Hardware

EX4400-24MP and EX4400-48MP Features

We’ve added the following features to the EX4400-24MP and EX4400-48MP switches in Junos OS Release 21.2R1.

• Table 1: Features Supported by the EX4400-24MP and EX4400-48MP Switches

  Feature	Description
  Hardware	New EX4400 switch models—In Junos OS Release 21.2R1, we introduce the following new models of the EX4400 switch: EX4400-24MP and EX4400-48MP. The EX4400-24MP model has 24 100-Mbps, 1-Gbps, 2.5-Gbps, 5-Gbps, or 10-Gbps RJ-45 ports on the front panel. The EX4400-48MP model has 36 100-Mbps, 1-Gbps, or 2.5-Gbps RJ-45 ports and 12 100-Mbps, 1-Gbps, 2.5-Gbps, 5-Gbps, or 10-Gbps RJ-45 ports on the front panel. These ports support IEEE 802.3bt Power over Ethernet (PoE-bt). The EX4400 switches provide connectivity for high-density environments and scalability for growing networks. Typically, EX4400 switches are used in large branch offices, campus wiring closets, and data centers. In data centers, you can position EX4400 switches as top-of-rack switches to provide connectivity for all devices in the rack. EX4400 switches are our first cloud-ready switches. You can deploy EX4400 switches in cloud networks and manage them by using Juniper Mist Wired Assurance. EX4400-24MP switches support 1050-W AC power supplies. EX4400-48MP switches support 1600-W AC power supplies. EX4400 switches support front-to-back or back-to-front airflow directions. EX4400 switches support channelization. [See Port Settings.] To install the EX4400 switch hardware and perform initial software configuration, routine maintenance, and troubleshooting, see EX4400 Switch Hardware Guide. See Feature Explorer for the complete list of features for any platform.
  Authentication and access control	802.1X authentication. [See 802.1X Authentication.] Captive portal. [See Captive Portal Authentication.]
  Chassis	PSU, fan, and temperature sensors are monitored as part of chassis FRU management and environment support for multi-rate switch. PSU management includes redundancy support and power budgeting. Fan management includes speed change based on ambient temperature. Temperature sensor monitoring provides periodic temperature sensor data for the smooth functioning of switch. When the temperature reported by various sensors crosses the specified threshold, then the fan speed increases or decreases. If the shutdown threshold is breached, then system shutdown is initiated. [See EX4400 Switch Hardware Guide.]
  Class of service	Support for Class of Service (CoS) configuration [See Class of Service User Guide (EX Series Switches Except EX4600 and EX9200 Switches).]
  EVPN	Layer 3 VXLAN gateway in EVPN-VXLAN centrally routed bridging overlay or edge-routed bridging overlay networks is supported on standalone switches or a Virtual Chassis, and includes the following features: Default gateway using IRB interfaces to route traffic between VLANs. [See Using a Default Layer 3 Gateway to Route Traffic in an EVPN-VXLAN Overlay Network.] IPv6 data traffic routed through an EVPN-VXLAN overlay network with an IPv4 underlay. [See Routing IPv6 Data Traffic through an EVPN-VXLAN Network with an IPv4 Underlay.] EVPN pure Type 5 routes. [See Understanding EVPN Pure Type-5 Route.] The Virtual Chassis doesn’t support EVPN-VXLAN multihoming, but you can use the standalone switch as an EVPN-VXLAN provider edge device in multihoming use cases. Enhancement in the number of supported VLANs and ports—We have increased the combined total number of VLANs and ports that can be supported on the EX4400 switches. The number of supported VLANs remains at 4093, but Junos OS no longer limits the total number of ports and VLANS that can be configured on EVPN-VXLAN. This enhancement applies only when you use the enterprise style of configuration while configuring the interfaces. [See Understanding EVPN with VXLAN Data Plane Encapsulation.] Support for the following Layer 2 VXLAN gateway features in an EVPN-VXLAN network: Active/active multihoming Proxy ARP use and ARP suppression, and Neighbor Discovery Protocol (NDP) use and NDP suppression on non-IRB interfaces Ingress node replication for broadcast, unknown unicast, and multicast (BUM) traffic forwarding [See EVPN Feature Guide.] Support for Layer 2 VXLAN gateway services in an EVPN-VXLAN network: 802.1X authentication, accounting, CWA authentication, and captive portal CoS DHCPv4 and DHCPv6 snooping, dynamc ARP inspection (DAI), neighbor discovery inspection, IP source guard and IPv6 source guard, and router advertisement (RA) guard (no multihoming) Firewall filters and policing Storm control, port mirroring, and MAC filtering [See EVPN Feature Guide.]
  High Availability	High availability includes NSSU, GRES, NSB, and NSR. [See High Availability User Guide.]
