Beruflich Dokumente
Kultur Dokumente
Multi-Service Convergence
Router
Product Description
Version: B
Code: MN000001305
March 2013
Thank you for choosing our products.
Related Documentation
Document Description
I
Document Description
II
Version
Version Description
A Initial version.
B Adds the SCUR2 card.
Intended Readers
u Commissioning engineers
u Ethernet technology
III
Conventions
Terminology Conventions
Terminology Convention
IV
Symbol Conventions
Cascading
→ Connects multi-level menu options.
menu
Bi-directional
↔ The service signal is bi-directional.
service
Unidirectional
→ The service signal is unidirectional.
service
V
Contents
Preface...................................................................................................................I
Version ..........................................................................................................III
Conventions ................................................................................................. IV
1 Overview .....................................................................................................1-1
2 Function ......................................................................................................2-1
3 Feature........................................................................................................3-1
3.1 QoS...............................................................................................3-2
3.2 OAM..............................................................................................3-4
4.2 RIP................................................................................................4-2
4.5 BGPv4.........................................................................................4-11
5.2.1 Cabinet............................................................................5-4
5.2.2 PDP ................................................................................5-7
5.2.3 Fiber Passage Unit ..........................................................5-8
5.2.4 Subrack...........................................................................5-9
5.2.5 Overview of Card ...........................................................5-10
5.2.6 The RCUO1 Card ..........................................................5-13
5.2.7 The SCUR1 Card...........................................................5-14
5.2.8 The XSR1 / XSR2 Card .................................................5-15
5.2.9 The XGR1 Card .............................................................5-16
5.2.10 The GSR1 Card .............................................................5-17
5.2.11 The ESJ1 / ESJ2 / ESR1 Card .......................................5-17
5.2.12 The E1J2 Card ..............................................................5-19
5.2.13 The S1J2 / S1J4 Card....................................................5-20
5.2.14 The AIFJ1 / AIFJ2 Card..................................................5-20
8.1.1 ACL.................................................................................8-2
8.1.2 Traffic Policing .................................................................8-2
8.1.3 Attack Defense ................................................................8-3
9 Technical Specification.................................................................................9-1
Architecture
Network Application
Version: B 1-1
CiTRANS R860 Multi-Service Convergence Router Product Description
1.1 Architecture
1.1.1 Overview
Data service networks are in the development and transformation stage. With the
trend of the IP telecommunication services, the transport network based services
have changed from TDM (Time Division Multiplex) predomination to IP
predomination. And new types of services emerging in the transmission network
have a higher demand for diversity in data types.
1.1.2 Characteristics
4 The CiTRANS R860 provides rich Layer 2 services, such as Layer 2 VLAN,
selective QinQ (double VLAN tags: 802.1Q In 802.1Q), and QinQ
termination.
1-2 Version: B
1 Overview
4 The CiTRANS R860 provides rich IPv6 / IPv4 unicast, multicast, and
routing protocols, as well as comprehensive MPLS / MPLS TE support.
4 The CiTRANS R860 provides mature VPN services and complete QoS
capability and supports L2VPN and L3VPN services.
4 1+1 hot standby protection for the RCUO1 card, SCUR1 card, and power
card.
4 Dual-homing Protection
4 IP FRR protection
4 VRRP protection
4 The CiTRANS R860 supports ACLs based on the forwarding plane and
control plane.
Version: B 1-3
CiTRANS R860 Multi-Service Convergence Router Product Description
4 The CiTRANS R860 provides rich routing protocol functions, such as RIP,
OSPF, IS-IS, BGP-4, and multicast routing protocols and the fast
convergence function.
4 The CiTRANS R860 implements full-duplex forwarding at the FE, GE, and
10GE interfaces and integrates the features of Ethernet switches to
support switching on the Ethernet.
The CiTRANS R860 supports IPv6 and can quickly implement unpredictable
services in the future to help users improve competitiveness.
Compared with the SDH, the IP-based CiTRANS R860 has the inherent
statistical multiplexing capability and provides connection-oriented flexible
bearer channels with high efficiency, which greatly reduces the transmission
cost per bit.
1-4 Version: B
1 Overview
The following describes the product positioning and network mode of the CiTRANS
R860.
The CiTRANS R860 focuses on the distribution layer or core layer of the multi-
service metropolitan area network and mobile backhaul network. Together with the
CiTRANS R845 and the CiTRANS R865, the constitutes a network from the access
layer to the distribution layer and forms an IP network solution with a complete
structure and a clear hierarchy to meet the all-service access requirements of
carriers.
The CiTRANS R860 provides access and bearer services for BTSs, which can
connect to the CiTRANS R860 through the E1 interface or FE interface.
The CiTRANS R860 carries TDM mobile services between the BTS and BSC (Base
Station Controller) through the circuit emulation technology, carries Ethernet mobile
services through the MPLS technology, and implements such functions as high-
level QoS for mobile services, protective recovery, time synchronization and clock
synchronization for the bearer network, and end-to-end service configuration and
management.
The CiTRANS R860 focuses on the distribution layer and core layer of the
metropolitan area network and connects to SR devices upstream and to access-
layer devices (for example, the CiTRANS R845) downstream. It aggregates
services to the data backbone network.
Version: B 1-5
CiTRANS R860 Multi-Service Convergence Router Product Description
In addition to the preceding applications, the CiTRANS R860 supports the Long
Term Evolution (LTE), which is the next version of mobile network evolution.
Compared with 2G and 3G networks, LTE networks have the following advantages:
u The flattened network structure achieves high throughput and low latency.
The CiTRANS R860's application in the LTE service is shown in Figure 1-2. As the
relay and convergence node, the eNodeB provides the functions of the NodeB and
most functions (including the physical layer, scheduling, access control, bearer
control, and access mobility management) of the radio network controller (RNC).
Original backbone networks are integrated and simplified as mobility management
entities (MMEs) and signal gateways (SGWs). The LTE network structure is
optimized and more reliable.
1-6 Version: B
1 Overview
Version: B 1-7
2 Function
Interface Type
Protection Capability
Version: B 2-1
CiTRANS R860 Multi-Service Convergence Router Product Description
The core of the CiTRANS R860 is routing and switching. Table 2-1 shows the
routing and switching capability of the CiTRANS R860.
The following describes the service types and access capability of the CiTRANS
R860.
The CiTRANS R860 supports L2VPN and L3VPN services, as shown in Table 2-2.
E-Line
E-LAN
L2VPN services
E-Tree
E-CES
L3VPN services MPLS L3VPN
The CiTRANS R860 supports Ethernet services and CES services. Table 2-3
shows the service types supported by the and the processing capability.
Service
Service Type Card Access Capability (Number of Channels)
Category
2-2 Version: B
2 Function
Service
Service Type Card Access Capability (Number of Channels)
Category
The CiTRANS R860 provides external interfaces such as service interfaces and
management and auxiliary interfaces.
Version: B 2-3
CiTRANS R860 Multi-Service Convergence Router Product Description
The CiTRANS R860 provides a wide variety of management and auxiliary interfaces,
as shown in Table 2-5.
Alarm
ALM interface Alarm output interface
interface
DB-9
Local monitoring interface, which
f interface
connects to the LCT
Control interface for external events
(temperatures and alarms), which
CTR interface
Auxiliary connects to the user's environment
interface monitoring equipment
ETH1, ETH2,
Interfaces 1, 2, 3, and 4 of the control
ETH3 and ETH4
plane
interfaces
Used for clock synchronization
External CKIO1 interface
(frequency and phase synchronization).
clock and CKIO2 DB-9
The input and output of clock signals use
interface interface
interfaces 1 and 2.
Used for time synchronization. The input
TOD1 interface
External time and output of time signals use interfaces
and TOD2 RJ-45
interface 1 and 2, which can receive 1PPS & TOD
interface
time signals.
2-4 Version: B
2 Function
Accessed power supply (the AIFJ1, AIFJ2 cards) 1+1 hot standby
Two RCUO1 cards of the CiTRANS R860 are recommended for the to achieve hot
standby. When the active card fails, its services are switched over to the standby
card, thereby implementing the 1+1 protection. In addition, the GR protection of the
routing protocol is configured; when the RCUO1 card performs the active / standby
switching or rebooting operations due to the software upgrade or equipment faults,
the forwarding of services will not be interrupted.
Two SCUR1 / SCUR2 cards of the CiTRANS R860 are recommended for the to
achieve hot standby. When the active card fails, its services are switched over to the
standby card, thereby implementing the 1+1 protection.
The AIFJ1 and AIFJ2 cards of the CiTRANS R860 are recommended for the for
inputting the -48 V power supply to achieve hot standby.
Version: B 2-5
CiTRANS R860 Multi-Service Convergence Router Product Description
2-6 Version: B
2 Function
The CiTRANS R860 supports logging in the OTNM2000 in the PPPoE (Point to
Point Protocol over Ethernet) mode.
Version: B 2-7
CiTRANS R860 Multi-Service Convergence Router Product Description
The CiTRANS R860 supports multiple DCN construction modes and isolation of the
management communication network and the signaling communication network,
and implements both in-band and out-of-band DCN network modes.
The in-band DCN network mode is flexible and requires no additional equipment.
u 10GE interface
u GE interface
u FE interface
u STM-1 interface
2-8 Version: B
2 Function
Figure 2-1 shows the in-band DCN network for the CiTRANS R860.
In the out-of-band DCN network mode, the network management center can set up
a DCN with the managed equipment in multiple modes. The CiTRANS R860
supports the following out-of-band DCN network modes:
u E1 private line
u Ethernet
Figure 2-2 shows the out-of-band DCN network for the CiTRANS R860.
Version: B 2-9
CiTRANS R860 Multi-Service Convergence Router Product Description
2-10 Version: B
2 Function
The CiTRANS R860 performs the card self-booting function. When the RCUO1 card
of the CiTRANS R860 is present and works properly and a new card is inserted, the
system detects information about the new card, such as the network block and NE
to which the new card belongs and the card name. Then, the system reports the
detected information to the OTNM2000, prompts the user to confirm the information,
and stores the information to the database. This simplifies the management and
configuration procedures and facilitates commissioning for project startup and
subsequent maintenance.
The CiTRANS R860 supports remote upgrade of the field programmable gate array
(FPGA) and business manager unit (BMU) of each card from a computer at the
remote end, which facilitates project startup and maintenance and meets system
upgrade requirements in the future.
The CiTRANS R860 provides two channels of -48 V power input, monitors the
power supply status and the temperature inside the cabinet through the RCUO1
card, and controls the fan system based on the configured temperature threshold.
The CiTRANS R860 monitors the equipment room environment in real time and
reports the data via the external monitoring interface of the AIFJ1 card.
The fan unit of the CiTRANS R860 can work in intelligent mode or manual mode.
Version: B 2-11
CiTRANS R860 Multi-Service Convergence Router Product Description
Introduction
u Intelligent mode: The fan unit automatically adjusts the rotational speed of the
fan based on the temperature reported by each card of the CiTRANS R860.
u Manual mode: The fan unit operates based on the rotational speed set by the
NMS. Speed options are full speed, fast speed, slow speed, and low speed in
the manual mode.
