Beruflich Dokumente
Kultur Dokumente
50464928
1
Class Introductions
• Participant Introductions
– Name
– Location (city)/ Department
– How long with Reliance
– Work experience in Data?
• Expectations
2
MEN Course Road Map
• Fundamental of Data Communication
• MEN Part 1
– Layer 2 theory and labs
– Layer 3
• OSPF theory and labs
• Overview of BGP and MPLS
• Reliance MEN architecture
• MEN Part 2
– Layer 3
• BGP theory and labs
– MPLS theory and labs
– VPN theory and labs
– VPLS theory and labs
– Reliance
Network MEN architecture
Learning Centre
Proprietary & Confidential 3
3
Agenda
Day 1
Module 1
• VLAN
Module 2
• QinQ
Module 3
• Devices – Cisco & Huawei
Network Learning Centre 4
Proprietary & Confidential 4
Agenda
Day 2
• Exercises
– Basic Commands
– Clear the Configuration
– Telnet Configuration
– Management Vlan
– QinQ (optional)
Module 4
• STP
• RSTP
• MSTP
• Exercise
– MSTP
Module 5
• OSPF
• Exercises
– OSPF - 5 labs
Module 6
• BGP and MPLS Overview
Module 7
• MEN Architecture & Services
8
Course Name
Wireless Voice
Online Gaming
Wireless Data
High Speed
Streaming
Location &
Message
Presence
Message
Directory
Internet
Storage
Dial-up
Service
Video
Voice
Voice
VoIP
Data
FR
X.25
Core IP
IP / MPLS
ATM Network
PSTN SDH PDH
Cable
Access ADSL 3G
DSL FTTP/HFC Wireless
GSM/GPRS CDMA RAN
Ethernet
Star Topology
Star
Star topology and ring topology are two main networking modes of Ethernet
switches. Star topology is of poor reliability because it does not provide protection
path. Therefore, it does not satisfy the demands for carrier-class services, for
example, NGN service. Ring topology, is more popular since it solves the problem
of protection switch.
z Advantages: Mature
technology, good
interoperability, low cost, need
STP less fiber
z Disadvantages: Slow protection
switchover, complex protocol,
bad application experience
STP Based Ring
Spanning Tree Protocol (STP) is the most popular technology for Ethernet ring
networks. STP-based ring networks, however, have the following disadvantages:
The convergence speed is very low, usually in seconds, which does not satisfy the
demands of carrier-class services for the protection speed of 50ms.
Ring network technologies usually lead to increase of hop count, additional delay
and jitter, which do not satisfy the demands of NGN services. STP-based ring
technology does not consider measures to solve the problem of delay and jitter.
Stations on the ring share the bandwidth resource of the ring. Therefore,
competition for bandwidth resource exists certainly on the network. In this
condition, it is possible for the station farther to the convergence station to get less
bandwidth. Unfair utilization of resources like this makes it difficult to forecast the
bandwidth of the stations on the network and to guarantee the quality of services
(QoS).
Insert services of any station must be forwarded by all the stations on the ring.
Therefore, all the stations must have related configurations, such as configuration
of VLAN. Otherwise, services cannot be carried. In this case, addition of new
stations will impact the service at other stations, which makes it difficult to upgrade
the network and expand capacity of the network.
z High Availability
Switchover: <50ms Core
Service availability: 99.999% AN Metro (IP/MPLS)
Link Aggregation & node protection
E2E Protection
z Hard QoS
E2E SLA
z Scalability
No VLAN Limitation
Interface rate range from n Mbps to
N×10Gbps
z Service Management Metro
Fast provisioning, OAM
Unified management
Ethernet
z TDM
Seamless interoperation with legacy
TDM system
Legacy Leased Line
Network Learning Centre
Page13 13
Proprietary & Confidential 13
Ethernet in the metro can be deployed as an access interface to replace traditional T1/E1
TDM interfaces. Many data services are being deployed in the metro, including point-to-
point Ethernet Line Services and multipoint-to-multipoint Ethernet LAN services or Virtual
Private LAN services (VPLS) that extend the enterprise campus across geographically
dispersed backbones. Ethernet can run over many metro transport technologies, including
SONET/SDH, next-generation SONET/SDH, Resilient Packet Ring (RPR), and
wavelength-division multiplexing (WDM), as well as over pure Ethernet transport.
Ethernet, however, was not designed for metro applications and lacks the scalability and
reliability required for mass deployments. Deploying Ethernet in the metro requires the
scalability and robustness features that exist only in IP and Multiprotocol Label Switching
(MPLS)
control planes. As such, hybrid Layer 2 (L2) and Layer 3 (L3) IP and MPLS networks have
emerged as a solution that marries Ethernet's simplicity and cost effectiveness with the
scale of IP and MPLS networks. With many transport technologies deployed in the metro,
Ethernet
services have to be provisioned and monitored over a mix of data switches and optical
switches. It becomes essential to find a control plane that can span both data and optical
networks. MPLS has been extended to do this task via the use of the Generalized MPLS
(GMPLS) control plane,
which controls both data and optical switches. Understanding these topics and more will
help you master the metro space and its many intricacies.
VLAN
broadcast ……
Network
Page 15 Learning Centre 15
Proprietary & Confidential 15
The traditional network is a flat structure in which one LAN belongs to the
same collision domain. The broadcast messages sent by any host will be
received by other hosts in the same broadcast domain. Replacing the hub with
the bridge (layer 2 switch) in the networking greatly improves the efficiency
of the unicast message transmission in the network as well as the
performance of the layer 2 network. But the bridge will still make several
copies of the broadcast messages in transmitting the broadcast messages to
send them to each corner of the network. With the increase of the network
scale, there are more and more broadcast messages in the network, which will
occupy more and more network resources that will seriously influence the
network performance. This is called broadcast storm.
Due to limitation of the working principle at the layer 2 network of the
bridge, it can do nothing to the broadcast storm. In order to improve the
network efficiency, normally the network will be divided into segments:
dividing one big broadcast domain into several small broadcast domains.
15
Divide Broadcast Domain by Router
broadcast
……
Network
Page 16 Learning Centre 16
Proprietary & Confidential 16
In the past, the segmentation is made on the LAN through the routers. In
the figure above, we can replace the central node switch in the former figure
with the router to greatly diminish the transmitting range of the broadcast
message. This solution solves the broadcast storm problem. But the
segmentation by the routers is to separate the network physically. As a result,
the network planning is too complex and the networking mode is not flexible,
it will also increase the management and maintenance difficulty enormously.
As an alternative LAN segmentation method, the virtual local area network
has been introduced into the network solution to solve the problems occurring
in the large-scale layer 2 environment.
