Sie sind auf Seite 1von 824

SmartAX MA5600T/MA5603T Multi-service Access Module V800R010C00

Feature Description
Issue Date 01 2011-10-30

HUAWEI TECHNOLOGIES CO., LTD.

Copyright Huawei Technologies Co., Ltd. 2011. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies Co., Ltd.

Trademarks and Permissions


and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd. All other trademarks and trade names mentioned in this document are the property of their respective holders.

Notice
The purchased products, services and features are stipulated by the contract made between Huawei and the customer. All or part of the products, services and features described in this document may not be within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information, and recommendations in this document are provided "AS IS" without warranties, guarantees or representations of any kind, either express or implied. The information in this document is subject to change without notice. Every effort has been made in the preparation of this document to ensure accuracy of the contents, but all statements, information, and recommendations in this document do not constitute the warranty of any kind, express or implied.

Huawei Technologies Co., Ltd.


Address: Huawei Industrial Base Bantian, Longgang Shenzhen 518129 People's Republic of China http://www.huawei.com support@huawei.com

Website: Email:

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

About This Document

About This Document


Intended Audience
This document describes the key features (including ADSL,VDSL2, SHDSL, GPON, VoIP, ISDN, FoIP, MoIP, P2P Access, Layer 2 Protocol Handling, Layer 3 Features, VLAN, ACL, QoS, Multicast and security features) of the SmartAX MA5600T/MA5603T (hereinafter referred to as the MA5600T/MA5603T) in detail from the following aspects: l l l l l l Definition Purpose Specification Availability Principle Reference

After reading this document, you can learn about the definitions and purposes of the various features of the MA5600T/MA5603T, and also the support of these features by the MA5600T/ MA5603T and the references on these features. In this way, you can know the feature list of the MA5600T/MA5603T and understand the implementation of these features on the MA5600T/ MA5603T. This document is intended for: l l l l Network planning engineers System maintenance engineers Configuration engineers NM administrators

Symbol Conventions
The following symbols may be found in this document. They are defined as follows Symbol Description Indicates a hazard with a high level of risk which, if not avoided, will result in death or serious injury.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

ii

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

About This Document

Symbol

Description Indicates a hazard with a medium or low level of risk which, if not avoided, could result in minor or moderate injury. Indicates a potentially hazardous situation that, if not avoided, could cause equipment damage, data loss, and performance degradation, or unexpected results. Indicates a tip that may help you solve a problem or save your time. Provides additional information to emphasize or supplement important points of the main text.

Update History
Updates between document issues are cumulative. Therefore, the latest document issue contains all updates made in previous issues.

Updates in Issue 01 (2011-10-30)


This is the first release of V800R010C00. Compared with issue 01 (2011-07-15) of V800R009C00, this issue has the following changes: The following information is added: l l l l l l l 12 IPv6 20.8 ONT DHCP Simulation 14.8 Type C Protection of GPON Lines 7 MPLS Updated the specifications of 4 VDSL2 Access, 1 GPON, and 13 Multicast. Modified the content of 9.3 1:1 VMAC, 21.3 Ethernet CFM OAM, and 9.8 Bridging. Modified the structure and the content of 17.9 Service Overload Control.

The following information is modified:

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

iii

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

Contents

Contents
About This Document.....................................................................................................................ii 1 GPON...............................................................................................................................................1
1.1 Introduction........................................................................................................................................................2 1.2 Specifications......................................................................................................................................................2 1.3 Reference Standards and Protocols....................................................................................................................4 1.4 Availability.........................................................................................................................................................4 1.5 Overview of the GPON System..........................................................................................................................5 1.6 GPON Principle..................................................................................................................................................7 1.7 Key GPON Technologies.................................................................................................................................13 1.8 GPON Terminal Authentication and Management..........................................................................................16 1.9 Continuous-Mode ONU Detection...................................................................................................................25 1.10 GPON Network Applications.........................................................................................................................28 1.11 Glossary, Acronyms, and Abbreviations........................................................................................................29

2 P2P Optical Access......................................................................................................................30


2.1 P2P FE Optical Access.....................................................................................................................................31 2.1.1 Introduction.............................................................................................................................................31 2.1.2 Specifications...........................................................................................................................................31 2.1.3 Reference Standards and Protocols.........................................................................................................31 2.1.4 Availability..............................................................................................................................................31 2.1.5 Principle...................................................................................................................................................32 2.2 GE P2P Optical Access....................................................................................................................................33 2.2.1 Introduction.............................................................................................................................................33 2.2.2 Specifications...........................................................................................................................................36 2.2.3 Reference Standards and Protocols.........................................................................................................40 2.2.4 Availability..............................................................................................................................................40 2.2.5 Network Applications..............................................................................................................................41

3 ADSL2+ Access............................................................................................................................44
3.1 Introduction......................................................................................................................................................45 3.2 Specifications....................................................................................................................................................45 3.3 Reference..........................................................................................................................................................46 3.4 Availability.......................................................................................................................................................46 3.5 Principle............................................................................................................................................................46 Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. iv

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

Contents

3.6 Glossary, Acronyms, and Abbreviations..........................................................................................................53

4 VDSL2 Access...............................................................................................................................55
4.1 Introduction......................................................................................................................................................56 4.2 Specifications....................................................................................................................................................56 4.3 Reference Standards and Protocols..................................................................................................................57 4.4 Availability.......................................................................................................................................................57 4.5 VDSL2 Architecture.........................................................................................................................................58 4.6 Features of the VDSL2 System........................................................................................................................60 4.7 Support for Multiple Spectrum Profiles...........................................................................................................61 4.8 Flexible PSD Control Methods.........................................................................................................................63 4.9 Improvement of Line Performance...................................................................................................................66 4.10 VDSL2 Network Applications.......................................................................................................................73

5 SHDSL Access..............................................................................................................................75
5.1 ATM SHDSL Access.......................................................................................................................................76 5.1.1 Introduction.............................................................................................................................................76 5.1.2 Specifications...........................................................................................................................................76 5.1.3 Availability..............................................................................................................................................77 5.1.4 Reference.................................................................................................................................................77 5.1.5 Principle...................................................................................................................................................77 5.1.6 Acronyms and Abbreviations..................................................................................................................79 5.2 EFM SHDSL Access........................................................................................................................................79 5.2.1 Introduction.............................................................................................................................................79 5.2.2 Specifications...........................................................................................................................................80 5.2.3 Availability..............................................................................................................................................80 5.2.4 Reference.................................................................................................................................................81 5.2.5 Principle...................................................................................................................................................81 5.2.6 Glossary, Acronyms, and Abbreviations.................................................................................................83 5.3 TDM SHDSL Feature.......................................................................................................................................83 5.3.1 Introduction.............................................................................................................................................83 5.3.2 Specifications...........................................................................................................................................84 5.3.3 Reference Standards and Protocols.........................................................................................................85 5.3.4 Availability..............................................................................................................................................85 5.3.5 Principle...................................................................................................................................................86 5.3.6 Narrowband Data Private Line Service Applications..............................................................................87 5.3.7 PRA Carrying Applications.....................................................................................................................89 5.3.8 Glossary, Acronyms, and Abbreviations.................................................................................................90

6 ATM Access..................................................................................................................................92
6.1 Introduction......................................................................................................................................................93 6.2 Specifications....................................................................................................................................................94 6.3 Reference Standards and Protocols..................................................................................................................94 6.4 Availability.......................................................................................................................................................94 Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. v

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

Contents

6.5 Principle............................................................................................................................................................95

7 MPLS..............................................................................................................................................97
7.1 Overview..........................................................................................................................................................98 7.2 Reference Standards and Protocols..................................................................................................................98 7.3 Availability.....................................................................................................................................................100 7.4 MPLS..............................................................................................................................................................100 7.4.1 Introduction...........................................................................................................................................101 7.4.2 Specifications.........................................................................................................................................101 7.4.3 Principle.................................................................................................................................................102 7.5 MPLS RSVP-TE.............................................................................................................................................108 7.5.1 Introduction...........................................................................................................................................108 7.5.2 Specifications.........................................................................................................................................109 7.5.3 Principle.................................................................................................................................................109 7.6 MPLS OAM...................................................................................................................................................111 7.6.1 Introduction...........................................................................................................................................111 7.6.2 Specifications.........................................................................................................................................112 7.6.3 Principle.................................................................................................................................................112 7.7 Glossary, Acronyms, and Abbreviations........................................................................................................114

8 Layer 2 VPN................................................................................................................................120
8.1 PWE3..............................................................................................................................................................121 8.1.1 Introduction...........................................................................................................................................121 8.1.2 Specifications.........................................................................................................................................121 8.1.3 Reference Standards and Protocols.......................................................................................................123 8.1.4 Availability............................................................................................................................................123 8.1.5 Enhanced Feature..................................................................................................................................123 8.1.6 Principle.................................................................................................................................................124 8.1.6.1 Basic Principle of PWE3..............................................................................................................124 8.1.6.2 Principle of TDM PWE3..............................................................................................................130 8.1.6.3 ATM PWE3 Principle..................................................................................................................135 8.1.6.4 Principle of ETH PWE3...............................................................................................................141 8.1.6.5 Traffic Label Principle..................................................................................................................143 8.1.6.6 PW Redundancy...........................................................................................................................144 8.1.6.7 PW OAM (VCCV).......................................................................................................................145 8.1.7 Network Applications............................................................................................................................148 8.1.8 Glossary, Acronyms, and Abbreviations...............................................................................................150 8.2 Native TDM....................................................................................................................................................152 8.2.1 Introduction...........................................................................................................................................152 8.2.2 Specifications.........................................................................................................................................152 8.2.3 Reference...............................................................................................................................................152 8.2.4 Availability............................................................................................................................................153 8.2.5 Principle.................................................................................................................................................153 8.3 Glossary, Acronyms, and Abbreviations........................................................................................................155 Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. vi

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

Contents

9 Layer 2 Protocol Handling.......................................................................................................157


9.1 Overview........................................................................................................................................................158 9.2 MAC Address Management...........................................................................................................................158 9.2.1 Introduction...........................................................................................................................................158 9.2.2 Specifications.........................................................................................................................................159 9.2.3 Availability............................................................................................................................................160 9.2.4 Principle.................................................................................................................................................160 9.3 1:1 VMAC......................................................................................................................................................161 9.3.1 Introduction...........................................................................................................................................161 9.3.2 Specifications.........................................................................................................................................162 9.3.3 Availability............................................................................................................................................162 9.3.4 Feature Enhancement............................................................................................................................163 9.3.5 Principle.................................................................................................................................................163 9.3.6 Glossary, Acronyms, and Abbreviations...............................................................................................167 9.4 N:1 VMAC.....................................................................................................................................................168 9.4.1 Introduction...........................................................................................................................................168 9.4.2 Specifications.........................................................................................................................................169 9.4.3 Availability............................................................................................................................................169 9.4.4 Principle.................................................................................................................................................170 9.5 VLAN Management.......................................................................................................................................172 9.5.1 VLAN Overview...................................................................................................................................172 9.5.2 Specifications.........................................................................................................................................173 9.5.3 Reference Standards and Protocols.......................................................................................................173 9.5.4 Availability............................................................................................................................................173 9.5.5 Types of VLAN.....................................................................................................................................174 9.5.6 VLAN Attribute.....................................................................................................................................176 9.5.7 VLAN Processing..................................................................................................................................178 9.5.8 VLAN Aggregation...............................................................................................................................179 9.5.9 Special Applications of VLANs............................................................................................................180 9.6 VLAN Switching Policy.................................................................................................................................180 9.6.1 Introduction...........................................................................................................................................180 9.6.2 Specifications.........................................................................................................................................181 9.6.3 Availability............................................................................................................................................181 9.6.4 VLAN Tag Transforming of Traffic Streams........................................................................................181 9.7 Forwarding Policy..........................................................................................................................................192 9.7.1 Introduction...........................................................................................................................................192 9.7.2 Specifications.........................................................................................................................................193 9.7.3 Availability............................................................................................................................................193 9.7.4 Principle.................................................................................................................................................194 9.8 Bridging..........................................................................................................................................................195 9.8.1 Introduction...........................................................................................................................................195 9.8.2 Specifications.........................................................................................................................................196 Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. vii

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

Contents

9.8.3 Reference Standards and Protocols.......................................................................................................196 9.8.4 Availability............................................................................................................................................196 9.8.5 Principle.................................................................................................................................................197 9.9 Glossary, Acronyms, and Abbreviations........................................................................................................200

10 QoS.............................................................................................................................................202
10.1 QoS Processing.............................................................................................................................................203 10.2 Traffic Classification....................................................................................................................................204 10.2.1 Overview.............................................................................................................................................204 10.2.2 Specifications.......................................................................................................................................205 10.2.3 Availability..........................................................................................................................................207 10.2.4 Principle...............................................................................................................................................207 10.3 Priority Processing........................................................................................................................................208 10.3.1 Overview.............................................................................................................................................208 10.3.2 Specifications.......................................................................................................................................208 10.3.3 Availability..........................................................................................................................................209 10.3.4 Principle...............................................................................................................................................210 10.4 Traffic Policing.............................................................................................................................................212 10.4.1 Overview.............................................................................................................................................212 10.4.2 Specifications.......................................................................................................................................213 10.4.3 Availability..........................................................................................................................................213 10.4.4 Traffic Policing Principle....................................................................................................................213 10.4.5 DBA Principle.....................................................................................................................................216 10.5 ACL Policy...................................................................................................................................................217 10.5.1 Introduction.........................................................................................................................................218 10.5.2 Specifications.......................................................................................................................................218 10.5.3 Availability..........................................................................................................................................219 10.5.4 Principle...............................................................................................................................................220 10.6 Congestion Avoidance and Management.....................................................................................................222 10.6.1 Overview.............................................................................................................................................222 10.6.2 Specifications.......................................................................................................................................222 10.6.3 Availability..........................................................................................................................................222 10.6.4 Congestion Avoidance Principle.........................................................................................................223 10.6.5 Congestion Management Principle......................................................................................................224 10.7 HQoS............................................................................................................................................................227 10.7.1 Overview.............................................................................................................................................227 10.7.2 Specifications.......................................................................................................................................228 10.7.3 Reference Standards and Protocols.....................................................................................................228 10.7.4 Availability..........................................................................................................................................228 10.7.5 Principle of Priority-based HQoS........................................................................................................228 10.7.6 Principle of HQoS Based on CAR Group...........................................................................................230 10.8 QoS Network Application............................................................................................................................235 10.8.1 Typical QoS Application in an FTTH/P2P Network...........................................................................235 Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. viii

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

Contents

10.8.2 Typical QoS Application in an FTTB/FTTC Network.......................................................................237 10.9 Glossary, Acronyms, and Abbreviations......................................................................................................238

11 Layer 3 Features........................................................................................................................241
11.1 ARP..............................................................................................................................................................242 11.1.1 Introduction.........................................................................................................................................242 11.1.2 Specifications.......................................................................................................................................242 11.1.3 Reference Standards and Protocols.....................................................................................................242 11.1.4 Availability..........................................................................................................................................242 11.1.5 Principle...............................................................................................................................................243 11.2 ARP Proxy....................................................................................................................................................244 11.2.1 Introduction.........................................................................................................................................244 11.2.2 Specifications.......................................................................................................................................244 11.2.3 Reference Standards and Protocols.....................................................................................................244 11.2.4 Availability..........................................................................................................................................244 11.2.5 Principle...............................................................................................................................................245 11.3 DHCP Relay.................................................................................................................................................246 11.3.1 Introduction.........................................................................................................................................246 11.3.2 Specifications.......................................................................................................................................246 11.3.3 Reference Standards and Protocols.....................................................................................................247 11.3.4 Availability..........................................................................................................................................247 11.3.5 DHCPv4 Layer 2 Relay Principle.......................................................................................................248 11.3.6 DHCPv4 Layer 3 Relay Principle.......................................................................................................248 11.3.7 Networking Application......................................................................................................................249 11.4 DHCP Proxy.................................................................................................................................................250 11.4.1 Introduction.........................................................................................................................................250 11.4.2 Specifications.......................................................................................................................................251 11.4.3 Reference Standards and Protocols.....................................................................................................251 11.4.4 Availability..........................................................................................................................................251 11.4.5 Principle...............................................................................................................................................251 11.5 IP-aware Bridge............................................................................................................................................255 11.5.1 Introduction.........................................................................................................................................255 11.5.2 Specifications.......................................................................................................................................255 11.5.3 Availability..........................................................................................................................................255 11.5.4 Principle...............................................................................................................................................256 11.6 VRRP Snooping...........................................................................................................................................260 11.6.1 Introduction.........................................................................................................................................260 11.6.2 Specifications.......................................................................................................................................261 11.6.3 Reference Standards and Protocols.....................................................................................................261 11.6.4 Availability..........................................................................................................................................261 11.6.5 Principle...............................................................................................................................................262 11.6.6 Glossary, Acronyms, and Abbreviations.............................................................................................264 11.7 Routing.........................................................................................................................................................265 Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. ix

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

Contents

11.7.1 Introduction.........................................................................................................................................265 11.7.2 Reference Standards and Protocols.....................................................................................................265 11.7.3 Availability..........................................................................................................................................265 11.7.4 Specifications.......................................................................................................................................266 11.7.5 Principle...............................................................................................................................................266 11.7.6 Static Route..........................................................................................................................................271 11.7.6.1 Introduction to Static Routes......................................................................................................271 11.7.6.2 Specifications..............................................................................................................................271 11.7.6.3 References..................................................................................................................................271 11.7.6.4 Components of Static Routes.....................................................................................................271 11.7.6.5 Applications of Static Routes.....................................................................................................272 11.7.6.6 BFD for Static Routes.................................................................................................................274 11.7.6.7 Terms and Abbreviations............................................................................................................274 11.7.7 RIP.......................................................................................................................................................275 11.7.7.1 Introduction to RIP.....................................................................................................................275 11.7.7.2 Specifications..............................................................................................................................275 11.7.7.3 References..................................................................................................................................275 11.7.7.4 RIP-1...........................................................................................................................................276 11.7.7.5 RIP-2...........................................................................................................................................276 11.7.7.6 Timer..........................................................................................................................................277 11.7.7.7 Split Horizon...............................................................................................................................277 11.7.7.8 Poison Reverse...........................................................................................................................278 11.7.7.9 Triggered Update........................................................................................................................278 11.7.7.10 Route Aggregation....................................................................................................................279 11.7.7.11 Multi-process and Multi-instance.............................................................................................280 11.7.7.12 Hot Backup...............................................................................................................................280 11.7.7.13 Terms and Abbreviations..........................................................................................................280 11.7.8 IS-IS.....................................................................................................................................................281 11.7.8.1 Introduction to IS-IS...................................................................................................................281 11.7.8.2 Specifications..............................................................................................................................281 11.7.8.3 References..................................................................................................................................281 11.7.8.4 Basic Concepts of IS-IS..............................................................................................................283 11.7.8.5 IS-IS Multi-instance and Multi-process.....................................................................................300 11.7.8.6 IS-IS Route Leaking...................................................................................................................300 11.7.8.7 IS-IS Fast Convergence..............................................................................................................302 11.7.8.8 Priority-based IS-IS Convergence..............................................................................................303 11.7.8.9 IS-IS LSP Fragment Extension...................................................................................................303 11.7.8.10 IS-IS Administrative Tag..........................................................................................................306 11.7.8.11 Dynamic Hostname Exchange Mechanism..............................................................................307 11.7.8.12 IS-IS HA...................................................................................................................................308 11.7.8.13 IS-IS 3-Way Handshake...........................................................................................................309 11.7.8.14 IS-IS GR...................................................................................................................................309 Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. x

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

Contents

11.7.8.15 IS-IS Wide Metric....................................................................................................................317 11.7.8.16 BFD for IS-IS...........................................................................................................................318 11.7.8.17 IS-IS Authentication.................................................................................................................321 11.7.8.18 Terms and Abbreviations..........................................................................................................323 11.7.9 OSPF....................................................................................................................................................325 11.7.9.1 Introduction to OSPF..................................................................................................................325 11.7.9.2 Specifications..............................................................................................................................326 11.7.9.3 References..................................................................................................................................326 11.7.9.4 Fundamentals of OSPF...............................................................................................................327 11.7.9.5 OSPF GR....................................................................................................................................338 11.7.9.6 OSPF NSSA...............................................................................................................................341 11.7.9.7 BFD for OSPF............................................................................................................................342 11.7.9.8 OSPF Smart-discover.................................................................................................................344 11.7.9.9 OSPF-BGP Association..............................................................................................................344 11.7.9.10 OSPF Database Overflow.........................................................................................................345 11.7.9.11 OSPF Fast Convergence...........................................................................................................346 11.7.9.12 OSPF Mesh-Group...................................................................................................................348 11.7.9.13 Priority-based OSPF Convergence...........................................................................................350 11.7.9.14 Terms and Abbreviations..........................................................................................................350 11.7.10 BGP...................................................................................................................................................350 11.7.10.1 Introduction to BGP..................................................................................................................350 11.7.10.2 Specifications............................................................................................................................352 11.7.10.3 References................................................................................................................................352 11.7.10.4 Basic Principle of BGP.............................................................................................................353 11.7.10.5 Route Import.............................................................................................................................360 11.7.10.6 Route Aggregation....................................................................................................................360 11.7.10.7 Route Dampening.....................................................................................................................360 11.7.10.8 Community Attribute................................................................................................................361 11.7.10.9 BGP Confederation...................................................................................................................363 11.7.10.10 BGP GR..................................................................................................................................364 11.7.10.11 BGP Tracking.........................................................................................................................365 11.7.10.12 BGP Dynamic Update Peer-Groups.......................................................................................366 11.7.10.13 4-Byte AS Number.................................................................................................................368 11.7.10.14 Terms and Abbreviations........................................................................................................371 11.7.11 VRF...................................................................................................................................................372 11.7.11.1 Introduction..............................................................................................................................372 11.7.11.2 Specifications............................................................................................................................373 11.7.11.3 Principle....................................................................................................................................373 11.7.12 Routing Policies.................................................................................................................................374 11.7.12.1 Introduction to Routing Policies...............................................................................................374 11.7.12.2 References................................................................................................................................375 11.7.12.3 Basic Principle of Routing Policies..........................................................................................375 Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. xi

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

Contents

11.7.12.4 Application Environment.........................................................................................................376 11.7.12.5 BGP to IGP...............................................................................................................................377 11.7.12.6 Terms and Abbreviations..........................................................................................................378 11.7.13 ECMP................................................................................................................................................378 11.7.13.1 Introduction..............................................................................................................................378 11.7.13.2 Specifications............................................................................................................................378 11.7.13.3 Principle....................................................................................................................................379

12 IPv6.............................................................................................................................................380
12.1 Introduction to IPv6......................................................................................................................................381 12.2 Reference Standards and Protocols..............................................................................................................382 12.3 Availability...................................................................................................................................................383 12.4 Principles......................................................................................................................................................384 12.4.1 IPv6 Addresses....................................................................................................................................384 12.4.2 IPv6 Characteristics.............................................................................................................................387 12.4.3 IPv6 Packet Format.............................................................................................................................389 12.4.4 ICMPv6...............................................................................................................................................392 12.4.5 Neighbor Discovery.............................................................................................................................393 12.4.6 Path MTU............................................................................................................................................396 12.4.7 Dual Protocol Stacks...........................................................................................................................396 12.4.8 TCP6....................................................................................................................................................397 12.4.9 UDP6...................................................................................................................................................398 12.4.10 RawIP6..............................................................................................................................................398 12.5 IPv6 Features Supported by the MA5600T/MA5603T................................................................................399 12.5.1 Routing................................................................................................................................................400 12.5.2 ACLv6.................................................................................................................................................401 12.5.3 DHCPv6 Relay....................................................................................................................................403 12.5.4 MAC Address Binding........................................................................................................................405 12.5.5 Anti-IP Spoofing..................................................................................................................................406 12.5.6 DAD Proxy..........................................................................................................................................407 12.5.7 ARP/ND Proxy Response....................................................................................................................408 12.6 Application...................................................................................................................................................409 12.7 Terms and Abbreviations..............................................................................................................................410

13 Multicast....................................................................................................................................412
13.1 Introduction..................................................................................................................................................413 13.2 Specifications................................................................................................................................................413 13.3 Reference Standards and Protocols..............................................................................................................414 13.4 Availability...................................................................................................................................................415 13.5 Multicast Overview......................................................................................................................................415 13.6 Implementation Principle of Multicast.........................................................................................................420 13.6.1 Basic Managed Objects.......................................................................................................................420 13.6.2 Forwarding Framework on the Device................................................................................................422 13.6.3 IGMP Control Framework...................................................................................................................423 Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. xii

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

Contents

13.6.4 Multicast Forwarding Flow.................................................................................................................425 13.7 Advanced Multicast Technologies...............................................................................................................428 13.7.1 Multicast Service.................................................................................................................................428 13.7.2 Protocol Interoperation........................................................................................................................440 13.7.3 Network-side Interoperating Technologies.........................................................................................448 13.7.4 User-side Interoperating Technologies................................................................................................460 13.7.5 Interoperating Technologies Between Specific Ends..........................................................................466 13.8 Multicast Fault Diagnosis.............................................................................................................................470 13.9 Multicast QoS...............................................................................................................................................472 13.10 Network Application..................................................................................................................................473

14 Network Protection Features.................................................................................................474


14.1 Ethernet Link Aggregation...........................................................................................................................475 14.1.1 Introduction.........................................................................................................................................475 14.1.2 Specifications.......................................................................................................................................476 14.1.3 Reference Standards and Protocols.....................................................................................................477 14.1.4 Availability..........................................................................................................................................477 14.1.5 Feature Enhancements.........................................................................................................................479 14.1.6 Principle...............................................................................................................................................479 14.1.6.1 Introduction to LACP.................................................................................................................479 14.1.6.2 Principle of Implementing Link Aggregation............................................................................481 14.1.6.3 Principle of Implementing Inter-Board Aggregation.................................................................483 14.1.7 Network Applications..........................................................................................................................483 14.1.8 Term, Acronyms, and Abbreviations..................................................................................................488 14.2 Protection Group of Uplink Ports.................................................................................................................489 14.2.1 Introduction.........................................................................................................................................489 14.2.2 Specifications.......................................................................................................................................490 14.2.3 Availability..........................................................................................................................................490 14.2.4 Principle...............................................................................................................................................490 14.3 Smart Link and Monitor Link.......................................................................................................................492 14.3.1 Introduction.........................................................................................................................................492 14.3.2 Specifications.......................................................................................................................................492 14.3.3 Availability..........................................................................................................................................493 14.3.4 Principle...............................................................................................................................................493 14.3.4.1 Smart Link..................................................................................................................................493 14.3.4.2 Monitor Link...............................................................................................................................496 14.3.5 Network Applications..........................................................................................................................498 14.3.6 Glossary, Acronyms, and Abbreviations.............................................................................................499 14.4 MSTP............................................................................................................................................................499 14.4.1 Introduction.........................................................................................................................................500 14.4.2 Specifications.......................................................................................................................................500 14.4.3 Reference Standards and Protocols.....................................................................................................500 14.4.4 Availability..........................................................................................................................................501 Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. xiii

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

Contents

14.4.5 Principle...............................................................................................................................................501 14.5 RRPP............................................................................................................................................................505 14.5.1 Introduction.........................................................................................................................................505 14.5.2 Specifications.......................................................................................................................................506 14.5.3 Reference Standards and Protocols.....................................................................................................507 14.5.4 Availability..........................................................................................................................................507 14.5.5 Principle...............................................................................................................................................508 14.5.5.1 RRPP Network Topology...........................................................................................................508 14.5.5.2 RRPP Packet...............................................................................................................................510 14.5.5.3 RRPP Basic Principle.................................................................................................................513 14.5.5.4 Working Principle of RRPP.......................................................................................................516 14.5.6 Network Applications..........................................................................................................................518 14.5.7 Glossary, Acronyms and Abbreviations..............................................................................................520 14.6 BFD..............................................................................................................................................................521 14.6.1 Overview.............................................................................................................................................521 14.6.2 Specifications.......................................................................................................................................521 14.6.3 References...........................................................................................................................................521 14.6.4 Key Concepts.......................................................................................................................................522 14.6.5 BFD for IP...........................................................................................................................................525 14.6.6 Application Environment....................................................................................................................525 14.6.6.1 BFD for USR..............................................................................................................................525 14.6.6.2 BFD for OSPF............................................................................................................................526 14.6.6.3 BFD for IS-IS.............................................................................................................................526 14.6.7 Glossary, Acronyms, and Abbreviations.............................................................................................527 14.7 STM-1 Port Protection Switching................................................................................................................528 14.7.1 Introduction.........................................................................................................................................528 14.7.2 Specifications.......................................................................................................................................528 14.7.3 Reference Standards and Protocols.....................................................................................................529 14.7.4 Availability..........................................................................................................................................529 14.7.5 Principle...............................................................................................................................................529 14.7.6 Glossary, and Acronyms and Abbreviations.......................................................................................530 14.8 Type C Protection of GPON Lines...............................................................................................................531 14.8.1 Introduction.........................................................................................................................................531 14.8.2 Specifications.......................................................................................................................................531 14.8.3 Reference Standards and Protocols.....................................................................................................532 14.8.4 Availability..........................................................................................................................................532 14.8.5 Principle...............................................................................................................................................533 14.9 GPON Port 1+1 Backup...............................................................................................................................534 14.9.1 Introduction.........................................................................................................................................534 14.9.2 Specifications.......................................................................................................................................534 14.9.3 Reference Standards and Protocols.....................................................................................................535 14.9.4 Availability..........................................................................................................................................535 Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. xiv

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

Contents

14.9.5 Principle...............................................................................................................................................535

15 Voice Feature............................................................................................................................538
15.1 Introduction..................................................................................................................................................539 15.2 Specifications................................................................................................................................................539 15.3 Availability...................................................................................................................................................542 15.4 ISDN.............................................................................................................................................................542 15.4.1 Introduction.........................................................................................................................................543 15.4.2 Reference Standards and Protocols.....................................................................................................544 15.4.3 Basic principles....................................................................................................................................545 15.4.4 The Principles of ISDN BRA..............................................................................................................548 15.5 MGCP Voice Services..................................................................................................................................549 15.5.1 Introduction.........................................................................................................................................549 15.5.2 Reference Standards and Protocols.....................................................................................................550 15.5.3 Principle...............................................................................................................................................551 15.5.3.1 MGCP-Based VoIP....................................................................................................................551 15.5.3.2 MGCP-Based MoIP....................................................................................................................553 15.5.3.3 MGCP-Based FoIP.....................................................................................................................554 15.6 H.248 Voice Services...................................................................................................................................556 15.6.1 Introduction.........................................................................................................................................556 15.6.2 Reference Standards and Protocols.....................................................................................................557 15.6.3 Working Principle ...............................................................................................................................557 15.6.3.1 Mechanism of the H.248 Protocol..............................................................................................557 15.6.3.2 H.248-Based VoIP......................................................................................................................561 15.6.3.3 H.248-Based MoIP.....................................................................................................................563 15.6.3.4 H.248-Based FoIP......................................................................................................................563 15.7 SIP Voice Services.......................................................................................................................................563 15.7.1 Introduction.........................................................................................................................................564 15.7.2 Reference Standards and Protocols.....................................................................................................566 15.7.3 Principle...............................................................................................................................................566 15.7.3.1 SIP User Identification...............................................................................................................566 15.7.3.2 SIP Message Format...................................................................................................................567 15.7.3.3 User Registration Flow...............................................................................................................568 15.7.3.4 Call Flow of the VoIP (SIP) Calling Party.................................................................................570 15.7.3.5 Call Flow of the VoIP (SIP) Called Party..................................................................................572 15.7.3.6 Call Releasing Flow....................................................................................................................574 15.7.3.7 SIP-Based FoIP...........................................................................................................................574 15.7.3.8 SIP-Based MoIP.........................................................................................................................580 15.8 Key Voice Feature........................................................................................................................................581 15.8.1 Introduction.........................................................................................................................................582 15.8.2 Codec and Packetization Duration .....................................................................................................582 15.8.3 Echo Canceller.....................................................................................................................................583 15.8.4 Non-Linear Processor..........................................................................................................................584 Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. xv

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

Contents

15.8.5 VAD.....................................................................................................................................................585 15.8.6 Packet Loss Concealment....................................................................................................................585 15.8.7 Jitter Buffer..........................................................................................................................................586 15.8.8 Dual Tone Multi Frequency................................................................................................................586 15.8.9 Tone Playing........................................................................................................................................587 15.8.10 Voice Quality Enhancement..............................................................................................................588 15.8.11 Fax/Modem Quality Enhancement....................................................................................................588 15.8.12 RFC2833 Encryption.........................................................................................................................590 15.8.13 RTCP XR...........................................................................................................................................591 15.9 Voice Interface Feature.................................................................................................................................591 15.9.1 Introduction.........................................................................................................................................591 15.9.2 Ringing................................................................................................................................................591 15.9.3 Interface Protection..............................................................................................................................592 15.9.4 Features of the Voice Line Interface...................................................................................................593 15.10 Voice Test and Maintenance......................................................................................................................596 15.10.1 Introduction.......................................................................................................................................596 15.10.2 Loop Line Test and Circuit Test........................................................................................................596 15.10.3 Search Tone.......................................................................................................................................601 15.10.4 Signal Tone Test................................................................................................................................601 15.10.5 Call Emulation Test...........................................................................................................................602 15.10.6 RTCP Statistics..................................................................................................................................602 15.10.7 Remote Packet Capture.....................................................................................................................603 15.10.8 ToolBox.............................................................................................................................................604 15.10.9 QoS Alarm.........................................................................................................................................606 15.11 Voice Reliability.........................................................................................................................................606 15.11.1 Introduction.......................................................................................................................................606 15.11.2 Working Principle .............................................................................................................................606 15.11.2.1 H.248/MGCP Dual Homing.....................................................................................................607 15.11.2.2 H.248 Multi-homing.................................................................................................................608 15.11.2.3 Emergency Standalone.............................................................................................................611 15.11.2.4 SIP Dual Homing......................................................................................................................613 15.11.2.5 H.248/SIP over SCTP...............................................................................................................613 15.11.2.6 SIP over TCP............................................................................................................................614 15.11.2.7 Voice QoS.................................................................................................................................614

16 Device Management Security...............................................................................................618


16.1 Introduction..................................................................................................................................................620 16.2 Relevant Standards and Protocols................................................................................................................620 16.3 Availability...................................................................................................................................................621 16.4 SNMP...........................................................................................................................................................622 16.4.1 Introduction.........................................................................................................................................622 16.4.2 Specifications.......................................................................................................................................623 16.4.3 SNMP Network Management Model..................................................................................................624 Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. xvi

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

Contents

16.4.4 SNMP MIB..........................................................................................................................................625 16.4.5 SNMP SMI..........................................................................................................................................625 16.4.6 Working Principle of SNMPv1...........................................................................................................625 16.4.7 Working Principle of SNMPv2c..........................................................................................................629 16.4.8 Working Principle of SNMPv3...........................................................................................................629 16.4.9 Comparison Between SNMP Protocols in Security............................................................................630 16.5 Inband Management VPN............................................................................................................................631 16.5.1 Introduction.........................................................................................................................................632 16.5.2 Principles.............................................................................................................................................632 16.6 SSH...............................................................................................................................................................633 16.6.1 Introduction.........................................................................................................................................633 16.6.2 Specifications.......................................................................................................................................634 16.6.3 SSH Working Principle.......................................................................................................................634 16.6.4 SSH-based Encryption for Remote Management Connection............................................................635 16.6.5 SSH-based Encryption for File Transfer.............................................................................................635 16.7 User Management.........................................................................................................................................636 16.7.1 Introduction.........................................................................................................................................637 16.7.2 Specifications.......................................................................................................................................637 16.7.3 Principle...............................................................................................................................................637 16.8 Remote Connection Security........................................................................................................................638 16.8.1 Introduction.........................................................................................................................................638 16.8.2 Specifications.......................................................................................................................................638 16.8.3 Principle...............................................................................................................................................639 16.9 Log Management .........................................................................................................................................639 16.9.1 Introduction.........................................................................................................................................639 16.9.2 Principle...............................................................................................................................................639 16.10 Version and Data Management..................................................................................................................640 16.10.1 Introduction.......................................................................................................................................640 16.10.2 Specifications.....................................................................................................................................640 16.10.3 Principle.............................................................................................................................................641 16.11 Alarm and Event Management...................................................................................................................643 16.11.1 Introduction.......................................................................................................................................643 16.11.2 Specifications.....................................................................................................................................643 16.11.3 Principle.............................................................................................................................................643 16.12 Glossary, Acronyms, and Abbreviations....................................................................................................644

17 Network Security.....................................................................................................................645
17.1 Introduction..................................................................................................................................................646 17.2 Availability...................................................................................................................................................646 17.3 Anti-DoS Attack...........................................................................................................................................647 17.3.1 Introduction.........................................................................................................................................647 17.3.2 Specifications.......................................................................................................................................648 17.3.3 Principle...............................................................................................................................................648 Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. xvii

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

Contents

17.4 Anti-ICMP/IP Attack....................................................................................................................................648 17.4.1 Introduction.........................................................................................................................................648 17.4.2 Principle...............................................................................................................................................649 17.5 Source Route Filtering..................................................................................................................................649 17.5.1 Introduction.........................................................................................................................................649 17.5.2 Principle...............................................................................................................................................649 17.6 MAC Address Filtering................................................................................................................................649 17.6.1 Introduction.........................................................................................................................................650 17.6.2 Specifications.......................................................................................................................................650 17.6.3 Principle...............................................................................................................................................650 17.7 Firewall Blacklist..........................................................................................................................................650 17.7.1 Introduction.........................................................................................................................................650 17.7.2 Specifications.......................................................................................................................................651 17.7.3 Principle...............................................................................................................................................651 17.8 Configuration of Acceptable or Refused Address Segments.......................................................................651 17.8.1 Introduction.........................................................................................................................................651 17.8.2 Specifications.......................................................................................................................................652 17.8.3 Principle...............................................................................................................................................652 17.9 Service Overload Control.............................................................................................................................652 17.9.1 Introduction.........................................................................................................................................652 17.9.2 Availability..........................................................................................................................................653 17.9.3 Principle...............................................................................................................................................653 17.10 Acronyms and Abbreviations.....................................................................................................................658

18 Application Security...............................................................................................................659
18.1 Introduction..................................................................................................................................................661 18.2 Relevant Standards and Protocols................................................................................................................661 18.3 Availability...................................................................................................................................................662 18.4 HWTACACS................................................................................................................................................664 18.4.1 Introduction.........................................................................................................................................664 18.4.2 Specifications.......................................................................................................................................664 18.4.3 Principle...............................................................................................................................................665 18.5 RAIO............................................................................................................................................................667 18.5.1 Introduction.........................................................................................................................................667 18.5.2 Specifications.......................................................................................................................................668 18.5.3 Principle...............................................................................................................................................668 18.6 PITP..............................................................................................................................................................676 18.6.1 Introduction.........................................................................................................................................676 18.6.2 Specifications.......................................................................................................................................677 18.6.3 Principle...............................................................................................................................................677 18.7 DHCP option82............................................................................................................................................679 18.7.1 Introduction.........................................................................................................................................679 18.7.2 Specifications.......................................................................................................................................680 Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. xviii

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

Contents

18.7.3 Principle...............................................................................................................................................680 18.8 802.1X..........................................................................................................................................................682 18.8.1 Introduction.........................................................................................................................................682 18.8.2 Specifications.......................................................................................................................................682 18.8.3 Principle...............................................................................................................................................683 18.9 Anti MAC Spoofing.....................................................................................................................................684 18.9.1 Introduction.........................................................................................................................................685 18.9.2 Specifications.......................................................................................................................................685 18.9.3 Impact of MAC Spoofing....................................................................................................................686 18.9.4 MAC Address Binding........................................................................................................................686 18.9.5 Anti MAC Duplicate...........................................................................................................................687 18.10 Anti-IP Spoofing.........................................................................................................................................687 18.10.1 Introduction.......................................................................................................................................687 18.10.2 Specifications.....................................................................................................................................688 18.10.3 Principle.............................................................................................................................................688 18.11 User Isolation..............................................................................................................................................689 18.11.1 Introduction.......................................................................................................................................689 18.11.2 Specifications.....................................................................................................................................689 18.11.3 Principle.............................................................................................................................................689 18.12 Line Security of the GPON System............................................................................................................690 18.12.1 Introduction.......................................................................................................................................690 18.12.2 Specifications.....................................................................................................................................690 18.12.3 Principle.............................................................................................................................................690 18.13 Glossary, Acronyms, and Abbreviations....................................................................................................691

19 Line Optimization and Line Test.........................................................................................692


19.1 Line Optimization.........................................................................................................................................693 19.1.1 Introduction.........................................................................................................................................693 19.1.2 Specifications.......................................................................................................................................693 19.1.3 Reference.............................................................................................................................................694 19.1.4 Availability..........................................................................................................................................694 19.1.5 Principle...............................................................................................................................................695 19.1.6 Glossary, Acronyms, and Abbreviations.............................................................................................696 19.2 SELT Test.....................................................................................................................................................697 19.2.1 Introduction.........................................................................................................................................697 19.2.2 Specifications.......................................................................................................................................697 19.2.3 Availability..........................................................................................................................................698 19.2.4 Principle...............................................................................................................................................698 19.3 MELT...........................................................................................................................................................699 19.3.1 Introduction.........................................................................................................................................699 19.3.2 Specifications.......................................................................................................................................700 19.3.3 Availability..........................................................................................................................................701 19.3.4 Principle...............................................................................................................................................701 Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. xix

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

Contents

20 Operation and Maintenance..................................................................................................703


20.1 Introduction..................................................................................................................................................704 20.2 Reference Standards and Protocols..............................................................................................................704 20.3 Remote Operation.........................................................................................................................................704 20.3.1 Introduction.........................................................................................................................................704 20.3.2 Principle...............................................................................................................................................705 20.4 Ring Check...................................................................................................................................................705 20.4.1 Introduction.........................................................................................................................................705 20.4.2 Specifications.......................................................................................................................................706 20.4.3 Availability..........................................................................................................................................706 20.4.4 Principle...............................................................................................................................................706 20.5 ANCP............................................................................................................................................................709 20.5.1 Introduction.........................................................................................................................................709 20.5.2 Specifications.......................................................................................................................................709 20.5.3 Reference Standards and Protocols.....................................................................................................710 20.5.4 Availability..........................................................................................................................................710 20.5.5 Principle...............................................................................................................................................711 20.5.6 Glossary, Acronyms, and Abbreviations.............................................................................................720 20.6 Environment Monitoring..............................................................................................................................720 20.6.1 Introduction.........................................................................................................................................720 20.6.2 Specifications.......................................................................................................................................721 20.6.3 Availability..........................................................................................................................................721 20.6.4 Principle...............................................................................................................................................721 20.7 Power Saving and Maintenance...................................................................................................................724 20.7.1 Overview of the Power Saving and Maintenance Feature...................................................................724 20.7.2 Power Saving.......................................................................................................................................724 20.7.2.1 Introduction................................................................................................................................724 20.7.2.2 Availability.................................................................................................................................725 20.7.2.3 Principle......................................................................................................................................725 20.7.3 Maintenance.........................................................................................................................................728 20.7.3.1 Introduction................................................................................................................................729 20.7.3.2 Principle......................................................................................................................................729 20.7.4 Glossary...............................................................................................................................................730 20.8 ONT DHCP Simulation................................................................................................................................730 20.8.1 Introduction.........................................................................................................................................731 20.8.2 Specifications.......................................................................................................................................732 20.8.3 Reference Standards and Protocols.....................................................................................................732 20.8.4 Availability..........................................................................................................................................732 20.8.5 Principle...............................................................................................................................................734

21 Ethernet OAM..........................................................................................................................736
21.1 Introduction..................................................................................................................................................737 21.2 Reference Standards and Protocols..............................................................................................................737 Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. xx

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

Contents

21.3 Ethernet CFM OAM.....................................................................................................................................737 21.3.1 Introduction.........................................................................................................................................737 21.3.2 Specifications.......................................................................................................................................738 21.3.3 Availability..........................................................................................................................................739 21.3.4 Principle...............................................................................................................................................741 21.4 Ethernet EFM OAM.....................................................................................................................................745 21.4.1 Introduction.........................................................................................................................................745 21.4.2 Availability..........................................................................................................................................747 21.4.3 Principle...............................................................................................................................................747 21.5 Glossary, Acronyms, and Abbreviations......................................................................................................750

22 Redundancy Backup of the Control Boards.......................................................................753


22.1 Introduction..................................................................................................................................................754 22.2 Specifications................................................................................................................................................754 22.3 Availability...................................................................................................................................................754 22.4 Principle........................................................................................................................................................754

23 Clock Feature............................................................................................................................756
23.1 NTP...............................................................................................................................................................757 23.1.1 Introduction.........................................................................................................................................757 23.1.2 Specifications.......................................................................................................................................757 23.1.3 Reference Standards and Protocols.....................................................................................................757 23.1.4 Availability..........................................................................................................................................758 23.1.5 Principle...............................................................................................................................................758 23.2 Clock and Time System................................................................................................................................759 23.2.1 Introduction.........................................................................................................................................759 23.2.2 Specifications.......................................................................................................................................760 23.2.3 Reference Standards and Protocols.....................................................................................................761 23.2.4 Availability..........................................................................................................................................763 23.2.5 Enhancement.......................................................................................................................................763 23.2.6 Principle of the Clock and Time System.............................................................................................763 23.2.6.1 Clock/Time Synchronization Source..........................................................................................764 23.2.6.2 Configuring the System Phase-Locked Loop.............................................................................765 23.2.6.3 Clock/Time Output.....................................................................................................................765 23.2.6.4 Working Principle of Clock........................................................................................................767 23.2.7 Scenarios of Clock/Time Synchronization..........................................................................................768 23.2.7.1 Applications of Clock Output.....................................................................................................768 23.2.7.2 Clock Synchronization of the Native TDM Service...................................................................769 23.2.7.3 SAToP Clock Synchronization...................................................................................................772 23.2.7.4 Clock Synchronization of the Synchronization Ethernet Service...............................................776 23.2.8 Glossary, Acronyms, and Abbreviations.............................................................................................778

24 The Feature of LAN Interface Boards..................................................................................781


24.1 ETHB Board Feature....................................................................................................................................782 Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. xxi

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

Contents

24.1.1 Introduction.........................................................................................................................................782 24.1.2 Specifications.......................................................................................................................................783 24.1.3 Reference Standards and Protocols.....................................................................................................783 24.1.4 Availability..........................................................................................................................................783 24.1.5 Principle...............................................................................................................................................784 24.2 SPUA............................................................................................................................................................786 24.2.1 Introduction.........................................................................................................................................786 24.2.2 Specifications.......................................................................................................................................787 24.2.3 Principle...............................................................................................................................................788 24.3 GIU Board Feature.......................................................................................................................................792 24.3.1 Introduction.........................................................................................................................................792 24.3.2 Specifications.......................................................................................................................................792 24.3.3 Reference Standards and Protocols.....................................................................................................792 24.3.4 Availability..........................................................................................................................................793 24.3.5 Principle...............................................................................................................................................793 24.3.6 Glossary, Acronyms, and Abbreviations.............................................................................................800

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

xxii

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

1 GPON

1
About This Chapter
1.1 Introduction 1.2 Specifications 1.3 Reference Standards and Protocols 1.4 Availability 1.5 Overview of the GPON System 1.6 GPON Principle 1.7 Key GPON Technologies 1.8 GPON Terminal Authentication and Management

GPON

Gigabit passive optical network (GPON) is one of the PON technologies. A GPON-capable device supports high-bandwidth transmission. GPON effectively solves the bandwidth bottleneck problem in the twisted-pair access and meets users demands on high-bandwidth services.

1.9 Continuous-Mode ONU Detection The GPON system supports detection of a continuous-mode ONU to ensure that the GPON system runs properly and does not get into disorder because of the continuous-mode ONU. 1.10 GPON Network Applications 1.11 Glossary, Acronyms, and Abbreviations

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

1 GPON

1.1 Introduction
Definition
xPON is a type of point to multi-point (P2MP) passive optical network (PON). The gigabitcapable passive optical network (GPON) is standardized by the ITU-T Recommendations G. 984.x. It supports the upstream rate of 1.25 Gbit/s and downstream rate of 2.5 Gbit/s. A typical PON system consists of: l l l Optical line terminal (OLT) Optical network unit (ONU) Optical distribution network (ODN)

The ODN connects the OLT to the ONU.

Purpose
GPON adopts the passive optical transmission technology and is mainly applicable to such scenarios as fiber to the home (FTTH), fiber to the building (FTTB), fiber to the office (FTTO), and fiber to the mobility base station (FTTM) to provide various services: l l l l l Voice Data Video Leased line Distributed service

GPON supports high-bandwidth transmission. This helps break the bandwidth bottleneck of the access over twisted pairs and achieve bandwidth-eating services, such as high-definition TV (HDTV) and live programs. In addition, GPON supports long-reach access, which helps extend the coverage and reduce network nodes.

1.2 Specifications
The specifications of the GPON boards and ports are as follows: l The system supports the service shelf to be fully configured with the GPBC/GPBD board (every GPBC board supports four GPON ports and every GPBD board supports eight GPON ports). Every GPBC/GPBD supports up to 8K service streams. Every GPON port on GPBC supports up to 64 ONUs. Every GPON port on GPBD supports up to 128 ONUs. The system supports up to 8,192 ONUs. The GPON port supports maximum downstream and upstream rates of 2.5 Gbit/s and 1.25 Gbit/s respectively.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 2

l l l l l

Issue 01 (2011-10-30)

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

1 GPON

l l l l

The system supports a maximum physical transmission distance of 20 km and a maximum logical transmission distance of 60 km. The GPON board supports the query of the CPU usage. The system supports the query of the alarm information about a PON port on the GPON board through the CLI. The system supports five types of power budget for the GPON port: CLASS A,CLASS B,CLASS B+,CLASS C, and CLASS C+. CLASS B+ is in most common use and CLASS C+ is used in some long-distance transmission scenarios. CLASS B+ achieves the optical power budget of 28.5 dB, slightly smaller than that of CLASS C+ (up to 32 dB).

The system supports the following GEM port and T-CONT specifications: l l l l The system supports the GEM encapsulation. Every GPON port supports up to 4096 GEM ports and the maximum number of GEM ports supported in the system is 32K. The system supports up to 512 DBA profiles and 32K T-CONTs. The system supports the loop line detection for the remote GEM port and the line detection for the ONT UNI port. The system can automatically allocate GEM port IDs.

The system supports the following GPON terminal management specifications: l l l l l l l l l l l l l l l l l Supports activating/deactivating ONU. Supports resetting ONU. Supports automatically issuing the configuration of the ONUs that go online again. Supports obtaining the version information about ONUs. Supports displaying the status of the physical ports of ONUs. Supports monitoring the optical fiber receive and transmit power of ONUs. Supports reporting the alarms of ONUs. Supports displaying the information about the optical transceiver of the ONT. Supports time synchronization between the ONT and the OLT through the extended OMCI. Supports enabling/disabling the BPDU transparent transmission function for an ONT or an Ethernet port of an ONT. Supports VLAN and priority switching for a port of an ONT. Supports VLAN switching for upstream IGMP packets of an ONT. Supports configurable ONT queue scheduling modes. Supports setting the multicast snooping mode for an ONT. Supports enabling/disabling the MAC address learning function for an ONT through the extended OMCI. Supports the standard OMCI protocol defined by the ITU-T and also the GPON interoperability standard defined by China Telecom. Supports loopback on the ETH port and the E1 port of the ONU.

The system supports the following GPON QoS specifications:


H805GPBD, H802GPBD, H802EPBC, H802EPBD and H805EPBD support ONU-based CAR. (H805GPBD supports ONU-based CAR by ONU-based traffic shaping.)
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 3

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

1 GPON

1.3 Reference Standards and Protocols


GPON technical standards are researched by Full Service Access Networks (FSAN) and officially released by ITU-T. FSAN is established in 1995 in response to the initiatives of seven major network carriers, and aims to propose an optical access solution and formulate standards associated with the optical access equipment, so that the standard-compliant equipment can provide the voice, data, and video services. GPON standards mainly include: l l ITU-T G.984.1: General Characteristics. This protocol mainly describes the basic features and major protection modes of GPON. ITU-T G.984.2: Physical Media Dependent (PMD) Layer Specification. This protocol mainly describes the PMD layer parameters, including physical parameters (such as the transmit optical power, receiver sensitivity, and overload optical power) of optical transceivers, and also defines optical budget of different levels, for example, the most common Class B+. ITU-T G.984.3: Transmission Convergence Layer Specification. This protocol mainly describes the TC layer specifications, including the upstream and downstream frame structures and GPON principle. ITU-T G.984.4: ONT Management And Control Interface Specification. This protocol mainly describes the GPON management and maintenance protocols, such as OAM, PLOAM, and OMCI. ITU-T G.984.5: Enhancement Band. This protocol mainly describes the GPON wavelength planning, including reserving bands for next-generation PON. ITU-T G.984.6: Reach Extension. This protocol mainly describes several long reach PON schemes for extending GPON transmission distance. TR-156: Using GPON Access in the context of TR-101.

l l l

1.4 Availability
License Support
The number of remote ONT ports supported by the MA5600T/MA5603T is licensed. Therefore, the corresponding service is also licensed.

Version Support
Table 1-1 Version Support Product MA5600T/ MA5603T Version V800R006C02 and later versions

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

1 GPON

Hardware Support
l l Boards supporting this feature are GPBC and GPBD. The terminals must support GPON upstream transmission.

1.5 Overview of the GPON System


Introduction to the PON System
PON is the short form for passive optical network. It adopts a point-to-multipoint (P2MP) network architecture. A PON network consists of three parts: the optical line terminal (OLT), optical distribution network (ODN), and optical network units (ONUs). l l l The OLT is an aggregation device located at the central office (CO) for terminating the PON protocol. ONUs are located on the user side, providing various types of ports for connecting to user terminals. The OLT and ONUs are connected through a passive ODN for communication. The ODN is composed of passive optical components such as optical fibers, and one or more passive optical splitters. The ODN provides optical channels between the OLT and ONUs. It interconnects the OLT and ONUs and is highly reliable.

Figure 1-1 shows the architecture of a PON network. A PON network differs from the traditional broadband access network in that PON transmits data using optical fibers. Also, a PON network can connect a large number of access users, requires less optical fiber resources, and supports a high access rate. Figure 1-1 PON network
Passive Optical Network ONU

Passive Optical Splitter

OLT

Passive Optical Splitter

Mainstream PON technologies include broadband passive optical network (BPON), Ethernet passive optical network (EPON), and gigabit passive optical network (GPON). Adopting the ATM encapsulation mode, BPON is mainly used for carrying ATM services. With the obsolescence of the ATM technology, BPON also drops out. EPON is an Ethernet passive optical network technology. GPON is a gigabit passive optical network technology and is to date the most widely used mainstream optical access technology.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 5

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

1 GPON

Introduction to the GPON System


GPON is a PON technology. GPON supports an upstream rate of 1.25 Gbit/s and downstream access rate of 2.5 Gbit/s, and also supports ultra-long transmission with a maximum physical reach of 20 km and maximum logical reach of 60 km. At the same time, GPON supports a 1:64 split ratio, which can be extended to 1:128 and enables GPON to support a large number of users and cover a wide area. Figure 1-2 shows the working principle of the GPON network. Figure 1-2 Working principle of the GPON network

1490nm

ODN OLT 1310nm ONU/ONT

In the GPON network, the OLT is connected to the optical splitter through a single optical fiber, and the optical splitter is then connected to ONUs. Different wavelengths are adopted in the upstream and downstream directions for transmitting data. The upstream wavelength is 1310 nm and downstream wavelength is 1490 nm. The GPON adopts WDM to transmit data of different upstream/downstream wavelengths over the same ODN. Data is broadcast in the downstream direction and transmitted in the TDMA mode (based on timeslots) in the upstream direction. All data is broadcast to all ONUs from the OLT. The ONUs then select and receive their respective data and discard the other data. Figure 1-3 shows the details. Figure 1-3 Downstream communication principle of GPON

1 ONU1 2 ONU2 3

3 2 1

3 2 1
1

Splitter OLT

3 ONU3

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

1 GPON

In the upstream direction, each ONU can send data to the OLT only in the timeslot permitted and allocated by the OLT. This ensures that each ONU sends data in a given sequence, thus avoiding upstream data conflicts. Figure 1-4 shows the details. Figure 1-4 Upstream communication principle of GPON

1 ONU1 2 ONU2 3 ONU3 2


3

Splitter OLT

1.6 GPON Principle


Basic GPON Concepts
In the GPON system, a GPON encapsulation mode (GEM) frame is the smallest service-carrying unit and the most basic encapsulation structure. All service streams are encapsulated into the GEM frame and transmitted over GPON lines. The service streams are identified by GEM ports and every GEM port is identified by a unique Port-ID. The Port-ID is globally allocated by the OLT. That is, the ONUs connected to the OLT cannot use GEM ports that have the same PortID. The GEM port is used to identify the virtual service channel that carries the service stream between the OLT and the ONU. It is similar to the VPI/VCI of the ATM virtual connection. T-CONT: a service carrier in the upstream direction in the GPON system. All GEM ports are mapped to T-CONTs. Then, service streams are transmitted upstream by means of the OLT's DBA scheduling. T-CONT is the basic control unit of the upstream service stream in the GPON system. Every T-CONT is identified by Alloc-ID. The Alloc-ID is globally allocated by the OLT. That is, every T-CONT can be used by only one ONU connected to the OLT. There are five types of T-CONT; therefore, T-CONT selection varies during the scheduling of different types of upstream service streams. Every T-CONT bandwidth type has its own quality of service (QoS) feature. QoS is mainly represented by the bandwidth guarantee, which can be classified as fixed, assured, non-assured, best-effort, and hybrid mode (corresponding to type 1type 5 in Table 1-2).

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

1 GPON

Table 1-2 T-CONT types Bandwidth Type Fixed Bandwidth Assured Bandwidth Maximum Bandwidth T-CONT Type Type 1 X No Z=X Type 2 No Y Z=Y Type 3 No Y Z>Y Type 4 No No Z Type 5 X Y ZX+Y

NOTE

In Table 1-2, X indicates the fixed bandwidth value, Y the assured bandwidth value, and Z the maximum bandwidth value.

Figure 1-5 shows the principle of service multiplexing in the GPON system. On ONUs, all service streams are mapped to different GEM ports and then to different types of T-CONTs for upstream transmission (the T-CONT is the basic carrier in the upstream direction over GPON lines). On the OLT, the T-CONT demodulates GEM ports therein and sends them to the GPON MAC chip. The MAC chip demodulates service streams in the GEM port payload and then sends them to a proper service processing unit for processing. In the downstream direction, all service streams are encapsulated by the GPON service processing unit into GEM ports and then GEM ports are broadcast to all ONUs connected to the GPON port. Then, every ONU filters data according to GEM port ID, reserving the GEM port corresponding to itself. After that, every ONU decapsulates service streams from the GEM port and sends them to the user-side equipment through the service interface of the ONU. Figure 1-5 Principle of service multiplexing in the GPON system

ONU GEM port T-CONT

OLT

GEM port T-CONT

Figure 1-6 and Figure 1-7 shows the mapping between service stream, GEM port, and T-CONT. The GEM port is the smallest service unit in the GPON system. Every GEM port can carry one
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 8

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

1 GPON

or more types of service stream. The GEM port, after carrying service streams, must be mapped to a T-CONT before upstream service scheduling. Every ONU supports multiple T-CONTs and can be configured with different service types. A T-CONT can be bound with one or more GEM ports, depending on the user's configuration. On the OLT, GEM ports are demodulated from the T-CONT and then service streams are demodulated from the GEM port payload for further processing. Figure 1-6 GPON service mapping relationship (Downstream)

Port Port Port Port Port PON OLT Port Port Port Port Port

GEM Port filter

ONU

GEM Port filter


GEM Port filter

ONU

ONU

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

1 GPON

Figure 1-7 GPON service mapping relationship (Upstream)


Port T-CONT ONU T-CONT PON Port ONU T-CONT Port Port Port Port Port Port

ONU

T-CONT

Port

Identified by ONU-ID

Identified by Alloc -ID

Identified by Port-ID

GPON Frame Structure


Figure 1-8 shows the GPON frame structure. The GPON downstream frame is invariably 125 s long and it comprises Physical Control Block downstream (PCBd) and Payload. PCBd mainly consists of the GTC header and the upstream bandwidth map (BWmap). The GTC header is mainly used for performing frame delimitation, clock synchronization, and FEC. The BWmap is mainly used for notifying every ONU of its upstream bandwidth allocation, thereby determining the start and end timeslots of the T-CONT corresponding to every ONU in the upstream transmission process. In this way, all ONUs send data according to timeslots uniformly specified by the OLT and data collision is avoided. In the upstream direction, service scheduling is performed in the TDMA mode according to T-CONT. All ONUs connected to a GPON port share the upstream bandwidth and send their data upstream at their own timeslots according to the BWmap requirements. At the same time, every ONU reports its status of data to be sent to the OLT through the upstream frame. Then, the OLT uses DBA to allocate upstream timeslots to ONUs and sends updates in every frame.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

10

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

1 GPON

Figure 1-8 GPON frame structure


Downstream framing 125 s Physical Control Block Downstream (PCBd) Upstream Bandwidth Map ONU AllodID 257 Start 100 End 200 AllodID 258 Start 300 End 500 OLT Payload

T-CONT1 (ONT 1) Slot 100 PLOu PLOAMu Slot 200 PLSu DBRu Slot 300

T-CONT 2 (ONT 2) Slot 500 Payload y

Payload x DBRu Y

Upstream framing

NOTE

l PLOu: Physical Layer Overhead upstream l PLOAM: Physical Layer OAM l PLOAMu: PLOAM upstream l PLSu: Power Levelling Sequence upstream l DBRu: Dynamic Bandwidth Report upstream l The current application is: l GPBC: Alloc-ID = T-CONT ID x 256 + ONU ID l GPBD: When T-CONT ID < 8, Alloc-ID = T-CONT ID x 256 + ONU ID. When T-CONT ID 8, Alloc-IDs are assigned automatically from the first idle Alloc-ID.

The lengths of the upstream frame and downstream frame at each GPON rate are the same. Every upstream frame contains the content carried by one or more T-CONTs. The BWmap in each downstream frame identifies the start time and end time of each T-CONT transmission. An ONU must send a PLOu each time before the ONU receives the media access right to PON from another ONU. If an ONU is allocated two consecutive Alloc-IDs (the end time of one is smaller by 1 than the start time of the other), the ONU must not send the PLOu of the second Alloc-ID. The payload of an upstream frame may contain three types of content: the ATM cell, the GEM frame, and the DBA report. Figure 1-9 shows the GPON upstream frame structure.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

11

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

1 GPON

Figure 1-9 GPON upstream frame structure


Upstream Frame

PLOu

PLO DB DB PLSu Payload X Payload Y AMu RuX RuY

PLOu

DB Payload Z RuZ

ONU A

ONU B

The GPON upstream frame consists of the PLOu, PLOAMu, PLSu, DBRu, and Payload fields and the meanings of these fields are described as follows: l l PLOu: physical control header, mainly used for frame delimitation, synchronization, and indication of which ONU the current frame targets at. PLOAMu: PLOAM message of upstream data, mainly used for reporting management information such as ONU maintenance and management status. (Not every frame has such a field. This field may not be sent but needs to be negotiated.) PLSu: Power Levelling Sequence upstream. It is a 120-byte field and is used for power control measurements by the ONU. DBRu: mainly used for reporting the T-CONT status for applying for bandwidth and completing dynamic bandwidth allocation for ONUs next time. (Not every frame has such a field. This field may not be sent but needs to be negotiated.) Payload: DBA status report or data frame. The data frame may be GEM header or frame. GEM header: mainly used for differentiating data of different GEM ports. The GEM port is the smallest unit for data transmission in the GPON system, which is similar to the PVC of ATM. Every type of upstream service stream must be mapped to the GEM port and then to the T-CONT for transmission. The GEM header field consists of PLI, Port ID, PTI, and HEC. PLI: Indicates the length of data payload. Port ID: Uniquely identifies a GEM port. PTI: Identifies the payload type. It is mainly used for identifying the status and type of data that is being transmitted (for example, whether the OAM message is being transmitted and whether data transmission is complete). HEC: Provides the FEC function and transmission quality. GPON supports a downstream transmission rate of 2.488 Gbit/s, a frame length of 38880 bytes, and a frequency of one frame every 125 s, as shown in Figure 1-10 and Figure 1-11.

l l

l l

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

12

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

1 GPON

Figure 1-10 GPON downstream frame structure

PCBd n

Payload

PCBd n+1

Payload

n+1

PCBd n+2

125us

"Pure" ATM cells Section N * 53 bytes

TDM & Data Fragments over GEM Section

Figure 1-11 PCBd structure


PCBd Payload

PSync 4 bytes

Ident 4 byte

PLOAMd 13 bytes

BIP PLend PLend 1 byte 4 bytes 4 bytes

US BW Map N*8bytes

Coverage of this BIP

Coverage of next BIP

The OLT broadcasts PCBd to all ONUs. Every ONU receives the entire PCBd and then acts upon the relevant information contained therein. A PCBd contains information such as frame synchronization information, physical layer OAM information, and BIP check field. US BWMap (upstream bandwidth map) is the upstream transmission bandwidth map sent to each T-CONT by the OLT. The bandwidth map is transmitted through the US BW Map field in the PCBd of the downstream frame. In this way, MAC control is implemented. GPON uses TDM for the upstream transmission. Therefore, when multiple ONUs transmit data upstream concurrently, transmission conflicts occur. The avoidance mechanism for such a conflict is that the OLT sends a notification through the downstream frame, informing each ONU of its corresponding timeslot for upstream transmission.

1.7 Key GPON Technologies


Key GPON technologies include the burst optical/electrical technology, ranging, forward error correction (FEC), line encryption, and dynamic bandwidth allocation (DBA).

Burst Optical/Electrical Technology


The GPON system is a point to multi-point (P2PM) network. A GPON port on the OLT side can connect to 64 ONUs through optical splitters. In the GPON system, all data is broadcast
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 13

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

1 GPON

downstream to ONUs. This requires not only OLT-side optical transceivers to send optical signals continuously but ONU-side optical transceivers to receive optical signals continuously. In the upstream direction, the GPON system uses the time division multiple access (TDMA) technology. That is, every ONU sends data at its own allocated timeslot and disables its optical transceiver (that is, stop sending optical signals) at timeslots allocated to other ONUs, thereby avoiding affecting other ONUs. The OLT then receives the upstream data of every ONU in a burst manner according to timeslots. Hence, to ensure the normal running of the GPON system, OLT-side optical transceivers must support the burst receiving of upstream data sent by ONUs, and ONU-side optical transceivers are able to send data upstream in a burst manner.

Ranging
Generally, ranging is enabled when an ONU is registered for the first time. In a GPON system, TDMA is adopted when multiple ONUs send data to an OLT. That is, only one ONU under a PON port can send data to the OLT at a time; otherwise, data collisions occur. To avoid such collisions, the logical distance between each ONU and the OLT must be measured to calculate the equalization delay (EqD) of each ONU so that the time for ONUs to send data is controlled by the OLT. By ranging, the OLT obtains the RTD of each ONU and then calculates their EqDs to ensure that Teqd = RTD + EqD for each ONU. Teqd is short for the equalized round trip delay, which is preset in the system and is equal to or larger than the RTD of the logically farthest ONU. Each ONU delays the upstream data transmission, in reference to the downstream phase, based on the value of the assigned EqD. This is to avoid the collisions between the upstream data of different ONUs. Figure 1-12 shows the ranging method. Figure 1-12 GPON ranging

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

14

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

1 GPON

l l l

Pre-assigned EqD: default EqD preset on an ONU Zero-distance equalization delay: Teqd preset in the system Assigned equalization delay: EqD when an ONU functions properly

FEC
Forward error correction (FEC) is mainly used for improving the transmission quality of a line. FEC uses RS (255, 239), performing an FEC encoding of all downstream packets every 255 bytes. This ensures the correctness of data received by the ONUs. By using the FEC algorithm at the transport layer, the GPON system achieves the reduced bit error rate (from 10-3 to 10-12) of line transmission, avoids data retransmission, and improves the optical power budget by 2-3 dB. Upstream FEC and downstream FEC are supported in the GPON system.

Line Encryption
In the GPON system, downstream data is broadcast to all ONUs. As a result, downstream data destined for certain ONUs or all ONUs may be intercepted by illegal users. At the same time, the GPON system is uniquely and highly data-directional. Therefore, almost every ONU cannot intercept the upstream data of other ONUs, thus allowing some private information (such as key) to be safely transmitted in the upstream direction. The GPON system uses the line encryption technology to solve the security issues. l Encryption system The GPON system uses AES128 encryption for line security control, thereby effectively preventing security issues such as data embezzlement. In the AES128 encryption system, the OLT supports key exchange and switchover. l Key exchange The key exchange is initiated by the OLT. The OLT does so by sending a key exchange request. The ONU responds by generating and sending the key to the OLT. Because the PLOAM (Physical Layer OAM) message is limited in length, the key is sent in two parts. The two parts of the key are sent three times repeatedly. If the OLT has not received the key for any of the three times, it will re-send the key exchange request until it receives the same key all three times the key is sent. When the OLT receives a new key, it starts the key switching. The OLT notifies the ONU by sending a command containing the frame number of the new key. This command will be sent for three times. As long as the ONU receives the command once, it will switch the check key on proper data frames.

DBA
In the GPON system, the OLT controls an ONU's upstream data traffic by sending authorization signals to the ONU. PON requires an effective TDMA mechanism to control the upstream traffic, so that data packets from multiple ONUs do not collide when packets are transmitted upstream. Nevertheless, the collision-based mechanism requires QoS management in an optical distribution network (ODN), a passive network. This is physically impossible, or causes severe efficiency decrease. Due to the above-mentioned reason, a mechanism for management of the upstream GPON traffic has been a primary focus in standardization of GPON traffic management. It drives the development of the ITU-TG.983.4 Recommendation, which defines the dynamic bandwidth allocation (DBA) protocol for management of the upstream PON traffic. Figure 1-13 shows the DBA principle. The GPON system controls the upstream traffic by allocating data authorization to each transmission container (T-CONT) inside the ONU. The OLT needs to know the traffic status of a T-CONT to determine the authorized amount to be
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 15

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

1 GPON

allocated to the T-CONT. By using the DBRu field or the Payload field in the upstream frame, the ONUs report their data statuses to the OLT. After receiving ONUs' data statuses, the OLT uses DBA to periodically update the upstream BWmap information according to the status of ONU data waiting to be sent and notifies all ONUs of the updates through the downstream frame. Thus, every ONU can dynamically adjust its upstream bandwidth according to the actual data traffic to be sent, thereby improving the utilization of upstream bandwidth. Figure 1-13 DBA principle
ONU DBA report Control plane BW Map T-CONT DBA algorithm logic OLT

Time slot

Data plane

Scheduler

1.8 GPON Terminal Authentication and Management


GPON Terminal Authentication
GPON terminal authentication is a mechanism in which an OLT authenticates an ONU according to the authentication information reported by the ONU and in this way denies access to unauthorized ONUs. In the GPON system, only authenticated ONUs can access the system. Implementing authentication meets the carriers' requirements for flexible management and easy maintenance. ONUs to be authenticated can be classified into two types: ONUs (automatically discovered ONUs) that are not preconfigured on the OLT and ONUs that are preconfigured on the OLT. Figure 1-14 shows the authentication process of an ONU that is not preconfigured.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

16

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

1 GPON

Figure 1-14 Authentication process of an ONU that is not preconfigured

ONU DS Frame with valid Psync

OLT O1: Initial state Upstream_Overhead PLOAM SN _Request(BWMap) O2: Standby state

Serial_Number_ONU PLOAM The OLT assigns a temporary ONU ID when the SN is not Assign ONU_ID configured on the OLT. O3: Serial number state

Ranging request Ranging response O4: Ranging state

Ranging time

Request password

Password The OLT sends a deregister message to the ONU when the password is not configured on the OLT and automatic discovery is not enabled on the PON port. O5: Operation state

The ONU returns to the O2 state.

As shown in the preceding figure, after receiving downstream traffic following its power-on, the ONU responds to the SN request message sent from the OLT. The OLT, upon receiving the SN from the ONU, finds that the SN is not configured and assigns a temporary ONU ID to the ONU. After the ONU enters the operation state, the OLT sends a password request message to the ONU. The ONU then responds with a password. When finding that the password is not configured on the OLT and that the automatic discovery function is not enabled on the PON port
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 17

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

1 GPON

to which the ONU is connected, the OLT sends a deregister message to the ONU. Upon receiving this message, the ONU sends a register request message to the OLT. A preconfigured ONU can be authenticated in five modes: SN, SN+password, password, logical ONU ID (LOID), and LOID+CheckCode (CC). l SN authentication In SN authentication, the OLT matches only the ONU SN. Figure 1-15 shows the process of SN authentication. Figure 1-15 SN authentication

ONU DS Frame with valid Psync

OLT

O1: Initial state Upstream_Overhead PLOAM SN _Request(BWMap) O2: Standby state

Serial_Number_ONU PLOAM

SN is matched. Assign ONU_ID

O3: Serial number state

Ranging request Ranging response O4: Ranging state

Ranging time

Normal-state ONU

Normal-state OLT

After receiving the SN response message from the ONU, the OLT checks whether an ONU with the same SN is already online. If yes, the OLT reports an SN conflict alarm to the CLI or NMS. If no, the OLT directly assigns the user-defined ONU ID to the ONU.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 18

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

1 GPON

After the ONU enters the operation state, the OLT does not send a password request message to this ONU. Instead, the OLT directly configures a GEM port for the ONU for carrying OMCI messages, and allows the ONU to go online. The GEM port can be automatically configured by the OLT so that the OMCI-carrying GEM port has the same ID as the ONU ID. In addition, the OLT reports an ONU online alarm to the CLI or NMS. l SN+password authentication In SN+password authentication, the OLT matches both the ONU SN and password. Figure 1-16 shows the process of SN+password authentication.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

19

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

1 GPON

Figure 1-16 SN+password authentication

ONU DS Frame with valid Psync

OLT O1: Initial state Upstream_Overhead PLOAM SN _Request(BWMap) O2: Standby state

Serial_Number_ONU PLOAM O3: Serial number state SN is matched.