Warning:
Implementation
The fan unit is started in soft-start mode to reduce the impact of fan startup on the
CiTRANS R860. In intelligent mode, after the fan is started, the fan operates at the
medium speed before being controlled by the routing and control card.
u After controlling the fan, the routing and control card regularly collects the
temperature information reported by each card of the CiTRANS R860 and
compares the collected temperature information with the fan speed adjustment
parameter of each card to determine the speed for fan operations.
u The fan unit controls the fan to operate in the required speed based on the
speed information sent by the routing and control card, thereby ensuring
cooling of the CiTRANS R860.
u When the fan is faulty, the fan unit sends fault information to the routing and
control card and reports a fan fault alarm to the NMS.
2-12 Version: B
3 Feature
The CiTRANS R860 provides the following features to ensure service transmission
quality and efficiency:
QoS
OAM
Clock Feature
VPN Feature
Version: B 3-1
CiTRANS R860 Multi-Service Convergence Router Product Description
3.1 QoS
The following describes the basic concepts of QoS and the QoS features of the
CiTRANS R860.
QoS (Quality of Service) refers to the performance when data flows pass a network.
QoS is defined for the purpose of guaranteeing E2E service quality for users.
QoS cannot increase the bandwidth. However, it can minimize the delay and jitter
on a network and ensure the quality of principal services by properly allocating
network resources and monitoring the resource usage.
u Delay: duration from the time when a packet is sent to the time when the packet
is received.
u Jitter: deviation of time when packets are received. The packets are sent along
the same route.
The CiTRANS R860 supports multiplayer bandwidth control policies for uplink and
downlink traffic.
3-2 Version: B
3 Feature
During data forwarding, the CiTRANS R860 maps user priorities and VC priorities
carried in received packets to PHBs, and PHBs in forwarded packets to pseudo wire
(PW) or label switched path (LSP) priorities.
The CiTRANS R860 supports setting PHBs for virtual service ports of L2VPNs and
L3VPNs, physical ports, and logical ports. An existing mapping table (mapping
between PHBs and PW priorities) can be used. Also, a PHB service level can be
specified.
When network congestion occurs, the CiTRANS R860 employs certain queue
buffering management policies to preferentially ensure the QoS of services with
high priorities.
The CiTRANS R860 supports two types of queue buffering management policies.
u Tail drop
4 When the number of packets stored in a buffer does not exceed the
threshold specified by START, the system does not discard packets.
4 When the number of packets stored in the buffer exceeds the threshold
specified by END, all packets are discarded.
4 When the number of packets stored in the buffer is between the START
and the END, all packets face a probability of being dropped based on an
average-queue-length function.
Version: B 3-3
CiTRANS R860 Multi-Service Convergence Router Product Description
Queue Scheduling
When congestion occurs, the CiTRANS R860 employs different queue scheduling
policies to guarantee the QoS of services with high priorities.
The CiTRANS R860 supports the following two queue scheduling modes.
u SP (Strict Priority)
Packets are scheduled fairly based on the weights of queues. Queues with
higher priorities are assigned higher weights and therefore occupy more
bandwidth. Similarly, queues with lower priorities are assigned lower weights
and therefore occupy less bandwidth.
3.2 OAM
Table 3-1 lists the applicable OAM standards of the CiTRANS R860 at different
network layers.
3-4 Version: B
3 Feature
u Checks for network faults periodically and generates related maintenance and
alarm information.
Access link OAM is a type of E2E OAM function specific for services. It can check
the quality of an Ethernet link that passes multiple NEs.
MPLS-TP OAM
MPLS-TP OAM can detect and identify defects on an MPLS-TP network, thereby
finishing performance monitoring for the network.
A switchover is triggered based on the detected status. This implements quick fault
detection and service switchover and therefore ensuring carrier-class QoS over
packet switched networks.
MPLS-TP OAM complies with the GACh+Y.1731 standard. This mechanism can
implement features with abundant service overheads as SDH networks do,
automatic multilayer fault detection, protection switchover, performance monitoring,
and fault identification, thereby implementing multilayer OAM monitoring.
Version: B 3-5
CiTRANS R860 Multi-Service Convergence Router Product Description
Ethernet OAM
Ethernet OAM is a mechanism for monitoring network problems and works at the
data link layer. In the Ethernet OAM mechanism, devices periodically exchange
OAM PDUs to report network status so that the network administrator can
effectively manage the network.
Ethernet OAM complies with the 802.1ag standard and supports both proactive fault
management and on-demand fault management. It can implement functions on the
Ethernet, including connectivity check, loopback detection, message tracing,
alerting, channel maintenance, and remote fault notification.
BFD
BFD is a simple Hello protocol. It resembles the neighbor detection part of a routing
protocol. In BFD, the two devices of a channel periodically exchange detection
packets. If either device does not receive a detection packet within the specified
time, the channel is faulty.
Compared with SDH networks that provide powerful OAM functions, traditional
packet switched networks provide weak management and maintenance functions.
Therefore, it is difficult for traditional packet switched networks to offer E2E service
management, fault detection, and performance monitoring. CiTRANS R860The
provides the functions of traditional IP routers and incorporates partial advantages
of MPLS, thereby offering multilayer OAM functions.
u Multilayer OAM function: The provides a maximum of eight MEG layers (0 to 7).
Each layer performs OAM functions independently to accommodate different
network deployment policies.
3-6 Version: B
3 Feature
Version: B 3-7
CiTRANS R860 Multi-Service Convergence Router Product Description
BFD sets up a session between two routers to monitor the bidirectional forwarding
path between the routers. BFD does not have a discovery mechanism. An upper-
layer protocol of the service detects and finds BFD of the objects for session setup.
After a session is set up, if a system does not receive a BFD control packet from the
peer system within the detection duration, BFD determines that a fault occurs and
notifies the served upper-layer protocol, which performs corresponding processing.
The BFD operating mode can be active mode or passive mode before session
setup. During session initialization, at least one of the communicating parties must
operate in active mode to ensure that a session can be set up.
u Active mode: A system sends BFD control packets before a session is set up
regardless of whether it receives BFD control packets from the system at the
peer end.
u Passive mode: A system does not send BFD control packets before a session
is set up until it receives BFD control packets from the system at the peer end.
The BFD operating mode can be asynchronization mode or query mode after
session setup.
u Query mode: Assume that each system has a method for confirming that it
successfully connects to other systems. The system stops sending BFD control
packets when a BFD session is set up.
BFD Application
3-8 Version: B
3 Feature
u BFD for PW
The CiTRANS R860 supports extraction of clock information from the following
transmission links:
u E1 interface
u FE interface
u STM-1 interface
The CiTRANS R860 supports two channels of external clock source input and
output, can use clock interfaces of 75Ω and 120Ω, and provides stratum 3 clock
sources of 2048 kHz / 2048 kbit/s (HDB3) coding externally.
The CiTRANS R860 supports the clock working modes of locked, holdover and
free-running and can process and transmit Synchronization Status Messages
(SSMs).
Version: B 3-9
CiTRANS R860 Multi-Service Convergence Router Product Description
u Two clock modes. The clock mode can be configured for each port as required.
u Time synchronization indicates that the internal clock and time of a device are
controlled based on the received time. Time synchronization controls both clock
frequency and phase and represents clock phase with a value, that is, time of
the day (ToD).
3-10 Version: B
3 Feature
Figure 3-1 shows the difference between time synchronization and clock
synchronization.
u Electronic clocks 1 and 2 maintain a constant time difference, for example, one
hour. This status is called clock synchronization.
Note:
The consistency of time difference between electronic clocks 1 and 2
cannot be maintained if electronic clocks 1 and 2 have different
frequencies. Therefore, clock synchronization is the prerequisite for time
synchronization.
Version: B 3-11
CiTRANS R860 Multi-Service Convergence Router Product Description
u The PHY chip of the equipment (Node B) at the receive end extracts the clock
from the data code stream without deteriorating the clock precision, ensuring
precise clock synchronization with the source end.
3-12 Version: B
3 Feature
The synchronous Ethernet technology is mature and easy to implement and hardly
affected by network damages. The clock synchronization quality approximates to
that of SDH. The architecture of the synchronous Ethernet technology is similar to
that of the SDH solution. It is applicable to network frequency synchronization.
IEEE 1588v2 enables the most precise time on a distributed network to keep
synchronous with other time. IEEE 1588v2 defines a Precision Time Protocol (PTP)
to implement submicrosecond-level synchronization for clocks of sensors,
performers, and other terminals on standard Ethernets or distributed bus systems
that use multicast technologies. In IEEE 1588, four types of packets, that is, Sync,
Follow_up, Delay-Req, and Delay-Resp, are used for time alignment and delay
compensation.
Version: B 3-13
CiTRANS R860 Multi-Service Convergence Router Product Description
3-14 Version: B
3 Feature
Assume that TDelay(m->s) = TDelay(s->m) = TDelay. The formula for calculating the delay
between the master and slave ports is as follows:
The master and slave ports send PTP packets continuously. The slave port
synchronizes its time with TDelay so that its time is synchronous with that of the
master port.
Version: B 3-15
CiTRANS R860 Multi-Service Convergence Router Product Description
The following describes the internal clock unit and time and clock synchronization
capability of the CiTRANS R860.
The internal system clock unit of the CiTRANS R860 is embedded into the SCUR1
card and provides clock reference for the entire system.
The clock unit complies with the ITU-T G.8261 standard. The clock unit can provide
a system clock in compliance with the G.8262 standard for synchronous Ethernet
devices. It supports multiple types of clock references and provide stratum-3 clocks.
In this way, the CiTRANS R860 can apply to different environments and support
flexible networking.
u Provides stable clock frame positioning pulse and multiframe positioning pulse.
u Provides 2048 kHz and 2048 kbit/s (HDB3) stratum-3 clock sources.
u Provides the mutual locking function for cards and supports smooth clock
switchover.
3-16 Version: B
3 Feature
The CiTRANS R860 supports extraction of clock information from the following
transmission links:
u E1 interfaces
u FE interfaces
u GE interfaces
u STM-1 interfaces
The CiTRANS R860 two channels of external input and output clock sources. 75-
ohm or 120-ohm clock interface can be used. The two external input and output
clock sources work in 1+1 protection mode.
Provides 2048 kHz and 2048 kbit/s (HDB3) stratum-3 clock sources.
The CiTRANS R860 supports three working modes for processing and transmitting
SSM information: locked, holdover, and free-running. The system can process SSM
information of a maximum of 52 directions.
The CiTRANS R860 supports Ethernet time synchronization in accordance with the
IEEE 1588v2 protocol. IEEE 1588v2 is a time synchronization protocol and can
implement time synchronization precise to nanosecond, meeting the requirements
of 3G BTSs.
u Two clock modes. The clock mode can be configured for each port as required.
Version: B 3-17
CiTRANS R860 Multi-Service Convergence Router Product Description
3.3.4 Reference
The following describes the reference standards for time and clock synchronization
of the CiTRANS R860.
For details about time and clock synchronization, refer to related standards listed in
Table 3-2.
