NETGEAR M4300-24X24F User Manual
Displayed below is the user manual for M4300-24X24F by NETGEAR which is a product in the Network Switches category. This manual has pages.
Related Manuals
SDVoE-Ready M4300-96X
Up to 96-port 10G, PoE options
The NETGEAR® M4300 Stackable Switch
Series delivers L2/L3/L4 and IPv4/IPv6
cost-effective services for mid-enterprise
edge and SMB core deployments with
unrivalled ease of use: 10/40 Gigabit
models can seamlessly stack with 1
Gigabit models within the series, enabling
spine and leaf line-rate topologies. Non-
stop forwarding (NSF) virtual chassis
architectures provide advanced High
Availability (HA) with hitless failover across
the stack. Intelligent NETGEAR IGMP
Plus
™
multicast allows for scalable Pro AV
installations at Layer 2 without the PIM
complexity. Dual redundant, modular
power supplies equipping full width
models contribute to business continuity
management. Layer 3 feature set includes
static, dynamic and policy-based routing
– as standard. The NETGEAR M4300
Switch Series is perfect for wireless access,
unied communications and professional
AV-over-IP installations.
NETGEAR Intelligent Edge Switch
solutions combine latest advances in
hardware and software engineering for
higher exibility, lower complexity and
stronger investment protection, at a high-
value price point.
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 1 of 60
Highlights
Best-in-class stacking
• M4300 is exible enough for mixed
stacking between 10/40 Gigabit and 1
Gigabit models, using any 10G/40G
port with any media type (RJ45, SFP+,
DAC cables)
• High-availability is another key
differentiator for stackable solutions:
in case of a master switch failure, NSF
and hitless failover ensure the standby
switch takes over while forwarding
plane continues to forward trafc on
the operational stack members
without any service interruption
10G/40G modular solution
• The M4300-96X scales from 8 to 96
ports of 10G Ethernet by multiple of
8 ports, and from 2 to 24 ports of 40G
Ethernet by multiple of 2 ports
• The 96X lets you start small with copper
and ber, including Multi-Gigabit
2.5G/5G and PoE+ over 10G, and
grow later in “non-blocking” mode just
by adding port expansion cards
Higher exibility
• Two half-width M4300 switches can be
paired in a single rack space for
redundant Top of Rack installations with
Auto-iSCSI prioritization
• Removing the need for Layer-3
PIM routing, IGMP Plus greatly simplies
system architectures with automated
IGMP techniques across the entire AV
over-IP network
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 2 of 60
Lower complexity
• Entire feature set including PTPv2,
L2 switching (IGMP Plus) and L3
routing (static, RIP, OSPF, VRRP,
PIM-SSM, PBR) is available
without license
• DHCP/BootP innovative auto-
installation including rmware and
conguration le upload automation
Investment protection
• Line-rate spine and leaf stacking
topologies offer multiple possibilities
in server rooms, in branch collapsed
cores or at the edge of growing
networks
• Even if an organization is not ready
for high-speed backbone, 10G and
40G models can be added later to
stacks of 1G models
Secure services
• With successive tiering, the
Authentication Manager allows
for authentication methods per port
for a tiered authentication based on
congured time-outs
• With BYOD, tiered Dot1x -> MAB
Captive Portal authentication is
powerful and simple to implement
with strict policies
Industry standard management
• Industry standard command line
interface (CLI), functional NETGEAR
web interface (GUI), SNMP, sFlow and
RSPAN
• Single-pane-of-glass NMS300
management platform with centralized
rmware updates and mass-
conguration support
Industry leading warranty
• NETGEAR M4300 series is covered
under NETGEAR ProSAFE Limited
Lifetime Hardware Warranty**
• 90 days of Technical Support via phone
and email, Lifetime Technical Support
through online chat and Lifetime Next
Business Day hardware replacement
Hardware at a Glance
FRONT REAR MANAGEMENT
10G models
Model name
Form-
Factor
Switching
Fabric
10GBASE-T
RJ45 ports
10GBASE-X
SFP+ ports
40GBASE-X
QSFP+ports PSU Fans Out-of-band
Console
Model
number
M4300-8X8F
Half-width
1-unit 1U
2-unit 1U
rack mount
320 Gps
8 ports
(independent)
100M; 1G; 10G
8 ports
(independent)
1G; 10G
-
Modular
1 bay
1 PSU included:
APS250W
Fixed
Front-to-back
36.9dB
Ethernet: Out-of-band 1G port (Front)
Console: RJ45 RS232 (Front)
Console: Mini-USB (Front)
Storage: USB (Front)
XSM4316S
M4300-16X Half-width
1-unit 1U
2-unit 1U
rack mount
320 Gps 16 ports
PoE+100M; 1G;
2.5G; 5G; 10G
- - Modular
1 bay
For either
APS299W or
APS600W
Fixed
Front-to-back
35dB
Ethernet: Out-of-band 1G port (Back)
Console: RJ45 RS232 (Back)
Console: Mini-USB (Front)
Storage: USB (Front)
199W PoE
Budget
1 PSU included:
APS299W XSM4316PA
500 W PoE
Budget
1 PSU included:
APS600W XSM4316PB
M4300-12X12F
Half-width
1-unit 1U
2-unit 1U
rack mount
480 Gps
12 ports
(independent)
100M; 1G; 10G
12 ports
(independent)
1G; 10G
-
Modular
1 bay
1 PSU included:
APS250W
Fixed
Front-to-back
36.9dB
Ethernet: Out-of-band 1G port (Back)
Console: RJ45 RS232 (Back)
Console: Mini-USB (Front)
Storage: USB (Front)
XSM4324S
M4300-24X
Half-width
1-unit 1U
2-unit 1U
rack mount
480 Gps 24 ports
100M; 1G; 10G
4 ports
(shared, back)
1G; 10G
-
Modular
1 bay
1 PSU included:
APS250W
Fixed
Front-to-back
37dB
Ethernet: Out-of-band 1G port (Back)
Console: RJ45 RS232 (Back)
Console: Mini-USB (Front)
Storage: USB (Front)
XSM4324CS
M4300-24XF
Half-width
1-unit 1U
2-unit 1U
rack mount
480 Gps
2 ports
(shared, back)
100M; 1G; 10G
24 ports
1G; 10G -
Modular
1 bay
1 PSU included:
APS250W
Fixed
Front-to-back
39.07dB
Ethernet: Out-of-band 1G port (Back)
Console: RJ45 RS232 (Back)
Console: Mini-USB (Front)
Storage: USB (Front)
XSM4324FS
M4300-24X24F
Full width
1-unit 1U
rack mount
960 Gps
24 ports
(independent)
100M; 1G; 10G
24 ports
(independent)
1G; 10G
-
Modular
2 bays
1 PSU included:
APS250W
Fixed
Front-to-back
35.8dB
Ethernet: Out-of-band 1G port (Front)
Console: RJ45 RS232 (Front)
Console: Mini-USB (Front)
Storage: USB (Front)
XSM4348S
M4300-48X
Full width
1-unit 1U
rack mount
960 Gps 48 ports
100M; 1G; 10G
4 ports
(shared)
1G; 10G
-
Modular
2 bays
1 PSU included:
APS250W
Fixed
Front-to-back
40.3dB
Ethernet: Out-of-band 1G port (Back)
Console: RJ45 RS232 (Back)
Console: Mini-USB (Front)
Storage: USB (Front)
XSM4348CS
M4300-48XF
Full width
1-unit 1U
rack mount
960 Gps
2 ports
(shared)
100M; 1G; 10G
48 ports
1G; 10G -
Modular
2 bays
1 PSU included:
APS250W
Fixed
Front-to-back
42.04dB
Ethernet: Out-of-band 1G port (Back)
Console: RJ45 RS232 (Back)
Console: Mini-USB (Front)
Storage: USB (Front)
XSM4348FS
M4300-96X Modular
1-unit 2U
rack mount
1.920
Tbps
up to 96 ports
100M; 1G;
2.5G; 5G; 10G
up to 96 ports
1G; 10G
Up to 24
ports
40G
Modular
2 bays
for APS600W
or APS1200W
Fixed
Front-to-back
35.8dB
(no PoE)
66.8dB
(max PoE)
Ethernet: Out-of-band 1G port (Back)
Console: RJ45 RS232 (Back)
Console: Mini-USB (Back)
Storage: USB (Back)
12 slots for port expansion cards: APM408C
(8 ports)
APM408P
(8 ports PoE+)*
APM408F
(8 ports)
APM402XL
(2 ports)
Empty switch version, no PSU (PSU must be purchased separately) XSM4396K0
M4300-96X online congurator:
www.netgear.com/96x-cong
* Only rst 6 slots are delivering PoE power to
APM408P cards for 48 PoE+ ports per switch.
APS1200W PSU is preferred for PoE applications.
Starter Kit with the switch, 48 x SFP+ (6 x APM408F) and 1 PSU APS600W XSM4396K1
110V/220V AC
110V/220V AC
110V AC
220V AC
34W (min) 232W (max) PoE
Budget with 1 x APS600W PSU,
or 1+1 redundant*
634W (min) 832W (max) PoE
Budget with 2 x APS600W
PSUs in shared mode
484W (min) 682W (max) PoE
Budget with 1 x APS1200W
PSU, or 1+1 redundant
634W (min) 832W (max) PoE
Budget with 1 x APS1200W
PSU, or 1+1 redundant
110V/220V AC
110V AC
220V AC
1,440W (min/max) PoE Budget with 2 x APS1200W PSUs in shared mode*
1,084W (min) 1,282W (max) PoE Budget with APS600W+APS1200W PSUs
in shared mode
1,234W (min) 1,432W (max) PoE Budget with APS600W+APS1200W PSUs
in shared mode
* PoE Budget depends on number of PSU and APM port cards per switch. Min values above are guaranteed when 6xAPM408P (48x10G PoE+) plus any combination of 6 other port cards. Max values
are guaranteed when only 6xAPM408P (48x10G PoE+) per switch, or less. APS600W provides 600W@110V/220VAC; APS1200W delivers 1,050W@110VAC or 1,200W@220VAC per PSU. The system
consumes 110W, plus 5W per empty slot. APM408C/APM408P consume 38W per port card. APM408F/APM402XL consume 23W per port card.
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 3 of 60
FRONT REAR MANAGEMENT
1G models
Model name
Form-
Factor
Switching
Fabric
10/100/
1000
BASE-T
RJ45 ports
100/1000/
10G
BASE-T
RJ45 ports
1000/10G
BASE-X
SFP+ ports
PSU Fans Out-of-band
Console
Model
number
M4300-28G Full width
1-unit 1U
rack mount
128 Gps 24 ports (No
10M/half on
ports 17-24)
2 ports
(independent)
100M; 1G; 10G
2 ports
(independent)
1G; 10G
Modular
2 bays
1 PSU
included:
APS150W
Fixed
Front-to-back
30.3dB
Ethernet: Out-of-band 1G port (Front)
Console: RJ45 RS232 (Back)
Console: Mini-USB (Front)
Storage: USB (Front)
GSM4328S
M4300-52G Full width
1-unit 1U
rack mount
176 Gps 48 ports
(No 10M/
half 17-24
and 41-48)
2 ports
(independent)
100M; 1G; 10G
2 ports
(independent)
1G; 10G
Modular
2 bays
1 PSU
included:
APS150W
Fixed
Front-to-back
31.5dB
Ethernet: Out-of-band 1G port (Front)
Console: RJ45 RS232 (Back)
Console: Mini-USB (Front)
Storage: USB (Front)
GSM4352S
M4300-28G-PoE+ Full width
1-unit 1U
rack mount
128 Gps 24 ports
PoE+
(No 10M/
half on ports
17-24)
2 ports
(independent)
100M; 1G; 10G
2 ports
(independent)
1G; 10G
Modular
2 bays
Fixed
Front-to-back
39.8dB
Ethernet: Out-of-band 1G port (Front)
Console: RJ45 RS232 (Back)
Console: Mini-USB (Front)
Storage: USB (Front) GSM4328PA
480W PoE Budget with 1 PSU
480W PoE Budget with 2 PSUs in RPS mode
720W PoE Budget with 2 PSUs in EPS mode
1 PSU
included:
APS550W
110V
AC input
220V
AC input
630W PoE Budget with 1 PSU
630W PoE Budget with 2 PSUs in RPS mode
720W PoE Budget with 2 PSUs in EPS mode
720W PoE Budget with 1 PSU
720W PoE Budget with 2 PSUs in RPS mode
1 PSU
included:
APS1000W
GSM4328PB
M4300-52G-PoE+ Full width
1-unit 1U
rack mount
176 Gps 48 ports
PoE+
(No 10M/
half 17-24
and 41-48)
2 ports
(independent)
100M; 1G; 10G
2 ports
(independent)
1G; 10G
Modular
2 bays
RPS connector
Fixed
Front-to-back
39.8dB
Ethernet: Out-of-band 1G port (Front)
Console: RJ45 RS232 (Back)
Console: Mini-USB (Front)
Storage: USB (Front)
GSM4352PA
110V/220V
AC input 480W PoE Budget with 1 PSU
480W PoE Budget with 2 PSUs in RPS mode
720W PoE Budget with 2 PSUs in EPS mode
1 PSU
included:
APS550W
External RPS4000 for power redundancy (RPS) when
2 internal PSUs are used in EPS mode
110V
AC input
220V
AC input
591W PoE Budget with 1 PSU
591W PoE Budget with 2 PSUs in RPS mode
1,010W PoE Budget with 2 PSUs in EPS mode
860W PoE Budget with 1 PSU
860W PoE Budget with 2 PSUs in RPS mode
1,440W PoE Budget with 2 PSUs in EPS mode
1 PSU
included:
APS1000W
External RPS4000 for power redundancy (RPS) when
2 internal PSUs are used in EPS mode
GSM4352PB
Hardware at a Glance
PoE models: APS550W and APS1000W cannot be mixed and matched. A switch can only have two APS550W, or two APS1000W. PA versions can be upgraded to PB, but their
APS550W must be replaced by APS1000W (and reversely).
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 4 of 60
Software at a Glance
Performance at a Glance
LAYER 3 PACKAGE
Model
name Management Usability
Enhancements
IPv4/IPv6
ACL and
QoS,
DiffServ
IPv4/IPv6
Multicast
ltering
IPv4 / IPv6
Policing and
Conver-
gence
Spanning
Tree
Green
Ethernet
VLANs Trunking
Port Channel
IPv4/IPv6
Authentica-
tion Security
IPv4/IPv6
Static
Routing
IPv4/IPv6
Dynamic
Routing
Model
number
M4300
series
Out-of-band;
Web GUI;
HTTPs;
CLI;
Telnet; SSH
SNMP, MIBs
RSPAN
Radius Users,
TACACS+
Stacking NSF
witth Hitless
Failover
Link Dependency
(Enable or Dis-
able one or more
ports based on
the link state of
one or more dif-
ferent ports)
Syslog and
Packet Captures
can be sent to
USB storage
Ingress/
egress
1 Kbps
shaping
Time-based
Single Rate
Policing
NETGEAR
IGMP Plus™
for automatic
IGMP
IGMPv3
MLDv2
Snooping,
Proxy ASM &
SSM
IGMPv1,v2
Querier (com-
patible v3)
Control
Packet Flood-
ing
Auto-VoIP
Auto-iSCSI
Policy-based
routing
(PBR)
LLDP-MED
IEEE 1588
PTPv2**
1-Step End-
to-End
Transparent
Clock
STP, MTP,
RSTP
PV(R)STP1
BPDU/STRG
Root Guard
EEE
(802.3az)
Static,
Dynamic,
Voice, MAC
GVRP/
GMRP
Double
VLAN mode
Private
VLANs
Distributed
LAG across
the stack
Static or
Dynamic
LACP
(LACP
automatically
reverts to and
from Static
LAG)
Seven (7) L2/
L3/L4 hashing
algorithms
Successive
Tiering
(DOT1X;
MAB;
Captive
Portal)
DHCP
Snooping
Dynamic
ARP
Inspection
IP Source
Guard
Port, Subnet,
VLAN
routing,
DHCP Relay;
Multicast
static routes;
Stateful
DHCPv6
Server
IPv4: RIP,
VRRP
IPv4/IPv6:
OSPF,
Proxy ARP,
PIM-SM,
PIM-DM,
6-to-4
tunnels
All
models
1 CLI only ** All M4300 models except 48-port 10G platforms (M4300-24X24F, M4300-48X, M4300-48XF). Standalone mode, or Stack Master only. On M4300-52G and
M4300-52G-PoE+ models, PTP is supported between port 1 and port 24, and between port 25 and port 48.
TABLE SIZE*
Model name
MAC
ARP/
NDP
Routing /
Switching
Capacity
Through-
put
Application
Route
Scaling
Packet
Buffer Latency
IP Multicast
Forwarding
Entries
CPU
Multicast
IGMP
Group
member-
ship
VLANs DHCP sFlow Model
number
M4300-96X 256K
MAC*
8K ARP/
NDP*
1.920
Tbps
Line-rate
2,857
Mpps
Static:
64v4/
64v6
RIP: 512
OSPF:
12,000
96Mb 64-byte frames
<2.56µs 10G RJ45
<0.89µs 10G SFP
2,048 IPv4
1,024 IPv6
CPU
1.4 Ghz
2GB RAM
256MB
Flash
2K IPv4
2K IPv6
4K
VLANs
DHCP
Server:
2K leases
IPv4:
256
pools
IPv6:
16 pools
416
samplers
416
pollers
8
receiv-
ers
XSM4396K0
XSM4396K1
M4300-
24X24F
M4300-48X
M4300-48XF
128K
MAC*
8K ARP/
NDP*
960
Gbps
Line-rate
714
Mpps
Static:
64v4/
64v6
RIP: 512
OSPF:
12,000
56Mb M4300-24X24F
<2.39µs 10G RJ45
<0.88µs 10G SFP+
M4300-48X
<2.41µs 10G RJ45
<1.51µs 10G SFP+
M4300-48XF
<1.245µs 10G RJ45
<0.9µs 10G SFP+
1,024 IPv4
512 IPv6
CPU
800 Mhz
1GB RAM
256MB
Flash
XSM4348S
XSM4348CS
XSM4348FS
M4300 other
models
16K
MAC
888
ARP/
NDP
Up to
480
Gbps
All
models
Line-rate
Up to
357
Mpps
Static:
64v4/
64v6
RIP: 512
OSPF: 512
M4300-
12X12F,
24X and
24XF:
32Mb
Others:
16Mb
M4300-8X8F:
<2.43µs 10G RJ45
<0.89µs 10G SFP+
All others:
<2.76µs 10G RJ45
<1.83µs 10G SFP+
96 IPv4
32 IPv6
CPU
800 Mhz
1GB RAM
256MB
Flash
All other
models
* For mixed stacking between more capable devices and less capable devices, SDM mixed stacking template is used based on “least common denominator” set of capacities and
capabilities. Other SDM “native” templates can be used on superior platforms, for a larger table size. A stack requires an uniform table size across all stack members.