16
Divide Broadcast Domain by VLAN
Broadcast domain3
Broadcast domain1 VLAN 30
VLAN 10
Broadcast domain2
VLAN 20
Engineering Department
Network
Page 17 Learning Centre 17
Proprietary & Confidential 17
17
VLAN
18
Advantages of VLAN
Network
Page 19 Learning Centre 19
Proprietary & Confidential 19
The VLAN application has solved many problems occurred in the large-
scale layer 2 switching network:
Improve the bandwidth utilization rate: The VLAN can effectively solve
the performance declining problem caused by the broadcast storm;
Enhance the communication security: The message of one VLAN will
not be received by the hosts in other VLANs;
Strengthen the network robustness: When the network scale increases,
the failure in part of the network will influence the whole network. After
introducing the VLAN, some network failure can be limited within one;
As the VLAN makes the segmentation on the network logically, the flexible
networking solution and simple configuration management reduce the
management and maintenance cost.
19
Port Based VLAN
LAN Switch
VLAN Table
Port VLAN
Port 1Port 2Port 3 Port 4 Port 1 VLAN5
Port 2 VLAN10
Port 3 VLAN5
Port 4 VLAN10
Network
Page 20 Learning Centre 20
Proprietary & Confidential 20
20
Format of 802.1Q Frame
TCI
The four-byte 802.1q tag head contains 2-byte tag protocol identifier
(TPID) and two-byte tag control information (TCI).
TPID (Tag Protocol Identifier) is a new type defined by the IEEE,
indicating that the frame bears the 802. 1Q tag. The TPID contains a fixed
value 0x8100.
The TCI contains the frame control information including the following
elements:
Priority: Three bits indicate the frame priority with total 8 priority levels
ranging 0-7. The IEEE 802.1p standard uses this three-digit information.
Canonical Format Indicator (CFI): If the CFI value is 0, it indicates the
standard format, and 1 indicates non-standard format. It is used in the token
ring /source routing FDDI medium access method to indicate the bits
sequence information of the address in the encapsulated frame.
VLAN Identified (VLAN ID): This 12-digit domain indicates the VLAN
ID which totals 4096 and each supports 802.1q. Each data packet sent by the
host that supports the 802. 1Q protocol will contain this domain to indicate
which VLAN it belongs to.
In the switching network environment, the Ethernet frame has two formats:
Frames without such four-byte tag are called untagged frames; Frames with
such four-byte tag are called tagged frame.
21
Link Type
Access Link
Network
Page 22 Learning Centre 22
Proprietary & Confidential 22
The access link refers to the link that connects the host and switch. In
normal case, the host does not need to know which VLAN it belongs to, and
the host hardware does not need to support the frames with VLAN tags. The
frames sent and received by the host are all frames without tag.
The access link connected to a certain port that belongs to but only one
VLAN. This port can not directly receive the information from other VLANs
or send the information to other VLANs. The information of different
VLANs should pass the layer 3 routing processing before forwarded to this
port.
The trunk link can bear multiple data links of different VLANs. The trunk
link normally refers to the interconnection between switches, or between
switches and routers.
When the data frame is transmitted over the trunk link, the switch must use
one method to identify which VLAN the data frame belongs to. The IEEE
802.1q has defined the VLAN frame format. All the frames transmitted over
the trunk links are tagged frames. Through such tags, the switch can confirm
which VLANs those frames belong to.
Different from the access link, the trunk link serves to bear the VLAN data
between different equipments (such as between switches and routers, or
between switches). Therefore, the trunk link does not belong to any specific
VLAN. Through the configuration, the trunk link can bear all the VLAN data.
The configuration can also be made to transmit only the designated VLAN
data.
Although the trunk link does not belong to any specific VLAN, one pvid
(port VLAN ID) should be configured to the trunk link. In case that the
untagged frames appear in the trunk link for any reason, the switch will add 22
h VLAN id hi f d k h i
VLAN Trunking
• Allows to send traffic for multiple VLAN across
single link.
• Two devices must support same trunking protocol
– 802.1q
• Device adds a header called tag to the original
Ethernet frame which has field for VLAN ID
• Allowed VLANs – Each trunk allows all VLANs by
default. However, they can be added or removed
from the list.
VLAN 2 VLAN 3
Ethernet frame with tag
Ethernet frame
without tag
Ethernet frame with tag
VLAN 3 VLAN 2
Network
Page 24 Learning Centre 24
Proprietary & Confidential 24
The figure shows a LAN environment in which there are two switches in
the network and two VLANs configured. The link between the host and
switch is the access link. Switches connect each other through the trunk link.
For the host, it does not need to know whether the VLAN exists. All the
messages sent by the host are untagged messages; when the switch receives
those messages, it will judge which VLAN the message belongs to according
to the configuration principle (such as port information) before making the
processing. If the messages have to be sent through another switch, the
messages should be transmitted over the trunk link to another switch. In order
to guarantee that other switches process the VLAN information of the
messages correctly, the messages sent over the trunk link are all with the
VLAN tags.
When the switch finally confirms the ports that the messages are sent to, it
will delete the VLAN tag in the Ethernet before sending the messages to the
ports. In this way, the messages received by the host are the Ethernet frames
without VLAN tags.
Therefore, in normal case, the frames transmitted over the trunk link are all
tagged frames. The frames transmitted over the access link are all untagged
frames. The final result of this practice is that the VLAN configured in the
network can be processed correctly by all the switches, and the host does not
need to understand the VLAN information.
24
Trunk and VLAN
VLAN 4
VLAN 5
Trunk Link
Broadcast
Network
Page 25 Learning Centre 25
Proprietary & Confidential 25
No matter how many switches one network includes, and no matter how
many switches one VLAN crosses, each VLAN confirms one broadcast
domain according to the VLAN definition. The broadcast messages can be
received by all the hosts in the same broadcast domain. That's to say, the
broadcast messages should be sent to all the ports of one VLAN. The VLAN
may cross multiple switches. When one switch receives the broadcast
message from one port of a certain VLAN, the switch should transfer the
message by performing the following principles to guarantee that all the hosts
in the same VLAN will receive this broadcast message:
1.Send to other ports of the same VLAN of this switch;
2.Send this message to all the trunk links of this VLAN that the switch
contains, so that the ports of the same VLAN of other switches can also send
this message.
One port is set as the trunk port. That is to say, the link connected to this
port is set as the trunk link. Whilst it should be configured what VLAN
messages can pass the trunk link. Before configuring which VLAN is allowed
to pass through, we should consider the network configuration situation. In
the meanwhile, we should not allow the trunk link to pass all the VLANs:
Because all the broadcast messages should be sent to all the ports of each
VLAN, and those broadcast messages will be transmitted to other switches
over the trunk link. If there is no port of this VLAN member at the other side
of the trunk link, it will waste the bandwidth resource and processing time.
