Beruflich Dokumente
Kultur Dokumente
V100R003C00
Product Description
Issue
01
Date
2009-12-15
Huawei Technologies Co., Ltd. provides customers with comprehensive technical support and service. For any
assistance, please contact our local office or company headquarters.
Website:
http://www.huawei.com
Email:
support@huawei.com
Notice
The purchased products, services and features are stipulated by the contract made between Huawei and the
customer. All or part of the products, services and features described in this document may not be within the
purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information,
and recommendations in this document are provided "AS IS" without warranties, guarantees or representations
of any kind, either express or implied.
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute the warranty of any kind, express or implied.
Contents
Contents
About This Document.....................................................................................................................1
1 Product Overview.......................................................................................................................1-1
1.1 Introduction.....................................................................................................................................................1-2
1.2 Carrier-class Maintainability...........................................................................................................................1-2
1.3 Multi-Service Access......................................................................................................................................1-2
1.4 Flexible Networking Capability......................................................................................................................1-3
1.5 End-to-End QoS..............................................................................................................................................1-3
1.6 Rich Expansibility...........................................................................................................................................1-3
1.7 Powerful Security Measures............................................................................................................................1-4
1.8 Convenient Operation, Administration, and Maintenance..............................................................................1-4
1.9 Green Design...................................................................................................................................................1-5
1.10 Lightningproof Technologies........................................................................................................................1-5
2 System Architecture...................................................................................................................2-1
2.1 Hardware Structure ........................................................................................................................................2-2
2.2 Functional Modules.........................................................................................................................................2-5
2.2.1 Hardware Logical Structure ..................................................................................................................2-5
2.2.2 SCU .......................................................................................................................................................2-6
2.3 Software Architecture ....................................................................................................................................2-7
3 Link Features...............................................................................................................................3-1
3.1 Basic Ethernet Features ..................................................................................................................................3-2
3.1.1 Link Aggregation ..................................................................................................................................3-2
3.1.2 Flow Control on Interfaces ....................................................................................................................3-2
3.1.3 Suppression of Broadcast Storms ..........................................................................................................3-2
3.1.4 VLAN ....................................................................................................................................................3-3
3.2 Advanced Ethernet Features ...........................................................................................................................3-4
3.2.1 VLAN Mapping ....................................................................................................................................3-4
3.2.2 QinQ ......................................................................................................................................................3-4
3.2.3 Selective QinQ.......................................................................................................................................3-4
3.3 STP, RSTP, and MSTP...................................................................................................................................3-5
3.3.1 STP and RSTP .......................................................................................................................................3-5
3.3.2 MSTP.....................................................................................................................................................3-5
3.3.3 MSTP Protection ...................................................................................................................................3-5
Issue 01 (2009-12-15)
Contents
4 Service Features..........................................................................................................................4-1
4.1 IPv4 Forwarding..............................................................................................................................................4-2
4.1.1 IPv4 Features..........................................................................................................................................4-2
4.1.2 Unicast Routing Features.......................................................................................................................4-2
4.1.3 Multicast Routing Features....................................................................................................................4-2
4.2 Multicast .........................................................................................................................................................4-3
4.2.1 IGMP Snooping .....................................................................................................................................4-3
4.2.2 Prompt Leave of Multicast Member Interfaces .....................................................................................4-3
4.2.3 Flow Control of Multicast Traffic .........................................................................................................4-4
4.2.4 Multicast Across VLANs ......................................................................................................................4-4
4.2.5 Controllable Multicast............................................................................................................................4-4
4.3 QoS..................................................................................................................................................................4-4
4.3.1 Traffic Classification .............................................................................................................................4-5
4.3.2 Access Control and Re-marking............................................................................................................4-5
4.3.3 Traffic Policing .....................................................................................................................................4-6
4.3.4 Congestion Management .......................................................................................................................4-6
4.3.5 Congestion Avoidance...........................................................................................................................4-6
4.3.6 Rate Limit on Interfaces.........................................................................................................................4-7
4.3.7 Aggregation CAR...................................................................................................................................4-7
4.4 Routing Protocols ...........................................................................................................................................4-7
4.5 High Availability.............................................................................................................................................4-7
4.5.1 MSTP Link Backup and Protection ......................................................................................................4-7
4.5.2 RRPP Fast Protection Switchover .........................................................................................................4-8
4.5.3 Smart Link Dual-Homing Protection.....................................................................................................4-8
4.6 Ethernet OAM ................................................................................................................................................4-8
4.7 LLDP...............................................................................................................................................................4-8
4.8 Cluster Management.......................................................................................................................................4-9
4.9 Stacking...........................................................................................................................................................4-9
4.10 PoE..............................................................................................................................................................4-10
4.11 IPv6.............................................................................................................................................................4-10
4.12 Security........................................................................................................................................................4-10
4.12.1 Device Security .................................................................................................................................4-10
4.12.2 Service Security .................................................................................................................................4-12
4.12.3 Security Authentication......................................................................................................................4-12
ii
Issue 01 (2009-12-15)
Contents
6 Networking Applications.........................................................................................................6-1
6.1 Application in the MAN..................................................................................................................................6-2
6.2 Application in the NGN Bearer Network........................................................................................................6-2
6.3 Layered Ring Network -RRPP........................................................................................................................6-3
6.4 Application of VLAN Mapping......................................................................................................................6-4
6.5 Application of Selective QinQ .......................................................................................................................6-5
6.6 Application of IPTV........................................................................................................................................6-6
6.7 End-to-End QoS .............................................................................................................................................6-7
6.8 Application of Cluster Management...............................................................................................................6-8
6.9 Access of Partitioned STP...............................................................................................................................6-9
7 System Specifications................................................................................................................7-1
7.1 Technical Specifications.................................................................................................................................7-2
7.1.1 Physical Specifications of the S-switch ................................................................................................7-2
7.1.2 System Configuration.............................................................................................................................7-3
7.2 List of Software Features................................................................................................................................7-4
Issue 01 (2009-12-15)
iii
Figures
Figures
Figure 2-1 Appearance of the S3328TP-SI/EI.....................................................................................................2-2
Figure 2-2 Appearance of the S3328TP-EI-24S..................................................................................................2-3
Figure 2-3 Appearance of the S3352P-EI-24S.....................................................................................................2-3
Figure 2-4 Appearance of the S3352P-EI-48S.....................................................................................................2-4
Figure 2-5 Appearance of the S3352P-SI/EI........................................................................................................2-4
Figure 2-6 Appearance of the S3328TP-PWR-EI................................................................................................2-4
Figure 2-7 Appearance of the S3352P-PWR-EI..................................................................................................2-5
Figure 2-8 Logical structure of functional modules of the S-switch....................................................................2-6
Figure 4-1 Connections of the access layer........................................................................................................4-13
Figure 6-1 S-switch application in the MAN.......................................................................................................6-2
Figure 6-2 S-switch application in the NGN........................................................................................................6-3
Figure 6-3 S-switch application in layered RRPP ring........................................................................................6-4
Figure 6-4 Application of the S-switch enabled with VLAN mapping................................................................6-5
Figure 6-5 S-switch application in selective QinQ..............................................................................................6-6
Figure 6-6 Application of the S-switch in IPTV services....................................................................................6-7
Figure 6-7 End-to-end QoS provided by the S-switch.........................................................................................6-8
Figure 6-8 Cluster management provided by the S-switch..................................................................................6-9
Figure 6-9 Access of partitioned STP supported by the S-switch......................................................................6-10
Issue 01 (2009-12-15)
Tables
Tables
Table 7-1 Physical specifications of the S-switch................................................................................................7-2
Table 7-2 System configuration of the S-switch..................................................................................................7-3
Table 7-3 List of features supported by the S-switch...........................................................................................7-4
Issue 01 (2009-12-15)
vii
Related Versions
The following table lists the product version related to this document.
