Cubro Packetmaster overview april 2015

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net

Bringing simplicity to today´s and tomorrow´s communication networks

PacketmasterSeries

High Performance

Network Packet Broker

V 4.1 April 2015

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


CUBRO

Private held Company (by the Management)

Located in Austria/ Vienna

Development in Austria

Production in Austria (with subcontractors)

Flexibility - we listen to our customers

Quality/Price oriented

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


The Cubro Packet Broker are available in three variations

PM products Network Processor based Filtering up to Layer 7 Up to 250G load 100 Gbit Interface

EX products Based on high performance switch fabric Filtering up to Layer 4 Up to 1,2T load

Session Master Network Processor based Filter up to Layer7 offset based filters 1 Mio filter/rules Up to 400G load

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


Packetmaster Matrix 1/3

* Only SFP ore Copper ports are usable ** ports can be configured as 1G or 10G

EX2 EX5-2 EX6 EX12

Packetload 28 Gbit 176 Gbit 176 Gbit 176 Gbit

Ports Gbit 4 Copper 48 copper 48 SFP * 8 SFP/8Copper

Ports 10 Gbit ** 2 SFP+ 4 SFP/SFP+ 4 SFP/SFP+ ** 12 SFP+

Ports 40 Gbit 0 0 0 0

DPI YES NO NO NO

Filtering to Layer 4 to Layer 4 to Layer 4 to Layer 4

Aggregation YES YES YES YES

Loadbalancing to Layer 4 to Layer 4 to Layer 4 to Layer 4

en/de capsulation MPLS/VLAN VLAN VLAN MPLS/VLAN

GUI CLI/MENU/API CLI/MENU/API CLI/MENU/API CLI/MENU/API

Packetbuffer YES YES YES YES

Delay 1 µs 1 µs 1 µs 1 µs

Dual Power YES YES YES YES

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net



EX484-2 EX484 Base-T EX3240

Packetload 1,2 Tbit 960 Gbit 1,28 Tbit

Ports Gbit ** 48 SFP 48 Copper

Ports 10 Gbit ** 48 SFP+ 48 Copper 128 (cable)

Ports 40 Gbit 4 QSFP 0 32 QSFP

DPI NO NO NO

Filtering to Layer 4 to Layer 4 to Layer 4

Aggregation YES YES YES

Loadbalancing to Layer 4 to Layer 4 to Layer 4

en/de capsulation MPLS/VLAN MPLS/VLAN MPLS/VLAN

GUI CLI/MENU/API CLI/MENU/API CLI/MENU/API

Packetbuffer YES YES YES

Delay 1 µs 1 µs 1 µs

Dual Power YES YES YES

** ports can be configured as 1G or 10G

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net



** ports can be configured as 1G or 10G *** ports can be 40 gbit or 4 x 10 Gbit

EX20400 EX48400 Sessionmaster48 Sessionmaster24

Packetload 2,4 Tbit 1,9 Tbit 200 Gbit 100 Gbit

Ports Gbit 0 **48 SFP 24 12

Ports 10 Gbit *** 80 QSFP **48SFP+ 20 10

Ports 40 Gbit 20 QSFP 2 QSFP 0 0

Ports 100 Gbit 4 QSFP28 4 QSFP28 0 0

DPI NO NO YES YES

Filtering to Layer 4 to Layer 4 to Layer 7 to Layer 7

Aggregation YES YES YES YES

Loadbalancing to Layer 4 to Layer 4 to Layer 7 to Layer 7

en/de capsulation MPLS/GRE/VLAN/VXLAN MPLS/GRE/VLAN/VXLAN MPLS/GRE/VLAN/VXLAN MPLS/GRE/VLAN/VXLAN

GUI CLI/MENU/API CLI/MENU/API CLI/API CLI/API

Packetbuffer YES YES YES YES

Delay 1 µs 1 µs 1 µs 1 µs

Dual Power YES YES YES YES

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


Packetmaster EX2Desktop Packet Broker

Packetload 26 Gbit

Ports 10/100/1000 4 Base-T

Ports 10 Gbit 2 SFP/SFP+

Ports 40 Gbit none

GUI CLI/WEB/GUI

Packetbuffer YES

Delay 2 µs

Dual Power YES

2000 Filters Layer 4 VLAN tag/detag Header modification Layer 4 Load balancing Layer 3 GRE de/encapsualtion All ports activated All software activated Low power design

