgrade Uboot
Maintenance
  • Detect the connectivity of network cables
  • Uploading or downloading of the configuration data
  • Uploading of firmware upgrade patch
  • Support system logs
  • WEB-based reset to factory defaults
Management
  • WEB-based management
  • CLI Management (Command Line Interface)
  • Telnet
  • SNMP

Table 2. E3000 SoldierOS Software Highlights#

ProtocolsDescription
1. Ethernet basic features
Highlight: Ethernet
interface
  • Ethernet interface operating modes(full duplex, half duplex, and auto- negotiation)
  • Ethernet interface operating rates
  • Jumbo Frame
  • Port-xconnect
Flow-controlFlow-control tx/rx
storm-controlPort based storm-control
Port-blockPort-block(know-unicast/unknow-unicast/know-multicast/unknow- multicast/broadcast)
Port-isolate
  • L2/L3/All Port-isolate
  • Uni-direction isolateL2/L3/All Port-isolate
  • Uni-direction isolate
L2 Protocol TunnelL2 Protocol Tunnel(support CFM/DOT1X/LLDP/SLOW- PROTO/STP/VTP)
Forward mode
  • Store-and-forward
  • Cut-through
Highlight: VLAN
VLAN Access mode
  • Access/Trunk
  • Default VLAN
VLAN ClassificationVLAN Classification(port based/mac based/ip based/protocol based)
QinQ
  • Basic QinQ
  • Selective QinQ
  • VLAN Mapping (1:1 VLAN Translation)
VLAN StatisticsVLAN Statistics
Private VLANPrivate VLAN
Voice VLANVoice VLAN
Guest VLANGuest VLAN
Highlight: MAC
MAC Address Table
  • Automatic learning and aging of MAC addresses
  • Hardware Learning
  • Static and dynamic MAC address entries
  • Blackhole MAC
MAC Flapping detectMAC Flapping detect
Port BridgePort Bridge
Highlight: LAG
Link aggregation
  • Static-LAG, LACP
  • LAG load balance(SLB)
  • LAG load balance(DLB)
  • LAG load balance(RR)
  • LAG Self-healing
2. Ethernet Ring protection features
Highlight: xSTP
STPSpanning-Tree Protocol
RSTPRapid Spanning-Tree Protocol
MSTPMulti-instance Spanning-Tree Protocol
Spanning-Tree Protocol Protection
  • BPDU Filter/Guard
  • Root Guard
  • Loop Guard
  • Anti TC-BPDU attack
Highlight: Loopback Detect
Loopback DetectLoopback-detection
3. Layer 2 Multicast
Highlight: Layer 2 Multicast
IGMP Snooping
  • IGMPv1/v2/v3 Snooping
  • Fast leave
  • Static IGMP snooping group
MVRMVR(Multicast VLAN Registration)
4. IPv4 Forwarding
Highlight: ARP
ARP
  • Static and dynamic ARP entries
  • Aging of ARP entries
  • Gratuitous ARP
ARP proxy
  • Basic ARP-Proxy
  • Local ARP-Proxy
Highlight: IPv4 Unicast Routing
IPv4 Static Routes
  • IPv4 Static Routes
  • Dynamic Routes
RIPRIPv1/v2
OSPFOSPF v1/2/3
Route policy
  • Route-map
  • IPv4 prefix-list
PBRPBR(Policy-based Routing)
ICMP
  • ICMP redirect
  • ICMP unreachable
Highlight: IPv4 Multicast Routing
IGMP
  • IGMP v1/v2/v3
  • IGMP-Proxy
  • IGMP SSM Mapping
PIM
  • PIM-SM
  • PIM-SSM
  • PIM-DM
5. IPv6 Forwarding
Highlight: IPv6 Basic Protocol
ICMPv6ICMPv6
NDPNDP
PMTUPMTU
Highlight: IPv6 Unicast Routing
IPv6 Static RoutesIPv6 Static Routes
RIPngRIPng
OSPFv3OSPFv3
Highlight: IPv6 Multicast
Highlight: IPv6 Multicast Routing
MLD v1/v2MLD v1/v2
MLD v1/v2 SnoopingMLD v1/v2 Snooping
MVR6MVR6
PIM-SM v6PIM-SM v6
Highlight: IP Tunnel
IPv6 over IPv4 TunnelIP-in-IP Tunnel
6to4 Tunnel6to4 Tunnel
ISATAP TunnelISATAP Tunnel
Configured TunnelConfigured Tunnel
L3 GREL3 GRE
Highlight: IPv6 Service
DHCPv6
  • DHCPv6 Relay
  • DHCPv6 Snooping
IPv6 Prefix ListIPv6 Prefix-list
6. Device reliability features
Highlight: VRRP
VRRP
  • VRRP
  • Track for VRRP
Highlight: Smart Link
Smart Link
  • multi-instance
  • load balance
  • Multi-Link
  • Monitor-link
7. QoS features
Highlight: QoS
Traffic classification
  • Traffic classification based on COS/DSCP (simple classification)
  • Traffic classification based on ACL ( complex classification)
Traffic behaviors
  • Queue scheduling
  • Remark the priority fields(COS/DSCP) of the packet based on ACL
  • Remark the priority fields(COS/DSCP) of the packet based on Table
  • Flow redirection
  • Flow mirror
Traffic policing
  • Traffic policing based on direction(in/out) of Port
  • Traffic policing based on direction(in/out) of VLAN
  • Traffic policing based on direction(in/out) of flow
  • Traffic policing based on direction(in/out) of aggregated flow
Traffic shaping
  • Queue based traffic shaping
  • Port based traffic shaping
Congestion management
  • SP (Strict Priority) scheduling
  • WDRR(Weighted Deficit Round Robin) scheduling
Congestion avoidance
  • TD (Tail Drop)
  • WRE (Weighted Random Early Detection)
Traffic statistics
  • Packet counts and bytes statistics based on traffic classification
  • Packet counts and bytes statistics based on the color after traffic
  • Forwarded and discarded packet counts and bytes statistics
ECN (Explicit congestion notification)
  • ECN tags based on Tail Drop
  • ECN tags based on WRED
8. System Security
Highlight: System Security
SSH
  • SSHv1/v2
  • RSA Key generation
RADIUSRADIUS
TACAS+TACAS+
AAA
  • Authentication
  • Authorization
  • Accounting
Dot1x
  • Port based dot1x
  • MAC based dot1x
  • Guest VLAN
ACL
  • MAC/IP ACL
  • Basic Mode ACL
  • Port-group ACL
  • VLAN-group ACL
  • IPv6 ACL
  • ACL UDF
  • Time Range
ARP InspectionARP Inspection
IP Source GuardIP Source Guard
Port SecurityLimitation on MAC address learning on interface
VLAN SecurityLimitation on MAC address learning on VLAN
9. Security and Management
Control Plane Policy (COPP)
  • Black list/white list
  • Rate limit
CPU Traffic LimitCPU Traffic Limit
Prevent DDOS attackPrevent DDOS attack (ICMP Flood/Smurf/Fraggle/LAND/SYN Flood)
Login filter
  • Telnet/SSH ACL filtering
  • Telnet/SSH IPv6 ACL filtering
MAC SecurityMacSec (802.1AE)
Link-Flapping detectionLink-Flapping detection
Highlight: Network Management
DHCP
  • DHCP Server
  • DHCP Relay
  • DHCP Snooping
  • DHCP Client
  • DHCP Option82
RMONRMON
sFlowsFlow v4/v5
NTPNTP (Network Time Protocol)
ErrdisableErrdisable detection and recovery
DNSStatic DNS Client
LLDPLLDP
10. Configuration and maintenance
Highlight: Terminal Services
Command Line InterfaceConfigurations through CLI (Command Line Interface)
Help informationBanner configuration
Terminal service
  • Vty Terminal service
  • Console Terminal service
Highlight: Configuration Management
Management interfaceUSB Console management interface and configuration
User privilege managementprivileged user priority and privileged commands
SNMP
  • Network management based on SNMPv1/v2c/v3
  • Public and private MIB
  • Public and private Trap
WEBConfiguration and management based on WEB UI
SmartConfigSmartConfig (Automatically configuration when system start)
Restore factory default configurationRestore factory default configuration
Highlight: File System
File systemFile system(support directory and file management)
Upload and download
  • Upload and download files through FTP or TFTP
  • Upload and download files through Xmodem
Highlight: Debugging And Maintenance
Debug
  • Per-module Debug features
  • ICMP Debug
BHM
  • Software process monitor: BHM(Beat Heart Monitor)
  • Hardware Watch Dog
Log & alarm
  • CPU usage display and alarm
  • Memory usage display and alarm
  • User operation logs
  • Management of logs, alarms, and debugging information
VCTVCT (Virtual Cable Test)
system diagnosticsDetailed Diagnostic-information collection
Reboot
  • Manual reboot
  • Schedule Reboot
  • Reboot Information logging
Network diagnostics
  • Ping
  • IPv6 Ping
  • Traceroute
Mirror
  • Port mirror
  • Flow mirror
  • Remote mirror
  • Multi-destination mirror (m:n)
  • Use CPU as mirror source
  • Use CPU as mirror destination and analyze packet
CPU statisticsTo CPU/From CPU packets statistics
UDLDUDLD(Unidirectional Link Detection)
Uni directionalunidirectional forwarding of the fiber
Loopback
  • Port loopback
  • Hardware loopback (internal/external)
System time
  • Time configuration
  • Timezone
Highlight: Version Upgrade
System software upgrade
  • upgrade with the local image file
  • upgrade with the TFTP server
  • upgrade with the HTTP server