Product Name
Version
S3300
V100R003C00
Intended Audience
This document is intended for:
l
NM configuration engineers
Organization
This document is organized as follows.
Issue 01 (2009-12-15)
Chapter
Description
1 Product Overview
2 System Architecture
Chapter
Description
3 Link Features
4 Service Features
6 Networking Applications
7 System Specifications
Conventions
Symbol Conventions
The symbols that may be found in this document are defined as follows.
Symbol
Description
DANGER
WARNING
CAUTION
TIP
NOTE
General Conventions
The general conventions that may be found in this document are defined as follows.
Convention
Description
Issue 01 (2009-12-15)
Convention
Description
Boldface
Italic
Courier New
Command Conventions
The command conventions that may be found in this document are defined as follows.
Convention
Description
Boldface
Italic
[]
{ x | y | ... }
[ x | y | ... ]
{ x | y | ... }*
[ x | y | ... ]*
&<1-n>
GUI Conventions
The GUI conventions that may be found in this document are defined as follows.
Issue 01 (2009-12-15)
Convention
Description
Boldface
>
Keyboard Operations
The keyboard operations that may be found in this document are defined as follows.
Format
Description
Key
Press the key. For example, press Enter and press Tab.
Key 1+Key 2
Key 1, Key 2
Mouse Operations
The mouse operations that may be found in this document are defined as follows.
Action
Description
Click
Double-click
Drag
Press and hold the primary mouse button and move the
pointer to a certain position.
Update History
Updates between document issues are cumulative. Therefore, the latest document issue contains
all updates made in previous issues.
Issue 01 (2009-12-15)
1 Product Overview
Product Overview
Issue 01 (2009-12-15)
1-1
1 Product Overview
1.1 Introduction
With the popularization of IP networks and the trend of using triple play services, Metropolitan
Area Networks (MANs) bear more services and the quality of transmission is highly required.
To meet this requirement, Huawei develops the Quidway S-switch Series Ethernet Switches
(hereinafter referred to as the S-switch) that can access, converge, and transmit services.
By adopting the mature and economical mechanism of packet forwarding based on the IP kernel
technology, the S-switch can be deployed at the access and convergence layers of the MAN.
The S-switch can be used to set up various network topologies with high reliability. The Sswitch supports multi-service access, high expansibility, and high Quality of Service (QoS). The
S-switch also supports strong multicast replication capability and guarantees carrier-class
security.
The chassis adopts the front-access design, which facilitates routine operations and
maintenance.
The chassis is small in size, which effectively saves the space of the equipment room and
reduces the Capital Expenditure (CapEx). The device can be easily installed in a cabinet
of any type, which facilitates deployment.
The S-switch provides in-service patching for and upgrading of the system software. The Sswitch also supports the fast protection switching based on the Rapid Ring Protection Protocol
(RRPP). Thus, the S-switch can perform prompt protection switching of links and services, and
accomplishes carrier-class reliability.
By adopting the IP kernel technology, and the Application Specific Integrated Circuit (ASIC)
of high performance, the S-switch provides a large capacity for data switching to meet the
requirements for:
l
Short delay
Low jitter
High availability
In addition, the S-switch guarantees high bandwidth and provides multi-service access by:
l
1-2
Issue 01 (2009-12-15)
1 Product Overview
The S2300 can access the following services from the following devices:
l
The S2300 can then converge services to service processing devices such as the Broadband
Remote Access Server (BRAS) or router through an upstream S9300 or other convergence
devices.
Access interfaces
Trunk interfaces
Hybrid interfaces
The S-switch provides Small Form-Factor Pluggable (SFP) optical modules for fiber
connections. You can choose one of the following optical modules according to the transmission
distance:
l
For a ring Ethernet, the S-switch supports the Spanning Tree Protocol (STP) and the Rapid Ring
Protection Protocol (RRPP) to prevent loops and realize fast protection switching.
Access filtering
Traffic policing
Queue scheduling
1-3
1 Product Overview
l
The QinQ and VLAN mapping technologies expand the scopes of VLANs.
The selective QinQ technique makes the S-switch select different paths for various services.
ACL rules
Mechanism of searching the forwarding table based on the VLAN ID and MAC address
Based on the VRP, the S-switch provides the following protection methods for user login:
l
Provides password authentication for login users and supporting password encryption.
Provides hierarchical protection for commands by configuring the levels of login users and
commands.
Provides confirmation and prompts for important commands that affect system
performance.
Device management
Interface management
VLAN management
End-to-end configuration
Batch configuration
Configuration wizard
In addition, the U2000 provides default configuration templates for different management items.
The S-switch also supports the Huawei Group Management Protocol (HGMP). By using HGMP,
you can manage multiple Layer 2 switches through one S-switch.
1-4
Issue 01 (2009-12-15)
1 Product Overview
The S-switch also supports the Huawei Group Management Protocol (HGMP). By using HGMP,
you can manage multiple Layer 2 switches through one S-switch.
Natural heat dissipation is adopted on the deveices with 24 electrical interfaces to save the
power consumption of fans.
If no device connected to the service interface is detected, the chip enters the power-saving
mode to reduce power consumption.
The routine maintenance of fans is avoided, which saves the maintenance cost.
No extra power is consummated by fans, which enhances the power efficiency of the
system.
Issue 01 (2009-12-15)
1-5
2 System Architecture
System Architecture
Issue 01 (2009-12-15)
2-1
2 System Architecture
Box
Power module
The S-switch can be mounted in either the European Telecommunications Standards Institute
(ETSI) or the International Electrotechnical Commission (IEC) 297 cabinet.
At present, the S-switch has the following models:
l
S3328TP-SI/EI
S3328TP-EI-24S
S3352P-EI-24S
S3352P-EI-48S
S3352P-SI/EI
S3328TP-PWR-EI
S3352P-PWR-EI
6 7
10
2-2
1: Grounding terminal
2: Power switch
3: Power interface
6: Power light
7: Run indicator
8: Console interface
9: Combo interface
Issue 01 (2009-12-15)
2 System Architecture
The chassis of the S3328TP-SI/EI is 1 U (1 U = 44.45 mm) high with the dimensions of 442.0
mm x 220.0 mm x 43.6 mm (width x depth x height).
The power module is on the left side of the S3328TP-SI/EI and the SCU is in the central part of
the chassis.
l
The S3328TP-SI/EI supports either an alternating current (AC) or a direct current (DC)
power module.
The SCU on the S3328TP-SI/EI provides one console interface, twenty-four 10/100 Mbit/
s Ethernet electrical interfaces, two 1000 Mbit/s Ethernet optical interfaces, and two combo
interfaces.