For most subscribers, the manual configuration is troublesome. A large-
scale network may contain multiple VLANs. As the network configuration
changes at any time, it is quite complex to configure the trunk ports according
to the topology structure of the network. The GVRP protocol can solve this 25
problem: The trunk links are dynamically configured by the GVRP protocol
Cisco Commands
• #switchport mode access
• #switchport mode trunk
• #switchport trunk allowed vlan add 900
GARP message
GARP model
Network
Page 28 Learning Centre 28
Proprietary & Confidential 28
VLAN 1 A B C VLAN 1
E0/1 E0/1 E0/2 E0/1
VLAN 2
The frame tagged with vlan 2
can not pass through
VLAN 1 A B C VLAN 1
E0/1 E0/1 E0/2 E0/1
VLAN 2 VLAN 2
Add vlan 2
Network
Page 29 Learning Centre 29
Proprietary & Confidential 29
It is shown in the above figure how the GVRP works. Different from the
default trunk link, the trunk link can decide whether to bear the message of a
certain VLAN according to the VLAN status at the opposite side. In this way,
it guarantees that the broadcast message transmitted over the trunk link is
corresponding to the port at the opposite switch which requires sending this
message.
In the initial status of the figure, the switch A and B connect with each
other through the trunk link, and so do switch B and C. The switch A
configures two VLANs: VLAN 1 and VLAN 2. While the switch C has only
VLAN 1, all the switches enable GVRP protocol. As we know, because of
GVRP protocol, all the switches have the attribute of vlan 2, but if we show
the status of Ethernet 0/2 on switch B, we can find that this port can not allow
the vlan2 frame to be passed because the vlan 2 attribute is not being
registered in the port.
From the lower part of the figure we can see that VLAN 2 is newly
configured in the port of switch C. The GVRP protocol operating in the three
switches will automatically update the VLAN registration status, and
configure the trunk link to allow the messages from VLAN 2 to transmit over
the trunk link.
In the future, if a certain switch deletes one VLAN, the GVRP will also
update the VLAN registration information, and configure the trunk link to
forbidden the unnecessary VLAN message transmission over the trunk link.
29
Inter-vlan Routing
L3 Forwarding
Network
Page 30 Learning Centre 30
Proprietary & Confidential 30
30
Layer 2 switching network-broadcast
Broadcast domain
In the layer 2 switching network, the whole network is a flat structure and
is wholly constructed by the layer 2 switches. The whole network is a big
broadcast domain.
In the Ethernet, the so-called broadcast domain refers to the maximum
range of the forwarded frames (the destination MAC address is the frame of
the ff-ff-ff-ff-ff-ff) in a network.
In the layer 2 switch, the switch makes the frame routing and forwarding
according to the MAC address. When one complete and correct Ethernet
frame is received by one port of the switch, the switch will search the address
in the MAC address list maintained by itself. According to different address
types and inquiry results, the switch will make different processing on the
frames.
Unicast-if its destination address available in the MAC address list ,
According to the output ports of the destination address designated in the
address list, the frame is forwarded to the corresponding port. (The unicast
MAC address can only designate one output port.) Unicast –if its destination
address not available in the MAC address list Broadcast this frame to all ports
except the input port in the broadcast domain.
Multicast -its destination address available in the MAC address list,
According to the output ports of the destination address designated in the
address list, the frame is forwarded to the corresponding ports. (The multicast
MAC address can designate one or a group of output ports) Multicast--if its
destination address not available in the MAC address list, Broadcast this
frame to all ports except the input port in the broadcast domain.
In the flat layer 2 network, the broadcast domain is the whole network. In
case that the broadcast occurs or the destination address frame fails to match 31
h i h dd li h f ill b b d h h l k
Insulating layer 2 broadcast domain
Network
Page 32 Learning Centre 32
Proprietary & Confidential 32
In order to solve the problems such as the low efficiency and security
caused by the broadcast, the concept VLAN is introduced that each VLAN is
designed into one independent broadcast domain in the network that supports
the VLAN function and is constructed by the switches.
Each VLAN is strictly separated. Any frame can not be forwarded from the
VLAN belonged to other VLANs. The whole network is divided into several
broadcast domains in small scale. The network broadcast is controlled in a
comparatively small scope so that it increases the network bandwidth
utilization rate and improves the network efficiency and performance.
Everyone can not directly access one point of the network from another
point of the network, or monitor the frames of the whole network with no
limitation. The separated broadcast domain improves the network security.
The VLAN can perform the subscriber grouping. By configuring the
VLAN, it realizes the flexible network management. Whilst the network is
moved, the network design can be modified easily without any tedious and
time-consuming work on modifying the network wiring because of the
flexible configuration of the switch.
32
Inter-VLAN communication
VLAN 300
z Flows between different VLANs cannot directly cross VLAN
boundaries, we can use routers so that messages can be
transferred from one VLAN to another VLAN
Network
Page 33 Learning Centre 33
Proprietary & Confidential 33
33
Route selection in inter-VLAN
communication
Ping 2.2.2.20 VLAN 100 VLAN 200
Non-
Non-local communication
Using default gateway
1.1.1.10/24 2.2.2.20/24
network1.1.1.0/24 at interface 1
network2.2.2.0/24 at interface 2
In the network ,we divide the VLAN and interconnect the VLANs through
routers, how do the hosts of the network communicate with each other?
First, let's give such a definition:
The hosts located in the same VLAN are called the local hosts. The
communication between the local hosts is called the local communication.
The hosts located in different VLANs are called non-local hosts. The
communication between non-local hosts is called non-local communication.
For the local communication, the hosts at both communication sides locate
in the same broadcast domain. The flow of two hosts can directly reach each
other. As the communication process is the same as which in the flat layer 2
network, the details will not be described here.
For the non-local communication, the hosts at both communicating sides
locate in different broadcast domains. The flow of two hosts can not directly
reach each other. The host can not request the address of the opposite side
through the ARP broadcast request. The current communication can only be
completed with the help of the intermediate router.
The routers between VLANs act as the gateway for each VLAN.
Therefore, the hosts that make mutual communication through the routers
should know whether the routers exist and their addresses.
After configuring the router, configure the default gateway as the interface
address of the router with this VLAN in the host.
As shown in the above figure, the host 1.1.1.10 should communicate with
2.2.2.20.
At first, the host 1.1.1.10 compares the local subnet masks to find that it
can not directly access the destination host as the destination host is not the 34
One physical connection for every
VLAN
Network
Page 35 Learning Centre 35
Proprietary & Confidential 35
35
Use VLAN Trunking
VLAN 300
z multiple VLANs in the network can share only one physical link.
z On the switch, configure that ports connecting to routers use the VLAN Trunking.
z And make the same configuration in the router
Network
Page 36 Learning Centre 36
Proprietary & Confidential 36
Using the VLAN Trunking technology can help optimize the above
network.
The concept VLAN Trunking has been introduced in the chapter VLAN.
Using this technology enables the service flow of multiple VLANs to share
the same physical link. By transmitting the tagged frame in the physical link
of the VLAN Trunking, it distinguishes the flow of each VLAN.
In making the inter-VLAN inter-networking, multiple VLANs in the
network can share only one physical link. In the switch, configure that ports
connecting to routers use the VLAN Trunking. And make the same
configuration in the router.