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 5 of 60
Product Brief
NETGEAR M4300 series key features:
• Cost effective 1G access layer in campus LAN networks, and high
performance 10G/40G distribution layer for midsize organizations
networks
• Zero Touch AV-over-IP with pre-congured L2 Multicast (SDVoE-ready)
• Advanced Layer 2, Layer 3 and Layer 4 feature set - no license
required - including Policy Based Routing, RIP, VRRP, OSPF and PIM
• Innovative mixed “Spine and Leaf”, 1G, 10G and 40G stacking with
nonstop forwarding (NSF) and hitless failover redundancy
• Low acoustics, half-width 16-port and 24-port 10G models can be
paired in a single rack space for redundant Top of Rack
• Modular 12-slot 2RU model scaling up to 96-port 10G by multiple of
8 ports or 24-port 40G by multiple of 2 ports
• Up to 768 (10 Gigabit) ports, 192 (40 Gigabit) ports or 384 (1 Gigabit)
ports, or a combination in a single logical switch
• PoE+ (30 watts per port) with hot swap, redundant power supplies
and full provisioning
NETGEAR M4300 series software features:
• Advanced classier-based, time-based hardware implementation
for L2 (MAC), L3 (IP) and L4 (UDP/TCP transport ports) security and
prioritization
• SelectablePort-Channel/LAG (802.3ad - 802.1AX) L2/L3/L4 hashing
for fault tolerance and load sharing with any type of Ethernet
channeling
• Voice VLAN with SIP, H323 and SCCP protocols detection and LLDP-
MED IP phones automatic QoS and VLAN conguration
• Efcient authentication tiering with successive DOT1X, MAB and
Captive Portal methods for streamlined BYOD
• Comprehensive IPv4/IPv6 static and dynamic routing including Proxy
ARP, OSPF, Policy-based routing and automatic 6-to-4 tunneling
• Scalable Pro AV deployments with NETGEAR IGMP Plus™ automatic
L2 multicast (only subscribed videos ow from one switch to the other
across the L2 topology)
• High performance IPv4/IPv6 multicast routing with PIM timer accuracy
and unhandled PIM (S,G,rpt) state machine events transitioning
• Advanced IPv4/IPv6 security implementation including malicious
code detection, DHCP Snooping, IP Source Guard protection and DoS
attacks mitigation
• Innovative multi-vendor Auto-iSCSI capabilities for easier virtualization
optimization
NETGEAR M4300 series resiliency and availability features:
• Dual redundant, modular power supplies equipping full width models
contribute to business continuity management
• Vertical or horizontal exible stacking with management unit hitless
failover and nonstop forwarding (NSF) across operational stack
members
• Spine and leaf architecture with every leaf switch (1G access switches)
connecting to every spine switch (distributed 10G “core” switches)
• Stacking and distributed link aggregation allow for multi-resiliency
with zero downtime and load balancing capabilities
• Link Dependency new feature enables or disables ports based on the
link state of different ports
• Per VLAN Spanning Tree and Per VLAN Rapid Spanning Tree (PVSTP/
PVRSTP) offer interoperability with PVST+ infrastructures
NETGEAR M4300 series management features:
• DHCP/BootP innovative auto-installation including rmware and
conguration le upload automation
• Industry standard SNMP, RMON, MIB, LLDP, AAA, sFlow, RSPAN and
PTPv2 1-step transparent clock implementation (select M4300 models)
• Service port for out-of-band Ethernet management (OOB)
• Standard RS232 straight-through serial RJ45 and Mini-USB ports for
local management console
• Standard USB port for local storage, logs, conguration or image les
• Dual rmware image for updates with minimum service interruption
• Industry standard command line interface (CLI) for IT admins used to
other vendors commands
• Fully functional Web console (GUI) for IT admins who prefer an easy to
use graphical interface
• Single-pane-of-glass NMS300 management platform with mass-
conguration support
NETGEAR M4300 series warranty and support:
• NETGEAR ProSAFE Limited Lifetime Hardware Warranty**
• Included Lifetime Technical Support
• Included Lifetime Next Business Day Hardware Replacement
The M4300 Stackable L3 Managed Switch Series comes with 40G, 10G and 1G models in a variety of form factors including PoE+ full
provisioning. M4300 Switch Series delivers IPv4/IPv6 rich services for mid-enterprise edge and SMB core with mixed stacking between
40-, 10- and 1-Gigabit models. Layer 3 feature set includes static and policy-based routing, RIP, VRRP, OSPF, and PIM dynamic routing.
M4300 is ideal for server aggregation, wireless access, unied communications and Video-over-IP.
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 6 of 60
Modern access layer features highlights
High Density Layer 2/Layer 3/Layer 4 Stackable Switch Solution
M4300 switch series supports Nonstop Forwarding
(NSF) virtual chassis stacking with up to 8 switches
in a single logical switch, with hitless management
failover
• Any 40G or 10G port (copper, ber) and any media type (RJ45, SFP+, DAC) can be used for stacking on any
M4300 models
• Hot-swappable stacking of up to 8 units, vertical or horizontal
• 40G and 10G models can stack with 1G models in legacy dual ring topologies, or innovative spine and leaf
topologies
• L2, L3 and L4 switching features (access control list, classication, ltering, IPv4/IPv6 routing, IPv6 transition
services) are performed in hardware at interface line rate for voice, video, and data convergence
M4300 series Layer 3 software package provides advanced IPv4/IPv6 fault tolerant routing capabilities for interfaces, VLANs, subnets and multicast
Example of single or dual ring topology:
1G models: up to (4) 10G ports per switch can be
used for stacking (depending on inter-switch links
oversubscription requirements)
Example of spine and leaf topology:
1G “Leaf” Switches
10G/40G models: up to (16) 40G or 10G ports per switch can be used for stacking
(again, depending on oversubscription requirements between switches)
Best value switching performance:
96p 10G models: 256K MAC address table, 4K concurrent VLANs and 12K Layer 3 route table size for the most demanding enterprise or campus networks
48p 10G models: 128K MAC address table and same other constants as 96p 10G models
All other models: 16K MAC address table, 4K concurrent VLANs and 512 Layer 3 route table size for typical midsize environnements
Mixed stacking between more capable and less capable devices uses SDM template based on “least commom denominator” set of capacities and capabilities
Each switch provides line-rate local switching and routing capacity
80 PLUS certied power supplies for energy high efciency
Full width models come with two PSU bays: a second PSU (sold separately) will add 1+1 power redundancy
Increased packet buffering with up to 96Mb (96p 10G models), 72 Mb (48p 10G models), 32 Mb (24p 10G models) and 16 Mb (all other models)
Low latency at all network speeds, including 40 Gigabit and 10 Gigabit copper / ber interfaces
Jumbo frames support of up to 9Kb accelerating storage performance for backup and cloud applications
iSCSI Flow Acceleration and Automatic Protection/
QoS for virtualization and server room networks
containing iSCSI initiators and iSCSI targets
• Detecting the establishment and termination of iSCSI sessions and connections by snooping packets used in
the iSCSI protocol
• Maintaining a database of currently active iSCSI sessions and connections to store data, including classier
rules for desired QoS treatment
• Installing and removing classier rule sets as needed for the iSCSI session trafc
• Monitoring activity in the iSCSI sessions to allow for aging out session entries if the session termination
packets are not received
• Avoiding session interruptions during times of congestion that would otherwise cause iSCSI packets to be
dropped
10G or 40G “Spine” Switches
10G links
(Copper, Fiber)
10G links
(Copper, Fiber)
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 7 of 60
Tier 1 availability
Virtual Chassis Stacking technology upsurges overall
network availability, providing both better resiliency
in network architectures, and better performance
with advanced load balancing capabilities between
network uplinks
• Up to (8) M4300 switches can be aggregated using a virtual back plane and a single console or web man-
agement interface
• There is no 10G or 40G port pre-congured as Stacking port: all 10G or 40G ports are congured in Ethernet
mode by default
– Port conguration can be changed to Stack mode in Web GUI (System/ Stacking/Advanced/Stack-port
Conguration)
– Or using CLI command << #stack-port unit/slot/port stack >> in Stack Global Conguration section
• Other devices in the network see the stack as a single bridge or a single router
• Within the stack, a switch is elected (or chosen based on priority settings) as the “management unit”
responsible for the stack members’ routing tables
• Another switch is designated (or chosen based on priority settings) as an alternate, backup management unit
• In typical spine and leaf architectures, 10G / 40G “spine” switches are meant to handle management unit and
backup management unit roles
• The Non-Stop Forwarding (NSF) feature enables the stack to secure forwarding end-user trafc when the
management unit fails
• Non-Stop Forwarding is supported for the following events:
–Power failure of the management unit
–Other hardware failure causing the management unit to hang or to reset
–Software failure causing the management unit to hang or to reset
–Failover initiated by the administrator
–Loss of cascade connectivity between the management unit and the backup unit
• As the backup management unit takes over, end-user data streams may lose a few packets, but do not lose
their IP sessions, such as VoIP calls
• Instant failover from management unit to redundant management unit is hitless for world-class resiliency and
availability
• Back to normal production conditions, hitless failback requires a command in CLI or in GUI, for more control
Adding a second PSU to full width models enables redundant 1+1 power protection and contributes to business continuity management
Distributed Link Aggregation, also called Port Channel-
ing or Port Trunking, offers powerful network redun-
dancy and load balancing between stacked members
• Servers and other network devices benet from greater bandwidth capacity with active-active teaming
(LACP—link aggregation control protocol)
• From a system perspective, a LAG (Link Aggregation Group) is treated as a physical port by M4300 stack for
even more simplicity
Rapid Spanning Tree (RSTP) and Multiple Spanning Tree (MSTP) allow for rapid transitionning of the ports to the Forwarding state and the suppression of Topology
Change Notication
NETGEAR PVSTP implementation (CLI only) follows
the same rules than other vendor’s Per VLAN STP for
strict interoperability
• Including industry-standard PVST+ interoperability
• PVSTP is similar to the MSTP protocol as dened by IEEE 802.1s, the main difference being PVSTP runs one
instance per VLAN
• In other words, each congured VLAN runs an independent instance of PVSTP
• FastUplink feature immediately moves an alternate port with lowest cost to forwarding state when the root
port goes down to reduce recovery time
• FastBackbone feature selects new indirect port when an indirect port fails
NETGEAR PVRSTP implementation (CLI only) follows
the same rules than other vendor’s Per VLAN RSTP for
strict interoperability
• Including industry-standard RPVST+ interoperability
• PVRSTP is similar to the RSTP protocol as dened by IEEE 802.1w, the main difference being PVRSTP runs
one instance per VLAN
• In other words, each congured VLAN runs an independent instance of PVRSTP
• Each PVRSTP instance elects a root bridge independent of the other
• Hence there are as many Root Bridges in the region as there are VLANs congured
• Per VLAN RSTP has in built support for FastUplink and FastBackbone
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 8 of 60
IP address conict detection performed by embedded DHCP servers prevents accidental IP address duplicates from perturbing the overall network stability
IP Event Dampening reduces the effect of interface aps on routing protocols: the routing protocols temporarily disable their processing (on the unstable interface) until
the interface becomes stable, thereby greatly increasing the overall stability of the network
Ease of deployment
Automatic conguration with DHCP and BootP Auto Install eases large deployments with a scalable conguration les management capability, mapping IP addresses
and host names and providing individual conguration les to multiple switches as soon as they are initialized on the network
Both the Switch Serial Number and Switch primary MAC address are reported by a simple "show" command in the CLI - facilitating discovery and remote conguration
operations
M4300 DHCP L2 Relay agents eliminate the need
to have a DHCP server on each physical network or
subnet
• DHCP Relay agents process DHCP messages and generate new DHCP messages
• Supports DHCP Relay Option 82 circuit-id and remote-id for VLANs
• DHCP Relay agents are typically IP routing-aware devices and can be referred to as Layer 3 relay agents
Automatic Voice over IP prioritization with Auto-VoIP simplies most complex multi-vendor IP telephones deployments either based on protocols (SIP, H323 and SCCP)
or on OUI bytes (default database and user-based OUIs) in the phone source MAC address; providing the best class of service to VoIP streams (both data and signaling)
over other ordinary trafc by classifying trafc, and enabling correct egress queue conguration
An associated Voice VLAN can be easily congured with Auto-VoIP for further trafc isolation
When deployed IP phones are LLDP-MED compliant, the Voice VLAN will use LLDP-MED to pass on the VLAN ID, 802.1P priority and DSCP values to the IP phones, ac-
celerating convergent deployments
Versatile connectivity
24- and 48-port 1G models with 10G uplinks, including 2-port 10GBASE-T and 2-port 10GBASE-X SFP+
IEEE 802.3at Power over Ethernet Plus (PoE+)
provides up to 30W power per port using 2 pairs
while offering backward compatilibity with 802.3af
• IEEE 802.3at Layer 2 LLDP method and 802.3at PoE+ 2-event classication method fully supported for com-
patibility with most PoE+ PD devices
16-, 24-, 48- and 96-port 10G models with a variety of 10GBASE-T and 10GBASE-X SFP+ interfaces
M4300-96X offers 12 slots for 8x10G or 2x40G port expansion cards and hundreds of combinations
Large 10 Gigabit choice with SFP+ ports for ber or short, low-latency copper DAC cables; 10GBASE-T ports for legacy Cat6 RJ45 short connexions (up to 55m) and
Cat6A / Cat7 connections up to 100m
Automatic MDIX and Auto-negotiation on all portsselect the right transmission modes (half or full duplex) as well as data transmission for crossover or straight-through
cables dynamically for the admin
1G models (M4300-28G and M4300-52G, PoE+ versions included): the 10 Mbps / Half Duplex mode isn’t supported on ports 17-24 and 41-48
Link Dependency feature enables or disables one or more ports based on the link state of one or more different ports
IPv6 full support with IPv6 host, dual stack (IPv4 and IPv6), multicasting (MLD for IPv6 ltering and PIM-SM / PIM-DM for IPv6 routing), ACLs and QoS, static routing and
dynamic routing (OSPFv3) as well as Congured 6to4 and Automatic 6to4 tunneling for IPv6 trafc encapsulation into IPv4 packets
Ease of management and granular control
Dual rmware image and dual conguration le for transparent rmware updates / conguration changes with minimum service interruption
FlexiblePort-Channel/LAG (802.3ad - 802.1AX) implementation for maximum compatibility, fault tolerance and load sharing with any type of Ethernet channeling from
other vendors switch, server or storage devices conforming to IEEE 802.3ad - including static (selectable hashing algorithms) - or to IEEE 802.1AX with dynamic LAGs or
port-channel (highly tunable LACP Link Aggregation Control Protocol )
LACP mode automatically reverts to and from Static LAG, useful when the host isn’t LACP anymore, for instance during a factory reset or re-conguration
Unidirectional Link Detection Protocol (UDLD)and Aggressive UDLD detect and avoid unidirectional links automatically, in order to prevent forwarding anomalies in a
Layer 2 communication channel in which a bi-directional link stops passing trafc in one direction
Port names feature allows for descriptive names on all interfaces and better clarity in real word admin daily tasks
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 9 of 60
SDM (System Data Management, or switch database)
templates allow for granular system resources
distribution depending on IPv4 or IPv6 applications
• ARP Entries (the maximum number of entries in the IPv4 Address Resolution Protocol ARP cache for
routing interfaces)
• IPv4 Unicast Routes (the maximum number of IPv4 unicast forwarding table entries)
• IPv6 NDP Entries (the maximum number of IPv6 Neighbor Discovery Protocol NDP cache entries)
• IPv6 Unicast Routes (the maximum number of IPv6 unicast forwarding table entries)
• ECMP Next Hops (the maximum number of next hops that can be installed in the IPv4 and IPv6 unicast
forwarding tables)
• IPv4 Multicast Routes (the maximum number of IPv4 multicast forwarding table entries)
• IPv6 Multicast Routes (the maximum number of IPv6 multicast forwarding table entries)
Loopback interfaces management for routing protocols administration
Private VLANs and local Proxy ARP help reduce broadcast with added security
Management VLAN ID is user selectable for best convenience
Industry-standard VLAN management in the command line interface (CLI) for all common operations such as VLAN creation; VLAN names; VLAN “make static” for
dynamically created VLAN by GVRP registration; VLAN trunking; VLAN participation as well as VLAN ID (PVID) and VLAN tagging for one interface, a group of interfaces
or all interfaces at once
Simplied VLAN conguration with industry-standard Access Ports for 802.1Q unaware endpoints and Trunk Ports for switch-to-switch links with Native VLAN
System defaults automatically set per-port broadcast, multicast, and unicast storm control for typical, robust protection against DoS attacks and faulty clients which can,
with BYOD, often create network and performance issues
IP Telephony administration is simplied with consistent Voice VLAN capabilities per the industry standards and automatic functions associated
Comprehensive set of “system utilities” and “Clear” commands help troubleshoot connectivity issues and restore various congurations to their factory defaults for
maximum admin efciency: traceroute (to discover the routes that packets actually take when traveling on a hop-by-hop basis and with a synchronous response when
initiated from the CLI), clear dynamically learned MAC addresses, counters, IGMP snooping table entries from the Multicast forwarding database etc...
