Industrial Ethernet, Stackable Layer 3 Switch

Our ruggedized IE510-28GSX Industrial Ethernet switches are built for enduring performance in harsh environments, such as those found in manufacturing, transportation and physical security. Offering high throughput, rich functionality and advanced security features, IE510-28GSX switches deliver the performance and reliability demanded by industrial deployments in the Internet of Things (IoT) age.



The Allied Telesis IE510-28GSX Layer 3 wirespeed switches are ideal for industrial Ethernet applications. With a wide operating temperature range of between -40°C and 75°C, they tolerate harsh and demanding environments, such as those found in industrial and outdoor deployment.

Device management is provided via Industry-standard CLI, SNMP, Telnet, SSH, or Allied Telesis Autonomous Management Framework™ (AMF). AMF is unique to Allied Telesis managed devices, offering simplified device provisioning, recovery and firmware upgrade management.


The IE510-28GSX managed switches are high-performance and cost-effective, and meet the high reliability requirements of industrial network operations. These robust switches provide network managers with several key features, using the simple web-based management function, including port-based VLANs, IEEE 802.1p, QoS, port trunking/link aggregation, port mirroring, priority queues, and IEEE 802.1x security support. With support for up to 16K MAC addresses, the IE510-28GSX switches are the ideal option for integrating management into any network solution.


Advanced security features protect the network. Unprecedented control over user access is provided with Network Access Control (NAC), mitigating threats to network infrastructure. This ensures the network is accessed only by known users and devices — all users’ adherence to network security policies is checked, and then either access is granted or remediation is offered. Secure access can also be provided for guests. A secure network environment is guaranteed. The IE510-28GSX offers powerful control over network traffic types, secure management options, loop guard to protect against cabling mistakes, and tri-authentication for comprehensive access control.

High Network Resiliency

The convergence of network services in the enterprise has led to increasing demand for highly available networks with minimal downtime. VCStack™, in conjunction with link aggregation, provides a network with no single point of failure and an easy solution for
resiliency in access applications.

The IE510-28GSX supports highly stable and reliable network switching with a recovery time of less than 50ms. You can customize the IE510-28GSX with the most appropriate mechanism and protocol to prevent network connection failure. Choices include Allied Telesis Ethernet Protection Switched Ring (EPSRing™), and the standard ITU-T G.8032.

The IE510-28GSX can form a VCStack of up to four units for enhanced resiliency and simplified device management. Full EPSRing support and VCStack LD (Long Distance), which enables stacks to be created over long distance fiber links, make the IE510-28GSX the perfect choice for distributed environments.


The IE510-28GSX ensures a future-proof network, with superior flexibility coupled with the ability to stack multiple units. The IE510-28GSX model features 1/10 Gigabit uplinks ports and a comprehensive IPv6 feature set, to ensure they are ready for future network traffic demands. These models are Software Defined Networking (SDN) ready and are able to support OpenFlow v1.3.

Key Features

Allied Telesis Autonomous Management Framework (AMF)

  • AMF is a sophisticated suite of management tools that provide a simplified approach to network management. Common tasks are automated or made so simple that the every-day running of a network can be achieved without the need for highly-trained, and expensive, network engineers.
  • Powerful features like centralized management, auto-backup, auto-upgrade, auto-provisioning and auto-recovery enable plug-and-play networking and zero-touch management.

VCStack (Virtual Chassis Stacking)

  • Create a VCStack of up to four units with 40Gbps of stacking bandwidth to each unit. Stacking links are connected in a ring so each device has dual connections to further improve resiliency. VCStack provides a highly available system where network resources are spread out across stacked units, reducing the impact if one of the units fails. Aggregating switch ports on different units across the stack provides excellent network resiliency.
  • Long-distance stacking allows a VCStack to be created over longer distances, perfect for a distributed network environment.

Software Defined Networking (SDN)

  • OpenFlow is a key technology that enables the use of SDN to build smart applications that unlock value and reduce cost.

High Availability

  • EPSRing and ITU-T G.8032 allow to form a protected ring capable of recovery within as little as 50ms; These features are perfect for high performance and high availability.
  • Spanning-Tree protocol compatible; RSTP; MSTP; static Link Aggregation Group (LAG) and dynamic Link Aggregation Control Protocol (LACP) support.

