Beruflich Dokumente
Kultur Dokumente
5900E
Description
Product
Date
Author
Reviewer
Notes
V2.0
2011-12-29
XUXIAODONG
YUANZHIYONG
V2.1
2011-12-29
XUXIAODONG
YUANZHIYONG
V2.2
2012-12-10
XUXIAODONG
YUANZHIYONG
TABLE OF CONTENTS
Overview ............................................................................................................ 8
2
2.1
2.2
2.3
2.4
2.5
2.6
Features ........................................................................................................... 10
Superior Performance and Capacity .................................................................. 10
Enhanced Video Service Experience ................................................................. 10
Rich Service Platforms ....................................................................................... 10
Carrier-Class High Reliability ............................................................................. 11
Excellent Operation and Maintenance Design.................................................... 11
Energy Saving and Environment Protection ....................................................... 12
3
3.1
3.1.1
3.1.2
3.1.3
3.1.4
3.1.5
3.1.6
3.1.7
3.1.8
3.1.9
3.1.10
3.1.11
3.1.12
3.2
3.2.1
3.2.2
3.2.3
3.2.4
3.2.5
3.2.6
3.2.7
3.2.8
3.2.9
3.2.10
3.2.11
3.2.12
3.2.13
3.2.14
Functions ......................................................................................................... 14
Basic Function ................................................................................................... 14
MAC Address Management ............................................................................... 14
VLAN ................................................................................................................. 16
SVLAN ............................................................................................................... 20
STP.................................................................................................................... 21
Link Aggregation ................................................................................................ 22
Basic Ethernet Features..................................................................................... 23
IGMP Snooping ................................................................................................. 24
Ipv4 Multicast Route .......................................................................................... 25
IPv4 Route ......................................................................................................... 26
Voice VLAN ....................................................................................................... 26
GVRP ................................................................................................................ 26
PPPoE+ ............................................................................................................. 27
Value-Added Service ......................................................................................... 28
Cluster Management .......................................................................................... 28
ESRP Ring Protection ........................................................................................ 30
ZESS ................................................................................................................. 31
Security Feature ................................................................................................ 31
TR101 Feature................................................................................................... 32
MPLS ................................................................................................................. 33
Support External Alarm Input and Output ........................................................... 37
VCT Technology ................................................................................................ 38
SFP DOM .......................................................................................................... 38
SFlow................................................................................................................. 38
ACL.................................................................................................................... 39
QoS ................................................................................................................... 41
Port Mirroring ..................................................................................................... 44
Traffic Statistics ................................................................................................. 45
3.2.15
3.2.16
3.2.17
3.2.18
3.2.19
3.2.20
3.2.21
3.2.22
3.2.23
3.2.24
3.2.25
3.2.26
3.2.27
3.2.28
3.2.29
3.2.30
3.2.31
3.2.32
3.2.33
NTP ................................................................................................................... 45
RADIUS ............................................................................................................. 45
TACACS+ .......................................................................................................... 45
SNMP ................................................................................................................ 46
RMON................................................................................................................ 47
DOT1X Authentication ....................................................................................... 47
IPTV................................................................................................................... 48
VBAS ................................................................................................................. 49
ARP ................................................................................................................... 49
DHCPv4 ............................................................................................................. 50
LLDP.................................................................................................................. 51
UDLD ................................................................................................................. 53
VRRP................................................................................................................. 55
Ethernet OAM .................................................................................................... 56
Multi-VRP CE ..................................................................................................... 62
L2PT .................................................................................................................. 63
Dual-Port Loop Inspection.................................................................................. 64
IPFIX.................................................................................................................. 65
Features of Synchronous Clock ......................................................................... 65
4
4.1
4.2
4.2.1
4.2.2
4.2.3
4.2.4
4.3
4.3.1
4.3.2
4.3.3
4.3.4
4.3.5
4.3.6
System Architecture........................................................................................ 68
Product Physical Structure ................................................................................. 68
Hardware Architecture ....................................................................................... 70
Control Module and Switching Module ............................................................... 71
Interface Module ................................................................................................ 77
Power Module .................................................................................................... 78
Clock Module ..................................................................................................... 78
Software Architecture ......................................................................................... 79
Operation Support Subsystem ........................................................................... 81
MUX Subsystem ................................................................................................ 82
L2 Subsystem .................................................................................................... 82
L3 Subsystem .................................................................................................... 83
NM and Operation & Maintenance Subsystem ................................................... 84
ZXROS Platform ................................................................................................ 84
5
5.1
5.2
5.3
5.4
5.5
5.6
5.7
Reliability ........................................................................................................... 95
6
6.1
6.1.1
6.1.2
6.2
6.2.1
6.2.2
6.2.3
6.2.4
6.2.5
7
7.1
7.1.1
7.1.2
7.1.3
7.1.4
7.2
7.2.1
7.2.2
Networking..................................................................................................... 104
Product Features in Real Network Implementations ......................................... 104
SVLAN( Flexible QinQ) .................................................................................... 104
IPTV................................................................................................................. 105
ESRP ............................................................................................................... 107
ZESS ............................................................................................................... 107
Integrated Networking Applications .................................................................. 109
MAN Access Layer Solution ............................................................................. 109
Enterprise Network Solution ............................................................................. 109
FIGURES
Figure 3-1 Specific QinQ Networking Application ...............................................................19
Figure 3-2 Processing procedure of PPPoE+ .....................................................................27
Figure 3-3 The Networking Topology of Cluster Management ...........................................29
Figure 3-4 The Rules for Switch Role Conversion ..............................................................30
Figure 3-5 The networking topology of ZESS .....................................................................31
Figure 3-6 Alarm Interface .................................................................................................37
Figure 3-7 Basic Architecture of sFlow ...............................................................................39
Figure 3-8 Traffic Policing with CIR/PIR .............................................................................42
Figure 3-9 5P3D Model based upon Ethernet Service .......................................................44
Figure 3-10 end to end MPLS QoS ....................................................................................44
Figure 3-11 False connection of interface ..........................................................................54
Figure 3-12 Interface down ................................................................................................55
Figure 3-13 Relationship of sub-layers of OAM in ISO/IEC OSI reference model ...............56
Figure 3-14 Maintenance domain.......................................................................................59
Figure 3-15 Ethernet Maintenance Domain Inclusive Relations .........................................60
Figure 3-16 L2PT Networking ............................................................................................64
Figure 4-1 The Front Panel of ZXR10 5928E .....................................................................69
Figure 4-2 The Front Panel of ZXR105928E-FI..................................................................69
Figure 4-3 The Front Panel of ZXR10 5952E .....................................................................69
Figure 4-4 The Front Panel of ZXR10 5916E .....................................................................69
Figure 4-5 The Front Panel of ZXR10 5928E with Clock Synchronization Interface Card ..69
Figure 4-6 System hardware diagram of ZXR10 5900E .....................................................71
Figure 4-7 Diagram of main control card ............................................................................72
Figure 4-8 Front panel of clock module ..............................................................................79
Figure 4-9 Functional Block Diagram for the Operation Support Subsystem ......................81
Figure 4-10 functional Block Diagram of the L2 Subsystem ...............................................82
Figure 4-11 Functional Block Diagram of the L3 Subsystem ..............................................83
Figure 7-1 SVLAN networking application ........................................................................105
TABLES
Table 4-1 The Assistant Interface Type and Interface Number of ZXR10 5900E ...............73
Table 4-2 Feature of 100/1000Base-T Ethernet interface on main control card of ZXR10
5900E...................................................................................................................................74
Table 4-3 Functions of ZXR10 5900E system indicators ....................................................74
Table 4-4 Service Interface Card of ZXR10 5900E ............................................................77
Table 4-5 L2 Protocol Standard .........................................................................................85
Table 4-6 TCP/IP Protocol Standard ..................................................................................85
Table 4-7 RIP Protocol Standard .......................................................................................86
Table 4-8 OSPF Protocol Standard....................................................................................86
Table 4-9 BGP Protocol Standard ......................................................................................86
Table 4-10 ISIS Standard ..................................................................................................87
Table 4-11 VRRP Standard ...............................................................................................87
Table 4-12 LDP Standard ..................................................................................................87
Table 4-13 Multicast Standard ...........................................................................................87
Table 4-14 Differentiated Services Standard ......................................................................88
Table 4-15 PPP Standard ..................................................................................................88
Table 4-16 DHCP Standard ...............................................................................................89
Table 4-17 Network Management Standard .......................................................................89
Table 5-1 Physical Parameters ..........................................................................................92
Table 5-2 Basic Performance.............................................................................................93
Table 5-3 Reliability ...........................................................................................................95
Overview
ZXR10 5900E Series Gigabit L3 Switches introduced by ZTE aim at satisfying
aggregation market in the industry, in order to meet the requirements of service access
bearer network integrate data, voice, video and mobile services on a unified platform.
With high-performance software/hardware architecture, excellent switching capacity and
performance, simple operation and maintenance tool, ZXR10 5900E series products give
conveniences to develop sustaining carrier-class bearer network.
ZXR10 5900E series products make the equipment work longer and maximally protect
operators investment, with their High-speed back plane, advanced special core chips,
featuring their superior service extensibility and more value-added services. Green
Environment Protection design philosophy enables ZXR10 5900E series products to be
famous for its low power consumption in industry. The tight architecture of the equipment
requires little space and costs in equipment operation. The modular dual power supply
design ensures high reliability, which greatly reduces the costs of operation and
maintenance, and realizes maximum profits.
ZXR10 5900E series all-GE intelligent routing switch includes four models, i.e.
5916E,5928E, 5928E-FI and 5952E. ZXR10 5916E provides 12 GE Ethernet electrical
interfaces, 1 extension slot, 1 FE management interface, 1 Console port, 2 warning ports.
The sub-card for the extension slot can be classified into 4 sorts:4 GE SFP optical
interfaces,4 GE electrical interfaces,2 10GE optical interface,4 10GE optical
interface;ZXR10 5928E provides 24 GE Ethernet electrical interfaces,1 extension slot,1
FE management interface,1 Console port,2 warning ports and 1 clock synchronization
sub-card.the sub-card for the extension slot can be classified into 4 sorts:4 GE SFP
optical interfaces,4 GE electrical interfaces,2 10GE optical interface,4 10GE optical
interface;ZXR10 5928E-FI provides 24 GE Ethernet SFP interfaces,1 extension slot,1 FE
management interface,1 Console
and 1 clock
synchronization sub-card. The sub-card for the extension slots can be classified into 4
sorts:4 GE SFP optical interfaces,4 GE electrical interfaces,2 10GE optical interfaces ,4
10GE optical interfaces;ZXR10 5952E provides 4 linecards,1 extension slot, 1 FE
management interface, 1 Console interface and 2 warning interfaces. each line-card
supports 8-port GE optical/electrical interface. The sub-card for the extension slot can be
Features
2.1
2.2
2.3
10
hardware queue, so that it can support all kinds of services flexibly, and realize traffic
shaping, policy marking, queue scheduling and congestion control It to meet users
requirements for multiservice bandwidth control, realizes real SLA in the course of
service access, and provides solid guarantee to carriers precise operation.
2.4
2.5
11
modules in and out of the chassis. Theres also a fixed lock at the bottom of each slot.
when the slot is installed, the lock will fix the slot to avoid its loose.
All network cables and power cables, including the switches of power supply are in the
front of the panel. This gives after-sales engineer great conveniences in their work. All
jobs can be done as soon as they open the chassis, which truly improves engineers
work efficiency.
M button on the front panel breaks through the design of the traditional switch via which
only linkactive and direct speed can be displayed. The mode switch button of the M
button can visually display the running sate of the switch such as CPU utilization,
memory utilization, CPU ARP attack number, whether the port learns MAC, whether the
existence of CRC error, display of entire bandwidth and network storm. Network servers
can also directly Ping to determine whether the links of network management are
connected. This can give more convenience to quick maintenance and efficient
management.
