MA5606T Feature Description (V800R006C02 - 03)

SmartAX MA5606T Multi-service Access Module
V800R006C02
Feature Description
Issue 03
Date 2010-01-28
HUAWEI TECHNOLOGIES CO., LTD.

Copyright © Huawei Technologies Co., Ltd. 2010. All rights reserved.
No part of this document may be reproduced or transmitted in any form or by any means without prior written
consent of Huawei Technologies Co., Ltd.
Trademarks and Permissions
and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.
All other trademarks and trade names mentioned in this document are the property of their respective holders.
Notice
The purchased products, services and features are stipulated by the contract made between Huawei and the
customer. All or part of the products, services and features described in this document may not be within the
purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information,
and recommendations in this document are provided "AS IS" without warranties, guarantees or representations
of any kind, either express or implied.
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute the warranty of any kind, express or implied.
Huawei Technologies Co., Ltd.

Address: Huawei Industrial Base
Bantian, Longgang
Shenzhen 518129
People's Republic of China
Website: http://www.huawei.com
Email: support@huawei.com
Issue 03 (2010-01-28) Huawei Proprietary and Confidential i

Copyright © Huawei Technologies Co., Ltd.
Feature Description About This Document
About This Document
Purpose
This document describes the key features (including VDSL2, SHDSL, PPPoA, IPoA, VLAN,
ACL, QoS, and security features) of the SmartAX MA5606T (hereinafter referred to as the
MA5606T) in detail from the following aspects:
l Definition
l Purpose
l Specification
l Availability
l Principle
l Reference
This document also provides the glossary, acronyms and abbreviations, as well as references
concerning these features of the MA5606T.
After reading this document, you can learn about the definitions and purposes of the various
features of the MA5606T, and also the support of these features by the MA5606T and the
references on these features. In this way, you can know the feature list of the MA5606T and
understand the implementation of these features on the MA5606T.
Related Versions
The following table lists the product versions related to this document.
Product Name Version
MA5606T V800R006C02
N2000 BMS V200R012C03
Issue 03 (2010-01-28) Huawei Proprietary and Confidential iii

About This Document Feature Description
Intended Audience
The intended audience of this document is:
l Network planning engineers

l System maintenance engineers
l Configuration engineers
l NM administrators
Organization
This document consists of the following parts and is organized as follows.
Topic… Describes…
1 GPON Upstream GPON upstream transmission means transmission of data

Transmission through the GPON interface which is the upstream interface.
2 VDSL2 Access VDSL2 supports a high bandwidth (symmetric rates of up

to 100 Mbit/s). It addresses the requirement for short
distance and high rate of the next generation FTTx access
scenarios.
3 ADSL2+ Access Asymmetrical digital subscriber loop (ADSL) is an

asymmetric transmission technology that is used to transmit
data at high speed over the twisted pair. ADSL2+ is an
extension of ADSL. The upstream rate of ADSL2+ reaches
2.5 Mbit/s, and the downstream rate reaches 24 Mbit/s. The
maximum reach of ADSL2+ is 6.5 km.
4 SHDSL SHDSL is an xDSL access technology, just like ADSL and

VDSL. SHDSL provides the symmetric upstream and
downstream rates.
5 DLM/DSM This topic describes the DLM/DSM feature in its

introduction, principles, and reference.
6 PPPoA Access PPPoA access is an access mode in which users can transmit
PPPoA packets to the PPPoE server based on Ethernet.
7 IPoA Access IPoA access is an access mode in which the payloads of IP

packets are converted into Ethernet frames for upstream
transmission to the upper layer network, and the
downstream IPoE packets are converted into IPoA packets
and then forwarded to users.
8 P2P FE Optical Access Point-to-point (P2P) Ethernet optical access refers to the
P2P FTTH access provided by the P2P Ethernet optical
access board and the ONT, which meets the requirements
for the application of the next generation access device
under the integration of video, voice, and data services.
iv Huawei Proprietary and Confidential Issue 03 (2010-01-28)

9 VLAN Virtual local area network (VLAN) is a technology used to

form virtual workgroups by logically grouping the devices
of a LAN.
10 HWTACACS HWTACACS is a security protocol with enhanced

functions based on TACACS (RFC1492). Similar to the
RADIUS protocol, HWTACACS implements AAA
functions for multiple subscribers by communicating with
the HWTACACS server in the client/server (C/S) mode.
This topic provides the introduction, principles, and
reference of the HWTACACS feature.
11 DNS Client The DNS client feature enables the user who logs in to the
local device to communicate with other devices by using the
domain name.
12 Transparent Transparent transmission of protocol packets refers to the

Transmission of Protocol transparent transmission of user private network packets in
Packets the public network.
13 ACL The access control list (ACL) is used to filter the specific
data packets based on a series of matching rules contained
in the ACL.
14 QoS QoS refers to quality of service. Settings of different QoS

parameters, such as service availability, time delay, jitter,
and loss rate, provide users with high quality services.
15 ANCP ANCP refers to the Access Node Control Protocol which is

used to implement the functions such as topology discovery
and line configuration of user ports, and also Layer 2 Control
Protocol (L2C) OAM.
16 MSTP The Multiple Spanning Tree Protocol (MSTP) is compatible

with STP and RSTP.
17 Multicast Multicast refers to the point-to-multipoint communication

in which the multicast source sends the information to a
certain subset of all the network nodes.
18 Triple Play Triple play is a service provisioning mode in which

integrated services can be provided to a user. Currently, the
prevailing integrated services include the high-speed
Internet access service, voice over IP (VoIP) service, and
IPTV service.
19 Ethernet Link Ethernet link aggregation refers to aggregation of multiple

Aggregation Ethernet ports together to form a port to provide higher
bandwidth and link security.
20 System Security System security refers to prevention of attacks to the system.
21 User Security User security is a mechanism which guarantees the security

of operation users and access users.
Issue 03 (2010-01-28) Huawei Proprietary and Confidential v

22 Subtended Network A subtended network configuration is a configuration in

Configuration which the MA5606T series devices are subtended in several
tiers through the FE/GE ports.
23 Ethernet OAM Operations, administration and maintenance (OAM) means

a tool for monitoring and diagnosing network faults.
24 VoIP The VoIP service is a solution in which the voice

compression technology is adopted and the voice service is
transmitted over the IP network.
25 ISDN The integrated services digital network (ISDN) is a

Consultative Committee of International Telegraph and
Telephone (CCITT) standard, providing integrated
transmission of voice, video, and data. The ISDN enables a
simultaneous transmission of voice, video and data on the
data channel.
26 Overload Control Overload occurs when the usage of the CPU and DSP
resources increases and reaches a certain threshold in the
case that a large number of AG calls occur concurrently. In
this case, calls cannot be processed normally. Overload
control refers to the control over calls, which ensures that
the calls from guaranteed subscribers and emergency call
subscriber are processed in time, improving the system
stability and usability.
A Acronyms and The acronyms and abbreviations related to all the features
Abbreviations of the MA5606T
Conventions
Symbol Conventions
The following symbols may be found in this document. They are defined as follows
Symbol Description
Indicates a hazard with a high level of risk which, if not

avoided, will result in death or serious injury.
Indicates a hazard with a medium or low level of risk which,

if not avoided, could result in minor or moderate injury.
Indicates a potentially hazardous situation that, if not

avoided, could cause equipment damage, data loss, and
performance degradation, or unexpected results.
vi Huawei Proprietary and Confidential Issue 03 (2010-01-28)

Symbol Description
Indicates a tip that may help you solve a problem or save

your time.
Provides additional information to emphasize or

supplement important points of the main text.
General Conventions
Convention Description
Times New Roman Normal paragraphs are in Times New Roman.
Boldface Names of files, directories, folders, and users are in

boldface. For example, log in as user root.
Italic Book titles are in italics.

Courier New Terminal display is in Courier New.
Command Conventions
Boldface The keywords of a command line are in boldface.
Italic Command arguments are in italics.
[] Items (keywords or arguments) in square brackets [ ] are

optional.
{ x | y | ... } Alternative items are grouped in braces and separated by

vertical bars. One is selected.
[ x | y | ... ] Optional alternative items are grouped in square brackets

and separated by vertical bars. One or none is selected.
{ x | y | ... } * Alternative items are grouped in braces and separated by

vertical bars. A minimum of one or a maximum of all can
be selected.
GUI Conventions
Boldface Buttons, menus, parameters, tabs, window, and dialog titles

are in boldface. For example, click OK.
Issue 03 (2010-01-28) Huawei Proprietary and Confidential vii

> Multi-level menus are in boldface and separated by the ">"

signs. For example, choose File > Create > Folder.
Keyboard Operation
Format Description
Key Press the key. For example, press Enter and press Tab.
Key 1+Key 2 Press the keys concurrently. For example, pressing Ctrl
+Alt+A means the three keys should be pressed
concurrently.
Key 1, Key 2 Press the keys in turn. For example, pressing Alt, A means
the two keys should be pressed in turn.
Mouse Operation
Action Description
Click Select and release the primary mouse button without moving
the pointer.
Double-click Press the primary mouse button twice continuously and

quickly without moving the pointer.
Drag Press and hold the primary mouse button and move the
pointer to a certain position.
Update History
Updates between document versions are cumulative. Therefore, the latest document version
contains all updates made to previous versions.
Issue 03 (2010-01-28)
Based on issue 02 (2009-08-13), certain contents are optimized.
Issue 02 (2009-08-13)
Compared with Issue 01 (2009-06-25), this issue has the following new contents:
Delete: The command authorization in 10.2 Principle.
viii Huawei Proprietary and Confidential Issue 03 (2010-01-28)

Issue 01 (2009-06-25)
This is the first release of the MA5606T V800R006C02.
Issue 03 (2010-01-28) Huawei Proprietary and Confidential ix

Feature Description Contents
Contents
About This Document...................................................................................................................iii

1 GPON Upstream Transmission...............................................................................................1-1
1.1 Introduction.....................................................................................................................................................1-2
1.2 Principle.......................................................................................................................................................... 1-2
1.3 Reference.........................................................................................................................................................1-3
2 VDSL2 Access.............................................................................................................................2-1
2.1 Introduction.....................................................................................................................................................2-2
2.2 Principle.......................................................................................................................................................... 2-3
2.3 Reference.........................................................................................................................................................2-5
3 ADSL2+ Access...........................................................................................................................3-1
3.1 Introduction.....................................................................................................................................................3-2
3.2 Principle.......................................................................................................................................................... 3-4
3.3 Reference.........................................................................................................................................................3-7
4 SHDSL..........................................................................................................................................4-1
4.1 ATM SHDSL Access......................................................................................................................................4-2
4.1.1 Introduction............................................................................................................................................4-2
4.1.2 Principle................................................................................................................................................. 4-3
4.1.3 Reference................................................................................................................................................4-5
4.2 EFM SHDSL Access.......................................................................................................................................4-5
4.2.1 Introduction............................................................................................................................................4-6
4.2.2 Principle................................................................................................................................................. 4-7
4.2.3 Reference................................................................................................................................................4-9
5 DLM/DSM...................................................................................................................................5-1
5.1 Introduction.....................................................................................................................................................5-2
5.2 Principle.......................................................................................................................................................... 5-4
5.3 Reference.........................................................................................................................................................5-5
6 PPPoA Access..............................................................................................................................6-1
6.1 Introduction.....................................................................................................................................................6-2
6.2 Principle.......................................................................................................................................................... 6-2
6.3 Reference.........................................................................................................................................................6-3
7 IPoA Access.................................................................................................................................7-1
Issue 03 (2010-01-28) Huawei Proprietary and Confidential xi

Contents Feature Description
7.1 Introduction.....................................................................................................................................................7-2
7.2 Principle..........................................................................................................................................................7-2
7.3 Reference.........................................................................................................................................................7-3
8 P2P FE Optical Access...............................................................................................................8-1

8.1 Introduction.....................................................................................................................................................8-2
8.2 Principle..........................................................................................................................................................8-2
8.3 Reference.........................................................................................................................................................8-3
9 VLAN............................................................................................................................................9-1
9.1 Standard VLAN...............................................................................................................................................9-2
9.1.1 Introduction............................................................................................................................................9-2
9.1.2 Principle.................................................................................................................................................9-3
9.1.3 Reference................................................................................................................................................9-4
9.2 Smart VLAN...................................................................................................................................................9-4
9.2.1 Introduction............................................................................................................................................9-4
9.2.2 Principle.................................................................................................................................................9-5
9.2.3 Reference................................................................................................................................................9-5
9.3 MUX VLAN...................................................................................................................................................9-5
9.3.1 Introduction............................................................................................................................................9-6
9.3.2 Principle.................................................................................................................................................9-7
9.3.3 Reference................................................................................................................................................9-7
9.4 QinQ VLAN....................................................................................................................................................9-7
9.4.1 Introduction............................................................................................................................................9-7
9.4.2 Principle.................................................................................................................................................9-8
9.4.3 Reference................................................................................................................................................9-9
9.5 VLAN Stacking.............................................................................................................................................9-10
9.5.1 Introduction..........................................................................................................................................9-10
9.5.2 Principle...............................................................................................................................................9-11
9.5.3 Reference..............................................................................................................................................9-12
10 HWTACACS........................................................................................................................... 10-1
10.1 Introduction.................................................................................................................................................10-2
10.2 Principle......................................................................................................................................................10-3
10.3 Reference.....................................................................................................................................................10-4
11 DNS Client.............................................................................................................................. 11-1

11.1 Introduction.................................................................................................................................................11-2
11.2 Principle......................................................................................................................................................11-3
11.3 Reference.....................................................................................................................................................11-5
12 Transparent Transmission of Protocol Packets................................................................12-1

12.1 Introduction.................................................................................................................................................12-2
12.2 Principle......................................................................................................................................................12-2
13 ACL........................................................................................................................................... 13-1
xii Huawei Proprietary and Confidential Issue 03 (2010-01-28)

13.1 Introduction.................................................................................................................................................13-2
13.2 Principle......................................................................................................................................................13-3
14 QoS............................................................................................................................................14-1
14.1 QoS Overview.............................................................................................................................................14-3
14.1.1 Introduction........................................................................................................................................14-3
14.1.2 Principle.............................................................................................................................................14-4
14.2 PQ................................................................................................................................................................14-4
14.2.1 Introduction........................................................................................................................................14-5
14.2.2 Principle.............................................................................................................................................14-5
14.3 WRR............................................................................................................................................................14-6
14.3.1 Introduction........................................................................................................................................14-6
14.3.2 Principle.............................................................................................................................................14-6
14.4 CoS Priority Re-marking.............................................................................................................................14-7
14.4.1 Introduction........................................................................................................................................14-7
14.4.2 Principle.............................................................................................................................................14-7
14.5 Flexible Mapping Between CoS Priorities and Scheduling Queues...........................................................14-8
14.5.1 Introduction........................................................................................................................................14-8
14.5.2 Principle.............................................................................................................................................14-8
14.6 trTCM..........................................................................................................................................................14-9
14.6.1 Introduction........................................................................................................................................14-9
14.6.2 Principle...........................................................................................................................................14-10
14.7 Rate Limitation Based on Port and CoS....................................................................................................14-11
14.7.1 Introduction......................................................................................................................................14-12
14.7.2 Principle...........................................................................................................................................14-12
15 ANCP........................................................................................................................................15-1
15.1 Introduction.................................................................................................................................................15-2
15.2 Principle......................................................................................................................................................15-2
15.3 Reference.....................................................................................................................................................15-5
16 MSTP........................................................................................................................................16-1
16.1 Introduction.................................................................................................................................................16-2
16.2 Principle......................................................................................................................................................16-3
16.3 Reference.....................................................................................................................................................16-7
17 Multicast..................................................................................................................................17-1
17.1 Overview.....................................................................................................................................................17-2
17.1.1 Introduction........................................................................................................................................17-2
17.1.2 Principle.............................................................................................................................................17-3
17.1.3 Reference............................................................................................................................................17-4
17.2 IGMP Snooping...........................................................................................................................................17-5
17.2.1 Introduction........................................................................................................................................17-5
17.2.2 Principle.............................................................................................................................................17-6
17.3 IGMP Proxy................................................................................................................................................17-6
Issue 03 (2010-01-28) Huawei Proprietary and Confidential xiii

17.3.1 Introduction........................................................................................................................................17-6
17.3.2 Principle............................................................................................................................................. 17-7
17.4 Multicast VLAN Management....................................................................................................................17-8
17.4.1 Introduction........................................................................................................................................17-8
17.4.2 Principle............................................................................................................................................. 17-9
17.5 Program Management...............................................................................................................................17-10
17.5.1 Introduction......................................................................................................................................17-10
17.5.2 Principle...........................................................................................................................................17-11
17.6 User Management.....................................................................................................................................17-11
17.6.1 Introduction......................................................................................................................................17-11
17.6.2 Principle...........................................................................................................................................17-12
18 Triple Play...............................................................................................................................18-1
18.1 Features of Triply Play................................................................................................................................18-2
18.1.1 Introduction........................................................................................................................................18-2
18.1.2 Principle............................................................................................................................................. 18-2
18.1.3 Reference............................................................................................................................................18-3
18.2 Single-PVC for Multiple Services...............................................................................................................18-3
18.2.1 Introduction........................................................................................................................................18-4
18.2.2 Principle............................................................................................................................................. 18-4
18.3 Multi-PVC for Multiple Services................................................................................................................18-6
18.3.1 Introduction........................................................................................................................................18-7
18.3.2 Principle............................................................................................................................................. 18-7
19 Ethernet Link Aggregation...................................................................................................19-1

19.1 Introduction.................................................................................................................................................19-2
19.2 Principle...................................................................................................................................................... 19-3
19.3 Reference.....................................................................................................................................................19-6
20 System Security......................................................................................................................20-1
20.1 Introduction to System Security..................................................................................................................20-2
20.1.1 Introduction........................................................................................................................................20-2
20.1.2 Principle............................................................................................................................................. 20-3
20.2 Anti-DoS Attack..........................................................................................................................................20-4
20.2.1 Introduction........................................................................................................................................20-4
20.2.2 Principle............................................................................................................................................. 20-5
20.3 MAC Address Filtering...............................................................................................................................20-5
20.3.1 Introduction........................................................................................................................................20-6
20.3.2 Principle............................................................................................................................................. 20-6
20.4 Firewall Black List......................................................................................................................................20-7
20.4.1 Introduction........................................................................................................................................20-7
20.4.2 Principle............................................................................................................................................. 20-7
20.5 Firewall........................................................................................................................................................20-8
20.5.1 Introduction........................................................................................................................................20-8
xiv Huawei Proprietary and Confidential Issue 03 (2010-01-28)

20.5.2 Principle............................................................................................................................................. 20-9
21 User Security...........................................................................................................................21-1
21.1 PITP.............................................................................................................................................................21-3
21.1.1 Introduction........................................................................................................................................21-3
21.1.2 Principle.............................................................................................................................................21-4
21.1.3 Reference..........................................................................................................................................21-11
21.2 DHCP option82.........................................................................................................................................21-11
21.2.1 Introduction......................................................................................................................................21-11
21.2.2 Principle...........................................................................................................................................21-12
21.2.3 Reference..........................................................................................................................................21-14
21.3 DHCP Sub-Option90.................................................................................................................................21-14
21.3.1 Introduction......................................................................................................................................21-14
21.3.2 Principles..........................................................................................................................................21-15
21.3.3 Reference..........................................................................................................................................21-16
21.4 RAIO.........................................................................................................................................................21-17
21.4.1 Introduction......................................................................................................................................21-17
21.4.2 Principle...........................................................................................................................................21-18
21.4.3 Reference..........................................................................................................................................21-24
21.5 IP Address Binding...................................................................................................................................21-24
21.5.1 Introduction......................................................................................................................................21-25
21.5.2 Principle...........................................................................................................................................21-25
21.6 MAC Address Binding..............................................................................................................................21-25
21.6.1 Introduction......................................................................................................................................21-26
21.6.2 Principle...........................................................................................................................................21-26
21.7 VMAC.......................................................................................................................................................21-27
21.7.1 Introduction......................................................................................................................................21-27
21.7.2 Principle...........................................................................................................................................21-28
21.8 SMAC........................................................................................................................................................21-30
21.8.1 Introduction......................................................................................................................................21-30
21.8.2 Principles..........................................................................................................................................21-31
21.8.3 Reference..........................................................................................................................................21-33
21.9 Anti-MAC Spoofing..................................................................................................................................21-33
21.9.1 Introduction......................................................................................................................................21-33
21.9.2 Principle...........................................................................................................................................21-34
21.10 Anti-IP Spoofing.....................................................................................................................................21-35
21.10.1 Introduction....................................................................................................................................21-35
21.10.2 Principle.........................................................................................................................................21-36
22 Subtended Network Configuration....................................................................................22-1

22.1 Introduction.................................................................................................................................................22-2
22.2 Principle......................................................................................................................................................22-3
22.3 Reference.....................................................................................................................................................22-3
Issue 03 (2010-01-28) Huawei Proprietary and Confidential xv

23 Ethernet OAM.........................................................................................................................23-1
23.1 Ethernet CFM OAM....................................................................................................................................23-2
23.1.1 Introduction........................................................................................................................................23-2
23.1.2 Principle............................................................................................................................................. 23-3
23.1.3 Reference............................................................................................................................................23-5
23.2 Ethernet EFM OAM....................................................................................................................................23-5
23.2.1 Introduction........................................................................................................................................23-6
23.2.2 Principle............................................................................................................................................. 23-6
23.2.3 Reference............................................................................................................................................23-8
24 VoIP..........................................................................................................................................24-1
24.1 Basic Features of VoIP................................................................................................................................24-2
24.1.1 Introduction........................................................................................................................................24-2
24.1.2 Reference............................................................................................................................................24-3
24.2 VoIP (H.248)...............................................................................................................................................24-3
24.2.1 Introduction........................................................................................................................................24-4
24.2.2 Principle............................................................................................................................................. 24-4
24.3 VoIP (MGCP)............................................................................................................................................. 24-5
24.3.1 Introduction........................................................................................................................................24-6
24.3.2 Principle............................................................................................................................................. 24-6
24.4 VoIP (SIP)...................................................................................................................................................24-7
24.4.1 Introduction........................................................................................................................................24-8
24.4.2 Principle............................................................................................................................................. 24-8
25 ISDN.........................................................................................................................................25-1
25.1 ISDN Feature Description...........................................................................................................................25-2
25.1.1 Introduction........................................................................................................................................25-2
25.1.2 Principle............................................................................................................................................. 25-3
25.1.3 Reference............................................................................................................................................25-7
25.2 Basic Rate Adaptation (BRA).....................................................................................................................25-7
25.2.1 Introduction........................................................................................................................................25-7
25.2.2 Principle............................................................................................................................................. 25-8
25.3 Primary Rate Adaptation (PRA)................................................................................................................. 25-9
25.3.1 Introduction......................................................................................................................................25-10
25.3.2 Principle...........................................................................................................................................25-10
26 Overload Control....................................................................................................................26-1
26.1 MG Overload Control................................................................................................................................. 26-2
26.1.1 Introduction........................................................................................................................................26-2
26.1.2 Principles............................................................................................................................................26-3
26.1.3 Reference............................................................................................................................................26-9
26.2 Upstream Bandwidth Overload Control......................................................................................................26-9
26.2.1 Introduction......................................................................................................................................26-10
26.2.2 Principles..........................................................................................................................................26-10
xvi Huawei Proprietary and Confidential Issue 03 (2010-01-28)

26.3 MGC Overload Control.............................................................................................................................26-12

26.3.1 Introduction......................................................................................................................................26-12
26.3.2 Principles..........................................................................................................................................26-13
26.4 Broadband Packets Overload Control.......................................................................................................26-14
26.4.1 Introduction......................................................................................................................................26-14
26.4.2 Principles..........................................................................................................................................26-15
A Acronyms and Abbreviations................................................................................................A-1
Issue 03 (2010-01-28) Huawei Proprietary and Confidential xvii

Feature Description Figures
Figures
Figure 2-1 VDSL2 transmission architecture.......................................................................................................2-4

Figure 3-1 ADSL transmission architecture.........................................................................................................3-4
Figure 3-2 Tones and bandwidth for ADSL over POTS......................................................................................3-5
Figure 3-3 Tones and bandwidth for ADSL over ISDN......................................................................................3-6
Figure 3-4 Tones and bandwidth of ADSL2+......................................................................................................3-6
Figure 4-1 Typical application model of SHDSL................................................................................................4-3
Figure 4-2 Typical networking application of ATM SHDSL..............................................................................4-5
Figure 4-3 Typical application model of SHDSL................................................................................................4-7
Figure 4-4 Typical networking application of EFM SHDSL...............................................................................4-9
Figure 5-1 Application network of the line optimization feature.........................................................................5-5
Figure 6-1 Process of converting PPPoA packets into PPPoE packets................................................................6-3
Figure 7-1 IPoA implementation process.............................................................................................................7-3
Figure 8-1 Implementation of P2P FE optical access..........................................................................................8-3
Figure 9-1 802.1Q-based VLAN frame...............................................................................................................9-3
Figure 9-2 QinQ VLAN service process..............................................................................................................9-9
Figure 9-3 VLAN stacking service process........................................................................................................9-11
Figure 10-1 Process of the HWTACACS authentication of the user level upshift............................................10-3
Figure 11-1 Dynamic DNS.................................................................................................................................11-2
Figure 11-2 Dynamic DNS.................................................................................................................................11-4
Figure 13-1 ACL based filtering........................................................................................................................13-4
Figure 14-1 Schematic diagram of PQ...............................................................................................................14-5
Figure 14-2 Principle of two token buckets.....................................................................................................14-11
Figure 15-1 Process of the ANCP topology discovery and parameter configuration........................................15-3
Figure 15-2 Process of modifying the line parameters during a subscriber service update...............................15-4
Figure 15-3 Process of a remote connection test................................................................................................15-5
Figure 16-1 Schematic drawing of designated bridge and designated port........................................................16-4
Figure 17-1 Typical multicast application in a tree topology.............................................................................17-4
Figure 18-1 Single-PVC for multiple services which are differentiated by IPoE/PPPoE..................................18-5
Figure 18-2 Single-PVC for multiple services which are differentiated by VLAN IDs and 802.1p values......18-6
Figure 18-3 Implementation principles of multi-PVC for multiple services..................................................... 18-7
Figure 19-1 Manual link aggregation.................................................................................................................19-4
Figure 19-2 Static link aggregation....................................................................................................................19-5
Figure 20-1 System security application model of the MA5606T.....................................................................20-2
Issue 03 (2010-01-28) Huawei Proprietary and Confidential xix

Figures Feature Description
Figure 21-1 PPPoE dialup process in PITP V mode..........................................................................................21-4

Figure 21-2 VBAS packet format......................................................................................................................21-6
Figure 21-3 PPPoE dialup process in PITP P mode...........................................................................................21-8
Figure 21-4 Packet format in P mode.................................................................................................................21-9
Figure 21-5 PPPoE payload field format...........................................................................................................21-9
Figure 21-6 Vendor tag format.........................................................................................................................21-10
Figure 21-7 DHCP process with DHCP option82 enabled..............................................................................21-12
Figure 21-8 Format of a DHCP option82 field................................................................................................21-13
Figure 21-9 Sub options of DHCP option82....................................................................................................21-13
Figure 21-10 DHCP process when the DHCP Sub-Option90 is enabled.........................................................21-15
Figure 21-11 Subitem format of the DHCP Sub-Option90..............................................................................21-16
Figure 21-12 Format of a VMAC address........................................................................................................21-28
Figure 21-13 VMAC address switching process..............................................................................................21-29
Figure 21-14 PPPoA single-MAC service model............................................................................................21-31
Figure 21-15 PPPoE Single-MAC Service Model...........................................................................................21-32
Figure 23-1 Connectivity check.........................................................................................................................23-3
Figure 23-2 Loopback detection.........................................................................................................................23-4
Figure 23-3 LT...................................................................................................................................................23-5
Figure 23-4 Networking of an Ethernet EFM OAM application.......................................................................23-6
Figure 24-1 Principle of the VoIP feature based on the H.248 protocol............................................................24-4
Figure 24-2 Principle of the VoIP feature based on the MGCP protocol..........................................................24-6
Figure 24-3 Principles for implementing the VoIP feature based on the SIP protocol......................................24-9
Figure 25-1 ISDN system structure....................................................................................................................25-3
Figure 25-2 ISDN call control process-call setup 1...........................................................................................25-4
Figure 25-3 ISDN call control process-call setup 2...........................................................................................25-5
Figure 25-4 ISDN call control process-call disconnection.................................................................................25-6
Figure 25-5 Principles of the ISDN BRA..........................................................................................................25-8
Figure 26-1 Operating principles for implementing the MG overload control..................................................26-4
Figure 26-2 Principles for processing the POWER-DIALER............................................................................26-6
Figure 26-3 MG overload control process-Off-hook and on-hook of the PSTN subscriber..............................26-7
Figure 26-4 MG overload control process-ISDN subscriber acting as a caller..................................................26-8
Figure 26-5 MG overload control process-subscriber acting as a callee............................................................26-9
Figure 26-6 Processing on user off-hook in the case of upstream bandwidth overload control......................26-11
Figure 26-7 Processing on the callee in the case of upstream bandwidth overload control.............................26-12
Figure 26-8 Operating principles of the MGC overload control......................................................................26-13
xx Huawei Proprietary and Confidential Issue 03 (2010-01-28)