In such configuration, every router interface and physical interface in the
router are in many-to-one relation. When the router makes the inter-VLAN
routing, it forwards the message from one routing interface to another routing
interface. But the message is forwarded from one physical interface back to
the same physical interface. The VLAN tag is replaced with the destination
network tag after the forwarding.
In normal case, the flow of inter-VLAN routing is not enough to reach the
linear speed of the link. Using the VLAN Trunking configuration can
improve the bandwidth utilization rate of the link, save the port resources and
simplify the management. (e.g, if adding one VLAN in the network, you can
only maintain the equipment configuration without changing the network
wiring.)
After using the VLAN Trunking, there is still some performance
deficiencies in using the traditional router to make the inter-VLAN routing.
The routings make use of the universal CPU. The routers make the
36
forwarding totally relying on the software and support various
Integration of switching and routing
VLAN 300
VLAN 100 VLAN 200
VLAN 300
The emerging of the layer 3 switch brings huge economic benefits to the
network.
The layer 3 switch adopts the hardware technology to integrate the network
functions of the layer 2 switch and routers into one box through some clever
processing. Thus it improves the network integration and enhances the
forwarding performance.
In order to implement the interconnection of heterogeneous networks, the
IP protocol offers abundant functions. The standard IP routing needs to make
much processing and pass many processes when forwarding each IP message,
bringing huge work to the software as described before.
But such work is not necessary for each message processing. Most
messages only need to pass a small part of the processes. There is a large
space to improve the IP routing method.
The design of the layer 3 switch, based on the careful analysis of the IP
routing, picks up the necessary processes that each message should pass in
the IP routing. This process is a simplified process
Most messages in the IP routing do not include the IP option. So the IP
option processing of the message is not necessary in most cases.
The message length in different networks is different. In order to adapt to
different networks, the IP implements the message partition function.
However, in the Ethernet environment, the network frame (message) length is
fixed. So the message partition function can be omitted.
The layer 3 switch adopts the accurate address-matching mode for
processing to enable the hardware to fast inquiry, different from the mode
that requires matching the longest address mask in the router. 37
Th l 3 it h d t th C h th d t t th h t ti
Function model of layer 3 switch
ETH0:10.110.0.254/24 ETH2:10.110.2.254/24
ETH1:10.110.1.254/24
Network
Page 38 Learning Centre 38
Proprietary & Confidential 38
38
Message to message Layer 3 switching
technology
3 3 3 3
2 2 2 2
1 1 1 1
Network
Page 39 Learning Centre 39
Proprietary & Confidential 39
39
Layer 3 switching technology based on
flow switching
3 3 3 3
2 2 2 2
1 1 1 1
Network
Page 40 Learning Centre 40
Proprietary & Confidential 40
40
Isolate-user-VLAN
• Isolate-user-VLAN (Huawei) is same as Private VLAN (Cisco)
– This is not supported by CX200 (old technology not supported in
new devices)
S u p er V L AN 4
S u b -V L A N 2 S u b -V L AN 3
Network Learning Centre 42
Proprietary & Confidential 42
Super-VLAN
• No Physical Ports in Super-VLAN
• Super-VLAN is the gateway for sub-vlans
• Super-VLAN has IP address (vlanif)
• VLAN aggregation solves the problem that excessive IP addresses
occupation caused by VLANs.
• As shown in Figure, in VLAN aggregation, multiple VLANs are
aggregated into a super-VLAN. Member VLANs of a super-VLAN
are called sub-VLANs. All sub-VLANs share the same IP network
segment.
• If a large number of VLANs exist in an Ethernet network, VLAN
aggregation can simplify the configurations.
Q-in-Q
Network
Page 45 Learning Centre 45
Proprietary & Confidential 45
45
Basis of the QinQ Technology
QinQ background
QinQ background :
Second :Users can plan private network VLAN IDs without conflicting with
public network VLAN IDs; The layer-2 VPN technology can be used to
transparently transmit user VLAN information and Ethernet configuration
information.
46
Basis of the QinQ Technology
The basic idea of QinQ
• The basic idea of QinQ is to add one more tag in front of the
The basic idea of QinQ is to add one more tag in front of the tag of the message
encapsulated on the basis of 802.1 Q; it might also be a visualized name for using
one tag to classify tunnels (users).
The general idea is to encapsulate the user’s private network VLAN tag into the
public network VLAN tag. Each message traverses the service provider’s backbone
network with two tags, hence providing users with a simple layer-2 VPN tunnel.
47
Basis of the QinQ Technology
QinQ encapsulation
48
Basis of the QinQ Technology
QinQ topical application
Custom A
ISP network VLAN200
S
S S
VLAN100 header 10
user
data user
vlan header data
header
user
data
vlan S
S vlan
user
VLAN100
header 20 data
vlan
VLAN200
Custom A S External S
label
Trunk port: single tag at the customer side; two tags at the operator side
Tunnel port; external tag attached or peeled off
Network
Page 49 Learning Centre 49
Proprietary & Confidential 49
The user’s message is attached with an external tag before it traverses the operator’s
network; simple layer-2 VPN functions are enabled.
Typical applications of QinQ Tunnel port: The QinQ-supported port is configured. The
Tunnel port is a VLAN allocated by the operator to the customer. The Tunnel port is only
configured at the operator’s equipment. In the above figure, customer A is allocated with
VLAN10; all Tunnel ports connected with customer A belong to VLAN10 in the operator’s
network. When the data of customer A (already with a customer VLAN tag) reaches the
Tunnel port, an external tag will be added. The VLAN ID is 10. In the operator’s network,
the data is transmitted according to the normal layer-2 transfer process in VLAN10. When
the data of customer A leaves the Tunnel port, the external tag will be peeled off. Only the
internal customer VLAN tag will be left. Upon arriving at the customer side switch, the data
is transmitted in the customer’s network as a normal Tag message. MAC study: When the
customer data reaches the Tunnel port, the MAC study is allocated to the customer VLAN
(customer A’s data MAC study is in VLAN10); when the data reaches the customer side,
MAC study is in the VLAN attached by the internal customer VLAN tag. The QinQ
function is not visible for the customer side switch. The operator’s network is transparent
for the customer. The Tunnel port is sometimes called the vlan-vpn port
49
Basis of the QinQ Technology
Advantages of QinQ
Network
Page 50 Learning Centre 50
Proprietary & Confidential 50
QinQ can be simply understood as a message with two layers of 802.1Q tags.
The QinQ technology enables the operator to provide layer-2 VPN to customers at low
costs. QinQ services are implemented in the operator’s network; users are insensitive to
QinQ.
In each message in the operator’s network, the internal tag is the customer’s private
VLAN ID, while the external tag is allocated by the operator. The customer can plan a
private VLAN ID; changes in the operator’s network will not affect the customer’s network.
QinQ does not require signaling protocols; only static configurations shall be made;
configurations are simple and stable.
QinQ has expanded VLAN resources and enable the operator to classify access users
according to VLAN IDs.
