Datasheet
7
Supported RFCs (continued)
• RFC 2267 Network Ingress Filtering
• RFC 2030 SNTP, Simple Network Time Protocol
• RFC 854 Telnet client and server
• RFC 951, 1542 BootP
• RFC 2131 BOOTP/DHCP relay agent and DHCP server
• RFC 1591 DNS
• RFC 2338 VRRP
• RFC 2328 OSPF v2 (Edge-mode)
• RFC 1587 OSPF NSSA Option
• RFC 2154 OSPF w/Digital Signatures (Password, MD-5)
• RFC 2370 OSPF Opaque LSA Option
• RFC 3623 OSPF Graceful Restart
• RFC 2362 PIM-SM (Edge-mode)
• RFC 3569 draft-ietf-ssm-arch-06.txt PIM-SSM PIM Source
Specific Multicast
• RFC 1771 Border Gateway Protocol 4
• RFC 1965 Autonomous System Confederations for BGP
• RFC 2796 BGP Route Reflection (supersedes RFC 1966)
• RFC 1997 BGP Communities Attribute
• RFC 1745 BGP4/IDRP for IP-OSPF Interaction
• RFC 2385 TCP MD5 Authentication for BGPv4
• RFC 2439 BGP Route Flap Damping
• RFC 2918 Route Refresh Capability for BGP-4
• RFC 3392 Capabilities Advertisement with BGP-4
• RFC 2796 Route Reflection
• RFC 4360 BGP Extended Communities Attribute
• RFC 4486 Subcodes for BGP Cease Notification message
• RFC 1195 Use of OSI IS-IS for Routing in TCP/IP and Dual
Environments (TCP/IP transport only)
• RFC 2474 DiffServ Precedence, including 8 queues/port
• RFC 2598 DiffServ Expedited Forwarding (EF)
• RFC 2597 DiffServ Assured Forwarding (AF)
• RFC 2475 DiffServ Core and Edge Router Functions
• LLDP Media Endpoint Discovery (LLDP-MED), ANSI/TIA-1057,
draft 08
• Draft-ietf-idr-restart-10.txt Graceful Restart Mechanism for BGP
• Draft-ietf-isis-restart-02 Restart Signaling for IS-IS
• PIM-DM Draft IETF PIM Dense Mode draft-ietf-idmr-pim-
dm-05.txt, draft-ietf-pim-dm-new-v2-04.txt
• Draft-ietf-isis-wg-multi-topology-11 Multi Topology (MT)
Routing in IS-IS
• Draft-ietf-bfd-base-05.txt Bidirectional Forwarding Detection
Security
• MAC limiting
• Allowed MAC addresses – configurable per port
• Dynamic ARP inspection (DAI)
• Local proxy ARP
• Static ARP support
• DHCP snooping
Access Control Lists (ACLs) (Junos OS firewall filters)
• Port-based ACL (PACL) – Ingress
• VLAN-based ACL (VACL) – Ingress and Egress
• Router-based ACL (RACL) – Ingress and Egress
• ACL entries (ACE) in hardware per system: 7,000
• ACL counter for denied packets
• ACL counter for permitted packets
• Ability to add/remove/change ACL entries in middle of list
• (ACL editing)
• Layer 2 – L4 ACL
• 802.1X port-based
• 802.1X multiple supplicants
• 802.1X with VLAN assignment
• 802.1X with authentication bypass access (based on host MAC
address)
• 802.1X with VoIP VLAN support
• 802.1X dynamic ACL based on RADIUS attributes
• 802.1X Supported EAP types: MD5, TLS, TTLS, PEAP
• TNC certified
• MAC Authentication (local)
• Control Plane DoS protection
High Availability
• Field-replaceable power supply
• External redundant power supply (RPS) option*
• Field-replaceable fan
• Graceful protocol restart—OSPF, BGP
• Online insertion and removal (OIR) uplink module
EX3200 Specifications (continued)