The external warning interface of ZXR10 5900E series has 3-line warning input and
5-line control input. It enables the external warning of the system to be controlled
effectively, and reduces/avoids the loss caused by external warning.
By using VCT technology, ZXR10 5900E series Ethernet switch can implement remote
maintenance of cable. It can inspect the short circuit, open circuit on the cable, and make
sure the tolerance of location within 1 meter. By VCT, ZXR10 5900E series Ethernet
switch can detect the failure does not cause by the configuration error at Client, it is able
to locate the failure equipment, port and even the distance to the failed cable. In network
management center, failure location can be done to obviate most failures to make
network maintenance job easier. Furthermore, this method reduces the difficulties and
costs of operation maintenance at the same time.
2.6
12
i.e.220mm deep, small size, light weight and large capacity, it helps the carrier to save
the energy and reduce the requirements for deployment environment efficiently.
13
Functions
3.1
Basic Function
3.1.1
14
Only match the source MAC address of the data, i.e. if the source MAC
address of the data is the set MAC address, then carries out the filtering.
Only match the destination MAC address of the data, i.e. if the destination
MAC address of the data is the set MAC address, then carries out the filtering.
15
Match the source or destination MAC address of the data, i.e. if the source or
destination MAC address of the data is the set MAC address, then carry out
the filtering.
3.1.2
VLAN
ZXR10 5900E series have basic L2/L3 switching functions. The forwarding carried out in
data link layer realizes the classification of virtual working group by supporting IEEE
802.1Q protocol. ZXR10 5900E series supports multiple ways to classify VLAN, i.e. the
classification based upon equipment port, or the classification based upon the host MAC
address and the network layer information of users message.
3.1.2.1
Port-Based VLAN
The port-based VLAN classification is simple and popular. It allocates different ports of
the equipment with different VLAN, so all traffics received by these ports belong to the
VLAN corresponding to this port.For example, port 1,2 and 3 belong to the same VLAN,
other ports belong to other VLANs, as a result, and the frames received by port 1 are only
delivered to port 2 and port 3. If the VLAN user moves to a new place, it will not belong to
its original VLAN unless it is allocated with a new VLAN.
3.1.2.2
ProtocolBased VLAN
Protocol-based VLAN is flexible, so it is suitable for L3 or network with rich protocols.
Protocol-based VLAN is classified in terms of data packets network layer encapsulation
protocol, so the labels with the same data packet are in the same protocol VLAN. This
VLAN based upon network layer protocol enables broadcasting domain to cross multiple
VLAN switch. Therefore, users can move freely in the network, and its VLAN
membership will still remain.
Via this method, even user changes its location, he does not have to reconfigure its
VLAN. Besides, it can classify VLAN according to protocol type. Without requiring
additional frame label to mark VLAN, this method reduces network communications.
16
Protocol VLAN is set enable on the physical interface, and it can be disabled as
customer requires. It only classifies VLAN according to data packet label. It isolates
packets with different labels.
3.1.2.3
Subnet VLAN
Subnet VLAN is implemented in L2 VLAN, realizing data frame forwarding flexible.
Subnet VLAN determines the corresponding VLAN data will be forwarding according to
the source IP address of the data frame. This VLAN based upon the source IP address
enables users in different network segments cross multiple VLAN forwarding. But their
VLAN membership will still remain.
Subnet VLAN isolates data with different source IP addresses. So users can only get
data from the same network segment. The priority for UNTAG frame to forward subnet
VLAN is higher than protocol VLAN and PVID, TAG frame is forwarded in TAG mode,
and its priority is higher than subnet VLAN.
3.1.2.4
PVLAN
To enhance network security and isolate messages between users, each user will be
distributed with one VLAN traditionally. This method has the following obvious
drawbacks:
Currently 4094 VLANs are supported at most in IEEE 802.1Q standard. So the
limitation of the user number stops network extension.
Each VLAN is corresponding to one IP sub-net, so many subnets will cause the
waste of IP address.
The planning and management of so many VLAN and IP subnets make network
management more complicated.
17
VLAN are isolated, and user can communicate with its default gateway only.It tightly
ensures network security.
3.1.2.5
VLAN Translation
VLAN translation is also an expansion of the VLAN function. It allows overlapping VLAN
IDs of different Ethernet switches accessing from the edge, and via VLAN translation
service, these overlapping VLAN IDs will be changed to different VLAN IDs and sent via
uplink port. So that users can be isolated in L2 core switch, which simplifies the
configuration of edge access switch.
3.1.2.6
Super VLAN
The traditional ISP network allocates each user an IP subnet. There are three IP
addresses used as subnet network number, broadcasting address and default gateway
respectively when every subnet is allocated. If there are lots of IP address remained in
some users subnet, they cant be used by other users either. This method may waste a
great number of IP addresses.
SuperVLAN solves this issue perfectly by aggregating multiple VLANs (normally called
sub-VLAN) to one SuperVLAN. These VLANs use the same IP subnet and default
network gateway.
Via SuperVLAN technology, ISP only needs to allocate one IP subnet to SuperVLAN,
and create one sub-VLAN to each user. All sub-VLANs can allocate IP addresses in the
subnet of SuperVLAN flexibly. They use the default gateway of SuperVLAN. Each VLAN
is an independent broadcasting domain, making sure the isolation of different users.
Different VLAN use SuperVLAN to route and communicate with each other.
3.1.2.7
QinQ
QinQ, also known as VLAN stacking, is a vivid name for the tunnel protocol based on
802.1Q encapsulation. Besides original VLAN label (Inner Label), QinQ technology adds
another VLAN label (Outer Label) which can cover the inner label.
18
QinQ does not need protocol support, via which simple L2VPN (L2 Virtual Private
Network) can be implemented. It is suitable for L3 switch in small LAN
Specific networking application based upon QinQ technology is as shown in the following
figure. The port connecting to user network is called Customer port, and the one
connecting operator network is named Uplink port. Operator network edge access
equipment is called PE (Provider Edge)
Figure 3-1
Normally user network uses Trunk VLAN to access PE. The Uplink port in service
provider network interconnects with each other via Trunk VLAN mode.
When messages reaches customer port of switch A from user network 1, the switch A will
insert an outer label (VLAN ID is 10) no matter the message is tagged or untagged.
Messages is sent long the port with VLAN 10
when switch B realizes user network 2 is connecting with customer port, it will detag the
outer label according to traditional 802.1Q protocol to resume users original messages.
Then the messages will be sent to user network 2.
In this way, streams between user network 1 and 2 can be transferred transparently via
service providers network. User network can freely plan its private network VLAN ID
without causing VLAN ID conflicts in service provider network.
19
3.1.3
SVLAN
SVLAN is also called flexible QinQ. Its the development and enhancement of QinQ.
Original QinQ can only implement port-based outer layer label addition. Its not flexible in
application. SVLAN can tag packets with different S-Tag label selectively based on port
and C-Tag. To keep client packet COS, it can duplicate 802.1p field in inner layer label to
outer layer label to keep user QoS continuity.
Compared with QinQ, SVLAN has enhanced function of network user location, which
enables QinQ to better support PUPV (one VLAN per user) and PSPV (one VLAN per
service). It is easy for carriers operation and maintenance management. The most
typical application is Triple Play service in broadband to the home.
VLAN can perfectly solve the problem of user location separation and service
differentiation in broadband network. It can implement operation and maintenance
management for one VLAN per user, which brings great convenience to network
management and maintenance. ZTE is always an advocator of this technology and takes
the leading position in the industry.
ZXR10 59E series switch supports SVLAN with the following applications and functions:
Being able to distinguish different service VLAN at one port and tag different outer layer
label based on different service requirements.
Being able to implement coexistence of VLAN transparent transmission and QinQ
service at port; being able to keep user label unchanged without adding new label to user
label when some VLAN packets are going through switch.
Being able to duplicate 802.1p field in user label to outer layer label to guarantee that
users service level is kept unchanged in QinQ network so as to keep the consistency of
QoS of user service.
IEEE802.1ad specifies that S-Tag Ethernet type is 0x88A8 and C-Tag Ethernet type is
0x8100. ZTE switch supports C-Tag and S-Tag Ethernet type at any designated port.
SVALN has two major applications in the network:
20
SVLAN is applied in user location separation and service differentiation in network and
Triple Play service in family broadband. SVALN QinQ can solve traditional 4096 VLAN
resource shortage problem so as to truly implement PUPV and PSPV.
3.1.4
STP
STP (Spanning Tree Protocolis built particularly to eliminate network broadcasting
storm caused by circle links, and to provide network topology redundant backup service.
Aiming at generating a tree, the root of the tree is a switch named root bridge.
According to different configurations, different switches will be used as the root bridge.
But theres only one root bridge at any time. A tree is formed starting from the root tree,
and the root bridge will send configuration message on a regular basis. Each switch who
receives the message will dispatch it to other ports after updating the received message
on the basis of its own configuration and network topology architecture.
When one
switch gets configurations from two or more than two ports, theres loop existing in the
network. At this moment, the switch will leave one port in forwarding mode, and block
other ports to get rid of loop. When one port does not get configuration message for a
long time, it will be considered by the switch as overtime configuration which may have
changed the network topology. So the network topology must be calculated again and
generate a tree.
RSTP (Rapid Spanning Tree Protocol) is the optimization of spanning tree.
ZXR10
5900E Ethernet switch supports this protocol. As for its rapidness, the latency caused by
root port and designated port getting into forwarding status in network equipment or link
changing period are shortened in some conditions, so network topology can get steady
much faster.
Rstp feature also support sbpdu guard, root guard, loop guard, edgeport and stp
ignored per VLAN features, where BPDU guard For access-layer equipment, access
port is normally connected with user terminal (e.g. PC) or file server directly. At this
moment, the access port is configured as edge port to realize fast migration of this port;
when these ports receive configuration messages (BPDU message), the system will
automatically set these ports as non-edge-ports. Recalculation of spanning tree causes
network topology concussion. Normally these ports will not receive STP configuration
messages. If someone make fake configuration message to raise malicious attack,
network concussion will happen.
21
RSTP provides BPDU protection to prevent these attacks switch initiates BPDU
protection service, so that if the edge port receives the configuration message, the
system will terminate these ports and inform network management that these ports has
been shut down by RSTP. Only network administrator can resume these shutdown ports.
ROOT guard In the network, when root bridge receives a BPDU message with higher
priority, it will not act as root bridge anymore so network topology will be changed, which
directly causes the breakdown of data forwarding.
being attacked, root protection service should be imitated over the port. So when it
receives high-priority messages, it will change to listen status and stop forwarding
message. In 30 seconds, it will change to normal status automatically, which avoid
frequent root bridge change.
Loop guardLoop protection can avoid the loop caused by one-way link failure. After
initiating loop guard service, the port will directly changes to loopinconsistent blocking
status if bpdu message does not arrive in expected time.
listening, learning, or forwarding status, otherwise STP will insist theres physical failure
over port. When bpdu message is received, the port will be resumed.
3.1.5
Link Aggregation
Link aggregation is the process where the physical link segments with the same media
type and same transmission rate are bundled together, and appear as one link logically.
Switch decides via which port the message will be sent to the peer-end switch according
the port sharing policy user made. When switch detects one member port link breaks
down, it will stop sending messages over this port and recalculate message delivering
port in the rest links on the basis of load sharing policy. When the failed port is resumed,
the recalculation will be carried out again to get correct port. Link aggregation is a very
important technology in extending link bandwidth and realizing link transmission elasticity
and redundancy.