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


Packetmaster EX5-2

Packetload 176 Gbit

Ports Gbit 48 SFP


Ports 40 Gbit none

GUI CLI/WEB/GUI

Packetbuffer YES

Delay 8 µs

Dual Power YES

12000 Filters Layer 4 MPLS tag/detag VLAN tag/detag Header modification Layer 4 Load balancing Layer 3 GRE de/encapsualtion All ports activated All software activated Low power design

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


Packetmaster EX6

Packetload 176 Gbit

Ports Gbit 48 SFP


Ports 40 Gbit none

GUI CLI/GUI

Packetbuffer YES

Delay 8 µs

Dual Power YES


Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


Packetmaster EX12

Packetload 176 Gbit

Ports Gbit 8 SFP + 8 Base-T


Ports 40 Gbit none

GUI CLI/WEB/GUI

Packetbuffer YES

Delay 2 µs

Dual Power YES


Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


Packetmaster EX484-2

Packetload 1,2 Tbit

Ports 1G/10 Gbit 48 SFP/SFP+

Ports 40 Gbit 4 QSFP

GUI CLI/WEB/GUI

Packetbuffer YES

Delay 1 µs

Dual Power YES

2048 Filters Layer 4 MPLS tag/detag VLAN tag/detag Header modification Layer 4 Load balancing Layer 3 GRE de/encapsualtion All ports activated All software activated

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


Packetmaster EX484-T

Packetload 1,2 Tbit

Ports 1G/10 Gbit 48 Base-T


GUI CLI/WEB/GUI

Packetbuffer YES

Delay 1 µs

Dual Power YES

2048 Filters Layer 4 MPLS tag/detag VLAN tag/detag Header modification Layer 4 Load balancing Layer 3 GRE de/encapsualtion All ports activated All software activated

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


Packetmaster EX3248

4000 Filters Layer 4 MPLS tag/detag VLAN tag/detag / Q in Q Header modification Layer 4 Load balancing Layer 3 GRE de/encapsualtion All ports activated All software activated Low power design Jumbo Frames 12000 Bytes

Packetload 2,56 Tbps

Ports 40 Gbit 32

GUI CLI/WEB/GUI

Packetbuffer YES

Delay 1 µs

Dual Power YES

32 x 40 Gbit or 96 x 10 Gbit + 8 x 40 Gbit

Discontinued

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


Packetmaster EX20400

64000 Filters Layer 4 MPLS tag/detag VLAN tag/detag / Q in Q Header modification Layer 4 Load balancing Layer 4 GRE de/encapsulation VXLAN de/encapsulation All ports activated All software activated Low power design Jumbo Frames 12000 Bytes

Packetload 2,4 Tbps

Ports 40 Gbit 20

Ports 100 Gbit 4

GUI CLI/WEB/GUI

Packetbuffer YES

Delay 1 µs

Dual Power YES

4 x 10 Gbit 20 x 40 Gbit + 4 x 100 Gbit 84 x 10 Gbit (with breakout cable) + 4 x 100 Gbit

100 Gbit

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


Packetmaster EX48400

64000 Filters Layer 4 MPLS tag/detag VLAN tag/detag / Q in Q Header modification Layer 4 Load balancing Layer 4 GRE de/encapsulation VXLAN de/encapsulation All ports activated All software activated Low power design Jumbo Frames 12000 Bytes

Packetload 2,4 Tbps

Ports 10 Gbit 48

Ports 40 Gbit 2 or 6

Ports 100 Gbit 4

GUI CLI/WEB/GUI

Packetbuffer YES

Delay 1 µs

Dual Power YES

52 x 10 Gbit + 4 x 100 Gbit 72 x 10 Gbit (with breakout cable)

100 Gbit

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


Sessionmaster 48

1 Mio Filters Layer 7 Session based -

Load balancing defragmentation MPLS tag/detag VLAN tag/detag Header modification Layer 4 Load balancing Layer 3 GRE de/encapsualtion Jumbo Frames 12000 Bytes

Packetload 400 Gpbs

Ports 10 GbitPorts 1 Gbit

24 SFP+ 24 SFP

GUI CLI/GUI

Packetbuffer YES

Delay 1 µs

Dual Power YES

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


Sessionmaster 48 GTP load balancing

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


Controlling the Packetmaster

CLI A CLI which has a full scripting functionality and root access to the

Linux on the unit which controls the Hardware. North and Southbound integration via shell scripts and python scripts possible.

