Service router

Service router router is a new generation of Russian telecommunications equipment for for corporate local area networks (LANs). Thanks to a unique algorithm for processing data traffic and a built-in switching processor, the router is capable of fully processing traffic at L3 and higher layers, as well as being built into L2 network segments. The service router software is entirely Russian design. The hardware platform, manufactured in the territory of the Russian Federation, operates under the control of the Baikal BE-T1000 processor (based on the MIPS architecture).

Key advantages

  • The traffic switching module is controlled by the Baikal BE-T1000 processor that is an advanced dual-core domestic system on a chip created by the Russian company JSC “Baikal Electronics” based on the MIPS Warrior P5600 architecture.
  • The 28 nm technological process makes it possible to achieve high performance, energy efficiency and integrate a large number of modern communication interfaces.
  • The processor's characteristics allow it to be used in a wide range of telecommunication equipment.

Usage examples

The service router is intended for organizing communication with unloaded terminal objects, communication centers of corporate networks, telecommunication operators and service providers.

ISN41508T3
ISN41508T4
ISN41508T3-М

Design features

The design of the service router body allows, depending on the version, to connect additional drives via the U.2 interface (1) or an expansion module with a PCI-E interface (2).

Despite its compact size, additionally designed brackets allow the device to be installed in a standard 19”server cabinet (3) or mounted on a wall (4).

1
2
3
4
ISN41508T3 ISN41508T4 ISN41508T3-М
Processor Baikal-T (BE-T1000) dual-core MIPS Warrior P5600 1200MHz
Random access memory RAM DDR3-1600 2GB
Switching factory Marvell Link Street 88Е6390Х
Data storage 1x SATA SSD 16GB, флэш память 128 МБ
Expansion slots 1x U.2 1x PCI-E 3.0 (x4)
Ports 8x LAN Ethernet 10/100/1000BASE-T
2x WAN Ethernet 10/100/1000BASE-T 2x WAN Ethernet 1000BASE-Х 2x WAN Ethernet 10/100/1000BASE-T
1x Console connector RJ-45, 2x USB 2.0
Interfaces Ethernet, 802.3ad (Bonding), VLAN (802.1Q), Q-in-Q (802.1ad)
Cooling Активное 1 х вентилятор
Indication Link/Act LEDs for ports LAN/WAN
System LEDs АHardware LED indication for WAN/LAN ports, power supply status, device status, external interface connection status
Power supply Maximum power consumption is 30 W, power supply for AC network 220 V is +-20% 60/50 Hz
Operating conditions The ambient temperature during operation is from +5 to +40 °С, Storage temperature is from -40 to +70 °С Permissible humidity is from 5% to 85% (temperature is +25 °C without condensation of moisture)
Physical characteristics Material is metal body, wall or table mounting, optional bracket for mounting in a 19" rack, mounting a type DeviceLock lock for protection against opening, mounting a protective grounding
Dimensions (W x H x D), 215 x 43.5 x 148 mm, weight 1.8 kg Dimensions (W x H x D), 215 x 43.5 x 218 mm, weight 2 kg
The average service life is 5 years, operating time between failures is not less than 45,000 hours
Performance Throughput in routing mode is not less than 9.38 Gb/s with a frame size of 1500 B, not less than 11.7 Mp/s with a frame size of 64 B, performance in IPsec VPN tunneling mode is not less than 559 Mb/s with a frame size of 1456 B , in GRE tunneling mode is not less than 558 Mb/s with frame size 1500 B, performance in firewall mode is not less than 336 Mb/s with frame size of 1500 B
Protocol basis IPv4 (RFC791), IPv6 (RFC2460, RFC3484, RFC3513, RFC4443, RFC6177), ICMP (RFC792), TCP (RFC793, RFC1323), UDP (RFC768), ARP (RFC826)
System characteristics Establishing competitive sessions of at least 4,000, establishing VPN tunnels of at least 10, ARP records of at least 128,000, MAC records of at least 768,000, active VLANs (802.1 Q) of at least 2,000, ACL IPv4/IPv6 firewall lists of up to 500 with up to 500 entries, ECMP traffic balancing with at least 8 possible simultaneous directions, BGP protocol with up to 50,000 routes, OSPF protocol with up to 80,000 routes, RIP protocol with up to 5,000 routes, volume of the RIB table of up to 100,000 prefixes with a download speed of at least 286 prefixes/s, volume of the FIB table of up to 16K, the number of NAT broadcasts of at least 40,000
Tunneling and VPN PPTP Client / Server, PPPoE Client, L2TP Client / Server, OpenVPN Client / Server, IPsec Client / Server, Site-to-Site VPN - IPsec with DES, 3DES, AES, Blowfish, Camelia encryption algorithm and IKE MD5 authentication , SHA-1, SHA-2, IPoGRE tunneling, IPIP, L2TPv3
L2 functions Packet switching (bridging), aggregation of LAG/LACP interfaces (802.3 ad) on WAN ports, VLAN (802.1 Q) with the number of values 4096, QinQ on WAN ports, logical interfaces (sub interface) on WAN ports, LLDP protocol, Spanning Tree STP, RSTP, MST protocols
L3 functions Static routing, option to add description to static routes, add Loopback interfaces, change administrative distance to static routes, static routes as next-hop - physical port, Loopback, LAG, Tunnel, static routes as next-hop for more than 2 pcs., dynamic routing protocols - RIPv2, RIPng, OSPFv2, OSPFv3, BGPv4, ISIS, route filtering based on source IP address, destination IP address, source port number (TCP / UDP), destination port number (TCP / UDP), value of the "ToS" field of the IP header, BFD for dynamic and static routing protocols on WAN ports, VRF Lite, PBR based on - source IP address, destination IP address, source port number (TCP / UDP), destination port number (TCP / UDP), multicast dynamic routing protocols - IGMP, PIM, address translation (NAT) on WAN ports - static, dynamic, masquerading (NAPT, NAT Overload, PAT), demilitarized zone (DMZ) configuration in combination with routing and address translation (NAT) or port translation ( PAT) on WAN ports, load balancing when there are multiple routes with the same metric
Network security functions Firewall filtering based on source port number (TCP / UDP), port destination number (TCP / UDP) , source IP address, destination IP address, sender MAC address, TCP segment header flags, value of the "Protocol" field of the IP header, value of the "ToS" field (TOS/DSCP) of the IP header, the value of the TTL field, support for access control lists based on - source port number (TCP/UDP), destination port number (TCP/UDP), source IP address, destination IP address, DoS/DDoS protection, event logging, trigger events rules for network protection functions
Quality of service Support for up to 8 priority queues per port, traffic prioritization with support - 801.2p, DSCP, IP Precedence, queue congestion avoidance - RED, GRED, work with QoS policies methods - SFQ, WFQ, WRR, HTB, prioritization by ports, by VLAN on WAN ports, priority re-labeling, policy application (policy-map), bandwidth management (shaping), order of processing HQoS traffic
IP addressing management Assignment of static IP addresses to physical interfaces, to logical interfaces, DHCP client support, DHCP Relay Option 82, built-in DHCP v4 / v6 server
Network reliability tools Fault tolerance protocols on WAN ports - VRRP v2, v3, CARP, route management based on the state of VRRP (tracking) on WAN ports
MPLS functions Label distribution protocol - LDP, RSVP-TE, the ability to create virtual private networks of the third layer (MPLS L3VPN), option to create virtual private networks of the second layer (MPLS L2VPN) using VPLS, VPWS technologies, processing MPLS traffic with support for a stack of labels not less than 2, processing MPLS traffic with support for the following operations with tags - add (push), remove (pop), replace (swap), process MPLS traffic with encapsulation support - Ethernet frames, tagged Ethernet frames (VLAN traffic ), IPv4 packets, MPLS traffic processing with support for static label switching (static LSPs)
Monitoring and management SNMP v2 / v3 protocol with authorization, standard SNMP OIDs, built-in Zabbix agent, support for authentication by local user base, by RADIUS, by TACACS +, support for CLI management interface with protection against configuration errors, Syslog, system resource usage monitor, built-in testing utilities - ping (IPv4 / IPv6), traceroute (IPv4 / IPv6), tcpdump, local / USB / FTP software update, NTP protocol, RS-232 (RJ-45) console port, protocol management - Telnet, SSH (IPv4 / IPv6), output information on services / processes, local / remote saving of configurations - local / USB, FTP, TFTP