50
Basis of the QinQ Technology
QinQ QOS
Network
Page 51 Learning Centre 51
Proprietary & Confidential 51
The message with 8021Q tag at the customer side contains the 8021p priority level. After
the tunnel port is attached with an external tag, the message contents cannot be identified in
layer-2 transfer. How to realize Ethernet QOS in the QinQ network?
51
Basis of the QinQ Technology
Network
Page 52 Learning Centre 52
Proprietary & Confidential 52
Some operators propose user classification according to the user VID or other
features, rather than user access ports (selected QinQ).
52
Basis of the QinQ Technology
Network
Page 53 Learning Centre 53
Proprietary & Confidential 53
53
QinQ BPDU Tunnel
BPDU Tunnel principles
Layer-2 protocol messages are also called the BPDU messages. Their transparent
transmission tunnels in the operator’s network can be called layer-2 protocol tunnels or
BPDU tunnels
So how to solve the two problem brought up in the slide?
First: When receiving a BPDU message on the Tunnel port, the port labels a tag allocated
by the operator on the message. Such tags are used to identify BPDU messages in different
VPNs. In the operator’s network, BPDU messages are transmitted as normal data messages.
Second : to avoid the customer’s BPDU message being processed by the operator’s
network equipment, a multicast MAC shall be attached to each encapsulated BPDU
message as the destination MAC. This ensures that the messages are sent to different
branches in the VLAN allocated by the operator. When a message goes out of the Tunnel
port, the VLAN tag will be removed, and the destination MAC will be changed back to the
BPDU MAC.
Characteristics of BPDU message messages: BPDU messages are layer-2 control
messages of bridge equipment. They are correlative globally in the equipment and have no
VLAN tags.
enabled, it will be propagated in all ports; otherwise, it will be processed in the equipment
before it is transferred.
54
Huawei adopted the above methods in previous solutions In the present solution the
QinQ BPDU Tunnel
BPDU Packet
BPDU-Tunnel Packet
Network
Page 55 Learning Centre 55
Proprietary & Confidential 55
Upon receiving a BPDU message, the Tunnel port modifies the destination MAC into a
multicast MAC (01-00-0c-cd-cd-d0). Identification information, such as the user
information, is inserted in front of the FCS. The multicast MAC ensures that the message is
propagated in the VLAN; it also identifies the message as a BPDU-Tunnel message. When
receiving the message, the switch submits it to the CPU for processing; it recovers the
BPDU identity and sends the message to the corresponding customer network according to
the user information identification in the message.
Modifying the BPDU destination address to multicast MAC Modifying the BPDU
destination address to multicast MAC Destination: 01-00-0c-cd-cd-d0Source address: 00-
0F-E2-07-F2-E0 The source of the BPDU messages sent by Huawei’s switches is this
MAC. According to the above descriptions, we can find that BDPU messages and BPDU-
Tunnel messages are both in LLC encapsulation. At present, Huawei’s realization method is
consistent with the realization method of Cisco. Tests showed that Huawei’s equipment can
interwork with Cisco’s equipment.
55
Basis of the QinQ Technology
Network
Page 56 Learning Centre 56
Proprietary & Confidential 56
56
Principles and Applications of Selected
QinQ
Characteristics of selected QinQ
Network
Page 57 Learning Centre 57
Proprietary & Confidential 57
Based on the stream classification results, selected QinQ can determine whether
to attach external VLAN tags and the type of external VLAN tags. Characteristics
of selected QinQ can be implemented according to the user VLAN tag, MAC
address, IP protocol, source address, destination address, priority level, or port
number of the application program. With the above stream classification methods,
external VLAN tags can be encapsulated to messages according to different users,
different services, and different priority levels; different bearer schemes are
executed for different services.
57
Principles and Applications of Selected
QinQ
Scene 1 of selected QinQ applications
VLAN 20 VLAN1XXX
VLAN 30 VLAN2XXX
Trunk
Trunk
S S
VLAN 2 VLAN 2001 VLAN 3 VLAN 2002
Network
Page 58 Learning Centre 58
Proprietary & Confidential 58
58
Principles and Applications of Selected
QinQ
Scene 2 of selected QinQ applications
VLAN 20 IPOE
VLAN 2
VLAN 3
S S
Network
Page 59 Learning Centre 59
Proprietary & Confidential 59
Traffic distribution by message protocol numbers: ordinary PCs use the PPPoE protocol
to access the Internet; IPTV adopts the IPoE protocols. The terminals are connected to the
uplink via a VLAN. The QinQ technology can be used to distribute traffic according to
different protocol numbers of messages, for example PPPoE and IPoE message.
In Huawei’s 8500 switch, each PPPoE message of ordinary Internet PC is attached with
external VLAN10; each IPOE message of the IPTV is attached with external VLAN20.
59
Principles and Applications of Selected
QinQ
Scene 3 of selected QinQ applications
VLAN 20 DA VOIP
S S
Network
Page 60 Learning Centre 60
Proprietary & Confidential 60
60
Principles and Applications of Selected
QinQ
Scene 4 of selected QinQ applications
Network
Page 61 Learning Centre 61
Proprietary & Confidential 61
In the concatenated networking mode, some concatenated switches have adopted port-
based QinQ. In this case, traffic can be distributed via the selected QinQ according to the
internal VLAN tags of the QinQ.
The ordinary QinQ attaches external VLAN10 to VLAN100; it attaches VLAN30 to
VLAN300; VLAN 100 and VLAN300 belong to the same VPN user. Hence in the 8500
switch, external tag VLAN10 is attached according to VLAN100 and VLAN300 of the
QinQ message.
61
Principles and Applications of Selected
QinQ
Typical applications of selected QinQ
Users can be distributed to
Multicast different VLANs (with
external tags) according to
Router different applications to
internet VLAN 1001-
isolate the applications.
1003 VLAN 302
Network
Page 62 Learning Centre 62
Proprietary & Confidential 62
The above is the networking of the most commonly used selected QinQ application by
operators. In general, telecom broadband user group include users accessed to the switch via
the campus network; the other are ADSL users accessed via DSLAM.
Let me briefly introduce the characteristics of this networking case:
1. VLAN101-200 users accessed from the campus network are ordinary users; this group
is allocated with pubic network VLAN1001 by the 8500 switch. VLAN201-300 users are
VIP users accessed from the campus network; this group is allocated with pubic network
VLAN1002 by the 8500 switch; VIP users have high requirements on network performance;
hence the bandwidth of VIP users shall be guaranteed via QOS.
2. ADSL users accessed from DSLAM are VLAN 101-300 users, who get an IP address
for Internet access via PPPOE dialing; this group is allocated with public network
VLAN1003 from the 8500 switch.
3. VLAN 301 is dedicated to multicast. IPTV users accessed via DSLAM or campus
network shall access multicast programs via VLAN 301. IPTV client terminals first get IP
addresses from the DHCP server; then they join the IGMP group on the 8500 switch to
access multicast programs.