ZXR10 5900E supports two sort of link aggregation, i.e. static Trunk and LACP
Static Trunk adds multiple physical ports to Trunk group directly to form a logical port.
This method is not good for inspecting the status of link aggregation port.
22
LACP (Link Aggregation Control Protocol) follows IEEE 802.3ad standard. LACP
aggregates multiple physical ports dynamically to Trunk group via protocol to form a
logical port. LACP generates aggregation to get maximum bandwidth.
When configure link aggregation service on ZXR10 5900E, the following principles
should be followed:
The member port mode can be access, trunk or hybrid. But they must keep the
same.
The logical port formed by link aggregation on ZXR10 5900E is called smartgroup which
can be used as common port.
3.1.6
Port mirroring
Port mirroring service can replicate the data of one or more than more ports
(reflector port)on the switch to a designated destination port (monitoring port). The
monitoring port can get the data on these reflector ports via mirroring image, so that,
it can carry out network traffic analysis and failure diagnosis. Also, it supports
remote SPANRSPANERSPAN.
It can restrict the number of broadcasting message allowed to pass Ethernet port per
second. When the broadcasting traffic exceeds the value user set, the system discards
the broadcasting traffic to control it to a reasonable scale. In this way, it effectively
suppresses broadcasting storm, avoids network congestion and ensures normal service
23
operation. The broadcasting storm suppression is set based upon speed, i.e. the smaller
the speed is, the less broadcasting traffic is allowed to pass.
Support the configuration of port speed, duplex mode, and self adaptation.
3.1.7
IGMP Snooping
The IGMP Snooping maintains the relationship between the multicast address and the
table of the LAN by listening to the IGMP packets communicated between the user and
the router. It maps the members of a multicast group into a VLAN. After receiving the
multicast packets, it forwards them only to the VLAN members in that multicast group.
IGMP Snooping and IGMP are the same in that they are both used for managing and
24
controlling the multicast groups through IGMP messages. However, they differ in that
IGMP runs on the network layer, while IGMP Snooping runs on the link layer. When the
switch receives IGMP packets, IGMP Snooping will parse the information contained in
them and establish and maintain a MAC multicast address table on L2.
When IGMP Snooping is enabled on the ZXR10 5900E, multicast packets are multicast
on L2. When no IGMP Snooping is enabled, multicast packets will be broadcast on L2.
3.1.8
25
3.1.9
IPv4 Route
In the network where ZXR10 5900E is used, user not only requires L2 switching, but also
demands L3 route forwarding service.
ZXR10 5900E series supports the following IPv4 UNICAST routing features:
Support IPv4-based dynamic routing protocols including RIP, OSPF, IS-IS and BGP.
It adapts to the change of network topology, upgrades route dynamically, so it is
suitable for large-scale network with complicated networking topology.
3.1.11 GVRP
Based on GARP (Generic Attribute Registration Protocol), GVRP (GARP VLAN
Registration Protocol) is a VLAN dynamic configuration technology. It is used in
complicated networking environment. Distribution, registration and transmission of VLNA
attribute in a dynamic way by GVRP can simplify VLAN configuration management, and
reduces network interconnection problems caused by inconsistent configuration. GVRP
implements VLAN attribute registration and cancellation by announcement and reclaim
of the announcement. When the port receives a VLAN attribute announcement, it will
register the VLAN information contained in the announcement and the port joins the
26
VLAN. When the port receives a VLAN attribute reclaim announcement, it cancels the
VLAN information contained in the announcement and the port quit the VLAN. The port
will not join the dynamic VLAN without receiving VLAN registration information. In this
way it realizes VLAN cutting and suppress the unnecessary traffic.
3.1.12 PPPoE+
PPPoE+ is also called PPPoE Intermediate Agent. Its implementation principles are
similar to that of DHCP option82. It expands PPPoE packets. Working as the
intermediate agent, the switch intercepts the protocol packets at PPPoE Discovery Stage.
It inserts TAG containing port information into payload of the packet for the server to
identify the user port. Some BRAS will also inset TAG in response to the downlinking
packet. Therefore, as the intermediate agent, the switch will delete the TAG in the
downlinking packet. PPPoE+ processing procedure is shown in the following figure:
Figure 3-2
PPPoE
Host
PADI
Access
Concentrator
PADI + uPortID
PADO
PADR
PADR + uPortID
PADS
PPP Session Stage
PADT
PADT
27
3.2
3.2.1
Value-Added Service
Cluster Management
Cluster refers to an aggregation formed by a group of switch in a particular broadcasting
domain. This group of switch composes a unified management domain, providing a
public IP address and management interface outside. Also it offers management and
access capability to each member in the cluster.
The management switch responsible for configuring public IP address is called command
switch, and other managed switches are named member switch. Normally, the member
switch does not have public IP addresses, instead it uses DHCP-similar service of the
command switch to distribute private address. The command switch and member switch
compose cluster together (Private Network)
The isolation of broadcasting domain between public network and private network is
proposed to be done on the command switch.
28
Figure 3-3
TFTP Server
110.1.1.2
NM
110.1.1.1
Public
networks
100.1.1.10
Inside
Inside cluster Command cluster
ip pool
switch
networks
192.168.1.0/24
Member
Member
switch
switch
Member
switch
Member
switch
Outside
cluster
Member
switch
Candidate
switch
The rules for the conversion of four-role switches in the cluster are as shown in the
following Figure:
29
Figure 3-4
Member switch
Destined for
independent switch
Join
cluter
Delete from
cluster
Candidate
switch
Destined for
candidate switch
Destined for
independent switch
Destined
for
Destined for
candidaate
command switch
Destined for
switch(no member)
independent
switch(no member)
Command swtich
Independent
switch
3.2.2
30
3.2.3
ZESS
ZESS (ZTE Ethernet Smart Switch) describes a cost-effective link switchover mechanism.
It enables the services to be switched over to backup link rapidly when the active link
breaks down, so that normal service transmission can be guaranteed.
As the following figure shows, node 1 supports ZESS service. Port 1 is the master port
and port 2 is the standby port. When node 1 inspects that both the master and standby
ports are in UP mode, it will disable the service VLAN protection forwarding service of the
standby port; when node 1 finds the master port is Down, it will block VLAN forwarding
service of the master port, and enable VLAN forwarding service of the standby port;
when node 1 inspects that the master port resumes to UP mode, the inverted and
uninverted modes can be chosen. In inverted mode, the master port is opened and the
standby port is blocked again. In uninverted mode, the master port keeps blocked mode,
and the standby port is open. In addition, when ZESS takes action, FDB of the blocked
port should be updated.
Figure 3-5
Upper
network
Node 3
Node 2
Slave port
Master port
Node 1
3.2.4
Security Feature
ZXR10 5900E provides users with rich security features, providing multi-dimensional
protection in control layer, data layer, and management layer of the device. On data layer,
31
the device provides address change scanning attack prevention, broadcast multicast
packet rate restriction, port security protection, MAC address table and ARP binding,
DHCP Snooping, IDS association etc. The control layer provides multiple layers of CPU
packet receiving, interface address conflict detection, network topology change attack
prevention, BPDU protection and root bridge protection, and routing protocol encryption
anti-attack protection. Management layer provides hierarchical user management, user
password encryption, and SSH.
3.2.5
TR101 Feature
TR101 issued by Broadband Forum (the original DSL Forum) in April 2006 is a technical
demand report satisfying broadband access network. In terms of TR-025 and TR-059
architectures, TR101 proposes a way to enable ATM aggregation network to access
Ethernet aggregation network, also it raises an Ethernet-based topology model that
meets the requirements of TR-058 operation. And it gives the specific requirements of
BRAS devices in access aggregation network, the migration, interconnection, QoS,
multicast, security and OAM of all AN nodes.
All mainstream carriers in Europe ask their access and aggregation switches to satisfy
TR101. ZTE follows this demand and tries its best to make the product more satisfied to
TR101. In doing so, ZTE focuses on:
For PVLAN, MFF not only realizes L2 isolation, but also makes sure more secure
In addition to give support to DHCP option82, it can also inspect the messages
that DHCP server returns to customers. And the messages are forwarding as per
port accurately, which prevents other people from getting customers individual
information;
32
3.2.6
MPLS
Currently ZXR10 5900E series provide complete MPLS protocol with the main functions
as follows
3.2.6.1
MPLS L2VPN
ZXR10 5900E supports MPLS L2 VPN service with the following two connections:
Point-to-point connection
Point-to-point connection can easily provide main VPN private line services. It can
use multiple technologies to connect users in the existing network, keeping the
connection features between users and network providers. Services are transmitted
on the IP backbone network of the network provider after they are encapsulated.
Point-to-multipoint connection
According to large customers VPN needs, there are a great many of user sites with
many access points. The network operator needs to provide point-to-multipoint VPN
services. ZXR10 5900E supports VPLS (Virtual Private LAN Service) so that it can
33
establish multi-site linking VPN in a single bringing domain in the IP/MPLS network
that managed by the operator. In this way it provides a easy MPLS L2 VPN solution.
ZXR10 5900E supports MPLS L2 VPN service with the following functions:
3.2.6.2
MPLS L3 VPN
ZXR10 5900E series support complete MPLS L3 VPN features:
34
3.2.6.3
Support static route, RIP, OSPF and BGP access between PE and CE
MPLS TE FRR
MPLS TE fast reroute is a mechanism in MPLS TE for link protection and node protection.
When LSP link or node fails, it takes protection at the node. In this way it permits the
traffic to continue going through the tunnel of the protected link or node so that the data
transmission will not be interrupted. At the same time the head node can continue
initiating re-establishment of main path with data transmission uninfluenced.
The basic principle of MPLS TE fast reroute is to use one established LSP to protect one
or multiple LSP. The established LSP is called fast reroute LSP. The protected LSP is
called main LSP. The ultimate purpose of MPLS TE fast reroute is to use fast reroute
tunnel to bypass the tunnel or node with failure, so as to protect the main path.
The establishment of fast reroute LSP and main LSP involves every component of MPLS
TE system.
MPLS TE fast reroute is based on the implementation of RSVP TE. It follows RFC4090.
There are two ways to implement fast reroute:
One-to-one Backup: one to one backup protection: one main LSP establishes one
backup protection LSP, which is called Detour LSP.
Facility Backup: one to multiple backup protection. Multiple main LSP establish one
backup protection LSP, which is called Bypass Tunnel.
Facility is usually adopted to deploy MPLS TE FRR. The establishment of main LSP is
the same with that of common LSP. RSVP sends PATH message from the head node to
the downstream hop-by-hop, and sends RESV message from the tail node to the
upstream hop-by-hop. It distributes labels when it deals with RESV message to reserve
the resource and establish LSP. Bypass Tunnel can be established in two ways: manual
and automatic. When main LSP is not equipped with FRR attribute, Bypass Tunnel can
be manually configured to protect the physical interface of the tunnel. Its configuration is
the same with that of the common LSP except the fact that it cannot be configured with
fast reroute. That is to say, Bypass Tunnel cannot work as main LSP at the same time.
35
36
TE FRR tunnel
CR-LSP tunnel
3.2.6.4
LDP FRR
LDP FRR is MPLS-related reliability technology. With the help of LDP label distribution
protocol, it distributes main/backup label to route. Saving backup label, it make quick
response to route change and switch to the backup label to implement 50ms switching
protection against network failure. If LSP is configured with FRR, when a link or node on
the protected LSP fails, the traffic will be switched to the backup link. LDP FRR is only a
temporary protection measure. When the protected link recovers, the traffic will be
switched back to the original LSP.
3.2.7
Figure 3-6
Alarm Interface
Blue indicates alarm input and red means control output. As figure 6 shows, if the power
supply device connecting to alarm interface of the switch has some problems, the switch
will get signal sent by the alarm input mechanism to show level switch, and then the
switch will take some actions.
server via network management interface,also it can control and reset the power supply
device via control input mechanism.