Functionality features

  • The service router supports a wide range of Layer 2 / Layer 3 multicast protocols such as PIM SM, PIM DM, PIM SSM, MLD, and IGMP snooping. This option is ideal for HD video surveillance and video conferencing access.
  • The service router provides several Layer 3 functions, including OSPF, BGP, and VRRP, satisfying the demand of enterprises for access and aggregation services and allowing to use various applications for voice, video and data transmission.
  • The service router supports MAC address authentication, 802.1X authentication, and portal authentication, and implements dynamic delivery of policies (VLAN, QoS, and ACL) to users.
  • The service router provides a number of mechanisms to protect against DoS attacks and attacks aimed at the user, while at the same time, due to the optimized traffic processing algorithm, it allows to reduce the load on the processor.
Ordering Information
Item Description
ISN41508T3Baikal BE-Т1000, 8x10/100/1000 MB RJ-45, 2x1GE RJ-45
ISN41508T4Baikal BE-Т1000, 8x10/100/1000 MB RJ-45, 2x1GE SFP
ISN41508T3-МBaikal BE-Т1000, 8x10/100/1000 MB RJ-45, 2x1GE RJ-45, place for the module
The warranty includes:
  • Warranty period is 1 year
  • Downloading software updates and documentation from the manufacturer's website
  • Hotline 5x8
  • Permanent replacement equipment fund