The chassis of the S3328TP-EI-24S is 1 U (1 U = 44.45 mm) high with the dimensions of 442.0
mm x 220.0 mm x 43.6 mm (width x depth x height).
The power module is on the left side of the S3328TP-EI-24S and the SCU is in the central part
of the chassis.
l
The SCU on the S3328TP-EI-24S provides one console interface, twenty-four 100 Mbit/s
Ethernet optical interfaces, two 1000 Mbit/s Ethernet optical interfaces, and two combo
interfaces.
The chassis of the S3352P-EI-24S is 1 U (1 U = 44.45 mm) high with the dimensions of 442.0
mm x 420.0 mm x 43.6 mm (width x depth x height).
l
The SCU on the S3352P-EI-24S provides one console interface, twenty-four 10/100 Mbit/
s Ethernet electrical interfaces, twenty-four 100 Mbit/s Ethernet optical interfaces, two
Issue 01 (2009-12-15)
2-3
2 System Architecture
100/1000 Mbit/s Ethernet optical interfaces, and two 1000 Mbit/s Ethernet optical
interfaces.
The chassis of the S3352P-EI-48S is 1 U (1 U = 44.45 mm) high with the dimensions of 442.0
mm x 420.0 mm x 43.6 mm (width x depth x height).
l
The SCU on the S3352P-EI-48S provides one console interface, forty-eight 100 Mbit/s
Ethernet optical interfaces, two 100/1000 Mbit/s Ethernet optical interfaces, and two 1000
Mbit/s Ethernet optical interfaces.
The chassis of the S3352P-SI/EI is 1 U (1 U = 44.45 mm) high with the dimensions of 442.0
mm x 220.0 mm x 43.6 mm (width x depth x height).
l
The SCU on the S3352P-SI/EI provides one console interface, forty-eight 10/100 Mbit/s
Ethernet electrical interfaces, two 100/1000 Mbit/s Ethernet optical interfaces, and two
1000 Mbit/s Ethernet optical interfaces.
2-4
Issue 01 (2009-12-15)
2 System Architecture
The chassis of the S3328TP-PWR-EI is 1 U (1 U = 44.45 mm) high with the dimensions of 442.0
mm x 420.0 mm x 43.6 mm (width x depth x height).
l
The 24 downlink electrical interfaces on the S3328TP-PWR-EI support PoE power supply.
The maximum power of each interface is 15.4 W, complying with the IEEE 802.3af
standard.
The SCU on the S3328TP-PWR-EI provides one console interface, twenty-four 10/100
Mbit/s Ethernet electrical interfaces, two 1000 Mbit/s Ethernet optical interfaces, and two
Combo interfaces.
The chassis of the S3352P-PWR-EI is 1 U (1 U = 44.45 mm) high with the dimensions of 442.0
mm x 420.0 mm x 43.6 mm (width x depth x height).
l
The 48 downlink electrical interfaces on the S3352P-PWR-EI support PoE power supply.
The maximum power of each interface is 15.4 W, complying with the IEEE 802.3af
standard.
The SCU on the S3352P-PWR-EI provides one console interface,forty-eight 10/100 Mbit/
s Ethernet electrical interfaces, two 1000 Mbit/s Ethernet optical interfaces.
Issue 01 (2009-12-15)
2-5
2 System Architecture
Control
unit
Fiber/cable
Port
module
Switch
unit
Power
supply
Data bus
Control bus
The hardware modules of the S-switch consist of a SCU and a power module.
l
SCU: The SCU that is responsible for packet exchange and device management consists
of a control module, a switching module, and an interface module. The SCU provides
Ethernet interfaces for Ethernet services.
2.2.2 SCU
The S-switch have one SCU fixed on it. The SCU consists of the control module, a switching
module, and an interface module.
Control Module
The control module performs the following functions:
l
Manages the system and monitors the system performance according to the users'
instructions, and provides a feedback of the running status of the device.
Switching Module
The switching module, also called the switching network, is responsible for the exchange of
packets, replication of multicast packets, QoS scheduling, and access control on the interface
module of the SCU.
The switching module uses a high-performance ASIC chip to forward packets at wire speed. In
addition, the switching module performs fast data switching at various priorities.
2-6
Issue 01 (2009-12-15)
2 System Architecture
Power Module
The S-switch supports the AC input and DC input. The DC input voltage ranges from -36 V DC
to -72 V DC. The AC input voltage ranges from 90 V AC to 264 V AC.
Interface Module
The interface module has multiple Ethernet interfaces for accessing Ethernet services.
Task management
Memory management
Timer
This enhances the modular technology to facilitate system upgrade and customization.
l
Link management
IP protocol stack
It is used to control the data forwarding plane and carry out various functions of the
device.
It forwards data under the control of the general control plane to carry out data transmission.
VRPv5 supports data forwarding based on software and hardware.
l
Issue 01 (2009-12-15)
2-7
3 Link Features
Link Features
Issue 01 (2009-12-15)
3-1
3 Link Features
Source IP address
Destination IP address
Link aggregation can easily increase the bandwidth and improve link reliability with a low cost,
without upgrading the hardware.
Issue 01 (2009-12-15)
3 Link Features
The S-switch implements this function based on interfaces. When an interface is enabled with
such function, it monitors the received unknown unicast packets, multicast packets, and
broadcast packets. Based on monitoring results, the S-switch determines whether the volume of
the packets exceeds the threshold. If yes, the S-switch discards the excessive packets to keep the
traffic within the limit. In this manner, the S-switch ensures the normal transmission of services.
3.1.4 VLAN
The Virtual Local Area Network (VLAN) is a type of technology used to divide LANs logically.
The VLAN technology conforms to IEEE 802.1Q.
VLAN Classification
A physical LAN can be divided into several VLANs, and several physical LANs can be grouped
into a same VLAN. The S-switchs in a same VLAN belong to the same broadcast domain and
can communicate with each other. Different VLANs are isolated from each other, so S-switchs
in different VLANs cannot communicate with each other.
The S-switch supports the following VLAN classification modes:
l
VLAN Aggregation
To interconnect VLANs on the S-switch, you need to assign an IP address to each VLANIF
interface. If there is a large number of VLANs, many IP addresses are used. VLAN aggregation
can solve the problem that each VLAN interface uses an IP address.
An aggregated VLAN is also called a super VLAN. Multiple VLANs can be aggregated to a
super VLAN. The VLANs that form into a super VLAN are called sub VLANs.
Voice VLAN
A voice VLAN is dedicated to voice flows. After the interfaces connected to voice devices are
added to a voice VLAN, all voice flows are transmitted in the voice VLAN.
Using voice VLANs, you can effectively configure the Quality of Services (QoS) of voice flows
and increase the transmission priority of voice flows. In this way, the quality of voice services
can be guaranteed.
Issue 01 (2009-12-15)
3-3
3 Link Features
C-VLAN is the VLAN to which an interface on the user side belongs. It is used to identify a user or a
class of users.
S-VLAN is designated by an Internet Service Provider (ISP) on the network side. It is used to identify
a type of the service.
3.2.2 QinQ
QinQ enables the S-switch to automatically add another VLAN tag to a tagged VLAN frame.
The QinQ technology provides a tunnel based on the VLAN to implement communication
between networks at different locations and with different VLAN IDs.