Feature Description Tables
Tables
Table 3-1 Glossary of technical terms related to ADSL2+..................................................................................3-3

Table 3-2 Acronyms and abbreviations related to ADSL2+................................................................................3-3
Table 4-1 Acronyms and abbreviations of the ATM SHDSL access feature.......................................................4-3
Table 4-2 TC-PAM encoding technology............................................................................................................4-4
Table 4-3 Acronyms and abbreviations of the EFM SHDSL access feature.......................................................4-7
Table 4-4 TC-PAM encoding technology............................................................................................................4-8
Table 5-1 Glossary of the DLM/DSM feature......................................................................................................5-3
Table 5-2 Acronyms and abbreviations of the DLM/DSM feature......................................................................5-3
Table 9-1 Meanings and purposes of the fields in a 802.1Q tag..........................................................................9-3
Table 10-1 Differences between HWTACACS and RADIUS...........................................................................10-3
Table 13-1 ACL types........................................................................................................................................ 13-2
Table 14-1 Mapping between the packet service priority and the queue...........................................................14-9
Table 21-1 Fields of a VBAS packet..................................................................................................................21-6
Table 21-2 Fields of a PPPoE packet...............................................................................................................21-10
Table 21-3 Fields of a DHCP option82 packet.................................................................................................21-13
Table 21-4 Details of each field in the DHCP Sut-Option90 packet................................................................21-16
Table 21-5 CID formats in various access modes............................................................................................21-18
Table 21-6 RAIO fields in service-port-userlabel mode..................................................................................21-19
Table 21-7 RAIO fields in dslforum-default mode..........................................................................................21-20
Table 21-8 User-defined keywords..................................................................................................................21-21
Table 21-9 User-defined separators..................................................................................................................21-24
Table 22-1 Glossary of technical terms related to a subtended network configuration..................................... 22-2
Table 22-2 Acronyms and abbreviations related to a subtended network configuration...................................22-3
Table 24-1 List of the VoIP services supported by the MA5606T.................................................................... 24-3
Table 26-1 Glossary of the overload control feature..........................................................................................26-3
Table 26-2 Acronyms and abbreviations of the overload control feature..........................................................26-3
Issue 03 (2010-01-28) Huawei Proprietary and Confidential xxi

Feature Description 1 GPON Upstream Transmission
1 GPON Upstream Transmission
About This Chapter
GPON upstream transmission means transmission of data through the GPON interface which is
the upstream interface.
1.1 Introduction
This topic describes the definition, purpose, specification, and availability of GPON upstream
transmission.
1.2 Principle
This topic describes the implementation principles of GPON upstream transmission.
1.3 Reference
This topic describes the reference documents of GPON upstream transmission.
Issue 03 (2010-01-28) Huawei Proprietary and Confidential 1-1

1 GPON Upstream Transmission Feature Description
1.1 Introduction
This topic describes the definition, purpose, specification, and availability of GPON upstream
transmission.
Definition
As a box-type mini DSLAM, the MA5606T is used to provide digital subscriber line (DSL)
broadband access to a small number of subscribers. To adapt to various networking modes, the
MA5606T provides gigabit-capable passive optical network (GPON) upstream ports. In this
way, the MA5606T, together with the optical line terminal (OLT), plays an important role in a
GPON network.
Purpose
The MA5606T supports GPON upstream ports. As a multi-dwelling unit (MDU), the MA5606T
takes full advantage of the wide coverage, flexible networking, and low maintenance cost of the
GPON network. The MA5606T, together with the OLT, provides high-bandwidth broadband
access for subscribers. Moreover, the MA5606T increases the number of subscribers of the OLT.
Specification
The MA5606T supports the following GPON upstream transmission specifications:
l CoS-based transmission container (T-CONT) queue mapping and scheduling
l Support of a GPON upstream port with a downstream rate of 2.488 Gbit/s and an upstream
rate of 1.244 Gbit/s.
l Support of eight T-CONTs with up to 32 GEM ports.
l Support of service configuration and management by the OLT to the MA5606T through
the OMCI.
Availability
l Hardware support
The GP1A board supports GPON upstream transmission.
l License support
The feature of GPON upstream transmission is a basic feature of the MA5606T. Therefore,
the corresponding service is provided without a license.
1.2 Principle
This topic describes the implementation principles of GPON upstream transmission.
The GPON upstream port of the MA5606T sends the Serial_Number_ONT PLOAM messages
to the OLT for registration. The OLT determines whether to register it according to the internal
serial number database.
After the MA5606T registers with the OLT successfully, the OLT allocates T-CONTs to the
MA5606T. The index of a T-CONT is an allocation ID (Alloc-ID) which ranges from 0 to 4095.
1-2 Huawei Proprietary and Confidential Issue 03 (2010-01-28)

Feature Description 1 GPON Upstream Transmission
The MA5606T supports up to eight T-CONTs. The OLT allocates bandwidth and sets bandwidth
parameters for these T-CONTs.
The upstream data packets from the switching fabric are mapped to the specified GEM port
through the classifier, and then mapped to the T-CONT.
The rule for the classifier is VLAN plus 802.1p priority.
You can configure the mapping actions of various traffic through the CLI or the element
management system (EMS).
1.3 Reference
This topic describes the reference documents of GPON upstream transmission.
The following lists the reference documents of GPON upstream transmission:
l ITU-T G.984.2, Gigabit-capable Passive Optical Networks (GPON): Physical Media
Dependent (PMD) Layer Specification
l ITU-T G.984.3, Gigabit-capable Passive Optical Networks (GPON): Transmission
Convergence Layer Specification

Feature Description 2 VDSL2 Access
2 VDSL2 Access
About This Chapter
VDSL2 supports a high bandwidth (symmetric rates of up to 100 Mbit/s). It addresses the
requirement for short distance and high rate of the next generation FTTx access scenarios.
2.1 Introduction
This topic describes the definition, purpose, specification, and availability of VDSL2 access.
2.2 Principle
This topic describes the implementation principles of VDSL2 access.
2.3 Reference
This topic describes the reference documents of VDSL2 access.

2 VDSL2 Access Feature Description
2.1 Introduction
This topic describes the definition, purpose, specification, and availability of VDSL2 access.
Definition
Very High Speed Digital Subscriber Line (VDSL) is a transmission technology that is used to
provide high-speed private line access over the twisted pair in the asymmetric or symmetric
mode.
VDSL2 is an extension of VDSL.
Purpose
VDSL2 supports a high bandwidth (symmetric rates of up to 100 Mbit/s). VDSL2 provides
multiple spectrum profiles and encapsulation modes. It meets the requirement for short distance
and high rate of the next generation FTTx access scenarios.
Specifications
The MA5606T supports the following VDSL2 access specifications:
l Compliance with ITU-T Recommendation G.993.2

l A maximum reach distance of 3.5 km
l Compatibility with ADSL/ADSL2+
l Support of the VDSL2/ADSL2+ compatible board, VDSL2 over POTS board, and VDSL2
over ISDN board to meet different service requirements
l Multiple spectrum profiles, including 8a, 8b, 8c, 8d, 12a, 12b, and 17a to meet different
application scenarios
l Power spectral density (PSD) control through UPBO/DPBO, RFI, PSD Mask, and Tone
Blackout
l Two encapsulation modes (ATM and PTM)
l Working in the ADSL/ADSL2+ mode when connecting to ADSL/ADSL2+ terminals
l BandPlan998 and BandPlan997
l Support of 24-port or 48-port VDSL2 boards
l Automatic rate adjustment according to the line conditions during the initialization
l Configuration, modification, and query of the VDSL2 configuration parameters (such as
line and channel mode)
l Reporting of alarm and maintenance information about the line and the channel
l VDSL2 terminal management
Based on the function, the VDSL2 modems can be maintained remotely through telnet, and
the software of the VDSL2 modems can be remotely upgraded in-service through TFTP.
l Configuration of the BITSWAP parameter.
l PPPoE+ sub option.

l Line template configuration change

Previously channel profile and line profile but now spectrum profile and service profile
instead are bound as a higher-level line template and then bound to a specific port.
l Configuration of the ANNEX M frequency band
l Power-saving of the xDSL line
Availability
l Hardware support
– The VDSA (VDSL2 over POTS) board supports 8b and 17a, and is compatible with 8a,
8c, 8d, 12a and 12b spectrum profiles.
– The 24-channel VDRD board supports 30a spectrum profile.
– The VDTF (VDSL2 over ISDN) board supports 8a, 8b, 8c, 8d, 12a, 12b, and 17a
spectrum profiles.
– The VDMF (VDSL2 over POTS) board supports 8a, 8b, 8c, 8d, 12a, 12b, and 17a
spectrum profiles.
– The VDNF (VDSL2 over ISDN) board supports 8b and 17a spectrum profiles.
– The modem must support the VDSL2 protocol.
l License support
The number of VDSL2 ports supported by the MA5606T is under license. Therefore, the
license is required for accessing the corresponding service.
2.2 Principle
This topic describes the implementation principles of VDSL2 access.
VDSL2 Compatibility
VDSL2 complies with the ITU-T Recommendation G993.2.
The International Telecommunications Union (ITU) specifies that VDSL2 must use the discrete
multi-tone (DMT) modulation method. VDSL2 is compatible with ADSL and ADSL2+.
Because VDSL is not widely applied, VDSL2 is not compatible with VDSL.
VDSL2 System Architecture
The system architecture of VDSL2 is similar to that of ADSL. VDSL2 supports three
independent application models:
l Pure data service model

l POTS and data service model
l ISDN and data service model
Figure 2-1 shows the VDSL2 transmission architecture.

2 VDSL2 Access Feature Description
Figure 2-1 VDSL2 transmission architecture

VTU-O VTU-R
gO a b gR
NTR-TC
NTR-TC
IO U IR
8-kHz 8-kHz
NTR NTR
MPS-TC
MPS-TC
MPS -
VME
OAM
VME
OAM
VME
interface interface
PMS - TC
PMS - TC
User application interfaces
User application interfaces

TPS- #0
TPS- #0
PMD
PMD
PMD
TPS-TC #1 TPS-TC
TPS-TC #1 TPS-TC
I/F I/F
I/F I/F
Application specific Application invariant Application specific
Unspecified Main body and Main body Main body and Unspecified
Annexes Annexes
A VDSL2 device consists of three parts:

l TPS-TC
– TPS-TC is related with specific applications. It performs the mapping of the user
interface data and the control signals to and from the TPS-TC synchronization data
interface.
– TPS-TC sends and receives control messages through the payload channel of the PMS-
TC layer.
– The PMS-TC function module provides a procedure for VDSL Transceiver Unit (VTU)
management. The MPS-TC function module communicates with the higher level
function entity of the management plane. The management messages are exchanged
between the MPS-TC function entities of the VTU through the VDSL payload channel.
l PMS-TC
– PMS-TC multiplexes of the VDSL payload and the TPS-TC data traffic.
– The basic functions are: framing, frame synchronization, scrambling/descrambling,
forward error correction (FEC), and error check.
– It provides a payload channel for delivering control messages of the TPS-TC, PMS-TC
and PMD layers in addition to the messages from the management interface.
l PMD
– The basic functions are: regular element generation and recovery, coding/decoding,
modulation/demodulation, echo cancellation, line equalization, and link start.
– The PMD layer also sends and receives control messages through the payload channel
of the PMS-TC layer.

The VDSL2 board of the MA5606T provides these function modules as specified by G993.2.
In addition, the MA5606T provides a VDSL2 management module in compliance with G997.1
and TR090, thus supporting line management based on the line, channel and spectrum profile
to address different requirements.
2.3 Reference
This topic describes the reference documents of VDSL2 access.
The following lists the reference documents of VDSL2 access:
l ITU-T G.993.1: Very high speed digital subscriber line transceivers
l ITU-T G.993.2: Very high speed digital subscriber line 2

Feature Description 3 ADSL2+ Access
3 ADSL2+ Access
About This Chapter
Asymmetrical digital subscriber loop (ADSL) is an asymmetric transmission technology that is

used to transmit data at high speed over the twisted pair. ADSL2+ is an extension of ADSL. The
upstream rate of ADSL2+ reaches 2.5 Mbit/s, and the downstream rate reaches 24 Mbit/s. The
maximum reach of ADSL2+ is 6.5 km.
3.1 Introduction
This topic describes the definition, purpose, specification, glossary, and also acronyms and
abbreviations related to ADSL2+ access.
3.2 Principle
This topic describes the operating principles of ADSL2+ access.
3.3 Reference
This topic describes the reference documents of ADSL2+ access.

3 ADSL2+ Access Feature Description
3.1 Introduction
This topic describes the definition, purpose, specification, glossary, and also acronyms and
abbreviations related to ADSL2+ access.
Definition
Asymmetrical digital subscriber loop (ADSL) is an asymmetric transmission technology that is
used to transmit data at high speed over the twisted pair.
ADSL2+ is an extension of ADSL. The upstream rate of ADSL2+ reaches 2.5 Mbit/s, and the
downstream rate reaches 24 Mbit/s. The maximum reach of ADSL2+ is 6.5 km.
Purpose
The ADSL technology adopts asymmetric transmission to provide high-speed dada access
service.
Specification
The MA5606T supports the following specifications:
l Compatibility with ADSL and ADSL2

l A maximum upstream rate of 2.5 Mbit/s
l A maximum downstream rate of 24 Mbit/s
l A maximum reach of 6.5 km
l Support of ADSL2+ board and POTS access
l Transmission mode (Annex A, Annex B, Annex L, Annex M and Annex J)
l Fast bit switchover
l Power management
l Power cut back function on the CO and the CPE
l Automatic rate adjustment according to the line conditions during the initialization
l Pilot floating
l Pilot selection based on channel coditions
l Support of tone transmit power control based on CO-MIB (spectrum shaping Tssi)
l Dynamic seamless rate auto-sensing to improve the adaptability for line parameters
l Single ended loop test (SELT)
l Configuration, modification and query of the ADSL configuration parameters (such as line
and spectrum)
l Report of alarm and maintenance information on the line and channel
l Support of 32 ports and 64 ports ADSL2+ boards

Availability
l Hardware Support
– The ADIF/ADLF, ADPD/ADQD boards support this feature.
– The modem must support the ADSL/ADSL2+ protocols.
l License Support
The number of ADSL2+ ports supported by the MA5606T is under license. Therefore, the
Glossary
Table 3-1lists the glossary of technical terms related to ADSL2+ access.
Table 3-1 Glossary of technical terms related to ADSL2+
Glossary Definition
SELT The single ended loop test includes:

l Line type
l Line length
l Terminal type
l Local noise
l Bridge tap
Tone It is the sub-carrier. For example, when the bandwidth of 1

MHz is divided into 256 sub-carriers, each carrier is called as
a tone.
Acronyms and Abbreviations

Table 3-2lists the acronyms and abbreviations related to ADSL2+ access.
Table 3-2 Acronyms and abbreviations related to ADSL2+
Acronym Full Expansion
ADSL Asymmetrical Digital Subscriber Loop
POTS Plain Old Telephone Service
ISDN Integrated Services Digital Network
CO Central Office
CPE Customer Premise Equipment
DMT Discrete Multi-Tone

3.2 Principle
This topic describes the operating principles of ADSL2+ access.
ADSL System Architecture

Based on provided functions, the ADSL transceiver is divided into:
l TPS-TC (convergence sub layer related to transmission protocol)
l PMS-TC (convergence sub layer related to physical medium)
l PDM (sub layer related to physical medium)
l MPS-TC (convergence sub layer related to management protocol for BMS interface)
Each sub layer is encapsulated and defined with the information between sub layers to perform
intercommunication among different manufactures. Figure 3-1 shows the ADSL transmission
architecture.
Figure 3-1 ADSL transmission architecture
l TPS-TC
– TPS-TC is related to specific application. It performs the mapping of the user interface
data and the control signals to and from the TPS-TC synchronization data interface.
– TPS-TC sends and receives control signals through the payload channel of the PMS-
TC layer.
– The MPS-TC function module provides a procedure for ADSL transceiver unit (ATU)
management. The MPS-TC function module communicates with the higher level

function entity of the management plane. The management messages are exchanged
between the MPS-TC function entities of the ATU through the ADSL payload channel.
l PMS-TC
– PMS-TC multiplexes of the ADSL payload and the TPS-TC data traffic.
– The basic functions are: framing, frame synchronization, scrambling/descrambling,
forward error correction (FEC), and error check.
– It provides a payload channel for delivering control messages of the TPS-TC, PMS-TC
and PMD layers in addition to the messages from the management interface.
l PMD
– The basic functions are: regular element generation and recovery, coding/decoding,
modulation/demodulation, echo cancellation, line equalization, and link start.
– The PMD layer also sends and receives control messages through the payload channel
of the PMS-TC
ADSL Principles
ADSL provides a total bandwidth of 1.104 MHz. By using DMT, ADSL splits the bandwidth
into 256 tones (0-255). Since ADSL over POTS is different from ADSL over ISDN, the division
of the 256 tones is different.
Figure 3-2 shows the tones and bandwidth for ADSL over POTS.
Figure 3-2 Tones and bandwidth for ADSL over POTS

POTS Upstream Downstream
0 6 32 255
4kHz 26kHz 138kHz 1104 kHz
l The 0-5 are reserved to transmit the 4 kHz analog voice signals.
l The 6-31 are used to transmit uplink data over the bandwidth of 26-138 kHz.
l The 32-255 are used to transmit downlink data over the bandwidth of 138-1104 kHz.
Figure 3-3 shows the tones and bandwidth for ADSL over ISDN.

Figure 3-3 Tones and bandwidth for ADSL over ISDN

ISDN Upstream Downstream
0 32 64 255
120kHz 138kHz 276kHz 1104kHz
l Tones 0-31 are reserved to transmit the 120 kHz ISDN signals.
l Tones 32-63 are used to transmit uplink data over the bandwidth of 138-276 kHz.
l Tones 64-255 are used to transmit downstream data over the bandwidth of 276-1104 kHz.
NOTE
Each tone occupies a bandwidth of 4.3125 KHz for transmission.

When an ADSL terminal unit (ATU) uses echo cancellation, the ADSL signals can be transmitted in the
overlapped mode, which means to extend the downstream bandwidth to the uplink bandwidth so that the
uplink and downstream ADSL signals can share transmission channels.
Each ADSL tone can transmit datagram of 1-15 bits. The actual capacity of each tone depends
on the real-time transmission performance such as the attenuation, delay and noise.
ADSL2+ Principles
ADSL2+ extends the bandwidth of ADSL to 2.208 MHz and uses DMT to split the bandwidth
into 512 tones (0-511). Figure 3-4 shows the tones and bandwidth of ADSL2+.
Figure 3-4 Tones and bandwidth of ADSL2+

When the data transmission mode is Annes A, Annex B, or Annex L, the tones are allocated as
follows:
l Tones 0-5 are reserved to transmit the 4 kHz analog voice signals.
l – Annex A/Annex L: Sub-carriers 6-31 are used to transmit the upstream data at the
frequency of 26-138 kHz.
– Annex B: Sub-carriers 6-31 are used to transmit the upstream data at the frequency of
120-276 kHz.
When the data transmission mode is Annes M, the tones are allocated as follows:
l Tones 0-5 are reserved to transmit the 4 kHz analog voice signals.
l Sub-carriers 6-63 are used to transmit the upstream data at the frequency of 26 kHz-f1,
where f1 ranges from 138 kHZ through 276 kHZ.
ADSL2+ extends bandwidth and improves the transmission efficiency by enhancing

modulation, reducing overhead and optimizing frame structure.
3.3 Reference
This topic describes the reference documents of ADSL2+ access.
The following lists the reference documents of ADSL2+ access;
l G992.1 Asymmetric digital subscriber line (ADSL) transceivers
l G992.3 Asymmetric digital subscriber line transceivers 2 (ADSL2)
l G992.5 Asymmetric Digital Subscriber Line (ADSL) transceivers - Extended bandwidth
ADSL2 (ADSL2plus)

Feature Description 4 SHDSL
4 SHDSL
About This Chapter
SHDSL is an xDSL access technology, just like ADSL and VDSL. SHDSL provides the
symmetric upstream and downstream rates.
4.1 ATM SHDSL Access

This topic describes the definition, purpose, specification and limitations of ATM SHDSL access
feature. It also provides the glossary and the acronyms and abbreviations related to the ATM
SHDSL access feature.
4.2 EFM SHDSL Access
This topic describes the definition, purpose, specification and limitations of EFM SHDSL access
feature. It also provides the glossary and the acronyms and abbreviations related to the EFM

4 SHDSL Feature Description
4.1 ATM SHDSL Access

This topic describes the definition, purpose, specification and limitations of ATM SHDSL access
feature. It also provides the glossary and the acronyms and abbreviations related to the ATM
4.1.1 Introduction
This topic describes the definition, purpose, specification, limitation, glossary, and also
acronyms and abbreviations of the ATM SHDSL access feature.
4.1.2 Principle
This topic describes the operating principles of the ATM SHDSL access feature.
4.1.3 Reference
This topic describes the reference documents of the ATM SHDSL access feature.
4.1.1 Introduction
acronyms and abbreviations of the ATM SHDSL access feature.
Definition
The symmetric upstream and downstream rates of ATM SHDSL determine that bi-directional
rates of the supported service must be basically the same. In addition, ATM SHDSL features a
longer transmission distance. Hence, ATM SHDSL can be widely used.
Purpose
ATM SHDSL provides symmetric broadband access services for subscribers to meet the
requirement for high downstream rate from SOHO subscribers. ATM SHDSL applications are
similar to ADSL applications and the ATM SHDSL and ADSL applications are mutually
complementary.
Specification
l Single-pair, two-pair SHDSL Line rate in the single-pair mode ranges from 192 kbit/s to
2312 kbit/s, and line rate in the two-pair mode doubles the line rate in the single-pair mode
The rate adjustment granularity is 16 kbit/s.
l The SHLB board supports the single-pair and two-pair modes.
l Network timing reference (NTR) clock
l Automatic rate adjustment according to the line conditions during initialization
l Reporting of the alarms and maintenance information of lines
l PPPoE+ sub option
l Dynamic adjustment of the specifications of the SHDSL line profile and alarm profile

Availability
Hardware Support
None
License Support
The port rate measurement function supported by the MA5606T is under license. Therefore, the
corresponding service is also under license.
Glossary
None
Table 4-1 Acronyms and abbreviations of the ATM SHDSL access feature
Acronym/Abbreviation Full Name
SHDSL Single-line high speed digital subscriber line
HDSL High-speed digital subscriber line
TC-PAM Trellis coded pulse amplitude modulation
ATM Asynchronous transfer mode
4.1.2 Principle
This topic describes the operating principles of the ATM SHDSL access feature.
Typical Application Model

The SHDSL operating principles are based on the G.991.2(2001) standard.
Figure 4-1 Typical application model of SHDSL
S/T
User
Terminal
U-R U-C U-R U-C U-R U-C V
CO
..
.
STU-R DLL SRU DLL DLL STU-C Netw ork

S/T
User
Terminal
.. Optional
.
T1541150-00
Optional (114701)
One SHDSL system consists of an STU-C, an STU-R, and a subscriber terminal. Multiple
repeaters can be added to the line between the STU-C and the STU-R.

l The STU-C provides service ports at the central office.

l The STU-R provides subscriber ports for connecting to multiple subscriber terminals.
l The SHDSL repeater unit (SRU) refers to the repeater. In ultra-long distance transmission,
it recovers signals and re-transmits signals to increase the transmission distance.
The MA5606T does not support repeaters.
Terminal Model
The SHDSL terminal model consists of the following parts:
l PDM module
– The PDM module implements functions such as: Regular code element generation and
recovery, coding/decoding, modulation/demodulation, echo control, linear
equalization, and link start
– SHDSL mainly uses the trellis coded pulse amplitude modulation (TC-PAM)
technology.
l PMS-TC module
The PMS-TC module implements functions such as: framing, frame synchronization
scrambling, and descrambling
l TPS-TC module
The TPS-TC module implements functions such as: mapping and encapsulation of data
frames, multiplexing and demultiplexing, timing alignment of multiple subscriber data
channels
l I/F interface of the device at the central office
– It mainly provides the ATM port.
– The ATM port is used for transmitting ATM cells over the ATM network, or according
to the carried packets, transmitting Ethernet packets encapsulated by the SAR module
or E1/V3.5 signals over the Ethernet network.
l I/F interface of the device on the subscriber side
It corresponds to the I/F interface of the device at the central office. In general, the I/F
interface is used for providing Ethernet ports or E1/V.35 ports.
When the MA5606T uses the SHLB board, the TC-PAM encoding technology is shown as the
following table.
Table 4-2 TC-PAM encoding technology
Compliant Describes...
Standards
SHDSL R = n´64 + (i)´8, 3 ≤ n ≤ 36 and 0 ≤ i ≤ 7 (192 kbit/s to 2312 kbit/s)
When the MA5606T uses the SHLB board, the TC-PAM encoding technology is shown as the
following table.
The SHLB board of the MA5606T is based on ATM. The board provides the Ethernet port (for
broadband access) or E1/V.35 port (for private line access) for connecting subscriber terminals.

In the upstream direction, the board is connected to the metropolitan area network (MAN)
through the upstream board.
Typical Networking Application

The following figure shows the typical networking application of ATM SHDSL.
Figure 4-2 Typical networking application of ATM SHDSL
IPTV server
FE/GE 0/8
I I S
P P D
MA5606T MM L
B
ATM SHDSL ATM SHDSL
Modem Modem
PC_A PC_B
4.1.3 Reference
This topic describes the reference documents of the ATM SHDSL access feature.
The following lists the reference documents of this feature:
l ITU-T Recommendation G.991.2 (2001), Single-pair high-speed digital subscriber line
(SHDSL) transceivers
4.2 EFM SHDSL Access

This topic describes the definition, purpose, specification and limitations of EFM SHDSL access
feature. It also provides the glossary and the acronyms and abbreviations related to the EFM
4.2.1 Introduction
acronyms and abbreviations of the Ethernet in the first mile (EFM) SHDSL access feature.