Convergence Time

By default, RSTP used for all COMMANDO SoldierOSit takes 1 second for the device to converge. RSTP converges faster because it uses a handshake mechanism based on point-to-point links instead of the timer-based process used by STP.

IP multicast snooping and IGMP automatically prevent flooding of IP multicast traffic.

IEEE 802.1AB Link Layer Discovery Protocol (LLDP) facilitates easy mapping using network management applications with LLDP automated device discovery protocol

LLDP-MED (Media Endpoint Discovery) defines a standard extension of LLDP that stores values for parameters such as QoS and VLAN to configure automatically network devices such as IP phones.

STP/RSTP/MSTP for loop free network with 128 instances, IEEE 802.1s Multiple Spanning Tree provides high link availability by allowing multiple spanning trees; provides legacy support for IEEE 802.1d and IEEE 802.1w

IEEE 802.3ad Link Layer Discovery Protocol (LACP) and port trunking support up to 128 static, dynamic, or distributed trunk group with stacking and each trunk having 8 ports. Lag links provides easy-to-configure link redundancy of active and standby links.

Security

The AAA feature allows you to verify the identity of, grant access to, and track the actions of users. It supports Remote Access Dial-In User Service (RADIUS) or Terminal Access Controller Access-Control System Plus (TACACS+) protocols.

Based on the user ID and password combination that you provide, the switch perform local authentication or authorization using the local database or remote authentication or authorization using one or more AAA servers. A pre-shared secret key provides security for communication between the Switch and AAA servers. You can configure a common secret key for all AAA servers or for only a specific AAA server.

It supports Multiple user authentication methods

Uses an IEEE 802.1X supplicant on the client in conjunction with a RADIUS server to authenticate in accordance with industry standards.
Supports web-based and MAC-based authentication
Multiple IEEE 802.1X users per port provides authentication of multiple devices on a single port; prevents a user from piggy backing on another user’s IEEE 802.1X authentication.
Concurrent IEEE 802.1X, Web and MAC authentication schemes per port switch port will accept up to 8 sessions of IEEE 802.1X, Web and MAC authentications.
Access control lists (ACLs) provide IP Layer 3 filtering based on source and destination IP address or subnet or source and destination TCP/UDP port number.
Source-port filtering allows only specified ports to communicate with each other.
RADIUS/TACACS+ eases switch management security administration by using a password authentication server.
Secure shell encrypts all transmitted data for secure remote CLI access over IP networks.
Secure Sockets Layer (SSL) encrypts all HTTP traffic, allowing secure access to the browser-based management WEB GUI in the switch.
Port security allows access only to specified MAC addresses, which can be learned or specified by the administrator.
MAC address lockout prevents particular configured MAC addresses from connecting to the network.
Secure FTP allows secure file transfer to and from the switch and protects against unwanted file downloads or unauthorized copying of a switch configuration file.
Switch management logon security helps secure switch CLI logon by optionally requiring either RADIUS or TACACS+ authentication.
Custom banner displays security policy when users log in to the switch.
STP BPDU port protection blocks Bridge Protocol Data Units (BPDUs) on ports that do not require BPDUs, preventing forged BPDU attacks.
DHCP protection blocks DHCP packets from unauthorized DHCP servers, preventing denial-of-service attacks.
Dynamic ARP protection blocks ARP broadcasts from unauthorized hosts, preventing eavesdropping or theft of network data.
Dynamic IP lockdown works with DHCP protection to block traffic from unauthorized hosts, preventing IP source address spoofing.
STP root guard protects the root bridge from malicious attacks or configuration mistakes.
Identity-driven ACL enables implementation of a highly granular and flexible access security policy and VLAN assignment specific to each authenticated network user.
Per-port broadcast throttling configures broadcast control selectively on heavy traffic port uplinks.
Monitor and diagnostics digital optical monitoring of SFP and 1000BASE-T transceivers allow detailed monitoring of the transceiver settings and parameters.

Effective Management

COMMANDO SoldierOS offers Network Monitoring for users to observe traffic behavior with Port Mirroring, Loop Prevention and DHCP snooping features, can identify and even locate connection problems on your business network.

