Mylinking™ Network Packet Broker(NPB) ML-NPB-4810L

48*10GE SFP+, Max 480Gbps

Short Description:

Mylinking™ Network Packet Broker (NPB) of ML-NPB-4810L, with 48*1G/10G SFP+ compatible interface, SFP+ interface;

● Support L2-L7 Protocol Filtering function

● Supports flexible Packet Encapsulation

● Supports Tunnel Termination, Packet Identification

● Supports for adding Timestamps to packets

● Supports MTU 18~16127 range customization

● Supports service ports Packets Capturing according to filtering rules

● supports WEB Graphical Interface Configuration

● Supports 480Gbps Traffic Processing Capability

● Supports matching function of inner/outer tunnel, Inner layer tunnel Hash Load Balancing

● Supports Packet Slicing according to tuple, and the length of slicing reservation is 64-1518 bytes optional;

The above characteristics guarantee the Linear Speed Processing Performance.

Send email to us

Product Detail

Product Tags

Mylingking™ ML-NPB-4810L Network Packet Broker (NPB) is based on domestic chip, the whole process of Data Capturing Visibility, Data Unified Scheduling Management, Preprocessing and Redistribution of comprehensive products. It can realize the centralized collection and reception of link data of different network element locations and different exchange routing nodes. Through the built-in high-performance data analysis and processing engine of the device, the captured original data is accurately identified, analyzed, statistically summarized and labeled, and the original data is distributed and output. Further meet all kinds of analysis and monitoring equipment for Data Mining, Protocol Analysis, Signaling Analysis, Security Analysis, Risk Control and other required traffic.

1-Overviews

● A full Data Capturing Visibility device(48*1/10GE SFP+ Slots)

● A full Data Scheduling Management device(48*1GE/10GE duplex Rx/Tx processing)

● A full pre-processing and re-distribution device(bidirectional bandwidth 480Gbps)

● Supported collection & reception of link data from different network element locations

● Supported collection & reception of link data from different switch routing nodes

● Supported raw packet collected, identified, analyzed, statistically summarized and marked

● Supported to realize irrelevant upper packaging of Ethernet traffic forwarding, supported all kinds of Ethernet packaging protocols, and aslo 802.1q/q-in-q, IPX/SPX, MPLS, PPPO, ISL, GRE, PPTP etc. protocol packaging

● Supported raw packet output for monitoring equipment of BigData Analysis, Protocol Analysis, Signaling Analysis, Security Analysis, Risk Management and other required traffic.

● Supported real-time packet capture analysis, data source identification

2-Intelligent Traffic Processing Abilities

Pure Chinese Chip Plus Multicore CPU
480Gbps intelligent traffic processing capabilities

1GE/10GE Data Capturing
48*1GE/10GE SFP+ ports Rx/Tx duplex processing, up to 480Gbps Traffic Data Transceiver at same time, for network Data Capturing, simple Pre-processing

Data Replication
Packet replicated from 1 port to multiple N ports, or multiple N ports aggregated, then replicated to multiple M ports

Data Aggregation
Packet replicated from 1 port to multiple N ports, or multiple N ports aggregated, then replicated to multiple M ports

Data Distribution
Classified the incoming metdata accurately and discarded or forwarded different data services to multiple interface outputs according to white list, blacklist or user’s predefined rules.

Data Filtering
The incoming data stream can be dropped or forwarded by implementing whitelist or blacklist rules according to the packet characteristics. Support is based on input port, source/destination MAC address, VLAN ID, Ethernet type field, packet length or length range, layer 3 protocol type, source/destination IP address or address segment (outer layer) source, destination IP address or address segment (inner layer of tunnel such as GRE/VxLAN), TCP/UDP Source/destination port or port range, IP fragment label, IPv6 flow label, custom signature code (UDB) and other fields are considered to further meet the deployment requirements of various network security monitoring, security analysis, business analysis, operation and maintenance analysis and other traffic monitoring scenarios.

Load Balance
According to the MAC information, IP information, port number, protocol and other L2-L7 layer characteristics of the frame, the Hash algorithm and the weight division algorithm based on the session were used to ensure the session integrity of the data stream received by the bypass listening device, and the offload port group members could flexibily exit (link DOWN) or join (link UP) when the link state changed. The diversion group automatically redistributes the traffic to ensure the dynamic load balance of the port output traffic.
● Supports Hash-based homomorphic load balancing output: SIP, DIP, SIP + SP, DIP + DP, SIP + DIP, SIP + SP + DIP + DP+ protocols
● Supports global HASH factor
● Supports independent stream HASH factors
● Supports Round-Robin round-robin scheduling load balancing
● Supports symmetric HASH load balancing shunt output
● Supports sending the same source input traffic to multiple output port groups simultaneously (up to 32 groups supported)
● Supports multi-port input traffic to be aggregated and sent to multiple output port groups at the same time (up to 32 groups supported)

VLAN Tagged

VLAN Untagged

VLAN Replaced

Supported VLAN label stripping, VLAN replacement and VLAN label adding for one layer or two layers of original data packet, and it can implement traffic output policy according to user configuration.