Industry-leading Quality of Service (QoS)

  • Comprehensive low-latency wire-speed QoS provides flow-based traffic management with full classification, prioritization, traffic shaping and min/max bandwidth profiles. Enjoy boosted network performance and guaranteed delivery of business-critical Ethernet services and applications. Time-critical services such as voice and video take precedence over non-essential services such as file downloads, maintaining responsiveness of your applications.

Loop Protection

  • Thrash limiting, also known as rapid MAC movement, detects and resolves network loops. It is highly user-configurable — from the rate of looping traffic to the type of action the switch should take when it detects a loop.
  • With thrash limiting, the switch only detects a loop when a storm has occurred, which can potentially cause disruption to the network. To avoid this, loop detection works in conjunction with thrash limiting to send special Loop Detection Frame (LDF) packets that the switch listens for. If a port receives an LDF packet, you can choose to disable the port, disable the link, or send an SNMP trap. This feature can help to detect loops before a network storm occurs, avoiding the risk and inconvenience of traffic disruption.


  • sFlow is an industry standard technology for monitoring high speed switched networks. It provides complete visibility into network use, enabling performance optimization, usage accounting/billing, and defence against security threats. Sampled packets sent to a collector ensure it always has a real-time view of network traffic.

Active Fiber Monitoring

  • Active Fiber Monitoring prevents eavesdropping on fiber communications by monitoring received optical power. If an intrusion is detected, the link can be automatically shut down, or an operator alert can be sent. Active Fiber Monitoring is supported on fiber data and fiber stacking links.

UniDirectional Link Detection (UDLD)

  • UniDirectional Link Detection (UDLD) is useful for monitoring fiber-optic links between two switches that use two single-direction fibers to transmit and receive packets. UDLD prevents traffic from being sent across a bad link by blocking the ports at both ends of the link in the event that either the individual transmitter or receiver for that connection fails.

Link Layer Discovery Protocol – Media Endpoint Discovery (LLDP – MED)

  • LLDP-MED extends LLDP basic network endpoint discovery and management functions. LLDP-MED allows for media endpoint specific messages, providing detailed information on power equipments, network policy, location discovery (for Emergency Call Services) and inventory.

VLAN Translation

  • VLAN Translation allows traffic arriving on a VLAN to be mapped to a different VLAN on the outgoing paired interface.
  • In Metro networks, it is common for the Network Service Provider to give each customer their own unique VLAN, yet at the customer location, give all the customers the same VLAN-ID for tagged packets to use on the wire. VLAN-ID translation can be used by the Service Provider to change the tagged packet’s VLAN-ID at the customer location to the VLAN-ID for tagged packets to use within the NSP’s network.
  • This feature is also useful in Enterprise environments where it can be used to merge two networks together without manually reconfiguring the VLAN numbering scheme. This situation can occur if two companies have merged and the same VLAN-ID is used for two different purposes.

Voice VLAN

  • Voice VLAN automatically separates voice and data traffic into two different VLANs. This automatic separation places delay-sensitive traffic into a voice- dedicated VLAN, which simplifies QoS configurations.

VLAN Mirroring (RSPAN)

  • VLAN mirroring allows traffic from a port on a remote switch to be analyzed locally. Traffic being transmitted or received on the port is duplicated and sent across the network on a special VLAN.

Security (Tri-authentication)

  • Authentication options on the IE510-28GSX also include alternatives to IEEE 802.1X port-based authentication, such as web authentication, to enable guest access and MAC authentication for endpoints that do not have an IEEE 802.1X supplicant. All three authentication methods— IEEE 802.1X, MAC-based and Web-based—can be enabled simultaneously on the same port for tri-authentication.

Access Control Lists (ACLs)

  • AlliedWare Plus delivers industry-standard Access Control functionality through ACLs. ACLs filter network traffic to control whether routed packets are forwarded or blocked at the port interface. This provides a powerful network security mechanism to select the types of traffic to be analyzed, forwarded, or influenced in some way.

Upstream Forwarding Only (UFO)

  • UFO lets you manage which ports in a VLAN can communicate with each other, and which only have upstream access to services, for secure multi-user deployment.

Dynamic Host Configuration Protocol (DHCP) Snooping

  • DHCP servers allocate IP addresses to clients, and the switch keeps a record of addresses issued on each port. IP source guard checks against this DHCP snooping database to ensure only clients with specific IP and/or MAC address can access the network. DHCP snooping can be combined with other features, like dynamic ARP inspection, to increase security in layer 2 switched environments, and also provides a traceable history, which meets the growing legal requirements placed on service providers.