Syslog and Packet Captures can be sent to USB storage for rapid network troubleshooting
Replaceable factory-default conguration le for predictable network reset in distributed branch ofces without IT personnel
All major centralized software distribution platforms are supported for central software upgrades and conguration les management (HTTP, TFTP), including in highly
secured versions (HTTPS, SFTP, SCP)
Simple Network Time Protocol (SNTP)can be used to synchronize network resources and for adaptation of NTP, and can provide synchronized network timestamp either
in broadcast or unicast mode (SNTP client implemented over UDP - port 123)
Embedded RMON (4 groups) and sFlow agents permit external network trafc analysis
Engineered for convergence and AV-over-IP
Audio (Voice over IP) and Video (multicasting) comprehensive switching, ltering, routing and prioritization
Auto-VoIP, Voice VLAN and LLDP-MED support for IP phones QoS and VLAN conguration
IEEE 1588 (section 10 and 11.5) PTPv2 Transparent
Clock (TC) End-to-End implementation considering
the residence time of PTPv2 packets from ingress to
egress
• The 48-port 10G models (M4300-24X24F, M4300-48X, M4300-48XF) don’t support PTPv2 E2E TC
• 1-step Transparent Clock mode, using the residence time of the PPTPv2 packet at the egress port level in
Standalone mode, or Stack Master only
• On M4300-52G and M4300-52G-PoE+ models, PTPv2 is supported between port 1 and port 24, and be-
tween port 25 and port 48
• The “Sync & Delay_Req” eld of passing/egressing out PTPv2 packets is updated with the residence time in
the switch, the other elds in PTPv2 packets (“Announce”, “Delay_Resp”, “Pdelay_Req” and “Pdelay_Resp”)
are not updated
NETGEAR IGMP Plus™ enhanced implementation for
automatic multicast across a M4300 / M4500 L2
network (Spine and Leaf topologies), removing the
need for L3 PIM routing
• IGMP Plus is pre-congured on default VLAN 1 out of the box in all M4300 and M4500 models (M4300:
starting 12.0.8.x release)
• IGMP Plus can be congured on another VLAN for automatic IGMP across switches on that VLAN (uplinks
can make part of that VLAN in trunk mode)
• IGMP Plus allow AV-over-IP devices (TX/Encoders and RX/Decoders) to be connected across multiple M4300
and M4500 switches in a star topology
• New show igmpsnooping group command in CLI and GUI displays the Source and Group IP addresses
along with their corresponding MAC addresses that are learnt through IGMP Snooping in a given VLAN on a
given interface
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 10 of 60
IGMPSnooping and Proxy for IPv4, MLD Snooping and Proxy for IPv6, and Querier mode facilitate fast receivers joins and leaves for multicast streams and ensure multi-
cast trafc only reaches interested receivers everywhere in a Layer 2 or a Layer 3 network, including source-specic (SSM) and any-source (ASM) multicast
Multicast VLAN Registration (MVR)uses a dedicated Multicast VLAN to forward multicast streams and avoid duplication for clients in different VLANs
Distance Vector Multicast Routing Protocol (DVMRP)
is a dense mode multicast protocol also called Broad-
cast and Prune Multicasting protocol
• DVMRP uses a distributed routing algorithm to build per-source-group multicast trees
• DVMRP assumes that all hosts are part of a multicast group until it is informed of multicast group changes
• It dynamically generates per-source-group multicast trees using Reverse Path Multicasting
• Trees are calculated and updated dynamically to track membership of individual groups
Multicast routing (PIM-SM and PIM-DM, both IPv4 and
IPv6) ensure multicast streams can reach receivers in
different L3 subnets
• Multicast static routes allowed in Reverse Path Forwarding (RPF) selection
• Multicast dynamic routing (PIM associated with OSPF) including PIM multi-hop RP support for routing around
damage advanced capabilities
• Full support of PIM (S,G,Rpt) state machine events as described in RFC 4601
• Improved Multicast PIM timer accuracy with hardware abstraction layer (HAPI) polling hit status for
multicast entries in real time (without caching)
PoE power management and schedule enablement
Power redundancy for higher availability when mission critical convergent installation, including hot-swap main PSU replacement without interruption
Layer 3 routing package
Static Routes/ECMP Static Routes for IPv4 and IPv6 • Static and default routes are congurable with next IP address hops to any given destination
• Permitting additional routes creates several options for the network administrator
• The admin can congure multiple next hops to a given destination, intending for the router to load share
across the next hops
• The admin distinguishes static routes by specifying a route preference value: a lower preference value is a
more preferred static route
• A less preferred static route is used if the more preferred static route is unusable (down link, or next hop
cannot be resolved to a MAC address)
• Preference option allows admin to control the preference of individual static routes relative to routes learned
from other sources (such as OSPF) since a static route will be preferred over a dynamic route when routes
from different sources have the same preference
Advanced Static Routing functions for administrative
trafc control
• Static Reject Routes are congurable to control the trafc destined to a particular network so that it is not
forwarded through the router
• Such trafc is discarded and the ICMP destination unreachable message is sent back to the source
• Static reject routes can be typically used to prevent routing loops
• Default routes are congurable as a preference option
In order to facilitate VLAN creation and VLAN routing
using Web GUI, a VLAN Routing Wizard offers
following automated capabilities:
• Create a VLAN and generate a unique name for VLAN
• Add selected ports to the newly created VLAN and remove selected ports from the default VLAN
• Create a LAG, add selected ports to a LAG, then add this LAG to the newly created VLAN
• Enable tagging on selected ports if the port is in another VLAN
• Disable tagging if a selected port does not exist in another VLAN
• Exclude ports that are not selected from the VLAN
• Enable routing on the VLAN using the IP address and subnet mask entered as logical routing interface
DHCP Relay Agents relay DHCP requests from any
routed interface, including VLANs, when DHCP server
doesn’t reside on the same IP network or subnet
• The agent relays requests from a subnet without a DHCP server to a server or next-hop agent on another
subnet
• Unlike a router which switches IP packets transparently, a DHCP relay agent processes DHCP messages and
generates new DHCP messages
• Supports DHCP Relay Option 82 circuit-id and remote-id for VLANs
• Multiple Helper IPs feature allows to congure a DHCP relay agent with multiple DHCP server addresses per
routing interface and to use different server addresses for client packets arriving on different interfaces on the
relay agent server addresses for client packets arriving on different interfaces on the relay agent
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 11 of 60
Virtual Router Redundancy Protocol (VRRP) provides
backup for any statically allocated next-hop router
address going down, based on RFC 3768 (IPv4)
• VRRP is based on the concept of having more than one router recognize the same router IP address
• VRRP increases the availability of the default path without requiring conguration of dynamic routing, or
router discovery protocols on end stations
• Multiple virtual routers can be dened on any single router interface
• One of the routers is elected the master router and handles all trafc sent to the specied virtual router IP
address
• When the master router fails, one of the backup routers is elected in its place and starts handling trafc sent
to the address
As an enhancement to RFC 3768, VRRP Interface
can be congured as pingable to help troubleshoot
network connectivity issues
• In that case, VRRP master responds to both fragmented and unfragmented ICMP echo requests packets
destined to VRRP address(es)
• VRRP master responds with VRRP address as the source IPv4 address and VRMAC as the source MAC address
• A virtual router in backup state discards these ICMP echo requests
VRRP Route/Interface Tracking feature extends the
capability of the Virtual Router Redundancy Protocol
(VRRP)
• Allows tracking of specic route/interface IP states, within the router, that can alter the priority level of a
virtual router for a VRRP group
• It ensures the best VRRP router is master for the group
Router Discovery Protocol is an extension to ICMP
and enables hosts to dynamically discover the IP ad-
dress of routers on local IP subnets
• Based on RFC 1256 for IPv4
• Routers periodically send router discovery messages to announce their presence to locally-attached hosts
• The router discovery message advertises one or more IP addresses on the router that hosts can use as their
default gateway
• Hosts can send a router solicitation message asking any router that receives the message to immediately
send a router advertisement
• Router discovery eliminates the need to manually congure a default gateway on each host
• It enables hosts to switch to a different default gateway if one goes down
Loopback interfaces are available as dynamic, stable IP addresses for other devices on the network, and for routing protocols
Tunnel interfaces are available for IPv4 and IPv6 • Each router interface (port, or VLAN interface) can have multiple associated tunnel interfaces
• Support for Congured 6to4 (RFC 4213) and Automatic 6to4 tunneling (RFC 3056) for IPv6 trafc
encapsulation into IPv4 packets
• 6to4 tunnels are automatically formed for IPv4 tunnels carrying IPv6 trafc
• M4300 can act as a 6to4 border router that connects a 6to4 site to a 6to4 domain
Support of Routing Information Protocol (RIPv2) as
a distance vector protocol specied in RFC 2453 for
IPv4
• Each route is characterized by the number of gateways, or hops, a packet must traverse to reach its intended
destination
• Categorized as an interior gateway protocol, RIP operates within the scope of an autonomous system
Route Redistribution feature enables the exchange
of routing information among different routing
protocols all operating within a router
• Congurable when different routing protocols use different ways of expressing the distance to a destination
or different metrics and formats
• For instance, when OSPF redistributes a route from RIP, and needs to know how to set each of the route’s
path attributes
Open Shortest Path First (OSPF) link-state protocol for
IPv4 and IPv6
• For IPv4 networks, OSPF version 2 is supported in accordance with RFC 2328, including compatibility mode
for the RFC 1583 older specication
• For IPv6 networks, OSPF version 3 is fully supported
• OSPF can operate within a hierarchy, the largest entity within the hierarchy is the autonomous system (AS)
• An AS is a collection of networks under a common administration sharing a common routing strategy
(routing domain)
• An AS can be divided into a number of areas or groups of contiguous networks and attached hosts
• Two different types of OSPF routing occur as a result of area partitioning: Intra-area and Inter-area
• Intra-area routing occurs if a source and destination are in the same area
• Inter-area routing occurs when a source and destination are in different areas
• An OSPF backbone distributes information between areas
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 12 of 60
Advanced OSPF implementation for large routing
domains
• OSPF NSSA feature supports RFC 3101, The OSPF Not-So-Stubby Area (NSSA) Option
• Forwarding of OSPF Opaque LSAs is enabled by default
• Passive interface feature can disable sending OSPF routing updates on an interface
• Static Area Range Costs feature allows to congure a xed OSPF cost that is always advertised when an area
range is active
• OSPF Equal Cost Multipath (ECMP) feature allows to forward trafc through multiple paths, taking advantage
of more bandwidth
• ECMP routes can be learned dynamically, or congured statically with multiple static routes to same
destination but with different next hops
• OSPF Max Metric feature allows to to override the metric in summary type 3 and type 4 LSAs while in stub
router mode
• Automatic Exiting of Stub Router Mode feature allows to exit stub router mode, reoriginating the router LSA
with proper metric values on transit links
• Static Area Range Costs feature allows to congure a xed OSPF cost that is always advertised when an area
range is active
OSPF LSA Pacing feature improves the efciency of
LSA ooding, reducing or eliminating the packet
drops caused by bursts in OSPF control packets
• LSA transmit pacing limits the rate of LS Update packets that OSPF can send
• With LSA refresh groups, OSPF efciently bundles LSAs into LS Update packets when periodically refreshing
self-originated LSAs
OSPF Flood Blocking feature allows to disable LSA
ooding on an interface with area or AS (domain-
wide) scope
• In that case, OSPF does not advertise any LSAs with area or AS scope in its database description packets sent
to neighbors
OSPF Transit-Only Network Hiding is supported
based on RFC 6860 with transit-only network dened
as a network connecting only routers
• Transit-only networks are usually congured with routable IP addresses which are advertised in LSAs but are
not needed for data trafc
• If router-to-router subnets are advertised, remote attacks can be launched against routers by sending
packets to these transit-only networks
• Hiding transit-only networks speeds up network convergence and reduces vulnerability to remote attacks
• ‘Hiding’ implies that the prexes are not installed in the routing tables on OSPFv2 and OSPFv3 routers
IP Multinetting allows to congure more than one IP address on a network interface (other vendors may call it IP Aliasing or Secondary Addressing)
ICMP Throttling feature adds conguration options
for the transmission of various types of ICMP mes-
sages
• ICMP Redirects can be used by a malicious sender to perform man-in-the-middle attacks, or divert
packets to a malicious monitor, or to cause Denial of Service (DoS) by blackholing the packets
• ICMP Echo Requests and other messages can be used to probe for vulnerable hosts or routers
• Rate limiting ICMP error messages protects the local router and the network from sending a large number of
messages that take CPU and bandwidth
The Policy Based Routing feature (PBR) overrides
routing decision taken by the router and makes the
packet to follow different actions based on a policy
• It provides freedom over packet routing/forwarding instead of leaving the control to standard routing proto-
cols based on L3
• For instance, some organizations would like to dictate paths instead of following the paths shown by
routing protocols
• Network Managers/Administrators can set up policies such as:
–My network will not carry trafc from the Engineering department
–Trafc originating within my network with the following characteristics will take path A, while other trafc
will take path B
–When load sharing needs to be done for the incoming trafc across multiple paths based on packet
entities in the incoming trafc
Enterprise security
Trafc control MAC Filter and Port Securityhelp restrict the trafc allowed into and out of specied ports or interfaces in the system in order to increase overall security
and block MAC address ooding issues
DHCP Snoopingmonitors DHCP trafc between DHCP clients and DHCP servers to lter harmful DHCP message and builds a bindings database of (MAC address, IP
address, VLAN ID, port) tuples that are considered authorized in order to prevent DHCP server spoong attacks
IP source guard and Dynamic ARP Inspection use the DHCP snooping bindings database per port and per VLAN to drop incoming packets that do not match any
binding and to enforce source IP/MAC addresses for malicious users trafc elimination
Time-based Layer 2 / Layer 3-v4 / Layer 3-v6 / Layer 4 Access Control Lists (ACLs) can be binded to ports, Layer 2 interfaces, VLANs and LAGs (Link Aggregation Groups
or Port channel) for fast unauthorized data prevention and right granularity
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 13 of 60
For in-band switch management, management ACLs on CPU interface (Control Plane ACLs) are used to dene the IP/MAC or protocol through which management
access is allowed for increased HTTP/HTTPS or Telnet/SSH management security
Out-of-band management is available via dedicated service port (1G RJ45 OOB) when in-band management can be prohibited via management ACLs
Bridge protocol data unit (BPDU) Guardallows the network administrator to enforce the Spanning Tree (STP) domain borders and keep the active topology consistent
and predictable - unauthorized devices or switches behind the edge ports that have BPDU enabled will not be able to inuence the overall STP by creating loops
Spanning Tree Root Guard (STRG)enforces the Layer 2 network topology by preventing rogue root bridges potential issues when for instance, unauthorized or
unexpected new equipment in the network may accidentally become a root bridge for a given VLAN
Dynamic 802.1x VLAN assignment mode, including
Dynamic VLAN creation mode and Guest VLAN / Un-
authenticated VLAN are supported for rigorous user
and equipment RADIUS policy server enforcement
• Up to 48 clients (802.1x) per port are supported, including the authentication of the users domain, in order
to facilitate convergent deployments. For instance when IP phones connect PCs on their bridge, IP phones
and PCs can authenticate on the same switch port but under different VLAN assignment policies (Voice
VLAN versus other Production VLANs)
802.1x MAC Address Authentication Bypass (MAB) is
a supplemental authentication mechanism that lets
non-802.1x devices bypass the traditional 802.1x
process altogether, letting them authenticate to
the network using their client MAC address as an
identier
• A list of authorized MAC addresses of client NICs is maintained on the RADIUS server for MAB purpose
• MAB can be congured on a per-port basis on the switch
• MAB initiates after unsuccessful dot1x authentication process (congurable time out), when clients don’t
respond to any of EAPOL packets
• When 802.1X unaware clients try to connect, the switch sends the MAC address of each client to the authen-
tication server
• The RADIUS server checks the MAC address of the client NIC against the list of authorized addresses
• The RADIUS server returns the access policy and VLAN assignment to the switch for each client
With Successive Tiering, the Authentication Manager
allows for authentication methods per port for a
Tiered Authentication based on congured time-outs
• By default, conguration authentication methods are tried in this order: Dot1x, then MAB, then Captive Portal
(web authentication)
• With BYOD, such Tiered Authentication is powerful and simple to implement with strict policies
–For instance, when a client is connecting, M4300 tries to authenticate the user/client using the three
methods above, the one after the other
• The admin can restrict the conguration such that no other method is allowed to follow the captive portal
method, for instance
Double VLANs (DVLAN) pass trafc from one customer domain to another through the “metro core” in a multi-tenancy environment: customer VLAN IDs are preserved
and a service provider VLAN ID is added to the trafc so the trafc can pass the metro core in a simple, secure manner
Private VLANs (with Primary VLAN, Isolated VLAN,
Community VLAN, Promiscuous port, Host port,
Trunks) provide Layer 2 isolation between ports that
share the same broadcast domain, allowing a VLAN
broadcast domain to be partitioned into smaller
point-to-multipoint subdomains accross switches in
the same Layer 2 network
• Private VLANs are useful in DMZ when servers are not supposed to communicate with each other but need
to communicate with a router
• They remove the need for more complex port-based VLANs with respective IP interface/subnets and
associated L3 routing
• Another Private VLANs typical application are carrier-class deployments when users shouldn’t see, snoop or
attack other users’ trafc
SSL version 3 and TLS version 2 ensure Web GUI sessions are secured
Secure Shell (SSH version 2) and SNMPv3 (with or without MD5 or SHA authentication) ensure SNMP and Telnet sessions are secured
2048-bit RSA key pairs, SHA2-256 and SHA2-512 cryptographic hash functions for SSLv3 and SSHv2 are supported on all M4300 models
TACACS+ and RADIUS enhanced administrator management provides strict “Login” and “Enable” authentication enforcement for the switch conguration, based on
latest industry standards: exec authorization using TACACS+ or RADIUS; command authorization using TACACS+ and RADIUS Server; user exec accounting for HTTP
and HTTPS using TACACS+ or RADIUS; and authentication based on user domain in addition to user ID and password
Superior quality of service
Advanced classier-based hardware implementation for Layer 2 (MAC), Layer 3 (IP) and Layer 4 (UDP/TCP transport ports) prioritization
8 queues (7 in a stack) for priorities and various QoS policies based on 802.1p (CoS) and DiffServ can be applied to interfaces and VLANs
Advanced rate limiting down to 1 Kbps granularity and mininum-guaranteed bandwidth can be associated with ACLs for best granularity
Single Rate Policing feature enables support for
Single Rate Policer as dened by RFC 2697
• Committed Information Rate (average allowable rate for the class)
• Committed Burst Size (maximum amount of contiguous packets for the class)
• Excessive Burst Size (additional burst size for the class with credits rell at a slower rate than committed
burst size)
• DiffServ feature applied to class maps
Automatic Voice over IP prioritization with protocol-based (SIP, H323 and SCCP ) or OUI-based Auto-VoIP up to 144 simultaneous voice calls
iSCSI Flow Acceleration and automatic protection / QoS with Auto-iSCSI
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 14 of 60
Flow Control
802.3x Flow Control implementation per IEEE 802.3
Annex 31B specications with Symmetric ow
control, Asymmetric ow control or No ow control
• Asymmetric ow control allows the switch to respond to received PAUSE frames, but the ports cannot
generate PAUSE frames
• Symmetric ow control allows the switch to both respond to, and generate MAC control PAUSE frames
Allows trafc from one device to be throttled for a
specied period of time: a device that wishes to in-
hibit transmission of data frames from another device
on the LAN transmits a PAUSE frame
• A device that wishes to inhibit transmission of data frames from another device on the LAN transmits a
PAUSE frame
The Priority Flow Control (PFC) is standardized by the
IEEE 802.1Qbb specication and enables ow control
per trafc class on IEEE 802 full-duplex links
• By pausing congested priorities independently, highly loss sensitive protocols can share the same link with
trafc that has different loss tolerances
• The priorities are differentiated by the priority eld of the 802.1Q VLAN header
• PFC uses a new control packet dened in 802.1Qbb and therefore disables 802.3x standard ow control on
PFC congured interfaces
• PFC comes with CLI conguration and it is only supported on M4300-12X12F, 24X, 24X24F, 48X and 96X
models
UDLD Support
UDLD implementation detects unidirectional links
physical ports (UDLD must be enabled on both sides
of the link in order to detect an unidirectional link)
• UDLD protocol operates by exchanging packets containing information about neighboring devices
• The purpose is to detect and avoid unidirectional link forwarding anomalies in a Layer 2 communication
channel
Both “normal-mode” and “aggressive-mode” are supported for perfect compatibility with other vendors implementations, including port “D-Disable” triggering cases in
both modes
M4300-96X
M4300-96X
M4300-52G-PoE+
M4300-52G-PoE+
M4300-28G-PoE+
M4300-28G-PoE+
M4300-52G
M4300-52G
M4300-28G
M4300-28G
M4300-24X24F
M4300-24X24F
M4300-12X12F
M4300-12X12F
M4300-8X8F
M4300-8X8F
M4300-48XF
M4300-48XF
M4300-24XF
M4300-24XF
M4300-16X
M4300-16X
M4300-48X
M4300-48X
M4300-24X
M4300-24X
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 15 of 60
Target Application (IT)
Building 1
• For midsize server installations, two
half-width M4300 10GbE models can
be paired in a single rack space for
redundant top-of-rack
• Compared with single top-of-rack
switch installation, such two-unit
horizontal stacking is cost-effective yet
highly efcient for HA
• Management unit hitless failover and
nonstop forwarding ensure no single
point of failure for servers and storage
Building 2
• Common for intermediate distribution
frames (IDF) in K-12 and other large
campuses, stacking topologies greatly
simplify deployments at the edge
• While reducing the number of logical
units to manage, stacking also brings
network resiliency with distributed
uplinks in aggregation to the core
• Management unit hitless failover and
nonstop forwarding ensures continuous
uptime for clients across the stack
Building 3
• For typical collapsed core installations,
with a variety of 1G and 10G access
ports in branch ofces, server rooms or
campus high performance labs
• M4300 10G models can stack with
M4300 1G models, enabling innovative
“spine and leaf” topologies
• Spine and leaf architectures deliver
highest performance with every leaf
switch (1G) connecting to every spine
switch (10G) for a fully non-blocking
deployment
• With management unit hitless failover
and nonstop forwarding, leaf switches
keep forwarding L2 and L3 trafc in and
out, while backup spine unit guarantees
connectivity to the core
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 16 of 60
Target Application (SDVoE)
HDTV Touchscreen
4K Display
Digital Signage
Laptop
4K Server
Cable Satellite Box
Blu-ray Player
4K Camera
SDVoE Encoder
SDVoE Encoder
SDVoE Encoder
SDVoE Encoder
SDVoE Encoder
SDVoE Encoder
Projector
Video Wall
Smart TV
SDVoE Decoder
HDMI
USB 2.0
HDMI
1G Ethernet
HDMI
Audio Embed
HDMI
IR
HDMI
IR
HDMI
1G Ethernet
Audio Embed
10G Ethernet (Copper)
10G Ethernet (Copper)
10G Ethernet (Copper)
10G Ethernet (Copper)
10G Ethernet (Fiber)
10G Ethernet (Fiber)
SDVoE Controller
1G
Ethernet
HDMI
USB 2.0
10G Ethernet (Copper)
RS232
HDMI
SDVoE Decoder
10G
Ethernet
(Fiber)
RS232
HDMI
SDVoE Decoder
10G
Ethernet
(Fiber)
SDVoE Decoders
HDMI
HDMI
HDMI
HDMI
10G Ethernet (Fiber) HDMI
1G Ethernet
Audio Embed
USB 2.0
IR
SDVoE Decoder
Keyboard & Mouse
Speakers
IR Receiver
& Remote
10G Ethernet (Fiber)
4K/60 4:4:4 with
zero frame latency
Video Wall with
bezel compensation
EDID and HDCP 2.2
encryption support
KVM access,
real USB 2.0,
infra-red control
USB 2.0
Configurable
Multi-Viewer
SDVoE is a trademark of the SDVoE Alliance
www.sdvoe.org
To take the complexity out of your AV-over-IP deployment, NETGEAR created M4300 switches that are precongured for easy, true AV and multi-
cast Zero Touch network conguration. Namely, IGMP Snooping, IGMP Fast Leave, IGMP Querier are already enabled for the default VLAN 1 that
all your devices will automatically use. Connect your encoder and decoder devices, and power on the switch – it just works!
Enabling Zero-Touch install of SDVoE Video-over-IP
• M4300-96X streamlines AV-over-IP SDVoE solutions, replacing 48x48 switchers and any other in/out distribution
-Non-blocking fabric for 96x10G or 24x40G or a combination
-12 empty slots in 2RU for 8x10G or 2x40G port expansion cards
• Use the M4300-96X online congurator to design your modular switch
-www.netgear.com/96x-cong
• Plug and play and ready to grow as per your requirements
• Takes the complexity out of your AV-over-IP deployment
• Zero Touch AV-over-IP with pre-congured L2 Multicast (SDVoE-ready)
-IGMP Snooping, IGMP Fast Leave, IGMP Querier are already enabled
• Easy-to-use Web browser-based management GUI
The SDVoE Alliance is an eco-system of companies in and around the AV-over-IP space, working together to create a platform for the next gen-
eration of audiovisual applications. NETGEAR SDVoE Partners provide the SDVoE audio-video products and NETGEAR provides the backbone
network that makes it all possible.