4.2.2 Principle
This topic describes the operating principles of the EFM SHDSL access feature.
4.2.3 Reference
This topic describes the reference documents of the EFM SHDSL access feature.
4.2.1 Introduction
acronyms and abbreviations of the Ethernet in the first mile (EFM) SHDSL access feature.
Definition
EFM SHDSL integrates the advantages of the SHDSL technology and the ADSL technology.
That is, EFM SHDSL can provide traditional voice service and high rate Internet access service
over common twisted pairs to meet the requirements for high definition TV service and VoD
service from subscribers, which suit the last mile access for broadband to the campus.
Purpose
The utilization ratio of the EFM access service is high when the activation rates of the ATM and
EFM access services are the same. Hence, if the subscriber terminal supports ATM and EFM
SHDSL access services simultaneously, the EFM SHDSL access service is preferred.
Specification
l A maximum transmission distance of 6 km
l Network timing reference (NTR) clock
l Ethernet access service
l Automatic rate adjustment according to the line conditions during initialization
l Reporting the alarms and maintenance information of lines
l Four modes of binding EFM ports: single-pair (one port), two-pair (two ports), three-pair
(three ports), and four-pair (four ports)
l Line rate ranging from 192 kbit/s to 5696 kbit/s in the single-pair mode
l The line rate of the bound two, three, or four EFM ports is double, triple, or quadruple the
line rate of a single port. Each port in an EFM binding group can be activated or deactivated
independently. Hence, in a specific application, the line rate of the binding group varies
according to the number of the activated ports in the group.
Glossary
None

Acronym and Abbreviations
Table 4-3 Acronyms and abbreviations of the EFM SHDSL access feature
Acronym and Full Name

Abbreviations
EFM Ethernet in the first mile
4.2.2 Principle
This topic describes the operating principles of the EFM SHDSL access feature.
Typical Application Model

The SHDSL operating principles are based on the G.991.2 (2001) standard.
Figure 4-3 Typical application model of SHDSL
S/T
User
Terminal
U-R U-C U-R U-C U-R U-C V
CO
..
.
STU-R DLL SRU DLL DLL STU-C Netw ork

S/T
User
Terminal
.. Optional
.
T1541150-00
Optional (114701)
One SHDSL system consists of an STU-C, an STU-R, and a subscriber terminal. Multiple
repeaters can be added to the line between the STU-C and the STU-R.
l The STU-C provides service ports at the central office.

l The STU-R provides subscriber ports for connecting to multiple subscriber terminals.
l The SHDSL repeater unit (SRU) refers to the repeater. In ultra-distance transmission, it
recovers signals and re-transmits signals to increase the transmission distance.
The MA5606T does not support repeaters.
Terminal Model
The SHDSL terminal model consists of the following parts:
l PDM module

– The PDM module implements functions such as: Regular code element generation and
recovery, coding/decoding, modulation/demodulation, echo control, linear
equalization, and link start
– SHDSL mainly uses the trellis coded pulse amplitude modulation (TC-PAM)
technology.
l PMS-TC module
The PMS-TC module implements functions such as: framing, frame synchronization
scrambling, and descrambling
l TPS-TC module
The TPS-TC module implements functions such as: mapping and encapsulation of data
frames, multiplexing and demultiplexing, timing alignment of multiple subscriber data
channels
l I/F interface of the device at the central office
– Providing ATM ports or circuit interfaces
– The ATM port is used for transmitting ATM cells over the ATM network, or according
to the carried packets, transmitting Ethernet packets encapsulated by the SAR module
or E1/V3.5 signals over the Ethernet network or E1 links.
– The circuit interface is used for transmitting E1 or V.35 signals directly through the
time division multiplexing (TDM) network.
l I/F interface of the device on the subscriber side
It corresponds to the I/F interface of the device at the central office. In general, the I/F
interface is used for providing Ethernet ports (for delivering ATM cells processed by the
SAR module) or E1/V.35 ports.
Table 4-4 TC-PAM encoding technology

Compliant Describes...
Standards
SHDSL R = n´64 + (i)´8, 3 ≤ n ≤ 89 and 0 ≤ i ≤ 7 (192 kbit/s to 5696 kbit/s)
Typical Networking Application

The following figure shows the typical networking application of EFM SHDSL.

Figure 4-4 Typical networking application of EFM SHDSL
IPTV
LAN Switch
FE/GE 0/7
SS S
CC H
MA5606T UU L
B
ATM SHDSL EFM SHDSL
Modem Modem
PC_A PC_B
4.2.3 Reference
This topic describes the reference documents of the EFM SHDSL access feature.
l ITU-T Recommendation G.991.2 (2001), Single-pair high-speed digital subscriber line
(SHDSL) transceivers

Feature Description 5 DLM/DSM
5 DLM/DSM
About This Chapter
This topic describes the DLM/DSM feature in its introduction, principles, and reference.
5.1 Introduction
This topic provides the definition, purpose, specifications, limitations, glossary, and acronyms
and abbreviations of the DLM/DSM feature.
5.2 Principle
This topic describes the working principles of the DLM/DSM feature.
5.3 Reference
This topic provides the reference documents of the DLM/DSM feature.

5 DLM/DSM Feature Description
5.1 Introduction
and abbreviations of the DLM/DSM feature.
Definition
Line optimization refers to improving the line quality and performance by adjusting line
parameters. It is one solution to dynamic line optimization, and is mainly implemented through
the N2510.
The N2510 provides line test and protection for carriers' copper cables, featuring the following:
l Ensuring line services and fault location during operation

l Providing superior line management solutions to customers
l Meeting the requirement of line analysis and management
l Reducing the OPEX
Purpose
Line optimization aims at implementing dynamic management of lines, including the following
functions:
l Collecting the line information
l Locating the line fault
l Managing the optimization profile
Specifications
The MA5606T supports the following specifications of the DLM/DSM feature.
l Collecting of the DLM/DSM optimization information of a specified board and query of

the collecting status of the DLM/DSM optimization information of a specified board or all
boards
l Displaying the parameters of the xDSL port, including the Hlog(i) of each sub-carrier, Qln
(i) of each sub-carrier, TxPSD(i) of each sub-carrier, SNR(i) of each sub-carrier, SNRM(i)
of each sub-carrier, gi of each sub-carrier, bi of each sub-carrier, coding gain, and actual
size of Reed-Solomon codeword (NFEC)
l 1000 optimization profiles you can add, modify, delete, and query an optimization profile.
The parameters in the optimization profile are classified for configuration. The parameters
configured in an optimization profile are as follows:
– Line transmission mode
– Upstream/downstream bit swap parameters
– SNR margin, including upstream/downstream target SNR margin, upstream/
downstream minimum SNR margin, and upstream/downstream maximum SNR margin
– Upstream/downstream interleave delay
– Upstream/downstream INP

– Power management parameters, including whether the transition to the idle state is
allowed, whether the transition to the low power state is allowed, the shortest time for
a line to be in the full-power state, the minimum time between entry into the L2 low
power state and the first L2 low power trim request and between two consecutive L2
power trim requests, each transmit power reduction in the L2 power state, and the
maximum aggregate transmit power reduction that is allowed in the L2 power state
– Upstream/downstream sub-carrier blackout parameters
– Mode-related parameters, including transmission mode, maximum upstream/
downstream aggregate nominal transmit power, upstream/downstream PSD mask, and
maximum upstream/downstream aggregate nominal transmit power
l Bind of an optimization profile to a port and unbinding of an optimization profile from a
port
l Query of the optimization profile bound to a port
Limitation
When configuring an optimization profile, make sure that the parameters meet the following
conditions:
l For the upstream SNR: maximum SNR margin ≥ target SNR margin ≥ minimum SNR
margin
l For the power status parameter: each transmit power reduction in the L2 power state ≤
maximum aggregate transmit power reduction that is allowed in the L2 power state
Glossary
Table 5-1 Glossary of the DLM/DSM feature
Glossary Description
Noise margin The SNR margin refers to the space that is reserved when the
system allocates bits. When decrease of the SNR caused by
the environment change does not exceed the SNR margin, the
BER can be guaranteed to be less than 10-7.
Interleaved delay Interleave causes delay. Interleave delay is composed of two

parts: FEC coding time and interleave time.
Table 5-2 Acronyms and abbreviations of the DLM/DSM feature
DLM Dynamic line management
DSM Dynamic spectrum management
SNR Signal noise ratio

5 DLM/DSM Feature Description
NFEC Actual size of reed-solomon codeword
INP Impulse noise protection
Availability
l Hardware Support
The VDSA, VDTF, VDNF and VDMF boards support the DLM/DSM feature.
l License Support
The DLM/DSM feature is an optional feature of the MA5606T, and the corresponding
service is under license. The following resources are under license:
– VDSL port
– AnnexM resources
– INP+ resources
– Resources bound to the optimization profile
5.2 Principle
This topic describes the working principles of the DLM/DSM feature.
Compatibility of Line Optimization

The DLM/DSM feature supports optimization for the lines in the VDSL access mode.
Line Optimization System Architecture

The line optimization system architecture is based on VDSL and N2510; however, it is an
independent application model.
l The optimization profile is a model similar to the VDSL profile.
l The N2510 is a model similar to the BMS platform.
l Line optimization is mainly implemented on the N2510.
l The MA5606Tmainly collects the optimization information, and configures parameters
according to the new optimization line.

Figure 5-1 Application network of the line optimization feature

OSS
xml xml
N2000BMS
xml
N2510
OLT DSLAM
VDSL2
DSLAM USER
USER
5.3 Reference
This topic provides the reference documents of the DLM/DSM feature.
l Description of MA5600 V800R062 xDSL Feature Software Requirements and
Specifications
l Details About VDSL2 Parameters

Feature Description 6 PPPoA Access
6 PPPoA Access
About This Chapter
PPPoA access is an access mode in which users can transmit PPPoA packets to the PPPoE server
based on Ethernet.
6.1 Introduction
This topic describes the definition, purpose, specification, and availability of PPPoA access.
6.2 Principle
This topic describes the implementation principles of PPPoA access.
6.3 Reference
This topic describes the reference documents of PPPoA access.

6 PPPoA Access Feature Description
6.1 Introduction
This topic describes the definition, purpose, specification, and availability of PPPoA access.
Definition
Point-to-Point Protocol over ATM Adaptation Layer 5 (PPPoA) access is an access mode in
which users can transmit PPPoA packets to the PPPoE server, that is, the upper layer broadband
remote access server (BRAS) based on Ethernet.
The access device needs to handle the PPPoA packets from users and the PPPoE packets of the
PPPoE server to realize the interworking function (IWF) between PPPoA packets and PPPoE
packets.
Purpose
PPPoA access is used to realize the IWF between PPPoA and PPPoE for the transition from the
ATM network to the IP network.
Specification
The MA5606T supports the following PPPoA specifications:
l PPP LLC and PPP VC-MUX encapsulation modes, and auto-sensing of the two modes
l PPP MRU≥1492 bytes
l Up to 128 PPPoA users
Availability
l Hardware support
All the ATM service boards support PPPoA access.
l License support
The conversion from PPPoA to PPPoE is an optional feature of the MA5606T. Therefore,
the license is required for accessing the corresponding service.
6.2 Principle
This topic describes the implementation principles of PPPoA access.
Figure 6-1 shows the process of converting PPPoA packets into PPPoE packets.

Feature Description 6 PPPoA Access
Figure 6-1 Process of converting PPPoA packets into PPPoE packets
State=disconnected
LCP Config-Req
PPPoE PADI
PPPoE PADO
PPPoE
PPPoE PADR Discovery stage
PPPoE PADS
State=connected
PPPoE (LCP Config-Req )

PPPoE (LCP Config-Ack)
LCP Config-Ack
PPP packet
PPPoE (PPP packet) PPPoE
. Session stage
.
.
.
.
PPP packet .
PPPoE (PPP packet) PPP session
terminates
State=disconnected PPPoE PADT
RG Access
BRAS
Node
The PPPoA implementation process is as follows:

1. After receiving an LCP Config-Req from a PPPoA user, the MA5606T saves it in its buffer,
and initiates a PPPoE session. In this session, the PADI packet is broadcast, and the source
MAC address of the packet is that allocated by the MA5606T to the PPPoA user.
2. The BRAS sends the PADO packet to the MA5606T.
3. The MA5606T obtains the MAC address of the BRAS, and sends the PADR packet to the
BRAS.
4. The BRAS sends the PADS packet to the MA5606T.
5. After obtaining the session ID, the MA5606T sends the saved LCP Config-Req to the BRAS
to enter into the PPPoE session stage.
6. The user sends PPP data packets to the MA5606T. Then, the MA5606T encapsulates the
data packets into PPPoE packets according to the MAC address of the BRAS and the MAC
address allocated by the MA5606T to the user, and sends the packets to the BRAS. For the
downstream packets, the process is on the contrary.
7. The BRAS sends the PADT packet or the PPPoA user sends the LCP Configure Terminate
packet to terminate the session.
6.3 Reference
This topic describes the reference documents of PPPoA access.

6 PPPoA Access Feature Description
The following lists the reference documents of PPPoA access:

l IETF RFC2364: PPP Over AAL5
l IETF RFC2516: A Method for Transmitting PPP Over Ethernet (PPPoE)
l DSL Forum TR-101: Migration to Ethernet-Based DSL Aggregation

Feature Description 7 IPoA Access
7 IPoA Access
About This Chapter
IPoA access is an access mode in which the payloads of IP packets are converted into Ethernet
frames for upstream transmission to the upper layer network, and the downstream IPoE packets
are converted into IPoA packets and then forwarded to users.
7.1 Introduction
This topic describes the definition, purpose, specification, and availability of IPoA access.
7.2 Principle
This topic describes the implementation principles of IPoA access.
7.3 Reference
This topic describes the reference documents of IPoA access.

7 IPoA Access Feature Description
7.1 Introduction
This topic describes the definition, purpose, specification, and availability of IPoA access.
Definition
IPoA access is an access mode in which:
l The IPoA packets are analyzed and the payloads of IP packets are converted into Ethernet
frames for upstream transmission to the upper layer network.
l The downstream IPoE packets are converted into IPoA packets and then forwarded to users.
Purpose
IPoA access is usually used for leased line access for the transition from the ATM network to
the IP network.
Specification
The MA5606T supports the following IPoA specifications:
l Compliance with RFC2684 to support IPoA static users
l Compliance with RFC1577 to support IPoA dynamic users
l Up to 128 IPoA users
l Up to 512 different user gateways
l Automatic discovery of the LLC-IP encapsulation mode
l L2 and L3 IPoA applications
Availability
l Hardware support
– All the ATM service boards support IPoA access.
– The modem must support RFC2684 or RFC1577.
l License support
The conversion from IPoA to IPoE is an optional feature of the MA5606T. Therefore, the
7.2 Principle
This topic describes the implementation principles of IPoA access.
L2 IPoA
In this scenario, the MA5606T works in L2 routing mode. The IP address of the default user
gateway is the IP address of the upper layer router. The MA5606T converts IPoA packets into
IPoE packets without the L3 routing function.

Feature Description 7 IPoA Access
The user gateways of IPoA must be configured by the administrator, and multiple IPoA users
can use the same gateway.
L3 IPoA
In this scenario, the MA5606T works in L3 routing mode. The IP address of the default user
gateway is the IP address of the L3 interface of the MA5606T. The MA5606T converts IPoA
packets into IPoE packets, and forwards them according to the destination IP addresses.
The user gateways of IPoA must be configured by the administrator, and multiple IPoA users
can use the same gateway.
Static/Dynamic IPoA Users
If the modem supports only ATM Adaptation Layer 5 (AAL5) frames encapsulated in VC-IP
mode, the MA5606T cannot obtain the IP address of the modem. In this case, the administrator
of the MA5606T shall configure the source IP address of the static user.
If dynamic IPoA user terminals comply with RFC1577, the MA5606T can obtain the IP address
of the WAN interface in the modem through the ATM ARP packets.
Process
The MA5606T allocates a source MAC address for each IPoA user, and obtains the MAC address
of the user gateway through the ARP protocol. These two MAC addresses are the source and
destination MAC addresses of Ethernet frames for conversion between ATM packets and
Ethernet frames.
Figure 7-1 shows the IPoA implementation process.
Figure 7-1 IPoA implementation process
PC Modem MA5606T L2/L3
IP IP IP IP
MAC MAC AAL5 AAL5 MAC MAC MAC
ETH ETH ADSL ADSL ETH ETH ETH
7.3 Reference
This topic describes the reference documents of IPoA access.
The following lists the reference documents of IPoA access:
l RFC2684: Multiprotocol Encapsulation over ATM Adaptation Layer 5

7 IPoA Access Feature Description
l RFC1577: Classical IP and ARP over ATM

Feature Description 8 P2P FE Optical Access
8 P2P FE Optical Access
About This Chapter
Point-to-point (P2P) Ethernet optical access refers to the P2P FTTH access provided by the P2P
Ethernet optical access board and the ONT, which meets the requirements for the application of
the next generation access device under the integration of video, voice, and data services.
8.1 Introduction
This topic describes the definition, purpose, specification, limitation, and availability of P2P FE
optical access.
8.2 Principle
This topic describes the implementation principles of P2P FE optical access.
8.3 Reference
This topic describes the reference documents of P2P FE optical access.

8 P2P FE Optical Access Feature Description
8.1 Introduction
This topic describes the definition, purpose, specification, limitation, and availability of P2P FE
optical access.
Definition
Point-to-point (P2P) FE optical access means the point-to-point FTTH access provided by the
MA5606T based on the combination between its P2P FE optical access board and the ONTs.
Purpose
P2P FE optical access solution provides P2P FTTH access services. It is especially suitable for
the residential neighborhoods with fiber to the home, and can provide the bandwidth of 100
Mbit/s to satisfy the users' requirements for the next generation access equipment which
integrates video, voice, and data services.
Specification
The MA5606T supports the following P2P FE optical access specifications:
l Every OPFA board supports up to 16 100 Mbit/s FE optical ports.

l A service shelf can be configured with up to OPFA boards, providing up to FE optical ports.
l Every port supports up to eight traffic streams.
l Support the function of synchronizing Ethernet packets.
Limitation
A GE optical port cannot be used for P2P FE optical access.
Availability
l Hardware support
The OPFA board and the FE ONTs need to support the feature of P2P FE optical access.
l License support
The feature of P2P FE optical access is the basic feature of the MA5606T. Therefore, no
8.2 Principle
This topic describes the implementation principles of P2P FE optical access.
Figure 8-1 shows the implementation of the P2P FE optical access.

Feature Description 8 P2P FE Optical Access
Figure 8-1 Implementation of P2P FE optical access
MA5606T
MCU
OPFA ...... OPFA
FE
P2P ONT
STB
Phone
PC IPTV
The upstream packets sent from the user end are processed as follows:
1. After modulation on the ONT, the upstream packets are sent to the OPFA board of the
MA5606T through a fiber.
2. The OPFA board processes the upstream packets according to the user's configuration, and
then sends the processed packets to the control board of the MA5606T through the
backplane bus.
3. After receiving the packets, the control board forwards the packets to the upper layer
network through the upstream port.
The downstream packets sent from the network end are processed as follows:
1. After the downstream packets from the upper layer network reach the control board of the
MA5606T through the upstream port.
2. The control board forwards the packets to the OPFA interface board through the backplane
bus according to the learning results during the upstream forwarding.
3. The OPFA board processes the downstream packets, and sends the processed packets to
the user end.
8.3 Reference
This topic describes the reference documents of P2P FE optical access.
For the standards compliance of the feature of P2P FE optical access, see "Standards
Compliance" in the MA5606T Product Description.

Feature Description 9 VLAN
9 VLAN
About This Chapter
Virtual local area network (VLAN) is a technology used to form virtual workgroups by logically
grouping the devices of a LAN.
9.1 Standard VLAN

A standard VLAN is a kind of VLAN which contains multiple interconnected standard Ethernet
ports. Logically, all the ports in a standard VLAN are equal. This topic provides introduction to
this feature and describes the principles and reference documents of this feature.
9.2 Smart VLAN
A smart VLAN is a VLAN that contains multiple upstream ports and multiple service ports. The
service ports are isolated from each other in terms of traffic. A smart VLAN can serve
multiplePOTS users, thus saving VLAN resources. This topic provides introduction to this
feature and describes the principles and reference documents of this feature.
9.3 MUX VLAN
A MUX VLAN is a VLAN that contains one or more upstream ports, but contains only one
service port. Any two MUX VLANs are isolated. One-to-one mapping can be set up between a
MUX VLAN and an access user. Hence, a MUX VLAN can uniquely identify an access user.
The MUX VLAN is used when users are distinguished according to VLANs. This topic provides
introduction to this feature and describes the principles and reference documents of this feature.
9.4 QinQ VLAN
QinQ, that is, 802.1Q in 802.1Q, is a visualized name for the tunnel protocol encapsulated based
on IEEE 802.1Q. For a VLAN packet that has the QinQ attribute, it contains two VLAN tags:
inner VLAN tag from the private network and outer VLAN tag from the MA5606T. Through
the outer VLAN tag, a layer 2 (L2) VPN tunnel can be set up to transparently transmit service
data from private networks to public networks. This topic provides introduction to this feature
and describes the principles and reference documents of this feature.
9.5 VLAN Stacking
VLAN stacking is a stacking based on the IEEE 802.1 Q tag. The VLAN stacking feature can
be used to improve the reuse of the network-side VLAN (outer VLAN) and used for the
wholesale service. This topic provides introduction to this feature and describes the principles
and reference documents of this feature.

9 VLAN Feature Description
9.1 Standard VLAN

ports. Logically, all the ports in a standard VLAN are equal. This topic provides introduction to
9.1.1 Introduction
This topic provides information about the standard VLAN feature, including its definition,
purpose, and specification.
9.1.2 Principle
This topic describes the implementation principle of the standard VLAN feature.
9.1.3 Reference
This topic describes the reference documents of the standard VLAN feature.
9.1.1 Introduction
This topic provides information about the standard VLAN feature, including its definition,
purpose, and specification.
Definition
Virtual local area network (VLAN) is a technology used to form virtual workgroups by logically
grouping the devices of a LAN. The IEEE issued draft IEEE 802.1Q in 1999, aiming at
standardizing VLAN implementations.
ports. Logically, all the ports in a standard VLAN are equal.
Purpose
All the Ethernet ports in a standard VLAN can communicate with each other. An Ethernet port
in a standard VLAN is isolated from an Ethernet port in another standard VLAN.
The standard VLAN is primarily used for subtending. The MA5606T supports the Ethernet
subtending networking. Several access devices in different tiers can be subtended through the
GE/FE ports, which can extend the network coverage and satisfy the requirements for large
access capacity.
Specification
The MA5606T supports up to 4K standard VLANs.
Limitation
For the MA5606T, a standard VLAN can include only the standard Ethernet ports provided by
the boards in the GIU slots.

Availability
l Hardware support
No additional hardware is required for supporting the standard VLAN feature.
l License support
The standard VLAN feature is the basic feature of the MA5606T. Therefore, no license is
required for accessing the corresponding service.
9.1.2 Principle
This topic describes the implementation principle of the standard VLAN feature.
The standard VLAN can be planned according to the following parameters:
l Port
l MAC address
l Protocol type
l IP address mapping
l Multicast
l Policy
Unless otherwise stated, the VLAN described herein is based on ports, which is a common way
for planning VLANs in the telecom industry.
The standard VLAN strictly complies with the IEEE 802.1Q standard. In the IEEE 802.1Q
standard, the format of an Ethernet frame is modified by adding the 4-byte 802.1Q tag between
the source MAC address field and the protocol type field. See Figure 9-1 for details.
Figure 9-1 802.1Q-based VLAN frame
802.1Q Tag
Destination Source Length/ FCS
PRI/CFI/ Data
Address Address Type Type (CRC-32)
VID
46 bytes
6 bytes 6 bytes 4 bytes 2 bytes 4 bytes
~1517 bytes
A 802.1Q tag contains four bytes. Table 9-1 shows their meanings and purposes.
Table 9-1 Meanings and purposes of the fields in a 802.1Q tag
Field Length Value Meaning and Purpose
Type 2 bytes 0x8100 indicates a frame It indicates the frame type.

with the 802.1Q tag. Such a frame will be discarded by a
device that does not support 802.1Q.
PRI 3 bits Range: 0-7. It indicates the priority of a frame and

applies to QoS.

Field Length Value Meaning and Purpose
CFI 1 bit - It is a canonical format indicator. It

indicates whether the format of a MAC
address is typical or not, and applies to
a token ring network and a Fiber
Distribution Data Interface (FDDI).
VID 12 bits - It is the VLAN ID and indicates the

VLAN to which a frame belongs.
9.1.3 Reference
This topic describes the reference documents of the standard VLAN feature.
The following lists the reference documents of the standard VLAN feature:
l IEEE 802.1q: IEEE standards for Local and metropolitan area networks-Virtual Bridged
Local Area Networks
9.2 Smart VLAN

A smart VLAN is a VLAN that contains multiple upstream ports and multiple service ports. The
service ports are isolated from each other in terms of traffic. A smart VLAN can serve
multiplePOTS users, thus saving VLAN resources. This topic provides introduction to this
9.2.1 Introduction
This topic provides information about the smart VLAN feature, including its definition, purpose,
and specification.
9.2.2 Principle
This topic describes the implementation principles of the smart VLAN feature.
9.2.3 Reference
This topic describes the reference documents of the smart VLAN feature.
9.2.1 Introduction
This topic provides information about the smart VLAN feature, including its definition, purpose,
and specification.
Definition
A smart VLAN is a VLAN that contains multiple upstream ports and multiple service ports.
These service ports are isolated from each other.
Purpose
A smart VLAN can serve multiple xDSL users, thus saving the VLAN resources in the system.

Specification
The MA5606T supports up to 4K smart VLANs. There is no limit to the number of the upstream
ports and that of the service ports in each smart VLAN.
Limitation
The basic limitations of the smart VLAN feature are as follows:
l If a VLAN contains an L3 interface, to delete the VLAN, you need to delete the interface
first.
l If a VLAN contains a service port, to delete the VLAN, you need to delete the service port
first.
Availability
l Hardware support
No additional hardware is required for supporting the smart VLAN feature.
l License support
The smart VLAN feature is the basic feature of the MA5606T. Therefore, no license is
9.2.2 Principle
This topic describes the implementation principles of the smart VLAN feature.
In addition to all the features of a standard VLAN, a smart VLAN has the following features:
l There are two port types in the smart VLAN, upstream ports and service ports, which are
not treated equally.
– The service ports are isolated from each other in terms of traffic.
– The upstream ports can interconnect with each other.
– The service port and the upstream port can interconnect with each other.
l The broadcast domain of the upstream port of the smart VLAN covers all the ports of the
VLAN. The broadcast domain of the service port, however, contains only the upstream
port. In contrast, the broadcast domain of each port of the standard VLAN covers all the
ports in the VLAN.
9.2.3 Reference
This topic describes the reference documents of the smart VLAN feature.
The following lists the reference documents of the smart VLAN feature:
Local Area Networks.
9.3 MUX VLAN

service port. Any two MUX VLANs are isolated. One-to-one mapping can be set up between a
MUX VLAN and an access user. Hence, a MUX VLAN can uniquely identify an access user.

The MUX VLAN is used when users are distinguished according to VLANs. This topic provides
9.3.1 Introduction
This topic describes the definition, purpose, specification, limitation, and availability of MUX
VLAN.
9.3.2 Principle
This topic describes the implementation principles of the MUX VLAN feature.
9.3.3 Reference
This topic describes the reference documents of the MUX VLAN feature.
9.3.1 Introduction
This topic describes the definition, purpose, specification, limitation, and availability of MUX
VLAN.
Definition
service port.
The traffic streams of any two MUX VLANs are isolated.
Purpose
One-to-one mapping can be set up between a MUX VLAN and an access user. Hence, a MUX
VLAN can uniquely identify an access user. The MUX VLAN is used when users are
distinguished according to VLANs.
Specification
The MA5606T supports up to 4K MUX VLANs.
Limitation
The basic limitation of the smart VLAN feature are as follows:

l If a VLAN contains an L3 interface, to delete the VLAN, you must delete the interface
first.
l If a VLAN contains a service port, to delete the VLAN, you must delete the port first.
Availability
l Hardware support
No additional hardware is required for supporting the MUX VLAN feature.
l License support
The MUX VLAN feature is the basic feature of the MA5606T. Therefore, no license is

9.3.2 Principle
This topic describes the implementation principles of the MUX VLAN feature.
One MUX VLAN corresponds to one service port. Therefore, MUX VLANs can be used to
differentiate the users.
9.3.3 Reference
This topic describes the reference documents of the MUX VLAN feature.
The following lists the reference documents of the MUX VLAN feature:
9.4 QinQ VLAN

inner VLAN tag from the private network and outer VLAN tag from the MA5606T. Through
the outer VLAN tag, a layer 2 (L2) VPN tunnel can be set up to transparently transmit service
data from private networks to public networks. This topic provides introduction to this feature
9.4.1 Introduction
This topic describes the definition, purpose, specification, limitation, and availability of QinQ
VLAN.
9.4.2 Principle
This topic describes the implementation principles of the QinQ VLAN feature.
9.4.3 Reference
This topic describes the reference documents of the QinQ VLAN feature.
9.4.1 Introduction
This topic describes the definition, purpose, specification, limitation, and availability of QinQ
VLAN.
Definition
inner VLAN tag from the private network and outer VLAN tag from the MA5606T.
Through the outer VLAN tag, an L2 VPN tunnel can be set up to transparently transmit service
data from private networks to public networks.
Purpose
The core of QinQ is to encapsulate the VLAN tag of the private network packet to the VLAN
tag of the public network. The packet carrying two VLAN tags in the form of IEEE 802.1Q is
forwarded to the user, after passing the operator's backbone network.