The control of jitter and wander within digital networks which are based
G.823
on the 2048 kbit/s hierarchy
3-18 Version: B
3 Feature
u Virtual: Users on a VPN communicate with each other on the public network,
which is also used by non-VPN users. The VPN is a logical private network.
This public network is called the VPN backbone.
The existing IP network can be divided into logically isolated networks based on
these characteristics. This type of logically isolated network (VPN) can be widely
used. A logically isolated network can be used for internal interconnection within an
enterprise or between departments. It can also be used to provide new services. For
example, a VPN can be assigned for the IP telephony service to address problems
such as IP address shortage, QoS guarantee, and new value-added service
provisioning.
Version: B 3-19
CiTRANS R860 Multi-Service Convergence Router Product Description
3.4.2.1 L2VPN
L2VPN includes the Virtual Pseudo Wire Service (VPWS) and the Virtual Private
LAN Service (VPLS).
VPWS
VPLS
In VPLS, LANs are interconnected over virtual private network segments. It is the
extension of LANs on the IP public network.
VPLS is also called transparent LAN service. Unlike the P2P service of common
L2VPNs, VPLS enables SPs to provide Ethernet-based P2MP services over the
MPLS backbone.
On the VPLS backbone, full-mesh connection and horizontal split are used to
eliminate loops. Unknown unicast and multicast frames may be discarded, locally
processed, or broadcast. VPLS extends the application of VLANs across the
country or even the world.
3-20 Version: B
3 Feature
3.4.2.2 L3VPN
L3VPN is also called virtual private routing network (VPRN). L3VPN differs from
other types of VPNs in that VPRN packets are forwarded at the network layer. The
VPN node on the public network needs to establish a dedicated routing forwarding
table for each VPN. The routing forwarding table contains routing information about
the network layer. Data flows are forwarded between the VPN node on the public
network and user sites based on the dedicated routing forwarding table.
The boundary router of the carrier exchanges routing information with the client
router so that routers on the carrier network can detect routing information about the
user network. The boundary router can exchange routing information with the client
router over a static route, or over dynamic routing protocols such as RIP, OSPF, IS-
IS, and BGP.
Version: B 3-21
CiTRANS R860 Multi-Service Convergence Router Product Description
As shown in Figure 3-5, the equipment set directly connected to the user is called
the UPE (User-end PE); the inside-network equipment set connected to the UPE is
called the SPE (Service Provider-end PE). Multiple UPEs and SPEs form the
hierarchical PE, and conduct the functions of a traditional PE.
u UPE
4 The UPE maintains the routes of the VPN site connected directly with the
UPE itself, but does not maintain the routes of other remote sites in the
VPN, or it only maintains their aggregation routes.
4 The UPE allocates the inner labels for the routes of the sites directly with
itself, and sends these labels to the SPE via the MP-BGP together with the
VPN routes.
4 The route capacity and forwarding capability of the UPE is low, but its
access capability is strong.
u SPE
4 The SPE completes the management and distribution of the VPN routes.
3-22 Version: B
3 Feature
4 The SPE maintains all routes of the VPN connected with the UPE,
including the routes of the local and remote sites. The SPE distributes the
route information to the UPE, together with the label.
4 The route information distributed by the SPE can be the default route (or
aggregation route) of the VPN instance or the route information related to
the routing policy. Via the latter, the users can control of the access
between sites in the same VPN.
4 The SPE has the following features: the routing table with a large capacity,
a strong forwarding capability, but it supports little interface resources.
u SPE-UPE
4 The MP-BGP (Multiprotocol Extensions for BGP-4) runs between the SPE
and the UPE. It can be MP-IBGP or MP-EBGP, depending on whether the
UPE and the SPE belong to the same AS.
4 When the MP-IBGP is used, to notify the route between the IBGP peer
body, the SPE acts as the route reflector, and distributes the VPN routes
from the IBGP peer body to the IBGP peer body SPE. But the SPE does
not act as the route reflector of other PEs.
3.4.3 Reference
Refer to standards in Table 3-3 for more information about the VPN.
Version: B 3-23
CiTRANS R860 Multi-Service Convergence Router Product Description
draft-kompella-ppvpn-l2vpn-
Layer 2 VPNs Over Tunnels
04
Table 3-4 Applicable EMC / EMI Standards and Protocols of the CiTRANS R860
Standard / Protocol
Title
Number
Electromagnetic compatibility and Radio spectrum Matters (ERM);
ETSI EN 300 386 Telecommunication network equipment; Electromagnetic
Compatibility (EMC) requirements
3-24 Version: B
3 Feature
Table 3-4 Applicable EMC / EMI Standards and Protocols of the (Continued)
Standard / Protocol
Title
Number
Information technology equipment - Immunity characteristics - Limits
CISPR 24
and methods of measurement
Resistibility of telecommunication equipment installed in a
ITU-T K.20
telecommunications centre to overvoltages and overcurrents
The applicable safety standards of the CiTRANS R860 are shown in Table 3-5.
Version: B 3-25
4 Dynamic Routing
The CiTRANS R860 supports a wide range of routing protocols to meet different
network requirements. The following describes the routing protocols that the
CiTRANS R860 supports.
Overview
RIP
OSPF Protocol
IS-IS Protocol
BGPv4
RSVP
LDP
Version: B 4-1
CiTRANS R860 Multi-Service Convergence Router Product Description
4.1 Overview
The CiTRANS R860 supports the following routing protocols and functions:
u IPv6 routing protocols: RIP Next Generation (RIPng), OSPFv3, IS-ISv6, and
MP-BGP.
4.2 RIP
Basic Concept
The Routing Information Protocol (RIP) is used to transmit routing information. Each
router broadcasts its routing table at 30-second intervals to maintain location
information about neighboring routers. Also, each router calculates the routing table
based on received routing information.
4-2 Version: B
4 Dynamic Routing
u RIP supports horizontal split and poison reverse to avoid routing loops.
References
OSPF is an IGP defined by the IETF (Internet Engineering Task Force). It is one of
the most commonly used routing protocols.
There are two OSPF versions: OSPFv1 (RFC 1131) and OSPFv2 (RFC 2328).
OSPF uses the link state route selection technology and the SPF algorithm. Routers
exchange information about direct links and links to other routers. Each OSPF
router maintains the same database that describes the topology of the AS. Each
OSPF router constructs an SPT to calculate the routing table based on the
database.
When the topology changes, OSPF quickly recalculates routes and only a small
amount of routing protocol traffic is generated. Identity authentication is required for
exchanging route selection protocols.
u The Hello protocol checks whether links are available and specifies the DR and
BDR.
u The switching protocol specifies the master and slave routers and enables the
routers to exchange the information in their respective routing database.
Version: B 4-3
CiTRANS R860 Multi-Service Convergence Router Product Description
u Triggers route convergence in a very short time to avoid routing loops and
therefore applies to mesh networks and LANs that are connected using
bridges.
Route Calculation
The core of OSPF is the SPF (Shortest Path First) algorithm. OSPF generates the
minimum spanning tree using the Dijkstra algorithm.
1. Each router advertises its LSA that describes its own link state information.
3. Each router calculates an SPT based on the costs of links, with itself as the root
node.
4. Each router obtains the route entries based on the minimum spanning tree and
generates a routing table.
Packet Structure
4-4 Version: B
4 Dynamic Routing
u Hello packet
Version: B 4-5
CiTRANS R860 Multi-Service Convergence Router Product Description
4 This type of packet is used by a router to request details about LSAs that it
does not have or about outdated LSAs during the process of exchanging
LSDB description packets.
4 This type of packet is used to flood LSAs and respond to received link
state updates. If a flooded LSA is not acknowledged, the link state update
packet is retransmitted at 5-second intervals by default.
Typical Application
Figure 4-2 shows a typical AS established over OSPF. The AS is divided into three
areas, which are respectively numbered 0, 1, and 2. The router in an area maintains
an LSDB of states of links between routers within this area. The router at the border
of two areas maintains the LSDBs of both areas and sends LSA-Update messages
between the two areas. The router at the border of the AS is responsible for
exchanging routing information between the AS and external systems.
4-6 Version: B
4 Dynamic Routing
References
Version: B 4-7
CiTRANS R860 Multi-Service Convergence Router Product Description
u Level-1 router
u Level-2 router
u Level-1-2 router
A level-1-2 router is both a level-1 router and a level-2 router. Each area has at
least one level-1-2 router. An area connects to the backbone through the level-
1-2 router. A level-1-2 router maintains two LSDBs: a level-1 LSDB for intra-
area routing and a level-2 LSDB for inter-area routing.
A router is uniquely identified by a system ID. Routers in the same area have the
same area ID. If a router belongs to multiple areas, it may have different area IDs
but the same system ID.
Packet Structure
IS-IS packets are encapsulated into frames at the data link layer. There are three
types of IS-IS packets.
u Hello packet
4-8 Version: B
4 Dynamic Routing
Hello packets are used for establishing and maintaining neighbor relationships.
On a broadcast LAN, level-1 routers send level-1 LAN Hello packets, and level-
2 routers send level-2 LAN Hello packets. On a non-broadcast network, routers
send P2P Hello packets.
LSPs are used for exchanging link state information. There are two types of
LSPs: level-1 LSP and level-2 LSP. Level-2 LSPs are sent by level-2 routers
and level-1 LSPs are sent by level-1 routers. A level-1-2 router can send both
level-1 and level-2 LSPs.
SNPs are used for acknowledging the LSP latest received by neighbors. There
are two types of SNPs: complete SNPs (CSNPs) and partial SNPs (PSNPs).
SNPs can be further classified into level-1 CSNPs, level-2 CSNPs, level-1
PSNPs, and level-2 PSNPs.
4 A PSNP contains only the sequence numbers of the recently received one
or more LSPs. Multiple LSPs can be acknowledged through one PSNP.
When a router finds that its LSDB is not synchronized with that of its
neighbor, it can send a PSNP to request new LSPs from its neighbor.
4 A CSNP contains the summary information about all LSPs in an LSDB and
therefore can be sent to synchronize LSDBs between neighboring routers.
On a broadcast network, the DIS periodically sends CSNPs at 10-second
intervals by default. On a P2P channel, a CSNP is sent only when the two
points establish a neighbor relationship for the first time.
Version: B 4-9
CiTRANS R860 Multi-Service Convergence Router Product Description
Typical Application
Figure 4-3shows an AS set up over IS-IS. The AS is divided into four parts. NEs
within an AS and in different ASs communicate with each other over dynamic
routing protocols. Routes within an area are managed by a level-1 router, and routes
between areas are managed by a level-2 router. A router is uniquely identified by a
system ID.
References
4-10 Version: B
4 Dynamic Routing
4.5 BGPv4
Basic Concept
BGP is an exterior gateway protocol. Different from IGPs such as OSPF and RIP,
which focus on discovering and calculating routes, BGP focuses on controlling route
transmission and optimal route selection.
The earliest released three BGP versions are BGPv1 (RFC1105), BGPv2
(RFC1163), and BGPv3 (RFC1267). The currently used version is BGPv4
(RFC4271).
Note:
The ISO defines BGP to maintain the individual interests of ISPs. BGP is
responsible for route transmission among ISPs.