Assign ONU_ID

Ranging request Ranging response O4: Ranging state

Ranging time

Request password Password Password is matched. Normal-state ONU Normal-state OLT O5: Operation state

After receiving the SN response message from the ONU, the OLT checks whether an ONU with the same SN is already online. If yes, the OLT reports an SN conflict alarm to the CLI or NMS. If no, the OLT directly assigns the user-defined ONU ID to the ONU. After the ONU enters the operation state, the OLT sends a password request message to the ONU, and compares the password reported by the ONU with the password configured on the OLT. If the passwords are the same, the OLT checks whether an ONU
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 20

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

1 GPON

authenticated by the same SN+password is already online. If yes, the OLT reports a password conflict alarm to the CLI or NMS. If no, the OLT directly configures a GEM port for the ONU for carrying OMCI messages, and allows the ONU to go online. In addition, the OLT reports an ONU online alarm to the CLI or NMS. If the passwords are different, the OLT does not report an ONU automatic discovery message even if the ONU automatic discovery function is enabled on the PON port to which this ONU is connected. Instead, the OLT sends a Deactivate_ONU-ID PLOAM message to deregister the ONU. l Password authentication Password authentication includes two modes: always-on and once-on. An ONU that uses password authentication is added to a PON port on an OLT in advance, and then this ONU is connected to the PON port. In once-on mode, the aging-time is configurable, ranging from 1 hour to 168 hours. After the aging-time is set, the ONU must register with the OLT and go online within the preset aging time. Otherwise, the ONU is not allowed to register with the OLT or go online. Once the ONU is authenticated, its SN cannot be modified. In once-on mode, only the initial authentication of an ONU is by password, as shown in Figure 1-17. In subsequent authentications, the ONU is authenticated by SN or SN+password according to the CLI configuration, as shown in Figure 1-15 or Figure 1-16. Once-on mode is applied in the following scenario: The carrier allocates a password to the user, and the user must go online within the specified time. After going online, the user cannot change the ONU. To change the ONU, the user must notify the carrier of this requirement.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

21

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

1 GPON

Figure 1-17 Initial ONU authentication in once-on mode

ONU DS Frame with valid Psync

OLT O1: Initial state Upstream_Overhead PLOAM SN _Request(BWMap) O2: Standby state

Serial_Number_ONU PLOAM For the ONU that goes online for the first time, the OLT records the ONU SN. Assign ONU_ID Ranging request Ranging response O4: Ranging state O3: Serial number state

Ranging time

Request password Password Password is matched. Normal-state ONU Normal-state OLT

O5: Operation state

In always-on mode, there is no restriction on the time when the user goes online. An ONU is authenticated by password when it goes online for the first time. After the ONU passes the password authentication and goes online successfully, the OLT generates an SN+password entry according to the SN and password of the ONU. If it is not the first time that an ONU goes online, and if the SN and password of the ONU are the same as the SN and password of the ONU that successfully goes online for the first time, the ONU is authenticated by SN+password. If the user needs to replace the ONU with an ONU that has the same password but a different SN, the ONU after the replacement will be authenticated by password. After this ONU passes authentication and goes online
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 22

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

1 GPON

successfully, the original SN+password entry is updated. Therefore, in the always-on mode, the ONU can go online at any time if its password is correct. Figure 1-18 shows the process of ONU authentication in always-on mode. The always-on mode is applied in the following scenario: The carrier allocates a password to the user, and the user can use different ONUs with different SNs, as long as the user uses the same password. As such, the user can change the ONU without informing the carrier. Figure 1-18 ONU authentication in always-on mode

ONU DS Frame with valid Psync

OLT O1: Initial state Upstream_Overhead PLOAM SN _Request(BWMap) O2: Standby state

Serial_Number_ONU PLOAM Assign ONU_ID Ranging request Ranging response

O3: Serial number state

O4: Ranging state

Ranging time

Request password Password Password is matched. Normal-state ONU Normal-state OLT O5: Operation state

In password authentication, if finding that the SN or password of the ONU to be authenticated conflicts with that of an online ONU, the OLT deregisters the ONU to be authenticated. This does not affect the online ONU. In once-on mode, before the registration of the ONU times out or before the ONU successfully registers with the OLT for the first time, the ONU discovery status is
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 23

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

1 GPON

ON (only the ONU whose discovery status is ON is allowed to register with the OLT and go online). After the registration of the ONU times out or after the ONU successfully registers with the OLT for the first time, the OLT sets the discovery status of the ONU to OFF. The ONU whose registration times out is not allowed to register with the OLT or go online. In this case, the registration timeout flag of the ONU needs to be reset at the central office (CO), and then the ONU can go online. An ONU that successfully registers for the first time is allowed to register and go online again. l LOID+CC authentication LOID+CC authentication is defined by the CTC2.1 standard of China Telecom. In this authentication mode, LOID has 24 bytes, and CC has 12 bytes and is optional. Based on this authentication mode, China Telecom defines a new GPON OMCI entity for GPON LOID+CC authentication. Figure 1-19 shows the process of GPON LOID+CC authentication. Figure 1-19 GPON LOID+CC authentication
OSS LOID (24) CC (12)

NMS

LOID (24)

CC (12)

OLT

LOID (24)

CC (12)

OMCI: last 10 bytes of the LOID


PW (10)

OMCI: (LOID,CC)

LOID (24)

CC (12)

GPON ONT (Password authentication)

GPON ONT (LOID authentication)

In GPON LOID+CC authentication: 1. The OLT obtains LOID+CC (configured on the ONT web page) of an ONT and matches the information against related information on the OLT. If the information is matched, the ONT passes the authentication. If the information is not matched, the OLT obtains the password of the ONT and compares it with the last 10 bytes of the LOID. If the information is matched, the ONT passes the authentication.

2.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

24

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description


NOTE

1 GPON

l In data planning, ensure that the last 10 bytes of different LOIDs are not duplicated. l LOID authentication and rogue ONU detection are mutually exclusive. The two functions cannot be enabled at the same time. l If the LOID input is shorter than 24 bytes or CC shorter than 12 bytes, the system automatically appends ASCII character NUL (0x00 in hexadecimal notation) at the end of the LOID or CC. l If LOID authentication is not available on the ONT web page, use the last 10 bytes of the LOID as the GPON password and input this value on the password authentication web page for authentication.

GPON Terminal Management


The ONUs in a GPON system are managed through physical layer OAM (PLOAM) messages and OMCI messages. PLOAM messages are mainly used for communicating the management and maintenance information, such as the DBA information and DBRu information, at the GPON physical layer and TC layer. OMCI messages are mainly used for managing and maintaining the service layer, such as discovering the hardware capability of equipment, maintaining various alarm information, and configuring service capabilities. OMCI messages fully comply with the ITU-T G.984.4 Recommendations.
NOTE

The PLOAM protocol is defined in ITU-T G.984.3 and is used for maintenance and management at the physical layer. OMCI is a master-slave management protocol. The OLT is the master device and the ONU is the slave device. The OLT controls multiple downstream ONUs through OMCI channels.

1.9 Continuous-Mode ONU Detection


The GPON system supports detection of a continuous-mode ONU to ensure that the GPON system runs properly and does not get into disorder because of the continuous-mode ONU.

Introduction
The continuous-mode ONU detection is a feature for detecting and isolating ONUs that send optical signals in timeslots other than specified. This feature is also called rogue ONU detection. GPON uses time division multiplexing (TDM) mechanism in the upstream direction. Every ONU sends data upstream to the OLT at its own timeslot allocated by the OLT. If an ONU sends optical signals at other ONUs' timeslots, the optical signals of the ONU will conflict with those sent by other ONUs. As a result, communication of a certain other ONU or all the ONUs is affected. Such an ONU that sends optical signals upstream not at its allocated timeslot is called a rogue ONU. There are many types of rogue ONUs. Based on the time of optical signal transmission, rogue ONUs can be classified as: l l Continuous-mode ONUs: ONUs transmitting optical signals continuously. After spotting a continuous-mode ONU, the OLT issues an instruction to isolate this ONU. Irregular-mode ONUs: ONUs transmitting optical signals in a period other than specified, such as at a premature time or in a prolonged period.

Currently, the OLT detects only continuous-mode ONUs.


Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 25

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

1 GPON

Continuous-Mode ONU Detection Procedure


OLT detection consists of two parts: 1. The OLT detects a rogue ONU and then isolates the ONU to ensure the normal services of other ONUs. 2. The OLT reports information about the faulty ONU to the NMS and through the NMS the OAM personnel can rectify the faulty ONU in time. Figure 1-20 shows the procedure for the OLT's detecting a rogue ONU. Figure 1-20 OLT's detecting a rogue ONU

OLT starts checking for continuous-mode ONU

OLT periodically opens the window to check GPON signals

Is any optical signal received? Yes OLT enables the continuousmode ONU detection function OLT checks ONUs one by one

No

OLT deletes the error alarm

Is the check completed?

No

Yes OLT identifies the faulty ONU

1.

The OLT opens a blank window in the GPON upstream direction every fifteen minutes to detect upstream optical signals sent by ONUs. At this moment, the OLT starts the rogue ONU detection process if still receiving upstream optical signals. If the OLT does not receive any upstream optical signals, it indicates that no rogue ONU exists in the system or that the previously reported alarm is an error.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 26

Issue 01 (2011-10-30)

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

1 GPON

2.

In the rogue ONU detection process, the OLT broadcasts messages to all the ONUs connected to a PON port to disable the optical transceivers of the ONUs, that is, to instruct them not to send upstream optical signals. Then, the OLT opens a window to detect upstream optical signals again. If the OLT still receives upstream optical signals sent by ONUs, it indicates that a third-party ONU is connected to the PON port and that this ONU does not respond to the instruction issued by the OLT. In this case, the OLT enters the special processing state and clears the alarm. If the OLT does not receive any upstream optical signals, it starts to check the ONUs one by one. The OLT issues proper commands to the ONUs, instructing their optical transceivers to send upstream optical signals one by one. In this way, the OLT checks whether it can receive upstream optical signals and whether the other ONUs go offline after an ONU starts to send optical signals. If the other ONUs all go offline after an ONU starts to send optical signals, it indicates that the ONU is a continuous-mode ONU, that is, a rogue ONU. Continuousmode ONU detection is performed on all the ONUs connected to the PON port. This ensures that all rogue ONUs are searched out. After spotting a rogue ONU, the OLT issues proper commands to disable the optical transceiver of the ONU so that the ONU does not send upstream optical signals. If the optical transceiver of an ONU is disabled by the OLT, the ONU cannot send upstream optical signal permanently (even after the ONU is reset or is restarted after power-off) until the OLT issues proper commands to enable the ONU to resume sending upstream optical signals. This mechanism ensures rogue ONUs are isolated thoroughly. Troubleshoot the faulty ONU.
NOTE

3.

4.

5.

If the ONU nearest to the PON port of the OLT is working in the continuous mode, the other ONUs connected to the PON port will go offline. If an ONU relatively far away from the PON port of the OLT is working in the continuous mode, the other ONUs that have slightly weaker optical signal strength than the ONU will go offline.

Limitations and Restrictions


1. The OLT checks and analyzes the abnormality in the sending of upstream optical signal over a PON line, and identifies and isolates rogue ONUs of only non-malicious users. This feature does not apply to the intentionally sabotaged ONU or sub-standard ONU. 2. To detect whether a continuous-mode ONU exists over a PON line, the ONU may not support the extended PLOAM message defined by Huawei. In this case, the continuous-mode ONU can only be detected but cannot be located. 3. To detect a specific continuous-mode ONU connected to a PON port, all the ONUs connected to the PON port must support the extended PLOAM message defined by Huawei and their optical transceivers can be enabled or disabled. 4. When an unconfigured ONU connected to a PON port is working in the continuous mode, all the other unconfigured ONUs connected to the PON port cannot be automatically discovered. 5. A continuous-mode ONU (rogue ONU) must be able to parse and correctly respond to the downstream PLOAM message.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

27

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

1 GPON

1.10 GPON Network Applications


FTTx Network Applications
By adopting GPON, the OLT and ONUs (or ONTs) can implement various FTTx network applications such as FTTH, FTTO, FTTB, FTTC, and FTTM, as shown in Figure 1-21. Figure 1-21 FTTx network applications
FTTM BTS E1 FE/GE Node B ONU Multicast-Server GE/10GE iManager U2000

E1/POTS FTTO PBX FE/GE ONU SDH/Metro Splitter OLT STM-1/E1 Enterprise HQ NGN/IMS

Enterprise Router

FTTB/FTTC

ONU FTTH E1/GE

ONT

GPON Protection
In GPON applications, Type B can be implemented, as shown in Figure 1-22.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

28

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

1 GPON

Figure 1-22 Type B protection

ONU1 Optical splitter

Backbone optical fiber protection

OLT

ONU2

Active Standby

Type B protection protects different PON ports of the same OLT.

1.11 Glossary, Acronyms, and Abbreviations


Glossary
Term Rogue ONU Explanation An ONU that sends optical signals continuously or irregularly in timeslots other than specified.

Acronyms and Abbreviations


Acronym/Abbreviation OLT ONT ONU ODN Full Spelling Optical line terminal Optical network terminal Optical network unit Optical distribution network

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

29

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

2 P2P Optical Access

2
About This Chapter

P2P Optical Access

Point-to-point (P2P) optical access means the point-to-point FTTx access based on the combination between its P2P optical access board and the ONUs. 2.1 P2P FE Optical Access Point-to-point (P2P) Ethernet optical access refers to the P2P FTTH access provided by the P2P Ethernet optical access board and the ONT, which meets the requirements for the application of the next generation access device under the integration of video, voice, and data services. 2.2 GE P2P Optical Access The OPGD, OPFA, SPUA, and ETHB boards supports P2P optical access. Among these boards, the OPFA implements FE optical access, and the OPGD, SPUA, and ETHB boards implement GE optical access. In the following, description will focus on the applications of the OPGD board.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

30

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

2 P2P Optical Access

2.1 P2P FE Optical Access


Point-to-point (P2P) Ethernet optical access refers to the P2P FTTH access provided by the P2P Ethernet optical access board and the ONT, which meets the requirements for the application of the next generation access device under the integration of video, voice, and data services.

2.1.1 Introduction
Definition
Point-to-point (P2P) FE optical access means the point-to-point FTTH access provided by the MA5600T/MA5603T based on the combination between its P2P FE optical access board and the ONTs.

Purpose
P2P FE optical access solution provides P2P FTTH access services. It is especially suitable for the residential neighborhoods with fiber to the home, and can provide the bandwidth of 100 Mbit/s to satisfy the users' requirements for the next generation access equipment which integrates video, voice, and data services.

2.1.2 Specifications
The MA5600T/MA5603T supports the following P2P FE optical access specifications: l l l l l Every OPFA board supports up to 16 100 Mbit/s FE optical ports. MA5600T: A service subrack can be configured with up to 16 OPFA boards, providing up to 256 FE optical ports. MA5603T: A service subrack can be configured with up to 6 OPFA boards, providing up to 96 FE optical ports. Every port supports up to eight traffic streams. Supports the function of synchronizing Ethernet packets.

2.1.3 Reference Standards and Protocols


For the standards compliance of the P2P FE optical access feature, see "Standards Compliance" in the MA5600T/MA5603T Product Description.

2.1.4 Availability
License Support
The feature of P2P FE optical access is the basic feature of the MA5600T/MA5603T. Therefore, no license is required for accessing the corresponding service.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 31

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

2 P2P Optical Access

Version Support
Table 2-1 Version Support Product MA5600T/ MA5603T Version V800R006C02 and later

Feature Dependency
A GE optical port cannot be used for P2P FE optical access.

Hardware Support
The OPFA board and the FE ONTs need to support the feature of P2P FE optical access.

2.1.5 Principle
Figure 2-1 shows the implementation of the P2P FE optical access. Figure 2-1 Implementation of P2P FE optical access

OLT SCU

OPFA

......

OPFA

FE P2P ONT STB

Phone

PC

IPTV

The upstream packets sent from the user end are processed as follows: 1. After modulation on the ONT, the upstream packets are sent to the OPFA board of the MA5600T/MA5603T through a fiber.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 32

Issue 01 (2011-10-30)

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

2 P2P Optical Access

2.

The OPFA board processes the upstream packets according to the user's configuration, and then sends the processed packets to the control board of the MA5600T/MA5603T through the backplane bus. After receiving the packets, the control board forwards the packets to the upper layer network through the upstream port.

3.

The downstream packets sent from the network end are processed as follows: 1. 2. 3. The downstream packets from the upper layer network reach the control board of the MA5600T/MA5603T through the upstream port. The control board forwards the packets to the OPFA interface board through the backplane bus according to the learning results during the upstream forwarding. The OPFA board processes the downstream packets, and sends the processed packets to the user end.

2.2 GE P2P Optical Access


The OPGD, OPFA, SPUA, and ETHB boards supports P2P optical access. Among these boards, the OPFA implements FE optical access, and the OPGD, SPUA, and ETHB boards implement GE optical access. In the following, description will focus on the applications of the OPGD board.

2.2.1 Introduction
Definition
GE point-to-point (P2P) Ethernet optical access is a mode in which P2P Ethernet optical access boards provide GE ports and coordinate with downstream devices to implement various optical access solutions for users. The solutions include FTTC/FTTB, FTTH, FTTO, and FTTM. The OPGD board is a new GE P2P optical access board developed for V800R008 and is mainly used for FTTH household user access and for DSLAM convergence. The OPGD board also supports FTTM (mobile bearing) and FTTO (enterprise users).

Purpose
P2P optical access boards prior to OPGD include OPFA, ETHB, and SPUA. The following table lists the ports provided and scenarios supported by each board. Compared with other P2P optical access boards, the OPGD board features more advantages for the access and the subtending scenarios.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

33

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

2 P2P Optical Access

Board OPFA

Port 16 FE optical ports

Application Scenario It can be directly connected to home user terminal (ONT) only and does not support subtending or upstream transmission. It is connected to the ONT to implement FTTH and provides a 100 Mbit/s bandwidth to each household.

OPGD

48 GE optical ports

It supports the access and subtending scenarios and does not support upstream transmission. l In the access scenario, it is connected to the ONT to implement FTTH and provides a 1000 Mbit/s bandwidth to each household. l In the subtending scenario, it is connected to the DSLAM, CBU, or SBU to implement FTTC/ FTTB, FTTO, or FTTM respectively.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

34

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

2 P2P Optical Access

Board ETHB

Port 8 GE optical/electrical ports

Application Scenario It supports subtending and upstream transmission, but cannot be directly connected to home user terminal. l In the subtending scenario, it is connected to the DSLAM to implement FTTC/FTTB. Through the convergence by the DSLAM, each GE port can provide services for a large number of users. l In the upstream transmission scenario, the ETHB board functions as a GIU upstream interface board. It extends the number of upstream ports in the system to increase the total upstream bandwidth of the system.

SPUA

8 GE optical ports+2 10GE optical ports

It supports subtending and upstream transmission, but cannot be directly connected to home user terminal. l In the subtending scenario, it is connected to the DSLAM to implement FTTC/FTTB. Through the convergence by the DSLAM, each GE port can provide services for a large number of users. l In the upstream transmission scenario, it provides a high upstream forwarding bandwidth. It implements upstream link backup by inter-board aggregation and interboard protect group.

The OPGD board provides GE P2P Ethernet optical access for more flexible FTTx solutions at higher bandwidth, lower costs, and higher reliability.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

35

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

2 P2P Optical Access

Higher bandwidth. Traditional FE P2P optical access provides only a 100 Mbit/s transmission rate, but GE P2P optical access allows for 1000 Mbit/s. The FTTH solution implemented through GE P2P optical access can provide a higher bandwidth for users, thus meeting the requirements of high-end users. Lower costs. Compared with SPUA and ETHB, which are capable of both upstream transmission and subtending, the OPGD board is specially designed for subtending and access scenarios. The OPGD board provides 48 GE ports, so it can be subtended to more DSLAMs and hence reduces the costs of FTTC/FTTB networking. Higher reliability. The OPGD board allows a higher reliability in the DSLAM subtending scenario through features such as inter-board aggregation, smart link, and ring check. More flexible scenarios. The OPGD board coordinates with a variety of downstream devices (such as the DSLAM, ONT, SBU, and CBU) to implement FTTC/FTTB, FTTH, FTTO, and FTTM. An MA5600T/MA5603T configured with the OPGD board can not only be directly connected to access terminals but also subtend DSLAMs in order to converge a large number of users.

l l

Benefit
Benefits to carriers One MA5600T/MA5603T can support multi-access such as GPON, xDSL, and P2P. Such an All-in-one solution reduces the equipment CAPEX as well as OPEX for carriers. Benefits to users Because the OPGD board can provide high-density GE ports for subtending DSLAMs, which converge massive users, lower costs are needed for providing end-to-end service guarantee for VIP household and enterprise users. In residential communities where optical fibers are already deployed, a 1000 Mbit/s bandwidth can be provided for high-end users exclusively, meeting the user needs for HD video, voice, and data integrated services.

2.2.2 Specifications
The OPGD board supports two application scenarios: access and subtending. l l l In the access scenario, the OPGD board is connected to the ONU to implement FTTH. In the subtending scenario, the OPGD board is connected to the DSLAM, CBU, or SBU to implement FTTC/FTTB, FTTO, or FTTM respectively. The two application scenarios cannot be implemented on the same OPGD board at the same time but can be implemented on different OPGD boards at the same time on the same OLT. To be specific, FTTH and other FTTx services such as FTTC cannot run on the same OPGD board at the same time, but FTTC/FTTB, FTTO, and FTTM services can run on the same OPGD board at the same time. FTTH and other FTTx services such as FTTC can run in the same OLT system at the same time. The scenarios can be switched by running the network-role command. By default, the OPGD board in the system runs in the access scenario.

The OPGD board supports different functions when running in the access scenario and subtending scenario. l l
Issue 01 (2011-10-30)

Functions Supported Only in the Access Scenario Functions Supported Only in the Subtending Scenario
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 36

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

2 P2P Optical Access

Functions Supported in Both Scenarios

Functions Supported Only in the Access Scenario


The OPGD board supports IPoE, PPPoE, DHCP, and 802.1x user authentication modes. Detailed specifications are as follows: l l l l In the IPoE mode, a static IP address is directly specified for a user, and user packets are IPoE-encapsulated and sent to the access network. In the PPPoE mode, the OPGD board supports the PPPoE+ protocol, single-MAC mode, and multi-MAC mode. In the DHCP mode, the OPGD board supports Layer 2 forwarding, Layer 3 forwarding, DHCP proxy, and DHCP option 82. In the 802.1x mode, the OPGD board supports re-authentication, keep-alive handshake, quiet period, RFC 4014, EAP trunk and termination, 802.1x packet statistics collection, user traffic real-time statistics measurement, and RADIUS real-time accounting. The OPGD board supports logging of the last 1000 going online/offline events of DHCP and PPPoE users. The 1000 log entries can be shared systemwide.

The OPGD board supports flow bundle. The OPGD board supports the following security features: l l l l l l l l l Anti-DoS attack. The OPGD board limits the number of upstream protocol packets from users based on port to prevent users from attacking the network by DoS. Anti-MAC spoofing. The OPGD board limits the number of MAC addresses that a user can change within a short time. MAC address filter. The OPGD board limits the user packets carrying specified MAC addresses. VMAC. The OPGD board replaces untrustable user MAC addresses with trusted ones by means of 1:1 VMAC or N:1 VMAC. Anti-IP spoofing. The OPGD board limits the number of IP addresses that a user can change within a short time. IP address filter. The OPGD board permits or denies a user the access to the device according to the user IP address. Anti-ICMP attack. The OPGD board prevents users from attacking the network with ICMP packets. Anti-IP attack. The OPGD board prevents users from attacking the network with IP packets. IP binding based on stream. The OPGD board supports 2K service streams for IP binding.

Functions Supported Only in the Subtending Scenario


The OPGD board supports the following network protection features: l Supports aggregation of the OPGD boards in adjacent slots according to the following rules: On the MA5600T, the ID of the slot for a service board starts from 1. Therefore, two OPGD boards in slots 1-2, 3-4, or 5-6, ... can be aggregated. On the MA5603T, the ID of the slot for a service board starts from 0. Therefore, two OPGD boards in slots 0-1, 2-3, or 4-5, ... can be aggregated.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 37

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

2 P2P Optical Access

l l l l l l l

Supports aggregation groups. Multiple user ports can be added to an aggregation group. Each OPGD board supports up to 48 aggregation groups. Supports inter-board aggregation. User ports on aggregated OPGD boards can be added to the same aggregation group. Supports static LACP. Supports protect group, and supports inter-board protect group (including 1:1 protect group) for the ports on boards of the same type. Supports STP and MSTP. Supports ring check. This feature prevents broadcast packets from generating a storm in a ring network. Supports smart link and monitor link.

Supports synchronous Ethernet clock; does not support IEEE1588 V2 recovered clock. Supports transparent transmission of protocol packets. Supports transparent transmission of QinQ-encapsulated upstream and downstream user packets. Supports transparent transmission of the following protocol packets when the packets are not QinQ-encapsulated: BPDU, OSPF, RIP, VTP-CDP, ARP, IGMP, VBAS, PPPoE+, BGP, NTP, PIM, MPLS, ETHOAM, and LDP. Supports the following types of traffic streams on the multicast subtending port: l l Port+VLAN traffic streams Port+SVLAN+CVLAN traffic streams
NOTE

Other types of traffic stream cannot ensure normal multicast services on a subtending port.

Supports forwarding of dual-tagged multicast packets in the subtending scenario.

Functions Supported in Both Scenarios


NOTE

The following functions are supported in both the access and the subtending scenarios. Unless specified otherwise, the same function has the same specifications in both scenarios.

Each OPGD board supports 48 GE optical ports, providing 48 one-fiber bidirectional 1GE physical links or 24 two-fiber bidirectional 1GE physical links. Ports are numbered in different manners in the one-fiber mode and in the two-fiber mode. For details on the numbering methods, see "OPGD Board" in the Hardware Description. The OPGD board supports smart SFP optical modules. The OPGD board supports the IPoE, PPPoE, and 2000-byte super-long frame encapsulation formats for interface data, and does not support the IPoA, PPPoA, or over-2000-byte jumboframe encapsulation formats. The OPGD board supports the following specifications for the traffic classification feature. l l l
Issue 01 (2011-10-30)

Based on port. Classification parameter: port. Based on port and CVLAN. Classification parameters: port+VLAN. Based on port, CVLAN, and VLAN priority. Classification parameters: port+VLAN+PRI.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 38

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

2 P2P Optical Access

l l l

Based on port and packet type. Classification parameters: port+ETHERTYPE. Based on port, CVLAN, and packet type. Classification parameters: port+VLAN +ETHERTYPE. Based on port, SVLAN, and CVLAN. Classification parameters: port+SVLAN+CVLAN.

The OPGD board supports the following VLAN specifications. l Supports VLAN transforming based on service stream, transforming modes including: Transparent (C <-->C). The VLAN tag of a packet is not transformed; that is, the VLAN tag is transparently transmitted. Translate (C <--> S). The CVLAN tag of a packet is fixedly translated into an SVLAN tag. Translate-and-add (C <--> S+C'). The CVLAN tag of a packet is translated, and an SVLAN tag is added to the packet. Translate-double (S+C <--> S'+C'). Both the SVLAN and CVLAN of a packet are translated. Add (U <-->S; C <--> S+C). A VLAN tag is added to a packet in a mandatory manner. Add-double (U <--> S+C). Two VLAN tags are added to a packet in a mandatory manner. Translate-and-delete (S+C <--> C'). The CVLAN of a packet is translated and the SVLAN of the packet is deleted. l Supports the following VLAN forwarding modes: VLAN+MAC: Identifies the target port according to the SVLAN and DMAC of a packet. SVLAN+CVLAN: Identifies the target port according to the SVLAN and CVLAN of a packet.
NOTE

The VLAN+MAC and SVLAN+CVLAN forwarding modes take effect only on switch-oriented service streams. In the case of connection-oriented service streams, the target egress port is identified according to the stream information. For details on the implement principle, see 24.2.3 Principle.

l l

Supports inner tag check on downstream broadcast packets. Supports configuration of bridging based on VLAN. The bridging between user ports of the OPGD board is implemented through the control board. Users of the OPGD board cannot be bridged directly. Supports an isolation switch for configuring the isolation status of the ports on the OPGD board. By default, the ports are isolated from each other. The isolated ports cannot be bridged directly.

Supports the following QoS functions: l CAR specifications: Supports single rate three color marker (srTCM) and two rate three color marker (trTCM). Colors packets according to CAR results. Supports stream-based CAR and port+CoS-based CAR (only in the access scenario). l
Issue 01 (2011-10-30)

Supports color-based early drop.


Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 39

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

2 P2P Optical Access

l l l l

Supports PQ, WRR, and PQ+WRR queue scheduling; supports eight queues one each user port. Supports line rate (only in the subtending scenario) to implement rate limitation on egress port and ingress port. Supports IP traffic profile and inner and outer priority mapping. Supports queue shaping (only in the access scenario).

Supports the following ACL functions: l l Supports basic ACL, advanced ACL, link ACL, and user-defined ACL. Supports rate limitation, priority adjustment and statistics collection, and traffic suppression on broadcast, unknown multicast, and unknown unicast packets.

Supports the following multicast functions: l l l l Supports IGMP v2 and v3. Supports IGMP proxy and IGMP snooping. Supports distributed multicast. Supports configuration of the processing method (discard or forward) for upstream/ downstream unknown multicast packets.

Supports 802.1ag and 802.3ah Ethernet OAM.

2.2.3 Reference Standards and Protocols


The following lists the reference standards and protocols of the OPGD board: l l l l l IEEE 802.3z: 1000Base-SX and 1000Base-LX GE standard IEEE 802.1p: Layer 2 service priority QoS and CoS standard IEEE 802.1d: standard of MAC bridges IEEE 802.1q: VLAN definition standard IEEE 802.3x: standard of flow control in full duplex

2.2.4 Availability
Relevant NE
Implementing GE P2P Ethernet optical access requires the coordination between the OLT and ONUs. ONUs include ONT, DSLAM, CBU, and SBU.

License Support
GE P2P optical access is a basic feature of the MA5600T/MA5603T. Therefore, the corresponding service is provided without a license.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

40

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

2 P2P Optical Access

Version Support
Table 2-2 Version Support Product MA5600T/ MA5603T U2000 Version V800R008C01 and later versions V100R002C01

Hardware Support
The ONU must support upstream transmission through GE.

2.2.5 Network Applications


Figure 2-2 shows the FTTx network application in the GE P2P Ethernet optical access mode. Figure 2-2 Network application in the GE P2P Ethernet optical access mode
IPTV server

MG Softswitch

NMS

BRAS LAN switch

FTTH ONT STB

GE

OLT

GE Phone PC IPTV

GE GE DSLAM xDSL CBU E1

SBU Laptop

LAN switch

Modem

STB

Phone

PC FTTO

PC

Phone

PC

IPTV

Laptop

Mobile

FTTC/FTTB

FTTM Fiber

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

41

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

2 P2P Optical Access

To meet the requirements of different scenarios, the OLT works with ONUs of various types to implement network applications in multiple optical access modes, such as FTTC/FTTB, FTTH, FTTO, and FTTM. The FTTx network applications in GE P2P Ethernet optical access have the following in common: The data, voice, and video signals of terminal users are sent to ONUs, where the signals are converted into Ethernet packets and then transmitted over optical fibers to the OLT through the GE upstream ports of the ONUs. Then, the Ethernet packets are forwarded to the upper-layer IP network through the upstream port of the OLT. The differences of the FTTx network applications in GE P2P Ethernet optical access are as follows: l FTTH: The OLT is connected to the ONUs at user premises through GE P2P Ethernet optical access. In this way, gigabit bandwidth is exclusively provided to each household. FTTH is applicable to new apartments or villas in loose distribution. In this scenario, FTTH provides services of higher bandwidth for high-end users. FTTB/FTTC: The OLT is connected to DSLAMs in corridors (FTTB) or by the curb (FTTC) through GE P2P Ethernet optical access. The DSLAMs are then connected to user terminals through xDSL. With the aggregation provided by the DSLAMs, one port on the OPGD board can be connected to a large number of users. FTTB/FTTC is applicable to densely-populated residential communities or office buildings. In this scenario, FTTB/ FTTC provides services of certain bandwidth for common users. FTTO: The OLT is connected to enterprise SBUs through GE P2P Ethernet optical access. The SBUs are connected to user terminals through FE, POTS, or Wi-Fi. QinQ VLAN encapsulation is implemented on the SBUs and the OLT. In this way, transparent and secure data channels can be set up between the enterprise private networks located at different places, and thus the service data and BPDUs between the enterprise private networks can be transparently transmitted over the public network. FTTO is applicable to enterprise networks. In this scenario, FTTO implements TDM PBX, IP PBX, and private line service in the enterprise intranets. FTTM: The OLT is connected to CBUs through GE P2P Ethernet optical access. The CBUs are then connected to wireless base stations through E1. The OLT connects wireless base stations to the core IP bearer network through optical access technologies. This implementation mode is not only simpler than traditional SDH/ATM private line technologies, but also drives down the costs of base station backhaul. FTTM is applicable to reconstruring and capacity expansion of mobile bearer networks. In this scenario, FTTM converges the fixed network and the mobile network on the bearer plane.

Network Protection
FTTC/FTTB, FTTO, and FTTM, compared with FTTH, involve a larger number of access users. Hence, network reliability must be ensured. The ONU provides dual upstream ports to implement link redundancy backup. With the coordination of the ONU, the OPGD board on the OLT supports the following link backup modes: inter-board aggregation, smart link, and monitor link. Inter-board aggregation: Two upstream ports of the ONU are respectively connected to two adjacent OPGD boards of the OLT. Dual upstream link aggregation is configured on the ONU, and a protect group is configured on the OLT. Thus, 1:1 backup of GE links can be implemented through inter-board aggregation. Figure 2-3 shows the network topology of the OLT subtending the ONU to implement inter-board aggregation. For more details on the network application of inter-board aggregation, see 14.1.7 Network Applications.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 42

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

2 P2P Optical Access

Figure 2-3 Network topology of inter-board aggregation


Upstream link aggregation Subsending port protect group

ONU OLT Master Slave

Smart link and monitor link: Two upstream ports of the ONU are respectively connected to the OPGD board on two OLTs. Monitor link is configured on the OLTs, and smart link is configured on the ONU. 1:1 GE link backup is implemented through a mode similar to type B dual homing of GPON ports. Figure 2-4 shows the network topology of the OLTs subtending the ONUs to implement smart link and monitor link. For more details on smart link and monitor link, see 14.3 Smart Link and Monitor Link. Figure 2-4 Network topology of smart link and monitor link

OLT1 Monitor Link group2

OLT2

Monitor Link group2

Smart Link group1

Smart Link group2

ONU1

ONU2 Master Slave

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

43

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

3 ADSL2+ Access

3
About This Chapter
3.1 Introduction 3.2 Specifications 3.3 Reference 3.4 Availability 3.5 Principle 3.6 Glossary, Acronyms, and Abbreviations

ADSL2+ Access

Asymmetrical digital subscriber loop (ADSL) is an asymmetric transmission technology that is used to transmit data at high speed over the twisted pair. ADSL2+ is an extension of ADSL. The upstream rate of ADSL2+ reaches 2.5 Mbit/s, and the downstream rate reaches 24 Mbit/s. The maximum reach of ADSL2+ is 6.5 km.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

44

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

3 ADSL2+ Access

3.1 Introduction
Definition
Asymmetrical digital subscriber loop (ADSL) is an asymmetric transmission technology that is used to transmit data at high speed over the twisted pair. ADSL2+ is an extension of ADSL. The upstream rate of ADSL2+ reaches 2.5 Mbit/s, and the downstream rate reaches 24 Mbit/s. The maximum transmission distance of ADSL2+ is 6.5 km.

Purpose
The ADSL technology adopts asymmetric transmission to provide high-speed data access service.

3.2 Specifications
The MA5600T/MA5603T supports the following specifications: l l l l l l l l l l l l l l l l l l l Compatibility with ADSL and ADSL2 A maximum upstream rate of 2.5 Mbit/s A maximum downstream rate of 24 Mbit/s A maximum reach of 6.5 km Support for ADSL2+ board and POTS access Transmission mode (Annex A, Annex B, Annex L, Annex M and Annex J) Fast bit swap Power management, power cut back function on the CO and the CPE Automatic rate adjustment according to the line conditions during the initialization Pilot floating, pilot selection based on channel conditions Support for tone transmit power control based on CO-MIB (spectrum shaping Tssi) Dynamic seamless rate auto-sensing to improve the adaptability for line parameters Single ended loop test (SELT) Configuration, modification and query of the ADSL configuration parameters (such as line and spectrum) Report of alarm and maintenance information on the line and channel Support of 32 ports and 64 ports ADSL2+ boards Power-saving of the xDSL line Metallic Line Testing (MELT)(only supported by the ADKM) Two-pair ADSL2+ ATM bonding for H802ADKM and H802ADPD
NOTE

Only the bonding of the adjacent ports of a board is supported.

Support for the creation, modification and deletion of the bonding group profile. Support for the rate limitation and the rate monitoring of the bonding group.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 45

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

3 ADSL2+ Access

l l l

Physical layer retransmission F5 OAM loopback (supported by ADPD and ADQD). Support for INM feature.

3.3 Reference
The following lists the reference documents of ADSL2+ access: l l l l l l l G992.1 Asymmetric digital subscriber line (ADSL) transceivers G992.3 Asymmetric digital subscriber line transceivers 2 (ADSL2) G992.5 Asymmetric Digital Subscriber Line (ADSL) transceivers - Extended bandwidth ADSL2 (ADSL2plus) Draft G.998.4 (for approval) Draft Amendment 1 to G.997.1 (FOR CONSENT) ITU-T G.998.1: ATM-based multi-pair bonding TR-159: Management Framework for xDSL Bonding

3.4 Availability
Hardware Support
l l l The ADIF/ADLF, ADPD/ADQD, ADKM, ADPE, and CAME boards support this feature. The modem must support the ADSL/ADSL2+ protocols. Boards supporting physical layer retransmission are H805ADLF, H805ADIF, H808ADLF, H808ADIF, H805ADPD, H80BCAME, and H80BADPE.
NOTE

l H805ADLF, H805ADIF, H808ADLF, and H808ADIF only support PHY-R, don't support G.INP. l The physical layer retransmission function requires the cooperation of the CPE.

l l

Boards supporting F5 OAM loopback are ADPD and ADQD. Boards supporting ADSL ATM bonding are H802ADPD, H805ADPD, H80BADPE, and H80BCAME.
NOTE

The ADSL ATM bonding function requires the cooperation of the CPE.

License Support
The number of ADSL2+ ports supported by the MA5600T/MA5603T is under license control. Therefore, the corresponding service is controlled by a license.

3.5 Principle
ADSL System Architecture
Based on provided functions, the ADSL transceiver is divided into:
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 46

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

3 ADSL2+ Access

l l l l

TPS-TC (convergence sub layer related to transmission protocol) PMS-TC (convergence sub layer related to physical medium) PDM (sub layer related to physical medium) MPS-TC (convergence sub layer related to management protocol for BMS interface)

Each sub layer is encapsulated and defined with the information between sub layers to perform intercommunication among different manufactures. Figure 3-1 shows the ADSL transmission architecture. Figure 3-1 ADSL transmission architecture
ATU-C OAM interface NTR C
TPS-TC TPS - #0

ATU-R MPS-TC C U R
TPS-TC TPS - #0

MPS-TC

OAM interface NTR R

I/F
User application interfaces

I/F

PMS PMS-TC TC PMS TC

PMS - TC

PMD PMD

PMD

I/F

I/F

Application specific Unspecified Main body and annexes

Application invariant

Application specific Main body and annexes Unspecified

TPS-TC TPS-TC is related to specific application. It performs the mapping of the user interface data and the control signals to and from the TPS-TC synchronization data interface. TPS-TC sends and receives control signals through the payload channel of the PMSTC layer. The MPS-TC function module provides a procedure for ADSL transceiver unit (ATU) management. The MPS-TC function module communicates with the higher level function entity of the management plane. The management messages are exchanged between the MPS-TC function entities of the ATU through the ADSL payload channel.

PMS-TC PMS-TC multiplexes of the ADSL payload and the TPS-TC data traffic. The basic functions are: framing, frame synchronization, scrambling/descrambling, forward error correction (FEC), and error check. It provides a payload channel for delivering control messages of the TPS-TC, PMS-TC and PMD layers in addition to the messages from the management interface.

l
Issue 01 (2011-10-30)

PMD
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 47

Application interfaces

TPS-TC #1

TPS-TC #1

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

3 ADSL2+ Access

The basic functions are: regular element generation and recovery, coding/decoding, modulation/demodulation, echo cancellation, line equalization, and link start. The PMD layer also sends and receives control messages through the payload channel of the PMS-TC

ADSL Principle
ADSL provides a total bandwidth of 1.104 MHz. By using DMT, ADSL splits the bandwidth into 256 tones (0-255). Because ADSL over POTS is different from ADSL over ISDN, the division of the 256 tones is different. Figure 3-2 shows the tones and bandwidth for ADSL over POTS. Figure 3-2 Tones and bandwidth for ADSL over POTS
POTS Upstream Downstream

32 138kHz

255 1104 kHz

4kHz 26kHz

l l l

Tones 0-5 are reserved to transmit the 4 kHz analog voice signals. Tones 6-31 are used to transmit upstream data over the bandwidth of 26-138 kHz. Tones 32-255 are used to transmit downstream data over the bandwidth of 138-1104 kHz.

Figure 3-3 shows the tones and bandwidth for ADSL over ISDN. Figure 3-3 Tones and bandwidth for ADSL over ISDN
ISDN Upstream Downstream

32 120kHz 138kHz

64 276kHz

255 1104kHz

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

48

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

3 ADSL2+ Access

l l l

Tones 0-31 are reserved to transmit the 120 kHz ISDN signals. Tones 32-63 are used to transmit upstream data over the bandwidth of 138-276 kHz. Tones 64-255 are used to transmit downstream data over the bandwidth of 276-1104 kHz.
NOTE

Each tone occupies a bandwidth of 4.3125 kHz for transmission. When an ADSL terminal unit (ATU) uses echo cancellation, the ADSL signals can be transmitted in the overlapped mode, which means to extend the downstream bandwidth to the upstream bandwidth so that the upstream and downstream ADSL signals can share transmission channels.

Each ADSL tone can transmit datagram of 1-15 bits. The actual capacity of each tone depends on the real-time transmission performance such as the attenuation, delay and noise.

ADSL2+ Principle
ADSL2+ extends the bandwidth of ADSL to 2.208 MHz and uses DMT to split the bandwidth into 512 tones (0-511). Figure 3-4 shows the tones and bandwidth of ADSL2+. Figure 3-4 Tones and bandwidth of ADSL2+

When the data transmission mode is Annex A, Annex B, or Annex L, the tones are allocated as follows: l l Tones 0-5 are reserved to transmit the 4 kHz analog voice signals. Sub-carriers 6-31: Annex A/Annex L: Sub-carriers 6-31 are used to transmit the upstream data at the frequency of 26-138 kHz. Annex B: Sub-carriers 6-31 are used to transmit the upstream data at the frequency of 120-276 kHz. l l l l Tones 32-511 are used to transmit downstream data over the bandwidth of 138-2208 kHz. Tones 0-5 are reserved to transmit the 4 kHz analog voice signals. Sub-carriers 6-63 are used to transmit the upstream data at the frequency of 26 kHz-f1, where f1 ranges from 138 kHz through 276 kHz. Tones 64-511 are used to transmit downstream data over the bandwidth of 256-2208 kHz. When the data transmission mode is Annex M, the tones are allocated as follows:

ADSL2+ extends bandwidth and improves the transmission efficiency by enhancing modulation, reducing overhead and optimizing frame structure.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 49

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

3 ADSL2+ Access

Physical Layer Retransmission


Emerging access services such as IPTV and video-on-demand (VoD) are winning growing popularity. These services are more sensitive to bit error ratio (BER) and packet loss ratio but less latency-strict than traditional data and voice services. Physical layer retransmission is put forward to more reliably transmit these emerging services over lines. Figure 3-5 Reference model when retransmission is enabled in both directions
TPS- TC #0 reference point DTU framer Retransmission Multiplexer Retransmission queue

reference point eoc overhead multilpexer RRC framer 12 bits A scrambler FEC(RS) interleaver L0 Latency path multilpexer reference point PMD L1 24 bits C scrambler FEC(RS) FEC ( Golay) ib NTR

This figure illustrates a reference model when retransmission is enabled in both transmit (Tx) and receive (Rx) directions, which is a typical application of physical layer retransmission. The Tx end and Rx end each have a buffer first in first out (FIFO). The Tx end classifies the data to be sent into specific data units, and the Rx end checks the data received. If detecting that a data unit is incorrect, the Rx end sends a request, asking the Tx end to retransmit this data unit. The Tx end, upon receiving this quest, retransmits this data unit stored in its buffer FIFO. In the Tx direction, there is only one activated channel, channel(#0). Data transmitted along this channel is encoded into data transmission units (DTUs). A DTU, after being sent, is stored to the retransmission queue. After a DTU is sent and no retransmission request is received, the DTU multiplexer selects a new DTU for transmission. If a retransmission request is received, the DTU multiplexer selects the desired DTU from the retransmission queue for transmission. The new DTU or DTU to be retransmitted is sent out through 2 reference point.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 50

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

3 ADSL2+ Access

The physical media specific-transmission convergence (PMS-TC) layer has three channels: channel 0 (latency channel), channel 1, and retransmission request channel (RRC). Channel 0 carries only overhead data and channel 1 carries only DTUs (sent from 2 reference point). RRC carries the confirmation messages for the received DTUs. Channel 0 is encoded using ReedSolomon codes after being scrambled, while RRC is encoded using the extended Golay codes. Bit streams sent from channel 0 and RRC are combined into one channel of data frames, which is then sent to the physical medium dependent (PMD) layer through reference point.

ADSL ATM bonding


Through the ADSL ATM bonding function, one ATM packet is divided into several fragments, which will be assigned to multiple links for transmission, thus increasing the network bandwidth. Figure 3-6 shows the bonding layering of the ADSL ATM bonding. Figure 3-6 ADSL ATM bonding layering

Service GBS Cross connect

TPS-TC PMS-TC PMD BCE-1 ... BCE-32

As shown in the preceding figure, the meaning and the function of each layer is as following: l l A bonding channel entity (BCE) is a channel. The BCE here is regarded as one ADSL port because one port of the currently implemented ADSL has only one channel. Cross connect is optional. The Cross connect supplies the interface for the data transmission between the BCE and the GBS layer. It only aggregates the data of the BCE layer and transmits to the GBS layer.The data reorganization and splitting is realized by the GBS layer. The generic bonded sub-layer(GBS) reorganizes the data streams of all the bound lines and splits the downstream traffic streams. The upper layer of GBS is the service layer. In the case of the service layer, the GBS is equal to only an interface. The GBS regroups and transits the data to the service layer. The service layer then forwards ATM cells to the upper layer.

l l

The actual implementation of the ADSL ATM bonding is as following: 1. Traffic streams are set up on the GBS, but are not bound to ports. The device allows service flow configuration only on the primary port in the bonding group.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

51

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

3 ADSL2+ Access

2.

The GBS assigns the data stream to every BCE according to certain rules and therefore each BCE carries only part of the data stream. The fragments of one packet, however, must be transmitted within one BCE.

INM
The impulse noise in the x digital subscriber line (xDSL) service severely affects line stability and quality of experience (QoE). There are multiple impulse noise sources, such as household appliance switches, devices that generate electric arcs, phones' offhook and onhook state, natural discharge, and various electromagnetic waves. A frequency spectrum covers a wide region and varies with time, increasing the system bit error rate (BER) and decreasing system stability. The impulse noise protection (INP) technology adjusts noise parameters to improve line quality and minimize noise impact on lines. Before configuring INP, users need to monitor and collect statistics for current line noise distribution. The impulse noise monitor (INM) technology enables users to monitor and collect statistics of impulse noises. INM can improve service QoE that is sensitive to packet loss instead of delay. Therefore, INM is significant for widely used video services. Long-period noise detection helps carriers to better learn about the live network noise environment, facilitating QoS improvement. Figure 3-7 shows the principles for INM. Figure 3-7 Principles for INM
Indication of Severely Degraded Data Symbols Anomalies Eq INP Generation Cluster Indicator Eq INP&IAT Anomalies Generation INM Counters

INS

IAT Generation

Principles for INM are as follows: 1. An impulse noise sensor (INS) mainly detects whether discrete multi-tone (DMT) symbols are severely damaged. If yes, the INS degrades the DMT symbols. If not, the INS considers the DMT symbols normal and does not degrade them. A cluster indicator uses a specific method to identify DMT symbols detected by the INS and classifies several consecutive qualified symbols into a cluster. The cluster is used for subsequent processing. Figure 3-8 shows how to identify a cluster.

2.

Figure 3-8 Principles for INM


Cluster1 Cluster2

Gap1 INMCC = 2 Degraded symbol Undamaged symbol

Gap2

Gap3

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

52

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

3 ADSL2+ Access

As shown in the preceding figure, INM cluster continuation (INMCC) specifies the maximum number of consecutive undamaged DMT symbols allowed in a cluster. In the preceding figure, INMCC is 2 and Gap1 contains two DMT symbols. Therefore, the two DMT symbols belong to the same cluster, which is identified as Cluster1. Gap2 contains three DMT symbols. Therefore, Cluster1 does not contain the DMT symbols in Gap2 and the DMT symbols following Gap2. Gap2 does not belong to any cluster. 3. The Eq INP Generation module calculates equivalent INPs (INP_eq) in each cluster. The inter arrive time (IAT) Generation module calculates the IAT of an entire symbol sequence. IAT specifies the number of symbols between the end of a cluster and the beginning of the next cluster, without Sync symbols. The Eq INP&IAT Anomalies Generation module collects statistics for INP_eq and IAT. The INM Counters module uses a rule to count the collected equivalent INP_eq and IAT and forms an irregular equivalent INP and IAT histogram based on the data. Users can view and use the data. In addition, users can configure INP_Min and Delay_Max based on equivalent INP and IAT.

4. 5.

3.6 Glossary, Acronyms, and Abbreviations


Glossary
Table 3-1 lists the glossary of technical terms related to ADSL2+ access. Table 3-1 Glossary of technical terms related to ADSL2+ Glossary SELT Definition The single ended loop test includes: l Line type l Line length l Terminal type l Local noise l Bridge tap Tone It is the sub-carrier. For example, when the bandwidth of 1 MHz is divided into 256 sub-carriers, each carrier is called as a tone.

Acronyms and Abbreviations


Table 3-2 lists the acronyms and abbreviations related to ADSL2+ access. Table 3-2 Acronyms and abbreviations related to ADSL2+ Acronym/Abbreviation ADSL POTS
Issue 01 (2011-10-30)

Full Spelling Asymmetrical Digital Subscriber Loop Plain Old Telephone Service

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

53

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

3 ADSL2+ Access

Acronym/Abbreviation ISDN CO CPE DMT MELT

Full Spelling Integrated Services Digital Network Central Office Customer Premise Equipment Discrete Multi-Tone Metallic Line Testing

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

54

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

4 VDSL2 Access

4
About This Chapter
4.1 Introduction 4.2 Specifications 4.3 Reference Standards and Protocols 4.4 Availability

VDSL2 Access

Supporting the symmetric high rates of up to 100 Mbit/s, VDSL2 is a major enabler of the shortdistance and high-speed solutions for the next-generation FTTx access scenarios.

4.5 VDSL2 Architecture This topic describes the model of the VDSL2 system architecture. 4.6 Features of the VDSL2 System VDSL2 supports various features, such as high-speed transmission, long-distance transmission and flexible profile configuration solutions. 4.7 Support for Multiple Spectrum Profiles VDSL2 supports multiple spectrum profiles to fulfill the needs of different application scenarios. 4.8 Flexible PSD Control Methods VDSL2 adopts flexible power spectral density (PSD) control methods. The purposes are to protect the VDSL2 loop system against the interference from various external radio waves and at the same time mitigate the interference of VDSL2 to other transmission systems. VDSL2 implements PSD management using a series of techniques such as DPBO, UPBO, PSD notching, and MIB-controlled PSD. 4.9 Improvement of Line Performance VDSL2 improves the quality of the line system by using a series of technologies, including discrete multi-tone (DMT) modulation, trellis coding, FEC, time domain equalization, and interleaving. Some of the features are developed as defined by ITU-T Recommendation G.993.1, and some are the new features specially developed for VDSL2. 4.10 VDSL2 Network Applications This topic describes the network applications of the VDSL2 access feature.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

55

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

4 VDSL2 Access

4.1 Introduction
Definition
The VDSL technology provides subscribers with symmetric or asymmetric high-speed leased line access service over twisted pairs. The VDSL service can run at symmetric or asymmetric rates and can be provisioned over the same twisted pair with the plain old telephony service (POTS). Mainly used for the "last mile" connection, VDSL provides subscribers with voice, video, and data services in a full-service multimedia network. Very high speed digital subscriber line 2 (VDSL2) is an extension to VDSL. Compared with VDSL, VDSL2 supports a higher transmission rate and a longer transmission reach.

Purpose
VDSL2 supports the symmetric high rates of up to 100 Mbit/s and also supports multiple spectrum profiles and encapsulation modes. Thus, VDSL2 is a major enabler of the shortdistance and high-speed solutions for the next-generation FTTx access scenarios.

4.2 Specifications
The MA5600T/MA5603T supports the following VDSL2 access specifications: l l l l l l l l l l l l l l Compliance with ITU-T Recommendation G.993.2 A maximum reach distance of 3.5 km Compatibility with ADSL/ADSL2+ Support of the VDSL2/ADSL2+ compatible board, VDSL2 over POTS board, and VDSL2 over ISDN board to meet different service requirements Multiple spectrum profiles, including 8a, 8b, 8c, 8d, 12a, 12b, and 17a to meet different application scenarios Power spectral density (PSD) control through UPBO/DPBO, RFI, PSD Mask, and Tone Blackout Two encapsulation modes (ATM and PTM) Working in the ADSL/ADSL2+ mode when connecting to ADSL/ADSL2+ terminals BandPlan998 and BandPlan997 Support of 24-port, 48-port and 64-port VDSL2 boards Automatic rate adjustment according to the line conditions during the initialization Configuration, modification, and query of the VDSL2 configuration parameters (such as line and channel mode) Reporting of alarm and maintenance information about the line and the channel VDSL2 terminal management Based on the function, the VDSL2 modems can be maintained remotely through telnet, and the software of the VDSL2 modems can be remotely upgraded through TFTP. l l
Issue 01 (2011-10-30)

Configuration of the BITSWAP parameter. PPPoE+ sub option.


Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 56

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

4 VDSL2 Access

l l l l l l l

Line template configuration change Supports configuration of three modes: TR-129 mode, TI mode, and TR-165 mode. Configuration of the ANNEX M frequency band Power-saving of the xDSL line Metallic Line Testing (MELT)(only supported by the VDJM and VDPM) Physical layer retransmission F5 OAM loopback (supported by H80BVDPM and H80BVDPE). Two-pair VDSL2 PTM bonding Support for the creation, modification and deletion of the bonding group profile. Support for the rate limitation and the rate monitoring of the bonding group.

Support for INM feature.

4.3 Reference Standards and Protocols


The reference standards and protocols of this feature are as follows: l l l l l l l ITU-T G.993.2: Very high speed digital subscriber line 2 ITU-T G.993.2 Amendment 1, ITU-T G.993.2 Amendment 2, ITU-T G.993.2 Amendment 1, nd ITU-T G.993.2 Amendment 4 ITU-T G.997.1: Physical layer management for digital subscriber line (DSL) transceivers TR-129: Protocol-Independent Management Model for Next Generation DSL Technologies TR-165: Vector of Profiles ITU-T G.998.2: Ethernet-based multi-pair bonding TR-159: Management Framework for xDSL Bonding

4.4 Availability
Hardware support
l l l l l l l The VDSA (VDSL2 over POTS) board supports 8b and 17a, and is compatible with 8a, 8c, 8d, 12a and 12b spectrum profiles. The 24-channel VDRD board supports 8c, 8d, 12a, 12b, 17a, 30a spectrum profiles. The 24-channel VDTF (VDSL2 over ISDN) board supports 8a, 8b, 8c, 8d, 12a, 12b, and 17a spectrum profiles. The 48-channel VDMF (VDSL2 over POTS) board supports 8a, 8b, 8c, 8d, 12a, 12b, and 17a spectrum profiles. The 48-channel VDNF (VDSL2 over ISDN) board supports 8a, 8b, 8c, 8d, 12a, 12b, and 17a spectrum profiles. The 48-channel VDJM (all digital mode VDSL2) board supports 8a, 8b, 8c, 8d, 12a, 12b, and 17a spectrum profiles. The 64-channel VDPE (VDSL2 over POTS) board supports 8a, 8b, 8c, 8d, 12a, 12b, and 17a spectrum profiles.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 57

Issue 01 (2011-10-30)

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

4 VDSL2 Access

l l l

The 64-channel VDPM (VDSL2 over POTS) board supports 8a, 8b, 8c, 8d, 12a, 12b, and 17a spectrum profiles. The modem must support the VDSL2 protocol. Boards supporting physical layer retransmission are H805VDMF, H805VDRD, H80BVDPE, and H80BVDPM (support PHY-R and G.INP).
NOTE

The physical layer retransmission function requires the cooperation of the CPE.

l l

Boards supporting F5 OAM loopback are H80BVDPE and H80BVDPM. Boards supporting VDSL2 PTM bonding are H80BVDPE, H80BVDPM, H805VDMF, H805VDRD, and H85BVDMD. The H80BVDPE and H80BVDPM support the two-pair bonding of any two ports on a board.
NOTE

The VDSL2 PTM bonding function requires the cooperation of the CPE.

License support
The number of VDSL2 ports supported by the MA5600T/MA5603T is provided only under license. Therefore, the license is required for accessing the corresponding service.

4.5 VDSL2 Architecture


This topic describes the model of the VDSL2 system architecture.

VDSL2 Compatibility
The implementation principle of VDSL2 is based on ITU-T Recommendation G.993.2. International Telecommunication Union (ITU) defines the DMT modulation mode that is adopted by VDSL2. The VDSL2 technology is compatible with ADSL and ADSL2+. Because VDSL is not widely applied, VDSL2 is not compatible with VDSL.

VDSL2 System Architecture


The system architecture of VDSL2 is similar to that of ADSL and supports three independent application models: l l l Data service model Data service with underlying POTS service Data service with underlying ISDN service

Figure 4-1 shows the architecture of the VDSL2 transmission system.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

58

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

4 VDSL2 Access

Figure 4-1 Architecture of the VDSL2 transmission system


VTU-O gO
NTR-TC

VTU-R b IO U IR
NTR-TC

gR 8-kHz NTR
VME VME

8-kHz NTR OAM interface


User application interfaces VME

MPS-TC MPS -

MPS-TC

OAM interface
User application interfaces

PMS - TC

TPS-TC #1 TPS-TC TPS- #0

PMS - TC

I/F

TPS-TC #1 TPS-TC TPS- #0

PMD

PMD PMD

I/F

I/F

I/F

Application specific Unspecified Main body and Annexes

Application invariant Main body

Application specific Main body and Unspecified Annexes

A VDSL2 device consists of three parts: TPS-TC, PMS-TC, and PMD. l TPS-TC This module is associated with specific applications. It is mainly in charge of adapting user interface data and control signals to the synchronous data interface of the TPS-TC module. The TPS-TC layer also transmits and receives control messages through the overhead channel of the PMS-TC layer. The MPS-TC function module provides a procedure for implementing the management of the VDSL transceiver unit (VTU). The MPS-TC function module communicates with the higher-layer function entities of the management plane. The management information is exchanged between the MPS-TC function entities of the VTU through the VDSL overhead channel. l PMS-TC This module is mainly in charge of multiplexing VDSL overheads and TPS-TC data streams. The basic functions of this module include framing, frame synchronization, scrambling and descrambling, forward error correction (FEC), and error detection. The PMS-TC module provides overhead channels for transmitting the control messages of the TPS-TC, PMS-TC, and PMD layers and the messages of the management interface. l PMD The basic functions of the PMD module include regular generation and restoration of elements, encoding and decoding, modulation and demodulation, echo cancellation, linear equalization, and link start.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 59

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

4 VDSL2 Access

The PMD layer also transmits and receives control messages through the overhead channel of the PMS-TC layer. The VDSL2 boards provided by the MA5600T/MA5603T implement the above-mentioned function modules in full compliance with ITU-T Recommendation G.993.2. In addition, the MA5600T/MA5603T implements the VDSL2 management module as defined by ITU-T Recommendation G.997.1 and the TR-090 standard. The VDSL2 management module provides line management functions that are configured based on line profile, channel profile, and spectrum profile, meeting the requirements of different users.

4.6 Features of the VDSL2 System


VDSL2 supports various features, such as high-speed transmission, long-distance transmission and flexible profile configuration solutions. The VDSL2 standard was included in the agenda of ITU-T in 1998 but was progressing slowly. One reason is that back then the situation of broadband access was not definite, and the ADSL technology soon met the bandwidth requirements owing to its practicality. Another reason is that the bandwidth stipulated by the VDSL standard was far higher than the bandwidth required by the market. At the same time, VDSL put much more requirements on loops than ADSL does. Owing to these reasons, VDSL was in only small-scale application in the market. In 2003, ITUT stipulated two new recommendations for ADSL, G.992.3 and G.992.5. It was then that the industry eyed VDSL more important as it provides a higher bandwidth. In October 2003, ITU-T completed the VDSL1 recommendation and meanwhile kicked off the VDSL2 project. In actual application, few products supported the VDSL1 recommendation G. 993.1. However, operators were in imperative needs for a more definite VDSL standard. Driven by such a market, ITU-T made a more specific definition of VDSL2 in G.993.2, which was rolled off in February 2006. VDSL2 supports the following features.

High-speed Transmission
VDSL2 specifies a band plan that covers the frequency as high as 30 MHz, and provides for a bidirectional high-speed data transmission at 200 Mbit/s within short distances. The 30a spectrum profile supports a total minimum upstream and downstream rates of 200 Mbit/s, and 17a supports a total of 100 Mbit/s.

Long-distance Transmission
The VDSL2 standard specifies enhanced downstream transmit power (20.5 dBm). Together with the application of frequency band US0 and techniques such as echo cancellation and time domain equalization, VDSL2 achieves a maximum transmission reach of over 2.5 km. Figure 4-2 shows the comparison between VDSL2 and ADSL/ADSL2/ADSL2+/VDSL in terms of downstream rate and distance.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

60

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

4 VDSL2 Access

Figure 4-2 Comparison between VDSL2 and ADSL/ADSL2/ADSL2+/VDSL (downstream rate and distance)

l l l

Symmetric upstream and downstream 100 Mbit/s of 6-band can be achieved only within 250 m in most cases. 5-band has a higher downstream bandwidth than 4-band only within 700 m. In terms of rate, VDSL2 is advantageous to ADSL2+ mainly within the distance of 1.2 km.

Flexible Profile Configuration Solutions


The highest frequency of VDSL2 is 30 MHz. Between 1 MHz and 12 MHz, VDSL2 still applies Band Plan 997 and Band Plan 998 of ITU-T Recommendation G.993.1. 12-30 MHz can be divided into just one or more upstream and downstream frequency bands to meet different application requirements.

Compatibility with ADSL/ADSL2+


VDSL2 adopts DMT as the only modulation mode. VDSL2 supports the PTM mode that is based on IEEE 802.3ah 64/65-byte encapsulation, and also supports the ATM encapsulation mode that is employed by ADSL/ADSL2+.

Stronger Support for Video Service


According to the characteristics of the video service, VDSL2 implements pulse noise protection by using the interleaving technique. In addition, VDSL2 can dynamically adjust the interleaving depth according to the condition of error bits. VDSL2 also specifies dual-latency channels to meet the requirements of different services (especially the video service) that have different degrees of sensitivity to packet loss and latency. Moreover, VDSL2 provides functions such as PSD control, loop diagnosis, and online reconfiguration.

4.7 Support for Multiple Spectrum Profiles


VDSL2 supports multiple spectrum profiles to fulfill the needs of different application scenarios. Owing to different network environments, the influence of different factors on communication loops may vary. Thus, it is difficult to address the application requirements of different environments by using the same mechanism. VDSL2 defines eight spectrum profiles (8a, 8b,
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 61

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

4 VDSL2 Access

8c, 8d, 12a, 12b, 17a, and 30a) to fulfill the needs of different application scenarios and builds a holistic mechanism to strengthen its adaptability to the environments. Figure 4-3 Spectrum profiles
Profile Bandwidth (MHz) Tones Tone Spacing (KHz) Line Power (dBm) 8a 8.832 2048 4.3125 +17.5 8b 8.832 2048 4.3125 +20.5 8c 8.5 1972 4.3125 +11.5 8d 8.832 2048 4.3125 +14.5 12a 12 2783 4.3125 +14.5 12b 12 2783 4.3125 +14.5 17a 17.664 4096 4.3125 +14.5 30a 30 3479 8.625 +14.5

VDSL2 based on DMT modulation has eight spectrum profiles. The number in a spectrum profile name represents the maximum frequency, and the letter represents the power attribute. For example, 8b and 8c mean that the maximum frequency is both 8 MHz. The maximum downstream power of the 8b spectrum profile is 20.5 dBm, and this profile is applicable to longdistance CO VDSL2 devices. The maximum downstream power of the 8c spectrum profile is 11.5 dBm, and this profile is applicable to remote outdoor cabinets running the VDSL2 service. Restricted by loop characteristics such as loop attenuation, the 30 MHz frequency band has a narrow application scope. It is mainly used for lab tests, or for loops that are in good conditions and are very short (within 300 m), where a high rate is attainable only under such conditions. Hence, the frequency band that can be used in most cases is 12 MHz or even below 8.8 MHz. VDSL2 defines different frequency band plans for different countries and areas. Figure 4-4 Band plan

VDSL2 Annex A defines the band plan for North America; Annex B defines the band plan for Europe; Annex C defines the band plan for Japan. Among the profiles, 17a has one more downstream frequency band than 12a; 30a has one more upstream frequency band than 17a. Restricted by loop characteristics such as loop attenuation, the 30 MHz frequency band has a
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 62

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

4 VDSL2 Access

narrow application scope. It is mainly used for lab tests, or for loops that are in good conditions and are very short (within 300 m), where a high rate is attainable only under such conditions. Hence, the frequency bands that can be used in most cases are 12 MHz or even below 8.8 MHz. The application scenarios of different VDSL2 spectrum profiles are as follows: l 17a and 30a are applicable to short distances, usually within 300 m. In fact, 30a is not widely applied and 17a is in more use. 17a provides a 100 Mbit/s downstream bandwidth and a 50 Mbit/s upstream bandwidth and applies to the FTTB+VDSL2 scenario. 12a/12b and 8c/8d are applicable to medium distances, ranging from 300 m to 1000 m, and apply to the FTTC+VDSL2 scenario. 8a and 8b have strong transmit power and are applicable to long distances. 8a and 8b are compatible with ADSL2/ADSL2+, provide a 30 Mbit/s/10 Mbit/s bandwidth, and apply to COs. 8b can provide a 20.5 dBm output power, which is equal to ADSL2+.

l l

4.8 Flexible PSD Control Methods


VDSL2 adopts flexible power spectral density (PSD) control methods. The purposes are to protect the VDSL2 loop system against the interference from various external radio waves and at the same time mitigate the interference of VDSL2 to other transmission systems. VDSL2 implements PSD management using a series of techniques such as DPBO, UPBO, PSD notching, and MIB-controlled PSD.

Downstream Power Back-off


Figure 4-5 Mitigating crosstalk using DPBO
CO PSD ADSL2+ Frequency CPE2 RT Strong signal PSD Frequency VDSL2

Crosstalk
CPE1

CO Solution DPBO

PSD ADSL2+ Frequency CPE2 RT Strong signal PSD Frequency VDSL2

No Crosstalk
CPE1

Multiple types of services may be running over the twisted pairs in the same binder at the same time, for example, symmetric or asymmetric services like POTS, ADSL, HDSL, and VDSL. The services when operating at the same time will generate interference to each other. As a result, the performance of some pairs may drop seriously. As shown in Figure 4-5, when ADSL2+ and VDSL2 services run over the twisted pairs in the same binder, VDSL2 will cause great
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 63

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

4 VDSL2 Access

attenuation to the low-frequency part of the ADSL2+ service. Therefore, VDSL2 defines a downstream power back-off (DPBO) mechanism to ensure that various DSL modulation technologies can work in the normal state on the twisted pairs in the same binder in most cases. Implementation mechanism of DPBO: DPBO requires the operator to test the distance between the DSLAM at the CO and the street-side DSLAM, and then apply a corresponding formula to compute the specific DPBO value. Some major operators have their own formulas.

Upstream Power Back-off


Figure 4-6 Mitigating crosstalk using UPBO
CO/RT PSD VDSL2 VDSL2 PSD Frequency Frequency

Crosstalk
CPE1

CPE2

Solution UPBO CO PSD VDSL2 VDSL2 PSD

No Crosstalk
CPE1

CPE2

To sum up, the upstream power back-off (UPBO) mechanism is to reduce the transmit power as much as possible by maintaining a given signal to noise ratio (SNR) at the receive end of the upstream channel. Figure 4-6 shows the application scenario of UPBO. The loop length (L1) of CPE1 is shorter than the loop length (L2) of CPE2 (L2 > L1). In the upstream direction, the loop of CEP1 (loop 1#) will generate serious crosstalk to the loop of CEP2 (loop 2#), causing a very low upstream rate to loop 2#. In this scenario, VDSL2 adopts the UPBO mechanism so that the upstream power of CPE1 is moderately reduced when at the same time the application requirements of loop 1# are fulfilled. Hence, loop 1# generates less crosstalk to loop 2# and the upstream transmission performance of loop 2# is improved.

PSD Notching
VDSL2 adopts a wide range of frequencies, the highest frequency being 30 MHz. The frequency spectrum covers the spectrum of medium-wave and short-wave broadcast and ham radio. Therefore, the VDSL2 technology must address the issue of radio frequency interference (RFI). The RFI implies two aspects: l l Broadcast transmission tower and ham radio launcher generate RFI to VDSL2 receivers. The VDSL2 system generates radiation that poses as RFI to radio sets and ham radio receivers.

A number of complicated factors are associated with the above-mentioned two types of interference, including transmit power, transmit frequency, distance between twisted pairs and
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 64

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

4 VDSL2 Access

receivers, and shielding performance of twisted pairs. Hence, it will be a highly complicated job to mitigate or reduce RFI by tackling these factors one by one. The characteristics of RFI are a very narrow interfered bandwidth and a long interference duration. The narrow-frequency characteristic means that RFI occurs mainly on one or some specific tones. Therefore, the guiding scheme of PSD notching is not to use such tones at the cost of a reduced transmission rate. In this way, the situation of reducing RFI at a high cost can be avoided. In the case of reducing the RFI generated by VDSL2 to ham radio receivers, the solution is to reduce the PSD to below -80 dBm/Hz at the transmit end of the VDSL2 system. Figure 4-7 Principle of PSD notching
TONE RFI Radio Frequency Interference

TONE

RFI

Notching

MIB-controlled PSD
DPBO, UPBO, and PSD notching are relatively fixed PSD modulation mechanisms. When it comes to complicated channels where the actual noise environment is changing in real time, such mechanisms are not flexible enough. Thus, MIB-controlled PSD is introduced. According to the distribution of DSLAMs, the distance between a DSLAM and subscribers, and the coexistence of ADSL/VDSL services, operators can shape the transmit PSD by using MIB in order to mitigate crosstalk. By using the CO MIB, a MIB-controlled PSD mask defines the PSD at a series of breakpoints that are located at the transmit frequency band. The PSD value of each sub-carrier is determined by the interpolation between two breakpoints. There are up to 16 breakpoints in the upstream direction and up to 32 breakpoints in the downstream direction. Frequency band US0 currently does not support breakpoints. The transmit breakpoint defines sub-carrier index tn and PSD mask PSDn. The CO MIB-controlled PSD mask consists of a series of transmit breakpoints, such as [(t1, PSD1) (t2, PSD2),..., (tn, PSDn)]. t1 is the start frequency point of the corresponding frequency band, and tn is the stop frequency point of the frequency band. According to the PSD values, the MIB-controlled PSD mask at different breakpoints varies: l l l l The breakpoints where PSD mask is equal to or greater than -80 dBm/Hz The breakpoints where PSD mask is smaller than -80 dBm/Hz The breakpoints where PSD mask forms an upward slope The breakpoints where PSD mask is located at the edge of a frequency band

Figure 4-8 considers the first case as an example, which is also a common case.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

65

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

4 VDSL2 Access

Figure 4-8 MIB-controlled PSD


Limit PSD mask PSD 3 PSD 2 PSD 4 MIB PSD mask

PSD 1 PSD 5

Slope = 0.75 dB/4.3125 kHZ for 4.3125 kHZ sub-carrier spacing 0.375 dB/4.3125 kHZ for 8.625 kHZ sub-carrier spacing - 80 dBm/Hz

t1(fx)

t2

t3

t4

t5(fx+1)

4.9 Improvement of Line Performance


VDSL2 improves the quality of the line system by using a series of technologies, including discrete multi-tone (DMT) modulation, trellis coding, FEC, time domain equalization, and interleaving. Some of the features are developed as defined by ITU-T Recommendation G.993.1, and some are the new features specially developed for VDSL2.

DMT Modulation
VDSL2 adopts DMT as its only modulation mode. Multi-tone modulation divides the entire transmission bandwidth into N parallel sub-channels for better use of the transmission bandwidth. Each sub-channel has a carrier, which is spectrally independent of the carriers of other sub-channels. Hence, the data rate of each sub-channel is 1/ N of the data rate of the entire transmission bandwidth. Multi-tone modulation is implemented by performing orthogonal transforming on data segments. A commonly used method is the discrete Fourier transform (DFT). The multi-tone modulation employing DFT is called DMT. The decrease of data rate will extend the cycle of the DMT symbol by N times, making the signal existence time longer than the carrier interval. Thus, it is easier to eliminate the interference between the symbols. The advantage of DMT is that it extends the transmission reach by decreasing the information transmitting rate of each twisted pair in parallel transmission. By employing the DMT technique, VDSL2 is able to perform quadrature amplitude modulation (QAM) on each sub-channel (that is, each tone). In this way, VDSL2 substantially enhances the transmission capability of each sub-channel, that is, from the originally 1-2 bits/tone to 15 bits/ tone. The high-order modulation algorithm enables VDSL2 to increase the line rate by a great extent. However, the high-order modulation algorithm puts stringent requirements on line quality, and thus also restricts the loop length of VDSL2.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

66

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

4 VDSL2 Access

Pilot Tone
In the DMT modulation mode, DMT requires strictly synchronous clocks at both ends of the system. To avoid wandering of frequency points, some pilot tones can be inserted to achieve synchronization.

Scrambling
Regular encoding (has periodic regular change, such as consecutive 0s or 1s) may have negative effects on lines. Specifically, signals thus encoded on a line may generate interference to adjacent lines and easily cause incorrect or difficult delimitation to the peer end. Therefore, signals consisting of long strings of 0s or 1s or changing regularly should be processed so that they are as random as possible before they enter a line. This is the function of scrambling. The usual method is to insert a fixed-length sequence at the local end and remove the sequence at the peer end. The sequence can keep the randomness of the signals before they enter a line.

Trellis Coding
Common channel coding techniques can be classified into convolutional coding and block coding. Trellis coding is a code modulation technique that combines convolutional coding with the digital modulation mode. The corresponding decoding technique is called Viterbi decoding. The process of trellis coding entails the redundancy of only 1 bit. Hence, trellis coding features a higher coding efficiency and a simpler coding mechanism. However, the corresponding Viterbi decoding has a complicated process. Viterbi decoding can be divided into hard decision (HD) and soft decision (SD). SD adds some probability weighted calculation to the decoding process and thus Viterbi decoding has a stronger error correcting capability. Generally, trellis coding is mainly targeted at burst errors. It can correctly parse the discrete error bits in the transmission and features strong code gaining and error correcting capabilities. Trellis coding is a mandatory technique in the VDSL2 standard.

Forward Error Correction


In general, there are multiple error correction mechanisms. Some depend on the transmission system itself to check the data and correct the errors after the data arrives at the peer end. Others only check the data and do not correct the errors; if any error is detected, the data is retransmitted. Forward error correction (FEC) belongs to the first type. FEC is applicable to real-time services because such services do not tolerate the latency that must be entailed by retransmission. All error correction mechanisms are implemented with the redundancy trade-off. So, seemingly FEC sacrifices bandwidth. However, if a line adopts the retransmission mechanism, it entails more bandwidth waste than FEC does redundancy.

Interleaving
FEC and interleaving are usually used together as a major means against pulse interference. Though FEC has a strong error correction capability, if there is serious line noise and consequently long consecutive error bits, FEC alone is helpless. This is the problem that interleaving addresses. Figure 4-9 shows an example of an interleaved block. Here, the given interleaver depth D is 3 and interleaver width I is 7. ADSL directly uses the FEC codeword NFEC as the interleaver width, whereas VDSL2 uses the fraction (I = NFEC/q) of NFEC as the interleaver width, q ranging from 1 to 8. The numbers in the block indicate the sequence at which bits enter the interleaver. Usually, bits are written to the block based on rows and read from the block based on columns.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 67

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

4 VDSL2 Access

Figure 4-9 Principle of the interleaver


read (to the channel)

write (from FEC)

1 8 15

2 9 16

3 10 17

4 11 18

5 12 19

6 13 20

7 14 21

7 sequence in channel 1, 8, 15, 2, 9, 16, 3, 10, 17

Figure 4-10 shows a de-interleaver with D=3 and N=7. The output of the de-interleaver is the correct sequence of the bits. Figure 4-10 Principle of the de-interleaver
write (from channel)

read (to FEC)

1 8 15

2 9 16

3 10 17

4 11 18

5 12 19

6 13 20

7 14 21

7 sequence in channel 1, 8, 15, 2, 9, 16, 3, 10, 17

The following figure demonstrates the value of interleaving by contrasting the burst errors with interleaving and those without interleaving. The first two rows show the transmission sequence of the bits in a channel with interleaving and without interleaving. Figure 4-11 The value of interleaving by contrasting the burst errors with interleaving and those without interleaving
BITS sequence (without interleaving) BITS sequence (with interleaving) the burst errors the received BITS (without interleaving) the received BITS (de-interleaving) 1 1 2 3 4 5 6 6 7 7 8 8 9 10 11 12 13 14 15 16 10 11 12 13 14 16 1 1 2 8 3 15 4 2 5 9 6 16 7 3 8 9 10 11 12 13 14 15 16 4 11 18 5 12 19 6

10 17

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

68

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

4 VDSL2 Access

Assuming burst errors as shown in row 3 occur in a channel, note the interference to the bits in the two difference cases (with interleaving and without interleaving). The last two rows of the table are the bits to be sent to the FEC block on the sample channel receiver. With interleaving enabled, the bit errors will be distributed, which means that the FEC block will have a better chance of correcting the errors. The preceding example is applicable to channels where the expected burst errors are below three bit transmission periods. Interleavers in actual application usually have D parameter and N parameter of greater values.