In a word, the QinQ VLAN provides the users with a simple L2 VPN leased line service, which
extends the coverage of the private network to some extent.
The leased line service herein refers to the private network service which is transparently
transmitted to the peer network end, for example, the Intranet service.
Specification
l The MA5606T supports up to 4K QinQ VLANs.
l The MA5606T supports smart QinQ and Mux QinQ.
Limitation
The attribute of the following VLANs cannot be QinQ:
l Super VLAN
l Sub VLAN
l A VLAN containing an L3 interface
l Default VLAN in the system
l Standard Vlan
Availability
l Hardware support
No additional hardware is required for supporting the QinQ VLAN feature.
l License support
The QinQ VLAN feature is the basic feature of the MA5606T. Therefore, no license is
9.4.2 Principle
This topic describes the implementation principles of the QinQ VLAN feature.
Figure 9-2 shows the QinQ VLAN service process of the MA5606T.

Figure 9-2 QinQ VLAN service process
L2/L3 L2/L3
VLAN 3 VLAN 2
MA5606T VLAN 3 VLAN 1 MA5606T
Modem Modem
VLAN 2 VLAN 1 VLAN 2
L2 L2
User 1 User 3 User 4 User 2
By QinQ VLAN, the MA5606T implements the user interconnection of the same private network
(VLAN 1 or VLAN 2) in different areas. The following describes the service packet processing.
1. The user PC sends an untagged packet to the upstream direction.
2. The L2 LAN switch adds the VLAN tag (VLAN 1 or VLAN 2) of the private network to
the packet, and then sends the packet to the MA5606T.
3. The MA5606T adds the VLAN tag (VLAN 3) of the public network to the packet, and then
sends the packet to the upper layer network.
4. The upper layer network device transmits the packet based on the VLAN tag (VLAN 3) of
the public network.
5. Upon receiving the packet, the peer end MA5606T extracts the VLAN tag (VLAN 3) of
the public network, and then sends the packet to the LAN switch at the same end.
6. The LAN switch identifies and extracts the VLAN tag (VLAN 1 or VLAN 2) of the private
network, and then sends the untagged packet to the user in the VLAN of the private network.
In this way, users 1 and 2 in VLAN 2 can interconnect with each other, or users 3 and 4 in VLAN
1 can interconnect with each other.
9.4.3 Reference
This topic describes the reference documents of the QinQ VLAN feature.
The following lists the reference documents of the QinQ VLAN feature:
l IEEE P802.1ad: Virtual Bridged Local Area Networks— Amendment 4: Provider Bridges

9.5 VLAN Stacking

VLAN stacking is a stacking based on the IEEE 802.1 Q tag. The VLAN stacking feature can
be used to improve the reuse of the network-side VLAN (outer VLAN) and used for the
wholesale service. This topic provides introduction to this feature and describes the principles
9.5.1 Introduction
This topic describes the definition, purpose, specification, limitation, and availability of VLAN
stacking.
9.5.2 Principle
This topic describes the implementation principles of the VLAN stacking feature.
9.5.3 Reference
This topic describes the reference documents of the VLAN stacking feature.
9.5.1 Introduction
This topic describes the definition, purpose, specification, limitation, and availability of VLAN
stacking.
Definition
VLAN stacking is a stacking based on the IEEE 802.1 Q tag.
The purpose of the VLAN stacking is to add two VLAN tags in the form of IEEE 802.1Q to
untagged user packets or to convert tagged user packets into the packets with two VLAN tags
in the form of IEEE 802.1Q. The packet carrying two VLAN tags is forwarded to the broadband
remote access server (BRAS) for authentication, after passing the operator's backbone network.
Alternatively, when the packet is forwarded to the BRAS, the outer VLAN tag is extracted, and
the inner VLAN tag is used to identify the user.
Purpose
For a VLAN packet that has the stacking attribute, it contains two VLAN tags: inner VLAN tag
and outer VLAN tag allocated by the MA5606T.
The VLAN stacking feature can be used to improve the reuse of the network-side VLAN (outer
VLAN) and used for the wholesale service.
l The reuse of VLANs is improved by two VLAN tags.
l The outer VLAN tag is used to identify to which Internet Service Provider (ISP) the user
belongs, and the inner VLAN tag is used to identify the user. In this way, different users
can get access to their own ISPs.
The wholesale service refers to a service in which users can be connected to their own ISPs in
batches according to the specified rules when there are multiple ISPs in the L2 MAN.
Specification
l Up to 4K stacking VLANs

l S+C forwarding and VLAN+MAC forwarding based on the VLAN

l Disabling the MAC address learning function based on the VLAN
Limitation
The attribute of the following VLANs cannot be VLAN stacking:
l Super VLAN
l Sub VLAN
l A VLAN contains an L3 interface
l Default VLAN in the system
l Standard Vlan
Availability
l Hardware support
No additional hardware is required for supporting the VLAN stacking feature.
l License support
The VLAN stacking feature is an optional feature of the MA5606T. Therefore, the license
is required for accessing the corresponding service.
9.5.2 Principle
This topic describes the implementation principles of the VLAN stacking feature.
If the VLAN stacking is used to increase the VLAN quantity or to identify users, the BRAS is
required.
If the VLAN stacking is used to provide the multi-ISP wholesale service, the upper layer network
shall work in L2 mode to forward user packets based on VLAN and MAC address directly.
Figure 9-3 shows the VLAN stacking service process of the MA5606T.
Figure 9-3 VLAN stacking service process
ISP1 ISP2
MAN
SP VLAN 1 C VLAN 1 SP VLAN 2 C VLAN 1
L2/L3
SP VLAN 1 C VLAN 2 SP VLAN 2 C VLAN 2
Modem Modem
MA5606T
Enterprise A
Enterprise B

NOTE
l SP VLAN: Service Provider VLAN

l C VLAN: Customer VLAN
By different VLAN stacking, the MA5606T connects the users of enterprise A to ISP1, and the
users of enterprise B to ISP2. The following describes the service process.
1. The user sends the untagged packets to the upstream direction. The packets reach the
MA5606T after passing through the Modem.
2. The MA5606T adds two VLAN tags to the untagged packets.
NOTE
The users of different ISPs correspond to different outer SP VLANs.

l SP VLAN 1 is encapsulated as the outer VLAN to all user packets of enterprise A, and the
Customer VLAN is encapsulated as the inner VLAN.
l SP VLAN 2 is encapsulated as the outer VLAN to all user packets of enterprise B, and the
Customer VLAN is encapsulated as the inner VLAN.
3. The Metropolitan Area Network (MAN) device forwards the user packets to different ISPs
based on the SP VLAN.
4. Upon receiving the user packets, the ISP1 and ISP2 devices extract the SP VLAN, and
differentiate users based on their inner VLAN tags.
9.5.3 Reference
This topic describes the reference documents of the VLAN stacking feature.
The following lists the reference documents of the VLAN stacking feature:

Feature Description 10 HWTACACS
10 HWTACACS
About This Chapter
HWTACACS is a security protocol with enhanced functions based on TACACS (RFC1492).

Similar to the RADIUS protocol, HWTACACS implements AAA functions for multiple
subscribers by communicating with the HWTACACS server in the client/server (C/S) mode.
This topic provides the introduction, principles, and reference of the HWTACACS feature.
10.1 Introduction
This topic provides the definition, purpose, specifications, limitation, and availability of the
HWTACACS feature.
10.2 Principle
This topic describes the working principles of the HWTACACS feature.
10.3 Reference
This topic provides the reference documents of the HWTACACS feature.

10 HWTACACS Feature Description
10.1 Introduction
HWTACACS feature.
Definition
HWTACACS is a security protocol with enhanced functions based on TACACS (RFC1492).
Similar to the RADIUS protocol, HWTACACS implements AAA functions for multiple
subscribers by communicating with the HWTACACS server in the client/server (C/S) mode.
Purpose
HWTACACS is used for the authentication, authorization, and accounting of the 802.1x access
subscribers and administrators.
Specifications
The MA5606T supports the following HWTACACS specifications:
l Authentication, authorization, and accounting through HWTACACS for login users

l Encrypted communication through HWTACACS
l Configuring the source address of the HWTACACS packet sent from the device
l Delay recovery for the active HWTACACS server
l Configuring the response timeout time for the HWTACACS server
l Configuring the subscriber traffic unit that is reported to the HWTACACS server
l Configuring whether to carry the domain name in the subscriber name reported to the
HWTACACS server
l Collecting the statistics of the HWTACACS packets
l Querying the configuration of the HWTACACS server
l Re-transmitting the stop-accounting packet to prevent the accounting errors caused by the
loss of the stop-accounting packet
Limitation
None
Availability
l Hardware Support
No additional hardware is required for supporting this feature.
l License Support
The HWTACACS feature is a basic feature of the MA5606T. Therefore, no license is

Feature Description 10 HWTACACS
10.2 Principle
This topic describes the working principles of the HWTACACS feature.
Authenticating the User Level Upshift

The HWTACACS message flow is similar to the RADIUS message flow. The difference is that,
in the HWTACACS message flow, the server returns the authentication response rather than the
user right after the user passes authentication. The user right is returned only when the
authorization process is completed.
HWTACACS features more reliable transmission and encryption than RADIUS and is more
suitable for security control. Table 10-1 shows the major differences between HWTACACS
and RADIUS.
Table 10-1 Differences between HWTACACS and RADIUS
HWTACACS RADIUS
Uses TCP to realize more reliable network Uses UDP.

transmission.
Encrypts the entire body of the packet Encrypts only the password field of the
except the standard HWTACACS header. authentication packet.
Separates authorization from Performs authentication and authorization

authentication. together.
Suitable for security control. Suitable for accounting.
HWTACACS supports the authentication of the user level upshift. After logging in to the router
through telnet or SSH, a user can run the super command to upshift or downshift the user level
in the user mode. Then, the router authenticates the user password.
Figure 10-1 shows the process of the HWTACACS authentication of the user level upshift.
Figure 10-1 Process of the HWTACACS authentication of the user level upshift
Telnet/SSH Super Authen

- REQ
HWTACACS
Server
Super Authen ACK
User Router

10 HWTACACS Feature Description
NOTE
l When the router authenticates the user level upshift, the user passwords at different levels can be
different.
l When the router authenticates the user level upshift through HWTACACS, the user passwords at
different levels are the same.
The router sends the user password to the HWTACACS server for authentication. If the
authentication is successful, the user level can be upshifted. Otherwise, the user level cannot be
upshifted. The modification of the privilege user level takes effect on only this login.
If the router does not receive the authentication result of user level upshift from the HWTACACS
server within the preset timeout time, the authentication times out and the user level cannot be
upshifted.
10.3 Reference
This topic provides the reference documents of the HWTACACS feature.
l RFC1492
l RFC2865

Feature Description 11 DNS Client
11 DNS Client
About This Chapter
The DNS client feature enables the user who logs in to the local device to communicate with
other devices by using the domain name.
11.1 Introduction
This topic provides the definition, purpose, specifications, limitation, and availability of the DNS
client feature.
11.2 Principle
This topic describes the working principles of the DNS client feature.
11.3 Reference
This topic provides the reference documents of the DNS client feature.

11 DNS Client Feature Description
11.1 Introduction
This topic provides the definition, purpose, specifications, limitation, and availability of the DNS
client feature.
Definition
TCP/IP not only provides IP addresses to identify devices, but also specifies a special naming
mechanism for hosts which is in the form of character strings. This is the domain name system
(DNS). DNS adopts a hierarchical naming method to specify a meaningful name for each device
on the network, and sets a DNS server on the network to establish mappings between domain
names and IP addresses. In this way, you can use the meaningful and easy-to-remember domain
names other than complex IP addresses.
The domain name resolution can be dynamic resolution or static resolution. In the case of
dynamic resolution, a special DNS server is required for receiving the domain name resolution
requests from subscribers. The server first resolves a domain name within the local database. If
the domain name does not belong to this domain, the server returns the resolution result to the
client by using the recursive resolution or iterative resolution method. The resolution result may
be an IP address or the message "the domain name does not exist", which will be returned to the
client. An address resolver on the DNS client is used to enable the user program to access the
DNS server.
Figure 11-1 shows the relations between the user program, resolver, DNS server, and the cache
on the resolver. The resolver and the cache are integrated to form the DNS client, which receives
the DNS queries from the user program and responds to the queries. In general, the user program,
cache, and resolver are on the same host while the DNS server is on a different one.
Figure 11-1 Dynamic DNS
Request Request
User program Resolver
Response
Response
DNS
Save Read Server
Local DNS
Cache
host Client
Purpose
On the MA5606T, the DNS client is mainly used for resolving the IP address of the call server
for the VoIP feature.

Specifications
The MA5606T supports the following DNS client specifications:
l The DNS client in the synchronous or asynchronous mode

l Configuring and querying the DNS server through the CLI
l Cache function (up to 50 caches)
Limitation
None
Availability
l Hardware Support
No additional hardware is required for supporting this feature.
l License Support
The DNS client feature is a basic feature of the MA5606T. Therefore, no license is required
for accessing the corresponding service.
11.2 Principle
This topic describes the working principles of the DNS client feature.
DNS is a mechanism that uses a special DNS server for dynamically resolving the domain name.
The DNS server provides mappings from domain names to IP addresses and receives the domain
name resolution requests from DNS clients.
DNS Server
A device that is specially used for running the domain name resolution server program is called
a DNS server. The root DNS server contains the information about the root and top-level domain.
DNS requires each DNS server to know the IP address of at least one root DNS server. The DNS
client must also know how to contact at least one DNS server.
Domain Name Conversion

When receiving the query request from the DNS client, the DNS server first checks whether the
requested domain name belongs to the sub-domain that the server is authorized to manage.
l If the domain name belongs to the sub-domain, the DNS server queries the database and
converts the domain name into an IP address and then sends the conversion result to the
DNS client.
l If the domain name does not belong to the sub-domain, the DNS server performs the next
operation according to the resolution method specified by the client in the query packet.
The resolution method can be recursive resolution or iterative resolution.
– Recursive resolution: The DNS server contacts the server that can resolve the domain
name, and returns the query result, namely, the IP address corresponding to this domain
name, to the client.

11 DNS Client Feature Description
– Iterative resolution: If the DNS server cannot provide the resolution result, it indicates
the next DNS server for the client to contact in the response packet sent to the client.
Then, the client sends a query request to the specified DNS server.
DNS Working Process

Figure 11-2 shows the DNS working process.
Figure 11-2 Dynamic DNS
Request Request
User program Resolver
Response
Response
DNS
Save Read Server
Local DNS
Cache
host Client
The dynamic DNS working process is as follows:
1. The user program sends a request to the DNS client.

2. After the DNS client receives the request, it queries the local database or cache. If the target
mapping entry is not found, the client sends a query packet to the DNS server.
3. After receiving the response packet from the DNS server, the DNS client analyzes the
response packet and determines the next operation according to the response packet.
Cache
If the resolver sends every resolution request with a non-local domain name to the root DNS
server, it will result in a large query overhead. To reduce the overhead of the queries for non-
local domain names, the DNS server uses a cache. Every mapping between a dynamically
resolved domain name and the IP address is saved in the dynamic domain name cache of the
memory. Then, when the same domain name is queried next time, it can be directly read from
the cache rather than being requested from the root DNS server. Each DNS server maintains a
record of recently-used domain names in the local cache, and at the same time caches the IP
address of the corresponding server from which the domain name mapping is obtained.
When the mappings between domain names and IP addresses change, the information in the
cache is no longer correct. To ensure the correctness of the information in the cache, the DNS
server specifies a TTL value in the DNS response packet. The TTL value represents the valid
time for the binding between the resolved domain name and the IP address. The mapping between
the domain name and the IP address saved in the cache of the client ages after a period of time
and is deleted, thus guaranteeing that the latest information can be obtained from the DNS server.
The DNS servers installed with different operating systems have corresponding values of aging
time. The client obtains the aging time from the DNS protocol packets.

The host also has a cache, which is used for maintaining the bindings between the recently-used
domain names and IP addresses. The host uses the DNS server for query only when the host
cannot find the domain name to be resolved in the cache.
DNS Suffix
The dynamic DNS supports the domain name suffix list. With this function, you can preset some
domain name suffixes. Then, in the domain name resolution, you only need to enter partial fields
of domain names, and the system automatically adds different suffixes to the domain names for
resolution. For example, to query domain name huawei.com, you can configure com in the suffix
list, and then enter huawei. Then, the system automatically connects the entered domain name
to the suffix to form domain name huawei.com for performing a query.
When the domain name suffix is used, the following situations may occur:
l If the domain name that you enter does not contains a ., for example, huawei, the system
considers this as a host name and adds the suffix to it for performing a query. If all the
queries for domain names fail, the system finally uses the domain name that you first entered
for performing a query.
l If the domain name that you enter contains ., for example, www.huawei, the system directly
uses this domain name for performing a query. If the query fails, the system adds the suffixes
one by one and then performs the query.
l If the domain name that you enter ends with ., for example, huawei.com., the system first
removes the ending . from the domain name and uses the remaining part for performing a
query. If the query fails, the system tries matching the domain name with the domain name
list and then performs the query.
11.3 Reference
This topic provides the reference documents of the DNS client feature.
l RFC1034: Domain Names - Concepts and Facilities
l RFC1035: Domain Names - Implementation and Specification

Feature Description 12 Transparent Transmission of Protocol Packets
12 Transparent Transmission of Protocol

Packets
About This Chapter
Transparent transmission of protocol packets refers to the transparent transmission of user

private network packets in the public network.
12.1 Introduction
feature of transparent transmission of protocol packets.
12.2 Principle
This topic describes the working principles of the feature of transparent transmission of protocol
packets.

12 Transparent Transmission of Protocol Packets Feature Description
12.1 Introduction
feature of transparent transmission of protocol packets.
Definition
Transparent transmission of protocol packets refers to the transparent transmission of user
private network packets in the public network.
Purpose
This feature is used to implement the transparent transmission of user private network packets
in the public network. For example, the BPDU packets of a VIP user's private network can be
transparently transmitted in the public network through the QinQ function.
Specifications
The MA5606T supports the following transparent transmission specifications:
l Transparent transmission of the VTP-CDP and RIP packets in a specified VLAN

l Transparent transmission of the BPDU packets in a specified VLAN
Limitation
None
Availability
l Hardware Support
The xDSL, and GPON boards support this feature.
l License Support
The feature of transparent transmission of protocol packets is a basic feature of the
MA5606T. Therefore, no license is required for accessing the corresponding service.
12.2 Principle
This topic describes the working principles of the feature of transparent transmission of protocol
packets.
The transparent transmission feature supports the following two service models:
l Transparent transmission of the BPDU packets in a specified VLAN
l Transparent transmission of the VTP-CDP and RIP packets in a specified VLAN
Transparent Transmission of BPDU Packets

The 802.1ad solution is adopted for transparent transmission of BPDU packets. The range of
the destination MAC address of the BPDUs in the user network (private network) is from 0180-

Feature Description 12 Transparent Transmission of Protocol Packets
c200-0000 through 0180-c200-002f. In the case of MSTP, the destination MAC address of the
BPDUs in the carrier network (public network) is 0180-c200-0008.
Transparent Transmission of RIP Packets

l The function of transparent transmission of RIP packets for a VLAN is used to determine
whether the RIP packets are transparently transmitted or are transmitted to the L3 RIP
protocol for processing.
l The unicast, multicast, and broadcast RIP packets can be transmitted transparently.
l The transparent transmission of RIP packets for a VLAN and the L3 RIP protocol
processing are mutually exclusive. That is, when the transparent transmission of RIP
packets for a VLAN is enabled, the L3 RIP protocol processing is invalid.
Transparent Transmission of VTP-CDP Packets

The function of transparent transmission of VTP-CDP packets for a VLAN is used to determine
whether the VTP-CDP packets are transparently transmitted or are transmitted to the protocol
for processing.

Feature Description 13 ACL
13 ACL
About This Chapter
The access control list (ACL) is used to filter the specific data packets based on a series of
matching rules contained in the ACL.
13.1 Introduction
This topic describes the definition, purpose, specification, limitation, and availability of ACL.
13.2 Principle
This topic describes the implementation principles of the ACL feature.

13 ACL Feature Description
13.1 Introduction
This topic describes the definition, purpose, specification, limitation, and availability of ACL.
Definition
The access control list (ACL) is used to filter the specific data packets based on a series of
matching rules contained in the ACL, and therefore identify the filtering objects. After the
filtering objects are identified, the corresponding data packets are permitted to pass or discarded
based on the preset rules.
Purpose
The packet filtering based on ACLs is the prerequisite for carrying out quality of service (QoS).
ACL together with QoS improves the system security.
Specification
The MA5606T supports the following ACL specifications:
l ACLs are numbered from 2000 to 5999, and up to 4000 ACLs can be defined. Each ACL
can have 64 rules. Table 13-1 describes the four types of ACLs.
l Issuing 1024 ACL rules by the system software, with a maximum number of 128 user-
defined ACL rules and a maximum number of 896 non-user-defined ACL rules
l The user can configure matching of the first 80 bytes in the packet based on the rules.
Multiple fields can be configured at the same time.
l Up to 64(MCUA) ACLs can be activated and validated for the MA5606T.
Table 13-1 ACL types

ACL Type Number Range Feature
Standard ACL 2000-2999 It allows definition of the rule according to L3 source

IP address and fragment.
The rules of a standard ACL are defined only according
to the L3 source IP address for analyzing and processing
data packets.

Feature Description 13 ACL
ACL Type Number Range Feature
Advanced 3000-3999 Compared with standard ACL, advanced ACL allows

ACL more accurate, rich and flexible definition of the rule
according to:
l Source address
l Destination address
l IP bearer protocol type (including the following
types of packets: GRE, ICMP, IP, IP in IP, TCP, and
UDP)
l TCP source port
l TCP destination port
l ICMP protocol type
l ICMP code
L2 ACL 4000-4999 It allows definition of the rule according to L2

information such as:
l Source MAC address
l Source VLAN ID
l L2 protocol type
l Destination MAC address
l QoS
Customized 5000-5999 It allows definition of the rule according to any 32 bytes

ACL of the first 80 bytes in an L2 frame.
Limitation
In the case that the ACL rules do not conflict with each other, the ACL rules activated earlier
have lower priorities, while the ACL ruls activated later have higher priorities.
Availability
l Hardware support
No additional hardware is required for supporting the ACL feature.
l License support
The ACL feature is an optional feature of the MA5606T. Therefore, the license is required
13.2 Principle
This topic describes the implementation principles of the ACL feature.
The system matches and processes the input packets according to the ACLs.

13 ACL Feature Description
l If the packets match the ACLs, they are forwarded for further processing, such as:
– Packet filtering
The system determines whether to discard the packets depending on whether the packets
match with the ACLs.
– Priority tagging
The system tags priority on the packets that match the ACLs. The tags include the TOS,
DSCP and 802.1p tags.
– Traffic limiting
The system limits the rate of the packets that match the ACLs.
– Port rate limiting
The system limits the rate for the packet transmission on an Ethernet port.
– Traffic statistics
The system collects statistics on the packets that match the ACLs.
– Packet redirection
The system redirects the packets that match the ACLs to another port (that is, the original
destination port no longer receives or forwards the packets).
– Packet mirroring
The system mirrors the packets that match the ACLs to another port (that is, the packets
are duplicated to another port).
Eventually, the packets are forwarded and generated.
l The MA5606T discards or forwards the packets that do not match with the ACLs.
Figure 13-1 shows the process of ACL based filtering.
Figure 13-1 ACL based filtering
Packet filtering
Priority tagging
Traffic limiting
Port rate limiting
…
Input packet Output packet

stream Match the stream
Implement
packets with Matching?
Yes actions
the ACL
No
Discard
Discarded
packets

Feature Description 14 QoS
14 QoS
About This Chapter
QoS refers to quality of service. Settings of different QoS parameters, such as service availability,
time delay, jitter, and loss rate, provide users with high quality services.
14.1 QoS Overview

time delay, jitter, and loss rate, provide users with high quality services. This topic provides
14.2 PQ
By PQ, each queue is given with a different priority. During the scheduling, the packets in the
highest-priority queue are served first. This topic provides introduction to this feature and
describes the principles of this feature.
14.3 WRR
By WRR, each queue is assigned with a weighted value, representing the number of packets
serviced in one cycle queue. One packet is sent in one scheduling. WRR guarantees that the
bandwidth used by different queues is consistent with the preset ratio. This topic provides
introduction to this feature and describes the principles of this feature.
14.4 CoS Priority Re-marking
CoS priority re-marking means re-marking the CoS priorities (802.1p field) of the packets. This
topic provides introduction to this feature and describes the principles of this feature.
14.5 Flexible Mapping Between CoS Priorities and Scheduling Queues
Flexible mapping between CoS priorities and scheduling queues indicates that the MA5606T
supports flexible configuration of mappings between priorities and queues. Based on this feature,
you can specify the packets of a certain priority to a specified queue. This topic provides
14.6 trTCM
A Two Rate Three Color Marker (trTCM) is a marker defined by RFC2698. The trTCM can be
used as a component in a Diffserv traffic conditioner, and meters an IP packet stream and marks
its packets. This topic provides introduction to this feature and describes the principles of this
feature.
14.7 Rate Limitation Based on Port and CoS

14 QoS Feature Description
To manage the bandwidth for the service, you can configure the rate limitation based on port
and CoS. This topic provides introduction to this feature and describes the principles of this
feature.

14.1 QoS Overview

time delay, jitter, and loss rate, provide users with high quality services. This topic provides
14.1.1 Introduction
This topic describes the definition, purpose, specification, and availability of QoS.
14.1.2 Principle
This topic describes the implementation principles of the QoS feature.
14.1.1 Introduction
This topic describes the definition, purpose, specification, and availability of QoS.
Definition
time delay, jitter, and loss rate, guarantee the end-to-end quality of services.
Purpose
QoS aims at utilizing the limited network resources by providing differentiated qualities for
different services.
Specification
The MA5606T supports the following QoS specifications:
l Flexible queue mapping
l Two rate three color marker (trTCM) to adapt different traffic profiles
l 802.1p re-marking
l Rate limitation to both upstream and downstream traffic streams based on the port + CoS
mode to implement the committed access rate (CAR) function
l Up to eight queues (corresponding to eight service streams) for each port
l The queue scheduling methods such as:
– Strict Priority Queuing (PQ)
– Weighted Round Robin (WRR)
– PQ+WRR
l Configuring the inner VLAN priority during configuration of an IP traffic profile
Only priorities 0-7 are supported.
l Cancellation of the option for setting the inner VLAN priority as the queuing trustful
priority
Only local and tag-setting are supported.
l Configuring the source of the outer VLAN priority

l The option for copying the inner tag priority

l VLAN switching and priority re-configuration based on the VLAN of the ETH port on the
ONT
l Configuring the mapping between the ONT 802.1p priority and the queue
l Configuring the ONT queue scheduling mode and the WRR weights
Availability
l Hardware support
No additional hardware is required for supporting the QoS feature.
l License support
The QoS feature is the basic feature of the MA5606T. Therefore, the corresponding service
is provided with no license.
14.1.2 Principle
This topic describes the implementation principles of the QoS feature.
The QoS can be implemented through the following strategies:
l Flexible configuration of the packet priority based on the flow:
– Trusting user 802.1p. (If the user packet does not have the 802.1p tag, 3 is selected)
– Trusting user ToS. (If the user packet does not have the ToS tag, 3 is selected)
– Trusting the default flow priority.
l CAR rate limiting based on the flow:
trTCM (RFC2698) is adopted. The color is marked on the DEI bit of the Ethernet priority
field. 0 indicates green. 1 indicates yellow. Red packets are all discarded. Two modes are
supported globally: color-blind and color-aware. trTCM supports Ethernet profiles defined
in MEF10. You can obtain different traffic profiles by modifying the associated parameters.
l Modification of the 802.1p of the output packets based on the flow:
– Trusting user 802.1p. (If the user packet does not have the 802.1p tag, 3 is selected)
– Trusting user ToS. (If the user packet does not have the ToS tag, 3 is selected)
– Trusting the default flow priority.
l Queue scheduling
In case of network congestion, multiple packets compete for the network resources. In this
case, queue scheduling is used to solve the problem.
14.2 PQ
highest-priority queue are served first. This topic provides introduction to this feature and
14.2.1 Introduction
This topic describes the definition, purpose, and specification of PQ.
14.2.2 Principle
This topic describes the implementation principles of the PQ feature.