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 17 of 60
Components and Modules
• 8-port 10GBASE-T (RJ45) all independent
• 8-port 10GBASE-X (SFP+) all independent
• 320Gbps non-blocking fabric across 16 ports
• Out-of-band 1G Ethernet management port
• Mini-USB and RJ45 RS232 console ports and USB storage port
• Full L3 feature set and non-stop forwarding (NSF) stacking
• Half-width form factor with one- and two-unit rack mount kit
• Two half-width switches can be installed in a single rack space for
redundant top-of-rack
• Ships with one modular APS250W PSU in its power supply slot
• Low acoustics (36.9dB @25°C / 77°F), or fans off
M4300-8X8F
Stackable Managed Switch
To install a single half-width switch in a rack, a 19-inch rack-mount kit is supplied with the switch:
To install two half-width switches in a rack, inside and outside middle mounts and rack-mount brackets are supplied with the switches:
Ordering information
• Americas, Europe: XSM4316S-100NES
• Asia Pacic: XSM4316S-100AJS
• Warranty: Limited Lifetime ProSAFE Hardware Warranty**
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 18 of 60
Components and Modules
• 16-port 100M/1G/2.5G/5G/10GBASE-T with PoE+ (copper RJ45)
• 320Gbps non-blocking fabric across 16 ports
• Out-of-band 1G Ethernet management port
• Mini-USB and RJ45 RS232 console ports and USB storage port
• Full L3 feature set and non-stop forwarding (NSF) stacking
• Half-width form factor with one- and two-unit rack mount kit
• Two half-width switches can be installed in a single rack space for
redundant top-of-rack
• (XSM4316PA) Ships with one modular APS299W PSU in its power supply
slot
• (XSM4316PB) Ships with one modular APS600W PSU in its power supply
slot
• Low acoustics (36dB with APS299W, 35dB with APS600W, @25°C / 77°F )
• 12-port 10GBASE-T (RJ45) all independent
• 12-port 10GBASE-X (SFP+) all independent
• 480Gbps non-blocking fabric across 24 ports
• Out-of-band 1G Ethernet management port
• Mini-USB and RJ45 RS232 console ports and USB storage port
• Full L3 feature set and non-stop forwarding (NSF) stacking
• Half-width form factor with one- and two-unit rack mount kit
• Two half-width switches can be installed in a single rack space for
redundant top-of-rack
• Ships with one modular APS250W PSU in its power supply slot
• Low acoustics (36.9dB @25°C / 77°F)
M4300-16X
Stackable Managed Switch
M4300-12X12F
Stackable Managed Switch
Ordering information
• Americas, Europe (299W PSU): XSM4316PA-100NES
• Americas, Europe (600W PSU): XSM4316PB-100NES
• Asia Pacic (299W PSU): XSM4316PA-100AJS
• Asia Pacic (600W PSU): XSM4316PB-100AJS
• Warranty: Limited Lifetime ProSAFE Hardware Warranty**
Ordering information
• Americas, Europe: XSM4324S-100NES
• Asia Pacic: XSM4324S-100AJS
• Warranty: Limited Lifetime ProSAFE Hardware Warranty**
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 19 of 60
• 24-port 10GBASE-X (SFP+)
• 2-port 10GBASE-T (RJ45) (shared, back)
• 480Gbps non-blocking fabric across 24 ports
• Out-of-band 1G Ethernet management port
• Mini-USB and RJ45 RS232 console ports and USB storage port
• Full L3 feature set and non-stop forwarding (NSF) stacking
• Half-width form factor with one- and two-unit rack mount kit
• Two half-width switches can be installed in a single rack space for
redundant top-of-rack
• Ships with one modular APS250W PSU in its power supply slot
• Low acoustics (39.7dB @25°C / 77°F)
• 24-port 10GBASE-T (RJ45)
• 4-port 10GBASE-X (SFP+) (shared, back)
• 480Gbps non-blocking fabric across 24 ports
• Out-of-band 1G Ethernet management port
• Mini-USB and RJ45 RS232 console ports and USB storage port
• Full L3 feature set and non-stop forwarding (NSF) stacking
• Half-width form factor with one- and two-unit rack mount kit
• Two half-width switches can be installed in a single rack space for
redundant top-of-rack
• Ships with one modular APS250W PSU in its power supply slot
• Low acoustics (37dB @25°C / 77°F)
M4300-24XF
Stackable Managed Switch
M4300-24X
Stackable Managed Switch
Ordering information
• Americas, Europe: XSM4324FS-100NES
• Asia Pacic: XSM4324FS-100AJS
• Warranty: Limited Lifetime ProSAFE Hardware Warranty**
Ordering information
• Americas, Europe: XSM4324CS-100NES
• Asia Pacic: XSM4324CS-100AJS
• Warranty: Limited Lifetime ProSAFE Hardware Warranty**
Components and Modules
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 20 of 60
• 24-port 10GBASE-T (RJ45) all independent
• 24-port 10GBASE-X (SFP+) all independent
• 960Gbps non-blocking fabric across 48 ports
• Out-of-band 1G Ethernet Management port
• Mini-USB and RJ45 RS232 console ports and USB storage port
• Full L3 feature set and non-stop forwarding (NSF) stacking
• Full width form factor with one-unit rack mount kit
• Ships with one modular APS250W PSU in rst power supply slot
• Ship with a blank cover in the second power supply slot
• Low acoustics (35.8dB @25°C / 77°F)
• 48-port 10GBASE-T (RJ45)
• 4-port 10GBASE-X (SFP+) (shared)
• 960Gbps non-blocking fabric across 48 ports
• Out-of-band 1G Ethernet Management port
• Mini-USB and RJ45 RS232 console ports and USB storage port
• Full L3 feature set and non-stop forwarding (NSF) stacking
• Full width form factor with one-unit rack mount kit
• Ships with one modular APS250W PSU in rst power supply slot
• Ship with a blank cover in the second power supply slot
• Low acoustics (40.3dB @25°C / 77°F)
M4300-24X24F
Stackable Managed Switch
M4300-48X
Stackable Managed Switch
Ordering information
• Americas, Europe: XSM4348S-100NES
• Asia Pacic: XSM4348S-100AJS
• Warranty: Limited Lifetime ProSAFE Hardware Warranty**
Ordering information
• Americas, Europe: XSM4348CS-100NES
• Asia Pacic: XSM4348CS-100AJS
• Warranty: Limited Lifetime ProSAFE Hardware Warranty**
Components and Modules
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 21 of 60
• 48-port 10GBASE-X (SFP+)
• 2-port 10GBASE-T (RJ45) (shared)
• 960Gbps non-blocking fabric across 48 ports
• Out-of-band 1G Ethernet Management port
• Mini-USB and RJ45 RS232 console ports and USB storage port
• Full L3 feature set and non-stop forwarding (NSF) stacking
• Full width form factor with one-unit rack mount kit
• Ships with one modular APS250W PSU in rst power supply slot
• Ship with a blank cover in the second power supply slot
• Low acoustics (42.4dB @25°C / 77°F)
M4300-48XF
Stackable Managed Switch
Ordering information
• Americas, Europe: XSM4348FS-100NES
• Asia Pacic: XSM4348FS-100AJS
• Warranty: Limited Lifetime ProSAFE Hardware Warranty**
Components and Modules
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 22 of 60
• 1.92Tbps non-blocking fabric for 96-port 10G or 24-port 40G or a
combination
-12 slots (front) available in 2RU for 8x10G or 2x40G port expansion cards
-XSM4396K0 is the SKU for the M4300-96X empty switch (no PSU)
-XSM4396K1 is the starter kit including 48xSFP+ and 1x600W PSU
• 4 port cards and hundreds of combinations
-APM408C features 8-port 100M/1G/2.5G/5G/10GBASE-T (copper RJ45)
-APM408P features 8-port 100M/1G/2.5G/5G/10GBASE-T with PoE+
(copper RJ45)
-APM408F features 8-port 1G/10GBASE-X (ber SFP+)
-APM402XL features 2-port 40GBASE-X (QSFP+)
• PoE over 10G is supported up to 48 x 10G PoE+ 30W per system (rst 6 slots)
• Out-of-band 1G Ethernet Management port
• Mini-USB and RJ45 RS232 console ports and USB storage port
• Full L3 feature set and non-stop forwarding (NSF) stacking
• Full width 2RU form factor with 2-post and 4-post rack mount kit
• Ships with blank covers in empty slots (front I/O; rear PSU)
• Low acoustics (35.8dB @25°C / 77°F) when no PoE
• 66.8dB @25°C / 77°F with Max PoE (1,440W)
M4300-96X
Stackable and Modular Managed Switch
Ordering information
• Worldwide (Empty Switch, No PSU): XSM4396K0-10000S
• Americas, Europe (Starter Kit 48xSFP+): XSM4396K1-100NES
• Asia Pacic (Starter Kit 48xSFP+): XSM4396K1-100AJS
• Worldwide (10G Copper card): APM408C-10000S
• Worldwide (10G Copper PoE+ card): APM408P-10000S
• Worldwide (10G Fiber card): APM408F-10000S
• Worldwide (40G Fiber card): APM402XL-10000S
• Warranty: Limited Lifetime ProSAFE Hardware Warranty**
Empty version (XSM4396K0)
Use the M4300-96X online congurator to design
your modular switch: www.netgear.com/96x-cong
48xSFP+ and 1x600W PSU Starter Kit (XSM4396K1)
8x10GBASE-T Port Card - 100M/1G/2.5G/5G/10G
(APM408C)
8xSFP+ Port Card - 1G/10G
(APM408F)
8x10GBASE-T PoE+ Port Card - 100M/1G/2.5G/5G/10G
(APM408P)
2xQSFP+ Port Card - 40G
(APM402XL)
Components and Modules
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 23 of 60
• 48-port 1000BASE-T (RJ45)
• 2-port 10GBASE-T (RJ45) all independent
• 2-port 10GBASE-X (SFP+) all independent
• 176Gbps non-blocking fabric across 52 ports
• Out-of-band 1G Ethernet Management port
• Mini-USB and RJ45 RS232 console ports and USB storage port
• Full L3 feature set and non-stop forwarding (NSF) stacking
• Full width form factor with one-unit rack mount kit
• Ships with one modular APS150W PSU in rst power supply slot
• Ship with a blank cover in the second power supply slot
• Low acoustics (31.5dB @25°C / 77°F)
M4300-52G
Stackable Managed Switch
Ordering information
• Americas, Europe: GSM4352S-100NES
• Asia Pacic: GSM4352S-100AJS
• Warranty: Limited Lifetime ProSAFE Hardware Warranty**
• 24-port 1000BASE-T (RJ45)
• 2-port 10GBASE-T (RJ45) all independent
• 2-port 10GBASE-X (SFP+) all independent
• 128Gbps non-blocking fabric across 28 ports
• Out-of-band 1G Ethernet Management port
• Mini-USB and RJ45 RS232 console ports and USB storage port
• Full L3 feature set and non-stop forwarding (NSF) stacking
• Full width form factor with one-unit rack mount kit
• Ships with one modular APS150W PSU in rst power supply slot
• Ship with a blank cover in the second power supply slot
• Low acoustics (30.3dB @25°C / 77°F)
M4300-28G
Stackable Managed Switch
Ordering information
• Americas, Europe: GSM4328S-100NES
• Asia Pacic: GSM4328S-100AJS
• Warranty: Limited Lifetime ProSAFE Hardware Warranty**
Components and Modules
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 24 of 60
• 24-port 1000BASE-T (RJ45) PoE+
• 2-port 10GBASE-T (RJ45) all independent
• 2-port 10GBASE-X (SFP+) all independent
• 128Gbps non-blocking fabric across 28 ports
• Out-of-band 1G Ethernet Management port
• Mini-USB and RJ45 RS232 console ports and USB storage port
• Full L3 feature set and non-stop forwarding (NSF) stacking
• Full width form factor with one-unit rack mount kit
• (GSM4328PA) Ships with one modular APS550W PSU in rst power supply
slot
• (GSM4328PB) Ships with one modular APS1000W PSU in rst power
supply slot
• Ship with a blank cover in the second power supply slot
• 48-port 1000BASE-T (RJ45) PoE+
• 2-port 10GBASE-T (RJ45) all independent
• 2-port 10GBASE-X (SFP+) all independent
• 176Gbps non-blocking fabric across 52 ports
• Out-of-band 1G Ethernet Management port
• Mini-USB and RJ45 RS232 console ports and USB storage port
• Full L3 feature set and non-stop forwarding (NSF) stacking
• Full width form factor with one-unit rack mount kit
• (GSM4352PA) Ships with one modular APS550W PSU in rst power supply
slot
• (GSM4352PB) Ships with one modular APS1000W PSU in rst power
supply slot
• Ship with a blank cover in the second power supply slot
M4300-28G-PoE+
Stackable Managed Switch
Ordering information
• Americas, Europe (550W PSU): GSM4328PA-100NES
• Americas, Europe (1,000W PSU): GSM4328PB-100NES
• Asia Pacic (550W PSU): GSM4328PA-100AJS
• Asia Pacic (1,000W PSU): GSM4328PB-100AJS
• Warranty: Limited Lifetime ProSAFE Hardware Warranty**
Ordering information
• Americas, Europe (550W PSU): GSM4352PA-100NES
• Americas, Europe (1,000W PSU): GSM4352PB-100NES
• Asia Pacic (550W PSU): GSM4352PA-100AJS
• Asia Pacic (1,000W PSU): GSM4352PB-100AJS
• Warranty: Limited Lifetime ProSAFE Hardware Warranty**
M4300-52G-PoE+
Stackable Managed Switch
Components and Modules
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 25 of 60
RPS mode: provide N+1 redundancy to M4300-52G-PoE+ when its two internal PSUs
are used in EPS (shared) mode
• One APS1000W per M4300-52G-PoE+ connected to the RPS4000 unit
• Up to four (4) M4300-52G-PoE+ switches per RPS4000 unit
RPS4000v2
RPS unit for up to 4 concurrent switches
Ordering information
• Americas, Europe: RPS4000-200NES
• Asia Pacic: RPS4000-200AJS
• Warranty: 5 years
Front view
• RPS4000 is 1RU unit with four (4) empty slots
Rear view
• Four (4) embedded RPS connectors
• Switch selectors for RPS/EPS power modes
Included:
• Four (4) RPS cables - 60cm each (~2 ft)
• Rack mount kit
• Modular PSU for M4300-96X (PoE applications)
• C15 connector
• Capacity:
–110V-240V AC power input
–Up to 1,050W output power at 110V AC
–Up to 1,200W output power at 220V AC
• Power module for RPS4000 unit
• Additionnal PSU for M4300-28G-PoE+ (GSM4328PB) and
M4300-52G-PoE+ (GSM4352PB)
• C15 connector
• Capacity:
–110V-240V AC power input
–Up to 640W output power at 110V AC
–Up to 910W output power at 220V AC
APS1200W
Power Supply Unit
APS1000W
Power Supply Unit
Ordering information
• Americas, Europe: APS1200W-100NES
• Asia Pacic: APS1200W-100AJS
• Warranty: 5 years
Ordering information
• Americas, Europe: APS1000W-100NES
• Asia Pacic: APS1000W-100AJS
• Warranty: 5 years
Accessories
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 26 of 60
• Additional PSU for M4300-28G-PoE+ (GSM4328PA) and
M4300-52G-PoE+ (GSM4352PA)
• C14 connector
• Capacity:
–110V-240V AC power input
–Up to 575W output power at 110/220V AC
APS550W
Power Supply Unit
Ordering information
• Americas, Europe: APS550W-100NES
• Asia Pacic: APS550W-100AJS
• Warranty: 5 years
• Modular PSU for M4300-96X (non-PoE applications)
• Replacement PSU for M4300-16X (PoE applications)
• C14 connector
• Capacity:
–110V-240V AC power input
–Up to 600W output power at 110/220V AC
APS600W
Power Supply Unit
Ordering information
• Americas, Europe: APS600W-100NES
• Asia Pacic: APS600W-100AJS
• Warranty: 5 years
• Replacement PSU for M4300-16X (no or limited PoE
applications)
• C14 connector
• Capacity:
–110V-240V AC power input
–Up to 250W output power at 110/220V AC
APS299W
Power Supply Unit
Ordering information
• Americas, Europe: APS299W-100NES
• Asia Pacic: APS299W-100AJS
• Warranty: 5 years
Accessories
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 27 of 60
• Replacement PSU for M4300-8X8F, M4300-12X12F, M4300-
24X, M4300-24XF
• Additional PSU for M4300-24X24F, M4300-48X, M4300-48XF
• C14 connector
• Capacity
–110V-240V AC power input
–Up to 250W output power at 110/220V AC
• Additional PSU for M4300-28G and M4300-52G
• C14 connector
• Capacity:
–110V-240V AC power input
–Up to 150W output power at 110/220V AC
APS250W
Power Supply Unit
APS150W
Power Supply Unit
Ordering information
• Americas, Europe: APS250W-100NES
• Asia Pacic: APS250W-100AJS
• Warranty: 5 years
Ordering information
• Americas, Europe: APS150W-100NES
• Asia Pacic: APS150W-100AJS
• Warranty: 5 years
Accessories
• Fits into M4300 models SFP+ interfaces
• 1 port Gigabit RJ45
• Supports only 1000Mbps full-duplex mode
• Up to 100m (328 ft) with Cat5 RJ45 or better
• Conveniently adds 1G copper connectivity to M4300 ber
interfaces
• Fits into M4300 models SFP+ interfaces
• 1 port 10GBASE-T RJ45
• Copper connectivity up to 30 m (98 feet) distance
• CAT6a or better wiring required for 10GBASE-T up to
30 meters
• Conveniently adds 10G copper connectivity to
M4300 ber interfaces
AGM734
1000BASE-T RJ45 SFP (Gigabit)
AXM765
10GBASE-T RJ45 SFP+ (10 Gigabit)
Ordering information
• Worldwide: AGM734-10000S
• Warranty: 5 years
Ordering information
• Worldwide: AXM765-10000S
• Warranty: 5 years
Copper SFP and SFP+ Optics for M4300 series
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 28 of 60
GBIC SFP and SFP+ Optics for M4300 series
ORDERING INFORMATION
WORLDWIDE: SEE TABLE
BELOW
WARRANTY: 5 YEARS
Multimode Fiber (MMF) Single mode Fiber (SMF)
OM1 or OM2
62.5/125µm
OM3 or OM4
50/125µm 9/125µm
40 Gigabit QSFP+
AXLM761
40GBASE-MR4 Duplex
1 MMF link - LC duplex
connector
up to 150m (492 ft)
AXLM761-10000S (1 unit)
AXLM762
40GBASE-LR4 long reach single
mode
LC duplex connector
up to 10km (6.2 miles)
AXLM762-10000S (1 unit)
10 Gigabit SFP+
AXM763
10GBase-LRM long reach
multimode
802.3aq - LC duplex connector
up to 220m (722 ft)
AXM763-10000S (1 unit)
AXM763
10GBase-LRM long reach
multimode
802.3aq - LC duplex connector
up to 260m (853 ft)
AXM763-10000S (1 unit)
AXM762
10GBase-LR long reach single mode
LC duplex connector
up to 10km (6.2 miles)
AXM762-10000S (1 unit)
AXM762P10-10000S
(pack of 10 units)
AXM761
10GBase-SR short reach multi-
mode
LC duplex connector
OM3: up to 300m (984 ft)
OM4: up to 550m (1,804 ft)
AXM761-10000S (1 unit)
AXM761P10-10000S
(pack of 10 units)
AXM764
10GBase-LR LITE single mode
LC duplex connector
up to 2km (1.2 mile)
AXM764-10000S (1 unit)
Gigabit SFP
AGM731F
1000Base-SX short range multi-
mode
LC duplex connector
up to 275m (902 ft)
AGM731F (1 unit)
AGM731F
1000Base-SX
short range multimode
LC duplex connector
OM3: up to 550m (1,804 ft)
OM4: up to 1,000m (3,280 ft)
AGM731F (1 unit)
AGM732F
1000Base-LX long range single
mode
LC duplex connector
up to 10km (6.2 miles)
AGM732F (1 unit)
• Fits into M4300 models SFP+
interfaces
• Fits into M4300 models SFP+
interfaces
• Fits into M4300-96X /
APM402XL QSFP+ interfaces
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 29 of 60
ORDERING INFORMATION
WORLDWIDE: SEE TABLE
BELOW
WARRANTY: 5 YEARS
SFP+ to SFP+
1 meter (3.3 ft) 3 meters (9.8 ft)
40 Gigabit DAC
AXLC761
40G QSFP+ Cu (passive)
QSFP+ connectors
AXLC761-10000S (1 unit)
AXLC763
40G QSFP+ Cu (passive)
QSFP+ connectors
AXLC763-10000S (1 unit)
10 Gigabit DAC 1 meter (3.3 ft) 3 meters (9.8 ft) 5 meters (16.4 ft)
AXC761
10GSFP+ Cu (passive)
SFP+ connectors
AXC761-10000S (1 unit)
AXC763
10GSFP+ Cu (passive)
SFP+ connectors
AXC763-10000S (1 unit)
AXC765
10GSFP+ Cu (active)
SFP+ connectors
AXC765-10000S (1 unit)
7 meters (23.0 ft) 10 meters (32.8 ft) 15 meters (49.2 ft)
AXC767
10GSFP+ Cu (active)
SFP+ connectors
AXC767-10000S (1 unit)
AXC7610
10GSFP+ Cu (active)
SFP+ connectors
AXC7610-10000S (1 unit)
AXC7615
10GSFP+ (duplex ber optic)
SFP+ connectors
AXC7615-10000S (1 unit)
20 meters (65.6 ft)
AXC7620
10GSFP+ (duplex ber optic)
SFP+ connectors
AXC7620-10000S (1 unit)
Direct Attach Cables for M4300 series
• Fits into M4300 models SFP+ interfaces
• Fits into M4300-96X / APM402XL
QSFP+ interfaces
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 30 of 60
Aurora MultimediaTM 24 port 10G PoE+ injector
IP-24PoE+
NETGEAR has validated the Aurora Multimedia IP-24PoE+
injector for use with the M4300 switches. It can add PoE/PoE+
up to 30W per port to any 1G or 10G M4300 model. The IP-
24PoE+ allows for a clean installation of 1G or 10G PD capable
devices, such as 10G AV over IP encoders and decoders.