The QinQ technology provides a Layer 2 VPN solution to transparently transmit user VLAN
frames over public networks. On the S-switch, the interfaces enabled with QinQ support double
VLAN tags. The interfaces append another tag with the same VLAN ID to the tagged incoming
frames. In this manner, the same outer tag indicates the same public network.
Usually, Internet Service Providers (ISPs) manage VLANs in the public network, and users
manage user VLANs. Therefore, VLAN tags of different user networks may be overlapped.
Through the QinQ function, however, packets from different user networks are added with the
same outer VLAN tag of the public network and VLAN tags of user networks are not used. In
this manner, the packets are transparently transmitted over the public network, effectively
separating user networks from a public network.
So far, the S-switch supports the basic QinQ and the selective QinQ. Based on ports, the basic
QinQ is realized on the FE port, Eth-trunk port or GE port. The VLAN to which the port belongs
determines the outer VLAN tag of the frame.
Issue 01 (2009-12-15)
3 Link Features
For example, voice packets from different VLANs are labeled with the same outer tag so to
obtain the same QoS; common data services are labeled with different VLAN tag so to obtain
different QoS.
The selective QinQ feature can be applied to both the incoming frames and the outgoing frames.
This makes the networking more flexible. For the incoming frames, the S-switch adds an outer
tag of the public network based on the VLAN tag of the user network. For the outgoing frames,
the S-switch matches and strips the tag of the public network.
3.3.2 MSTP
The Multiple Spanning Tree Protocol (MSTP) is developed on the basis of STP and RSTP.
MSTP divides a network into multiple regions. Based on VLAN tags, each region has several
spanning trees that are independent of each other. As a result, the entire network is pruned into
a loop-free network. Broadcast storms are thus avoided on the network.
In MSTP, VLANs and spanning trees can be associated. Thus, the convergence speed is
improved and load balancing is guaranteed because frames are forwarded along different trees.
Compared with STP and RSTP, MSTP provides multiple backup links for load balancing
between VLANs.
Root Protection
The S-switch provides root protection when MSTP is applied to a network. The S-switch protects
the root switch by maintaining the role of designated interfaces as follows:
Issue 01 (2009-12-15)
3-5
3 Link Features
l
If receiving protocol BPDUs with a higher priority, the interface enabled with root
protection turns to the listening state and stops forwarding frames.
If the interface does not receive protocol BPDUs with a higher priority for a long time, it
returns to the forwarding state. In this manner, route flapping is avoided.
Loop Protection
After loop protection is enabled on the S-switch, the root interface turns to the blocking state, if
the S-switch does not receive any protocol BPDUs from an upstream interface. If protocol
BPDUs are received, the blocked interface turns into the root interface and changes to the
forwarding state. If no protocol BPDU is received, the blocked interface remains in the blocking
state. This protects the S-switch against possible spanning-tree loops.
BPDU Tunnel
On the partitioned STP network, the S-switch considers BPDUs that are attached with tags as
common Layer 2 data frames. Thus, the BPDUs are forwarded within the VLAN to which tags
belong without being processed as BPDUs by the MSTP module. With BPDU tunnel enabled,
devices on the MAN do not participate in calculating the topology of the partitioned STP. Thus,
the convergence speed is improved.
When the BPDU tunnel function is implemented, the S-switch at the edge of the MAN needs to
enable the MSTP snooping function. When the change of the topology in the partitioned STP
results in the switching of the forwarding link, the S-switch monitors topology changes and
notifies other devices on the network of the topology changes. Then the frames are forwarded
according to the new topology.
3.4 RRPP
The Rapid Ring Protection Protocol (RRPP) is a link layer protocol designed for Ethernet rings.
RRPP can prevent broadcast storm caused by data loops. Compared with STP, RRPP packet
forwarding is based on the hardware, and therefore the topology convergence of RRPP is much
faster than that of STP.
RRPP also supports link aggregation, which is suitable for ring networks that require large
bandwidth.
3-6
Issue 01 (2009-12-15)
3 Link Features
An RRPP domain supports two control VLANs. The control VLAN of the primary ring is
used to transmit protocol packets on the primary ring. The control VLAN of the subring is
used to transmit protocol packets on the subring.
A control VLAN is used to transmit RRPP protocol packets; a data VLAN is used to
transmit data packets.
The master node initiates polling mechanism and makes decision of operation when the
topology changes.
The transit node monitors the connected RRPP link and notifies the master node of the link
change for decision.
3-7
3 Link Features
3-8
Issue 01 (2009-12-15)
3 Link Features
Dynamic MAC addresses learnt before the number of MAC addresses reaches the upper
limit
Source MAC addresses that do not fall into the preceding three types are considered invalid.
When an interface receives packets with invalid source MAC addresses, security protection takes
effect on the interface. Then, the traffic is discarded or alarms are generated.
Block (default action): Interfaces on which loops occur are isolated from all other interfaces,
that is, packets sent from interfaces on which loops occur are not received by other
interfaces. After three detection periods, interfaces are automatically removed from
isolation if no loop occurs.
Shutdown: Interfaces on which loops occur are shut down. You can restore the interfaces
in the command line mode on the S-switch.
Issue 01 (2009-12-15)
3-9
4 Service Features
Service Features
Issue 01 (2009-12-15)
4-1
4 Service Features
TCP/IP protocol suite, including ICMP, IP, TCP, UDP, socket (TCP/UDP/Raw IP), and
ARP.
Operations of ping, tracert, and Network Quality Analysis (NQA)NQA can detect whether
ICMP, TCP, UDP, DHCP, FTP, HyperText Transfer Protocol (HTTP), and Simple
Network Management Protocol (SNMP) services are available and test response time of
the services.
DHCP server, DHCP relay agent, DHCP client, and DHCP snooping.
Bidirectional Forwarding Detection (BFD) fast detection, BFD for OSPF, BFD for IS-IS,
BFD for BGP, and BFD for Protocol Independent Multicast (PIM).
IPv4 routing protocols, including RIP v1/v2, OSPF, IS-IS, and BGP v4
Static routes that are manually configured by the administrator to simplify network
configurations and improve network performance
4-2
Anycast RP.
Multiple RPs can exist in a domain and they are configured as MSDP peers.
Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
Issue 01 (2009-12-15)
4 Service Features
A multicast source can register with the nearest RP, and the receiver can also choose the
nearest RP to join its shared tree. In this manner, load balancing is carried out among the
RPs.
When an RP fails, its previously registered source and receiver choose another nearest RP
instead. This implements the backup of RPs.
Filtering of the routes with the routing policy when the multicast routing module receives,
imports, and distributes multicast routes.
Filtering and forwarding of the multicast packets according to the routing policy when IP
multicast packets are forwarded.
PIM BFD.
RPF check.
4.2 Multicast
In the TCP/IP suite, IGMP manages IP multicast members. IGMP sets up and maintains the
multicast member relationship between IP hosts and adjacent multicast routers.
4.2.1 IGMP Snooping
4.2.2 Prompt Leave of Multicast Member Interfaces
4.2.3 Flow Control of Multicast Traffic
4.2.4 Multicast Across VLANs
4.2.5 Controllable Multicast
Issue 01 (2009-12-15)
4-3
4 Service Features
4.3 QoS
The S-switch provides the class-based QoS mechanism, and supports the mapping of the 802.1p
priority. The QoS supported by the S-switch guarantees end-to-end delay, jitter, and bandwidth.