14.2.1 Introduction
This topic describes the definition, purpose, and specification of PQ.
Definition
highest-priority non-empty queue are served first, and then the packets in the next lower-priority
queue are served. PQ handles the packets of different queues by strictly following the order from
higher priorities to lower priorities. The packets in the queue of the lower priority are sent only
when a queue of the higher priority becomes empty.
Purpose
PQ solves the problem that multiple service streams contend for the resources during network
congestion.
Specification
Each port supports up to eight priority queues. For some earlier versions (H808ANLF/ANIF/
ANLE or H802SHLB), each port supports only four priority queues.
14.2.2 Principle
This topic describes the implementation principles of the PQ feature.
PQ aims at giving a strict priority to the important traffic. The important traffic is given
preferential and fast treatment in case of network congestions.
In PQ, the packets are placed in queues of different priorities. The traffic with a higher priority
gets preference over that of a lower priority. Therefore, packets in queues of a higher priority
are sent first. When a queue of a higher priority is empty, the packets in the queue of a lower
priority are sent then.
Figure 14-1 shows the schematic diagram of PQ.
Figure 14-1 Schematic diagram of PQ

Queue
High
Packets leaving the port
Medium
Classifying
Normal
Packets entering the port Queue scheduling
Low
Based on PQ, the packets for the important services can be put into the queues of higher priorities,
while the packets for the less important services can be put into the queues of lower priorities.
This guarantees that the packets for the important services are served earlier than those for the
less important services (such as E-mail service). The packets for the less important services are
sent using idle intervals during which no packets for the important services are processed.

A disadvantage of PQ is that, during network congestion, the packets in the queues of lower
priorities might be discarded if packets exist in the queues of higher priorities for a long period
of time.
14.3 WRR
bandwidth used by different queues is consistent with the preset ratio. This topic provides
14.3.1 Introduction
This topic describes the definition, purpose, and specification of WRR.
14.3.2 Principle
This topic describes the implementation principles of the WRR feature.
14.3.1 Introduction
This topic describes the definition, purpose, and specification of WRR.
Definition
bandwidth used by different queues is consistent with the preset ratio.
Purpose
WRR solves the problem that multiple service streams contend for the resources during network
congestion.
Specification
Each port supports up to eight priority queues. For some earlier versions (H808ANLF/ANIF/
ANLE or H802SHLB), each port supports only four priority queues.
14.3.2 Principle
This topic describes the implementation principles of the WRR feature.
WRR scheduling ensures that certain services for each queue by polling scheduling among
different queues.
Assume that each port has four priority queues. By WRR each queue is assigned with a weighted
value among w3, w2, w1 and w0 in descending order. The weighted value indicates the ratio of
resources that one queue can get.
Use a 100 Mbit/s port as an example. Assign the weighted value of its WRR algorithm to 36,
30, 18 and 16 (corresponding to w3, w2, w1 and w0 respectively). This guarantees the minimum
bandwidth of 14 Mbit/s to the queue of the lowest priority. In this way, the packets in the queue
of the lowest priority can be served.

Assume that each port has eight priority queues. By WRR each queue is assigned with a weighted
value among w7, w6, w5, w4, w3, w2, w1 and w0 in descending order. The weighted value
indicates the ratio of resources that one queue can get.
Use a 100 Mbit/s port as an example. Assign the weighted value of its WRR algorithm to 13,
10, 8, 15, 16, 14, 13 and 11 (corresponding to w7, w6, w5, w4, w3, w2, w1 and w0 respectively).
This guarantees the minimum bandwidth of 11 Mbit/s to the queue of the lowest priority. In this
way, the packets in the queue of the lowest priority can be served.
The advantages of the WRR algorithm are as follows:
l The undeserving long-time waiting that might occur in the PQ algorithm can be avoided
by using the WRR algorithm.
l Time allocated to each WRR queue is not fixed. When no traffic is available in one queue,
the bandwidth resource is switched to the next queue immediately. Therefore, the
bandwidth resource is efficiently used.
14.4 CoS Priority Re-marking

CoS priority re-marking means re-marking the CoS priorities (802.1p field) of the packets. This
14.4.1 Introduction
This topic describes the definition, purpose, and specification of CoS priority re-marking.
14.4.2 Principle
This topic describes the implementation principles of the CoS priority re-marking.
14.4.1 Introduction
This topic describes the definition, purpose, and specification of CoS priority re-marking.
Definition
CoS priority re-marking means re-marking the CoS priorities (802.1p field) of the packets.
Purpose
The CoS priority re-marking feature is used to differentiate the priorities of multiple services,
and thus provide different QoS for different services. For example, a higher priority can be
marked for the voice service. In this way, the delay of the voice service is reduced.
Specification
The MA5606T supports the following CoS priority re-marking specifications:
l CoS priority re-marking based on service traffic

l Three re-marking modes: specified priority, trusting user CoS, trusting user IP precedence
14.4.2 Principle
This topic describes the implementation principles of the CoS priority re-marking.

Broadband Access Service

Based on the actual service requirements, the upstream service traffic streams of users are
classified and each traffic stream carries one service. The following three CoS priority re-
marking modes are supported for each service traffic stream:
l Specified priority (0-7, 0 indicates the lowest priority and 7 indicates the highest priority).
Fill it in the 802.1p field of an upstream packet.
l Trusting user CoS priority. Copy it to the 802.1p field of an upstream packet.
l Trusting user IP precedence. Copy it to the 802.1p field of an upstream packet.
14.5 Flexible Mapping Between CoS Priorities and

Scheduling Queues
Flexible mapping between CoS priorities and scheduling queues indicates that the MA5606T
you can specify the packets of a certain priority to a specified queue. This topic provides
14.5.1 Introduction
This topic describes the definition and purpose of flexible mapping between CoS priorities and
scheduling queues.
14.5.2 Principle
This topic describes the implementation principles of the flexible mapping between CoS
priorities and scheduling queues.
14.5.1 Introduction
This topic describes the definition and purpose of flexible mapping between CoS priorities and
scheduling queues.
Definition
Flexible mapping between CoS priorities and scheduling queues indicates that the access device
you can specify the packets of a certain priority to a specified queue.
Purpose
This feature satisfies the specific requirements of the carries for service management. For
example, if priorities 4 and 5 are for the voice service, then you can map priorities 4 and 5 to
queue 6 to guarantee that the voice service can be scheduled with priority.
14.5.2 Principle
This topic describes the implementation principles of the flexible mapping between CoS
priorities and scheduling queues.
When scheduling the ingress Ethernet packets, use a certain priority to determine the ingress
queue. The priority is called the packet service priority. In general, the priority is the priority
carried in the packet (such as the 802.1p field).

By default, the relationship between the packet service priority and the ingress queue is fixed.
That is, the packets with priority 7 enter queue 7 (of the highest priority), the packets with priority
6 enter queue 6, and the rest may be deduced by analogy.
In actual networking, the configurations different from the earlier mentioned default setting may
be required. For example, priorities 1, 2, 3, 4, and 5 are used, in which priorities 1 and 2 are for
the data service, priority 3 is for the video service, and priorities 4 and 5 are for the voice service;
and the configured queues are 0, 2, 4, and 6.
Table 14-1 shows the mappings between the configured priorities and queues.
Table 14-1 Mapping between the packet service priority and the queue
Packet Service Priority Queue Priority
Default Configuration in a
Certain Application
7 7 -
6 6 -
5 5 6
4 4 6
3 3 4
2 2 2
1 1 0
0 0 -
14.6 trTCM
its packets. This topic provides introduction to this feature and describes the principles of this
feature.
14.6.1 Introduction
This topic describes the definition, purpose, specification, and limitation of trTCM.
14.6.2 Principle
This topic describes the implementation principles of the trTCM feature.
14.6.1 Introduction
This topic describes the definition, purpose, specification, and limitation of trTCM.

Definition
its packets.
The MA5606T supports the trTCM to meter an Ethernet frame stream and marks its frames.
Purpose
The trTCM can be used for traffic policing and marking for the purpose of more effective
bandwidth management. Based on the static bandwidth, the trTCM can guarantee the basic
bandwidth, namely, committed information rate (CIR) for users. When the network is idle, the
trTCM allows users to obtain extra bandwidth, namely, peak information rate (PIR). In this way,
the trTCM improves the utilization ratio of the network resources.
Specification
The MA5606T supports the following trTCM specifications:
l A packet is marked green if it does not exceed the CIR. Such a packet is allowed to pass.
l A packet is marked red if it exceeds the PIR. Such a packet is discarded.
l A packet is marked yellow if it exceeds the CIR but does not exceed the PIR. Such a packet
is discarded in case of network congestion.
Limitation
Because the MA5606T implements the QoS technology at the Ethernet layer, the MA5606T
does not support marking of IP packet headers, but supports marking of Ethernet frame headers.
14.6.2 Principle
This topic describes the implementation principles of the trTCM feature.
RFC2698 trTCM implements the two rate three color marker by using two token buckets. The
related parameters are as follows:
l CIR: Committed Information Rate, in Kbps.
l CBS: Committed Burst Size, in Kbps.
l PIR: Peak Information Rate, in bytes/s (required to be equal to or exceed the CIR).
l PBS: Peak Burst Size, in bytes.
l CM: Color Mode, in either Color-Blind or Color-Aware, which indicates whether to
identify the colors of the incoming packets.
Figure 14-2 shows the principle of two token buckets.

Figure 14-2 Principle of two token buckets

PIR
CIR
Token Bucket P
PBS
Token Bucket C CBS
Initially, there are two independent token buckets, P and C. The maximum size of the token
bucket P is PBS and the maximum size of the token bucket C is CBS. The token buckets P and
C are initially (at time 0) full, that is, the token count Tp(0) = PBS and the token count Tc(0) =
CBS.
Thereafter, the token count Tp is incremented by one PIR times per second up to PBS and the
token count Tc is incremented by one CIR times per second up to CBS.
The following uses Tp(t) and Tc(t) to represent the number of tokens in token buckets P and C
respectively at time 0.
l In the Color-Blind mode, when a packet of size B bytes arrives at time t, the following
happens:
– If Tp(t)-B < 0, the packet is red, else;
– If Tc(t)-B < 0, the packet is yellow and Tp is decremented by B, else;
– The packet is green and both Tp and Tc are decremented by B.
l In the Color-Aware mode, when a packet of size B bytes arrives at time t, the following
happens:
– If the packet has been precolored as red or if Tp(t)-B < 0, the packet is red, else;
– If the packet has been precolored as yellow or if Tc(t)-B < 0, the packet is yellow and
Tp is decremented by B, else;
– The packet is green and both Tp and Tc are decremented by B.
14.7 Rate Limitation Based on Port and CoS

To manage the bandwidth for the service, you can configure the rate limitation based on port
and CoS. This topic provides introduction to this feature and describes the principles of this
feature.
14.7.1 Introduction

This topic describes the definition, purpose, and limitation of rate limitation based on port and
CoS.
14.7.2 Principle
This topic describes the implementation principles of rate limitation based on port and CoS.
14.7.1 Introduction
This topic describes the definition, purpose, and limitation of rate limitation based on port and
CoS.
Definition
When the CoS priority is used to indicate the class of service, to manage the bandwidth of the
services, you can configure the rate limitation parameters based on port and CoS, including the
CIR, CBS, PIR, PBS, and meter and mark the packets based on the trTCM.
Purpose
The purpose of this feature is to manage the bandwidth of the service identified by the CoS
priority.
Limitation
The system supports rate limitation only at the board level. That is, the rates of all the ports in
a service board are limited in the same way.
14.7.2 Principle
This topic describes the implementation principles of rate limitation based on port and CoS.
When rate limitation based on port and CoS priorities is configured on the MA5606T, the packets
passing through each port is classified into eight traffic streams according to the CoS priorities
(0-7). Based on these traffic streams, the packets are metered and marked in trTCM mode
according to the configured parameters.
By default, the rate of any traffic stream for which no rate limitation parameter is configured is
unlimited.

Feature Description 15 ANCP
15 ANCP
About This Chapter
ANCP refers to the Access Node Control Protocol which is used to implement the functions
such as topology discovery and line configuration of user ports, and also Layer 2 Control Protocol
(L2C) OAM.
15.1 Introduction
This topic describes the definition, purpose, specification, limitation, and availability of ANCP.
15.2 Principle
This topic describes the implementation principles of ANCP.
15.3 Reference
This topic describes the reference documents of ANCP.

15 ANCP Feature Description
15.1 Introduction
This topic describes the definition, purpose, specification, limitation, and availability of ANCP.
Definition
ANCP refers to the Access Node Control Protocol. An access device exchanges messages with
a BRAS through ANCP to implement the functions such as topology discovery, line
configuration of user ports, and also L2C OAM.
Purpose
Applying ANCP reduces the operating expenditures (OPEX) of carriers.
Specification
The MA5606T supports the following ANCP specifications:
l Topology discovery
l Line configuration
l OAM
l A partition (partition 0)
l two ANCP sessions
l Reporting of traps which indicate the change of the ANCP session status
l Selecting the ID of the start ANCP port through the CLI
l Reporting the topology information about one physical port only once
Limitation
None
Availability
l Hardware support
No additional hardware is required for supporting the ANCP feature.
l License support
The ANCP feature is the basic feature of the MA5606T. Therefore, no license is required
15.2 Principle
This topic describes the implementation principles of ANCP.
The ANCP feature complies with GSMP V3 (RFC3292) and is implemented based on "draft-
wadhwa-gsmp-l2control-configuration-01."
The ANCP feature is applied in the following three scenarios:

l Topology discovery and parameter configuration

l Subscriber service update
l Remote connection test
Line Topology Discovery and Parameter Configuration

TR101/TR059 initiates hierarchical QoS (HQoS), a queue scheduling mechanism of lines to
prevent congestion of the access network. This mechanism requires that the BRAS is capable
of sensing the change of the topology and line parameters of the access network.
Figure 15-1 shows the process of the ANCP topology discovery and parameter configuration.
Figure 15-1 Process of the ANCP topology discovery and parameter configuration
9-Business logic
8-Sync rate to
RADIUS in RADIUS server
access-request
5-Access loop 10-Service
4-Port up message parameters
VSAs
STB 3-HG turned on, stored
synchronized with 1-ANCP session
TV MSAN established
MA5606T 2-Access-line discovery BRAS VoD server

PC Home
gateway capability advertised
6-Set shaping
Phone rate, adjust Softswitch
shaping mode
7-Subscriber logs in
(PPPoE/DHCP session)
The process of the ANCP topology discovery and parameter configuration is as follows:
1. The MA5606T and the BRAS establish an ANCP session. For the session establishment,
refer to GSMP V3 in "15.3 Reference."
2. The MA5606T and the BRAS negotiate their ANCP capability by exchanging the ANCP
capability messages.
3. After the home gateway of a subscriber starts up, the MA5606T senses that the subscriber
line is activated. The home gateway and the MA5606T then synchronize the DSL line
parameters.
4. After synchronizing the line parameters, the MA5606T reports to the BRAS the user port
UP event that carries the line parameters of the MA5606T. For the format of the parameters,
refer to ANCP in "15.3 Reference."
5. After receiving the port UP event, the BRAS records the Access-loop-id and the topology
and parameter information of the subscriber.
6. The BRAS adjusts QoS policies based on the reported line parameters.

7. After the subscriber gets online, the PPPoE or DHCP session has been established. The
BRAS performs the Access-loop-id matching and QoS processing based on the PPPoE
Intermediate Agent or DHCP option82 message.
8. During the subscriber authentication for getting online, if finding the line parameters
reported by ANCP, the BRAS shall report these line parameters to the RADIUS server
when exchanging messages with the RADIUS server.
9. The RADIUS server exchanges the reported line parameters with the background OSS to
complete the business logic processing, and delivers the subscriber QoS policies (such as
using a new line profile) based on the subscriber information.
10. If the BRAS and the RADIUS server do not exchange messages, the BRAS directly delivers
the subscriber QoS policies (such as using a new line profile) based on the locally
configured policies and the parameters obtained by ANCP.
Subscriber Service Update

When a subscriber orders a service on a self-service website, the network update can be
implemented automatically without manual intervention. This reduces the OPEX of carriers.
Figure 15-2 shows the process of modifying the line parameters during a subscriber service
update.
Figure 15-2 Process of modifying the line parameters during a subscriber service update
infoX SSS
3-Business logic
Portal Policy
server server
RADIUS server
2-Service
on demand 4-Change of
authorization
1-Subscriber logs in
(PPPoE/DHCP session)
PC
STB
TV Home BRAS
MA5606T VoD server
gateway
5-Line configuration
message
Phone
Softswitch
The process of modifying the line parameters during a subscriber service update is as follows:
1. An ANCP session is established between the MA5606T and the BRAS, and a subscriber
accesses the BRAS.
2. The subscriber orders the required service on the portal server.

3. The portal server and the policy server deliver the name of the required profile through the
COPS protocol, or the RADIUS server delivers the name of the required profile through
the RADIUS protocol.
4. The BRAS delivers the received profile name to the MA5606T through ANCP.
5. The MA5606T uses the new profile to activate the user port to implement the ordered
service.
Remote Connection Test

The MA5606T can execute a remote connection test through ANCP.
Figure 15-3 shows the process of a remote connection test.
Figure 15-3 Process of a remote connection test
RADIUS server
3-L2c OAM message
4-Send OAM F5 ete

1-ANCP session
loopback cell MA5606T
Home established
gateway
STB 2-ANCP capability BRAS VoD server

5-Echo OAM F5 ete
advertised
loopback cell
6-Echo l2c OAM Softswitch

TV PC Phone
message
The process of a remote connection test is as follows:

1. An ANCP session is established between the MA5606T and the BRAS. For the session
establishment, refer to GSMP V3 in "15.3 Reference."
2. The MA5606T and the BRAS negotiate their ANCP capability by exchanging the ANCP
capability messages.
3. The BRAS triggers a loopback test on a subscriber line through the command line interface
(CLI) or the BMS, and then sends the OAM message to the MA5606T.
4. The MA5606T constructs ATM OAM F5 loopback cells (ete loopback cells), and then
sends them to the home gateway to run a loopback test on the DSL line.
5. The home gateway responds to the loopback test of the MA5606T.
6. The MA5606T sends the loopback test result to the BRAS.
15.3 Reference
This topic describes the reference documents of ANCP.
The following lists the reference documents of ANCP:

l IETF RFC3292: General Switch Management Protocol (GSMP) V3

l IETF DRAFT: draft-wadhwa-gsmp-l2control-configuration-01.txt

Feature Description 16 MSTP
16 MSTP
About This Chapter
The Multiple Spanning Tree Protocol (MSTP) is compatible with STP and RSTP.
16.1 Introduction
This topic describes the definition, purpose, specification, limitation, and availability of MSTP.
16.2 Principle
This topic describes the implementation principles of MSTP.
16.3 Reference
This topic describes the reference documents of MSTP.

16 MSTP Feature Description
16.1 Introduction
This topic describes the definition, purpose, specification, limitation, and availability of MSTP.
Definition
The Spanning Tree Protocol (STP) applies to a loop network to realize path redundancy through
certain algorithms. STP also prunes a loop network into a loop-free tree network. This helps to
avoid proliferation and infinite loop of packets in the loop network.
The Rapid Spanning Tree Protocol (RSTP) is an improvement on STP. The rapidness of RSTP
relies on the greatly shortened delay for the designated port and the root port to turn into the
forwarding state in a certain condition. For details, see "Principles of RSTP" in "16.2
Principle." This helps to shorten the time for stabilizing the network topology.
The Multiple Spanning Tree Protocol (MSTP) is compatible with STP and RSTP.
Purpose
Although STP can prune a loop network into a loop-free network, it fails to transit fast. Even a
port in a point-to-point link or an edge port has to wait double Forward Delay time before it can
turn into the forwarding state.
RSTP features fast convergence; however, like STP, RSTP still has the following defects:
l All the bridges in a local area network (LAN) share a same spanning tree, and fail to block
redundant links by VLAN.
l The packets of all the VLANs are forwarded along the same spanning tree. Therefore, load
sharing of data traffic cannot be implemented between VLANs.
MSTP can remedy the defects of STP and RSTP. It not only realizes fast convergence, but also
enables traffic of different VLANs to be forwarded along their respective paths. This helps to
provide a better load sharing mechanism for redundant links.
MSTP sets VLAN mapping tables (relation tables between VLANs and spanning trees) to
associate VLANs and spanning trees. MSTP divides a switching network into multiple regions.
Each region contains multiple spanning trees, and each spanning tree is independent from any
other one.
MSTP prunes a loop network to a loop-free tree network to avoid proliferation and infinite loop
of packets in the loop network. It also provides multiple redundant paths for data forwarding to
realize load sharing of VLAN data during forwarding.
Specification
The MA5606T supports the following MSTP specifications:
l Compliance with IEEE std 802.1s

l Bridge Protocol Data Unit (BPDU) protection
l Root protection

l Loop protection
l ring check
Limitation
Due to difference in protocols, RSTP and MSTP shall comply with the following limitations
when cooperating to realize fast transition:
l The bridge running MSTP works as the upstream device.
l The bridge running RSTP works as the downstream device.
Otherwise, when the network topology changes, fast transition of a port cannot be realized.
Availability
l Hardware support
The control board supports the MSTP feature.
l License support
The MSTP feature is the basic feature of the MA5606T. Therefore, no license is required
16.2 Principle
This topic describes the implementation principles of MSTP.
Principles of STP
STP determines the topology of a network by transmitting a certain special message
(configuration message as defined in IEEE 802.1D) between bridges. A configuration message
contains sufficient information to enable the bridge to complete the calculation of the spanning
tree.
The following defines the designated port and the designated bridge:
l For a bridge (such as bridge A), the designated bridge is a bridge that is directly connected
to bridge A and forwards data packets to bridge A. The designated port is the port in the
designated bridge through which the data packets are forwarded to bridge A.
l For a LAN, the designated bridge is a bridge that forwards data packets to the LAN. The
designated port is the port in the designated bridge through which the data packets are
forwarded to the LAN.
Figure 16-1 shows a schematic drawing of the designated bridge and the designated port.

Figure 16-1 Schematic drawing of designated bridge and designated port

Switch A
Priority: 0
AP1 AP2
BP1 CP1
Switch C
Switch B
Priority: 1 Priority: 2
BP2 CP2
As shown in Figure 16-1:
l AP1, AP2, BP1, BP2, CP1, and CP2 are ports in Switch A, Switch B, and Switch C
respectively.
l Switch A forwards data to Switch B through port AP1, and then the designated bridge of
Switch B is Switch A, and the designated port is port AP1 in Switch A.
l Switch B and Switch C are connected to the LAN. If Switch B forwards data packets to the
LAN, the designated bridge of the LAN is Switch B, and the designated port is port BP2
in Switch B.
In STP, the configuration message is forwarded as follows:
1. In network initialization, all the bridges work as the root bridge of the spanning tree.
2. The designated port of a bridge takes the hello time as the interval for sending its
configuration messages. If the port that receives the configuration message is a root port,
the bridge increases the message age contained in the configuration message by degrees
and enables the timer to time the configuration message.
3. If a path fails, the root port on this path receives new configuration messages no longer,
and the old configuration messages are discarded due to timeout. This results in
recalculation of the spanning tree. A new path then is created to replace the faulty path and
recover the network connectivity.
The new configuration message upon the recalculation, however, will not immediately spread
throughout the entire network. In this case, the old root port and designated port that fail to
discover the topology change will forward their data along the old paths. If the selected root port
and designated port forwards data immediately, a temporary loop may be created.
Therefore, STP adopts a state transition mechanism. That is, the root port and the designated
port have to experience a transition state before they can re-forward data. The transition state
turns into the forwarding state upon Forward Delay. This delay guarantees that the new
configuration message has spread throughout the entire network.

Defects of STP
l In case of topology change or link failure, a port has to wait double Forward Delay time
before it can turn from the blocking state to the forwarding state. Therefore, in case of
topology change, double Forward Delay time (at least scores of seconds) is required to
restore the network connectivity.
l The entire bridged LAN uses a single spanning tree instance. Therefore, when the network
is large, a longer convergence time may be required or the topology changes frequently.
Principles of RSTP
RSTP is an improvement on STP. The rapidness of RSTP relies on the greatly shortened delay
for the designated port and the root port to turn into the forwarding state in a certain condition.
This helps to shorten the time for stabilizing the network topology.
In comparison with STP, RSTP improves in the following aspects:
l First improvement:
– The alternate port and backup port are set for rapid switching of the root port and
designated port.
– When the root port fails, the alternate port quickly switches to the new root port and
turns into the forwarding state without delay.
– When the designated port fails, the backup port quickly switches to the new designated
port and turns into the forwarding state without delay.
l Second improvement:
– In a point-to-point link connected with two switching ports, a designated port turns into
the forwarding state without delay after one handshake with the downstream bridge.
– In a shared link connected with at least three bridges, the downstream bridge does not
respond to the handshake request sent from the upstream designated port, and the
designated port has to wait double Forward Delay time before it turns into the
forwarding state.
l Third improvement:
– A port that is directly connected to a terminal and is not connected to any other bridge
is defined as an edge port. The edge port can directly turn into the forwarding state
without delay.
– Because a bridge does not know whether a port is directly connected to a terminal, the
edge port must be configured manually.
The bridges that adopt RSTP are compatible with the bridges which adopt STP. The bridges that
adopt RSTP can identify both STP and RSTP packets and apply them to calculation of the
spanning tree.
Defects of RSTP
Although RSTP features fast convergence, like STP, RSTP still has the following defects:
All the bridges in a LAN share a same spanning tree, and thus the packets of all the VLANs
cannot be forwarded equally. Furthermore, the packets of some VLANs cannot be forwarded.
Principles of MSTP

MSTP can remedy the defects of STP and RSTP. It not only realizes fast convergence, but also
enables traffic of different VLANs to be forwarded along their respective paths. This helps to
provide a better load sharing mechanism for redundant links.
MSTP sets VLAN mapping tables (relation tables between VLANs and spanning trees) to
associate VLANs and spanning trees. MSTP divides a switching network into multiple regions.
Each region contains multiple spanning trees, and each spanning tree is independent of any other
one.
Multiple spanning trees can run on each bridge to forward the packets of different VLANs.
MSTP divides the entire L2 network into multiple spanning tree (MST) regions. These regions
and the other bridges and LANs are connected into a single common spanning tree (CST).
Multiple spanning trees are created in a region through calculation. Each spanning tree is defined
as a multiple spanning tree instance (MSTI). MSTI 0 is defined as an internal spanning tree
(IST). MSTP connects all bridges and LANs with a single common and internal spanning tree
(CIST) which consists of the CST and the IST.
Like RSTP, MSTP calculates the spanning tree according to the configuration message. The
configuration message, however, contains the message of MSTP on the bridge.
l Calculation of CIST
– Select a bridge with the highest priority within the entire network as the CIST root by
comparing the configuration messages.
– In each MST region, MSTP creates an IST through calculation. Meanwhile, MSTP
regards each MST region as a single bridge, and then creates a CST between regions.
– The CST and the IST forms the CIST that connects all the bridges in a bridge network.
Select a bridge with the highest priority within the entire network as the CIST root by
comparing the configuration messages. In each MST region, MSTP creates an IST through
calculation. Meanwhile, MSTP regards each MST region as a single bridge, and then creates
CST between regions.
l Calculation of MSTI
In an MST region, MSTP creates different MSTIs for different VLANs according to the
mapping relation between the VLANs and the spanning tree instances. Each spanning tree
is calculated independently. The process is similar to that in which the RSTP calculates the
spanning tree.
Implementation of MSTP on the MA5606T
MSTP is compatible with STP and RSTP. The bridges that adopt MSTP can identify both STP
and RSTP packets and apply them to calculation of the spanning tree.
Besides the basic functions of MSTP, the MA5606T provides some special functions, such as:
l BPDU protection
For an access device, the access port is generally connected to a terminal (such as a PC) or
file server. In this case, the access port is set to an edge port for the purpose of fast transition.
When receiving a configuration message (BPDU), the edge port switches to a non-edge
port automatically, the spanning tree is re-calculated and the topology changes accordingly.
In normal conditions, an edge port cannot receive STP configuration messages. If the bridge
is maliciously attacked by forged configuration messages, the network will be attacked.
The BPDU protection function can prevent such network attacks.

