June 27, 2017

NETX at a glance

Product overview

The NETX Smart Router Series were jointly developed with Brno University of Technology to provide high-performance and open-source routing platform. Due to rich set of routing features and high-performance routing, these routers are ideal for deployment as an aggregation network device on the network edge.

NETX routers are designed to handle several full BGP feeds and provides CGN and traffic shaping capabilities in the same time. The operating system is based on GNU/Linux which allows easy extensibility and adaptation to various networking tasks.
In addition, the NETX Smart Router Series features robust configuration API that can be integrated to corporate automatisation NetOPS processes.

NETX features

What you get with NETX Smart router?

Quality of Service (QoS)

  • Committed Access Rate (CAR) and line rate traffic policing
  • FIFO, PQ, CQ, WFQ, CBQ, and RTPQ congestion management
  • Weighted random early detection (WRED) and Random early detection (RED) congestion avoidance
  • API for easy integration with customer’s information system

Layer 3 routing

  • Static IPv4 and IPv6 routing
  • Distance vector routing protocols – RIP, RIPv2, RIPng and Babel
  • OSPF, OSPFv3 link state routing protocols for IPv4 and IPv6 with ECMP, NSSA and MD5 authentication
  • BGPv4 with support for Multiprotocol BGP, MD5 authentication, incremental updates and extensive policies to increase flexibility in large networks
  • Policy based routing (PBR) for IPv4 and IPv6 to adapt routing policies to business needs; supports ACLs, IP prefix, AS paths, community lists, and aggregate policies
  • Virtual Routing and Forwarding (VRF) support provides separation of the routing table per customer

Management

  • Industry-standard CLI reduces training needs and increases productivity in multivendor installations
  • RESTful API for easy integration with automation processes
  • SNMPv1, v2 and v3 provides complete support of SNMP protocol
  • Network Time Protocol (NTP) for clock synchronisation
  • Rich set of debug utilities – ping, traceroute, tracepath, mtr, possibility to sniff network traffic
  • Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) protocols for maintaining IPv4 and IPv6 multicast groups
  • Remote management using Secure shell security protocol

High Availability

  • Virtual Router Redundancy Protocol (VRRP) with milliseconds timers for fast convergence when links fail, ensuring high network availability
  • Redundant design of main processing unit and power supply
  • Smart Clustering for easy configuration and management

Carrier Grade NAT

  • Large scale network translation for preserving IPv4 address space
  • Extensive logging support to keep information about user identity
  • 5-tuple sessions help to accommodate larger number of customer per IPv4 address

MPLS

  • Multiprotocol Label Switching (MPLS) Layer 3 VPN; allows Layer 3 VPNs across a provider network
  • MPLS and BGP integration; uses BGP to advertise routes across Label Switched Path (LSP)

Layer 3 services

  • Dynamic Host Configuration Protocol (DHCP) for IPv4 and IPv6 protocols
  • DHCPv4 and DHCPv6 Relay agent with client link-layer identifier insertion
  • Domain Name System (DNS) with DNSSEC support
  • Router Advertisement daemon for IPv6 Stateless address configuration
  • Captive portal for users redirection

DDoS Protection

  • BGP Flowspec support to connect NETX router with DDoS detection devices
  • Remote Trigger Blackhole community support for mitigation DDoS attack
  • Unicast Reverse Path Forwarding (uRPF) to filter spoofed IP addresses according Best Current Practise Document BCP38
  • Hardware DDoS Mitigation based on filtration rules in network interface card; support up to 10 000 prefixes (depends on platform)

Security

  • Extended Access control lists (ACLs); Provide L3/L4 filtering based on source or destination IPv4/IPv6 address, IPv4/IPv6 subnet, source or destination TCP/UDP port number and other fields in IP or TCP/UDP header
  • Secure Shell (SSH) for encryption remote connection of all transmitted data and secure remote CLI access over IP networks
  • RADIUS – management security administration by using a password authentication server

API

  • RESTful API for configuration and management; easy integration with custom NetOPS processes in your company
  • Different frontends available (CLI, HTTP, custom)
  • Industry Standard CLI syntax available; CLI benefits from standard GNU/Linux readline capabilities — powerful shortcuts and filtration provides faster configuration of networking tasks
  • Allows directly and simply execute a command or configuration change
  • Commit feature for safe configuration rollback

VxLAN

  • MAC-in-UDP technology that provides Layer 2 connectivity between distant network sites across an IP network
  • VXLAN L2 and L3 gateway support for up to 4k tunnels

Multicast

  • Internet Group Management Protocol (IGMP) to maintain multicast groups; supports v1, v2, and v3 and Source-Specific Multicast (SSM)
  • Multicast Listener Discovery (MLD) protocol for maintaining IPv6 multicast groups
  • Easy manipulating with multicast routes in Linux kernel
  • Support both IPv4 and IPv6 multicast routing
  • IGMP and MLD snooping; optimises multicast traffic flow to necessary ports