EX4650 Ethernet Switch
The EX4650 Ethernet Switch is a compact, scalable, high-performance 10GbE/25GbE/100GbE solution for midsized to large enterprise campus distribution deployments. It delivers rich telemetry data to Juniper Mist™ Wired Assurance, bringing AI-powered automation and service levels to access switching.
The EX4650 is cloud-ready and ZTP-enabled, so you can use Wired Assurance to onboard, provision, and manage it for improved connected-device experiences. In addition, the Juniper Mist Cloud streamlines deploying and managing your campus fabric, while Mist AI simplifies operations and improves visibility into the performance of connected devices.
Features + Benefits
Juniper Mist Wired Assurance
Claim, configure, and troubleshoot switches with a few clicks. Wired Assurance delivers better experiences for connected devices through AI-powered automation and service-level expectations (SLEs) with Mist’s AI engine and microservices cloud.
The EX Switches provide rich streaming telemetry data to enable the insights for switch health metrics and anomaly detection. Streamline IT operations, reduce mean time to repair, and deliver optimized experiences across wired and wireless.
EVPN-VXLAN
The EX4650 supports powerful EVPN-VXLAN capabilities to simplify deployments and operations by providing a common technology across campus and data centers.
Virtual Chassis
With Virtual Chassis technology, up to four interconnected EX4650 switches operate as a single logical device, reducing operational expenses and simplifying management.
Wire-Speed Performance
Wire-speed performance with native 10GbE, 25GbE, and 100GbE port densities dramatically simplifies network topologies and operations.
Product Description
The Juniper Networks® EX4650 Ethernet Switch delivers 4 Tbps of Layer 2 and Layer 3 connectivity to networked devices such as secure routers, servers, and other switches. Featuring 48 wire-speed 10GbE/25GbE small form-factor pluggable and pluggable plus transceiver (SFP/SFP+/SFP28) ports and 8 wire-speed 40GbE/100GbE quad SFP+ transceiver (QSFP+/QSP28) ports in a compact 1 U platform, the EX4650 provides the flexibility to support mixed 1GbE, 10GbE, 25GbE, 40GbE, and 100GbE environments. Four models are available: two featuring AC power supplies with front-to-back or back-to-front airflow, and two featuring DC power supplies with front-to-back or back-to-front airflow. All models include dual power supplies.
Hardware
Switching Capacity
- 2 Tbps (unidirectional)/4 Tbps (bidirectional)
- Layer 2/Layer 3 throughput (maximum with 64 byte packets): 2976 Mpps (wire speed)
Weight
- 7 lb (10.75 kg)
Dimensions (HxWxD)
- 72 x 17.36 x 20.48 in (4.37 x 44.09 x 52.02 cm)
- Switching mode: Cut-through and store-and-forward
- Front-to-back (airflow out) for hot aisle deployment
- Back-to-front (airflow in) for cold aisle deployment
- Management and console port connections
Power Consumption
- Max load 450 W; typical load 260 W; idle load 160 W
Interface Options
- 1GbE SFP: 48 (48 copper 1GbE)
- 10GbE SFP+: 48/80 (with breakout cable)
- 25GbE SFP28: 48/80 (with breakout cable)
- 40GbE QSFP+: 8
- 100GbE QSFP28: 8