After the BPDU protection function is enabled on the MA5606T, if an edge port receives
a configuration message, the system shuts down the edge port, and notifies the network
management system of the related information. Only network administrators can enable
the port that is shut down.
It is recommended that you enable the BPDU protection function on the MA5606T which
is configured with an edge port.
l Root protection
Because of wrong configurations by the maintenance personnel or malicious network

attacks, a legal root bridge in the network may receive a configuration message with a
higher priority. In this case, this root bridge may become a non-root bridge and the topology
changes accordingly. Such illegal change results in transfer of traffic in high-speed links
to low-speed links, thus causing network congestion.
The root protection function is a solution to this problem.
When the root protection function is enabled for a port, the port is always a designated port.
If the port receives a configuration message with a higher priority, and is to become a non-
designated port, the port will turn into the listening state and will not forward packets (that
is, the link connected to the port is disconnected). If the port does not receive a configuration
message of a much higher priority within a certain long period of time, the port will turn
into the normal state.
l Loop protection
A bridge maintains the states of the root port and other blocked ports by continuously
receiving BPDUs from the upstream bridge.
In case of link congestion or failure, these ports fail to receive BPDUs from the upstream
bridge. For this reason, the bridge will re-select its root bridge. The previous root bridge
switches to the designated port, and the blocked ports turn to the forwarding state. As a
result, loops are created in the switching network.
The loop protection function is a solution to this problem.
After receiving the BPDUs (excluding the TCN packets) again, a port under loop protection
normally processes the packets, selects the role, and resets the forwarding state of the port.
The port is not always in the blocked state.
When the loop protection function is enabled, if the root port switches to a non-root port,
it will turn into the discarding state, and the blocked ports will remain in the discarding
state. Therefore, no packets are forwarded, and no loop is created in the network.
NOTE
The three protection functions conflict with each other.
16.3 Reference
This topic describes the reference documents of MSTP.
The following lists the reference documents of MSTP:

l IEEE Std 802.1d, 1998 Edition, Spanning Tree Protocol
l IEEE Std 802.1w-2001, Rapid Spanning Tree Protocol
l IEEE Std 802.1s-2002, Multiple Spanning Tree Protocol

Feature Description 17 Multicast
17 Multicast
About This Chapter
Multicast refers to the point-to-multipoint communication in which the multicast source sends
the information to a certain subset of all the network nodes.
17.1 Overview
the information to a certain subset of all the network nodes. This topic provides introduction to
17.2 IGMP Snooping
IGMP snooping is a type of multicast control mechanism that works in the data link layer. It is
used to manage and control multicast. This topic provides introduction to this feature and
17.3 IGMP Proxy
IGMP proxy is a function by which in a tree topology, the MA5606T works as an IGMP proxy
to forward the multicast protocol packets, but does not establish routes for multicast forwarding.
This topic provides introduction to this feature and describes the principles of this feature.
17.4 Multicast VLAN Management
Multicast VLAN defines certain important contents of controllable multicast, such as multicast
programs and users. This topic provides introduction to this feature and describes the principles
of this feature.
17.5 Program Management
Program management indicates the management of program attributes, including the program
bandwidth and preview parameters. This topic provides introduction to this feature and describes
the principles of this feature.
17.6 User Management
User management indicates the configuration of valid multicast users, authentication of the users
when they log in, and CAC bandwidth checks. This topic provides introduction to this feature
and describes the principles of this feature.

17 Multicast Feature Description
17.1 Overview
the information to a certain subset of all the network nodes. This topic provides introduction to
17.1.1 Introduction
This topic describes the definition, purpose, specification, and availability of multicast.
17.1.2 Principle
This topic describes the implementation principles of multicast.
17.1.3 Reference
This topic describes the reference documents of multicast.
17.1.1 Introduction
This topic describes the definition, purpose, specification, and availability of multicast.
Definition
the information to a certain subset of all the network nodes.
Controllable multicast allows an access device to determine if a user has the authority to watch
programs by identifying the user request packets. In this way, the access device controls and
forwards the multicast services.
Purpose
The MA5606T provides the IPTV service by adopting the multicast technology.
By adopting controllable multicast, the access device manages and controls multicast users. This
helps to satisfy carriers' requirements for video services provisioning, and to enable the multicast
services to be operable and manageable.
The core of the multicast technology is duplication of the packets at the place nearest to the
receiver, thus lowering the multicast traffic on the network.
Specification
The MA5606T supports the following multicast specifications:
l IGMP V2/V3
l IGMP proxy
l IGMP snooping
l PIM-SSM forwarding
l Tree network
l MSTP ring network

l Controllable multicast, including multicast VLAN management, program management,

and user management
l Re-configuring the VLAN of the upstream IGMP packets based on the ONT
l Transparent snooping for the distributed multicast
Availability
l Hardware support
No additional hardware is required for supporting the multicast feature.
l License support
– The number of the multicast users supported by the MA5606T is under license.
Therefore, the license is required for accessing the corresponding service.
– The number of the multicast programs that can be ordered by the users of the
MA5606T is under license. Therefore, the license is required for accessing the
corresponding service.
– The MA5606T supports the license to control the number of multicast users or the
number of multicast programs at a time.
17.1.2 Principle
This topic describes the implementation principles of multicast.
Figure 17-1 shows a typical multicast application in a tree topology.

Figure 17-1 Typical multicast application in a tree topology

IPTV Server 1 IPTV Server 2
Supporting SSM forwarding and

running IGMP proxy/snooping or
multicast routing protocol
Enabled with IGMP proxy/snooping

Forwarding based on VLAN +
multicast MAC supported
MA5606T
Enabled with Enabled with IGMP

IGMP proxy V2/V3
Home Gateway Home Gateway
STB STB
VoIP Data IPTV video VoIP Data IPTV video

service service service service service service
Layer 2 forwarding is adopted for the multicast application on the access equipment. The
MA5606T forwards the multicast traffic based on VLAN + multicast MAC.
In a ring network, the device enabled with RSTP/MSTP realizes path redundancy using certain
algorithms, and dynamically prunes the ring network into a loop-free tree network.
17.1.3 Reference
This topic describes the reference documents of multicast.
The following lists the reference documents of multicast:
l TR101: Technical Report DSL Forum TR-101 Migration to Ethernet-Based DSL
Aggregation April 2006
l RFC 1112: Deering, S., "Host Extensions for IP Multicasting", STD 5, RFC 1112, August
1989
l RFC-2236: Fenner, W., "Internet Group Management Protocol, Version 2", RFC 2236,
November 1997
l RFC 3376: B. Cain., "Internet Group Management Protocol, Version 3 ", RFC
3376,October 2002

17.2 IGMP Snooping

used to manage and control multicast. This topic provides introduction to this feature and
17.2.1 Introduction
This topic describes the definition, purpose, specification, and limitation of IGMP snooping.
17.2.2 Principle
This topic describes the implementation principles of IGMP snooping.
17.2.1 Introduction
This topic describes the definition, purpose, specification, and limitation of IGMP snooping.
Definition
used to manage and control multicast groups and effectively restrains the spread of multicast
data in the L2 network.
Purpose
The MA5606T supports IGMP snooping feature to realize the multicast management in the L2
network, thus effectively restraining the spread of the multicast data in L2.
Specification
The MA5606T supports the following IGMP snooping specifications:
l IGMP V2/V3 snooping
IGMP V3 supports only the packets in Include mode according to TR101.
l IGMP snooping over IPoE
l IGMP snooping over PPPoE
l A querier that supports the general query and group-specific query mechanism
l SSM forwarding
l Tree and ring networks
l Snooping report proxy
l Snooping leave proxy
Limitation
The MA5606T has the following IGMP snooping limitations:
l To guarantee the transmission quality of the programs ordered by the users, and to prevent
unknown multicast programs from occupying the user line bandwidth, MA5606T shall

suppress the unknown multicast at the network end. By default, the unknown multicast is
suppressed.
l To satisfy the multicast leased line requirements, set the user port so that it allows the
unknown multicast traffic to pass.
17.2.2 Principle
This topic describes the implementation principles of IGMP snooping.
l Process for a multicast user to get online and offline
In IGMP snooping mode, the MA5606T switches the packets for joining and leaving a
multicast group to the upstream VLAN, and then forwards the packets to the multicast
router.
In IGMP snooping mode, the MA5606T acts as a querier. Upon receiving the query packets
from the multicast router, the MA5606T sends a query packet to the user. If there is no
response within the specified duration, the MA5606T deletes the local multicast forwarding
entry. Consequently, the multicast router deletes the forwarding entry from its own
database.
Upon receiving a user' s leave packet, the upper layer router sends a group-specific query
packet to the user. If there is no response from the user within a specified duration, the
router deletes the user from the multicast group.
l Snooping report proxy and leave proxy
When a user gets online and sends a request packet for joining a program, the MA5606T
switches the packet to multicast VLAN and then forwards it to the multicast router. The
subsequent request packets from the user for joining the program are not forwarded to the
multicast router.
When the user gets offline, the MA5606T forwards only the last leave packet to the
multicast router to tell it not to forward the related multicast traffic any longer.
If report proxy is enabled, the MA5606T responds to the query of the multicast router.
l IGMP snooping over PPPoE
If a PPPoE user needs to be authenticated by the BRAS and needs to receive multicast
traffic, the MA5606T must support IGMP snooping over PPPoE, which complies with the
definition of IGMP ECHO in TR101. The MA5606T forwards a PPPoE-encapsulated
IGMP packet to the BRAS, and also generates an IPoE IGMP packet and forwards the
packet to the multicast router.
17.3 IGMP Proxy

This topic provides introduction to this feature and describes the principles of this feature.
17.3.1 Introduction
This topic describes the definition, purpose, and specification of IGMP proxy.
17.3.2 Principle
This topic describes the implementation principles of IGMP proxy.
17.3.1 Introduction
This topic describes the definition, purpose, and specification of IGMP proxy.

Definition
l For the multicast hosts, the access device serves as a multicast router to collect and maintain
the membership in the multicast group by:
– Receiving the join and leave packets from the hosts connecting with the downstream
port
– Checking regularly whether there is a member belonging to some multicast group on
the downstream port
l For the multicast router, the access device serves as a multicast host. It informs the multicast
router that it wants to join or leave a certain specific multicast group by sending the join or
leave packets.
Purpose
IGMP proxy enables the L2 device to support multicast service. In addition, it helps to decrease
the packets for joining and leaving a multicast group, thus lowering the multicast traffic at the
network side.
Specification
The MA5606T supports the following IGMP proxy specifications:
l IGMP V2/V3 proxy

IGMP V3 supports the packets in Include or Exclude modes according to TR101.
l A querier that supports the general query and group-specific query mechanism
l The features of responding to the query of an upper layer router
l IGMP host for sending a packet to the upper layer multicast router for joining and leaving
a multicast group
l SSM forwarding
l Tree and ring networks
17.3.2 Principle
This topic describes the implementation principles of IGMP proxy.
The IGMP proxy implementation is as follows:
1. When an IGMP user intends to order a video program, the user must send an IGMP request
to the IGMP proxy for joining the multicast group corresponding to the program.
2. Upon receiving the request, the MA5606T forwards the request packet to the multicast
router for applying for multicast traffic if the user is the first one to watch the program. If
the multicast traffic is being delivered, the MA5606T forwards the traffic directly to the
user.
3. The MA5606T sends group-general query packets to all online IGMP users at regular
intervals. If it fails to receive any response from a user within a certain period, it considers
that the user has left the multicast group, and deletes the user from the multicast group. If

the user is the last one in the group, the MA5606T sends leave packets to the multicast
router.
4. Meanwhile, when receiving a general query from the multicast router, the MA5606T
reports the current multicast state to the router.
17.4 Multicast VLAN Management

Multicast VLAN defines certain important contents of controllable multicast, such as multicast
programs and users. This topic provides introduction to this feature and describes the principles
of this feature.
17.4.1 Introduction
This topic describes the definition, purpose, specification, and limitation of multicast VLAN
management.
17.4.2 Principle
This topic describes the implementation principles of multicast VLAN management.
17.4.1 Introduction
This topic describes the definition, purpose, specification, and limitation of multicast VLAN
management.
Definition
Multicast VLAN defines some important contents of controllable multicast, such as multicast
programs and users.
Purpose
By leasing multicast VLANs to ISPs, customers can manage the ISPs.
Specification
The MA5606T supports the following multicast VLAN management specifications:
l The system supports up to 32 multicast VLANs.

l Each multicast VLAN can work in proxy or snooping mode.
l Each multicast VLAN can select IGMP V2 or IGMP V3.
l Each multicast VLAN supports up to 4K users.
l Each multicast VLAN support difference program creation modes: static and dynamic.
l The multicast upstream port can be specified for each multicast VLAN.
Limitation
Because the system permits transparent transmission of unknown multicast packets, and the
multicast address of unknown multicast may overlap with the address of the controllable
program, make sure that the user VLAN does not overlap with the multicast VLAN. Otherwise,
unknown multicast packets are forwarded based on the multicast forwarding table.

17.4.2 Principle
This topic describes the implementation principles of multicast VLAN management.
Working Mode
The multicast VLAN is mainly used to support networking of different ISPs. The working mode
of the multicast VLAN can be IGMP proxy or IGMP snooping.
In IGMP V3, the join packets can carry the programs which belong to different VLANs.
l If the VLAN works in IGMP proxy mode, the original packets of users are segmented and
sent from the corresponding multicast VLANs.
l If the VLAN works in IGMP snooping mode, make sure that multiple records in a report
packet do not match multicast VLANs in different snooping modes. Otherwise, the
forwarding of packets causes flooding of IGMP packets. The system processes the first
record in the IGMP packet or discards the packet.
IGMP Version
The IGMP version is configured for each VLAN. This guarantees compatibility of different
versions. The IGMP version of a multicast VLAN can be IGMP V2 or IGMP V3. By default, it
is IGMP V3.
l IGMP V3 is compatible with IGMP V2/V1, and IGMP V2 is compatible with IGMP V1,
Forward compatibility, however, is not supported.
– Based on the existing service applications, the MA5606T supports access of IGMP V3
terminals, and processes IGMP V2 packets, but does not support IGMP V1.
– For the IGMP V3 terminals, the IGMP V2 query packets are sent manually to enable
these terminals to work in IGMP V2 mode.
l IGMP V2: Only IGMPv2 is supported.
Program Creation Mode

The MA5606T supports the following two program creation modes:
l Static programs
– For a multicast group which the users join through the IGMP requests, the program
table is searched based on the address of the multicast group and the source IP address
(for IGMP V3 only).
– In the case of matching, the multicast forwarding is permitted from the multicast VLAN
to the user port, and the upstream IGMP packets are also forwarded through the multicast
VLAN.
l Dynamic programs
– Based on the join requests, the multicast addresses are obtained to dynamically generate
programs.
– The dynamically generated programs do not provide the user-side and network-side
CAC bandwidth control, preview, and pre-join functions.

Multicast Users
According to the description in TR101, a multicast user can order the programs of a multicast
VLAN only when the user is a member of the multicast VLAN.
17.5 Program Management

bandwidth and preview parameters. This topic provides introduction to this feature and describes
the principles of this feature.
17.5.1 Introduction
This topic describes the definition, purpose, specification, and limitation of program
management.
17.5.2 Principle
This topic describes the implementation principles of program management.
17.5.1 Introduction
This topic describes the definition, purpose, specification, and limitation of program
management.
Definition
bandwidth and preview parameters.
Purpose
Program management is to set the attributes of a program.
Specification
The MA5606T supports the following program management specifications:
l Setting the preview parameters
l Up to 4K static programs
l The system supports up to 2K programs, and each multicast VLAN supports up to 4K
programs.
l Prejoin of a static program
l Setting the priority of a static program
l Setting the bandwidth of a static program
l Hierarchical multicast program management, that is, the bandwidth and the number of
concurrently available programs for the multicast users vary with their authorities.
Limitation
To preview a program, a multicast user must have the right to preview the program.

17.5.2 Principle
This topic describes the implementation principles of program management.
Preview
The program preview is to control the times, duration, and interval for a user to watch a program.
This allows the user to have basic knowledge about the program, but does not have the right to
watch the complete program.
A user with the preview authority can preview the program only for a fixed duration. When the
duration expires, the user gets offline. After the preview interval, the user can preview the
program again. The number of previews available for a user in a day cannot exceed the preset
number of previews.
Prejoin
The program prejoin feature enables the MA5606T to send request packets to the multicast router
for joining a multicast group if there is no online user. This helps in delivering the multicast
traffic to the MA5606T in advance, thus shortening the wait time for a user to order a program.
Priority
When forwarding multicast traffic, the MA5606T schedules the traffic on the user port according
to the specified priority. This guarantees the quality of the program.
Bandwidth
Both the connection admission control (CAC) at the user side and that at the network side are
based on the total bandwidth occupied by the online programs of a user or an upstream port. The
bandwidth determines whether a new program can be played. If the bandwidth occupied by the
online programs and that of a new program exceeds the specified CAC, the user cannot play the
new program.
17.6 User Management

when they log in, and CAC bandwidth checks. This topic provides introduction to this feature
and describes the principles of this feature.
17.6.1 Introduction
This topic describes the definition, purpose, and specification of user management.
17.6.2 Principle
This topic describes the implementation principles of user management.
17.6.1 Introduction
This topic describes the definition, purpose, and specification of user management.

Definition
when they log in, and CAC bandwidth checks.
Purpose
User management pertains to controlling and preventing illegal users from watching controlled
programs.
Specification
The MA5606T supports the following user management specifications:
l Each physical port on the xDSL service board supports eight multicast user.
l The IGMP bearer channel and the multicast service bearer channel of a multicast user can
be defined separately.
l Up to 2K authority profiles can be configured.
l The program authority can be any one of watch, preview, forbidden and idle.
l A multicast user can be bound with up to 512 authority profiles.
l CAC at the user side is supported.
l The fast leave feature is supported.
l A multicast user can watch up to 32 programs concurrently.
17.6.2 Principle
This topic describes the implementation principles of user management.
Multicast CAC
Multicast CAC means control of a user's ordering a program based on the bandwidth of a
subscriber line. When ordering a multicast program, a user knows the program bandwidth from
the MA5606T. The MA5606T checks whether the user bandwidth is sufficient for playing a new
program. If yes, the user can order the program. If no, the user fails to order the program.
Fast Leave
Fast leave indicates that the MA5606T deletes a user from a multicast group without any query
if it receives the IGMP leave packet.
IGMP Bearer Channel

The IGMP bearer channel involves the following parameters:
l xDSL, VPI, VCI, including ADSL, SHDSL, VDSL2 (ATM mode)
l user-encap, including PPPoE and IPoE
l user-VLAN
l user-802.1p

Video Bearer Channel

By default, the IGMP bearer channel and the video bearer channel are the same. For flexibility,
you can specify a video bearer channel and an IGMP bearer channel.
If you do not specify the video bearer channel, the IGMP bearer channel also serves as the video
bearer channel.
The video bearer channel involves the following parameters:
l xDSL, VPI, VCI, including ADSL, SHDSL, VDSL2 (ATM mode)
l user-encap, including PPPoE and IPoE
l user-VLAN
l user-802.1p
Program Authority
The program authority is defined in an authority profile. You can control the authorities by
binding a user with different authority profiles.
The program authority can be forbidden, preview, watch, and idle in a descending order. The
system administrator is authorized to configure the authority.

Feature Description 18 Triple Play
18 Triple Play
About This Chapter
Triple play is a service provisioning mode in which integrated services can be provided to a user.
Currently, the prevailing integrated services include the high-speed Internet access service, voice
over IP (VoIP) service, and IPTV service.
18.1 Features of Triply Play

over IP (VoIP) service, and IPTV service. This topic provides introduction to this feature and
describes the principles and reference documents of this feature.
18.2 Single-PVC for Multiple Services
Single-PVC for multiple services is a triple play mode in which a single PVC is adopted for
carrying multiple services from the MA5606T to each DSL user terminal. This topic provides
18.3 Multi-PVC for Multiple Services
Multi-PVC for multiple services is a triple play mode in which multiple PVCs are adopted for

18 Triple Play Feature Description
18.1 Features of Triply Play

over IP (VoIP) service, and IPTV service. This topic provides introduction to this feature and
18.1.1 Introduction
This topic describes the definition, purpose, specification, and availability of triple play.
18.1.2 Principle
This topic describes the implementation principles of triple play.
18.1.3 Reference
This topic describes the reference documents of triple play.
18.1.1 Introduction
This topic describes the definition, purpose, specification, and availability of triple play.
Definition
over IP (VoIP) service, and IPTV service.
Purpose
The early broadband access provides only the high-speed Internet access service. As the Internet
is rapidly developing, it can offer much richer services, such as video (IPTV) services. The
development of multiple access modes such as ADSL2+ and VDSL2 access, and the
improvement of broadband access also lay a solid foundation for provisioning the video service.
Specification
The MA5606T supports the following triple play modes:
l Single-PVC for multiple services
l Multi-PVC for multiple services
Availability
l Hardware support
No additional hardware is required for supporting the triple play feature.
l License support
The triple play feature is the basic feature of the MA5606T. Therefore, no license is required
18.1.2 Principle
This topic describes the implementation principles of triple play.

The main concern of triple play is how to handle different priorities of different services in a
user port, and to reduce the mutual effect to the lowest level.
l VoIP service
Because the bandwidth and delay of the VoIP service are low, the priority of the VoIP
service is the highest among the triple play services.
NOTE
High delay causes echo that affects the voice quality.

l IPTV service
Because the bandwidth occupied by the IPTV service is relatively high, and the bit error
ratio/packet loss ratio is relatively low, the priority of the IPTV service is lower than that
of the VoIP service, but is higher than that of the Internet access service.
NOTE
A high bit error ratio or packet loss ratio causes loss to video frames, thus affecting the program
quality.
l High-speed Internet access
Because common Internet access services, such as web browsing, require neither a strong
real-time performance nor a low packet loss ratio, the priority of the high-speed Internet
access service is the lowest among the triple play services.
NOTE
For the Internet access service, the retransmission mechanism is usually available to guarantee
transmission reliability. Therefore, the Internet access service does not require a low packet loss ratio
like the IPTV service.
To manage the three services in a port conveniently, the MA5606T supports three VLANs for
an upstream interface, one for the VoIP service, one for the IPTV service, and another for the
high-speed Internet access service.
NOTE
When the services are differentiated by Ethernet type (IPoE/PPPoE), the service data goes upstream through
only two different VLANs.
18.1.3 Reference
This topic describes the reference documents of triple play.
For standards and recommendations, see the section, "Standards Compliance" in the
MA5606T Product Description.
18.2 Single-PVC for Multiple Services

18.2.1 Introduction
This topic describes the definition, purpose, specification, and limitation of single-PVC for
multiple services.
18.2.2 Principle

This topic describes the implementation principles of single-PVC for multiple services.
18.2.1 Introduction
This topic describes the definition, purpose, specification, and limitation of single-PVC for
multiple services.
Definition
carrying multiple services from the access device to each DSL user terminal.
Purpose
In the case of single-PVC for multiple services, the DSL user terminal can be easily maintained
because only one PVC is created, and the DSL user terminal does not have to support the binding
between the PVC and the Ethernet port.
Specification
The MA5606T supports the following specifications of single-PVC for multiple services:
l Services can be differentiated by Ethernet encapsulation mode (IPoE/PPPoE).
l Services can be differentiated by VLAN IDs carried in the packets from the DSL user
terminal.
l Services can be differentiated by 802.1p values carried in the packets from the DSL user
terminal.
l Services can be differentiated by 802.1p values of Ethernet frames + VLAN ID.
l Services can be differentiated by Ethernet encapsulation type (IPoE/PPPoE) + VLAN ID.
l Each DSL user port supports up to eight different services.
Limitation
At a time, one DSL port supports only one mode in which multiple services are differentiated.
18.2.2 Principle
This topic describes the implementation principles of single-PVC for multiple services.
The Internet access service, VoIP and IPTV services are carried by a single PVC to the user.
That is, each xDSL port is configured with only one PVC. At the network end, three VLANs
are created for the upstream interface to carry different types of services.
l Figure 18-1 shows the implementation principles of single-PVC for multiple services if
these services are differentiated by IPoE/PPPoE.

Figure 18-1 Single-PVC for multiple services which are differentiated by IPoE/PPPoE
DHCP Home
gateway MA5606T
Phone
ADSL ADSL0 Internet
DHCP GE/FE LAN
VLAN BRAS
Switch
STB 1PVC VoIP
VoIP VPN
PPPoE VLAN
Router
PC Home Video
Video
gateway VLAN VPN
DHCP Router
Phone
DHCP
STB 1PVC VoIP traffic
Video traffic
ADSLN Internet traffic
PPPoE
PC
– The home gateway is used for the DSL user terminal to integrate the three types of
services over a single PVC.
– In general, the PC for the high-speed Internet access adopts PPPoE. The set top box
(STB) for the IPTV service and the Phone for the VoIP service adopt IPoE. The home
gateway integrates the three types of services and sends the integrated services over a
single PVC to the MA5606T.
– According to the Ethernet encapsulation mode of the packets received, the MA5606T
divides the service traffic in the single PVC to two different types of service traffic. One
is the PPPoE service traffic and the other is the IPoE service traffic. Each type of service
traffic goes to the upstream direction over a different VLAN.
– For an MA5606T, all the PPPoE service traffic goes to the upstream direction over a
VLAN, and all the IPoE service traffic goes to the upstream direction over another
VLAN.
l Figure 18-2 shows the implementation principles of single-PVC for multiple services if
these services are differentiated by VLAN ID and 802.1p value carried in the packets from
the DSL user terminal.

Figure 18-2 Single-PVC for multiple services which are differentiated by VLAN IDs and
802.1p values
Home
DHCP gateway
MA5606T
Phone
ADSL ADSL0 Internet
GE/FE LAN BRAS
DHCP VLAN Switch
STB 1PVC VoIP
VoIP VPN
PPPoE VLAN
Router
PC Home Video
gateway VPN
DHCP Video Router
Phone VLAN
DHCP
STB 1PVC VoIP traffic
Video traffic
ADSLN Internet traffic
PPPoE
PC
– The home gateway adopts for the DSL user terminal to provide three Ethernet ports to
connect to the Phone for the VoIP service, the STB for the IPTV service, and the PC
for the high-speed Internet access. Each port is bound with a VLAN ID and a 802.1p
value (That is, the data flow from the port is labeled with this VLAN ID and 802.1p
value.) Then, the home gateway encapsulates the data flow into ATM cells, and sends
them over a single PVC to the MA5606T for processing.
– The MA5606T decapsulates the ATM cells into the data flow, and divides the data flow
into three data flows according to the VLAN IDs and the 802.1p values carried in the
data flow. Then, the MA5606T maps the three services to three different upstream
VLANs according to the VLAN IDs and the 802.1p values.
– To differentiate services by VLAN IDs and the 802.1p values, make sure that the three
VLANs from the DSL user terminal (home gateway) of each MA5606T are different.
18.3 Multi-PVC for Multiple Services

18.3.1 Introduction
This topic describes the definition, purpose, and specification of multi-PVC for multiple
services.
18.3.2 Principle
This topic describes the implementation principles of multi-PVC for multiple services.