Only qualified personnel that are familiar with the network structure can configure
BGP; otherwise, unexpected consequences may be resulted.
Version: B 4-11
CiTRANS R860 Multi-Service Convergence Router Product Description
Protocol Packets
u Open packet: Open packets are used for establishing initial BGP connections,
including the hold time and router ID.
u Update packet: BGP peers exchange routing information about the network
layer by sending Update packets. Update packets carry reachable and
unreachable routes, as well as routing attributes.
Usage Guidelines
u When there are multiple routes, the BGP speaker chooses the optimal route.
u The BGP speaker advertises only its currently used route to its peers.
u The BGP speaker does not advertises the routes obtained from IBGPs to its
IBGP peers to avoid intra-domain routes.
u The BGP speaker determines whether to advertise the routes obtained from
IBGPs to its EBGP peers based on the synchronization conditions between
IGP and BGP.
u After establishing a connection with a new peer, the BGP speaker advertises all
its BGP routes to the peer.
4-12 Version: B
4 Dynamic Routing
BGP ECMP
The CiTRANS R860 supports BGP ECMP (Equal-Cost Multi-Path), the ECMP
being used for load balancing. When multiple links in the network can reach the
same destination address, the system will work out the corresponding multiple route
entries, and add them in the routing table. When the fault of a neighbor node leads
to the failure of the path, the BGP ECMP can be used to switch the corresponding
service traffic to other paths.
The CiTRANS R860 supports the BGP next-hop separation. This means separating
the VPN routing table according to the remote next hop of the VPN route. The
divides the original VPN routing table into two parts: the remote next hop and the
connected route of the remote next hop. This reduces the route iteration caused by
the public network faults, so as to lower the route convergence time.
Typical Application
As shown in Figure 4-4, the BGP is an IBGP (Internal BGP) when running within an
AS, and is an EBGP (External BGP) when running between ASs.
Version: B 4-13
CiTRANS R860 Multi-Service Convergence Router Product Description
Reference Standard
RFC 4456 BGP Route Reflection:An Alternative to Full Mesh Internal BGP (IBGP)
4-14 Version: B
4 Dynamic Routing
The IETF customizes RIP specific for IPv6 networks, that is, RIPng, with the
advantages of RIP inherited. RIPng provides routing functions on IPv6 networks
and is an important routing technology for IPv6 networks.
RIPng resembles RIP in the working mechanism. Compared with RIP, RIPng has
the following differences:
u Packet
The length, format, and transmission method of RIPng packets are different
from those of RIPv2.
u Security authentication
RIP can run on both IP and IPX networks whereas RIPng can run only on IPv6
networks.
OSPFv3
The IETF customizes OSPFv2 specific for IPv6 networks, that is, OSPFv3, with the
advantages of OSPFv2 inherited. OSPFv3 provides routing functions on IPv6
networks and is a mainstream routing technology for IPv6 networks.
OSPFv3 is improved so that it can run on IPv6 networks and guide IPv6 packet
forwarding. In this way, OSPFv3 can run independent of network-layer protocols. It
can be compatible with various protocols after being customized and this enhances
the scalability of OSPFv3.
Version: B 4-15
CiTRANS R860 Multi-Service Convergence Router Product Description
IS-IS provides strong scalability. It can discover and generate IPv6 routes to support
IPv6 network-layer protocols. The IS-IS protocol that supports IPv6 is also called the
IS-ISv6 dynamic routing protocol.
IS-ISv6 can process IPv6 routing information. Compared with IS-IS, IS-ISv6 has the
following differences:
u Code-length-value (CLV)
u Extended Hello packets for supporting IPv6 routing and establishing IPv6
adjacencies
4 An 8-bit NLPID is added to the protocol support CLV. Its value is 0x81,
indicating that the current router supports IS-ISv6.
4-16 Version: B
4 Dynamic Routing
MP-BGP
Traditional BGP manages only IPv4 routing information and does not support
applications that use other network-layer protocols such as IPv6 and multicast
protocols. It has restrictions when transmitting routing information across ASs.
The IETF extends BGP to Multiprotocol Extensions for BGPv4 (MP-BGP) that
supports more network-layer protocols. MP-BGP is defined in RFC 2858.
MP-BGP is forward compatible. That is, routers that support MP-BGP can interwork
with routers that do not support MP-BGP.
References
RFC 2545 Use of BGP-4 Multiprotocol Extensions for IPv6 Inter-Domain Routing
4.7 RSVP
Basic Concept
RSVP is a signaling protocol that runs at the network layer. It allows any router to
establish a reserved-bandwidth path. It ensures the QoS (Quality of Service) for
data flows on a network. Dynamic tunnels are established over RSVP.
Version: B 4-17
CiTRANS R860 Multi-Service Convergence Router Product Description
u Supports priority setting. Different priorities can be set for requests. When
network resources are insufficient, resource requests with higher priorities can
preempt the resources reserved for resource requests with lower priorities.
References
4.8 LDP
Basic Concept
As a control protocol in MPLS, the LDP classifies FECs, distributes labels, transmits
label distribution results, and sets up and maintains LSPs. Dynamic tunnels and
VCs are set up over LDP.
LDP defines the messages required during label distribution and related processing
processes. It is mainly used by LSRs to negotiate label distribution and set up LSPs.
LSRs combine the inbound label, next-hop node, and outbound label that map a
specific FEC to form an LSP that crosses the entire MPLS domain.
References
4-18 Version: B
5 Product Architecture
The following introduces the product architecture of the CiTRANS R860, and
includes these contents.
Logical Structure
Hardware Structure
Software Architecture
Version: B 5-1
CiTRANS R860 Multi-Service Convergence Router Product Description
The service processing module contains the routing forwarding core and interface
cards.
The access signals are processed by the routing forwarding chip, with a switching
capacity of 320 Gbit/s.
5-2 Version: B
5 Product Architecture
The routing control module is responsible for the communication among cards by
using the internal system bus. The routing control module supports cascading of
cards and supports varied routing protocols. In addition, it provides functions
including overhead information transmission, card information management, and
card self-booting.
The clock and time control module supports physical-layer clock synchronization
and time synchronization complying with IEEE 1588 or 802.1as. The details are as
follows:
u Supports time synchronization. The module receives time signals through the
external time interface. It provides synchronous time to system modules and
time signal output.
The heat dissipation module cools and dissipates heat for the system. It consists of
fan units and the intelligent fan control software. The functions are described as
follows:
Version: B 5-3
CiTRANS R860 Multi-Service Convergence Router Product Description
u It changes the fan speed to full speed, high speed, or low speed, and stops
fans.
u The fan unit has three fans. Each fan works independently and serves as the
hot standby for each other. When a fan stops due to a fault, other fans increase
their speed to ensure that the CiTRANS R860 runs properly.
Power Module
5.2.1 Cabinet
The following describes the appearance and equipment layout of the cabinet.
5.2.1.1 Appearance
5-4 Version: B
5 Product Architecture
Figure 5-3 shows the layout of the hardware components of the CiTRANS R860.
Version: B 5-5
CiTRANS R860 Multi-Service Convergence Router Product Description
Cabinets in different dimensions can house different numbers of subracks. Keep the
following rules when working out a layout plan:
Table 5-1 lists the subrack quantities for cabinets with different dimensions.
5-6 Version: B
5 Product Architecture
5.2.2 PDP
5.2.2.1 Appearance
The PDP is located on the top of the cabinet and its appearance is shown in
Figure 5-4.
Version: B 5-7
CiTRANS R860 Multi-Service Convergence Router Product Description
5.2.2.2 Function
The PDP connects and distributes external power supplies and processes alarm
signals. It connects external power supplies to the system and distributes power to
other components. It also receives alarm signals from other components in the
cabinet and displays and outputs the alarm signals.
The CiTRANS R860 uses a 2x3 -48 V / 40 A PDP. The PDP provides the following
functions:
u The PDP inducts two channels of DC -48 V power (active and standby) from
the external (e.g. the power cabinet) and provides six branch power rails (active
and standby) for the three subracks.
u Performs the alarm input and output function: The PDP collects the alarm
information from corresponding equipment in the cabinet, provides audible and
visual alarm display of the alarm signals, and outputs the alarm signals to the
higher-level equipment (such as the head of row cabinet).
The fiber passage unit of CiTRANS R860 is installed above the subrack for
arranging the power cable, the signal wire and the optical fibers in the upper part of
the subrack.
The fiber passage unit is composed of the wire binding rail and the fiber guide slot,
as shown in Figure 5-5. The wire binding rail is used for arranging the power cable
and signal wire of the subrack and the fiber guide slot is used for arranging the
optical fibers in the upper part of the subrack.
5-8 Version: B
5 Product Architecture
5.2.4 Subrack
5.2.4.1 Function
Subracks are used to contain cards. Cards exchange signals with the backplane
through subracks.
The cabinet of the CiTRANS R860 has 32 slots for cards, half in the upper subrack
and half in the lower subrack. Figure 5-6 shows the slot layout.
Version: B 5-9
CiTRANS R860 Multi-Service Convergence Router Product Description
The CiTRANS R860 cards are classified into two types according to their
appearance and dimensions.
5-10 Version: B
5 Product Architecture
Item Card
Card appearance
Version: B 5-11
CiTRANS R860 Multi-Service Convergence Router Product Description
Figure 5-7 shows the positions of cards of the CiTRANS R860. For more information,
see the descriptions of each card.
5-12 Version: B
5 Product Architecture
The following descries the number and functions of the RCUO1 card.
2.200.854
5.2.6.2 Function
u Connects the -48 V power from the AIFJ1 / AIFJ2 card and converts the -48 V
power into the 3.3 V or 1.5 V power.
Version: B 5-13
CiTRANS R860 Multi-Service Convergence Router Product Description
u Provides GE channels for transmitting SCC and MCC information to the active
and standby SCUR1 cards respectively, and shows the connection status
through indicator LEDs on the panel.
u Supports fan alarm detection, intelligent fans, and fan temperature and power
reporting.
The following describes the number and functions of the SCUR1 card.
5.2.7.2 Function
u Works with the RCUO1 card to implement tunnel 1:1 protection, LAG protection,
IP FRR, VPN FRR, MPLS TE FRR, LDP FRR, and VRRP protections.
u Supports OAM at four layers: link layer, VP layer, VC layer, and Ethernet
service layer.
u Uses the 1+1 protection mode and supports the SCUR1 / SCUR2 card's
automatic active / standby switchover or switchover performed by the network
management system.
5-14 Version: B
5 Product Architecture
u Provides the 25.00 MHz system clock (a single TTL) and 8 kHz frame timing
clock for cards.
u Supports the One-step, OC, BC, and BMC functions defined in IEEE 1588v2,
and synchronization of time from the XGE or GE interface.
The following describes the number and functions of the XSR1 / XSR2 card.
5.2.8.2 Function
Version: B 5-15
CiTRANS R860 Multi-Service Convergence Router Product Description
The following descries the number and functions of the XGR1 card.
2.200.766
5.2.9.2 Function
u Supports collecting performance indicators such as the card power and alarms.