- Each QSFP+ port can be configured as a 4 x 10GbE interface or as a 40 Gbps port
- Each QSFP28 port can be configured as a 4 x 25GbE interface or as a 100 Gbps port
- 1 USB 2.0 port
- 1 RS-232 console port
- 2 management ports: 2 x RJ-45 ports
- Supported transceiver and direct attach cable (DAC)
- SFP 1GbE optical and copper module
- SFP+ 10GbE optical modules
- SFP+ DAC cables: 1/3 m twinax copper and 1/3/5/7 m active twinax copper
- SFP28 DAC cables: 1 m twinax copper
- SFP28 optics: SR, LR
- QSFP+ DAC cables: 1/3 m twinax copper
- QSFP+ optics: SR4, LX4, ESR4, ER4, LR4
- QSFP+ to SFP+ 10GbE direct attach breakout copper (1/3 m twinax copper cable)
- QSFP28 to SFP28 25GbE direct attach breakout copper (1 m twinax copper cable)
- QSFP28 optics: SR4, ER4, PSM4, CWDM4, LR4
Virtual Chassis
- 100GbE and 40GbE as Virtual Chassis port
- Virtual Chassis Routing Engine (RE) election
- Virtual Chassis pre-provisioning (plug-and-play)
- Auto-LAG formation of Virtual Chassis ports
- FCoE transit across Virtual Chassis members
- QoS on Virtual Chassis ports
- Local designated forwarding
- Graceful RE switchover (GRES)
- Nonstop routing (NSR)
- Nonstop bridging (NSB)
- Monitor distributed aggregate interface
- Control plane protection for virtual RE
Rack Installation Kit
- Versatile four-post mounting options for 19-in server rack or datacom rack
Airflow
- Redundant (N+1) and hot-pluggable fan modules for front-to-back and back-to-front airflow
- Redundant variable-speed fans to reduce power draw
Power Supply and Fan Modules
- Dual redundant (1+1) and hot-pluggable 650 W AC/DC power supplies
- 110-240 V single phase AC power
- -44 to -72 V DC power supply
- Redundant (4+1) and hot-pluggable fan modules for front-to-back or back-to-front airflow
Performance Scale (Unidimensional)
- Layer 2
- MAC addresses per system: 288,000
- VLAN IDs: 4093
- Number of link aggregation groups (LAGs): 80
- Number of ports per LAG: 64
- Multiple Spanning Tree Protocol (MSTP) instances: 64
- VLAN Spanning Tree Protocol (VSTP) instances: 509
- Jumbo frame: 9216 bytes
- Firewall filters
- Ingress filters: 1500
- Egress filters: 512
- Layer 3
- IPv4 unicast prefixes: 360,000
- IPv4 unicast routes: 208,000
- IPv4 multicast routes: 104,000
- ECMP paths: 64
- IPv6 unicast prefixes: 170,000
- IPv6 unicast routes: 104,000
- IPv6 multicast routes: 52,000
- ARP entries: 64,000
- Traffic mirroring
- Mirroring destination ports per switch: 4
- Maximum number of mirroring sessions: 4
- Mirroring destination VLANs per switch: 4
Software Features Supported
Layer 2 Features
- STP—IEEE 802.1D (802.1D-2004)
- Rapid Spanning Tree Protocol (RSTP) (IEEE 802.1w); MSTP (IEEE 802.1s)
- Redundant Trunk Group (RTG)
- Bridge protocol data unit (BPDU) protect
- Loop protect
- Root protect
- RSTP and VSTP running concurrently
- VLAN—IEEE 802.1Q VLAN trunking
- The Routed VLAN Interface (RVI)
- Port-based VLAN
- Private VLAN (PVLAN)
- VLAN translation
- Static MAC address assignment for interface
- Per VLAN MAC learning (limit)
- MAC learning deactivate
- Link Aggregation and Link Aggregation Control Protocol (LACP) (IEEE 802.3ad)
Link Aggregation