Alarm Input/Output

  • Alarm Input/Output are useful for security integration solution; they respond to events instantly and automatically by a pre-defined event scheme, and notify alert message to the monitoring control center. The 2-pin terminal blocks may be connected to sensors and actuator relays. Alarm Input receives signal from external devices like motion sensor and magnets; that will trigger subsequent actions if something changes. Alarm output controls external device upon a event (i.e. sirens, strobes, PTZ camera).

Premium Software License

  • By default, the IE510-28GSX offers a comprehensive Layer 2 and basic Layer 3 feature set that includes static routing and IPv6 management features. The feature set can easily be upgraded with premium software licenses.

Product Specifications

IE510-28GSX - 24 4 (2 if stacked) 2* 128Gbps 95.2Mpps 40Gbps - -

* Stacking ports can be configured as additional 1G/10G Ethernet ports when unit is not stacked


  • 16K MAC address entries
  • 2 MBytes (16 Mbits) packet buffer memory
  • 8 Priority queues
  • 4Ksimultaneous VLANs
  • VLANs ID range: 1 – 4094
  • Jumbo frames: 13KB jumbo packets
  • Multicast groups: 1K (layer 2), 256 (layer 3)
  • Routes: 2K (IPv4), 256 (IPv6)

Other Interfaces

  • Type: Serial console (UART)
    Port no: 1
    Connector: RJ-45 female
  • Type: USB2.0 (Host Controller Class)
    Port no: 1
    Connector: Type A receptacle
  • Type: Alarm Input
    Port no: 1
    Connector: RJ-45 female
  • Type: Alarm Output
    Port no: 1
    Connector: RJ-45 female
  • Type: Power Input
    Port no: 2
    Connector: 2-pin Terminal Block


  • Modular AlliedWare™ operating system
  • Redundant power input
  • Full environmental monitoring of PSUs, fans, temperature and internal voltages, with SNMP traps to alert network managers in case of any failure


  • Stack up to four units in a VCStack
  • Premium license option for additional features

Flexibility and Compatibility

  • Gigabit SFP ports will support any combination of Allied Telesis 100Mbps and 1000Mbps SFP modules listed in this document under Ordering Information
  • 10G SFP+ ports will support any combination of Allied Telesis 1000Mbps SFP and 10GbE SFP+ modules and direct attach cables listed in this document under Ordering Information
  • Stacking ports can be configured as 10G Ethernet ports
  • Port speed and duplex configuration can be set manually or by auto-negotiation

Diagnostic Tools

  • Active Fiber Monitoring detects tampering on optical links
  • Automatic link flap detection and port shutdown
  • Built-In Self Test (BIST)
  • Cable fault locator (TDR)
  • Event logging via Syslog over IPv4
  • Find-me device locator
  • Optical Digital Diagnostic Monitoring (DDM)
  • Ping polling and TraceRoute for IPv4 and IPv6
  • Port and VLAN mirroring (RSPAN)
  • UniDirectional Link Detection (UDLD)
  • IEEE 802.1ag CCP Connectivity Fault Management - Continuity Check Protocol (CCP)

IPv4 Features

  • Black hole routing
  • Directed broadcast forwarding
  • DHCP server and relay
  • DNS relay
  • Equal Cost Multi Path (ECMP) routing
  • Policy-based routing
  • Route redistribution (OSPF, RIP)
  • Static unicast and multicast routing for IPv4
  • UDP broadcast helper (IP helper)

IPv6 Features

  • Device management over IPv6 networks with SNMPv6, Telnetv6 and SSHv6
  • DHCPv6 relay, DHCPv6 client
  • DNSv6 relay, DNSv6 client
  • IPv4 and IPv6 dual stack
  • IPv6 hardware ACLs
  • NTPv6 client and server
  • Static unicast and multicast routing for IPv6


  • Front panel seven-segment LED provides at-a-glance status and fault information
  • Autonomous Management Framework (AMF) enables powerful centralized management and zero-touch device installation and recovery
  • Console management port on the front panel for ease of access
  • Eco-friendly mode allows ports and LEDs to be disabled to save power
  • Web-based Graphical User Interface (GUI)
  • Industry-standard CLI with context-sensitive help
  • Powerful CLI scripting engine
  • Built-in text editor
  • Event-based triggers allow user-defined scripts to be executed upon selected system events
  • SNMPv1/v2c/v3
  • Comprehensive SNMP MIB support for standards-based device management
  • USB interface allows software release files, configurations and other files to be stored for backup and distribution to other devices