• Input (top): 24 ports 1G/10GBASE-T
• Output (bottom): 24 ports 1G/10GBASE-T with added PoE+
• 30 Watts per port (IEEE 802.3af, IEEE 802.3at)
• 750 Watts total power, 1RU
Please visit https://auroramultimedia.com/products/ip-24poe/ for more information or
send an email to sales@auroramm.com for procurement.
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 31 of 60
Highlights
Model Name Description Model
number
M4300-8X8F Half-Width 16x10G including 8x10GBASE-T and 8xSFP+ XSM4316S
M4300-12X12F Half-Width 24x10G including 12x10GBASE-T and 12xSFP+ XSM4324S
M4300-16X Half-Width 16x100M/1G/2.5G/5G/10GBASE-T with PoE+ (299W
PSU) XSM4316PA
Half-Width 16x100M/1G/2.5G/5G/10GBASE-T with PoE+ (600W
PSU) XSM4316PB
M4300-24X Half-Width 24x10G including 24x10GBASE-T and 4xSFP+
(shared) XSM4324CS
M4300-24XF Half-Width 24x10G including 24xSFP+ and 2x10GBASE-T
(shared) XSM4324FS
M4300-24X24F 48x10G including 24x10GBASE-T and 24xSFP+ XSM4348S
M4300-48X 48x10G including 48x10GBASE-T and 4xSFP+ (shared) XSM4348CS
M4300-48XF 48x10G including 48xSFP+ and 2x10GBASE-T (shared) XSM4348FS
M4300-96X 12-slot 2RU empty switch (no PSU) XSM4396K0
48x10G SFP+ starter kit (600W PSU) XSM4396K1
APM408C 8x100M/1G/2.5G/5G/10GBASE-T Port Card APM408C
APM408P 8x100M/1G/2.5G/5G/10GBASE-T PoE+ Port Card (6 rst slots) APM408P
APM408F 8x1G/10G SFP+ Port Card APM408F
APM402XL 2x40G QSFP+ Port Card APM402XL
M4300-28G 24x1G with 2x10GBASE-T and 2xSFP+ GSM4328S
M4300-28G-PoE+ 24x1G PoE+ with 2x10GBASE-T and 2xSFP+ (550W PSU) GSM4328PA
24x1G PoE+ with 2x10GBASE-T and 2xSFP+ (1,000W PSU) GSM4328PB
M4300-52G 48x1G with 2x10GBASE-T and 2xSFP+ GSM4352S
M4300-52G-PoE+ 48x1G PoE+ with 2x10GBASE-T and 2xSFP+ (550W PSU) GSM4352PA
48x1G PoE+ with 2x10GBASE-T and 2xSFP+ (1,000W PSU) GSM4352PB
APS150W PSU for M4300-28G; M4300-52G APS150W
APS250W PSU for M4300-8X8F; -12X12F;-24X; -24XF, -24X24F; -48X; -48XF APS250W
APS299W PSU for M4300-16X (non- or limited PoE applications, PA version) APS299W
APS550W PSU for M4300-28G-PoE+; M4300-52G-PoE+ (PA versions) APS550W
APS600W PSU for M4300-16X (PoE applications), M4300-96X
(non-PoE applications) APS600W
APS1000W PSU for M4300-28G-PoE+; M4300-52G-PoE+ (PB versions) APS1000W
APS1200W PSU for M4300-96X (PoE applications) APS1200W
Technical Specications
Requirements based on 12.0 software release
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 32 of 60
Physical Interfaces
Gigabit and 10 Gigabit
Ethernet Ports
Auto-sensing RJ45
10/100/1000BASE-T
Auto-sensing RJ45
100/1000/10GBASE-T
Auto-sensing RJ45
100/1000/2.5/5/10GBASE-T
Auto-sensing SFP+
ports
1000/10GBASE-X
QSFP+
40GBASE-X
M4300-8X8F - 8 - 8 (independent) -
M4300-12X12F - 12 - 12 (independent) -
M4300-16X - - 16 - -
M4300-24X - 24 - 4 (shared, back) -
M4300-24XF - 2 (shared, back) - 24 -
M4300-24X24F - 24 - 24 (independent) -
M4300-48X - 48 - 4 (shared) -
M4300-48XF - 2 (shared, back) - 48 -
M4300-96X
(12 slots for port cards) - - Up to 96 (independent) Up to 96 (independent) Up to 24
(independent)
APM408C Port Card - - 8 - -
APM408P Port Card - - 8 (rst 6 slots for PoE+) - -
APM408F Port Card - - - 8 -
APM402XL Port Card - - - - 2
M4300-28G, M4300-28G-PoE+ 24 2 - 2 (independent) -
M4300-52G, M4300-52G-PoE+ 48 2 - 2 (independent) -
M4300-28G, M4300-28G-PoE+,
M4300-52G, M4300-52G-PoE+ 10M Half-Duplex isn’t supported on ports 17-24 and 41-48
Total Usable Port Count 1G Ports 10G Ports 40G Ports
M4300-8X8F, M4300-16X - 16 -
M4300-12X12F, M4300-24X,
M4300-24XF - 24 -
M4300-24X24F, M4300-48X,
M4300-48XF - 48 -
M4300-96X - Up to 96 Up to 24
M4300-28G, M4300-28G-PoE+ 24 4 -
M4300-52G, M4300-52G-PoE+ 48 4 -
Management Ports Console ports Service port (Out-of-band Ethernet) Storage port
M4300-8X8F, M4300-24X24F Serial RS232 RJ45 (front) ; Mini-USB (front) 1 x RJ45 10/100/1000BASE-T (front) 1 x USB (front)
M4300-12X12F, -16X, -24X, -24XF,
-48X, -48XF Serial RS232 RJ45 (back) ; Mini-USB (front) 1 x RJ45 10/100/1000BASE-T (back) 1 x USB (front)
M4300-96X Serial RS232 RJ45 (back) ; Mini-USB (back) 1 x RJ45 10/100/1000BASE-T (back) 1 x USB (back)
M4300-28G, M4300-28G-PoE+,
M4300-52G, M4300-52G-PoE+ Serial RS232 RJ45 (back) ; Mini-USB (front) 1 x RJ45 10/100/1000BASE-T (front) 1 x USB (front)
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 33 of 60
Modular Power Supplies PSU Slots Included PSU Application with 2nd PSU (sold separately)
M4300-8X8F, M4300-12X12F, M4300-24X,
M4300-24XF 11 x APS250W -
M4300-16X (XSM4316PA version
199W PSU) 11 x APS299W -
M4300-16X (XSM4316PB version 600W
PSU) 11 x APS600W -
M4300-24X24F, M4300-48X,
M4300-48XF 21 x APS250W RPS (redundant) mode
M4300-96X (XSM4396K0
empty version) 2 None (APS600W or APS1200W sold separately) RPS (redundant) or EPS (shared) modes
M4300-96X (XSM4396K1 starter kit) 2 1 x APS600W RPS (redundant) or EPS (shared) modes
M4300-28G, M4300-52G 2 1 x APS150W RPS (redundant) mode
M4300-28G-PoE+
(GSM4328PA version 550W PSU) 21 x APS550W RPS (redundant) or EPS (shared) modes
M4300-28G-PoE+
(GSM4328PB version 1,000W PSU) 21 x APS1000W RPS (redundant) or EPS (shared) modes
M4300-52G-PoE+
(GSM4352PA version 550W PSU) 2 + external RPS port 1 x APS550W RPS (redundant) or EPS (shared) modes
M4300-52G-PoE+
(GSM4352PB version 1,000W PSU) 2 + external RPS port 1 x APS1000W RPS (redundant) or EPS (shared) modes
Fixed fans
All models Front-to-back airow
Power over Ethernet
PSE Capacity PoE+ ports
M4300-16X (all versions) 16
M4300-96X Up to 48 Only rst 6 slots are delivering PoE power to APM408P cards for 48 PoE+ ports per switch. APS1200W
preferred.
M4300-28G-PoE+ (all versions) 24
M4300-52G-PoE+ (all versions) 48
PoE Budget
PoE Budget @ 110V AC in PoE Budget @ 220V AC in External RPS
Application
1 PSU or 2 in RPS
mode 2 PSUs in EPS mode 1 PSU or 2 in RPS
mode 2 PSUs in EPS mode
M4300-16X (XSM4316PA version
APS299W PSU) 199 Watts -199 Watts -
M4300-16X (XSM4316PB version
APS600W PSU) 500 Watts -500 Watts -
M4300-96X
(APS600W PSU and 48x10G PoE+) 232 Watts 832 Watts 232 Watts 832 Watts
M4300-96X (APS600W PSU and
96x10GBT incl. 48 PoE+) 34 Watts 634 Watts 34 Watts 634 Watts
M4300-96X (APS600W+APS1200W
PSU and 48x10G PoE+) -1,282 Watts -1,432 Watts
M4300-96X (APS600W+APS1200W
PSU and 96x10GBT incl. 48 PoE+) -1,084 Watts -1,234 Watts
M4300-96X
(APS1200W PSU and 48x10G PoE+) 682 Watts 1,440 Watts 832 Watts 1,440 Watts
M4300-96X (APS1200W PSU and
96x10GBT incl. 48 PoE+) 484 Watts 1,440 Watts 634 Watts 1,440 Watts
M4300-96X (PoE Budget depends on
number of PSU and APM port cards
per switch)
APS600W provides 600W@110V/220VAC; APS1200W delivers 1,050W@110VAC or
1,200W@220VAC per PSU. The system consumes 110W, plus 5W per empty slot; APM408C/
APM408P: 38W; APM408F/APM402XL: 23W.
M4300-28G-PoE+
(GSM4328PA version 550W PSU) 480 Watts 720 Watts 480 Watts 720 Watts
M4300-28G-PoE+
(GSM4328PB version 1,000W PSU) 630 Watts 720 Watts 720 Watts 720 Watts
M4300-52G-PoE+
(GSM4352PA version 550W PSU) 480 Watts 720 Watts 480 Watts 720 Watts Power redundancy
(RPS) when 2 PSUs in
EPS mode
M4300-52G-PoE+
(GSM4352PB version 1,000W PSU) 591 Watts 1,010 Watts 860 Watts 1,440 Watts
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 34 of 60
Features Support
IEEE 802.3af (up to 15.4W per port) Yes
IEEE 802.3at (up to 30W per port) Yes
IEEE 802.3at Layer 2 (LLDP) method Yes
IEEE 802.3at 2-event classication Yes
PoE timer/schedule (week, days, hours) Yes
Processor/Memory
Processor (CPU) - M4300-96X Integrated 1.4Ghz CPU in switching silicon
Processor (CPU) - all other models Integrated 800Mhz CPU in switching silicon
System memory (RAM) - M4300-96X 2 GB
System memory (RAM) - all other models 1 GB
Code storage (ash) - all other models 256 MB Dual rmware image
Packet Buffer Memory
M4300-96X 96 Mb
Dynamically shared across only used ports
M4300-24X24F, M4300-48X, M4300-48XF 56 Mb
M4300-12X12F, M4300-24X, M4300-24XF 32 Mb
All other models 16 Mb
Virtual Chassis Stacking
Max physical switches per stack 8 (any combination of M4300 switches)
Max physical ports per stack 384 x 1G ports or 768 x 10G ports or 192 x 40G ports or a combination
Mixed stacking between 1G models and 10G/40G models Yes
Mixed stacking table size Mixed stacking SDM template is used based on “least common denominator” set of capacities
Stacking ports (pre-conguration) No pre-congured stacking port: any 40G or 10G port (copper, ber) and
any media type (RJ45, SFP+, DAC) can be used for stacking
Stacking ports (max number) 1G models: up to 4 ports per switch 10G models: up to 16 ports per switch
Vertical and horizontal stacking topologies Chain, single ring, dual ring, mesh, spine and leaf
Distant stacking using ber Yes
Non-stop forwarding (NSF) Yes
Hitless management unit failover and failback Yes, no service interruption across the stack
Automatic unit replacement (AUR) Yes
Distributed Link Aggregation (LAGs across the stack) Yes
Stack with previous M5300, M7100, M7300 versions Not supported
Performance Summary
Switching fabric
M4300-8X8F, M4300-16X 320 Gbps
Line-rate (non blocking fabric)
M4300-12X12F, M4300-24X, M4300-24XF 480 Gbps
M4300-24X24F, M4300-48X, M4300-48XF 960 Gbps
M4300-96X 1.920 Tbps
M4300-28G, M4300-28G-PoE+ 128 Gbps
M4300-52G, M4300-52G-PoE+ 176 Gbps
Throughput
M4300-8X8F, M4300-16X 238 Mpps
M4300-12X12F, M4300-24X, M4300-24XF 357 Mpps
M4300-24X24F, M4300-48X, M4300-48XF 714 Mpps
M4300-96X 2,857 Mpps
M4300-28G, M4300-28G-PoE+ 95.2 Mpps
M4300-52G, M4300-52G-PoE+ 130.9 Mpps
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 35 of 60
Latency - 10G Fiber 64-byte frames 512-byte frames 1024-byte frames 1518-byte frames
M4300-8X8F 0.889µs 0.874µs 0.876µs 0.87µs
M4300-16X - - - -
M4300-12X12F 1.189µs 1.313µs 1.373µs 1.309µs
M4300-24X 1.827µs 1.919µs 1.971µs 1.905µs
M4300-24XF 1.323µs 1.432µs 1.489µs 1.421µs
M4300-24X24F 0.879µs 0.889µs 0.89µs 0.88µs
M4300-48X 1.508µs 1.516µs 1.516µs 1.523µs
M4300-48XF 0.9µs 0.907µs 0.91µs 0.898µs
M4300-96X 0.75µs 1.170µs 1.603µs 1.970µs
M4300-28G, M4300-28G-PoE+ 1.961µs 1.952µs 1.941µs 1.95µs
M4300-52G, M4300-52G-PoE+ 1.24µs 1.225µs 1.232µs 1.196µs
Latency - 10G Copper 64-byte frames 512-byte frames 1024-byte frames 1518-byte frames
M4300-8X8F 2.432µs 2.421µs 2.421µs 2.414µs
M4300-16X 2.470µs 2.460µs 2.458µs 2.453µs
M4300-12X12F 2.755µs 2.879µs 2.938µs 2.876µs
M4300-24X 2.728µs 2.85µs 2.904µs 2.841µs
M4300-24XF 2.722µs 2.844µs 2.895µs 2.84µs
M4300-24X24F 2.387µs 2.407µs 2.415µs 2.402µs
M4300-48X 2.409µs 2.425µs 2.43µs 2.432µs
M4300-48XF 1.245µs 1.247µs 1.287µs 1.265µs
M4300-96X 1.491µs 1.921µs 2.354µs 2.722µs
M4300-28G, M4300-28G-PoE+ 2.74µs 2.71µs 2.732µs 2.706µs
M4300-52G, M4300-52G-PoE+ 2.71µs 2.7µs 2.692µs 2.676µs
Latency - 1G Fiber 64-byte frames 512-byte frames 1024-byte frames 1518-byte frames
M4300-8X8F 2.622µs 2.543µs 2.538µs 2.557µs
M4300-16X - - - -
M4300-12X12F 2.741µs 2.875µs 2.901µs 2.853µs
M4300-24X 2.289µs 2.393µs 2.423µs 2.379µs
M4300-24XF 2.333µs 2.403µs 2.427µs 2.383µs
M4300-24X24F 2.752µs 2.767µs 2.784µs 2.752µs
M4300-48X 2.285µs 2.39µs 2.426µs 2.379µs
M4300-48XF 2.153µs 2.162µs 2.176µs 2.165µs
M4300-96X TBD TBD TBD TBD
M4300-28G, M4300-28G-PoE+ 1.908µs 1.914µs 1.918µs 1.936µs
M4300-52G, M4300-52G-PoE+ 1.618µs 1.594µs 1.578µs 1.576µs
Latency - 1G Copper 64-byte frames 512-byte frames 1024-byte frames 1518-byte frames
M4300-8X8F 2.572µs 2.564µs 2.592µs 2.589µs
M4300-16X 4.479µs 4.309µs 4.298µs 4.432µs
M4300-12X12F 2.751µs 2.848µs 2.941µs 2.868µs
M4300-24X 2.707µs 2.821µs 2.866µs 2.826µs
M4300-24XF 3.805µs 3.774µs 3.822µs 3.795µs
M4300-24X24F 2.772µs 2.79µs 2.814µs 2.784µs
M4300-48X 2.702µs 2.714µs 2.73µs 2.709µs
M4300-48XF 2.83µs 2.82µs 2.822µs 2.802µs
M4300-96X TBD TBD TBD TBD
M4300-28G, M4300-28G-PoE+ 3.745µs 3.756µs 3.746µs 3.762µs
M4300-52G, M4300-52G-PoE+ 2.688µs 2.644µs 2.648µs 2.666µs
Green Ethernet
Energy Efcient Ethernet (EEE) Compliant with IEEE 802.3az Energy Efcient Ethernet Task Force Deactivated by default
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 36 of 60
Other Metrics
Forwarding mode Store-and-forward
Addressing 48-bit MAC address
Address database size (M4300-96X)
(M4300-24X24F, M4300-48X, M4300-48XF)
(all other models)
256K MAC addresses
128K MAC addresses
16K MAC addresses
Number of VLANs 4,093 VLANs (802.1Q) simultaneously - standalone mode
4,093 VLANs - stack mode (except when mixed stacks of M4300-96X with other models - 1,024 VLANs only)
Number of multicast groups ltered (IGMP) 4K total (2,048 IPv4 and 2,048 IPv6)
Number of Link Aggregation Groups (LAGs) 128 LAGs with up to 8 ports per group 802.3ad / 802.1AX-2008
Number of hardware queues for QoS (Standalone) 8 queues
Number of hardware queues for QoS (Stack) 7 queues
Number of routes (M4300-24X24F, -48X, -48XF, -96X)
IPv4
IPv6
(all other models)
IPv4
IPv6
12,288 IPv4 Unicast Routes in IPv4 Routing Default SDM
Template
4,096 IPv6 Unicast Routes in Dual IPv4 and IPv6 SDM
Template
512 IPv4 Unicast Routes in IPv4 Routing Default SDM
Template
256 IPv6 Multicast Routes in Dual IPv4 and IPv6 SDM
Template
SDM (System Data Management, or switch
database) templates allow for granular system
resources distribution depending on IPv4 or
IPv6 applications
Number of static routes
IPv4
IPv6
64
64
RIP application route scaling
IPv4 512
OSPF application route scaling
(M4300-24X24F, -48X, -48XF, -96X)
IPv4
IPv6
(all other models)
IPv4
IPv6
12,288
4,096
512
256
Number of IP interfaces (port or VLAN) 128
Jumbo frame support up to 9KB packet size
Acoustic noise (ANSI-S10.12) @ 25°C ambient (77°F)
M4300-8X8F 36.9 dB
Fan speed control
M4300-16X (XSM4316PA version, APS299W PSU) 36 dB
M4300-16X (XSM4316PB version, APS600W PSU) 35 dB
M4300-12X12F 36.9 dB
M4300-24X 37dB
M4300-24XF 39.7 dB
M4300-24X24F 35.8 dB
M4300-48X 40.3dB
M4300-48XF 42.4 dB
M4300-96X 35.8dB (no PoE); 66.8dB (max PoE)
M4300-28G 30.3 dB
M4300-28G-PoE+ 39.8 dB
M4300-52G 31.5 dB
M4300-52G-PoE+ 39.8 dB
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 37 of 60
Heat Dissipation (BTU) 1 PSU 2 PSUs in RPS mode 2 PSUs in EPS mode 2 PSUs in EPS mode
with external RPS
M4300-8X8F 185.77 BTU/hr - - -
M4300-16X (APS199W, without PoE) 186 BTU/hr - - -
M4300-16X (APS199W PSU, with max PoE 199W) 1,053.43 BTU/hr - - -
M4300-16X (APS600W PSU, with max PoE 500W) 2,081.64 BTU/hr - - -
M4300-12X12F 367.75 BTU/hr - - -
M4300-24X 473.9 BTU/hr - - -
M4300-24XF 330.6 BTU/hr - - -
M4300-24X24F 610.39 BTU/hr 610.39 BTU/hr - -
M4300-48X 899.9 BTU/hr 899.9 BTU/hr - -
M4300-48XF 577.8 BTU/hr - - -
M4300-96X (without PoE) 2145.82 BTU/hr 2145.82 BTU/hr -
M4300-96X (with max PoE: 1,440W) - - 7,605.15 BTU/hr -
M4300-28G 117.78 BTU/hr 117.78 BTU/hr - -
M4300-28G-PoE+ (GSM4328PA version 550W PSU) 1,969.88 BTU/hr 1,963.05 BTU/hr 2,720.96 BTU/hr -
M4300-28G-PoE+ (GSM4328PB version 1,000W PSU) 2,844.55 BTU/hr 2,842.15 BTU/hr 2,844.55 BTU/hr -
M4300-52G 161.82 BTU/hr 161.82 BTU/hr - -