The S-switch supports classification of traffic based on specific rules. After traffic classification,
the S-switch can then perform the following behaviors for the traffic:
l
Re-marking
Traffic policing
Congestion management
Congestion avoidance
In this manner, the S-switch can provide high-quality network services for added-value services
such as NGN, IPTV, and broadband access.
4.3.1 Traffic Classification
4.3.2 Access Control and Re-marking
4-4
Issue 01 (2009-12-15)
4 Service Features
Identify the 802.1p priority of the Operating Support System (OSS) packets and NMS
packets as 7
VLAN tags
The S-switch also supports traffic classification for Layer 2 to Layer 4 information of the OSI
model based on the customized rule string. ISPs can define the traffic classification rules as
required.
DSCP field
VLAN ID
Issue 01 (2009-12-15)
4-5
4 Service Features
DRR scheduling
The S-switch cyclically schedules packets in queues based on priorities of queues and the
maximum length of packets that interfaces of the S-switch allows packets to pass through.
If the current queue has no packets, the S-switch skips over the current queue and schedules
packets in the next queue.
PQ + DRR scheduling
The S-switch divides the eight queues on each interface into two groups. The S-switch
schedules one group of queues in PQ and the other group of queues in DRR. The
combination of PQ scheduling and DRR scheduling can be used to highlight their
advantages.
PQ + WRR scheduling
The S-switch divides the eight queues on each interface into two groups. The S-switch
schedules one group of queues in PQ scheduling mode and the other group of queues in
WRR scheduling mode. The combination of PQ scheduling and WRR scheduling can be
used to highlight their advantages.
Issue 01 (2009-12-15)
4 Service Features
Based on the queue depth and the configured threshold for the traffic, the S-switch can then
discard packets to adjust the rate of the outgoing traffic from its ports.
Static routes: simplifies network configuration and improves network performance. Static
routes are manually configured by the ISP.
4-7
4 Service Features
The S-switch also offers the loop protection function. When the root port cannot receive BPDU
from the uplink device, the root port enters the blocking state and stops forwarding packets. At
the same time, no new root port will be elected. This prevents the network from link loops.
Fault management
The S-switch can detect the network connectivity by sending a detection packet at scheduled
time or through manual triggering.
Performance management
Performance management is used to measure the packet loss ratio, delay, and jitter during
the transmission of packets. It also collects statistics on various types of traffic. It is
performed at the user access points. By using performance management tools, an ISP can
monitor the network running status and locate faults through a Network Management
System (NMS). The ISP checks whether the forwarding capacity of the network complies
with the Service Level Agreement (SLA) signed with users.
Ethernet OAM improves network management and maintenance capabilities on Ethernet and
guarantees a stable network.
4.7 LLDP
The S-switch supports LLDP that conforms to IEEE 802.1ab.LLDP is a link layer protocol used
for interconnected devices to obtain the collection information of each other.
4-8
Issue 01 (2009-12-15)
4 Service Features
Using LLDP, the local NMS can acquire the link layer information of all devices in the local
network and the details about the network topology. This expands the scope of network
management.
Interfaces with LLDP enabled on the S-switch regularly notify the neighbors of local interface
statuses. If interface states change, interfaces on the S-switch notify neighboring devices directly
connected to the S-switch of state updates. Neighboring devices store states of the S-switch in
the standard SNMP management information base (MIB). The NMS can obtain the link layer
information of the network in the MIB to calculate the topology of the entire network.
Member switch
It is managed by the administrator switch. Member switches are usually Layer 2 switches
and do not need public IP addresses. When serving as a member switch, the S-switch is
managed by a high-end device.
Administrator switch
It serves as the proxy of an external network management station or as a server to manage
member switches in the cluster. It needs a public IP address and can allocate private IP
addresses to member switches in the cluster.
In applications, the S-switch usually serves as the administrator switch to mange a great number
of member switches in the residential network. It is used to:
l
Automatically discover new remote devices and add them to the cluster.
Collect and maintain the network topology information of the member switches in the
cluster.
Provide member switches in the cluster by means of centralized and batch configuration
or upgrade.
4.9 Stacking
The power cables or high-speed upstream interfaces of the switches at the same physical location
can be stacked to form a device group of high reliability. This technology is called stacking. For
the S-switch, stacking is implemented through stacking interfaces. Through stacking, the
management and maintenance of switches can be centralized to reduce the maintenance cost of
the customer. To implement staking, it is required that the stacking switches be of the same
product model.
A stacking member plays one of the following roles:
Issue 01 (2009-12-15)
4-9
4 Service Features
l
Master switch
The master switch functions as the agent for the external Network Management Station
(NMS) or the member switches of the cluster. The master switch must be configured with
the IP address of the public network to manage the other switches.
Backup switch
The backup switch functions as a backup for the master switch. When the master switch is
faulty, the backup switch becomes the new master switch and takes over the tasks of the
original master switch.
Member switch
The member switch functions as a pure service switch and passively receives the
management of the master switch.
4.10 PoE
PoE is short for Power over Ethernet. The switches that support PoE can directly supply power
for terminals through Ethernet cables. Thus, the early-stage investment cost of the customer is
reduced.
For example, you can adopt switches to supply power for Access Points (APs) when deploying
a Wireless Fidelity (WiFi) network. The solution is convenient and the cost is low.
4.11 IPv6
The IPv6-related functions supported by the S-switch protect the customer investment with the
maximum probability. The functions also prevent repeated investment of the customer in devices
during the network upgrade.
The S-switch supports the following IPv6 functions:
l
4.12 Security
In addition to security guarantee for itself, the S-switch also ensures security for transmission
services.
4.12.1 Device Security
4.12.2 Service Security
4.12.3 Security Authentication
Issue 01 (2009-12-15)
4 Service Features
Hierarchical protection is applied for command lines. The command lines are divided into the
following levels in an ascending order:
l
Visit level
Monitoring level
Configuration level
Management level
Similarly, login users are also classified into four levels, corresponding to the four levels of
command lines. After logging in to the S-switch, users can run only the commands with the same
or lower level than the user level. This mechanism effectively controls the authority of login
users.
The S-switch supports the extension of command levels and user levels, which can be mapped
from 4 levels to 16 levels. This level mapping implements fine management on the user levels.
Issue 01 (2009-12-15)
4-11
4 Service Features
Searching for MAC Address Entries Based on the Combination of the VLAN ID
and MAC Address
To improve security of interfaces, the S-switch can search for MAC address entries based on
the combination of the VLAN ID and MAC address. Static MAC entries can be set in a MAC
address table to map specific MAC addresses to interfaces. In this case, the S-switch defends
against attacks of forged MAC addresses.
Port Isolation
Port isolation is used to deny the forwarding of Layer 2 packets between interfaces on the same
S-switch. The S-switch supports unidirectional and bidirectional port isolation. Using port
isolation, the S-switch can:
l
Limits unnecessary broadcasting of packets and thus increases the network throughput.
Packet Filtering
Packet filtering is used to filter out illegal or unwanted packets.
The S-switch filters packets based on user-defined rules. For example, it filters packets by
checking the MAC address, IP address, port number and VLAN ID of the packets. Packet
filtering neither checks the status of sessions nor analyzes the data.