Administrators can designate the priority of the traffic based on Port Priority, 802.1P and DSCP Priority, to ensure that voice and video are always clear, smooth and lag-free.
Voice VLAN, port-based VLAN and 802.1Q-based VLAN functions.
RMON provide advanced monitoring and reporting capabilities for statistics, history, alarms, and events.
Troubleshooting ingress and egress port monitoring enable more efficient problem solving.
Unidirectional Link Detection (UDLD) monitors the link between two switches and blocks the ports on both ends of the link if the link goes down at any point between the two devices.

Hardware

COMMANDO Soldier E3000 L3 Aggregation and Access Series uplink Routing Switches are built for the cloud. It uses achieve easy to deploy, use, manage and designed exclusively for enterprise-class access and aggregation layer switches, specially built for Security, IoT, and Cloud networking needs of growing businesses, high-end campus networks maximum throughput. All ports capable of gigabit Ethernet speed and support PoE/PoE+ power maximum 30W per port with up to 10G SFP+ uplink and uplink stacking. This series has 16 & 24 ports models with auto-negotiation 10/100/1000Mbps and auto detection of PD for PoE/PoE+. The PoE/PoE+ power supply transmission is more reliable due to design of robust network transformer which uses high current. Various power budget options like 520W/900W PoE+ Power for 16 & 24 ports sufficient to provide power on all ports on switch. PD detection will automatically detect and provide required power for your PoE/PoE+ devices. These devices having powerful PoE budget up to 900W (450W+450W) and flexible enough for users to deploy wireless access points, surveillance cameras, IP phones and other PoE/PoE+ supported devices. It supports MAC Address Table Size up to 16K with 2-left 4-way hash along with 4K Multicast Table Size, Up to 12Mbit Packet Buffer memory and support Jumbo frame up to 12KB. It has 4K VLANs with IVL, SVL, IVL/SVL mixed mode along with flexible QinQ which supports 1Q and QinQ VLAN forwarding base on inner or outer tag. It also supports Protocol VLAN up to Global 8 protocol VLAN configurations. Per port can specify the mapping VLAN Mac-based VLAN share with 2K Ingress VLAN Translation table, IP-Subnet-based VLAN share with 2K Ingress VLAN Translation 2K Ingress and 1K Egress with N:1 VLAN Translation Via MAC Address Table. It supports VLAN Profile up to 16 VLAN profiles which define L2 learning enable/disable and unknown L2/IPv4/IPv6 multicast flooding domain, VLAN Filtering Per ingress port and egress port enable VLAN filtering.

It supports Port Mirroring with 4 mirror sets. Each mirror set can specify one mirroring port and multiple mirrored ports, Mirror Isolation, Flow-based mirror by ACL, RSPAN, Source, Intermediate, Destination Switch. It uses sFlow with Ingress Port, Egress Port along with Trunk (IEEE802.3ad LACP) 26 groups with up to 128 Groups for Load Balance SPN/SMAC/DMAC/SIP/DIP/SPORT/DPORT. Each Group can have up to Up to 8 ports. It supports Trunk Fail Over Hardware auto fail-over for link down ports. It supports IGMP/MLD, ASM snooping, ASM and SSM L2 Multicast Up to 16K Groups with 4K different Port Mask. IP Multicast Replication Up to 16K replications. It supports Spanning tree algorithm like STP/RSTP/MSTP with up to 128 Multiple Spanning Tree Instance. It has a robust QoS with Normal port 8 egress queues, CPU port 32 queues with Scheduling algorithm: WRR, WFQ, Strict, Strict+WRR, Strict+WFQ, Simple WRED. Remarking Per egress port enable Inner VLAN, Outer VLAN, DSCP, DEI, ACL. It has scheduling method Per queue assured or fixed.

It supports Storm Control Per port basis, can specify BPS/PPS and rates for Unknown unicast, Unknown+Known unicast, Unknown multicast, Unknown+Known multicast, Broadcast, Control Protocol Strom Control Per ingress port specify BPDU/ARP/IGMP suppression rate against protocol attack. Ingress Bandwidth Control Per port specify rate 0~10G, unit is 16Kbps, Input queue shaping, Egress Bandwidth Control Per port specify rate 0~10G, unit is 16Kbps. CPU port can specify BPS or PPS mode. It can have up to 512 policer which can be configured as DLB or srTCM or trTCM, Hierarchical policing, CAR supportive Counter, 4K packet counter and byte counter, Multiple counter execution Key. It has IP+MAC+PORT+VLAN Binding with 1K flexible binding entry. It supports L2~L4 DoS prevention with MAC White List, Combine with L2 table MAC Black Hole, Source and Destination MAC.

It supports IP Routing with IPv4/IPv6 unicast and multicast routing with up to 6K network route and 6K host Route along with Longest prefix match (LPM) based routing. It also supports Policy-Based Routing by ACL, ECMP/WCMP Distribution by source/destination IP address, DSCP, TCP/UDP port, Dynamic Load Balancing along. It also supports has Tunneling like L3 GRE, 6 to 4, ISATAP, IP-in-IP, Configured Tunnel. It has Management/Carrier Ethernet with H/W OAM Loopback Per port specify Multiplexer and Parser state. H/W OAM Dying Gasp Software-Defined Payload, IEEE802.1ag CFM for ERPS. It also supports Link fault detection for G.8031/8032 with up to 8 instances which can have different CCM payload. HW transmits CCM packet from 1~1024ms Trigger interrupt when link fault is detected. It also has Y.1731 CFM One-Way/Two-Way ETH-DM, IEEE 1588 v1/v2 Support by PHY with accuracy up to 8ns. It has  Stacking Capability with Maximum 16 Stackable Device and supports Stacking Topology Line and Ring Max. 16 stacking ports. It has Fast link fault detection by CCM (1~1024ms) with Remote Device Access and Remote Interrupt.

It has Temperature Control Fan control circuitry varies the fan speed to increases or decreases the airflow needed to keep the system operating in a desired temperature by adjusting fan speeds to optimize cooling. These Energy Efficient switchesallows optimizes air circulation to provide more effective cooling throughout rack systems in data centers where the switches are used when compared to side-to-side airflow. The switches also feature built-in smart fans with internal heat sensors monitor and detect temperature changes and react accordingly by utilizing different fan speeds for different temperatures. At lower temperatures, the fans will run slower, reducing the switch’s power consumption and noise. It has Hardware watchdog support which guard against certain types of system hangs. Watchdog timer is used to escape from if something goes wrong. Based on the situation, the Switches can automatically reset itself, or recover from the failure and generate an error message in the console logs. It has long life electrolytic capacitance with high Quality PCB Circuit Board and PCB Surface Treatment Using Gold Sinking Process. Rack mount design, Mounts in an EIA-standard 19-inch telco rack or equipment cabinet (Rack-mounting kit available), horizontal surface mounting, Wall mounting and also having durable robust metal body and has bilateral heat dissipation. It comes with LED indications like Power, ports status/ activity indicator LED lights, PoE Max.