Quality of Service

  • Eight priority queues with a hierarchy of high-priority queues for real-time traffic, and mixed scheduling, for each switch port
  • Limit bandwidth per port or per traffic class down to 64kbps
  • Wirespeed traffic classification with low latency essential for VoIP and real-time streaming media applications
  • Policy-based QoS based on VLAN, port, MAC and general packet classifiers
  • Policy-based storm protection
  • Extensive remarking capabilities
  • Taildrop for queue congestion control
  • Strict priority, weighted round robin, or mixed scheduling
  • IP precedence and DiffServ marking based on Layer 2, 3, and 4 headers

Resiliency Features

  • Control Plane Prioritization (CPP) ensures the CPU always has sufficient bandwidth to process network control traffic
  • Dynamic link failover (host attach)
  • Ethernet Protection Switched Rings (EPSR) with SuperLoop Protection (SLP)
  • Ethernet Ring Protection Switching (ITU-T G.8032)
  • Link Aggregation Control Protocol (LACP)
  • Long-Distance stacking (VCStack LD)
  • Loop protection: loop detection and thrash limiting
  • Multiple Spanning Tree Protocol (MSTP)
  • PVST+ compatibility mode
  • Rapid Spanning Tree Protocol (RSTP)
  • Spanning Tree Protocol (STP) with root guard
  • Stacking ports can be configured as 10G Ethernet ports
  • Virtual Router Redundancy Protocol (VRRPv3)


  • Internet Group Membership Protocol (IGMPv1/v2/v3)
  • IGMP proxy
  • IGMP snooping with fast leave and no timeout feature
  • IGMP static groups
  • Multicast Listener Discovery (MLDv1/v2)
  • MLD snooping
  • Protocol Indipendent Multicast (PIM)
  • PIM Dense Mode (DM) for IPv4 and IPv6
  • PIM Sparse Mode (SM) for IPv4 and IPv6
  • PIM Dense Mode to Sparse Mode translation


  • Access Control Lists (ACLs) based on layer 3 and 4 headers
  • Auth fail and guest VLANs
  • Configurable ACLs for management traffic
  • Authentication, Authorization and Accounting (AAA)
  • Bootloader can be password protected for device security
  • BPDU protection
  • DHCP snooping, IP source guard and Dynamic ARP Inspection (DAI)
  • DoS attack blocking and virus throttling
  • Dynamic VLAN assignment
  • MAC address filtering and MAC address lock-down
  • Network Access and Control (NAC) features manage endpoint security
  • Port-based learn limits (intrusion detection)
  • Private VLANs provide security and port isolation for multiple customers using the same VLAN
  • RADIUS local server (100 users) and accounting
  • Secure Copy (SCP)
  • Strong password security and encryption
  • TACACS+authentication and accounting
  • Tri-authentication: MAC-based, web-based and IEEE 802.1x

Environmental Specifications

  • Operating temperature range:
-40°C to 75°C (-40°F to 167°F)
  • Storage temperature range:
-40°C to 85°C (-40°F to 185°F)
  • Operating relative humidity range:
5% to 95% non-condensing
  • Storage relative humidity range:
5% to 95% non-condensing
  • Operating altitude:
up to 3,000 meters (9,842 ft)

    Environmental Compliance

    • RoHS, China RoHS, WEEE

    Electrical/Mechanical Approvals

    • Compliance Mark:
      CE, FCC, VCCI
    • Safety:
      EN/IEC/UL 60950-1
      CAN/CSA-22.2 no. 60950-1
    • EMC:
      CISPR 32
      EN55032 Class A
      EN61000-4-2 (ESD)
      EN61000-4-3 (RS)
      EN61000-4-4 (EFT)
      EN61000-4-5 (Surge)
      EN61000-4-6 (CS)
      FCC Part 15B, Class A
      ICES-003, Class A
      VCCI, Class A

    Product Specifications

    IE510-28GSX-80 440 x 44 x 300 mm
    (17.32 x 1.73 x 11.80 in)
    4.8 Kg (10.58 lb) metal shell rack mount IP30