- Multichassis link aggregation (MC-LAG)
- EVPN Multihoming (ESI-LAG)
- LAG load-sharing algorithm—bridged or routed (unicast or multicast) traffic:
- IP: SIP, Dynamic Internet Protocol (DIP), TCP/UDP source port, TCP/UDP destination port
- L2 and non-IP: MAC SA, MAC DA, Ethertype, VLAN ID, source port
Layer 3 Features (IPv4)
- Static routing
- Routing protocols (RIP, OSPF, IS-IS, BGP)
- Virtual Router Redundancy Protocol (VRRP)
- Bidirectional Forwarding Detection (BFD) protocol
- Virtual router
- Dynamic Host Configuration Protocol (DHCP) relay
- Proxy Address Resolution Protocol (ARP)
Multicast Features
- Internet Group Management Protocol (IGMP): v1, v2, v3
- IGMP snooping: v1, v2, and v3 (L2 only)
- IGMP Filter
- PIM-SM, PIM-SSM, PIM-DM
- Multicast Source Discovery Protocol (MSDP)
Security and Filters
- Secure interface login and password
- RADIUS
- TACACS+
- Ingress and egress filters: Allow and deny, port filters, VLAN filters, and routed filters, including management port filters
- Filter actions: Logging, system logging, reject, mirror to an interface, counters, assign forwarding class, permit, drop, police, mark
- SSH v1, v2
- Static ARP support
- Storm control, port error deactivate, and autorecovery
- Sticky MAC address
- DHCP snooping
Quality of Service (QoS)
- L2 and L3 QoS: Classification, rewrite, queuing
- Rate limiting:
- Ingress policing: Single-rate two-color policer, two-rate three-color policer
- Egress policing: Policer, policer mark down action
- Egress shaping: Per queue on each port
- 10 hardware queues per port (8 unicast and 2 multicast)
- Strict-priority queuing (PQ), shaped-deficit weighted round-robin (SDWRR), weighted random early detection (WRED), weighted tail drop
- FCoE Initialization Protocol (FIP) snooping
- 1p remarking
- L2 classification criteria: Interface, MAC address, Ethertype, 802.1p, VLAN
- Congestion avoidance capabilities: WRED
- Trust IEEE 802.1p (ingress)
- Remarking of bridged packets
Data Center Bridging (DCB)
- Priority-based flow control (PFC)—IEEE 802.1Qbb
- Data Center Bridging Capability Exchange (DCBX), DCBx FCoE, and iSCSI type, length, and value (TLVs)
High Availability
- Bidirectional Forwarding Detection (BFD)
- Uplink failure detection
- Dynamic Load Balancing
MPLS
- Static label-switched paths (LSPs)
- RSVP-based signaling of LSPs
- LDP-based signaling of LSPs
- LDP tunneling (LDP over RSVP)
- MPLS class of service (CoS)
- MPLS LSR support
- IPv6 tunneling (6PE) (via IPv4 MPLS backbone)
- IPv4 L3 VPN (RFC 2547, RFC 4364)
Server Virtualization Management and SDN-Related Protocols
- VXLAN OVSDB
- EVPN-VXLAN
Management and Analytics Platforms
- Juniper Mist Wired Assurance for Campus
- Junos Space®Network Director for Campus
- Junos Space®Management
Device Management and Operations
- Role-based CLI management and access
- CLI via console, telnet, or SSH
- Extended ping and traceroute
- OpenConfig for Junos OS to support the YANG data models
- Junos OS configuration rescue and rollback
- Image rollback
- SNMP v1/v2/v3
- Junos XML management protocol
- sFlow v5
- Beacon LED for port and system
- Zero Touch Provisioning (ZTP)
- OpenStack Neutron Plug-in
- Python