  Interfaces	Support for multi-rate ports on EX4400-24MP and EX4400-48MP switches that support higher scale and bandwidth. The EX4400-48MP switch contains a total of 48 ports, of which: 36 ports (0-35) operate at 2.5-Gbps, 1-Gbps, and 100-Mbps speed. 12 ports (36-47) operate at 10-Gbps, 5-Gbps, 2.5-Gbps, 1-Gbps, and 100-Mbps speed. The EX4400-24MP switch contains 24 ports that operate at 10-Gbps, 5-Gbps, 2.5-Gbps, 1-Gbps, and 100-Mbps speed. Both the switches support the following four-port extension modules. However, you can install only one module at a time in the chassis: The native extension module EX4400-EM-4Y supports 25-Gbps speed. The other extension module EX4400-EM-4S supports 10-Gbps speed. [See Channelizing Interfaces on EX4400 Switches.] Support for optics Forward Error Correction (FEC)sensor diagnostics, interfaces node level failure and restoration, and logging of operational, administrative events, and errors. Support for laser output and laser receiver power management. [See Troubleshoot the EX4400 Components.] Support for the IEEE 802.3bt standard for Power over Ethernet (PoE) and fast PoE—With fast PoE enabled, the switch saves PoE power settings across a reboot, and powers on the powered device (PD) at the initial stage of the boot (within a few seconds of switching on power) before the complete switch is booted. To configure fast PoE, use the command set poe fast-poe. [See Understanding PoE on EX Series Switches.]
  Junos Telemetry Interface	JTI Packet Forwarding Engine and Routing Engine sensor support—Use the Junos telemetry interface (JTI) and remote procedure calls (gRPC) to stream statistics from the switches to an outside collector. The following Routing Engine statistics are supported: LACP state export Chassis environmentals export Network discovery chassis and components LLDP export and LLDP model BGP peer information (RPD) RPD task memory utilization export Network discovery ARP table state Network discovery NDP table state The following Packet Forwarding Engine statistics are supported: Congestion and latency monitoring Logical interface Filter Physical interface NPU/LC memory Network discovery NDP table state To provision a sensor to export data through gRPC, use the telemetry Subscribe RPC to specify telemetry parameters. [See Configuring a Junos Telemetry Interface Sensor (CLI Procedure), Configure a NETCONF Proxy Telemetry Sensor in Junos, and Guidelines for gRPC and gNMI Sensors (Junos Telemetry Interface).] Secure packet capture to cloud—We support secure packet capture using Junos telemetry interface (JTI). You can use this feature to capture packets from a device and send them over a secure channel to an external collector (in the cloud) for monitoring and analysis. The maximum size of the packet you can capture is 128 bytes, including the packet header and the data within. Network professionals use real-time packet capture data to troubleshoot complex issues such as network and performance degradation and poor end-user experience. To use secure packet capture, include the /junos/system/linecard/packet-capture resource path using a Junos RPC call. For ingress packet capture, include the packet-capture option in the existing firewall filter configuration at the [edit firewall family family-name filter filter-name term match-term then packet-capture] hierarchy level. Do this before you send packet capture sensor data to the collector and remove the packet-capture configuration after data is sent to the collector. After the capture is done, ingress packets with the filter match conditions are trapped to the CPU. The trapped packets then go to the collector over a secure channel in JTI-specified format in key-value pairs by means of Remote Procedure Call (gRPC) transport. For egress packet capture on physical interfaces (ge-*, xe-*, mge-*, and et-*), include "packet-capture-telemetry," "egress," and "interface <interface-name>" at the [edit forwarding-options] hierarchy level. For example: set forwarding-options packet-capture-telemetry egress interface ge-0/0/0 set forwarding-options packet-capture-telemetry egress interface mge-0/0/10 You can add multiple interfaces on the device for egress packet capture. When configured, host-bound egress packets are captured from the interface and sent to the collector. As with the ingress configuration, remove the configuration when packet capture is not required.
  Layer 2 Features	The following Layer 2 unicast features are supported on EX4400-24MP and EX4400-48MP switches: 802.1D 802.1w (RSTP) 802.1s (MST) BPDU protect Loop protect Root protect VSTP 802.1Q VLAN trunking 802.1p PVLAN Routed VLAN Interface (RVI) Layer 3 VLAN-tagged subinterfaces 4096 VLAN support Multiple VLAN Registration Protocol (802.1ak) MAC address filtering MAC address aging configuration Static MAC address assignment for interface Per VLAN MAC learning (limit) MAC learning disable Persistent MAC (sticky MAC) Link aggregation static and dynamic with LACP (fast and slow LACP) LLDP Uplink failure detection (UFD) VXLAN Layer 2 gateway (EVPN) Ethernet ring protection switching (ERPS) version 1 comprises the following Layer 2 features: Revertive mode of operation of the Ethernet ring Multiple ring instances on the same interfaces Multiple ring instances on different interfaces Interworking with Spanning Tree Protocol, Multiple Spanning Tree Protocol, and redundant trunk groups [See Ethernet Ring Protection Switching Overview.]