37
3.2.8
VCT Technology
VCT (Virtual Cable Test) is a cable fault testing function based on hardware. It uses TDR
(Time Domain Reflector) to implement cable diagnosis. It can provide cable error state
such as open circuit, short circuit, un-matching impedance, normal cable etc. It can
provide cable fault point distance.
3.2.9
SFP DOM
DOM (Digital Optical Monitoring) is a part of optical module. The optical module
supporting DOM service can get temperature, voltage, current and the power
consumption in processing traffic. In addition, each optical module is set with some
threshold in operation (including alarm threshold and warning threshold). After initiating
DOM service, the operating status can be polled via 12C bus of the optical module, and
compare the status with the preset threshold. When the value exceeds the threshold,
syslog and SNMP trap modes can be used to send warnings.
3.2.10 SFlow
With the increasing development of network services in commercial environment, the
existing network becomes bigger and bigger. As there are more and more devices and
traffics in the network, the cost in carrying out network maintenance is higher and higher.
So how to manage network equipment efficiently and how to implement real-time traffic
monitoring and analysis have become more and more important to carriers. Currently,
vendors provide multiple network traffic monitoring technologies respectively. But most of
these traffic monitoring technologies are private or build based upon hardware. sFlow
currently is the standard traffic monitoring technology listed by IETF, it requires simpler
hardware, less resource and more universal technology, as a result, it has been
implemented by many vendors.
sFlow services are mainly composed by three parts: sFlow message sampling unit,
sFlow proxy unit, and sFlow analyzer. Usually, the sampling and proxy units of sFlow are
integrated in network device, and sFlow analyzer is built at the exterior of the system,
analyzing multiple sFlow proxy messages in the network. The entire system is basically
as shown in the following Figure:
38
Figure 3-7
sFlow Analyzer
Traffic
Data
Analysis
sFlow Agents
Measurements
sFlow sampling unit is the basic part of sFlow mechanism. It samples messages over the
network interface that supports sFlow, and then it will send the messages to sFlow proxy
unit for processing. sFlow Collector implements sFlow management, monitoring,
collection and analysis. It is responsible for saving and analyzing messages from all
sFlow Agent. Then it will give analysis report on traffic and service.
3.2.11 ACL
To filter data, a series of matching rules need to be configured for network device to
identify the objects needs filtering. When particular object is identified, corresponding
data packets are permitted or prohibited based on the pre-set policy. ACL (Access
Control List) can implement all these functions.
Usually ACL is adopted to implement data packets filtering, policy routing and special
traffic control. One ACL contains one or multiple rules for special types of data packets.
39
The rules inform switch whether to permit or reject data packets that match the selecting
standards specified in the rules.
As the data matching rule defined by ACL can also be used by applications where traffic
should be classified, for example to define traffic classification rule in QoS
ZXR10 5900E provides the following four types of ACL:
L2 ACL: match source MAC address, destination MAC address, source VLAN ID,
L2 Ethernet protocol type, 802.1p precedence.
Hybrid ACL: match source MAC address, destination MAC address, source VLAN
ID, source IP address, destination IP address, TCP source port number, TCP
destination port number, UDP source port number, UDP destination port number,
including all matching fields of the three types mentioned above.
Each ACL has a visit number for identification. The range of this number of different
types of ACL is different:
Basic ACL1~99
Extension ACL100~199
L2 ACL200~299
Hybrid ACL300~349
Each ACL rule has 100 pieces at most, and the rule number ranges from 1 to 100.
40
3.2.12 QoS
Due to the increasing growth of multiple services (data, voice, video) and their different
requirements for service real-time capability (latency, jitter and packet loss rate) and
sensitivity of service reliability, nowadays networks are demanded to be able to
differentiate services, ensure users service quality according to SLA, realize QoS
guarantee in all implementation models, provide end-to-end service quality, make the
network appreciable and service manageable, realize service precise operation and
finally improve users service experience.
3.2.12.1
Traffic Classification and Marking. Service messages are divided into multiple
priorities or categories on the basis of service classification policy (including VLAN,
802.1P, DSCP, MAC address, IP address, TCP/UDP port number, and DSCP info.),
then these categories will be marked by ToS or DSCP fields of Ethernet message
CoS
Traffic Policing. It is particularly used to restrict one stream or abrupt traffic which is
going to access one network. After setting a reasonable limit to the traffic, it will then
police or punish the exceeding part of the message, for example, discard the
message, color the message or reset the priority of the message. In this way, it
protects network resource and operators greatly at the same time.
Following srTCM (Single Rate Three Color Marker) and trTCM (Two
Marker) algorithms introduced by IETF, ZXR10 5900E use two token buckets to evaluate
the arrived messages. Compare messages according to CIR/PIR mode of token bucket
in Color-Blind mode and Color-Aware mode, and color the part exceeding PIR red, the
one exceeding CIR but under PIR yellow, and the one under CIR green. Hence, queue
scheduling and congestion management can be done in terms of message colors.
41
Furthermore, the selection of MPLS tunnel path and hierarchical QoS scheduling can
also be implemented according to message colors. In this way, service precise operation
and management are realized. ZXR10 5900E support CIR/PIR service based upon port
and flow, and they can be used in both incoming and outgoing directions.
Figure 3-8
Traffic Shaping. It is designed particularly to restrict one stream or abrupt traffic and
make these messages sent out in evenly. Traffic shaping is normally done by cache
and token bucket. When the message is sent in high speed, it will be saved in cache
and then sent out evenly in the control of token bucket. Different from traffic policing,
traffic shaping caches messages that do not match traffic feature, which prevents
messages from being discarded and satisfies message traffic feature at the same
time.
Queue Scheduling. For network unit, when the incoming speed of the packet is
faster than their outgoing speed, congestion will happen at egress. When it occurs,
firstly some messages will be discarded if theres not enough cache space. Also a
resource scheduling mechanism should be made to enable messages to cache in
the queue according to some policies. And then these messages will be taken out
from the queue and forwarded as per some scheduling policies. Congestion
management of the queue is very meaningful to bandwidth distribution, latency and
jitter. ZXR10 5900E support PQ (Priority Queuing), Weighted Round Robin (WRR)
and PQ+WRR queue scheduling methods.
42
policies is also based upon the capability of the cache. It makes sure services of
different queues and different priorities can be scheduled according to certain
policies. When too many services are congested, and the queue length has
reached its threshold, all new arrivals will be discarded. This discarding mechanism
may cause TCP entire synchronization where messages of multiple TCP
connection queues will decrease at the same time, so that TCP connections start
congestion avoidance and slow start status to adjust traffic. What is worse, traffic
peak will pear at the same time making the network traffic fluctuate between
insufficient and saturation, which badly influence users service experience.
To improve network quality, ZXR10 5900E adopts WRED to avoid congestion. ZXR10
5900E WRED can be aware of services, set policies for discarding messages of different
priorities, so that different messages can have different discarding policies.
3.2.12.2
Ethernet QoS
Because of the dramatic development of Metro Ethernet Service, there are more and
more Ethernet services in the network. ZXR10 5900E can process service scheduling
and congestion management as per the priority of VLAN frame. It can map IP message
priority or EXP priority of MPLS message to VLAN priority of Ethernet message to realize
integrated service scheduling. In QinQ mode, inner user VLAN priority can be mapped to
outer operators VLAN priority automatically, or outer VLAN priority can be modified
according to users service. This realizes integrated and manageable services from user
service to operator service tunnel.
Traditional Ethernet service is actually VLAN priority guarantee service based upon
Ethernet message. Normally there are 8 corresponding service types, and these services
can not be colored, so that, Ethernet service can not color services according to CIR/PIR
service marks to provide more differentiated service quality. In order to enhance Ethernet
service quality control and realize 5P3D model based upon VLAN service, ZXR10 5900E
classifies services according to 802.1P DE(Drop Eligible) which makes user services into
5 levels and 3 discarding priorities to color services.
43
Figure 3-9
3.2.12.3
MPLS QoS
MPLS QoS is an important part of QoS service deployment. Since DiffServe has good
deployment flexibility and scalability, QoS is usually implemented by DiffServe in
practical MPLS networking solution. ZXR10 5900E supports MPLS QoS based on
DiffServe model. Traditional IP QoS decides the service level based on IP priority or
DSCP to implement differentiated service. MPLS QoS differentiates data flow of different
services based on EXP value, and implements mapping between MPLS EXP and IP as
well as Ethernet, so as to realize differentiated services and guarantee quality of voice
and video services. At MPLS Ingress PE, the IP priority of the packets or VLAN priority
takes mapping of duplication in CoS doman of the label. The classified traffic is
monitored, shaped and scheduled. Service level is differentiated based on CoS field of
MPLS label to guarantee the network service quality.
Figure 3-10
44
3.2.15 NTP
NTP (Network Time Protocol) is a time synchronous protocol used between different
network members. Its transport is based upon UDP. The devices implementing NTP
adjust system clocks automatically by exchanging NTP messages. In this way, they keep
their clock the same. ZXR10 5900E can be deployed as NTP Client in real network
application.
3.2.16 RADIUS
RADIUSRemote Authentication Dial In User Service is a standard AAA(Authorization,
Authentication, Accounting)
routing switch to prevent illegal users from accessing. At the same time, services like
DOT1X also needs to use RADIUS for authentication and accounting.
Currently, ZXR10 5900E supports RADIUS authentication service. It can provide
accessed routing switch with Telnet user authentication.
ZXR10 5900E supports multiple RADIUS server groups. Each RADIUS is allowed to
configure 3 authentication servers. Each group can set the time for setting server and the
time for resetting. The administrator is capable of configuring different RADIUS group to
choose specific RADIUS server.
3.2.17
TACACS+
TACACS+(terminal
Access
Controller
Access-Control
System
Plus)
supports
45
3.2.18 SNMP
The SNMP subsystem implements the SNMP AGENT function, and supports all the
protocol operations of the SNMP agent specified in SNMP V1 /V2c/V3.
The protocol operations of SNMPv1 are:
get-request
get-next-request
get-response
set-request
trap
get-request
get-next-request
get-bulk-request response
set-request
inform-request
snmpV2-trap
The Management Information Library (MIB) is described by using SMIv1 and SMIv2. The
MIB consists of the following parts:
46
3.2.19 RMON
We can use RMON (Remote Monitoring) to keep an eye on remote services. By using
RMON, data collection and processing are done by a remote inspector, i.e. routing switch
system. The routing switch at the same time contains a RMON proxy software handling
communication by SNMP and network management. Usually, information only goes from
routing switch to network management system when special requirements are raised.
47
with requesting PAE, and it also delivers the information coming from requesting PAE to
authentication server. Then after verifying this information, the authentication server
confirms if the requester will be authorized to access authenticators service. The
authenticating PAE relies on the authentication result to control the authorization of
controlled port and the status of the uncontrolled port. The authenticating PAE enables
the uncontrolled port and EAPOL exchange protocol with requesting PAE, and EAPOR
communicates with RADIUS authentication server.
ZXR10 5900E series products mainly support the following 802.1X services:
Support authenticating PAE to exchange protocol via uncontrolled port and EAPOL
by re-authentication timer
authentication packet
3.2.21 IPTV
IPTV is also name interactive network TV which is introduced by operator on the basis of
broadband. By using IP broadband network, it integrates Internet, multimedia and
communication technologies, providing users with many interactive services, e.g. live TV
program, on-demand video service and network surfer service.So user can take
advantage of these services by PC or IP set-top box + TV.