Data Slicing
Supported tuple matching conditions policy-based slicing (64-1518 bytes optional) of the raw data, and the traffic output policy can be implemented based on user configuration

Packet Protocol Identify
Supported automatically identify various kinds of tunnel protocol VxLAN/NVGRE/IPoverIP/MPLS/GRE, etc., It can be determined according to the user profile according to the tunnel flow output of inner or outer characteristics.
● It can recognize VLAN, QinQ, and MPLS label packets
● Can identify the inner and outer VLAN
● IPv4/IPv6 packets can be identified
● Can identify VxLAN, NVGRE, GRE, IPoverIP, GENEVE, MPLS tunnel packets
● IP fragmented packets can be identified

Tunnel Termination Output
Supported encapsulating any collected traffic with tunnels of types ERSPAN, NVGRE, VXLAN, and MPLS before outputting it, meeting the application requirements for transmitting collected traffic to remote analysis systems.

Tunnel Packet Termination
Supported tunnel packet termination function, which can configure ip address/mask on the traffic input port, and directly send the traffic that needs to be collected in the user's network to the device acquisition port through tunnel encapsulation methods such as GRE.

Time Stamping
Supported to synchronize the NTP server to correct the time and write the message into the packet in the form of a relative time tag with a timestamp mark at the end of the frame, with the accuracy of nanoseconds

Packet Capturing
Supported packet capture function, which can support business ports to capture packets according to filtering rules, and the captured data is in PCAP format. The captured data can be downloaded for analysis by third-party analysis tools.

Traffic Visibility
Supported the whole process of link data flow visibility from receiving and capturting, identification and processing, scheduling and management, output distribution can be realized. Through a friendly interactive interface, the invisible data signal is transformed into a visible, manageable and controllable entity by multi-vision and multi-latitude presentation of traffic composition structure, network traffic distribution, packet identification processing state, various traffic trends, and the relationship between traffic and time or business.

Single Fiber Input and Output
Supported 48 independent 10G Ethernet interfaces, and the TX/RX of each interface can perform single-fiber input/output multiplexing configuration. When the RX direction of a port is used as the optical splitting input, the TX of the same port can be used as the output after the traffic replication/aggregation/split strategy. It can improve the port utilization of equipment and save investment for users.

1+1 Redundant Power System(RPS)
Supported 1+1 Dual Redundant Power System. Dual power supply redundant power supply, AC 100~240V and DC 48V optional. Redundant power supply can ensure the longest time of link flashover free.

3- Mylinking™ Network Packet Broker Typical Application Structures

3.1 Mylinking™ Network Packet Broker Centralized Collection Replication/Aggregation Application(as following)

3.2 Mylinking™ Network Packet Broker Unified Schedule Application(as following)

3.3 Mylinking™ Network Packet Broker Data Slicing Application(as following)

3.4 Mylinking™ Network Packet Broker Data VLAN Tagged Application(as following)

3.5 Mylinking™ Network Packet Broker Hybrid Access Application for Network Flow Capturing/Replication/Aggregation (as following)

