(EN) Aquarius AQ5000 Enterprise Aggregation Ethernet Switch Data Sheet

Aquarius AQ5000 is a productive enterprise-class aggregation platform in the company's family of network products. Together with the AQ3000 access switches, the AQ5000 focuses on new levels of productivity, security and user satisfaction, regardless of the scale of the enterprise infrastructure. The Aquarius families of network corporate platforms are designed to transform a typical network infrastructure into a hybrid production environment, where the workplace is not fixed in space, information resources are accessed from any device, applications and data are located anywhere in the corporate infrastructure or outside in cloud resources.

Key features:

• Productive platform in a compact form factor 1 Rack Unit.
• Platform architecture with a switching capacity of 880 Gigabits per second, performance that, in combination with available uplink and downlink interface options, provides the ability to build non-blocking configurations in various combinations of topological solutions.
• Possibility of choosing uplink interfaces for organizing connection to the infrastructure core of 40 Gbit/s, 100 Gbit/s.
• Connecting access level switches with 10 Gbit/s, 1 Gbit/s downlink interfaces.
• Hardware design that meets business continuity requirements. Modular redundant power supplies and fans support hot-swap mode, monitoring CPU health and internal device temperature.
• Carrier grade chipset.

Product overview

• Flexible implementation scenarios with programmable Layer 2 and Layer 3 table templates.
• Program the packet buffer size to meet the requirements of packet loss-sensitive multimedia content.
• Sampled Flow (SFlow), an industry standard that allows you to offload CPU resources and analyze the full range of L2-L7 protocols.
• Hardware support for Internet Protocol version 6 (IPv6), providing IPv6 processing at interface speed.
• IPv4/IPv6 dual stack support and dynamic assignment of traffic processing table templates to easily support IPv4-to-IPv6 migration.
• Security features at the network infrastructure level, advanced access control lists, protection against attacks on the Address Resolution Protocol (ARP), Dynamic Host Configuration Protocol (DHCP) mechanisms and CPU resources.
• Integration into the centralized 802.1x user authentication and authorization architecture.

AQ5000 platform details

Available models and options

Table 1. Models and hardware details

	AQ-N5000-24X2C
Downlink interfaces, Small Form-Factor Pluggable Plus, SFP+	24 x 1/10 Gbit/sec
Uplink interfaces, Quad Small Form-Factor Pluggable 28, QSFP28	2 x 40/100 Gbit/sec
Berakout support	QSFP28 ports
Power supply	2, hotswap
Power	350 W, ~ 100-240 V, 50/60 Hz
Maximum power consumption (power supply max)	2 х 350 W
Fans	4 (2 modules by 2 fans), hotswap
Airflow	Port-side intake
Beacon LED	Front panel
Management	1 RJ45 console, 1 out-of-band (OOB) management Ethernet 10/100/1000 Mbit/sec RJ45
Environment	Temperature from 0 ℃ to 45 ℃, relative humidity from 10 % to 90 % non-condensing
Environment (storage)	Temperature from -40 ℃ to 70 ℃, relative humidity from 0 % to 95 % non-condensing
Box contents	2 power cable C13-RU SHUKO 10 A 220/240 В 1.5 м, 4-th point rack-munt kit for 19", grounding cable
Accessories	USB Type A - RJ45 or USB Type C - RJ45 console cable

Power supply

The AQ5000 aggregation switch supports two redundant, hot-swappable power supplies.

Table 2. Power supply modules for AQ5000

Chassis model	Main power source	Additional power source	Power supply specification
AQ-N5000-24X2C	AQ-N-PS-5000-350-AC	AQ-N-PS-5000-350-AC	Input: 100-240 V, ~ 7 A max, 50/60 Hz Output: +12 V DC, 29 А max

Fans

The AQ5000 switch comes with two fan modules. Each module contains two fans with controlled rotation speed. The rotation speed depends on the internal temperature of the device. Fan modules are hot-swappable.

Performance and scalability

Таблица 3. Performance and scalability

Maximum values for different template options are given.