M4300-52G-PoE+ (GSM4352PA version 550W PSU) 2,079.13 BTU/hr 2,085.95 BTU/hr 2,953.11 BTU/hr 3,123.81 BTU/hr
M4300-52G-PoE+ (GSM4352PB version 1,000W PSU) 3,031.63 BTU/hr 3,079.43 BTU/hr 5,411.19 BTU/hr 5,650.17 BTU/hr
Mean Time Between Failures (MTBF) @ 25°C ambient (77°F) @ 50°C ambient (131°F)
M4300-8X8F 196,120 hours (~22.4 years) 123,644 hours (~14.1 years)
M4300-16X 690,301 hours (~78.8 years) 207,500 hours (~23.7 years)
M4300-12X12F 192,898 hours (~22 years) 121,331 hours (~13.9 years)
M4300-24X 247,437 hours (~28.2 years) 153,855 hours (~17.5 years)
M4300-24XF 968,447 hours (~110.6 years) 159,042 hours (~18.2 years)
M4300-24X24F 133,176 hours (~15.2 years) 111,734 hours (~12.8 years)
M4300-96X 519,784 hours (~59.3 years) 196,635 hours (~22.4 years)
M4300-48X 249,393 hours (28.4 years) 154,220 hours (17.6 years)
M4300-48XF 657,392 hours (~75 years) 10,2690 hours (~11.7 years)
M4300-28G 1,328,968 hours (~151.7 years) 444,117 hours (~50.7 years)
M4300-28G-PoE+ 1,189,685 hours (~135.8 years) 491,811 hours (~56.1 years)
M4300-52G 578,472 hours (~66 years) 301,524 hours (~34.4 years)
M4300-52G-PoE+ 673,207 hours (~76.9 years) 247,969 hours (~28.3 years)
L2 Services - VLANs
IEEE 802.1Q VLAN Tagging 802.1Q-1998 Up to 4,093 VLANs - 802.1Q Tagging
Protocol Based VLANs
IP subnet
ARP
IPX
Yes
Yes
Yes
Yes
Subnet based VLANs Yes
MAC based VLANs Yes
Voice VLAN Yes Based on phones OUI bytes (internal database,
or user-maintained) or protocols (SIP, H323 and
SCCP)
Private Edge VLAN Yes
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 38 of 60
L2 Services - Availability
IEEE 802.3ad - LAGs
LACP
LACP automatically reverts to and from Static LAG
Static LAGs
Local Preference per LAG
Yes
Yes
Yes
Yes
Yes
Up to 128 LAGs and up to 8 ports per group
LAG Hashing Yes
LAG Member Port Flaps Tracking Yes
LAG Local Preference Yes Known unicast trafc egresses only out of
local blade LAG interfarce members
Distributed Link Aggregation Yes LAGs across the stack
Storm Control Yes
IEEE 802.3x (Full Duplex and ow control)
Per port Flow Control
Yes
Yes Asymmetric and Symmetric Flow Control
Priority Flow Control (PFC) Standardized by IEEE
802.1Qbb
M4300-12X12F, 24X, 24XF, 24X24F, 48X,
48XF and 96X only
Enables Flow Control per trafc class, full-
duplex, CLI
UDLD Support (Unidirectional Link Detection)
Normal-Mode
Aggressive-Mode
Yes
Yes
Yes
Link Dependency Yes Allow the link status of specied ports to be dependent on the link status of other ports
IEEE 802.1D Spanning Tree Protocol Yes
IEEE 802.1w Rapid Spanning Tree Yes
IEEE 802.1s Multiple Spanning Tree Yes
Per VLAN STP (PVSTP) with FastUplink and FastBackbone Yes (CLI only) PVST+ interoperability
Per VLAN Rapid STP (PVRSTP) Yes (CLI only) RPVST+ interoperability
STP Loop Guard Yes
STP Root Guard Yes
STP BPDU Guard Yes
STP BPDU Filtering Yes
STP BPDU Flooding Yes
Private VLAN Yes
IEEE 802.1x
Guest VLAN
RADIUS based VLAN assignment via .1x
RADIUS based Filter ID assignment via .1x
MAC-based .1x
Unauthenticated VLAN
Yes
Yes
Yes
Yes
Yes
Yes
802.1x-2004
IP phones and PCs can authenticate on the
same port but under different VLAN assignment
policies
Double VLAN Tagging
Enabling dvlan-tunnel makes interface
Global ethertype (TPID)
Interface ethertype (TPID)
Customer ID using PVID
Yes
Yes
Yes
Yes
Yes
GARP with GVRP/GMRP Yes Automatic registration for membership
in VLANs or in multicast groups
Multiple Registration Protocol (MRP) Yes Can replace GARP functionality
Multicast VLAN Registration Protocol (MVRP) Yes Can replace GARP functionality
MVR (Multicast VLAN registration) Yes
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 39 of 60
L2 Services - Multicast Filtering
IGMPv2 Snooping Support Yes
IGMPv3 Snooping Support Yes
NETGEAR IGMP Plus™ Enhanced Implementation Yes For automatic multicast across M4300/M4500 (Spine and Leaf) at Layer 2, removing the need for L3
PIM routing
MLDv1 Snooping Support Yes
MLDv2 Snooping Support Yes
Expedited Leave function Yes
Static L2 Multicast Filtering Yes
Enable IGMP / MLD Snooping per VLAN Yes
IGMPv1/v2 Snooping Querier, compatible v3 queries Yes
MLDv1 Snooping Querier Yes
IGMP Snooping
Enable IGMP Snooping per VLAN
Snooping Querier
Yes
Yes
MGMD Snooping
Control Packet Flooding
Flooding to mRouter Ports
Remove Flood-All-Unregistered Option
Yes
Yes
Yes
Multicast VLAN registration (MVR) Yes
L3 Services - Multicast Routing
IGMP Proxy Yes
MLD Proxy Yes
Any Source Multicast (ASM) Yes
Source Specic Multicast (SSM) Yes
Multicast streams routing between subnets, VLANs Yes
Multicast static routes (IPv4, IPv6) Yes
DVMRP (Distance Vector Multicast Routing Protocol) Yes
Neighbor discovery Yes
PIM-DM (Multicast Routing - dense mode) Yes
PIM-DM (IPv6) Yes
PIM-SM (Multicast Routing - sparse mode) Yes
PIM-SM (IPv6) Yes
PIM multi-hop RP support Yes
PIM Timer Accuracy Yes
PIM-SM Unhandled Events Yes
IPMC replication (hardware support) Yes
L3 Services - DHCP
DHCP IPv4 / DHCP IPv6 Client Yes
DHCP IPv4 / DHCP IPv6 Server (Stateless, Stateful) Yes
DHCP Snooping IPv4 / IPv6 Yes
BootP Relay IPv4 / IPv6 Yes
DHCP Relay IPv4 / IPv6 Yes
DHCP Relay Option 82 circuit-id and remote-id for VLANs Yes
Multiple Helper IPs Yes
Auto Install (DHCP options 66, 67, 150 and 55, 125) Yes
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 40 of 60
L3 Services - Routing
Static Routing / ECMP Static Routing
Multiple next hops to a given destination
Load sharing, Redundancy
Default routes
Static Reject routes
IPv4/IPv6
Yes
Yes
Yes
Yes
Port Based Routing Yes
VLAN Routing
802.3ad (LAG) for router ports
Yes
Yes
VRRP
Pingable VRRP interface
VRRP Route/Interface Tracking
IPv4
Yes
Yes
Loopback Interfaces Yes
Tunnel interfaces
Congured 6to4 tunnels
Automatic 6to4 tunnels
6to4 Border Router
IPv4 / IPv6
Yes
Yes
Yes
RIP
RIPv1/RIPv2
IPv4
Yes
Route Redistribution Yes
Enables the exchange of routing information
among different routing protocols operating
within a router
OSPF
OSPFv2 RFC 2328 including older RFC 1583 support
OSPFv3
OSPF Not-So-Stubby Area (NSSA) Option
Forwarding of OSPF Opaque LSAs
Passive interface feature
Static Area Range Costs feature
OSPF Equal Cost Multipath (ECMP)
Dynamically learned ECMP routes
Statically learned ECMP routes
OSPF Max Metric feature
Automatic Exiting of Stub Router Mode feature
Static Area Range Costs feature
OSPF LCA Pacing feature
OSPF Flood Blocking feature
OSPF Transit-Only Network Hiding
IPv4/IPv6
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
IP Multinetting Yes
ICMP throttling Yes
Router Discovery Protocol Yes
DNS Client IPv4/IPv6
IP Helper
Max IP Helper entries
Yes
512
IP Event Dampening IPv4/IPv6
Proxy ARP IPv4/IPv6
ICMP
ICMP redirect detection in hardware
IPv4/IPv6
Yes
Policy Based Routing (PBR)
Based on the size of the packet
Based on the Protocol of the payload (Protocol ID
eld)
Based on Source MAC address
Based on Source or Destination IP address
Based on VLAN tag
Based on Priority(802.1P priority)
IPv4/IPv6
Yes
Yes
Yes
Yes
Yes
Yes
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 41 of 60
Network Monitoring and Discovery Services
ISDP (Industry Standard Discovery Protocol) Yes Can interoperate with devices running CDP
802.1ab LLDP Yes
802.1ab LLDP - MED Yes
SNMP V1, V2, V3
RMON 1,2,3,9 Yes
sFlow Yes (IPv4 and IPv6 headers)
Security
Network Storm Protection, DoS
Broadcast, Unicast, Multicast DoS Protection
Denial of Service Protection (control plane)
Denial of Service Protection (data plane)
Yes
Yes
Yes
Switch CPU protection
Switch Trafc protection
DoS Attacks Protection SIPDIP
SMACDMAC
FIRSTFRAG
TCPFRAG
TCPFLAG
TCPPORT
UDPPORT
TCPFLAGSEQ
TCPOFFSET
TCPSYN
TCPSYNFIN
TCPFINURGPSH
L4PORT
ICMP
ICMPV4
ICMPV6
ICMPFRAG
PINGFLOOD
SYNACK
CPU Rate Limiting Yes Applied to IPv4 and IPv6 multicast packets with unknown L3 addresses when IP routing/
multicast enabled
ICMP throttling Yes Restrict ICMP, PING trafc for ICMP-based DoS attacks
Management
Management ACL (MACAL)
Max Rules
Yes
64
Protects management CPU access through
the LAN
Out of band Management Yes
In-band management can be shut down
entirely when out-of-band management
network
Radius accounting Yes RFC 2565 and RFC 2866
TACACS+ Yes
Malicious Code Detection Yes Software image les and Conguration les
with digital signatures
Network Trafc
Access Control Lists (ACLs) L2 / L3 / L4 MAC, IPv4, IPv6, TCP, UDP
Time-based ACLs Yes
Protocol-based ACLs Yes
ACL over VLANs Yes
Dynamic ACLs Yes
IEEE 802.1x Radius Port Access Authentication Yes
Up to 48 clients (802.1x) per port are sup-
ported, including the authentication of the
users domain
802.1x MAC Address Authentication Bypass (MAB) Yes
Supplemental authentication mechanism
for non-802.1x devices, based on their MAC
address only
Network Authentication Successive Tiering Yes
Dot1x-> MAP -> Captive Portal successive
authentication methods based on cong-
ured time-outs
Port Security Yes
IP Source Guard Yes IPv4 / IPv6
DHCP Snooping Yes IPv4 / IPv6
Dynamic ARP Inspection Yes IPv4 / IPv6
IPv6 RA Guard Stateless Mode Yes
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 42 of 60
MAC Filtering Yes
Port MAC Locking Yes
Private Edge VLAN Yes
A protected port doesn’t forward any trafc
(unicast, multicast, or broadcast) to any other
protected port - same switch
Private VLANs Yes
Scales Private Edge VLANs by providing
Layer 2 isolation between ports across
switches in same Layer 2 network
Quality of Service (QoS) - Summary
Access Lists
L2 MAC, L3 IP and L4 Port ACLs
Ingress
Egress
802.3ad (LAG) for ACL assignment
Binding ACLs to VLANs
ACL Logging
Support for IPv6 elds
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
DiffServ QoS
Edge Node applicability
Interior Node applicability
802.3ad (LAG) for service interface
Support for IPv6 elds
Ingress/Egress
Yes
Yes
Yes
Yes
Yes
Yes
IEEE 802.1p COS
802.3ad (LAG) for COS conguration
WRED (Weighted Decit Round Robin)
Strict Priority queue technology
Yes
Yes
Yes
Yes
Single Rate Policing
Committed Information Rate
Committed Burst Size
Excessive Burst Size
DiffServ feature applied to class maps
Yes (CLI only)
Yes
Yes
Yes
Yes
Auto-VoIP Yes, based on protocols (SIP, H323 and SCCP) or on OUI bytes (default database and user-based OUIs) in
the phone source MAC address
iSCSI Flow Acceleration
Dot1p Marking
IP DSCP Marking
Yes
Yes
Yes
QoS - ACL Feature Support
ACL Support (general, includes IP ACLs)
MAC ACL Support
IP Rule Match Fields:
Destination IP
Destination IPv6 IP
Destination L4 Port
Every Packet
IP DSCP
IP Precedence
IP TOS
Yes
Yes
Inbound/Outbound
Inbound/Outbound
Inbound/Outbound
Inbound/Outbound
Inbound/Outbound
Inbound/Outbound
Inbound/Outbound
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 43 of 60
Protocol
Source IP (for Mask support see below)
Source IPv6 IP
L3 IPv6 Flow Label
Source L4 Port
TCP Flag
Supports Masking
Inbound/Outbound
Inbound/Outbound
Inbound/Outbound
Inbound
Inbound/Outbound
Inbound/Outbound
Inbound/Outbound
MAC Rule Match Fields
COS
Destination MAC
Destination MAC Mask
Ethertype
Source MAC
Source MAC Mask
VLAN ID
Inbound/Outbound
Inbound/Outbound
Inbound/Outbound
Inbound/Outbound
Inbound/Outbound
Inbound/Outbound
Inbound/Outbound
Rules attributes
Assign Queue
Logging -- deny rules
Mirror (to supported interface types only)
Redirect (to supported interface types only)
Rate Limiting -- permit rules
Inbound
Inbound/Outbound
Inbound
Inbound
Inbound/Outbound
Interface
Inbound direction
Outbound direction
Supports LAG interfaces
Supports Control-plane interface
Multiple ACLs per interface, dir
Mixed-type ACLs per interface, dir
Mixed L2/IPv4 ACLs per interface, inbound
Mixed IPv4/IPv6 ACLs per interface, inbound
Mixed IPv4/IPv6 ACLs per interface, outbound
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
QoS - DiffServ Feature Support
DiffServ Supported
Class Type
All
Class Match Criteria
COS
COS2 (Secondary COS)
Destination IP (for Mask support see below)
Destination IPv6 IP
Destination L4 Port
Destination MAC (for Mask support see below)
Ethertype
Every Packet
IP DSCP
IP Precedence
IP TOS (for Mask support see below)
Protocol
Reference Class
Source IP (for Mask support see below)
Source IPv6 IP
L3 IPv6 Flow Label
Source L4 Port
Source MAC (for Mask support see below)
VLAN ID (Source VID)
VLAN ID2 (Secondary VLAN) (Source VID)
Supports Masking
Yes
Yes
Inbound/Outbound
Inbound
Inbound/Outbound
Inbound/Outbound
Inbound/Outbound
Inbound/Outbound
Inbound/Outbound
Inbound/Outbound
Inbound/Outbound
Inbound/Outbound
Inbound/Outbound
Inbound/Outbound
Inbound/Outbound
Inbound/Outbound
Inbound/Outbound
Inbound
Inbound/Outbound
Inbound/Outbound
Inbound/Outbound
Inbound/Outbound
Inbound/Outbound
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 44 of 60
Policy
Out Class Unrestricted Yes
Policy Attributes -- Inbound
Assign Queue
Drop
Mark COS
Mark COS-AS-COS2
Mark COS2 (Secondary COS)
Mark IP DSCP
Mark IP Precedence
Mirror (to supported interface types only)
Police Simple
Police Single-Rate
Police Two-Rate
Police Color Aware Mode
Redirect (to supported interface types only)
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Policy Attributes -- Outbound
Drop
Mark COS
Mark IP DSCP
Mark IP Precedence
Mirror (to supported interface types only)
Police Simple
Police Single-Rate
Police Two-Rate
Police Color Aware Mode
Redirect (to supported interface types only)
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Service Interface
Inbound Slot.Port congurable
Inbound 'All' Ports congurable
Outbound Slot.Port congurable
Outbound 'All' Ports congurable
Supports LAG interfaces
Mixed L2/IPv4 match criteria, inbound
Mixed IPv4/IPv6 match criteria, inbound
Mixed IPv4/IPv6 match criteria, outbound
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
PHB Support
EF
AF4x
AF3x
AF2x
AF1x
CS
Yes
Yes
Yes
Yes
Yes
Yes
Statistics -- Policy Instance
Offered
Discarded
packets
packets
QoS - COS Feature Support
COS Support
Supports LAG interfaces
Yes
Yes
COS Mapping Cong
Congurable per-interface
IP DSCP Mapping
Yes
Yes
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 45 of 60
COS Queue Cong
Queue Parms congurable per-interface
Drop Parms congurable per-interface
Interface Trafc Shaping (for whole egress interface)
Minimum Bandwidth
Weighted Decit Round Robin (WDRR) Support
Maximum Queue Weight
WRED Support
Yes
Yes
Yes
Yes
Yes
127
Yes
PTP - PTPv2 Feature Support
PTPv2 All M4300 models, except 48-port 10G models (M4300-24X24F, M4300-48X, M4300-48XF)
IEEE 1588 PTPv2 Section 10 and 11.5 Yes
Implementation Transparent Clock (TC) End-to-End implementation considering the residence time of PTPv2 packets from
ingress to egress
Limitations
Standalone mode, or Stack Master only. On M4300-52G and M4300-52G-PoE+ models, PTPv2 is
supported between port 1 and port 24, and between port 25 and port 48. PTPv1 packets are forwarded
but not processed (no PTPv1 support).