WEB GUIEasy to use and efficient GUI

Rest Api All EX models support REST API to control the unit

Cubro Control V2 A server based solution, where a single server controls all

Packetmasters. With the option of doing DPI and load balancing in higher layers.

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


Packetmaster WEB Gui

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


Cubro Control V2Cubro Control is a server based application which add monitoring like and dpi functions to network packet brokers.

Cubro Control provides a range of interfaces to connect with the world.

Cubro control cannot control Cubro Packet Broker,

We are open to work also with any 3d party products north and southbound.

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


Cubro Control V2Main Features

• Single point of controlling a tap network

• Inventory database

• Meta to real world correlation

• Troubleshooting the Tap network

• Help to extract only the relevant Data

• Reduce monitoring costs

• Security protect data from unlawful use

• Extended Monitoring and Statistics of the TAP System

• Advanced Filtering L7 / Session

• Full automated Applications

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


sFlow / nFlow

The EX series units are able to produce sFlow or nFlow CDR‘s.

This data can be captured with many available collectors on the market, to produce traffic statistics up to layer 4.

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


Applications – some examples

Aggregation

Tagging

Filtering

Cross Connect

Encapsulation (Routing)

Traffic Add & Drop

Duplicate Packet Remover

Traffic Modification

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


Aggregation

Aggregation of network links and/or span ports

Aggregation and Filtering can be combined Many to Any & Any to Many Saves monitoring ports See more traffic in one trace (SIP, MGCP, RTP)

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


Filtering

Filtering is possible on all the marked fields shown in this IP header diagram

Positive and Negative filtering is possible

Min. 1024 Filters per unit.

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


The Packetmaster EX can be used as intelligent patch field. This is feature is possible because the EX has no designated in and out port configuration, each port is a input and a output at the same time.

The non-blocking concept is also relevant to use it as an intelligent patch field, full line rate is supported on any port.

Cross connect/Patch field

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


Typical Application with optical 1/10 Gbit Splitter

.

Why it is better to use external Tap's and Splitters

The Cubro concept for large amount of aggregating links is always to use external splitter or converter, instead of a combined

solution. Because the external solution is more flexible, and in the case of a failure or upgrade, it is not necessary to open

active network link. The large amount of ports in the Packetmaster EX series gives you also the option to overcome TAP

cascades.

Cubro put all the traffic together and with the smart and powerful filtering we can divide the traffic to the relevant Probe

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


Typical Application with 10 Gbit Splitter connected to QSFP Ports

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


Typical Application with 200 Gbps load balancing

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


Typical Application with EX 3248 96 x 10 Gbit ports

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


Intercept solution with Bypass

1)Active link is connected over optical bypass switch

2)Traffic is forwarded to PM 20400

3) PM20400 filters out tcp port 80 traffic

4) All other traffic is routed back to the active link

5) tcp port 80 traffic is send to appliances

6) appliance is processing the traffic

7) Processed traffic is reinserted in the live link

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


Typical Cubro TAP Solutions

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


Security Function

This solution provides also a security option, the EX12 offers 12000 filter rules, this rules can be uses to block unwanted traffic by hardware filters, based on blacklist, per country for example.

The EX12 is immune against DoS attacks because there is no software stack, bottom end the Packetmaster can provide a bandwidth meter function which can limit the incoming traffic to protect the firewall.

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


10G to 1G Demultipelxing

10G inputs 1G output(s) via filtering

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


Encapsulation (Routing)

Routing options:

VLAN / MPLS / GRE / VXLAN

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


Mobil Packet core monitoring installation live network at a carrier in Europe

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


Mobil Packet core monitoring installation live network at a carrier in Europe

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


Road Map

2015/2016

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


Packetmaster EX32

Packetload 46 Gbit


Ports 10 Gbit 32 SFP+

GUI CLI/WEB/GUI

Packetbuffer YES

Delay < 1 µs

Dual Power YES

64000 Filters Layer 4 MPLS tag/detag VLAN tag/detag VXLAN Header modification Layer 4 Load balancing Layer 3 GRE de/encapsualtion All ports activated All software activated Low power design

Low cost

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


New optical Bypass New regeneration Units 100 Gbit regeneration Unit High densety 10/100/1000 Copper Taps N-BaseT Taps 2.5/5/10 Gbit Copper SFP28 25 Gbit Interface on NPB

Tap

pin

g, A

gg

reg

ati

on

an

d F

ilte

rin

gwww.cubro.net


End

www.cubro.net

Engineering

Cubro Packetmaster overview april 2015