Call a Specialist Today! 844-294-0783

Brocade Virtual Router
Agile Networking and High Performance


Overview:

The Brocade vRouter is purpose-built for Network Functions Virtualization (NFV), bringing an impressive performance boost. As the first virtual router for carrier-class networks, the Brocade vRouter is the highest-performing software router in the industry, achieving 10+ Gbps performance per physical core. The Brocade vRouter delivers advanced routing, stateful firewall, NAT, and VPN capabilities in software without sacrificing the reliability and carrier-class performance of hardware networking solutions.

The Brocade vRouter allows service providers to rapidly scale services up and down with their business demands through flexible and elastic deployment options, accelerating the time to market of network services. The next-generation platform architecture easily consolidates resources, maximizing utilization of the underlying hardware infrastructure and helping to significantly reduce capital and operating costs. With the Brocade vRouter, organizations gain a comprehensive NFV solution for building high-performance, optimized, and secure networks in environments where agility and automation are critical.

By offering carrier-class performance and reliability in a software solution that runs on commercial off-the-shelf servers, Brocade vRouters change the economics of networking while driving innovation inside and outside the data center.

Highlights

  • Provides a solution purpose-built for high-performance Network Functions Virtualization (NFV)
  • Leverages the Intel Data Plane Development Kit (DPDK) to deliver breakthrough performance and enable efficient network designs
  • Delivers advanced routing and security services for physical, virtual, and cloud networking environments
  • Provides a robust, Linux-based, and extensible OS
  • Supports all commonly used hypervisors and can be installed on any standard IA x86-based system for maximum flexibility

Robust Network Routing, Firewall and VPN

  • Full support for IPv4 and IPv6 advanced unicast and multicast routing protocols
  • IPsec and OpenSSL support for site-to-site and remote access VPN
  • Powerful IPv4 and IPv6 firewall capabilities

Brocade VPlane Technology

  • The industry’s first highly-scalable data forwarding plane for next-generation telecommunications, enterprise and cloud networks
  • Leverages Intel DPDK to separate the router’s control plane from its forwarding plane for unprecedented performance
  • Architected with a high-speed packet pipeline architecture for 1Gbps to 10 Gbps+ performance

The Industry's Leading Virtual Router

With proven ultra-high performance and scalability, the Brocade 5600 vRouter (formerly Vyatta 5600 vRouter) is the networking industry leader in software innovation. With 80 Gbps of virtual networking throughput it has set a new benchmark for all software-based routers, while offering easy scalability, a broad set of capabilities, and the peace of mind that comes with rock solid reliability.

Hardware-Like Performance

Hardware-Like Performance

With Brocade vPlane™ technology you get hardware-like routing performance in a software-based network appliance. When compared to the equivalent port density on a traditional chassis based router--or even high-end fixed form machine- the cost per Gbps is without peer.

Robust Site-To-Site Security

Robust Site-To-Site Security

Establish secure site-to-site connections and ensure protected network access for remote users with embedded SSL-based functionality and IPsec remote access. Protect critical data with a robust Brocade firewall that intercepts and inspects network data center activity.

Easy on Your Capex and Opex

Easy on Your Capex and Opex

No additional hardware. No complex programming. Just provision a Brocade vRouter on an installed and licensed server and hypervisor and In seconds you’ll be speeding application delivery wherever it’s needed the most, anywhere in the cloud.

Features:

Brocade vPlane Technology

Brocade vPlane technology enables hardware-like routing performance in a software-based network appliance. It is the industry’s first highly scalable data forwarding plane for next-generation telco, enterprise, and cloud networks. Leveraging innovations from Brocade and the Intel Data Plane Development Kit (DPDK), vPlane technology delivers breakthrough levels of performance and enables more efficient network designs for various data center and telco use cases.

vPlane technology is a Layer 3 forwarding plane that is architecturally separate from the Brocade vRouter control plane. By utilizing the Intel DPDK, vPlane technology allows each forwarding plane to be allocated to multiple Intel CPU cores. Isolating forwarding planes on individual x86 cores enables the Brocade vRouter to deliver 10+ Gbps performance while eliminating resource contention.