    Power and noise characteristics

    IE510-28GSX-80 ± 48V DC,
    ± 60V DC*
    fan 74W ** 252 BTU/h ** 45 dBA - - - - - - -

    Noise: tested to ISO7779; front bystander position

    * auto-ranging  ** including SFP transceivers’ consumption and margin



    PRODUCT 100Mbps 1Gbps 10Gbps
    IE510-28GSX-80 14.5µs 4.4µs 3.1µs
    AlliedWare Plus Operating System

    Version 5.4.9-2

    RFC 1321
    MD5 Message-Digest algorithm
    RFC 1828
    IP authentication using keyed MD5
    Cryptographic Algorithms
    FIPS Approved Algorithms

    Encryption (Block Ciphers):

    • AES (ECB, CBC, CFB and OFB Modes)
    • 3DES (ECB, CBC, CFB and OFB Modes)

    Block Cipher Modes:

    • CCM
    • CMAC
    • GCM
    • XTS

    Digital Signatures & Asymmetric Key Generation:

    • DSA
    • ECDSA
    • RSA

    Secure Hashing:

    • SHA-1
    • SHA-2 (SHA-224, SHA-256, SHA-384. SHA-512)

    Message Authentication:

    • HMAC (SHA-1, SHA-2(224, 256, 384, 512)

    Random Number Generation:

    • DRBG (Hash, HMAC and Counter)
    Non FIPS Approved Algorithms

    RNG (AES128/192/256)


    IEEE 802.1AX Link aggregation (static and LACP)
    IEEE 802.2 Logical Link Control (LLC)
    IEEE 802.3 Ethernet
    IEEE 802.3ab 1000T
    IEEE 802.3ad Static and dynamic link aggregation
    IEEE 802.3ae 10 Gigabit Ethernet
    IEEE 802.3af Power over Ethernet (PoE)
    IEEE 802.3at Power over Ethernet Plus (PoE+)
    IEEE 802.3az Energy Efficient Ethernet (EEE)
    IEEE 802.3u 100X
    IEEE 802.3x Flow control – full-duplex operation
    IEEE 802.3z 1000X

    IPv4 Features
    RFC 768
    User Datagram Protocol (UDP)
    RFC 791
    Internet Protocol (IP)
    RFC 792
    Internet Control Message Protocol (ICMP)
    RFC 793
    Transmission Control Protocol (TCP)
    RFC 826
    Address Resolution Protocol (ARP)
    RFC 894
    Standard for the transmission of IP datagrams over Ethernet networks
    RFC 919
    Broadcasting Internet datagrams
    RFC 922
    Broadcasting Internet datagrams in the presence of subnets
    RFC 932
    Subnetwork addressing scheme
    RFC 950
    Internet standard subnetting procedure
    RFC 951
    Bootstrap Protocol (BootP)
    RFC 1027
    Proxy ARP
    RFC 1035
    DNS client
    RFC 1042
    Standard for the transmission of IP datagrams over IEEE 802 networks
    RFC 1071
    Computing the Internet checksum
    RFC 1122
    Internet host requirements
    RFC 1191
    Path MTU discovery
    RFC 1256
    ICMP router discovery messages
    RFC 1518
    An architecture for IP address allocation with CIDR
    RFC 1519
    Classless Inter-Domain Routing (CIDR)
    RFC 1542
    Clarifications and extensions for BootP
    RFC 1591
    Domain Name System (DNS)
    RFC 1812
    Requirements for IPv4 routers
    RFC 1918
    IP addressing
    RFC 2581
    TCP congestion control
    IPv6 Features
    RFC 1981
    Path MTU discovery for IPv6
    RFC 2460
    IPv6 specification
    RFC 2464
    Transmission of IPv6 packets over Ethernet networks
    RFC 2711
    IPv6 router alert option
    RFC 3056
    Connection of IPv6 domains via IPv4 clouds
    RFC 3484
    Default address selection for IPv6
    RFC 3596
    DNS extensions to support IPv6
    RFC 4007
    IPv6 scoped address architecture
    RFC 4193
    Unique local IPv6 unicast addresses
    RFC 4291
    IPv6 addressing architecture
    RFC 4443
    Internet Control Message Protocol (ICMPv6)
    RFC 4861
    Neighbor discovery for IPv6
    RFC 4862
    IPv6 Stateless Address Auto-Configuration (SLAAC)
    RFC 5014
    IPv6 socket API for source address selection
    RFC 5095
    Deprecation of type 0 routing headers in IPv6
    RFC 5175
    IPv6 Router Advertisement (RA) flags option
    RFC 6105
    IPv6 Router Advertisement (RA) guard