Specifications

 COMMANDO Soldier E3000 L3 Aggregation and Access Series uplink Routing Switches has a 4K-entry VLAN table which is used by 802.1Q and Q-in-Q VLAN. It supports 4K FID (Filtering Database ID) in total. IVL (Individual VLAN Learning), SVL (Shared VLAN learning) and IVL/SVL mixed mode are supported and per VLAN basis can specify the VLAN learning mode for unicast/broadcast and L2/IP multicast traffic respectively. It has IP multicast data packets involve L2 and port-mask table lookup. If the L2 table lookup returns a hit, the data packet is forwarded to all member ports and router ports retrieved from port-mask table. If the multicast address is not stored in the address table (i.e., lookup miss), the packet is broadcast to all ports of the broadcast domain.

The device features a 16K-entry Layer 2 table. It uses a 2-left 4-way hashing structure to store L2 entries so that it could provide higher learning capability. Each entry can be recorded in one of the two formats, L2 Unicast and L2 Multicast. Both L2 Unicast and Multicast use (FID/VID, MAC) as hash key. The learn unicast entries are aged out after the specified aging period. The device per port supports a configuration to disable the aging out function. Support Source/Destination MAC filtering or Secure Source MAC Address mode that device only accepts packets whose SA is known to system. IEEE 802.1d/1w/1s (STP/RSTP/MSTP) with up to 64 spanning tree instances supported by the device.

The device has a 4K-entry VLAN table that is used by 802.1Q and Q-in-Q VLAN and shared by CVLAN and S-VLAN. Up to three layer VLAN tags (Outer Tag, Inner Tag, Extra Tag) are supported for Q-in-Q applications. The device supports global four outer TPIDs, four inner TPIDs and one extra TPID which are all configurable and per port has a TPID mask to select the recognized TPID. For VLAN tag manipulation, VLAN untag set and the egress port tag status configurations are coordinated for determining the tag status for a packet. Per ingress port and per tag status can specify the forwarding VLAN is either from inner tag or outer tag. Forwarding VLAN is used for doing VLAN table lookup and ingress/egress VLAN filtering. The device also supports 8 protocol-based (IEEE 802.1v), 2K MAC-based/IP-subnet-based (shared with Ingress VLAN translation), and application-based VLANs. Per VLAN provides a 16-bit group mask which can be used as a key by ACL, and provides forwarding options of some predefined types of packets (e.g. IGMP, MLD, DHCP, and ARP) for VLAN-based applications.

The device supports 2K ingress (shared with MAC-based/IP-based VLAN) and 1K egress VLAN translation table. They are used to support the 1:1 and port-based N:1 VLAN translation. For MAC-based N:1 VLAN translation, per egress port has a configuration to enable the function. In addition to the dedicated VLAN translation tables, VLAN translation can also be done by ACL. The device supports 802.3ad (Link Aggregation) for 26 groups (stand-alone mode)/ 128 groups (stacking mode) of link aggregators with up to 8 ports per-group. In stacking mode, a link aggregation group can contain member ports on different stacking devices.

Link aggregation group frames are sent to an aggregation port of the link aggregation group according to a distribution algorithm. Two trunk distribution algorithms are supported and per group can bind to a specific distribution algorithm. L2 and L3 packet can have different parameters of the distribution algorithm. Each trunk group can optionally separate the known multicast and flooding traffic to the MSB port. Besides, H/W fail-over is also supported to prevent forwarding traffic to a link down port in stand-alone mode.

There are four mirror configurations supported in the device. Each mirror configuration can specify the ingress and egress mirrored ports, mirroring port, isolation state, and enable state. Normal forwarding packet cannot be forwarded to the mirroring port if isolation state is enabled. The mirrored traffic can cross the VLAN, that is, the mirrored port and mirroring port can reside in different VLANs. Multiple mirrored ports are matched for a multiple egress port packet. The packet transmitted through the lowest mirrored port ID is duplicated to the mirroring port. The mirroring port drops the mirrored traffic instead of triggering the flow control if it is congested. The device supports ingress and egress port sFlow sampling. Each mirror session can specify the sample rate for packet sampling. Mirror across stacking devices is supported. Ingress/egress mirrored ports and mirroring port can be on different stacking devices.

Most common attacks can be blocked by the device including LAND attack, UDP Blat attack, TCP Blat attack, Ping of Death attack, Smurf attack, TCP NULL scan and so on. The attack prevention function is per port enabled and each attack type is globally enabled. The device provides 1K L3 interface (shared with Tunnel interface), 12K hash-based (SRAM) L3 entries and 6000 LPM-based (TCAM) L3 entries which can support 6000 IPv4 unicast entries or 2000 IPv6 unicast entries as maximum. The device also provides 256 VRF (Virtual Routing and Forwarding) instances. The device supports uRPF (unicast reverse path forwarding) check, ECMP (256 groups, each group can have maximum 8 different nexthops and traffic metering for each path), ICMP redirect, MTU check. The device supports IPv4/IPv6 multicast routing and provides maximum 6K IPv4/2K IPv6 multicast entries (which are shared with hash-based L3 unicast routing table).

The device supports configured IP-in-IP (including IPv4-in-IPv4, IPv4-in-IPv6, IPv6-in-IPv4 and IPv6-in-IPv6) and GRE (IPv4/IPv6 + GRE + IPv4/IPv6) tunnels. Also supports ISATAP, 6to4 and 6RD auto tunnels. The system totally supports maximum 384 tunnels for configured/auto tunnels. The VLAN ACL function supports packet color-dependent drop, drop/permit/redirect/copy to CPU, log, mirror, policing, ingress inner VLAN assignment, ingress outer VLAN assignment, priority assignment, bypass, meta-data assignment, ingress queue assignment and QoS remarking functionalities. Each VLAN ACL entry corresponds to multiple actions. When a multi-match occurs (i.e., there are several ACL entries matching concurrently), these matched actions will be divided into different action groups. Each group will then execute the lowest block logic ID of lowest block group ID address entry corresponding action.

The ingress ACL function supports packet color-dependent drop, drop/permit/redirect/copy to CPU, log, mirror, policing, egress inner VLAN assignment, egress outer VLAN assignment, priority assignment and QoS remarking functionalities. The egress ACL function supports packet color-dependent drop, log, policing, egress inner VLAN assignment, egress outer VLAN assignment, and QoS remarking functionalities. The device supports 16 policers. Policers belong to different block groups can be executed concurrently to support hierarchy policing. The policer is flow controlled via leaky bucket. The rate ranges from 16Kbps~10Gbps with 16Kbps granularity . Each ACL entry has an index to point to 256 ACL policers. One limitation is that different phase ACL or different block group cannot share the same policer.