Powerful Network Connectivity

At the core of the Brocade vRouter is a powerful routing engine with full support for IPv4 and IPv6 dynamic routing protocols (BGP4/4+, OSPFv2/v3, RIP), Multicast, Policy-Based Routing (PBR), NAT, and DHCP. The Brocade vRouter also supports a variety of 10/100/1000 Mbps and 10 Gbps Ethernet NICs.

Robust Firewall Protection

The system’s firewall features robust IPv4/ IPv6 stateful packet inspection to intercept and inspect network activity and protect critical data.

Secure Connectivity

Organizations can establish secure siteto-site VPN tunnels with a standardsbased IPsec VPN between two or more Brocade vRouters or any IPsec VPN device with support for Dynamic Multipoint VPN (DMVPN). The Brocade vRouter supports Suite-B for L3 IPsec, which includes strong encryption and authentication methods for nextgeneration data security, and can provide secure network access to remote users with embedded SSL-based OpenVPN functionality.

Reduced Operating Costs

Brocade vRouters can help organizations eliminate or reduce single-purpose hardware, since routing, firewall, and VPN capabilities can be provided via a VM on existing servers. This helps reduce power and space requirements, leading to lower operating costs.

Efficient Traffic Management

The Brocade vRouter provides a variety of QoS queuing mechanisms that can be applied to inbound and outbound traffic for identifying and prioritizing applications and traffic flows.

High Availability

Mission-critical networks can deploy Brocade vRouters with the confidence that high availability and system redundancy can be achieved through industrystandard failover and synchronization mechanisms, such as stateful firewall failover and VRRP.

IPv6 Compatibility

The Brocade vRouter is the only softwarebased routing and security solution with proven IPv6 functionality and interoperability, ensuring a future-proof investment in a solution that offers a simplified migration path from IPv4 to IPv6.

Simplified Administration and Authentication

Brocade vRouters can be managed through a familiar network-centric Command Line Interface (CLI), Web-based GUI, or through external management systems using the Remote Access API. All network management sessions can be securely managed using SSHv2, RADIUS, or TACACS+.

Virtual Routing and Forwarding

The Brocade vRouter supports Virtual Routing and Forwarding (VRF) domains with VRF-Lite capability (also known as multi-VRF CE). VRF-Lite support allows admins to separately manage access into a dedicated management VRF or segregate users in their dedicated routing and forwarding domains for security, or allow overlapping address ranges.

Monitoring and Reporting

Brocade vRouters present complete logging and diagnostics information that can be monitored using industry-standard and embedded Linux tools.

Brocade Global Services

Brocade Global Services has the expertise to help organizations build scalable, efficient cloud infrastructures. Leveraging 20 years of expertise in storage, networking, and virtualization, Brocade Global Services delivers worldclass professional services, technical support, and education services, enabling organizations to maximize their Brocade investments, accelerate new technology deployments, and optimize the performance of networking infrastructures.

Maximizing Investments

To help optimize technology investments, Brocade and its partners offer complete solutions that include professional services, technical support, and education.

Deployment:

Figure 1: Virtual CPU (vCPU) data plane architecture.
Figure 1: Virtual CPU (vCPU) data plane architecture.

Specifications:


Brocade vRouter Specifications
IPv4/IPv6 Routing
  • BGPv4, BGPv6
  • OSPFv2
  • OPSFv3
  • BGP Multipath
  • RIPv1 and RIPv2
  • Static Routes
  • Policy-Based Routing (PBR)
  • IPv6 Policy
  • IPv6 SLAAC
  • Multicast
IP Address Management
  • Static
  • DHCP Server
  • DHCP Client
  • DHCP Relay
  • Dynamic DNS
  • DNS Forwarding
  • IPv6 DNS Resolver
  • DHCPv6 Server, Client
  • DHCPv6 Relay
Encapsulations
  • Ethernet
  • 802.1Q
  • GRE
  • QinQ
Firewall
  • Stateful Inspection Firewall
  • Zone-based Firewall
  • IPv6 Firewalling
  • ICMP Type Filtering
  • Policy Rate Limiting
Tunneling/VPN
  • SSL-based OpenVPN
  • Site to Site VPN (IPsec)
  • Remote VPN (L2TPv3, IPsec)
  • OpenVPN Client Auto-Configuration
  • Layer 2 Bridging over GRE
  • Layer 2 Bridging over OpenVPN
  • OpenVPN Dynamic Client Bundler
  • Dynamic Multipoint VPN (DMVPN)
  • OpenLDAP Authentication
Additional Security
  • Network Address Translation
    • IPv4 to IPv4
    • IPv6 to IPv4
  • 3DES, AES Encryption, IKEv2
  • Suite-B for L3 IPsec
    • Advanced Encryption Standard (AES) Galois/Counter Mode (GCM) with key sizes of 128 and 256 bits
    • Elliptic Curve Diffie-Hellman (ECDH) – DH groups 19, 20
    • Elliptic Curve Digital Signature Algorithm (ECDSA)
    • Secure Hash Algorithm (SHA) - SHA-256 and SHA-384 for message digest
  • MD5, SHA-1, SHA-2 (256-bit) Authentication
  • RSA, Diffie-Helman Key Management
  • NAT Traversal
  • Role-Based Access Control (RBAC)
Performance Optimization
  • ECMP
  • Bandwidth Management
  • CPU Affinity
Virtual Routing and Forwarding (VRF-Lite)
  • VRF-aware routing: static, OSPF, BGP
  • VRF-aware services: FW, NAT, PBR, ALG, DHCP, SSH, TWAMP, VRRP, BFD, flow monitoring
  • VRF-aware tunnels: GRE, IPsec
Multiprotocol Label Switching (MPLS)
  • Label Distribution Protocol (LDP)
  • Resource Reservation Protocol (RSVP-TE)
  • Data plane support for MPLS forwarding
QoS Policies
  • 8 Queues
  • Policing
  • 1,024 Classes
  • DSCP Classification
  • DSCP Remarking
  • Per Queue DSCP Remarking
  • Weighted Round Robin (WRR)
  • Random Early Detection (RED)
  • Weighted Random Early Detection (WRED)
  • Strict Priority Queuing
  • Ethernet (Layer 2) Header Matching
  • Ethertype support
  • 4,095 VLAN Support and Tagging
  • Bandwidth Percentage Limits
High Availability
  • Stateful Firewall/NAT Failover
  • VRRPv2 (IPv4 and IPv6)
  • VRRPv3 (IPv6)
  • Configuration Replication
  • VRRP Support with IPsec VPN
  • Bidirectional Forwarding Detection (BFD)
  • Link Aggregation Control Protocol (LACP)
Administration and Authentication
  • Integrated CLI
  • Web GUI
  • Brocade Vyatta Remote Access API (RESTful API)
  • NETCONF/YANG
  • Configured API for Python, Perl, and Ruby languages
  • Telnet
  • SSHv2/SSH Public Key
  • Binary Image Install
  • Image Cloning
  • RADIUS
  • TACACS+
  • X.509 digital certificate authorization
  • Single Configuration File
  • Configuration Audit
  • CPU Affinity Configuration for Data Plane
Diagnostics, Logging, and Monitoring
  • Two-Way Active Measurement Protocol (TWAMP) Flow Monitoring
  • tcpdump
  • BGP MD5 Support
  • Wireshark Packet Capture
  • Syslog
  • SNMPv3
  • SNMP for IPv6
  • SPAN port mirroring
  • RSPAN port mirroring
  • ERSPAN mirroring
  • Flow monitoring
    • IPFIX (RFC 7011) export
    • NetFlow Version 9 export
Hypervisor Support
  • VMware ESXi
  • KVM
  • Microsoft Hyper-V
  • XenServer
  • Amazon Machine Image (AMI)
  • Interface hot-plug support
    • KVM
    • ESXi
MIB Support
  • BGP4-MIB RFC 1657
  • HOST-RESOURCES-MIB RFC 2790
  • RMON-RIB RFC 2819
  • IF-MIB RFC 2863
  • EVENT-IB RFC 2981
  • IP-MIB RFC 2011
  • NOTIFICATION-LOG-MIB RFC 3014
  • IPv6-MLD-MIB RFC 3019
  • IPM-ROUTE RFC 2932
  • IPV6-TC RFC 2465
  • IPV6-UDP-MIB RFC 2454
  • KEEPALIVED-MIB
  • OSPF-MIB RFC 1850
  • PIM-MIB RFC 2934
  • IGMP-MIB RFC 2933
  • MLD-MIB RFC 3019
  • RFC1213-MIB RFC 1213
  • SNMPv2-MIB RFC 3418
  • TCP-MIB RFC 4022
  • UDP-MIB RFC 4113
  • IP-FORWARD-MIB RFC 4292
  • IP-MIB RFC 4293
  • OSPF-MIB RFC 4750
  • PIM-MIB RFC 2934
  • RFC1213-MIB RFC 1213
  • RFC 2787 VRRP-MIB RFC 2787
  • RIPv2-MIB RFC 1724
  • VPN Link Status MIB
  • UCD-DISKIO-MIB