Optional Extension of Upstream Frequency Band US0


Compared with high-frequency bands that have more interference and are unstable, lowfrequency bands are actually valuable resources. Adopting frequency band US0 for upstream transmission effectively extends the coverage reach of VDSL2 and improves its upstream performance. VDSL2 can not only enable frequency band US0 for upstream transmission but also extend the originally reserved US0 frequency band. The original frequency band US0 is 25-138 kHz, which can be extended to 276 kHz. Actually, considering the requirements for upstream bandwidth, VDSL2 increases the bandwidth of US0 by trading off some DS1 bandwidth.

Physical Layer Retransmission


Emerging access services such as IPTV and video-on-demand (VoD) are winning growing popularity. These services are more sensitive to bit error ratio (BER) and packet loss ratio but less latency-strict than traditional data and voice services. Physical layer retransmission is put forward to more reliably transmit these emerging services over lines.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

69

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

4 VDSL2 Access

Figure 4-12 Reference model when retransmission is enabled in both directions


TPS- TC #0 reference point DTU framer Retransmission Multiplexer Retransmission queue

reference point eoc overhead multilpexer RRC framer 12 bits A scrambler FEC(RS) interleaver L0 Latency path multilpexer reference point PMD L1 24 bits C scrambler FEC(RS) FEC ( Golay) ib NTR

This figure illustrates a reference model when retransmission is enabled in both transmit (Tx) and receive (Rx) directions, which is a typical application of physical layer retransmission. The Tx end and Rx end each have a buffer first in first out (FIFO). The Tx end classifies the data to be sent into specific data units, and the Rx end checks the data received. If detecting that a data unit is incorrect, the Rx end sends a request, asking the Tx end to retransmit this data unit. The Tx end, upon receiving this quest, retransmits this data unit stored in its buffer FIFO. In the Tx direction, there is only one activated channel, channel(#0). Data transmitted along this channel is encoded into data transmission units (DTUs). A DTU, after being sent, is stored to the retransmission queue. After a DTU is sent and no retransmission request is received, the DTU multiplexer selects a new DTU for transmission. If a retransmission request is received, the DTU multiplexer selects the desired DTU from the retransmission queue for transmission. The new DTU or DTU to be retransmitted is sent out through 2 reference point. The physical media specific-transmission convergence (PMS-TC) layer has three channels: channel 0 (latency channel), channel 1, and retransmission request channel (RRC). Channel 0 carries only overhead data and channel 1 carries only DTUs (sent from 2 reference point). RRC carries the confirmation messages for the received DTUs. Channel 0 is encoded using ReedSolomon codes after being scrambled, while RRC is encoded using the extended Golay codes. Bit streams sent from channel 0 and RRC are combined into one channel of data frames, which is then sent to the physical medium dependent (PMD) layer through reference point.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 70

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

4 VDSL2 Access

VDSL2 PTM bonding


Through the VDSL2 PTM bonding function, one Ethernet packet is divided into several fragments, which will be assigned to multiple links for transmission, thus increasing the network bandwidth. Fragmentation of an Ethernet packet and assignment of fragments are implemented by the 802.3ah protocol. In the case of bonding based on the VDSL2 access, the negotiation for the VDSL2 PTM bonding features between the CO and CPE through G.994.1 is required. Figure 4-13 shows the bonding layering of the VDSL2 PTM bonding. Figure 4-13 VDSL2 PTM bonding layering

Service GBS Cross connect

TPS-TC PMS-TC PMD BCE-1 ... BCE-32

As shown in the preceding figure, the meaning and the function of each layer is as following: l l A bonding channel entity (BCE) is a channel. The BCE here is regarded as one VDSL2 port because one port of the currently implemented VDSL2 has only one channel. Cross connect is optional. The Cross connect supplies the interface for the data transmission between the BCE and the GBS layer. It only aggregates the data of the BCE layer and transmits to the GBS layer.The data reorganization and splitting is realized by the GBS layer. The generic bonded sub-layer(GBS) reorganizes the data streams of all the bound lines and splits the downstream traffic streams. The upper layer of GBS is the service layer. In the case of the service layer, the GBS is equal to only an interface. The GBS regroups and transits the data to the service layer. The service layer then forwards Ethernet packets to the upper layer.

l l

The actual implementation of the VDSL2 PTM bonding is as following: 1. 2. Traffic streams are set up on the GBS, but are not bound to ports. The device allows service flow configuration only on the primary port in the bonding group. The GBS assigns the data stream to every BCE according to certain rules and therefore each BCE carries only part of the data stream. The fragments of one packet, however, must be transmitted within one BCE.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

71

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

4 VDSL2 Access

INM
The impulse noise in the x digital subscriber line (xDSL) service severely affects line stability and quality of experience (QoE). There are multiple impulse noise sources, such as household appliance switches, devices that generate electric arcs, phones' offhook and onhook state, natural discharge, and various electromagnetic waves. A frequency spectrum covers a wide region and varies with time, increasing the system bit error rate (BER) and decreasing system stability. The impulse noise protection (INP) technology adjusts noise parameters to improve line quality and minimize noise impact on lines. Before configuring INP, users need to monitor and collect statistics for current line noise distribution. The impulse noise monitor (INM) technology enables users to monitor and collect statistics of impulse noises. INM can improve service QoE that is sensitive to packet loss instead of delay. Therefore, INM is significant for widely used video services. Long-period noise detection helps carriers to better learn about the live network noise environment, facilitating QoS improvement. Figure 4-14 shows the principles for INM. Figure 4-14 Principles for INM
Indication of Severely Degraded Data Symbols Anomalies Eq INP Generation Cluster Indicator Eq INP&IAT Anomalies Generation INM Counters

INS

IAT Generation

Principles for INM are as follows: 1. An impulse noise sensor (INS) mainly detects whether discrete multi-tone (DMT) symbols are severely damaged. If yes, the INS degrades the DMT symbols. If not, the INS considers the DMT symbols normal and does not degrade them. A cluster indicator uses a specific method to identify DMT symbols detected by the INS and classifies several consecutive qualified symbols into a cluster. The cluster is used for subsequent processing. Figure 4-15 shows how to identify a cluster.

2.

Figure 4-15 Principles for INM


Cluster1 Cluster2

Gap1 INMCC = 2 Degraded symbol Undamaged symbol

Gap2

Gap3

As shown in the preceding figure, INM cluster continuation (INMCC) specifies the maximum number of consecutive undamaged DMT symbols allowed in a cluster. In the preceding figure, INMCC is 2 and Gap1 contains two DMT symbols. Therefore, the two DMT symbols belong to the same cluster, which is identified as Cluster1. Gap2 contains
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 72

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

4 VDSL2 Access

three DMT symbols. Therefore, Cluster1 does not contain the DMT symbols in Gap2 and the DMT symbols following Gap2. Gap2 does not belong to any cluster. 3. The Eq INP Generation module calculates equivalent INPs (INP_eq) in each cluster. The inter arrive time (IAT) Generation module calculates the IAT of an entire symbol sequence. IAT specifies the number of symbols between the end of a cluster and the beginning of the next cluster, without Sync symbols. The Eq INP&IAT Anomalies Generation module collects statistics for INP_eq and IAT. The INM Counters module uses a rule to count the collected equivalent INP_eq and IAT and forms an irregular equivalent INP and IAT histogram based on the data. Users can view and use the data. In addition, users can configure INP_Min and Delay_Max based on equivalent INP and IAT.

4. 5.

4.10 VDSL2 Network Applications


This topic describes the network applications of the VDSL2 access feature. Figure 4-16 VDSL2 network applications

Copper Access

IPTV Server splitter

PC ADSL/ADSL2+ CPE PC VDSL2 CPE splitter

MA5600T/MA5603T

PON FTTx+xDSL Access ADSL/ADSL2+ CPE PC VDSL2 CPE PC PSTN Voice Stream

ONU

As shown in Figure 4-16, VDSL2 in actual application applies to two typical scenarios. 1. The MA5600T/MA5603T directly provides the VDSL2 access. On the user side, ADSL/ADSL2+ CPEs (working in the ATM mode) or VDSL2 CPEs (working in the PTM mode) can be connected to the MA5600T/MA5603T to provide highspeed Internet access service and video service for subscribers.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 73

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

4 VDSL2 Access

2.

The MA5600T/MA5603T provides PON optical ports for connecting to ONUs and the ONUs provide the VDSL2 access. The ONUs are placed on street side or in corridors. In the downstream direction, the ONUs provide the VDSL2 access for subscribers; in the upstream direction, the ONUs are connected to the MA5600T/MA5603T by PON. The FTTx+VDSL2 network topology addresses the distance restriction on the VDSL2 access.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

74

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

5 SHDSL Access

5
About This Chapter

SHDSL Access

SHDSL is an xDSL access technology, just like ADSL and VDSL. SHDSL provides the symmetric upstream and downstream rates. 5.1 ATM SHDSL Access This topic describes the definition, purpose, specifications, and limitations of ATM SHDSL access feature. It also provides the glossary and the acronyms and abbreviations related to the ATM SHDSL access feature. 5.2 EFM SHDSL Access This topic describes the definition, purpose, specifications, and limitations of EFM SHDSL access feature. It also provides the glossary and the acronyms and abbreviations related to the EFM SHDSL access feature. 5.3 TDM SHDSL Feature

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

75

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

5 SHDSL Access

5.1 ATM SHDSL Access


This topic describes the definition, purpose, specifications, and limitations of ATM SHDSL access feature. It also provides the glossary and the acronyms and abbreviations related to the ATM SHDSL access feature.

5.1.1 Introduction
Definition
SHDSL is an xDSL access technology, just like ADSL and VDSL. SHDSL provides the symmetric upstream and downstream rates. The symmetric upstream and downstream rates of ATM SHDSL determine that bi-directional rates of the supported service must be basically the same. In addition, ATM SHDSL features a longer transmission distance. Hence, ATM SHDSL can be widely used.

Purpose
ATM SHDSL provides symmetric broadband access services for subscribers to meet the requirement for high downstream rate from SOHO subscribers. ATM SHDSL applications are similar to ADSL applications and the ATM SHDSL and ADSL applications are mutually complementary.

5.1.2 Specifications
The specifications of SHLB and SHLM are as follows: l l l These boards support the single-pair and two-pair modes. Network timing reference (NTR) clock. Automatic rate adjustment according to the line conditions during initialization.
NOTE

For the two, three, or four bound ATM ports, the system does not support automatic rate adjustment.

l l l l l l l l l l l

Reporting of the alarms and maintenance information of lines. PPPoE+ sub option. Dynamic adjustment of the specifications of the SHDSL line profile and alarm profile. Power-saving of the xDSL line. Supports wetting current. A maximum transmission distance of 6 km. Supports the configuration, modification, and query of the SHDSL line profile. Four modes of binding EFM or ATM ports: single-pair (two-wire), two-pair (four-wire), three-pair (six-wire), and four-pair (eight-wire). Line rate ranging from 192 kbit/s to 5696 kbit/s in the single-pair mode. Supports crosstalk cancellation. The line rate of the bound two, three, or four ATM/EFM ports is double, triple, or quadruple the line rate of a single port.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 76

Issue 01 (2011-10-30)

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description


NOTE

5 SHDSL Access

l Each port in an EFM bonding group can be activated or deactivated independently. Hence, in a specific application, the line rate of the bonding group varies according to the number of the activated ports in the group. l As defined in IEEE 802.3ah, the ratio of the maximum rate to the minimum rate in an EFM bonding group cannot exceed 4. For example, if the minimum rate is 192 kbps, the maximum rate cannot exceed 768 kbps.

l l

Supports F5 OAM loopback. Supports the configuration of ATM/EFM mode based on port.

The specifications that are supported only by the SHLM are as follows: l l Supports IMA bonding of G.SHDSL. Supports MELT function.

5.1.3 Availability
Hardware Support
The SHLB board supports 16 channels of ATM and PTM SHDSL service. The SHLM board with MELT function supports 16 channels of G.SHDSL.BIS service.

License Support
The port rate measurement function and cross talk cancellation supported by the MA5600T/ MA5603T is under license. Therefore, the corresponding service is also under license.

5.1.4 Reference
The following lists the reference documents of this feature: l l ITU-T Recommendation G.991.2 Annex A and Annex F. ITU-T Recommendation G.991.2 Annex B and Annex G.

5.1.5 Principle
Typical Application Model
The SHDSL operating principle is based on the G.991.2 (2001) standard. Figure 5-1 Typical application model of SHDSL
S/T User Terminal S/T User Terminal STU-R U-R DLL U-C SRU U-R U-C U-R U-C DLL STU-C V

DLL

CO Netw ork

. . .
Optional

Optional T1541150-00 (114701)

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

. . .

77

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

5 SHDSL Access

One SHDSL system consists of an STU-C, an STU-R, and a subscriber terminal. Multiple repeaters can be added to the line between the STU-C and the STU-R. l l l The STU-C provides service ports at the central office. The STU-R provides subscriber ports for connecting to multiple subscriber terminals. The SHDSL repeater unit (SRU) refers to the repeater. In ultra-long distance transmission, it recovers signals and re-transmits signals to increase the transmission distance.

The MA5600T/MA5603T does not support repeaters.

Terminal Model
The SHDSL terminal model consists of the following parts: l PDM module The PDM module implements functions such as: Regular code element generation and recovery, coding/decoding, modulation/demodulation, echo control, linear equalization, and link start SHDSL mainly uses the trellis coded pulse amplitude modulation (TC-PAM) technology. l PMS-TC module The PMS-TC module implements functions such as: framing, frame synchronization scrambling, and descrambling l TPS-TC module The TPS-TC module implements functions such as: mapping and encapsulation of data frames, multiplexing and demultiplexing, timing alignment of multiple subscriber data channels l I/F interface of the device at the central office It mainly provides the ATM port. The ATM port is used for transmitting ATM cells over the ATM network, or according to the carried packets, transmitting Ethernet packets encapsulated by the SAR module or E1/V3.5 signals over the Ethernet network. l I/F interface of the device on the subscriber side It corresponds to the I/F interface of the device at the central office. In general, the I/F interface is used for providing Ethernet ports or E1/V.35 ports. When the MA5600T/MA5603T uses the SHLB board, the TC-PAM encoding technology is shown as the following table. Table 5-1 TC-PAM encoding technology Compliant Standards SHDSL Describes... R = n64 + (i)8, 3 n 36 and 0 i 7 (192 kbit/s to 2312 kbit/s)

The SHLB board of the MA5600T/MA5603T is based on ATM. The board provides the Ethernet port (for broadband access) or E1/V.35 port (for private line access) for connecting subscriber
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 78

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

5 SHDSL Access

terminals. In the upstream direction, the board is connected to the metropolitan area network (MAN) through the upstream board.

5.1.6 Acronyms and Abbreviations


Acronyms and Abbreviations
Table 5-2 Acronyms and abbreviations of the ATM SHDSL access feature Acronym/Abbreviation SHDSL HDSL TC-PAM ATM Wet current Full Spelling Single-line high speed digital subscriber line High-speed digital subscriber line Trellis coded pulse amplitude modulation Asynchronous transfer mode 3-5 mA DC current provided for the subscriber line. (The purpose is to heat up the subscriber line to remove the gas such as steam attached to the surface of the subscriber line, thereby effectively preventing the subscriber line from corrosion and oxidation. In this way, the overall electric performance of the subscriber line is protected.)

5.2 EFM SHDSL Access


This topic describes the definition, purpose, specifications, and limitations of EFM SHDSL access feature. It also provides the glossary and the acronyms and abbreviations related to the EFM SHDSL access feature.

5.2.1 Introduction
Definition
SHDSL is an xDSL access technology, just like ADSL and VDSL. SHDSL provides the symmetric upstream and downstream rates. EFM SHDSL integrates the advantages of the SHDSL technology and the ADSL technology. That is, EFM SHDSL can provide traditional voice service and high rate Internet access service over common twisted pairs to meet the requirements for high definition TV service and VoD service from subscribers, which suit the last mile access for broadband to the campus.

Purpose
The utilization ratio of the EFM access service is high when the activation rates of the ATM and EFM access services are the same. Hence, if the subscriber terminal supports ATM and EFM SHDSL access services simultaneously, the EFM SHDSL access service is preferred.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 79

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

5 SHDSL Access

5.2.2 Specifications
The specifications of SHLB and SHLM are as follows: l l l These boards support the single-pair and two-pair modes. Network timing reference (NTR) clock. Automatic rate adjustment according to the line conditions during initialization.
NOTE

For the two, three, or four bound ATM ports, the system does not support automatic rate adjustment.

l l l l l l l l l l l

Reporting of the alarms and maintenance information of lines. PPPoE+ sub option. Dynamic adjustment of the specifications of the SHDSL line profile and alarm profile. Power-saving of the xDSL line. Supports wetting current. A maximum transmission distance of 6 km. Supports the configuration, modification, and query of the SHDSL line profile. Four modes of binding EFM or ATM ports: single-pair (two-wire), two-pair (four-wire), three-pair (six-wire), and four-pair (eight-wire). Line rate ranging from 192 kbit/s to 5696 kbit/s in the single-pair mode. Supports crosstalk cancellation. The line rate of the bound two, three, or four ATM/EFM ports is double, triple, or quadruple the line rate of a single port.
NOTE

l Each port in an EFM bonding group can be activated or deactivated independently. Hence, in a specific application, the line rate of the bonding group varies according to the number of the activated ports in the group. l As defined in IEEE 802.3ah, the ratio of the maximum rate to the minimum rate in an EFM bonding group cannot exceed 4. For example, if the minimum rate is 192 kbps, the maximum rate cannot exceed 768 kbps.

l l

Supports F5 OAM loopback. Supports the configuration of ATM/EFM mode based on port.

The specifications that are supported only by the SHLM are as follows: l l Supports IMA bonding of G.SHDSL. Supports MELT function.

5.2.3 Availability
Hardware Support
The SHLB board supports 16 channels of ATM and PTM SHDSL service. The SHLM board with MELT function supports 16 channels of G.SHDSL.BIS service.

License Support
The port rate measurement function and cross talk cancellation supported by the MA5600T/ MA5603T is under license. Therefore, the corresponding service is also under license.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 80

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

5 SHDSL Access

5.2.4 Reference
The following lists the reference documents of this feature: l l ITU-T Recommendation G.991.2 Annex A and Annex F. ITU-T Recommendation G.991.2 Annex B and Annex G.

5.2.5 Principle
Typical Application Model
The SHDSL operating principle is based on the G.991.2 (2001) standard. Figure 5-2 Typical application model of SHDSL
S/T User Terminal S/T User Terminal STU-R U-R DLL U-C SRU U-R U-C U-R U-C DLL STU-C V

DLL

CO Netw ork

. . .
Optional

Optional T1541150-00 (114701)

One SHDSL system consists of an STU-C, an STU-R, and a subscriber terminal. Multiple repeaters can be added to the line between the STU-C and the STU-R. l l l The STU-C provides service ports at the central office. The STU-R provides subscriber ports for connecting to multiple subscriber terminals. The SHDSL repeater unit (SRU) refers to the repeater. In ultra-long-distance transmission, it recovers signals and re-transmits signals to extend the transmission distance.

The MA5600T/MA5603T does not support repeaters.

Terminal Model
The SHDSL terminal model consists of the following parts: l PDM module The PDM module implements functions such as: Regular code element generation and recovery, coding/decoding, modulation/demodulation, echo control, linear equalization, and link start SHDSL mainly uses the trellis coded pulse amplitude modulation (TC-PAM) technology. l PMS-TC module The PMS-TC module implements functions such as: framing, frame synchronization scrambling, and descrambling l
Issue 01 (2011-10-30)

TPS-TC module
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 81

. . .

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

5 SHDSL Access

The TPS-TC module implements functions such as: mapping and encapsulation of data frames, multiplexing and demultiplexing, timing alignment of multiple subscriber data channels l I/F interface of the device at the central office Providing ATM ports or circuit interfaces The ATM port is used for transmitting ATM cells over the ATM network, or according to the carried packets, transmitting Ethernet packets encapsulated by the SAR module or E1/V3.5 signals over the Ethernet network or E1 links. The circuit interface is used for transmitting E1 or V.35 signals directly through the time division multiplexing (TDM) network. l I/F interface of the device on the subscriber side It corresponds to the I/F interface of the device at the central office. In general, the I/F interface is used for providing Ethernet ports (for delivering ATM cells processed by the SAR module) or E1/V.35 ports. Table 5-3 TC-PAM encoding technology Compliant Standards SHDSL Describes... R = n64 + (i)8, 3 n 89 and 0 i 7 (192 kbit/s to 5696 kbit/s)

Typical Networking Application


The following figure shows the typical networking application of EFM SHDSL. Figure 5-3 Typical networking application of EFM SHDSL

FE/GE

MA5600T/MA5603T

ATM SHDSL Modem

EFM SHDSL Modem

PC_A
Issue 01 (2011-10-30)

PC_B
82

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

5 SHDSL Access

5.2.6 Glossary, Acronyms, and Abbreviations


Glossary
None

Acronym and Abbreviations


Table 5-4 Acronyms and abbreviations of the EFM SHDSL access feature Acronym/Abbreviation EFM SHDSL HDSL Wet current Full Spelling Ethernet in the first mile Single-line high speed digital subscriber line High-speed digital subscriber line 3-5 mA DC current provided for the subscriber line. (The purpose is to heat up the subscriber line to remove the gas such as steam attached to the surface of the subscriber line, thereby effectively preventing the subscriber line from corrosion and oxidation. In this way, the overall electric performance of the subscriber line is protected.)

5.3 TDM SHDSL Feature


5.3.1 Introduction
Definition
Single-pair high-speed digital subscriber line (SHDSL), defined by ITU-T (such as ITU-T G. 991.2), is a data transmission technology over twisted pairs to transmit voice, data, and video signals. TDM SHDSL is a mode to transmit TDM signals through SHDSL. As the transmission mode varies, the device provides different types of upstream ports. Specifically, the TDM-E1-G.703 electrical port is used by the device for the TDM transmission system; the ATM-STM-1 optical port is used by the device for the ATM transmission system. Similarly, the user-side CPE also provides different types of data ports to adapt to different transmission modes. Specifically, for the TDM transmission system, the CPE generally provides the TDM-V.35 or E1-G.703 port; for the ATM transmission system, the CPE generally provides the ATM-FR-V.35, 10/100Base-T Ethernet, or ATM-CE-V.35 (or E1-G.703) port.

Purpose
TDM SHDSL provides the TDM-V.35 or E1-G.703 port. Compared with the V.35 and E1 cables, SHDSL has an advantage of farther transmission distance; therefore, SHDSL can extend the reach of DDN nodes over abundant twisted pair resources.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 83

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

5 SHDSL Access

TDM SHDSL achieves E1 transmission and access over subscriber cables at "last two miles" and at the same time carries various services of N x 64 kbit/s. Hence, TDM SHDSL makes possible the broadband private line access for users over the existing transmission network resources.

Benefit
The abundant twisted pair resources can be utilized to achieve the long-distance access of the circuit emulation equipment with the E1 or V.35 port, thereby reducing the consumption of copper wire resources.

5.3.2 Specifications
The specifications of the TDM SHDSL feature are as follows: SHDSL plane: l l l Data path mode: ATM, PTM, TDM Rate: N x 64 kbit/s (3 N 32) Frame structure: E1, V35

TDM SHDSL port plane: l l l l l l l l l Supports 16 SHDSL ports per EDTB board. Clock source: system clock and line clock Supports 2-wire and 4-wire modes. Supports access of the PRA service through SHDSL. Supports the configuring of the signaling mode and frame format: CCS and UNFRAME. Supports CRC4: enable/disable. Supports loopback on an SHDSL port (loopback mode: local loopback and remote loopback). Supports power backoff on an SHDSL port. Supports the reporting of alarms and maintenance information about lines.
NOTE

TDM SHDSL generally provides a 2-wire port. When the transmission distance exceeds 6 km, the 4-wire port is required. A 4-wire port is implemented by bundling two 2-wire ports.

E1 port plane: l l l l l l l Supports 16 E1 ports per EDTB board. Clock source: system clock and line clock Supports the configuring of the signaling mode and frame format: CCS and UNFRAME. Supports CRC4: enable/disable. Supports the configuring of the line impedance (75 ohms or 120 ohms) on the E1 port. Supports loopback on an E1 port (loopback mode: local loopback and remote loopback). Supports the reporting of alarms and maintenance information about lines.

Public plane: l
Issue 01 (2011-10-30)

Configures the working mode of EDTB: VOICE mode or SAToP mode.


Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 84

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

5 SHDSL Access

l l l

Configures the running mode of VOICE: service mode and transparent transmission mode. Supports PRA services (including H.248- and SIP-compliant) and IP semipermanent connections (SPCs) in service mode. Supports a maximum of 512 (number of B channels) concurrent online PRA users.

Device capability: l l l Supports a maximum of 64 ports corresponding 2 H802EDTB boards in service mode. Supports a maximum of 8 H802EDTB boards in transparent transmission mode. Supports a maximum of 256 ports corresponding 8 H802EDTB boards in SAToP mode.

5.3.3 Reference Standards and Protocols


The reference standards and protocols of the TDM SHDSL feature are as follows: l l G.991.2 Annex A and Annex F: Standards applicable for North America ITU-T G.991.2 Annex B and Annex G: Standards applicable for European

5.3.4 Availability
Relevant NE
The TDM SHDSL modem must support the TDM SHDSL protocol.

License Support
The TDM SHDSL feature is provided without a license.

Version Support
Table 5-5 Version support Product MA5600T/MA5603T Version V800R008 and later versions

Hardware Support
Currently, the board supporting the TDM SHDSL feature is H802EDTB.
NOTE

If the PRA service is required, the H802EDTB board must be installed with a voice daughter board. If the IP SPC service is required, the H802EDTB board must be installed with a voice daughter board. The TDM SHDSL modem must support the TDM SHDSL protocol. If the multi-pair mode is required, the terminal must support the multi-pair mode of the same port.

Limitations
The H802EDTB board can work only in the VOICE mode .
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 85

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

5 SHDSL Access

When working in the VOICE mode, the H802EDTB can be further configured with the service mode and the transparent transmission mode. l l In the case of the transparent transmission mode, only transparent transmission is allowed and the PRA or SPC service cannot be configured. In the case of the service mode, transparent transmission is not allowed and the PRA and SPC services can be configured.

When the clock source of the H802EDTB board is configured to line clock, ports with UNFRAME configuration cannot be selected as the clock source. When working in the transparent transmission mode, the H802EDTB board need not be configured with the clock source.

5.3.5 Principle
Basic Principle
Based on the G.991.2 (2001) standard, the SHDSL system consists of an SHDSL transceiver unit at the Central Office (STU-C), an SHDSL transceiver unit at the Remote End (STU-R), and a user terminal. Between STU-C and STU-R, there may be several SHDSL regenerator units (SRUs), as shown in Figure 5-4. Figure 5-4 Typical application model of SHDSL
S/T User terminal U-R U-C S/T User terminal Optional Optional STU-R SRU

...

U-R

U-C STU-C

V CO network

SRU: SHDSL Regenerator Unit STU-C: STU at the Central Office

STU: SHDSL Transceiver Unit STU-R: STU at the Remote End

l l l

The STU-C provides the service ports on the CO side. The STU-R provides the user ports. One STU-R can be connected to multiple user terminals. SRUs are used in ultra-distance transmission and it recovers signals and re-transmits signals to increase the transmission distance.

STU-Cs are generally placed in a centralized manner and provide network-side upstream ports to form the DSLAM equipment. According to the varying transmission mode in the system, the DSLAM provides different upstream ports.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 86

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

5 SHDSL Access

l l

In the case of the TDM transmission system, the DSLAM generally provides the TDM-E1G.703 electrical port. In the case of the ATM transmission system, the DSLAM generally provides the ATMSTM-1 optical port.

The STU-R and user-side data port form the user-side CPE. Similarly, the CPE provides different user-side ports to meet the requirements of the varying transmission modes. l l In the case of the TDM transmission system, the CPE generally provides the TDM-V.35 or E1-G.703 port. In the case of the ADM transmission system, the CPE generally provides the ATM-FR-V. 35, 10/100Base-T Ethernet port, or ATM-CE-V.35 (or E1-G.703) port.
NOTE

In the case of the TDM transmission system, the MA5600T/MA5603T supports only the TDM-E1-G.703 electrical port for upstream transmission and only TDM SHDSL (E1) on the user side. In the case of the ATM transmission system, because the IP network is a mainstream network, the MA5600T/ MA5603T does not support the ATM-STM-1 optical port for upstream transmission but the MA5600T/ MA5603T supports ATM access.

Working Mode
The H802EDTB board can work in the VOICE mode. In the case of TDM SHDSL in the VOICE mode, the H802EDTB board needs to be configured with the working sub-mode: service mode or transparent transmission mode. l Service mode Each G.SHDSL port and E1 port are independent ports, on which the SPC, PRA service, port rate, or port mode can be configured. l Transparent transmission mode The H802EDTB board automatically connects the Nth SHDSL line with the Nth E1 line to transparently transmit the 2M data. The E1 port is in the UNFRAME format. The clock locks the Nth E1 line clock. Therefore, every E1 line has its independent clock. In the transparent transmission mode, the SPC and PRA services cannot be configured.

5.3.6 Narrowband Data Private Line Service Applications


The narrowband data private line service is mainly demonstrated in expanding the reach of DDN nodes. TDM SHDSL for expanding the reach of DDN nodes is a mainstream method supported by the integrated access equipment to provide the DDN service. On the CO side, the integrated access equipment connects to the DDN node through E1; on the user side, the TDM-capable SHDSL modem provides the TDM SHDSL (E1) port to implement N x 64 kbit/s private line access and at the same time achieves private line interconnection by supporting the V.35-capable router, as shown in Figure 5-5.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

87

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

5 SHDSL Access

Figure 5-5 Narrowband data private line service applications


Router FE V.35 SHDSL modem TDM SHDSL (E1) E1 SHDSL modem V.35 TDM SHDSL (E1) MA5600T/ MA5603T

Router FE

The MA5600T/MA5603T connects to the DDN node in the following two ways: l l Transparent transmission Aggregation

Figure 5-6 shows how the MA5600T/MA5603T connects to the DDN node in the transparent transmission mode: The H802EDTB board connects upstream to the DDN network through E1 and connects downstream to the SHDSL modem through SHDSL. Figure 5-6 Connection to the DDN (in the transparent transmission mode)

E1 H802 EDTB E1 Port E1 E1 ... E1

SHDSL Port

SHDSL

SHDSL

...

SHDSL

SHDSL SHDSL modem Router

The working sub-mode of the H802EDTB board of the MA5600T/MA5603T is set to the transparent transmission mode. In this mode, the H802EDTB board automatically maps E1 ports 0-15 to SHDSL ports 16-31 to transparently transmit data.
NOTE

In addition, the clock source for every E1 port on the H802EDTB board comes from the E1 line clock and the clock source for an SDHSL port keeps synchronized with its corresponding E1 port.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

88

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

5 SHDSL Access

Figure 5-7 shows how the MA5600T/MA5603T connects to the DDN node in the aggregation mode: The H802EDTB connects upstream to the DDN network through E1 and connects downstream to the SHDSL modem through SHDSL. Figure 5-7 Connection to the DDN (in the aggregation mode)

E1 H802 EDTB E1 Port TS0 TS1 ... TSn N*64K SHDSL Port ... 64K ... 32*64K SHDSL SHDSL modem N*64K Router M*64K 64K 64K ... ... TSm ... TS 31 M*64K 64K 32*64K SHDSL ...

An SHDSL port supports only framed N x 64 kbit/s, that is, the SHDSL modem still sends 32 x 64 kbit/s to the equipment (certain timeslots of the 32 timeslots may not carry data because N may be smaller than 32). In this way, The H802EDTB board aggregates certain timeslots in 32 x 64 kbit/s for multiple SHDSL ports and then sends them upstream to the DDN.
NOTE

That is, N x 64 kbit/s is input to the SHDSL modem and the modem outputs E1 frames with 32 timeslots. The equipment aggregates certain timeslots of multiple E1 frames into a same E1 port and then sends them upstream to the DDN.

The working sub-mode of the H802EDTB board of the MA5600T/MA5603T is set to the service mode. In addition, the frame format of the E1 and SHDSL ports are configured to UNFRAME, and SPCs are set up for timeslots between N x 64 kbit/s for multiple SHDSL ports and E1 ports. This achieves the aggregation of multiple N x 64 kbit/s into E1, that is, timeslot channels of different lines are multiplexed to the same E1 upstream port, thereby saving E1 resources.

5.3.7 PRA Carrying Applications


Figure 5-8 shows the long-distance access of the PBX to the IP network for carrying the PRA service.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

89

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

5 SHDSL Access

Figure 5-8 PRA carrying applications


PBX TDM SHDSL modem MA5600T/ MA5603T

Softswitch/IMS E1/ PRA TDM SHDSL

E1

TG

H.248/SIP RTP

l l

The PBX provides E1 in the upstream direction. The SHDSL modem implements the E1-to-SHDSL conversion and connects upstream through SHDSL to the SHDSL port on the H802EDTB board of the MA5600T/ MA5603T. The MA5600T/MA5603T connects upstream to the IP network. The working mode of the H802EDTB board of the MA5600T/MA5603T is configured to the service mode. The signaling mode of the SHDSL port is configured to CCS. In addition, the D channel signaling of the PRA is transmitted in timeslot 16 and timeslot 0 is used for frame synchronization.

l l l

By using SHDSL, the MA5600T/MA5603T provides long-distance transmission to implement long-distance access of the MA5600T/MA5603T and PBX.

5.3.8 Glossary, Acronyms, and Abbreviations


Glossary
Glossary Port binding Explanation Port binding is to bind two or more ports as one port for use, thereby increasing bandwidth. A timeslot represents a communication channel and is allocated to one user. (Time is segmented into periodical non-overlapped frames and every frame is further segmented into several non-overlapped timeslots.)

Timeslot

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

90

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

5 SHDSL Access

Glossary Common channel signaling

Explanation Common channel signaling (CCS) is a method of transmitting a group of voice signaling over the public data link in the form of messages, where the signaling channel and the service channel are completely separate. China's No. 7 signaling system is a CCS system. Channel associated signaling (CAS) is a method of transmitting signaling over the corresponding voice channels. China's No. 1 signaling system is a CAS system.

Channel associated signaling

Acronym and Abbreviation


Acronym and Abbreviation CAS CCS CPE TDM DDN PBX SPC PRA SAToP Full Spelling Channel associated signaling Common channel signaling Customer premises equipment Time division multiplexing Digital data network Private branch exchange Semipermanent connection Primary rate access Structure-agnostic transport over packet

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

91

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

6 ATM Access

6
About This Chapter
6.1 Introduction 6.2 Specifications 6.3 Reference Standards and Protocols 6.4 Availability 6.5 Principle

ATM Access

This topic describes the definition, purpose, specifications, reference standards and protocols, availability, and principle of the ATM access feature.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

92

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

6 ATM Access

6.1 Introduction
Definition
The ATM access is a feature by which the MA5600T/MA5603T provides ATM ports to subtend the traditional ATM DSLAMs in the current network.

Purpose
Currently, the IP MAN, instead of the ATM network, is mainly used. Original ATM networks gradually evolve to IP MANs. In the evolution from ATM networks to IP networks, carriers are gradually replacing ATM devices with IP devices. In the current network, however, there are still a large number of ATM devices, which are distributed at the ATM access layer and the ATM backbone layer. To protect the investment and the network stability of carriers, the MA5600T, a new generation IP-core DSLAM, provides ATM ports to subtend the traditional ATM DSLAMs.

Glossary
Table 6-1 Glossary of the ATM access feature Glossary PWE3 Explanation Pseudo wire emulation edge-to-edge (PWE3) is an end-to-end technology for bearing Layer 2 services. It is a point-to-point L2VPN.

Acronyms and Abbreviations


Table 6-2 Acronyms and abbreviations of the ATM access feature Acronym/Abbreviation ATM CAR PWE3 PVC PVP VP Full Spelling Asynchronous Transfer Mode Committed Access Rate Pseudo wire Emulation Edge-to-Edge Permanent Virtual Channel Permanent Virtual Path Virtual Path

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

93

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

6 ATM Access

6.2 Specifications
Specifications
l l l l l l l PVC switching PPPoE+ and DHCP option 82 QinQ VLAN and VLAN stacking Upstream transmission through a smart VLAN or MUX VLAN CAR (at a granularity of 64 kbit/s) for the downstream direction of the PVC Up to four STM-1 ports on each AIUG board Upstream transmission mode: upstream transmission through GE ports

Limitations
l l l l VP switching is not supported. Configuring PVP is not supported. The CES or FR service (that has high requirements for clock) on the subtended ATM DSLAMs is not supported. The multicast service on the subtended ATM DSLAMs is not supported. The single-PVC for multiple services on the subtended ATM DSLAMs is not supported.

6.3 Reference Standards and Protocols


The following lists the reference standards and protocols of this feature: l l ITU-T I.363.5, AAL5 Service Adaptation Protocol ITU-T I.361, B-ISDN ATM layer specification

6.4 Availability
License Support
The ATM access feature is an optional feature of the MA5600T/MA5603T, and the corresponding service is controlled by a license.

Version Support
Table 6-3 Version Support Product MA5600T/ MA5603T Version V800R004 and later

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

94

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

6 ATM Access

Hardware Support
The AIUG board (ATM unit interface board) supports the ATM access feature. Each AIUG board provides two slots for housing daughter boards, and provides one to four 155 Mbit/s ATM optical ports through the O2CS optical daughter board. The O2CS optical daughter board is an STM-1 single-mode optical daughter board. The optical fiber must match the type of the optical port. That is, only single-mode optical fibers can be connected to the single-mode optical ports. The following table describes the names and functions of the daughter boards supported by the AIUG board. Daughter Board O2CS Description Two single-mode STM-1 optical ports (can be used as the UNI); a maximum transmission distance of 30 km Maximum Number of Daughter Boards on AIUG 2

The AIUG board provides a maximum bandwidth of 300 Mbit/s. The bandwidth assigned to each port, however, depends on the port quantity and port type. The following lists the default values configured during initialization. l l When the AIUG board provides two optical ports, the bandwidth allocated to each port is 155 Mbit/s and the total bandwidth is 300 Mbit/s. When the AIUG board provides four optical ports, the bandwidth allocated to each port is 75 Mbit/s and the total bandwidth is 300 Mbit/s.

6.5 Principle
Clock Feature of the AIUG Board
The AIUG board supports two modes of Tx clock: the system clock and the line clock. The line-side clock of the AIUG board can be used as the clock source of the clock daughter board of the control board. At the same time, the system clock can be used as the line Tx clock of the AIUG board. When the control board does not have a clock daughter board, the system clock can be used as the line-side clock of the AIUG board.

ATM Access/Upstream Transmission Through Ethernet Ports


In the case of the ATM access, the upstream transmission through Ethernet ports is supported. The most common function of an ATM port is to convert the ATM cells from the ATM DSLAM into Ethernet packets, and then to send the Ethernet packets to the upper-layer Ethernet MAN through the upstream interface of the IP DSLAM. Figure 6-1 illustrates the principle of ATM access/upstream transmission through Ethernet ports.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

95

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

6 ATM Access

Figure 6-1 Principles of ATM access/upstream transmission through Ethernet ports

ATM BRAS

ATM PWE3

GE/ FE MA5600T/ MA5603T STM-1 ATM DSLAM

ADSL2+

Modem Modem

Upstream direction (from the ATM DSLAM to the IP DSLAM) 1. 2. 3. 4. Restore the ATM frames from the ATM DSLAM to ATM cells. Assemble ATM cells to ALL5 frames. Restore AAL5 frames to Ethernet frames. Add the corresponding VLAN tag in the Ethernet frame header and send the Ethernet frame to the Ethernet MAN through the upstream interface. The IP DSLAM receives Ethernet packets from the Ethernet MAN and encapsulates them to AAL5 frames. The IP DSLAM segments AAL5 frames as single cells. The IP DSLAM encapsulates cells to the frames of the corresponding ATM interface (for example, an STM-1 port) and sends the frames to the ATM DSLAM through the ATM interface (for example, an STM-1 port).

Downstream direction (from the IP DSLAM to the ATM DSLAM) 1. 2. 3.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

96

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

7 MPLS

7
About This Chapter
7.1 Overview 7.2 Reference Standards and Protocols 7.3 Availability

MPLS

Multiprotocol Label Switching (MPLS) was introduced to improve the forwarding speed. However, because of its excellent performance in traffic engineering (TE) and virtual private network (VPN), which are the two critical technologies, MPLS is becoming an important standard for extending the IP network.

7.4 MPLS Multiprotocol Label Switching (MPLS) was introduced to improve the forwarding speed. However, because of its excellent performance in traffic engineering (TE) and virtual private network (VPN), which are the two critical technologies, MPLS is becoming an important standard for extending the IP network. This topic provides the introduction, availability, principle, and reference of the MPLS feature. 7.5 MPLS RSVP-TE MPLS RSVP-TE is a technology which integrates TE and the MPLS superimposed model. It provides high quality of service (QoS) and TE capability for users by establishing LSPs based on TE. This topic provides introduction to this feature and describes the principle and reference documents of this feature. 7.6 MPLS OAM MPLS OAM checks if an LSP is in the normal state through a mechanism, and reports the alarm information if the LSP fails. This topic provides introduction to this feature and describes the principle and reference documents of this feature. 7.7 Glossary, Acronyms, and Abbreviations This topic provides the glossary, acronyms, and abbreviations of the MPLS feature.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

97

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

7 MPLS

7.1 Overview
Multi-protocol Label Switching (MPLS) is between the data link layer and the network layer in the TCP/IP protocol stack. The label in a short fixed length is used to encapsulate IP packets. On the data plane, fast label forwarding is implemented. On the control plane, MPLS can meet the requirements on the network from various new applications with the help of the powerful and flexible routing functions of the IP network. The MPLS feature includes the following sub features: l Basic MPLS functions Basic MPLS functions provide a basis for other MPLS sub features. MPLS, which is not restricted by any specific link layer protocol, can use any Layer 2 medium to transmit network packets. This shows that MPLS is not a service or application, but a tunnel technology. This technology can both support multiple higher-layer protocols and services, and ensure the security of information transmission to a certain extent. l MPLS RSVP-TE To deploy engineered traffic on a large-scale backbone network, a simple solution with good expansibility must be adopted. MPLS, as a stacking model, can easily establish a virtual topology over a physical network and map traffic to this topology. Therefore, a technology that integrates MPLS with traffic engineering, namely, MPLS-TE is generated. l MPLS OAM MPLS, as the key bearer technology for the extensible network-generation network, provides multiple services with QoS guarantee. In addition, MPLS introduces a unique network layer and therefore the faults caused by this new network layer may occur. Therefore, an MPLS network must have the OAM capability. The MPLS feature supports the following functions: l l l l l Functioning as a P device Capability of 100 pps for processing LDP and RSVP packets when functioning as a P device MPLS label switching Penultimate hop popping (PHP) Query of LSP packet statistics by label

7.2 Reference Standards and Protocols


The following lists the reference standards and protocols of this feature: 1. PWE3 l RFC3985: Pseudo Wire Emulation Edge-to-Edge (PWE3) Architecture l RFC4447: Pseudowire Setup and Maintenance Using the Label Distribution Protocol (LDP) l RFC3916: Requirements for Pseudo-Wire Emulation Edge-to-Edge (PWE3) l RFC4446: IANA Allocations for Pseudowire Edge to Edge Emulation (PWE3) l RFC4717: Encapsulation Methods for Transport of Asynchronous Transfer Mode (ATM) over MPLS Networks
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 98

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

7 MPLS

l RFC4448: Encapsulation Methods for Transport of Ethernet over MPLS Networks l RFC5085: Pseudowire Virtual Circuit Connectivity Verification (VCCV): A Control Channel for Pseudowires l RFC4553: Structure-Agnostic Time Division Multiplexing (TDM) over Packet (SAToP) l RFC5462: Multiprotocol Label Switching (MPLS) Label Stack Entry: EXP Field Renamed to Traffic Class Field l RFC4385: Pseudowire Emulation Edge-to-Edge (PWE3) Control Word for Use over an MPLS PSN l draft-ietf-pwe3-redundancy-bit-00 2. RSVP l RFC2205: Resource ReSerVation Protocol (RSVP) -- Version 1 Functional Specification l RFC3209: RSVP-TE: Extensions to RSVP for LSP Tunnels l RFC2210: The Use of RSVP with IETF Integrated Services l RFC2961: RSVP Refresh Overhead Reduction Extensions l RFC3270: Multi-Protocol Label Switching (MPLS) Support of Differentiated Services l RFC4090: Fast Reroute Extensions to RSVP-TE for LSP Tunnels 3. LDP l RFC3031: Multiprotocol Label Switching Architecture l RFC5036: LDP Specification l RFC3215: LDP State Machine l RFC3478: Graceful Restart Mechanism for Label Distribution Protocol l RFC3815: Definitions of Managed Objects for the Multiprotocol Label Switching (MPLS), Label Distribution Protocol (LDP) 4. MPLS l draft-ietf-mpls-lsp-ping-version-06 l RFC4379: Detecting Multi-Protocol Label Switched (MPLS) Data Plane Failures l RFC3032: MPLS Label Stack Encoding l RFC3469: Framework for Multi-Protocol Label Switching (MPLS)-based Recovery l RFC3812: Multiprotocol Label Switching (MPLS) Traffic Engineering (TE) Management Information Base (MIB) l RFC3813: Multiprotocol Label Switching (MPLS) Label Switching Router (LSR) Management Information Base (MIB) l RFC3814: Multiprotocol Label Switching (MPLS) Forwarding Equivalence Class To Next Hop Label Forwarding Entry (FEC-To-NHLFE) Management Information Base (MIB) l Y.1710: Requirements for OAM functionality for MPLS networks l Y.1711: OAM mechanisms for MPLS networks l Y.1720: Protection switching for MPLS networks

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

99

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

7 MPLS

7.3 Availability
License Support
The MPLS feature is an optional feature, and the corresponding service is controlled by the license.

Version Support
Table 7-1 Version Support Product MA5600T/ MA5603T Version V800R062 and later (exclude V800R009C00)

Feature Dependency
l l l l l l l l l l l l The MA5600T/MA5603T cannot support the Layer 3 VPN. One subrack supports up to two SPUB boards. It is recommended that you insert these two boards into two adjacent parity slots and set them to work in the active-standby mode. The CR-LDP is not supported. Auto TE FRR is not supported. FDI is not supported. OAM for the external LSP that is set up by the LDP is not supported. The reverse channel of MPLS OAM must be a dedicated LSP but cannot be a shared LSP or non-MPLS channel. Facility Backup is supported, but one-to-one backup protection is not supported. The MA5600T/MA5603T can function as the label switching router (LSR). The load sharing among LDP LSPs is supported. The MA5600T/MA5603T can function as the P node on the network. VCCV detecting for the PW is supported.

Hardware Support
The cooperation from the SPUB board is required.

7.4 MPLS
Multiprotocol Label Switching (MPLS) was introduced to improve the forwarding speed. However, because of its excellent performance in traffic engineering (TE) and virtual private network (VPN), which are the two critical technologies, MPLS is becoming an important standard for extending the IP network. This topic provides the introduction, availability, principle, and reference of the MPLS feature.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

100

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

7 MPLS

7.4.1 Introduction
Definition
Basic MPLS features mainly refer to the MPLS Label Distribution Protocol (LDP) and LSP management function. The LDP protocol is a standard MPLS label distribution protocol defined by the IETF. LDP, which is mainly used to allocate labels for the negotiation between LSRs to set up label switching paths (LSPs), regulates various types of information for the label distribution process, and the related processing. The LSRs form an LSP that crosses the entire MPLS domain according to the local forwarding table, which correlates in the label, network hop node, and out label of each specific FEC. With the LSP management function, the MA5600T/MA5603T can manage and maintain the LSPs generated by various LDPs and can issue the hardware forwarding module.

Purpose
MPLS is initially put forth to improve the forwarding speed of routers. Compared with the traditional IP routing mode, during data forwarding, MPLS analyzes the IP packet header only on the edge of the network, but does not analyzes the IP packet header at each hop. This saves the processing time. With the development of the ASIC technology, the route search speed is not a bottleneck for network development. Thus, MPLS has not obvious advantages in forwarding speed. MPLS, however, is widely applied to the virtual private network (VPN), traffic engineering, and quality of service (QoS) due to its characteristics of supporting multi-layer labels and connected-oriented forwarding plane. Therefore, MPLS becomes an increasingly important standard for expanding the scale of the IP network.

7.4.2 Specifications
MPLS can use multiple LDPs, including the following protocols: l l The protocols dedicated for label distribution, such as LDP and constraint-based routing using LDP (CR-LDP) The extended label distribution protocols based on existing protocols, such as Border Gateway Protocol (BGP) and Resource Reservation Protocol (RSVP)

The MA5600T/MA5603T supports the LDP and RSVP protocols and manual configuration of the static LSP. The MA5600T/MA5603T does not support the CR-LDP protocol and the BGP label distribution protocol.
NOTE

The MA5600T/MA5603T cannot use the BGP protocol to distribute labels; however, the MA5600T/ MA5603T supports the BGP routing protocol.

l l l l
Issue 01 (2011-10-30)

Downstream unsolicited (DU) label distribution and downstream-on-demand (DoD) label distribution LDP inter-domain extension function Ordered label control mode Liberal label retention mode
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 101

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

7 MPLS

l l l l l l l l

Penultimate hop popping function, and implicit and explicit NULL labels Functioning as the LER and the transit LSR 1024 LDP LSPs 256 static LSPs 32 LDP local peers 530 LDP remote peers LDP graceful restart (GR) function Value range of labels: In label of the static LSP: 8192-9343 In label of the static PW: 8192-9343 Label distributed through LDPl: 10240-16383 Label distributed through RSVP: 10240-16383 Label distributed through L2VPN: 10240-16383

SPUB supporting a total of 10G switching capacity in upstream and downstream directions when the system work in the active/standby mode: 5G for each of upstream and downstream when traffic exists in both directions 10G for upstream or downstream when traffic exists only in one direction

SPUB supporting a total of 20G switching capacity in upstream and downstream directions when the system work in the load-sharing mode: 10G for each of upstream and downstream when traffic exists in both directions 20G for upstream or downstream when traffic exists only in one direction

Active-standby working mode of the MPLS service processing board

7.4.3 Principle
Multiprotocol label switching (MPLS) was introduced to improve the forwarding speed. However, because of its superb performance in traffic engineering (TE) and virtual private network (VPN), which are the two critical technologies in the current IP network, MPLS has become an important standard for extending the IP network. IP technologies are connectionless at both the forwarding plane and control plane while ATM technologies are connection-oriented at the two planes. The MPLS technology combines the advantages of IP and ATM technologies and achieves a connectionless control plane and a connection-oriented forwarding plane. Such a combination provides for flexible IP routing and convenient Layer 2 switching as well as expanded ATM service variety. Figure 7-1 shows the MPLS packet format. Figure 7-1 MPLS packet format

Label

TC

TTL

Layer 2 header

MPLS header

IP header

Data

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

102

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

7 MPLS

l l l l

Label: a 20-bit label value field, used as the forwarding pointer. TC: short for traffic class, a 3-bit field for QoS (note that this field was named EXP and is renamed TC in RFC5462). S: a 1-bit bottom of stack field. This bit set to 1 indicates the bottom label in the label stack. TTL: short for time to live, an 8-bit field, similar to the TTL field in an IP header.

Basic MPLS Concepts


l Forwarding equivalence class (FEC) An FEC refers to a group of data streams which are forwarded in the same manner. These data streams are forwarded by the LSR in the same manner. Theoretically, FECs can be classified according to the IP address, service type, or QoS. For example, in the conventional IP forwarding by using the maximum matching algorithm, all the packets to the same route belong to an FEC. Currently, FECs are generally classified based on the address. The MA5600T/MA5603T supports only address-based FECs. l Label A label is a short fixed length physically contiguous identifier which is used to identify an FEC, usually of local significance. In certain conditions, for example, when load sharing is required, one FEC may map multiple labels. On one device, however, one label can represent only one FEC. Label encapsulation is performed between the link layer and the network layer. Therefore, label can be supported by any link layer. l Penultimate hop popping On the last hop node, the label no longer has any function. In this case, the label stack may be popped at the penultimate LSR of the LSP, rather than at the LSP Egress, to reduce the load of the last hop LSR. The last hop LSR directly forwards IP packets or next-layer labels, which are configured at the egress by the PHP. l Label switching router (LSR) An LSR, also called an MPLS node, is a network device which is capable of exchanging and forwarding MPLS labels. LSRs are the basic elements in an MPLS network. All LSRs support the MPLS protocol. l Label edge router (LER) An LSR on the edge of the MPLS domain is called the LER. If an LSR has a neighbor node that does not run the MPLS protocol, the LSR is an LER. The LER is responsible for classifying the packets that enter the MPLS domain to FECs and adding labels to these FECs for forwarding in the MPLS domain. When the packets leave the MPLS domain, the FECs pop up the labels, resume the original packets, and then are forwarded accordingly. l Label switched path (LSP) The path that a packet in a particular FEC traverses in an MPLS network is called the LSP. The LSP, similar to the ATM virtual circuit in function, is a unidirectional path from the ingress to the egress. l Label distribution protocol (LDP) LDP, also called the signaling protocol, is the MPLS control protocol. LDP is responsible for series of operations such as FEC classification, label distribution, and LSP establishment and maintenance. MPLS can use multiple label distribution protocols, such as the Label Distribution Protocol (LDP) and Resource Reservation Protocol Traffic Engineering (RSVP-TE).
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 103

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

7 MPLS

LDP is a standard MPLS label distribution protocol defined by the IETF. LDP is responsible for FEC classification, label distribution, and LSP establishment and maintenance. RSVP-TE is an extension to RSVP and provides high QoS and TE capability for users by establishing TE LSPs. l Label distribution mode In an MPLS system, the downstream LSR determines the label to be advertised to a specific FEC, and then notifies the upstream LSR. That is, the label is specified by the downstream LSR, and is advertised from the downstream LSR to the upstream LSR. The label advertisement modes on the upstream and downstream LSRs with label advertisement adjacencies must be the same. Otherwise, the LSP cannot be set up. The two label advertisement modes are as follows: Downstream unsolicited (DU) mode In the DU mode, the LSR allocates labels to a specific FEC without asking for the label request message from upstream LSRs. Downstream on demand mode In the DoD mode, the LSR allocates labels to a specific FEC only after obtaining the label request message from upstream LSRs.
NOTE

When a downstream LSR feeds back the label mapping information is determined by the label control mode used by the LSR. l When an LSR supports the ordered label control mode, it sends the label mapping information to the upstream LSR only when it receives the label mapping message returned by the downstream LSR, or when it is the egress node of the FEC. l When an LSR supports the independent label distribution control mode, it sends the label mapping message to the upstream LSR regardless of whether it receives the label mapping message returned by the downstream LSR.

Label distribution control mode The label distribution control mode is the mode used by the LSR to allocate labels during the establishment of LSPs. The two label distribution control modes are as follows: Independent label distribution control mode In the independent label distribution control mode, the local LSR can independently allocate a label to an FEC and binds the label to the FEC, and notify the upstream LSR of the label, without waiting for the label from the upstream LSR. Ordered label control mode In the ordered label control mode, the LSR can send the label mapping message of an FEC to the upstream LSR only when the LSR has the label mapping message of the next hop of the FEC, or when the LSR is the egress node of the FEC.

Label retention mode The label retention mode is the mode adopted by the LSR to process the received label mapping messages that are not in use temporarily. The two label retention modes are as follows: Liberal retention mode If an LSR supports the liberal retention mode, it maintains the label mapping received from the neighbor LSR regardless of whether the neighbor LSR is its own next hop.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

104

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

7 MPLS

When the next hop neighbor changes due to the change of network topology, the LSR that supports the liberal retention mode can use the label sent from the non-next-hop neighbor to set up LSPs quickly. This, however, requires more memory and label space. Conservative retention mode If an LSR supports the conservative retention mode, it maintains the label mapping received from the neighbor LSR only when the neighbor LSR is its next hop. When the next hop neighbor changes due to the change of network topology, the LSR that supports the conservative retention mode can save memory and label space because the LSR maintains only the label from the next hop neighbor. The re-establishment of LSPs, however, lasts a long time. Figure 7-2 shows the protocol stack model for label distribution. Figure 7-2 Protocol stack model for label distribution

Label 300 LER LSR

Label 200 LSR

Label 100 LER

IP ETH

IP ETH

IP ETH

IP ETH

IP ETH

IP ETH

IP ETH LSP(100) VLAN ETH

IP ETH xDS L

xDS L LSP(300 ) VLAN ETH

LSP(300) LSP(200) VLAN ETH VLAN ETH

LSP(200) LSP(100) VLAN ETH VLAN ETH

LER: Push Label Or POP Label

LSR: Switch Label

LSR: Switch Label

LER: Push Label Or POP Label

Working principle of the MPLS feature


Figure 7-3 shows the working principle of the MPLS feature Figure 7-3 MPLS network structure
MA5600T/ MA5603T MA5600T/ MA5603T

Label Switched Path (LSP) Ingress

Egress MPLS core LSR MPLS Edge Router (LER)

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

105

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

7 MPLS

1. 2. 3. 4.

First, enable MPLS and LDP on each router on the network, and enable LDP on the interconnected interfaces. Consequently, LDP automatically sets up an LDP session between any two routers. The LDP packets are carried on this session. LDP works with the traditional routing protocol such as OSPF and RIP to set LSPs in each LSR for the FEC with service requirements. LDP does not need to be enabled for the establishment of static LSPs. Configure the FEC, and inbound and outbound labels on each MPLS router that the static LSP travels.

MPLS Active and Standby Protection


The MA5600T/MA5603T implements active and standby protection for the MPLS service through the active and standby MPLS service boards (SPUBs). Figure 7-4 shows the working principle of active and standby protection for the MPLS service. Figure 7-4 Working principle of active and standby protection for the MPLS service
Active control board A B Active SPUB

Service board

G Standby control board

H Standby SPUB

The user-side MPLS data is transmitted to the SPUB board for processing through the control board, and then transmitted to the upstream network through the control board again after being processed by the SPUB board.

Port B of the two internal 10GE ports on the active SPUB board is connected to port A on the active control board. Ports A and B are used to receive and transmit the network-side and userside packets. The other port (port F) is connected to port E on the standby control board. Port D of the two internal 10GE ports on the standby SPUB board is connected to port C on the active control board. Ports C and D are used to receive and transmit the network-side and userside packets. The other port (port H) is connected to port G on the standby control board. Therefore, after the active and standby SPUB boards form a protection group, the system automatically switches the MPLS services to the standby SPUB board when the active SPUB board fails, thereby implementing active and standby protection for the MPLS services.

LDP GR
The GR is a key technology for implementing the high availability (HA). The GR protocol collects the information about the protocol control plane from neighbors or remote peers but
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 106

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

7 MPLS

does not learn about the information about the control plane through the handshake and exchange of the protocol. The LDP GR function ensures normal forwarding of the MPLS service during the active/standby switchover or upgrade of the system. In addition, the LDP GR function resumes the LDP session and completes the LSP establishment after the active/standby switchover or upgrade of the system
NOTE

In actual application, to prevent services from being affected by the active control board failure, configure the system-level GR in the environment where both active and standby control boards are configured.

LDP Extension for Inter-Area LSP


Figure 7-5 Networking topology of LDP Extension for Inter-Area LSP

Loopback0 1.3.0.1/32

Loopback0 1.1.0.1/32 POS1/0/0 10.1.1.1/24 LSRA IS-IS Area20

0/1 Loopback0 S1/ /24 /0 LSRB 1 O 1/0 /24 1.2.0.1/32 P .1.1. S 2 20 PO 1.1. . IS-IS 20 PO Area10 20 S1 .1. /0/ POS1/0/0 2.1 2 10.1.1.2/24 LSRD /24 Loopback0 1.3.0.2/32 P 20 OS1 .1. /0/ 2.2 0 /24 LSRC

As shown in Figure 7-5, there are two IGP areas, Area 10 and Area 20. In the routing table of LSRD at the edge of Area 10, there are two host routes to LSRB and LSRC. Generally, to prevent a large number of routes from occupying too many resources, on LSRD, you can use IS-IS to aggregate the two routes to one route 1.3.0.0/24 and send this route to Area 20. Consequently, there is only one aggregated route (1.3.0.0/24) but not 32-bit host routes in the routing table of LSRA. By default, when establishing LSPs, LDP searches the routing table for the route that exactly matches the forwarding equivalence class (FEC) in the received Label Mapping message. Table 7-2 shows routing entry information of LSRA and routing information carried in FEC in the situation as shown in Figure 7-5.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

107

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

7 MPLS

Table 7-2 Routing entry information of LSRA and routing information carried in FEC Routing entry information of LSRA 1.3.0.0/24 FEC 1.3.0.1/32 1.3.0.2/32

LDP establishes liberal LSPs rather than inter-area LDP LSPs for aggregated routes. In this situation, LDP cannot provide required backbone network tunnels for VPN services. Therefore, in the situation as shown in Figure 7-5, you need to configure LDP to search for routes according to the longest match rule to establish LSPs. There is already an aggregated route 1.3.0.0/24 in the routing table of LSRA. When LSRA receives a Label Mapping message (such as the carried FEC is 1.3.0.1/32) from Area 10, LSRA searches for a route according to the longest match rule defined in RFC 5283. Then, LSRA finds information about the aggregated route 1.3.0.0/24, and uses the outbound interface and next hop of this route as those of the route 1.3.0.1/32. In this manner, LDP can establish inter-area LDP LSPs.

7.5 MPLS RSVP-TE


MPLS RSVP-TE is a technology which integrates TE and the MPLS superimposed model. It provides high quality of service (QoS) and TE capability for users by establishing LSPs based on TE. This topic provides introduction to this feature and describes the principle and reference documents of this feature.

7.5.1 Introduction
Definition
MPLS RSVP-TE is a technology that integrates TE with the MPLS technology. MPLS RSVPTE establishes label switched path (LSP) tunnels along specified paths for resource reservation, enables network traffic to avoid the node where congestion occurs to balance network traffic. To establish constraint-based LSPs in MPLS TE, RSVP is extended. The extended RSVP signaling protocol is called the RSVP-TE signaling protocol.

Purpose
To deploy engineered traffic on a large-scale backbone network, a simple solution with good expansibility must be adopted. MPLS, as a stacking model, can easily establish a virtual topology over a physical network and map traffic to this topology. MPLS TE establishes the LSP tunnel along a specified path through RSVP-TE and reserves resources. Thus, carriers can accurately control the path that traffic traverses to avoid the node where congestion occurs. This solves the problem that certain paths are overloaded and other paths are idle, utilizing the current bandwidth resources sufficiently. At the same time, MPLS TE can reserve resources during the establishment of LSP tunnels to ensure the QoS. To ensure continuity of services, MPLS TE also introduces route backup to implement quick switching in case of link failure.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 108

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

7 MPLS

7.5.2 Specifications
l l l l l l l l l The RSVP-TE protocol Opaque Type 10 LSA (OSPF TE extension) The CSPF protocol Strict and loose explicit paths Active and standby TE LSPs Functioning as the ingress or egress LER on an MPLS RSVP-TE network 64 ingress TE LSPs 64 egress TE LSPs GR function for RSVP TE

7.5.3 Principle
Basic MPLS RSVP-TE Concepts
l CR-LSP An LSP that is established based on certain constraints is called a constraint-based routed label switched path (CR-LSP). Different from a common LSP, the establishment of a CRLSP depends on the routing information. In addition, some conditions must be met, for example, the specified bandwidth, the fixed route, and QoS parameters. CR-LSPs can be classified into the following two categories: Static CR-LSP The forwarding information and resources information about a static CR-LSP are configured manually and the signaling protocol and route calculation are not involved. Less resource is occupied because the MPLS control packets do not need to be exchanged. The static CR-LSP, however, is seldom applied because it cannot dynamically adjust according to the topology change of the network. Dynamic CR-LSP A dynamic CR-LSP is established and maintained through the signaling mechanism, and route calculation is required. l RSVP Resource Reservation Protocol (RSVP) is designed for the integrated service model and is used to reserve resources on each node on a path. RSVP works on the transmission layer, but does not participate in the transmission of application data. RSVP, similar to ICMP, is a network control protocol. l RSVP-TE To establish the CR-LSP, RSVP is extended. The extended RSVP signaling protocol is called the RSVP-TE signaling protocol. l Explicit route A CR-LSP that is established along a specified path is called an explicit route. The two types of explicit route are as follows: Strict explicit route On a strict explicit route, the next hop node must be directly connected to its preceding hop node. The route of the LSP can be precisely controlled by using the strict explicit route.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 109

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

7 MPLS

Loose explicit route The path between a loose node and its preceding node MAY include other network nodes that are not part of the strict node or its preceding abstract node.
NOTE

The MPLS TE signaling can carry the strict or loose attributes of an explicit path, and establish a CR-LSP along a specified path.

Composition of MPLS RSVP-TE


The following four components are necessary to the MPLS TE function: l Information advertisement component In addition to the topology information about the network, TE also needs to know the load information about the network. Therefore, MPLS TE introduces the information advertisement component, that is, MPLS TE maintains the link attribute and topology attribute of the network on each node through IGP extensions to form the TE database (TEDB). The path that meets all types of constraints can be calculated by using the TEDB. The extended OSPF protocol adds certain TE-related attributes such as link bandwidth and color to the link connection status, where the maximum reservable bandwidth and unreserved bandwidth for the link with each priority are the most important. l Route selection component After the information advertisement component forms the TEDB, the path that the LSP tunnel passes can be specified on each ingress node. This explicit path can be a strict or loose explicit path. In addition, the restraints such as the bandwidth can be specified. The route selection component calculates the path that meets the specified constraints by using the data in the TEDB through the constraint shortest path first (CSPF) algorithm. l Signaling component After the shortest path from the ingress to the egress of the LSP is obtained, the TE tunnel, which is used to forward the traffic that enters the ingress of the LSP, needs to be established. This process is implemented by the signaling component. The MA5600T/MA5603T supports establishment of LSP tunnels through RSVP. The RSVP signaling can carry the constraint parameters such as the bandwidth of the LSP, certain explicit routes, and color. An LSP can also be established without the signaling protocol. That is, an LSP can be established through allocating labels manually hop by hop. An LSP established in this mode is called a static CR-LSP. l Packet forwarding component The packet forwarding component of MPLS RSVP-TE is based on the label, that is, it forwards packets along the existing LSPs through labels. The defects of the IGP routing protocol can be avoided because the path of an LSP tunnel can be specified.

Process of TE LSP Tunnel Establishment


The LSP established through RSVP-TE has the resource reservation capability, and certain resources of the LSR on the LSP can be allocated to the LSP. Thus, the services transmitted on the LSP can be guaranteed. Figure 7-6 shows the process of TE LSP tunnel establishment.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

110

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

7 MPLS

Figure 7-6 Process of TE LSP tunnel establishment

Ingress Router Path Resv Sender Path Resv

Egress

Receiver

The process of TE LSP tunnel establishment is summarized as follows: 1. 2. The ingress LSR generates the Path message and transmits it to the egress LSR. After the egress LSR receives the Path message, the egress LSR generates the Resv message and transmits it to the ingress LSR. At the same time, the LSRs on the LSP reserves resources for the LSP through the Resv message. When the ingress LSR receives the Resv message, it indicates that the LSP is successfully established.

3.

RSVP-TE GR
RSVP-TE graceful restart (GR) is a status recovery mechanism of RSVP-TE. When the control plane performs active/standby switchover, RSVP-TE GR can ensure the continuity of data transmission on the forwarding plane. At the same time, neighbor nodes help the GR node to recover in time. RSVP-TE GR is based on the Hello mechanism of RSVP. The recovery of the local status depends on the upstream Path message or the downstream Recovery Path message. RSVP GR has the following features: Shortening the information recovery of the control plane; reducing changes of temporary routes; ensuring the continuity of service forwarding on the forwarding plane.

7.6 MPLS OAM


MPLS OAM checks if an LSP is in the normal state through a mechanism, and reports the alarm information if the LSP fails. This topic provides introduction to this feature and describes the principle and reference documents of this feature.

7.6.1 Introduction
Definition
Operation Administration & Maintenance (OAM) has the following features: l l l
Issue 01 (2011-10-30)

Simplifying network operations Checking the network performance anytime Reducing OPEX of the network
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 111

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

7 MPLS

Deployment of an effective OAM mechanism is crucial to the running of the network, especially to the network with certain QoS requirements, namely, certain performance and usability requirements. MPLS, as the key bearer technology for the extensible network generation network, provides multiple services with QoS guarantee. In addition, MPLS introduces a unique network layer and therefore there will be faults that are only relevant to this new network layer. Therefore, an MPLS network must have the OAM capability. MPLS OAM provides both detection tools and mature protection switching mechanisms. In this way, MPLS can perform switching when a fault occurs on the MPLS layer. This minimizes the loss of user data.

Purpose
The MPLS OAM functions are as follows: l l Fault detection: Requirement-based query and continuous detection are provided to learn about anytime whether faults exist on the monitored LSP. Protection switching: After a fault occurs, it can be detected, analyzed, and located, and an alarm will be reported. In addition, the corresponding measures can be taken according to the fault type.

7.6.2 Specifications
l l l l l l l OAM and protection switching for static tunnels and dynamic tunnels (dynamic tunnels are set up through the RSVP-TE signaling) 1:1 LSP protection mode 32 LSP protection groups Transmission and processing of the CV, FFD, and BDI packets in MPLS OAM Transmitting CV packets at an interval of 1s Transmitting FFD packets at an interval of 10 ms, 20 ms, 50 ms, 100 ms, 200 ms, or 500 ms Transmitting BDI packets at an interval of 1s

7.6.3 Principle
Background Knowledge for MPLS OAM
1. MPLS OAM packets are classified as follows: l Connectivity detection (CD) packets. The two types of CD packets are as follows: Connectivity verification (CV) Fast failure detection (FFD) l Forward defect indication (FDI) l Backward defect indication (BDI) MPLS OAM is implemented by periodically transmitting detection packets CV or FFD over the detected LSPs. 2. Basic detection process MPLS OAM is implemented by periodically transmitting detection packets CV and FFD over the detected LSPs.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 112

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

7 MPLS

l To detect the source by using the CV packet, a sliding window in the width of 3s is set on the source and the LSP status is checked by using the VC packet received in the sliding window. l To detect the source by using the FFD packet, a sliding window in the width of three times of FFD transmit interval is set on the source and the LSP status is checked by using the FFD packet received in the sliding window. 3. CV and FFD The FFD and CV detection packets are mutually exclusive. That is, only the FFD or CV detection packets can be applied to one LSP at a time. 4. Backward path BDI packets are transmitted through the backward path. The ingress of a backward path is the egress of the detected LSP, and the egress of the backward path is the ingress of the detected LSP. That is, each forward LSP has a backward path. 5. Protection switching (PS) When a fault occurs on the network, currently MPLS OAM provides the PS, a type of end to end tunnel protection technology, to recover the interrupted services. The PS uses one tunnel to protect another tunnel. There is no relation among the attributes of each tunnel in the protect group. For example, the protection tunnel with 10 Mbit/s bandwidth can protect a master tunnel with a requirement for 100 Mbit/s bandwidth.

MPLS OAM Detection Function


The basic process for MPLS OAM to detect the connectivity of a single LSP is as follows: l l The source transmits the CV/FFD packets to the destination through the detected LSP. The destination checks the correctness of the type and frequency information carried in the received detection packets and measures the number of correct and errored packets that are received within the detection period to monitor the connectivity of the LSP in real time. When the LSP fails, the destination detects the defect quickly and analyzes the defect type.

Bind a backward LSP to the detected LSP when configuring the OAM function for the detected LSP. A backward path is an LSP that has the opposite source and destination of the detected LSP, or a non-MPLS path that can be connected to the source and destination of the detected LSP. After the destination detects a defect, the destination transmits the BDI packets that carry the defect information to the source through the backward path. The source learns about the status of the defect, and triggers the corresponding protection switching when the protect group is correctly configured. Figure 7-7 shows the MPLS OAM CD.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

113

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

7 MPLS

Figure 7-7 MPLS OAM CD


Router MA5600T/ MA5603T
C

FD V/ F

CV /F F D

MA5600T/ MA5603T

Ingress LSR
BD I

Egress LSR

BDI

Router

Working Modes of the MPLS OAM Protection Switching


The MPLS OAM protection switching aims at the entire LSP instead of one section or one node on the LSP. The route and bandwidth of the standby LSP for a specified active LSP are reserved. Therefore, the protection switching is a thorough-assignment protection mechanism. To ensure that protection switching can be implemented effectively in all the possible cases that the active LSP fails, the standby LSP needs to use a physical path totally different from that of the active LSP. The working mode of MPLS OAM protection switching is 1:1 protection mode. In this mode, each active LSP has a standby LSP. l l In normal conditions, data is transmitted through the active LSP and no traffic is transmitted through the standby LSP. When the destination detects a failure on the active LSP through the detection mechanism, the destination switches to the standby LSP, and then transmits the BDI packet to the source through the backward path, instructing the ingress to switch the traffic on the active LSP to the standby LSP. Thus, 1:1 protection switching is implemented.

7.7 Glossary, Acronyms, and Abbreviations


This topic provides the glossary, acronyms, and abbreviations of the MPLS feature.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

114

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

7 MPLS

Glossary
Table 7-3 Glossary of the terms related to the MPLS feature Term Description MPLS, as a classification and forwarding technology, assigns the packets with the same forwarding and processing mode to a class, called an FEC. The packets that belong to a particular FEC are processed in the same way on the MPLS network. The assignment of packets to FECs can be based on any combination of the source address, destination address, source port, destination port, protocol type, and VPN, which is flexible. For example, in the conventional IP forwarding using the maximum matching algorithm, all the packets to the same destination address belong to an FEC. A label is a short fixed length physically contiguous identifier which is used to identify an FEC, usually of local significance. In certain conditions, for example, when load sharing is required, one FEC may map multiple labels. On one device, however, one label can represent only one FEC. The packets with the same destination address are assigned to an FEC and a label is taken out of the label resource pool and is allocated to this FEC. The label switching node records the relationship between the label and the FEC, encapsulates the relationship into the message packet, and notifies the upstream label switching node of it. This process is called label distribution. The value range of the allocated labels is called the label space. LSRs are the basic elements in an MPLS network. All LSRs support the MPLS protocol. Label switching router (LSR) An LSR consists of a control unit and a forwarding unit. The control unit is responsible for label distribution, route selection, setup of the label forwarding table, and setup and release of the LSP. The forwarding unit forwards the received packet according to the label forwarding table. An LER provides the traffic classification, and label mapping (in this case, the LER is an ingress) and label removal functions. An LER (called the ingress LER), on the edge of the MPLS network, assigns the traffic that enters the MPLS network to different FECs, and applies for corresponding labels for these FECs. The path that an FEC traverses in an MPLS network is called the LSP. Label switched path (LSP) The LSP, whose function is the same as the virtual circuit in ATM and frame relay, is a unidirectional path from the ingress to the egress. Each node on the LSP is an LSR. LDP, equal to the signaling protocol in the traditional network, is the MPLS control protocol. LDP is responsible for series of operations such as FEC assignment, label distribution, and LSP setup and maintenance.