As one of the key technologies of ZTE IPTV system architecture, controllable multicast
mainly implements at broadband access network side. The device implementing
multicast controlling policy (BRAS, DSLAM or switch) is called multicast controlling point,
48
which works as the terminating point of user multicast IGMP request and determines
whether to duplicate multicast stream to user port based on corresponding IGMP request
and control policy. The multicast controlling point near user saves more network
bandwidth. As the key device implementing multicast controlling policy, multicast
controlling point supports the following features: IGMP V1/V2, IGMP Snooping, IGMP
Filter, IGMP Proxy, IGMP Fast leave, MVR (Multicast VLAN Register), SGR (Static
Group Register), UGAC (User Group Access Control), UGAR (User Group Access
Record) etc. Multicast on demand authority of user can be controlled by rule and channel
binding.
3.2.22 VBAS
VBAS is the short form for Virtual Broadband Access Server. It is a kind of query protocol
expanded between IP-DSLAM and BRAS device. Point-to-point communication is used
between BRAS and IP-DSLAM, i.e. port information query and respinding message can
be encapsulated in L2 Ethernet data frame.
The implementation principle is that L2 point-to-point communication between BRAS and
IP-DSLAM. That is to say, port information query and responding packets are directly
encapsulated in L2 Ethernet data frame. Configure DSLAM corresponding to VLAN on
BAS. Initiate VBAS during PPPoE calling process. That is to say, mapping user band
VLAN to corresponding DSLAM. BAS actively initiate user line identity query to DSLAM,
which provides BAS with responding user line identity. The local 59E series switch is
DSLAM device
VBAS protocol is implemented by sending VBAS message between BAS and DSLAM.
3.2.23 ARP
When one network device is sending data to another one, in addition to IP address of the
destination equipment, it should also be clear of the MAC address of the destination
equipment. ARPAddress Resolution Protocolis made to map IP address to MAC
address to make sure successful communication.
with an unknown device in the network, the MAC address of the unknown device will be
get firstly via ARP. The specific procedures are:
49
The source equipment broadcasts ARP requests with destination devices IP address,
and all devices in the network will receive this ARP request. If one device realizes that
the request is based upon its own IP address, it will then record senders ARP
information and send ARP response containing its MAC address to source device. In this
way, the source device gets the MAC address of the destination device via this ARP
response.
In order to reduce ARP packet in the network and accelerate data delivery, IP address
and MAC address mapping is cached in the local ARP table. When equipment is going to
send data, it will firstly check ARP table according to IP address. If the MAC address of
the destination equipment is found in the ARP table, there is no need to send ARP
request any more. At the same time, due to the limited space in switch ARP table and the
frequent changes of network equipment, the switch should renew ARP table on time
(Delete the old items and add in new ones). The dynamic items in ARP table can be
deleted automatically, and this course is called ARP aging.
To make the network safer, ZXR10 5900E is able to change the learnt dynamic ARP to
static ARP, manual static ARP and eternal ARP table item. Both static ARP and eternal
ARP table item do not experience ARP aging. The eternal ARP still exist after reinitiating
the switch, however the static ARP will disappear. To prevent from ARP attack, ZXR10
5900E supports ARP protection service, restricting the number of the ARP the switch or
other L3 interfaces learn.
3.2.24 DHCPv4
The DHCP manages the IP address and other related configuration information used on
the network, to reduce the complexity in managing the address configuration. When the
DHCP service is used on the network, the client and server must be in the same
broadcast domain. If a network is built in this way, the ZXR10 5900E must provide the
DHCP SERVER function. In another application, the DHCP server and the users are not
in the same broadcast domain. The client obtains its address through transit via the
ZXR10 5900E. This is what referred to as DHCP relay technically.
The ZXR10 5900E implement the built-in DHCP SERVER function through the DHCP
protocol, to enable the dynamic address allocation and management of the DHCP
CLIENT, and at the same time provide the user management module on the destination
50
equipment system with the appropriate service management interface for the DHCP
CLIENT. They implement transparent interaction between the DHCP CLIENT and DHCP
SERVER through the DHCP RELAY AGENT expansion option of the DHCP protocol, to
enable the dynamic address allocation and management of the DHCP CLIENT, and at
the same time provide the service management module on the destination equipment
system with the appropriate service management interface for the DHCP CLIENT.
ZXR10 5900E series support DHCP Client and automatic download of default
configuration file via DHCP option field. Without any extra configuration, the device can
get IP address, Gateway IP address, and host configuration information, etc. after
receiving discovery message, DHCP server will find corresponding preserved IP address
as per MAC address, and send other information for example host name, TFTP IP
address, Configuration file name to DHCP client via DHCP option at the same time. Then
DGCP client will download configuration file from TFTP server via this information, and
then initiate new configuration file with DHCP protocol acting to download configuration
file at the same time.
3.2.25 LLDP
LLDPLink Layer Discovery Protocolis a new protocol defined in 802.1ab, which
enables adjacent devices to send messages to each other, thus updates physical
topology information and establishes device management information base. LLDP
working process is as follows:
1.
Sends link and management information of local device to the adjacent device;
2.
3.
Store the network management information of adjacent device in MIB base of local
device. Network management software can query L2 connection in MIB base.
LLDP doesnt work as configuration protocol for remote system, nor signaling control
protocol between ports. LLDP can discover inconsistency in configuration of L2 protocol
for adjacent devices, but it only reports the problem to the upper level management
device without providing mechanism to solve the problem.
51
To be simple, LLDP is a kind of neighbor discovery protocol. It defines criteria for network
devices in Ethernet such as switch, router and wireless LAN access points to enable
them to announce their existence to other nodes in the network and to store the
discovery information of each adjacent device. For example, the information of device
configuration and device identification can be declared by this protocol.
LLDP defines a universal announcement information set, a protocol that transmits the
announcement, and a method to store the received announcement information. The
device that announces its own information can put multiple announcements in one
LLDPDU (Link Layer Discovery Protocol Data Unit) to transmit them. The LLDPDU
contains a series of short message unit with variable length, which is called
type-length-value (TLV) with the description as follows:
Each LLDPDU contains four compulsory TLV and one optional TLV:
Device ID TLV
Port ID TLV
TTL TLV
Optional TLV
52
Optional TLV contains basic management TVL set (such as port description TVL),
special TLV set organized by IEEE 802.1 and special TLV set organized by IEEE 802.3.
LLDPDU end TLV indicates the end of LLDPDU.
3.2.26 UDLD
UDLD is a L2 logic link detection protocol which can detect logic connection of Ethernet
link and verify physical connection. Different from physical connection detection, UDLD
detects based on neighbors. L1 devices are transparent to UDLD.
Firstly UDLD needs to establish neighbor relationships. When an Ethernet interface with
status of UP launches UDLD, the interface sends neighbor joining Hello message to its
adjacent device. The interface launching UDLD of the adjacent device sends back an
Echo message. Receiving an Echo message indicates that the device considers the two
devices are interconnected. It establishes neighbor relationship with the peer-end and
also sends an Echo message. Receiving this Echo message by the peer-end, neighbor
relationship on the two devices are both established.
After establishing neighbor relationship, they send Hello messages regularly to check
whether the link works well. The device updates the buffered neighbor information stored
at local and reset time for neighbor timeout. If no Hello detecting message is received
until neighbor aging time, the link is considered as abnormal. Corresponding processing
will be taken based on different work mode.
There are two work modes for UDLD: common mode and aggressive mode. In common
mode, an interface is Down only when protocol packets are received confirming link
single pass. No processing will be taken at the interface if no corresponding packets are
received or link single pass cannot be affirmed. In aggressive mode, the interface is
Down as long as two-way expedite link cannot be guaranteed. The common place of
these two modes is that alarm will be printed as long as normal link status cannot be
affirmed.
Generally speaking, UDLD makes interface Down in the following situations:
In common mode, sends Hello neighbor joining message, and receives Echo
message which indicates the neighbor of the peer-end is not itself.
53
In aggressive mode, sends Hello neighbor joining message, and receives Echo
message which indicates the neighbor of the peer-end is not itself.
In aggressive mode, receives Hello neighbor joining message, and sends Echo
message; but no Echo message from the peer-end is received.
In aggressive mode, all neighbors at the interface exceed the aging period, and no
Hello detection message is received.
When the interface is Down or other accidents occurs that leads to failure of the interface,
the device needs to send a flush message to notify the adjacent L2 device to delete the
information of it.
Initiate UDLD: if the Echo message received indicates that the neighbor of the peer-end
is not itself; its a false connection of interface. UDLD shut down the interface whatever
the mode is as shown iin the following Figure:
Figure 3-11
Device A
PORT
PORT
TX
RX
TX
TX
RX
TX
RX
RX
PORT
PORT
Device B
54
Figure 3-12
Interface down
Device A
PORT
PORT
PORT
TX
RX
TX
RX
TX
RX
TX
RX
TX
RX
TX
RX
PORT
PORT
PORT
Device B
Aging time is the protocol packet sending interval (15 seconds by default) 3. Shut
down the interface if no packet is received within aging time if aggressive mode is
configured.
3.2.27 VRRP
Normally the host in one broadcasting domain will be set with a default gateway working
as the next hop of routing packet. When this default gateway can not work normally, the
host in this broadcasting domain can not communicate with the hosts in other networks
any more. To avoid this sort of single-point failure, multiple router interfaces can be set in
one broadcasting domain and implement VRRP on these routers (Virtual Router
Redundancy Protocol).
VRRP put multiple router interfaces belonging to one broadcasting domain into one
group to form a virtual router. It also allocates an IP address to the virtual router as its
interface address. This interface address can either be one router interface address or
the third partys address. This virtual address will take effect only when it is in the same
network segment as real interface address.
If router interface address is used, this router with this IP address will act as the master
router, and other routers work as the slave ones. If the third partys address is used,
55
router with high priority will work as the master router; if two routers have the same
priority, the one with bigger real IP address will be the master router.
Set IP address of the virtual router on the host in this broadcasting domain as network
gateway. When the master router breaks down, the slave router with the highest priority
will replace it and cause none influence to the host.
group work in abnormal condition, the host in this domain can not communicate outside
any more.
We classify these routers into multiple groups and make them backup each other. And
different IP addresses are used by the host in the domain as network gateway to realized
balanced load.
3.2.28.1
802.3ah
IEEE 802.3ah mainly implements link level management, taking monitoring and failure
processing of point-to-point Ethernet link in the network. Sometimes last mile detection
is just about this. Link layer OAM is mainly applied for point-to-point direct link detection.
Figure 3-13
Figure above is the location of OAM in ISO/IEC OSI reference model. Above OAM is LLC
logic link control or other MAC client layer. Below OAM is MAC layer or optional MAC
control sub-layer. OAM layer is optional. OAM covers the following three functions:
56
Remote discovery
Remote loopback
Link monitoring
DTE involved in OAM sub-layer supports active/passive mode. When OAM is
enabled, DTE that both modes support should choose active or passive.
Remote discovery
Remote loopback
OAM provides optional data link layer frame-level loopback mode controlled by
remote. OAM remote loopback can be applied for failure location and link
performance test. When remote DTE is in OAM remote loopback mode, the
statistic data of local and remote DTE can be queried and compared at any
moment. Query could be implemented before, during, or after loopback is sent
to remote DTE. Besides, OAM sub-layer loopback frame can be analyzed to get
additional information concerned link health (to determine frame dropping
caused by link failure).
57
If OAM client has sent loopback control OAMPDU, and when it waits the
counterpart DTE to indicate its responding message OAMPDU locating at OAM
remote loopback, whether OAM client implements OAM remote loopback
command on peer-end device is determined by the following process: a) if local
DTE source address is larger than that of the peer-end, enter OAM remote
loopback based on peer-end command. b) If local DTE source address is
smaller than that of the peer-end, ignore OAM remote loopback command of
the peer-end and go on working as if nothing is received.