Table 1. Bare metal, PCI passthrough, and SR-IOV LAN device support.

Vendor and Mode Description Bare Metal PCI Passthrough SR-IOV
      ESXi KVM ESXi KVM
Intel X520 Dual 10 GbE fiber
Intel X540-T1/X540-T2/X540-AT2 Dual 10 GbE copper
Intel 85598/82598 AF/82598 AT/82598 AT2/82598 EB/82599 EB/82599 EN Dual 10 GbE with SFP+      
Intel 82575/82576/82580/I350/I210/I211/I354/ DH89XXC 1 GbE    

Notes:

  • Supported NICs will vary based on the software release version of the Brocade vRouter.
  • Please consult the Release Notes and Brocade vRouter documentation for a more detailed list of supported devices and drivers.

Table 2. Software licenses available for the Brocade vRouter.

Software License SKU
BR-5600S-1V-SVV-SW-1 1-year subscription software license (1 license) with 1-vCPU data plane license
BR-5600S-1V-SVV-SW-3 3-year subscription software license (1 license) with 1-vCPU data plane license
BR-5600P-1V Perpetual software license (1 license) with 1-vCPU data plane license

Table 3. Recommended hardware and software profile.

Hardware Software
CPU: Intel Xeon CPU E5-2697 v2 at 2.70 GHz
Total memory size: 128 GB
NIC: Intel Corporation 82599ES 10-Gigabit SFI/SFP+
Network Connection (rev 01)
Brocade vRouter: Version 3.2.1R6 and above
Hypervisor: QEMU 1.7.91
Hyper-threading: Enabled
VT-d: Enabled
Huge pages memory backing: Enabled PCI passthrough: Enabled
Hard disk drive space: 8 GB
RAM allocation: 4 GB

Table 4. Expected Layer 3 routing performance, using SR-IOV or PCI passthrough, with IMIX traffic load with recommended software and hardware configuration.

Number of vCPUs per Data Plane Interface Type Performance Throughput Expectation Range
1 1/10 GbE 100 Mbps to 500 Mbps
2 1/10 GbE Up to 1 Gbps
3 10 GbE Up to 10 Gbps

Notes:

  • Testing performed by Brocade in a controlled lab environment.
  • Performance expectation is based on the hardware and software profile indicated in Table 3.
  • Performance will vary based on compute, memory, hypervisor, vSwitch, configuration, and general network conditions.
  • Lab results show < 0.01% packet loss with the recommended hardware and software profile. Results utilize huge pages and PCI passthrough for the Brocade vRouter Virtual Machine.

RFC Compliance:


Multicast

  • RFC 1112 Host Extensions for IP Multicasting
  • RFC 2236 Internet Group Management Protocol Version 2
  • RFC 2710 Multicast Listener Discovery (MLD) for IPv6
  • RFC 3376 Internet Group Management Protocol Version 3
  • RFC 3810 Multicast Listener Discovery Version 2 (MLD v2) for IPv6
  • RFC 4604 Using Internet Group Management Protocol Version 3 (IGMPv3) and Multicast Listener Discovery Protocol Version 2 (MLDv2) for Source-Specific Multicast
  • RFC 3973 Protocol Independent Multicast-Dense Mode (PIM-DM) Protocol Specification (Revised)
  • RFC 4601 Protocol Independent Multicast - Sparse Mode (PIM-SM)
  • RFC 3973 Protocol Independent Multicast - Dense Mode (PIM-DM)
  • RFC 3618 Multicast Source Discovery Protocol (MSDP)
  • RFC 2236 Internet Group Management Protocol, Version 2
  • RFC 3376 Internet Group Management Protocol, Version 3
  • RFC 2710 Multicast Listener Discovery (MLD) for IPv6