5-16 Version: B
5 Product Architecture
The following describes the number and functions of the GSR1 card.
2.200.843
5.2.10.2 Function
The following describes the number and functions of the ESJ1 / ESJ2 / ESR1 card.
2.115.322
2.115.355
2.200.846
Version: B 5-17
CiTRANS R860 Multi-Service Convergence Router Product Description
5.2.11.2 Function
5-18 Version: B
5 Product Architecture
The following descries the number and functions of the E1J2 card.
5.2.12.2 Function
u Transmits data with low delay, meeting the real-time service requirements.
u Supports hot-insertion.
Version: B 5-19
CiTRANS R860 Multi-Service Convergence Router Product Description
The following describes the number and functions of the S1J2 / S1J4 card.
5.2.13.2 Function
u The S1J2 card provides two STM-1 optical interfaces and emulates a maximum
of 126 E1 service circuits.
u The S1J4 card provides eight STM-1 optical interfaces and emulates a
maximum of 504 E1 service circuits.
The following describes the number and functions of the AIFJ1 / AIFJ2 card.
5.2.14.2 Function
u Inputs the -48V power supply, the current of which is less than 40 A.
5-20 Version: B
5 Product Architecture
u Provides the clock interface CKIO, time interface TOD, alarm connector ALM,
and monitoring connector MON, and connects Ethernet signals.
u Provides power and auxiliary card 1 (AIFJ1) and power and auxiliary card 2
(AIFJ2) in the active / standby mode. The two cards are isolated from each
other.
The software of the CiTRANS R860 includes communication protocols and interface,
BMU, NMU, and network management software.
5.3.1 Overview
The CiTRANS R860 uses a modularized software architecture. Its software consists
of the BMU, EMU, and OTNM2000, which respectively run on the functional cards,
the RCUO1 card, and network management host. The components work with each
other to perform configuration, management, and monitoring for the . The system
software architecture is shown in Figure 5-8.
Version: B 5-21
CiTRANS R860 Multi-Service Convergence Router Product Description
The communication protocols and interfaces of the software modules of the are
described as follows:
4 The OTNM2000 communicates with the EMU through the Q interface. The
Q interface runs the FiberHome proprietary communication protocol.
u NEs (EMUs) communicate with each other over the ESC, which is a physical
channel. The compliant communication protocol is IP.
u The EMU communicates with the BMU over the LAN. The compliant
communication protocol is IP.
5-22 Version: B
5 Product Architecture
5.3.3 BMU
The BMU is embedded into each card to exert direct control on all functional circuits.
The BMU can be used by the RCUO1 card to manage cards. The functions of the
BMU are described as follows:
u Applies to the RCUO1 card for configuration when the card is powered on, and
initializes the card based on the configuration so that the card can work as
expected after power-on.
5.3.4 NMU
The NMU runs in an embedded multitask OS. The NMU manages all cards of NEs
through a unified Ethernet bus based on the manager / agent model.
The management / agent application functional module contains the manager (M)
and agent (A). At the NE layer, the management card (RCUO1) of an NE can
be designated as the agent (A) or manager / agent (M/A). The M/A is an agent
with the management function.
4 A: collects and processes the performance and alarm / fault and status
data of each BMU of the local NE. Also, it receives and responds to
commands and operations related to the local NE sent from the manager.
Version: B 5-23
CiTRANS R860 Multi-Service Convergence Router Product Description
u Real-time OS
The OTNM2000 is developed based on Windows 2000 Server and consists of the
data collection module, data processing module, graphical user interface (GUI)
module, and database. The software architecture is shown in Figure 5-9.
5-24 Version: B
5 Product Architecture
u The data collection module collects the alarm and performance data of
managed objects. The data processing module analyzes and processes the
collected data and then stores the data in the database. The OTNM2000
supports SQL Database and Informix Database.
Version: B 5-25
6 Service and Network
The following details the service types provided by the CiTRANS R860 and the
network for each type of service. It covers these topics:
Ethernet Service
CES Service
Radio Service
Network Capability
Version: B 6-1
CiTRANS R860 Multi-Service Convergence Router Product Description
The CiTRANS R860 supports multiple types of Ethernet services and provides a
complete L2VPN solution.
A VPN is a virtual private network that the carrier provides to a customer on its
public network. Telecommunication carriers can provide carrier-class networks with
high performance and low costs for customers by establishing VPNs over its public
network. This is a good solution for carriers to gain profits. However, traditional
VPNs are incompetent in ensuring VPN scalability, security, management,
maintenance, QoS guarantee, and traffic engineering, and therefore cannot fully
meet customer requirements.
u E-Line service
u E-LAN service
u E-Tree service
Introduction
In the E-Line service, the Ethernet is used to replace the original private line service.
The E-Line service is a P2P service. In the E-Line service, packets of certain ports
or certain packets of a port on the user side are forwarded to ports on the network
side, and packets received from the network side are forwarded to ports on the user
side and other ports on the network side.
6-2 Version: B
6 Service and Network
u EVP-Line service: Services are multiplexed on the port of the network side.
Features
u Different services are isolated, but they can choose to share (EVP-Line) or
monopolize (EP-Line) the bandwidth.
Example
Figure 6-1 shows an example of the E-Line service provided by the CiTRANS R860.
Company X has two branches deployed in cities A and C, company Y has two
branches deployed in cities B and C, and company Z has two branches deployed in
cities A and B. The branches of each of the three companies need to exchange data.
The CiTRANS R860 can provide the E-Line service for the three companies.
Service data of different companies is labeled with different VPWS tags for isolation
purposes.
Version: B 6-3
CiTRANS R860 Multi-Service Convergence Router Product Description
Introduction
In scenarios where the E-LAN service is used to replace the original LAN service,
the E-LAN service is most important and is most widely used. The E-LAN service is
a P2MP service. In the E-LAN service, packets of certain ports or certain packets of
a port on the user side are forwarded to multiple ports on the network side, and
packets received from the network side are forwarded to ports on the user side and
other ports on the network side.
u EVP-LAN service: Service are multiplexed on the port of the network side.
Features
u Different services are isolated, but they can choose to share (EVP-LAN) or
monopolize (EP-LAN) the bandwidth.
Example
Figure 6-2 shows an example of the E-LAN service provided by the CiTRANS R860.
The CiTRANS R860 is deployed to provide the E-LAN service for K. Service data of
different branches are labeled with different VPLS tags. In this way, data can be
shared within a branch whereas data of different branches are isolated. The network
access data of the headquarters are isolated from the service data through VPLS.
6-4 Version: B
6 Service and Network
Introduction
The E-Tree service is a P2MP service. In the E-Tree service, packets of certain
ports or certain packets of a port on the user side are forwarded to a port on the
network side, or packets received from the network side are forwarded to ports on
the user side or to other ports on the network side.
The E-Tree service can be used for ISP (Internet Service Provider) connection. Also,
it can be used to provide a basic network for multicast services such as IPTV
(Internet Protocol Television). The E-Tree service can be further classified into two
types.
Version: B 6-5
CiTRANS R860 Multi-Service Convergence Router Product Description
Features
u Services on different leaf nodes are isolated, but they can choose to share
(EVP-Tree) or monopolize (EP-Tree) the bandwidth.
Example
The E-Tree service is a type of P2MP bidirectional convergence service. Figure 6-3
shows an example of the E-Tree service provided by the CiTRANS R860.
6-6 Version: B
6 Service and Network
Version: B 6-7
CiTRANS R860 Multi-Service Convergence Router Product Description
The CiTRANS R860 provides CES services by using the PWE3 (Emulation Edge-
to-Edge) technology.
CES services are mainly applied in radio services and private line service. The
CiTRANS R860 is connected to the 2G / 3G station or enterprise private line
through E1 or channelized STM-1 line. It then slices STM-1 signals and
encapsulates them into data packets. The packets are forwarded to the peer end
over the MAN, which serves as the transport network. See Figure 6-4.
6-8 Version: B
6 Service and Network
u Can identify and process the frame structure and transmit signaling in CES
frames.
u Can identify frame structure of CES service. It may not transmit idle timeslot
channels, but only extracts useful timeslots of CE equipment sets from the E1
traffic stream and then encapsulates them into PW packets for transmission.
u Segments all CES services as bit streams and then encapsulates them for
transmission over a PW tunnel.
u Can transparently transmit CES traffic data and synchronous timing information.
SAToP completely disregards any structure, and PEs have no need to interpret
the CES data or to participate in the CES signaling.
Version: B 6-9
CiTRANS R860 Multi-Service Convergence Router Product Description
In system clock recovery, the sender that generates CES signals and the receiver
that extracts CES signals use the same network reference clock as the
synchronization signal source. Figure 6-5 shows the working principle of system
clock recovery.
In differential clock recovery, the service receiver and sender have the same public
timing reference signal. The sender packages the synchronization signal on the
service side and transmits the signal to the receiver over the packet switched
network. The receiver then recovers the synchronization signal based on the public
timing reference signal available on the receiver. Figure 6-6 shows the working
principle of differential clock recovery.
6-10 Version: B
6 Service and Network
Version: B 6-11
CiTRANS R860 Multi-Service Convergence Router Product Description
The following describes the service bearer solution and clock synchronization
solution provided by the CiTRANS R860 for the radio network.
For 2G services, the TDM network carries mainly voice services and the traffic is
light. Typically, a BTS connects to the BSC through 1-3 E1 interfaces. Some carriers
do not have fixed-network E1 lines and therefore need to lease E1 lines from other
carriers with high costs. As carriers extend the radio access network worldwide,
problems such as low bandwidth usage, low scalability, and inflexible configuration
occur on the 2G RAN constructed based on the TDM / SDH. The 2G / 3G RAN
carried over IP is the development trend of the radio service bearer network.
6-12 Version: B
6 Service and Network
On the 3G mobile service bearer network, time is synchronized for the entire
network through an external clock or GPS. The CiTRANS R860 complies with IEEE
1588v2. The 1 PPS&TOD interface or Ethernet interface can be used for time signal
input and output and time synchronization on the entire network as required by 3G
services.
As shown in Figure 6-9, equipment sets on the bearer network synchronize time
over IEEE 1588v2. NodeBs that support IEEE 1588v2 use multicast 1588v2 time
signals for time synchronization. NodeBs that do not support IEEE 1588v2 use the
Ethernet or WAN interface for frequency synchronization.
Version: B 6-13
CiTRANS R860 Multi-Service Convergence Router Product Description
The CiTRANS R860 is mainly applied at the distribution layer of MANs. It transmits
packet services over networks and aggregates services to the data backbone
network.
u 10GE
u GE
u FE
u STM-1
u E-Line service
u E-LAN service
u E-Tree service
Table 6-1 describes the application scenarios of the Ethernet service provided by
the CiTRANS R860.
Table 6-1 Application Scenarios of Ethernet Services Provided by the CiTRANS R860
Item Description
6-14 Version: B
6 Service and Network
Item Description
Network
GE, 10GE GE, 10GE GE, 10GE
interface
u Services are u Services are
u Services are connected and connected and
connected and transparently transparently
transparently transmitted over GE transmitted over GE
transmitted or FE. Also, QoS is or FE. Also, QoS is
over GE or FE. ensured. ensured.