Link error symbol period event. Count error symbols generated in particular
period, which is determined by the quantity of symbols received in certain
period by the physical layer.
Error frame event. Count error frames generated in particular period, which
specifies certain interval.
Error frame period event. Count error frames generated in particular period,
which is determined by the quantity of frames received.
3.2.28.2
CFM
Connectivity Fault Management (CFM) can effectively check, separate virtual bridge LAN
and report its connection fault. It is mainly oriented to carriers network and also effective
to customer network (C-VLAN) as well.
58
Main basis of CFM that current switches support: IEEE 802.1ag implementation.
To manage and maintain the network, network administrator plans network service and
network layers by dividing the whole network into multiple Management Domains (MD).
A single domain is shown in the following Figure.
The domain defines a series of ports at edge device and internal device. The gray points
at the edge device are service ports connecting to device outside the domain. They are
defined as Maintenance End Point (MEP). There are also some black ports (including
those at the device inside the domain) which are ports connecting devices inside the
domain. They are defined as Maintenance Intermediate Point (MIP). Domain
management is implemented by the defined MEP and MIP.
Figure 3-14
Maintenance domain
Maintenance Domain
As shown in the Figure, a network can be divided into user domain, provider domain and
operator domain. Each domain is designated with a level from 0 to 7. The level for
domain determines the inclusion relations. Domain with higher level can contain domain
with lower level; not vice versa. Domains with the same level cannot contain each other.
Thus the domain with the largest coverage has the highest level. Domain inclusive
relations could be tangent (internally or externally) and inclusive, but not intersecting.
59
Connection Fault Management (CFM) can effectively check, separate virtual bridge LAN
and report its connection fault. It is mainly oriented to carriers network and also effective
to customer network (C-VLAN) as well.
Configure multiple embedded Maintenance Domains (MD) via one bridge network
or a network containing a bridge network.
Format of protocol, process and CFM protocol packet used to detect and separate
connection fault report.
Figure 3-15
CE
CE
PE
PE
CE
PE
PE
CE
CE
CE
CE
Operator
Domain
Customer
Domain
Provider
Domain
Scenario A:
Touching Domains Ok
60
Scenario B:
Intersecting Domains Not
Allowed
Scenario C:
Nested Domains Ok
Path Discovery: MEP discovers with LTM/LTR message by tracking a MEP to another
MEP, or the path went through between MIP.
Fault Detection: MEP checks the network connection by CCM message that sent and
received regularly. Connection failure and NonWill connection (connected by mistake).
Fault acknowledgement and isolation: its a kind of behavior of management. The
administrator acknowledges fault by LBM/LBR and implements certain isolation.
Fault notification: when there is connection fault in MEP direction, corresponding report
message will be sent to designated management system (such as NMS and TRAP).
Network status detection: Learn about network connection or network delay and jitter by
checking packets from MEP to MEP with time stamps or sending and receiving of
packets with counter.
MP is the smallest entity on management layer to implement functions, including MEP
and MIP. Comparatively, MEP implements more complicated functions than MIP does.
Its also more complicated to manage configuration than MIP. It can be said that CFM
functions are implemented by MEP, which can send, receive and process any messages
mentioned above. While MIP can only process LTM and LBM message; and send LTR
and LBR message as well.
3.2.28.3
Y.1731
E series medium-end switch supports the following Y.1731 features:
LCK
61
3.2.29 Multi-VRP CE
MVCE provides a kind of function similar to hierarchical PE, which transfer part of PE
functions to CE. But MVCE doesnt need to support MPLS, thus it has low requirements
on access and aggregation equipment. The corresponding device should not be called
as hierarchical PE. The corresponding device to MVCE is still CE.
User data flows are terminated at CE, which avoids bad impact of broadcast traffic on PE.
Complete isolation of different service transmission is implemented at CE, which solves
traditional LAN security problem with low cost. User isolation and security guarantee that
need to be implemented by PE are currently implemented by CE, which conforms to the
development trend of marginalized network security and current requirements of carrier
on bearer network.
A comparison between MVCE and hierarchical PE:
The upper layer PE needs to reconfigure VRF that is already configured on MVCE;
MVCE requires the device to support VPN access with IP address overlapping. With the
development of technology, MVCE can be implemented on medium-end switch.
Configure multiple VRF on MVCE corresponding to multiple VPN sites. Each VFR needs
an uplink interface to connect to PE. Configure the same VRF at the corresponding
interface on PE.
Since MVCE doesnt need to support MPLS, there are still ordinary data packets
between MVCE and PE instead of MPLS labels. Differently, there is a layer of MPLS
labels between hierarchical PE. Thus VPN traffic can only be differentiated by interface
on PE, which means PE shall has exactly the same VPN interfaces as much as the VPN
MVCE supports.(which is the same as ordinary PE supports L3 VPN configuration.)
62
A CE with MVCE features actually simulates multiple CE. Each virtual CE is separated
from each other and is able to be accessed to multiple VPN users. PE wont perceive
whether it is multiple CE or one MVCE. Thus PE doesnt need any expansion.
If dynamic routing protocol is run between MVCE and PE, the routing protocol needs to
support multiple instances. PE and MVCE exchange routing information via standard
EBGP, OSPF, RIP or static route.
Static route and RIP are both standard protocols. But each VRF runs different instances
without interference to each other. If static route is configured, it will be ok if it supports
VRF.
3.2.30 L2PT
In QinQ VPN mode, if VPN uses locating at different places want to initiate their L2
protocol for example, STP, LACP, ZDP, they need to use core network to transfer these
L2 protocol messages transparently, and these messages with preserved MAC address
for bridge can not process transparent transmission normally. L2PT Layer 2 Protocol
Tunnel) solves this problem, so it is widely used to transfer user network L2 protocol
message in QinQ VPN.
L2PT networking is as shown in the following figure.
Transportation PDU: Encapsulated protocol message, for example ZDP, STP and
LACP, etc.
63
Figure 3-16
L2PT Networking
of being forwarded is either discarded or sent up for protocol processing, which will
cause several blocked STP domains in customer network as per different locations, so
that the entire customer VPN can not run an integrated STP topology. L2PT transfer
BPDU message transparently in VPN, which helps customers to supply the gap.
The received L2 protocol messages will be encapsulated at the transportation port of
edge switch, then broadcast the encapsulated messages. Initiate remote transportation
switch port to encapsulate these messages.
The message encapsulation and decapsulation can be done by changing message MAC
address.
64
between the port sent message and the monitoring port, and if the port with loop is clear.
When loops are found in the network, ZXR10 5900E will shut down the port with loops
and send warnings (trap) to user.
3.2.32 IPFIX
IPFIX (IP Flow Information export) is a standard protocol issued by IETF for network flow
information measurement. This protocol is mainly known for unified IP data flow statistics
and output standard. To output date completely IPFIX default uses 7 key domains to
indicate each data flow: source IP address, destination IP address, TCP/UDP source
port, TCP/UDP destination port, type of L3 protocol, type-of-service protocol byte and
input logical interface.
these IP message will be considered as the same data flow. By recording features of
network flow for example traffic duration and average length of message, the network
administrator can understand the existing network operation, and implement network
optimization, security check and traffic billing according to this information.
IPFIX defined format is based upon Cisco Netflow Version 9 data output format, which
enables IP flow to be transferred from one exporter to collector. ZXR10 5900E can be the
exporter responsible for gathering and saving the special data flow crossing the switch. It
counts byte and packet for every received packet and save this statistical information to
memory for regular collection by Collector. ZXR10 5900E is able to record 2000 pieces of
outgoing data and 2000 pieces of incoming data flow.
3.2.33.1
Provide BITS external clock input/output interface. It realizes 1-line external output
interface and 1-line input interface
65
Support GPS interface service and provide 1PPS +TOD signal. Realize 1-line GPS
input and 1-line GPS output.
Support the delivery of SSM information. As per SSM information, the clock unit
realizes clock synchronization in the entire network. It supports automatic
high-priority clock selection and avoids the formation of ring on a regular basis.
3.2.33.2
3.2.33.3
66
3.2.33.4
TC, OC and BC
67
System Architecture
4.1
68
management port, 1 Console port and 2 alarm ports. Each line card supports 8-port GE
optical or electrical port.
The sub-cards for expanded slots of ZXR10 5900E models have four patterns: 4-port GE
SFP optical sub-card, 4-port GE electrical sub-card, 2-port 10G SFP+ optical sub-card
4-port 10G SFP+ optical sub-card.
Figure 4-1
Figure 4-2
Figure 4-3
Figure 4-4
Figure 4-5
The Front Panel of ZXR10 5928E with Clock Synchronization Interface Card
69
4.2
Hardware Architecture
ZXR10 5900E series product is composed of control module, switching module, interface
module, power supply module, and monitoring module. ZXR10 5928E also supports
clock module and external GPS module.
1.
Control module. Control module is composed of main processor and some external
functional chips, realizing the processing of various applications. Providing serial
interface for external management configuration, it implements data operation and
maintenance.
2.
3.
4.
Power supply module. Power supply module supports 1+1 backup and hot
swapping. Adopting 220V AC power supply or -48V DC power supply.5900E series
supports power supply consumption monitoring. It can monitor the consumption of
the whole device by certain software.5916E,5928E and 5928E-FI support dual-input
DC power supply unit. It permits two-port DC input on one DC power supply uint to
guarantee the reliability of power supply.
5.
Monitoring module.3-port dry contact signal input and 5-port dry contact signal
output.
70
Figure 4-6
4.2.1
71
Figure 4-7
Switch
Console interface
CPU system
MGT
interface
BOOTROM
10/100/1000M interface signal
The control module is composed of the main processor and some external application
chips. It provides external operation interfaces, for example, serial ports and Ethernet
ports, by which the system can process all kinds of applications. The main processor is a
high-performance CPU processor, which performs the following functions:
The switch module is designed with a dedicated Switch chip, which is integrated with
multiple Gigabit and Gigabit bi-directional interfaces, allowing it to process wire-speed
switching of multiple ports. The Switch chip provides the following functions:
72
1.
2.
3.
Supporting priority queuing, where frames can be dropped selectively when the
CoS queue is in congestion
4.
4.2.1.1
Interface
Console Port
Management terminal performs operations and maintenance on ZXR10 5900E
through Console port. It is connected with COM port on management terminal by
serial cable. One end of the serial cable connecting ZXR10 5900E is RJ45 plug,
and the other end of the cable is DB9 female plug, connected to management
terminal.
Management Interface
Management terminal can perform operations and maintenance on ZXR10 5900E
through management interface, which supports 100Base-TX.
Table 4-1
Assistant Interface
External Alarm Interface
Parameter
Support 5-port external
Remarks
RJ45
RJ45
interface
Network Management
Interface
management interface
RJ45
73
Main control card of ZXR10 5916E and ZXR10 5928E supports 1000 Base-T and
100Base-TX on CAT5. The characteristics are as shown in the following table:
Table 4-2
ZXR10 5900E
Port type
Features
Conforming the following standards:
1000BASE-T IEEE 802.3u
RJ45 plug
100/1000Base-T
4.2.1.2
Indicator
There are 14 indicators on front panel of ZXR10 5916E, where 12 indicators are port
status indicators. There are 1 system indicators SYS/ALM and 1 management interface
indicator MNG.
There are 26 indicators on front panel of ZXR10 5928E and 5928E-FI,where 24
indicators are port status indicators. There are 1 system indicators SYS/ALM and 1
management interface indicator MNG.
There are 19 indicators on front panel of ZXR10 5952E, where 16 indicators are port
status indicators. There are 2 system indicators SYS/ALM and FAN and 1 management
interface indicator MNG. Each of the four user-side line card has 8 port indicators.