18.3.1 Introduction
This topic describes the definition, purpose, and specification of multi-PVC for multiple
services.
Definition
carrying multiple services from the access device to each DSL user terminal.
Purpose
This triple play mode is compatible with the existing operations, administration and maintenance
(OAM) system.
Specification
The MA5606T supports the following specifications of multi-PVC for multiple services:
l Each xDSL port supports up to eight PVCs.
l Each service board supports up to 512 PVCs.
18.3.2 Principle
This topic describes the implementation principles of multi-PVC for multiple services.
The Internet access services, VoIP and IPTV services are carried by different PVCs to the user.
That is, each xDSL port is configured with at least three PVCs. At the network end, three VLANs
are created for the upstream interface to carry different types of services.
Figure 18-3 shows the implementation principles of multi-PVC for multiple services.
Figure 18-3 Implementation principles of multi-PVC for multiple services

Home
DHCP/ gateway
PPPoE MA5606T
Phone LAN
ADSL ADSL0 GE
DHCP/ VoIP Switch
PPPoE BRAS VoIP
VLAN VPN
STB 3PVC Router
Video
VLAN Video
VPN
PPPoE Router
PC
Home Internet
DHCP/ VLAN
gateway
PPPoE
Phone
DHCP/
PPPoE
STB 3PVC
ADSLN VoIP traffic
Video traffic
PPPoE Internet traffic
PC

l The home gateway must be adopted for the DSL user terminal to provide three Ethernet
ports to connect to the Ephone for the VoIP service, the STB for the IPTV service, and the
PC for the high-speed Internet access.
l Each Ethernet port is bound with a PVC (That is, the data flow from the port is labeled with
the VPI/VCI of this PVC). Then, the home gateway sends the data flow from this port to
the MA5606T over the PVC for processing.
l After receiving the packets from the PVC, the MA5606T converts them into the data flow,
labels the data flow with a certain service VLAN, and then sends the labeled data flow to
the upper layer device.

Feature Description 19 Ethernet Link Aggregation
19 Ethernet Link Aggregation
About This Chapter
Ethernet link aggregation refers to aggregation of multiple Ethernet ports together to form a port
to provide higher bandwidth and link security.
19.1 Introduction
This topic describes the definition, purpose, specification, limitation, and availability of Ethernet
link aggregation.
19.2 Principle
This topic describes the implementation principles of the Ethernet link aggregation feature.
19.3 Reference
This topic describes the reference documents of Ethernet link aggregation.

19 Ethernet Link Aggregation Feature Description
19.1 Introduction
link aggregation.
Definition
Ethernet link aggregation refers to aggregation of multiple Ethernet ports together to form a port
to provide higher bandwidth and link security.
The Link Aggregation Control Protocol (LACP) based on IEEE802.3ad is a protocol for
realizing link aggregation. Using LACP, the Ethernet ports of different devices can be
automatically aggregated without interventions from the user, and the link layer failure of the
ports can be detected to implement link aggregation control.
IEEE 802.3ad is a standard related to Ethernet link aggregation. According to the configuration
modes, link aggregation is classified into the following types:
l Manual link aggregation
l Static link aggregation
l Dynamic link aggregation
Purpose
In manual link aggregation mode, because LACP is not used, the devices at both ends of a link
do not thoroughly negotiate the aggregation with each other. In this case, they fail to control the
aggregation accurately and effectively. In fact, they determine whether an aggregation is
performed according to the states (down and up) of the physical ports.
For example, if a user mistakenly connects a link to two ports on different devices, or two ports
in the same device which cannot be aggregated, the system cannot detect this action. In addition,
manual link aggregation works only in load sharing mode, and the applications of the manual
link aggregation are restricted.
Dynamic link aggregation features automatic link aggregation without manual intervention,
which adds the plug-and-play function to a device. In actual applications, however, this
aggregation mode is too flexible to help users use this mode conveniently. For example, because
the link aggregation group is created by a device dynamically, the LAG ID may change if the
device restarts. As a result, the managing of devices becomes difficult.
Static link aggregation has the advantages of both manual link aggregation and dynamic link
aggregation. Therefore, this mode has the following features:
l Easy use and management
l Accurate and effective link control
The LAG and its member ports are manually managed. That is, a user controls the creation and
deletion of a LAG, as well as member ports' entry into or exit from the LAG. The device neither
automatically performs these tasks nor modifies the configuration data of the user.
However, in a static LAG, the member ports may be in two states: selected and standby. A
selected port is an operating port which carries traffic. On the contrary, a standby port carries
no traffic. Therefore, not all the member ports in the static LAG work at the same time, and the

selected and standby states vary with the device operation and the change of external
environment. Therefore, static dynamic aggregation can be either load sharing aggregation or
non-load sharing aggregation.
The features as described herein are related to implementation of static link aggregation through
LACP.
Specification
The MA5606T supports the following link aggregation specifications:
l Up to 4 LAGs and up to eight physical ports in a LAG

l System priority: 0-65535
l Port priority: 0-32767
l Short period: 1-10 seconds (1 second by default)
l Long period: 20-40 seconds (30 seconds by default)
l The period of the time when the upstream port or subtending port is disabled from
transmitting signals can be set. This improves the LACP switching performance.
Limitation
The Ethernet link aggregation of the MA5606T has the following limitations:
l Only the ports of the same type (including port type, operating mode, and rate) can be
aggregated together to form a LAG.
l Dynamic link aggregation is not supported.
Availability
l Hardware support
The control board (MCUA) of the MA5606T supports Ethernet link aggregation.
l License support
The Ethernet link aggregation feature is the basic feature of the MA5606T. Therefore, no
license is required for accessing the corresponding service.MA5606T
19.2 Principle
This topic describes the implementation principles of the Ethernet link aggregation feature.
Principles for Implementing Manual Link Aggregation
This topic describes how to activate, modify, and deactivate manual link aggregation.
Figure 19-1 shows manual link aggregation involving two ports in the control board.

Figure 19-1 Manual link aggregation
Switch
Aggregation
MA5606T
MPW MCU
Two upstream ports of the MA5606T are aggregated together to form a LAG. The peer switch
adds the two ports connected to the two aggregated ports into the LAG.
If the two ports of the MA5606T are in the normal state, the traffic between the MA5606T and
the switch is shared by the two links according to the source MAC address or the combination
of the source MAC address and the destination MAC address.
However, if a port of the MA5606T fails or the corresponding link fails, the control board of the
MA5606T will not distribute traffic to the faulty port.
Principles for Implementing Static Link Aggregation

Static link aggregation adopts LACP which shall run between the devices. In this mode, a user
must configure a LAG, such as creating or deleting the LAG as well as member ports' entry into
or exit from the LAG.
In static link aggregation mode, LACP performs the following functions:
l Check and maintain the states (selected and standby) of the aggregation ports.
l Exchange the information on the states of the aggregation ports with the other connected
devices.
LACP adopts LACP Data Units (LACPDUs) to exchange the aggregation information between
the devices so that the devices can reach an agreement on the aggregation.
Figure 19-2 shows static link aggregation between the MA5606T and the switch through LACP.

Figure 19-2 Static link aggregation
Switch
LACP
Aggregation
MA5606T
MPW MCU
If a member port in the LAG is in the selected state, the traffic is distributed to this port. If the
port is in the standby state, the traffic is not distributed to this port.
The selected and standby states are the states of the aggregation ports maintained at LACP
protocol layer, not the physical states of the ports. If the physical states of the ports change, the
states of the ports at the LACP protocol layer also change. For example, if an aggregation port
fails, the state of the port at the LACP protocol layer will changes to the standby state.
Not only the state change of the physical port, but also the exchange of LACPDUs can result in
a change in the state of the port at the LACP protocol layer. For example, when a port receives
a LACPDU from the peer end, its state may change.
Therefore, LACP can improve the link aggregation security by checking:
l The change in the states of the physical ports
l Board failure
l Port forwarding failure
l The change in the states of the aggregation port at the peer end
LACP also supports such mechanisms as system priority, port priority, and short or long period.
l System priority
In LACP, the system priority is used for controlling the master/slave relation of the
connected devices. The slave device must select the selected port according to the
selection result of the master device. Otherwise, the two devices cannot communicate
with each other.
l Port priority
Port priority is used for selecting the master port and the slave port.
l Timeout
To guarantee the LACP check sensitivity, IEEE 802.3ad defines two timeouts: short
timeout and long timeout. The two timeout values can be adjusted. A device cannot use

the short timeout to exchange information with the peer device unless the peer device
notifies the device of using the short timeout. Otherwise, the device always uses the
long timeout to exchange and transmit information.
The MA5606T supports the following timeout values:
– Short period: 1-10 seconds

– Long period: 20-40 seconds
19.3 Reference
This topic describes the reference documents of Ethernet link aggregation.
The following lists the reference documents of Ethernet link aggregation:
l IEEE 802.3ad Link Aggregation

Feature Description 20 System Security
20 System Security
About This Chapter
System security refers to prevention of attacks to the system.
20.1 Introduction to System Security

System security refer to prevention of attacks to the system. This topic provides introduction to
20.2 Anti-DoS Attack
Anti-DoS attack means defensive measures taken by the MA5606T to control and limit the
number of control packets from a user. This topic provides introduction to this feature and
20.3 MAC Address Filtering
MAC address filtering is a system security mechanism by which the MA5606T checks the source
or destination MAC address of user packets. The source or destination MAC address cannot be
either the well-known MAC address or the MAC address of network equipment. This topic
provides introduction to this feature and describes the principles of this feature.
20.4 Firewall Black List
A firewall black list is an IP address list. The system filters the service packets whose source IP
address is in the firewall black list. This enhances system security and network security. This
20.5 Firewall
The firewall feature enables the MA5606T to filter data packets based on an ACL rule. This
prevents unauthorized users from accessing the MA5606T. This topic provides introduction to
this feature and describes the principles of this feature.

20 System Security Feature Description
20.1 Introduction to System Security

System security refer to prevention of attacks to the system. This topic provides introduction to
20.1.1 Introduction
This topic describes the definition, purpose, specification, and availability of system security.
20.1.2 Principle
The topic describes the operating principles of system security.
20.1.1 Introduction
This topic describes the definition, purpose, specification, and availability of system security.
Definition
The MA5606T supports security settings to prevent attacks initiated by the network to the
MA5606T itself and users in the network. The MA5606T supports the following security
features:
l Anti-Denial of Service (DoS) attack
l Anti-ICMP/IP attack
l Source route filtering
l MAC address filtering
l Firewall black list
l Firewall
l Configuration of acceptable/refused address segments
Purpose
Figure 20-1 shows the system security application model of the MA5606T.
Figure 20-1 System security application model of the MA5606T
Carrier's network
RG
Network device
MA5606T
Broadband user
Remote user

On an access network, the attacks might include the following modes:

l A local user initiates attacks on the system.
l A local user initiates attacks on the network equipment.
l A remote user initiates attacks on local users.
l A remote user initiates attacks on the system.
This topic describes how the MA5606T protects itself from attacks initiated by a broadband
user. Some features (such as the firewall feature) of the MA5606T can also prevent a remote
user from attacking the system.
In addition, the MA5606T protects the network equipment from attacks. This helps guarantee
the security of the carrier's network.
Specification
The MA5606T supports the following system security specifications:

l Anti-DoS attack
l Firewall
Availability
l Hardware support
No additional hardware is required for supporting the system security feature.
l License support
The system security feature is the basic feature of the MA5606T. Therefore, no license is
20.1.2 Principle
The topic describes the operating principles of system security.
l Anti-DoS attack
The MA5606T detects and controls the number of packets sent from a user to the CPU
of the main control board. This avoids attacks on the CPU caused by an excessively
large number of packets.
The MA5606T identifies and discards the ICMP/IP packets with their destination IP
addresses the same as the IP address of the MA5606T.
The MA5606T identifies and discards the IP packets with specified source route options.

The MA5606T identifies and discards the packets with the specified source MAC/
DMAC (Destination MAC) addresses.
The MA5606T filters the service packets with the source IP addresses in the firewall
black list.
l Firewall
The MA5606T filters data packets based on the ACL rule. This prevents unauthorized
users from accessing the MA5606T.
The MA5606T checks if the IP address of a login user is in the acceptable address
segments. This prevents users of unauthorized address segments from accessing the
MA5606T.
20.2 Anti-DoS Attack

number of control packets from a user. This topic provides introduction to this feature and
20.2.1 Introduction
This topic describes the definition, purpose, specification, and limitation of anti-DoS attack.
20.2.2 Principle
This topic describes the implementation principles of the anti-DoS attack feature.
20.2.1 Introduction
This topic describes the definition, purpose, specification, and limitation of anti-DoS attack.
Definition
number of control packets from a user.
A DoS attack occurs when users send an excessively large number of control packets purposely
to the system to overload it.
Purpose
A DoS attack:
l Endangers the normal operation of the access system
l Prevents the system from receiving normal service requests from the legal users.
l Suspends the system
To protect the MA5606T, you can enable the MA5606T to limit the number of control packets
from a user. In this way, the MA5606T discards excessive control packets.

For a user initiating DoS attacks, the MA5606T adds the user to the DoS attack black list and
stops receiving control packets from the user.
For a user in the black list, the administrator can force the user to get offline.
Specification
The MA5606T supports the following anti-DoS attack specifications:
l Anti-DoS attacks in the form of various control packets such as:
– PPPoE discovery packets
– DHCP packets
– ARP packets
– ICMP packets
– IGMP packets
– PPP LCP packets
– BPDU packets
l Up to 256 users in a DoS attack black list of DoS attack
l Report of an alarm when a DoS attack occurs or when it ends
Limitation
For the OPFA board, the MA5606T detects if a DoS attack occurs by checking the physical port.
20.2.2 Principle
This topic describes the implementation principles of the anti-DoS attack feature.
The MA5606T prevents DoS attacks in the following ways:
l The MA5606T maintains a black list of DoS attackers. For the users in the DoS attack black
list, the administrator can force the user to get offline by deactivating the corresponding
port or by other methods.
l With the anti-DoS attack switch enabled, the MA5606T detects if a DoS attack occurs and
ends in this way:
– The MA5606T detects the packets from a user port to the control module. If the number
of packets exceeds the average number of control packets for normal services, the
MA5606T confirms that a DoS attack occurs.
– When a DoS attack occurs from a user port, the MA5606T adds the port to the DoS
attack black list, and discards the protocol packets from the port.
– When the MA5606T detects that the user stops DoS attacks, the MA5606T deletes the
port from the DoS attack black list, and allows transmission of the packets to the control
module.
20.3 MAC Address Filtering

either the well-known MAC address or the MAC address of network equipment. This topic
provides introduction to this feature and describes the principles of this feature.

20.3.1 Introduction
This topic describes the definition, purpose, specification, limitation, and availability of MAC
address filtering.
20.3.2 Principle
This topic describes the implementation principles of the MAC address filtering feature.
20.3.1 Introduction
This topic describes the definition, purpose, specification, limitation, and availability of MAC
address filtering.
Definition
either the well-known MAC address or the MAC address of network equipment.
Purpose
MAC address filtering is used to specify the source or destination MAC addresses not allowed
for user packets. This is to prevent users from forging the MAC address of network equipment
to attack the carrier's network.
Specification
The MA5606T supports filtering of four addresses or MAC address segments.
Limitation
The MAC address filtering and anti-MAC spoofing feature can be enabled at the same time. If
both are enabled, the feature of MAC address filtering has a higher priority.
Availability
l Hardware support
No additional hardware is required for supporting the MAC address filtering feature.
l License support
The MAC address filtering feature is the basic feature of the MA5606T. Therefore, no
20.3.2 Principle
This topic describes the implementation principles of the MAC address filtering feature.
The principle for implementing the MAC address filtering feature is as follows:
l To prevent a user from forging a MAC address of the network equipment, set the MAC
address as the one to be filtered.

l When the user packets travel in the upstream direction, the MA5606T checks their source
MAC address. If the source MAC address is the same as the MAC address configured at
the network end, the MA5606T discards these user packets.
20.4 Firewall Black List

address is in the firewall black list. This enhances system security and network security. This
20.4.1 Introduction
This topic describes the definition, purpose, specification, and limitation of the firewall black
list.
20.4.2 Principle
This topic describes the implementation principles of the firewall black list feature.
20.4.1 Introduction
This topic describes the definition, purpose, specification, and limitation of the firewall black
list.
Definition
address is in the firewall black list. This enhances system security and network security.
Purpose
Firewall black list is used to specify malicious users for preventing attacks on the MA5606T.
Specification
The MA5606T supports the following firewall black list specifications:
l Up to 2000 IP addresses can be manually configured in the firewall black list.
l When configuring the firewall black list, you can specify the aging time of an IP address.
The duration is in the range of 1-1000 minutes. If the aging time is not specified, the IP
address does not age.
Limitation
An ACL rule is applicable when the firewall black list feature is enabled. In this case, the ACL
rule has a higher priority.
20.4.2 Principle
This topic describes the implementation principles of the firewall black list feature.
The principle for implementing the firewall black list feature is as follows:
l For the packets with the source IP address specified in the firewall black list, the
MA5606T discards the packets.

l For the packets that match a specified ACL rule, if the rule allows the packets to pass
through, the MA5606T transmits the packets upstream even if the IP address is in the
firewall black list. If the rule forbids the packets to pass through, the MA5606T discards
the packets.
20.5 Firewall
prevents unauthorized users from accessing the MA5606T. This topic provides introduction to
this feature and describes the principles of this feature.
20.5.1 Introduction
This topic describes the definition, purpose, specification, and limitation of firewall.
20.5.2 Principle
This topic describes the implementation principles of the firewall feature.
20.5.1 Introduction
This topic describes the definition, purpose, specification, and limitation of firewall.
Definition
prevents unauthorized users from accessing the MA5606T.
Purpose
An unauthorized users might access an MA5606T through its maintenance network port
(outband) or service channel (inband) to configure the MA5606T illegally. This affects the
operation of the MA5606T and the carrier's network.
By setting the firewall, only authorized users can maintain the MA5606T through its
maintenance network port (outband) or service channel (inband).
Specification
The MA5606T supports the following firewall specifications:
l The firewall feature can be enabled on the maintenance network port and every VLAN
interface.
l ACL rules used for filtering ingress and egress data packets can be configured respectively.
Limitation
The MA5606T firewall has the following limitations:
l The firewall feature enables the MA5606T to filter data packets based on ACL rules,
provided that the rules exist. If the rules do not exist, the MA5606T transmits or discards
the packets according to the default rule.
l The ACL rules applying to the firewall must be a basic ACL rule or an advance ACL rule.

20.5.2 Principle
This topic describes the implementation principles of the firewall feature.
The principle for implementing the firewall feature is as follows:
1. If the firewall feature is enabled, when a user logs in to the MA5606T through its
maintenance network port or a service channel, the MA5606T judges whether the user is
allowed to access the system according to the configured ACL rules. If the user packets do
not match the ACL rules, the MA5606T discards the packets.
2. An ACL rule specifies a group of IP addresses, protocol types, or ports allowed or forbidden
to access the system.

Feature Description 21 User Security
21 User Security
About This Chapter
User security is a mechanism which guarantees the security of operation users and access users.
21.1 PITP
The Policy Information Transfer Protocol (PITP) is a protocol for transferring the policy
information between the access equipment and the BRAS in an L2 P2P communication mode.
PITP is used to transfer the information on a user's access location. This topic provides
21.2 DHCP option82
DHCP option82 is similar to PPPoE+ as a user security mechanism. The information on a user's
access location is added into the DHCP request packets initiated by a user for user authentication.
This topic provides introduction to this feature and describes the principles and reference
documents of this feature.
21.3 DHCP Sub-Option90
DHCP Sub-Option90 cooperates with DHCP Option82. You can enable DHCP sub-Option90
only when DHCP Option82 is enabled. This topic provides introduction to this feature and
describes the availability, principle, implementation, and reference of this feature.
21.4 RAIO
In the case that PTIP and DHCP option82 are enabled, RAIO refers to the information on a user's
access location provided by the MA5606T in the VBAS response packet, PPPoE discovery
packet and DHCP option82 packet for the BRAS to authenticate a user. This topic provides
21.5 IP Address Binding
IP address binding indicates the binding between an IP address and a service port. The
MA5606T allows only the upstream packets with the source address the same as the one bound
to pass through. This topic provides introduction to this feature and describes the principles and
reference documents of this feature.
21.6 MAC Address Binding
MAC address binding indicates the binding between a MAC address and a service port. Thus,
only the packets with the specified MAC address can be transmitted over the network. This topic
provides introduction to this feature and describes the principles and reference documents of
this feature.

21 User Security Feature Description
21.7 VMAC
Virtual MAC (VMAC) is the source MAC address allocated by the access device. In transmission
of the user packets, the access device replaces the source MAC address of the user packets with
the VMAC address. This topic provides introduction to this feature and describes the principles
21.8 SMAC
The SMAC feature, also known as the PPPoE single-MAC, is one of the security features
supported by the MA5606T. This topic provides the definition, principles, and reference of the
SMAC feature.
21.9 Anti-MAC Spoofing
Anti-MAC spoofing attack means the system takes measures to prevent a user from attacking
the system using a forged MAC address. This topic provides introduction to this feature and
21.10 Anti-IP Spoofing
Anti-IP spoofing attack is a user security mechanism in which the system takes measures to
prevent a user from attacking the system using a forged IP address. This topic provides

21.1 PITP
PITP is used to transfer the information on a user's access location. This topic provides
21.1.1 Introduction
This topic describes the definition, purpose, specification, limitation, and availability of PITP.
21.1.2 Principle
This topic describes the implementation principles of the PITP feature.
21.1.3 Reference
This topic describes the reference documents of PITP.
21.1.1 Introduction
This topic describes the definition, purpose, specification, limitation, and availability of PITP.
Definition
PITP is used to transfer the information on a user's access location. PITP, namely, Relay Agent
Information Option (RAIO), involves:
l PPPoE+ mode (P mode for short)
In this mode, the MA5606T adds a user's port information to the PPPoE Discovery packet
for the BRAS to authenticate the user.
l Virtual Broadband Access Server (VBAS) mode (V mode for short)
In this mode, the BRAS initiates the query of a user's port information from the
MA5606T.
Purpose
For the MA5606T, PITP provides the upper layer authentication server (such as BRAS) with
the information about the ports of users. After the BRAS obtains the port information, it
authenticates the binding of the user account with the access port to avoid theft and roaming of
user accounts.
Specification
PITP supports two modes: P mode (PPPoE+) and V mode (VBAS).
PITP takes effect only when it is enabled in all the following levels:
l Global level
l Port level
l Service port level

Limitation
The MA5606T PITP has the following limitations:
l Only one PITP mode can be enabled at a time.
l The V mode protocol type cannot be the standard Ethernet protocol type.
l The V mode Ethernet protocol type cannot be configured in PITP V mode. To modify the
default VBAS protocol type, disable V mode first.
Availability
l Hardware support
No additional hardware is required for supporting the PITP feature.
l License support
The PITP feature is the basic feature of the MA5606T. Therefore, no license is required
21.1.2 Principle
This topic describes the implementation principles of the PITP feature.
Implementation of V Mode
Figure 21-1 shows the PPPoE dialup process in PITP V mode.
Figure 21-1 PPPoE dialup process in PITP V mode
User MA5606T BRAS RADIUS Server
1 PADI
Discovery
2 PADO
3 PADR
4 PADS
5 VBAS request packet
6 VBAS response packet
7 LCP negotiation
Session
8 Authentication
packet 9 Request packet
with user port
information
10 Access
accepted packet
11 Authentication
pass packet
12 Data transmission

After the PITP V mode is enabled, the PPPoE dialup process is as follows: (The words in blue
in the above figure also describe this process.)
1. After the PPPoE discovery stage, the BRAS sends VBAS request packets to the
MA5606T for the physical location of the user.
2. After receiving the request packets, the MA5606T searches the user's access location
information (shelf/slot/port number) according to the MAC address and VLAN information
contained in the request packets.
3. If finding the information, the MA5606T adds it to the VBAS response packets and then
sends the packets to the BRAS. If not, the MA5606T does not respond.
VBAS Packet Format

Figure 21-2 shows the format of a VBAS packet.

Figure 21-2 VBAS packet format

# 012345678901 23456789012345678901
# + - +- +- +- +- +- +- +- +- +-+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+- +- +- +- +- +
# | Version | Reserve |
# + - +- +- +- +- +- +- +- +- +-+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+- +- +- +- +- +
# | Trans Info Type | Oper Type | Oper Result |
# + - +- +- +- +- +- +- +- +- +-+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+- +- +- +- +- +
# | Session ID |
# + - +- +- +- +- +- +- +- +- +-+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+- +- +- +- +- +
# | Addr Len | Info Len | IF Type |
# + - +- +- +- +- +- +- +- +- +-+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+- +- +- +- +- +
# | Src Addr |
# + - +- +- +- +- +- +- +- +- +-+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+- +- +- +- +- +
# | Src Addr | Src Vlan |
# + - +- +- +- +- +- +- +- +- +-+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+- +- +- +- +- +
# | Src Port | Dst Addr |
# + - +- +- +- +- +- +- +- +- +-+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+- +- +- +- +- +
# | Dst Addr |
# + - +- +- +- +- +- +- +- +- +-+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+- +- +- +- +- +
# | Dst Vlan | Dst Port |
# + - +- +- +- +- +- +- +- +- +-+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+- +- +- +- +- +
# | User Info Len | ~~~
# + - +- +- +- +- +- +- +- +- +-+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+- +- +- +- +- +
The Ethernet protocol type of a VBAS packet is configurable. By default, it is 0x8200. Table
21-1 lists the meaning of each field in a VBAS packet.
Table 21-1 Fields of a VBAS packet

Field Meaning
Version One byte. It is 1 for both request and response packets.
Reserve Three bytes.

Field Meaning
Trans Info Type Two bytes. It is 1 for both request and response packets. It
indicates the type of physical port information. This field will
be extended with other information later.
Oper Type One byte. It is:

l 1 for a request packet.
l 2 for a response packet.
Oper Result One byte. It is:

l 0 for a successful response packet.
l 1 if a packet cannot be identified.
l 2 if a destination VLAN does not exist.
l 3 if a destination MAC address does not exist.
For simplifying process, the MA5606T does not send any
response packet if the port information of a user cannot be
found.
Session ID Four bytes. This field is filled by the BRAS and it must be
consistent in a request packet and in the associated response
packet.
Addr Len Length of the hardware address. 1 byte. It is 6 for both request
and response packets.
Info Len One byte. It is 4 for both request and response packets.
IF Type Interface type with two bytes. It is:

l 15 for an Ethernet port and 16 for an xDSL port in a response
packet.
Src Addr Four bytes. It is:

l The MAC address of the BRAS for a request packet.
l The MAC address of the queried user for a response packet.
Src Vlan Two bytes. It is:

l The VLAN ID contained in the PPPoE discovery packet for
a request packet. If no VLAN ID is available, this field is
fully filled with Fs.
l The F/S/P value of 4/4/8 bits for a response packet. The
MA5606T fills the information of the 16 bits in this field
and does not truncate the last 12 bits. The BRAS uses only
the last 12 bits.
Src Port Two bytes. This field is not used.