Also, QoS is u Traffic statistics u Traffic statistics
ensured. collected based on collected based on
Service u Traffic statistics the tunnel or PW are the tunnel or PW are
scenario collected provided. provided.
based on the u BFD, Ethernet OAM, u BFD, Ethernet OAM,
tunnel or PW and MPLS-TP OAM and MPLS-TP OAM
are provided. are supported. are supported.
u BFD, Ethernet u Layer 2 multicast and u Layer 2 multicast
OAM, and Layer 2 broadcast and Layer 2
MPLS-TP OAM suppression are broadcast
are supported. supported. suppression are
u User data is isolated. supported.
Figure 6-10 shows the typical network of the E-Line service provided by the
CiTRANS R860.
Figure 6-10 Typical Networking of the E-Line Service Provided by the CiTRANS R860
Version: B 6-15
CiTRANS R860 Multi-Service Convergence Router Product Description
Figure 6-11 shows the typical network of the E-LAN service provided by the
CiTRANS R860.
Figure 6-12 shows the typical network of the E-Tree service provided by the
CiTRANS R860.
6-16 Version: B
6 Service and Network
Figure 6-12 Typical Networking of the E-Tree Service Provided by the CiTRANS R860
u E1 service
u STM-1 service
Table 6-2 describes the application scenarios of the CES services provided by the
CiTRANS R860.
Table 6-2 Application Scenarios of CES Services Provided by the CiTRANS R860
Item Description
Version: B 6-17
CiTRANS R860 Multi-Service Convergence Router Product Description
Item Description
Figure 6-13 shows the typical network of the CES services provided by the
CiTRANS R860.
Figure 6-13 Typical Network of the CES Services Provided by the CiTRANS R860
The CiTRANS R860 runs at the distribution layer of mobile networks to connect the
BTSs to the BSC. The CiTRANS R860 provides various types of interfaces to
aggregate and carry packet services.
Table 6-3 describes the application scenarios of the mobile services provided by
the CiTRANS R860.
6-18 Version: B
6 Service and Network
Table 6-3 Application Scenarios of Mobile Services Provided by the CiTRANS R860
Item Description
Figure 6-14 shows the typical network of the mobile services provided by the
CiTRANS R860.
Figure 6-14 Typical Networking of the Mobile Services Provided by the CiTRANS R860
u P2P L3VPN
Version: B 6-19
CiTRANS R860 Multi-Service Convergence Router Product Description
u P2MP L3VPN
u L3VPN Hub-Spoke
Table 6-4 describes the application scenarios of the the L3VPN service provided by
the CiTRANS R860.
Item Description
u Users in the same VPN can forward u The hub PE can exchange routing
traffic to each other but cannot information with all spoke PEs.
communicate with users outside this u Spoke PEs need to use the hub PE for
VPN. mutual access.
u Services are connected and u Services are connected and transparently
transparently transmitted over GE or FE. transmitted over GE or FE. Also, QoS is
Also, QoS is ensured. ensured.
Service scenario u Traffic statistics collected based on the u Traffic statistics collected based on the
tunnel or PW are provided. tunnel or PW are provided.
u BFD, Ethernet OAM, and MPLS-TP OAM u BFD, Ethernet OAM, and MPLS-TP OAM
are supported. are supported.
u User data is isolated. u User data is isolated.
u Routing and forwarding are supported. u Routing and forwarding are supported.
u Dual-homing and FRR protection are u Dual-homing and FRR protection are
supported. supported.
P2P L3VPN
Figure 6-15 shows the network diagram for P2P L3VPN. Users in the same VPN
can communicate with each other. Users in different VPNs cannot communicate
with each other.
6-20 Version: B
6 Service and Network
P2MP L3VPN
Figure 6-16 shows the network diagram for P2MP L3VPN. This network mode has
the following features:
u Users in the same VPN can communicate with each other. Users in different
VPNs cannot communicate with each other.
Version: B 6-21
CiTRANS R860 Multi-Service Convergence Router Product Description
L3VPN Hub-Spoke
6-22 Version: B
6 Service and Network
AsFigure 6-18 shows, via using the L2 / L3 bridge connection technology, we can
connect the L2VPN services in the access / distribution network with the L3VPN
routing forwarding services in the IP backbone MAN. This is the evolution for the IP-
based network.
Version: B 6-23
CiTRANS R860 Multi-Service Convergence Router Product Description
In recent years, the PWE3 technology gradually matures, the technology related
drafts are also turned into the formal RFC documents, and the PWE3 technology is
constantly used in the operator network. Via the MS-PW network, the problem of the
lack of flexibility in the current PWE3 network mode is solved. The operations are
described as follows: Between two sets of CiTRANS R860, sets up multiple PWs
using the MS-PW technology, so as to cross networks of different types and
implement the correct routing and forwarding between equipment sets in networks
of different types.
As shown in Figure 6-19, the tunnels with different signaling are connected via the
switching PE nodes, and thus an integrated network is formed. The switching PE
node supports multiple types of tunnel connections, including the dynamic RSVP
tunnel and the static MPLS tunnel.
6-24 Version: B
6 Service and Network
The CiTRANS R860 supports the hierarchical VPLS network. As Figure 6-20 shows,
corporations A and B have multiple divisions in various sites, and they need to
construct the corresponding enterprise networks. We use the hierarchical VPLS
network to implement the interconnection between the enterprise networks in
various sites for each corporation. The hierarchical VPLS network saves the
signaling overheads in the network, and improves the scalability of the VPLS
network deployment.
Version: B 6-25
7 Protection Mechanism
The following introduces the protection mechanisms of the CiTRANS R860 and
covers these topics:
Equipment-Level Protection
Network-Level Protection
Version: B 7-1
CiTRANS R860 Multi-Service Convergence Router Product Description
The CiTRANS R860 supports 1+1 protection for the SCUR1 card, the RCUO1 card,
and the power card. The following describes the working principle, switchover
triggering conditions, and protection parameters of the equipment-level protection.
The SCUR1 card processes service switching, conducts clock synchronization and
output, and performs protection switchover.
Working Principle
Two SCUR1 cards working in the active / standby mode are installed on the
CiTRANS R860. In normal cases, only the active card runs. When the active card is
faulty, the standby card is notified of this event through the monitoring channel
between them. Then the standby card becomes active to ensure normal operations
of the CiTRANS R860.
After the original active card resumes, it enters the standby state. When the current
active card becomes faulty, the original active card restores to the working state.
Protection Parameters
Item Specification
7-2 Version: B
7 Protection Mechanism
Note:
Two revert modes can be used.
The RCUO1 card of the CiTRANS R860 provides multiple types of management
and auxiliary interfaces for routing protocol control and device management.
Working Principle
Two RCUO1 cards working in active / standby mode are installed on the CiTRANS
R860. In normal cases, only the active RCUO1 card runs. When the active RCUO1
card is faulty, the standby RCUO1 card is notified of this event through the
monitoring channel between them. Then the standby RCUO1 card becomes active
to ensure normal operation of the CiTRANS R860.
After the original active RCUO1 card resumes, it enters the standby state, forming 1
+1 protection again.
Protection Parameters
Table 7-2 describes the 1+1 protection parameters of the RCUO1 card.
Version: B 7-3
CiTRANS R860 Multi-Service Convergence Router Product Description
Item Specification
The AIFJ1 / AIFJ2 card provides the -48 V power for the CiTRANS R860.
Working Principle
Two power and auxiliary terminal boards working in the 1+1 hot standby mode are
installed on the CiTRANS R860 to ensure normal operations of the CiTRANS R860.
Protection Parameters
Table 7-3 describes the 1+1 protection parameters of the power card.
Item Specification
The following describes the working principle, switchover triggering conditions, and
protection parameters for the network-level protection of the CiTRANS R860.
Working Principle
In 1:1 protection for tunnels, the standby tunnel is used to protect the services
carried over the active tunnel. In normal cases, services are carried over the active
tunnel. When the active tunnel is faulty, services are switched over to the standby
tunnel.
7-4 Version: B
7 Protection Mechanism
The active / standby status and switchover status are exchanged using the BFD or
MPLS-TP protocol, which is borne over the protection tunnel. Devices at the two
ends of a tunnel performs service switchover based on the protocol status and
switchover status.
Note:
1:1 protection is enabled for the tunnel between node A and node B. 1:1
protection needs to be configured on the two nodes regardless of the
path that services are transmitted.
Figure 7-1 shows the working principle of 1:1 protection for tunnels.
Version: B 7-5
CiTRANS R860 Multi-Service Convergence Router Product Description
Protection Parameters
Item Specification
Introduction
The PW redundancy protection is similar to the tunnel 1:1 protection. Based on the
BFD for PW, it implements the protection at the PW layer. The tunnel 1:1 protection
is to implement the protection at the tunnel layer based on the BFD for tunnel.
Protection Principle
For the PW redundancy protection, the standby PW is used to protect the service
traffic transmitted over the active PW, and the single receiving is used. The process
of the switchover and resuming is described as follows:
1. When the sink NE detects a fault at the working channel, it will execute the
switchover at once and send the switchover request to the source NE.
2. When the source NE receives the switchover request, the service traffic will be
switched to the standby PW, and the source NE will send the acknowledgment
message. Thus the switchover operations are completed.
3. When the sink NE detects that the working channel has resumed, it will send
the switchover request to the source NE and switches the service traffic to the
active channel.
4. When the source NE receives the switchover request, the service traffic will be
switched to the active PW, and the source NE will send the acknowledgment
message. Thus the switchover operations are completed.
7-6 Version: B
7 Protection Mechanism
Protection Parameters
Item Description
Introduction
In VRRP (Virtual Router Redundancy Protocol), the master router forwards data and
the backup routers are in the listening state. When the master router is faulty, a new
master router is elected among the backup routers of the virtual router. The new
master router takes over the data forwarding work from the faulty master router.
VRRP is described in RFC 3768. Table 7-6 describes the terms involved in VRRP.
Term Description
When the master router is faulty, a backup router is elected as the new
Backup router
master router to forward packets.
Version: B 7-7
CiTRANS R860 Multi-Service Convergence Router Product Description
Term Description
Working Modes
Two working modes are used for VRRP: active / standby and load balancing.
In active / standby mode, all services are carried by the master router. When
the master router becomes faulty, a new master router is elected to take over its
services. See Figure 7-2.
7-8 Version: B
7 Protection Mechanism
RTA is the master router and forwards packets. RTB and RTC are backup
routers and are in the listening state. When RTA becomes faulty, a new master
router is elected based on the priorities of RTB and RTC. The new master
router takes over the data forwarding work from RTA.
Version: B 7-9
CiTRANS R860 Multi-Service Convergence Router Product Description
Virtual router 1: RTA is the master router and RTB is a backup router.
Virtual router 2: RTB is the master router and RTA is a backup router.
To ensure that RTA and RTB process service flows in load balancing mode, the
default gateway address must be set to 10.1.1.254 and 10.1.1.253 for hosts on
the LAN. Ensure that priorities are properly configured for routers in the two
virtual routers so that a router functions as the master router in only one virtual
router.
u Rapid detection: Rapidly detects faults for the BFD bound with the VRRP, so as
to implement rapid switchover of the VRRP.