Functions of ZXR10 5900E system indicators are shown in the following table:
Table 4-3
Indicators
SYS/ALM
74
Off
Green
Red
Green indicator
Red indicator
The equipment is
flashes: the
flashes: error
power off
equipment works
occurs to the
well
equipment
Indicators
Off
Green
Red
No connection
link
Green indicator
flashes: active
FAN
Green indicator
flashes: all fans
work well
Red indicator
flashes: error
occurs to one or
more fans
There is a MODE button on the front panel of ZXR105900E. M_button function provides
some display function of key statistics data and indicator function of key event by using
panel indicator, which makes it convenient to maintain our equipment. M_button function
mainly includes the following modes:
1.
LINK mode (LINK): in this mode, port indicator displays LINK/ACT state of port. If
port is in link state, the green indicator is on. If there is traffic, green indicator is
flashing. If port is not in link state, the indicator is off.
2.
SPD mode (SPD): in this mode, port indicator displays the current speed of port. If
port speed is the same as port default speed, green indicator is on. If not, yellow
indicator is on.
3.
DUP mode (DUP): in this mode, port indicator displays duplex state. If port is in
full-duplex state, green indicator is on. If port is in half-duplex state, yellow indicator
is on.
4.
STAT mode (STAT): in this mode, port indicator displays STP state. If port STP
state is Forward, green indicator is on. If port STP state is Disable, green indicator is
off. If its other state, yellow indicator is on.
5.
CPU utilization ratio mode (CPU%): in this mode, port indicator displays the current
CPU utilization ratio. 5916E uses the indicator of port 1~12 to view, each port
indicates 8%.5928E and 5928E-FI use the indicator of port 1~20 to view, each port
indicates 5%. 5952E uses the indicator of port 1~16 on MP board to view, each port
indicates 6.25%.
75
6.
Memory utilization ratio mode (MEM%): in this mode, port indicator displays the
current memory utilization ratio. 5916E use the indicator of port 1~12 to view, each
port indicates 8%.5928E and 5928E-FI use the indicator of port 1~20 to view, each
port indicates 5%. 5952E uses the indicator of port 1~16 on MP board to view, each
port indicates 6.25%.
7.
Uplink port outbound bandwidth occupation rate mode (BW%): in this mode, port
indicator displays current uplink port outbound bandwidth occupation rate, take the
uplink port current speed as baseline. 5916E use the indicator of port 1~12 to view,
each port indicates 8%.5928E and 5928E-FI use the indicator of port 1~20 to view,
each port indicates 5%. 5952E uses the indicator of port 1~16 on MP board to view,
each port indicates 6.25%.
8.
Uplink port inbound bandwidth occupation rate mode (BW%): in this mode, port
indicator displays current uplink port inbound bandwidth occupation rate, taking the
uplink port current speed as baseline. 5916E use the indicator of port 1~12 to view,
each port indicates 8%. 5928E and 5928E-FI use the indicator of port 1~20 to view,
each port indicates 5%. 5952E uses the indicator of port 1~16 on MP board to view,
each port indicates 6.25%.
9.
PING network management center mode (PING): in this mode, use the first 5 port
indicators to view. Equipment will send 5 ICMP packets to network management
center, for each ICMP packet, if receive the correct reply, the corresponding
indicator will turn green, if not, turn yellow.
10. CRC port display mode (CRC): in this mode, port indicator displays CRC error. If
port has CRC error frame statistics, green indicator is on. Otherwise green indicator
is off.
11. STORM port display mode (STORM): in this mode, port indicator displays storm
port. If port is storm port, green indicator is on. Otherwise green indicator is off.
12. NoMAC port display mode (NoMAC): in this mode, port indicator displays if MAC is
learned. If port does not learn MAC, green indicator is on. Otherwise green indicator
is off.
76
4.2.2
Interface Module
ZXR10 5900E supports 4-port gigabit Ethernet optical/electrical interface card, 4-port
10G Ethernet optical interface card, and 8-port GE Ethernet optical/electrical interface
card. GE Ethernet interface card support optical/electrical adaptive interface. All optical
interfaces use swappable optical modules, so one line card can support multiple sorts of
transmission media and distance. This decreases the number of extra line card in
different situations, and helps operator to get maximum profit from minimum investment.
ZXR10 5928E supports synchronous clock module, providing Ethernet synchronous
clock feature.
The interface cards ZXR10 5900E supports are shown in table 4.
Table 4-4
Interface Card
Description
Type
Remarks
Fit 5916E, 5928E,
GE Interface
Not support
Card
hot-swappable service.
Fit 5952E only. No
8-Port GE Electrical Interface Card
support hot-swappable
service.
Fit 5952E only. No
support hot-swappable
service.
77
Interface Card
Description
Type
Remarks
Fit 5916E, 5928E,
10GE Interface
hot-swappable service.
Card
Clock
Synchronization
Interface Card
4.2.3
Power Module
ZXR10 5900E supports dual power supply modules. Two modules support AC-DC power
supply and DC-DC power supply respectively. They both support 1+1 hot backup input
through the front panel. It supports hot swapping service. A power supply module adopts
220V input.
5916E,5928E and 5928E-FI support dual-input DC power supply unit. It permits two-port
DC input on one DC power supply unit to guarantee the reliability of power supply.
5900E series supports power supply consumption monitoring. It can monitor the
consumption of the whole device by certain software.
4.2.4
Clock Module
ZXR10 5928E supports clock module, plugging in the second power supply slot of 5928E.
The clock module has the following functions:
78
1.
2.
3.
4.
5.
6.
7.
Provides external 1-port BITS IN, 1-port BITS OUT, 1-port GPS input (PPS&TOD IN)
and 1-port GPS output (PPS & TOD OUT).
There are 6 indicators on the clock module panel, which are BTIS IN, BITS OUT,
PPS&TOD IN green and yellow, and PPS&TOD OUT green and yellow.The front panel
of clock module is shown as follows:
Figure 4-8
4.3
Software Architecture
ZXR10 5900E series products are multi-layer switches with L2 switching and L3 routing
capabilities and support for multiple functions, providing L2/3 wire speed switching and
routing and QoS assurance. The system software performs management, control, and
data forwarding. Its basic operations include system start, configuration management,
running of protocols, maintenance of tables, setting switch chips, and status control, as
well as software forwarding of some special packets. The system software must
implement the following functions:
79
Allowing users to perform network management via the serial terminal, Telnet, or
SNMP Manager, including network configuration management, fault management,
performance management and security management.
Smooth upgrade of the software version, and on-line upgrade of the active/standby
protocol processing cards and switching network cards.
Based on the system functions mentioned above, the system software could be
divided into five subsystems.
Operation support subsystem, including software modules such as BSP, ROS, SSP,
and VxWorks kernel
MUX subsystem, including the data distribution module, statistics and monitoring
module, and driving and encapsulation module. The data distribution module
distributes data packets to the driver and upper-layer software. The statistics and
monitoring module measures data, forwards information, and monitors the software
table.
L3 subsystem, which implements basic protocols of TCP/IP, such as IP, ARP, ICMP,
TCP, and UDP, and application protocols such as FTP and Telnet, and implements
unicast and multicast routing protocols, performing L3 data forwarding.
80
NM and operation & maintenance subsystem, which implements the Agent function of
the SNMP network management, supports command line management, provides
operation & maintenance interfaces, and provides MIB information.
4.3.1
Figure 4-9
81
4.3.2
MUX Subsystem
The MUX subsystem exchanges information with the driver and the upper-layer software,
and measures and monitors the software table of the switch chip. The MUX subsystem
mainly performs data distribution and measurement and monitoring. After the MUX layer
receives the data packets from the driving module, it forwards the packets by type
according to the ETHER TYPES fields in the MAC frames. The data distribution of the
MUX also includes the encapsulation of the data sending function of the driver, to provide
the modules on the upper layer with a new data sending function for invocation. When
the modules on the upper layer have data packets or protocol packets to send, they can
invoke the data sending function provided by the MUX. The measurement and
monitoring function measures the status of the driver layer, physical layer and MUX layer,
measures the packets received/sent, monitors the access to the register, and performs
the sniffer operations to the data packets, providing the OAM module with the interface
function.
4.3.3
L2 Subsystem
The L2 subsystem performs configuration management (management layer) on the data
link layer, protocol processing on L2 (control layer), and data forwarding (data layer or
service layer). The function modules are illustrated as follow:
Figure 4-10
82
4.3.4
L3 Subsystem
By software layer, the L3 subsystem consists of the service control layer and
data-forwarding layer. Where, the service control layer is composed of the TCP/IP and IP
forwarding support subsystem. The TCP/IP consists of the support protocols and routing
protocols. The support protocols are the basic protocols in the Ipv4 protocol suite,
providing services to the dynamic routing protocols, while acting as the entities of
network management and system monitoring. As the service provider for the upper-layer
application entities on the whole router system, support protocols consist of IP, ARP,
ICMP, IGMP, TCP, UDP and Telnet protocol entities. Routing protocols are used to
generate dynamic routes, and they consist of unicast routing protocols such as RIP,
OSPF, and BGP, and multicast routing protocols such as IGMP, PIM-SM, MSDP and
MBGP, and they provide related upper-layer protocols such as LDP, VRRP, and RSVP.
The IP forwarding and support subsystem is responsible for deletion and modification of
the forwarding table and the related strategies, and establishment and maintenance of
indexes, and data interaction between the CPU and switch chip. The IP data forwarding
layer inputs, forwards and outputs the data of the strategies, rules and routing tables
created by the switch chip according to the IP service control layer.
Figure 4-11
83
4.3.5
4.3.6
ZXROS Platform
ZXROS is a multitask-based distributed real-time network operating system, providing
unified IP protocol supported by all devices from ZTE. ZXROS offers a mature and
steady architecture, and has been extensively used by lots of carriers.
With
reinforcement and extension on the basis of the original platform, the existing platform in
terms of users service requirements give more consideration on users OPEX, CAPEX,
service scalability and implementation.
Sound Encapsulation
The configurations of all products are in the same style, which makes user easy to
operate and maintain.
Monitor the working status of power supply module, fan, voltage, current, and
working temperature.
Provide fast failure location to guarantee high reliability of the product version.
All service module based upon ZXROS can be added or uninstalled easily;
new services can be developed based upon the original architecture.
Based upon users demands, provide flexible on-demand service and fast
respond to users requirements.