By filtering packets, the S-switch can effectively control the packets passing the device.
Issue 01 (2009-12-15)
4 Service Features
authenticated and controlled. If user devices connected to the interface can pass authentication,
they can access resources in the LAN; if not, they cannot access resources in the LAN.
MAC address authentication is an authentication method that controls the network access
authority of a user based on the interface and MAC address. Thus, you need not install any client
authentication software. After detecting the MAC address of a user for the first time, the device
starts authenticating the user. During the authentication, the user does not need to enter the
username or password manually.
Issue 01 (2009-12-15)
Traffic on various networks and user hosts is forwarded at Layer 3 rather than switched at
Layer 2 through ARs. This enables the carrier to filter, schedule, and bill user traffic through
the ARs.
Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
4-13
4 Service Features
l
The efficiency of address assignment needs to be improved to save IPv4 addresses. The
effectiveness of address assignment needs to be improved if an address is assigned from a
large address pool rather than a small and independent network segment to the host.
To implement user isolation at the access layer and meet the preceding requirements of the
carrier, MAC Forced Forwarding (MFF) is introduced.
MFF is a security protocol and ensures that user hosts accessing the device with the same media
are isolated. When MFF is run, its security program applies to any shared access media, bringing
no extra problems to these networks.
In addition to Layer 2 isolation, the AN that runs MFF discards any upstream broadcast packets
except for DHCP messages and ARP request messages. The AN discards DHCP response
messages received through the subscriber line and limits the rate of DHCP broadcast messages.
The AN that runs MFF must track the IPv4 addresses allocated to the subscriber line. This is to
obtain information about the discarded upstream packets that carry spoofing IPv4 addresses.
4.14 DHCP
DHCP Snooping
The S-switch can be deployed between the DHCP server and the DHCP client and is responsible
for monitoring interacted DHCP messages of the DHCP server and the DHCP client. The Sswitch creates a binding table containing IP addresses, MAC addresses and port according to
the monitoring result to suppress invalid packets. The S-switch can append or remove the
Option82 field for DHCP messages.
l
After receiving a Request message from the DHCP client, the S-switch appends the
Option82 field to the Request message. The DHCP server performs the IP address
assignment policy by identifying the Option82 field.
The DHCP server appends the Option82 field to a Response message. The S-switch0
analyzes the Option82 field, determines a forwarding interface, removes the Option82 field,
and then forwards the message to a user.
Circuit IDs of users are recorded in the Option82 field. This can effectively prevent attackers
from tempering with DHCP messages.
DHCP relay
The DHCP client and DHCP server send broadcast packets when IP addresses are dynamically
allocated to them. Therefore, DHCP can be applied only when the DHCP client and DHCP server
4-14
Issue 01 (2009-12-15)
4 Service Features
are in the same subnet. It is uneconomical to deploy a DHCP server in each network segment
to dynamically configure the host.
DHCP relay is introduced to solve this problem. Through DHCP relay, a DHCP client in a subnet
can communicate with the DHCP server in another subnet and finally obtains an IP address. In
this manner, DHCP clients in multiple subnets can use one DHCP server. This saves cost and
facilitates centralized management.
Issue 01 (2009-12-15)
4-15
Issue 01 (2009-12-15)
5-1
Through an NMS
You can configure and manage the S-switch according to SNMP through an NMS.
Through HGMP
You can log in to the S-switch to manage Layer 2 switches and other S-switch in the same
cluster based on HGMP.
Login Modes
The S-switch offers a Console port. Users can log on to the Console port of the S-switch through
the RS-232 serial port of a terminal device to perform local configuration.
In addition, you can log in to service interfaces of the S-switch through Telnet from other devices.
To satisfy different security demands, the S-switch provides the following measures to
authenticate login users:
l
Non-authentication
Local authentication
AAA authentication
5-2
Provides the hardware with second-time fault detection to avoid errors made from instant
interference during the detection.
Issue 01 (2009-12-15)
Provides command lines with flexible online help and operation interface in two languages:
Chinese and English.
Supports the information center to provide the uniform management of logs, traps, and
debugging information, and redirects information as required.
Provides the electronic label function. You can check the basic information about the SCU
and optical modules through CLI, and copy the information to an external server through
FTP.
Supports the display of the system status and version, status of each module, temperature,
usage of CPU, and memory.
Ping
TraceRoute
These tools are used to test network connectivity and record transmission paths of packets to
assist fault analysis.
Debugging
The S-switch provides various debugging commands for each software feature. Each debugging
command supports multiple parameters and can be flexibly controlled. The debugging
commands can display the process, packets received and transmitted, and error check of a feature.
Mirroring
The S-switch supports port mirroring and flow mirroring.
l
Interface mirroring
Incoming traffic, outgoing traffic, or both incoming and outgoing traffic on an observed
port is completely copied to the observing interface.
Flow mirroring
Observed flows are completely copied to the observing interface.
By connecting a monitoring host to an observing interface on the S-switch, you can observe the
packets that pass through the S-switch in a real-time and convenient manner. The mirroring
function provides a basis for traffic detection, fault allocation, and data analysis.
Issue 01 (2009-12-15)
5-3
Local upgrade
When the S-switch is booted, the software can be loaded and upgraded through the
BootROM menu.
In-Service Patching
The S-switch supports in-service patching to protect services from being affected when a patch
is installed. The patch can be rolled back to the previous versions and device information before
and after in-service patching is recorded.
5.2 U2000
The S-switch adopts the Huawei U2000 as the centralized network management system. The
U2000 supports multi-language graphic user interface (GUI) that is convenient for operation.
The U2000 provides northbound interfaces for connecting the third-party NMS and can be
integrated with other NMSs.
5.2.1 Network Management Modes
5.2.2 U2000 Station
In-band Management
In this mode, no additional communication channel is needed between the S-switch and the
U2000. The network management information is transmitted over service channels of the Sswitch. To enable in-band management, you only need to connect the U2000 to the nearest
network devices and then configure the SNMP parameters used for management.
The in-band mode has the following advantages:
l
5-4
Flexible networking
Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.
Issue 01 (2009-12-15)
The NM station is unable to manage devices from the remote if the service channel fails.
Out-band Management
If an independent network is set up between the S-switch and the U2000, you can choose the
out-band management mode. The information channel for out-band management is independent
of the service channels of the S-switch.
The out-band mode has the advantage that even if the service channel fails, the U2000 can still
manage the devices. The limitation of this mode, however, is that the independent networking
is much limited by locations.
Resource Management
The U2000 provides resource management to facilitate users to manage the resources in the
network such as devices, interfaces, and links. Through resource management, users can query
and manage the S-switch. In addition, users can query and locate the abnormal resources.
View Management
Topology management provides a unified topology view for all devices in the network to help
users know their networks directly and conveniently. The U2000 provides many powerful
functions to manage the topology. Users can browse information through the system topology
view, protocol topology view and user-defined view. The U2000 also provides user friendly
interfaces for operation and maintenance of networks and devices.
The protocol topology views include the HGMP view and Ethernet view, which cover the
topology of various networking modes and network hierarchies of the S-switch. These views
support automatic discovery of the network topology and reflect the change of the network
topology and device status.
