HP 5830AF User Manual
HPE 5830 Switch Series
Data sheet
Key features
• Stackable, high-port density for high
scalability
• HPE IRF technology for simpler two-tier
networks
• Ultra deep (1 GB and 3 GB) packet buers
• Full L2/L3 features, IPv4 and IPv6 dual stack
• Lower OpEx and greener data centers
Product overview
HPE 5830AF Switch Series is a family
of high-density 1 GbE top-of-rack data
center and campus switches that are a
part of HPE FlexNetwork Architecture’s
HPE FlexFabric solution module. The
two models, HPE 5830AF-48G and
HPE 5830AF-96G Switches Series, are
ideally suited for deployments at the
server access layer in medium-sized and
large enterprise data centers and campus
networks. The HPE 5830AF-48G switches
deliver 481GbE ports and up to four 10GbE
ports in a space-saving 1RU package, while
the HPE 5830AF-96G switches provide an
industry-leading 961GbE ports and up to
1010GbE uplink ports in a 2RU form factor.
Features and benefits
Quality of Service (QoS)
• Traic policing
Supports Committed Access Rate (CAR) and
line rate
• Powerful QoS feature
Creates traic classes based on access control
lists (ACLs), IEEE 8021p precedence, IP,
DSCP, or Type of Service (ToS) precedence;
supports filter, redirect, mirror, or remark;
supports the following congestion actions:
strict priority (SP) queuing, weighted round
robin (WRR), weighted fair queuing (WFQ),
weighted random early discard (WRED),
SP+WRR, and SP+WFQ
Management
• sFlow (RFC 3176)
Provides scalable ASIC-based wire-speed
network monitoring and accounting with
no impact on network performance; this
allows network operators to gather a
variety of sophisticated network statistics
and information for capacity planning and
real-time network monitoring purposes
• Remote configuration and management
Enables configuration and management
through a secure Web browser or a CLI
located on a remote device
Data sheet
Page 2
• Manager and operator privilege levels
Provides read-only (operator) and read/write
(manager) access on CLI and Web browser
management interfaces
• Management VLAN
Segments traic to and from management
interfaces, including CLI/telnet, a Web
browser interface, and SNMP
• Multiple configuration files
Stores easily to the flash image
• Secure Web GUI
Provides a secure, easy-to-use graphical
interface for configuring the module via
HTTPS
• SNMPv1, v2c, and v3
Facilitates centralized discovery, monitoring,
and secure management of networking
devices
• Remote monitoring (RMON)
Uses standard SNMP to monitor essential
network functions; supports events, alarm,
history, and statistics group plus a private
alarm extension group
• Network Time Protocol (NTP)
Synchronizes timekeeping among distributed
time servers and clients; keeps timekeeping
consistent among all clock-dependent
devices within the network so that the
devices can provide diverse applications
based on the consistent time
• Out-of-band interface
Isolates management traic from user data
plane traic for complete isolation and total
reachability, no matter what happens in the
data plane
• Remote intelligent mirroring
Mirrors ingress/egress ACL-selected traic
from a switch port or VLAN to a local or
remote switch port anywhere on the network
Connectivity
• Jumbo frames
On Gigabit Ethernet and 10 Gigabit Ethernet
ports, jumbo frames allow high-performance
remote backup and disaster-recovery services
• Auto-MDIX
Adjusts automatically for straight-through or
crossover cables on all 10/100/1000 ports
• IPv6 native support
– IPv6 host
Enables switches to be managed and
deployed at the IPv6 network’s edge
– Dual stack (IPv4 & IPv6)
Transitions from IPv4 to IPv6, supporting
connectivity for both protocols
– Multicast Listener Discovery (MLD) snooping
IPv6 multicast traic to the appropriate
interface
– IPv6 ACL/QoS
Supports ACL and QoS for IPv6 network
traic, preventing traic flooding
– IPv6 routing
Supports IPv6 static routes, RIP, BGP4+v6,
IS-ISv6, and OSPF routing protocols
Performance
• Extraordinarily high port density
HPE 5830AF-96G switches are single
box-type that can provide 961GbE ports
and 1010GbE ports simultaneously with
full line-rate switching and forwarding
• Ultra deep packet buering
Provides up to a 3 GB packet buffer to
help eliminate network congestion at
the I/O associated with heavy use of
server virtualization, as well as bursty
multimedia, storage applications, and
other critical services
• Hardware-based wire-speed access control
lists (ACL s)
Helps provide high levels of security and
ease of administration without impacting
network performance with a feature-rich
TCAM-based ACL implementation
• Local Address Resolution Protocol (ARP)
ARP fast reply feature provides an
outstanding utilization of air-interface
resources by first issuing an ARP request
locally before the AP broadcasts over the
radio interface
Resiliency and high availability
• Device Link Detection Protocol (DLDP)
Monitors link connectivity and shuts down
ports at both ends if unidirectional traic
is detected, preventing loops in STP-based
networks
Data sheet
Page 3
• Virtual Router Redundancy Protocol (VRRP)
Allows groups of two routers to dynamically
back each other up to create highly available
routed environments
• Intelligent Resilient Framework (IRF)
Creates virtual resilient switching fabrics,
where two or more switches perform as a
single L2 switch and L3 router; switches do
not have to be co-located and can be part
of a disaster-recovery system; servers or
switches can be attached using standard
LACP for automatic load balancing and high
availability; can help eliminate the need for