  Layer 3 Features	The following Layer 3 unicast features are supported on EX4400-24MP and EX4400-48MP switches: BFD for RIP, OSPF, ISIS, BGP, PIM BGP 4-byte ASN support BGP Add Path (BGP-AP) Filter-based forwarding (FBF) IP-directed broadcast traffic forwarding IS-IS IPv4 BGP IPv4 MBGP IPv4 over GRE IPv6 BGP IPv6 CoS (BA, classification and rewrite, scheduling based on TC) IPv6 IS-IS IPv6 OSPFv3 IPv6 ping IPv6 stateless auto-configuration IPv6 static routing IPv6 traceroute OSPFv2 Path MTU discovery RIPv2 Static routing Unicast reverse path forwarding (unicast RPF) Virtual router for ISIS, RIP, OSPF, and BGP Virtual Router Redundancy Protocol (VRRP) VRRPv3 32-way equal-cost multipath (ECMP) [See BGP User Guide, Routing Policies, Firewall Filters, and Traffic Policers User Guide, IS-IS User Guide, Security Services Administration Guide, and OSPF User Guide.]
  Multicast	IGMP snooping IGMP: version 1, version 2, version 3 Multicast Listener Discovery (MLD) snooping PIM-SM, PIM-SSM, PIM-DM [See Multicast Protocols User Guide.]
  Network management and monitoring	Local and remote port mirroring, and remote port mirroring to an IP address (GRE encapsulation). [See Port Mirroring and Analyzers.] sFlow network monitoring technology. [See sFlow Monitoring Technology.]
  Routing policy and firewall filters	Firewall filters and policers. [See Firewall Filters Overview.]
  Security	Support for Media Access Control Security (MACsec) with 256-bit cipher suite. [See Understanding Media Access Control Security (MACsec).] Support for the following port security features: DHCP snooping (IPv4 and IPv6) Dynamic ARP inspection (DAI) IPv6 neighbor discovery inspection [See Security Services Administration Guide.]
  Software Installation and Upgrade	Support for the phone-home client—The phone-home client (PHC) can securely provision an EX4400 Virtual Chassis without requiring user interaction. You only need to: Ensure that the Virtual Chassis members have the factory-default configuration. Interconnect the member switches using dedicated or default-configured Virtual Chassis ports. Connect the Virtual Chassis management port or any network port to the network. Power on the Virtual Chassis members. The PHC automatically starts up on the Virtual Chassis and connects to the phone-home server (PHS). The PHS responds with bootstrapping information, including the Virtual Chassis topology, software image, and configuration. The PHC upgrades each Virtual Chassis member with the new image and applies the configuration, and the Virtual Chassis is ready to go. [See Provision a Virtual Chassis Using the Phone-Home Client.] ZTP with IPv6 support—You can use a DHCPv6 client and zero-touch provisioning (ZTP) to provision a device. During the bootstrap process, the device first uses the DHCPv4 client to request for information regarding the image and configuration file from the DHCP server. The device checks the DHCPv4 bindings sequentially. If one of the DHCPv4 bindings fails, the device continues to check for bindings until provisioning is successful. However, if there are no DHCPv4 bindings, the device checks for DHCPv6 bindings and follows the same process as for DHCPv4 until the device is provisioned successfully. Both DHCPv4 and DHCPv6 clients are included as part of the default configuration on the device. The DHCP server uses DHCPv6 options 59 and 17 and applicable suboptions to exchange ZTP-related information between itself and the DHCP client. [See Zero Touch Provisioning.] Support for DHCP option 43 suboption 8 to provide proxy server information in PHC—During the bootstrapping process, the phone-home client (PHC) can access the redirect server or the phone-home server through a proxy server. The DHCP server uses DHCP option 43 suboption 8 or DHCP option 17 suboption 8 to deliver the details of both IPv4 and IPv6 proxy servers to the PHC. The DHCP daemon running on the target switch learns about the proxy servers in the initial DHCP cycle. The daemon then populates either the phc_vendor_specific_info.xml files or the phc_v6_vendor-specific_info.xml files located at /var/etc/ with vendor-specific information. [See Obtaining Configurations and Software Image Without User Intervention Using Phone-Home Client.]
  Virtual Chassis	Virtual Chassis support for all EX4400 switch models. You can connect up to 10 EX4400 switches in a Virtual Chassis, and manage them as a single device. [See EX4400 Switches in a Virtual Chassis.]