The per-port L2 storm filtering control mechanism suppresses the flow rate of storm packets. The device supports five control types: Unknown Unicast, Unicast, Unknown Multicast, Multicast, and Broadcast Storm. Egress bandwidth control configurations are supported to each port and each egress queue. Per-queue is also provided assured bandwidth and maximum bandwidth. Each bandwidth setting ranges from 16Kbps~10Gbps. The Packet Scheduler controls the multiple traffic classes (i.e., controls the packet sending sequence of the priority queue). The device scheduling algorithm is divided into Weighted Fair-Queuing (WFQ) and Weighted Round-Robin (WRR). Note that the Strict Priority queue is the highest priority of all queues and overrides WFQ & WRR. A larger strict priority queue ID indicates the priority is higher. Remarking can be divided into Inner 1p, Outer 1p, DEI and DSCP Remarking. Per egress port per type supports a configuration to turn on the remarking function. For Inner 1p Remarking and Outer 1p Remarking, the remarking source can be internal priority, original inner 1p priority, original outer 1p priority or original DSCP value. For DEI Remarking, the remarking source can be either from internal priority or internal drop precedence (DP). For DSCP Remarking, the remarking source can be internal priority, original inner 1p priority, original outer 1p priority, original DSCP value, internal DP and internal-priority-and-internal-DP.

There are two mechanisms for half duplex backpressure Collision-Based Backpressure (Jam Mode) and Carrier-Based Backpressure (Defer Mode). WRED is not configured, output buffers fill during periods of congestion. When the buffers are full, tail drop occurs. All additional packets are dropped. Since the packets are dropped all at once, global synchronization of TCP hosts can occur as multiple TCP hosts reduce their transmission rates. The congestion clears, and the TCP hosts increase their transmissions rates, resulting in waves of congestion followed by periods where the transmission link is not fully used. WRED reduces the chances of tail drop by selectively dropping packets when the output interface begins to show signs of congestion. By dropping some packets early rather than waiting until the buffer is full, SWRED avoids dropping large numbers of packets at once and minimizes the chances of global synchronization. Thus, WRED allows the transmission line to be used fully at all times. The device supports 256 ACL policers which can also be used as color-aware/color-blind srTCM (Single Rate Three Color Marker) and color-aware/color-blind trTCM (Two Rate Three Color Marker).

The srTCM meters a traffic stream and marks its packets according to three traffic parameters, Committed Information Rate (CIR), Committed Burst Size (CBS), and Excess Burst Size (EBS), to Green, Yellow, or Red. The trTCM meters a traffic stream and marks its packets based on two rates, Peak Information Rate (PIR) and Committed Information Rate (CIR), and their associated burst sizes to be green, yellow, or red. Each policer can specify the counting mode to be either PPS (Packet-Per-Second) or BPS (Bit-PerSecond). The packet is marked a color by srTCM/trTCM and the color is then referenced by associated ACL entry to perform drop or remark action. The color of packet is also referenced by SWRED to perform egress random dropping for congestion avoidance. BPE (Bridge Port Extension) provides the capability to extend MAC service over an Extended Bridge. This capability may be used to extend a bridge over multiple physical devices or the mac service of a virtual end station. The data center topology experiences a dramatic increase number of Ethernet switches. BPE simplifies the complexity of vSwitch and the loading of hypervisor. Compared to the traditional stacking which has the higher cost of maintenance, BPE reduces the cost by Extended Bridge. Each port on the device could be configured as (CB) Controlling Bridge or (PE) Port Extender. The traffic is forwarded via E-channel through the identification of ETAG. According to the E-CID (Echannel ID) in the ETAG, the traffic could be classified as point-to-point (unicast) or point-to-multipoint Management Information Base (MIB). The supported MIB (Management Information Base) which include TCP/IP-based MIB-II (RFC 1213), Ethernet-like MIB (RFC 3635), Interface Group MIB (RFC 2863), RMON (Remote Network Monitoring) MIB (RFC 2819), Bridge MIB (RFC 1493), Bridge MIB Extension (RFC 2674).

It supports OAM (Operation, Administration, Maintenance) IEEE 802.3ah which provides mechanisms useful for monitoring link operation such as remote fault indication and remote loopback control. In general, OAM provides network operators the ability to monitor the health of the network and quickly determine the location of failing links or fault conditions. The OAM loopback function supported by the device is wire-speed guaranteed and the source/destination MAC address can be swapped for the loopback packet. It supports 802.1ag CFM (Connectivity Fault Management) specifies protocols and protocol entities within the architecture of VLAN-aware Bridges that provide capabilities for detecting, verifying, and isolating connectivity failures in Virtual Bridged Local Area Networks. CFM describes the protocols and procedures used by Maintenance Points to detect and diagnose connectivity faults within a MD (Maintenance Domain).

It has EEE proposes a low power idle (LPI) mode where the MAC and PHY can shut down parts of electric circuits to reduce power consumption. If there is no traffic to be transmitted, the TX part of a port can enter LPI mode to sleep. If the link partner enters TX LPI mode, the connected port can enter RX LPI mode. The device per port can enable the TX/RX EEE function separately for different link speed (excludes 10Mbps)

Table 4. Hardware product highlights

1. Basic Hardware product highlights
Product PositioningNetwork Access or Aggregation
Switching MethodStore and Forwarding
Packet BufferUp to 12MB
CPU Model/ Frequency800 MHz
Flash512 MB
Memory1GB
Hardware Configuration
Main Board Specification
Console TypeRJ45
USB Console Management PortSupport
USB PortsSupport USB port
2. Performance Specification
Switching Capacity
Switching CapabilityUp to 160 Gbps
ThroughputUp to 320 Mpps
Latency
  • Min: 660ns
  • Max: 960ns
3. Hardware Summary and reboot time
Hardware SummaryStandard 1U 19'' Rack Mountable
Software Upgrade MethodTFTP/FTP/HTTP
Service interruption time when reboot system for software updateLess Than 120s
4. Power Supply and Power Requirements
Type of Power Supply
ACSupport
DCSupport
Power Supply Range
AC
  • Operating Voltage: 100 ~ 240V; 50/60Hz
  • Maximum Voltage: 90 ~ 264V; 47~63Hz
DCOperating Voltage: -48V ~ -60V
Double Power InputSupport
Power Supply Module PlugableSupport
PoE BudgetUp to 900W depending on models
Max Power Drawn by switch52W/59W
5. Over-current and Over-voltage protection
Overcurrent/Overvoltage ProtectionYes
Surge Protection Level±6 kV
6. Hardware content
Hardware Size (H×W×D) in.4.36 x 44.0 x 37.0 cm (1.73 x 17.5 x 14.6 inches)
Weight (kg)Up to 15kg (Include 2 Power Modules)
Cooling ModeFan Cooling (Front-to-Rear Airflow)
Quantity of Fans4
Fan Module PluggableNot support (Fixed fan)
Fan Module Intelligent Speed ControlSupported up to 10000 rpm.
Operating Temperature Range0ºC - 55ºC