    AMF MIB and SNMP traps
    AT Enterprise MIB
    Optical DDM MIB
    SNMPv1, v2c and v3
    IEEE 802.1AB Link Layer Discovery Protocol (LLDP)

    RFC 1155
    Structure and identification of management information for TCP/IP-based Internets
    RFC 1157
    Simple Network Management Protocol (SNMP)
    RFC 1212
    Concise MIB definitions
    RFC 1213
    MIB for network management of TCP/IP-based Internets: MIB-II
    RFC 1215
    Convention for defining traps for use with the SNMP
    RFC 1227
    SNMP MUX protocol and MIB
    RFC 1239
    Standard MIB
    RFC 1724
    RIPv2 MIB extension
    RFC 2011
    SNMPv2 MIB for IP using SMIv2
    RFC 2012
    SNMPv2 MIB for TCP using SMIv2
    RFC 2013
    SNMPv2 MIB for UDP using SMIv2
    RFC 2096
    IP forwarding table MIB
    RFC 2578
    Structure of Management Information v2 (SMIv2)
    RFC 2579
    Textual conventions for SMIv2
    RFC 2580
    Conformance statements for SMIv2
    RFC 2674
    Definitions of managed objects for bridges with traffic classes, multicast filtering and VLAN extensions
    RFC 2741
    Agent extensibility (AgentX) protocol
    RFC 2787
    Definitions of managed objects for VRRP
    RFC 2819
    RMON MIB (groups 1,2,3 and 9)
    RFC 2863
    Interfaces group MIB
    RFC 3176
    sFlow: a method for monitoring traffic in switched and routed networks
    RFC 3411
    An architecture for describing SNMP management frameworks
    RFC 3412
    Message processing and dispatching for the SNMP
    RFC 3413
    SNMP applications
    RFC 3414
    User-based Security Model (USM) for SNMPv3
    RFC 3415
    View-based Access Control Model (VACM) for SNMP
    RFC 3416
    Version 2 of the protocol operations for the SNMP
    RFC 3417
    Transport mappings for the SNMP
    RFC 3418
    MIB for SNMP
    RFC 3621
    Power over Ethernet (PoE) MIB
    RFC 3635
    Definitions of managed objects for the Ethernet-like interface types
    RFC 3636
    IEEE 802.3 MAU MIB
    RFC 4188
    Definitions of managed objects for bridges
    RFC 4318
    Definitions of managed objects for bridges with RSTP
    RFC 4560
    Definitions of managed objects for remote ping, traceroute and lookup operations
    RFC 5424
    Syslog protocol
    RFC 6527
    Definitions of managed objects for VRRPv3
    Multicast Support

    Bootstrap Router (BSR) mechanism for PIM-SM
    IGMP query solicitation
    IGMP snooping (IGMPv1, v2 and v3)
    IGMP snooping fast-leave
    IGMP/MLD multicast forwarding (IGMP/MLD proxy)
    MLD snooping (MLDv1 and v2)
    PIM-SM and SSM for IPv6

    RFC 1112
    Host extensions for IP multicasting (IGMPv1)
    RFC 2236
    Internet Group Management Protocol v2 (IGMPv2)
    RFC 2710
    Multicast Listener Discovery (MLD) for IPv6
    RFC 2715
    Interoperability rules for multicast routing protocols
    RFC 3306
    Unicast-prefix-based IPv6 multicast addresses
    RFC 3376
    RFC 3810
    Multicast Listener Discovery v2 (MLDv2) for IPv6
    RFC 3956
    Embedding the Rendezvous Point (RP) address in an IPv6 multicast address
    RFC 3973
    PIM Dense Mode (DM)
    RFC 4541
    IGMP and MLD snooping switches
    RFC 4601
    Protocol Independent Multicast - Sparse Mode (PIM-SM): protocol specification (revised)
    RFC 4604
    Using IGMPv3 and MLDv2 for source-specific multicast
    RFC 4607
    Source-specific multicast for IP
    Open Shortest Path First (OSPF)

    OSPF link-local signaling
    OSPF MD5 authentication
    Out-of-band LSDB resync