7-10 Version: B
7 Protection Mechanism
Protection Principle
u LSP 1+1 / 1:1 protection is enabled for the path A→C. The working path is
A→B→C, and the protection path is A→D→E→C.
u 1+1 / 1:1 link protection is enabled on the AC side. The working path is
C→RNC, and the protection path is C→E→RNC.
Version: B 7-11
CiTRANS R860 Multi-Service Convergence Router Product Description
As shown in Figure 7-5, when a fault occurs on the working path, that is,
A→B→C, an LSP 1+1 / 1:1 protection switchover is triggered for the tunnel
between A and C. The path between C and the RNC remains unchanged.
Therefore, the service path changes to A→D→E→C→RNC, protecting
services on the network side.
Figure 7-5 Dual-homing Protection Switching Status – the Network Side is Faulty
As shown in Figure 7-6, when a fault occurs on the tunnel between C and RNC,
E receives the fault information sent from C and switches over the services to
the path C→E→RNC. The RNC receives services from E. The service path
changes to A→B→C→E→RNC, protecting services on the AC side.
7-12 Version: B
7 Protection Mechanism
As shown in Figure 7-7, when faults occur on both the MPLS-TP network and
the AC side, both A and RNC switch over to the protection path. C sends the
fault information to E. E switches over services to the path A→D→E→RNC,
protecting services.
Figure 7-7 Dual-homing Protection Switching Status – the Network Side and AC Side are Faulty
As shown in Figure 7-8, when a fault occurs on Node C, A switches over to the
protection path. Other nodes perform the same actions as in Figure 7-7. The
service path changes to A→D→E→RNC, protecting services.
Version: B 7-13
CiTRANS R860 Multi-Service Convergence Router Product Description
Protection Parameters
Item Description
Introduction
Quick response and timely switchover are features of MPLS TE FRR. MPLS TE
FRR can ensure smooth migration of service data without service interruption. In
addition, the ingress node of the LSP attempts to find a new path for re-setting-up
an LSP and switches over service data to the new LSP. Before a new LSP is set up,
service data are forwarded along the protection path.
7-14 Version: B
7 Protection Mechanism
Protection Principle
The components of the MPLS TE system are involved in setting up the FRR LSP
and working LSP. MPLS TE FRR is implemented based on RSVP TE and complies
with RFC 3209 and RFC 4090. The following working modes can be used to
implement the MPLS TE FRR.
In the detour mode, a protection path is set up for each protected LSP. The
protection path is called detour LSP.
In the bypass mode, a single protection path is set up for multiple protected
LSPs. The protection path is called bypass LSP.
For the network shown in Figure 7-9, when the link RTB→RTC fails or the node
RTC fails, the service traffic on the active LSP will be switched to the Bypass
LSP. The outgoing header from the RTB uses the label that the RTF allocates
for the RTB. In addition, the egress label of the RTC is also pushed into the
label stack.
On the link RTB→RTF→RTD, the LSP uses the double labels. For the packet
received by the RTD, after the label allocated for the RTF by the RTD is popped
up, the system uses the label allocated for the RTC by the RTD to forward the
packet.
In the detour mode, each LSP is protected independently and therefore the
overhead is high. In practice, the bypass mode is more widely used.
Version: B 7-15
CiTRANS R860 Multi-Service Convergence Router Product Description
Introduction
VPN FRR (Fast Re-route) resolves the problem of a long route convergence time
via presetting the active and standby next hops on the PE. It implements the rapid
convergence of end-to-end services when a PE node has faults on a network where
CEs are dual-homed to PEs.
7-16 Version: B
7 Protection Mechanism
Protection Principle
In Figure 7-10, PE A sets the active next hop PE B and the standby next hop PE C.
Under the normal condition, the access path from CE A to CE B is: CE A→PE
A→PE B→CE B. When faults of PE B or the outer tunnel of the active route cause
that the PE node is not reachable, PE A will perform forwarding using the forward
information on the standby route; under this condition, the access path from CE A to
CE B is: CE A→PE A→PE C→CE B.
Version: B 7-17
CiTRANS R860 Multi-Service Convergence Router Product Description
Introduction
When a link is faulty, the time for the route to be convergent again is generally at a
second level. This can cause the interruption of the normal services for a second
level . Via setting the standby link, the IP FRR technology can fill in the time interval
of route convergence so that the protected services can be switched over within 50
ms.
Protection Principle
In the IP FRR protection, three link types are involved, respectively being the active
link, the sub-optimum link, and the standby link.
u The active link refers to the link with the optimum route. When the network
status is normal and the route is convergent, the service traffic is forwarded via
the active link.
u The sub-optimum link refers to the link whose routing cost is higher than that of
the active link. When the active link fails, the route will be convergent to the
sub-optimum link.
u The standby link refers to the appointed link of the standby next hop.
7-18 Version: B
7 Protection Mechanism
Under the normal conditions, the services are forwarded via the active link between
RTA and RTB. When the active link is faulty, the system will perform the protection
operations as follows:
1. As soon as the active link detects a BFD alarm, the starts the calculation for the
route convergence.
2. RTA executes the link switchover, and the packets are redirected to the
standby link between RTA and RTD for forwarding.
3. After the calculation for the route convergence is completed, the packets will be
redirected to the sub-optimum link between RTA and RTC for forwarding,
according to the new routing table.
4. When the BFD protocol detects that the active link has been resumed, the
routing table will be re-calculated for convergence, and the the packets are
switched over to the resumed active link for forwarding.
Version: B 7-19
CiTRANS R860 Multi-Service Convergence Router Product Description
Note:
If the sub-optimum link is the same as the preset standby link, the
packets will not be redirected in step 3.
When the active link is faulty, the IP FRR protection can switch over services to the
preset standby link rapidly and fill in the time interval of route convergence. Thus the
services will not be interrupted.
Introduction
The LDP FRR protection is described as follows: When the LDP operates in the
downlink label automatic distribution, orderly label control, and free label keeping
mode, the LDP sets up the standby LSP via generating the label forwarding table
entry for the label mapping of the appointed standby interface or the standby next
hop. When the network operates normally, the label is forwarded by the active LSP.
When the active LSP is faulty, the label is forwarded by the standby LSP. When the
active LSP is faulty, the LDP FRR can implement non-interruption of the service
traffic prior to the network convergence.
Protection Principle
When the LDP operates in the downlink label automatic distribution, orderly label
control, and free label keeping mode, the label distribution router saves all received
label mapping for a certain forwarding equivalence class, but it only generates the
label forwarding table entry for the label mapping from the next hop of the route
corresponding to this forwarding equivalence class.
7-20 Version: B
7 Protection Mechanism
Using this feature of the LDP, the LDP FRR also generates the label forwarding
table entry for the label mapping of the appointed standby interface or standby next
hop. Under the condition that the standby label is saved, this means that the
standby LSP is set up. The label forwarding router can response to the route
change rapidly and switch to the standby label, so as to complete the switching
protection against the network faults.
Introduction
Link aggregation group (LAG) involves bundling a group of physical Ethernet ports
with the same rate into a logical port to increase the bandwidth and provide link
protection. When a certain link fails, the services on it will be switched to other links,
and this improves the link reliability.
Working Principle
In LAG protection, load balancing is implemented among the ports and the ports are
in equal positions. The CiTRANS R860 supports inter-equipment LAG protection
and intra-equipment LAG protection.
Version: B 7-21
CiTRANS R860 Multi-Service Convergence Router Product Description
u Increases the link capacity: The introduction of the LAG effectively increases
the transmission rate of links. Users can bundle multiple physical ports to obtain
a data link with higher bandwidth without upgrading the current equipment. The
capacity of the link is the sum of that of bundled ports.
u Improves the link reliability: When a certain link or equipment set is faulty, the
service packets on it will be forwarded to other links or equipment sets for
transmission.This ensures the normal transmission of services.
The CiTRANS R860 supports Ethernet LAG protection, as shown in Figure 7-12. In
this example, we configure the AC (Attachment Circuit) side LAGs at NE1 and NE2,
so as to implement the link backup on the same equipment set; and configure the
MC-LAG between NE1 and NE2, so as to implement the link backup between
equipment sets.
Protection Parameters
7-22 Version: B
7 Protection Mechanism
Item Specification
On a ring network, when a transmission segment such as the optical fiber fails,
network management information is automatically transmitted over the supervisory
channel in the other direction. This does not affect network management.
Figure 7-13 shows the schematic diagram of the protection channel for network
management information on a ring network.
Version: B 7-23
CiTRANS R860 Multi-Service Convergence Router Product Description
Figure 7-13 Backup of the Network Management Information Channel on a Ring Network (When
a Transmission Segment Fails)
If both ends of a site on an optical fiber segment fail, or an optical fiber segment in a
P2P network or chain network fails, the supervisory channels for network
management information also fail. The network administrator cannot obtain
information about failed sites or operate these sites. To avoid such problems, a
protection channel must be deployed for network management information.
Implementation
The CiTRANS R860 can provide a protection channel for network management
information through the data communication network. Between two NEs to be
protected, a router is configured and connected to the data communication network
to establish a protection channel. When the network runs properly, network
management information is transmitted over the working channel. See Figure 7-14.
7-24 Version: B
7 Protection Mechanism
Figure 7-14 Backup of the Network Management Information Channel (During Normal Operation)
When the main channel becomes faulty, the NE automatically switches over the
network management information to the protection channel. This ensures that the
network management system monitors the entire network. The switchover process
is completed automatically without manual intervention. Figure 7-15 shows the
protection channel.
Version: B 7-25
CiTRANS R860 Multi-Service Convergence Router Product Description
Figure 7-15 Backup of the Network Management Information Channel (When the Main Channel
Fails)
Note:
7-26 Version: B
8 Security Management
Version: B 8-1
CiTRANS R860 Multi-Service Convergence Router Product Description
The following describes the network security protocols and functions supported by
the CiTRANS R860.
8.1.1 ACL
An ACL (Access Control List) is a series of permit and reject statements. It applies
to addresses and upper-level protocols. ACLs are used to control traffic passing
networks.
The CiTRANS R860 supports ACLs based on quintuples, which refer to the source
and destination IP addresses, source and destination ports, and IP protocol. It also
supports setting ACL policies based on MAC addresses (including the source and
destination address). ACLs can be configured to take effect in the entire CiTRANS
R860 system or just on its ports.
The CiTRANS R860 supports hierarchical committed access rate (CAR) functions.
Two coloring modes are used: color-blind and color-aware.
By default, the discards red packets and allows yellow and green packets to pass.
The traffic control functions of the CiTRANS R860 are described as follows:
8-2 Version: B
8 Security Management
The CiTRANS R860 supports the DiffServ model. It completely implements PHB
(Per-Hop Behavior) so that carriers can ensure differentiated QoS levels for users.
During data forwarding, the CiTRANS R860 maps user priorities and VC priorities
carried in received packets to PHBs, and PHBs in forwarded packets to VC or VP
priorities.