	Значение
Switching capacity	880 Gbit/sec
Routing performance	470 Mpps
Jumbo frame	9 600 bytes
Media Access Control (MAC) entries	max 98 000
ARP for IPv4 entries	max 16 000
IPv4 routes	max 57 000
NDP for IPv6 entries	max 4 000
IPv6 routes	max 6 000
Virtual Local Area Network (VLAN) number	4 094
Switch Virtual Interface (SVI) number	max 256
Multicast routes	max 2 000
Access Control List (ACL) entries	2 900
Quality of Service (QoS) entries	1 500
Packet buffer size	max 9 MB

Network security

Basic IPv4/IPv6/MAC access control lists allow you to implement policies based on filtering IP and other types of traffic, which can be applied to physical ports/port groups or to VLANs/VLAN groups. Applying access control lists to port groups or VLAN groups allows efficient use of Ternary Content-Addressable Memory (TCAM) resources. Extended ACLs can combine multiple basic rules in one filtering rule, and also add the ability to filter by L4 transport layer attributes.

Protection against spoofing of the DHCP server is carried out thanks to the DHCP Snooping function.

Protection of ARP mechanisms is implemented by IP Source Guard and ARP Inspection tools.

Control Plane Policy implements a filtering mechanism to protect network management layer protocols and switch computing resources.

CPU Traffic Protection and Storm Control optimize the load on the central processor and avoid blocking in the event of broadcast storms and denial of service attacks.

AQ5000 switches integrate into a centralized corporate 802.1x infrastructure and allow you to authenticate and authorize a user when requesting network access, or deny access.

High-availability

In addition to hardware methods for organizing continuous operation, fault tolerance is achieved using the Aquarius Network Operating System (AqNOS).

Smart Link is a practical mechanism for quickly switching from primary to backup uplink for dual uplink connection option, switching time less than 50 milliseconds. Smart Link also supports traffic balancing.

Monitor Link allows you to monitor the state of an uplink port and translate it into the state of downlink ports, quickly informing Layer 2 topological protocols about changes that have occurred.

Switch Port Autorecovery automatically attempts to reactivate a connection that has been deactivated due to an error condition.

IEEE 802.1w Rapid Spanning Tree Protocol (RSTP) guarantees fast convergence and independence from classic Spanning Tree timers, while also implementing distributed processing of state changes.

IEEE 802.1s Multiple Spanning Tree Protocol (MSTP) guarantees fast convergence and builds a tree for a VLAN group, and also allows balancing Layer 2 traffic.

Ethernet Ring Protection Switching (ERPS) improves fault tolerance in Ethernet ring topologies while preventing loops and associated broadcast storms. If one of the ring segments fails, the recovery time is less than one second, in most cases less than 50 milliseconds.

Link Aggregation Control Protocol (LACP) combines several physical interfaces of a device into one logical one, in terms of the L2 and L3 topological protocols, allowing the utilization of a larger number of connections between devices and increasing network stability by preventing topology recalculation when a connection fault is detected at the level of individual physical interfaces in a group.

Virtual Router Redundancy Protocol (VRRP) is a default gateway redundancy protocol that forms a virtual gateway from two physical devices.

Virtual ARP (VARP) allows several devices to simultaneously process traffic addressed to one virtual MAC address, allowing you to organize fault-tolerant groups of default gateways that operate in active-active mode and do not require additional mechanisms for tracking the state of devices in the group and organizing connectivity between participants groups. VARP is recommended for use in conjunction with Multi-Chassis Link Aggregation (MLAG).

Bidirectional Forwarding Detection (BFD). Fast recovery from a failure depends on the speed of detection of the event that occurred. Ethernet networks have historically lacked a mechanism for quickly notifying a failure, and network layer protocols typically use mechanisms for determining whether a neighboring device is unreachable, which is relatively slow for modern information systems. The BFD protocol is designed to quickly notify network management layer protocols, such as dynamic routing protocols, that an event has occurred.

Multi-Chassis Link Aggregation (MLAG) allows two separate aggregation or core network devices to be combined into a single logical construct relative to the connected devices. Both devices in the group operate in active-active mode and require a peer link to form a pair. All connections to the MLAG pair are active port channel groups formed by a static LAG or Link Aggregation Control Protocol (LACP) and participate in the transmission of traffic. From the point of view of the control level, the devices located in the MLAG group are individual objects, while at the same time, from the point of view of topological protocols, the MLAG group is one logical device.

QoS

The AQ5000 is designed to accommodate gigabit connection speeds for client devices. Implemented tagging, application traffic classification, and queue management mechanisms provide optimal performance for data, voice, and video. Bandwidth management granularity is achieved through classification of application groups based on 802.1p Class of Service (CoS) and Differentiated Services Code Point (DSCP) fields, an expanded set of attributes specified in ACLs, analysis of internal headers of tunneled traffic, cascading queue management with a combination of Strict Priority and Weighted Deficit Round Robin, Tail Drop and Weighted Random Early Detection congestion management and ten outgoing hardware queues per port.

