Interfaces
- 1000BASE-X/10GBASE-R/25GBASE-R (LAN/WAN) - 4
- 40GBASE-R QSFP+/100GBASE-R QSFP28 - 4
- Console RS-232 (RJ-45) - 1
-
OOB - 1
-
USB 3.0 - 1
-
microSD card slot - 1
Performance
- Firewall/routing (1518B frames) - 67.1 Gbps; 5526.7k pps
-
Firewall/routing (IMIX)1 - 30.2 Gbps; 5484k pps
-
IPsec VPN (1456B frames) - 3.6 Gbps; 305k pps
-
IPsec (IMIX) - 1.8 Gbps; 344.8k pps
-
IPsec tunnel (1456B frames) - 353.9 Mbps; 30.4k pps
-
IPsec tunnel (IMIX)2 - 187.2 Mbps; 35.1k pps
-
IPS/IDS 10k rules - 2.6 Gbps; 477.8k pps
-
MPLS L2VPN switching (IMIX) - 1.6 Gbps; 286.5k pps
-
MPLS L3VPN switching (IMIX) - 1 Gbps; 184.5k pps
Switching
- Up to 4094 VLAN (802.1Q)
-
Voice-VLAN
-
Q-in-Q (802.1ad)
-
MAC-based VLAN
-
Bridge domain
-
LAG/LACP(802.3ad)
-
Port-security, protected port
-
Jumbo frames
MPLS
- LDP
-
L2VPN VPWS
-
L2VPN VPLS Martini Mode, Kompella Mode
-
L3VPN MP-BGP (Option A, B, C)
-
L2VPN/L3VPN over GRE, DMVPN
-
Transparent transfer of service protocols
Routing
BGP:
- Address family: IPv4, IPv6, VPNv4, L2VPN, IPv4 label-unicast, Flow-spec
-
Flexible management of route information by attributes. Support for Conditional Advertisement, Route Aggregation and Local-AS mechanisms
-
Scalability and configuration flexibility: support for peergroup, dynamic neighbor, as-range, Route-reflector
-
Fall over based on BFD and Fast Error Peer Detection
-
Graceful restart
-
Authentication
-
Flexible redistribution from/to BGP process of other protocol routes
-
Ability to run up to 64 processes simultaneously
-
ECMP
-
Support for policy-based routing
OSFP(v3):
- Different types of zones: Normal, Stub, Totally stub, NSSA, Totally NSS
-
Operation in different types of networks: Broadcast, NBMA, Point-to-point, Point-to-multipoint, Point-to-multipoint non-broadcast
-
Summarization and filtering of route information
-
Authentication
-
ECMP
-
Passive interface
-
Flexible redistribution from/to OSPF process of other protocol routes
-
Ability to run up to 64 processes simultaneously
-
Support for BFD
-
Auto cost calculation mechanism
-
Support for policy-based routing
IS-IS:
- Operation in different types of networks: Broadcast, Point-to-point
-
Setting the neighbourhood of L1/L2 layers
-
Мetric style: narrow, wide, transition
-
Authentication
-
Filtering of route information
-
Flexible redistribution from/to IS-IS process of other protocol routes
-
Ability to run up to 64 processes simultaneously
-
Support for policy-based routing
RIP(ng):
- Operation modes (RIP only): Broadcast, Multicast, Unicast
-
Summarization and filtering of route information
-
Managing route metrics
-
Authentication
-
Passive interface
-
Flexible redistribution from/to RIP process of other protocol routes
-
Support for policy-based routing
Static:
- Support for BFD
-
Recursive search
-
Managing route metrics
-
Ability to select the option of notifying the sender when traffic is blocked
Quality of Service (QoS)
- Up to 8 priority or weighted queues per port
-
L2 and L3 traffic prioritization (802.1p (CoS), DSCP, IP Precedence (ToS))
-
Hierarchical QoS
-
Queue management: RED, GRED, SFQ, CBQ, WFQ, WRR
-
Session labeling
-
Bandwidth management (policing, shaping)
IPsec
- «Policy-based» and «route-based» modes
-
Incapsulation modes: tunnel and transport
-
Authentication pre-shared key, public key, xauth (ikev1 only), eap (ikev2)
-
Support for mobike (ikev2 only)
-
Support for ike ikering
Remote Access
- PPTP, L2TP over IPsec, OpenVPN, WireGuard
-