4-Specifications

ML-NPB-4810L Mylinking™ Network Packet Broker TAP/NPB Functional Parameters
Interface Specifications	48 * SFP/SFP+ interfaces
Interface speed	Supports GE and 10GE speeds
Access Module	QSFP+ pluggable single-mode/multi-mode optical module
Access Module	Supports optical module receive/transmit optical power detection
Single-fiber transmission	support
Single-fiber receiver	support
Interface traffic statistics	Supports transient input flow measurement with 2ms accuracy, and displays and saves the data as a graphical curve.
Processing Performance
Overall performance	It can operate at full load, with a 480Gbps input and a 480Gbps output.
Port performance	Each port can operate at 100% line speed.
Packets Recognition
It can identify VLAN, QinQ, and MPLS tagged packets.
It can recognize IPv4/IPv6 packets.
It can recognize tunnel packets such as VxLAN, NVGRE, GRE, GTP, and IPoverIP.
Recognizes IP fragmented packets
Other messages can be identified using a custom offset signature (UDB).
Packets Filtering
Number of rule entries	Supports masked rulesNumber of unit group rules: 9000 Number of regular quintuple rules: 4000 Number of compound tuple rules: 1500 (tunnel packet recognition function disabled) Number of compound tuple rules: 1000 (with tunnel packet recognition function enabled)
Rule tuple	Input port
	Source/Destination MAC Address
	VLAN ID
	Ethernet type field
	Packet length or length range
	Three-layer protocol type
	Source and destination IP addresses or address ranges (outer layer)Source and destination IP addresses or address ranges (inner layer of GRE/GTP-U tunnel)
	TCP/UDP source/destination port or port range
	TCP Flag
	IP fragmentation tagging
	IPv6 Flow Tag
	TCP packet payload length
	IP TOS/DSCP tagging/ECN/IPSEC (AH, ESP)/ICMP/L2TP/PPTP
	Custom signature (UDB): Matching within the first 128 bytes of the packet, up to a maximum of 54 bytes, which can be non-contiguous.
Composite rules	Supports the above-mentioned tuple combination rule matching
Data Slicing	Supports packet slicing by tuple
Tunnel termination	Support
Timestamp	Supports timestamps on ports
Tunnel Encapsulation Output	Supports sending raw packets to designated monitoring servers via tunneling: ERSPAN, VXLAN, NVGRE, MPLS.
Packets Modification
Tunnel Encapsulation	Supports header stripping of tunnel encapsulated packets
MAC address replacement	Modify target MAC
MAC address replacement	Change the source MAC address to the output port MAC address.
Tag processing	Supports stripping VLAN tags (maximum 2 layers).
	Supports stripping MPLS labels (up to 6 layers).
	Supports adding VLAN tags
Packets Forwarding
Blacklist and whitelist	Supports packets forwarding (whitelist) or dropping (blacklist) operations.
Load balancing	Supports load balancing output based on hash-based same-source and same-destination architecture:SIP DIP SIP + SPort DIP+DPort SIP + DIP SIP + SPort + DIP + DPort
	Support global hash factorSupports independent data stream hash factors
	It supports a maximum of 256 output groups, and the number of members in each group can vary.
	Supports symmetrical hash load balancing output
	Supports sending traffic from the same source to multiple load balancing port groups simultaneously.
	It supports aggregating input traffic from multiple ports and sending it simultaneously to multiple load-balanced port groups.
	Supports ECMP load balancing N+1 distribution groups
Unknown packets	By default, all outputs are discarded; forwarding can be configured.
Data flow	Supports multi-port input aggregation
Data flow	Supports multi-port output replication/split
Management Configuration
Management Interface	Provides one 10/100/1000M auto-sensing interface, with individually configurable IP addresses, supporting IPv4/IPv6 management addresses.
Management Interface	Provides one CONSOLE management interface
Management Agreement	Supports HTTPS protocol (web interface)
	Supports SSH protocol (CLI interface)
	Supports SNMP V2c/V3 protocol
Alarm Upload	Actively upload alarms via SNMP Trap
Remote upgrade	Supports web interface/SSH remote software upgrades
Remote access	Supports remote access via multi-hop routers
Log recording	Supports logging of all statuses, alarms, system events, and critical operations.
	The log records are retained on a rolling basis for one year.
	Supports syslog log pushing and saving.
Time Management	Supports NTP time synchronization, providing a time base for log recording.
Time Management	Built-in RTC circuit ensures data is not lost during power outages.
Access Management	Supports hierarchical user access control
Information security	Supports management-side information security features, supports disabling WEB, SSH, and SNMP, and supports firewall functionality to allow only specified IP addresses to access the device.
configuration file	Supports importing/exporting configuration files
Working Conditions
Input power	AC specifications: 100VAC ~ 240VAC, 192VDC ~ 288VDC (high voltage DC)
	DC specifications: -36VDC ~ -72VDC
	Supports 1+1 power redundancy backup
Heat dissipation method	Active fan cooling for chassis
Operating temperature	0℃ ~ +40℃，10％ ~ 95％RH
Storage temperature	-40℃ ~ +70℃，10％ ~ 95％RH
Overall power consumption	＜180W
Total weight	＜7kg
Main unit size	Excluding ear loops: 392 mm (depth) × 440 mm (width) × 44 mm (height)
Deployment Requirements	Ensure there is sufficient space around the device's fan exhaust vents and heat dissipation holes.
Deployment Requirements	A well-ventilated indoor environment free from direct sunlight.
Product Certification
Environmentally friendly	Compliant with RoHS 2.0 Directives (2011/65/EU and 2015/863 EU)

Previous: Mylinking™ Network Packet Broker plus Inline Bypass Switch ML-NPB-M2000

Next:

Write your message here and send it to us