- Junos OS event, commit, and OP scripts
- Junos Telemetry Interface (JTI)
Traffic Mirroring
- Port-based
- LAG port
- VLAN-based
- Filter-based
- Mirror to local
- Mirror to remote destinations (L2 over VLAN)
Standards Compliance
IEEE Standard
- IEEE standard
- IEEE 802.1D
- IEEE 802.1w
- IEEE 802.1
- IEEE 802.1Q
- IEEE 802.1p
- IEEE 802.1ad
- IEEE 802.3ad
- IEEE 802.1AB
- IEEE 802.3x
- IEEE 802.1Qbb
- IEEE 802.1Qaz
T11 Standards
- INCITS T11 FC-BB-5
Supported RFCs
- RFC 768 UDP
- RFC 783 Trivial File Transfer Protocol (TFTP)
- RFC 791 IP
- RFC 792 ICMP
- RFC 793 TCP
- RFC 826 ARP
- RFC 854 Telnet client and server
- RFC 894 IP over Ethernet
- RFC 903 RARP
- RFC 906 TFTP Bootstrap
- RFC 951 1542 BootP
- RFC 1058 Routing Information Protocol
- RFC 1112 IGMP v1
- RFC 1122 Host requirements
- RFC 1142 OSI IS-IS Intra-domain Routing Protocol
- RFC 1256 IPv4 ICMP Router Discovery (IRDP)
- RFC 1492 TACACS+
- RFC 1519 Classless Interdomain Routing (CIDR)
- RFC 1587 OSPF not-so-stubby area (NSSA) Option
- RFC 1591 Domain Name System (DNS)
- RFC 1745 BGP4/IDRP for IP—OSPF Interaction
- RFC 1772 Application of the Border Gateway Protocol in the Internet
- RFC 1812 Requirements for IP Version 4 routers
- RFC 1997 BGP Communities Attribute
- RFC 2030 SNTP, Simple Network Time Protocol
- RFC 2068 HTTP server
- RFC 2131 BOOTP/DHCP relay agent and Dynamic Host
- RFC 2138 RADIUS Authentication
- RFC 2139 RADIUS Accounting
- RFC 2154 OSPF w/Digital Signatures (Password, MD-5)
- RFC 2236 IGMP v2
- RFC 2267 Network ingress filtering
- RFC 2328 OSPF v2 (edge mode)
- RFC 2338 VRRP
- RFC 2362 PIM-SM (edge mode)
- RFC 2370 OSPF Opaque link-state advertisement (LSA) Option
- RFC 2385 Protection of BGP Sessions via the TCP Message Digest 5 (MD5) Signature Option
- RFC 2439 BGP Route Flap Damping
- RFC 2453 RIP v2
- RFC 2474 Definition of the Differentiated Services Field in the IPv4 and IPv6 Headers
- RFC 2597 Assured Forwarding PHB (per-hop behavior) Group
- RFC 2598 An Expedited Forwarding PHB
- RFC 2697 A Single Rate Three Color Marker
- RFC 2698 A Two Rate Three Color Marker
- RFC 2796 BGP Route Reflection—An Alternative to Full Mesh IBGP
- RFC 2918 Route Refresh Capability for BGP-4
- RFC 3065 Autonomous System Confederations for BGP
- RFC 3376 IGMP v3 (source-specific multicast include mode only)
- RFC 3392 Capabilities Advertisement with BGP-4
- RFC 3446, Anycast RP
- RFC 3569 SSM
- RFC 3618 MSDP
- RFC 3623 Graceful OSPF Restart
- RFC 4271 Border Gateway Protocol 4 (BGP-4)
- RFC 4360 BGP Extended Communities Attribute
- RFC 4456 BGP Route Reflection: An Alternative to Full Mesh Internal BGP (IBGP)
- RFC 4486 Subcodes for BGP Cease Notification Message
- RFC 4724 Graceful Restart Mechanism for BGP
- RFC 4812 OSPF Restart Signaling
- RFC 4893 BGP Support for Four-octet AS Number Space
- RFC 5176 Dynamic Authorization Extensions to RADIUS
- RFC 5396 Textual Representation of Autonomous System (AS) Numbers
- RFC 5668 4-Octet AS Specific BGP Extended Community
- RFC 5880 Bidirectional Forwarding Detection (BFD) Dynamic Host Configuration Protocol (DHCP) server
Supported MIBs
- RFC 1155 SMI
- RFC 1157 SNMPv1