PPPoE-/PPTP-/L2TP client
-
User authentication
-
Connection encryption
Security
- Access Control Lists (ACL) based on L2-/L3-/L4 fields
-
Zone-based Firewall in two modes: stateful and stateless. Rule triggering logging, counters
-
Filtering by applications
-
Protection against DoS-/DDoS-/Spoof attacks and their logging
-
Intrusion detection and prevention systems (IPS/IDS) and their logging3
-
Signature analysis via IPS in two modes: transit and mirrored traffic analysis3
-
Interaction with Eltex Distribution Manager to obtain licensed content — rule sets provided by Kaspersky SafeStream II4
Monitoring and management
- Support for standard and extended SNMP MIB, RMONv1
-
Zabbix agent/proxy
-
Authentication methods: RADIUS, TACACS+, LDAP
-
Protection against configuration methods, automatic configuration recovery
-
CLI, Syslog
-
System resource usage monitoring
-
Ping, monitor, traceroute (IPv4/IPv6), packet information in the console output
-
Firmware upgrade, configuration upload and download via TFTP, SCP, FTP, SFTP, HTTP(S)
-
Support for NTP
-
Netflow v5/v9/v10 (exporting of URL statistics for HTTP, host for HTTPS)
-
Local control via RS-232 (RJ-45) and OOB
-
Remote control via Telnet and SSH (IPv4/IPv6)
-
LLDP, LLDP MED
-
Local/remote router configuration storage
SLA
- SLA-responder for Cisco-SLA-agent
-
Eltex SLA:
-
Delay (one-way/two-way)
-
Jitter (one-way/two-way)
-
Packet loss (one-way/backward/two-way)
-
Packet Error Rate
-
Out-of-order delivery (one-way/backward/two-way)
Redundancy and clustering
- VRRP v2, v3
-
Tracking based on VRRP or SLA test
-
Managing VRRP parameters
-
Managing PBR parameters
-
Managing the administrative status of the interface
-
Activating and deactivating a static route
-
Managing AS-PATH and preference attributes in a route-map
-
DHCP failover to reserve the IP address database issued by the DCHP server
-
Failover Firewall to reserve Firewall and NAT sessions
-
MultiWAN
-
Dual-Homing
High availability cluster:
- Easy administration and integration: syncronization of configurations, time, versions, licences; Zero Touch Provisioning (ZTP)
-
Redundancy of all connections in the cluster
-
Router redundancy (the current version supports «1+1» redundancy)
Services
- DHCP client, DHCP server
-
DHCP Relay Option 82
-
DNS resolver
-
NTP
-
TFTP server
-
E1/multilink, modems
BRAS3
- Subscriber termination
-
White/black URL lists
-
Quotas for traffic volume, session time, network applications
-
HTTP/HTTPS Proxy
-
HTTP/HTTPS Redirect
-
Session accounting via Netflow protocol
-
Interaction with AAA, PCRF servers
-
Bandwidth management by offices, SSIDs and user sessions
-
User authentication by MAC or IP address
Physical specifications and environmental parameters
- RAM - 48 GB DDR4
-
Flash memory - 8 GB eMMC
-
Maximum power consumption - 177 W
-
Power supply:
-
100–240 V AC, 50–60 Hz;
-
36–72 V DC
-
up to two hot-swappable modules
-
Operating temperature from -10 to +45 °C
-
Storage temperature from -40 to +70 °C
-
Operating humidity no more than 80 %
-
Storage humidity from 10 to 95 %
-
Dimensions (W × H × D) - 430 × 44 × 425 mm
-
Weight - 6 kg
-
Lifetime no more than 15 years
Functionality for firmware version 1.23.
1Traffic format (number per second : size of each frame) – 8:74; 5:512; 7:1518.
2Traffic format (number per second : size of each frame) – 8:74; 5:512; 7:1456.
3Available under license.
4Rule sets are available by subscription. The minimum subscription period is 1 year.