OSPF

  • RFC 2328 OSPF Version 2
  • RFC 2370 The OSPF Opaque LSA Option
  • RFC 1583 Compatibility OSPF Version 2

OSPFv3

  • RFC 5340 OSPF for IPv6
  • RFC 5838 Support of Address Families in OSPFv3

RIP and RIPng

  • RFC 1058 Routing Information Protocol
  • RFC 2453 RIP Version 2
  • RFC 2080 RIPng for IPv6
  • RFC 2081 RIPng Protocol Applicability Statement

BFD

  • RFC 5880 - BFD RFC (Not supported sections - 4.3, 4.4, 5, 6.4, 6.6, 6.8.13, 6.8.14, 6.8.18)
  • RFC 5881 - BFD for IPv4/v6 RFC 5882 - Generic Application of Bidirectional Forwarding Detection (BFD) (Not supported sections - 4.3, 7)
  • RFC 5883 - Bidirectional Forwarding Detection (BFD) for Multihop Paths (Not supported sections - 4.2)
  • RFC 7331 – BFD MIB

BGP

  • RFC 4271 A Border Gateway Protocol 4 (BGP-4)
  • RFC 1997 BGP Communities Attribute
  • RFC 2439 BGP Route Flap Damping
  • RFC 2545 Use of BGP-4 Multiprotocol Extensions for IPv6 Inter-Domain Routing
  • RFC 2918 Route Refresh Capability for BGP-4
  • RFC 4273 Definitions of Managed Objects for BGP-4
  • RFC 4360 BGP Extended Communities Attribute
  • RFC 4456 BGP Route Reflection—An Alternative to Full Mesh IBGP
  • RFC 4724 Graceful Restart Mechanism for BGP - Only Helper mode
  • RFC 4760 Multiprotocol Extensions for BGP-4
  • RFC 5065 Autonomous System Confederations for BGP
  • RFC 5082 The Generalized TTL Security Mechanism (GTSM)
  • RFC 5291 Outbound Route Filtering Capability for BGP-4
  • RFC 5292 Address-Prefix-Based Outbound Route Filter for BGP-4
  • RFC 5492 Capabilities Advertisement with BGP-4
  • RFC 5925 The TCP Authentication Option (MD5)
  • RFC 6793 BGP Support for Four-octet AS Number Space
  • RFC 2842 Capabilities Advertisement with BGP-4
  • RFC 4760 Multiprotocol Extensions for BGP-4
  • RFC 3065 Autonomous System Confederations for BGP
  • RFC 2796 BGP Route Reflection—An Alternative to Full Mesh IBGP

IPsec

  • RFC 2401 Security Architecture for the Internet Protocol
  • RFC 2402 IP Authentication Header (AH)
  • RFC 2406 IP Encapsulating Security Payload (ESP)
  • RFC 2407 The Internet IP Security Domain of Interpretation for ISAKMP
  • RFC 2408 Internet Security Association and Key Management Protocol (ISAKMP)
  • RFC 2409 The Internet Key Exchange (IKE)
  • RFC 2412 The OAKLEY Key Determination Protocol
  • RFC 3526 More Modular Exponential (MODP) DiffieHellman groups for Internet Key Exchange (IKE)
  • RFC 3706 A Traffic-Based Method of Detecting Dead Internet Key Exchange (IKE) Peers
  • RFC 4307 Cryptographic Algorithms for Use in the Internet Key Exchange Version 2 (IKEv2)
  • RFC 4478 Repeated Authentication in Internet Key Exchange (IKEv2) Protocol
  • RFC 7296 Internet Key Exchange Protocol Version 2 (IKEv2)
  • RFC 7815 Minimal Internet Key Exchange Version 2 (IKEv2) Initiator Implementation