Method Residence time of the PPTPv2 packet at the egress port level
PTPv2 packet elds that are updated The "Sync & Delay_Req" eld of passing/egressing out PTPv2 packets is updated with the residence time
in the switch
PTPv2 packet elds that are NOT updated Other elds in PTPv2 packets ("Announce", "Delay_Resp", "Pdelay_Req" and "Pdelay_Resp") are not
updated
Functional Summary - IETF RFC Standards and IEEE Network Protocols
Core Management
RFC 854 — Telnet RFC 3414 — User-Based Security Model
RFC 855 — Telnet option specications RFC 3415 — View-based Access Control Model
RFC 1155 — SMI v1 RFC 3416 — Version 2 of SNMP Protocol Operations
RFC 1157 — SNMP RFC 3417 — Transport Mappings
RFC 1212 — Concise MIB denitions RFC 3418 — Management Information Base (MIB) for the Simple Network Management Protocol (SNMP)
RFC 1867 — HTML/2.0 forms with le upload extensions Congurable Management VLAN
RFC 1901 — Community-based SNMP v2 SSL 3.0 and TLS 1.2
– RFC 2246 — The TLS protocol, version 1.0
– RFC 2346 — AES cipher suites for Transport layer security
– RFC 2818 — HTTP over TLS SSH 2.0
RFC 1908 — Coexistence between SNMP v1 and SNMP v2
RFC 2068 — HTTP/1.1 protocol as updated by draft-ietf-http-v11-spec-rev-03
RFC 2271 — SNMP framework MIB
RFC 2295 — Transparent content negotiation – RFC 4253 — SSH transport layer protocol
– RFC 4252 — SSH authentication protocol
– RFC 4254 — SSH connection protocol
– RFC 4251 — SSH protocol architecture
– RFC 4716 — SECSH public key le format
– RFC 4419 — Dife-Hellman group exchange
for the SSH transport layer protocol
RFC 2296 — Remote variant selection; RSVA/1.0 state management cookies — draft-ietf-http-state-mgmt-05
RFC 2576 — Coexistence between SNMP v1, v2, and v3
RFC 2578 — SMI v2
RFC 2579 — Textual conventions for SMI v2
RFC 2580 — Conformance statements for SMI v2
RFC 3410 — Introduction and Applicability Statements for Internet Standard Management Framework
RFC 3411 — An Architecture for Describing SNMP Management Frameworks HTML 4.0 specication, December 1997
RFC 3412 — Message Processing & Dispatching
Java Script™ 1.3
RFC 3413 — SNMP Applications
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 46 of 60
Advanced Management
Industry-standard CLI with the following features:
– Scripting capability
– Command completion
– Context-sensitive help
Optional user password encryption
Multisession Telnet server
Auto Image Upgrade
Core Switching
IEEE 802.1AB — Link level discovery protocol IEEE 802.3ba — 40GbE (M4300-96X)
IEEE 802.1D — Spanning tree IEEE 802.3ad — Link aggregation
IEEE 802.1p — Ethernet priority with user provisioning
and mapping IEEE 802.3ae — 10 GbE
IEEE 802.1Q — Virtual LANs w/ port-based VLANs IEEE 802.3af — Power over Ethernet
IEEE 802.1S — Multiple spanning tree compatibility IEEE 802.3at — Power over Ethernet Plus
IEEE 802.1v — Protocol-based VLANs IEEE 802.3x — Flow control
IEEE 802.1W — Rapid spanning tree ANSI/TIA-1057 — LLDP-MED
iEEE 802.1AB — LLDP GARP — Generic Attribute Registration Protocol: clause 12, 802.1D-2004
IEEE 802.1X — Port-based authentication GMRP — Dynamic L2 multicast registration: clause 10, 802.1D-2004
IEEE 802.3 — 10Base-T GVRP — Dynamic VLAN registration: clause 11.2, 802.1Q-2003
IEEE 802.3u — 100Base-T RFC 4541 — IGMP snooping and MLD snooping
IEEE 802.3bz-2016 — 2.5G and 5GBASE-T (M4300-96X) RFC 5171 — UniDirectional Link Detection (UDLD) Protocol
Additional Layer 2 Functionality
Broadcast storm recovery IGMP and MLD snooping querier
Double VLAN/VMAN tagging Port MAC locking
DHCP Snooping MAC-based VLANs
Dynamic ARP inspection IP source guard
Independent VLAN Learning (IVL) support IP subnet-based VLANs
IPv6 classication APIs Voice VLANs
Jumbo Ethernet frames Protected ports
Port mirroring IGMP snooping
Static MAC ltering Green Ethernet power savings mode
System Facilities
Event and error logging facility RFC 2030 — Simple Network Time Protocol (SNTP) V4 for IPv4, IPv6, and OSI
Runtime and conguration download capability RFC 2131 — DHCP Client/Server
PING utility RFC 2132 — DHCP options and BOOTP vendor extensions
XMODEM RFC 2865 — RADIUS client
RFC 768 — UDP RFC 2866 — RADIUS accounting
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 47 of 60
RFC 783 — TFTP RFC 2868 — RADIUS attributes for tunnel protocol support
RFC 791 — IP RFC 2869 — RADIUS extensions
RFC 792 — ICMP RFC 28869bis — RADIUS support for Extensible Authentication Protocol (EAP)
RFC 793 — TCP RFC 5176 — RADIUS Change of Auth
RFC 826 — ARP RFC 3164 — The BSD syslog protocol with RFC 5424 update
RFC 951 — BOOTP RFC 3580 — 802.1X RADIUS usage guidelines
RFC 1321 — Message digest algorithm Power Source Equipment (PSE) IEEE 802.af Powered Ethernet (DTE Power via MDI) standard
RFC 1534 — Interoperability between BOOTP and DHCP
Core Routing
RFC 826 — Ethernet ARP RFC 2328 — OSPFv2
RFC 894 — Transmission of IP datagrams over Ethernet
networks RFC 2385—Protection of BGP Sessions via the TCP MD5 Signature Option
RFC 896 — Congestion control in IP/TCP networks RFC 2453 — RIP v2
RFC 1027 — Using ARP to implement transparent subnet
gateways (Proxy ARP) RFC 3021 — Using 31-Bit Prexes on Point-to-Point Links
RFC 1256 — ICMP router discovery messages RFC 3046 — DHCP/BOOTP relay
RFC 1321 — Message digest algorithm RFC 3101 — The OSPF “Not So Stubby Area” (NSSA) option
RFC 1519 — CIDR RFC 3768 — Virtual Router Redundancy Protocol (VRRP)
RFC 1765 — OSPF database overow RFC 3623—Graceful OSPF Restart
RFC 1812 — Requirements for IPv4 routers Route redistribution across RIP, BGP, and OSPF
RFC 2082 — RIP-2 MD5 authentication
VLAN routing
RFC 2131 — DHCP relay
Quality of Service - DiffServ
RFC 2474 — Denition of the differentiated services eld
(DS Field) in IPv4/IPv6 headers RFC 2697 — A Single Rate Three Color Marker
RFC 2475 — An architecture for differentiated services RFC 3246 — An expedited forwarding PHB (Per-Hop Behavior)
RFC 2597 — Assured forwarding PHB group RFC 3260 — New terminology and clarications for DiffServ
Quality of Service - Access Control Lists (ACLs)
Permit/deny actions for inbound or outbound IP trafc
classication based on:
– Type of service (ToS) or differentiated services (DS)
DSCP eld
– Source IP address
– Destination IP address
– TCP/UDP source port
– TCP/UDP destination port
– IPv6 ow label
– IP protocol number
Permit/deny actions for inbound or outbound Layer 2 trafc classication based on:
– Source MAC address
– Destination MAC address
– EtherType
– VLAN identier value or range (outer and/or inner VLAN tag)
– 802.1p user priority (outer and/or inner VLAN tag)
Optional rule attributes:
– Assign matching trafc ow to a specic queue
– Redirect or mirror (ow-based mirroring) matching trafc ow to a specic port
– Generate trap log entries containing rule hit counts
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 48 of 60
Quality of Service - Class of Service (CoS)
Direct user conguration of the following:
– IP DSCP to trafc class mapping
– IP precedence to trafc class mapping
– Interface trust mode: 802.1p, IP Precedence, IP DSCP,
or untrusted
– Interface trafc shaping rate
– Minimum and maximum bandwidth per queue
– Strict priority versus weighted (WRR/WDRR/WFQ)
scheduling per queue
– Tail drop versus Weighted Random Early Detection
(WRED) queue depth management
Auto VoIP
Core Multicast
RFC 1112 — Host extensions for IP multicasting RFC3973 — PIM-DM
RFC 2236 — IGMP v2 RFC4601 — PIM-SM
RFC 2710 — MLDv1 Draft-ietf-idmr-dvmrp-v3-10 — DVMRP
RFC 2365 — Administratively scoped boundaries Draft-ietf-magma-igmp-proxy-06.txt — IGMP/MLD-based multicast forwarding (IGMP/MLD proxying)
RFC 3376 — IGMPv3 Draft-ietf-magma-igmpv3-and-routing-05.txt — IGMPv3 and multicast routing protocol interaction
RFC3810 — MLDv2 Static RP conguration
Core IPv6 Routing
RFC 1981 — Path MTU for IPv6 RFC 3513 — Addressing architecture for IPv6
RFC 2373 — IPv6 addressing RFC 3542 — Advanced sockets API for IPv6
RFC 2460 — IPv6 protocol specication RFC 3587 — IPv6 global unicast address format
RFC 2461 — Neighbor discovery RFC 3736 — Stateless DHCPv6
RFC 2462 — Stateless autoconguration RFC 4213 — Basic transition mechanisms for IPv6
RFC 2464 — IPv6 over Ethernet RFC 4291 — Addressing architecture for IPv6
RFC 2711 — IPv6 router alert RFC 4443 — Internet Control Message Protocol (ICMPv6) for the IPv6 Specication
RFC 3056—Connection of IPv6 Domains via IPv4 Clouds RFC 5340—OSPF for IPv6
RFC 3315 —Dynamic Host Conguration Protocol for IPv6
(DHCPv6) RFC 5187 —OSPFv3 Graceful Restart
RFC 3484 — Default address selection for IPv6 RFC 6164 — Using 127-Bit IPv6 Prexes on Inter-Router Links
RFC 3493 — Basic socket interface for IPv6 RFC 6583 — Operational Neighbor Discovery Problems
Supported MIBs
Base Package MIBs MIBs can be dowloaded here: http://www.netgear.com/support/product/M4300-8X8F?cid=#download
ANSI/TIA-1057 — LLDP-EXT-MED-MIB RFC 2674 — Q-BRIDGE-MIB
DIFFSERV DSCP TC (Draft — no RFC) RFC 2677 — IANA Address Family Numbers MIB
DNS-RESOLVER-MIB (IETF DNS Working Group) RFC 2819 — RMON MIB
DNS-SERVER-MIB (IETF DNS Working Group) RFC 2925 — DISMAN-PING-MIB and DISMAN-TRACEROUTE-MIB
GreenEthernet Private MIB RFC 3273 — RMON MIB for High Capacity Networks
IANA-ADDRESS-FAMILY-NUMBERS-MIB (IANA (3/2002) RFC 3411 — SNMP Management Frameworks MIB
IEEE 802.1AB-2004 — LLDP MIB RFC 3411 — SNMP-FRAMEWORK-MIB
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 49 of 60
IEEE 802.1AB-2005 — LLDP-EXT-DOT3-MIB RFC 3412 — SNMP-MPD-MIB
POWER ETHERNET MIB (Draft — no RFC) RFC 3413 — SNMP-NOTIFICATION-MIB
RFC 1155 — SMI-MIB RFC 3413 — SNMP-PROXY-MIB (initial revision published as RFC 2273)
RFC 1450 — SNMPV2-MIB RFC 3413 — SNMP-TARGET-MIB (initial revision published as RFC 2273)
RFC 2273 — SNMP Notication MIB, SNMP Target MIB RFC 3414 — User-based Security Model for SNMPv3 MIB
RFC 2392 — IANA RTPROTO-MIB RFC 3415 — View-based Access Control Model for SNMP MIB
RFC 2572 — SNMP Message Processing and Dispatching
MIB RFC 3417 — SNMPV2-TM
RFC 2574 — User-based Security Model for SNMPv3 MIB RFC 3418 — SNMPv2 MIB
RFC 2575 — View-based Access Control Model for SNMP
MIB RFC 3434 — RMON MIB Extensions for High Capacity Alarms
RFC 2576 — SNMP Community MIB RFC 3584 — SNMP Community MIB
RFC 2578 — SNMPV2-SMI RFC 3621 — POWER-ETHERNET-MIB
RFC 2579 — SNMPV2-TC SNMP-RESEARCH-MIB— SNMP research MIB denitions
RFC 2580— SNMPV2-CONF SR-AGENT-INFO-MIB— SNMP research MIB denitions
RFC 2613 — SMON-MIB USM-TARGET-TAG-MIB — SNMP research MIB denitions
Switching Package MIBs
RFC 1213 — MIB-II RFC 2011 — SNMPv2 Management Information Base
ANSI/TIA 1057 — LLDP-MED MIB RFC 2213 — Integrated Services MIB
FASTPATH Enterprise MIBs supporting switching features RFC 2233 — IF-MIB
FASTPATH-MMRP-MIB — MMRP private MIB for IEEE
802.1Q devices RFC 2233 — The Interfaces Group MIB using SMI v2
FASTPATH-MSRP-MIB — MSRP private MIB for IEEE
802.1Q devices RFC 2674 — VLAN and Ethernet Priority MIB (P-Bridge MIB)
FASTPATH-MVRP-MIB — MVRP private MIB for IEEE
802.1Q devices RFC 2737 — Entity MIB (Version 2)
IANAifType-MIB — IANAifType Textual Convention RFC 2819 — RMON Groups 1,2,3, & 9
IEEE 802.1AB — LLDP MIB RFC 2863 — Interfaces Group MIB
IEEE 802.3AD MIB (IEEE8021-AD-MIB) RFC 3291 — INET Address MIB
IEEE Draft P802.1AS/D7.0 (IEEE8021-AS-MIB) RFC 3291 — Textual Conventions for Internet Network Addresses
IEEE LAG-MIB — Link Aggregation module for managing
IEEE 802.3ad RFC 3621 — Power Ethernet MIB
LLDP-EXT-DOT3-MIB (part of IEEE Std 802.1AB) RFC 3635 — Etherlike MIB
LLDP-MIB (part of IEEE Std 802.1AB) RFC 3636 — IEEE 802.3 Medium Attachment Units (MAUs) MIB
Private MIB for 802.1Qat, 802.1Qav Conguration RFC 4022 — Management Information Base for the Transmission Control Protocol (TCP)
RFC 1493 — Bridge MIB RFC 4113 — Management Information Base for the User Datagram Protocol (UDP)
RFC 1643 — Denitions of managed objects for the
Ethernet-like interface types RFC 4444 — IS-IS MIB
Routing Package MIBs
FASTPATH Enterprise MIBs supporting routing features RFC 2096 — IP Forwarding Table MIB
IANA-Address-Family-Numbers-MIB RFC 2668 — IEEE 802.3 Medium Attachment Units (MAUs) MIB
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 50 of 60
RFC 1724 — RIP v2 MIB Extension
RFC 2787 — VRRP MIB
RFC 1850 — OSPF MIB
IPv6 Management MIBs
RFC 3419 — TRANSPORT-ADDRESS-MIB
IPv6-MIB (draft)
IPv6-ICMP-MIB (draft)
IPv6 Routing MIBs
RFC 2465 — IPv6 MIB RFC 2466 — ICMPv6 MIB
QoS Package MIB
RFC 3289 — DIFFSERV-MIB & DIFFSERV-DCSP-TC MIBs Private MIBs for full conguration of DiffServ, ACL, and CoS functionality
Security MIB
RFC 2618 — RADIUS Authentication Client MIB IEEE8021-PAE-MIB — The Port Access Entity module for managing IEEE 802.1X
RFC 2620 — RADIUS Accounting MIB IEEE 802.1X MIB (IEEE 8021-PAE-MIB 2004 Revision)
Multicast Package MIBs
RFC 2932 — IPv4 Multicast Routing MIB (for DVMRPv4
and PIMDMv4) draft-ietf-idmr-dvmrp-mib-11.txt — DVMRP MIB
RFC 5060 — PIM-SM and PIM-DM MIB for IPv4 and IPv6 draft-ietf-magma-mgmd-mib-05.txt — Multicast Group Membership Discovery MIB (both IGMP and MLD)
RFC 5240 — BSR Protocol MIB FASTPATH Enterprise MIBs supporting multicast features
Management
Password management Yes
Congurable Management VLAN Yes
Out-of-band Management Yes
In-band management can be shut down using
Management ACLs when separate management
network
Auto Install
(BOOTP and DHCP options 66, 67, 150 and 55, 125) Yes Scalable deployment process (rmware, cong)
Admin access control via Radius and TACACS+ Yes Policies, Enable
Industry standard CLI (IS-CLI) Yes Command Line interface
CLI commands logged to a Syslog server Yes
Web-based graphical user interface (GUI) Yes Fully functional GUI (exceptions are noted below:)
Features without Web GUI support
PFC (Priority Flow Control)
PV(R)STP
Authorization List
Control Plane ACL
UDLD
Policy Based Routing
LLPF
QoS Policy for Single Rate
DHCPv6 Snooping
IPv6 DHCP Relay
eMail Alerting
MMRP
CLI only PFC only supported on M4300-12X12F, 24X, 24X24F, 48X and 96X
CLI only
CLI only
CLI only
CLI only
CLI only
CLI only
CLI only
CLI only
CLI only
CLI only
CLI only
Telnet Yes
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 51 of 60
IPv6 management Yes
Dual Software (rmware) image Yes Allows non disruptive rmware upgrade process
Editable Conguration le Yes Text-based (CLI commands) conguration le
Non disruptive Cong Management Yes
With new startup conguration le, the switch
gracefully resolves any differences with the running
cong
IS-CLI Scripting Yes
Port descriptions Yes
SNTP client over UDP port 123 Yes Provides synchronized network timestamp either in
broadcast or unicast mode
XMODEM Yes
SNMP v1/v2 Yes
SNMP v3 with multiple IP addresses Yes
RMON 1,2,3,9
Max History entries
Max buckets per History entry
Max Alarm entries
Max Event entries
Max Log entries per Event entry
Yes
3 * (number of ports in the chassis + LAG + 10)
10
3 * (number of ports in the chassis + LAG + 10)
3 * (number of ports in the chassis + LAG + 10)
10
Port Mirroring
Number of monitor sessions
Tx/Rx
Many to One Port Mirroring
LAG supported as source ports
Max source ports in a session
Yes
1 (multiple sessions are congurable)
Yes
Yes
Yes
Total switch port count
Remote Port Mirroring (RSPAN) Yes
When a particular session is enabled, any trafc entering or leaving the source ports of that session is
copied (mirrored) onto a Remote Switched Port Analyzer (RSPAN) VLAN
Flow based mirroring Yes
Cable Test utility Yes CLI, Web GUI
Outbound Telnet Yes
SSHv2
SSH Session Conguration
Yes
Yes
Secure Shell version 2 (OpenSSH 7.5p1)
SSL v3 and TLS v1.2 for HTTPS web-based access Yes (Open SSL 1.0.2o)
2048-bit RSA key pairs Yes For SSLv3 and SSHv2
SHA2-256 and SHA2-512 cryptographic hash functions Yes For SSLv3 and SSHv2
File transfers (uploads, downloads) TFTP / HTTP
Secured protocols for le transfers SCP / SFTP / HTTPS
HTTP Max Sessions 16
SSL/HTTPS Max Sessions 16
HTTP Download (rmware) Yes
Email Alerting Yes (CLI only)
Syslog (RFC 3164) (RFC 5424) Yes, forwarding messages via UDP using the Syslog protocol to one or more collectors or relays
Persistent log supported Yes
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 52 of 60
User Admin Management
User ID conguration
Max number of congured users
Support multiple READWRITE Users
Max number of IAS users (internal user database)
Yes
6
Yes
100
Authentication login lists Yes
Authentication Enable lists Yes
Authentication HTTP lists Yes
Authentication HTTPS lists Yes
Authentication Dot1x lists Yes
Accounting Exec lists Yes
Accounting Commands lists Yes
Login History 50
M4300 series - Platform Constants
Maximum number of remote Telnet connections 5
Maximum number of remote SSH connections 5
Number of MAC Addresses 256K (M4300-96X) 128K (M4300-24X24F, M4300-48X, M4300-48XF) 16K (all other models)
Number of VLANs
4,093 VLANs (802.1Q) simultaneously - standalone mode
4,093 VLANs - stack mode (except when mixed stacks of M4300-96X with other models - 1,024 VLANs
only)
VLAN ID Range 1 - 4093
Number of 802.1p Trafc Classes 8 classes (standalone) 7 classes (stack)
IEEE 802.1x
Number of .1x clients per port 48
Number of LAGs 128 LAGs with up to 8 ports per group
Maximum multiple spanning tree instances (MSTP) 32
Maximum per VLAN spanning tree instances (PVST) 32
MAC based VLANS
Number supported
Yes
256
Number of network buffers 246
Number of log messages buffered 200
Static lter entries
Unicast MAC and source port
Multicast MAC and source port
Multicast MAC and destination port (only)
20
20
2,048
Subnet based VLANs