4. For Internet users, the 8500 switch attaches a public network tag on each Internet user
messages before the message is submitted to BASE for processing. Each user implements
authentication, authorization and layer-2 termination on BASE.
62
Module 3
CX200D
CX200D-EA
Dimensions 442mm×220mm×43.6mm
S2309P-SI 8*10/100TX+1*GE(SFP)
S2309P-EI 8*10/100TX+1*GE(SFP)
In EA there is 2 extra SFP, these are combo ports. If we use this we can’t use 2 FE ports.
Hardware drivers
Access Layer
Aggregation Layer
Core Layer
CX200D
VLAN Translation change VLAN tag as necessary, make service provisioning more flexible.
Selective QinQ insert different out tag based on different inner Tag.
DATA 1 SA DA DATA 1 SA DA DATA 10 SA DA
VALN1VoIPservice DATA 2 SA DA DATA 20 SA DA
DATA 2 SA DA
DATA 3 SA DA
user1 DATA 3 30 SA DA
VLAN2 BTVservice
DATA 3 SA DA DATA 10 SA DA
DATA 1 SA DA
VLAN3 Internet
DATA 2 SA DA DATA 20 SA DA
DATA 4 SA DA
user2 DATA 4 SA DA DATA 4 30 SA DA
VLAN4 Internet
Network Learning Centre 69
Proprietary & Confidential 69
Selective QinQ
UNI (FE/GE) NNI
DA SA 3 DATA DA SA 5 DATA
1. Modify C-VLAN ID
DA SA 3 DATA DA SA 6 3 DATA
2. Add S-VLAN ID
Vlan 100/200/300
Global mapping:
vlan 1ÅÆvlan 100
Vlan 1 Vlan 3 vlan 2ÅÆvlan 200
Access Layer
Home Gateway S2000TP-
S2000TP-EA Campus 1
PC VLAN1 Aggregation Layer POP
VLAN1 VLAN1 CX200D
VLAN2 VLAN2 VLAN1001
IPTV VLAN2001@VLAN1
VLAN1 VLAN2 BRAS
PC VLAN2001@VLAN2
VLAN1 VLAN2 VLAN1002
VLAN2002@VLAN1
VLAN2 CX200D CX200D VLAN2002@VLAN2
IPTV
Campus 2
VLAN 3001@VLAN 1001
PC
VLAN1 VLAN 3001@VLAN 1002
VLAN1 VLAN1 VLAN 3002@VLAN 1001
IPTV VLAN2 VLAN2 VLAN1001
VLAN 3002@VLAN 1002
PC VLAN1 VLAN2
VLAN1
VLAN2 VLAN1002
IPTV VLAN2
CX200D CX200D
PUPSPV is realized based on the same HG configuration, and 1:1 VLAN mapping on port of
CX200D Series Metro Ethernet.
At the Home Gateway edge, VLAN1 for PC to access internet with broadband service, VLAN2 for
IPTV service.
At the access layer,we use the 1:1 vlan mapping.
At the campus network, we use the QinQ feature.
Network Learning Centre 72
Proprietary & Confidential 72
Transit Transit
Node Sub- Sub-
Node Link-Down Ring 1 Ring 2
Notification
Block Status
Link Failure
User1 User2
A standard protocol RPR can also be used for <50ms convergent time, but this requires
separate interface to be purchased called RPR interface. It is costlier than ethernet.
RRPP Feature
RRPP support Trunk
Metro Core
Main node
Main port Slave port
CX200D CX200D
CX200D
CX200D CX200D
Hello Packet
Block Status
Ethernet OAM——802.3ah
Protocol
Link Failure Message
CE PE 802.3ah protocol is used to solve “The
Last Mile” problem, and suitable for
CX380 Ethernet link between two devices too.
User to Network Interface Main Functions:
CX200D
OAM Auto Discover
Link Loopback Message
OAM Link Monitor
CE PE Remote Fault Notify
OAM Remote Loopback
Test Message CX380 Remote Taking MIB
User to Network Interface
CX200D
The Ethernet OAM 802.3ah verifies the connectivity, fault isolation, performance
monitoring and troubleshooting capabilities of Ethernet Services. Its objectives are
to push widely Ethernet technology into access network market of carriers.
EthOAM can improve network performance, and reduce OPEX and CAPEX.
802.3ah protocol includes all technology elements Ethernet must have, such as
physical criterions on cable, P2P fiber and P2MP fiber, and OAM mechanisms.
OAM(Operations Administration and Maintenance)
IGMP Snooping
Multicast Router
Internet Internet
CX200D
Video Stream
Convergence Layer
Only one copy for whole ring
IGMP Snooping V1/V2
MVLAN+ CX200D STP/RRPP CX200D
Native L2 multicast forwarding easy
to deploy and maintain
50ms switch over
IGMP fast leave, fast zapping
OSS and VoIP are marked with highest priority, scheduled with SP, and
policed to be within the pre-set maximum rate.
DISCOVER
DISCOVER+Option82
OFFER(+Option82)
The Option 82 field carries the
inbound interface number and
OFFER
VLAN ID of DHCP messages.
REQUEST
REQUEST+Option82
ACK(+Option82)
ACK
Data transmit
RELEASE
RELEASE+Option82
After being initialized, the DHCP client sends a DHCPDISCOVER message to the
DHCP server. The Option 82 field is forcibly appended to the DHCPDISCOVER
message on the CX.
When receiving the DHCPDISCOVER message that carries the Option 82 field,
the DHCP server sends a DHCPOFFER message that carries the Option 82 field to
the DHCP client. The CX removes the Option 82 field from the DHCPOFFER
message and then sends the message without the Option 82 field to the DHCP
client.
The DHCP client sends a DHCPREQUEST message to the DHCP server to
respond to the DHCPOFFER message sent by the DHCP server. The Option 82
field is forcibly appended to the DHCPREQUEST message on the CX.
When receiving the DHCPREQUEST message that carries the Option 82 field, the
DHCP server sends a DHCPACK message that carries the Option 82 field to the
DHCP client. The CX removes the Option 82 field from the DHCPACK message
and then sends the message without the Option 82 field to the DHCP client.
The DHCP client sends a DHCPRELEASE message to the DHCP server to
actively release the IP address assigned by the DHCP server. The Option 82 field is
forcibly appended to the DHCPRELEASE message on the CX.
IP/MPLS core
Eth0/0/2 Eth0/0/3
LSW DSLAM
Save OPEX!
HGMP
Client
L2tp is based on PPP. It takes the packet of any protocol (IP,IPX,etc) and encrypts
to deliver over internet using IP.