- RFC 1212, RFC 1213, RFC 1215 MIB-II, Ethernet-Like MIB and TRAPs
- RFC 1850 OSPFv2 MIB
- RFC 1901 Introduction to Community-based SNMPv2
- RFC 2011 SNMPv2 for Internet protocol using SMIv2
- RFC 2012 SNMPv2 for transmission control protocol using SMIv2
- RFC 2013 SNMPv2 for user datagram protocol using SMIv2
- RFC 2233, The Interfaces Group MIB Using SMIv2
- RFC 2287 System Application Packages MIB
- RFC 2570 Introduction to Version 3 of the Internet-standard Network Management Framework
- RFC 2571 An Architecture for describing SNMP Management Frameworks (read-only access)
- RFC 2572 Message Processing and Dispatching for the SNMP (read-only access)
- RFC 2576 Coexistence between SNMP Version 1, Version 2, and Version 3
- RFC 2578 SNMP Structure of Management Information MIB
- RFC 2579 SNMP Textual Conventions for SMIv2
- RFC 2580 Conformance Statements for SMIv2
- RFC 2665 Ethernet-like interface MIB
- RFC 2787 VRRP MIB
- RFC 2790 Host Resources MIB
- RFC 2819 RMON MIB
- RFC 2863 Interface Group MIB
- RFC 2932 IPv4 Multicast MIB
- RFC 3410 Introduction and Applicability Statements for Internet Standard Management Framework
- RFC 3411 An architecture for describing SNMP Management Frameworks
- RFC 3412 Message Processing and Dispatching for the SNMP
- RFC 3413 Simple Network Management Protocol (SNMP) (all MIBs are supported except the Proxy MIB)
- RFC 3414 User-based Security Model (USM) for version 3 of SNMPv3
- RFC 3415 View-based Access Control Model (VACM) for the SNMP
- RFC 3416 Version 2 of the Protocol Operations for the SNMP
- RFC 3417 Transport Mappings for the SNMP
- RFC 3418 Management Information Base (MIB) for the SNMP
- RFC 3584 Coexistence between Version 1, Version 2, and Version 3 of the Internet-standard Network Management Framework
- RFC 3826 The Advanced Encryption Standard (AES) Cipher Algorithm in the SNMP User-based Security Model
- RFC 4188 Definitions of Managed Objects for Bridges
- RFC 4318 Definitions of Managed Objects for Bridges with Rapid Spanning Tree Protocol
- RFC 4363b Q-Bridge VLAN MIB
48 25GbE/10GbE/GbE SFP28/SFP+/SFP ports, 8 100GbE/40GbE QSFP28/QSFP+ ports, redundant fans, 2 AC power supplies, 2 power cords, 4-post rack mount kit, and back to front airflow
48 25GbE/10GbE/GbE SFP28/SFP+/SFP ports, 8 100GbE/40GbE QSFP28/QSFP+ ports, redundant fans, 2 AC power supplies, 2 power cords, 4-post rack mount kit, and front to back airflow
48 25GbE/10GbE/GbE SFP28/SFP+/SFP ports, 8 100GbE/40GbE QSFP28/QSFP+ ports, redundant fans, 2 DC power supplies, 2 power cords, 4-post rack mount kit, and back to front airflow
48 25GbE/10GbE/GbE SFP28/SFP+/SFP ports, 8 100GbE/40GbE QSFP28/QSFP+ ports, redundant fans, 2 DC power supplies, 2 power cords, 4-post rack mount kit, and front to back airflow
Juniper 650 W AC power supply (port-side to FRU-side airflow)
Juniper 650 W AC power supply (FRU-side to port-side airflow)
JPSU-650W-DC-AFI
Juniper 650 W DC power supply (FRU-side to port-side airflow)
FANAFI fan model, back-to-front airflow
FANAFO fan model, front-to-back airflow
4 post rack mount kit
1 RU
48 x 10/25GbE and 8 x 40/100GbE
2 Tbps
As low as 550ns
Virtual Chassis, MC-LAG, ESI-LAG, EVPN-VXLAN