One of the reasons why you may want to buy a chassis switch is to protect your investment. A chassis switch contains power supply lines and line cards stacked together in a cabinet. If you take out these elements, you will notice a metal sheet bolted into the network rack. This is a long-lasting metal sheet that doesn’t degrade over time. You can keep adding the latest modules in the cabinet backed by this metal sheet and enjoy new networking capabilities.
Although a chassis switch is primarily popular for its longevity, it also comes with a few drawbacks. For example, its complex structure is something that you may not understand fully. These switches support multiple links simultaneously and play a crucial role in providing the backbone of the network architecture. This puts too much pressure on them as users always expect them to work at their optimum condition. They fail to realize that a chassis switch can also run into interruptions, including component failure.
Due to these drawbacks, chassis switches have redundant supervisor engines, fabric cards, and power supplies. You will see that these switches have a midplane where you connect all the ethernet line cards. The CPU is responsible for the monitoring of the electrical traces in all the line cards available in the system. Thus, the chassis contains multiple discrete modules plugged into one single system.
If you have already used a chassis switch earlier, you may find a few similarities with the Aruba 8400 model that was launched in August 2017.
Factors that influenced makers to come up with the 8400 hardware
According to reports, the ProCurve team of Aruba made the 8400 hardware. But why did the team decide to make this chassis switch? What changes did they implement that make this switch superior to its counterparts? Here are a few factors that you should know about.
- Campus core – This switch is ideal if you require up to three layers of ethernet services. It targets the cable’s campus core to provide interruption-free services.
- Availability – The Aruba 8400 has ‘carrier class’ availability, meaning the carriers will support the maximum uptime requirements and prevent the system from downtime. We always prefer good network design over clever hardware design, and the Aruba 8400 has done just that, thus making it superior to other chassis switches.
- Service life – The makers ensured that the Aruba 8400 would outlive other chassis switches. This model can last at least three hardware generations. That means you can expect it to last three generations of line cards, supervisor engines, and other essential parts of the network architecture.
- Queueing and buffering – Apart from the long service life, Aruba also kept an eye on the best-in-class queuing and buffering. The makers said that it would work flawlessly for deep buffers, virtual output queues, and no head-of-line blocking. However, we found this feature slightly confusing, since the 8400 is a campus switch. It means that the makers expect the switch to handle so much through-the-box traffic that they had to go out of the way to reinforce the queueing and buffering.
The reason why we mentioned that the feature is slightly confusing to me is that campus switches don’t usually experience high through-the-box traffic. Sure, the queueing and buffering will make it easier to eliminate HOL blocking with VOQs, but deep buffering may not be required for the amount of traffic that the 8400 is most likely to handle. In fact, we don’t think that deep buffering is the solution to various chassis switch hardware problems. For example, a TCP throughput will better handle packets dropped using an updated congestion control mechanism or a well-thought-out QoS scheme.
In my opinion, the best-in-class queueing and buffering is a marketing strategy for Aruba. It will highlight it in such a way as if it would make a big difference to your network architecture. In reality, we don’t think it will make too much of a difference.
Best features of Aruba 8400 chassis hardware
The launch day event of Aruba 8400 provided various insights into the switch’s features. Here are the highlights of the switch that make it different from other chassis switches.
In most Aruba chassis switches, the ethernet chip doesn’t match Aruba’s AISC design of its line cards. That’s why the company decided to add its peripheral magic to the combination of technologies in the respective ASIC.
Aruba usually lets people know about its ASIC vendor, but this time it didn’t. We found it odd because We couldn’t think of any reason to keep the name a secret. Moreover, with only a handful of Ethernet chip providers, the industry will sooner or later find out the name of the vendor. We even tried to check the physical line card, but with too many heatsinks and metal shields around, We couldn’t see the ASIC manufacturer.
This time Aruba used its own ASIC driver. In the previous switches, it had used an ASIC or SAI abstraction layer, but with 8400, the makers wanted the switch to make the most of the silicon’s capability. Over the years, the makers noticed that even though SAI offers a common interface, it reduces ASIC’s programming ability. Moreover, it makes sense to not keep SAI in the mix because it has better responses in networks that run on multiple operating systems. The 8400 is not the ideal platform that will allow SAI’s architecture to work at its optimum condition.