Table 5. Technical Specifications

Technical SpecificationsE3000 Supported Parameters
1. Ethernet
Highlight: Jumbo frame
Maximum Jumbo frame size12000
Highlight: Unicast MAC
MAC Address Table Capacity16000
MAC Learning Rate (SW)> 4000pps
MAC Learning Rate (HW)> 10Gbps
Blackhole MAC address capacity128
Highlight: Multicast MAC
MAC address CapacityUp to 16000
Highlight: VLAN
VLAN IDs4094
VLAN Instances4094
VLANs to enable statistics256
Highlight: VLAN Mapping
Maximum mapping table64
Maximum rules Number1024
Highlight: EVC
Maximum EVC Number4094
Highlight: Link Aggregation (Static & LACP)
Maximum Member Number per group8
Maximum Group Number26 with stacking 128 groups
Load balance key modeStatic/Dlb/rr/Resilient/Self-healing
Convergence time< 50ms
Highlight: VLAN Classification
Maximum Rule Number4096
Maximum Group Number1
Base MAC Capacity512
Base IPv4 Capacity16
Base IPv6 Capacity16
Base Protocol Capacity7
2. Ethernet Ring protection
Highlight: STP
Convergence time< 30s
Highlight: RSTP
Convergence time< 1s
Highlight: MSTP
Instance Number64
Convergence time< 1s
3. IPv4 unicast
Highlight: ARP
ARP Capacity4000
Highlight: IPv4
FIB6000
Highlight: ECMP
ECMP Group240
Highlight: PBR
Policy Route Map64
Policy Based Routing ACE256
Highlight: OSPF
Maximum Static Neighbors256
Maximum Summary address4000
4. IPv4 multicast
Highlight: IPMC
Multicast Routing Table4000
Number of interfaces that support Multicast routing table
Highlight: IGMP Snooping
Maximum Groups Number
Highlight: MVR
Maximum Group Number
Maximum Member Number
5. IPv6 unicast
Highlight: Host Route
NDP Capacity
Highlight: IPv6
FIBv6
6. IPv6 multicast
Highlight: IPMC
Multicast Routing Table
Number of interfaces that support Multicast routing table
Highlight: MVR V6
Maximum Entry Number
Maximum Member Number
7. QoS
Highlight: Per-port Queue Num
Unicast Queue
Multicast Queue
Monitor Queue
Highlight: Packet Buffer
System Packet Buffer Capacity
Highlight: Granularity
Policer granularity
Queue Shape granularity
Port Shape granularity
Highlight: Flow entry
Ingress Port qos ipv4 flow entries
Ingress Port qos ipv6 flow entries
8. ACL
Highlight: IPv4 ACL
Ingress Port acl for IPv4
Ingress VLAN acl for IPv4
Egress Port acl for IPv4
Engress VLAN acl for IPv4
Highlight: IPv6 ACL
Ingress Port acl for IPv6
Ingress VLAN acl for IPv6
Egress Port acl for IPv6
Egress VLAN acl for IPv6
Highlight: MAC ACL
Ingress Port acl for MAC
Ingress VLAN acl for MAC
Egress Port acl for MAC
Egress VLAN acl for MAC
9. Security
Highlight: IP Source Guard
IPv4 maximum rules Number
IPv6 maximum rules Number
Highlight: 802.1x base MAC
Maximum Entries
Highlight: DHCP-Snooping
Maximum bound entry

Table 6. Specifications

Hardware ParameterHardware Specification
CPU Frequency800MHz
CPU Memory DRAM (GB)1GB
Flash512 KBytes
Packet Buffer memoryUp to 12MB
Fixed Ports
  • 16/24 *10/100/1000 Base-T all ports (POE/POE+) capable.
  • uplink SFP/SFP+
PoE standards supportedIEEE802.3af/IEEE802.3at/IEEE802.3bt/ power on all fixed ports.
Management portConsole port-1, USB port -1
Reset Button1
Additional DC input power from UPS1
Fan Quantity4
Enclosure Type (Rack-mountable)Rack/Wall-mountable - 1U
Max PoE++ Output Power (single port)Up to 30W
Total Power Consumption52W~1600W
PoE Pin-out1/2(+),3/6(-); Customized 4/5(+),7/8(-)
Switching Capacity128 Gbps - 160 Gbps
Forwarding ModeStore and forward
Forwarding Rate83.3Mpps - 119 Mpps
Bandwidth160Gbps
MAC Address Table SizeUp to 16000 entries
Jumbo frames( Bytes)12000
VLAN IDs4094
Management ACL256
Link Aggregation8
Maximum packet length9216bytes
IPv4 routes6000 (6,000 direct routes and 6,000 Host routes)
Routing table entries6000
IPv6 routing entries4000
Multicast routing scale4000
Switched Virtual Interfaces (SVIs)4000
QoS scale entries4000
ACL scale entries4000
Environmental
  • Operating Temperature: 0°C~55°C (32°F~104°F)
  • Storage Temperature: -20°C~70°C (-40°F~158°F)
  • Operating Humidity: 10%~90% non-condensing
  • Storage Humidity: 5%~95% non-condensing
FRU Power inAC 100~240V 50/60hz
Dimensions ( W x D x H )4.5 x 36.8 x 44.5 cm
Input Power Supply100~240V AC, 50/60Hz
Lightning Protection±6KV
Weight< 15Kg
LED IndicatorPower, System, Link/Act
Energy SavingEEE Compliant With IEEE802.3az
CertificationCE, FCC

Table 7. Hardware Specifications

SR. No.PRODUCT CODEEnclosure TypePortsMain InterfaceUplink InterfacesPower Budget with RPS (Watts)
1E3000-24GP+4XRack/Wall mountable - 1U24 GEStatic260 W
2E3000-16GP+4XRack/Wall mountable - 1U16 GEStatic450 W
3E3000-24G+4XRack/Wall mountable - 1U24 GEStatic-
4E3000-16G+4XRack/Wall mountable - 1U16 GEStatic-

It has additional AC input power to mitigate power supply failures. It automatically senses when the internal power supply of a connected device fails and provides power to that device, preventing loss of network traffic and support critical network infrastructure. These series Switches protect from power surges through their inline power supply automatically and have in build Surge protection of ±6KV. With this feature protect on cost and the impact to your business by losing these network devices and thus the users/servers connected to them.