complex protocols such as Spanning Tree
Protocol, Equal-Cost Multipath (ECMP), or
VRRP, thereby simplifying network operation
• Rapid Ring Protection Protocol (RRPP)
Connects multiple switches in a
high-performance ring using standard
Ethernet technology; traic can be
rerouted around the ring in less than
200 ms, reducing the impact on traic
and applications
• Smart link
Allows 200 ms failover between links
• Data center-optimized design
Supports front-to-back or back-to-front
airflow for hot/cold aisles, rear rackmounts,
and redundant hot-swappable AC or DC
power and fans
Manageability
• Troubleshooting
Ingress and egress port monitoring enable
network problem solving
Layer 2 switching
• Spanning Tree/MSTP and RSTP
Prevents network loops
• Internet Group Management Protocol
(IGMP) and Multicast Listener Discovery
(MLD) protocol snooping
Controls and manages the flooding of
multicast packets in a Layer 2 network
• 32K MAC addresses
Provides access to many Layer 2 devices
• IEEE 8021ad QinQ and selective QinQ
Increases the scalability of an Ethernet
network by providing a hierarchical
structure; connects multiple LANs on a
high-speed campus or metro network
• 10GbE port aggregation
Allows grouping of ports to increase overall
data throughput to a remote device
• Port isolation
Increases security by isolating ports
within a VLAN while still allowing them to
communicate with other VLANs
• Per-VLAN Spanning Tree Plus (PVST+)
Allows each VLAN to build a separate
spanning tree to improve link bandwidth
usage in network environments with
multiple VLANs
• GVRP VLAN Registration Protocol
Allows automatic learning and dynamic
assignment of VLANs
Layer 3 services
• Loopback interface address
Defines an address in Routing Information
Protocol (RIP) and Open Standard Path First
(OSPF), improving diagnostic capability
• User Datagram Protocol (UDP) helper
function
Allows UDP broadcasts to be directed
across router interfaces to specific IP unicast
or subnet broadcast addresses and prevents
server spoofing for UDP services such as
DHCP
• Route maps
Provides more control during route
redistribution; allows filtering and altering of
route metrics
• Dynamic Host Configuration Protocol (DHCP)
Simplifies the management of large IP
networks and supports client and server;
DHCP Relay enables DHCP operation
across subnets
Layer 3 routing
• IPv6 tunneling
Allows IPv6 packets to traverse IPv4-only
networks by encapsulating the IPv6 packet
into a standard IPv4 packet; supports
manually configured, 6 to 4, and Intra-Site
Automatic Tunnel Addressing Protocol
(ISATAP) tunnels; is an important element
for the transition from IPv4 to IPv6
• Bidirectional Forwarding Detection (BFD)
Enables link connectivity monitoring and
reduces network convergence time for RIP,
OSPF, BGP, IS-IS, VRRP, and IRF
Data sheet
Page 4
• Policy-based routing
Makes routing decisions based on policies
set by the network administrator
• IGMPv1, v2, and v3
Allows individual hosts to be registered on a
particular VLAN
• PIM-SSM, PIM-DM, and PIM-SM (for IPv4
and IPv6)
Supports IP Multicast address management
and inhibition of DoS attacks
• Layer 3 IPv4 routing
Provides routing of IPv4 at media speed;
supports static routes, RIP and RIPv2, OSPF,
IS-IS, and BGP
• Equal-Cost Multipath (ECMP)
Enables multiple equal-cost links in a routing
environment to increase link redundancy
and scale bandwidth
• Layer 3 IPv6 routing
Provides routing of IPv6 at media speed;
supports static routes, RIPng, OSPFv3,
IS-ISv6, and MP-BGP
Security
• Access control lists (ACLs)
Provides IP Layer 3 filtering based on
source/destination IP address/subnet, and
source/destination TCP/UDP port number
• Secure shell
Encrypts all transmitted data for secure
remote CLI access over IP networks
• Port security
Allows access only to specified MAC
addresses, which can be learned or specified
by the administrator
• Secure FTP
Allows secure file transfer to and from
the switch; protects against unwanted file
downloads or unauthorized copying of a
switch configuration file
• Secure management access
Delivers secure encryption of all access
methods (CLI, GUI, or MIB) through SSHv2,
SSL, and/or SNMPv3
• Identity-driven security and access control
– Per-user ACLs
Permits or denies user access to specific
network resources based on user identity,
location, and time of day, allowing multiple
types of users on the same network to
access specific network services without
risk to network security or unauthorized
access to sensitive data
– Automatic VLAN assignment
Assigns users automatically to the
appropriate VLAN based on their identity
and location, and the time of day
• STP BPDU port protection
Blocks Bridge Protocol Data Units (BPDUs)
on ports that do not require BPDUs,
preventing forged BPDU attacks
• DHCP protection
Blocks DHCP packets from unauthorized
DHCP servers, preventing denial-of-service
attacks
• Dynamic ARP protection
Blocks ARP broadcasts from unauthorized
hosts, preventing eavesdropping or theft of
network data
• STP root guard
Protects the root bridge from malicious
attacks or configuration mistakes
• Guest VLAN
Provides a browser-based environment
to authenticated clients that is similar to
IEEE 8021X
• MAC-based authentication
Allows or denies access to the switch based
on a client MAC address
• IP source guard
Helps prevent IP spoofing attacks
• Endpoint Admission Defense (EAD)
Provides security policies to users accessing
a network
• RADIUS/HWTACACS
Eases switch management security
administration by using a password
authentication server
Loading...