Forwarding equivalence class (FEC)

Label

Label distribution

Label space

Label switching edge router (LER)

Label distribution protocol

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

115

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

7 MPLS

Term Static LSP Dynamic LSP

Description The static LSP is the label forwarding path manually set up by the user for label distribution to each FEC. The dynamic LSP is the label forwarding path dynamically established through the LDP. Traffic engineering is a technology which is used to adjust the traffic management parameters, route parameters, and resource constraint parameters in real time by dynamically monitoring network traffic and load of network elements. This helps to optimize the usage of network resources and avoid congestion due to unbalanced load. Multiple LSP tunnels are needed during reroute deployment, or when traffic needs to be transmitted through multiple paths. In TE, such a set of LSP tunnels is called the TE tunnel. Ps refer to the backbone devices on the service provider's network, which are not directly connected to CEs. Ps only need to possess the basic MPLS forwarding capability, but do not need to maintain the VPN information. PEs refer to the edge devices on the service provider's network. In the basic architecture of the MPLS-based VPN, PEs are located in the backbone network. PEs are responsible for the management of VPN users, establishment of LSPs among PEs, and route assignment among the tributaries within a VPN user. A PE maps and forwards packets from the private network to the public network tunnel or from the public network tunnel to the private network. PEs can be classified into U-PEs, S-PEs, and N-PEs. S-PEs refer to the devices responsible for PW switching and PW label forwarding in the internal of the backbone network. The core devices that are located in the interior of the basic VPLS full-connection network and are connected to UPEs are called the superior PEs, abbreviated as SPEs. The U-PE connected to the S-PE is like a CE and the PW established between the U-PE and the S-PE is treated as the AC of the S-PE. The S-PE needs to learn the MAC addresses of all the sites on the U-PE, and the MAC address of the U-PE interface connected to the SPE. The S-PE is sometimes called the N-PE. User-side PEs (U-PEs) refer to the edge devices on the backbone network that are connected to the user edge devices in a VPN network. A PE that is directly connected to a CE is called a U-PE. U-PEs support routing and MPLS encapsulation. If a U-PE is connected to multiple CEs and possesses the basic bridging function, data frame forwarding only needs to be performed on the U-PE. This reduces the load of the S-PE. Terminate PEs (T-PEs) refer to the devices that initiate or terminate PWs. The path from a PE to another PE, and then to another AC can be a pointto-point or point-to-multipoint connection between PEs.

Traffic engineering (TE)

MPLS TE tunnel

PE

S-PE

U-PE

T-PE PW

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

116

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

7 MPLS

Term Single-hop PW Multi-hop PW Dynamic PW

Description A single-hop PW refers to the PW existing between two T-PEs. In the case of a single-hop PW, the label switching at the PW label layer is not needed. Multi-hop PWs refer to the multiple PWs existing between two T-PEs. Dynamic PW refers to the PW set up through the signaling protocol. PWE3 is a general name for all the services that traverse the PSN to the peer CE. The intermediate transmission media of the services can be the same or not, and end-to-end management of the services can be implemented. The essential attributes of the ATM/Ethernet service are emulated on a non-ATM/Ethernet network. Check whether a path is smooth and normal. Connectivity verification is implemented through CV and FFD. l CV is used to check whether the LSP is valid. l FFD is used to supports the functions that require quick response, such as protection switching. CV verification packets are generated on the source LSR at an interval of 1s, are transmitted along the LSP from the source LSR to the destination LSR, and are terminated on the source LSR of the LSP. A CV packet contains the trail termination source identification (TTSI), which uniquely identifies the network path. All types of abnormally on the path can be detected. FFD is a path failure detection method independent of CV. Different from CV, the interval for generating the detection packets can be set to meet different service requirements. By default, this interval is 20s. The FFD packet contains the information the same as that of the CV packet, and the processing on the FFD packets by the destination LSR is the same as the processing on the CV packets. FDI packets are used to respond to the detected failure events. The major function of the FDI packet is to suppress the alarms on the network layer that occur after failure. Its primary purpose is to suppress alarms being raised at affected higher level client LSPs and (in turn) their client layers. The purpose of the BDI OAM function is to inform the upstream end of an LSP of a downstream defect. The BDI packet can be used in the 1:1 or 1:n protection switching service. Protection switching refers to the function that MPLS OAM exchanges or duplicate traffic between the active tunnel and the standby tunnel. An LSP that is used to protect the active LSP. A bypass LSP is generally in the idle state and does not carry services. When the active LSP fails, the service data is forwarded by the bypass LSP continuously.

PWE3

ATM/Ethernet emulation

Connectivity Verification

CV packet

FFD packet

FDI packet

BDI packet Protection switching

Bypass LSP

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

117

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

7 MPLS

Term Facility backup

Description A local repair method in which a bypass tunnel is used to protect one or more protected LSPs. A TE FRR mode of protecting the node that exists between the PLR and the MP, and is on the active LSP. When this node fails, traffic can be switched to the bypass LSP. A TE FRR mode of protecting the direct link between the PLR and the MP, and is along the active LSP. When this link fails, traffic can be switched to the bypass LSP. The point of local repair is the ingress of the bypass LSP. IETF extends the protocols (such as OSPF, IS-IS, BGP, LDP, and RSVP) that are related to IP/MPLS forwarding to implement uninterrupted forwarding during the protocol restart, and thus to suppress the change of the control-layer protocol to a certain extent during the active/standby switchover of the system. This series of standards are generally termed as the graceful restart extension for each protocol, abbreviated as the GR. A VC refers to a unidirectional logical connection between two nodes. VCCV is a tool for manually checking the connectivity of virtual circuits. Similar to ICMP ping and LSP ping, it is realized through the extended LSP ping.

Node protection

Link protection Point of local repair

GR

VC VCCV

Acronyms and Abbreviations


Table 7-4 Acronyms and abbreviations of the MPLS feature Acronym/Abbreviation MP CBU MPLS BDI DoD DU FEC FDI FFD FR
Issue 01 (2011-10-30)

Full Spelling Merge Point Cellular Backhaul Unit Multi-Protocol Label Switch Backward Defect Indication Downstream-on-Demand Downstream Unsolicited Forwarding Equivalence Class Forward Defect Indication Fast Failure Detection Frame Relay

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

118

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

7 MPLS

Acronym/Abbreviation FRR LER LDP LSA LSP LSR TE TEDB SPF CSPF AC CE PE PLR PSN PW PWE3 MH-PW SH-PW OAM RSVP RSVP-TE GR HA ICMP IGP

Full Spelling Fast Reroute Label Switching Edge Router Label Distribution Protocol Link State Advertisement Label Switched Path Label Switching Router Traffic Engineering TE Database Shortest Path First Constraint Shortest Path First Attachment Circuit Customer Edge Provider Edge Point of Local Repair Packet Switched Network Pseudo wire Pseudo wire Emulation Edge-to-Edge Multi-Hop Pseudo-Wire Single-Hop Pseudo Wire Operations And Maintenance Resource Reservation Protocol RSVP-Traffic Engineering Graceful Restart High Availability Internet Control Message Protocol Interior Gateway Protocol

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

119

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

8
About This Chapter

Layer 2 VPN

8.1 PWE3 PWE3 is an end-to-end Layer 2 service carrying technology and is a type of point-to-point L2VPN technology. PWE3 is proposed by the IETF PWE3 working group as one of the solutions for connecting the traditional communication network with the PSN network. 8.2 Native TDM In Native TDM, TDM frames are directly encapsulated to GPON GEM frames in TDMoGEM mode. This mode features simple encapsulation, small network cost, and guaranteed link quality. 8.3 Glossary, Acronyms, and Abbreviations This topic provides the glossary, acronyms, and abbreviations of the Layer 2 tunnel emulation feature.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

120

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

8.1 PWE3
PWE3 is an end-to-end Layer 2 service carrying technology and is a type of point-to-point L2VPN technology. PWE3 is proposed by the IETF PWE3 working group as one of the solutions for connecting the traditional communication network with the PSN network.

8.1.1 Introduction
Definition
Pseudo-wire emulation edge to edge (PWE3) is a type of Layer 2 service carrying technology. It is mainly used to emulate the essential behavior and characteristics of the services such as the ATM, frame relay, Ethernet, low-rate time division multiplexing (TDM) circuit, and synchronous optical network (SONET)/synchronous digital hierarchy (SDH) as faithfully as possible in a packet switched network (PSN). PWE3 is implemented on access devices through MPLS and IP technologies. MPLS supports PWE3 by using the LDP or RSVP-TE protocol as signaling.

Purpose
PWE3 can interconnect the traditional network with PSN to share resources and expand the reach of networks. For example, PWE3 can emulate services such as TDM, ATM, and Ethernet, and can implement service interoperation by using existing PSN (IP/MPLS) as the bearer network.

Benefit
PWE3 connects the traditional TDM, ATM, and Ethernet networks with PSN (IP/MPLS). In this way, PWE3 protects the investment on the traditional TDM, ATM, and Ethernet networks, and also implements the all-IP network architecture.

8.1.2 Specifications
The MA5600T/MA5603T supports the following specifications of the pseudo wire emulation edge-to-edge (PWE3) feature: l l l l l l l l l
Issue 01 (2011-10-30)

Supports 896 static pseudo wires (PWs). Supports 2048 dynamic PWs. Supports single-hop PWs. Functions as a user-end provider edge (U-PE) but not as a switching provider edge (S-PE) in the multi-hop scenario. Supports the Label Distribution Protocol (LDP) for dynamic PW. Supports PW committed access rate (CAR). Functions as a provider edge (PE). Functions as a provider (P) device. Supports PW single hop virtual circuit connectivity verification (SH-VCCV).
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 121

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

Supports the following TDM PWE3 specifications: Structure-agnostic time division multiplexing over packet (SAToP) TDM connections Configuration of the TDM PW priority Encapsulation of the recovery clock information in the RTP header Two PWE3 tunnel encapsulation formats: multiprotocol label switching (MPLS) over MPLS and MPLS over IP

Supports the following ATM PWE3 specifications: Two PW encapsulation formats: ATM N-to-1 (N 1) and ATM service data unit (SDU) PVC switching and bulk binding of N-to-1 ATM PWs in ATM N-to-1 (N > 1). Cell concatenation Transparent transmission of the ATM OAM cells in the ATM PWE3 tunnel Mapping of the user PVC to the EXP field in the MPLS label Copying of the CoS priority in the ATM over Ethernet (AoE) header to the EXP field in the MPLS label upstream, and copying of the EXP field in the MPLS label to the CoS priority in the AoE header downstream PW-based CoS re-marking for two rate three color marker (trTCM) control (on the SPUB board) Two PWE3 tunnel encapsulation formats: MPLS over MPLS and MPLS over IP A maximum of 512 concatenated ATM PWE3 cells A maximum of 8192 AoE service flows

Supports the following ETH PWE3 specifications: Two PW encapsulation formats: tagged mode and raw mode Mapping of the VLAN priority to the EXP field in the MPLS label Only one encapsulation format: MPLS over MPLS

Supports flow label for ETH PW only but not for ATM PW or TDM PW. Flow label when functioning as a PE Flow label when functioning as a P device A maximum of 256 flow labels, which are shared by all PWs in the system. Different PWs can have the same flow label. Each PW can be further divided into a maximum of 256 traffic streams. Two load-balancing paths (only LSP paths, not RSVP-TE paths) for each PW Traffic classification modes for flow labels: by source IP address, by destination IP address, by source MAC address, by destination MAC address, or any combination of the preceding four modes

Supports the configuration and binding of the MPLS priority mapping profile for PWs.
NOTE

Currently, only the SCUN control board supports this function.

Configuration of the priority mapping between the EXP field and the CoS value in the user AoE packet in the MPLS priority mapping profile, priority copying for QoS scheduling during PW encapsulation and decapsulation A maximum of 64 configured MPLS priority mapping profiles in the system
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 122

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

8.1.3 Reference Standards and Protocols


The following lists the reference standards and protocols of this feature. l l l l l l l l l l l l l RFC 3985: Pseudo Wire Emulation Edge-to-Edge (PWE3) Architecture RFC 4447: Pseudowire Setup and Maintenance Using the Label Distribution Protocol (LDP) RFC 3916: Requirements for Pseudo-Wire Emulation Edge-to-Edge (PWE3) RFC 4446: IANA Allocations for Pseudo wire Edge to Edge Emulation (PWE3) RFC 4717, Encapsulation Methods for Transport of Asynchronous Transfer Mode (ATM) over MPLS Networks RFC 4816, Pseudowire Emulation Edge-to-Edge (PWE3) Asynchronous Transfer Mode (ATM) Transparent Cell Transport Service RFC 4448: Encapsulation Methods for Transport of Ethernet over MPLS Networks RFC 5085: PW vccv A control Channel for PW RFC 4553: Structure-Agnostic Time Division Multiplexing (TDM) over Packet (SAToP) RFC 5462: Multi-Protocol Label Switching (MPLS) Label Stack Entry EXP Field Renamed to Traffic Class Field RFC 4385: Pseudowire Emulation Edge-to-Edge (PWE3) Control Word for Use over an MPLS PSN draft-ietf-pwe3-redundancy-bit-00.txt draft-bryant-filsfils-fat-pw-03.txt

8.1.4 Availability
License Support
The PWE3 feature is a basic feature of the MA5600T/MA5603T. Therefore, the corresponding service is provided without a license.

Version Support
Table 8-1 Version support Product MA5600T/ MA5603T Version V800R007 and later versions (V800R009 dose not support PWE3)

Hardware Support
To implement TDM PWE3, the CSPA or TOPA board needs to work with the SPUB board, or the EDTB board needs to work with the SPUB board.

8.1.5 Enhanced Feature


Table 8-2 lists the new pseudo wire emulation edge-to-edge (PWE3) functions added to the new versions.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 123

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

Table 8-2 Enhanced PWE3 feature Version V800R008C01 New Function l Functions as a P device. l Supports PW flow label. V800R008C02 l Supports PVC switching and ATM PW N-to-1 (N > 1) encapsulation. l Supports ATM PWE3 cell concatenation. l Supports PW-based dual-bucket CAR. V800R010 l Supports PW Redundancy. l Supports the configuration and binding of the MPLS priority mapping profile for PWs.

8.1.6 Principle
8.1.6.1 Basic Principle of PWE3 Basic PWE3 Transmission Components
Pseudo wire emulation edge-to-edge (PWE3), which uses LDP and RSVP-TE as the signaling protocols, carries various types of Layer 2 services, such as various types of Layer 2 data packets, from the customer edge (CE), and transparently transmits the Layer 2 data through tunnels (such as MPLS LSP, TE, or GRE tunnels). As shown in Figure 8-1, the basic PWE3 transmission components include the following: l Attachment circuit (AC): a link between CE and PE. All user packets (including Layer 2 and Layer 3 protocol packets of users) on the AC are transparently forwarded to the peer end. Pseudo wire (PW): a virtual connection. It is a virtual connection (VC) plus a tunnel. A PW conveys VC information by signaling (LDP or RSVP-TE). The tunnel can be an LSP, L2TPV3, GRE, or TE tunnel. A PW is directional. A PWE3 conveys VC information by signaling (LDP or RSVP-TE). The system manages VC information and tunnels to form PWs. For the PWE3 system, a PW is like a direct channel between a local AC and a peer AC and is used for transparently transmitting the Layer 2 data of users. Forwarder: After a PE receives data frames from an AC, the forwarder selects a PW for forwarding the frames. In fact, the forwarder is a forwarding table of PWE3. Tunnel: A tunnel is a direct channel between a local PE and a peer PE and is used for transparently transmitting data between the PEs. Tunnels are used for carrying PWs. A tunnel can carry multiple PWs. Generally, the tunnel refers to an MPLS tunnel. PW signaling protocol: A PW signaling protocol is the basis for implementing PWE3 and is used to create and maintain PWs. Current PW signaling protocols are mainly LDP and RSVP-TE. Encapsulation: The packets transmitted through the PW use the standard PW encapsulation format and technology. There are multiple PWE3 encapsulation types on a PW. The formats are defined in detail in draft-ietf-pwe3-iana-allocation-x.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 124

l l

Issue 01 (2011-10-30)

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

Quality of service (QoS): The priority information at the header of Layer 2 user packets is mapped to the QoS priority for transmitting the packets in the public network. In general, support for MPLS QoS is required.

Figure 8-1 Basic PWE3 transmission components

Assume that the VPN1 packet stream travels from CE1 to CE3. The basic data flow would be as follows: l l l CE1 transmits a Layer 2 packet to PE1 through an AC. After PE1 receives the packet, the forwarder selects a PW for forwarding the packet. PE1 generates two MPLS labels according to the PW forwarding entry. The private network label is used for identifying the PW, and the public network label is used for transmitting the packet to PE2 through the tunnel. The Layer 2 packet arrives at PE2 through the public network tunnel. The system extracts the private network label (the public network label is extracted by the penultimate P device). The forwarder of PE2 selects an AC for forwarding the packet, and then PE2 forwards the packet to CE3.

l l

PWE3 Network Model


Figure 8-2 shows a PWE3 reference model.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

125

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

Figure 8-2 PWE3 network model


Emulated service Pseudo wire PW end service PSN tunnel PW end service

CE1

PE1

Tunnel

PE2

CE2

Custom edge 1 Native Ethernet service

Provider edge 1

Provider edge 2

Custom edge 2 Native Ethernet service

The channel set up in a PWE3 network is a point-to-point channel. Channels are isolated from each other. Layer 2 user packets are transparently transmitted between PWs. The following provides a detailed description. l l l According to the services requirements of the CE, one or more PWs are set up between PE1 and PE2. Multiple PWs can be carried on one PSN tunnel. For the PEs, after the PW is set up, the mapping between the user access interface (AC) and virtual link (PW) is determined. The PSN device only needs to forward the MPLS packet according to the MPLS label, regardless of the Layer 2 user packet encapsulated inside the MPLS packet.

PWE3 Service Model


Figure 8-3 shows a PWE3 service model. According to the PWE3 service model, PWE3 is presented by an outer label (PSN tunnel) and an inner label (PW demultiplexer). The PSN layer can adopt the MPLS and IP technologies, and the PW demultiplexer layer can adopt the MPLS, UDP, or L2TP technology. Hence, the supported combinations of PWE3 outer labels and inner labels are as follows: MPLS over MPLS, MPLS over IP, UDP over IP, and L2TP over IP. The MA5600T/MA5603T currently supports the first three combinations.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

126

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

Figure 8-3 PWE3 service model

Payload

May be null
Encapsulation PW demultiplexer PSN convergence PSN Data link Physical

May be null

Figure 8-4 shows the PWE3 protocol stack in the MPLS over MPLS encapsulation mode. Figure 8-4 PWE3 protocol stack in the MPLS over MPLS encapsulation mode
LSP PE Modem P PW P PE Modem

IP ETH xDSL

IP ETH PW1 LSP1 VLAN ETH

IP ETH PW1 LSP2 VLAN ETH

IP ETH PW1 LSP3 VLAN ETH

IP ETH xDSL

PW: PW label (inner label), identifying user service LSP: MPLS label (outer label), identifying PSN tunnel

Figure 8-5 shows the PWE3 protocol stack in the MPLS over IP encapsulation mode.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

127

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

Figure 8-5 PWE3 protocol stack in the MPLS over IP encapsulation mode
IP tunnel PE Modem P PW P PE Modem

IP ETH xDSL

IP ETH PW1 IP1 VLAN ETH

IP ETH PW1 IP1 VLAN ETH

IP ETH PW1 IP1 VLAN ETH

IP ETH xDSL

PW: PW label (inner label), identifying user service IP: IP tunnel (outer label), identifying PSN tunnel

Figure 8-6 shows the PWE3 protocol stack in the UDP over IP encapsulation mode. Figure 8-6 PWE3 protocol stack in the UDP over IP encapsulation mode
IP tunnel PE Modem P PW (UDP) P PE Modem

IP ETH xDSL

IP ETH UDP1 IP1 VLAN ETH

IP ETH UDP1 IP1 VLAN ETH

IP ETH UDP1 IP1 VLAN ETH

IP ETH xDSL

UDP: UDP port number (inner label), identifying user service IP: IP tunnel (outer label), identifying PSN tunnel

Figure 8-7 illustrates the principle of PW label distribution.


Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 128

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

Figure 8-7 Principle of PW label distribution

XDSL

XDSL

PE

PE

Routing LSP label PW label

Static/dynamic routes Static/dynamic routes Static/dynamic routes LDP/RSVP LDP/RSVP Targeted LDP LDP/RSVP

Packet Format
PWE3 has three packet formats: MPLS+PW, IP+PW, and IP+UDP. The MA5600T/ MA5603T currently supports MPLS+PW and IP+PW. l MPLS+PW: In this packet format, the combination of PWE3 outer label and inner label is MPLS over MPLS. It is applicable to MPLS network transmission. Figure 8-8 shows the format of an MPLS+PW PWE3 packet. Figure 8-8 Format of an MPLS+PW PWE3 packet
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Tunnel Label | EXP |S| TTL | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | PW label | EXP |1| TTL | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |0 0 0 0|L|R|RSV|FRG| LEN | Sequence number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ opt|RTV|P|X| CC |M| PT | RTP Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ opt| Timestamp | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ opt| SSRC identifier | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | Adapted Payload | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

IP+PW: In this packet format, the combination of PWE3 outer label and inner label is MPLS over IP. It is applicable to MPLS over IP network transmission. Different from MPLS+PW packets, IP+PW packets are forwarded at IP Layer 3 when transmitted over the PSN network. Figure 8-9 shows the format of an IP+PW PWE3 packet.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

129

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

Figure 8-9 Format of an IP+PW PWE3 packet


0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 +-+-+-+-+-+-+-+-+-+-+-+-+-+ | IPVER | IHL | IP TOS +-+-+-+-+-+-+-+-+-+-+-+-+-+ | Identification +-+-+-+-+-+-+-+-+-+-+-+-+-+ | Time to Live | Protoc +-+-+-+-+-+-+-+-+-+-+-+-+-+ | Sourc +-+-+-+-+-+-+-+-+-+-+-+-+-+ | Destinat +-+-+-+-+-+-+-+-+-+-+-+-+-+ | PW label +-+-+-+-+-+-+-+-+-+-+-+-+-+ |0 0 0 0|L|R|RSV|FRG| LEN +-+-+-+-+-+-+-+-+-+-+-+-+-+ opt|RTV|P|X| CC |M| PT +-+-+-+-+-+-+-+-+-+-+-+-+-+ opt| +-+-+-+-+-+-+-+-+-+-+-+-+-+ opt| S +-+-+-+-+-+-+-+-+-+-+-+-+-+ | | Ad | +-+-+-+-+-+-+-+-+-+-+-+-+-+ 3 4 5 6 -+-+-+-+ | -+-+-+-+ |Fl -+-+-+-+ ol | -+-+-+-+ e IP Add -+-+-+-+ ion IP A -+-+-+-+ -+-+-+| -+-+-+| -+-+-+Times -+-+-+SRC ide -+-+-+apted P 3 9 0 1 -+-+-+ | -+-+-+ t | -+-+-+ | -+-+-+ | -+-+-+ | -+-+-+ | + -+-+-+ | + -+-+-+ | + -+-+-+ t | + -+-+-+ n | + -+-+-+ | ayload | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 2 7 8 9 0 1 2 3 4 5 6 7 8 -+-+-+-+-+-+-+-+-+-+-+-+ Total Length -+-+-+-+-+-+-+-+-+-+-+-+ ags| Fragment Offse -+-+-+-+-+-+-+-+-+-+-+-+ IP Header Checksum -+-+-+-+-+-+-+-+-+-+-+-+ ress -+-+-+-+-+-+-+-+-+-+-+-+ ddress -+-+-+-+-+-+-+-+-+-+-+-+ | EXP |1| TTL -+-+-+-+-+-+-+-+-+-+-+-+ Sequence number -+-+-+-+-+-+-+-+-+-+-+-+ RTP Sequence Number -+-+-+-+-+-+-+-+-+-+-+-+ amp -+-+-+-+-+-+-+-+-+-+-+-+ tifier -+-+-+-+-+-+-+-+-+-+-+-+

-+-+-+-

IP+UDP: In this packet format, the combination of PWE3 outer label and inner label is UDP over IP. It is applicable to IP network transmission. Different from MPLS+PW packets, IP+UDP packets are forwarded at IP Layer 3 and meanwhile forwarded at Layer 2 by UDP port redirection when transmitted over the PSN network. Figure 8-10 shows the format of an IP+UDP PWE3 packet. Figure 8-10 Format of an IP+UDP PWE3 packet
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| IPVER | IHL | IP TOS | Total Length +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| Identification |Flags| Fragment Offset +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| Time to Live | Protocol | IP Header Checksum +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| Source IP Address | Destination IP Address +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| Source Port Number | Destination Port Number +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| UDP Length | UDP Checksum +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+opt|RTV|P|X| CC |M| PT | RTP Sequence Number +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+opt| Timestamp +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+opt| SSRC identifier +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| RES |L|R| M |RES| Length | Sequence Number +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| | Adapted Payload | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-

8.1.6.2 Principle of TDM PWE3 Packet Format


When the TDM service is transmitted over the PSN, there are two packet encapsulation formats, namely, structure-aware packet format and structure-agnostic packet format. The structureaware packet, which is also called CESoPSN packet, is defined in RFC5086 and RFC5687. The structure-agnostic packet, which is also called SAToP packet, is defined in RFC4553.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 130

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

Circuit emulation service over packet switched network (CESoPSN) is a generic term for circuit emulation service and also refers to structure-aware circuit emulation. 1. CESoPSN packet format (structure-aware packet format) The CESoPSN standard provides the channelized TDM service with emulation and transmission functions, and can identify the TDM frame structure and in-frame signaling. Therefore, if the customer needs to provide services based on the timeslot, the CESoPSN packet format can meet this requirement. Figure 8-11 shows the format of the CESoPSN packet. Figure 8-11 CESoPSN packet format
0 MPLS Label PW Label 0 0 0 0 L R RSV FRG LEN RTP header Time slot 1 Time slot 5 Time slot 1 Time slot 5 Time slot 2 Time slot 3 Time slot 4 20 EXP EXP 23 S 1 TTL TTL 31

Sequence Number

Time slot n (Frame 1#) Time slot 2 Time slot 3 Time slot 4

Time slot n (Frame 2#) Time slot n (Frame m#)

l A CESoPSN packet contains a four-byte MPLS header and a four-byte PW header. The length of the CESoPSN control word is 4 bytes, including fields as shown in Table 8-3. l The length of the Real-Time Transport Protocol (RTP) header is 12 bytes, including the version number, padding flag, and time stamp fields. The time stamp field, whose length is 32 bits, is used for clock synchronization. For format of the RTP header, see RFC3550. l Time slot indicates the TS in the TDM frame. Each TS occupies 8 bits. All TSs comprise the encapsulated TDM data payload, which does not include the CRC bit. The number of encapsulated frames and the number of TSs in each frame can be set by users according to conditions. Table 8-3 Fields of the control word Field 0000 Description This field is generally all 0s, with the length of 4 bits. When the virtual circuit connectivity verification (VCCV) is needed to help to monitor the SAToP PW status, these four bits are used to identify the start of the associated channel header (ACH).
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 131

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

Field L

Description Indicates whether the TDM data in the packet is valid. Its length is 1 bit. When it is set to 1, it indicates that the TDM data in the packet is invalid; that is, the TDM data in the packet can be neglected to save bandwidth resources. Indicates whether the interconnection function of the local customer edge (CE) is in the packet loss state. When it is set to 0, it indicates that consecutive packets have been received and will no longer be lost. Indicates the reserved bit. Its length is 2 bits. Indicates the fragmentation status of the packet. Its length is 2 bits. Its values are as follows: l 00: Indicates that the packet encapsulates the entire TDM data. l 01: Indicates that the packet encapsulates the first fragmentation of the TDM data. l 10: Indicates that the packet encapsulates the last fragmentation of the TDM data. l 11: Indicates that the packet encapsulates the intermediate fragmentation of the TDM data.

RSV FRG

LEN

Indicates the length of the entire CESoPSN packet (the size of the CESoPSN header and TDM data.) When the length is shorter than 64 bytes, LEN is a specific length value. When the length is equal to or longer than 64 bytes, LEN is 0. Indicates the sequence number for transmitting the CESoPSN packet. Its length is 16 bits. Its initial value should be random. It must be incremented by 1 with each CESoPSN data packet sent in the specific PW.

Sequence Number

The CESoPSN packet structure has the following characteristics: l CESoPSN provides emulation and transmission of structure-aware TDM service. That is, CESoPSN can identify the TDM frame structure and in-frame signaling and transmit the frames. For example, a structure-aware E1 link consists of 32 timeslots. Except timeslot 0, the other 31 timeslots can each carry a channel of 64 kbit/s voice service. Timeslot 0 is used only for transmitting signaling and frame delimiter. l CESoP can identify the TDM frame structure. Therefore, idle timeslots are not transmitted, and only the data in the timeslots that are useful for the CE devices is retrieved from the E1 service stream and transmitted after being encapsulated into CESoPSN frames. l CESoPSN can identify and transmit the CAS and CCS signaling of E1 service streams. 2. SAToP packet format (structure-agnostic packet format) The structure-agnostic TDM over PSN (SAToP) standard provides the non-channelized TDM service with the emulation and transmission functions. The protocol need not be
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 132

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

aware of the structure of the TDM packets and transparently transmits the packets. Therefore, if the customer only needs to provide services based on E1, SAToP (unstructured packet format) can meet this requirement. Figure 8-12 shows the format of the SAToP packet. Figure 8-12 SAToP packet format
0 MPLS Label PW Label 0 0 0 0 L R RSV FRG LEN RTP header TDM data 20 EXP EXP 23 S 1 TTL TTL 31

Sequence Number

l An SAToP packet also contains a four-byte MPLS header and a four-byte PW header. The length of the SAToP control word is 4 bytes, including fields as shown in Table 8-3. l The SAToP protocol treats the TDM service as serial data code stream for segmentation, and transmits the service over PWs after encapsulation. SAToP can transmit the synchronization timing information although it is unaware of the structure of the TDM frame.

Service Processing Flow


The MA5600T/MA5603T supports E1 access, and also supports SAToP encapsulation and processing of E1 service. Figure 8-13 shows the service processing flow. Figure 8-13 Processing flow of TDM PWE3 service in E1 access
E1 EDTB board SAToP processing SAToP processing TDM TDM (RTP) CW MPLS/IP processing TDM (RTP) CW PW MPLS/IP upstream SPUB board MPLS/IP ETH processing encapsulation ETH encapsulation TDM (RTP) CW PW MPLS/IP VLAN ETH
IP/MPLS

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

133

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

Packing/Unpacking of SAToP packets The MA5600T/MA5603T packs E1 data in the SAToP format, and adds the control word and RTP header (optional in the MPLS mode) to the SAToP packets.

Encapsulation of MPLS labels The MA5600T/MA5603T adds/deletes the MPLS labels, and maps inner labels to user circuits. In the MPLS+MPLS encapsulation, the outer LSP label is used for transmitting the packet over an MPLS network; in the IP+MPLS encapsulation, the outer IP address is used for transmitting the packet over an IP network. The inner label is used for mapping to a user circuit. The inner PW tunnel is a bidirectional MPLS tunnel that carries TDM data. A PW label can be statically configured or dynamically created through protocol (LDP). The outer tunnel can be MPLS-encapsulated or IP-encapsulated. In the case of MPLS encapsulation, the outer MPLS tunnel can be statically configured or dynamically created through protocol (LDP or RSVP-TE). In the case of IP encapsulation, the outer IP tunnel can be statically configured.

Ethernet processing: In the upstream direction, the ETH header is encapsulated to the packet label header, and then the packet is transmitted through the upstream port on the control board. The upstream VLAN of the TDM PWE3 packet is a service VLAN, which is the VLAN of the corresponding upstream port. The Layer 3 interface MAC address is filled in as the source MAC address of the TDM PWE3 upstream packet, and the MAC address of the next-hop interface (this MAC address can be learned through ARP) is used as the destination MAC address.

In the GPON access scenario, the MA5600T/MA5603T supports the native TDM solution (a Huawei proprietary protocol). Figure 8-14 shows the service processing flow. Figure 8-14 Processing flow of TDM PWE3 service in the native TDM solution
E1 ONU GPON board CSPA board Native adaptation TDM VC12 VLAN ETH CESoP processing TDM (RTP) CW VLAN ETH SPUB board MPLS/IP processing TDM (RTP) CW PW MPLS/IP ETH encapsulation TDM (RTP) CW PW MPLS/IP VLAN ETH IP /MPLS

TDM

TDM VC12 (ETH) GEM GPON

TDM

In the upstream direction, the ONT encapsulates the E1 service in the native TDM format (defined by Huawei), then encapsulates the native TDM packet as a payload into the GEM frame, and transmits the GEM frame to the OLT.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

134

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

The OLT terminates the GEM encapsulation of GPON and obtains the native TDM packet. Then, the OLT restores the E1 service from the native TDM packets, and encapsulates and processes the E1 service in a flow similar to that in E1 access.

QoS Processing
Figure 8-15 shows the QoS processing flow of TDM PWE3 service, considering the example of SAToP (MPLS over MPLS encapsulation). Figure 8-15 QoS processing flow of upstream SAToP service (MPLS over MPLS encapsulation)
User side PW E1 EXP1 EXP2 EXP3 LSP EXP1 EXP2 EXP3 VLAN CoS1 CoS2 CoS3 Queues S GE Network side

TDM

TDM PW EXP

TDM PW EXP LSP EXP

TDM PW EXP LSP EXP ETH

TDM connection mapped to PW, configured on manmachine interface

PW EXP copied to LSP EXP

LSP EXP mapped to ETH CoS

Packets sent to queues for PQ, WRR, and PQ+WRR scheduling

8.1.6.3 ATM PWE3 Principle Processing of ATM PWE3 PDUs


Figure 8-16 shows how ATM pseudo wire emulation edge-to-edge (PWE3) protocol data units (PDUs) are processed on the provider edge (PE) and provider (P) devices. The MA5600T/ MA5603T can function as a PE or a P device. The PE establishes an MPLS-based PW tunnel and encapsulates the user data packets (ATM cells or Ethernet packets) with two labels at the transmit (Tx) end for transmission. The P device forwards the packets. The PE at the receive (Rx) end decapsulates the received MPLS packets, restores the original user data packets, and transmits the packets to users.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

135

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

Figure 8-16 Processing of ATM PWE3 PDUs


Modem ADSL2+ PE P P PE ADSL2+ STM-1 Modem

STM-1

ATM DSLAM

ATM ADSL

ATM PW LSP VLAN ETH

ATM PW LSP VLAN ETH

ATM PW LSP VLAN ETH

ATM ADSL

ATM DSLAM

N-to-1 protocol stack

Processing of ATM PWE3 Service


Figure 8-17 shows how the ATM PWE3 service (MPLS over IP or MPLS over MPLS encapsulation) is processed. Figure 8-17 Processing of ATM PWE3 service
MA5600T/MA5603T IP/MPLS encapsulation ATM ATM CW ATM CW PW IP/MPLS ETH encapsulation ATM CW PW IP/MPLS VLAN Upstream direction ETH IP/MPLS

Encapsulation/Decapsulation of ATM cells A control word is added to an ATM cell. Figure 8-18 shows the format of the control word. Figure 8-18 Format of the control word for an ATM cell

l
Issue 01 (2011-10-30)

MPLS over IP encapsulation (MPLS over MPLS encapsulation is the same.)


Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 136

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

The IP header and the PW label are added/deleted, and the PW label is mapped to a permanent virtual connection (PVC). The outer IP header is used for transmitting the packet through the IP network, and the PW label is used for mapping to a PVC. The source IP address in the IP header is the IP address of the Layer 3 interface, and the destination IP address is the IP address of the peer end (identical to the peer-address configured in the PW template). The ToS bit needs to be configured by users. The value of the protocol field is 137 (identifying an MPLS unicast packet), the value of the DF bit is 1, and that of the MF bit is 0. l Ethernet processing The upstream VLAN of the ATM PWE3 PDU is a service VLAN, which is the VLAN of the corresponding upstream port. The MAC address of the Layer 3 interface is filled in as the source MAC address of the ATM PWE3 upstream PDU, and the MAC address of the next-hop interface (this MAC address can be learned only by ARP) is used as the destination MAC address.

ATM PW N-to-1 (N > 1) Encapsulation


The following encapsulation formats are defined in the RFC4717 for the PWE3 emulation of ATM services in a packet-switched network (PSN). The MA5600T/MA5603T supports N-to-1 (N 1) and ATM adaptation layer 5 (AAL5) service data unit (SDU) encapsulation. l l l l N-to-1 (N > 1): Multiple ATM virtual channel connections (VCCs) or virtual path connections (VPCs) are transported in one PW. 1-to-1: Only one ATM VCC or VPC is transported in one PW. AAL5 SDU: Only the AAL5 CPCS-SDU payload is transported. AAL5 PDU: The AAL5 PDU, together with the PAD and CPCS-PDU, is transported.

For the N-to-1 (N > 1) ATM PWE3, user cells in multiple user-side PVCs are encapsulated into one PW. In order for the Rx end to differentiate these cells, the ATM service payload in a PW needs to contain the VPI/VCI information about the cells and the VPI/VCI information about each cell needs to be unique. During user service provisioning by carriers, however, the VPI/ VCI values of all user PVCs are the same. As such, VPI/VCI switching is required when user PVCs are encapsulated into a PW to ensure unique VPI/VCI values for cell differentiation. The MA5600T/MA5603T supports the following two PVC (VPI/VCI) switching methods. l The peer PE transparently transmits PVCs and does not perform downstream PVC switching, as shown in Figure 8-19. In the upstream direction, PVC switching is performed on ingress PE1 for the cells with the same VPI/VCI values from different ports. This is to ensure the uniqueness of VPI/ VCI values in a PW. After the cells are transmitted upstream to egress PE2, egress PE2 transparently transmits the cells without downstream PVC switching. In the downstream direction, ingress PE2 does not perform PVC switching in the inbound direction but transparently transmits the cells to egress PE1. Egress PE1 then performs PVC switching and transmits the cells to the AC-side xDSL port.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

137

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

Figure 8-19 PVC switching method 1: transparently transmitting PVC by the peer PE
User-side PVC cells Access node Cells in a PW ATM PW GW

Port 1, 0/35 Switches PVCs upstream and downstream Port 2, 0/35

Outbound Inbound Outbound Inbound PE1

2/32 2/32 2/33 2/33

Inbound Outbound Inbound Outbound PE2

2/32 Transparently transmits PVCs 2/33

The peer PE performs downstream PVC switching, as shown in Figure 8-20. In the upstream direction, PVC switching is performed on ingress PE1 with the same VPI/VCI values from different ports. This is to ensure the uniqueness of VPI/VCI values in a PW. After the cells are transmitted upstream to egress PE2, egress PE2 performs downstream PVC switching. In the downstream direction, ingress PE2 does not perform PVC switching in the inbound direction but transparently transmits the cells to egress PE1. Egress PE1 then performs PVC switching and transmits the cells to the AC-side xDSL port. Figure 8-20 PVC switching method 2: downstream PVC switching by the peer PE
User-side PVC cells Access Node Cells in a PW 1/32 2/32 1/33 2/33 ATM PW GW

Port 1, 0/35 Switches PVCs upstream and downstream Port 2, 0/35

Outbound Inbound Outbound Inbound PE1

Inbound Outbound Inbound Outbound PE2

2/32 Switches PVCs only downstream 2/33

ATM Cell Concatenation


In order to improve transport efficiency on the PSN, multiple ATM cells are encapsulated in a single PW PDU. This process is called ATM cell concatenation. With cell concatenation, cell transfer delay and jitter in the link are increased although the encapsulation efficiency is improved. For example, the more the cells are concatenated, the greater the delay of sending encapsulated cells. The MA5600T/MA5603T provides two parameters, maximum number of concatenated cells and maximum encapsulation delay of cells, for balance. As shown in Figure 8-21, during encapsulation of the concatenated cells, the cells are sent once the maximum encapsulation delay of cells or the maximum number of concatenated cells is reached.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 138

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

Figure 8-21 Maximum number of concatenated cells and maximum encapsulation delay of cells

PW playload 2 1 1

3 2 1 4 5 4

Maximum number of concatenated cells

Cells

5 t

Maximum encapsulation delay of cells

QoS Processing of ATM PWE3 Service


Figure 8-22 shows the QoS processing of the ATM PWE3 service (MPLS over MPLS encapsulation). Figure 8-22 QoS processing of upstream ATM PWE3 service (MPLS over MPLS encapsulation)
User side PW ATM EXP1 EXP2 EXP3 IP ToS1 ToS2 ToS3 VLAN CoS1 CoS2 CoS3 Queues S GE Network side

ATM

ATM PW EXP

ATM PW EXP LSP EXP

ATM PW EXP LSP EXP ETH

PVC mapped to PW, configured on man-machine interface

PW EXP copied to IP ToS

LSP EXP mapped to ETH CoS

Packets sent to queues for PQ, WRR, and PQ+WRR scheduling

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

139

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

PW-based Dual-Bucket CAR


QoS is required for the user ATM cells carried in ATM PWE3 over the PSN network. Due to mechanism differences, the ATM traffic policing mechanism needs to map the MPLS traffic policing mechanism on an ingress PE, and a reverse mapping is required on an egress PE. In the upstream direction of an ingress PE, PW-based dual-bucket CAR, that is, two rate three color marker (trTCM), is performed according to PW CAR or LSP CAR. With this mechanism, ATM cells whose rate is lower than committed information rate (CIR) are marked with the default CoS value of ATM over Ethernet (AoE) traffic streams, and ATM cells whose rate is higher than CIR and lower than peak information rate (PIR) are re-marked with a low-priority CoS value, while ATM cells whose rate is higher than PIR are dropped. During encapsulation of PW PDUs, the CoS of the AoE packet is mapped to the EXP field of the inner PW label and then to the EXP field of the outer MPLS label. Then, traffic policing is performed over the PSN network based on the EXP field of the outer MPLS label, as shown in Figure 8-23. In the downstream direction of an egress PE, the egress PE works with the ingress PE to put the ATM cells carrying the default CoS tag and those carrying the low-priority CoS tag into the same queue according to the CoS information carried in the EXP field. Also, different early drop thresholds are configured for these two CoS tags to ensure that ATM cells whose rate is lower than CIR have a higher priority when congestion occurs. In the upstream direction, the MA5600T/MA5603T implements PW-based dual-bucket CAR on the SPUB board, which achieves trTCM by CoS re-marking based on CIR and PIR, as shown in Figure 8-23. In the downstream direction, the MA5600T/MA5603T does not perform CAR or CoS-based tail drop on the SPUB board, but implements queue-based early drop on the xDSL board according to the CoS early drop threshold, as shown in Figure 8-24. Figure 8-23 PW-based dual-bucket CAR on the SPUB board (in the upstream direction)
IP DSLAM ATM IP PWE3 Gateway ATM

IP DSLAM
AOE cos 1 cos 4 cos 5 PWE3 cos 1-> exp 1 cos 4-> exp 4 cos 5-> exp 5

Router

PWE3 Gateway
ATM port1 exp1,0->queue0 exp4,2->queue1 exp5->queue3 ATM port2 exp1,0->queue0 exp4,2->queue1 exp5->queue3

UBR+

PIR CIR PIR CIR CIR

rt-VBR CBR

exp 1->exp 0 exp 1->exp 1 exp 4->exp 2 exp 4->exp 4


exp 5->exp 5

exp 0 exp 1 exp 2 exp 4 exp 5

exp 0 exp 1 exp 2 exp 4 exp 5

xDSL

SPUB Dual bucket CAR based on PW PQ/WRR based on exp

Weighted Early Discard Threshole

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

140

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

Figure 8-24 Threshold-based early drop on the xDSL board (in the downstream direction)
IP DSLAM ATM IP PWE3 Gateway ATM

IP DSLAM
xDSL port1 cos1,0->queue0 cos4,2->queue1 cos5->queue3 xDSL port2 cos1,0->queue0 cos4,2->queue1 cos5->queue3 cos 0 cos 1 cos 2 cos 4 cos 5 exp 0 exp 1 exp 2 exp 4 exp 5

Router
exp 0 exp 1 exp 2 exp 4 exp 5

PWE3 Gateway

UBR+>MCR -> exp 0 UBR+ < MCR -> exp 1 VBR-rt > MCR -> exp 2 VBR-rt < MCR -> exp 4 exp 5

PCR
MCR

UBR+

PCR
MCR

VBR-rt

MCR

CBR

xDSL Weighted Early Discard Threshole

SPUB PQ/WRR based on exp Dual bucket CAR

When cell concatenation is used for binding of ATM cells to PWs, PVCs of the same type are generally bound to the same PW. Because the AoE CoS value of the ATM cells is copied as the CoS value of the PW, the AoE CoS priority is affected when cells of different priorities are concatenated. l When PW does not use cell concatenation, a PW PDU contains only one ATM cell. In this case, the AoE CoS value of the ATM cell is directly copied as the EXP value of the PW PDU. When PW uses cell concatenation, a PW PDU contains multiple ATM cells. In this case, if the AoE CoS values of these ATM cells are different, the CoS value indicating the highest priority will be copied as the EXP value of the PW PDU. Then, the AoE CoS values (equaling the EXP value of the PW PDU) of ATM cells in the same PW PDU will be the same in the downstream direction, which affects queue scheduling on the xDSL board.

8.1.6.4 Principle of ETH PWE3 Processing Flow of ETH PWE3 Protocol Packets
Two encapsulation formats are defined in RFC4448 for the PWE3 emulation of Ethernet service in a PSN network. l l Tagged mode. In this mode, the packet going upstream carries the PW VLAN tag in the payload, and is stripped of the PW VLAN tag when going downstream. Raw mode. In this mode, the packet going upstream does not carry the PW VLAN tag; the PW payload, however, can carry the service VLAN tag.

Figure 8-25 shows the processing flow of ETH PWE3 protocol packets on the PE and P devices. The MA5600T/MA5603T can function as a PE or a P device. The PE establishes an MPLSbased PW tunnel, encapsulates the user data packets with two labels at the Tx end and transmits the packets. The P device forwards the packets. The PE at the Rx end decapsulates the received MPLS packets, restores the original user data packets, and transmits the packets to the user.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 141

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

Figure 8-25 Processing flow of ETH PWE3 protocol packets


PE Modem P P PE Modem

IP VLAN ETH xDSL

IP VLAN ETH PW LSP VLAN ETH

IP VLAN ETH PW LSP VLAN ETH

IP VLAN ETH PW LSP VLAN ETH

IP VLAN ETH xDSL

Tagged mode protocol stack

Processing Flow of ETH PWE3 Service


Figure 8-26 shows the processing flow of ETH PWE3 service (MPLS over MPLS encapsulation). Figure 8-26 Processing flow of ETH PWE3 service
OLT MPLS encapsulation ETH GE/FE ETH ETH PW MPLS ETH encapsulation ETH PW MPLS VLAN Upstream direction ETH MPLS

QoS Processing Flow of ETH PWE3 Service


Figure 8-27 shows the QoS processing flow of ETH PWE3 service (MPLS over MPLS encapsulation).

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

142

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

Figure 8-27 QoS processing flow of upstream ETH PWE3 service (MPLS over MPLS encapsulation)
User side PW GE EXP1 EXP2 EXP3 LSP EXP1 EXP2 EXP3 VLAN CoS1 CoS2 CoS3 Queues S GE Network side

ETH

ETH PW EXP

ETH PW EXP LSP EXP

ETH PW EXP LSP EXP ETH

ETH CoS mapped to PW

PW EXP copied to LSP EXP

LSP EXP mapped to ETH CoS

Packets sent to 8 queues for PQ, WRR, and PQ+WRR scheduling

8.1.6.5 Traffic Label Principle Context


As services are developing, service traffic over a PW becomes heavier and heavier. For example, in the case of the wholesale service, certain carriers encapsulate all service traffic on hundreds or thousands of xDSL ports into a PW, and as a result traffic over the PW reaches the gigabit level. As such, a PW carrying such a heavy traffic is called fat PW. The fat PW burdens the equipment that it traverses, and results in congestion, packet loss, and unguaranteed QoS. To solve problems incurred by the fat PW, IETF proposed a traffic label solution: Traffic over a fat PW takes different paths from the PW ingress PE to the PW egress PE within the network through load balancing (ECMP). To achieve PWE3 load balancing, PW data at the PW ingress PE are segmented into bundles of data streams and an MPLS label (traffic label) is allocated to every data stream. In this way, every traffic label identifies a different data stream and the traffic label is stored in the innermost area of the ingress PE label stack. Later, data is forwarded in the load balancing mode according to the traffic label, taking different data streams along different paths within the network. In terms of PW load balancing, data over a PW arrives at the destination along different paths and this may incur disordered packets. Given this, this technology is applicable to only those services that are not sensitive to disordered packets, such as the Ethernet service. For the ATM and TDM emulation services, this technology is not applied because they have strict requirements on timing and order of packets. PW load balancing is implemented based on equal cost LSP that is based on the equal cost route.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

143

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

Application Description
Figure 8-28 shows an application over an existing network where a large amount of the legacy equipment does not support the traffic label. In this application, the PE supports generating the traffic label and performing load balancing but the P has no traffic label capability (for example, the legacy equipment over the network). l l PE1 generates traffic label (FL) and at the same time performs load balancing (flow1 and flow2). PE2 removes the FL. P1, P2, and P3 do not support traffic label for load balancing and they only forward data like a common P.

Figure 8-28 Traffic label application (P equipment does not support traffic label for load balancing)
P1 PE1 Flow 1 P3

PE2

Ingress P2

P5

Engress

P4 Flow 2

Payload Payload ETH ETH FL PW LSP ETH

Payload Payload ETH FL PW LSP ETH ETH FL PW LSP ETH

Payload Payload ETH FL PW LSP ETH ETH

8.1.6.6 PW Redundancy PW Redundancy Signaling Mechanism


Introduction of the PW protection mechanism will break the original model of 1-to-1 mapping between AC and PW in PWE3. To keep the original forwarding action, you must ensure that only one PW in the redundancy PW group is in the active state and other PWs are in the standby state. The LDP PW signaling (RFC4447) requires to use PW status TLV to transfer the PW forwarding status. PW status TLV can be carried by the label mapping message or notification message. PW status TLV is a 32-bit status code and each bit identifies a PW forwarding state. Based on this status code, PW redundancy introduces a new PW status code (0x00000020 - PW forwarding standby) to indicate that the PW is in the standby state currently.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 144

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

Primary/Secondary and Active/Inactive


There are two couples of important concepts in PW redundancy and the detailed descriptions are as follows: l Primary/Secondary refers to the PW forwarding priority and is the PW configuration parameter. The primary PW is preferentially used to forward traffic and the secondary PW is used to protect primary PW. The primary PW is used to forward traffic when the state of the primary and secondary PWs is the same. Currently, only one secondary PW can be configured for each primary PW. l Active/Inactive refers to the PW forwarding status. It indicates the PW running status and is not the configuration parameter. Only the PW in the active state can be used to forward traffic. The local active or inactive state of a PW is determined by the local and remote signaling status and priority (configured primary/secondary) of the PW. Only the PW in the optimal state and with the highest priority can be selected as the active PW to forward traffic, and all other PWs are in the inactive state. PWs in the inactive state are not used to forward traffic but can be enabled to receive traffic (can be used only for VLL PW).

PW Redundancy Working Mode


The PW redundancy working mode is specified on PE that is configured with active and standby PWs. Master/Slave mode: In this mode, the local end determines the active or standby state of the PW and uses the signaling protocol to notify the remote end; the remote PE can sense the active or standby state. The active/ standby relationship on the PW side and the active/standby relationship on the AC side do not affect each other. Therefore, faults can be isolated between the PW side and the AC side. The MA5600T/MA5603T currently can function as a master in this mode. Independent mode: In this mode, the active or standby state of the local PW is determined by the negotiation result of the remote AC side; the remote end notifies the local end of the active or standby state. The protection switching due to faults on the AC side will cause the protection switching on the PW side. Therefore, faults cannot be isolated.

8.1.6.7 PW OAM (VCCV) VCCV Ping Application


Virtual Circuit connectivity verification (VCCV) is an end-to-end mechanism to detect and diagnose PW faults. To put it simply, VCCV is a control channel for transmitting connectivity verification messages between PW ingress and PW egress. VCCV ping is a tool for manually detecting the connectivity status of virtual circuits. It is implemented through extending LSP ping. VCCV defines a series of messages exchanged among PEs to verify PW connectivity. To ensure that the VCCV packet traverses the same path as the data packet in the PW, the VCCV packet must be encapsulated in the same encapsulation mode as the PW and must traverse the same tunnel as the PW packet.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 145

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

VCCV ping can be used on the U-PE to detect PW connectivity, including detecting the connectivity of the static PW, dynamic PW, single-hop PW, and multi-hop PW. The MA5600T/ MA5603T supports single-hop-VCCV (SH-VCCV) ping and does not support multi-hop-VCCV (MH-VCCV) ping temporarily. Figure 8-29 shows the VCCV ping application. Figure 8-29 VCCV ping application
CE PE SPE P LSP2/PW2 PE CE

LSP1/PW1 LSP ping LSP label LSP ping LSP ping SH-VCCV

SH-VCCV PW label MH-VCCV

Principle
VCCV ping is implemented through the VCCV packet and the LSP ping packet therein carries the target FEC stack. Figure 8-30 describes the parameters of the VCCV packet. Figure 8-30 VCCV packet parameters

0x0c

0x04

CC types

CV types

CC Types indicates the control channel type. Figure 8-31 describes the CC for the VCCV function, which is defined in RFC5085. Figure 8-31 CC in the VCCV packet

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

146

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

Type1: control word channel. Whether VCCV is performed depends on the control word (0001 or not). SH-VCCV and MH-VCCV are supported. If the PE supports control word, CC type1 is used preferentially. Type2: MPLS router alert channel. Whether VCCV is performed depends on a specific label value (label = 2). SH-VCCV is supported and MH-VCCV is not supported. Type3: maximum-hop channel. VCCV is performed if the TTL value of the inner label of MPLS is 1. SH-VCCV and MH-VCCV are supported. l CV Types indicates the connectivity verification type. Figure 8-32 describes the CV for the VCCV function, which is defined in RFC5085. The MA5600T/MA5603T supports only CV of the LSP ping type. Figure 8-32 CV in the VCCV packet

T-PE peers at both sides negotiate CC and CV capabilities during PW set-up, and then send the same CC and CV types used by VCCV ping as the negotiation result. If the PE supports control word, CC type1 is used preferentially. SH-VCCV and MH-VCCV are implemented through setting different inner PW label TTL values. Figure 8-33 shows the CC Type1 VCCV flow. Figure 8-33 CC Type1 MH-VCCV/SH-VCCV flow
U-PE VCCV CW (0001) TTL=255 MH-VCCV CC Tpye 1 S-PE S-PE U-PE

VCCV CW (0001) TTL=254

VCCV CW (0001) TTL=253 Trigger VCCV

SH-VCCV CC Tpye 1

VCCV CW (0001) TTL=1 Trigger VCCV

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

147

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

Figure 8-34 shows the CC Type3 VCCV flow. Figure 8-34 CC Type3 MH-VCCV/SH-VCCV flow
U-PE VCCV No CW TTL=3 MH-VCCV CC Tpye 3 S-PE VCCV No CW TTL=2 S-PE U-PE

VCCV No CW TTL=1 Trigger VCCV

SH-VCCV CC Tpye 3

VCCV No CW TTL=1 Trigger VCCV

The U-PE and S-PE differ in processing the VCCV packet: l l l The S-PE pays attention to only the PW TTL value. If the PW TTL value is 1, VCCV is performed. The U-PE pays attention to not only CW (VCCV is performed if the first half-byte is 0001) but the PW TTL value (VCCV is performed if the PW TTL value is 1). If the U-PE initiates VCCV to the S-PE, a proper TTL value needs to be set, irrespective of whether CW is used.

8.1.7 Network Applications


Network Applications of TDM PWE3
For details on the corresponding clock solution of the TDM service, see 23.2 Clock and Time System. l Network application: converting the TDM PWE3 service or the native TDM service into the E1/STM-1 service for upstream transmission As shown in Figure 8-35, the mobile 2G base station is connected to the ONU through TDM E1. The ONU performs TDM PWE3 emulation, or the ONT encapsulates the TDM frame into the GPON GEM frame directly to transmit TDM service over the GPON network (native TDM). The OLT terminates the TDM PWE3 signals and transmits the signals to the upstream SDH network through the E1 or STM-1 port.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

148

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

Figure 8-35 Network application: converting the TDM PWE3 service into the E1/STM-1 service for upstream transmission
BTS N*E1 ONU OLT E1/STM-1 SDH TDM PWE3 Service stream E1/STM-1 BSC

TDM

Network application: converting the native TDM service into the TDM PWE3 service As shown in Figure 8-36, the mobile 2G base station is connected to the ONT through TDM E1. The ONT encapsulates the TDM frame into the GPON GEM frame directly to transmit TDM service over the GPON network (native TDM). The OLT coverts the native TDM packets into CESoP, and transmits service streams to the peer TDM PWE3 device (a PTN device in this example) through the PSN. In this way, the messages between the BTS and the BSC are transmitted over the PSN. Figure 8-36 Network application: converting the native TDM service into the TDM PWE3 service
BTS N*E1 PSN ONT OLT PTN N*E1 BSC

TDM

Native TDM

TDM PWE3(SAToP)

TDM

Service stream

Network Applications of ATM PWE3


l Network application: implementing PWE3 private line upstream transmission in ATM access As shown in Figure 8-37, when the MA5600T/MA5603T is connected to the ATM DSLAM or ADSL2+ modem, ATM private line service can be implemented between the MA5600T/MA5603T and the peer ATM BRAS through ATM PWE3 private line. The ATM PWE3 private line service is applicable to ATM network restructuring.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

149

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

Figure 8-37 Network application: implementing PWE3 private line upstream transmission in ATM access
Modem ADSL2+ GE STM-1 PSN ATM Access Node PWE3 Gateway

ATM PWE3 ATM DSLAM

Network Applications of ETH PWE3


l Network application: implementing PWE3 private line upstream transmission in FE/GE access As shown in Figure 8-38, the enterprise router is connected to the OLT through FE/GE. The OLT interconnects with the peer ETH PWE3 device of the enterprise through the ETH PWE3 private line to implement the ETH private line service. Figure 8-38 Network application: implementing PWE3 private line upstream transmission in FE/GE access
ONU FE/GE OLT GE PSN OLT ONU

ETH PWE3

8.1.8 Glossary, Acronyms, and Abbreviations


Glossary
Term PE Explanation A PE is an edge router on the core network. It is connected to a CE and mainly implements the VPN service access. A PE maps and forwards packets from the private network to the public network tunnel, or from the public network tunnel to the private network. PEs can be classified as UPE and SPE.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 150

Issue 01 (2011-10-30)

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

Term P device

Explanation A P device is a backbone device on the service provider's network and is not directly connected to a CE. The P device only needs to possess the basic MPLS forwarding capability, but need not maintain the VPN information.

Acronyms and Abbreviations


Acronym/Abbreviation PWE3 Full Spelling Pseudo wire emulation edge-to-edge (a pointto-point L2VPN service provided on the public network). Pseudo wire (A bidirectional virtual connection between two PEs. It consists of two uni-directional MPLS VCs.) Multi-Protocol Label Switch Time division multiplexing Structure-agnostic transport over packet Circuit-Emulation Service over Packet Provider edge router (a router located on the edge of a backbone network) Ultimate provider edge (a PE located closer to the user side, mainly functioning as a VPN aggregation device for user access) PW switching point (A switching node PE in multi-hop PW. SPE does not exist in RSVP signaling.) Attachment circuit (An access link, a connection between CE and PE. It can be a physical interface or a virtual interface.) Control word Virtual circuit connectivity verification Multi-hop VCCV Single-hop VCCV Base transceiver station Base station controller

PW

MPLS TDM SAToP CESoP PE UPE

SPE

AC

CW VCCV MH-VCCV SH-VCCV BTS BSC

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

151

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

Acronym/Abbreviation ECMP

Full Spelling Equal cost multiple path

8.2 Native TDM


In Native TDM, TDM frames are directly encapsulated to GPON GEM frames in TDMoGEM mode. This mode features simple encapsulation, small network cost, and guaranteed link quality.

8.2.1 Introduction
Definition
By using the standard 8 kHz (125m) frames, the GPON GTC layer is synchronous in nature. Therefore, GPON can support the TDM service. This is called Native TDM. In Native TDM, TDM frames are directly encapsulated to GPON GEM frames in TDMoGEM mode. This mode features simple encapsulation, small network cost, and guaranteed link quality.

Purpose
Currently, the circuit switched network is evolving to the packet switched network. During the deployment of the packet switched network, the method to provide traditional circuit switching service over the packet switched network must be taken into consideration. In a GPON network deployment, the traditional TDM service can be delivered over the PSTN network through the Native TDM mode.

8.2.2 Specifications
l l l l l l Each TOPA board provides 16 E1 upstream ports or two STM-1 ports. Each TOPA board provides 2 STM-1 ports and supports processing the Native TDM service based on packet transmission. Up to 63 TDM service streams can be configured on each STM-1 upstream port. The STM-1 port supports 1+1 protection. The STM-1 port supports the system clock, line clock, and recovery clock. Each TOPA board supports two STM-1 ports, with each STM-1 port supporting creation of up to 63 TDM service virtual ports. Therefore, each TOPA board supports creation of up to 126 TDM service virtual ports. The 24-hour BER of the TDM service is 0. The delay of the TDM service transmission from the E1 port on the ONT to the upstream STM-1 port on the OLT must be shorter than 1.5 ms.

l l

8.2.3 Reference
The following lists the reference documents of Native TDM: l ITU-T G.984.1 General characteristics for Gigabit-capable Passive Optical Networks (GPON)
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 152

Issue 01 (2011-10-30)

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

l l l

ITU-T G.984.2 Gigabit-capable Passive Optical Networks (GPON): Physical Media Dependent (PMD) layer specification ITU-T G.984.3 Gigabit-capable Passive Optical Networks (GPON): Transmission convergence layer ITU-T G.984.4 Gigabit-capable Passive Optical Networks (GPON): ONT management and control interface specification

8.2.4 Availability
Hardware support
The Native TDM feature needs the cooperation between the TOPA board and the GPBC or GPBD board.

License support
The Native TDM feature is the basic feature of the MA5600T/MA5603T. Therefore, no license is required for accessing the corresponding service.

Limitation
l l l The E1 ports of the ONU/ONT must support the Native TDM mode. The E1 service traffic is processed as the unstructured data stream in a unified way. The structured channel mode is not supported. The STM-1 port does not support the OC-3 mode.

8.2.5 Principle
Basic Principle
The MA5600T/MA5603T supports E1 and STM-1 upstream transmission mode. The following section uses E1 upstream transmission as an example.
NOTE

The application of STM-1 upstream transmission is similar to the application of E1 upstream transmission. The only difference lies in that different daughter boards are attached to the TOPA boards in two applications. When the TOPA board provides STM-1 ports, STM-1 frames are generated. One STM-1 frame can encapsulate and multiplex up to 63-channel E1 service signals (One STM-1 frame contains one VC4, one VC4 maps 63 VC12s, and one VC12 maps one-channel E1 service signal).

In the TDMoGEM mode, the TDM frame is directly encapsulated to the GPON GEM frame so that the TDM service can be transmitted in a GPON network. Figure 8-39 shows the basic principle of Native TDM.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

153

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

Figure 8-39 Basic principle of Native TDM


TDM byte buffer GEM frame PLI Input buffer PortID PTI HEC

Input of TDM TDM service

TDM data

Payload:TDM field

Poll each frame to confirm the sent bytes

Mapping of the TDM service to the GEM frames allows variation of the GEM frame length based on frequency offset of the TDM service. The length of the TDM field is specified by the PLI field. In the adaptation process of the TDM source, the input data enters a queue in the input buffer. When a frame arrives (namely for every 125 s) there, the multiplexing entity of the GEM frame records the number of bytes to be sent in the current GEM frame. In general, the PLI specifies a fixed byte count based on the TDM nominal rate. But it happens that the bytes larger or smaller than the fixed byte count are sent, which are reflected in the PLI field. The TDMoGEM mode does not distinguish whether it is a structured service such as the voice and PBX access services, or an un-structured service such as private line service. All services are handled as un-structured services. GPON access transparently delivers only the E1 service without performing the refined service processing. In other words, GPON access provides the long-haul E1 transmission. In general, the private line service has an independent clock, which is asynchronous with the GPON line clock. The jitter and frequency difference exist between the two clocks. Therefore, the E1 service traffic can be transmitted only after the E1 rate adjustment occurs at the ONU. The bit asynchronous mapping mode of SDH is adopted while the GPON line clock or system clock is used as the reference clock. Through the bit adjustment, the E1 service traffic is mapped to the payload section of the tributary unit to form a standard VC12 virtual channel, which is delivered in the GEM frame. At the receiver end, de-byte adjustment is adopted to recover the original clock and the E1 service traffic.

Application
Figure 8-40 shows the TDMoGEM network application. The E1 ports of the ONU/ONT access the TDM traffic from the base stations and enterprises. The ONU/ONT sends both the Ethernet traffic and the TDM traffic to the OLT. The OLT differentiates the Ethernet traffic and the TDM traffic, and sends the traffic to the IP network and the SDH network, respectively.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

154

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

Figure 8-40 Native TDM network application


Ethernet E1 Base station ONU OLT Ethernet E1 Business center ONU GPON E1 SDH

GPON

Ethernet

Ethernet ONU E1 Business center TDMoGEM

8.3 Glossary, Acronyms, and Abbreviations


This topic provides the glossary, acronyms, and abbreviations of the Layer 2 tunnel emulation feature.

Glossary
None

Acronyms and Abbreviations


Table 8-4 Acronyms and abbreviations of the Layer 2 Tunnel Emulation feature Acronym/Abbreviation PWE3 TDM SAToP CESoP MPLS LDP LSP
Issue 01 (2011-10-30)

Full Spelling Pseudo Wire Emulation Edge-to-Edge Time-Division Multiplexing Structure-Agnostic Transport over Packet Circuit-Emulation Service over Packet Multi-Protocol Label Switching Label Distribute Protocol Label Switching Path

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

155

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

8 Layer 2 VPN

Acronym/Abbreviation BTS BSC

Full Spelling Base Transceiver Station Base Station Controller

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

156

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

9
About This Chapter
9.1 Overview

Layer 2 Protocol Handling

The Layer 2 protocol handling includes multiple features and also refers to link layer protocol management. This topic describes the features of Layer 2 protocol handling in details.

9.2 MAC Address Management This topic provides the definition, specifications, availability, and principle of the MAC address management feature. 9.3 1:1 VMAC VMAC means virtual MAC address. In 1:1 VMAC, the device replaces a single user MAC address with a unique virtual MAC address. The user MAC address and the VMAC of the device are in a 1:1 mapping. 9.4 N:1 VMAC VMAC means virtual MAC address. In N:1 VMAC, the device replaces a set of user MAC addresses with a unique virtual MAC address. The user MAC addresses and the VMAC of the device are in an N:1 mapping. 9.5 VLAN Management This topic provides the definition, specifications, reference standards and protocols, availability, and principle of the VLAN management feature. 9.6 VLAN Switching Policy This topic provides the definition, specifications, availability, and principle of the VLAN switching policy. 9.7 Forwarding Policy This topic provides the definition, specifications, availability, and principle of the forwarding policy feature. 9.8 Bridging With the bridging feature enabled on the MA5600T/MA5603T, the access users on the MA5600T/MA5603T can communicate with each other at Layer 2. 9.3.6 Glossary, Acronyms, and Abbreviations

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

157

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

9.1 Overview
The Layer 2 protocol handling feature refers to the management of the link layer protocol, including the following sub features: MAC address management, VLAN management, traffic stream processing capability, forwarding policy, traffic classification policy, access user bridging.

9.2 MAC Address Management


This topic provides the definition, specifications, availability, and principle of the MAC address management feature.

9.2.1 Introduction
Definition
MAC address management is a basic Layer 2 management feature, including setting the MAC address aging time, limiting the number of dynamic MAC addresses (the number of the MAC addresses that can be learned), and setting the static MAC address.

Purpose
l Setting the MAC address aging time After the MAC address aging time is set, the system periodically checks a dynamic MAC address that is aged. If no packet carrying this source MAC address is transmitted or received one or two times of the aging time, the system deletes the MAC address from the MAC address table. l Limiting the number of dynamic MAC addresses (the number of the MAC addresses that can be learned) Manual configuration of the number of dynamic MAC addresses (the number of the MAC addresses that can be learned) is supported. When the number of learned MAC addresses reaches the maximum number, the user port does not learn new MAC addresses. l Setting the static MAC address To connect the system to a device with a specified MAC address through a port, configure a static MAC address. The system forwards data according to the static MAC address directly.

Benefits
Benefits to Carriers l l Limiting the number of dynamic MAC addresses can limit the number of the MAC addresses that enter the network and reduce the load of the network device. Setting the dynamic MAC address can prevent MAC address change.

Benefit to Subscribers After the static MAC of the service port is set and the maximum number of the MAC addresses that can be learned is set to 0, the port receives only the user data that carry the preset static
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 158

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

MAC address, and thus, the MAC address binding function is implemented. This improves the user security.

9.2.2 Specifications
The specifications of the MAC address management feature are as follows: l l l The SCUB control board supports a maximum of 16K MAC addresses. The SCUL control board supports a maximum of 16K MAC addresses. When working with the H801M2XA daughter board, the SCUN control board supports a maximum of 512K MAC addresses. When working with other daughter boards, it supports a maximum of 32K MAC addresses. The SCUF control board supports a maximum of 32K MAC addresses. The GPBC/GPBD/ETHB board supports a maximum of 32K MAC addresses. The xDSL/OPFA board supports a maximum of 1K MAC addresses. Setting the maximum number of the MAC addresses learned based on the service virtual port The maximum number of MAC addresses learned of a PON service board: 1023 (1023 indicates no limitation. In this case, the number of learnable MAC addresses is limited by the size of the learnable MAC address table of the corresponding board.) The maximum number of MAC addresses learned of an xDSL or OPFA board: 255 (255 indicates no limitation. In this case, the number of learnable MAC addresses is limited by the size of the learnable MAC address table of the corresponding board.) l l l The maximum number of static MAC addresses of the system: 1024 Setting the aging time of the dynamic MAC address, ranging from 10s to 1000000s, default: 300s Setting no aging of the dynamic MAC address

l l l l

CAUTION
The MAC address table adopts the Hash algorithm, which may result in Hash collision. l When the SCUN control board is used, it is recommended that the maximum number of concurrent online users (MAC addresses) in the system not exceed 16K. l When the SCUF control board is used, it is recommended that the maximum number of concurrent online users (MAC addresses) in the system not exceed 16K. l When the SCUL control board is used, it is recommended that the maximum number of concurrent online users (MAC addresses) in the system not exceed 4K. l When the SCUB control board is used, it is recommended that the maximum number of concurrent online users (MAC addresses) in the system not exceed 4K. l For the GPBC/GPBD board, it is recommended that the maximum number of concurrent online users (MAC addresses) on each board not exceed 4K. l For the ETHB/OPGD board, it is recommended that the maximum number of concurrent online users (MAC addresses) on each board not exceed 8K. l For the xDSL/OPFA board, it is recommended that the maximum number of concurrent online users (MAC addresses) on each board not exceed 256.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

159

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

9.2.3 Availability
License Support
No license is required to access the corresponding service.

Version Support
Table 9-1 Version Support Product MA5600T/ MA5603T Version V800R007C00 and later

9.2.4 Principle
Setting the MAC address aging time
l If the aging time is too short, the dynamic MAC address will be deleted too early. When the device receives a data packet from an unknown address, the device broadcasts this data packet to all the ports in a VLAN. Such unnecessary broadcast affects the operation performance of the system. If the aging time is too long, the device will be unable to update the MAC address table according to the network change. As a result, new MAC addresses cannot be learned and packets are broadcast because of unreachability to the destination address. Periodical aging of dynamic MAC addresses can release the MAC address resources and prevent the fault that new MAC addresses cannot be learned. The aging time takes effect to only the dynamic MAC address, but not to the static MAC address.

l l

Limiting the maximum number of MAC addresses that can be learned


l l Even if the number of dynamic MAC addresses learned by a service channel has reached the threshold, the static MAC addresses can be created manually for this service channel. After a static MAC address is manually created for a service port and the maximum number of dynamic MAC addresses that can be learned by the service port is set to 0, the port receives only the user data from the static MAC address. In this way, the MAC address binding function is implemented.

Setting the static MAC address


l The system overwrites the same dynamic MAC address, if any for the service virtual port or upstream port. The static MAC address cannot be created if the same static MAC address already exists in the system. A static MAC address cannot be included in an existing MAC address pool. Before configuring a static MAC address to a MAC address pool, run the display mac-pool command to check whether the MAC address pool contains the static MAC address to be configured.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 160

Issue 01 (2011-10-30)

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

l l l

One upstream port that exists in different VLANs can be configured with the same static MAC address. The system supports only unicast MAC addresses, which cannot be the MAC address of the system. Either a static MAC address or a dynamic MAC address can be deleted.

9.3 1:1 VMAC


VMAC means virtual MAC address. In 1:1 VMAC, the device replaces a single user MAC address with a unique virtual MAC address. The user MAC address and the VMAC of the device are in a 1:1 mapping.

9.3.1 Introduction
Definition
VMAC is abbreviated from virtual MAC address. It means that the MA5600T/MA5603T replaces the source MAC address of a user terminal with a virtual MAC address. In 1:1 VMAC, the MA5600T/MA5603T replaces each user MAC address with a unique virtual MAC address.

Purpose
In the typical Layer 2 forwarding model, a device is identified by its MAC address. However, not all such devices are directly controlled by the operator, so their MAC addresses may not always be trustable. Certain network devices have been used to solve the problem of MAC address conflict, but this is only part of the problems. l l The uniqueness of a MAC address can be ensured only at the network element (NE) level but not at the network level. An NE can detect a conflicting MAC address but cannot tell an authorized user from an unauthorized user.

VMAC comes up as an ideal solution. VMAC enables the operator to replace the MAC addresses of user devices with pre-defined (controllable) MAC addresses. Adopting VMAC enhances the Layer 2 forwarding model in two aspects: l Security: Replacing the MAC addresses of user devices with operator-defined MAC addresses ensures the uniqueness of MAC addresses in an entire network. This in turn avoids the problems arising from MAC address conflict. l Measurability: By ensuring the uniqueness of the MAC addresses of an entire network, the operator can connect multiple DSLAMs and edge routers by using the same VLAN. In this way, the operator can expand the number of devices sharing the same subnet and therefore improve the allocation efficiency of the IP address pool.

Benefit
Benefits to carriers
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 161

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

Security is enhanced. Carriers can allocate trusted virtual MAC addresses to replace source MAC addresses of user terminals, so users with untrustable MAC addresses are denied access to the carriers' networks. This is an effective countermeasure to MAC spoofing. Users can be identified. The coding of a virtual MAC address can contain the user location or other information (such as the subrack ID/slot ID/port ID), so the user can be directly located in the carrier's network according to the MAC address.

Benefits to users This feature prevents MAC address conflicts and protects users from MAC address spoofing.

9.3.2 Specifications
The specifications of the 1:1 VMAC feature are as follows: l l l l l l l l l l 1:1 VMAC is supported in PPPoE, PPPoA, and IPoE access. Each port supports a maximum of 32 VMACs in both PPPoE and IPoE access. The MA5600T/MA5603T supports 1:1 VMAC for a maximum of 8K ONTs, with each PON board supporting 1:1 VMAC for a maximum of 1K ONTs. A maximum of eight VMAC addresses are supported for each ONT. The maximum number of VMAC addresses for each ONT is configurable. The MA5600T/MA5603T supports a maximum of 64K GPON VMAC addresses, with each PON board supporting a maximum of 8K GPON VMAC addresses. The global-level VMAC switch and VLAN-level VMAC switch are supported. The VMAC mapping of only DHCP users is not lost after reset. The QinQ private line service does not support VMAC. LTM/LTR transparent transmission is supported. The MAC address in the Ethernet OAM LTM/LTR packet payload can also be replaced with a VMAC address. The MAC address in ARP, DHCP, and ND packet payloads can be replaced with a VMAC address.

9.3.3 Availability
License Support
The 1:1 VMAC feature is an optional feature of the MA5600T/MA5603T, and the corresponding service is controlled by the license.

Version Support
Table 9-2 lists the versions that support the 1:1 VMAC feature. Table 9-2 Base version required for the 1:1 VMAC feature in an IPv4 network Product MA5600T/MA5603T Version V800R006C02 and later versions

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

162

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

Feature Dependency
The VLAN-based 1:1 VMAC feature is mutually exclusive with the VLAN-based N:1 VMAC feature. Cascading GEM ports do not support GPON 1:1 VMAC. Type C does not support GPON 1:1 VMAC.

Hardware Support
Boards supporting PPPoE/IPoE 1:1 VMAC: xDSL, H805GPBD, OPFA, and OPGD boards. Boards supporting PPPoA 1:1 VMAC: xDSL boards.