84
Table 4-5
L2 Protocol Standard
L2 Protocol Standard
EEE 802.1s
IEEE 802.3ah
Protocol)
Provider Backbone B
IEEE
Table 4-6
RFC 791 IP
RFC2349TFTPTimeoutIntervaland
TransferSize option
Internet Protocol
draft-ietf-bfd-mib-00.txt Bidirectional
Forwarding Detection Management
Information Base
draft-ietf-bfd-base-02.txt Bidirectional
Forwarding Detection
85
Table 4-7
Table 4-8
Table 4-9
Advertisement
Internet
BGP Sessions
via MD5
draft-ietf-idr-rfc2796bis-02.txt
draft-ietf-idr-rfc2858bis-09.txt
BGP4
draft-ietf-idr-rfc3065bis-05.txt
Networks (VPNs)
Attribute
BGP
86
Table 4-10
ISIS Standard
ISIS Standard
in TCP/IP&dual environments
for
System (IS-IS)
Point-to-Point
Adjacencies
RFC 3567 Intermediate System to
Cryptographic Authentication
Intermediate System(IS-IS)
RFC 3719 recommendations for
Intermediate
Engineering (TE)
Interoperable IP Networks
helper
(SRLG) TLV
draft-ietf-isis-igp-p2p-over-lan-05.txt
Table 4-11
VRRP Standard
VRRP Standard
Protocol
Redundancy Protocol
Table 4-12
LDP Standard
LDP Standard
draft-jork-ldp-igp-sync-03
Table 4-13
Multicast Standard
Multicast Standard
87
Multicast Standard
RFC 1112 Host Extensions for IP
Multicasting(Snooping)
Protocol
Multicast-Sparse Mode(PIM-SM)
Protocol Version3
Protocol (MSDP)
Discovery Protocol(MSDP)
RFC 4601 Protocol Independent
Multicast-Sparse Mode(PIM-SM)
forSource-Specific Multicast
IP
Table 4-14
draft-ietf-pim-sm-bsr-06.txt
draft-ietf-mboned-msdp-mib-01.txt
Identification Codes
RFC 2597 Assured Forwarding PHB
Group (rev3260)
Identification Codes
Table 4-15
PPP Standard
PPP Standard
Protocol(MP)
88
Table 4-16
DHCP Standard
DHCP Standard
Protocol(REV)
Table 4-17
Management Information
functions
RFC1901, Introduction to
Community-based SNMPv2
89
Protocol
Process Model
GB909Generic Requirements for
Telecommunications Management
Building Blocks
Operations Map
V1.5
Ensemble V1.0
Agreement
Specification V1.0
Ensemble V1.0
of TMN
model of TMN
90
draft-ietf-mpls-ldp-mib-07.txt
draft-ietf-disman-alarm-mib-04.txt
draft-ietf-ospf-mib-update-04.txt
draft-ietf-isis-wg-mib-05.txt
draft-ietf-mpls-lsr-mib-06.txt
draft-ietf-mpls-te-mib-04.txt
91
Technical Specifications
5.1
Physical Indices
Table 5-1
Physical Parameters
Physical Parameter
Size(HWD)
Weight (Full
43.6mm442mm
220mm
5952E
88.1mm442mm220mm
ZXR10 5928E4.8kg
Configuration, including
two power supply modules
and
5916E/5928E/5928E-FI
subcards)
ZXR10 5928E-FI4.8kg
10kg
ZXR10 5916E4.8kg
ZXR10 5928E:
The minimum:<43w
The maximum:<63w
ZXR10 5928E-FI:
Power Consumption
The minimum:<35w
The maximum:<64w
The minimum:<53w
The maximum:<122w
ZXR10 5916E:
The minimum:<38w
The maximum:<55w
Working Temperature
Storage Temperature
-4070
Working Humidity
Anti-lightening
Power supply
Anti-Seismic
Reliability
EMC:
FCC Part 15 (CFR 47) Class A
EN55022 Class A
92
Physical Parameter
5916E/5928E/5928E-FI
5952E
5.2
Capacity
See the table named Basic Performance.
5.3
Performance
Table 5-2
Basic Performance
5916E104G
5928E/5928E-FI :128G
Packet forwarding
capability
5916E:77M
MAC address
table
L2 Features
5916E/5928E/5928E-FI
5952E
176G
131M
32K
VLAN number
4K
L2 multicast table
1K
VLAN translation
Ingress:8K,Egres:8K
L3 multicast table
4K
Label stacking
L3 Features
MPLS
Numbers of
lables(whole
8K
chassis shared)
93
5916E/5928E/5928E-FI
5952E
Maximum quantity
of public network
4k
label
Maximum quantity
of private network
4k
label
LDP FRR
switchover time
Ingress ACL rule
number
Egress ACL rule
number
QoS
50ms-200ms
4K
512
CAR granularity
64 kbit/s
COS queue
number
Cos Queue for
48
CPU
VRF quantity
1022
VRF quantity
1K
PW quantity
1K
Combined number
of public route and
12K
private route
MPLS
L2VPN/L3VPN
Number of
48
MP-BGP
Inter AS L3VPN
supported
Number of MPLS
TE tunnel
Extension
94
LDP
64
64
MD
Ethernet
LMEP
256
OAM
RMEP
2K
CC delivery
3.3ms/10ms/100ms/1s/10s
5916E/5928E/5928E-FI
5952E
frequency
5.4
Power
See the table 5-1.
5.5
Working Environment
See the table 5-1.
5.6
Environmental Classes
See the table 5-1.
5.7
Reliability
Table 5-3
Reliability
Item
Description
Support non-stop upgrade
Support VBRP protocol, support multiple backups
configuration, support backup priority setting, support
VRRP switching authentication, support priority
Reliability
replacement mode
Support ZESR(ESRP+) Ethernet ring protection
Support ZESS dual-homing protection
Support ECMP
95
6.1
6.1.1
Between NetNumen U31 NMS and ZXR10 5900E series equipment, inband
management and outband management networking modes can be used.
96
Inband Management
The advantage of inband management is that flexible networking does not ask for
extra investment.
Outband Management
By using outband management, the breakup of the service channel will not prevent
the network management station to do equipment management, so that the
transport of network information becomes more reliable. But the independent
network is limited by the geographic reasons and requires extra investment.
6.1.2
97
Failure management is the most important and commonly used method in users
network operating maintenance. Via failure management, user can arrange
information search, real-time monitoring, failure filtering, failure location, failure
confirmation, failure deletion, and failure analysis for ZXR10 5900E series device.
Besides, NetNumen U31 system also provides voice prompt, graphic warning
display, and informs user the failure by sending Email and messages via warning
system, Email system, SMS system, which simplifies users daily maintenance.
Via performance
management, user can implement load, traffic direction and interface load collection,
get timely service quality report and give prompt evaluations and adjustment on
entire network resource configuration.
98
maintenance interfaces for network and equipment. User utilizes view management
to know the operating status and warning status of the equipment. And also, it
supports fast navigation to other management systems.
including
equipment
management,
interface
management,
VLAN
QoS
file
management,
management;
software
Also
it
upgrade
supports
management,
many
and
customer-friendly
it
offers
default
configuration models
to
corresponding management.
99
6.2
6.2.1
SSHSecure Shell
100
6.2.2
There are indicators on power supply module, fan, MSC and all LICs. They show
the operating status of these components;
The MSC switchover and hot swappable records are kept for future reference;
When the fan, power supply or temperature goes wrong, the voice warning and
software warning will be generated;
The system operation automatically monitors the module temperature, and provides
temperature control warning and software warning;
The system monitors the operating status of the software, when abnormity happens,
the LIC will be restarted and MSC switchover will be implemented as well.
101
Via CLI, user can check the basic information of all MSC, LIC, and optical modules;
6.2.3
Debugging: rich debug commands are provided for each software feature. Every
debug command supports multiple debugging parameters, so it can be controlled
flexibly.
processing and error inspection of the service in the course of operation can be
displayed;
Mirroring image service: it supports interface-based mirroring image, via which the
incoming, outgoing or bidirectional packets are replicated to the observed interface.
6.2.4
Software Upgrad
ZXR10 5900E provides software upgrade modes in both normal and abnormal
conditions.
Upgrade when the system is abnormal: Provide software upgrade when the
equipment can not be initiated normally. Via modifying boot initation mode, load
new software version from the management Ethernet interface to complete initiation
upgrade;
102
Upgrade when the system is normal: Provide local or remote FTP online upgrade
when the equipment is in normal condition.
6.2.5
the extension name of .zar is a particular compressed file. The version upgrade
actually is the change of the software version file in this category.
CFG: This category is used to save configuration file whose name is startrun.dat;
DATA: This category is used to save abnormal information of the equipment. The
file name format is
YYYY-MM-DD HH-mm-SS.zte .
File backup and recovery: By using FTP/TFTP, the backup of software version file,
configuration file and log of ZXR10 5900E series equipment can be save to the
background server. Or the backup file can be restored from the background server;
File import and export: support the import/export of the file, after that, FTP/TFTP will
replicate the file to the background host.
103
Networking
7.1
7.1.1
104
Figure 7-1
7.1.2
IPTV
Figure 7-2
105
As one of the key technologies of ZTE IPTV system architecture, controllable multicast is
mainly implemented at broadband access network side. The device implementing
multicast control policy (BRAS,DSLAM or switch) is called multicast controlling point. As
the terminating point of user multicast IGMP request, multicast controlling point decides
whether to duplicate multicast traffic to user port based on corresponding IGMP request
and control policy. The nearer multicast controlling point gets to the user, the more
network bandwidth can be saved. As a key device implementing multicast control policy,
multicast control point needs to support the following features: IGMP V1/V2, IGMP
Snooping, IGMP Filter, IGMP Proxy, IGMP Fast leave, MVRMulticast VLAN Register,
SGRStatic Group Register, UGACUser Group Access Control, and UGARUser
Group Access Record. User demanding authorities are controlled by rules and channel
binding.
As shown in Figure, multicast controlling point is configured on aggregation device
ZXR10 5900E. It can establish multicast forwarding table items based on IGMP packets
to implement user access control configuration so as to implement preview, play control
of the channel and to implement IPTV demands of the users.
106
7.1.3
ESRP
Figure 7-3
ESRPEthernet Smart Ring Protocolis based on ITU G.8032 protocol.It checks whether
the loop is connected to make sure that there is only one logically connected path
between any two points on the ring. It re-set port status (block or forward) based on loop
changes (connected-blocked; blocked-connected) to make logic path switch quickly.
Show as figure above, to enhance the network reliability, ESRP is deployed in the middle
of access/aggregation layer. When a device on the ring fails, forwarding will not be
impacted. The secondary port will be unblocked to implement reverse data forwarding. At
the same time MAC table item is notified to get updated to guarantee non-interrupted
services.
7.1.4
ZESS
Protecting the uplink links of access/aggregation layer device is a problem that users
keep focusing on. Traditional technologies can only implement dual uplink links
107
protection of a single device with single point error on uplinking device. To meet the
practical networking needs, ZTE develops more advanced ZESS.
The application of ZXR10 5900E in ZESS is shown in Figure:
Figure 7-4
ZXR10 5900E supports ZESS uplink link protection. It can implement single device dual
uplink networking such as ZESS domain4 and ZESS domain5. It can implement square
connection of two devices and the upper layer NPE such as ZESS domain1. It can also
implement crossing connection of two devices and upper layer NPE such as ZESS
domain2 and ZESS domain3.
ZXR10 5900E ZESS supports main/standby and load sharing mode. In main/standby
mode, the standby link doesnt carry traffic in normal situation. In load balancing mode,
two uplink links can carry part of traffic respectively so as to implement load balancing.
108
7.2
7.2.1
Figure 7-5
MAN Application
Internet
IP Backbone Layer
IP Core Layer
Aggregation Layer
5900E
3900E
Access Layer
2900E
DSLAM
7.2.2
109
Figure 7-6
Internet
IP Backbone Layer
IP Core Layer
Aggregation Layer
5900E
3900E
Access Layer
2900E
DSLAM
110
Glossary
Abbreviations
Full Characteristics
MLD
PIM-SM
PIM-DM
RIP
ARP
ACL
BFD
FRR
Fast Re-route
OSPF
IS-IS
BGP
ISATAP
COS
Class of Service
TOS
Type of Service
BRAS
DSLAM
SSH
Secure Shell
VRRP
RED
DSCP
MPLS
PE
CE
RMON
Remote Monitor
SNMP
DHCP
ESRP
ERSPAN
Mode
111
Abbreviations
112
Full Characteristics
OAM
QoS
Quality of Service
ZESS
IGMP
PVLAN
Private VLAN
PUPV
PSPV
STP
RSTP
LACP
BPDU
DVMRP
MAC
DCN
VPN
TFTP
GPS
TOD
time of day
IPFIX
UDLD
LLDP
SSM
BMC
PTP
L2TP
VCT
VRF
LDP
BITS
CFM
MA
Maintenance Association
Abbreviations
Full Characteristics
MP
Maintenance Point
MD
Maintenance Domains
LTM
LinkTrace Messages
LBM
LoopBack. Messages
LTR
LinkTrace Reply
LBR
LoopBack Reply
IEEE
RADIUS
113