(Layer 2 Tunneling Protocol) A protocol from the IETF that allows a PPP session
to travel over multiple links and networks. L2TP is used to allow remote users
access to the corporate network. PPP is used to encapsulate IP packets from the
user's PC to the ISP, and L2TP extends that session across the Internet
86
Aggregate QoS Model
Contents
1. Introduction to CX 600
2. Service Features of CX600
3. Application of CX600
Positioning of CX600
MSP SoftX
VoD
Acc Switch CX600
ES
P
P
MSP Head
MSP PE
CX600 end
CX600
AG P
MSP
SBC VoD
CX600
CS
Position of CX600-8:
1. CX600-8 is Metro Services Platform, supports abundant Metro Ethernet
services.
2. Special for Ethernet Aggregation; bring L3 access to network margin;
3. Does not support POS, ATM, E1/E3 and T1/T3 interfaces for WAN application.
Introduction to CX600
• Key components redundancy:
• 1:1 redundancy of the Switch and Route Processing Unit
(SRUs)
• 3+1 load balancing and redundancy backup of the Switch
Fabric Units (SFUs)
• Redundancy backup of power modules, fans, clock boards
and management bus
• Support GR, NSF, Hot Patch
SFU板
SFU板
SFU
SFU
LPU LPU
… Switching
Fabric …
交换矩阵
LPU LPU
3+1
3+1 redundancy
redundancy
(3+1备份)
(3+1备份)
¾
¾ Redundancy
Redundancy design
design for
for all
all components,
components, no no single
single point
point failure
failure
¾
¾ Distributed
Distributed forwarding
forwarding architecture
architecture to to eliminate
eliminate performance
performance bottle
bottle neck
neck and
and maximize
maximize
throughput
throughput
¾
¾ Separated
Separated data
data bus,
bus, control
control bus
bus and
and monitor
monitor bus
bus
¾
¾ 2:1
2:1 speedup
speedup (=switching
(=switching capacity
capacity :: port
port capacity),
capacity), non-blocking
non-blocking crossbar
crossbar switching
switching fabric
fabric
Network Learning Centre
Page105 105
Proprietary & Confidential 105
Segmentation
Resembling
Switching based on Info in
Cell Header 4 SFU 3+1 Load Sharing
¾
¾ 64
64 pairs
pairs of
of high
high speed
speed (3.125Gbps)
(3.125Gbps) SERDES
SERDES bus
bus available
available on
on each
each
SFU
SFU
¾
¾ Switching
Switching capacity
capacity per
per SFU:
SFU: 3.125Gbps*8B/10B*64=160Gbps
3.125Gbps*8B/10B*64=160Gbps
¾
¾ One
One 10G
10G LPU
LPU hashas 16
16 pair
pair of
of SERDES
SERDES bus
bus spanning
spanning on
on 44 SFU
SFU
Network Learning Centre
Page106 106
Proprietary & Confidential 106
SERDES : Serializer/Deserializer
control module CP
management interface
Framer
PFE TM SM
¾
¾ Wire
Wire speed
speed && low
low latency
latency 10G
10G forwarding
forwarding capability
capability
¾
¾ Per
Per user
user per
per service
service ingress
ingress &
& egress
egress H-QoS
H-QoS guarantee
guarantee
¾
¾ Large
Large packet
packet buffer
buffer to
to reduce
reduce packet
packet loss
loss rate,
rate, meet
meet requirements
requirements of
of critical
critical
services
services
¾
¾ VOQ
VOQ toto avoid
avoid HOLB
HOLB (head
(head of
of line
line blocking)
blocking) issue
issue and
and maximize
maximize throughput
throughput
Network Learning Centre
Page107 107
Proprietary & Confidential 107
2007-08-10 GA 2008Q1 GA
V200R001 V200R002
Software features(1)
Name of Software Features Remarks
Interface binding (IP TRUNK and Ethernet
Supports the cross-service LPU binding.
TRUNK)
TRUNK interface HASH load balancing
GRE tunnel
Software features(2)
Name of Software Features Remarks
RRPP (for Ethernet and Ethernet-Trunk)
RRPP ring multicast isolation feature
BPDU Tunnel
Supports complete load balancing and supports
FIB table supports the load balancing
eight ECMPs of load balancing.
Supports the LSP traffic-based load balancing and
LSP load balancing
the fault switch less than 50ms.
MPLS TE
LDP over TE LDP over TE for PE/P
TE over TRUNK (IP TRUNK, Ethernet
TRUNK
Supports three kinds of inter-domain modes:
Option A, B and C.
Supports ISIS, OSPF, RIP, BGP, and static route.
MPLS L3VPN
Can be access to the PE in static routing. The
OSPF supports 1000 instances.
Supports the HoPE.
Supports the following two kinds of protocol
MPLS L2VPN (VLL/PWE3, VPLS, HVPLS)
modes: Martini and Kompella.
Software features(3)
Name of Software Features Remarks
VPLS over TE
Static LSP is accessed to VPLS
QinQ termination is accessed to VPLS,
L2VPN, and L3VPN
Multicast VPN
MPLS OAM
MPLS Ping, MPLS Traceroute
The IS-IS convergence on the whole network is
IS-IS and fast convergence less than 1s, and convergence of the single node
is less than 50ms.
IP/LDP FRR
TE FRR
VPN FRR
Software features(4)
Name of Software Features Remarks
BFD for FRR, VRRP, and ISIS
BFD for BGP, OSPF, TRUNK, and VLANIF
BFD for VRF, Cisco Interconnection
BGP/ISIS/OSPF/LDP GR
VLL (LDP mode)/VPLS GR
L3VPN GR
HQOS (FADD only)
VPN QoS (Resource Reservation VPN)
QPPB
Tunnle/VPN statistics
NTP
SSHv2
IPTN TPE
NetStream for IPv4
Specification of CX600
Description CX600 Description CX600 V2R1
Ethernet,RPR,GRE,NetStrea VPN-Instance 1K, Default 500
Interface
m
PPP/MP NO ARPv4 16K
FIBv6:3K IPV4 ACL per Board 8K
IPV6 ACLv6:1K
Max. IPv4 ACL per
ARPv6:1K 64K
Equipment
FIB 200K
H-QOS Levels 5-level Scheduler
Routing Table 1M
Ingress 24K
OSPF Neighbors 256, Default 50 FQ per Board
Egress 24K
OSPF Interfaces 256, Default 50
MAC per Board 128K
OSPF
256, Default 50 QinQs per Board 16K
Session/Instances
ISIS Neighbor 256, Default 50 MPLS LSP Tunnels 64K
ISIS Interfaces 256, Default 50 MPLS TE Tunnels 1K
Introduction to Boards
Newly Added LPUs
1*10GBase-LAN-XFP Optical Interface LPU
1*10GBase-WAN-XFP Optical Interface LPU
10*1000Base-X-SFP SFP Optical Interface LPU
24*10/100/1000Base-TX-RJ45 Electrical Interface LPU
24*100/1000Base-X-SFP Optical Interface LPU
1*OC-192c/STM-64c RPR-XFP Optical Interface LPU
2*OC-48c/STM-16c RPR-XFP Optical InterfaceLPU
4*OC-48c/STM-16c RPR-XFP Optical InterfaceLPU
2*1000M RPR-SFP Optical InterfaceLPU
4*1000M RPR-SFP Optical InterfaceLPU
Service Processing Circuit Board-NetStream Processing
Service Processing Circuit Board-TSU Service Processing
Networking Capacities
• Core layer is responsible for the high-speed forwarding of service data.