    RFC 1245
    OSPF protocol analysis
    RFC 1246
    Experience with the OSPF protocol
    RFC 1370
    Applicability statement for OSPF
    RFC 1765
    OSPF database overflow
    RFC 2328
    RFC 2370
    OSPF opaque LSA option
    RFC 2740
    OSPFv3 for IPv6
    RFC 3101
    OSPF Not-So-Stubby Area (NSSA) option
    RFC 3509
    Alternative implementations of OSPF area border routers
    RFC 3623
    Graceful OSPF restart
    RFC 3630
    Traffic engineering extensions to OSPF
    RFC 4552
    Authentication/confidentiality for OSPFv3
    RFC 5329
    Traffic engineering extensions to OSPFv3
    Quality of Service (QoS)
    IEEE 802.1p
    Priority tagging
    RFC 2211
    Specification of the controlled-load network element service
    RFC 2474
    DiffServ precedence for eight queues/port
    RFC 2475
    DiffServ architecture
    RFC 2597
    DiffServ Assured Forwarding (AF)
    RFC 2697
    A single-rate three-color marker
    RFC 2698
    A two-rate three-color marker
    RFC 3246
    DiffServ Expedited Forwarding (EF)
    Resiliency Features
    IEEE 802.1D
    MAC bridges
    IEEE 802.1s
    Multiple Spanning Tree Protocol (MSTP)
    IEEE 802.1w
    Rapid Spanning Tree Protocol (RSTP)
    ITU-T G.8032
    Ethernet ring protection switching
    RFC 5798
    Virtual Router Redundancy Protocol version 3 (VRRPv3) for IPv4 and IPv6
    Routing Information Protocol (RIP)
    RFC 1058
    Routing Information Protocol (RIP)
    RFC 2080
    RIPng for IPv6
    RFC 2081
    RIPng protocol applicability statement
    RFC 2082
    RIP-2 MD5 authentication
    RFC 2453
    Security Features

    SSH remote login
    SSLv2 and SSLv3
    TACACS+ accounting and authentication

    IEEE 802.1X
    authentication protocols (TLS, TTLS, PEAP and MD5)
    IEEE 802.1X
    multi-supplicant authentication
    IEEE 802.1X
    port-based network access control
    RFC 2560
    X.509 Online Certificate Status Protocol (OCSP)
    RFC 2818
    HTTP over TLS (“HTTPS”)
    RFC 2865
    RADIUS authentication
    RFC 2866
    RADIUS accounting
    RFC 2868
    RADIUS attributes for tunnel protocol support
    RFC 2986
    PKCS #10: certification request syntax specification v1.7
    RFC 3546
    Transport Layer Security (TLS) extensions
    RFC 3579
    RADIUS support for Extensible Authentication Protocol (EAP)
    RFC 3580
    IEEE 802.1x RADIUS usage guidelines
    RFC 3748
    PPP Extensible Authentication Protocol (EAP)
    RFC 4251
    Secure Shell (SSHv2) protocol architecture
    RFC 4252
    Secure Shell (SSHv2) authentication protocol
    RFC 4253
    Secure Shell (SSHv2) transport layer protocol
    RFC 4254
    Secure Shell (SSHv2) connection protocol
    RFC 5246
    TLS v1.2
    RFC 5280
    X.509 certificate and Certificate Revocation List (CRL) profile
    RFC 5425
    Transport Layer Security (TLS) transport mapping for Syslog
    RFC 5656
    Elliptic curve algorithm integration for SSH
    RFC 6125
    Domain-based application service identity within PKI using X.509 certificates with TLS
    RFC 6614
    Transport Layer Security (TLS) encryption
    for RADIUS
    RFC 6668
    SHA-2 data integrity verification for SSH
    RFC 854
    Telnet protocol specification
    RFC 855
    Telnet option specifications
    RFC 857
    Telnet echo option
    RFC 858
    Telnet suppress go ahead option
    RFC 1091
    Telnet terminal-type option
    RFC 1350
    Trivial File Transfer Protocol (TFTP)
    RFC 1985
    SMTP service extension
    RFC 2049
    RFC 2131
    DHCPv4 (server, relay and client)
    RFC 2132
    DHCP options and BootP vendor extensions
    RFC 2554
    SMTP service extension for authentication
    RFC 2616
    Hypertext Transfer Protocol - HTTP/1.1
    RFC 2821
    Simple Mail Transfer Protocol (SMTP)
    RFC 2822
    Internet message format
    RFC 3046
    DHCP relay agent information option (DHCP option 82)
    RFC 3315
    DHCPv6 (server, relay and client)
    RFC 3633
    IPv6 prefix options for DHCPv6
    RFC 3646
    DNS configuration options for DHCPv6
    RFC 3993
    Subscriber-ID suboption for DHCP relay agent option
    RFC 4330
    Simple Network Time Protocol (SNTP) version 4
    RFC 5905
    Network Time Protocol (NTP) version 4
    VLAN Support