The CiTRANS R860 supports setting PHBs for VPWSs, VPWS flows, VPLS-VSs,
and LAN ports emulated over VPLS. An existing mapping table (mapping between
PHBs and VC priorities) can be used. Also, a PHB service level can be specified.
Version: B 8-3
CiTRANS R860 Multi-Service Convergence Router Product Description
When network congestion occurs or worsens, the CiTRANS R860 employs certain
queue buffering management policies to preferentially ensure the QoS of services
with high priorities.
The supports two type of queue buffering management policies: tail drop and
WRED.
u Tail drop
u WRED
4 When the number of packets stored in a buffer does not exceed the
threshold specified by START, the system does not discard packets.
4 When the number of packets stored in the buffer exceeds the threshold
specified by END, all packets are discarded.
4 When the number of packets stored in the buffer is between the START
and the END, all packets face a probability of being dropped based on an
average-queue-length function.
Queue Scheduling
When congestion occurs, the CiTRANS R860 employs different queue scheduling
policies to guarantee the QoS of services with high priorities.
u SP (Strict Priority)
Packets are scheduled fairly based on the weights of queues. Queues with
higher priorities are assigned higher weights and therefore occupy more
bandwidth. Similarly, queues with lower priorities are assigned lower weights
and therefore occupy less bandwidth.
8-4 Version: B
8 Security Management
Rate limiting can be enabled on the inbound and outbound ports of service cards
and switch cards of the CiTRANS R860. Rate limiting policies can be employed for
flow attacks.
The maximum transmission unit (MTU) is configured to control the size of inbound
packets.
u Packets containing less than 64 bytes are identified as fragments and therefore
discarded. Local or remote collision fragments and short packets with invalid
FCSs are such a type of packet.
u Packets that contains invalid FCS (Frame Check Sequence) and more bytes
than the value that the MTU defines are identified as Jabber packets and
therefore discarded.
The CiTRANS R860 has policies to prevent distributed DoS (Denial of Service)
attacks from overspreading.
The CiTRANS R860 supports the unicast reverse path forwarding (URPF) function.
That is, it checks whether the source IP address of a packet matches the source
interface based on the forwarding information base (FIB). If not, it discards the
packet.
Version: B 8-5
CiTRANS R860 Multi-Service Convergence Router Product Description
The following describes the security protection functions provided by the CiTRANS
R860 for the network management system.
u Function description: Users must enter the correct user name and password to
log in to the OTNM2000. Only authenticated users can log in.
Forcible Logout
u Function description: A higher-level user can force a lower-level user to log out
of the OTNM2000.
u Purpose: The function prevents multiple users from configuring the CiTRANS
R860 simultaneously and prevents other users from logging in to the CiTRANS
R860 without authorization.
u Function description: The CiTRANS R860 NEs are logically divided into
multiple zones. Users of different levels are grant management permission for
different zones. A user can perform management only in the granted zone.
u Purpose: The function avoids security risks caused by the sharing of the
network management database, ensuring the uniqueness of configuration data.
8-6 Version: B
8 Security Management
u Purpose: The function improves network security and prevents users from
performing operations at unauthorized times, such as when replacing a card or
testing an error code.
License Control
There are four levels of users. Users of different levels have different management
permission. Each user is assigned proper management permission. A user of a
higher level has the permission of a user of a lower level.
The system administrator is a high-level user and has permission to configure and
modify network resources. The system administrator manages the entire
OTNM2000, and can perform security management operations including setting
passwords for users, adding, modifying or deleting users, and conducting log
management.
Version: B 8-7
CiTRANS R860 Multi-Service Convergence Router Product Description
Advanced Users
u Add, modify (user name and password), and delete lower-level users, and save
project configuration data.
u Delete alarms.
Intermediate Users
System maintenance users are intermediate users. Such users are responsible for
routine maintenance of the system, and can add or delete lower-level users, access
the network, configure service data, and back up configuration data.
u Access and back up data in the database, including alarms, performance data,
log reports, and profiles of lower-level users.
Operational Users
Operational users can monitor the alarm status of the system, browse performance
monitoring results, and view reports, including viewing card configuration data and
active configuration data.
Limited Users
Limited users can only query limited alarm and performance status, and cannot
perform other operations in the OTNM2000.
8-8 Version: B
8 Security Management
u Data integrity: Data are transmitted to the destination without corruption or loss.
Related data are stored and can be recovered when necessary.
u Data confidentiality: Data are protected and unauthorized users cannot obtain
the data.
u SAT: The OTNM2000 controls the access of users to the LCT. That is, only
users that are authenticated by using the correct user name and password can
log in to the LCT. This protects NE information against leakage and tampering.
The operations performed by all users on NEs and the operation results are
recorded in logs. Log management involves setting, viewing, and deleting logs
(including command logs, user logs, and EMU logs). Users can learn operations
performed in the OTNM2000 via logs, and analyze network faults based on logs.
Version: B 8-9
9 Technical Specification
The following lists the technical specifications and safety standards compliance of
the CiTRANS R860, and includes these contents.
Clock Specification
Environment Requirement
Version: B 9-1
CiTRANS R860 Multi-Service Convergence Router Product Description
Item Specification
Table 9-2 lists the system performance specifications of the CiTRANS R860.
Item Specification
9-2 Version: B
9 Technical Specification
Item Specification
Version: B 9-3
CiTRANS R860 Multi-Service Convergence Router Product Description
Dimensions and weight of the cabinet of the CiTRANS R860 are shown in Table 9-3.
Dimensions and weight of the CiTRANS R860 subrack are shown in Table 9-4.
Item Specification
Note:
For details about the power consumption of the entire , see System
Technical Specification.
Table 9-5lists the dimensions, weight, and power consumption of the cards and fan
unit of the CiTRANS R860.
Table 9-5 Dimensions, Weight, and Power Consumption of Cards and Fan Unit of the
CiTRANS R860
9-4 Version: B
9 Technical Specification
Table 9-5 Dimensions, Weight, and Power Consumption of Cards and Fan Unit of the
(Continued)
The following lists the performance specifications of the CiTRANS R860 interfaces.
Item Specification
Optical interface type 10GBASE (10 km) 10GBASE (40 km) 10GBASE (80 km)
Center wavelength (nm) 1290 and 1330 1530 and 1565 1530 and 1565
Overload optical power
-1 0 -7
(dBm)
Version: B 9-5
CiTRANS R860 Multi-Service Convergence Router Product Description
Item Specification
1000BASE- 1000BASE-
Optical interface type 1000BASE-SX 1000BASE-LX 1000BASE-VX
ZX1 ZX2
Transmission distance
0.55 10 40 80 100
(km)
Center wavelength (nm) 770 and 860 1270 to 1355 1270 to 1350 1500 to 1580 1500 to 1580
Overload optical power
0 -3 -3 -3 -9
(dBm)
Receiving sensitivity
-17 -20 -23 -23 -31
(dBm)
Item Specification
9-6 Version: B
9 Technical Specification
Item Specification
Item Specification
Frequency range:
Return loss at the output port (dB) (51 kHz to 102 kHz) ≥ 6 dB
(102 kHz to 3072 kHz) ≥ 8 dB
Version: B 9-7
CiTRANS R860 Multi-Service Convergence Router Product Description
Item Specification
Frequency range:
(51 kHz to 102 kHz) ≥ 12 dB
Return loss at the input port (dB)
(102 kHz to 2048 kHz) ≥ 18 dB
(2048 kHz to 3072 kHz) ≥ 14 dB
Item Specification
Center wavelength (nm) 1270 and 1380 1270 and 1340 1290 and 1330
Overload optical power
-14 -14 -15
(dBm)
The CiTRANS R860 provides interfaces for external clock input and output.
Table 9-11 lists the specifications of the clock interfaces.
9-8 Version: B
9 Technical Specification
u Frequency accuracy
Both the minimum pull-in and pull-out ranges are ±4.6 ppm.
Table 9-12 and Table 9-13 list the wander specifications of the clock in the
locked mode.
Table 9-12 Wander Generation (MTIE) with Constant Temperature
40 ns 0.1 < t ≤1
0.1
40t ns 1 < t ≤ 100
25.25t ns0.2
100 < t ≤ 1000
3.2 ns 0.1< t ≤ 25
0.5
0.64t ns 25 < t ≤ 100
6.4 ns 100 < t ≤ 1000
Version: B 9-9
CiTRANS R860 Multi-Service Convergence Router Product Description
The applicable EMC / EMI standards of the CiTRANS R860 are shown in
Table 9-14.
Table 9-14 Applicable EMC / EMI Standards and Protocols of the CiTRANS R860
Standard / Protocol
Title
Number
Electromagnetic compatibility and Radio spectrum Matters (ERM);
ETSI EN 300 386 Telecommunication network equipment; Electromagnetic
Compatibility (EMC) requirements
9-10 Version: B
9 Technical Specification
Table 9-15 lists the applicable safety standards of the CiTRANS R860.
Version: B 9-11
CiTRANS R860 Multi-Service Convergence Router Product Description
u The equipment set is covered with a plastic film, and its top, middle and bottom
parts are wrapped with shock proof packing foam. A wooden case is used for
outside package.
u The equipment set can be transported via vehicles like coaches, trains, ships,
and airplanes.
9-12 Version: B
Appendix A Abbreviations
AC Attachment Circuit
ACL Access Control List
APS Automatic Protection Switching
BC Boundary Clock
Version: B A-1
CiTRANS R860 Multi-Service Convergence Router Product Description
FR Frame Relay
GR Graceful Restart
GRE Generic Routing Encapsulation
IC Integrated Circuit
IP Internet Protocol
IPSec Internet Protocol Security
A-2 Version: B
Appendix A Abbreviations
MA Maintenance Association
MAC Media Access Control
MC-LAG Multi-chassis Link Aggregation Group
MD Maintenance Domain
MDF Main Distribution Frame
MEF Metro Ethernet Forum
MEN Metro Ethernet Network
MEP Maintenance End Point
OC Ordinary Clock
Version: B A-3
CiTRANS R860 Multi-Service Convergence Router Product Description
SN Serial Number
SNCP Sub-network Connection Protection
SNP Serial Number Packet
SONET Synchronous Optical Network
SP Strict Priority
A-4 Version: B
Appendix A Abbreviations
TC Transparent Clock
VC Virtual Channel
VC Virtual Circuit
VLAN Virtual Local Area Network
VPLS Virtual Private LAN Service
VPN Virtual Private Network
VPRN Virtual Private Routing Network
Version: B A-5
Product Documentation Customer Satisfaction Survery
Thank you for reading and using the product documentation provided by FiberHome. Please take a moment to
complete this survey. Your answers will help us to improve the documentation and better suit your needs. Your
responses will be confidential and given serious consideration. The personal information requested is used for
no other purposes than to respond to your feedback.
Name
Phone Number
Email Address
Company
To help us better understand your needs, please focus your answers on a single documentation or a complete
documentation set.
Documentation Name
Code and Version
12. Additional comments about our documentation or suggestions on how we can improve:
Thank you for your assistance. Please fax or send the completed survey to us at the contact information
included in the documentation. If you have any questions or concerns about this survey please email at
edit@fiberhome.com.cn