• Edge and aggregation layer serve as the access point of various services.
• Access layer is responsible for the user access (DSLAM, converged-switch, AG,
NodeB)
The services access the network for forwarding through the BRAS, the centralized
PE, or the aggregation node, based on the service type.
BRAS Refers to a device that processes PPPoE login services of individual users
Refers to the centralized service node, which can also serve as the
PE distribution node. PE accesses the services that should be converged and
processed, such as centralized L3VPN services
Refers to the core forwarding node or the edge node on the back bone
P/PE network. P or PE rapidly forwards the services or accesses the services to
the backbone network.
CX600 CX600
VLAN TRUNK
Branch A
Branch B
CX600
IP MAN
CX600 CX600
VLAN aggregation
rt
Po or Config VLAN layer 3 uses the same subnet
r interface to realize the
Mri Port IP; Communicates
communication of with another sub-
different VLAN Trunking
VLAN by ARP PROXY
...
VLAN10 VLAN20
VLAN 2 VLAN 9
userA:MAC_A userB:MAC_B
L2 root redundant
Residential Area/Enterprise
PC VID=1~1000
STB VID=1001~2000
DSLAM
PC VID=1~1000 PC VID=1~1000
STB VID=1001~2000 MODEM Home
STB VID=1001~2000
Network
PC STB
PC VID=1~50 PC
STB Home VID=101~150
MODEM STB
VID=1001~1050 Network PC VID=1~1000
VID=1101~1150
STB VID=1001~2000
PC STB
STB
PC VID=51~100
VID=1051~1100
Network Learning Centre
Page122 122
Proprietary & Confidential 122
Aggregation Switch
Supporting QinQ
Corporate VID=3K~4K
Personal VID=1~3K Corporate
VID=3K~4K
Personal
DSLAM VID=1~3K
BAS SR
L3 VLAN 200
CX600
VLAN MAPPING
DSLAM
By VLAN mapping, CX600 can aggregate service. CX600 receives VLAN 100,
VLAN 102 and VLAN 103,which represents internet service.CX600 changes these
VLAN ID to VLAN 200. VLAN 200 means internet service in the aggregation
layer.
• Non-stop Forwarding
• VPN FRR
• Enhanced-VRRP for Layer 3 Access Reliability
Non-stop Forwarding
Signaling/protocol packet
1:1 redundancy RM
RM
Stateful Switchover
FIB Control Unit
Graceful Restart Capabilities BACKUP
ACTIVE
Forwarding Unit
Tunnel 1
VoIP/VoD VLAN
PE2
Tunnel 2 PE1
CX600
PE3
BFD
z To improve network performance, the system must be able to rapidly detect a
communication failure, and then set up a backup channel to resume the communication.
To solve the preceding problems, the Bidirectional Forwarding Detection (BFD), a unified
detection mechanism, is developed.
BFD is a unified detection mechanism used to rapidly detect and track the connectivity of
the network links or IP routing. To improve network performance, adjacent systems must
be able to rapidly detect a communication failure, and then set up a backup channel to
resume the communication.
The BFD provides the following functions:
Provides low-load and short-duration detection for path faults between two adjacent
forwarding engines.
Uses a single mechanism to perform real-time detection of all media or protocol layers, and
supports different detection time and costs.
127
Course Name
VRRP VRRP
PC RTU STB
Hierarchical QoS
L1-L4 info ,64Kbps granularity 5-level scheduling & shaping
precise traffic policing Precise bandwidth management
Congestion avoidance with WRED
NP TM TM NP
Egress QoS
Ingress QoS
VoIP VLAN
Sub-1 BTV VLAN
VoIP Sub-2 Sub VoD VLAN GE
IPTV *** Group
Sub *** Premium
IA Pre IA VLAN
IA BE Sub-n Normal
OSS/BSS
OSS/BSS (ORDER, BILLING, INVENTROY…)
BML
SNMP/CORBA/… FTP/
…
SNMP/
Service Management NSM CORBA/
SML VPN Manager QoS Manager LSP Manager
…
D2610
NetStream
Analysis
NML System
SNMP/TELNET/FTP/SYSLOG/…
NetStream
NetStream Analyzer
NetStream Collector
Version Description
Full flow export format, Based on 7 tuples of the flows (IP SA, IP DA, SP, DP,
NetFlow V5
protocol type, ToS, input interface) statistics, output statistics record
Templates based export format, support MPLS, MPLS VPN statistics record,
NetFlow V9
support interface statistics record
Red one is 32gbps- old one – when switch was their. LAN card uses this bus.
Fabric disabled.
OSM card cn use 720 gbps mesh. They are fabric enabled.
138
7609 IOS
Console Cable
Router
Network
Page 148 Learning Centre 148
Proprietary & Confidential 148
Setup via Telnet
Workstation
Router
100BASE-TX
Ethernet
Server Laptop PC
Network
Page 149 Learning Centre 149
Proprietary & Confidential 149
Setup via the AUX Port
RS-232 Serial Port
PC
Router
Modem
PSTN
TEL: 12345678
Modem
Console Port Modem
Network
Page 150 Learning Centre 150
Proprietary & Confidential 150
Command View
Network
Page 151 Learning Centre 151
Proprietary & Confidential 151
Visit Level
z The commands in visit level:
• The commands in
manage level:
Manage: Commands essential to
the system operations and the
system support modules. They
provide support to services that
concerns file system, FTP, TFTP,
XModem download, configuration
file switch, power control, standby
board control, user management,
level setting, as well as the
parameter setting within a system
(the last case involves those non-
protocol or non-RFC provisioned
commands).
Network
Page 155 Learning Centre 155
Proprietary & Confidential 155
Command Views
Network
Page 156 Learning Centre 156
Proprietary & Confidential 156
Command Line On-line Help
Network
Page 157 Learning Centre 157
Proprietary & Confidential 157
Command Line On-line Help
(Continued)
Network
Page 158 Learning Centre 158
Proprietary & Confidential 158
Command Line On-line Help
(Continued)
• Enter a command and a “?” separated by
a space. If "?" stands for a parameter,
descriptions of these parameters will be
given. interface ethernet ?
[Quidway]
<3-3> Slot number
[Quidway] interface ethernet 3?
/
[Quidway] interface ethernet 3/?
<0-0>
[Quidway] interface ethernet 3/0?
/
[Quidway] interface ethernet 3/0/?
<0-0>
[Quidway] interface ethernet 3/0/0 ?
<cr>
Network
Page 159 Learning Centre 159
Proprietary & Confidential 159
Command Line On-line Help
(Continued)
Network
Page 160 Learning Centre 160
Proprietary & Confidential 160
ThankYou