Configuration Management
Configuration management is used to configure the S-switch, including management of the
device, interfaces, VLAN, Layer 2 features, software upgrading, and configuration files.
The U2000 supports end-to-end configuration, batch configuration, and wizard configuration.
In addition, the U2000 provides default configuration templates for the corresponding
management.
Fault Management
Fault management is an important and popular management method for maintaining networks.
Through the GUI, the U2000 provides the following functions for fault management:
Issue 01 (2009-12-15)
5-5
Supports queries about the running status and fault detection of the S-switch.
Supports the real-time monitoring, fault filtering, fault location, fault verification, and fault
analysis of devices.
Makes faults visible by providing sound prompt and graphic display for faults.
The U2000 can be connected to an alarm box, which facilitates routine maintenance.
Performance Management
The U2000 can collect data and monitor the device performance, and analyze the collected data.
It provides rich reports and graphic display about the device performance. It collects statistics
on device load and access data. Based on this statistics, users can know QoS in the network,
evaluate and adjust network resources in time.
The U2000 manages the device performance focused on resource management and displays
interface in iWeb mode.
Security Management
Security management of the U2000 provides multiple measures to authorize user operations and
to ensure system security, including:
l
In addition, the U2000 provides detailed logs, query and analysis of user operations.
Security management supports the following:
5-6
User management
Access control
Operation management
Issue 01 (2009-12-15)
6 Networking Applications
Networking Applications
Issue 01 (2009-12-15)
6-1
6 Networking Applications
Corelayer
IP/MPLS
Core
BRAS
BRAS
S9300
Convergence
access layer
RRPP
S9300
S3300
Access
layer
LSW
DSLAM
RRPP
WiMax
AMG
wireless
access
S3300
Intranet
SOHO
S3300
Intranet
The S-switch directly connects user devices. The services of users are converged to the
S9300 through the S-switch.
The S-switch connects Layer 2 switches (LSW) or Digital Subscriber Line Access
Multiplexer (DSLAM), and converges the access services from LSWs or DSLAMs to the
core layer.
The S-switch connects the Access Media Gateway (AMG) and converges the access
services from the AMG to the core layer.
The S-switchs form an RRPP ring to improve the availability of services through the fast
protection switching provided by RRPP. The S-switch also supports Ethernet OAM to
improve fault management and maintenance on links.
The S-switch provides VLAN mapping, QoS, selective QinQ, replication of multicast
packets across VLANs, and various security measures used to defend against attacks.
Issue 01 (2009-12-15)
6 Networking Applications
SoftX
APP server
Router
PSTN
TMG
BRAS
IP/MPLS
Core
BRAS
S9300
RRPP
S9300
S3300
S3300
DSLAM
LSW
AMG
WiMax
wireless
access
Home
gateway
WiFi
SOHO
SOHO
Residential
Game
Area
Box
Phone
bar
In the NGN bearer network, the S9300 acts as the convergence device for the AMG to converge
the voice or video services from the AMGs to the core network.
l
The S-switch converges the broadband access services and NGN access services to the
RRPP Ring.
The S9300 is connected to two uplink BRASs. The dual-homed connection improves the
reliability of the service.
Issue 01 (2009-12-15)
6-3
6 Networking Applications
BRAS
BRAS
S9300
S9300
S9300
S3300
RRPP
RRPP
RRPP
RRPP
S3300
S9300
S9300
RRPP
S3300
RRPP
SOHO
Intranet
S3300
S3300
Intranet
Residential Commerical
Area
Center
In the MAN Ethernet connected by GE ports, the S9300 acts as the PE-AGG device and the Sswitch acts as the UPE device. The MAN Ethernet applies the dual RRPP networking structure.
One is the convergence layer and the other access layer. The dual RRPP rings can either be
tangent or intersectant.
l
The convergence layer is located between the PE-AGG devices; the access layer is located
between PE-AGG and UPE devices.
If RRPP ring in the access layer and that in the convergence layer are tangent, different
RRPP domains are defined.
If RRPP ring in the access layer and that in the convergence layer are intersectant, only one
RRPP domain is defined. RRPP ring in the convergence layer is the primary ring; RRPP
ring in the access layer in the subring.
6-4
Issue 01 (2009-12-15)
6 Networking Applications
TMG
PSTN
I n t e rn e t
Router
Access
Convergence
network
V50 V350 V850
BRAS
ISP network
VLAN1-1000
BRAS
S3300
User network
VLAN101-500
VLAN401-600
VLAN401-700
LSW
V450
AMG
DSLAM
V450
V450
Intranet
SOHO
VLAN101-500
Residential Area
VLAN401-600
VLAN401-700
Enterprises manage their VLAN tags. The VLAN tags of different enterprises can overlap. The
ISP manages only VLAN tags of the MAN.
As the convergence device connecting the customer network to the ISP network, the S-switch
maps VLAN tags between the customer network and the ISP network. In this manner, services
in different VLANs can be transmitted and services can be flexibly deployed.
For upstream services transmitted from the customer network to the ISP network, the Sswitch replaces the C-VLAN tag with the S-VLAN tag. For example, the S-switch:
l
Replaces VLAN 450 of SOHO with VLAN 850 of the ISP network.
Replaces VLAN 450 of the residential area with VLAN 50 of the ISP network.
Replaces VLAN 450 of the enterprise network with VLAN 350 of the ISP network.
For downstream services, the S-switch replaces the S-VLAN tag with the C-VLAN tag.
Issue 01 (2009-12-15)
6-5
6 Networking Applications
TMG
I n t e rn et
PSTN
Router
BRAS
BRAS
ISP network
VLAN1-1000
V30 V450
V10 V100
V30 V650
S3300
V30 V850
V10 V600
V10 V800
User network
VLAN1-1000
LSW
V100
V450
VLAN1-500
DSLAM
V600
V650
VLAN500-700
LSW
V800
V850
VLAN700-1000
QinQ extends greatly the VLAN tag space. Offering the selective QinQ function, the S-switch
can converge services and choose different paths for various services.
The three enterprise networks shown in Figure 6-5 all need to transmit data, voice and video
services. The S-switch can append an external ISP VLAN tag to the packets of each kind of
access services. For example:
l
Add an external ISP VLAN tag VLAN10 for data services of VLAN100, VLAN600 and
VLAN800 from the customer networks.
Add an external ISP VLAN tag VLAN30 for video services of VLAN450, VLAN650 and
VLAN850 from the customer networks.
6-6
Issue 01 (2009-12-15)
6 Networking Applications
NSM
IP/MPLS
Core
Access
Convergence
Network
S9300
S3300
S9300
RRPP
DSLAM
S3300
DSLAM
STB
DSLAM
STB
STB
BTV
BTV
BTV
Video stream
As shown in Figure 6-6, the S-switch, which serves as a UPE, supports IGMP snooping. It can
serve as the replication and control point for multicast services at the access layer of the MAN
to meet the demand for large-capacity multicast services. The DSLAM provides the IGMP proxy
function to control users' multicasting authority based on the authority of users configured by
the NSM.
To ensure high quality in transmitting broadband television (BTV) services, the RRPP ring
composed of the S-switch and the S9300 provides the following functions:
l
The RRPP ring supports fast protection switching, which ensures the availability of BTV
services.
Only one copy of multicast packets need be transmitted in the RRPP ring, which saves
bandwidth.