9.3.4 Feature Enhancement


Table 9-3 lists the new functions of 1:1 VMAC in the new versions. Table 9-3 New functions of 1:1 VMAC Version V800R010 New Function GPON 1:1 VMAC

9.3.5 Principle
1:1 VMAC in PPPoE/IPoE Access
The user source MAC address exists not only in the MAC header but also in the data field. The MA5600T/MA5603T replaces the Ethernet source MAC address in both the header and the data field of the Ethernet frame. Figure 9-1 Working process of 1:1 VMAC in PPPoE/IPoE access
User MAC U1 MAC U1 MAC B MAC B MAC U1 MAC U1 MAC V1 MAC address conversion MAC V1 MAC B MAC B MAC V1 MAC B MAC Vn MAC Vn MAC B MAC B MAC Vn Destination MAC address Source MAC address Remaining fields in the packet BRAS

MAC Un

Figure 9-1 shows the working process of the 1:1 VMAC supported in PPPoE and IPoE. The detailed conversion process is as follows:
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 163

MAC Un MAC B MAC B MAC Un

MAC Un

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

In the upstream direction: When receiving a new user MAC address (MAC U1), the MA5600T/MA5603T adds a mapping entry of the new user MAC address and the VMAC: MAC U1 maps MAC V1. When receiving a user MAC address that is already mapped to an allocated VMAC address, the MA5600T/MA5603T only overwrites the aging flag and uses the allocated VMAC. When receiving a user MAC address that is not mapped to an allocated VMAC and finding that the VMAC entries have reached the maximum, the MA5600T/ MA5603T determines that the MAC address fails to be learned and discards the user packet. When the user is automatically allocated a VMAC (MAC V1) by the system, the source MAC address (MAC U1) in the Ethernet packet header is replaced with the VMAC.
NOTE

The VMAC conversion rule also applies to control-layer protocol packets (ARP, ND, DHCP, and ETHOAM). The UMAC (MAC U1) in the payload of these packets also needs to be replaced with VMAC (MAC V1).

In the downstream direction: The destination MAC address in the Ethernet packet is the VMAC (MAC V1). The system uses VLAN+VMAC to query the ARL table and obtain the egress port information. Then, the system queries the VMAC table and replaces the VMAC with the UMAC (MAC U1).
NOTE

The VMAC conversion rule also applies to control-layer protocol packets (ARP, ND, DHCP, and ETHOAM). The VMAC (MAC V1) in the payload of these packets also needs to be replaced with UMAC (MAC U1).

VMAC addresses that are not used are released according to the MAC address aging mechanism.

1:1 VMAC Aging Mechanism


The 1:1 VMAC aging mechanism has two types, which can be selected through CLI configuration l Aging mechanism based on ARL table: According to the preset MAC address aging time, the system periodically checks a dynamic MAC address that is aged. If no packet carrying the corresponding VMAC is transmitted or received within the aging time, the system automatically releases the VMAC and the VMAC can be allocated to another user. l Aging mechanism based on DHCP or SLAAC: If the DHCP server receives the IP address release request from the DHCP client or does not receive the lease renewal request from the client within the lease time, the DHCP server releases the IP address. The corresponding user MAC address and VMAC are aged only after the IP address is released; if the IP address is not released, the corresponding user MAC address and VMAC are not aged.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

164

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

1:1 VMAC in PPPoA Access


Figure 9-2 Working process of 1:1 VMAC in PPPoA
PPPoA packet DATA PPP AAL ATM PVC Add VMAC DATA DATA IP PPP PPPoE IPoE Ethernet MAC V1 MAC B MAC V1 MAC B MAC V1 MAC B MAC Vn MAC B MAC Vn DATA PPP AAL ATM PVC PPPoA packet MAC B MAC Vn DATA DATA IP PPP IPoE PPPoE Ethernet Destination MAC address Source MAC address Remaining fields in the packet

BRAS

PPPoA terminal 1 Connected to the same board PPPoA terminal n

Delete VMAC

Figure 9-2 shows the working process of 1:1 VMAC supported in PPPoA. The detailed conversion process is as follows: l In the upstream direction: The MA5600T/MA5603T allocates a VMAC to each port according to the 1:1 VMAC address allocation rule. After receiving PPPoA packets, the system replaces the source MAC address of each PPPoA session with the VMAC (MAC Vn or MAC V1) of the user port, and then forwards the packets according to the normal PPPoA forwarding process. l In the downstream direction: Each PPPoA session adopts the VMAC (MAC Vn or MAC V1) as the destination MAC address. The system uses VLAN+VMAC to query the ARL table and obtains the egress port information. Then, the system forwards the packets according to the normal forwarding process. GPON does not support PPPoA encapsulation; therefore, GPON 1:1 VMAC is not covered.

1:1 VMAC Conversion Policy for Unicast, Multicast, and Broadcast Packets
For unicast packets: l In the upstream direction, 1:1 VMAC conversion applies only to the source MAC address of the unicast packets received by the MA5600T/MA5603T, and does not apply to the destination MAC address of the packets. In the downstream direction, 1:1 VMAC conversion applies only to the destination MAC address of the unicast packets received by the MA5600T/MA5603T, and does not apply to the source MAC address of the packets.

For multicast packets: 1:1 VMAC does not apply to the multicast packets of the MA5600T/ MA5603T in either the upstream or downstream direction. For broadcast packets:

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

165

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

In the upstream direction, 1:1 VMAC conversion applies only to the source MAC address of the broadcast packets received by the MA5600T/MA5603T, and does not apply to the destination MAC address of the packets. In the downstream direction, the destination MAC address of the broadcast packets is the broadcast address FF and does not need to be converted; the source MAC address of the packet also do not need to be converted.

1:1 VMAC Format


The format of GPON 1:1 VMAC is different from that of other 1:1 VMAC. Table 9-4 describes the default format of GPON 1:1 VMAC and Table 9-5 describes the default format of other 1:1 VMAC. Table 9-4 GPON 1:1 VMAC format MAC Address 47-42 bits 41 bit Description Reserved bits, configurable through the CLI. Indicates whether the local MAC address is valid or the MAC address is assigned by an internal organization. Unicast address OLT ID configured by the user. ID of the GPON slot to which the user belongs. ID of the GPON port to which the user belongs. ID of the ONT to which the user belongs. Unique MAC address dynamically allocated by the OLT to the user.

40 bit 39-24 bits 23-18 bits 17-13 bits 12-3 bits 2-0 bits

Table 9-5 1:1 VMAC format MAC Address 47-42 bits 41-40 bits 39-21 bits 20-15 bits 14-6 bits 5-0 bits Description Reserved bits, configurable through the CLI. Fixed values (1 for bit 41 and 0 for bit 40). DSLAM ID configured by the user. ID of the slot to which the user belongs. ID of the port to which the user belongs. Unique MAC address allocated to the user.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

166

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description


NOTE

9 Layer 2 Protocol Handling

To ensure the uniqueness of the MAC address, the DSLAM or OLT ID must be configured before the VMAC function of the VLAN is enabled. The uniqueness of the DSLAM or OLT ID needs to be ensured during the configuration; otherwise, two different DSLAMs or OLTs may be allocated the same VMAC.

9.3.6 Glossary, Acronyms, and Abbreviations


Glossary
Table 9-6 Glossary of the terms related to the access user bridging feature Term User board S+C forwarding Description In this document, a user board refers to the board that provides users with the access service. In the S+C forwarding mode, Ethernet packets are forwarded according to the two-layer VLAN tags in the header. The external-layer VLAN tag is the S-tag and the internal-layer tag is the C-tag.

Acronyms and Abbreviations


Table 9-7 Acronyms and abbreviations of the access user bridging feature Acronym/ Abbreviation SCUN Full Spelling Description The SCUN control board. It provides up to 24 10GE ports, and 4 GE ports on the front panel. It provides 8 GE ports and 2 10GE ports on the front panel. Null Null Null Null Null Null Null

Super Control Unit Board VerN

SPU OLT ONU ONT VMAC ARL LTM LTR

Service Process Unit Optical Line Terminal Optical Network Unit Optical Network Terminal Virtual MAC Address Resolution List Linktrace Message Linktrace Reply

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

167

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

9.4 N:1 VMAC


VMAC means virtual MAC address. In N:1 VMAC, the device replaces a set of user MAC addresses with a unique virtual MAC address. The user MAC addresses and the VMAC of the device are in an N:1 mapping.

9.4.1 Introduction
Definition
VMAC is abbreviated from virtual MAC address. It means that the MA5600T/MA5603T replaces the source MAC address of a user terminal with a virtual MAC address. N:1 VMAC is also called single-MAC. In N:1 VMAC, a set of user MAC addresses are replaced with a unique virtual MAC address. When it comes to the MA5600T/MA5603T, all users of each service board are mapped to one virtual MAC address.

Purpose
In the typical Layer 2 forwarding model, a device is identified by its MAC address. However, not all such devices are directly controlled by the operator, so their MAC addresses may not always be trustable. Certain network devices have been used to solve the problem of MAC address conflict, but this is only part of the problems. l l The uniqueness of a MAC address can be guaranteed only at the network element (NE) level but not at the network level. An NE can detect conflicting MAC addresses but cannot differentiate an authorized user from an unauthorized user.

VMAC comes up as an ideal solution. VMAC enables the operator to replace the MAC addresses of devices with pre-defined (controllable) MAC addresses. Adopting VMAC enhances the Layer 2 forwarding model in two aspects: l Security: Replacing the MAC addresses of devices with operator-defined MAC addresses ensures the uniqueness of MAC addresses in an entire network. This in turn avoids the problems arising from MAC address conflict. l Measurability: By ensuring the uniqueness of the MAC addresses in an entire network, the operator can connect multiple DSLAMs and edge routers by using the same VLAN. In this way, the operator can expand the number of devices sharing the same subnet and thus improve the allocation efficiency of the IP address pool. In addition, since N:1 VMAC allows multiple user MAC addresses to be replaced by one virtual MAC address, this also solved the problem of insufficient MAC address entries on the carriers' upper-layer aggregation devices.

Benefit
Benefits to carriers
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 168

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

Security is enhanced. Users with untrusted MAC addresses are denied the access to carriers' networks; instead, users access the networks with the trusted virtual MAC addresses allocated by carriers' equipment. MAC address space is saved. In an Layer 2 network with a large number of users, the MAC address space of the equipment usually bottlenecks the network. The N:1 VMAC feature greatly saves the MAC address space.

Benefits to users This feature prevents MAC address conflicts and protects users from MAC address spoofing.

9.4.2 Specifications
The specifications of the N:1 VMAC feature are as follows: l l l l Supports N:1 VMAC in PPPoE access. Supports up to 1K PPPoE users. Supports N:1 VMAC in PPPoA access. Supports up to 1K PPPoA users. Supports the global-level VMAC switch; Supports the VLAN-level PPPoE and PPPoA N: 1 VMAC feature. The QinQ private line service does not support the N:1 VMAC function.

9.4.3 Availability
License Support
N:1 VMAC is a basic feature of the MA5600T/MA5603T. Therefore, the corresponding service is provided without a license.

Version Support
Table 9-8 lists the versions that support the N:1 VMAC feature. Table 9-8 Base version required for the N:1 VMAC feature Product MA5600T/MA5603T Version V800R006C02 and later versions

Feature Dependency
PPPoE N:1 VMAC and anti-MAC spoofing are mutually exclusive. When the two features are enabled at the same time, only PPPoE N:1 VMAC takes effect.

Hardware Support
Boards supporting N:1 VMAC: all xDSL boards, GPON boards, the OPFA board, and OPGD board.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

169

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

9.4.4 Principle
N:1 VMAC in PPPoE Access
The user source MAC address exists not only in the MAC header but also in the data field. The MA5600T/MA5603T replaces the Ethernet source MAC address in both the header and the data field of the Ethernet frame. Figure 9-3 Working process of N:1 VMAC
User MAC U1 MAC U1 MAC B MAC B MAC U1 MAC Un MAC B MAC B MAC Un MAC Un MAC address conversion MAC U1 BRAS

MAC V

MAC V MAC B MAC B MAC V

MAC Un MAC U1

MAC B

Figure 9-3 shows the working process of the N:1 VMAC supported in PPPoE. The detailed conversion process is as follows: l In the upstream direction: The MA5600T/MA5603T replaces all the received user MAC addresses (MAC U1MAC Un) of the same board with the MAC address (MAC V) of this board. For the PON port protect group in xPON: 1. 2. Configure a MAC address pool used for N:1 VMAC. The system automatically allocates an idle MAC address from the MAC address pool to the user MAC addresses received. Each PON port protect group uses the same MAC address. The system replaces the user MAC addresses (MAC U1-MAC Un) with the allocated MAC address (MAC V).

MAC Un Destination MAC address Source MAC address Remaining fields in the packet

MAC V

3. l

In the downstream direction: The system forwards PPPoE packets according to the PPPoE session ID, and replaces the MAC address (MAC V) of the board with the user MAC addresses (MAC U1-MAC Un). For the PON port protect group in xPON: According to the MAC address mapping entry, the system replaces the user MAC addresses (MAC U1-MAC Un) with the allocated VMAC (MAC V).

The conversion principle of VMAC also applies to the ARP protocol. The MAC address in the packet payload also needs to be replaced with a VMAC.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

170

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

N:1 VMAC in PPPoA Access


Figure 9-4 Working process of N:1 VMAC in PPPoA
PPPoA packet DATA PPP AAL ATM PVC Add VMAC DATA DATA IP PPP PPPoE IPoE Ethernet BRAS

PPPoA terminal

Connected to the same board PPPoA terminal DATA PPP AAL ATM PVC PPPoA packet

MAC V1 MAC B MAC V1 MAC B MAC V1 DATA DATA DATA IP PPP PPPoE IPoE Ethernet

MAC B

Delete VMAC

Destination MAC address Source MAC address Remaining fields in the packet

Figure 9-4 shows the working process of the N:1 VMAC supported in PPPoA access. The detailed conversion process is as follows: l In the upstream direction: The MA5600T/MA5603T allocates a MAC address to each board according to the N:1 MAC address allocation rules. After receiving PPPoA packets, the system replaces the source MAC addresses of all PPPoA sessions of the same board with the MAC address (MAC V1) of the board. Then, the system forwards the PPPoA packets according to the normal forwarding process. l In the downstream direction: All PPPoA sessions of the same board adopt the MAC address (MAC V1) of the board as the destination MAC address, and PPPoA packets are forwarded according to the session ID.

N:1 VMAC Conversion Not Applicable to Multicast and Broadcast Packets


N:1 VMAC is used to replace only the MAC addresses in the unicast packets received by the MA5600T/MA5603T and the legal user MAC addresses, and is not used to replace the other legal MAC addresses (such as in multicast and broadcast packets).

N:1 VMAC Allocation Rules


The MA5600T/MA5603T allocates a MAC address to each board according to to certain allocation rules. The MAC addresses corresponding to the N:1 VMAC of the same board all refer to the MAC address of the board. Table 9-9 shows the rules for generating the N:1 VMAC. Table 9-9 Rules for generating the N:1 VMAC Slot Slot < Control board slot Generation Formula Board MAC address = System bridge MAC address + 8 + Slot ID
171

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

Slot Slot > Control board slot

Generation Formula Board MAC address = System bridge MAC address + 8 + Slot ID - 2

9.5 VLAN Management


This topic provides the definition, specifications, reference standards and protocols, availability, and principle of the VLAN management feature.

9.5.1 VLAN Overview


Definition
Virtual local area network (VLAN) is a technology used for logically grouping devices in the same LAN into different subnets in order to form virtual workgroups. VLAN is a basic technology that is widely applied to various access modes and services, such as multicast, triple play, wholesale, and private line services. The IEEE issued the 802.1q protocol for standardizing VLAN implementations in 1998, and revised the draft in 2003 and 2005. The IEEE issued the 802.1ad protocol for standardizing VLAN implementations in 2005.

Purpose
The VLAN management feature facilitates carriers' service planning. l The standard VLAN is primarily used for subtending. The MA5600T/MA5603T supports the Ethernet subtending networking. Several access devices at different levels can be subtended through the GE/FE ports, which can expand the network coverage and address the requirements for large access capacity. The smart VLAN is primarily used for saving the VLAN resources of the system or isolating users. The QinQ VLAN is primarily used for transparently transmitting private network VLAN tags to implement the Layer 2 VPN application. The stacking VLAN can identify users and services. In some scenarios, certain BRASs need to authenticate two VLAN tags. Therefore, the packets that are transmitted to the upstream BRAS must carry two VLAN tags. In this case, it is required that the device supports the stacking VLAN.

l l l

Packet Format
To learn more about VLAN processing, see the differences between untagged, 802.1q, and QinQ packet formats, as shown in Figure 9-5.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

172

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

Figure 9-5 Differences between untagged, 802.1q, and QinQ packet formats
Untagged Dest Addr 6 Dest Addr 6 Dest Addr 6 Src Addr 6 Src Addr 6 Src Addr 6 Length Type 2 Data 0-1500 Bytes FCS 4 Length Type 2 Data 0-1500 Bytes

802.1Q Encapsulation EType 2 Tag 2 FCS 4 Length Type 2 Data 0-1500 Bytes

Q-in-Q Encapsulation EType 2 Tag 2 EType 2 Tag 2 FCS 4

0x8100

Priority

CFI

VLAN ID

9.5.2 Specifications
The specifications of the VLAN management feature are as follows: l l l l l l Smart VLAN, MUX VLAN, and standard VLAN 4K VLANs for the MA5600T/MA5603T. The VLAN ID ranges from 2 to 4093. VLAN planning based on the port QinQ VLAN and VLAN stacking Configuration and query of the start reserved VLAN. The consecutive 15 VLANs starting from the start reserved VLAN and VLAN 4094 are the reserved VLANs. In a VLAN profile, the following parameters can be set: anti-MAC spoofing; anti-IP spoofing, BPDU transparent transmission, RIP transparent transmission, VTP-CDP transparent transmission, DHCP option 82, PITP, the mode of forwarding packets, and the policy of forwarding packets. 256 VLAN profiles for the MA5600T/MA5603T.

9.5.3 Reference Standards and Protocols


The following lists the reference standards and protocols of this feature: l l l IEEE 802.1q: IEEE standards for Local and metropolitan area networks-Virtual Bridged Local Area Networks IEEE P802.1ad: Virtual Bridged Local Area Networks Amendment 4: Provider Bridges RFC3069: VLAN Aggregation for Efficient IP Address Allocation

9.5.4 Availability
Related NEs
This feature is a basic feature of the MA5600T/MA5603T and is not related to any other NE.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 173

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

License Support
The attribute of a VLAN can be changed to stacking only when the VLAN stacking authority status is Permit.

Version Support
Table 9-10 Version Support Product MA5600T/ MA5603T Version V800R007C00 and later

Feature Dependency
l QinQ VLAN A QinQ VLAN does not support the creation of a BTV user. A QinQ VLAN does not support VLAN interface. A QinQ VLAN does not support Anti IP spoofing. A QinQ VLAN does not support Anti MAC spoofing. A QinQ VLAN does not support SMAC. A QinQ VLAN does not support VMAC. A QinQ VLAN will cause packets without independent switch control to be transparently transmitted. l VLAN profile When a VLAN profile is bound to a QinQ VLAN, both the anti IP spoofing and anti MAC spoofing functions are unavailable. In a VLAN profile, the SVLAN+CVLAN forwarding and anti MAC spoofing functions cannot be enabled at the same time. When a VLAN profile is bound to a VLAN, the BPDU transparent transmission can be enabled only when the VLAN is a QinQ VLAN. When a VLAN profile is bound to a VLAN, the mode of forwarding packets cannot be set to the SVLAN+CVLAN forwarding mode when the VLAN is a common VLAN.

9.5.5 Types of VLAN


Four Types of VLAN
l Standard VLAN A standard VLAN is a VLAN that contains multiple interconnected standard Ethernet ports. All the ports in a standard VLAN are logically equal. The Ethernet ports in a standard VLAN can communicate with each other. An Ethernet port in a standard VLAN is isolated from an Ethernet port in another standard VLAN. l Smart VLAN A smart VLAN is a VLAN that contains upstream ports and service ports.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 174

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

A smart VLAN can serve multiple access users, thus saving VLAN resources. A smart VLAN can contain multiple upstream ports and multiple service ports. The service ports in a smart VLAN are isolated from each other. l MUX VLAN A MUX VLAN is a VLAN that contains upstream ports and one service port. One MUX VLAN can contain multiple upstream ports but only one service port. A service port in a MUX VLAN is isolated from a service port in another MUX VLAN. One-to-one mapping can be set up between a MUX VLAN and an access user. Therefore, a MUX VLAN can uniquely identify an access user. l Super VLAN The concept of super VLAN is proposed to save IP address resources, and it is an Layer 3-based VLAN. A super VLAN is formed by aggregating multiple sub VLANs. Through the Layer 3 interface of the super VLAN, services of different sub VLANs can be forwarded at Layer 3. In this way, the usage efficiency of IP addresses is improved. A sub VLAN can be a smart VLAN or MUX VLAN but cannot be a QinQ VLAN or stacking VLAN. Different sub VLANs in a super VLAN are isolated at Layer 2, but they can communicate with each other through the Address Resolution Protocol (ARP) proxy.

Limitation of VLAN
l Standard VLAN If a VLAN contains an upstream port, delete the upstream port before deleting the VLAN. If a VLAN contains an Layer 3 interface, delete the interface before deleting the VLAN. l Smart VLAN If an Layer 3 interface has been created for a VLAN, delete the Layer 3 interface before deleting the VLAN. If a VLAN already contains an upstream port, delete the upstream port before deleting the VLAN. If a service port has been created for a VLAN, delete the service port before deleting the VLAN. The smart VLAN is a special type of VLAN. Besides the characteristics of the standard VLAN, the smart VLAN has the following characteristics: In a smart VLAN, the ports are of unequal status, that is, the ports in a smart VLAN are divided into upstream ports and service ports. The service ports in a smart VLAN are isolated from each other. The upstream ports in a smart VLAN can communicate with each other. A service port and upstream port in a smart VLAN can communicate with each other. The broadcast domain of each port in a standard VLAN covers all the ports in the VLAN. The broadcast domain of the upstream port in a smart VLAN covers all the ports in the VLAN. The broadcast domain of the service port, however, covers only the upstream ports in the VLAN. l
Issue 01 (2011-10-30)

MUX VLAN
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 175

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

If an Layer 3 interface has been created for a VLAN, delete the Layer 3 interface before deleting the VLAN. If a VLAN contains an upstream port, delete the upstream port before deleting the VLAN. If a service port has been created for a VLAN, delete the service port before deleting the VLAN.

9.5.6 VLAN Attribute


QinQ VLAN
Figure 9-6 shows QinQ VLAN service processing. Figure 9-6 QinQ VLAN service processing

VLAN 3 VLAN 2

L2/L3

L2/L3

Access Node

VLAN 3

VLAN 1

Access Node Modem VLAN 2

Modem VLAN 2 L2 VLAN 1 L2

User 1

User 3

User 4

User 2

Service flow of User 3 and User 4 Service flow of User 1 and User 2

The access node can implement communication between the users in one private network (VLAN 1 or VLAN 2) that is located in different regions through a QinQ VLAN. The service packets of the users are processed as follows: 1. 2. 3. 4. The PC user transmits untagged packets in the upstream direction. The Layer 2 LAN switch adds the private network VLAN tag (VLAN 1 or VLAN 2) to the packets of the PC user and transmits them to the access node in the upstream direction. The access node adds the public network VLAN tag (VLAN 3) to the packets and transmits them to the upper-layer network. The upper-layer network device transmits the packets according to the public network VLAN tag (VLAN 3).
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 176

Issue 01 (2011-10-30)

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

5. 6.

The peer access node removes the public network VLAN tag (VLAN 3) after receiving the packets, and transmits them to the LAN switch on the same side. The LAN switch identifies and removes the private network VLAN tag (VLAN 1 or VLAN 2), and forwards the untagged packets to the users in the private network VLAN.

As described in the preceding section, communication between user 1 and user 2 in VLAN 2 or communication between user 3 and user 4 in VLAN 1 is implemented through the QinQ VLAN.

VLAN Stacking
If VLAN stacking is used for increasing the VLAN quantity or identifying users, the cooperation of the BRAS is required. If VLAN stacking is used for providing the private line wholesale service, the upper-layer network must work in the Layer 2 mode and packets are forwarded according to VLAN+MAC directly. Figure 9-7 VLAN stacking service processing

ISP 1 MAN SP VLAN 1 C VLAN 1 L2/L3 SP VLAN 1 C VLAN 2 SP VLAN 2 SP VLAN 2

ISP 2

C VLAN 1 C VLAN 2

Modem

Access Node

Modem

Enterprise A

Enterprise B

Enterprise A User 1 to ISP1 Enterprise A User 2 to ISP1 Enterprise B User 1 to ISP2 Enterprise B User 2 to ISP2

The users of enterprise A are connected to ISP 1 through the access node by using a stacking VLAN and the users of enterprise B are connected to ISP 2 through the access node by using another stacking VLAN. The service packets of the users are processed as follows: 1. 2. The user transmits untagged packets in the upstream direction. The packets then reach the access node through the modem. The access node adds two VLAN tags to the untagged user packets. The users belonging to different ISPs map different outer SP VLANs.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 177

Issue 01 (2011-10-30)

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

l The outer VLAN tag that is added to the user packets of enterprise A is SP VLAN 1 and the inner VLAN tag is the tag of the corresponding customer VLAN. l The outer VLAN tag that is added to the user packets of enterprise B is SP VLAN 2 and the inner VLAN tag is the tag of the corresponding customer VLAN. 3. 4. The exchange MAN device forwards packets to different ISPs according to the SP VLAN. After receiving the user packets, ISP 1 and ISP 2 remove the outer SP VLAN tag, and differentiate users according to inner customer VLAN tags.

Common VLAN
Common is the default attribute of a VLAN. A common VLAN does not contain the attribute of QinQ or stacking. A common VLAN can serve as a common Layer 2 VLAN or be used to create an Layer 3 interface for Layer 3 forwarding.

9.5.7 VLAN Processing


VLAN 802.1p Priority
When transmitting protocol packets through the CPU, the device fills the VLAN 802.1p priority in the packets. After receiving the packets, the peer device processes the packets according to their 802.1p priority. The packets of a higher priority are processed with precedence.

VLAN Configuration of a Port


In this context, VLANs are formed based on the ports on a network device. That is, different ports belong to different VLANs. To transmit user packets carrying a VLAN tag through an upstream port, the upstream port must be added to the VLAN first. After the upstream port is added to the VLAN, packets carrying this VLAN tag can be transmitted upstream through the port. A port can be added to multiple VLANs, and a VLAN can contain multiple ports.

Native VLAN of a Port


A native VLAN can be configured on an Ethernet port to determine whether a packet transmitted upstream through this port carries a VLAN tag. After the native VLAN of the Ethernet port is configured successfully, l l l If the VLAN ID of the Ethernet port is the same as its native VLAN ID, the packet transmitted upstream through the Ethernet port does not carry any VLAN tag (untagged). If the VLAN ID of the Ethernet port is different from its native VLAN ID, the packet transmitted upstream through the Ethernet port carries the VLAN tag. When receiving an untagged packet, the Ethernet port attaches the native VLAN tag to the packet before transmitting it.

Ethernet Protocol Types of the Inner and Outer VLAN Tags


The inner and outer VLAN tags of a packet do not adopt the standard 802.1q protocol. Therefore, for successful interoperation between Huawei devices and other vendors' devices, the Ethernet protocol types of the inner and outer VLAN tags on the interoperating devices must be the same. After the inner and outer Ethernet protocol types supported by VLAN stacking are set successfully, the inner and outer Ethernet protocol types of the packets captured by the upperlayer device should be the same as the preset Ethernet protocol types.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 178

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

Ethernet Protocol Type of the Outer VLAN Tag of a Specified Port


Currently, only the H801SPUA board supports this feature. In practice, a port may be leased to a content provider (CP) to implement the wholesale service. In this case, the Ethernet protocol type of the outer VLAN tag of the packets transmitted from the port needs to be configured the same as that of the peer device, so as to meet the network requirements of the CP. The outer Ethernet protocol type of a port can be configured to 802.1q or 802.1ad. The value of 802.1q is invariably 0x8100; the value of 802.1ad is configurable but cannot be a value that has been adopted by other standard protocols. The default outer Ethernet protocol type of a port is 802.1q, which takes effect on all traffic streams on the port. 802.1ad takes effect only on the two-tagged switch-oriented and connection-oriented traffic streams on the port.

VLAN Service Profile


A VLAN service profile can be used to implement VLAN-level control on features such as VLAN forwarding mode, VLAN-based transparent transmission of BPDUs, SVLAN+CVLAN forwarding, and MAC address learning of the control board. These features also have their own configuration control switches. According to the principle of controlling services based on VLAN, when a VLAN is bound to a VLAN service profile, a feature is controlled by the VLANlevel control switch configured in the VLAN service profile; when a VLAN is not bound to a VLAN service profile, a feature is controlled by its own configuration control switch.

9.5.8 VLAN Aggregation


The super VLAN is an Layer-3-based VLAN. A super VLAN can contain multiple sub VLANs. Through ARP proxy, sub VLANs in a super VLAN can communicate at Layer 3. VLAN aggregation can implement Layer 3 interoperation and save IP addresses. A super VLAN needs to be configured with sub VLANs. A sub VLAN can be added to a specified super VLAN. A sub VLAN can be either a smart VLAN or MUX VLAN only and its attribute must be common. Figure 9-8 illustrates VLAN aggregation. When a super VLAN is used to aggregate multiple VLANs, ports in these VLANs can communicate with each other. If these VLANs are not aggregated, ports in these VLANs cannot communicate with each other. Figure 9-8 VLAN aggregation

Super VLAN 1
Su VL b AN 1
b Su N A L V 2

VLAN1

VLAN2

PC A

PC B

PC A

PC C

PC B

PC D

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

179

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

9.5.9 Special Applications of VLANs


Reserved VLANs
The range of reserved VLANs in the system is configurable. After reserved VLANs are changed, the range of reserved VLANs is also changed. Currently, only consecutive reserved VLANs (for example, VLANs 3-18) are supported, and discontinuous reserved VLANs (for example, VLANs 3, 10, and 100) are not supported. The configuration of reserved VLANs takes effect only after the corresponding data is saved and the device is restarted. After reserved VLANs are changed, the system does not allow other services to use the VLANs that are taking effect currently or will take effect after system restarting. If the start reserved VLAN is not configured, the system uses VLAN 4079 as the start reserved VLAN and the 15 VLANs starting from VLAN 4079 as reserved VLANs by default. That is, reserved VLANs are VLANs 4079-4093. The configurable range of the start reserved VLAN is VLANs 2-4079. After the user configures a start reserved VLAN within this range, the system automatically uses the 15 VLANs starting from the configured VLAN as reserved VLANs. VLANs 4094 and 4095 are fixedly reserved, and VLAN 1 is the native VLAN. Therefore, these three VLANs cannot be configured as reserved VLANs.

VLAN-based Traffic Statistics Collection


Traffic statistics of a specified VLAN can be collected so that a user can learn about the network traffic condition. Currently, VLAN-based traffic statistics can be collected in two modes: service-board-based mode and ACL-based mode. l In the service-board-based mode, traffic statistics collection can be performed on the service ports in the VLAN or all VLANs in the system but cannot be performed on the standard ports in the VLAN. In the ACL-based mode, traffic statistics collection can be performed on the service ports and standard ports in the VLAN but can be performed on only a maximum of 64 VLANs concurrently.

9.6 VLAN Switching Policy


This topic provides the definition, specifications, availability, and principle of the VLAN switching policy.

9.6.1 Introduction
Definition
VLAN switching refers to switching from the user-side VLAN to the network-side VLAN.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

180

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

Purpose
VLAN planning is a composition of network planning. Users or services are identified by VLANs in flexible manners. Flexible VLAN switching policies facilitate the network planning of carriers.

9.6.2 Specifications
The MA5600T/MA5603T supports the following specifications of the VLAN switching feature: l l l l l l l l Adding the S-VLAN tag to user untagged packets Adding the S-VLAN tag+C-VLAN tag to user untagged packets Switching one VLAN tag 1:1 or N:1 VLAN switching for the user packets carrying a VLAN tag Switching C-VLAN tag to S-VLAN tag+C-VLAN tag Switching C-VLAN tag to port ID+S-VLAN tag+C-VLAN tag Switching dual VLAN tags (switching S-VLAN tag+C-VLAN tag to S-VLAN' tag+CVLAN' tag) Transparent transmission of a VLAN tag

9.6.3 Availability
License Support
No license is required to access the corresponding service.

Version Support
Table 9-11 Version Support Product MA5600T/ MA5603T Version V800R007C00 and later

Miscellaneous
Transparent transmission traffic streams must not carry the ID of the VLAN that contains the upstream port of the device.
NOTE

Transparent service-ports refer to the service-ports whose type is specified as transparent during creation. Protocol packets can be transparently transmitted through transparent service-ports.

9.6.4 VLAN Tag Transforming of Traffic Streams


Overview of VLAN Tag Transforming
After traffic classification is performed on packets, the VLAN tags of the packets need to be transformed. For details, see Figure 9-9.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 181

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

Figure 9-9 VLAN tag transforming of traffic streams


Message Add Transparent Translate

If a packet matches a traffic rule, the device adds a VLAN tag to the packet or switches the VLAN tag of the packet according to the rule. If the packet does not match any traffic rule, the packet is dropped. Table 9-12 provides more details on VLAN tag transforming. Table 9-12 VLAN tag transforming modes VLAN Tag Transforming Mode Add Description Adds an SVLAN tag to the traffic stream transmitted from the user side to upstream. It is applicable to: l QinQ VLAN: implemented by default. l Common VLAN: implemented on single service. l Common VLAN: implemented on traffic streams classified by EtherType. l Common VLAN: implemented on untagged traffic streams. l Other all traffic streams (Any traffic stream classified by CVLAN). l VLAN range traffic streams.

Traffic Classification

VLAN Switching

Translate and Add Add Double Translate Double Translate and Remove Remove Remove Double QoS Handling Sending

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

182

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

VLAN Tag Transforming Mode Transparent

Description Directly uses the CVLAN tag carried in the traffic stream as the SVLAN tag for upstream transmission. In this case, the SVLAN ID of the traffic stream must be the same as the CVLAN ID. It is applicable to: l Traffic streams created on subtending GEM ports. l Traffic streams tagged as QinQ and specified to be processed in the transparent mode.

Translate

Translates the CVLAN tag of the traffic stream into the SVLAN tag. It is applicable to: l Traffic streams tagged with a specified CVLAN, VLAN+802.1p priority, or VLAN+EtherType, and with the common SVLAN attribute. The CVLAN ranges from 1 to 4095 or is 0 (priority-tagged). l Traffic streams tagged as QinQ and specified to be processed in the translate mode.

TranslateAndAdd

Translates the CVLAN tag of the traffic stream and adds an SVLAN tag to the traffic stream. That is, the traffic stream goes upstream carrying two VLAN tags (SVLAN +CVLAN'). It is applicable to: l Traffic streams tagged with a specified CVLAN, VLAN+802.1p priority, or VLAN+EtherType, and with the stacking SVLAN attribute. The CVLAN ranges from 1 to 4095 or is 0 (priority-tagged). l Traffic streams tagged as QinQ and specified to be processed in the TranslateAndAdd mode.

AddDouble

Adds two VLAN tags (SVLAN+CVLAN) to the traffic stream for upstream transmission. It is applicable to: l Single-service traffic streams or traffic streams classified by EtherType, with the stacking SVLAN attribute. l Untagged traffic streams with the stacking SVLAN attribute; traffic streams tagged as QinQ and specified to be processed in the AddDouble mode.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

183

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

VLAN Tag Transforming Mode TranslateDouble

Description Translates the two VLAN tags of the traffic stream, that is, translates SVLAN+CVLAN to SVLAN'+CVLAN'. It is applicable to: l Traffic streams classified by SVLAN +CVLAN, with the stacking SVLAN attribute. l Traffic streams classified by SVLAN +CVLAN, with the QinQ SVLAN attribute and specified to be processed in the TranslateDouble mode.
NOTE Currently only the SPUA and OPGD boards support TranslateDouble.

TranslateAndRemove

Translates the SVLAN tag and removes the CVLAN tag of the traffic stream, that is, transforms SVLAN+CVLAN to SVLAN'. It is applicable to: l Traffic streams classified by SVLAN +CVLAN, with the common SVLAN attribute. l Traffic streams classified by SVLAN +CVLAN, with the QinQ SVLAN attribute. For this type of traffic stream, TranslateAndRemove is performed by default.
NOTE Currently only the SPUA and OPGD boards support TranslateAndRemove.

Remove

A unique VLAN tag transforming mode for the connection-oriented traffic stream. In this mode, the traffic stream carries one VLAN tag when arriving from the destination end, and has its VLAN tag removed when transmitted from the source end. Hence, the traffic stream is finally untagged. A unique VLAN tag transforming mode for the connection-oriented traffic stream. In this mode, the traffic stream carries two VLAN tags (SVLAN+CVLAN) when arriving from the destination end, and has its VLAN tags removed when transmitted from the source end. Hence, the traffic stream is finally untagged.

RemoveDouble

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

184

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

Setting VLAN Tag Transforming Mode


During the creation of a traffic stream, the VLAN tag transforming mode can be set. If a mode is not specified, the system automatically determines the VLAN tag transforming mode according to the VLAN type, traffic classification type, and traffic classification parameters. Traffic streams tagged as QinQ (generally for the service of commercial users) can be configured with different VLAN tag transforming modes. Traffic streams with the common or stacking VLAN attribute support only fixed VLAN tag transforming modes; if a mode is to be specified, it must be the same as the value calculated by the system. Assuming the SVLAN attribute is QinQ, Table 9-13 lists the default and configurable VLAN tag transforming modes of switch-oriented traffic streams and the tag processing policies for upstream packets. Table 9-13 VLAN tag transforming mode (1) Traffic Classification Type Single service Traffic Classification Parameter None (Any) Default Transforming Mode Add Configurable Transforming Mode Add AddDouble By EtherType PPPoE Add Add AddDouble IPoE Add Add AddDouble By VLAN C-VLAN: 1-4095 Add Add AddDouble Transparent Translate TranslateAndA dd priority-tagged Add Add Tag Processing Policies Any -> S-tag +Any Any -> S-tag +C-tag+Any Any -> S-tag +Any Any -> S-tag +C-tag+Any Any -> S-tag +Any Any -> S-tag +C-tag+Any C-tag -> S-tag +C-tag C-tag -> S-tag +C'-tag+C-tag C-tag -> S-tag (C-tag = S-tag) C-tag -> S-tag C-tag -> S-tag +C'-tag pri-tag -> S-tag +pri-tag

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

185

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

Traffic Classification Type

Traffic Classification Parameter

Default Transforming Mode

Configurable Transforming Mode AddDouble Translate TranslateAndA dd

Tag Processing Policies pri-tag -> S-tag +C-tag+pri-tag pri-tag -> S-tag pri-tag -> S-tag +C'-tag untag -> S-tag untag -> S-tag +C-tag Any -> S-Tag +Any Any -> S-tag +C-tag+Any C-VLAN range -> S-tag+CVLAN range C-tag -> S-tag +C-tag C-tag -> S-tag +C'-tag+C-tag C-tag -> S-tag (C-tag = S-tag) C-tag -> S-tag C-tag -> S-tag +C'-tag pri-tag -> S-tag +pri-tag pri-tag -> S-tag +C-tag+pri-tag pri-tag -> S-tag pri-tag -> S-tag +C'-tag C-tag -> S-tag +C-tag C-Tag -> S-tag +C'-tag+C-tag

untagged

Add

Add AddDouble

other-all (any other)

Add

Add AddDouble

VLAN range

Add

Add

By VLAN VLAN: 1-4095 +802.1p priority P-bits: 0-7

Add

Add AddDouble Transparent Translate TranslateAndA dd

VLAN: priority-tagged P-bits: 0-7

Add

Add AddDouble Translate TranslateAndA dd

By VLAN +EtherType

VLAN: 1-4095 EtherType: PPPoE/IPoE

Add

Add AddDouble

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

186

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

Traffic Classification Type

Traffic Classification Parameter

Default Transforming Mode

Configurable Transforming Mode Transparent Translate TranslateAndA dd

Tag Processing Policies C-tag -> S-tag (C-tag = S-tag) C-tag -> S-tag C-tag -> S-tag +C'-tag pri-tag -> S-tag +pri-tag pri-tag -> S-tag +C-tag+pri-tag pri-tag -> S-tag pri-tag -> S-tag +C'-tag untag -> S-tag untag -> S-tag +C-tag S-tag+C-tag -> S'-tag+C'-tag S-tag+C-tag -> S'-tag

VLAN: priority-tagged EtherType: PPPoE/IPoE

Add

Add AddDouble Translate TranslateAndA dd

VLAN: untagged EtherType: PPPoE/IPoE By dual-VLAN Outer VLAN: 1-4095 Inner VLAN: 1-4095

Add

Add AddDouble

TranslateAndR emove

TranslateDoubl e TranslateAndR emove

Assuming the SVLAN attribute is common, Table 9-14 lists the default and configurable VLAN tag transforming modes of switch-oriented traffic streams and the tag processing policies for upstream packets. Table 9-14 VLAN tag transforming mode (2) Traffic Classification Type Single service Traffic Classificati on Parameter None (Any) Default Transforming Mode Add Configurable Transforming Mode Add Tag Processing Policies

untag -> S-tag pri-tag -> S-tag

By EtherType

PPPoE

Add

Add

untag -> S-tag pri-tag -> S-tag

IPoE

Add

Add

untag -> S-tag pri-tag -> S-tag

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

187

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

Traffic Classification Type By VLAN

Traffic Classificati on Parameter C-VLAN: 1-4095

Default Transforming Mode Transparent

Configurable Transforming Mode Transparent

Tag Processing Policies

C-tag -> S-tag (C-tag = S-tag, GEM port subtending) C-tag -> S-tag pri-tag -> S-tag untag -> S-tag N/A N/A C-tag -> S-tag (C-tag = S-tag, GEM port subtending) C-tag -> S-tag pri-tag -> S-tag

Translate prioritytagged untagged other-all (any other) VLAN range By VLAN +802.1p priority VLAN: 1-4095 P-bits: 0-7 Translate VLAN: prioritytagged P-bits: 0-7 By VLAN +EtherType VLAN: 1-4095 EtherType: PPPoE/IPoE Transparent Translate Translate Add N/A N/A Transparent

Translate Translate Add N/A N/A Transparent

Translate Translate

Transparent

C-tag -> S-tag (C-tag = S-tag, GEM port subtending) C-tag -> S-tag pri-tag -> S-tag

Translate VLAN: prioritytagged EtherType: PPPoE/IPoE VLAN: untagged EtherType: PPPoE/IPoE Add Translate

Translate Translate

Add

untag -> S-tag

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

188

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

Traffic Classification Type By dual-VLAN

Traffic Classificati on Parameter Outer VLAN: 1-4095 Inner VLAN: 1-4095

Default Transforming Mode TranslateAndRemove

Configurable Transforming Mode TranslateAndRemove

Tag Processing Policies

S-tag+C-tag -> S'-tag

Assuming the SVLAN attribute is stacking, Table 9-15 lists the default and configurable VLAN tag transforming modes of switch-oriented traffic streams and the tag processing policies for upstream packets. Table 9-15 VLAN tag transforming mode (3) Traffic Classification Type Single service Traffic Classificati on Parameter None (Any) Default Transforming Mode AddDouble Configurable Transforming Mode AddDouble Tag Processing Policies

untag -> S-tag +C-tag pri-tag -> S-tag +C-tag C-tag -> S-tag C'tag+C-tag

By EtherType

PPPoE

AddDouble

AddDouble

untag -> S-tag +C-tag pri-tag -> S-tag +C-tag C-tag -> S-tag +C'-tag+C-tag

IPoE

AddDouble

AddDouble

untag -> S-tag +C-tag pri-tag -> S-tag +C-tag C-tag -> S-tag +C'-tag+C-tag

By VLAN

C-VLAN: 1-4095

Transparent

Transparent

C-tag -> S-tag (C-tag = S-tag, GEM port subtending)

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

189

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

Traffic Classification Type

Traffic Classificati on Parameter

Default Transforming Mode TranslateAndAd d

Configurable Transforming Mode TranslateAndAd d TranslateAndAd d AddDouble N/A Add

Tag Processing Policies

C-tag -> S-tag +C'-tag pri-tag -> S-tag +C'-tag untag -> S-tag +C-tag N/A C-VLAN range > S-tag+CVLAN range C-tag -> S-tag (C-tag = S-tag, GEM port subtending) C-tag -> S-tag C'tag pri-tag -> S-tag +C'-tag

prioritytagged untagged other-all (any other) VLAN range

TranslateAndAd d AddDouble N/A Add

By VLAN VLAN: +802.1p priority 1-4095 P-bits: 0-7

Transparent

Transparent

TranslateAndAd d VLAN: prioritytagged P-bits: 0-7 By VLAN +EtherType VLAN: 1-4095 EtherType: PPPoE/IPoE Transparent TranslateAndAd d

TranslateAndAd d TranslateAndAd d

Transparent

C-tag -> S-tag (C-tag = S-tag, GEM port subtending) C-tag -> S-tag +C'-tag pri-tag -> S-tag +C'-tag

TranslateAndAd d VLAN: prioritytagged EtherType: PPPoE/IPoE VLAN: untagged EtherType: PPPoE/IPoE AddDouble TranslateAndAd d

TranslateAndAd d TranslateAndAd d

AddDouble

untag -> S-tag +C-tag

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

190

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

Traffic Classification Type By dual-VLAN

Traffic Classificati on Parameter Outer VLAN: 1-4095 Inner VLAN: 1-4095

Default Transforming Mode TranslateDouble

Configurable Transforming Mode TranslateDouble

Tag Processing Policies

S-tag+C-tag -> S'-tag+C'-tag

VLAN Tag Transforming and Packet Forwarding


During VLAN tag transforming of traffic streams, the SVLAN and the CVLAN must be specific. Generally, SVLAN is a service VLAN or a network-side VLAN, and CVLAN is a customerside VLAN. Before a switch-oriented traffic stream is created, the SVLAN to be bound to the traffic stream must be created, and the attribute (common, QinQ or stacking) and forwarding mode (VLAN +MAC or SVLAN+CVLAN) of the SVLAN must also be configured. The type of the SVLAN specified during the creation of a traffic stream must be smart or MUX. l For services of residential users: If the N:1 service is configured (traffic streams of multiple users are aggregated to the same SVLAN), the SVLAN must be a smart VLAN, with the common attribute and the VLAN+MAC forwarding mode. If the 1:1 service is configured and each traffic stream of each user uses two VLAN tags (SVLAN+CVLAN), the VLANs must be smart VLANs, with the stacking attribute and the SVLAN+CVLAN forwarding mode (recommended, or the default VLAN+MAC mode). If the 1:1 service is configured and each traffic stream of each user uses a single SVLAN, the VLAN must be a MUX VLAN, with the common attribute and the SVLAN +CVLAN forwarding mode (recommended, or the default VLAN+MAC mode). l For Layer 2 services of commercial users: If traffic streams of each commercial user use a single SVLAN with transparent transmission, the VLAN must be a MUX VLAN, with the QinQ attribute and the VLAN +MAC forwarding mode (or SVLAN+CVLAN). If traffic streams of multiple commercial users use the same SVLAN with transparent transmission, the VLAN must be a smart VLAN, with the QinQ attribute and the VLAN +MAC forwarding mode (or SVLAN+CVLAN).

Example:VLAN Tag Transforming


There is an example to illustrate VLAN Tag Transforming.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

191

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

Figure 9-10 Example of VLAN Tag Transforming


Access Node HSI CPE

VOD

STB

VoIP Traffic Classification translate and Add by VLAN + EtherType HSI VOD VoIP PPPoE IPoE PPPoE CVLAN=101 CVLAN=201 CVLAN=301 PPPoE IPoE PPPoE SVLAN=5 SVLAN=6 SVLAN=7 CVLAN=101 CVLAN=201 CVLAN=301

In Figure 9-10: l l l l Traffic Classification Type: By VLAN+EtherType. Traffic Classification Parameter:VLAN 101+PPPoE, VLAN 201+IPoE and VLAN 301 +PPPoE. Transforming Mode: translate and Add. Tag Processing Policies: 101(C-Tag) -> 5(S-Tag)+101(C'-Tag), 102(C-Tag) -> 6(S-Tag) +102(C'-Tag), 03(C-Tag) -> 7(S-Tag)+103(C'-Tag).

9.7 Forwarding Policy


This topic provides the definition, specifications, availability, and principle of the forwarding policy feature.

9.7.1 Introduction
Definition
On a Layer 2 device, a packet is generally forwarded based on the VLAN and MAC address information contained in the packet. That is, forwarding is based on the VLAN+MAC. The MA5600T/MA5603T supports forwarding packets based on the VLAN, that is, based on the SVLAN+CVLAN.

Purpose
Forwarding based on the SVLAN+CVLAN solves the problem that the Layer 2 forwarding of the MA5600T/MA5603T depends on the MAC address learning, and has the following advantages: 1. 2. Saving MAC addresses Preventing occurrence of unknown unicast packets caused by aging of dynamic MAC addresses. Broadcasting unknown unicast packets threatens the security of the device.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 192

Issue 01 (2011-10-30)

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

3.

Ensuring security by solving problems such as MAC spoofing and attack.

9.7.2 Specifications
The MA5600T/MA5603T supports the following specifications of the forwarding policy feature: l l l l l l Forwarding based on the outer VLAN+MAC Forwarding based on the SVLAN+CVLAN Forwarding based on the VLAN+COS Forwarding based on the VLAN+MAC+COS Forwarding based on port+SVLAN+CVLAN on the SPUA board Forwarding or dropping broadcast packets, unknown unicast packets, and unknown multicast packets based on the VLAN

9.7.3 Availability
License Support
No license is required to access the corresponding service.

Version Support
Table 9-16 Version support Product MA5600T/ MA5603T Version V800R007C00 and later

Hardware Support
All service boards support forwarding based on the SVLAN+CVLAN. For control boards, only the SCUN control board supports forwarding based on the SVLAN+CVLAN.

Miscellaneous
The possible impacts caused by the forwarding based on the SVLAN+CVLAN: l l l l l The VLAN must be the smart VLAN or MUX VLAN, and cannot be the standard VLAN. A MUX VLAN of any attribute (common, stacking and QinQ) supports forwarding based on the SVLAN+CVLAN. A smart VLAN of the common attribute does not support forwarding based on the SVLAN +CVLAN. In this case, the forwarding based on the VLAN+MAC is used. A smart VLAN of the stacking or QinQ attribute supports forwarding based on the SVLAN +CVLAN. The system does not support the broadcast suppression function only if the packets of a VLAN are forwarded based on the SVLAN+CVLAN.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 193

Issue 01 (2011-10-30)

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

l l

The system does not support the VMAC function only if the packets of a VLAN are forwarded based on the SVLAN+CVLAN. The traffic that is forwarded based on the SVLAN+CVLAN does not support the anti MAC spoofing function. The traffic that is forwarded based on the VLAN+MAC, however, supports this function. The traffic that is forwarded based on the SVLAN+CVLAN does not support the static MAC address function. The traffic that is forwarded based on the VLAN+MAC, however, supports this function. The SVLAN+CVLAN forwarding feature can be enabled for a VLAN. After this feature is enabled, the packet suppression function is disabled. The packet suppression function cannot be enabled even if there is traffic forwarded based on the VLAN+MAC in the system.

9.7.4 Principle
VLAN+MAC Forwarding
In general, the LAN switch forwards packets based on the VLAN+MAC. With the VLAN+MAC forwarding policy, the LAN switch automatically learns about the mapping among the VLAN, source MAC address, and incoming port when packets enter the LAN switch, and according to the VLAN and destination MAC address, searches for the corresponding outgoing port and transmits the packets through this port. In the VLAN+MAC forwarding mechanism, in the case of a broadcast MAC address or unicast MAC address, packets are broadcast in the VLAN. That is, packets are duplicated and transmitted to every port in the VLAN.

SVLAN+CVLAN Forwarding
The two-layer VLANs (SVLAN+CVLAN) is an extension of the VLAN. This expands the VLAN identification range. In addition, S and C generally have special meanings, for example, S identifies the service and C identifies the customer. Thus, each "SVLAN+CVLAN" uniquely identifies one type of service of one customer, and SVLAN+CVLAN forwarding can be implemented. SVLAN+CVLAN forwarding refers to the feature with which a unique outgoing port (or service virtual port) can be searched for according to the Layer 2 mapping relation composed of twolayer VLAN IDs (SVLAN+CVLAN IDs) to implement forwarding for the packets of a VLAN.
NOTE

Only one service virtual port can be established in a MUX VLAN. Therefore, a MUX VLAN with the common attribute can also support VLAN-based forwarding. A smart VLAN supports VLAN-based forwarding only when its attribute is QinQ or stacking.

The SVLAN+CVLAN forwarding entry needs not be learned dynamically. The system automatically creates the forwarding entry during establishment of the service virtual port. According to the forwarding entry, upstream packets are transmitted through the corresponding upstream port and downstream packets are transmitted through the corresponding service virtual port.

VLAN+MAC+CoS Forwarding
When the ONT or CPE accesses the MA5600T/MA5603T in the Layer 3 mode, one VLAN may be used to identify users and the 802.1p priority may be used to identify services in the upstream
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 194

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

direction, and after the MAC NAT function is enabled on the ONT or CPE, the MAC addresses carried in multiple types of services may be the same. To solve this problem, the MA5600T/ MA5603T needs to support the VLAN+MAC+CoS forwarding. The VLAN+MAC+CoS forwarding (service flow bundle) can be divided into two steps: Determine the unique user according to the VLAN+MAC. Find out the corresponding service flow according to the 802.1p priority. The MA5600T/MA5603T implements service flow bundle as follows: The MA5600T/ MA5603T sets up a service flow for each service of a user and transmits all services to the same SVLAN in the upstream direction. This SVLAN may be an N:1 VLAN, that is, the user may be in the same upstream VLAN as other users. In this case, set the VLAN+MAC forwarding mode for the SVLAN.

VLAN+CoS Forwarding and SVLAN+CVLAN+CoS Forwarding


When the ONT or CPE accesses the MA5600T/MA5603T in the Layer 3 mode, one VLAN may be used to identify users and 802.1p priority may be used to identify services in the upstream direction. In this case, the MA5600T/MA5603T needs to support the VLAN+CoS forwarding or SVLAN+CVLAN+CoS forwarding. The service flow bundle forwarding is the VLAN+CoS forwarding or SVLAN+CVLAN+CoS forwarding. The VLAN+CoS forwarding or SVLAN+CVLAN+CoS forwarding (service flow bundle) can be divided into two steps: Determine the unique user according to the VLAN or the SVLAN+CVLAN. Find out the corresponding service flow according to the 802.1p priority. The MA5600T/MA5603T implements service flow bundle as follows: Set up a service flow for each service of a user and transmit all services to the same SVLAN or SVLAN+CVLAN in the upstream direction. This SVLAN or SVLAN+CVLAN uniquely identifies the user. In this case, set the SVLAN+CVLAN forwarding mode for the SVLAN.

9.8 Bridging
With the bridging feature enabled on the MA5600T/MA5603T, the access users on the MA5600T/MA5603T can communicate with each other at Layer 2.

9.8.1 Introduction
Definition
Access user bridging is a feature with which the access users on one MA5600T/MA5603T can communicate with each other at Layer 2. User bridging can be VLAN-based or global user bridging, each of which can be subdivided into intra-board and inter-board user bridging.

Purpose
When an access device (such as an MA5600T/MA5603T) provisions common access services, all access users are isolated from each other at Layer 2 for sake of security. This causes the following two conditions: l In the case of the QinQ service, Layer 2 forwarding is required; however, ports are isolated from each other at Layer 2 on one MA5600T/MA5603T and thus Layer 2 forwarding cannot
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 195

Issue 01 (2011-10-30)

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

be implemented. Therefore, the QinQ service can only be implemented between different MA5600T/MA5603Ts. l In the case of the common access service, the IP addresses of two users on one MA5600T/ MA5603T are generally in the same network segment. These two users, however, cannot interoperate with each other in this network segment due to Layer 2 isolation. In this case, the upper-layer gateway is required to support Layer 3 forwarding and the ARP proxy. That is, the upper-layer gateway is exposed to more requirements.

All the preceding service application problems are originated from the failure in bridging among all access users on one MA5600T/MA5603T. The purpose of this feature is just to implement bridging among the access users on one MA5600T/MA5603T.

9.8.2 Specifications
The SPUA/GPBD board works with the SCUN control board to implement bridging among the access users of the SPUA or GPBD board, or among the access users of the SPUA and GPBD boards. l l The GPBD board provides 8 GPON ports on the front panel, and each port supports a 1:128 split ratio. The SPUA board provides 8 GE ports and 2 10GE ports on the front panel. It can function as an upstream board or service access board. It supports the access user bridging feature only when it functions as a service access board. The SCUN control board, core of system control and service switching, provides 4 GE ports on the front panel.

With the SCUN control board configured, Supports VLAN-based bridging between AIUG boards, and does not support bridging between users of different ports or the same port of the AIUG board. l l l When the SCUN control board is configured, VLAN-based intra-board and inter-board user bridging for GPBC, GPBD, SPUA, and OPGD boards are supported. When the SCUN control board is configured, VLAN-based inter-AIUG-board user bridging is supported. When the SCUL control board is configured, global inter-board and intra-board user bridging for the GPBC, GPBD boards are supported.

9.8.3 Reference Standards and Protocols


The following is the reference document of this feature: l DSL Forum TR-101: Migration to Ethernet-Based DSL Aggregation

9.8.4 Availability
License Support
The access user bridging feature is an optional feature of the MA5600T/MA5603T, and the corresponding service is controlled by the license.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

196

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

Version Support
Table 9-17 Version support User Bridging When the SCUN control board is configured, VLAN-based intra-board and inter-board user bridging for GPBC, GPBD, SPUA, and OPGD boards are supported. When the SCUN control board is configured, VLAN-based inter-AIUG-board user bridging is supported. When the SCUL control board is configured, global inter-board and intra-board user bridging for the GPBC and GPBD boards are supported. Version

V800R007C00 and later versions

V800R007C00 and later versions

V800R008C05 V800R010

Feature Dependency
l When the SCUN control board is configured VLAN-based user bridging conflicts with S+C forwarding. VLAN-based user bridging conflicts with ARP proxy. l When the SCUL control board is configured Global user bridging conflicts with S+C forwarding. Global user bridging conflicts with ARP proxy. l l The VLAN range traffic streams do not support user bridging. After global user bridging is enabled, an S+C traffic stream can receive the broadcast packets sent by itself.

9.8.5 Principle
Architecture Model of the Access User Bridging Feature
The following section describes the architecture model of the access user bridging feature. User bridging can be VLAN-based or global user bridging.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

197

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

Figure 9-11 Architecture model of VLAN-based user bridging


Upper-layer network

board 1 PON port PON port One VLAN Inter-board user bridging GE port

board 2 GE port

SPL ONU User1 ONU User2

SPL ONU User3

One IP network segment

User4

User4

One VLAN Intra-board user briding

One VLAN Intra-board user briding

As shown in Figure 9-11, the following bridging functions are implemented on the MA5600T/ MA5603T after the access user bridging feature is enabled for a VLAN. l l Inter-board user bridging: bridging among ports on different boards, such as users 1, 2, 3 and users 4, 5 Intra-board user briding: Bridging among different ONUs that are connected to one PON port, such as user 1 and user 2 Bridging among different ONUs that are connected to different PON ports on one PON board, such as user 1, user 2, and user 3 Bridging among different ports on one board, such as user 4 and user 5

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

198

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

Figure 9-12 Architecture model of global user bridging


Upper-layer network

board1 PON port

Different VLAN board 2 (global) PON port PON port Inter-board user PON port bridging SPL ONU VLAN C SPL ONU

VLAN A SPL ONU User1 ONU User2 SPL VLAN B ONU User3

One IP network segment

User4

User5

Different VLAN (global) Intra-board user briding

As shown in Figure 9-12, the following bridging functions are implemented on the MA5600T/ MA5603T after the access user bridging feature is enabled globally. l l Inter-board user bridging: bridging among ports in different VLANs on different boards, such as users 1, 2, 3 and users 4, 5 Intra-board user bridging: bridging among different ONUs in different VLAANs that are connected to different PON ports on one PON board, such as user 1, user 2, and user 3
NOTE

For details about the support for VLAN-based and global user bridging on each board, see 9.8.2 Specifications.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

199

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

Network Applications
Figure 9-13 Network applications of the access user bridging feature

PC

ONU SPL ONU

MA5600T/ MA5603T

VLAN PC ONU PC ONU PC

IP

VPN

As shown in Figure 9-13, on one MA5600T/MA5603T, both bridging of the enterprise private line users (the red line) and bridging of common access users (the yellow line) are implemented. These applications are differentiated by using the VLAN. A QinQ VLAN can be used for the enterprise private line service. Enable the bridging function for this VLAN to implement bridging among the private line users on an MA5600T/MA5603T. If bridging among the users in a public network VLAN is also required, enable the bridging function for this VLAN directly.

9.9 Glossary, Acronyms, and Abbreviations


Glossary
Table 9-18 Glossary of the terms related to the access user bridging feature Term User board S+C forwarding Description In this document, a user board refers to the board that provides users with the access service. In the S+C forwarding mode, Ethernet packets are forwarded according to the two-layer VLAN tags in the header. The external-layer VLAN tag is the S-tag and the internal-layer tag is the C-tag.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

200

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

9 Layer 2 Protocol Handling

Acronyms and Abbreviations


Table 9-19 Acronyms and abbreviations of the access user bridging feature Acronym/ Abbreviation SCUN Full Spelling Description The SCUN control board. It provides up to 24 10GE ports, and 4 GE ports on the front panel. It provides 8 GE ports and 2 10GE ports on the front panel. Null Null Null Null Null Null Null

Super Control Unit Board VerN

SPU OLT ONU ONT VMAC ARL LTM LTR

Service Process Unit Optical Line Terminal Optical Network Unit Optical Network Terminal Virtual MAC Address Resolution List Linktrace Message Linktrace Reply

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

201

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

10
About This Chapter
10.1 QoS Processing

QoS

Quality of service (QoS) provides end-to-end service quality assurance for users by setting a series of QoS parameters, such as service availability, delay, jitter, and packet loss ratio. It includes technologies such as priority processing, traffic policing, ACL policy, and congestion avoidance and management.

10.2 Traffic Classification This topic covers the overview, specifications, availability, and principle of the traffic classification policy. 10.3 Priority Processing This topic covers the overview, availability, impact, and principle of priority processing. 10.4 Traffic Policing This topic covers the overview, availability, impact, and principle of traffic policing. 10.5 ACL Policy Using the preset access control list (ACL) policy, the system permits or refuses data packets to pass. 10.6 Congestion Avoidance and Management This topic covers the overview, specifications, availability, and principle of congestion avoidance and management. 10.7 HQoS In the conventional quality of service (QoS), traffic scheduling is based on the port. The hierarchical QoS (HQoS) is a QoS technology that controls user traffic on a port with finer granularity and also schedules services of a user based on the service priority. 10.8 QoS Network Application 10.9 Glossary, Acronyms, and Abbreviations This topic provides glossary, acronyms, and abbreviations relevant to the QoS feature.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

202

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

10.1 QoS Processing


The QoS feature refers to the end-to-end quality assurance for users, including priority processing, traffic policing, ACL policy, congestion avoidance and management. The following briefly describes QoS processing on the MA5600T/MA5603T. For details about each QoS action, see the relevant topics.

Upstream QoS Processing


Figure 10-1 illustrates the upstream QoS processing on the MA5600T/MA5603T. Figure 10-1 Upstream QoS processing on the MA5600T/MA5603T
Congestion management 7 6 5 4 3 2 1 0 Congestion management 7 6 5 4 3 2 1 0

Traffic classification

Traffic policy

Congestion avoidance

Priority processing

Congestion avoidance

ACL policy

Traffic streams

Service board

Control board

The MA5600T/MA5603T implements QoS processing of upstream traffic streams as follows: 1. After entering the service board from the user port, user packets are performed with QoS processing as follows: (1) Traffic classification: User services are differentiated according to the characteristics of user Ethernet packets and different services achieve different QoS guarantees. (2) Priority processing: Different priority processing policies are set for different traffic streams so that these traffic streams are scheduled according to their priorities when congestion occurs on the local device or upper-layer network. (3) Traffic policing: It is used to limit the traffic volume and address the burst of a certain incoming connection on a network. When the packets meet certain conditions, for example, when the traffic of a connection is too heavy, traffic policing takes different actions, such as dropping the packets, or coloring the packets (re-setting the priority of the packets). In this way, the port can maintain a stable rate, which avoids impact on the upper-layer devices. Generally, CAR is used to limit the traffic of a certain type of packets. (4) Congestion avoidance: When congestion occurs, unqualified packets are dropped in advance using an early drop algorithm (RED or WRED) to avoid further congestion. (5) Congestion management: Outgoing packets with different priorities enter different priority queues through PQ or WRR scheduling so as to manage traffic on the device. 2.
Issue 01 (2011-10-30)

After entering the control board, packets are performed with QoS processing as follows:
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 203

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

(1) ACL policy: A series of match rules are configured to identify and filter data packets that match the rules. After the specific objects are identified, the system permits or refuses the corresponding data packets to pass according to the preset rules. ACLbased traffic filtering is a prerequisite for QoS. ACL together with QoS improves the system security. (2) Congestion avoidance: When congestion occurs on a port, the early drop algorithm is used to avoid further congestion. (3) Congestion management: Outgoing packets with different priorities enter different priority queues through queue scheduling.

Downstream QoS Processing


Figure 10-2 illustrates the downstream QoS processing on the MA5600T/MA5603T. The downstream QoS processing is reverse to the upstream QoS processing. Figure 10-2 Downstream QoS processing on the MA5600T/MA5603T
Congestion management 7 6 5 4 3 2 1 0 Congestion management 7 6 5 4 3 2 1 0

Traffic classification

10.2 Traffic Classification


This topic covers the overview, specifications, availability, and principle of the traffic classification policy.

Congestion avoidance

Priority processing
Service board

Congestion avoidance

Traffic streams

Traffic policy

Control board

ACL policy

10.2.1 Overview
Definition
Traffic classification is a technology that differentiates services by packets classification according to the characteristics of user Ethernet packets and certain rules, so as to implement different processing operations and provide different services.

Purpose
The purpose of traffic classification is to differentiate traffic streams to provide different QoS guarantees for various services of users. The system implements traffic-stream-based service mapping and makes preparations for the subsequent QoS actions, for example, transforming between user VLANs and network VLANs, upstream and downstream CAR, priority marking, and queue scheduling.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 204

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

10.2.2 Specifications
Traffic streams can be classified by (for details, see Table 10-1): l l l l l l Physical port/logical port. In this mode, the "Any" rule is adopted, and traffic on the entire port is classified as one traffic stream. Hence, a single port carries a single service. EtherType. In this mode, traffic classification differentiates between the IPoE and PPPoE encapsulation types. CVLAN. CVLAN+802.1p priority. CVLAN+EtherType. Dual-VLAN tags (SVLAN+CVLAN).

Table 10-1 Specifications of traffic classification Traffic Classification Type Single service By EtherType Traffic Classification Parameter None (Any) PPPoE IPoE Description

No traffic classification is performed. The EtherType is 0x8863 or 0x8864. All Ethernet packets that do not match the PPPoE encapsulation type are regarded as IPoE packets. VLANs 1-4095 are normal VLAN tags. Priority-tagged is a tag of VLAN 0, and is also called null-tag. Untagged packets match this rule. Packets that do not match the other rules match this rule.

By CVLAN

1-4095 priority-tagged untagged other-all (any other)

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

205

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

Traffic Classification Type

Traffic Classification Parameter VLAN range

Description

The ranges of start VLAN ID and end VLAN ID are both 1 to 4095, but the end VLAN ID must be larger than the start VLAN ID. Currently, only EPON supports VLAN range, which corresponds to the EPON port, not LLID. The VLAN range (also called raw streams) in EPON is actually a type of bulkprocessed traffic streams based on SVLAN +CVLAN forwarding. It is particularly applicable to the wholesale scenarios, for example, bulk operation on the same type of services (same SVLAN) of all ONUs (different CVLANs) connected to a PON port. In this scenario, when a user is added, no additional traffic stream is required when the CVLAN of this user is within the VLAN range.

By CVLAN +802.1p priority (P-bits)

VLAN: 1-4095 P-bits: 0-7 VLAN: priority-tagged P-bits: 0-7

VLANs 1-4095 are normal VLAN tags.

Priority-tagged is a tag of VLAN 0. In this case, only the value of p-bits is required to be input. VLANs 1-4095 are normal VLAN tags.

By CVLAN +EtherType

VLAN: 1-4095 EtherType: PPPoE, IPoE VLAN: priority-tagged EtherType: PPPoE, IPoE VLAN: untagged EtherType: PPPoE, IPoE

Priority-tagged is a tag of VLAN 0.

Untagged PPPoE or IPoE packets adopt this rule. It is traffic classification by dual-VLAN tags.

By dual-VLAN (SVLAN +CVLAN)

Outer VLAN: 1-4095 Inner VLAN: 1-4095

Supports setting of traffic streams description. The SCUB/SCUF control board supports description settings for 8K traffic streams. The SCUN/SCUL control board supports description settings for 24K traffic streams.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

206

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

10.2.3 Availability
License Support
The traffic classification feature does not require a license.

Version Support
Table 10-2 Version support Product MA5600T/MA5603T Version V800R007C00 and later versions

10.2.4 Principle
Traffic classification on the MA5600T/MA5603T is a technology that differentiates user services according to the characteristics of user Ethernet packets. The major purpose of traffic classification is to support multi-service applications and guarantee QoS for each service (each traffic stream) of each user. After packets enter the MA5600T/MA5603T, the MA5600T/MA5603T performs traffic classification and then provides different QoS services for different traffic streams. Figure 10-3 shows the traffic classification process. Figure 10-3 Traffic classification process
Different QoS services for different traffic streams Best service Golden service Silver service Bronze service

Packets

Traffic classifcation

Generally, one physical port or logical port can have only one traffic classification rule. The Ethernet port on the SPUA board supports traffic classification by single-VLAN and dualVLAN. However, the single VLAN ID must be different from the outer VLAN ID of the dualVLAN. Figure 10-4 illustrates how to classify traffic streams based on the VLAN so that the classified traffic streams are processed with different QoS services.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

207

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

Figure 10-4 VLAN-based traffic classification


Classified by VLAN

Internet: VLAN 100 802.1P marking IPTV: VLAN 200 802.1P marking Service VoIP: VLAN 300 port 802.1P marking
trTCM &CAR trTCM &CAR trTCM &CAR

DEI marking DEI marking DEI marking Service board


PQ+ WRR

Upstream port

10.3 Priority Processing


This topic covers the overview, availability, impact, and principle of priority processing.

10.3.1 Overview
Definition
Priority processing of the MA5600T/MA5603T mainly includes remarking the VLAN priority, trusting the user-side CoS priority, and trusting the user-side ToS priority for packets.

Purpose
According to different priority processing policies, the inner and outer VLAN priorities are configured or the user-side priority is trusted for traffic streams. In this way, packets are scheduled according to their priorities when congestion occurs on the local device or upper-layer network.

10.3.2 Specifications
Priority Re-marking
l Outer VLAN priority: Copies the outer VLAN priority of the user packet as the outer VLAN priority of the traffic stream. Copies the inner VLAN priority of the user packet as the outer VLAN priority of the traffic stream. Copies the ToS priority of the user packet as the outer VLAN priority of the traffic stream in the upstream direction. Specifies the outer VLAN priority of the traffic stream.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 208

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

Inner VLAN priority: Copies or maps the outer VLAN priority of the user packet as the inner VLAN priority of the traffic stream. Only the SPUA board supports priority mapping. Copies or maps the inner VLAN priority of the user packet as the inner VLAN priority of the traffic stream. Only the SPUA board supports priority mapping. Copies the ToS priority of the user packet as the inner VLAN priority of the traffic stream in the upstream direction. Specifies the inner VLAN priority of the traffic stream.

Priority-based Queuing Policy


l l l Local priority Egress outer VLAN priority Ingress outer VLAN priority The SPUA/OPGD board does not support queuing based the egress outer VLAN priority. Connection-oriented traffic streams do not support queuing based on the ingress outer VLAN priority. The GPBC board supports queuing based on the ingress outer VLAN priority only when the re-marking policy of the egress outer VLAN priority is copying the ingress outer VLAN.

Others
The system supports setting of the DSCP priority for the protocol packets sent by the VLAN interface. The DSCP priority for DHCP packets and that for routing protocol packets (including OSPF, IS-IS, RIP, BGP, and PIM-SSM packets) can be set separately.

10.3.3 Availability
Relevant NEs
The priority processing feature involves only the MA5600T/MA5603T.

License Support
The priority processing feature does not require a license.

Version Support
Table 10-3 Version support Product MA5600T/MA5603T Version V800R007C00 and later versions

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

209

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

10.3.4 Principle
Priority processing allows the 802.1p priority to be remarked according to certain rules. Priority processing is a prerequisite for queue scheduling. For queue scheduling on the MA5600T/ MA5603T, packets enter queues according to their outer VLAN priorities. At the same time, priority processing also makes preparations for the scheduling on the upper-layer network.

802.1p Priority and IP Precedence


The priority of a packet can be 802.1p priority or IP precedence. 1. 802.1p priority 802.1p priority refers to the packet priority specified at the link layer, which is the class of service (CoS). The 802.1p priority occupies three bits in the VLAN tag (the following figure shows the position of the 802.1p priority in an Ethernet frame), as defined in IEEE802.1Q. The priority field represents the 802.1p priority, which indicates the priority of an Ethernet frame. This field comprises three bits and its value ranges from 0 to 7. In detail, 0 stands for the lowest priority level and 7 the highest priority level. By using the eight priority levels, this field specifies which packet to transmit first in the case of congestion on a port. 802.1p priority is also called the CoS priority. Figure 10-5 802.1q frame format
802.1Q header Destination address Source address TPID TCI Length /Type Data FCS (CRC-32)

6 bytes

6 bytes

4 bytes

2 bytes

46-1517 bytes

4 bytes

TPID (Tag Protocol Identifier) 0x8100 16 bits

TCI (Tag Control Information) Priority 3 bits CFI 1 bits VLAN ID 12 bits

2.

IP precedence As defined in the IP protocol, differentiated services code point (DSCP) and type of service (ToS) occupy the same field (one byte) in the IP header. The IP bearer network device identifies whether to fill DSCP or ToS in the field and, according to the setting, schedules and forwards packets to ensure QoS for different services. ToS in the IP header specifies traffic classification. It is used to specify traffic classification rather than the priority (the priority is determined by the device). The ToS field comprises

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

210

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

eight bits, including a 3-bit priority sub-field (now ignored), 4-bit ToS sub-field, and one reserved bit (set to 0). The four bits in the ToS sub-field represent the minimum delay, maximum throughput, maximum reliability, and minimum cost respectively. Only one of the four bits can be set. If all four bits are set to 0, it indicates the common service. DSCP is defined based on the IPv4 ToS. As shown in Figure 10-6, the least significant six bits in the DS field (bits 0-5) are used to differentiate DSCPs and the most significant two bits (bits 6 and 7) are reserved. The least significant three bits in the DS field (bits 0-2) are the class selector code point (CSCP), which is a type of DSCP. Figure 10-6 IP precedence
DS Field 0 1 2 3 4 5 6 7 unused 0 1 2 IPv4 TOS 3 4 5 6 7 0

DSCP

CSCP

Precedence

ToS

DSCP is used to select the corresponding per-hop behavior (PHB) on each node of the network. PHB describes the external visible behaviors when the DS node is used for data stream aggregation. IETF has defined three types of PHB: expedited forwarding (EF), assured forwarding (AF), and best-effort. For example, BE: DSCP=000000 EF: DSCP=101110 The AF code points are as follows: Low Discard Priority, j=1 AF (i=4) AF (i=3) AF (i=2) AF (i=1) 100010 011010 010010 001010 Medium Discard Priority, j=2 100100 011100 010100 001100 High Discard Priority, j=3 100110 011110 010110 001110

In different levels of discard priorities, the first three bits in each type of AF, however, are the same, for example, the first three bits in AF1 are 001, 010 in AF2, 011 in AF3, and 100 in AF4. Bits 3 and 4 indicate the discard priority, with values 01, 10, and 11. The larger the value, the higher the discard priority.