    Generic VLAN Registration Protocol (GVRP)

    IEEE 802.1ad
    Provider bridges (VLAN stacking, Q-in-Q)
    IEEE 802.1Q
    Virtual LAN (VLAN) bridges
    IEEE 802.1v
    VLAN classification by protocol and port
    IEEE 802.3ac
    VLAN tagging
    Voice over IP (VoIP)

    Voice VLAN

    AT-FL-IE5-L2-01 IE510-28GSX Layer-2 Premium license EPSR Master
    VLAN Translation
    VLAN double tagging (QinQ)
    AT-FL-IE5-L3-01 IE510-28GSX Layer-3 Premium license OSPF
    PIM-SM, DM and SSM
    PIMv6-SM and SSM
    AT-FL-IE5-G8032 IE510-28GSX license for ITU-T G.8032 ITU-T G.8032
    Ethernet CFM
    AT-FL-IE5-OF13-1YR OpenFlow license OpenFlow v1.3 for 1 year
    AT-FL-IE5-OF13-5YR OpenFlow license OpenFlow v1.3 for 5 years

    24x 100/1000X SFP, 4x 1/10G SFP+.
    Industrial Ethernet, Stackable Layer 3 Switch

    Supported SFP Modules

    Refer to the installation guide for the recommended Max. Operating Temperature according to the selected SFP module.

    10Gbps SFP+ modules


    1 meter SFP+ direct attach cable


    3 meter SFP+ direct attach cable


    7 meter SFP+ direct attach cable


    10Gbps ER SFP+, 40 km


    10Gbps LR SFP+, 10 km


    10 Gigabit Small Form-Factor, 20 km


    10 Gigabit Small Form-Factor, 20 km


    10Gbps LRM SFP+, 550 m


    10Gbps SR SFP+, 300 m


    10Gbps SR SFP+, 300 m


    10Gbps ZR SFP+, 80 km

    1000Mbps SFP+ modules


    10 km, 1G BiDi SFP, LC, SMF


    10 km, 1G BiDi SFP, LC, SMF


    20 km, 1G BiDi SFP, SC, SMF, I-Temp


    20 km, 1G BiDi SFP, SC, SMF, I-Temp


    20 km, 1G BiDi SFP, LC, SMF, I-Temp


    20 km, 1G BiDi SFP, LC, SMF, I-Temp


    2 km, 1000EX SFP, LC, MMF, 1310 nm


    2 km, 1000EX SFP, LC, MMF, 1310 nm, Ext. Temp


    10 km, 1000LX SFP, LC, SMF, 1310 nm


    10 km, 1000LX SFP, LC, SMF, 1310 nm, I-Temp


    10 km, 1000LX SFP, LC, SMF, 1310 nm, Ext. Temp


    40 km, 1000LX SFP, LC, SMF, 1310 nm


    40 km, 1000LX SFP, LC, SMF, 1310 nm, Ext. Temp


    550 m, 1000SX SFP, LC, MMF, 850 nm


    550 m, 1000SX SFP, LC, MMF, 850 nm, I-Temp


    550 m, 1000SX SFP, LC, MMF, 850 nm, Ext. Temp


    100 m, 10/100/1000T SFP, RJ-45


    100 m, 10/100/1000T SFP, RJ-45, I-Temp


    80 km, 1000ZX SFP, LC, SMF, 1550 nm

    100Mbps SFP Modules


    2 km, 100FX SFP, LC, MMF, 1310 nm


    15 km, 100FX SFP, LC, SMF, 1310 nm


    15 km, 100FX BiDi SFP, LC, SMF
    (1310 Tx/1550 Rx)


    15 km, 100FX BiDi SFP, LC, SMF
    (1550 Rx/1310 Tx)