The H3C S10500X-G series switches are products specifically designed and developed by H3C Technologies Co., Ltd. (hereinafter referred to as H3C) for the core of cloud computing data centers and the core of next-generation smart parks. Based on H3C's proprietary Comware V7 operating system, the S10500X-G provides customers with a reliable and secure platform. Redundant design of key components such as the main controller, network boards, fans, and power supplies provides carrier-grade high reliability. It supports high-density GE/10GE/25GE/40GE/100GE Ethernet ports, mainstream technologies such as VXLAN, MDC, M-LAG, and IRF2, and integrates various network services such as MPLS VPN, IPv6, wireless, and traffic analysis. Furthermore, the H3C S10500X-G adopts green and energy-saving environmentally friendly design processes and complies with the "Restriction of Hazardous Substances in Electronic Equipment Standard (RoHS)".

Features

1. Advanced hardware design

It adopts the CLOS no-middleboard switching architecture, with complete separation of the forwarding plane and control plane. Currently, a single slot supports bidirectional 4.8T, providing continuous bandwidth upgrade capability.

With a hardware orthogonal design, the S10500X-G line card and the switching network board are completely orthogonal (90 degrees). Cross-line card service traffic is directly connected to the switching network board through the orthogonal connector, supporting cell switching. Backplane cabling is reduced to zero, greatly avoiding signal attenuation.

It supports 40GE and 100GE Ethernet standards, fully meeting the application and future development needs of non-blocking campus networks;

Supports high-density GE/10GE/25GE/40GE/100GE Ethernet ports to fully meet the needs of future application development;

Supports 400G high-speed Ethernet ports to meet the interconnection needs across campuses and data centers;

The chassis size has been redesigned, allowing for high-performance forwarding in a smaller size, thus maximizing the utilization of rack space.

It supports multi-fan frame design and can automatically allocate airflow when one of the fans fails.

Redundant design of key components such as main control slots, network board slots, fan frames, power supply frames, and main power switch can cope with emergencies and greatly improve the overall reliability of the equipment. The service board is connected to the main control board and the switching network board. When one of the switching network boards fails, the system automatically distributes traffic to other switching network boards.

2. Distributed multi-engine design

The S10500X-G adopts an innovative hardware design, providing the system with powerful control capabilities and millisecond-level high reliability through a fully distributed independent control engine, detection engine, and maintenance engine.

The distributed control engine provides a powerful control processing system for all business boards, easily handling various protocol messages and control messages, and supporting fine-grained control of protocol messages, providing the system with comprehensive resistance to protocol message attacks.

The distributed detection engine enables all service boards to perform rapid fault detection such as BFD and OAM in a distributed manner, and it works in conjunction with the control plane protocol to support rapid protection switching and rapid convergence. It can achieve millisecond-level fault detection to ensure uninterrupted service.

The distributed maintenance engine and intelligent CPU system support intelligent power management, enabling online device status checks and sequential power-on/off of individual boards (reducing power surges caused by simultaneous power-on of individual boards, improving device lifespan, and reducing electromagnetic radiation and system power consumption).

3. Network virtualization technology

It supports M-LAG (Multichassis Link Aggregation Group) cross-device link aggregation technology (formerly DRNI technology), which realizes cross-device link aggregation by virtualizing two physical devices into one device at the forwarding layer, keeping the control layer independent and the management interface integrated and unified, thereby improving the reliability of the single board level to the reliability of the device level.

Supports MDC (Multitenant Devices Context), which allows a single switch to be divided into multiple independent virtual switches. Each virtual switch created by MDC is isolated from each other and cannot communicate directly, providing high security. Virtual switches have independent hardware resources and management privileges, meeting the needs of multiple services/customers sharing a core switch and saving the cost of purchasing new network equipment and upgrading existing network equipment.

4. Comprehensive IPv6 solution

The S10500X-G series switches fully support the IPv6 protocol family, including IPv6 static routing, RIPng, OSPFv3, IS-ISv6, BGP4+, and other IPv6 routing protocols. They also support a wide range of IPv4 to IPv6 transition technologies, such as IPv6 manual tunneling, 6to4 tunneling, ISATAP tunneling, and GRE tunneling, ensuring a smooth transition from IPv4 to IPv6.

5. Excellent security mechanism

The H3C S10500X-G provides a comprehensive security protection mechanism, ensuring network security across three planes: control, management, and forwarding.

In the control plane, a built-in protocol packet attack identification module is used to prevent attacks by protocol packets such as TCN and ARP. OSPF/BGP/IS-IS routing protocols use MD5 verification to prevent network paralysis caused by illegal route update packets. Trusted computing is supported, which can perform trusted authentication and trusted measurement on startup software.

On the management plane, SNMPv3 network management protocol, SSH V2, 802.1x and AAA/Radius-based user authentication, and hierarchical user permission management ensure the security of device management; it supports security card expansion such as firewall, intrusion prevention, SSLVPN, and Internet behavior management to meet the needs of integrated network security deployment.

In the forwarding plane, it supports fine-grained binding of various combinations of IP, VLAN, MAC, and port; it supports uRPF unicast reverse path forwarding to prevent unauthorized traffic from accessing the network; and it employs the longest match per packet forwarding mechanism to effectively resist virus attacks. The newly upgraded version supports full-port hardware-level encryption technology MACsec (802.1ae), with key lengths up to 256 bits, protecting Layer 2 protocols from attacks at the source. It also supports Cloudsec encryption technology to ensure the security of VXLAN-based service traffic.

6. Green and energy-saving design

From chassis hardware to chassis exterior design, a comprehensive green and energy-saving transformation has been implemented to respond to the strategic call for "carbon peaking and carbon neutrality":

The S10500X-G series switch chassis is designed with water-based paint and electroplating-free process, which greatly reduces carbon emissions;

Adopting a strict front-to-back and rear-to-front straight ventilation channel design, the chassis has low air resistance and higher fan cooling efficiency, meeting the needs of side-by-side rack deployment;

The fan features zoned cooling and precise intelligent speed control with a response time down to the second level, achieving overall power saving through intelligent cooling.

Networking applications

Network Application 1:IDC Solutions

The construction of IDC (Internet Data Center) mainly faces two types of threats: one is that when the business systems deployed in the IDC suddenly experience a large volume of traffic, the server overload will cause it to crash; the other is that there are security threats on the network (illegal access, DDoS attacks, and Layer 7 attacks against servers, etc.).

The H3C S10500X-G series core switches support high-density 10 Gigabit Layer 3 line-speed interface cards, meeting the performance requirements of IDC for core equipment; through virtualization technologies such as IRF and MDC, large-scale network deployment can be achieved.

Network Application 2: Multi-service Campus Network

The H3C S10500X-G, based on a unified hardware and software platform, provides an integrated wired and wireless solution, resolving the challenges of separating wired and wireless devices, network management, and user management. Through the S10500X-G wireless controller + FIT AP control architecture, it achieves centralized management and configuration of APs, centralized user access control, and automatic AP configuration file downloads and software version updates. It supports IPv6, wireless security, RF management, and cross-layer 3 roaming, meeting the needs of value-added services such as voice and video.

Product Specifications