Tunneling

  • RFC 1853 IP in IP tunneling
  • RFC 4213 Basic Transition Mechanisms for IPv6 Hosts and Routers
  • RFC 3884 Use of IPsec Transport Mode for Dynamic Routing
  • RFC 1702 Generic Routing Encapsulation over IPv4 Networks
  • RFC 2784 Generic Routing Encapsulation

General

  • RFC 2461 Neighbor Discovery for IP Version 6 (IPv6)
  • RFC 2464 Transmission of IPv6 Packets over Ethernet Networks
  • RFC 1918 Address Allocation for Private Internets
  • RFC 4330 Simple Network Time Protocol (SNTP) Version 4 for IPv4, IPv6, and OSI
  • RFC 4291 IP Version 6 Addressing Architecture
  • RFC 4941 Privacy Extensions for Stateless Address Autoconfiguration in IPv6
  • RFC 4862 IPv6 Stateless Address Auto-configuration
  • RFC 4861 Neighbor Discovery for IP version 6 (IPv6)
  • RFC 2332 NBMA Next Hop Resolution Protocol (NHRP)
  • RFC 3046 DHCP Relay Agent Information Option
  • RFC 3442 The Classless Static Route Option for Dynamic Host Configuration Protocol (DHCP) version 4
  • RFC 2131 Dynamic Host Configuration Protocol
  • RFC 3315 Dynamic Host Configuration Protocol for IPv6 (DHCPv6)
  • RFC 3736 Stateless Dynamic Host Configuration Protocol (DHCP) Service for IPv6
  • RFC 3442 The Classless Static Route Option for Dynamic Host Configuration Protocol (DHCP) version 4
  • RFC 2136 Dynamic Updates in the Domain Name System (DNS UPDATE)
  • RFC 5735 Special Use IPv4 Addresses
  • RFC 3513 Internet Protocol Version 6 (IPv6) Addressing Architecture
  • RFC 2606 Reserved Top-Level DNS Names
  • RFC 6241 Network Configuration Protocol (NETCONF)
  • RFC 6020 YANG - A Data Modeling Language for the Network Configuration Protocol (NETCONF)
  • RFC 6022 YANG Module for NETCONF Monitoring

SNMP

  • RFC 1525 Definitions of Managed Objects for Source Routing Bridges
  • RFC 2742 Definitions of Managed Objects for Extensible SNMP Agents
  • RFC 2786 Diffie-Helman USM Key Management Information Base and Textual Convention
  • RFC 2856 Textual Conventions for Additional High-Capacity Data Types
  • RFC 2864 The Inverted Stack Table Extension to the Interfaces Group MIB
  • RFC 3165 Definitions of Managed Objects for the Delegation of Management Scripts
  • RFC 3231 Definitions of Managed Objects for Scheduling Management Operations
  • RFC 3411 An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks
  • RFC 3412 Message Processing and Dispatching for the Simple Network Management Protocol (SNMP)
  • RFC 3413 Simple Network Management Protocol (SNMP) Applications
  • RFC 3414 User-based Security Model (USM) for Version 3 of the Simple Network Management Protocol (SNMPv3)
  • RFC 3415 View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP)
  • RFC 3417 Transport Mappings for the Simple Network Management Protocol (SNMP)
  • RFC 3419 Textual Conventions for Transport Addresses
  • RFC 3584 Coexistence between Version 1, Version 2, and Version 3 of the Internet-standard Network Management Framework
  • RFC 3635 Definitions of Managed Objects for the Ethernetlike Interface Types
  • RFC 3826 The Advanced Encryption Standard (AES) Cipher Algorithm in the SNMP User-based Security Model
  • RFC 4001 Textual Conventions for Internet Network Addresses
  • RFC 4273 Definitions of Managed Objects for BGP-4
  • RFC 5591 Transport Security Model for the Simple Network Management Protocol (SNMP)
  • RFC 5953 Transport Layer Security (TLS) Transport Model for the Simple Network Management Protocol (SNMP)

Documentation:

Download the Brocade Virtual Router Datasheet(PDF).