The 8400 hardware weighs 240 pounds. It comes with 4 power supplies at the top of the chassis and power connectors at the back. This chassis switch is so big that it can accommodate as many as 2 management cards and 8 line cards in the front where you can load them vertically. At the back, you will find three fan trays and each tray contains 6 fan modules to cool the system down whenever required.
Aruba tweaked its packaging system in this model. It ensured that you can take out the 3 fabric card slots at the back of the fan trays without disrupting other cables.
Even if the three fabric cards run simultaneously, they won’t block the chassis. The chassis has a high switching capacity, allowing the system to handle three fabric cards in its front panel port. However, if one of the cards fails, the switch may lose some of its capacity, depending on the load distribution in the ports and line cards.
This switch can support up to 8 lines cards. You can connect them using a Clos fabric and a direct-connect midplane. The Clos fabric will create a direct connection to each fabric card. This is similar to the direct connection in a leaf switch where each spine switch has its own data centre switching topology.
Usually, chassis switch modules either work on per packet or per-frame basis. However, that’s not necessary for all network architectures. In the 8400’s architecture, you will see a large packet fragmented into multiple parts. The ingress from the front panel will allow you to distribute the fragmented parts and even reassemble them before the switch egress, thus reducing content and fabric hotspots and increasing traffic distribution throughout the internal switch fabric.
- Speeds and feeds
The 8400 chassis switch is fast enough to tackle 1.2 Tbps per slot or 19.2 Tbps of throughput if you are on the 8400 datasheets. It means that the total ingress and egress traffic that it can support is 19.2 Tbps. On the other hand, it can support 9.6 Tbps for the slots in one direction. Each slot is capable of handling 1.2 Tbps. That means if 9.6 Tbps is the ingress, then the egress will also be the same, thus resulting in 19.2 Tbps
In the 8400, Aruba introduces a centralized control plane instead of a distributed data plane. It means that the control plane will run as the primary software for the management cards and each line card will have forwarding tables that would allow them to forward traffic according to their requirements.
The switch also efficiently manages the management planes, control planes, front line cards of fabric cards, and hardware chassis midplane through various electrical traces. We think this feature sets this chassis switch apart from its competitors.
The cards and modules that come in the Aruba 8400 have in-service serviceability. The clever design ensures that the fabric cards remain behind the modules and fan trays to prevent obstructing the system.
Aruba ensured that the chassis switch would never compromise on its essential components. That’s why it equipped the switch with 32GB of RAM, Intel Xeon-family 4 core @ 2.0GHz, and a 120GB SSD. But Aruba specified that overusing the SSD may reduce its longevity.
If you are not sure what the company means by overusing the SSD, it indicates how you can use the switch better. For example, many users save TCP dump files in chassis switches even though the files are not necessary. Overloading the SSD with such unnecessary files will take a toll on its service life. It would be better if you are more tactical about how to make the best use of the SSD instead of storing unwanted files.
8400 Platform Security
This time, Aruba didn’t use the hardware supply chain. And we can understand their decision because they have a strong customer base that has top-notch security requirements. Therefore, it would have been foolish to use a hardware supply chain that would eventually suffer from rootkit-infested components if their target customers using various types of network devices.
To boost the switch’s security, the makers ensured that each hardware component go through a validation process to prove its authenticity. This means you will use Trusted Platform Modules that don’t get affected by rootkit components that may disrupt your system.
My honest opinion is that the engineers should have spent some more time to figure out a better way to implement the TPM in the 8400. Since the system has an SSL certificate and a secure root that backs the system’s startup, individual authenticity may not be necessary, especially when the code loading and hardware already has a trustworthy setup.
In short, even if the switch doesn’t boot or the certification validation doesn’t authenticate at the time of starting the system, there is always a recovery mechanism ready. This indicates that the box would never fail its certification validation. However, the chassis switch will not forward any traffic when the box is recovering its data.