SVLAN Priority Processing


The MA5600T/MA5603T processes the outer VLAN (SVLAN) priority as follows:
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 211

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description


NOTE

10 QoS

The user VLAN priority indicates the VLAN priority of the packet transmitted to the device from the user side or network side.

l l l l

Trusting the user CoS: Copies the outer VLAN priority of the user packet as the outer VLAN priority of the traffic stream. Trusting the user inner CoS: Copies the inner VLAN priority of the user packet as the outer VLAN priority of the traffic stream. Trusting the user ToS: Copies the ToS priority of the user packet as the outer VLAN priority of the traffic stream in the upstream direction. Trusting the local priority: Specifies the outer VLAN priority of the traffic stream.

Upstream packets support these four priority processing modes. Downstream packets, however, support only three processing modes and do not support "trusting the user ToS".

CVLAN Priority Processing


l l Trusting the user CoS: Copies or maps the outer VLAN priority of the user packet as the inner VLAN priority of the traffic stream. Only the SPUA board supports priority mapping. Trusting the user inner CoS: Copies or maps the inner VLAN priority of the user packet as the inner VLAN priority of the traffic stream. Only the SPUA board supports priority mapping. Trusting the user ToS: Copies the ToS priority of the user packet as the inner VLAN priority of the traffic stream in the upstream direction. Trusting the local priority: Specifies the inner VLAN priority of the traffic stream.

l l

10.4 Traffic Policing


This topic covers the overview, availability, impact, and principle of traffic policing.

10.4.1 Overview
Definition
Traffic policing (also called traffic policy) is used to limit the traffic volume and address the burst of a certain incoming connection on a network by measuring the arrival rate of traffic streams. When the packets meet certain conditions, for example, when the traffic of a connection is too heavy, traffic policing takes different actions, such as dropping the packets, or coloring the packets (re-setting the priority of the packets). The common method is to limit the traffic of one type of packets using the CAR, for example, set the HTTP packets to occupy no more than 50% network bandwidth only. In a PON system, upstream bandwidth conflict between ONUs is resolved by the DBA technology.

Purpose
The purposes of traffic policing are as follows: l l
Issue 01 (2011-10-30)

To ensure that the user traffic meets the service level agreement (SLA). To adjust the outgoing traffic and suppress the burst traffic for QoS guarantee.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 212

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

To control the rate of broadcast packets through packet suppression.

10.4.2 Specifications
The specifications of traffic policing are as follows: l l l l l l l l l CAR based on the port CAR based on the traffic stream CAR based on port+priority CAR based on port+VLAN (HQoS) on the SPUA board CAR using the trTCM algorithm (RFC2698) Priority-based CAR (enhanced based on CAR using the trTCM algorithm) Color-based early drop CAR based on the HQoS user group (the CAR group supports color-based CAR) A maximum of 512 IP traffic profiles defined in MEF10

10.4.3 Availability
Relevant NEs
The traffic policing feature involves only the MA5600T/MA5603T.

License Support
The traffic policing feature does not require a license.

Version Support
Table 10-4 Version support Product MA5600T/MA5603T Version V800R007C00 and later versions

10.4.4 Traffic Policing Principle


In traffic policing, the committed access rate (CAR) is generally used to limit the traffic of packets using the token bucket (TB) algorithm. The MA5600T/MA5603T supports CAR based on the port or traffic stream.

Traffic Policing Based on Port


CAR uses TB for traffic control. Each packet must use the tokens equal to the packet length for transmission. As shown in the following figure, traffic policing is implemented as follows: Packets are classified. Then, packets of a certain type, after being specified with the traffic feature, enter the TB for processing. If the TB stores sufficient tokens, packets are transmitted. If the TB stores insufficient tokens, packets are dropped. In this way, the system controls the traffic of packets of a certain type.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 213

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

The system generates tokens to the TB at a specified rate. In addition, the TB has a specified capacity. When the TB is full of tokens, the system suspends token generation until a token is used. Packet transmission consumes a certain number of tokens. The consumption of tokens depends on the packet length. When the remaining tokens in the TB are insufficient for transmitting a packet, the system drops the packet. A TB is a good tool for traffic control. When the TB is full of tokens, the system can transmit all the packets represented by the tokens. In this way, the system allows for burst transmission. When the TB is empty of tokens, the system transmits no packets. The system resumes the transmission only after a new token is generated. In this way, the rate of traffic transmission is limited to be lower than or equal to that of token generation. Figure 10-7 TB principle
Save the token in the token bucket at the specified rate. Packets to be transmitted through the interface Transmit the packet continuously.

Classification Token bucket

Discard

l l

For the Ethernet port, run the line-rate command to limit the upstream and downstream rates of the port. For the xDSL port, change the upstream and downstream rates in the line profile to limit the rate of the port.

Traffic Policing Based on Traffic Stream


Traffic policing based on the traffic stream is to monitor the traffic of each traffic stream. A traffic stream can be bound to a traffic profile, through which the CAR value of the traffic stream is defined. In traffic policing based on the traffic stream, two rate three color marker (trTCM) can be implemented using two TBs. As defined in RFC2698, trTCM is a marker, which can be used as a component in a Diffserv traffic conditioner and is used to meter and mark IP packet streams. Because the MA5600T/MA5603T implements the QoS technology at the Ethernet layer, the MA5600T/MA5603T does not support marking of IP packet headers but supports marking of Ethernet frame headers. The related parameters are as follows: l l
Issue 01 (2011-10-30)

CIR: committed information rate, in the unit of bytes/s. CBS: committed burst size, in the unit of bytes.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 214

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

l l l

PIR: peak information rate, in the unit of bytes/s. PIR must be larger than or equal to CIR. PBS: peak burst size, in the unit of bytes. CM: color mode, with options color-blind and color-aware, which indicates whether or not to identify the colors of the incoming packets. Currently, the MA5600T/MA5603T supports the color-blind mode, that is, the MA5600T/MA5603T does not identify the colors of the incoming packets.

trTCM can be used for traffic policing and marking to achieve more effective bandwidth management. Based on static bandwidth planning, trTCM can ensure the basic bandwidth (that is, CIR) for users. When the network is idle, the trTCM allows users to obtain extra bandwidth, that is, PIR. In this way, the utilization of network resources is improved. Figure 10-8 illustrates the principle of trTCM. trTCM uses the DEI bit to identify different colors. On the MA5600T/MA5603T, the CFI bit in the Ethernet 802.1Q serves as the DEI bit. l l l When the rate is higher than PIR, packets are marked red and are directly dropped. When the rate is higher than CIR but is lower than or equal to PIR, packets are marked yellow and the DEI bit is set to 1. When the rate is lower than or equal to CIR, packets are marked green and the DEI bit is set to 0.

Figure 10-8 trTCM principle


PIR CIR P bucket Colored green <= CBS CBS

Color-bind

<= PBS PBS

C bucket

Color-aware > PBS

> CBS Colored yellow

queue

The following describes the algorithm of two TBs. Assume that there are two independent TBs, P and C, with sizes PBS and CBS respectively. Tp (t) and Tc(t) represent the number of tokens in P and C respectively at time t. Initially (t = 0), P and C are full, that is, Tp(0) = PBS and c(0) = CBS. Then, Tp is increased by one for PIR times per second until reaching PBS and Tc is increased by one for CIR times per second until reaching CBS. l In the color-blind mode, when packets of B bytes arrive at time t, the following operations are performed: 1. If Tp(t) - B < 0, packets exceeding Tp(t) are marked red. Otherwise, the device proceeds to the next step.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 215

Issue 01 (2011-10-30)

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

2. 3. l

If Tc(t) - B < 0, packets exceeding Tc(t) are marked yellow and Tp is decreased by B. Otherwise, the device proceeds to the next step. Packets are marked green and both Tp and Tc are decreased by B.

In the color-aware mode, when packets of size B bytes arrive at time t, the following operations are performed: 1. 2. 3. If the packets have been marked red or if Tp(t) - B < 0, packets are marked red. Otherwise, the device proceeds to the next step. If the packets have been marked yellow or if Tc(t) - B < 0, the packets are marked yellow and Tp is decreased by B. Otherwise, the device proceeds to the next step. Packets are marked green and both Tp and Tc are decreased by B.

Packet Suppression
Packet suppression refers to the suppression of broadcast, multicast, and unknown unicast packets. In normal conditions, broadcast, multicast, and unknown unicast packets are broadcast in a VLAN. The purpose of suppressing these packets is to prevent them from exhausting the network resources so as to avoid network congestion. The traffic-suppress command can be executed to set the suppression level of broadcast, multicast, or unknown unicast packets on a port. After the suppression level is set successfully, the system limits the traffic of the port according to the threshold of the corresponding traffic suppression level if the traffic control is enabled on the port. Then, the system will drop the traffic that exceeds the threshold.

10.4.5 DBA Principle


DBA Technology
The dynamic bandwidth assignment (DBA) technology controls the upstream bandwidth of ONTs to avoid upstream bandwidth conflict. In a GPON system, the OLT controls the upstream data traffic by sending authorization signals to ONTs. In a PON network, an effective TDMA mechanism is required to control the upstream traffic, so that data packets from multiple ONTs do not collide during upstream transmission. However, the collision-based mechanism requires QoS management in a passive ODN, which is physically impossible or causes severe efficiency loss. Due to the above-mentioned factors, a mechanism for management of the upstream GPON traffic has been the primary focus in standardization of GPON traffic management. It drives the development of the ITU-T G.983.4 recommendation, which defines the DBA protocol for management of the upstream PON traffic. Figure 10-9 illustrates the DBA principle. The GPON system controls the upstream traffic by allocating data authorization to each transmission container (T-CONT) inside an ONT. To determine the authorized bandwidth to be allocated to a T-CONT, the OLT needs to know the traffic status of the T-CONT. Each ONT reports its data status to the OLT through the DBRu or payload field in the upstream frames. After receiving the data status, the OLT, according to status of data to be transmitted on the ONTs, periodically updates the upstream BWmap information using the DBA algorithm and notifies all ONTs of the BWmap information through downstream frames. In this way, each ONT dynamically adjusts its upstream bandwidth according to its actually transmitted data traffic, thereby improving the utilization of upstream bandwidth.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

216

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

Figure 10-9 DBA principle


ONU DBA report Control plane BW Map T-CONT DBA algorithm logic OLT

Time slot

Data plane

Scheduler

DBA Profile
ONU upstream bandwidth control is implemented through the DBA profile bound to the TCONT. There are five types of T-CONTs. In upstream service scheduling, different types of TCONTs are selected according the service type. Each T-CONT bandwidth type has its own QoS feature, which is mainly represented by bandwidth guarantee, including fixed, assured, assured +maximum, maximum, and hybrid mode (corresponding to type1 to type5 in Table 10-5). Table 10-5 Five types of T-CONTs Bandwidth Type Fixed bandwidth Assured bandwidth Maximum bandwidth T-CONT Type Type1 X No Z=X Type2 No Y Z=Y Type3 No Y Z>Y Type4 No No Z Type5 X Y ZX+Y

NOTE

In Table 10-5, "X" indicates the fixed bandwidth, "Y" assured bandwidth, and "Z" maximum bandwidth.

10.5 ACL Policy


Using the preset access control list (ACL) policy, the system permits or refuses data packets to pass.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

217

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

10.5.1 Introduction
Definition
The access control list (ACL) policy defines a series of matching rules, with which the packets to be filtered are identified. The packets identified are permitted or refused to pass according to the preset rules.

Purpose
ACL-based traffic filtering is a prerequisite for quality of service (QoS). ACL together with QoS improves the system security.

10.5.2 Specifications
Specifications of the ACL Feature
The specifications of the ACL feature are as follows: l l l l l l ACLs are numbered from 2000 to 5999, and an ACL with any of the 4000 numbers can be defined. The system supports a maximum of 64 ACLs, each supporting a maximum of 32 rules. Table 10-6 describes each type of ACL. Users can use any of the first 80 bytes in the packet to define the ACL rules. Multiple fields can be configured at the same time. The system supports setting of the ACL time segment. A maximum of 256 time segments can be set. The system supports issuing of ACL-based packet filtering entries to a port. A maximum of 256 ACL-based packet filtering entries can be issued. The system supports ACL-based packet filtering, traffic control, packet priority re-marking, packet redirection, packet mirroring, and packet statistics collection.

Table 10-6 ACL types Type Basic ACL Value Range 2000-2999 Feature The rules of a basic ACL can be defined only according to the Layer 3 source IP address and the fragment field, for analyzing and processing data packets.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

218

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

Type Advanced ACL

Value Range 3000-3999

Feature Compared with a basic ACL, an advanced ACL allows more accurate, richer, and more flexible definition of the rules according to the following information about data packets: l Source address l Destination address l IP bearer protocol types 0-255 (GRE, ICMP, IP, IP in IP, TCP, and UDP) l TCP source port l TCP destination port l ICMP protocol type l ICMP code l Priority TOS/IP precedence/DSCP

Link layer ACL

4000-4999

The rules of a link layer ACL can be defined according to the following information: l MAC address l VLAN ID l Layer 2 protocol type l Destination MAC address l 802.1p priority

User-defined ACL

5000-5999

The rules of a user-defined ACL can be defined according to any 32 bytes of the first 80 bytes in a Layer 2 frame. l For IPoE packets: IPoE packets with no VLAN tag, one VLAN tag, or two VLAN tags can be matched. l For non-IPoE packets: Non-IPoE packets with any number (0, 1, 2, or more) of VLAN tags (0, 1, 2, or more) are be matched.

10.5.3 Availability
License Support
The ACL feature does not require a license.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

219

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

Version Support
Table 10-7 Version support Product MA5600T/MA5603T Version V800R007C00 and later versions

Feature Dependency
1.VLAN-based ARP packet capture in V800R009 occupies more ACL resources than in any earlier versions. Therefore, in V800R009, the number of configurable ACLs has the following limits: l l l l Maximum number of non-user-defined ACLs supported by SCUL: 248. Maximum number of user-defined ACLs supported by SCUL: 80. Maximum number of non-user-defined ACLs supported by SCUB: 753. Maximum number of user-defined ACLs supported by SCUB: 80.

If the number of ACLs configured exceeds the limits, the following issues may occur: (1) ACL configurations are lost, and (2) ACLs configured in an earlier version fail to be restored after a version upgrade to V800R009.
NOTE

SCUF and SCUN boards do not have these limits.

Hardware Support
No additional hardware is required for the ACL feature.

10.5.4 Principle
ACL-based Packet Processing
The system matches and processes the input packets according to the ACL rules: l If the packets match an ACL rule, they are performed with further QoS actions, including packet filtering, priority marking, port CAR, traffic control, traffic statistics, packet redirection, and packet mirroring. After being processed using the preceding QoS actions, the packets are forwarded and output. Packet filtering Determines whether to drop the packets according to whether the packets match an ACL rule. Priority marking Marks the priority of the packets that match an ACL rule, including ToS, DSCP, and 802.1p. Traffic control Controls traffic of the packets that match an ACL rule.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 220

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

Port CAR Supports single-bucket (flow-based) CAR and dual-bucket two rate three color marker (trTCM) CAR. Traffic statistics Collects statistics of the packets that match an ACL rule, including the number of packets and number of bytes. Packet redirection Redirects the packets that match an ACL rule, that is, re-specifies the port that forwards the packets (the original port no longer receives or forwards packets.) Packet mirroring Performs traffic mirroring on the packets that match an ACL rule, that is, packet streams that match an ACL rule can be copied and output to other ports. l If the packets do not match an ACL rule, the packets are dropped or forwarded according to the definition of the ACL rule.

Figure 10-10 illustrates ACL-based packet filtering and processing. Figure 10-10 ACL-based packet filtering and processing
Packet filtering Priority tagging Traffic limiting Port rate limiting Input packet stream Match the packets with the ACL Output packet stream

Matching? No Discard Discarded packets Yes

Implement actions

ACL Matching Order


When a packet matches two or more ACL rules, the matching order is as follows: l l The priority of a user-defined rule is higher than that of any non-user-defined rules. If the rules are all user-defined rules or non-user-defined rules, and are issued to the physical port, the matching order is high priority to low priority. Once a rule matches the packets, the packets no longer match the subsequent rules. If the rules of an ACL are activated at the same time, the rule with a larger rule-id has a higher priority. If the rules of an ACL are activated one by one, the rule activated later has a higher priority than the one activated earlier. If the rules are issued to the port from different ACLs, the rule activated later has a higher priority than the one activated earlier.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 221

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

If the rules are all user-defined rules or non-user-defined rules, and are issued to the routing interface or firewall, the rule with a smaller rule-id has a higher priority. It is irrelevant the activation sequence. The rules are used to match the packets based on rule-id in ascending order. Once the rule with a smaller rule-id matches the packets, its subsequent rules are not used. That is, the rules with a larger rule-id are invalid.

10.6 Congestion Avoidance and Management


This topic covers the overview, specifications, availability, and principle of congestion avoidance and management.

10.6.1 Overview
Definition
When congestion occurs, the system takes a series of QoS actions to process the packets that cause congestion. Such a series of actions is congestion avoidance and management. Generally, congestion avoidance is implemented using the early drop algorithm, and congestion management is implemented through queue scheduling.

Purpose
Congestion avoidance and management is to differentiate the priorities of services and process packets with higher priorities first when congestion occurs in the system.

10.6.2 Specifications
The specifications of congestion avoidance and management are as follows: Congestion avoidance: l l Color-based early drop Priority-based early drop

Congestion management: l Three queue scheduling modes: PQ (priority queuing), WRR (weighted round robin), and PQ+WRR

10.6.3 Availability
Relevant NEs
The congestion avoidance and management feature involves only the MA5600T/MA5603T.

License Support
The congestion avoidance and management feature does not require a license.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

222

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

Hardware support
Table 10-8 Hardware support (For Congestion Avoidance) Board CAME, OPGD, SPUA, VDPM, VDPE, VDRD, VDMF, ADPD, SHLM, OPFA GPON boards Color-based Early Drop Supported Priority-based Early Drop Not supported

Supported

Supported

Version Support
Table 10-9 Version support Product MA5600T/MA5603T Version V800R007C00 and later versions

10.6.4 Congestion Avoidance Principle


Congestion avoidance is implemented by dropping unqualified packets in advance using an early drop algorithm (RED or WRED) in the case of congestion, so that bandwidth for qualified services is ensured. Congestion avoidance algorithms address the issue of global TCP synchronization caused by tail drop. In addition, color-based congestion avoidance algorithms ensure that green packets pass preferentially. l Tail drop: Tail drop is a first in first out (FIFO) queue management algorithm, with which packets are directly dropped when the maximum queue depth is reached. l RED: Users can set the lower threshold and upper threshold for queues. When the queue length is smaller than the lower threshold, no packets are dropped. When the queue length is between the lower threshold and the upper threshold, incoming packets are dropped randomly. A longer queue length indicates a higher drop probability. When the queue length exceeds the upper threshold, all newly arriving packets are dropped. Compared with tail drop, RED improves line bandwidth usage and reduces delay jitter if there are a large number of TCP packets. l WRED: Based on RED, WRED uses classification marks such as IP precedence, DSCP value, and MPLS EXP to differentiate drop policies. WRED effectively improves the service quality of packets with higher priority. Currently, the system supports the following two congestion avoidance algorithms: l
Issue 01 (2011-10-30)

Color-based early drop


Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 223

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

Priority-based early drop

Color-based Early Drop


After the system marks packets in different colors (yellow and green; red packets are directly dropped) using the trTCM algorithm, these packets have different drop thresholds when entering a port queue. In this way, when the queue is not full although port congestion occurs, traffic configured with CIR (committed information rate) can pass while traffic configured with PIR (peak information rate) is dropped early. Currently, only SCUN, SCUB, SPUA, GPBD, and OPGD boards support color-based early drop. The drop threshold of yellow packets is 50% and green 100%. If more than 50% of a queue is occupied, yellow packets cannot enter the queue but green packets can. When the queue is 100% occupied, green packets are also dropped.

Priority-based Early Drop


Queues with different priorities can be configured with different drop thresholds. Specifically, queues with higher priorities are configured with higher drop thresholds, while queue with lower priorities are configured with lower drop thresholds. In this way, when port congestion occurs, packets with higher priorities can enter greater-depth, more burst-tolerant queues than packets with lower priorities and hence are less likely to be dropped. Currently, only H801GPBC, H802GPBD, H805GPBD, and H831HE1A boards support prioritybased early drop. The early drop depth of each queue is configurable.

10.6.5 Congestion Management Principle


Congestion management is to control traffic on a device using different algorithms for queue scheduling. Such algorithms include priority queuing (PQ) and weighted round robin (WRR). When congestion occurs on an egress, a proper queue scheduling mechanism can guarantee the QoS parameters (such as bandwidth, delay, and jitter) of a certain type of packets. The queue here refers to the outgoing queue. The queue is used to reserve packets in the flash memory until the egress is capable of transmitting packets. Therefore, the queue scheduling mechanism takes effect only when congestion occurs on an egress. The queue can also be used to re-prioritize packets, except FIFO. The features related to queue scheduling are as follows: Feature Classification Definition Checks packets and determines queues of the packets. Defines the rules for the device to drop packets. The commonly used drop policies are tail drop policy and WRED. Packets may be re-prioritized in a queue. In most cases, FIFO is used. Affected QoS Parameter N/A

Drop policy

Packet loss

Scheduling mode in one queue

Bandwidth, delay, jitter, and packet loss

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

224

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

Feature Scheduling mode between queues Queue quantity Queue length

Definition Defines from which queue packets are taken out to the outgoing queue. Degree to which packets are classified. Maximum number of the packets that can be saved in one queue.

Affected QoS Parameter Bandwidth, delay, jitter, and packet loss N/A Packet loss and delay

The system supports the following three scheduling modes. Queue Scheduling Mechanism PQ WRR PQ+WRR Scheduling Mode Strict priority scheduling weighted round robin (WRR) scheduling Hybrid of priority queuing (PQ) and WRR scheduling

PQ is to put packets with different priorities to different queues for scheduling. All boards in the system support eight PQs, and they also support configuring of weights of PQs and mapping of packets with different priorities to a PQ.

PQ
PQ classifies packets and puts packets into the corresponding queues according to the packet classification result. PQ queues are classified into high-priority queues, medium-priority queues, normal-priority queues, and low-priority queues. PQ takes out all packets from a high-priority queue and transmits them. After such a transmission is completed, PQ performs the same on all packets in a medium-priority queue, a normal-priority queue, and a low-priority queue one by one. In this way, packets in a queue with a higher priority precede packets in a queue with a lower priority and therefore are processed preferentially, even in case of congestion. This ensures that packets for key services are processed first. Packets of non-key services (such as email) are processed only when the network is idle after key services are processed, thereby utilizing network resources efficiently.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

225

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

Figure 10-11 PQ
High Priority Queue7 Queue6 3 2 2 1 1


Queue3 Low Priority 2 1

PQ

When packets reach a port, they are classified first and are then put into the tail of the queues to which they belong according to the packet classification result. During packet transmission, the packets in the queue with a higher priority are always transmitted first. After that, the packets in the queue with a lower priority are transmitted. In this way, a short delay is ensured for the packets with a higher priority.

WRR
WRR classifies packets and places packets into the corresponding queues according to the packet classification result. WRR queues are assigned bandwidth on a port according to the bandwidth percentages defined by the user. When packets travel out of queues, WRR takes a certain number of packets from the queue and transmits them from the port according to the pre-defined bandwidth percentage. In WRR scheduling mode, the queues are scheduled in turn based on certain weight values, which ensures that each queue can be scheduled. When a queue is empty, the next queue is scheduled immediately. In this way, the bandwidth resources can be fully utilized. Figure 10-12 WRR
High Priority Queue7 Queue6 3 2 2 1 1 Assumed Weight: Q7:Q6:Q3=1:1:1 WRR 3 2 2 2 1 1 1


Queue3 Low Priority 2 1

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

226

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

PQ+WRR
PQ+WRR is a combination of the PQ scheduling mode and WRR scheduling mode. When the weight value of a queue is 0, the queue scheduling mode is PQ+WRR. In this mode, the system schedules the queues with the weight value 0 in the PQ mode, and then schedules other queues in the WRR mode. With this flexible scheduling mode, the services that must be guaranteed are scheduled in the PQ mode, and the services with lower priorities are scheduled in the WRR mode when there is remaining bandwidth. In this way, services with higher priorities are ensured and those with lower priorities can obtain bandwidth when there is remaining bandwidth.

10.7 HQoS
In the conventional quality of service (QoS), traffic scheduling is based on the port. The hierarchical QoS (HQoS) is a QoS technology that controls user traffic on a port with finer granularity and also schedules services of a user based on the service priority.

10.7.1 Overview
Definition
HQoS is short for hierarchical quality of service. The conventional traffic management cannot ensure the bandwidth of each user on a port because bandwidth scheduling is based on the port. HQoS, however, ensures bandwidth of multiple services of multiple users at two levels. At the first level, the total bandwidth of each user is ensured. At the second level, the bandwidth of each service of each user is ensured. In general, HQoS is a QoS technology that controls user traffic on a port with finer granularity and also schedules services of a user based on the service priority. Currently, the system supports HQoS with the following three levels of bandwidth assurance: l HQoS user service: Services of one user but with different priorities. The priority here refers to the 802.1p priority. Services in this level can be scheduled in the PQ mode based on the priority. HQoS user: A bandwidth guarantee and scheduling unit. An HQoS user can be one or more access users. The total bandwidth of an HQoS user in this level is ensured, and when congestion occurs, the assured bandwidth configured for each HQoS user can be ensured. HQoS user group: A group of HQoS users. In this level, bandwidth limitation based on the HQoS user group is implemented. Currently, the system supports division of user groups based on upstream port+SVLAN (outer VLAN of the packet). All users with the same upstream port+SVLAN belong to one user group.

Purpose
HQoS aims to ensure bandwidth of multiple services for multiple users by controlling traffic of users and user services. It provides the committed information rate (CIR) and peak information rate (PIR) for different services of each user.

Benefit
Benefits to carriers: HQoS, which improves the port-based scheduling mode in the conventional QoS service, differentiates users on a port with finer granularity for QoS assurance. This enables carriers to
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 227

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

ensure QoS for the services of enterprises and subscribers and provide assured bandwidth and service packages for more users, thereby obtaining more profits. Benefits to users Compared with the conventional QoS, HQoS ensures bandwidth assigned for each user, without being interfered by other users.

10.7.2 Specifications
The specifications of HQoS are as follows: l l l l l The data of each HQoS user is differentiated according to the four priorities for PQ scheduling. Upstream and downstream CIRs and PIRs can be set for each HQoS user. The system supports 1024 user groups and their upstream and downstream CIRs are configurable. The system supports traffic control based on the CAR group. One CAR group contains a maximum of eight traffic streams, but one traffic stream belongs to only one CAR group. The system supports a maximum of 16K CAR groups, and a PON board supports a maximum of 1K CAR groups.

10.7.3 Reference Standards and Protocols


The following lists the reference standards and protocols of this feature: RFC2698: A Two Rate Three Color Marker

10.7.4 Availability
License Support
The HQoS feature is an optional feature of the MA5600T/MA5603T, and the corresponding services are controlled by the license.

Version Support
Table 10-10 Version support Product MA5600T/MA5603T Version V800R007C00 and later versions

Hardware Support
l l Only the PON boards support HQoS. HQoS based on the SVLAN priority requires cooperation with the SPUA board.

10.7.5 Principle of Priority-based HQoS


Figure 10-13 illustrates the model of priority-based HQoS supported by the MA5600T/ MA5603T. The HQoS user here refers to an end-to-end traffic stream.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 228

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

The core of priority-based HQoS is to implement two-level CAR for services on the SPUA board. l l Level-1 CAR: Priority-based CAR is performed on HQoS users and traffic streams are colored. In this way, users' services are fairly scheduled and CIR of each user is ensured. Level-2 CAR: The same type of services in a CP is marked the same color for CAR (colorbased CAR), thereby preventing a single type of services from occupying all the bandwidth in a CP. In this way, different services are fairly scheduled to ensure CIR of each service, or even PIR if bandwidth permits.

Figure 10-13 Priority-based HQoS Model


Flow CAR for HQoS users
Flow 1 (Pri=P1) Flow 1 (Pri=P2)

CAR for one type of service in a CP

Represents a CP

Traffic streams with different priorities

Flow

Port+VLAN Port

Figure 10-14 illustrates the overall solution of priority-based HQoS on the SPUA board. Figure 10-14 Priority-based HQoS processing
(4) (2) Priority-based CAR for users (3)

(1) Traffic classification

7 6

Color-based CAR according to port+SVLAN

Processing of priority-based HQoS on the SPUA board is as follows: 1. Traffic classification HQoS users are differentiated based on port+SVLAN+CVLAN on the upstream board of the SPUA board. 2. Priority-based CAR for the HQoS user According to CIR and PIR of an HQoS user, packets of the user are marked different colors, which is implemented using the trTCM mechanism with four priority thresholds. Packets whose rate is lower than CIR are marked green, packets whose rate is within CIR and PIR yellow, and packets whose rate is higher than PIR are directly dropped. During coloring,
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 229

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

priority also counts, that is, packets with a higher priority can preferentially occupy CIR and PIR bandwidth. This can be regarded as virtual PQ scheduling.
NOTE

A virtual queue has the following characteristics: l Containing no actual buffer unit and buffering no data l No delay when data enters or leaves the queue l Functioning as one queue in the hierarchical scheduling for output scheduling

3.

Color-based CAR for the HQoS user group Green packets are allowed to pass, yellow packets that do not exceed the bandwidth can also pass, and yellow packets that exceed the bandwidth are dropped. Yellow packets cannot be upgraded to green packets.

4.

Port queue scheduling All HQoS users enter the same priority queue at the egress, and color-based early drop is implemented in the queue. In this way, when the congestion threshold is reached, the system starts dropping yellow packets to ensure a short delay of green packets. The queue here is a real queue on the port, and the port supports PQ and WRR scheduling of eight such queues. To ensure that all HQoS users enter the same priority queue, the following settings are adopted: In FTTB, HQoS users are generally tagged SVLAN +CVLAN and therefore priorities of SVLANs of these users are all set to a specified priority; in FTTH, HQoS users are generally tagged a single VLAN and therefore all priorities of the single VLANs of these users are mapped to the same queue.
NOTE

The system does not provide a command for setting the drop threshold of the yellow packets, but the existing command for setting the queue depth actually functions so. The smaller the depth, the lower the drop threshold of the yellow packets, and the earlier the yellow packets are dropped when congestion occurs.

10.7.6 Principle of HQoS Based on CAR Group


A CAR group is a combination of traffic streams for unified QoS control, with configurable parameters such as CIR and PIR. One of its typical applications is for multiple services (IPTV, Internet access, and voice services) of home users. Using the CAR group, QoS based on the home user instead of based on each service is implemented. Figure 10-15 illustrates the model of CAR-group-based HQoS supported by the MA5600T/ MA5603T. HQoS based on CAR group implements two-level or three-level CAR for services: l l l Level-1 CAR is performed for user traffic streams. Level-2 CAR is performed for multiple traffic streams of HQoS users (that is, CAR group). If necessary, level-3 CAR is performed, which is color-based CAR for HQoS user groups. Currently, the system supports classifying of user groups by upstream port+SVLAN (outer VLAN of the packet).

For example, the two-level CAR can achieve the following settings: limiting a user's Internet access rate, multicast service rate, and voice service rate to 2 Mbit/s, 4 Mbit/s, and 128 Kbit/s respectively, and at the same time limiting the total bandwidth of the user to 5 Mbit/s.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

230

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

Figure 10-15 Model of HQoS based on CAR group

HQoS user service Flow 1 Flow 2 Flow CAR

HQoS user

HQoS user group

CAR based on multiple traffic streams (CAR group)

CAR based on multiple users

Application Scenario
A CAR group can also be used for RSPs, as shown in the following figure. Figure 10-16 Application scenario of CAR group

tag RSP1 a RSP1 b RSP1 a untag QinQ OLT tag RSP1 a RSP2 b RSP2 c untag QinQ ONT RSP2 RG ONT RSP1

a b c

a b c d a

tag RSP1 a RSP2 a RSP3 a untag QinQ ONT RSP3

b c d

RSP: retail service provider

RG: residential gateway

As shown in the preceding figure, users under the same ONT may belong to different RSPs. Different services of the same user are mapped to different traffic streams on the OLT. Given that different service CIRs/PIRs are guaranteed, the total bandwidth of each RSP needs to be
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 231

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

ensured and each service should be allowed to occupy the total bandwidth when a burst occurs in the traffic. To put it simply, rate limitation needs to be performed on the RSP. To do so, a group based on all traffic streams of an RSP can be created, and then the total bandwidth of a user can be limited by limiting the bandwidth of the group. Such is a typical application of CAR group.

Principle
In the upstream direction Figure 10-17 Principle of CAR group (in the upstream direction)
Gem CAR TCONT Flow CAR (trTCM) GPON gem1+c1 Flow1(S+C1) gem2+c2 Flow2(S+C2) gem3+c3 Flow3(S+C3) gem4+c3 Flow4(S+C3) gem5+untag Flow5(S1+C1) RSP2 Flow Group CAR Color-based early drop PQ scheduling of port queues SCU RSP1

RG RSP1 RG RG

C1 C2 C3 C1 C2 C3 C1 C2 C3

ONT

RSP2

STB

untag

RSP: retail service provider STB: set-top box trTCM: two rate three color marker

RG: residential gateway GEM: G-PON encapsulation method

The processing of implementing QoS of upstream traffic streams on the OLT is as follows: l trTCM CAR for traffic streams: The OLT identifies the packets of the specified traffic streams. The OLT colors the packets according to CIR/PIR. Specifically, for the packets whose rate is equal to or lower than CIR, the OLT marks them green (allowed to pass). For the packets whose rate is higher than CIR and lower than PIR, the OLT marks them yellow (allowed to pass). For the packets whose rate is higher than PIR, the OLT drops such packets. l Color-based CAR for flow groups: The OLT identifies the packets of all traffic streams in a flow group. The OLT supports single leaky bucket and supports a threshold for dropping yellow packets to ensure that all green packets are passed. Such can be achieved on the condition that the group PIR configured by the user is larger than the total CIRs of all traffic streams.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 232

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

PQ scheduling and color-based early drop on the upstream port: The OLT schedules packets on the upstream port according to the packet priorities. Packets with a higher priority are scheduled first. The OLT performs color-based early drop to ensure that all green packets among the packets with the same priority are passed.
NOTE

The QoS guarantee processing of the packets in the downstream direction is reverse to that in the upstream direction.

The principles of implementing QoS of upstream traffic streams on the ONT and the OLT are as follows: l ONT The LSW port on the ONT supports PQ scheduling but does not support color-based early drop. When packet congestion occurs on the LSW upstream port, the ONT performs tail drop on the packets. On the ONT, the same type of services of an RSP is mapped to one GEM port, and CAR (single leaky bucket CAR) is performed based on the GEM port. Each GEM port is bound to a T-CONT and the bandwidth of each type of services is guaranteed through the T-CONT. PQ scheduling is performed on the T-CONT (the service CoS priority must be consistent so as to avoid differences in scheduling). l GPON board Each GEM port+CVLAN is mapped to a traffic stream. In the trust mode, the CVLAN CoS priority is copied to the SVLAN; in the un-trust mode, the priority is specified. trTCM CAR is performed on each traffic stream. Color-based two-level CAR (single leaky bucket; supporting a threshold for dropping yellow packets; identifying the color but not the priority) is performed on all stream groups belonging to a user. In the configuration, the following must be ensured: PIR of the stream group CAR total CIRs of all traffic streams. The GPON board performs PQ scheduling and color-based early drop on the upstream port. l SCUN board The SCUN board performs PQ scheduling and color-based early drop on the upstream port. In the downstream direction

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

233

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

Figure 10-18 Principle of CAR group (in the downstream direction)


Gem CAR Flow Group Flow CAR (trTCM) CAR GPON gem1+c1 Flow1(S+C1) gem2+c2 Flow2(S+C2) gem3+c3 Flow3(S+C3) gem4+c3 Flow4(S+C3) gem5+untag Flow5(S1+C1) RSP2 Color-based early drop PQ scheduling of port queues SCU RSP1

RG RSP1 RG RG

C1 C2 C3 C1 C2 C3 C1 C2 C3

ONT

RSP2

STB

untag

Color-based early drop PQ scheduling of port queue

The principles of implementing QoS of downstream traffic streams on the ONT and the OLT are as follows: l SCUN board The SCUN board performs PQ scheduling and color-based early drop on the LSW downstream port, and trusts the CoS priority of downstream packets. Downstream packets need to be colored on the upper-layer device. In actual networks, the upper-layer routers do not support coloring of the packets. In this case, if congestion occurs on the LSW port of the SCUN board, tail drop is performed on the downstream port. It is recommended not to aggregate ports for upstream transmission, and it is recommended to control the downstream traffic of each PON board below 10GE, so as to avoid congestion on the LSW downstream port. l GPON board trTCM CAR is performed on each traffic stream. Color-based two-level CAR (single leaky bucket; supporting a threshold for dropping yellow packets) is performed on flow groups. In the configuration, the following must be ensured: PIR of the stream group CAR total CIRs of all traffic streams. The GPON board performs PQ scheduling and color-based early drop on the egress. l ONT CAR is performed on GEM ports. PQ scheduling is performed on the LSW egress on the ONT. When packet congestion occurs on the port, the ONT performs tail drop on the packets.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

234

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description


NOTE

10 QoS

l One traffic stream can belong to only one group; one group can contain a maximum of eight traffic streams; all traffic streams of a group belong to the same PON port. l The CAR group supports the Type B and Type D protection scenarios. Type D protection switching is based on the ONT. In inter-board protection, to maintain consistency of the data of the two mutually-protected PON boards, the CAR group feature and the Type D feature are required to be mutually exclusive based on the ONT checking. That is, when Type D protection is configured on the ONT, the traffic streams of this ONT and the traffic streams of other ONTs must not belong to the same CAR group and must not be added to the same CAR group.

10.8 QoS Network Application


QoS applications in different networks are similar. The main difference lies in carriers' traffic control requirements, such as requirements for traffic control points. The following describes two typical QoS applications in FTTx.

10.8.1 Typical QoS Application in an FTTH/P2P Network


Figure 10-19 illustrates the typical QoS application in an FTTH/P2P network. In a PON system, QoS is implemented in the following aspects: l l l The upstream bandwidth of ONTs is controlled through DBA. On the OLT, CAR is implemented for traffic streams of VoIP and Internet access services and then CAR-group-based control is implemented for users, achieving HQoS. Generally, the priorities of the VoIP service, multicast service, and Internet access service are configured in descending order.

Figure 10-19 Typical QoS application in an FTTH/P2P network


DHCP server VoIP Video VLAN 100 VLAN 200 300 T-CONT 1 GEM 128 GEM 129 GEM 130 L2/L3 network VPN n S+C: 900: 1 901 902: 1 Flow CAR CAR Group VoIP traffic Video traffic Internet traffic RSP n S+C: 800: 1 801 802: 1

VPN 1

RSP1

VLAN HGW PPPoE/DHCP VoIP

UNI port

Upstream Port

Video VLAN 400 VLAN 500 VLAN HGW PPPoE/DHCP 600

T-CONT 2 GEM 131

GEM 132 GEM 133 ONT OLT

SVLAN: Per service per SP CVLAN: Per customer

Based on the preceding network, Table 10-11 provides the VLAN data plan, Table 10-12 QoS data plan, and Table 10-13 service bandwidth data plan.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 235

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

Table 10-11 VLAN data plan in an FTTH/P2P network SVLAN is the VLAN of a certain service in an RSP, CVLAN is the VLAN of a user, and XVLAN is a user-side VLAN for service differentiation. RSP RSP 1 Service VoIP Multicast Internet RSP 2 VoIP Multicast Internet CVLAN 800 801 802 900 901 902 SVLAN 1 N/A 1 1 N/A 1 XVLAN 100 200 300 400 500 600

Table 10-12 QoS data plan in an FTTH/P2P network Queue Scheduling Mode PQ+WRR Service VoIP Multicast Internet access Priority 6 4 2

Table 10-13 Bandwidth data plan in an FTTH/P2P network RSP Service Service Bandwidth 100 Mbit/s User Upstream Bandwidth CIR: 128 kbit/s PIR: 128 kbit/s Multicast Internet access 400 Mbit/s 500 Mbit/s N/A CIR: 2 Mbit/s PIR: 4 Mbit/s RSP 2 VoIP 100 Mbit/s CIR: 128 kbit/s PIR: 128 kbit/s Multicast Internet access 200 Mbit/s 700 Mbit/s N/A CIR: 2 Mbit/s PIR: 4 Mbit/s User Downstream Bandwidth CIR: 128 kbit/s PIR: 128 kbit/s N/A CIR: 5 Mbit/s PIR: 10 Mbit/s CIR: 128 kbit/s PIR: 128 kbit/s N/A CIR: 10 Mbit/s PIR: 20 Mbit/s

RSP 1

VoIP

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

236

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

10.8.2 Typical QoS Application in an FTTB/FTTC Network


Figure 10-20 illustrates the typical QoS application in an FTTB/FTTC network. In a PON system, QoS is implemented in the following aspects: l l l l Generally, no traffic control is performed on the modem. On the ONU, CAR is implemented for traffic streams of VoIP and Internet access services and upstream bandwidth is controlled through DBA. On the OLT, no bandwidth limitation is required for user services. Generally, the priorities of the VoIP service, multicast service, and Internet access service are configured in descending order.

Figure 10-20 Typical QoS application in an FTTB/FTTC network


DHCP server VoIP Video VLAN 100 VLAN 200 VLAN 300 PPPoE/DHCP VoIP Video VLAN 400 VLAN 500 VLAN 600
HGW HGW

S+C: 800: 1 801 802: 1

S+C: 800: 1 801 802: 1

VPN 1

RSP1

UNI Port

Upstream Port

Upstream Port

L2/L3 network VPN n RSP n

PPPoE/DHCP

Modem

S+C: 900: 1 901 902: 1 DSLAM

S+C: 900: 1 901 902: 1 OLT Flow CAR VoIP traffic Video traffic Internet traffic

S VLAN: Per service per SP C VLAN: Per customer

Based on the preceding network, Table 10-14 provides the VLAN data plan, Table 10-15 QoS data plan, and Table 10-16 service bandwidth data plan. Table 10-14 VLAN data plan in an FTTB/FTTC network SVLAN is the VLAN of a certain service in an RSP, CVLAN is the VLAN of a user, and XVLAN is a user-side VLAN for service differentiation. RSP RSP 1 Service VoIP Multicast Internet RSP 2 VoIP Multicast
Issue 01 (2011-10-30)

CVLAN 800 801 802 900 901

SVLAN 1 N/A 1 1 N/A

XVLAN 100 200 300 400 500


237

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

RSP

Service Internet access

CVLAN 902

SVLAN 1

XVLAN 600

Table 10-15 QoS data plan in an FTTB/FTTC network Queue Scheduling Mode PQ+WRR Service VoIP Multicast Internet access Priority 6 4 2

Table 10-16 Bandwidth data plan in an FTTB/FTTC network RSP Service Service Bandwidth 100 Mbit/s User Upstream Bandwidth CIR: 128 kbit/s PIR: 128 kbit/s Multicast Internet access 400 Mbit/s 500 Mbit/s N/A CIR: 2 Mbit/s PIR: 4 Mbit/s RSP 2 VoIP 100 Mbit/s CIR: 128 kbit/s PIR: 128 kbit/s Multicast Internet access 200 Mbit/s 700 Mbit/s N/A CIR: 2 Mbit/s PIR: 4 Mbit/s User Downstream Bandwidth CIR: 128 kbit/s PIR: 128 kbit/s N/A CIR: 5 Mbit/s PIR: 10 Mbit/s CIR: 128 kbit/s PIR: 256 kbit/s N/A CIR: 10 Mbit/s PIR: 20 Mbit/s

RSP 1

VoIP

10.9 Glossary, Acronyms, and Abbreviations


This topic provides glossary, acronyms, and abbreviations relevant to the QoS feature.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

238

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

Glossary
Table 10-17 Glossary relevant to the QoS feature Term HQoS user Assured bandwidth Burst bandwidth Description An HQoS user, which does not map an actual access user, is a bandwidth guarantee and scheduling unit. An actual access user can map one or more HQoS users, which is determined by the specific service planning. When a user is provided with the assured bandwidth, all the traffic within this bandwidth is allowed to pass. Burst bandwidth refers to the user's traffic that is allowed to exceed the assured bandwidth. The traffic within this bandwidth can pass a port when the port has remaining bandwidth.

Acronyms and Abbreviations


Table 10-18 Acronyms and abbreviations relevant to the QoS feature Acronym/ Abbreviation ONT ONU ODN HQoS CIR PIR CAR CP trTCM PQ WRR WFQ CoS ToS DBA ACL Full Name optical network terminal Optical Network Unit optical distribution network hierarchical quality of service committed information rate peak information rate committed access rate content provider two rate three color marker priority queuing weighted round robin Weighted Fair Queuing Class of Service Type of Service Dynamic Bandwidth Allocation Access Control List

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

239

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

10 QoS

Acronym/ Abbreviation WRED

Full Name Weighted Random Early Detection

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

240

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

11
About This Chapter

Layer 3 Features

This topic describes the network layer (Layer 3) features implemented by the system. 11.1 ARP The Address Resolution Protocol (ARP) is a protocol which is used to convert an IP address to a MAC address. This topic provides introduction to this feature and describes the principle and reference documents of this feature. 11.2 ARP Proxy ARP proxy is a process of handling the ARP requests. This topic provides introduction to this feature and describes the principle and reference documents of this feature. 11.3 DHCP Relay Dynamic Host Configuration Protocol (DHCP) relay enables DHCP clients in different physical subnets to obtain IP addresses that are dynamically allocated from the same DHCP server. 11.4 DHCP Proxy DHCP proxy is a mechanism in which the MA5600T/MA5603T acts as a proxy for processing the DHCP packets exchanged between a DHCP server and a DHCP client. That is, the MA5600T/MA5603T modifies the DHCP packets based on the requirements. 11.5 IP-aware Bridge 11.6 VRRP Snooping VRRP is a fault-tolerant protocol. It allows multiple routers to form a virtual routing device, and provides a mechanism, which ensures that services will be taken over in time by another device once the next hop of a host fails. In this way the continuity and reliability of communication are ensured. VRRP snooping is to snoop (or listen for) VRRP packets. 11.7 Routing Routing is a common term used for describing the path through which the packets from a host in a network travel to a host in another network.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

241

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

11.1 ARP
The Address Resolution Protocol (ARP) is a protocol which is used to convert an IP address to a MAC address. This topic provides introduction to this feature and describes the principle and reference documents of this feature.

11.1.1 Introduction
Definition
The Address Resolution Protocol (ARP) is a protocol which is used to convert an IP address to a MAC address. It belongs to the TCP/IP protocol suite.

Purpose
The IP address represents only the network layer address of a host. If a host in a network needs to send the network layer data to a destination host, the host must know the physical address (MAC address) of the destination host. Therefore, an IP address has to be translated into a MAC address. ARP is used for translating an IP address to a MAC address.

11.1.2 Specifications
When using SCUN, the MA5600T/MA5603T supports 8192 ARP entries, including 512 static entries and 7680 dynamic entries. When using SCUL, the MA5600T/MA5603T supports 4096 ARP entries, including 512 static entries and 3584 dynamic entries. When using SCUB, the MA5600T/MA5603T supports 8192 ARP entries, including 512 static entries and 7680 dynamic entries.

11.1.3 Reference Standards and Protocols


The following lists the reference documents of ARP: l IETF RFC 826: An Ethernet Address Resolution Protocol or Converting Network Protocol Addresses to 48-bit Ethernet Address for Transmission on Ethernet Hardware

11.1.4 Availability
License Support
The ARP feature is the basic feature of the MA5600T/MA5603T. Therefore, no license is required for accessing the corresponding service.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

242

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Version Support
Table 11-1 Version Support Product MA5600T/ MA5603T Version V800R006C02 and later versions

Hardware Support
No additional hardware is required for supporting the ARP feature.

11.1.5 Principle
ARP Mapping List
Every host has a table named the ARP mapping list for converting IP addresses into MAC addresses. The ARP mapping list of a host contains a series of mappings between IP addresses and associated MAC addresses of other hosts that have communicated with this host recently. When a host is started, its ARP mapping list is empty.

Implementation of ARP
ARP enables two hosts in a network to interconnect with each other at Layer 2. Assume that there are two PCs: host A and host B with IP addresses IP_A and IP_B respectively. Host A sends messages to host B in the following way: 1. Host A checks its ARP mapping list for the ARP mapping entry of IP_B. l If host A finds the MAC address of host B, host A encapsulates the IP data packets according to the MAC address and then sends them to host B. l If host A does not find the MAC Address of host B, host A puts the data packets in the ARP waiting queue, initiates an ARP request, and then broadcasts it on the Ethernet. The ARP request contains the IP address of host B and the IP address and MAC address of host A. 2. 3. 4. 5. As the ARP request is broadcasted, all the hosts on the Ethernet can receive it. Only the requested host (host B), however, responds to the request. Host B stores the IP and MAC addresses of the request initiator (host A) contained in the request, in its own ARP mapping list. Host B returns an ARP response containing the MAC address of host B to host A. Such a response is no longer broadcast, but sent to host A directly. After receiving the response, host A extracts the IP address and MAC address of host B, and adds them to its own ARP mapping list. After that, host A transmits all the data packets in the waiting queue destined for host B.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 243

Issue 01 (2011-10-30)

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Static ARP and Dynamic ARP


The manually configured mapping between IP addresses and MAC addresses is known as the static ARP. The mapping between IP addresses and MAC addresses configured dynamically by the ARP protocol is known as the dynamic ARP. In general, the dynamic ARP is needed. The static ARP is needed only when you need to manually adjust the ARP entries. A static ARP entry takes effect when the MA5600T/MA5603T works, while the aging time for a dynamic ARP entry is configurable, the default value is 20 minutes.

11.2 ARP Proxy


ARP proxy is a process of handling the ARP requests. This topic provides introduction to this feature and describes the principle and reference documents of this feature.

11.2.1 Introduction
Definition
When a host sends an ARP request to another host, the request is processed by the access device connected to the two hosts. This process is called ARP proxy.

Purpose
On the MA5600T/MA5603T, ARP proxy is often used for interconnection between sub VLANs in a super VLAN.

11.2.2 Specifications
The MA5600T/MA5603T supports ARP proxy. The MA5600T/MA5603T supports to reply to the ARP request sent from network side (by the edge router).

11.2.3 Reference Standards and Protocols


The following lists the reference documents of ARP proxy: l IETF RFC1027: Using ARP to Implement Transparent Subnet Gateways

11.2.4 Availability
License Support
The ARP proxy feature is the basic feature of the MA5600T/MA5603T. Therefore, no license is required for accessing the corresponding service.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

244

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Version Support
Table 11-2 Version Support Product MA5600T/ MA5603T Version V800R007C00 and later

Hardware Support
No additional hardware is required for supporting the ARP proxy feature.

11.2.5 Principle
As shown in Figure 11-1, PC 1 is in sub VLAN 1, and PC 2 is in sub VLAN 2. They are isolated at Layer 2. PC 1, PC 2 and the virtual Layer 3 interface are in the same subnet. Figure 11-1 Implementation of the ARP proxy
communication Super VLAN Virtual interface Gateway IP: 1.1.1.1/24 MAC: 00-e0-fc-00-00-11 AR P Pr ox y Sub VLAN 2

Layer 3

P AR
Layer 2 Sub VLAN 1

ox Pr

Isolation

PC1 IP: 1.1.1.2/24 MAC: 00-e0-fc-00-00-02

PC2 IP: 1.1.1.15/24 MAC: 00-e0-fc-00-00-15

The following describes how PC 1 and PC 2 communicate with each other. 1. Because PC 1 and PC 2 are in the same subnet, when PC 1 attempts to send packets to PC 2, it broadcasts ARP packets directly to request the MAC address of PC 2. Because PC 1 and PC 2 are in different broadcast domains, PC 1 does not receive the ARP response packet from PC 2.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

245

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

2.

When the MA5600T/MA5603T with the ARP proxy enabled receives the ARP request packets, it sends the MAC address of its virtual Layer 3 interface to PC 1, and searches its ARP mapping list for the MAC address of PC 2. If the ARP mapping list contains the MAC address of PC 2, the packets from PC 1 can be forwarded to PC 2 through the virtual Layer 3 interface. If the ARP mapping list does not contain the MAC address of PC 2, the MA5600T/ MA5603T broadcasts the ARP request packets through its virtual Layer 3 interface to request the MAC address of PC 2. When the MA5600T/MA5603T receives the ARP response packets from PC 2, the MA5600T/MA5603T adds the MAC address of PC 2 to its ARP mapping list. After this, the implementation of the ARP proxy is complete, and PC 1 and PC 2 communicate with each other through the MA5600T/MA5603T.

3. 4.

5.

11.3 DHCP Relay


Dynamic Host Configuration Protocol (DHCP) relay enables DHCP clients in different physical subnets to obtain IP addresses that are dynamically allocated from the same DHCP server.

11.3.1 Introduction
Definition
Dynamic Host Configuration Protocol (DHCP) relay is a process in which cross-subnet forwarding of DHCP packets is implemented between the DHCP client and the DHCP server. DHCP relay enables DHCP clients in different physical subnets to obtain IP addresses that are dynamically allocated from the same DHCP server.

Purpose
DHCP works in client-server mode. l l The DHCP client dynamically requests the configuration data from the DHCP server. The DHCP server dynamically allocates the data including the IP address to the client.

DHCP was initially only suitable for the applications where the DHCP client and the DHCP server were located on the same subnet and could not work across the subnet. Each subnet had to be configured with a DHCP server, which was uneconomical. The introduction of DHCP relay solves this problem. DHCP relay serves as a relay between the DHCP client and the DHCP server, which are located on different subnets. With DHCP relay, DHCP packets can be relayed to the destination DHCP server or client across subnets. In this way, multiple DHCP clients on different networks can use the same DHCP server. This is economical and convenient for centralized management.

11.3.2 Specifications
The MA5600T/MA5603T supports the following DHCPv4 relay specifications: l l DHCPv4 Layer 2 and Layer 3 relay A maximum of 20 DHCPv4 server groups, with an active DHCPv4 server and 1-3 standby DHCPv4 servers in each group
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 246

Issue 01 (2011-10-30)

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Selection of a DHCPv4 server in the following three modes when the MA5600T/ MA5603T implements Layer 3 relay: DHCPv4 Standard mode DHCPv4 option 60 mode MAC address segment mode

l l

A maximum of 128 DHCPv4 option 60 domains A domain name is a case-insensitive character string of 1-32 characters. A maximum of 128 MAC address segments The name of a MAC address segment is a case-insensitive character string of 1-32 characters.

A maximum length of 253 bytes for RID and CID character strings

11.3.3 Reference Standards and Protocols


The DHCP relay feature complies with the following reference standards and protocols: l l RFC 2131: Dynamic Host Configuration Protocol DHCPv4 option 82: RFC 3046

11.3.4 Availability
License Support
The DHCP relay feature is an optional feature of the MA5600T/MA5603T. A license is required for this feature.

Version Support
Table 11-3 Version support for DHCPv4 relay Product MA5600T/ MA5603T Version V800R006C02 and later versions

Feature Dependency
The DHCP relay can be enabled globally or within a VLAN, but cannot be enabled for a board or a port.

Hardware Support
No additional hardware is required for supporting the DHCPv4 relay feature.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

247

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Restrictions
l Connection-oriented traffic streams do not support Layer 3 forwarding, and therefore do not support DHCP Layer 3 relay. If the global DHCP working mode is set to Layer 3 mode, connection-oriented traffic streams transparently transmit DHCP packets at Layer 2. DHCP Layer 3 relay is mutually exclusive with flow bundle, stacking VLAN, and S-VLAN +C-VLAN forwarding.

11.3.5 DHCPv4 Layer 2 Relay Principle


When routing is not available or is disabled on an access device, the device serves only as a bridge device. If some options (for example, option 82, that is, relay agent information option, interface ID option, and remote ID option) that identify user-side interfaces need to be inserted into DHCP messages, DHCP Layer 2 relay is required for the access device. If a DHCPv4 relay agent is used for a DHCPv4 client to send a request to the DHCPv4 server, the DHCPv4 relay agent adds the option 82 into the request. Option 82 supports the proxy of the circuit ID and remote ID, which records the address information of the DHCPv4 client and DHCPv4 relay agent on the DHCPv4 server. When this feature works with other software, DHCPv4 allocation restriction and accounting can be implemented. 1. 2. 3. A DHCPv4 client broadcasts a request when it is initialized. If there is a DHCPv4 server on the LAN, the DHCPv4 client can obtain the IPv4 address directly from the DHCPv4 server. If there is no DHCPv4 server on the LAN, the DHCPv4 relay agent device connected to the LAN processes the request. The DHCPv4 relay agent checks the request for the option 82, and then processes the request in the following ways: l If there is option 82 in the request, the DHCPv4 relay agent processes the request according to the configured policy (replacing the request's option 82 with the relay agent's option 82 or retaining the request's original option 82), and then forwards the request to the DHCPv4 server. l If there is no option 82 in the request, the DHCPv4 relay agent adds its option 82 to the request and forwards the request to the DHCPv4 server.The request contains the MAC address and VLAN of the switch port to which the DHCPv4 client is connected and the MAC address of the DHCPv4 relay agent. 4. After receiving the DHCPv4 request forwarded by the DHCPv4 relay agent, the DHCPv4 server records the information carried in the option field of the request, and then sends the reply packet that carries the DHCPv4 configuration and option 82 back to the DHCPv4 relay agent. After receiving the reply packet from the DHCPv4 server, the DHCPv4 relay agent removes the option 82 from the packet, and then forwards the packet carrying only the DHCPv4 configuration to the DHCPv4 client.

5.

11.3.6 DHCPv4 Layer 3 Relay Principle


1. 2. When a Dynamic Host Configuration Protocol (DHCP) client starts and initializes DHCPv4, it broadcasts the configuration request message on the local area network (LAN). If there is a DHCPv4 server on the LAN, DHCPv4 can be directly configured without the need of DHCPv4 relay.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

248

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

3.

If there is no DHCPv4 server on the LAN, the DHCPv4 relay-enabled device connected to the LAN receives the broadcast packets. The device properly processes the packets and forwards them to a specified DHCPv4 server on another network. The DHCPv4 server configures a DHCPv4 client based on the client's information, and then sends the configuration information to the client. In this way, a DHCPv4 client is dynamically configured.

4.

The MA5600T/MA5603T supports selection of the DHCPv4 server group in the following three modes: l DHCPv4 relay standard mode The DHCP server group is selected based on the interface for receiving DHCP packets. The DHCP server group to which the interface is bound needs to be configured beforehand. In this mode, users are differentiated by VLAN. This is the most common and simplest DHCP relay mode. The disadvantage of this mode is that different service types in the same VLAN cannot be differentiated. This is the default mode in the system. l DHCPv4 option 60 mode The DHCPv4 server group is selected based on the character string (domain name) in the option 60 of DHCPv4 packets. The option 60 domain name and the DHCPv4 server group to which the domain name is bound need to be configured beforehand. In this mode, users are differentiated by the field information contained in the packets. This is a common DHCP relay mode, and in this mode, service types in the same VLAN can be differentiated. l MAC address segment mode The DHCP server group is selected based on the source MAC address of DHCP packets. The MAC address segment and the DHCPv4 server group to which the MAC address segment is bound need to be configured beforehand. In this mode, users are differentiated according to the source MAC address segment of the packets, and service types in the same VLAN can be differentiated.

11.3.7 Networking Application


Figure 11-2 shows the DHCP relay network diagram. Figure 11-2 DHCP relay network
Ethernet DHCP Relay Agent DHCP client DHCP server DHCP client MA5600T/ MA5603T DHCP server DHCP client

In a typical DHCP relay network, there are three roles:


Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 249

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

l l

DHCP client: A device that dynamically obtains IP addresses, or other network configuration parameters. DHCP relay agent: DHCP clients communicate with the DHCP server using multicast addresses within the local link range to obtain IP addresses, or other network configuration parameters. If the server and clients are not in the same link range, the DHCP relay agent is needed for forwarding packets. In this way, the DHCP server is not required for every link range, which reduces costs and facilitates centralized management. DHCP server: A device that allocates IP addresses and other network configuration parameters to DHCP clients.

11.4 DHCP Proxy


DHCP proxy is a mechanism in which the MA5600T/MA5603T acts as a proxy for processing the DHCP packets exchanged between a DHCP server and a DHCP client. That is, the MA5600T/MA5603T modifies the DHCP packets based on the requirements.

11.4.1 Introduction
Definition
DHCP proxy is a mechanism in which the MA5600T/MA5603T acts as a proxy for processing the DHCP packets exchanged between a DHCP server and a DHCP client. That is, the MA5600T/MA5603T modifies the DHCP packets based on the requirements. The DHCP proxy functions are the server ID proxy and the lease time proxy. l Server ID proxy Option 54 in a DHCP packet is called a server identifier (Server ID). The value of the option 54 Server ID is the IP address of a DHCP server and is used to identify the DHCP server. The server ID proxy is a function for modifying option 54 in a DHCP packet so that the IP address of the DHCP server is unavailable to the client. This prevents the attacks initiated by the DHCP client to the DHCP server. l Lease time proxy The lease time of an IP address that a DHCP client applies for is related to options 51, 58, and 59 in a DHCP packet. The lease time proxy is a function for modifying these options in a DHCP packet so that a lease time is available to a client. This lease time is shorter than that directly allocated by the DHCP server, which facilitates the lease time management.

Purpose
Based on different proxy functions, the DHCP proxy addresses different requirements: l Server ID proxy The IP address of the DHCP server can be screened to prevent a DHCP client from attacking the DHCP server. l Lease time proxy The lease time for an IP address available to a DHCP client is long (which is often the case). Therefore, in such a long lease time, the MA5600T/MA5603T is incapable of quickly perceiving whether a user is online. This obstructs the service provisioning.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 250

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

The lease time proxy, however, enables a DHCP client to obtain a shorter lease time for an IP address. The MA5600T/MA5603T with the DHCP proxy function enabled is capable of quickly perceiving whether a user is online or not. Meanwhile, the request packets from the DHCP client for re-leasing an IP address during a short lease time are processed by the MA5600T/ MA5603T and are no longer forwarded to the DHCP server. This decreases the load of the DHCP server in frequently processing the request packets when the short lease time expires.

11.4.2 Specifications
The MA5600T/MA5603T supports the following DHCP proxy specifications: l l l The MA5600T/MA5603T supports up to 4K DHCP clients. The MA5600T/MA5603T supports globally enabling or disabling the DHCP proxy function. The user port and the subtending port support the DHCP proxy function.

11.4.3 Reference Standards and Protocols


The following lists the reference documents of DHCP proxy: l dsl2006[1].127.00: Proposals of DHCP relay improvements

11.4.4 Availability
Version Support
Table 11-4 Version Support Product MA5600T/ MA5603T Version V800R007C00 and later versions

Feature Dependency
The MA5600T/MA5603T DHCP proxy has the following limitations: l When a common security feature is enabled, the MA5600T/MA5603T supports up to 8K DHCP clients. When the DHCP proxy function is enabled, the MA5600T/MA5603T supports only 4K DHCP clients. When the Layer 3 DHCP relay function is enabled, the MA5600T/MA5603T supports the DHCP proxy. When only the Layer 2 DHCP relay function is enabled, the MA5600T/ MA5603T does not support the DHCP proxy.

11.4.5 Principle
Application Scenario
The MA5600T/MA5603T supports the DHCP proxy only when the Layer 3 DHCP relay function is enabled. Both the user port and the subtending port support the DHCP proxy. Figure 11-3 shows an application scenario of the DHCP proxy.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 251

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Figure 11-3 Application scenario of the DHCP proxy

DHCP server

L3 DHCP relay and DHCP proxy are enabled

Router

MA5600T/ MA5603T

L2 LAN switch

DHCP client

DHCP client

Server ID Proxy
The MA5600T/MA5603T with the DHCP proxy function enabled can monitor all the DHCP packets exchanged between a DHCP client and a DHCP server. After the DHCP proxy function is enabled on the MA5600T/MA5603T, the exchange of packets (in the case of the server ID proxy) between the DHCP server and the DHCP client is as shown in Figure 11-4. l In the downstream direction, the MA5600T/MA5603T modifies the value of option 54 in the response packets (including Offer and ACK) sent by the DHCP server to its own IP address. After the DHCP client receives the packets, option 54 in these packets is the IP address of the MA5600T/MA5603T, and the related field in the DHCP packets is always the IP address of the MA5600T/MA5603T hereafter. In the upstream direction, the MA5600T/MA5603T recovers the value of option 54 in the DHCP packets sent from the DHCP client to the IP address of the actual DHCP server.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

252

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Figure 11-4 Exchange of packets between a DHCP server and a DHCP client (server ID proxy)
DHCP client Discover Offer(Server ID=Proxy IP) Stage of applying for an IP address Request(Server ID=Proxy IP) ACK(Server ID=Proxy IP) DHCP proxy Discover Offer(Server ID=Server IP) Request(Server ID=Server IP) ACK(Server ID=Server IP) DHCP server

Message(Server ID=Proxy IP) Other stages with unicast DHCP packets (re-leasing, releasing) Message(Server ID=Proxy IP)

Message(Server ID=Server IP) Message(Server ID=Server IP)

Lease Time Proxy


The MA5600T/MA5603T with the DHCP proxy function enabled can monitor all the DHCP packets exchanged between a DHCP client and a DHCP server. After the DHCP proxy function is enabled on the MA5600T/MA5603T, the exchange of packets (in the case of the lease time proxy) between the DHCP server and the DHCP client is as shown in Figure 11-5. At the stage of applying for an IP address: 1. The DHCP client sends a packet to the DHCP server for requesting the IP address. The DHCP server then sends a response packet and allocates an IP address whose lease time is L1 to the DHCP client. The MA5600T/MA5603T captures the response packet from the DHCP server, modifies the value of L1 in the packet to a shorter lease time (L2) (which is configurable on the MA5600T/MA5603T), and then sends the Offer (Layer 2) packet to the DHCP client. In this way, the lease time for the IP address allocated to the DHCP client is Layer 2.

2.

At the stage of re-leasing an IP address: 1. 2. When the lease time (L2) expires, to re-lease the IP address, the DHCP client sends a request packet to the DHCP server. The MA5600T/MA5603T captures the request packet and determines whether to send the request packet to the DHCP server based on L1. (1) If it is unnecessary to send the request packet to the DHCP server, the MA5600T/ MA5603T directly responds to the request packet and allows the DHCP client to release the IP address. (2) If it is necessary to send the request packet to the DHCP server, the MA5600T/ MA5603T forwards the request packet sent by the DHCP client to the DHCP server.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 253

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

3. 4.

After receiving the request packet, the DHCP server sends the response packet if it approves to re-lease the IP address to the DHCP client. The MA5600T/MA5603T forwards the response packet sent by the DHCP client to the DHCP server. Thus, the DHCP client is allowed to re-lease the IP address. If a DHCP client sends a request for releasing the IP address, the MA5600T/MA5603T forwards the request to the DHCP server. If the MA5600T/MA5603T detects that the lease time (L2) of the DHCP client expires, but fails to receive any request for re-leasing the IP address from the DHCP client, the MA5600T/MA5603T directly sends a request to the DHCP server for releasing the IP address.

At the stage of releasing an IP address: l l

Figure 11-5 Exchange of packets between a DHCP server and a DHCP client (lease time proxy)
DHCP client Discover Stage of applying for an IP address L1=Lease time allocated by the DHCP server L2=Lease time configured by the DHCP proxy L2<<L1 Offer(L2) Request ACK(L2) DHCP proxy Discover Offer(L1) Request ACK(L1) DHCP server

Request ACK Request ACK Stage of re-leasing an IP address (Based on lease time L2) Request ACK Request ACK

Stage of re-leasing an IP address (Based on lease time L1)

Request ACK

Request ACK

Stage of releasing an IP address (The DHCP client requests for releasing the IP address) Stage of releasing an IP address (The DHCP proxy requests for leasing the IP address after L2 expires.)

Release

Release

Release

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

254

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

11.5 IP-aware Bridge


11.5.1 Introduction
Definition
IP-aware bridge is a feature in which an access node can implement Layer 3 forwarding without being configured with an IP address.

Purpose
l l l l To implement Layer 3 forwarding. In this feature, a large number of user MAC addresses can be replaced with the system MAC address of a device for packet forwarding. To identify the destination IP address (IP-aware) of users' traffic streams, and send the traffic streams to the corresponding next hop (traffic split) according to route information. To terminate user-side ARP requests, terminate network-side ARP requests, and respond by using ARP proxy. To implement ARP proxy between users so that users who are in the same VLAN and isolated at Layer 2 can interoperate at Layer 3.

Benefits to Users
Layer 3 forwarding can be implemented without occupying IP addresses or requiring the configuration of IP addresses.

11.5.2 Specifications
l l l l l l SCUN control board: Maximum number of VLANs supporting IP-aware bridge is 64. SCUB control board: Maximum number of VLANs supporting IP-aware bridge is 16. SCUF control board: Maximum number of VLANs supporting IP-aware bridge is 16. Maximum number of virtual IP addresses supported by each VLAN: 8 Interval supported for periodically sending ARP packets: 5-3600s (180s by default) Maximum number of static routes for IP-aware bridge: limited by the system route specification

11.5.3 Availability
License Support
The IP-aware bridge feature is a basic feature of the MA5600T/MA5603T. Therefore, the corresponding service is provided without a license.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

255

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Version Support
Table 11-5 Version support Product MA5600T/ MA5603T Version V800R007C01 and later versions

Limitations
l l l l l l l The IP-aware bridge feature is applicable only to IPoE encapsulation. The IP-aware bridge feature is applicable only to the VLAN with single tag and is not applicable to QinQ VLAN or stacking VLAN. The IP-aware bridge feature is applicable only to the DHCP mode (dynamic IP users). The IP-aware bridge feature does not support dynamic routing protocols (RIP, BGP, OSPF, and IS-IS) or upper-layer protocols such as PIM and NTP. The IP-aware bridge feature is not applicable to the subtending scenario. ARP interoperation is applicable only to users in the same VLAN and is not applicable to super VLAN. ARP interoperation is applicable only to users of the same access node and is not applicable to users of different devices.

11.5.4 Principle
Application Scenario
Figure 11-6 shows the application scenario of IP-aware bridge. Figure 11-6 Application scenario of IP-aware bridge

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

256

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

The DSLAM must meet the following requirements: l l l Converts the user MAC address sent by the CPE into the system MAC address. Sends the traffic streams of users to different ISPs according to the destination IP addresses. Terminates ARP requests: Terminates the ARP requests of users and responds using the system MAC address. Terminates the ARP requests of upper-layer devices to users and responds using the system MAC address. l Does not need an equipment IP address of its own. The DSLAM can query the IP address through the CPE.

Principle Description
Figure 11-7 shows the flow of Layer 3 forwarding of IP-aware bridge in the upstream direction, and Figure 11-8 shows that in the downstream direction.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

257

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Figure 11-7 Flow of Layer 3 forwarding in the upstream direction

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

258

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Figure 11-8 Flow of Layer 3 forwarding in the downstream direction

Key Points of the Feature


VLAN-based IP-aware bridge l l l l VLAN-based IP-aware bridge is similar to Layer 3 forwarding but does not occupy IP addresses. The access node has the interface MAC address (system MAC address). The access node supports static routes but does not support dynamic routing protocols. The VLAN can be associated with the VRF (VPN instance). The routing entry and IP address take effect within a VRF.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 259

Issue 01 (2011-10-30)

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

DHCP snooping l l The access node performs DHCP Layer 2 relay to monitor the IP address application process of users and record the IP address information about users. User-side ARP entries are generated according to the DHCP snooping results.

Sending the source IP address of ARP requests to the network side There are two modes. l The first mode: sending ARP requests by using a user IP address (default mode)
NOTE

ARP requests are not sent to the next hop when a valid user IP address does not exist. After a user goes offline (the IP address is released), the user IP address will not be used. Instead, another valid user IP address will be used.

The second mode: sending ARP requests by using a virtual IP address or all-zero IP address (optional mode) When the user RG and the access node next hop do not belong to the same subnet, some network equipment does not respond to ARP requests. In this case, ARP requests need to be sent using a virtual IP address or all-zero IP address as the source IP address. Each VLAN enabled with IP-aware bridge can be configured with eight virtual IP addresses (corresponding to eight subnets). When a corresponding virtual IP address is not available, 0.0.0.0 is used as the source IP address (this method is also called dummy ARP).

Proxy response to user-side and network-side ARP requests l For user-side ARP requests (destination IP address is the user gateway, that is, the networkside equipment of the access node, such as the BRAS) The access node terminates user-side ARP requests and responds by using its own MAC address (system MAC address). l For network-side ARP requests (destination IP address is the user IP address) The access node terminates network-side ARP requests and responds by using its own MAC address (system MAC address). User-side ARP interoperation l l By default, the users in the same VLAN do not interoperate with each other. After global ARP proxy is enabled, users can interoperate at Layer 3.

11.6 VRRP Snooping


VRRP is a fault-tolerant protocol. It allows multiple routers to form a virtual routing device, and provides a mechanism, which ensures that services will be taken over in time by another device once the next hop of a host fails. In this way the continuity and reliability of communication are ensured. VRRP snooping is to snoop (or listen for) VRRP packets.

11.6.1 Introduction
Definition
Virtual Router Redundancy Protocol (VRRP) is a fault-tolerant protocol. It allows multiple routers to form a virtual routing device, and provides a mechanism, which ensures that services
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 260

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

will be taken over in time by another device once the next hop of a host fails. In this way the continuity and reliability of communication are ensured. VRRP snooping is to snoop (or listen for) VRRP packets. According to VRRP packets the listening device can confirm the port to which the upstream master router is connected. Then, the listening device will transmit the unicast service stream to the master router and at the same time transparently transmit the VRRP packets of any of other routers to another router in the same VRRP group.

Purpose
To enhance system reliability, the MA5600T/MA5603T is directly dual-homed to two or more BRASs in the upstream direction, and the BRASs run the VRRP protocol. When the MA5600T/ MA5603T works in the SVLAN+CVLAN forwarding mode and MAC address learning is disabled, the upstream ports of the MA5600T/MA5603T need to be isolated from each other in order to prevent unknown unicast broadcast storm. However, when the upstream ports are isolated, the upstream BRASs cannot interoperate VRRP packets. VRRP snooping is adopted for forwarding VRRP packets because VRRP snooping enables the BRASs to interoperate VRRP packets so that the BRASs can run VRRP normally. To prevent asynchronous VRRP status, Huawei develops the VRRP Group Management Protocol (VGMP), which is extended based on VRRP. VGMP manages the VRRP status of each backup group in a unified manner. VGMP provides a mechanism for managing the status synchronization, preemption, and channels of multiple VRRP backup groups. When the MA5600T/MA5603T works in the SVLAN+CVLAN mode, the VGMP protocol may fail to run if the upstream ports are isolated. To enable the BRASs to interoperate VGMP packets, the MA5600T/MA5603T can transparently transmit VGMP packets.

11.6.2 Specifications
The specifications of the VRRP snooping feature are as follows: l l l l l l Listens for up to 16 virtual router instances. Listens for up to 4 upstream ports. Processes 100 VRRP protocol packets per second. Collects, queries, and deletes the statistics of VRRP packets. Supports configuration of listening ports on the ports on the control board and GIU boards. Transparently transmits all VGMP packets.

11.6.3 Reference Standards and Protocols


The reference standards and protocols of this feature are as follows: l l RFC3768, Virtual Router Redundancy Protocol (VRRP) RFC2787, Definitions of Managed Objects for the Virtual Router Redundancy Protocol

11.6.4 Availability
License Support
This feature is provided without a license.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 261

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Version Support
Table 11-6 lists the versions that support VRRP snooping. Table 11-6 Base version supporting VRRP snooping Product MA5600T/MA5603T Version V800R008

Hardware Support
Control boards supporting VRRP snooping: SCUN and SCUL. Upstream ports supporting VRRP snooping: ports the GIU boards and the SCUN control board.