Table 8. Power Specifications

SR. No.PRODUCT CODEMax no. of PoE+/PoE++ (IEEE 802.3at/bt) Ports with RPSFan (Number)Default Primary Power SupplyPower Input (Single/Dual)Voltage (Auto Ranging) 50 to 60 HzCurrent
1E3000-24GP+4XAll ports up to 15.4W4PWR-E3000-75WACAC + AC180 to 240V AC12V to 6.25A
2E3000-16GP+4XAll ports up to 30W4PWR-E3000-75WACAC + AC180 to 240V AC12V to 6.25A
3E3000-24G+4X-4PWR-E3000-75WACAC + AC180 to 240V AC12V to 6.25A
4E3000-16G+4X-4PWR-E3000-300WACAC + AC180 to 240V AC52V to 4.33A; 12V to 6.25A

Bandwidth Specifications

It uses Cut-through as well as Store-and-forward switching which means that the LAN switch copies each complete frame into the switch memory buffers and computes a cyclic redundancy check (CRC) for errors. The switching capacity (backplane bandwidth) of a switch refers to the maximum amount of data that can be transmitted between a switch interface processor or interface card and a data bus. The switching capacity indicates the total data exchange capability of the switch, Switch supports up to 160 Gbps. The stacking allows users to expand their network capacity without the hassle of managing multiple devices. Stackable switches can be added or removed. The Forwarding Rate is a measure of how many packets per second the switch can process for certain sized packets. Forwarding rate, refers to the number of network packets that can be processed by switch. The Forwarding rate is measured in Million packets per second (Mpps).

Table 9.Bandwidth Specifications

Sr. No.Model NumberSwitching Capacity(Gbps )Switching Capacity Forwarding rate(mpps)Switching Bandwidth(Gbps)Switching Bandwidth Forwarding rate(mpps)MTBF (hours)
1E3000-24GP+4X216162216162206999
2E3000-16GP+4X1289612896201254
3E3000-24G+4X1289611284204582
4E3000-16G+4X1289611284204125

Environmental properties specifications

Environmental properties include those physical properties which relate to the environment. Moisture, heat conductivity, the physical effect of heat, Altitude, Humidity and electrical properties depend on the environmental conditions surrounding the device.

Table 10. Environmental properties

PropertyDescription
Operation Temperature0°C to 55°C
Operating temperature and altitudes:
  • 0°C to +55°C, up to 5000 feet (1500m)
  • 0°C to +55°C, up to 10,000 feet (3000m)
  • Minimum ambient temperature for cold start is 32°F (0°C)
  • Short-term* exceptional conditions:
  • 0°C to +55°C, up to 5000 feet (1500m)
  • 0°C to +50°C, up to 10,000 feet (3000m)
  • 0°C to +55°C, at sea level with single fan failure
  • Not more than following in one-year period: 96 consecutive hours, or 360 hours total, or 15 days
Storage Temperature-20° to 70°C
Operating Humidity (relative, noncondensing)10% to 90% (Non-condensing)
Storage Humidity5% to 90%(Non-condensing)

Weight and Dimension specifications

It offers best in class from package dimensions to weight, destination, value, and shipment type. They are suitable for Industry standard Rack/Wall mounting. Industry Standard Rack/Wall mounted describes a unit of electronic equipment that is housed in a metal framework called an equipment rack. Usually, an equipment rack contains multiple "bays," each designed to hold a unit of equipment of standard dimensions.

Table 11. Weight and Dimension

Product CodeWeight (Kilograms)Weight (Pounds)Dimension (Inches (H x D x W))Dimension (Centimeters (H x D x W))
E3000-24GP+4X5.8Kg12.8lb1.75 x 14.5 x 17.54.5 x 36.8 x 44.5
E3000-16GP+4X7.8Kg17.9lb1.75 x 14.5 x 17.54.5 x 36.8 x 44.5
E3000-24G+4X5.8Kg12.8lb1.75 x 14.5 x 17.54.5 x 36.8 x 44.5
E3000-16G+4X7.8Kg17.9lb1.75 x 14.5 x 17.54.5 x 36.8 x 44.5

SFP/SFP+ ports Slots specifications

It has 1 and 10 Gigabit Ethernet fiber based Gigabit Ethernet Small Form-Factor Pluggable Plus (SFP/SFP+) switches with granular port densities that fit diverse campus needs. The SFP/SFP+ transceiver is a compact, hot-swappable device that plugs into a physical port of a network device. SFP/SFP+ optics are used in communication networks and have a transmitting side (Tx) and a receiving side (Rx). The different SFP/SFP+ transceivers work with different wavelengths at an appointed distance. A 1G to 10G solution with SFP/SFP+ uplinks.

Table 12. SFP/ SFP+ Specifications

PRODUCT CODESUPPORTING SFP
CMD-SM-1GCOMMANDO CMDFiber GBIC-LX/LH, SFP, 1310nm, MMF/SMF, 550m/10km, DOM, Compatible w/ Cisco GLC-LH-SMD
CMD-MM-1GCOMMANDO GBIC-SX, SFP, 850nm, 550m, MMF, DOM, Compatible w/ Cisco GLC-SX-MMD
CMD-SM-LX-10KCOMMANDO CMDFiber 1000BASE-LX/LH, SFP, 1310nm, MMF/SMF, 550m/10km, LC, DOM
CMD-SM-LH-20KCOMMANDO CMDFiber 1000BASE-LX/LH, SFP, 1310nm, SMF, 20km, LC, DOM
CMD-SM-EX-40KCOMMANDO CMDFiber 1000BASE-EX, SFP, 1310nm, SMF, 40km, LC, DOM
CMD-SM-ZX-80KCOMMANDO CMDFiber 1000BASE-ZX, SFP, 1550nm, SMF, 80km, LC, DOM
CMD-SM-EZX-120KCOMMANDO CMDFiber 1000BASE-EZX, SFP, 1550nm, SMF, 120km, LC, DOM
CMD-ZX-1G-RGDCOMMANDO CMDFiber 1000BASE-ZX, SFP, 1550nm, 80km, SMF, DOM, Extended Distance, Rugged
CMD-LX-1G-RGDCOMMANDO CMDFiber 1000BASE-SX, SFP, 850nm, 550m, MMF, DOM, Short Wavelength, Rugged
PRODUCT CODESUPPORTING SFP
CMD-SM-1GCOMMANDO CMDFiber GBIC-LX/LH, SFP, 1310nm, MMF/SMF, 550m/10km, DOM, Compatible w/ Cisco GLC-LH-SMD
CMD-MM-1GCOMMANDO GBIC-SX, SFP, 850nm, 550m, MMF, DOM, Compatible w/ Cisco GLC-SX-MMD
CMD-SM-LX-10KCOMMANDO CMDFiber 1000BASE-LX/LH, SFP, 1310nm, MMF/SMF, 550m/10km, LC, DOM
CMD-SM-LH-20KCOMMANDO CMDFiber 1000BASE-LX/LH, SFP, 1310nm, SMF, 20km, LC, DOM
CMD-SM-EX-40KCOMMANDO CMDFiber 1000BASE-EX, SFP, 1310nm, SMF, 40km, LC, DOM
CMD-SM-ZX-80KCOMMANDO CMDFiber 1000BASE-ZX, SFP, 1550nm, SMF, 80km, LC, DOM
CMD-SM-EZX-120KCOMMANDO CMDFiber 1000BASE-EZX, SFP, 1550nm, SMF, 120km, LC, DOM
CMD-ZX-1G-RGDCOMMANDO CMDFiber 1000BASE-ZX, SFP, 1550nm, 80km, SMF, DOM, Extended Distance, Rugged
CMD-LX-1G-RGDCOMMANDO CMDFiber 1000BASE-SX, SFP, 850nm, 550m, MMF, DOM, Short Wavelength, Rugged
PRODUCT CODESUPPORTING 1GBE SFP
CMD-TCOMMANDO GBIC-T SFP, Copper, RJ-45, 100m, Standard, Compatible w/ Cisco GLC-T
PRODUCT CODESUPPORTING SFP+
CMD-SR-10GCOMMANDO CMDFiber 10GBASE-SR, SFP+, 850nm, 300m, MMF, DOM, Compatible w/ Cisco SFP-10G-SR
CMD-LR-10GCOMMANDO CMDFiber 10GBASE-LR, SFP+, 1310nm, 10km, SMF, DOM, Compatible w/ Cisco SFP-10G-LR
CMD-ER-10GCOMMANDO CMDFiber 10GBASE-ER, SFP+, 1550nm, 40km, SMF, DOM, Compatible w/ Cisco SFP-10G-ER
CMD-ZR-10GCOMMANDO 10GBASE-ZR/ZW,SFP+, 1550nm, 80km, SMF, DOM, Compatible w/ Cisco SFP-10G-ZR
PRODUCT CODESUPPORTING 1GBE SFP+
CMD-UTP-10GCOMMANDO 10GBASE-T Copper RJ-45, SFP+, Up to 100m, CAT 6a/7