Smart options

The built-in web interface allows you to obtain information about the main performance indicators of the device and basic settings in a user-friendly graphical representation. The web interface is included in the main files of the AqNOS network operating system and is activated by a basic license.

Total power consumption can be adjusted depending on the number of active ports, and intelligent fan control further contributes to the overall energy efficiency of the device.

Network fabrics

AqNOS supports a set of modern overlay technologies - Virtual Extensible LAN (VXLAN), Network Virtualization Using Generic Routing Encapsulation (NVGRE), Generic Network Virtualization Encapsulation (GENEVE). Overlays allow you to create an independent network topology and transmit L2 data over a routed L3 network using additional NVGRE/VXLAN/GENEVE encapsulation for Ethernet frames. Overlays allow you to implement flexible topological solutions, solve the problem with limitations of MAC tables and the number of VLAN IDs in traditional L2 networks, and remove restrictions on the migration of virtual machines.

AQ5000 switches support Remote Procedure Call - Application Programming Interface (RPC-API) in JavaScript Object Notation (JSON) RPC format for working with network automation packages.

Routing

The AQ5000 family allows you to build scalable network topologies, supporting the entire current range of dynamic routing protocols.

Static routes and Routing Information Protocol (RIPv1/v2) are positioned as basic IP unicast routing protocols for small networks. The expanded feature set includes Open Shortest Path First (OSPF) and Intermediate System to Intermediate System (IS-IS) for medium- and large-scale infrastructures, as well as Border Gateway Protocol (BGPv4) for multi-domain topologies.

IPv6 routing is supported at the hardware level, resulting in high performance in processing IPv6 traffic.

For applications using multicast, Internet Group Management Protocol (IGMP) up to version 3 inclusive is implemented, and for building routed multicast topologies, Protocol Independent Multicast Sparse and Dense Mode, Source-Specific Multicast are supported.

AqNOS supports up to 256 Switch Virtual Interfaces (SVI), each physical switch port can be a routed port.

Ethernet OAM

The AQ5000 supports the Ethernet Operation and Maintenance (OAM) feature set. End-to-end monitoring from port to port of client infrastructure, obtaining high-quality performance indicators and compliance of parameters specified in the Service Level Agreement (SLA) - options that greatly facilitate the maintenance of network infrastructure.

Network operating system and licensing

The AqNOS network operating system offers basic (BASE) and advanced (PRO) functionality, which is determined by the license installed on the device.

Table 4. Feature by license

Base license (BASE)

Enhanced license (PRO), includes all Base features

L2, VLAN, VLAN Stacking (QinQ),  Link Aggregation Group ( LAG),  семейство Spanning Tree Protocol ,  Ethernet Ring Protection Switching ( ERPS), Layer 2 Multicast, IPv4 Unicast Routing (Static, Virtual Routing and Forwarding (VRF), RIPv1/v2, Policy Based Routing (PBR), Equal-Cost Multi-Path routing (ECMP), IPv4 Multicast (IGMPv1/v2/v3), VRRP, SmartLink, MLAG, QoS, Integrated Network Security, DHCP Server,  Remote Monitoring ( RMON), sFlow v4/v5, IP SLA,  Command Line Interface ( CLI)/WEB UI,  Simple Network Management Protocol ( SNMP), RPC-API, Debug, Log & Alarm, Network Diagnostic ( Switch Port Analyzer (SPAN) , Encapsulated Remote Switch Port Analyzer (ERSPAN)), Unidirectional Link Detection (UDLD)

IPv4 Unicast Routing (OSPFv2, IS-IS, BGP), IPv4 Multicast Routing (Protocol Independent Multicast - Sparse-Mode (PIM-SM), Source-Specific Multicast (SSM), Dense Mode (DM)), IPv6, IPv6 Multicast Routing (Routing Information Protocol next generation (RIPng), OSPFv3, Multicast Listener Discovery (MLD) v1/v2, Multicast VLAN Replication 6 (MVR6), PIM-SMv6), IP Tunnel (IPv6 over IPv4, 6to4, Intra-Site Automatic Tunnel Addressing Protocol (ISATAP), IPv6 Service (DHCPv6, IPv6 Prefix-list), Bidirectional Forwarding Detection (BFD) (Static, OSPFv2, VRRP, PBR), Ethernet in the First Mile (EFM) OAM, Connectivity Fault Management (CFM) , Y.1731, VXLAN, Generic Routing Encapsulation (GRE), NVGRE, GENEVE, Data Center Bridging (DCB), Border Gateway Protocol Ethernet VPN (BGP EVPN)