Number supported
Yes
128
Protocol Based VLANs
Max number of groups
Max protocols
Yes
128
16
Maximum Multicast MAC Addresses entries 2K
Jumbo Frame Support
Max Size Supported
Yes
9k
Number of IP Source Guard stations 379
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 53 of 60
Number of DHCP snooping bindings 32K
Number of DHCPv6 snooping bindings 32K
Number of DHCP snooping static entries 1024
LLDP-MED number of remote nodes
LLDP Remote Management address buffers
LLDP Unknown TLV address buffers
LLDP Organisationally Dened Large TLV buffers
LLDP Organisationally Dened Small TLV buffers
2 x Total stack port count
2 x Total stack port count
100
Total stack port count
12 x Total stack port count
Port MAC Locking
Dynamic addresses per port
Static addresses per port
Yes
4096
48
sFlow
Number of samplers
Number of pollers
Number of receivers
Total stack port count
Total stack port count
8
Radius
Max Authentication servers
Max Accounting servers
32
32
Number of Routes (v4/v6)
IPv4 only SDM build
IPv4/IPv6 SDM build
IPv4 routes
IPv6 routes
RIP application route scaling
OSPF application route scaling
12K (M4300-24X24F, -48X, -48XF, 96X) 512 (all other models) SDM (System Data Management, or switch
database)
8K (M4300-24X24F, -48X, -48XF, 96X) 512 (all other models)
4K (M4300-24X24F, -48X, -48XF, 96X) 256 (all other models)
512
12K (M4300-24X24F, -48X, -48XF, 96X) 512 (all other models)
Number of routing interfaces (including port/vlan) 128
Number of static routes (v4/v6) 64/64
OSPF
OSPFv2 max neighbors
OSPFv3 max neighbors
OSPFv3 max neighbors per interface
400
400
100
Tunnels
Number of congured v6-over-v4 tunnels
Number of automatic (6to4) tunnels
Number of 6to4 next hops
8
1
16
DHCP Server
Max number of pools
Total max leases
256
2K
DNS Client
Concurrent requests
Name server entries
Seach list entries
Static host entries
Cache entries
Domain search list entries
16
8
6
64
128
32
DHCPv6 Server
Max number of pools
DNS domain names within a pool
DNS server addresses within a pool
Delegated prex denitions within a pool
16
5
8
10
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 54 of 60
Number of Host Entries (ARP/NDP)
IPv4 only SDM build
IPv4/IPv6 SDM build (v4/v6)
Static v4 ARP Entries
8192 (M4300-24X24F, -48X, 96X) 888 (all other models) SDM (System Data Management, or switch
database) 6144 / 2560 (M4300-24X24F, -48X, 96X) 760 / 128 (all other models)
128
Number of ECMP Next Hops per Route 16 (M4300-24X24F, -48X, -48XF, 96X) 4 (all other models)
Number of ECMP groups 256 (M4300-24X24F, -48X, -48XF, 96X) 128 (all other models)
Total ECMP nexthops in Hardware 4,096 (M4300-24X24F, -48X, -48XF, 96X) 2,048 (all other models)
Maximum MFDB entries
Native SDM template
Mixed Stacking mode template
2K (M4300-24X24F, -48X, -48XF, 96X) 1K (all other models) SDM (System Data Management, or switch
database)
1K (M4300-24X24F, -48X, -48XF, 96X) 1K (all other models)
IGMPv3 / MLDv2 Snooping Limits
IGMPv3/MLDv2 HW entries when IP Multicast present 512/512 (M4300-24X24F, -48X, -48XF, 96X) 64/32 (all other models)
IP Multicast
Number of IPv4/IPv6 Multicast Forwarding Entries
IGMP Group Memberships per system
IPv4 Multicast routes (IPv4 only)
DVMRP Neighbors
PIM-DM Neighbors
PIM-SM Neighbors
PIM-SM Static RP Entries
PIM-SM Candidate RP Group Range Entries
PIM-SM SSM Range Entries
IGMP Sources processed per group per message
1,024/512 (M4300-24X24F, -48X, -48XF, 96X) 96/32 (all other models)
2K (IPv4) and 2K (IPv6)
1.5K (M4300-24X24F, -48X, -48XF, 96X) 128 (all other models)
256
256
256
5
20
5
73
ACL Limits
Maximum Number of ACLs (any type)
Maximum Number Congurable Rules per List
Maximum ACL Rules per Interface and Direction
Maximum ACL Rules per Interface and Direction (IPv6)
Maximum ACL Rules (system-wide)
Maximum ACL Logging Rules (system-wide)
100
1,023 ingress / 511 ingress
1,023 ingress / 511 ingress
893 ingress / 509 egress
16K
128
COS Device Characteristics
Congurable Queues per Port
Congurable Drop Precedence Levels
8 queues (standalone) 7 queues (stack)
3
DiffServ Device Limits
Number of Queues
Requires TLV to contain all policy instances combined
Max Rules per Class
Max Instances per Policy
Max Attributes per Instance
Max Service Interfaces
Max Table Entries
Class Table
Class Rule Table
Policy Table
Policy Instance Table
Policy Attribute Table
Max Nested Class Chain Rule Count
8 queues (standalone) 7 queues (stack)
Yes
13
28
3
116
32
416
64
1,792
5,376
26
AutoVoIP number of voice calls 20
iSCSI Flow Acceleration
Max Monitored TCP Ports/IP Addresses
Max Sessions
Max Connections
16
192
192
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 55 of 60
LEDs
Per port Speed, Link, Activity
Per device (half-width models) Power, Fan, Stack Master, Stack ID
Per device (full width models) Power 1, Power 2, Fan, Stack Master, Stack ID
Physical Specications
Dimensions
M4300-8X8F, -16X, -12X12F, -24X, -24XF
M4300-24X24F, M4300-48X, M4300-48X
M4300-96X
M4300-28G, M4300-28G-PoE+, M4300-52G
M4300-52G-PoE+
Width: 8.35 inches (21.2 cm) (half-width); Height: 1U - 1.73 inches (4.4 cm); Depth: 13.58 inches (34.5 cm)
Width: 17.32 inches (44 cm); Height: 1U - 1.73 inches (4.4 cm); Depth: 13.58 inches (34.5 cm)
Width: 17.32 inches (44 cm); Height: 2U - 3.47 inches (8.8 cm); Depth: 21.08 inches (53.5 cm)
Width: 17.32 inches (44 cm); Height: 1U - 1.73 inches (4.4 cm); Depth: 12.2 inches (31 cm)
Width: 17.32 inches (44 cm); Height: 1U - 1.73 inches (4.4 cm); Depth: 15.28 inches (38.8 cm)
Weight
M4300-8X8F
M4300-16X
M4300-12X12F
M4300-24X
M4300-24XF
M4300-24X24F
M4300-48X
M4300-48XF
M4300-96X (XSM4396K0 empty version)
M4300-96X (XSM4396K1 starter kit)
M4300-28G
M4300-28G-PoE+ (GSM4328PA version 550W PSU)
M4300-28G-PoE+ (GSM4328PB version 1,000W PSU)
M4300-52G
M4300-52G-PoE+ (GSM4352PA version 550W PSU)
M4300-52G-PoE+ (GSM4352PB version 1,000W PSU)
7.31 lb (3.32 kg)
7.11 lb (3.22 kg)
8.14 lb (3.69 kg)
9.12 lb (4.14 kg)
7.85 lb (3.56 kg)
13.48 lb (6.12 kg)
14.44 lb (6.55 kg)
12.92 lb (5.86 kg)
25.90 lb (11.76 kg) APM408C: 0.81 lb (0.37 kg) APM408F: 0.67 lb (0.30 kg)
35.86 lb (16.28 kg) APM408P: 0.95 lb (0.43 kg) APM402XL: 0.66 lb (0.30 kg)
9.94 lb (4.51 kg)
11.21 lb (5.09 kg)
11.47 lb (5.20 kg)
10.81 lb (4.91 kg)
14.44 lb (6.55 kg)
14.7 lb (6.67 kg)
Power Consumption
Worst case, all ports used, full PoE, line-rate trafc
M4300-8X8F
M4300-16X (APS199W, without PoE)
M4300-16X (APS199W PSU, with max PoE 199W)
M4300-16X (APS600W PSU, with max PoE 500W)
M4300-12X12F
M4300-24X
M4300-24XF
M4300-24X24F
M4300-48X
M4300-48XF
M4300-96X (without PoE)
M4300-96X (with max PoE: 1,440W)
M4300-28G
M4300-28G-PoE+ (GSM4328PA version 550W PSU)
M4300-28G-PoE+ (GSM4328PB version 1,000W PSU)
M4300-52G
M4300-52G-PoE+ (GSM4352PA version 550W PSU)
M4300-52G-PoE+ (GSM4352PB version 1,000W PSU)
49W max
49W max
308.7W max
610W max
97W max
125W max
87.2W max
161W max
237.2W max
152.4W max
566W max
2,006W max
34.5W max
577W (1 PSU); 575W (2 PSUs in RPS mode); 797W (2 PSUs in EPS share mode) max
833.2W (1 PSU); 832.5W (2 PSUs in RPS mode); 833.2W (2 PSUs in EPS share mode) max
47.4W max
609W (1 PSU); 611W (2 PSUs in RPS mode); 865W (2 PSUs in EPS share mode); 915W (2 PSUs in EPS
share mode with external RPS) max
888W (1 PSU); 902W (2 PSUs in RPS mode); 1,585W (2 PSUs in EPS share mode); 1,655W (2 PSUs in EPS
share mode with external RPS) max
Environmental Specications
Operating:
Temperature
Humidity
Altitude
32° to 122°F (0° to 50°C)
90% maximum relative humidity, non-condensing
10,000 ft (3,000 m) maximum
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 56 of 60
Storage:
Temperature
Humidity
Altitude
– 4° to 158°F (–20° to 70°C)
95% maximum relative humidity, non-condensing
10,000 ft (3,000 m) maximum
Electromagnetic Emissions and Immunity
Certications CE: EN 55032:2012+AC:2013/CISPR 32:2012, EN 61000-3-2:2014,
Class A, EN 61000-3-3:2013, EN 55024:2010
VCCI : VCCI-CISPR 32:2016, Class A
RCM: AS/NZS CISPR 32:2013 Class A
CCC: GB4943.1-2011; YD/T993-1998; GB/T9254-2008 (Class A)
FCC: 47 CFR FCC Part 15, Class A, ANSI C63.4:2014
ISED: ICES-003:2016 Issue 6, Class A, ANSI C63.4:2014
BSMI: CNS 13438 Class A
Safety
Certications CB report / certicate IEC 60950-1:2005 (ed.2)+A1:2009+A2:2013
UL listed (UL 1950)/cUL IEC 950/EN 60950
CE LVD: EN 60950-1: 2006 + A11:2009 + A1:2010 + A12:2011 + A2:2013
RCM (AS/NZS) 60950.1:2015
CCC (China Compulsory Certicate): GB4943.1-2011; YD/T993-1998; GB/T9254-2008 (Class A)
BSMI: CNS 14336-1
Package Content
All models Power cord(s)
RJ45 straight-through wiring serial console cable to DB9
Mini-USB console cable
Rubber caps for the SFP+ sockets
Rubber footpads for tabletop installation
Installation guide
Resource CD with a link to the following manuals and software:
- Software setup manual
- CLI manual
- Software administration guide
- Hardware installation guide
- The driver for use with The Mini-USB console cable
M4300-8X8F, M4300-12X12F, M4300-24X,
M4300-24XF
Half-width switch with one APS250W power supply unit
1-unit rack-mounting kit: one long bracket, one regular (short) bracket, and screws (for front posts)
2-unit rack-mounting kit: one pair of inside and outside middle mounts (for combining two half-width
M4300 switches)
M4300-16X (XSM4316PA version 199W PSU) Half-width switch with one APS199W power supply unit
Two regular (short) brackets and screws for two-post rack mount (for front posts)
M4300-16X (XSM4316PB version 600W PSU) Half-width switch with one APS600W power supply unit
Two regular (short) brackets and screws for two-post rack mount (for front posts)
M4300-24X24F, M4300-48X, M4300-48XF Full width switch with one APS250W power supply unit
Two regular (short) brackets and screws for two-post rack mount (for front posts)
M4300-96X (XSM4396K0 empty version) 2RU empty switch without power supply unit (to be purchased separately)
Two regular (short) brackets and screws for two-post rack mount (for front posts)
Rails and screws for four-post rack mount (for rear posts)
M4300-96X (XSM4396K1 starter kit) 2RU switch with one APS600W power supply unit and six APM408F units (8x1G/10GBASE-X SFP+ Port
Cards) in their packaging each
Two regular (short) brackets and screws for two-post rack mount (for front posts)
Rails and screws for four-post rack mount (for rear posts)
M4300-28G, M4300-52G Full width switch with one APS150W power supply unit
Two regular (short) brackets and screws for two-post rack mount (for front posts)
M4300-28G-PoE+ (GSM4328PA version 550W PSU)
M4300-52G-PoE+ (GSM4352PA version 550W PSU)
Full width switch with one APS550W power supply unit
Two regular (short) brackets and screws for two-post rack mount (for front posts)
M4300-28G-PoE+ (GSM4328PB version 1,000W PSU)
M4300-52G-PoE+ (GSM4352PB version 1,000W PSU)
Full width switch with one APS1000W power supply unit
Two regular (short) brackets and screws for two-post rack mount (for front posts)
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 57 of 60
Optional Modules and Accessories
APS150W
APS199W
APS250W
APS550W
APS600W
APS1000W
APS1200W
RPS4000
AGM731F
AGM732F
AGM734
AXC761
AXC763
AXC765
AXC767
AXC7610
AXC7615
AXC7620
AXLC761
AXLC763
AXM761
AXM761 (Pack of 10 units)
AXM762
AXM762 (Pack of 10 units)
AXM763
AXM764
AXM765
AXLM761
AXLM762
150W AC PSU for M4300-28G and M4300-52G
199W AC PSU for M4300-16X (non- or limited PoE applications)
250W AC PSU for M4300-8X8F, M4300-12X12F, M4300-24X, M4300-24X24F and M4300-48X
550W AC PSU for M4300-28G-PoE+ (GSM4328PA) and M4300-52G-PoE+ (GSM4352PA)
600W AC PSU for M4300-96X (preferred for non-PoE applications) and M4300-16X (PoE applications)
1,000W AC PSU for M4300-28G-PoE+ (GSM4328PB), M4300-52G-PoE+ (GSM4352PB) and RPS4000
1,200W AC PSU for M4300-96X (preferred for non-PoE applications)
External / Redundant Power Supply (up to four switches) for M4300-52G-PoE+
1000BASE-SX SFP GBIC (Multimode)
1000BASE-LX SFP GBIC (Single mode)
1000BASE-T RJ45 SFP GBIC
10GSFP+ Cu (passive) SFP+ to SFP+ Direct Attach Cable 1m
10GSFP+ Cu (passive) SFP+ to SFP+ Direct Attach Cable 3m
10GSFP+ Cu (active) SFP+ to SFP+ Direct Attach Cable 5m
10GSFP+ Cu (active) SFP+ to SFP+ Direct Attach Cable 7m
10GSFP+ Cu (active) SFP+ to SFP+ Direct Attach Cable 10m
10GSFP+ (Duplex Fiber Optic) SFP+ to SFP+ Direct Attach Cable 15m
10GSFP+ (Duplex Fiber Optic) SFP+ to SFP+ Direct Attach Cable 20m
40GBASE-CR4 (passive) QSFP+ to QSFP+ Direct Attach Cable 1m
40GBASE-CR4 (passive) QSFP+ to QSFP+ Direct Attach Cable 3m
10GBASE-SR SFP+ GBIC (OM3/OM4 Multimode)
10GBASE-SR SFP+ GBIC (OM3/OM4 Multimode)
10GBASE-LR SFP+ GBIC (Single mode)
10GBASE-LR SFP+ GBIC (Single mode)
10GBASE-LRM SFP+ GBIC (Long Reach Multimode for OM1/OM2, also compatible with OM3/OM4)
10GBASE-LR LITE SFP+ GBIC (Single mode)
10GBASE-T RJ45 SFP+ GBIC up to 30 meters on CAT6a or better
40GBASE-MR4 Duplex LC (one duplex OM3/OM4 Multimode link) 150m QSFP+ Transceiver
40GBASE-LR4 Duplex LC (one duplex Single Mode link) 10km QSFP+ Transceiver
APS150W-100NES/AJS
APS199W-100NES/AJS
APS250W-100NES/AJS
APS550W-100NES/AJS
APS600W-100NES/AJS
APS1000W-100NES/AJS
APS1200W-100NES/AJS
RPS4000-200NES/AJS
AGM731F
AGM732F
AGM734-10000S
AXC761-10000S
AXC763 -10000S
AXC765-10000S
AXC767 -10000S
AXC7610-10000S
AXC7615 -10000S
AXC7620 -10000S
AXLC761-10000S
AXLC763-10000S
AXM761-10000S
AXM761P10-10000S
AXM762-10000S
AXM762P10-10000S
AXM763-10000S
AXM764-10000S
AXM765-10000S
AXLM761-10000S
AXLM762-10000S
Warranty and Support
Limited Lifetime ProSAFE Hardware Warranty** Included, limited lifetime
90 days of Technical Support via phone and email* Included, 90 days after purchase
Lifetime Technical Support through online chat* Included, lifetime
Lifetime Next Business Day hardware replacement* Included, lifetime
ProSupport Service Packs
Installation contracts for: All models
PSB0304-10000S Remote Installation Setup and Conguration Service Contract
Supplemental support contracts for: M4300-8X8F and -16X M4300-28G M4300-28G-PoE+ M4300-52G M4300-52G-PoE+
PMB0313-10000S OnCall 24x7 1-year CAT 3
PMB0333-10000S OnCall 24x7 3-year CAT 3
PMB0353-10000S OnCall 24x7 5-year CAT 3
Supplemental support contracts for: M4300-12X12F M4300-24X and -24XF M4300-24X24F M4300-48X and -48XF M4300-96X
PMB0314-10000S OnCall 24x7 1-year CAT 4
PMB0334-10000S OnCall 24x7 3-year CAT 4
PMB0354-10000S OnCall 24x7 5-year CAT 4
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 58 of 60
Ordering Information
Ordering Information
M4300-8X8F
Americas, Europe
Asia Pacic
China
XSM4316S-100NES
XSM4316S-100AJS
XSM4316S-100PRS
M4300-16X with 199W PSU
Americas, Europe
Asia Pacic
China
XSM4316PA-100NES
XSM4316PA-100AJS
XSM4316PA-100PRS
M4300-16X with 600W PSU
Americas, Europe
Asia Pacic
China
XSM4316PB-100NES
XSM4316PB-100AJS
XSM4316PB-100PRS
M4300-12X12F
Americas, Europe
Asia Pacic
China
XSM4324S-100NES
XSM4324S-100AJS
XSM4324S-100PRS
M4300-24X
Americas, Europe
Asia Pacic
China
XSM4324CS-100NES
XSM4324CS-100AJS
XSM4324CS-100PRS
M4300-24XF
Americas, Europe
Asia Pacic
China
XSM4324FS-100NES
XSM4324FS-100AJS
XSM4324FS-100PRS
M4300-24X24F
Americas, Europe
Asia Pacic
China
XSM4348S-100NES
XSM4348S-100AJS
XSM4348S-100PRS
M4300-48X
Americas, Europe
Asia Pacic
China
XSM4348CS-100NES
XSM4348CS-100AJS
XSM4348CS-100PRS
M4300-48XF
Americas, Europe
Asia Pacic
China
XSM4348FS-100NES
XSM4348FS-100AJS
XSM4348FS-100PRS
M4300-96X
Worldwide (Empty Switch, No PSU)
Americas, Europe (Starter Kit 48xSFP+)
Asia Pacic (Starter Kit 48xSFP+)
Worldwide (10G Copper card)
Worldwide (10G Copper PoE+ card)
Worldwide (10G Fiber card)
Worldwide (40G Fiber card)
Americas, Europe (600W PSU)
Asia Pacic (600W PSU)
Americas, Europe (1,200W PSU)
Asia Pacic (1,200W PSU)
XSM4396K0-10000S
XSM4396K1-100NES
XSM4396K1-100AJS
APM408C-10000S
APM408P-10000S
APM408F-10000S
APM402XL-10000S
APS600W-100NES
APS600W-100AJS
APS1200W-100NES
APS1200W-100AJS
M4300-28G
Americas, Europe
Asia Pacic
China
GSM4328S-100NES
GSM4328S-100AJS
GSM4328S-100PRS
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 59 of 60
M4300-28G-PoE+ with 550W PSU
Americas, Europe
Asia Pacic
China
GSM4328PA-100NES
GSM4328PA-100AJS
GSM4328PA-100PRS
M4300-28G-PoE+ with 1,000W PSU
Americas, Europe
Asia Pacic
China
GSM4328PB-100NES
GSM4328PB-100AJS
GSM4328PB-100PRS
M4300-52G
Americas, Europe
Asia Pacic
China
GSM4352S-100NES
GSM4352S-100AJS
GSM4352S-100PRS
M4300-52G-PoE+ with 550W PSU
Americas, Europe
Asia Pacic
China
GSM4352PA-100NES
GSM4352PA-100AJS
GSM4352PA-100PRS
M4300-52G-PoE+ with 1,000W PSU
Americas, Europe
Asia Pacic
China
GSM4352PB-100NES
GSM4352PB-100AJS
GSM4352PB-100PRS
** This product comes with a limited warranty that is valid only if purchased from a NETGEAR authorized reseller, and covers unmodified hardware, fans and internal power
supplies – not software or external power supplies, and requires product registration at https://www.netgear.com/business/registration within 90 days of purchase; see
https://www.netgear.com/about/warranty for details. Intended for indoor use only.
NETGEAR, the NETGEAR Logo and ProSAFE are trademarks of NETGEAR, Inc. in the United States and/or other countries. Other brand names mentioned herein are for
identication purposes only and may be trademarks of their respective holder(s). Information is subject to change without notice. © 2020 NETGEAR, Inc. All rights reserved.
NETGEAR, Inc. 350 E. Plumeria Drive, San Jose, CA 95134-1911 USA, 1-888-NETGEAR (638-4327), E-mail: info@NETGEAR.com, www.NETGEAR.com
DS-M4300-6Jan20
Intelligent Edge Managed Switches
Data Sheet | M4300 series
PAGE 60 of 60