Power Supply Specifications

Power supply is a king of all electronic devices without the power supply switch cannot work. Following rating power input required to make switch work.

Table 13. Power supply specifications

Power supply rated maximum240V AC
Input-voltage range and frequency180 to 240V AC, 50 to 60 Hz
Input current52V to 13.94A; 12V to 6.25A
Power cord rating15A

Fan specifications

It come with dual fans. On the E3000 SKUs, the fan units are field-replaceable, whereas on the fixed E3000 SKUs, the fan units are fixed.

Table 14. Fan Modules

FRU FAN MODELDESCRIPTION
FRU-FAN-30003000 rpm Temperature Control Fan module
FRU-FAN-50005000 rpm Temperature Control Fan module
FRU-FAN-1000010000 rpm Temperature Control Fan module

Included in the bundle/box

All Soldier E3000 Series Switches are made available for use globally along with accessories in the bundle to facilitate for enhance operations.

The switch box comes included with the following accessories:

1x COMMANDO Soldier E3000 Series Switch

1x Power cable

1x Console cable

1x Earthing Cable

1x Stacking Cable (0.5cm)

1x Rack/Wall mountable kit

Support and Warranty

Same-day assistance.
Comprehensive 24-hour support using common communication/chat platforms, Email and Telephone.
Provide FAQs and troubleshooting help online (self-service) through cloud-based solutions.
Highly technical and trained representatives to resolve issues.
One-year default warranty with option of warranty extension up to 5 years

Table 15. Support and Warranty

Warranty and Support
Products coveredCOMMANDO Soldier E3000 Series Managed Switches
Warranty durationOne Year RTB (Return To Base) replacement warranty – optionally extendable up to 5 years.
Hardware replacementCOMMANDO, its resellers or its service center will use commercially reasonable efforts to replace the product subject to stock availability. Otherwise, a replacement will be arranged within 15 working days after receipt of the Return Materials Authorization (RMA) request.
End-of-life policyIn case of discontinuation of the product, support is limited to 3 years from announcement date.
Effective dateHardware warranty commences from the date of shipment to customer (and in case of resale by a COMMANDO reseller, not more than 90 days after original shipment by COMMANDO).
Support durationLifetime support.
COMMANDO CareCOMMANDO will provide 24x7 support for basic configuration, diagnosis, and troubleshooting of device-level problems for up to one year from the date of shipment of the originally purchased product. This support does not include solution or network-level support beyond the specific device under consideration.
Online Portal AccessWarranty allows guest access to commandonetworks.com for all available technical queries.

Ordering Information

Table 16 lists ordering information for the COMMANDO Soldier E3000 Series switches are L3 Aggregation and Access Series uplink Routing Switches

Table 16. COMMANDO Soldier E3000 Series switches are L3 Aggregation and Access Series uplink Routing Switches Ordering Information

ORDERING Information: SOLDIER E3000 Series Routing Switches
Product CodeDescription
E3000-24GP+4XCOMMANDO Soldier E3000 24GE PoE+, 4x 10G SFP+ Uplinks, 450W, Routing Switch
E3000-16GP+4XCOMMANDO Soldier E3000 16GE PoE+, 4x 10G SFP+ Uplinks, 260W, Routing Switch
E3000-24G+4XCOMMANDO Soldier E3000 24GE, 4x 10G SFP+ Uplinks, Routing Switch
E3000-16G+4XCOMMANDO Soldier E3000 16GE, 4x 10G SFP+ Uplinks, Routing Switch
Power Supplies
Product CodeDescription
C3KX-PWR-75WAC=C3500/C3000 75WAC Power Supply, Spare
C3KX-PWR-300WAC=C3500/C3000 300WAC Power Supply, Spare
C3KX-PWR-500WAC=C3500/C3000 500WAC Power Supply, Spare
Stacking Cables
Product CodeDescription
CAB-STACK-X-50CM10G SFP+, 50CM Stacking Cable
CAB-STACK-X-1M10G SFP+, 1M Stacking Cable
CAB-STACK-X-3M10G SFP+, 3M Stacking Cable
CAB-STACK-X-5M10G SFP+, 5M Stacking Cable
Power Cables
Product CodeDescription
CAB-AC-UKAC Power Cord, UK, C13, BS 1363, 2.5m
CAB-AC-EUAC power Cord, Europe, C13, CEE 7, 1.5M
CAB-AC-USAC Power Cord, 15A, right angle, United States
CAB-AC-CNAC Power Cord, China, 10A, IEC 320, C13 (APN=CS-PWR-CH)
CAB-AC-AUAC Power Cord, Australia/China, C13, AS 3112, 2.5m

Document History

ReleaseNew or RevisionDescribed inDate
Release 1First ReleaseFirst ReleaseJanuary 4, 2021
COMMANDO Networks Whatsapp
COMMANDO Networks Telegram