Limitations
l The MA5600T/MA5603T must be directly connected to the BRAS, and no devices can be connected in between. The listening port must not be an aggregated port, a port for protection switching, or an MSTP port. This feature requires the upstream router to be configured with the VRRP protocol and to receive and transmit packets as specified by the protocol. When the upstream ports in the SVLAN+CVLAN forwarding mode are isolated, the two upstream routers are interoperating only the VRRP or the VGMP protocol.

l l

11.6.5 Principle
Basic Principle of VRRP Snooping
In a network, the failure of a single router may cause failure of the entire network. To address this problem, multiple VRRP-running routers on the upper layer of the MA5600T/MA5603T can form a set of virtual routers. Thus, another router will automatically take over the forwarding service if the master router fails. Viewed from the MA5600T/MA5603T there is still only one router, but this router may be interconnected to two upstream ports of the MA5600T/ MA5603T. When the path switches from one port to the other, the upstream router will send free ARP packets to update the forwarding path.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

262

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Figure 11-9 Network topology of VRRP snooping

As shown in Figure 11-9, to solve the problem of MAC address insufficiency, the MA5600T/ MA5603T adopts the SVLAN+CVLAN forwarding mode. In this forwarding mode, MAC address learning needs to be disabled, and the upstream ports of the MA5600T/MA5603T need to be isolated to avoid broadcast storm of unknown unicast packets. After the upstream ports of the MA5600T/MA5603T are isolated, the multiple upstream routers directly connected to the MA5600T/MA5603T cannot forward VRRP packets to each other through the upstream port of the MA5600T/MA5603T. The result will be that the routers fail to run the VRRP protocol. To address this problem, the MA5600T/MA5603T needs to employ software forwarding in order to implement VRRP protocol packet exchange between the isolated ports. When MAC address learning is disabled, packets going upstream may be forwarded to the two upstream ports at the same time, which is a waste of bandwidth. In this case, a static MAC address needs to be configured so that unicast packets are forwarded to the master router only. The MA5600T/MA5603T listens to VRRP packets and free ARP packets to learn the upstream port to which the master router is currently connected. By using the static MAC address, the MA5600T/MA5603T forwards Layer 2 service data to this upstream port. When the router sends free ARP packets to the MA5600T/MA5603T for switching the forwarding path, the free ARP packets may be lost due to network reasons. If ARP packets are lost, the MA5600T/MA5603T listens to VRRP packets to update the ARP entry. This prevents a condition where Layer 3 forwarding services are interrupted for a long time because the forwarding path is not updated in time.

VRRP Snooping in the VLAN+MAC Forwarding Mode


In the VLAN+MAC forwarding mode, the two routers to which the MA5600T/MA5603T is dual-homed can run the VRRP protocol without additional processing on the MA5600T/ MA5603T as long as the following condition is met: The two upstream ports connected to the two routers can interoperate, which allows for normal forwarding of VRRP packets between the two routers. When the network condition is good, or when the MA5600T/MA5603T needs not consider the loss of free ARP packets (a router may provide for retransmission of free ARP packets), VRRP snooping needs not be enabled on the MA5600T/MA5603T when the MA5600T/MA5603T runs in the VLAN+MAC forwarding mode.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 263

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

11.6.6 Glossary, Acronyms, and Abbreviations


Glossary
Table 11-7 Glossary of VRRP snooping Term VRRP router Virtual router Virtual IP address IP address owner Explanation A router that runs the VRRP protocol. This router may belong to one or more virtual routers. An abstract device managed through VRRP, also called a VRRP backup group. It is used as the default gateway of the hosts in a shared LAN. A virtual router carries a virtual router ID and a set of virtual IP addresses. The IP address of a virtual router. A virtual router may have one or more IP addresses, which are configured by the operator. A VRRP router is regarded as an IP address owner if this router uses the IP address of the virtual router as a real interface address. When working in the normal state, the IP address owner responds to packets addressed to the virtual IP address for ICMP pings and TCP connections. A MAC address generated by the virtual router according to the virtual router ID. A virtual router has one virtual MAC address in the format of 00-00-5E-00-01-{VRID}. A virtual router responds to ARP requests using the virtual MAC address instead of the real MAC address of the interface. An IP address selected from the real interface IP addresses. The first configured IP address is usually selected. VRRP advertisements are sent using the primary IP address as the source address of the IP packet. The VRRP router that assumes the responsibility of forwarding packets or responding to ARP requests. All the packets forwarded by the master router are sent to the virtual IP address. If the IP address owner is available, it always becomes the master router. A set of VRRP routers ready to assume the forwarding responsibility if the master router fails. A mode in which a backup router with a higher priority than the current master router voluntarily becomes a master router.

Virtual MAC address Primary IP address Master router

Backup router Preemption mode

Acronyms and Abbreviations


Table 11-8 Acronyms and abbreviations of VRRP snooping Acronym/ Abbreviati on VRRP
Issue 01 (2011-10-30)

Full Spelling

Virtual Router Redundancy Protocol


Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 264

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Acronym/ Abbreviati on VGMP

Full Spelling

VRRP Group Management Protocol

11.7 Routing
Routing is a common term used for describing the path through which the packets from a host in a network travel to a host in another network.

11.7.1 Introduction
Definition
Routing is a common term used for describing the path through which the packets from a host in a network travel to a host in another network. Routers send packets on the Internet. A router selects a suitable path in a network according to the destination address included in a received packet, and sends the packet to the next router on the path. In this way, the packet travels over the Internet Until it reaches the destination host.

Purpose
The access equipment, serving as a basic element in the entire telecom network, must support the functions of remote operation, management and maintenance on the equipment itself. With the development of small-size access equipment that can be managed remotely, the access equipment needs to feature the functions of a BRAS, such as allocation of network addresses and user management. In this way, the access equipment must support the routing feature. A MA5600T/MA5603T can also serve as a router.

11.7.2 Reference Standards and Protocols


The following lists the reference documents of routing: l l l l l RFC 2453, Routing Information Protocol RFC 2328, Open Shortest Path First RFC 3784, IS-IS extensions for Traffic Engineering RFC 1771, A Border Gateway Protocol 4 (BGP-4) IETF RFC 2764: A Framework for IP Based Virtual Private Networks

11.7.3 Availability
Hardware support
No additional hardware is required for supporting the routing feature.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 265

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

License support
The dynamic routing function of the MA5600T/MA5603T is under license. Therefore, the license is required for accessing the corresponding service.

VRF Limitation
l l Any two VRFs cannot communicate with each other. The Layer 3 features such as AAA, RADIUS, voice features, MPLS, multicast, NTP, and ACL do not support configuring VRF.

11.7.4 Specifications
The MA5600T/MA5603T supports both static routes and dynamic routes. The dynamic routing protocols supported are as follows: l MA5600T Static RIP OSPF Default IS-IS BGP Equal and Weighted Cost Multi-Path (ECMP) l MA5603T Static RIP OSPF Default

11.7.5 Principle
Working Principle of Routers
The router logically takes the path through which a packet travels from the network ingress to the network egress as a route unit; this is called a hop. The path that a hop covers is called a route segment. As shown in Figure 11-10, the packets from Host PC_A travel through three networks and two routers until they reach Host PC_C and the hop count is three. If one node is connected to another through a network, the two nodes are adjacent on the Internet. Similarly, adjacent routers mean that these routers are connected to the same network. The hop count from a router in a network to a host in the same network is zero. Figure 11-10 shows the working principle of routers.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

266

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Figure 11-10 Working principle of routers


Router Router Route segment Router Router Router PC_C PC_B

PC_A

Routing Table
Each router maintains a routing table. The routing table is key for forwarding packets. The route entries in the table are used for the following: l l Through which physical interface of the router a packet can be forwarded to a specific subnet or host so as to reach the next router along the path. Whether the packet can be sent to the destination host in an interconnected network without passing through other routers.

The routing table contains the following key entries: l Destination address The destination address is a 32-bit character that labels the destination IP address or destination network of an IP packet. l Subnet mask The subnet mask consists of a sequence of "1"s, and can be expressed in dotted decimal format or as the total number of consecutive "1"s. The mask is used with the destination address to identify the subnet address of the destination host or router. To obtain the subnet address of the destination host or router, perform an AND operation for the destination address and the subnet mask. For example, if a router' s destination address and subnet mask are 129.102.8.10 and 255.255.0.0, respectively, the router' s subnet address is 129.102.0.0. l l l Output interface The output interface specifies the interface of a router for IP packet forwarding. Next hop IP address The next hop IP address indicates the next router through which an IP packet will pass. Route priority The route with the highest priority (smallest value) will be the optimal one. You can configure multiple routes with different priorities to the same destination, but only one route is selected based on the priority for IP packet forwarding.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 267

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

cost: Indicates the cost of reaching the destination.

Route Classification
Based on the destination, routes can be classified as: l l Subnet route: Its destination is a subnet. Host route: Its destination is a host.

Based on the connection between the destination and the router, routes can be classified as: l l Direct route: Its destination network is directly connected to the router. Indirect route: Its destination network is not directly connected to the router.

To avoid large routing tables, a default route can be assigned. Once a packet fails to find a dedicated route in the routing table, the default route is selected for forwarding the packet. Figure 11-11 and Table 11-9 shows some interconnected networks. The digits in each network represent the IP address of the network. Router 8 is connected to three networks. Therefore, it has three IP addresses and three physical ports. Figure 11-11 Interconnected networks
16.0.0.1 15.0.0.2 16.0.0.0 16.0.0.3

R6
16.0.0.2

R7

10.0.0.2

15.0.0.0 15.0.0.1 13.0.0.2

R5
13.0.0.3

10.0.0.0

2 3 R8 13.0.0.0 R2 1 11.0.0.1 14.0.0.2 13.0.0.4 13.0.0.1 11.0.0.0 14.0.0.0 R3 10.0.0.1

14.0.0.1

R1

12.0.0.2 12.0.0.0

R4
11.0.0.2 12.0.0.1

12.0.0.3

Table 11-9 Routing table of Router 8 Subnet of the Destination Host 10.0.0.0 11.0.0.0 12.0.0.0 13.0.0.0 14.0.0.0
Issue 01 (2011-10-30)

Forward or Forward from... Directly Directly 11.0.0.2 Directly 13.0.0.2

Through Port... 2 1 1 3 3
268

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Subnet of the Destination Host 15.0.0.0 16.0.0.0

Forward or Forward from... 10.0.0.2 10.0.0.2

Through Port... 2 2

Routing Management Policy


The MA5600T/MA5603T supports the configuration of static routes and the dynamic routing protocols such as RIP, OSPF and BGP/IS-IS. The MA5600T/MA5603T manages the static and dynamic routes in a unified manner. The static routes and the routes discovered by the routing protocols such as RIP and OSPF can be shared.

Routing Protocols and Routing Priority


The current route to a specific destination at a specific moment can only be determined by one routing protocol. Each routing protocol (including the static routing protocol) is allocated a priority. When multiple route sources exist, the route discovered by the routing protocol with the highest priority becomes the current route. Table 11-10 lists various routing protocols and the default priorities of the routes discovered by them. Table 11-10 Routing protocols and their default routing priorities Routing Protocol DIRECT OSPF INTERNAL EIGRP STATIC RIP OSPF ASE EXTERNAL EIGRP IBGP EBGP UNKNOWN Routing Priority 0 10 50 60 100 150 160 256 256 255

The smaller the value, the higher the priority. In this table, "0" indicates the direct route, and "255" indicates any route from an untrusted source. You can define the priorities for all dynamic routing protocols except the direct route (DIRECT) and the BGP (IBGP, EBGP). In addition, the priorities of any two static routes can be different.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 269

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Route Sharing
Different routing protocols can find different routes as they use different algorithms. Therefore, a problem arises, that is, how to share the routes discovered by various routing protocols. A routing protocol might need to import routes discovered by other protocols to diversify its own routes. However, a protocol only needs to import qualified routes by setting attributes of the routes to be imported. To realize a route policy, you must define the attributes of the routes to which the route policy is to be applied, such as the destination address, and the address of the router distributing routes. You can define the matching rules in advance so that they can be applied in a route policy for route distribution, reception and importing. The MA5600T/MA5603T supports importing the routes discovered by one protocol to another protocol. Each protocol has its own route importing mechanism.

Filters
The following describes the several filters used by the MA5600T/MA5603T. l ACL An ACL is defined with a specified IP address and subnet range for identifying routes with the desired destination segment address or next hop address. l Address prefix list An address prefix list is similar to an ACL in functions, but is more flexible and comprehensible. When applied to filter routes, the address prefix list targets at the destination address fields. Identified by name, an address prefix list contains multiple entries. Each entry specifies a matching range and is identified with index-number. Index-number also specifies the matching order. In the process of matching, the router checks every entry identified with index-number in the ascending order. If the route matches one entry, it means that the route matches the address prefix list, and comparison with next entry is unnecessary. l Route policy Route policy is a sophisticated filter to identify routes with the desired attributes and modify some attributes if conditions are satisfied. Route policy can define its own match rules using other filters. A route policy consists of several nodes (matching units). The node number is also the matching order. Every node consists of if-match clause and apply clause. if-match clause defines the matching order. The objects of the matching are some attributes of the routes. The relationship between two if-match clauses of a node is "and." The match test can be considered as pass-through only when all if-match clauses of a node are satisfied. Apply clause specifies the action to be taken when node match test is conducted, that is, set some attributes of the routes. The relationship between nodes of a route policy is "or." The system checks every node of a route policy. If one node passes the match test, it means that the route policy passes the match test, and match test for next node is not required.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 270

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Applications of the Routing Policy


The two applications of the routing policy are as follows: l l When importing routes discovered by other protocols, a routing protocol can apply this filter to obtain the required routes. When transmitting or receiving routes, a routing protocol can apply the filter so that only the required routes are transmitted or received.

11.7.6 Static Route


11.7.6.1 Introduction to Static Routes Definition
Static routes need to be manually configured by the administrator.

Purpose
On a simple network, the administrator just needs to configure static routes so that the network can run properly. Properly configuring and using static routes can improve network performance and guarantee the required bandwidth for important applications. When a network fault occurs or the network topology changes, however, static routes cannot automatically change and must be changed manually by the administrator.

11.7.6.2 Specifications
l IPV4: When using SCUN, the MA5600T/MA5603T supports up to 5120 routes, including 4096 static routes (max). When using SCUL, the MA5600T/MA5603T supports up to 1024 routes, including 1000 static routes (max). When using SCUB, the MA5600T/MA5603T supports up to 5120 routes, including 4096 static routes (max). When using SCUF, the MA5600T/MA5603T supports up to 5120 routes, including 4096 static routes (max).

11.7.6.3 References
None.

11.7.6.4 Components of Static Routes


On the MA5600T/MA5603T, you can run the ip route-static command to configure a static route, which consists of the following: l l
Issue 01 (2011-10-30)

Destination Address and Mask Outbound Interface and Next-Hop Address


Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 271

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Destination Address and Mask


In the ip route-static command, the IPv4 address is expressed in dotted decimal notation, and the mask is expressed in dotted decimal notation or represented by the mask length (the number of consecutive 1s in the mask).

Outbound Interface and Next-Hop Address


When configuring a static route, you can specify an outbound interface, a next-hop address, or both the outbound interface and the next hop-address as required. Actually, each routing entry requires a next-hop address. Before sending a packet, a device needs to search its routing table for the route matching the destination address in the packet by using the longest match rule. The device can find the associated link layer address to forward the packet only after the next-hop address of the packet is specified.

11.7.6.5 Applications of Static Routes


As shown in Figure 11-12, the network topology is simple, and network communication can be implemented through static routes. It is required to specify an address for each physical network, identify indirectly-connected physical networks for each Router, and configure static routes for the indirectly-connected physical networks. Figure 11-12 Networking diagram of static routes

2 1 RouterA

RouterB

4 5 RouterC

In Figure 11-12, static routes to networks 3, 4, and 5 need to be configured on Router A; static routes to networks 1 and 5 need to be configured on Router B; static routes to networks 1, 2, and 3 need to be configured on Router C.

Default Static Route


When the ip route-static command is run to configure a static route, if the destination address and the mask are set to all 0s (0.0.0.0 0.0.0.0), it indicates that a default route is configured. This simplifies the network configuration. In Figure 11-12, because the next hop of the packets sent by Router A to networks 3, 4, and 5 is Router B, a default route can be configured on Router A to replace the three static routes destined for networks 3, 4, and 5 in the preceding example. Similarly, only a default route from Router C to Router B needs to be configured to replace the three static routes destined for networks 1, 2, and 3 in the preceding example.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 272

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Floating Static Routes


Different static routes can be configured with different preferences so that routing management policies can be flexibly applied. Specifying different preferences for multiple routes to the same destination can implement route backup. As shown in Figure 11-13, there are two static routes from Router A to Router C. Normally, in the routing table, only the static route with the next hop being Router B is in the Active state because this route has a higher preference. The other static route with the next hop being Router D functions as a backup route. The backup route is activated to forward data only when the primary link becomes faulty. After the primary link recovers, the static route with the next hop being Router B becomes active to forward data. Therefore, the backup route is also called a floating static route. The floating static route becomes ineffective when a fault occurs on the link between Router B and Router C. Figure 11-13 Networking diagram of a floating static route

RouterB

Preference=60 Preference=100

RouterA

RouterC

RouterD

Load Balancing Among Static Routes


Specifying the same preference for multiple routes to the same destination can implement load balancing. As shown in Figure 11-14, there are two static routes with the same preference from Router A to Router C. The two routes exist in the routing table and forward data at the same time. Figure 11-14 Load balancing among static routes RouterB

Preference=60 Preference=60 RouterC

RouterA

RouterD
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 273

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

11.7.6.6 BFD for Static Routes


Different from dynamic routing protocols, static routes do not have a detection mechanism. As a result, when a fault occurs on the network, the administrator needs to handle it. Bidirectional Forwarding Detection (BFD) for static route is introduced to bind a static route to a BFD session so that the BFD session can detect the status of the link where the static route resides. After BFD for static route is configured, each static route can be bound to a BFD session. l If the BFD session on the link of a static route detects that the link changes from Up to Down, BFD reports it to the system. Then, the system deletes the route from the IP routing table. When a BFD session is established on the link of a static route or the BFD session changes from Down to Up, BFD reports it to the system. Then, the system adds the route to the IP routing table.

BFD for static route has one mode: l Single-hop detection For a non-iterated static route, the configured outbound interface and next-hop address are the information about the directly connected next hop. In this case, the outbound interface bound to the BFD session is the outbound interface of the static route, and the peer address is the next-hop address of the static route.
NOTE

If the next hop of a route is not directly reachable, the route cannot be used for packet forwarding. Based on information about the current next hop of this route, the system will calculate an actual outbound interface and an actual next hop. This process is called route iteration. In the display ip routing-table command output, if the Flags value of a route is displayed R, the route is an iterated route. Otherwise, the route is not an iterated route.
NOTE

Only IPv4 supports BFD for static routing.

11.7.6.7 Terms and Abbreviations Terms


None.

Abbreviations
Abbreviatio n BFD Full Spelling Bidirectional Forwarding Detection

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

274

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

11.7.7 RIP
RIP is a dynamic routing protocol based on the V-D algorithm. Based on RIP, the routing information is exchanged through UDP data packets. This topic provides introduction to this feature and describes the principle of this feature.

11.7.7.1 Introduction to RIP Definition


RIP is short for Routing Information Protocol. RIP is a simple Interior Gateway Protocol, mainly used in small-scale and simply-structured networks such as campus networks and regional networks. RIP is not suitable for complex environments or large-scale networks. RIP is based on the Distance-Vector (DV) algorithm. It exchanges routing information through User Datagram Protocol (UDP) packets. The port number used by RIP is 520. RIP employs Hop Count (HC) to measure the distance to the destination. The distance is called the metric value. In RIP, the default HC from a router to its directly connected network is 0,and the HC from a router to a network that is reachable through another router is 1, and so on. That is to say, the HC equals the number of routers passed from the local network to the destination network. To speed up the convergence, RIP defines the HC as an integer that ranges from 0 to 15. The HC equal to or greater than 16 is defined as infinity, that is, the destination network or the host is unreachable. RIP, therefore, is not applied to large-scale networks. To improve the performance and to prevent routing loops, RIP supports split horizon and poison reverse.

Purpose
As an earliest IGP, RIP is used in small-scale networks that support RIP. The implementation of RIP is simple. The configuration and maintenance of RIP are easier than those of the Open Shortest Path First (OSPF) and Intermediate System-to-Intermediate System (IS-IS) protocols. RIP is thus widely used.

11.7.7.2 Specifications
l l l l When using SCUN, the MA5600T/MA5603T supports up to 5120 RIP routes. When using SCUL, the MA5600T/MA5603T supports up to 1024 RIP routes. When using SCUB, the MA5600T/MA5603T supports up to 5120 RIP routes. The MA5600T/MA5603T is able to exchange RIP route information with the user-side, cascading-side, and network-side devices.

11.7.7.3 References
The following table lists the references of this document. Document RFC1058 Description This document describes RIP protocol, describes the elements, characteristic, limitation of RIP version 1.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

Remar ks -

Issue 01 (2011-10-30)

275

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Document RFC2453

Description This document specifies an extension of the Routing Information Protocol (RIP), as defined in [1], to expand the amount of useful information carried in RIP messages and to add a measure of security.

Remar ks -

11.7.7.4 RIP-1
RIP-1, that is, RIP version 1, is a classful routing protocol. It supports the advertisement of protocol packets only in broadcast mode. Figure 11-15 shows the packet format.A RIP packet can carry a maximum of 25 entries. RIP is based on UDP, and a RIP-1 data packet cannot be longer than 512 bytes. The RIP-1 protocol packet does not carry any mask, so it can identify only the routes of the natural network segment such as Class A, Class B, and Class C. RIP-1, therefore, does not support route aggregation or discontinuous subnet. Figure 11-15 RIP-1 packet format 0 Header 7 Version 15 Must be zero Must be zero 31

Command Address family identifier

Route Entries

IP address Must be zero Must be zero Metric

11.7.7.5 RIP-2
RIP-2, that is, RIP version 2, is a classless routing protocol. Figure 11-16 shows the packet format. Figure 11-16 RIP-2 packet format

0 Header Command

7 Version Address Family Identifier

15 Must be zero Route Tag

31

IP Address Route Entries Subnet Mask Next Hop Metric

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

276

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Compared with RIP-1, RIP-2 has the following advantages: l l l l l It supports route tag and can flexibly control routes on the basis of the tag in the routing policy. Its packets contain mask information and support route aggregation and Classless Interdomain Routing (CIDR). It supports the next hop address and can select the optimal next hop address in the broadcast network. It uses multicast routes to send update packets. Only RIP-2 routers can receive protocol packets. This reduces the resource consumption. To enhance the security, RIP-2 provides two authentication modes to enhance security: plain-text authentication and MD5 authentication.

11.7.7.6 Timer
RIP mainly uses three timers: l l l Update timer: The timer triggers the sending of update packets every 30s. Age timer: If a RIP router does not receive any update packet from its neighbors in the aging time, the RIP router considers the route to its neighbors unreachable. Garbage-Collect timer: If the route is no longer valid after the timer times out, the entry is removed from the RIP routing table.

The following describes the relationship among the three timers: The advertisement of RIP routing update is triggered by the update timer every 30 seconds. Each entry is associated with two timers, the age timer and the garbage-collect timer. When a route is learned and added in the routing table, the age timer is initialized. If no Update packet is received from the neighbor for 180 seconds, the metric of the route is set to 16 (specifying the route as unreachable). At the same time, the garbage-collect timer is initialized. If no Update packet is received for 120 seconds, the entry is deleted after the garbage-collect timer times out.

11.7.7.7 Split Horizon


The principle of split horizon is that a route learnt by RIP on an interface is not sent to neighbors from the interface. This reduces bandwidth consumption and avoids route loops. Figure 11-17 Schematic diagram of split horizon

10.0.0.0/2
RouterA RouterB

10.0.0.0/2

As shown in Figure 11-17, Router B sends a route to 10.0.0.0 to Router A and Router A does not send the route back to Router B.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 277

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

11.7.7.8 Poison Reverse


The principle of poison reverse is that RIP sets the cost of the route learnt from an interface of a neighbor to 16 (specifying the route as unreachable) and then sends the route from the interface back to the neighbor. In this way, RIP can delete useless routes from the routing table of the neighbor. Poison reverse of RIP can also avoid route loops. Figure 11-18 Schematic diagram of poison reverse
10.0.0.0/8 RouterA cost=16 cost=1 10.0.0.0/8 RouterB

As shown in Figure 11-18, if poison reverse is not configured, Router B sends Router A a route that is learnt from Router A and the cost of the route from Router A to network 10.0.0.0 is 1. If the route from Router A to network 10.0.0.0 is unreachable and Router B keeps sending Router A routes to network 10.0.0.0 because Router B fail to receive the route update packet from Router A, a route loop forms. If Router A sends Router B a message that the route is unreachable after receiving a route from Router B, Router B no longer learns the reachable route from Router A, thus avoiding route loops. If both poison reverse and split horizon are configured, simple split horizon (the route learnt from an interface is not sent back through the interface) is replaced by poison reverse.

11.7.7.9 Triggered Update


Triggered update occurs when the local routing information changes and the local router immediately notifies its neighbors of the changes of routing information by sending the triggered update packet. Triggered update shortens the network convergence time. When the local routing information changes, the local router immediately notifies its neighbors of the changes of routing information rather than waiting for periodical update.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

278

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Figure 11-19 Schematic diagram of triggered update

The network to 11.4.0.0 fails. 11.1.0.0 E0 S0 RouterA RouterC E0 S0 11.2.0.0 S0 11.3.0.0

The network to 11.4.0.0 fails.

RouterB S1

The network to 11.4.0.0 fails. 11.4.0.0

As shown in Figure 11-19, when network 11.4.0.0 is unreachable, Router C learns the information first. Usually, the route update message is sent to neighbors every 30s. If the update message of Router B is sent to Router C when Router C is waiting for the route update message, Router C learns the faulty route to network 11.4.0.0 from Router B. In this case, the routes from Router B or Router C to network 11.4.0.0 point to Router C or Router B respectively, thus forming a route loop. If Router detects a network fault and immediately sends a route update message to Router B before the new update interval reaches. Consequently, the routing table of Router B is updated in time, and routing loops are avoided. There is another mode of triggering updates: The next hop of the route is unavailable because the link is faulty. The local device needs to notify neighboring device about the unreachability of this route. This is done by setting the cost of the route as 16 and advertising the route. This is also called route-withdrawal.

11.7.7.10 Route Aggregation


When different subnet routes in the same natural network segment are transmitted to other network segments, these routes are aggregated into one route of the same segment. This process is called route aggregation. RIP-1 packets do not carry mask information, so RIP-1 can advertise only the routes with natural masks. RIP-2 packets carry mask information, so RIP-2 supports subnetting. RIP-2 route convergence can improve extensibility and efficiency and minimize the routing table of a large-scale network. Route convergence is classified into two types as follows: l Classful convergence based on RIP processes: Aggregated routes are advertised with natural masks. When split horizon or poison reverse is configured, classful aggregation becomes invalid due to the following reasons: split
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 279

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

horizon and poison reverse suppress routes to be advertised and when classful aggregation is configured, an aggregated route may be the aggregation result of routes from different interfaces. As a result, a conflict occurs on the aggregated route in advertisement. For example, router 10.1.1.0 /24 (metric=2) and router 10.1.2.0 /24 (metric=3) are aggregated as an aggregated route (10.0.0.0 /8(metric=2)) in the natural network segment. RIP-2 aggregation is classful, thus obtaining the optimal metric. l Interface-based aggregation: A user can specify an aggregation address. For example, router 10.1.1.0 /24(metric=2) and router 10.1.2.0 /24 (metric=3) are aggregated as an aggregated route (10.1.0.0 /16(metric=2)).

11.7.7.11 Multi-process and Multi-instance


For easy management and effective control, RIP supports multi-process and multi-instance. The multi-process feature allows a set of interfaces to be associated with a specific RIP process. This ensures that the specific RIP process performs all the protocol operations only on this set of interfaces. Thus, multiple RIP processes can work on a single router and each process is responsible for a unique set of interfaces. In addition, the routing data is independent between RIP processes; however, routes can be imported between processes. For the routers that support the VPN, each RIP process is associated with a specific VPN instance. In this case, all the interfaces attached to the RIP process should be associated with the RIPprocess-related VPN instance.

11.7.7.12 Hot Backup


Routers with distributed architecture support the RIP Hot Standby (HSB) feature. RIP backs up data from the Active Main Board (AMB) to the Standby Main Board (SMB). Whenever the AMB fails, the SMB becomes active. In this manner, RIP, being free from active/standby switchover, proceeds to work normally. RIP supports only the backup of RIP configurations. RIP performs Graceful Restart (GR) to resend a routing request to neighbors and synchronize route database.

11.7.7.13 Terms and Abbreviations Term


Term Poison reverse Explanation RIP sets the cost of the route learnt from an interface to 16 (specifying the route as unreachable) and then sends the route from the interface to neighbors. A route learnt by RIP on an interface is not sent to neighbors from the interface.

Split horizon

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

280

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Abbreviation
Abbreviation RIP Full Spelling Routing Information Protocol

11.7.8 IS-IS
The Intermediate System-to-Intermediate System (IS-IS) protocol is a dynamic routing protocol initially designed by the International Organization for Standardization (ISO) for its Connectionless Network Protocol (CLNP).

11.7.8.1 Introduction to IS-IS Definition


The Intermediate System-to-Intermediate System (IS-IS) is a dynamic routing protocol initially designed by the International Organization for Standardization (ISO) for its Connectionless Network Protocol (CLNP). To support IP routing, the Internet Engineering Task Force (IETF) extends and modifies IS-IS in RFC 1195. This enables IS-IS to be applied to TCP/IP and OSI environments. This type of IS-IS is called Integrated IS-IS or Dual IS-IS. IS-IS stated in this document refers to Integrated IS-IS, unless otherwise stated.

Purpose
As an Interior Gateway Protocol (IGP), IS-IS is used in Autonomous Systems (ASs). IS-IS is a link state protocol. It uses the Shortest Path First (SPF) algorithm to calculate routes.

11.7.8.2 Specifications
l l l l When using SCUN, the MA5600T/MA5603T supports up to 5120 IS-IS routes. When using SCUL, the MA5600T/MA5603T supports up to 1024 IS-IS routes. When using SCUB, the MA5600T/MA5603T supports up to 5120 IS-IS routes. The MA5600T/MA5603T is able to exchange IS-IS route information only with the network-side device.

11.7.8.3 References
Table 11-11 The following table lists the references of this document. Document ISO 10589 ISO 8348/Ad2
Issue 01 (2011-10-30)

Description ISO IS-IS Routing Protocol Network Services Access Points

Remarks 281

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Document RFC 1195

Description Use of OSI IS-IS for Routing in TCP/IP and Dual Environments

Remarks Multiple authentication passwords are not supported. -

RFC 2763 RFC 2966 RFC 2973 RFC 3277 RFC 3373 RFC 3567

Dynamic Hostname Exchange Mechanism for IS-IS Domain-wide Prefix Distribution with Two-Level IS-IS IS-IS Mesh Groups IS-IS Transient Blackhole Avoidance Three-Way Handshake for IS-IS Pointto-Point Adjacencies Intermediate System to Intermediate System (IS-IS) Cryptographic Authentication Recommendations for Interoperable Networks using IS-IS IS-IS extensions for Traffic Engineering Extending the Number of IS-IS LSP Fragments Beyond the 256 Limit Recommendations for Interoperable IP Networks using IS-IS Restart signaling for IS-IS Calculating Interior Gateway Protocol (IGP) Routes Over Traffic Engineering Tunnels Management Information Base for ISIS Multi Topology (MT) Routing in IS-IS Routing IPv6 with IS-IS M-IS-IS: Multi Topology (MT) Routing in IS-IS Admin Tag

RFC 3719 RFC 3784 RFC 3786 RFC 3787 RFC 3847 RFC 3906

RFC 4444 RFC 5120 draft-ietf-IS-IS-ipv6-05 draft-ietf-IS-IS-wg-multitopology-11 draft-ietf-isis-admintags-02(Admin Tag)

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

282

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

11.7.8.4 Basic Concepts of IS-IS Development of IS-IS


CLNP is a Layer 3 protocol in the OSI model posed by the ISO. IS-IS is initially designed by the ISO and is used as a routing protocol based on CLNP addressing. Figure 11-20 OSI model

OSI Reference Model Application Presentation Session Transport Network DataLink Physical

OSI Protocol Suite CMIP ASES ACSE DS ROSE FTAM RTSE MHS CCRSE VTP ......

Presentation Service/Presentation Protocal Session Service/Session Protocal TP0 TP1 TP2 TP3 TP4 CONP/CMNS IS-IS IEEE 802.2 IEEE 802.3 Hardware IEEE 802.3 ES-IS IEEE 802.5 Token Ring FDDI X.25 CLNP/CLNS

Token Ring Hardware

FDDI X.25 Hardware Hardware

OSI adopts systemized (or hierarchical) addressing. The services on the transport layer in OSI can be addressed through the Network Service Access Point (NSAP). The following lists the commonly used terms in OSI: l l l l CLNS: indicates the Connectionless Network Service. CLNP: indicates the Connectionless Network Protocol. CMNS: indicates the Connection-Mode Network Service. CONP: indicates the Connection-Oriented Network Protocol.

OSI implements CLNS through CLNP, and implements CMNS through CONP. CLNS is implemented through the following protocols: l l l CLNP: is similar to the IP protocol in TCP/IP. IS-IS: is the routing protocol of an intermediate system. ES-IS: is the protocol used between a host system and an intermediate system. It is similar to ARP or ICMP in IP.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 283

Issue 01 (2011-10-30)

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Table 11-12 Concepts in OSI and IP Abbre viation IS ES DIS SysID PDU LSP NSAP Concepts in OSI Intermediate System End System Designated Intermediate System System ID Protocol Data Unit Link state Protocol Data Unit Network Service Access Point Concepts in IP Router Host Designated Router (DR) in OSPF Router ID in OSPF IP packet OSPF LSA IP address

With the popularity of TCP/IP, the IETF extends and modifies IS-IS in RFC 1195 to support IP routing. This enables IS-IS to be applied to TCP/IP and OSI environments. This type of IS-IS is called Integrated IS-IS or Dual IS-IS.

Address Structure of IS-IS


In OSI, the NSAP is an address used to locate resources. The ISO adopts the address structure shown in Figure 11-21, that is, NSAP. NSAP is composed of the Initial Domain Part (IDP) and the Domain Specific Part (DSP). The IDP is equal to the network ID in the IP address, and the DSP is equal to the subnet number and host address in an IP address. As defined by the ISO, the IDP consists of the Authority and Format Identifier (AFI) and the Initial Domain Identifier (IDI). The AFI specifies the address assignment mechanism and the address format; the IDI identifies a domain. The DSP consists of the High Order DSP (HODSP), system ID, and NSAP Selector (SEL). The HODSP is used to divide areas; the system ID identifies a host; the SEL indicates the service type. The lengths of the IDP and the DSP are variable. The maximum length of the NSAP is 20 bytes and its minimum length is 8 bytes. Figure 11-21 Schematic diagram of the address structure of IS-IS

IDP AFI IDI High Order DSP

DSP System ID SEL(1 octet)

Area Address

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

284

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Area address The IDP together with the HODSP of the DSP can identify a routing domain and the areas in a routing domain; therefore, the combination of the IDP and HODSP is referred to as an area address, which is equal to an area number in OSPF. There cannot be the same area address in a routing domain. and the Level-1 area addresses of the routers in the same area must be the same. In general, a router can be configured with only one area address. The area address of all nodes in an area must be the same. In the implementation of device, an IS-IS process can be configured with a maximum of three area addresses for supporting seamless combination, division, and transformation of areas.

System ID A system ID uniquely identifies a host or a router in an area. In the device, the fixed length of the system ID is 48 bits (6 bytes). In actual applications, a router ID corresponds to a system ID. If a router takes the IP address 168.10.1.1 of Loopback 0 as its router ID, its system ID used in IS-IS can be obtained in the following manners: Extend each part of the IP address 168.10.1.1 to 3 bits and add 0 to the front of the part that is shorter than 3 bits. Divide the extended address 168.010.001.001 into three parts, with each part consisting of four decimal digits. The reconstructed 1680.1000.1001 is the system ID. There are many ways to specify a system ID. You need to ensure that the system ID uniquely identifies a host or a router.

SEL The role of an SEL (also referred to as NSAP Selector or N-SEL) is similar to that of the "protocol identifier" of IP. A transport protocol matches an SEL. The SEL is always "00" in IP.

NET A Network Entity Title (NET) indicates the network layer information of an IS itself. It does not contain the transport layer information (SEL = 0). A NET can be regarded as a special NSAP. The length of the NET field is the same as that of an NSAP. Its maximum length is 20 bytes and its minimum length is 8 bytes. When configuring IS-IS on a router, you can configure only a NET instead of an NSAP. In general, an IS-IS process is configured with only one NET. When an area needs to be redefined, such as being combined with other areas or divided into sub-areas, you can configure the router with multiple NETs to ensure the correctness of routes. An IS-IS process can be configured with a maximum of three area addresses, and thus a maximum of three NETs can be configured. When configuring multiple NETs, ensure that their system IDs are the same. For example, there is a NET ab.cdef.1234.5678.9abc.00, in which, the area is ab.cdef, the system ID is 1234.5678.9abc, and the SEL is 00.
NOTE

The routers in an area must have the same area address.

IS-IS PDU Format


The types of PDUs for IS-IS include Hello, LSPs, CSNPs, and PSNPs.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 285

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Table 11-13 PDU types Type Value 15 16 17 18 20 24 25 26 27 l PDU Type Level-1 LAN IS-IS Hello PDU Level-2 LAN IS-IS Hello PDU Point-to-Point IS-IS Hello PDU Level-1 Link State PDU Level-2 Link State PDU Level-1 Complete Sequence Numbers PDU Level-2 Complete Sequence Numbers PDU Level-1 Partial Sequence Numbers PDU Level-2 Partial Sequence Numbers PDU Name L1 LAN IIH L2 LAN IIH P2P IIH L1 LSP L2 LSP L1 CSNP L2 CSNP L1 PSNP L2 PSNP

Hello packet format Hello packets, also called the IS-to-IS Hello PDUs (IIH), are used to set up and maintain neighbor relationships. Among them, Level-1 LAN IIHs are applied to the Level-1 routers on broadcast LANs; Level-2 LAN IIHs are applied to the Level-2 routers on broadcast LANs; P2P IIHs are applied to non-broadcast networks. Packets in different networks have different formats. Figure 11-22 shows the format of a Hello packet in a broadcast network (the part in blue is the common header). Figure 11-22 Format of a Level-1 or Level-2 LAN IIH

No. of Octets Intradomain Routeing Protocol Discriminator Length Indicator Version/Protocol ID Extension ID Length R R R PDU Type Version Reserved Maximum Area Address Reserved/Circuit Type Source ID Holding Time PDU Length R Priority LAN ID Variable Length Fields 1 1 1 1 1 1 1 1 1 ID Length 2 2 1 ID Length+1

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

286

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Figure 11-23 shows the format of a Hello packet in a P2P network. Figure 11-23 Format of a P2P IIH

Intradomain Routeing Protocol Discriminator Length Indicator Version/Protocol ID Extension ID Length R R R PDU Type Version Reserved Maximum Area Address Reserved/Circuit Type Source ID Holding Time PDU Length Local Circuit ID Variable Length Fields

No. of Octets 1 1 1 1 1 1 1 1 1 ID Length 2 2 1

As shown in Figure 11-23, most fields in a P2P IIH are the same as those in a LAN IIH. The P2P IIH does not have the priority and LAN ID fields, but has a local circuit ID field. The local circuit ID indicates the local link ID. l LSP packet format Link State PDUs (LSPs) are used to exchange link-state information. There are two types of LSPs, that is, Level-1 LSPs and Level-2 LSPs. Level-1 IS-IS transmits Level-1 LSPs; Level-2 IS-IS transmits Level-2 LSPs; Level-1-2 IS-IS can transmit both Level-1 and Level-2 LSPs. Level-1 and Level-2 LSPs have the same format, as shown in Figure 11-24.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

287

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Figure 11-24 Format of a Level-1 or Level-2 LSP

No. of Octets IntradomainRouteingProtocolDiscriminator Length Indicator Version/Protocol IDExtension ID Length R R R PDU Type Version Reserved Maximum AreaAddress PDULength RemainingLifetime SequencyNumber Checksum R ATT OL IS Type Variable Length Fields 1 1 1 1 1 1 1 1 2 ID Length+2 4 2 1

The main fields are described as follows: OL: indicates LSDB overload. LSPs with the overload bit are still flooded on the network, but the LSPs are not used when routes that pass through a router configured with the overload bit are calculated. That is, after a router is configured with the overload bit, other routers ignore the router when performing the SPF calculation. Only the direct routes of the router are considered. As shown in Figure 11-25, packets from Router A to Router C are all forwarded by Router B. If the OL field is set to 1 on Router B, however, Router A considers that the LSDB of Router B is incomplete. Router A then forwards the packets to Router C through Router D and Router E, but the packets to the destination that is directly connected to Router B are forwarded normally. Figure 11-25 Schematic diagram of LSDB overload

RouterD

RouterE

Overload RouterA RouterB

RouterC

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

288

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

IS Type: indicates the type of IS-IS generating the LSP. It is used to specify whether the level of IS-IS is Level-1 or Level-2 (01 indicates Level-1; 11 indicates Level-2). l SNP Format Sequence Number PDUs (SNPs) describe the LSPs in all or part of the databases to synchronize and maintain all LSDBs. An SNP consists of a complete SNP (CSNP) and a partial SNP (PSNP). They are further divided into a Level-1 CSNP, a Level-2 CSNP, a Level-1 PSNP, and a Level-2 PSNP. A CSNP contains the summary of all LSPs in an LSDB. This maintains LSDB synchronization between neighboring routers. On a broadcast network, the DIS periodically sends CSNPs. The default interval for sending CSNPs is 10 seconds. On a point-to-point link, CSNPs are sent only when the neighbor relationship is established for the first time. Figure 11-26 shows the CSNP format. Figure 11-26 Format of a Level-1 or Level-2 CSNP

No. of Octets Intradomain Routeing Protocol Discriminator Length Indicator Version/Protocol ID Extension ID Length R R R PDU Type Version Reserved Maximum Area Address PDU Length Source ID Start LSP ID End LSP ID Variable Length Fields 1 1 1 1 1 1 1 1 2 ID Length+1 ID Length+2 ID Length+2

The main fields are described as follows: Source ID: indicates the system ID of the router that sends the SNP. Start LSP ID: indicates the ID of the first LSP in the CSNP. End LSP ID: indicates the ID of the last LSP in the CSNP. A PSNP lists only the sequence number of recently received LSPs. A PSNP can acknowledge multiple LSPs at a time. If an LSDB is not updated, the PSNP is also used to request a neighbor to send a new LSP. Figure 11-27 shows the PSNP format.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

289

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Figure 11-27 Format of a Level-1 or Level-2 PSNP

No. of Octets Intradomain Routeing Protocol Discriminator Length Indicator Version/Protocol ID Extension ID Length R R R PDU Type Version Reserved Maximum Area Address PDU Length Source ID Variable Length Fields 1 1 1 1 1 1 1 1 2 ID Length+1

CLV The variable length fields in a PDU are the multiple Code-Length-Values (CLVs). Figure 11-28 shows the CLV format. A CLV is also called the Type- Length-Value (TLV). Figure 11-28 CLV format

No. of Octets Code Length Value 1 1 Length

CLVs vary with PDU types, as shown in Table 11-14. Table 11-14 PDU types and CLV names CLV Code 1 2 4 6 7 8 9
Issue 01 (2011-10-30)

Name Area Addresses IS Neighbors (LSP) Partition Designated Level2 IS IS Neighbors (MAC Address) IS Neighbors (SNPA Address) Padding LSP Entries

Applied PDU Type IIH and LSP LSP L2 LSP LAN IIH LAN IIH IIH SNP
290

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

CLV Code 10 128 129 130 131 132

Name Authentication Information IP Internal Reachability Information Protocols Supported IP External Reachability Information Inter-Domain Routing Protocol Information IP Interface Address

Applied PDU Type IIH, LSP, and SNP LSP IIH and LSP L2 LSP L2 LSP IIH and LSP

The CLVs with codes ranging from 1 to 10 are defined in ISO 10589 (two types are not listed in the table), and the other CLVs are defined in RFC 1195.

IS-IS Areas
l Two-Level structure To support large-scale routing networks, IS-IS adopts a two-level structure in a routing domain. A large domain can be divided into one or more areas. In general, Level-1 routers are located in an area, Level-2 routers are located among areas, and Level-1-2 routers are located between the Level-1 routers and the Level-2 routers. l Level-1 router A Level-1 router manages intra-area routing. It establishes neighbor relationships with only the Level-1 and Level-1-2 routers in the same area. It maintains a Level-1 LSDB. The LSDB contains routing information on the local area. A packet to a destination outside this area is forwarded to the nearest Level-1-2 router. l Level-2 router A Level-2 router manages inter-area routing. It can establish neighbor relationships with Level-2 routers or Level-1-2 routers in other areas. It maintains a Level-2 LSDB. The LSDB contains inter-area routing information. All Level-2 routers form the backbone network of the routing domain. They are responsible for communications between areas. The Level-2 routers in the routing domain must be in succession to ensure the continuity of the backbone network. Only Level-2 routers can exchange data packets or routing information with routers outside the routing domain. l Level-1-2 router A router, which belongs to both a Level-1 area and a Level-2 area, is called a Level-1-2 router. It can establish Level-1 neighbor relationships with Level-1 routers and Level-1-2 routers in the same area. It can also establish Level-2 neighbor relationships with Level-2 routers and Level-1-2 routers in other areas. A Level-1 router must be connected to other areas through a Level-1-2 router. A Level-1-2 router maintains two LSDBs, that is, a Level-1 LSDB and a Level-2 LSDB. The Level-1 LSDB is used for intra-area routing and the Level-2 LSDB is used for interarea routing.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

291

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description


NOTE

11 Layer 3 Features

Level-1 routers in different areas cannot establish neighbor relationships. Level-2 routers can establish neighbor relationships with each other, regardless of the areas to which the Level-2 routers belong.

Interface level A Level-1-2 router may need to establish only a Level-1 neighbor relationship with the remote end and establish only a Level-2 neighbor relationship with the other remote end. You can set the level of an interface to restrict the setup of adjacencies on the interface. For example, only a Level-1 adjacency can be established on a Level-1 interface and only a Level-2 adjacency can be established on a Level-2 interface.

Figure 11-29 shows a network that runs IS-IS. The network is similar to an OSPF network typology with multiple areas. The entire backbone area contains all routers in Area 1 and Level-1-2 routers in other areas. Figure 11-29 IS-IS topology I

Area2 Area3 L1 L1/2 L2 backbone L2 L1/2 Area1

L2 L2 Area4 L1/2 L1 L1 L1/2

Area5 L1 L1 L1

Figure 11-30 shows another type of IS-IS topologies. All the successive Level-1-2 and Level-2 routers form the backbone area of IS-IS. In the topology, Level-2 routers belong to different areas, and Level-1-2 routers also belong to different areas. No area is defined as the backbone area.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

292

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Figure 11-30 IS-IS topology II

Area1 L1 L2 L1 L1/L2 Area2 L1/L2 L2 L2 Area3 Area4 L1

NOTE

The IS-IS backbone network does not refer to a specific area.

This networking scheme shows the difference between IS-IS and OSPF. For OSPF, inter-area routes are forwarded by the backbone area, and the SPF algorithm is used only in the same area. For IS-IS, both Level-1 and Level-2 routes are calculated through the SPF algorithm to generate the Shortest Path Tree (SPT).

IS-IS Network Types


IS-IS supports only two types of networks. According to physical links, IS-IS networks can be classified into the following types: l l Broadcast links: such as Ethernet and Token-Ring Point-to-point links: such as PPP and HDLC

For a Non-Broadcast Multi-Access (NBMA) network such as the ATM, you should configure its sub-interfaces as P2P interfaces. IS-IS cannot run on the Point to MultiPoint (P2MP) networks.

DIS and Pseudo Node


In a broadcast network, IS-IS needs to elect a Designated Intermediate System (DIS) from all the routers. The DISs of Level-1 and Level-2 are elected respectively. You can configure different priorities for DISs of different levels. The router with the highest priority is elected as the DIS. If there are multiple routers with the same highest priority in a broadcast network, the one with the largest MAC address is chosen. The DISs of different levels can be the same router or different routers. Unlike the DR election in OSPF, the DIS election in IS-IS has the following features: l l The router with the priority being 0 also takes part in the DIS election. When a new router that meets the requirements of being a DIS joins the broadcast network, the router is selected as the new DIS, and the original pseudonode is deleted. This causes LSP flooding.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 293

Issue 01 (2011-10-30)

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

In an IS-IS broadcast network, the routers (including non-DIS routers) of the same level in a network segment set up adjacencies, which is different from that of OSPF. Figure 11-31 shows the networking. Figure 11-31 DISs and adjacencies in an IS-IS broadcast network

L1/L2

L1/L2

L1 Adjacencies L2 Adjacencies L1 DIS L2 DIS

A DIS is used to create and update pseudo nodes. It also generates LSPs of the pseudo nodes. The LSPs describe the available routers on the network. The pseudo node is used to simulate the virtual node in the broadcast network and is not an actual router. In IS-IS, a pseudo node is identified by the system ID of the DIS and the 1-byte Circuit ID (its value is not 0). With pseudo nodes, the network topology is simplified and LSPs are shortened. When the network changes, the number of generated LSPs is reduced. As a result, the SPF consumes fewer resources.
NOTE

In an IS-IS broadcast network, although all the routers set up adjacencies with each other, the LSDBs are synchronized by the DISs.

Establishment of the IS-IS Neighbor Relationship


Two IS-IS routers need to establish the neighbor relationship before exchanging packets to implement routing. On different networks, the modes for establishing IS-IS neighbors are different. l Establishment of a neighbor relationship on a broadcast link Figure 11-32 Networking diagram of a broadcast link

RouterA

RouterB

RouterC

RouterD

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

294

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Router A, Router B, Router C, and Router D are Level-2 routers. Router A is newly added to the broadcast network. Figure 11-32 lists the process of establishing the neighbor relationship between Router A and Router B. The process of establishing the neighbor relationship between Router A and Router C or Router D is similar to that between Router A and Router B, and is not mentioned here. Figure 11-33 Process of establishing a neighbor relationship on a broadcast link
RouterA RouterB

SYS id:1111.1111.1111

neighbor Router B established

SYS id:2222.2222.2222 L2 LAN IIH ( sys id:1111.1111.1111 neighbor:null ) neighbor Router A initialized L2 LAN IIH ( sys id:2222.2222.2222 neighbor:Router A )

L2 LAN IIH ( sys id:1111.1111.1111 neighbor:Router B ) L2 LAN IIH L2 LAN IIH

neighbor Router A established

Router A broadcasts a Level-2 LAN IS-IS Hello PDU. After receiving the PDU, Router B sets its neighbor status with Router A to Initial. Then, Router B responds Router A with a Level-2 LAN IIH packet indicating that Router A is a neighbor of Router B. On receiving the IIH packet, Router A sets its neighbor status with Router B to Up. The network is a broadcast network, so a DIS needs to be elected. After the neighbor relationship is established, routers wait for two intervals for sending Hello packets to elect the DIS. The IIH packets exchanged by the routers contain the Priority field. The router with the highest priority is elected as the DIS. If the routers have the same priority, the router with the largest interface MAC address is elected as the DIS. l Establishment of a neighbor relationship on a P2P link Unlike the establishment of a neighbor relationship on a broadcast link, the establishment of a neighbor relationship on a P2P link is classified into two modes, that is, 2-way mode and 3-way mode. 2-way mode Upon receiving an IS-IS Hello packet, a router unidirectionally sets up the neighbor relationship. 3-way mode A neighbor relationship is established after IS-IS Hello PDUs are sent for three times, which is similar to the establishment of a neighbor relationship on a broadcast link.
NOTE

The three-way handshake mechanism of IS-IS is specifically introduced in other chapters.

Basic rules for establishing an IS-IS neighbor relationship are as follows:


Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 295

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

l l l

Only the neighboring routers of the same level can set up the neighbor relationship with each other. For Level-1 routers, their area IDs must be the same. Routers are on the same network segment.

Network types of IS-IS interfaces on both ends of a link must be consistent; otherwise, the neighbor relationship cannot be established. By simulating Ethernet interfaces as P2P interfaces, you can establish a neighbor relationship on a P2P link. IS-IS runs on the data-link layer and is initially designed for CLNP. Therefore, the establishment of an IS-IS neighbor relationship is not related to IP addresses. In the implementation of the device, IS-IS runs only over IP. Thus, IS-IS needs to check the IP address of its neighbor. If secondary IP addresses are assigned to the interfaces, the routers can still set up the IS-IS neighbor relationship only when either the primary IP addresses or secondary IP addresses are on the same network segment. When IP address unnumbered is not configured, if the IP address of its neighbor and the address of the interface through which the router receives packets are not on the same network segment, the neighbor relationship cannot be set up. The IP unreachability is thus prevented. The neighbor relationship can be set up if you configure the router not to check the IP addresses contained in received Hello packets. l l For P2P interfaces, you can configure the interfaces not to check the IP addresses. For Ethernet interfaces, you must simulate Ethernet interfaces as P2P interfaces and then configure the interfaces not to check the IP addresses.

Process of Exchanging IS-IS LSPs


l LSP flooding The flooding of LSPs is a mode in which a router sends an LSP to its neighbors and the neighbors send the received LSP to their respective neighbors except the router that first sends the LSP. In this manner, the LSP is flooded among the routers of the same level. Through the flooding, each router of the same level has the same LSP information and keeps a synchronized LSDB. Each LSP has a 4-byte sequence number. When a router is started, the sequence number of the first LSP sent by the router is 1. When a new LSP is generated, the sequence number of the LSP is equal to the sequence number of the previous LSP plus 1. The greater the sequence number, the newer the LSP. l Causes of LSP generation All routers in the IS-IS routing domain can generate LSPs. The following events trigger the generation of a new LSP: A neighbor is Up or Down. A related interface is Up or Down. Imported IP routes change. Inter-area IP routes change. An interface is assigned with a new metric value. Periodical updates occur. l Processing of a new LSP received from a neighbor 1.
Issue 01 (2011-10-30)

The router installs the LSP to the LSDB and marks it with flooding.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 296

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

2. 3. l

The router sends the LSP to all interfaces except the interface that receives the LSP. The neighbors flood the LSP to their neighbors.

Process of synchronizing LSDBs between a newly added router and DIS Figure 11-34 Process of updating LSDBs on a broadcast link

RouterA RouterC RouterB( DIS)

CSNP Router A.00-00 Router B.00-00 Router B.01-00 Router C.00-00 LSP Router A.00-00 Router B.00-00 Router B.01-00

LSP Router C.00-00

PSNP Router A.00-00 Router B.00-00 Router B.01-00

A newly added Router C sends Hello packets to establish neighbor relationships with the other routers in the broadcast domain. For details, see "Establishment of a neighbor relationship on a broadcast link." After setting up the neighbor relationships with other routers, Router C sends its LSP to the following multicast addresses after the LSP timer expires: Level-1: 01-80-C2-00-00-14 Level-2: 01-80-C2-00-00-15 All neighbors on the network can receive the LSP. The DIS on the network segment adds the LSP received from Router C to its LSDB. After the CSNP timer expires, the DIS sends CSNPs to synchronize the LSDBs on the network. By default, CSNPs are sent at intervals of 10 seconds. After Router C receives the CSNPs from the DIS, Router C checks its LSDB and sends a PSNP to request the LSPs it does not have. After receiving the PSNP, the DIS sends the required LSPs to synchronize LSDBs. l Process of updating the LSDB of the DIS When the DIS receives an LSP, it searches the LSDB for the related records. If the DIS does not find the LSP in its LSDB, it adds the LSP to its LSDB and broadcasts the contents of the new LSDB.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 297

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

If the sequence number of the received LSP is greater than the sequence number of the corresponding LSP in the LSDB, the DIS replaces the LSP with the received LSP in the LSDB, and broadcasts the contents of the new LSDB. If the sequence number of the received LSP is smaller than the sequence number of the corresponding LSP in the LSDB, the DIS sends the LSP in the LSDB to the inbound interface. If the sequence number of the received LSP is equal to the sequence number of the corresponding LSP in the LSDB, the DIS compares the Remaining Lifetime of the two LSPs. If the received LSP has a smaller Remaining Lifetime than that of the corresponding LSP in the LSDB, the DIS replaces the LSP in the LSDB with the received LSP, and broadcasts the contents of the new LSDB. If the sequence number of the received LSP is equal to the sequence number of the corresponding LSP in the LSDB, the DIS compares the Remaining Lifetime of the two LSPs. If the received LSP has a greater Remaining Lifetime than that of the corresponding LSP in the LSDB, the DIS sends the LSP in the LSDB to the inbound interface. If both the sequence number and the Remaining Lifetime of the received LSP and the corresponding LSP in the LSDB are the same, the DIS compares the checksum of the two LSPs. If the received LSP has a greater checksum than that of the corresponding LSP in the LSDB, the DIS replaces the LSP in the LSDB with the received LSP, and advertises the contents of the new LSDB. If both the sequence number and the Remaining Lifetime of the received LSP and the corresponding LSP in the LSDB are the same, the DIS compares the checksum of the two LSPs. If the received LSP has a smaller checksum than that of the corresponding LSP in the LSDB, the DIS sends the LSP in the LSDB to the inbound interface. If both the sequence number, Remaining Lifetime, and checksum of the received LSP and that of the corresponding LSP in the LSDB are the same, the LSP is not forwarded. l Process of synchronizing the LSDB on a P2P link Figure 11-35 Process of updating the LSDB on a P2P link

RouterA

PPP

RouterB

LSP Router A.00-00 Retransmission times out LSP Router A.00-00

PSNP Router A.00-00 Resend response packet PSNP Router A.00-00

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

298

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

1.

When the neighbor relationship is set up for the first time, a router sends a CSNP to its neighbor. If the LSDB of the neighbor and the CSNP are not synchronized, the neighbor sends PSNP requests for a required LSP. The router sends the required LSP to the neighbor and starts the LSP retransmission timer. The router then waits for a PSNP from the neighbor as an acknowledgement of the receiving of the LSP. If the router does not receive the PSNP from the neighbor after the LSP retransmission timer expires, it resends the LSP.
NOTE

2.

3.

A PSNP on a P2P link functions as follows: l It is used as an Ack packet to acknowledge the received LSP. l It is used as a request packet to require LSPs.

Process of updating the LSDB If the sequence number of the received LSP is greater than the sequence number of the corresponding LSP in the LSDB, the router adds the LSP to its LSDB. The router then sends a PSNP to acknowledge the received LSP. At last, the router sends the LSP to all its neighbors except the neighbor that sends the LSP. If the sequence number of the received LSP is smaller than the sequence number of the corresponding LSP in the LSDB, the router directly sends its LSP to the neighbor and waits for a PSNP from the neighbor as the acknowledgement. If the sequence number of the received LSP is the same as the sequence number of the corresponding LSP in the LSDB, the router compares the Remaining Lifetime of the two LSPs. If the received LSP has a smaller Remaining Lifetime than that of the corresponding LSP in the LSDB, the router adds the LSP to its LSDB. The router then sends a PSNP to acknowledge the received LSP. At last, the router sends the LSP to all its neighbors except the neighbor that sends the LSP. If the sequence number of the received LSP is the same as the sequence number of the corresponding LSP in the LSDB, the router compares the Remaining Lifetime of the two LSPs. If the received LSP has a greater Remaining Lifetime than that of the corresponding LSP in the LSDB, the router directly sends its LSP to the neighbor and waits for a PSNP from the neighbor. If both the sequence number and the Remaining Lifetime of the received LSP and the corresponding LSP in the LSDB are the same, the router compares the checksum of the two LSPs. If the received LSP has a greater checksum than that of the corresponding LSP in the LSDB, the router adds the LSP to its LSDB. The router then sends a PSNP to acknowledge the received LSP. At last, the router sends the LSP to all its neighbors except the neighbor that sends the LSP. If both the sequence number and the Remaining Lifetime of the received LSP and the corresponding LSP in the LSDB are the same, the router compares the checksum of the two LSPs. If the received LSP has a smaller checksum than that of the corresponding LSP in the LSDB, the router directly sends its LSP to the neighbor and waits for a PSNP from the neighbor. If both the sequence number, Remaining Lifetime, and checksum of the received LSP and the corresponding LSP in the LSDB are the same, the LSP is not forwarded.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

299

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

11.7.8.5 IS-IS Multi-instance and Multi-process


For the routers that support the VPN, you can associate each IS-IS process with a specific VPN instance. Thus, you can configure multiple IS-IS processes to be associated with multiple VPN instances at the same time. l l IS-IS multi-instance indicates that you can configure multiple IS-IS instances on the same router. IS-IS multi-process indicates that you can create multiple IS-IS processes in a VPN or a public network. The multi-process feature allows a set of interfaces to be associated with a specific ISIS process. This ensures that the specific IS-IS process performs all the protocol operations only on the set of interfaces. Thus, multiple IS-IS processes can work on a single router and each process is responsible for a unique set of interfaces. IS-IS multi-processes share an RM routing table. IS-IS multi-instances use the RM routing tables of VPNs. Each VPN has its own RM routing table. When an IS-IS process is created, it can be associated with a VPN instance. Then, the IS-IS process belongs to the VPN and processes events only in the VPN. The IS-IS process is deleted when the associated VPN is deleted. For easy management and effective control, IS-IS supports multi-process and multi-instance features. In the scenario where IS-IS is applied to users on private networks, after a VPN is created, interfaces bound to the VPN and routes in the VPN are isolated from other VPNs and public network data. In this case, you can adopt IS-IS multi-instance to deploy IS-IS in the VPN. For the routers that support the VPN, each IS-IS process is associated with a specific VPN instance. All the interfaces attached to an IS-IS process, therefore, should be associated with the VPN instance that this IS-IS process is associated to. At present, the VPN instance is maintained by the VPN module. Thus, IS-IS multi-instance is implemented by associating an IS-IS process with a VPN instance when the IS-IS process is created. When configuring IS-IS multi-instance and multi-process, note the following: l When creating IS-IS multi-instances, associate an IS-IS process with a VPN instance when the IS-IS process is created. If an IS-IS process is not associated with a VPN instance when the IS-IS process is created, the association cannot be configured later. An IS-IS process that is already associated with a VPN instance cannot be associated with another VPN instance. Multiple IS-IS processes can be associated with one VPN instance. The interfaces where IS-IS multi-instance needs to be enabled must be associated with the same VPN instance as IS-IS. The IS-IS process associated with a VPN instance belongs to the VPN. Thus, the IS-IS process is deleted when the VPN is deleted. Routes from different VPNs cannot be imported to each other.

l l l l l

11.7.8.6 IS-IS Route Leaking


With the route leaking function, Level-1-2 IS-IS advertises the known routing information about other Level-1 and Level-2 areas to the specified Level-1 areas.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 300

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Normally, the intra-area routes are managed by Level-1 routers. All Level-2 and Level-1-2 routers form a successive backbone area. The Level-1 area can be connected to only the backbone area. The Level-1 areas cannot be connected to each other. Routing information in a Level-1 area is advertised to a Level-2 area through a Level-1-2 router. That is, the Level-1-2 router encapsulates the learned Level-1 routing information into a Level-2 LSP and floods the Level-2 LSP to other Level-2 and Level-1-2 routers. To reduce the size of routing tables, Level-2 routers, by default, do not advertise the learned routing information of Level-1 areas and that of the backbone area to Level-1 areas. The Level-1 routers, therefore, cannot know the routing information outside the area. In this manner, the Level-1 routers cannot select the optimal route to the destination outside the area. To solve the preceding problem, IS-IS route leaking is introduced. By configuring Access Control Lists (ACLs) and route-policies and marking routes with tags on Level-1-2 routers, you can select eligible routes. Then, a Level-1-2 router can advertise some routing information of other Level-1 areas and the backbone area to its Level-1 area. Figure 11-36 Networking for route leaking
RouterA Level-1 1.1.1.1/24 2.2.2.1/24 cost 10 2.2.2.2/24 cost 10 5.5.5.1/24 3.3.3.1/24 3.3.3.2/24 RouterB RouterD Level-1 Level-1-2 Area10 Area20 cost 10 RouterE 5.5.5.2/24 Level-2 cost 10 RouterC Level-1-2 1.1.1.2/24 cost 50 4.4.4.1/24 4.4.4.2/24 6.6.6.2/24 6.6.6.1/24

cost 10 RouterF Level-2

l l

Router A, Router B, Router C, and Router D belong to Area 10; Router A and Router B are Level-1 routers; Router C and Router D are Level-1-2 routers. Router E and Router F are Level-2 routers and belong to Area 20.

If Router A sends a packet to Router F, the selected optimal route should be Router A -> Router B -> Router D -> Router E -> Router F. This is because the cost of the route is 40. Check the route on Router A to view the path of packets sent to Router F, and you can find that the selected route is Router A -> Router C -> Router E -> Router F, of which the cost is 70. Thus, the route is not the optimal route from Router A to Router F. Router A does not know the routes outside the local area, so the packets sent by Router A to other network segments are sent through the default route generated by the nearest Level-1-2 router. In this case, you can enable route leaking on the Level-1-2 routers, that is, Router C and Router D. Then, check the route and you can find that the selected route is Router A -> Router B -> Router D -> Router E -> Router F, which is the optimal route from Router A to Router F.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

301

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

11.7.8.7 IS-IS Fast Convergence


IS-IS fast convergence is an extended feature of IS-IS implemented to speed up the convergence of routes. It includes the following: l I-SPF Incremental SPF (I-SPF) recalculates only the routes of the changed nodes rather than all the nodes when the network topology changes. This speeds up the calculation of routes. l PRC Partial Route Calculation (PRC) calculates only the changed routes when the routes on the network change. l l LSP fast flooding LSP fast flooding speeds up the flooding of LSPs. Intelligent timer The first timeout period of the timer is fixed. If an event that triggers the timer happens when the timer is set and does not expire, the interval set by the intelligent timer increases next time. The intelligent timer is applicable to the LSP generation and SPF calculation.

I-SPF (Incremental SPF)


In ISO 10589, the Dijkstra algorithm is adopted to calculate routes. When a node changes on the network, this algorithm is used to recalculate all routes. The calculation lasts a long time and consumes too many CPU resources, thus affecting the convergence speed. I-SPF improves this algorithm. Except for the first time, only changed nodes instead of all nodes are involved in calculation. The SPT generated at last is the same as that generated by the previous algorithm. This decreases the CPU usage and speeds up the network convergence.

PRC (Partial Route Calculation)


Similar to I-SPF, PRC calculates only the changed routes. PRC, however, does not calculate the shortest path. It updates the routes based on the SPT calculated by I-SPF. In route calculation, a leaf represents a route, and a node represents a router. If the SPT changes after I-SPF calculation, PRC processes all the leaves only on the changed node. If the SPT remains unchanged, PRC processes only the changed leaves. For example, if IS-IS is enabled on an interface of a node, the SPT calculated by I-SPF remains unchanged. In this case, PRC updates only the routes of this interface, thus consuming less CPU resources. PRC working with I-SPF further improves the convergence performance of the network. It is an improvement of the original SPF algorithm.
NOTE

In the implementation of device, only I-SPF and PRC are used to calculate IS-IS routes.

LSP Fast Flooding


When IS-IS receives new LSPs from other routers, it updates the LSPs in the LSDB and periodically floods out the updated LSPs according to a timer.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 302

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

LSP fast flooding improves the preceding mode. When the device configured with this feature receives one or more new LSPs, it floods out the LSPs whose amount is smaller than the specified number before calculating routes. This significantly improves the network convergence speed.

Intelligent Timer
Although the route calculation algorithm is improved, the long interval for triggering the route calculation also affects the convergence speed. You can shorten the interval by using a millisecond-level timer. Frequent network changes, however, also consume too many CPU resources. The SPF intelligent timer addresses these problems. In general, an IS-IS network running normally is stable. The probability of the occurrence of many network changes is very low, and IS-IS does not frequently calculate routes. The period for triggering the route calculation is very short (millisecond level). If the topology of the network changes very often, the interval set by the intelligent timer increases with the calculation times to avoid too much CPU consumption. The LSP generation intelligent timer is similar to the SPF intelligent timer. When the LSP generation intelligent timer expires, the system generates a new LSP based on the current topology. The original mechanism adopts a timer with uniform intervals, and thus fast convergence and low CPU consumption cannot be achieved. Thus, the LSP generation timer is designed as an intelligent timer to respond to emergencies (such as the interface is Up or Down) quickly and speed up the network convergence. In addition, when the network changes very often, the interval for the intelligent timer becomes longer to avoid too much CPU consumption.

11.7.8.8 Priority-based IS-IS Convergence


Priority-based IS-IS convergence ensures that specific routes converge first in the case of a great number of routes. Different routes can be set with different convergence priorities. This allows important routes to converge first and thus improves network reliability. Priority-based IS-IS convergence enables specific routes (such as routes that match the specified IP prefix) to converge first. Therefore, users can assign a high convergence priority to routes for key services so that these routes can converge fast. This decreases impact on key services.

11.7.8.9 IS-IS LSP Fragment Extension


When the LSPs to be advertised by IS-IS contain much information, they are advertised in multiple LSP fragments of the same system. As defined in RFC 3786, virtual system IDs can be configured and virtual LSPs that carry routing information can be generated for IS-IS. The IS-IS LSP fragment extension attribute allows an IS-IS router to generate more LSP fragments and carry more IS-IS information.

Terms
l Originating system The originating system is a router that runs the IS-IS protocol. A single IS-IS process can advertise its LSPs as multiple "virtual" routers, and the originating system represents the "real" IS-IS process. l Normal system ID It is the system ID of the originating system.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 303

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Additional system ID The additional system ID, assigned by network administrators, is used to generate additional or extended LSP fragments. Up to 256 additional or extended LSP fragments can be generated. Like the normal system ID, the additional system ID must be unique in the routing domain.

Virtual system The system, identified by an additional system ID, is used to generate extended LSP fragments. These fragments carry the additional system IDs in their LSP IDs.

Principle
IS-IS LSP fragments are identified by the LSP Number field in their LSP IDs. The LSP Number field is 1 byte. Thus, an IS-IS process can generate a maximum of 256 fragments, carrying a limited number of routes (30,000 routes can be carried when the fragment length is 1497 bytes). With fragment extension, more information can be carried. Each system ID represents a virtual system that can generate 256 LSP fragments. With more additional system IDs (up to 50 virtual systems), an IS-IS process can generate a maximum of 13056 LSP fragments. When a virtual system and fragment extension are configured, an IS-IS router adds the contents that cannot be contained in the LSPs advertised by the originating system to the LSPs of the virtual system, and notifies other routers of the relation between the virtual system and itself through a special TLV.

IS Alias ID TLV
A special TLV, IS Alias ID TLV, is defined in RFC 3786. Table 11-15 IS Alias ID TLV Field Type Length System ID Pseudonode number sub-TLVs length sub-TLVs Length 1 byte 1 byte 6 bytes 1 byte 1 byte 0 to 247 bytes Description Indicates the TLV type. If the value is 24, it indicates the IS Alias ID TLV. Indicates the length of Value in the TLV. System ID pseudonode number sub-TLVs length sub-TLVs

In whatever operation mode, the originating system and virtual system send the LSPs with the fragment number being 0 carrying IS Alias ID TLV to indicate the originating system.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

304

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Operation Modes
The IS-IS router can run the LSP fragment extension feature in the following modes: Figure 11-37 Networking for LSP fragment extension

RouterA1

RouterB

RouterA

RouterA2

Mode-1 It is used when some routers on the network do not support the LSP fragment extension. In this mode, virtual systems participate in the SPF calculation. The originating system advertises LSPs containing information about links to each virtual system. Similarly, each virtual system advertises LSPs containing information about links to the originating system. In this manner, the virtual systems look like the actual routers that are connected to the originating system on the network. Mode-1 is a transitional mode for the earlier versions that do not support fragment extension. In the earlier versions, IS-IS cannot identify the Alias ID TLV. Thus, the LSP sent by a virtual system must look like a common IS-IS LSP. The LSP sent by a virtual system contains the same area address and overload bit as that in the common LSP. If the LSPs sent by a virtual system contain TLVs specified in other features, they must be the same as those in common LSPs. The virtual system carries neighbor information specifying that the neighbor is the originating system, with the metric being the maximum value minus 1; the originating system carries neighbor information specifying that the neighbor is the virtual system, with the metric being 0. This ensures that the virtual system is the downstream node of the originating system when other routers calculate routes. As shown in Figure 11-37, Router B does not support the LSP fragment extension; Router A is set to support the LSP fragment extension in mode-1; Router A1 and Router A2 are virtual systems of Router A. Router A1 and Router A2 send LSPs carrying some routing information of Router A. After receiving LSPs from Router A, Router A1, and Router A2, Router B considers that there are three individual routers at the peer end and calculates routes normally. Because the cost of the route from Router A to Router A1 and the cost of the route from Router A to Router A2 are both 0s, the cost of the route from Router B to Router A is equal to the cost of the route from Router B to Router A1.

Mode-2 It is used when all the routers on the network support the LSP fragment extension. In this mode, virtual systems do not participate in the SPF calculation. All the routers on the network know that the LSPs generated by the virtual systems actually belong to the originating system.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

305

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

IS-IS working in mode-2 identifies IS Alias ID TLV, which is used to calculate the SPT and routes. As shown in Figure 11-37, Router B supports the LSP fragment extension; Router A is set to support the LSP fragment extension in mode-2; Router A1 and Router A2 send LSPs carrying some routing information of Router A. When receiving LSPs from Router A1 and Router A2, Router B obtains IS Alias ID TLV and knows that the originating system of Router A1 and Router A2 is Router A. Router B then considers that information advertised by Router A1 and Router A2 belongs to Router A. No matter LSP fragment extension is set to mode-1 or mode-2, both LSPs in mode-1 and LSPs in mode-2 can be resolved. If LSP fragment extension is not supported, only LSPs in mode-1 can be resolved. Table 11-16 Comparison between mode-1 and mode-2 LSP Content\Mode IS Alias ID area overload bit IS NBR/IS EXTENDED NBR Routing ATT bits P bit Mode-1 Yes Yes Yes Yes Yes must 0 must 0 Mode-2 Yes No Yes No Yes must 0 must 0

Process
After LSP fragment extension is configured, if information is lost because LSPs are of full lengths, the system prompts that the IS-IS router should be restarted. After being restarted, the originating system loads as much routing information as possible. The remaining information is added to the LSPs of the virtual systems for transmission.

Application Environment
NOTE

If there are devices of other manufacturers on the network, the LSP fragment extension must be set to mode-1. Otherwise, devices of other manufacturers cannot identify the LSPs.

It is recommended that you configure the LSP fragment extension and virtual systems before setting up IS-IS neighbors or importing routes. If you set up IS-IS neighbors or import routes, which causes IS-IS to carry much information that cannot be loaded through 256 fragments, you must configure the LSP fragment extension and virtual systems. The configurations, however, takes effect only after you restart the IS-IS router.

11.7.8.10 IS-IS Administrative Tag


Administrative tags control the advertisement of IP prefixes in the IS-IS domain. The administrative tag carries administrative information about an IP address prefix, which simplifies management. It is used to control the importing of routes of different levels and
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 306

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

different areas, and control different routing protocols and IS-IS multi-instances running on the same router. The value of an administrative tag is associated with certain attributes. When cost-style is wide, wide-compatible or compatible, if IS-IS advertises an IP address prefix with these attributes, it adds the administrative tag to the TLV in the prefix. In this manner, the tag is flooded with the prefix throughout the routing domain.

11.7.8.11 Dynamic Hostname Exchange Mechanism


The dynamic hostname exchange mechanism provides a mapping from the hostname to system ID for IS-IS routers. IS-IS was first designed by the ISO for the CLNS; thus, its unique address encoding method is retained. Information about IS-IS neighbors and LSDBs on an IS-IS router, with hostname exchange disabled, is represented by a system ID with 12 hexadecimal numbers, for example, aaaa.eeee. 1234. This representation, however, is complicated and not easy to use. To maintain and manage IS-IS networks easily, the dynamic hostname exchange mechanism is introduced. This dynamic hostname information is advertised in the form of a dynamic hostname TLV (type 137) in LSPs. The dynamic hostname exchange mechanism also provides a service to associate a host name with the Designated IS (DIS) on a broadcast network. Then, this mechanism advertises this association through LSPs in the form of a dynamic hostname TLV. In the implementation of MA5600T/MA5603T, routers where IS-IS dynamic hostname mapping is enabled add the Dynamic Hostname TLV (TLV type 137) that records the local host name to the LSPs they generate before sending the LSPs out. Dynamic Hostname TLV (TLV type 137) includes the following fields: l l l Type: indicates the dynamic hostname exchange mechanism. Length: indicates the total length of the value field. Value: indicates a character string of 1 to 255 characters.