In addition, the S-switch supports prompt join or leave of interfaces to implement fast switching
of services.
Issue 01 (2009-12-15)
6-7
6 Networking Applications
IP/MPLS
Core
Core layer
BRAS
Convergence
access layer
S9300
S9300
RRPP
S3300
S3300
RRPP
S3300
DSLAM
AMG
LSW
S3300
STB
Intranet
SOHO
BTV
Phone
Bar
upstream
downstream
As shown in Figure 6-7, the S-switch acts as a UPE. The S9300 acts as a UPE or a PE-AGG.
The S-switch guarantees access services from LSWs or DSLAMs with end-to-end QoS, as the
sequence numbers shown in Figure 6-7:
l
At the ingress of the access convergence layer, the S-switch classifies data, voice, and video
services. The S-switch then polices traffic and re-marks the precedence of packets.
RRPP stations including cross-ring stations schedule queues. At the RRPP copy station,
the S-switch restores the RRPP priority to the 802.1p priority.
At the egress of the access convergence layer, the S-switch performs queue scheduling and
rate limit at interfaces.
By mapping 802.1p priorities to different packets, the S-switch ensures end-to-end QoS for
packets.
6-8
Issue 01 (2009-12-15)
6 Networking Applications
STP/RRPP
AMG
S9300
Phone
bar
DSLAM
SOHO
Commercial
center
Intranet
Residential
area
Building
corridor
Residential
area
Building
corridor
A large number of Layer 2 switches are usually deployed on an enterprise intranet, in a residential
area or in a building corridor. Upgrading or configuring these separated Layer 2 switches is
inconvenient. To manage these Layer 2 switches in a centralized manner, network administrators
must group them into HGMP domains based on the network topology.
HGMP allows the Layer 2 switches to be divided into many HGMP clusters to achieve
centralized management. The S-switch collects and maintains the information of the Layer 2
switches in the HGMP clusters, and manages them.
Cluster management effectively saves IP addresses, reduces operation expenditure, and
facilitates rapid deployment of Layer 2 switches.
Issue 01 (2009-12-15)
6-9
6 Networking Applications
S9300-A
Access
convergence
network
S9300-D
S3300-D
IP/MPLS
Core
S3300-C
Intranet D
S3300-B
Intranet C
S9300-C
S9300-B
Residential
area B
As shown in Figure 6-9, intranets C and D, residential areas A and B are all connected to a
MAN. The S-switch acts as a UPE to access intranets and residential areas. The S-switch is then
connected to the upstream S9300 through double links, which improves the link reliability.
l
The S-switch is connected to the MAN in dual-homing mode. The S-switch and the two
S9300s at the edge of the MAN form a partitioned STP domain. For example, the network
formed by S-switch-A, S9300-A, and S9300-C is a partitioned STP domain.
S-switch-C and S-switch-D at the egress of intranets and S9300-C and S9300-D at the edge
of the MAN all belong to VLAN 10. In VLAN 10, BPDUs of intranets C and D are
transmitted transparently.
S-switch-A and S-switch-B at the egress of the two residential areas and S9300-A and
S9300-B at the edge of the MAN all belong to VLAN 20. In VLAN 20, BPDUs of residential
areas A and B are transmitted transparently.
All the S9300s in the MAN support BPDU tunnel and MSTP snooping.
Through the partitioned STP technology, users in the same customer network but at different
locations can transmit BPDUs in tunnels across the provider network. In this manner, the
spanning tree can be computed in the partitioned customer network. The customer network and
the provider network have their own spanning trees, which are independent of each other.
6-10
Issue 01 (2009-12-15)
7 System Specifications
System Specifications
Issue 01 (2009-12-15)
7-1
7 System Specifications
Specification
S3328TP-EI/SI:442.0mm220.0mm43.6mm
S3328TP-EI-24S:442.0mm220.0mm43.6mm
S3352P-EI/SI:442.0mm220.0mm43.6mm
S3352P-EI-24S:442.0mm420.0mm43.6mm
S3352P-EI-48S:442.0mm420.0mm43.6mm
S3328TP-PWR-EI:442.0mm420.0mm43.6mm
S3352P-PWR-EI:442.0mm420.0mm43.6mm
S3328TP-SI/EI:20W
S3328TP-EI-24S:52W
S3352P-SI/EI:38W
S3352P-EI-24S:65W
S3352P-EI-48S:90W
S3328TP-PWR-EI:448W(Dissipated power:
78W,PoE:370W)
S3352P-PWR-EI:880W(Dissipated power:
140W,PoE:740W)
Full configuration
6.5kg
Empty
configuration
5kg
DC input
voltage
Rated voltage
48V DC to60V DC
Maximum
voltage range
36V DC to72V DC
AC input
voltage
Rated voltage
100V AC to 240V AC
Maximum
voltage range
90V AC to 264V AC
Temperature
Long-term
operation
0C to 50C
Weight
7-2
Issue 01 (2009-12-15)
7 System Specifications
Item
Specification
Short-term
operation
5C to 55C
Storage
40C to 70C
Relative humidity
10% RH to 90% RH
Altitude for
installation
Long-term
operation
0 m to 2000 m
Storage
0 m to 2000 m
Processor
Switching capacity
Issue 01 (2009-12-15)
S3328:12.8Gbit/s
S3352:17.6Gbit/s
Packet forwarding
capacity
S3328:9.6Mpps
S3352:13.1Mpps
DDR memory
128MB
Flash memory
16MB
7-3
7 System Specifications
Description
Ethernet
VLAN
MAC
ARP
Smartlink
LLDP
7-4
Supports the 10-Mbit/s, 100-Mbit/s, 1000-Mbit/s, and autonegotiation rate of Ethernet interfaces.
Supports Smartlink.
Supports Monitorlink.
Supports LLDP
Issue 01 (2009-12-15)
Feature
Protection
against
Ethernet
loops
Description
MSTP
RRPP
IPv4
forwardin
g
IPv4 features
Unicast
routing
features
Multicast
routing
features
Device
reliability
Issue 01 (2009-12-15)
7 System Specifications
BFD
Supports STP.
Supports RSTP.
Supports MSTP.
Supports ARP/RARP.
Supports auto-detection.
Static routes
RIP-1/RIP-2
OSPF
BGP
IS-IS
uRPF check
VRF
IGMPv1/v2/v3
PIM-DM
PIM-SM
PIM-SSM
MBGP
MSDP
RPF
7-5
7 System Specifications
Feature
Layer 2
multicast
features
Eth OAM
QoS
features
Description
Others
VRRP
Layer 2
multicast
features
Supports PQ scheduling.
Congestion
avoidance
and rate limit
Supports SRED.
Rate limit on
outbound
interfaces
EFM OAM
Traffic
classification
Traffic
behavior
Queue
scheduling
7-6
Issue 01 (2009-12-15)
Feature
Configura
tion and
maintenan
ce
Description
Terminal
services
File system
Debugging
and
maintenance
Software
upgrade
Security
and
managem
ent
System
security
Network
Management
Issue 01 (2009-12-15)
7 System Specifications
Supports SNMPv1/v2c/v3.
Supports RMON.
7-7
7 System Specifications
Feature
Description
Cluster
management
7-8
Supports HGMPv2.
Issue 01 (2009-12-15)