Dimensions, weight, MTBF

Table 5. Dimensions and weight

	AQ-N5000-24X2C
Dimensions (Height х Width х Depth)	44 mm х 440 mm х 400 mm
Mounting depth with 4-point kit	500 mm - 600 mm
Weight netto	7 kg
Mean Time Between Failures (MTBF)¹	more 90 000 hours

¹MTBF parameters are calculated in accordance with the MIL-HDBK-217F, GJB299B methodology. MTBF characterizes the mean time between failures and does not guarantee that the device will be in a state of continuous operation for the entire period of the specified time. The actual time between failures can vary over a wide range, and the occurrence of a device malfunction much earlier or later than the calculated MTBF time is not a violation of the declared properties of the equipment. Also, the MTBF parameter does not classify what level of criticality an incident is regarded as a manifestation of equipment failure, and what scale of damage caused by the incident, including security risks, will be classified as a failure. The MTBF value is a reliability characteristic, but is not a guarantee of reliability. It informs about the expected frequency of failures, but the calculated parameters do not take into account all possible external factors leading to failures. Environmental conditions, the specifics of the equipment maintenance process and the features of its application can affect the reliability of the device. It is important to understand that MTBF is one of many parameters that must be taken into account in the overall assessment of the reliability characteristics of a particular piece of equipment. The MTBF value provides useful initial information about the possible number of failures over a period of time, but does not predict the cause of the failure. A high MTBF does not mean that failure will never occur, but only suggests that the probability of failure is lower. All systems and components have a finite life cycle, and failures can occur due to a wide range of factors, including wear, operating conditions and manufacturing defects.

Interfaces and cables

Table 6. Interfaces and cables

Interfaces and cables	Transceiver SFP+ Little Click (LC) connector (singlemode and multimode fiber) Slots SFP+ Transceiver QSFP28: Multi-fiber Push On (MPO) и LC connectors (singlemode and multimode fiber) Slots QSFP28 Management OOB Ethernet: slot RJ-45, 4 pairs Cat5E UTP Console management: RJ-45-to-USB Type A or RJ-45-на USB Type C USB Type A port
Power socket	Power connectors IEC 320-C13 are on back side of power sources, please use supplied cable C13-RU SHUKO 10A 220/240 V 1.5m

Standards and RFCs

Table 7. Reference table

IEEE 802.1ag	IEEE 802.3
IEEE 802.1d	IEEE 802.3ab
IEEE 802.1p	IEEE 802.3ad
IEEE 802.1q	IEEE 802.3ae
IEEE 802.1s	IEEE 802.3af
IEEE 802.1w	IEEE 802.3ah
IEEE 802.1x	IEEE 802.3at
	IEEE 802.3ba
Y.1731	IEEE 802.3bt
	IEEE 802.3bm
	IEEE 802.3u
	IEEE 802.3x
	IEEE 802.3z

Warranty

Please review default Aquarius warranty at https://www.aq.ru/about/standard_warranty.html.

What to order

Table 8. SKU part-numbers for ordering

SKU	Description
AQ-N5000-24X2C	Aggregation switch AQ5000, configuration 24*10 Gbit/sec SFP+, 2*40/100 Gbit/sec QSFP28, two slots for modular fans, two slots for modular power supplies
AQ-N-SW-11.0-BASE-5000-24X2C	Base license AQ-N5000-24X2C
AQ-N-SW-11.0-PRO-5000-24X2C	Pro license AQ-N5000-24X2C
AQ-N-PS-5000-350-AC	Power supply, 350 W, AC 100-240 V
AQ-N-CAB-C13-ACE-1.5M	Cable C13-RU SHUKO 10 A 220/240 V 1.5 m
AQ-N-FAN-5000-PI-24	Fan module, port-side intake, red mark
AQ-N-RACK-5000-KIT-24	19" rack mounting kit
AQ-N-CONSOLE-USBA	Console cable USB Type A - RJ-45 RS-232
AQ-N-CONSOLE-USBC	Console cable USB Type C - RJ-45 RS-232

Transceivers

The AQ5000 supports a wide range of original optical and electrical transceivers. The list of available supported models is regularly updated, relevant for various variants of SFP+, QSFP+, QSFP28 can be found on the manufacturer’s website at the link http://www.aq.ru/products/switches/modules/transceivers/products_device_support_tables_list.html