The Dynamic Hostname TLV is optional and can be inserted anywhere in an LSP. The hostname value cannot be null. A router determines whether to carry the TLV in sending LSPs; the router that receives the LSPs determines whether to ignore the TLV or obtain the TLV for its mapping table.

Implementation
l Matching rules The dynamic hostname abides by the longest match rule. System ID+NSEL is first compared. If it doesn't match, the system ID is then compared. l l l
Issue 01 (2011-10-30)

Transmission of the dynamic hostname The dynamic hostname can be carried by the original LSP only. Transmission of the DIS dynamic hostname The DIS dynamic hostname is transmitted through the LSPs generated by the DIS. Priority of the dynamic hostname
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 307

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

The dynamic hostname is prior to the static hostname. When both a dynamic hostname and a static hostname are configured, the dynamic hostname replaces the static hostname. l Configuration and resolution of the dynamic hostname The dynamic hostname can be up to 64 bytes in length and a maximum of 255-byte contents can be resolved.

Application Environment
In maintenance and management, the hostname is easier to identify and memorize than the system ID. After this function is configured, it is the hostname instead of the system ID displayed for the router. The hostname exchange mechanism implemented on the MA5600T/MA5603T includes dynamic hostname mapping and static hostname mapping. The system ID is replaced by the hostname in the following cases: l When an IS-IS neighbor is displayed, the system ID of the IS-IS neighbor is replaced by the dynamic hostnames. If the IS-IS neighbor is the DIS, then the system ID of the DIS is replaced by the dynamic hostnames of the neighbor. When an LSP in the IS-IS LSDB is displayed, the system ID in the LSP ID is replaced by the dynamic hostname of the router that advertises the LSP. When details about the IS-IS LSDB are displayed, the Host Name field is included for the LSP generated by the router where dynamic hostname exchange is enabled; the system ID is replaced by the dynamic hostname of the IS-IS neighbor.

l l

11.7.8.12 IS-IS HA
IS-IS HA includes hot standby, data backup, command line backup, batch backup, and real-time backup. IS-IS backs up data from the Active Main Board (AMB) to the Standby Main Board (SMB). Whenever the AMB fails, the SMB becomes active and takes over the AMB. IS-IS, therefore, can keep working normally.

Basic Concepts
l l Data backup It indicates backup of data of processes and interfaces. Command line backup If the AMB processes successfully, it sends the command lines to the SMB for processing. If the AMB fails to process, it records in the log that the command lines fail to take effect and does not send the command lines to the SMB for processing. If the SMB fails to process, the failure is recorded in the log.

Hot Standby
The IS-IS Hot Standby (HSB) feature is supported on the devices with a distributed structure. In the running process of IS-IS HSB, IS-IS configurations on the AMB and those on the SMB are consistent. When the AMB/SMB switchover occurs, IS-IS on the new AMB performs GR. The new AMB resends a request for setting up the neighbor relationship to neighbors to synchronize LSDBs. Traffic, therefore, is not affected.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 308

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Batch Backup
l Backing up data in batches When the SMB is installed, all data of the AMB is backed up to the SMB. No configuration can be changed during batch backup. l Backing up command lines in batches When the SMB is installed, all configurations of the AMB are backed up to the SMB at a time. No configuration can be changed during batch backup.

Real-time Backup
l l Real-time backup of data It indicates real-time backup of changed data of processes and interfaces to the SMB. Real-time backup of command lines It indicates that command lines that are run successfully on the AMB are backed up to the SMB.

11.7.8.13 IS-IS 3-Way Handshake


IS-IS introduces the 3-way handshake mechanism on P2P links to ensure a reliable data link layer. According to ISO 10589, the 2-way handshake mechanism of IS-IS uses Hello packets to set up P2P adjacencies between neighbors. Once the router receives a Hello packet from its peer, it regards the status of the peer as Up and sets an adjacency with the peer. This mechanism has distinct disadvantages. When two or more links exist between two routers, an adjacency can still be set up when one link is Down and the other is Up in the same direction. The parameters of the other link, however, are also used in SPF calculation. The router does not detect any faults of the link that is in the Down state and still tries forwarding packets through this link. The 3-way handshake mechanism solves these problems on P2P links. In 3-way handshake mode, the router regards the neighbor as Up only after confirming that the neighbor receives the packet that it sends and then sets up an adjacency with the neighbor. In addition, the 3-way handshake mechanism adopts the 32-bit Extended Local Circuit ID field. This extends the original 8-bit Extended Local Circuit ID field and P2P links increase to more than 255 in quantity.
NOTE

By default, the 3-way handshake mechanism of IS-IS is implemented on P2P links, as defined in RFC 3373.

11.7.8.14 IS-IS GR
IS-IS Graceful Restart (GR) implements non-stop forwarding by extending IS-IS to support the GR capability. It is one of the high availability (HA) technologies. RFC 3847 defines the IS-IS GR standard. IS-IS is a link state routing protocol. All routers in an area must maintain the same network topologies, that is, the same LSDBs. After the master/slave switchover, no neighbor information is stored on the restarted router. Thus, the first Hello packets sent by the router do not contain the neighbor list. After receiving
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 309

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

the Hello packets, the neighbor checks the 2-way neighbor relationship and finds that it is not in the neighbor list of the Hello packets sent by the router. Thus, the neighbor relationship is interrupted. The neighbor then generates new LSPs and floods the topology changes to all other routers in the area. Routers in the area then calculate routes based on the new LSDBs, which leads to route interruption or routing loops. Because no LSDB is stored on the restarted router, the router needs to synchronize its LSDB with those of the neighbors after the master/slave switchover. If IS-IS is not restarted in GR mode, IS-IS neighbor relationships are reset and LSPs are regenerated and flooded. This triggers the SPF calculation in the entire area, which causes route flapping and forwarding interruption in the area. The IETF defined the GR standard, RFC 3847, for IS-IS. The restart of the protocol is processed for both the reserved FIB tables and unreserved FIB tables. Thus, the route flapping and interruption of the traffic forwarding caused by the restart can be avoided. When a router fails, neighbors at the routing protocol layer detect that their neighbor relationships are Down and then become Up again after a period of time. This is the flapping of neighbor relationships. The flapping of neighbor relationships causes route flapping, which leads to black hole routes on the restarted router or causes data services from the neighbors to be looped on the restarted router. This decreases the reliability on the network. GR is thus introduced to address route flapping.

Basic Concepts of IS-IS GR


IS-IS GR involves two roles, namely, GR restarter and GR helper. l l GR restarter The GR restarter refers to the router that restarts in GR mode. GR- helper The GR helper refers to another GR router that helps the restarter to complete the GR process. The GR restarter must have the capability of the GR helper.
NOTE

By default, the device supports the GR helper.

To implement GR, IS-IS introduces the restart Type-Length-Value (TLV), T1 timer, T2 timer, and T3 timer.

Restart TLV
The restart TLV is an extended part of an IS-to-IS Hello (IIH) PDU. All IIH packets of the router that supports IS-IS GR contains the restart TLV. The restart TLV carries the parameters for the protocol restart. Figure 11-38 shows the format of the restart TLV.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

310

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Figure 11-38 Format of the Restart TLV

3 4 5 Type(211) Length(1 to 9) SA

Reserved

RA

RR

Remaining Time

Restarting Neighbor System ID

Table 11-17 describes the fields of the restart TLV. Table 11-17 Description of the fields of the restart TLV Field Type Length RR Length 1 byte 1 byte 1 bit Description Indicates the TLV type. If the value is 211, the TLV is the restart TLV. Indicates the length of the TLV. Indicates the restart request bit. A router sends an RR packet to notify the neighbors of its restarting or starting and to require the neighbors to retain the current IS-IS adjacency and return CSNPs. Indicates the restart acknowledgement bit. A router sends an RA packet to respond to the RR packet. Indicates the suppress adjacency advertisement bit. The starting router uses an SA packet to require its neighbors to suppress the broadcast of their neighbor relationships to prevent routing loops. Indicates the time during which the neighbor does not reset the adjacency. The length of the field is 2 bytes. The time is measured in seconds. When RA is reset, the value is mandatory. Indicates the system ID of the neighboring router that responds to the RA packet.

RA SA

1 bit 1 bit

Remaining Time Restarting Neighbor System ID

2 bytes

6 bytes

Timers
Three timers are introduced to enhance IS-IS GR. They are T1, T2, and T3 timers.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 311

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

T1 Any interface enabled with IS-IS GR maintains a T1 timer. On a Level-1-2 router, broadcast interfaces maintain a T1 timer for Level-1 and Level-2 neighbor relationships respectively. If the GR restarter has already sent an IIH packet with RR being set but does not receive any IIH packet that carries the restart TLV and the RA set from the GR helper even after the T1 timer expires, the GR restarter will reset the T1 timer and continues to send the restart TLV. If the ACK packet is received or the T1 timer expires for three times, the T1 timer is deleted. The default value of a T1 timer is 3 seconds.

T2 Level-1 and Level-2 LSDBs maintain separate T2 timers. T2 is the maximum time that the system waits for the synchronization of various LSDBs. T2 is generally 60 seconds.

T3 The entire system maintains a T3 timer. T3 timer can be considered as the maximum time for GR to complete. If the T3 timer expires, GR fails. The initial value of the T3 timer is 65535 seconds. After the IIH packets that carry the RA are received from neighbors, the value of the T3 timer becomes the smallest value of the Remaining Time field among the Remaining Time fields of the IIH packets. The T3 timer applies to only restarting devices.

Session Mechanism of IS-IS GR


For differentiation, GR triggered by the master/slave switchover or the restart of an IS-IS process is referred to as restarting. In this case, the FIB table remains unchanged. GR triggered by router restart is referred to as starting. In this case, the FIB table is updated. The following describes the process of IS-IS GR in restarting and starting modes:

IS-IS Restarting
Figure 11-39 shows the process of IS-IS restarting.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

312

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Figure 11-39 Process of IS-IS restarting

GR Restarter

GR Helper

Active/standby switchover Start T1, T2, and T3 timers Reset T3 timer CSNP Delete T1 timer Delete T2 timer Delete T3 timer and Update the FIB table LSPs IIH (Restart TLV, RR=1, RA=0, SA=0)

IIH (Restart TLV, RR=0, RA=1, SA=0)

Flood LSPs

Update the FIB table

1.

After performing the protocol restart, the GR restarter performs the following actions: l Starts T1, T2, and T3 timers. l Sends IIH packets that contain the restart TLV from all interfaces. In such a packet, RR is set to 1, and RA and SA are set to 0.

2.

After receiving an IIH packet, the GR helper performs the following actions: l Maintains the neighbor relationship and refreshes the current Holdtime. l Replies an IIH packet containing the restart TLV. In the packet, RR is set to 0; RA is set to 1, and the value of the Remaining Time field indicates the period from the current moment to the timeout of the Holdtime. l Sends CSNPs and all LSPs to the GR restarter.
NOTE

l On a P2P link, a neighbor must send CSNPs. l On a LAN link, only the neighbor of the DIS sends CSNPs. If the DIS is restarted, a temporary DIS is elected from the other routers on the LAN.

If the GR helper does not support GR, it ignores the restart TLV and resets the adjacency with the GR restarter according to the normal processing of IS-IS. 3. After the GR restarter receives the IIH response packet, in which RR is set to 0 and RA is set to 1, from the neighbor, it performs the following actions: l Compares the current value of the T3 timer with the value of the Remaining Time field in the packet. The smaller one is taken as the value of the T3 timer.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

313

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

l Deletes the T1 timer maintained by the interface that receives the ACK packet and CSNPs. l If the interface does not receive the ACK packet or CSNPs, the GR restarter constantly resets the T1 timer and resends the IIH packet that contains the restart TLV. If the number of the timeouts of the T1 timer exceeds the threshold value, the GR restarter forcibly deletes the T1 timer and turns to the normal IS-IS processing to complete LSDB synchronization. 4. After the GR restarter deletes the T1 timers on all interfaces, the synchronization with all neighbors is complete when the CSNP list is cleared and all LSPs are collected. The T2 timer is then deleted. After the T2 timer is deleted, the LSDB of the level has been synchronized. l In the case of a Level-1 or Level-2 router, the SPF caculation is triggered. l In the case of a Level-1-2 router, determine whether the T2 timer on the router of the other level is also deleted. If both the T2 timers are deleted, the SPF calculation is triggered. Otherwise, the router waits for the T2 timer of the other level to expire. 6. After all T2 timers are deleted, the GR restarter deletes the T3 timer and updates the FIB table. The GR restarter re-generates the LSPs of each level and floods them. During the LSDB synchronization, the GR restarter deletes the LSPs generated before GR. So far, the IS-IS restarting of the GR restarter is complete.

5.

7.

IS-IS Starting
The starting device does not keep the FIB table. Thus, the starting device hopes the neighbors, whose adjacency with itself is Up before it starts, reset their adjacency, and suppress the neighbors from advertising their adjacency. The IS-IS starting process is different from the ISIS restarting process, as shown in Figure 11-40.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

314

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Figure 11-40 Process of IS-IS starting

GR Restarter

GR Helper

Starting Start T2 timer for various LSPDBs Start T1 timer IIH (Restart TLV, RR=0, RA=0, SA=1) Reestablish the adjacency relationship IIH (Restart TLV, RR=1, RA=0, SA=1) IIH (Restart TLV, RR=0, RA=1, SA=0)

Delete T1 timer Delete T2 timer Update the FIB table

CSNP LSPs

Flood LSPs

Update the FIB table

1.

After the GR restarter is started, it performs the following actions: l Starts the T2 timer for the synchronization of LSDBs of each level. l Sends IIH packets that contain the restart TLV from all interfaces. In such a packet, RR is set to 0, and SA is set to 1. If RR is set to 0, a router is started. If SA is set to 1, the router requests its neighbor to suppress the advertisement of their adjacency before the neighbor receives the IIH packet in which SA is set to 0.

2.

After the neighbor receives the IIH packet that carries the restart TLV, it performs the following actions according to whether GR is supported: l GR is supported. Re-initiates the adjacency. Deletes the description of the adjacency with the GR restarter from the sent LSP. The neighbor also ignores the link connected to the GR restarter when performing SPF calculation until it receives an IIH packet in which SA is set to 0. l GR is not supported. Ignores the restart TLV and resets the adjacency with the GR restarter. Replies an IIH packet that does not contain the restart TLV. The neighbor then turns to the normal IS-IS processing. In this case, the neighbor does not suppress the

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

315

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

advertisement of the adjacency with the GR restarter. On a P2P link, the neighbor also sends a CSNP. 3. After the adjacency is re-initiated, the GR restarter re-establishes the adjacency with the neighbors on each interface. When an adjacency set on an interface is in the Up state, the GR restarter starts the T1 timer for the interface. After the T1 timer expires, the GR restarter sends an IIH packet in which both RR and SA are set to 1. After the neighbor receives the IIH packet, it replies an IIH packet in which RR is set to 0 and RA is set to 1 and sends a CSNP. After the GR restarter receives the IIH ACK packet and CSNP from the neighbor, it deletes the T1 timer. If the GR restarter does not receive the IIH packet or CSNP, it constantly resets the T1 timer and resends the IIH packet in which RR and SA are set to 1. If the number of the timeouts of the T1 timer exceeds the threshold value, the GR restarter forcibly deletes the T1 timer and turns to the normal IS-IS processing to complete LSDB synchronization. 7. 8. 9. After receiving the CSNP from the helper, the GR restarter synchronizes the LSDB. After the LSDB of this level is synchronized, the T2 timer is deleted. After all T2 timers are deleted, the SPF calculation is started and LSPs are regenerated and flooded.

4. 5. 6.

10. So far, the IS-IS starting of the GR restarter is complete.

Application Environment
GR is typically applied on PEs, especially single point PEs. In the scenario where a single point PE fails, or master/slave switchover occurs on a PE due to maintenance operations such as upgrading the software version, GR is configured to ensure non-stop forwarding of key services. Figure 11-41 shows the networking. Figure 11-41 Application of GR on the provider network

VPN A CE-1 PE1 PE3

VPN B CE-2

IS-IS Level-2

PE4 VPN B CE-4

VPN A CE-3 PE2

IBGP Full mesh

AS#100

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

316

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

NOTE

NSF is deployed on PE2 to prevent single-node failure on PE2; IS-IS GR, BGP GR, and LDP GR run on PE2.

On the PEs, IS-IS, BGP, or LDP GR is run. On the Ps, IS-IS or LDP GR is run. The MPU/SRUs on the PEs and Ps work in backup mode.

11.7.8.15 IS-IS Wide Metric


As defined in RFC 3784, the value of an interface metric can be extended to 16777215, and the metric of a route can reach 4261412864. On large-scale networks, a small range of metrics cannot meet the requirements. Thus, wide metric is introduced. In the earlier ISO 10589, the greatest value of an interface metric can be only 63. TLV type 128 and TLV type 130 contain information about routes; TLV type 2 contains information about ISIS neighbors. After IS-IS wide metric is enabled, TLV type 135 contains information about routes; TLV type 22 contains information about IS-IS neighbors. l The following lists the TLVs used in narrow mode: IP Internal Reachability TLV: carries internal routes. IP External Reachability TLV: carries external routes. IS Neighbors TLV: carries information about neighbors. l The following lists the TLVs used in wide mode: Extended IP Reachability TLV: replaces the earlier IP reachability TLV and carries information about routes. This TLV expands the range of route cost to 4 bytes and carries sub-TLVs. IS Extended Neighbors TLV: carries information about neighbors.
NOTE

IS-IS in wide mode and IS-IS in narrow mode cannot communicate. If IS-IS in wide mode and IS-IS in narrow mode need to communicate, you must change the mode to enable all routers on the network to receive packets sent by other routers.

Table 11-18 List of modes of receiving and sending Mode\Receiving and Sending narrow narrow-compatible compatible wide-compatible wide Receiving narrow narrow&wide narrow&wide narrow&wide wide Sending narrow narrow narrow&wide wide wide

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

317

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

When the cost-style is set to compatible, IS-IS sends the information in narrow mode and in wide mode respectively.

Process

CAUTION
The change of cost-style causes the IS-IS process to be restarted. Thus, be cautious to use the cost-style command. l Changing the sending mode from narrow to wide The information used to be carried by TLV type 128, TLV type 130, and TLV type 2 is now carried by TLV type 135 and TLV type 22. l Changing the sending mode from wide to narrow The information used to be carried by TLV type 135 and TLV type 22 is now carried by TLV type 128, TLV type 130, and TLV type 2. l Changing the sending mode from narrow/wide to narrow&wide The information used to be carried in narrow/wide mode is now carried by TLV type 128, TLV type 130, TLV type 2, TLV type 135, and TLV type 22.

11.7.8.16 BFD for IS-IS


BFD functions as a simple "Hello" protocol. It is similar to the adjacency test of a routing protocol in many aspects. Two systems periodically send BFD packets on the path between them. If one system does not receive any BFD packet from its peer within the detection period, the system considers that the bidirectional path to its peer is faulty. Under some conditions, systems need to negotiate the sending and receiving rates to reduce the load. BFD is classified into static BFD and dynamic BFD.
NOTE

BFD uses the local discriminator and remote discriminator to differentiate multiple BFD sessions between the same pair of systems.

Static BFD In static BFD, BFD session parameters including local and remote discriminators are set through commands, and the requests for establishing BFD sessions are manually delivered.

Dynamic BFD(including BFD for IPv4) In dynamic BFD, the establishment of BFD sessions is triggered by routing protocols. The local discriminator is dynamically assigned, and the remote discriminator is learned by a routing protocol.

In BFD for IS-IS, the establishment of a BFD session is dynamically triggered by IS-IS instead of being performed manually. When detecting a fault, BFD notifies IS-IS of the fault through the RM module. IS-IS then sets the status of the associated neighbor relationship to Down, rapidly advertises the changed Link State PDU (LSP), and performs incremental SPF. In this manner, fast route convergence is implemented. Generally, the interval for sending Hello packets is set to 10s. The interval for advertising that a neighbor is Down, that is, the Holddown time for keeping the neighbor relationship, is three
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 318

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

times the interval for sending Hello packets. If a router does not receive any Hello packet from its neighbor within the Holddown time, the router deletes the associated neighbor relationship. A router can detect a neighbor fault at only the second level. As a result, a large number of packets may be lost on a high-speed network. BFD, which can provide link fault detection of light load and high speed (in milliseconds), is introduced to solve the preceding problem. BFD can provide millisecond-level fault detection. BFD does not take the place of the Hello mechanism of IS-IS, but works with IS-IS to more quickly detect the faults that occur on neighboring devices or links, and instructs IS-IS to recalculate routes to correctly guide packet forwarding.

Static BFD
In static BFD, BFD session parameters including local and remote discriminators are set through commands, and the requests for establishing BFD sessions are manually delivered. In this mode, the creation and deletion of BFD sessions need to be triggered manually, which is inflexible. Moreover, manual configuration errors may occur, for example, the local discriminator and the remote discriminator are incorrectly configured, which causes the abnormal functioning of the BFD session.

Dynamic BFD
In dynamic BFD, the establishment of BFD sessions is triggered by routing protocols.The establishment of a BFD-for-IPv4 session is triggered by IS-IS when an IPv4 neighbor relationship is set up. When setting up a new neighbor relationship, IS-IS sends parameters of the neighbors and detection parameters (including source and destination IP addresses) to BFD. BFD then sets up a session according to the received parameters. Dynamic BFD is more flexible than static BFD. The RM module provides related services for the association with the BFD module for IS-IS. Through RM, IS-IS instructs BFD to set up or tear down BFD sessions by sending notification messages. In addition, BFD events are transmitted to IS-IS through RM.

Establishment and Deletion of BFD Sessions


l Conditions for setting up a BFD session Basic IS-IS functions are configured on each router and IS-IS is enabled on the interfaces of the routers. BFD is enabled on each router, and BFD for IPv4 is enabled on interfaces or processes of the routers. BFD for IPv4 is enabled on interfaces or processes, and the status of the neighboring router is Up (the DIS must be elected on a broadcast network). l Process of setting up a BFD session P2P network After the conditions for setting up a BFD session are satisfied, IS-IS instructs BFD through RM to directly set up a BFD session between neighbors. Broadcast network
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 319

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

After the conditions for establishing BFD sessions are met, and the DIS is elected, ISIS instructs BFD through RM to establish a BFD session between the DIS and each router. No BFD session is established between non-DISs. On a broadcast network, the routers (including non-DIS routers) of the same level on the same network segment can set up neighbor relationships. In the implementation of IS-IS BFD, however, BFD sessions are set up between the DIS and non-DIS devices rather than between non-DISs. On a P2P network, BFD sessions are directly set up between neighbors. If a Level-1-2 neighbor relationship is set up between two routers on a link, IS-IS sets up two BFD sessions for the Level-1 neighbor and the Level-2 neighbor on a broadcast network, but sets up only one BFD session on a P2P network. l Conditions for tearing down a BFD session P2P network When a neighbor relationship set up on P2P interfaces by IS-IS is torn down (that is, the neighbor relationship is not in the Up state) or when the IP protocol type of a neighbor is deleted, IS-IS tears down the BFD session. Broadcast network When a neighbor relationship set up on P2P interfaces by IS-IS is torn down (that is, the neighbor relationship is not in the Up state)when the IP protocol type of a neighbor is deleted, or when the DIS is re-elected, IS-IS tears down the BFD session. When the configurations of a dynamically established BFD session are deleted or BFD for IS-IS is disabled on an interface, all BFD sessions to which neighbor relationships between devices or between devices and the DIS correspond on the interface are deleted. After dynamic BFD is globally disabled in an IS-IS process, the BFD sessions on all the interfaces in this IS-IS process are deleted.
NOTE

BFD detects only one-hop links between IS-IS neighbors, because IS-IS establishes only one-hop neighbor relationships.

Response to the Down event of a BFD session When detecting a link failure, BFD generates a Down event, and then notifies RM of the event. RM then instructs IS-IS to deletes the neighbor relationship. IS-IS recalculates routes to speed up route convergence on the entire network.After BFD for IPv4 informs IS-IS of the link failure, IS-IS changes only the IPv4 route. When a router and its neighbor are Level-1-2 routers, they set up two neighbor relationships, that is, the Level-1 neighbor relationship and the Level-2 neighbor relationship. Then, ISIS sets up two BFD sessions for the Level-1 neighbor relationship and the Level-2 neighbor relationship. In this case, the RM module deletes the neighbor relationship of a specific level.

Applicable Environment

CAUTION
BFD needs to be configured according to the actual network environment. If timer parameters are set improperly, network flapping may occur. BFD for IS-IS can fast sense link changes to implement route convergence.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 320

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Figure 11-42 Networking diagram of BFD for IS-IS


Router A Switch Router B

Primary path Backup path

Router C

The configuration requirements are as follows: l l l Enable IS-IS on the routers, as shown in Figure 11-42. Enable BFD globally. Enable BFD for IS-IS on Router A and Router B.

Thus, when the link between Router A and Router B becomes faulty, BFD can fast detect the fault and then notify it to IS-IS. IS-IS then turns the neighbor relationship on the interface Down and deletes the IP protocol type to which the neighbor relationship corresponds, which triggers route calculation. In addition, IS-IS updates LSPs so that the neighbors such as Router C can receive updated LSPs from Router B. Fast convergence of IS-IS is thus implemented.

11.7.8.17 IS-IS Authentication


IS-IS authentication encrypts IS-IS packets by adding the authentication field to packets to ensure network security. When a local router receives IS-IS packets from a remote router, the local router discards the packets if finding that the authentication passwords do not match. This protects the local router. According to the types of packets, the authencation is classified into the following: l l l Area authentication It is configured in the IS-IS process view to authenticate Level-1 CSNPs, PSNPs, and LSPs. Routing domain authentication It is configured in the IS-IS process view to authenticate Level-2 CSNPS, PSNPs, and LSPs. Interface authentication It is configured in the interface view to authenticate Level-1 and Level-2 Hello packets. According to the authentication modes of packets, the authentication is classified into the following: l Plain text authentication It is a simple authentication mode in which passwords are directly added to packets. This imposes security threats. Thus, the MD5 authentication is introduced. l
Issue 01 (2011-10-30)

MD5 authentication
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 321

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

In MD5 authentication, passwords are encrypted through the MD5 algorithm before they are added to packets. This improves the security of the passwords. l Keychain authentication In Keychain authentication, you can configure the key chain that changes with time to further improve network security. IS-IS provides a TLV to carry authentication information, with the type of the TLV specified as 10. l l l Type The ISO defines the type of the authentication packets as 10, with a length of 1 byte. Length It indicates the length of the authentication TLV, which is 1 byte. Value It indicates the contents of the authentication, including the authentication type and authenticated password, which ranges from 1 to 254, in bytes. The authentication type is 1 byte. Type 0 is reserved. Type 1 indicates plain text authentication. Type 54 indicates MD5 authentication. Type 255 is used for routing domain private authentication methods. The authentication password is saved in the following modes: l l l The authentication password for IIH packets are saved on interfaces. It is implemented as interface authentication. The authentication password for Level-1 LSPs and SNPs are saved in the IS-IS process. It is implemented as area authentication. The authentication password for Level-2 LSPs and SNPs are saved in the IS-IS process. It is implemented as routing domain authentication.

Interface authentication can be classified into the following: l l A router sends authentication packets with the authentication TLV and verifies the authentication information of the packets it receives. A router sends authentication packets with the authentication TLV but does not verify the authentication information of the packets it receives.

For the area authentication and routing domain authentication, you can set a router to authenticate SNPs and LSPs separately. l l A router sends LSPs and SNPs carrying the authentication TLV and verifies the authentication information of the LSPs and SNPs it receives. A router sends LSPs carrying the authentication TLV and verifies the authentication information of the LSPs it receives. The router sends SNPs carrying the authentication TLV but does not verify the authentication information of the SNPs it receives. A router sends LSPs carrying the authentication TLV and verifies the authentication information of the LSPs it receives. The router sends SNPs without the authentication TLV and does not verify the authentication information of the SNPs it receives.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 322

Issue 01 (2011-10-30)

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

A router sends LSPs and SNPs carrying the authentication TLV but does not verify the authentication information of the LSPs and SNPs it receives.

Application Environment
Figure 11-43 Networking for IS-IS authentication on a broadcast network

RouterA

RouterB

RouterC

RouterD

RouterE

The requirements are as follows: l l l IS-IS neighbor relationships can be set up between multiple routers on the same network only when interface authentication is configured in the same manner on all the routers. When multiple routers are in the same area, you must configure area authentication in the same manner on all the routers to ensure the synchronization of their Level-1 LSDBs. When Level-2 neighbor relationships are set up between multiple routers, you must configure routing domain authentication in the same manner on all the routers to ensure the synchronization of their Level-2 LSDBs.

11.7.8.18 Terms and Abbreviations Terms


Term s TLV Description Type-Length-Value TLV encoding features high efficiency and expansibility. It is also called CodeLength-Value (CLV). T indicates that different types can be defined through different values. L indicates the total length of the value field. V indicates the actual data of the TLV and is most important. TLV encoding features high expansibility. New TLVs can be added to support new features, which is flexible in describing information loaded in packets.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

323

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Term s LSP

Description Link State Protocol Data Unit It broadcasts link states in the area and contains all information about a router. The information includes IS-IS neighbors, IP address prefix, the ES it is connected to, and the area address. LSPs are classified into Level-1 LSPs and Level-2 LSPs. A router generates one Level-1 LSP and one Level-2 LSP with fragments included.

CSNP

Complete Sequence Numbers Protocol Data Unit It contains brief information about the local LSDB and is used to synchronize the LSDBs of neighbors. CSNPs are sent and resolved at different levels.

DIS Pseud onodes PE CE NSR

Designated Intermediate System A virtual node that is used to simulate a broadcast network. It is generated by the DIS and sets up neighbor relationships with all routers on the broadcast network. Provider Edge Customer Edge Non-Stop Routing

Abbreviations
Abbreviation IS-IS IGP LSP CSNP SNP DIS TLV SPF MI MT Local-MT URT MIGP GR Full Spelling Intermediate System-Intermediate System Interior Gateway Protocol Link State Protocol Data Unit Complete Sequence Numbers Protocol Data Unit Sequence Number PDU Designated Intermediate System Type-Length-Value Shortest Path First Multiple Instance Multi-topology Local Multicast-Topology Unicast Routing Table IGP Routing Table for Multicast Graceful Restart

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

324

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Abbreviation BGP RM VPN BFD CSPF LSP SNMP MIB PE CE RIB

Full Spelling Border Gateway Protocol Routing Management Virtual Private Networks Bidirectional Forwarding Detection Constraint-based Shortest Path First Lable Switched Path Simple Network Management Protocol Management Information Base Provider Edge Customers Edge Routing Information Base

11.7.9 OSPF
Open Shortest Path First (OSPF) is an interior gateway protocol (IGP) based on the link state developed by the Internet Engineering Task Force (IETF). This topic provides introduction to this feature and describes the principle of this feature.

11.7.9.1 Introduction to OSPF Definition


The Open Shortest Path First (OSPF) protocol, developed by the Internet Engineering Task Force (IETF), is a link-state Interior Gateway Protocol (IGP). At present, OSPF Version 2, defined in RFC 2328, is intended for IPv4, and OSPF Version 3, defined in RFC 2740, is intended for IPv6. OSPF stated in this document refers to OSPFv2, unless otherwise stated.

Purpose
Before the emergence of OSPF, the Routing Information Protocol (RIP) is widely used on networks as an IGP. RIP is a routing protocol based on the distance vector algorithm. Due to its slow convergence, routing loops, and poor scalability, RIP is gradually replaced by OSPF. As a link-state protocol, OSPF can solve many problems encountered by RIP. Additionally, OSPF features have the following advantages: l
Issue 01 (2011-10-30)

Transmits packets in multicast mode to reduce load on the routers that do not run OSPF.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 325

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

l l l

Supports Classless Interdomain Routing (CIDR). Supports load balancing among equal-cost routes. Supports packet encryption.

With the preceding advantages, OSPF is widely accepted and used as an IGP.

11.7.9.2 Specifications
l l l l When using SCUN, the MA5600T/MA5603T supports up to 5120 OSPF routes. When using SCUL, the MA5600T/MA5603T supports up to 1024 OSPF routes. When using SCUB, the MA5600T/MA5603T supports up to 5120 OSPF routes. The MA5600T/MA5603T is able to exchange OSPF route information with the user-side, cascading-side, and network-side devices.

11.7.9.3 References
The following table lists the references of this document. Document RFC 1587 Description This document describes a new optional type of OSPF areas, somewhat humorously referred to as a "not-so-stubby" area (or NSSA). NSSAs are similar to the existing OSPF stub area configuration option but have the additional capability of importing AS external routes in a limited fashion. Proper operation of the OSPF protocol requires that all OSPF routers maintain an identical copy of the OSPF link-state database. However, when the size of the link-state database becomes very large, some routers may be unable to keep the entire database due to resource shortages; we term this "database overflow". This memo documents version 2 of the OSPF protocol. OSPF is a link-state routing protocol. This memo defines enhancements to the OSPF protocol to support a new class of link-state advertisements (LSA) called Opaque LSAs. Opaque LSAs provide a generalized mechanism to allow for the future extensibility of OSPF. This memo describes a backward-compatible technique that may be used by OSPF (Open Shortest Path First) implementations to advertise unavailability to forward transit traffic or to lower the preference level for the paths through such a device. Remarks -

RFC 1765

This RFC is experimental and non-standard.

RFC 2328 RFC 2370

RFC 3137

This RFC is informational and non-standard.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

326

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Document RFC 3623

Description

Remarks

This memo documents an enhancement to the OSPF routing protocol, whereby an OSPF device can stay on the forwarding path even as its OSPF software is restarted. This document describes extensions to the OSPF protocol version 2 to support intra-area Traffic Engineering (TE), using Opaque Link State Advertisements. The use of a packet's Time to Live (TTL) (IPv4) or Hop Limit (IPv6) to protect a protocol stack from CPU-utilization based attacks has been proposed in many settings. This document describes how conventional hopby-hop link-state routing protocols interact with new Traffic Engineering capabilities to create Interior Gateway Protocol (IGP) shortcuts. This document specifies the necessary procedure, using one of the options bits in the LSA (Link State Advertisements) to indicate that an LSA has already been forwarded by a PE and should be ignored by any other PEs that see it. This document extends that specification by allowing the routing protocol on the PE/CE interface to be the Open Shortest Path First (OSPF) protocol. This memo defines a portion of the Management Information Base (MIB) for use with network management protocols in TCP/IP-based internets. In particular, it defines objects for managing version 2 of the Open Shortest Path First Routing Protocol. Version 2 of the OSPF protocol is specific to the IPv4 address family. -

RFC 3630

RFC 3682

This RFC is experimental and non-standard. -

RFC 3906

RFC 4576

RFC 4577

RFC 4750

11.7.9.4 Fundamentals of OSPF


OSPF has the following advantages: l l l l Divides an Autonomous System (AS) into one or multiple logical areas. Advertises routes by sending Link State Advertisements (LSAs). Synchronizes routing information by exchanging OSPF packets between routers in OSPF areas. Encapsulates OSPF packets in IP packets and then sends the packets in unicast mode or multicast mode.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

327

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

OSPF Packet Type


Table 11-19 OSPF packet type Packet Hello packet Database Description (DD) packet Function Hello packets are sent periodically to discover and maintain OSPF neighbor relationships. DD packets carry brief information about the local Link State Database (LSDB) and are used to synchronize the LSDBs of two routers. LSR packets are used to request the required LSAs from neighbors. LSR packets are sent only after DD packets are exchanged successfully. Link State Update (LSU) packet Link State Acknowledgment (LSAck) packet LSU packets are used to send the required LSAs to neighbors. LSAck packets are used to acknowledge the received LSAs.

Link State Request (LSR) packet

LSA Type
Table 11-20 OSPF LSA type LSA Router-LSA (Type1) Function Describes the link status and link cost of a MA5600T/ MA5603T. It is generated by each MA5600T/MA5603T and advertised in the area to which the MA5600T/MA5603T belongs. Describes the link status of all routers in the local network segment. It is generated by a designated router (DR) and advertised in the area to which the DR belongs. Describe the routes in a network segment and advertise the routes to the related non totally STUB or NSSA area. Describes routes to an Autonomous System Boundary Router (ASBR). It is generated by an ABR and advertised in the related areas except the area to which the ASBR belongs. Describes routes to a destination outside the AS. It is generated by an ASBR and advertised in all areas except stub areas and Not-So-Stubby Areas (NSSAs). Describes routes to a destination outside the AS. It is generated by an ASBR and advertised in NSSAs only.

Network-LSA (Type2)

Network-summary-LSA (Type3) ASBR-summary-LSA (Type4) AS-external-LSA (Type5)

NSSA-LSA (Type7)

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

328

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

LSA Opaque-LSA (Type9/ Type10/Type11)

Function Provides a general mechanism for OSPF extension: l Type9 LSAs are advertised in the network segment where interfaces reside. Grace LSAs used to support GR are one type of Type9 LSAs. l Type10 LSAs are advertised in an area. LSAs used to support TE are one type of Type10 LSAs. l Type11 LSAs are advertised in an AS. At present, there are no application examples of Type11 LSAs.

Router Type
Figure 11-44 lists the types of common routers in OSPF. Figure 11-44 Router type

IS-IS

ASBR

Area1 Internal Router Area0

Area4 Backbone Router

Area2

ABR

Area3

Table 11-21 OSPF router type Router Internal router Area Border Router (ABR) Description All interfaces of an internal router belong to the same OSPF area. An ABR can belong to two or more areas, and one of the areas must be a backbone area. An ABR is used to connect the backbone area and nonbackbone areas. It can be physically or logically connected to the backbone area.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

329

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Router Backbone router

Description At least one interface on a backbone router belongs to the backbone area. All ABRs and internal routers in Area 0, therefore, are backbone routers.

AS Boundary Router (ASBR)

An ASBR exchanges routing information with other ASs. An ASBR may not reside at the boundary of an AS. It can be an internal router or an ABR. If an OSPF router imports external routes, the router is an ASBR.

OSPF Route Type


Inter-area routes and intra-area routes describe the network structure of an AS. External routes describe how to select a route to a destination outside an AS. OSPF classifies the imported AS external routes into Type1 and Type2 external routes. Table 11-22 lists route types in descending order of priority. Table 11-22 OSPF route type Route Intra area Inter area Type1 external route Description Intra-area routes Inter-area routes Because of the high reliability of Type1 external routes, the calculated cost of external routes equals that of AS internal routes, and can be compared with the cost of OSPF routes. That is, the cost of a Type1 external route equals the cost of the route from the router to the corresponding ASBR plus the cost of the route from the ASBR to the destination. Type2 external route Because of the low reliability of Type2 external routes, their costs are considered greater than the cost of any internal path to an ASBR. Thus, the cost of a Type2 external route equals the cost of the route from the ASBR to the destination.

Area Type
Table 11-23 OSPF area type Area Totally stub area Function Allows the Type3 default routes advertised by an ABR, and denies the routes outside an AS and inter-area routes.
330

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Area Stub area NSSA Totally NSSA

Function Allows inter-area routes, which is different from a totally stub area. Imports routes outside an AS, which is different from a stub area. An ASBR advertises Type7 LSAs in the local area. Denies inter-area routes, which is different from an NSSA.

OSPF Network Type


According to link layer protocols, OSPF classifies networks into the following types, as shown in Table 11-24. Table 11-24 OSPF network type Network Broadcast Description If the link layer protocol is Ethernet or Fiber Distributed Data Interface (FDDI), OSPF defaults the network type to broadcast. In this type of networks, l Hello packets, LSU packets, and LSAck packets are transmitted in multicast mode. The address 224.0.0.5 is the reserved IP multicast address of the OSPF router, and the address 224.0.0.6 is the reserved IP multicast address of the OSPF DR. l DD packets and LSR packets are transmitted in unicast mode. Non-Broadcast Multiple Access (NBMA) If the link layer protocol is ATM, OSPF defaults the network type to NBMA. In this type of networks, protocol packets, such as Hello packets, DD packets, LSR packets, LSU packets, and LSAck packets, are transmitted in unicast mode. Point-to-Multipoint (P2MP) Regardless of the link layer protocol, OSPF does not default the network type to P2MP. A P2MP network must be forcibly changed from other network types. The common practice is to change a non-fully connected NBMA network to a P2MP network. In this type of networks, l Hello packets are transmitted in multicast mode through the multicast address 224.0.0.5. l Other protocol packets, such as DD packets, LSR packets, LSU packets, and LSAck packets, are transmitted in unicast mode. Point-to-point (P2P) If the link layer protocol is PPP, HDLC, or LAPB, OSPF defaults the network type to P2P. In this type of networks, protocol packets, such as Hello packets, DD packets, LSR packets, LSU packets, and LSAck packets, are transmitted in multicast mode through the multicast address 224.0.0.5.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 331

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Stub Area
A stub area is a special area where ABRs do not flood the received external routes. In a stub area, the size of the routing table of routers and routing information in transmission are greatly reduced. Configuring a stub area is optional. Not all areas can be configured as stub areas. Generally, a stub area is a non-backbone area with only one ABR and is located at the AS boundary. To ensure the reachability of a destination outside an AS, the ABR in a stub area generates a default route and advertises it to non-ABRs in the stub area. Note the following when configuring a stub area: l l l l The backbone area cannot be configured as a stub area. If an area needs to be configured as a stub area, all the routers in this area must be configured with the stub command. An ASBR cannot exist in a stub area. That is, external routes are not flooded in the stub area. A virtual link cannot pass through a stub area.

OSPF Packet Authentication


OSPF supports packet authentication. Only the OSPF packets that pass the authentication can be received. If packets fail to pass the authentication, the neighbor relationship cannot be established. The MA5600T/MA5603T supports the following authentication modes: l l Area authentication mode Interface authentication mode

According to encryption algorithms, the authentication modes supported by the MA5600T/ MA5603T are classified into null, simple, MD5, and HMAC-MD5. When the area authentication mode and interface authentication mode are available, the interface authentication mode is preferred.

OSPF Route Aggregation


The routes with the same prefix can be aggregated into one route and the aggregated route is advertised in other areas. This is called route aggregation. After route aggregation, route information can be reduced. Consequently, the size of routing tables is reduced, which improves the performance of routers. Route aggregation can be carried out in the following manners: l ABR aggregation When an ABR transmits routing information to other areas, it originates Type3 LSAs per network segment. If some consecutive segments exist in this area, you can run the related command to aggregate these segments into one segment. An ABR sends only one
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 332

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

aggregated LSA. Any LSA that belongs to the aggregated network segment specified by the command is not transmitted separately. l ASBR aggregation After route aggregation is enabled, if the local router is an ASBR, it aggregates the imported Type5 LSAs within the aggregated address range. After an NSSA area is configured, the ASBR aggregates the imported Type7 LSAs within the aggregated address range. If the local router is both an ABR and an ASBR, it aggregates Type5 LSAs that are transformed from Type7 LSAs.

OSPF Default Route


A default route refers to the route whose destination address and mask are all 0s. When a router does not have exact matching routes, it can forward packets through default routes. OSPF default routes are applicable to the following situations: l l An ABR advertises the default Type3 summary-LSAs to instruct intra-area routers to forward packets to other areas. An ASBR advertises default Type5 ASE LSAs or Type7 NSSA LSAs to instruct intra-AS routers to forward packets to other ASs.

The principles for advertising OSPF LSAs describing default routes are as follows: l l An OSPF router advertises an LSA that describes a default route only when an interface on the OSPF router is connected to a network outside an area. If an OSPF router has already advertised an LSA that describes a default route, the OSPF route no longer learns LSAs of the same type advertised by other routers. The OSPF router calculates routes by using an LSA describing a default route in an LSDB, but not an LSA of the same type advertised by another router. If the OSPF router needs to advertise an LSA describing a default route only with the help of another route, the route cannot be the one in the local routing domain, that is, not the one learned by the local OSPF process. The external default route guides forwarding outside the local OSPF routing domain but the next hop of the routes in the local OSPF routing domain are inside the local OSPF routing domain, failing to forward packets outside the local OSPF routing domain.

According to the hierarchical management of OSPF routes, the priority of the default Type3 routes is higher than that of the default Type5 or Type7 route. Table 11-25 shows the advertisement of default routes in different areas. Table 11-25 Principles for advertising area-specific default routes Area Type Common area Advertising Principles By default, no default route is generated in a common area, even if a default route exists in the common area. After a default route is generated by another process, the default route must be advertised in an entire OSPF AS. To help OSPF generate a default route, you need to run a command on an ASBR. After the configuration, a default ASE LSA (Type5 LSA) is generated and advertised in the entire OSPF AS.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 333

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Area Type Stub area

Advertising Principles AS external routes in Type5 LSAs cannot be advertised in a stub area. Routers in the stub area have to learn AS external routes from an ABR. The ABR automatically generates a default summary-LSA (Type3 LSA) and advertises it in the entire stub area. Then, routers in the stub area obtain reachable AS external routes through the ABR.

Totally stub area

AS external routes in Type5 LSAs or inter-area routes in Type3 LSAs cannot be advertised in a totally stub area. Routers in the totally stub area have to learn AS external routes and the routes to other areas through an ABR. To help OSPF generate a default router, you need to configure a totally stub area. After the totally stub area is configured, an ABR automatically generates a default summary-LSA (Type3 LSA) and advertises it to the entire totally stub area. Then, routers in the totally stub area obtain reachable AS external routes and routes to other areas through the ABR.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

334

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Area Type NSSA area

Advertising Principles A small number of AS external routes that are obtained through the ASBR in the NSSA area can be imported to an NSSA area, but routes to other areas in ASE LSAs (Type5 LSAs) cannot be advertised in the NSSA area. Routers in the NSSA area obtain AS external routes only through the ASBR in the same NSSA. No default route is generated after an NSSA area is configured. After an NSSA area is configured, either of the following operations can be performed to help OSPF generate a default route: l To help obtain AS external routes through the ASBR in the NSSA area and other external routes through other areas, you need to configure the relevant command on the ABR. The ABR then generates a default NSSA LSA (Type7 LSA) and advertises it in the entire NSSA. In this manner, a small number of AS external routes can be obtained through the ASBR in the NSSA, and other routes to other areas can be obtained through the ABR in the NSSA area connected to ASBR in other areas. l To help OSPF obtain all external routes only through the ASBR in the NSSA area, you need to run commands on the ASBR. The ASBR then generates a default NSSA LSA (Type7 LSA) and advertises it to the entire NSSA. In this manner, all external routes can be received only through the ASBR in an NSSA. In the preceding operations, the same command is run in different views. On an ABR, a Type7 LSA describing a default route is generated regardless of whether there is the route to 0.0.0.0 in the routing table. On an ASBR, a Type7 LSA describing a default route is generated only when there is the route to 0.0.0.0 in the routing table. The default route is flooded only in an NSSA area but not flooded in the entire OSPF area. If no route is found in the NSSA, the LSAs that are generated in the local NSSA area are sent out from the ASBR in the NSSA. LSAs of other OSPF areas, however, cannot be sent to other ASs through the ASBR. A Type7 LSA describing a default route is neither translated into a Type5 LSA describing a default route on an ABR nor advertised in the entire OSPF routing domain.

Totally NSSA area

External routes in ASE LSAs (Type5 LSAs) to other areas or interarea routes in Type3 LSAs cannot be advertised in a totally NSSA area. Routers in the totally NSSA area learn routes to other areas from an ABR. You can configure a totally NSSA area so that an ABR automatically generates a default Type3 LSA and advertises it to the entire totally NSSA. In this manner, routes to external areas and interarea routes can be advertised in the totally NSSA area through the ABR.

OSPF Route Filtering


OSPF supports the filtering of routes through routing policies. By default, OSPF does not filter routes.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 335

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Routing policies used by OSPF include the routing policy, ACL, and IP prefix list. For details, refer to RM Feature Description. OSPF route filtering is applicable to the following situations: l Import of routes OSPF imports the routes that are learnt by other protocols. When OSPF imports routes, you can filter the routes by configuring routing policies so that OSPF imports only eligible routes. l Advertisement of imported routes OSPF advertises the imported routes to neighbors. Routing information to be advertised to neighbors can be filtered through the configured filtering rules. The filtering rules take effect only when being configured on ASBRs because only the ASBRs can import routes. l Learning of routes Filtering rules can be configured to enable OSPF to filter the received intra-area, inter-area, and AS external routes. The filtering action determines whether to add routing entries to the routing table. That is, only the routes that pass the filtering are added to the local routing table. All the routes, however, can still be advertised from the OSPF routing table. l Learning of inter-area LSAs ABRs can be configured to filter the incoming summary-LSAs of the local area through a command. This configuration takes effect only on ABRs because only the ABRs can advertise summary-LSAs. Table 11-26 Differences between inter-area LSA learning and route learning Inter-area LSA Learning Filters the incoming LSAs of an area directly. Route Learning Filters only the calculated routes in LSAs to determine whether these routes are added to the local routing table.

Advertisement of inter-area LSAs ABRs can be configured to filter the outgoing summary-LSAs of the local area through a command. This configuration takes effect only on ABRs.

OSPF Virtual Link


A virtual link refers to a logical channel established between two ABRs through a non-backbone area. l l A virtual link must be configured on both ends of the link; otherwise, it does not take effect. A transit area refers to the area that provides an internal route of a non-backbone area for both ends of the virtual link.

According to RFC 2328, during the deployment of OSPF, all the non-backbone areas need to be connected to the backbone area. Otherwise, some areas will be unreachable.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 336

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

As shown in Figure 11-45, Area 2 is not connected to the backbone area (Area 0), and Router A is not an ABR. Therefore, Router A does not advertise routing information of Network 1 in Area 0. As a result, Router B does not have the route to Network 1. Figure 11-45 Non-Backbone Area Not Connected to the Backbone Area

Network1 Area0 Area1 ABR RouterA

RouterB Area2

In actual applications, physical connectivity between non-backbone areas and backbone areas cannot be ensured because of various limitations. To solve this problem, you can configure OSPF virtual links. A virtual link is similar to a P2P connection between two ABRs. Similar to physical interfaces, the interfaces on both ends of the virtual link can be configured with parameters such as the interval for sending Hello packets. Figure 11-46 OSPF virtual link

Area0 ABR Virtual Link Area1 Transit Area ABR

Area2

As shown in Figure 11-46, OSPF packets transmitted between two ABRs are only forwarded by the OSPF routers that reside between the two ABRs. These routers detect that they are not the destinations of the packets, thus forwarding the packets as common IP packets.

OSPF Multi-process
OSPF supports multi-process. Multiple OSPF processes can run on the same router, and they are independent of each other. Route interaction between different OSPF processes is similar to route interaction between different routing protocols. An interface of a router belongs to only a certain OSPF process. A typical application of OSPF multi-process is to run OSPF between PEs and CEs in the VPN where OSPF is also adopted in the backbone network. On the PEs, the two OSPF processes are independent of each other.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 337

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

11.7.9.5 OSPF GR
Routers generally operate with the separation of the control plane and forwarding plane. When the network topology remains stable, the restart of the control plane does not affect the forwarding plane, and the forwarding plane can still forward data properly. This ensures nonstop service forwarding. In graceful restart (GR) mode, the forwarding plane continues to direct data forwarding once a restart occurs, and the actions on the control plane, such as the re-establishment of neighbor relationships and route calculation, do not affect the forwarding plane. In this manner, service interruption caused by route flapping is prevented so that the network reliability is improved.

Basic Concepts
GR is a technology used to ensure normal traffic forwarding and non-stop forwarding of key services during the restart of routing protocols. Unless otherwise stated, GR described in this section refers to the GR technology defined in RFC 3623. GR is one of high availability (HA) technologies, which comprise a set of comprehensive technologies, such as fault-tolerant redundancy, link protection, faulty node recovery, and traffic engineering. As a fault-tolerant redundancy technology, GR is widely used to ensure non-stop forwarding of key services during master/slave switchover and system upgrade. Concepts involved are as follows: l Grace-LSA OSPF supports GR by flooding grace LSAs. Grace LSAs are used to inform the neighbor of the GR time, cause, and interface address when GR starts and ends. l Role of a router during GR Restarter: indicates the router that restarts. The Restarter can be configured to support totally GR or partly GR. Helper: refers to the router that helps the Restarter. The Helper can be configured to support planned GR or unplanned GR or selectively support GR through the configured policies. l Cause of GR Unknown: indicates that GR is triggered by an unknown reason. Software restart: indicates that GR is triggered by commands. Software reload/upgrade: indicates that GR is triggered by software restart or upgrade. Switch to redundant control processor: indicates that GR is triggered by the abnormal master/slave switchover. l GR period The GR period cannot exceed 1800 seconds. OSPF routers can exit from GR regardless of whether GR succeeds or fails, without waiting for GR to expire.

Classification of GR
l Totally GR: indicates that when a neighbor of a router does not support GR, the router exits from GR.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 338

Issue 01 (2011-10-30)

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

l l

Partly GR: indicates that when a neighbor does not support GR, only the interface associated with this neighbor exits from GR, whereas the other interfaces perform GR normally. Planned GR: indicates that a router restarts or performs the master/slave switchover by using the command. The Restarter sends a grace LSA before restart or master/slave switchover. Unplanned GR: indicates that a router restarts or performs the master/slave switchover because of faults. A router directly performs the master/slave switchover, without sending a grace LSA, and then enters GR after the slave board goes Up. The process of unplanned GR is the same as that of planned GR.

GR Process
l A router starts GR. In planned GR mode, after the master/slave switchover is triggered through a command, the Restarter sends a grace LSA to all neighbors to inform them of the start, period, and cause of GR, and then performs the master/slave switchover. In unplanned GR, the Restarter does not send the grace LSA. In unplanned GR mode, the Restarter sends a grace LSA immediately after the slave board goes Up, informing neighbors of the start, period, and cause of GR. The Restarter then sends a grace LSA to each neighbor for five consecutive times. This ensures that neighbors receive the grace LSA. This operation is proposed by manufacturers but not defined by the OSPF protocol. The Restarter sends a grace LSA to notify neighbors that it enters GR. During GR, neighbors keep neighbor relationships with the Restarter so that other routers cannot detect the switchover of the Restarter. l GR process

Figure 11-47 OSPF GR process

RouterA

RouterB

Restarter Before the active/ standby switchover Switchover Finish switchover

Helper Grace-LSA LSAck Enter Helper

Return LSAck packet for the received LSA Grace-LSA Updates the GR Enter GR period for the Grace-LSAs received Send Hello packets, negotiate, Grace-LSAs exchange DD packets, and synchronize LSDB Full Flush Grace-LSA Exit the Helper successfully and generate Router-LSA

Exit GR successfully, calculate routes, and generate LSA

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

339

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

The router exits from GR. Table 11-27 Cause that a router exits from GR Executi on of GR GR succeed s. Restarter Helper

Before GR expires, the Restarter reestablishes neighbor relationships with all the neighbors before the master/slave switchover.

After the Helper receives the grace LSA with the Age being 3600s from the Restarter, the neighbor relationship between the Helper and Restarter enters the Full state. l The Helper does not receive the grace LSA from the Restarter before the neighbor relationship expires. l The status of the interface that functions as the Helper changes. l The Helper receives the LSA that is inconsistent with the LSA in the local LSDB from another router. This situation can be excluded after the Helper is configured not to perform strict LSA check. l The Helper receives the grace LSAs from two routers on the same network segment at the same time. l Neighbor relationships between the Helper and other neighbors change.

GR fails.

l GR expires, and neighbor relationships do not recover completely. l The router LSA or network LSA sent by the Helper causes the Restarter to fail to perform bidirectional check. l The status of the interface that functions as the Restarter changes. l The Restarter receives the 1-way Hello packet from the Helper. l The Restarter receives the grace LSA that is generated by another router on the same network segment. On the same network segment, only one router can perform GR. l On the same network segment, neighbors of the Restarter have different DRs or BDRs because the topology changes.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

340

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Comparison between the GR Mode and Non-GR Mode


Table 11-28 Comparison between the GR mode and non-GR mode Master/slave Switchover in Non-GR Mode l OSPF neighbor relationships are reestablished. l Routes are recalculated. l The forwarding table changes. l The entire network detects route changes, and route flapping occurs for a short period of time. l Packets are lost during forwarding, and services are interrupted. Master/slave Switchover in GR Mode l OSPF neighbor relationships are reestablished. l Routes are recalculated. l The forwarding table remains unchanged. l Except the neighbors of the device where the master/slave switchover occurs, other routers do not detect route changes. l No packets are lost during forwarding, and services are not affected.

11.7.9.6 OSPF NSSA Definition


OSPF Not-So-Stubby Areas (NSSAs) are a new type of OSPF areas. Derived from stub areas, NSSAs resemble stub areas in many ways. The difference between NSSAs and stub areas is that NSSAs can import and flood AS external routes to the entire OSPF AS, without learning external routes in other areas of the OSPF network.

Purpose
As defined in OSPF, stub areas cannot import external routes. This prevents a large number of external routes from consuming the bandwidth and storage resources of the Router s in stub areas. Stub areas thus cannot meet the requirement of the scenario where external routes need to be imported and resource consumption caused by external routes also needs to be avoided. Therefore, NSSAs are introduced. Figure 11-48 NSSA

RIP Type5 Type5 Area2 Type5 Type5 Area0 NSSA Area Type7 Area1

RIP

ASBR

ABR

ABR

ASBR

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

341

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Type7 LSA
l l l l Type7 LSAs are a new type of LSAs that are introduced to support NSSAs and describe the imported external routes. Type7 LSAs are generated by the ASBRs of NSSAs and flooded only in the NSSAs where ASBRs reside. When receiving Type7 LSAs, the ABRs of NSSAs selectively translate the Type7 LSAs to Type5 LSAs so that external routes can be advertised in other areas of the OSPF network. Default routes can also be expressed through Type7 LSAs so that traffic can be forwarded to other ASs.

N-bit
Router s in an area must be configured with the same area type. In OSPF, the N-bit is carried in a Hello packet to identify that a Router supports NSSAs. OSPF neighbor relationships cannot be established between the Router s with different area types. Disobeying RFC 1587, some manufacturers also set the N-bit in OSPF Database Description (DD) packets. Huawei devices can be configured to be compatible with the devices of these manufacturers for interworking.

Translating Type7 LSAs to Type5 LSAs


To advertise the external routes imported by NSSAs in other areas, you need to translate Type7 LSAs to Type5 LSAs so that the external routes can be advertised in the entire OSPF network. l l l The Propagate bit (P-bit) informs a Router whether Type7 LSAs need to be translated. The ABR with the largest Router ID in an NSSA translates Type7 LSAs to Type5 LSAs. Only the Type7 LSAs with the set P-bit and forwarding address not being 0 are translated to Type5 LSAs. A forwarding address indicates that the packet to a specific destination address is to be forwarded to the address specified by the forwarding address. The default Type7 LSAs meeting the preceding conditions can also be translated. The Type7 LSAs generated by ABRs are not set with the P-bit.

l l

Preventing Loops Caused by Default Routes


There may be multiple ABRs in an NSSA. To prevent routing loops, ABRs do not calculate the default routes advertised by the peer.

11.7.9.7 BFD for OSPF Definition


Bidirectional Forwarding Detection (BFD) is a mechanism to detect communication faults between forwarding engines. To be specific, BFD detects connectivity of a data protocol on the same path between two systems. The path can be a physical link, a logical link, or a tunnel. In BFD for OSPF, a BFD session is associated with OSPF. The BFD session fast detects a link fault and then notifies OSPF of the fault. This speeds up OSPF's response to the change of the network topology.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 342

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Purpose
The link fault or the topology change may cause Routers to recalculate routes. Therefore, the convergence of routing protocols must be sped up to improve the network performance. Link faults are unavoidable. Therefore, a feasible solution is required to detect faults faster and notify the faults to routing protocols immediately. If BFD is associated with routing protocols, once a link fault occurs, BFD can speed up the convergence of routing protocols. Table 11-29 BFD for OSPF Associated with BFD or Not Not associated with BFD Associated with BFD Link Fault Detection Mechanism Convergence Speed At the second level At the millisecond level

An OSPF Dead timer expires. By default, the timeout period of the timer is 40s. A BFD session goes Down.

Principle
Figure 11-49 BFD for OSPF
RouterA GE2/0/0 cost=1 RouterB

RouterC

The principle of BFD for OSPF is shown in Figure 11-49. 1. 2. 3. 4. OSPF neighbor relationships are established between these three Routers. After a neighbor relationship becomes Full, this triggers BFD to establish a BFD session. The outbound interface on Router A connected to Router B is GE 2. If the link fails, BFD detects the fault and then notifies Router A of the fault. Router A processes the event that a neighbor relationship becomes Down and re-calculates routes. After calculation, the outbound interface is GE 1 passes through Router C and then reaches Router B.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

co st =1 0

GE1/0/0

co st =1

343

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

11.7.9.8 OSPF Smart-discover Definition


Generally, routers periodically send Hello packets through OSPF interfaces. That is, a router sends a Hello packet at the Hello interval by using a Hello timer. Sending Hello packets at a fixed interval slows down the establishment of OSPF neighbor relationships. Enabling Smart-discover can speed up the establishment of OSPF neighbor relationships in specific scenarios. Table 11-30 OSPF Smart-discover Smart-discover Is Configured or Not Smart-discover Is Not Configured Processing l Hello packets are sent only when the Hello timer expires. l A Hello packet is sent at the Hello interval. l Neighbors keep waiting to receive Hello packets within the timeout period. Smart-discover Is Configured l Hello packets are sent directly regardless of whether the Hello timer expires. l Neighbors can receive packets rapidly and perform status transition fast.

Principle
In the following scenarios, the interface enabled with Smart-discover can send Hello packets to neighbors actively, without having to wait for the Hello timer to expire: l l The neighbor status becomes 2-way for the first time. The neighbor status changes from 2-way or a higher state to Init.

11.7.9.9 OSPF-BGP Association Definition


When a new router is deployed in the network or a router is restarted, network traffic may be lost during BGP convergence. This is because IGP convergence is faster than BGP convergence. This problem can be solved through the association between OSPF and BGP.

Purpose
If a backup link exists, during traffic switchback, BGP traffic is lost because BGP route convergence is slower than OSPF route convergence. As shown in Figure 11-50, Router A, Router B, Router C, and Router D run OSPF and establish IBGP connections. Router C is the backup device of Router B. When the network is stable, BGP and OSPF routes converge completely on the devices.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 344

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Normally, traffic from Router A to 10.3.1.0/30 passes through Router B. When Router B is faulty, traffic is switched to Router C. After Router B recovers, traffic is switched back to Router B; however, packet loss occurs. When traffic is switched back to Router B, IGP route convergence is faster than BGP route convergence. Consequently, OSPF routes converge first, whereas BGP route convergence is not complete. As a result, Router B does not know how to reach 10.3.1.0/30. Therefore, when packets from Router A to 10.3.1.0/30 are sent to Router B, they are discarded by Router B because Router B has no route to 10.3.1.0/30. Figure 11-50 OSPF-BGP association

RouterC
10.1.2.2/30 10.1.4.1/30

AS 20 RouterF
10.3.1.2/30

10.1.2.1/30

10.1.4.2/30

10.3.1.1/30

RouterA AS 10 RouterD
10.1.1.1/30

EBGP
10.2.1.1/30

RouterE
10.2.1.2/30

10.1.3.2/30

10.1.1.2/30

10.1.3.1/30

RouterB

Principle
The router enabled with OSPF-BGP association remains to be a stub router within the set association period. That is, the link metric in the LSA advertised by the router is the maximum value of 65535. In this manner, the router instructs other OSPF routers not to use it as a transit router for data forwarding. In Figure 11-50, OSPF-BGP association is enabled on Router B. In this situation, before BGP route convergence is complete, Router A continues to forward traffic to the backup link Router C, without forwarding traffic to Router B, until BGP route convergence on Router B is complete.

11.7.9.10 OSPF Database Overflow Definition


OSPF requires that routers in the same area have the same Link State Database (LSDB). With the continuous increase in routes on the network, some routers fail to bear so much routing information because of limited system resources. This situation is called OSPF database overflow.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 345

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Purpose
l Configuring stub areas or NSSAs can solve the problem that the continuous increase in routing information causes the exhaustion of system resources of routers. Nevertheless, configuring stub areas or NSSAs cannot solve the problem that the unexpected increase in dynamic routes causes the database overflow. Setting the maximum number of external LSAs in the LSDB can dynamically limit the LSDB capacity, thus avoiding the problem caused by the database overflow.

Principle
Setting the maximum number of non-default external routes on a router can avoid database overflow. All routers on the OSPF network must be set with the same upper limit. In this manner, if the number of external routes on a router reaches the upper limit, the router enters the Overflow state and starts an overflow timer so that the timer automatically exits from the overflow state after the timer expires. Table 11-31 OSPF database overflow Phase of the Overflow State Entering the overflow state Staying in the overflow state OSPF Processing A router deletes all the non-default routes generated by itself. l The router does not generate non-default routes. l The router discards the newly received non-default routes, and does not reply with an LSAck packet. l When the overflow timer expires, the router checks whether external routes still exceed the upper limit. If so, the router restarts the timer. If not, the router exits from the overflow state. Exiting from the overflow state l The router deletes the overflow timer. l The router generates non-default routes. l The router learns the newly received non-default routes, and replies with an LSAck packet. l The router prepares to enter the overflow state for the next time.

11.7.9.11 OSPF Fast Convergence


OSPF fast convergence is an extended feature of OSPF implemented to speed up the convergence of routes. It includes the following: l I-SPF Incremental SPF (I-SPF) recalculates only the routes of the changed nodes rather than all the nodes when the network topology changes. This speeds up the calculation of routes. l
Issue 01 (2011-10-30)

PRC
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 346

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Partial Route Calculation (PRC) calculates only the changed routes when the routes on the network change. l Intelligent timer An Open Shortest Path First (OSPF) intelligent timer can dynamically adjust its value according to the user's configuration and the interval at which an event is triggered such as the route calculation interval, which ensures rapid and stable operation of a network. The OSPF intelligent timer applies the exponential backoff technology so that the value of the timer can reach the millisecond level.

I-SPF (Incremental SPF)


In ISO 10589, the Dijkstra algorithm is adopted to calculate routes. When a node changes on the network, this algorithm is used to recalculate all routes. The calculation lasts a long time and consumes too many CPU resources, thus affecting the convergence speed. I-SPF improves this algorithm. Except for the first time, only changed nodes instead of all nodes are involved in calculation. The SPT generated at last is the same as that generated by the previous algorithm. This decreases the CPU usage and speeds up the network convergence.

PRC (Partial Route Calculation)


Similar to I-SPF, PRC calculates only the changed routes. PRC, however, does not calculate the shortest path. It updates the routes based on the SPT calculated by I-SPF. In route calculation, a leaf represents a route, and a node represents a router. The SPT change and leaf change cause the change of routing information, but the SPT change is irrelevant to the leaf change. PRC processes routing information based on SPT or leaf information. l l l l If the SPT changes, PRC processes the routing information of all leaves on a changed node. If the SPT does not change, PRC does not process the routing information on any node. If the leaf changes, RPC processes the routing information on the leaf only. If the leaf does not change, PRC does not process the routing information on any leaf.

For example, if OSPF is enabled on an interface of a node, the SPT calculated by I-SPF remains unchanged. In this case, PRC updates only the routes of this interface, thus consuming less CPU resources. PRC working with I-SPF further improves the convergence performance of the network. It is an improvement of the original SPF algorithm.
NOTE

In the implementation of device, only I-SPF and PRC are used to calculate OSPF routes.

OSPF Intelligent Timer


On an unstable network, routes are frequently calculated, which consumes a great number of CPU resources. In addition, LSPs that describe the unstable topology are generated and transmitted on the unstable network. Frequently processing such LSAs affects the rapid and stable operation of the entire network. The OSPF intelligent timer controls route calculation, LSA generation, and LSA receiving to speed up route convergence on the entire network. The OSPF intelligent timer speeds up route convergence in the following modes:
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 347

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

On a network where routes are repeatedly calculated, the OSPF intelligent timer dynamically adjusts the route calculation according to the user's configuration and the exponential backoff technology. In this manner, the number of route calculation times and the CPU resource consumption are decreased. Routes are calculated after the network topology becomes table. On an unstable network, if a router generates or receives LSAs due to frequent topology changes, the OSPF intelligent timer can dynamically adjust its value. No LSA is generated or handled within an interval, which prevents invalid LSAs from being generated and advertised on the entire network.

By default, the OSPF intelligent timer is started and uses the default value.

11.7.9.12 OSPF Mesh-Group Definition


In the scenario where there are multiple concurrent links, OSPF mesh-group can be deployed to classify links into a mesh group. In this manner, OSPF floods LSAs to only a link selected from the mesh group. This prevents unnecessary burden on the system caused by repetitive flooding. By default, mesh-group is disabled.

Purpose
After receiving or generating an LSA, an OSPF process floods the LSA. When there are multiple concurrent links, OSPF floods the LSA to each link and sends Update messages. In this case, if there are 2000 concurrent links, OSPF floods each LSA for 2000 times. Only one flooding, however, is valid. The flooding for the other 1999 times is repetitive. To prevent burden on the system caused by repetitive flooding, you can enable mesh-group to classify concurrent links into a mesh group and then select a primary link for flooding.

Principles
When multiple concurrent links exist between a router and its neighbor, you can enable OSPF mesh-group to reduce the burden on the links. As shown in Figure 11-51, Router A and Router B, which are connected through three links, establish an OSPF neighbor relationship. After receiving a new LSA from interface 4, Router A floods the LSA to Router B through interfaces 1, 2, and 3. This causes a heavy load on the concurrent links. For the neighbor with concurrent links, only a primary link is selected to flood the LSA. Figure 11-51 Flooding of LSAs when OSPF mesh-group is disabled

1 LSA 4 2 3 LSA

LSA

RouterA

LSA

RouterB

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

348

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

When multiple concurrent links exist between the devices enabled with OSPF mesh-group and neighbors, the device selects one primary link to flood the received LSAs, as shown in Figure 11-52. As defined in OSPF, LSAs can be flooded to a link only when the neighbor status is not lower than Exchange. In this case, when the status of the interface on the primary link is lower than Exchange, OSPF reselects a primary link from the concurrent links and then floods the LSA. After receiving the LSA flooded by Router A from link 1, Router B no longer floods the LSA to Router A through interfaces 2 and 3. Figure 11-52 Flooding of LSAs when OSPF mesh-group is enabled

1 LSA 4 2 3 LSA LSA

LSA

RouterA

RouterB

As defined by mesh-group, the Router ID of a neighbor uniquely identifies a mesh group. The interfaces connected to the same neighbor and with the status greater than Exchange, belong to the same mesh group. As shown in Figure 11-53, a mesh group of Router A resides in Area 0, which contains the links of interface 1 and interface 2. There is more than one neighbor of interface 3 that resides on the broadcast link. Therefore, interface 3 cannot join the mesh group. Figure 11-53 Interfaces failing to be added to a mesh group

1 4 2 3

RouterB

RouterA

Area0

NOTE

After a router is enabled with mesh-group, if the Router IDs of the router and its directly connected neighbor are the same, the LSDBs cannot be synchronized and routes cannot be calculated correctly. In this case, you need to reconfigure the Router ID of the neighbor. Note that it is incorrect to configure the Router ID of the neighbor the same as that of the router.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

349

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

11.7.9.13 Priority-based OSPF Convergence


Priority-based OSPF convergence ensures that specific routes converge first in the case of a great number of routes. Different routes can be set with different convergence priorities. This allows important routes to converge first and thus improves network reliability. By using priority-based OSPF convergence, users can assign a high convergence priority to routes for key services so that those routes can converge fast. This decreases impact on key services.

11.7.9.14 Terms and Abbreviations Terms


Term PE CE Description Provider Edge: It is an edge router on an SP network, and is connected to the CE. PEs process all VPN services. Customer Edge: It is an edge router on the user network, and is connected to the PE. CEs cannot detect the connected VPN.

Abbreviations
Abbreviation OSPF GR LSA CSPF Full Spelling Open Shortest Path First Graceful Restart Link State Advertisement Constraint Shortest Path First

11.7.10 BGP
The Border Gateway Protocol (BGP) is an inter-AS dynamic routing protocol.

11.7.10.1 Introduction to BGP Definition


The Border Gateway Protocol (BGP) is a dynamic routing protocol used between autonomous systems (ASs). BGP-1 (defined in RFC 1105), BGP-2 (defined in RFC 1163), and BGP-3 (defined in RFC 1267) are three earlier-released versions of BGP. BGP exchanges the reachable inter-AS routes, establishes inter-AS paths, avoids routing loops, and applies routing policies between ASs. The current BGP version is BGP-4 defined by RFC 4271.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 350

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

As an exterior routing protocol on the Internet, BGP is widely used among Internet Service Providers (ISPs). BGP has the following characteristics: l Different from the Interior Gateway Protocol (IGP) such as Open Shortest Path First (OSPF) and Routing Information Protocol (RIP), BGP is an Exterior Gateway Protocol (EGP), which controls the route advertisement and selects the optimal route between ASs rather than discover and calculate routes. BGP uses the Transport Control Protocol (TCP) with the listening port number being 179 as the transport layer protocol. The reliability of BGP is thus enhanced. BGP selects inter-AS routes, which proposes high requirements on the reliability of the protocol. TCP with high reliability, therefore, is used to enhance the stability of BGP. BGP peers must be logically connected and establish TCP connections. The destination port number is 179 and the local port number is random. l l BGP supports Classless Inter-Domain Routing (CIDR). BGP transmits only the updated routes when routes are being updated. This reduces the bandwidth occupied by BGP for route distribution. Therefore, BGP is applicable to the Internet where a large number of routes are transmitted. BGP is a distance-vector routing protocol. BGP is designed to avoid loops. Inter-AS: BGP routes carry information about the ASs along the path. The routes that carry the local AS number are discarded, thus avoiding inter-AS loops. Intra-AS: BGP does not advertise the routes learned in the AS to the BGP peers, thus avoiding intra-AS loops. l l l BGP provides rich routing policies to flexibly select and filter routes. BGP provides the mechanism for preventing route flapping, which effectively enhances the stability of the Internet. BGP can be easily extended to adapt to the development of networks.

l l

Purpose
BGP transmits routes between ASs. It, however, is not required in all situations.

Issue 01 (2011-10-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

351

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Figure 11-54 Application scenario of BGP


Client AS

IBGP EBGP EBGP

ISP1 Internet

ISP2

BGP is required in the following situations: l As shown in Figure 11-54, the user needs to be connected to two or more ISPs. The ISPs need to provide all or part of the Internet routes for the user. The Router , therefore, selects the optimal route through the AS of an ISP to the destination according to the AS_Path carried in BGP routes. Different organizations need to transmit the AS_Path.

BGP is not required in the following situations: l l l The user is connected to only one ISP. The ISP does not need to provide Internet routes for users. ASs are connected through default routes.

11.7.10.2 Specifications
l IPV4: When using SCUN, the MA5600T/MA5603T supports up to 4096 BGP routes. When using SCUL, the MA5600T/MA5603T supports up to 1000 BGP routes. When using SCUF, the MA5600T/MA5603T supports up to 4096 BGP routes. When using SCUB, the MA5600T/MA5603T supports up to 2300 BGP routes. l The MA5600T/MA5603T supports one local AS.

11.7.10.3 References
Table 11-32 lists the references of this feature.
Issue 01 (2011-10-30) Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 352

SmartAX MA5600T/MA5603T Multi-service Access Module Feature Description

11 Layer 3 Features

Table 11-32 References Document RFC 4271 RFC 4760 RFC 3392 RFC 2918 RFC 2439 RFC 1997 RFC 4456 RFC 3065 RFC 3232 RFC 827 RFC 3682 RFC 4724 draft-rijsman-bfddown-subcode-00 RFC 4486 Description A Border Gateway Protocol 4 (BGP-4) Multiprotocol Extensions for BGP-4 Capabilities Advertisement with BGP-4 Route Refresh Capability for BGP-4 BGP Route Flap Damping BGP Communities Attribute BGP Route Reflection Autonomous System Confederations for BGP Assigned Numbers: RFC 1700 is Replaced by an On-line Database Exterior Gateway Protocol (EGP) The Generalized TTL Security M