Field Meaning
Dst Addr Six bytes. It is:

l The MAC address of the queried user for a request packet.
l The MAC address of the BRAS for a response packet.
Dst Vlan Two bytes. This field is the same as the source VLAN ID in a
request packet.
Dst Port Two bytes. This field is not used.
User Info Len One byte. It is:

l Invalid for a request packet.
l The length of the character string of the user port
information for a response packet. The length is changeable,
and the character string concerns the information on a user's
access location, namely, the RAIO information.
The format varies with different modes. For details, see the
section "21.4 RAIO."
Implementation of P Mode
Figure 21-3 shows the PPPoE dialup process in PITP P mode.
Figure 21-3 PPPoE dialup process in PITP P mode
User MA5606T BRAS RADIUS Server
1 PADI PADI+Tag
Discovery
2 PADO PADO+Tag
3 PADR PADR+Tag
4 PADS PADS+Tag
5 LCP negotiation
6 Authentication
packet 7 Request packet
with user port
information
Session
10 Access
accepted packet
9 Authentication
pass packet
10 Data transmission

In PITP P mode, the MA5606T adds the information on a user's access location into PPPoE
discovery packets for user authentication at the upper layer server.
The difference of PPPoE dialup between the case that P mode is enabled and that P mode is
disabled lies in (The words in blue in the above figure also describe this process.):
l At the PPPoE discovery stage, the PPPoE packets sent between the MA5606T and the
BRAS contain the information on a user's access location. The MA5606T receives the
PPPoE packets from a user and adds the access location information into the packets. After
that, it forwards the packets to the BRAS. Upon receiving the PPPoE packets containing
the access location information from the BRAS, the MA5606T extracts the information
and then forwards the packets to the user.
NOTE
Note that the packets from the BRAS do not necessarily contain the information on a user's access
location.
l If the PPPoE user needs to be authenticated on the RADIUS server, the BRAS extracts the
access location information from the PPPoE packets from the MA5606T and then adds the
information into the authentication request packets for authentication.
Packet Format in P Mode

Figure 21-4 shows the format of a packet in P mode.
Figure 21-4 Packet format in P mode

012345678901234567 89012345678901
+ -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| VER | TYPE | CODE | SESSION_ID |
+ -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| LENGTH | PAYLOAD ~
+ -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 21-5 shows the format of a PPPoE payload field.
Figure 21-5 PPPoE payload field format

01234567890123456789012345678901
+ -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
| TAG_TYPE | TAG_LENGTH |
+ -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
| TAG_VALUE ... ~
+ -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-

Table 21-2 lists the meaning of each field in a PPPoE packet.
Table 21-2 Fields of a PPPoE packet

Field Meaning
VER It is 1.
TYPE It is 1.
CODE This field indicates the packet type at the PPPoE discovery
stage. The correlation between this field and the packet type
is as follows:
l PADI: 0x09
l PADO: 0x07
l PADR: 0x19
l PADS: 0x65
l PADT: 0xa7
SESSION_ID The session ID is obtained through the negotiation between

the user and the BRAS.
LENGTH The length of the PPPoE load.
PAYLOAD This field is represented in a format of type-length-value.

Figure 21-5 shows the format of this field.
Figure 21-6 shows the format of the vendor tag (PPPoE+ tag) specified by the forum.
Figure 21-6 Vendor tag format

+ ---- ---------- + -------------- + -------------- + -------------- +
| 0x0105 (Vendor- Specific) | TAG_LENGTH |
+ -------------- + -------------- + -------------- + -------------- +
| 0x00000DE9 (3561 decimal, i.e.“ ADSL Forum ” IANA entry) |
+ -------------- + -------------- + -------------- + -------------- +
| 0x01 | length | Agent Circuit ID value... |
+ -------------- + -------------- + -------------- + -------------- +
| Agent Circuit ID value (con ’ t) |
+ -------------- + -------- ------ + -------------- + -------------- +
| 0x02 | length | Agent Remote ID value... |
+ -------------- + -------------- + -------------- + -------------- +
| Agent Remote ID value (con ’ t) |
+ -------------- + -------------- +-- ------------ + -------------- +

The MA5606T supports the vendor tags in different formats. For details, see the section "21.4
RAIO."
21.1.3 Reference
This topic describes the reference documents of PITP.
The following lists the reference documents of PITP:

l RFC2516, "PPP Over Ethernet"
21.2 DHCP option82

This topic provides introduction to this feature and describes the principles and reference
documents of this feature.
21.2.1 Introduction
This topic describes the definition, purpose, specification, and availability of DHCP option82.
21.2.2 Principle
This topic describes the implementation principles of the DHCP option82 feature.
21.2.3 Reference
This topic describes the reference documents of DHCP option82.
21.2.1 Introduction
This topic describes the definition, purpose, specification, and availability of DHCP option82.
Definition
Purpose
DHCP option82 enables the DHCP request packets to carry the information on a user's access
location for user authentication.
Specification
DHCP option82 takes effect only when it is enabled at all the following levels:
l Global level
l Port level
l Service port level

Availability
l Hardware support
No additional hardware is required for supporting the DHCP Option82 feature.
l License support
The DHCP Option82 feature is an optional feature of the MA5606T. Therefore, the license
21.2.2 Principle
This topic describes the implementation principles of the DHCP option82 feature.
Principle
Figure 21-7 shows the DHCP process when DHCP option82 is enabled.
Figure 21-7 DHCP process with DHCP option82 enabled
User MA5606T DHCP Relay Agent/

DHCP Server
Discovery
Discovery+Option82
Offer(+Option82)
Offer
Request
Request+Option82
ACK(+Option82)
ACK
Data transmission
Release
The principle of DHCP option82 is similar to that of PPPoE+. The difference lies in that when
a user requests for configuration, the MA5606T adds the information on the user's access location
into the DHCP request packets from the user for authentication at the upper layer.
DHCP option82 Packet Format
For DHCP option82, you need to concern only about the option field in a DHCP packet, which
is detailed in this topic.
This field length is changeable. This field contains the following initial configurations for
terminals and network configurations:
l IP features

l Domain name
l Specific information for identifying a terminal
l IP address of the default gateway
l IP address of the default gateway
l IP address of the WINS server
l A user's valid lease term for an IP address
Figure 21-8 shows the format of a DHCP option82 field.
Figure 21-8 Format of a DHCP option82 field

Code Len Agent Information Field
+ ------ + ------ + ------ + ------ + ------ +
| 82 | N | i1 | i2 | i3 | i4 | | iN |
+ ------ + ------ + --- --- + ------ + ------ +
Table 21-3 lists the meanings of each field in a DHCP option82 packet.
Table 21-3 Fields of a DHCP option82 packet
Field Meaning
Code One byte. This field is in the CLV format, used to uniquely
identify the following information.
Len 1 byte. This field indicates the length of the following

information.
Agent Information Field This field indicates the information in bytes. The length is
specified by the length field.
option82 contains multiple sub options, which are contained in the value filed of option82.
Figure 21-9 shows the format of each sub option.
Figure 21-9 Sub options of DHCP option82

SubOpt Len Sub- option Value
+ ------ + ------ + ------ + ------ + ------ + ------
1 N | s1 | s2 | s3 | s4 | | sN |
+ ------ + ------ + ------ + ------ + ------ + ------
The two major sub options of option82 are:

l Circuit ID (CID)

This sub option is used to identify the local circuit identifier of DHCP proxy for receiving
DHCP packets from a user. This field might contain router interface No. and ATM PVC
No. The identifier is 1.
l Remote ID (RID)
This sub option is used to identify the remote host of a circuit. This field might contain the
ATM address of a remote incoming and the modem ID. The identifier is 2.
The MA5606T supports option82 in different formats. For details, see the section "21.4
RAIO."
21.2.3 Reference
This topic describes the reference documents of DHCP option82.
The following lists the reference documents of DHCP option82:

l RFC1531, "Dynamic Host Configuration Protocol"
l RFC3046, "DHCP Relay Agent Information Option"
21.3 DHCP Sub-Option90

only when DHCP Option82 is enabled. This topic provides introduction to this feature and
describes the availability, principle, implementation, and reference of this feature.
21.3.1 Introduction
This topic describes the definition, purpose, specification, limitations, glossary, and also
acronyms and abbreviations related to the DHCP Sub-Option90 feature.
21.3.2 Principles
This topic describes the operating principles of the DHCP Sub-Option90.
21.3.3 Reference
This topic describes the reference documents of the DHCP sub-option90 feature.
21.3.1 Introduction
acronyms and abbreviations related to the DHCP Sub-Option90 feature.
Definition
only when DHCP Option82 is enabled. Fill the DHCP request packet initialized by the user with
the port mode, single-PVC multi-VLAN type, and user encapsulation type, to cooperate user
authentication of the upper layer server.
Purpose
In the DHCP request packet, carry the service port mode, single-PVC multi-VLAN type and
user encapsulation type.

Specifications
DHCP Sub-Option90 is a global switch. The system adds the Sub-Option90 information to the
upstream DHCP packet only when DHCP Option82 and DHCP Sub-Option90 are enabled.
Glossary
None

None
21.3.2 Principles
This topic describes the operating principles of the DHCP Sub-Option90.
Basic Principles
Figure 21-10 shows the DHCP process when the DHCP Sub-Option90 is enabled.
Figure 21-10 DHCP process when the DHCP Sub-Option90 is enabled
User MA5606T DHCP relay agent/

DHCP server
Discovery
Discovery + Option90
Offer (+Option90)
Offer
Request
Request + Option90
ACK (+Option90)
ACK
Data transmission
Release
The DHCP Sub-Option90 is valid only when the DHCP Option82 is enabled. When the user
applies the DHCP Sub-Option90 configuration, the Sub-Option90 information is added in the
DHCP packet that is sent from the user side to the upper layer server for authentication. Other
configuration process is the same as common DHCP process.
DHCP Sub-Option90 Packet Format

The option (variable length) field includes the port mode, single-PVC multi-VLAN mode, and
user encryption mode.
Figure 21-11 shows the subitem format of the DHCP Sub-Option90.

Figure 21-11 Subitem format of the DHCP Sub-Option90
+ --------------------
+ -----------------+ ----------------+ ----------------+ ---------------------
+
|Sub-option type| Length | Data link | Encaps 1 | Encaps 2 |
| 0x90 | 0x03 | 1 byte | 1 byte | 1 byte |

+ -------------------+ -----------------+ ----------------+ ----------------+ ---------------------
+
Table 21-4 shows the details of each field in the DHCP Sut-Option90 packet.
Table 21-4 Details of each field in the DHCP Sut-Option90 packet
Field Description
DataLink It indicates that the port mode is ATM or Ethernet. When the
port type is ATM, this field is 0. When the port type is Ethernet,
this field is 1.
Encaps1 It indicates whether the packet is single-PVC multi-VLAN.

When the packet is encapsulated with VLAN TAG, this field
is 1. When the packet is not encapsulated, and is UNTAG, this
field is 0.
Encaps2 It indicates the encapsulation type of the user. When the

encapsulation fails, this field is 0. When the encapsulation type
is LLC-PPPOA, this field is 1. When the encapsulation type is
VC-PPPOA, this field is 2. When the encapsulation type is
LLC-IPOA, this field is 3. When the encapsulation type is VC-
IPOA, this field is 4. When the encapsulation type is LLC-
Bridge, and the FCS check is enabled, this field is 5. When the
encapsulation type is LLC-Bridge, and the FCS check is not
enabled, this field is 6. When the encapsulation type is VC-
Bridge, and the FCS check is enabled, this field is 7. When the
encapsulation type is VC-Bridge, and the FCS check is not
enabled, this field is 8.
NOTE
The MA5606T does not support FCS check.
21.3.3 Reference
This topic describes the reference documents of the DHCP sub-option90 feature.

l RFC1531, "Dynamic Host Configuration Protocol"

21.4 RAIO
packet and DHCP option82 packet for the BRAS to authenticate a user. This topic provides
21.4.1 Introduction
This topic describes the definition, purpose, specification, and availability of RAIO.
21.4.2 Principle
This topic describes the implementation principles of the RAIO feature.
21.4.3 Reference
This topic describes the reference documents of RAIO.
21.4.1 Introduction
This topic describes the definition, purpose, specification, and availability of RAIO.
Definition
packet and DHCP option82 packet for the BRAS to authenticate a user.
Purpose
RAIO indicates the access location of a user, which is provided by the MA5606T to the BRAS,
and based on which the BRAS authenticates the user.
Specification
RAIO contains the PITP tag and DHCP option82 tag. Because RAIO has not standardized yet,
the formats required by different carriers vary. Hence, multiple RAIO modes are provided to
meet different carriers' needs.
The RAIO modes are:

l common
l xdsl-port-rate
l cbtel
l ti
l neuf
l port-userlabel
l service-port-userlabel
l dslforum-default
l brt

l user-defined
l ft
Availability
l Hardware support
No additional hardware is required for supporting the RAIO feature.
l License support
The RAIO feature is the basic feature of the MA5606T. Therefore, no license is required
21.4.2 Principle
This topic describes the implementation principles of the RAIO feature.
The following describes the RAIO modes, and the fields of each mode.
Common
l CID: In general, this field is used to identify the attributes of a device (global information).
The format varies with the access mode. Table 21-5 shows the CID formats in various
access modes.
Table 21-5 CID formats in various access modes

Access Mode CID Format
ATM port Device name atm shelf No./slot No./sub slot No./port No.:
vpi.vci
VDSL/LAN access Device name eth shelf No./Slot No./Sub Slot No./Port No.:
User's VLAN ID
xPON Device name xpon shelf No./Slot No./Sub Slot No./Port

No.: gemport.ontid.vlanid
– If the device name field is the default name MA5606T, the MAC address of the
MA5606T is entered in this field. The format is 00E0FC000001 in upper case.
– If the device name is not MA5606T, the actual name of the device is used to fill the
device name field.
l RID: In general, this field is used to identify the access information of a user (local
information). The format can be customized. For the MA5606T, this field is null, which
means the RID sub option contains only the Code and Len fields.
The following is an example of RAIO field in common mode:
l CID --------> 00E0FC112233 atm 0/12/0/49:0.35
l RID --------> NULL
xDSL Port Rate

In this mode, this field for upstream/downstream ADSL activation rate is added at the end of
the CID default format. Currently, only the ADSL2+ board supports this mode.
The RAIO field in this mode is as follows:
"AccessNodeIdentifier {atm|eth} frame/slot/subslot/port[:vpi.vci|vlan]%Up:xxxkbps

Dowm:xxxkbps"
l %: Information identifier, which indicates the information after is the activation rate.
l XXX: Indicates the ADSL activation rate in the unit of kbps.
l Up: Indicates the upstream activation rate.
l Down: Indicates the downstream activation rate.
The following is an example of RAIO field in xDSL port rate mode:

l CID ----> 00E0FC112233 atm 0/12/0/49:0.35%Up:1020kbps Down:24540kbps
l RID ----> NULL
Port-userlabel
In this mode, the CID field carries a customized description of a user's access location, besides
the description contained in common mode. The RID field also needs to carry the customized
description (Label), the length of which is up to 32 bytes.
The following is an example of RAIO field in port-userlabel mode:

l CID ----> 00E0FC112233 atm 0/12/0/49:0.35 075528978944
l RID ----> 075528978944
Service-port-userlabel
The CID field supports ATM/ETH/xPON access. The RID field carries the information on a
user's flow.
Table 21-6 lists the RAIO fields in service-port-userlabel mode.
Table 21-6 RAIO fields in service-port-userlabel mode
Field Access Mode CID Format
CID ATM <Access-Node-Identifier> atm slot/port:vpi.vci
ETH VLAN-based multi-service: <Access-Node-Identifier> eth

slot/port:flowpara
Others: <Access-Node-Identifier> eth slot/port:vlanid
XPON VLAN-based multi-service: <Access-Node-Identifier>

xpon frame/slot/0/port:gemport.ontid.flowpara
Others: <Access-Node-Identifier> xpon frame/slot/0/port:

gemport.ontid.vlanid
RID - description-of-flow-label (flow information)

Dslforum-default
It is the default mode specified by the DSL forum. CID supports ATM/ETH/xPON access. The
RID field is null.
Table 21-7 lists the RAIO fields in dslforum-default mode.
Table 21-7 RAIO fields in dslforum-default mode

Field Access Mode Format
CID ATM <Access-Node-Identifier> atm slot/port:vpi.vci
ETH VLAN-based multi-service: <Access-Node-Identifier> eth

slot/port:flowpara
Others: <Access-Node-Identifier> eth slot/port:vlanid
XPON VLAN-based multi-service: <Access-Node-Identifier>

xpon frame/slot/0/port:gemport.ontid.flowpara
Others: <Access-Node-Identifier> xpon frame/slot/0/port:
gemport.ontid.vlanid
User-defined
This mode allows a user to specify the format of the CID/RID string. The following describes
the syntax of user-defined mode.
l Only the resolution of keyword sets and separator sets that have been defined in the
MA5606T is supported. The keyword sets involve the minimum sets of keywords defined
by TR-101 and the IAS extended keyword sets. For details, see Table 21-8.
l Maximum width
The maximum number of columns occupied by the pertaining data of a keyword. Note
that the maximum width defined in the MA5606T is greater than that specified by the
recommendations. This is because certain manufacturers require more width. The name
of an access node, namely ANID, has a maximum width of 50 bytes, which is limited
by the maximum length of the system name.
l Configurable width
The maximum number of columns occupied by the pertaining data of a keyword can
be configured. This applies to the case that the number of columns occupied does not
reach the configured width and 0 is added in front of the keyword. The syntax is keyword
0m. m indicates the number of columns occupied. For example, slot03 indicates this
field length of keyword slot is 3. If the length does not reach 3, add 0. In this way, if
the slot number is 2, it is represented by 002 in a packet.
Note that m must be lower than the maximum width. If the number of columns occupied
by the data is greater than m, output the actual number of columns.

Table 21-8 User-defined keywords

Keyword Description Configurable Width* Maximum
Width**
ANID Name of the access node No 63
ATM ATM access No 3
ETH ETH access No 3
XPON XPON access No 4
Chassis Chassis No. of the access Yes 4

node
Rack Rack No. of the access node Yes 4
Frame Shelf No. Yes 4
Slot Slot No. Yes 4
Subslot Sub slot No. Yes 4
Port Port No. Yes 4
VPI The applicable access mode Yes 4

is ATM. This VPI is the VPI
of a user.
VCI The applicable access mode Yes 5

is ATM. The VCI is the VCI
of a user.
VLANID It indicates the VLAN ID at Yes 4

the user side if the service
carried by the service port is
differentiated by such a
VLAN ID. In other cases, it
indicates the VLAN ID at the
network side.
Gemport The applicable access mode Yes 4

is GPON. It indicates the user
port No.
OntID The applicable access mode Yes 4

is GPON. It indicates the
ONT ID.
OnuID The applicable access mode Yes 4

is GPON. It indicates the
ONU ID.


Width**
Priority For the L2 PPPoE and DCHP Yes 4

option82., it is the priority of
a traffic profile configured on
a service port connected to
the user. For PPPoA-to-
PPPoE, the priority is always
6. For L3 DHCP option82,
the priority is always 2.
Plabel Label of a user port. No 32
SPlabel Label of a service port. No 63
Bslot BRAS slot No. Yes 4
Bsubslot BRAS sub slot No. Yes 4
Bporttype BRAS access mode Yes 4
XPI The attribute of a VLAN at Yes 4

the network side is stacking.
XPI indicates the VLAN ID
at the network side.
The attribute of a VLAN at

the network side is not
stacking.
XPI is always 4096.
XCI The attribute of a VLAN at Yes 5

The label of a service port.

stacking.
The VLAN ID at the network
side.
AXPI Atm Yes 4

VPI
eth and xpon

VLAN ID at the network side
AXCI Atm Yes 5

VCI


Width**
eth and xpon

If the services borne on the
service port are differentiated
by VLAN ID at the user side,
AXCI indicates the VLAN
ID at the user side. If not,
AXCI indicates the label of
the service port.
stacking. If the services
borne on the service port are
differentiated by VLAN ID
at the user side, AXCI
indicates the VLAN ID at the
user side. If not, AXCI is
always 4096.
UpRate Upstream activation rate of Yes 6

an xDSL line. The unit is
kbps.
DnRate Downstream activation rate Yes 6

of an xDSL line. The unit is
kbps.
0002 Fixed port value required by No 4

Neuf
GE Fixed access mode required No 2

by Neuf.
l If a user defines the RAIO format based on the CID, the format string must contain the
name of the access node, namely, the ANID.
l The keyword of interface type is used to identify the type of different interfaces.
l The format string is not allowed to contain the keywords applicable to different types of
interfaces. For example, the string cannot contain keywords VPI or Gemport concurrently,
or Eth or VCI concurrently.
l If the interface type is not specified, the pertaining CID/RID field of the interface is null.
l The separators indicate the pertaining symbols when a user input the RAIO string. The
symbols are added to the CID/RID field. Table 21-9 shows the RAIO separators defined
in the MA5606T.

Table 21-9 User-defined separators
Separator Symbol
Space Space " "
. Period "."
: Colon ":"
/ Forward slash "/"
- Hyphen "-"
% per cent "%"
l Other rules
– A string of 1-127 characters; lower case.
– The CID string must contain the ANID.
– The ANID must be in front of the keyword of interface type.
– All separators in front of the keyword ANID contained in the CID string, and the RAIO
separators (if any) of the system name represented by ANID, and the one separator after
ANID serve as the basis for downstream packets to identify ANID.
The following is an example of the RAIO field in user-defined mode.
Assume that:
l System name: DSLAM01
l Slot No.: 3
l Port No.: 15
l VPI: 0
l VCI: 35
l Priority: 6
The user-defined CID string is: anid atm slot/port:vpi.vci%priority
The final string is: dslam01 atm 3/15:0.35%6
21.4.3 Reference
This topic describes the reference documents of RAIO.
The following lists the reference documents of RAIO:

l DSL Forum, TR-101, "Migration to Ethernet-Based DSL Aggregation"
21.5 IP Address Binding


to pass through. This topic provides introduction to this feature and describes the principles and
reference documents of this feature.
21.5.1 Introduction
This topic describes the definition, purpose, specification, and availability of IP address binding.
21.5.2 Principle
This topic describes the implementation principles of the IP address binding feature.
21.5.1 Introduction
This topic describes the definition, purpose, specification, and availability of IP address binding.
Definition
to pass through.
Purpose
The IP address binding feature guarantees the authentication security and carriers' profits.
Specification
The MA5606T supports the following IP address binding specifications:
Static binding. The system supports binding of up to 1024 traffic streams. Each traffic stream
can be bound with 1-8 IP addresses.
Availability
l Hardware support
No additional hardware is required for supporting the IP address binding feature.
l License support
The IP address binding feature is the basic feature of the MA5606T. Therefore, no license
21.5.2 Principle
This topic describes the implementation principles of the IP address binding feature.
After a service port is bound with an IP address, the service forwarding module checks the source
IP address of user packets. If the address is not the same as that bound with the port, the
MA5606T discards the packets. Otherwise, the MA5606T allows the packets to pass through.
21.6 MAC Address Binding

only the packets with the specified MAC address can be transmitted over the network. This topic
provides introduction to this feature and describes the principles and reference documents of
this feature.

21.6.1 Introduction
This topic describes the definition, purpose, specification, and availability of MAC address
binding.
21.6.2 Principle
This topic describes the implementation principles of the MAC address binding feature.
21.6.1 Introduction
This topic describes the definition, purpose, specification, and availability of MAC address
binding.
Definition
only the packets with the specified MAC address can be transmitted over the network.
Purpose
The MAC address binding feature can effectively avoid illegal access.
Specification
The MA5606T supports the following MAC address binding specifications:
Static binding. The system supports binding of up to 1024 static MAC addresses. The number
of MAC addresses that can be bound with a traffic stream is not limited.
Availability
l Hardware support
No additional hardware is required for supporting the MAC address binding feature.
l License support
The MAC address binding feature is the basic feature of the MA5606T. Therefore, no
21.6.2 Principle
This topic describes the implementation principles of the MAC address binding feature.
To realize the binding between a MAC address and a service port, do as follows:
l Set the maximum number of MAC addresses that can be learned by a service port to 0.
l Set the static MAC address of the service port.
In this way, the service forwarding module does not learn the MAC address of the user packets.
In addition, if the MAC address is not the same as any of the static MAC address configured for
the service port, the MA5606T discards the packets.
Hence, only the packets with the specified MAC address can pass through the service port.

21.7 VMAC
Virtual MAC (VMAC) is the source MAC address allocated by the access device. In transmission
of the user packets, the access device replaces the source MAC address of the user packets with
the VMAC address. This topic provides introduction to this feature and describes the principles
21.7.1 Introduction
This topic describes the definition, purpose, specification, limitation, and availability of VMAC.
21.7.2 Principle
This topic describes the implementation principles of the VMAC feature.
21.7.1 Introduction
This topic describes the definition, purpose, specification, limitation, and availability of VMAC.
Definition
VMAC is the source MAC address allocated by the access device. In transmissions of the user
packets, the access device replaces the source MAC address of the user packets with the VMAC
address. In the upstream direction, the user source MAC address is replaced with the VMAC
address for transmissions in the network. In the downstream direction, the VMAC address is
replaced with the user source MAC address.
1:1 VMAC is a mechanism in which a user source MAC address is replaced with a VMAC
address allocated by the device.
VMAC is used to prevent user source MAC address spoofing, network-side BRAS MAC address
spoofing, and user source MAC address conflict.
Purpose
To protect the system and the carrier's network, VMAC can be enabled for the PPPoE and DHCP
access users. On the MA5606T, the user-side MAC address is replaced with a VMAC address
in the MAC address pool. In this way, the unreliable MAC addresses cannot access the carrier's
network, and the user-side MAC address conflict can be avoided.
In addition, a VMAC address can carry the information on a user port to identify the user port.
Specification
The system allocates up to 32 VMAC addresses for each physical port.
Limitation
Except that the DSLAM ID must be configured, other information related to the format of a
VMAC address is automatically generated. Figure 21-12 shows the format of a VMAC address.

Figure 21-12 Format of a VMAC address
First bits Last bits
Reserve DSLAM ID
1 0
DSLAM ID Slot ID Port ID MAC
1 1 0
First bits Last bits
Availability
l Hardware support
All the broadband access service boards support the VMAC feature.
l License support
The VMAC feature is an optional feature of the MA5606T. Therefore, the license is
21.7.2 Principle
This topic describes the implementation principles of the VMAC feature.
In a current IP access network based on the L2 Ethernet forwarding, because the MA5606T is
mainly based on the L2 forwarding, unreliable user-side MAC address results in MAC address
spoofing, which affects the normal provisioning of the user service.
To solve this problem, the MA5606T provides the VMAC function to prevent MAC address
spoofing and to support the query of the information on the user port and the lines.
VMAC Address Switching Process

In the MA5606T system, the VMAC feature is implemented as follows:
l For the upstream Ethernet frames, the MA5606T replaces source MAC U with generated
MAC X.
l For the downstream Ethernet frames, the MA5606T restores destination MAC X to user
MAC U.
NOTE
l MAC U: source MAC address in the user packet.

l MAC X: VMAC address allocated by the MA5606T.
l MAC B: destination MAC address in the user packet.
The specific VMAC address switching process is as shown in Figure 21-13.

Figure 21-13 VMAC address switching process

Network side
User side
SA= DA= Remainder SA= DA= Remainder

MAC U MAC B of Frame MAC X MAC B of Frame
U--->X MAC B
User U<---X
SA= DA= Remainder SA= DA= Remainder
MAC B MAC U of Frame MAC B MAC X of Frame
MA5606T
SA: Source MAC Address
DA: Destination MAC Address
1. The mapping relation is established between MAC U and MAC X. The service board learns
the source MAC address of the upstream packets, and then selects MAC X from the 32
VMAC addresses allocated to the port to replace the source MAC address in the upstream
packets, and establishes the mapping relation between MAC U and MAC X.
2. The service board learns the user-side source MAC address.
3. MAC X ages periodically. In case of aging, the relation between MAC U and MAC X is
cancelled.
4. The MA5606T learns source MAC X of the upstream packets.
5. The MA5606T forwards the packets based on VLAN+DMAC of the downstream streams,
where DMAC is MAC X. If a DMAC address is a broadcast MAC address, the packets are
broadcast within the VLAN.
6. The service board forwards the packets based on VLAN+DMAC, where DMAC is MAC
X. When the packets are forwarded to the user port, MAC X is replaced with MAC U. If
a DMAC address is a broadcast MAC address, the packets are broadcast within the VLAN.
Rules for VMAC Address Allocation

In the MA5606T system, the format of a VMAC address is as shown in Figure 21-12. the policy
for allocating VMAC addresses is as follows:
l In the format of a VMAC address, the information with fixed values represents the
unchangeable information of the VMAC address. For example, a vendor ID is a unique ID
for a certain equipment vendor.
l The DSLAM ID must be configured through the command line interface (CLI).
l The MA5606T automatically allocates the slot ID and port ID based on the actual slot/port
ID of a physical port.
l The MA5606T allocates MAC indexes for users with different source MAC addresses. The
indexes increase from 1 to 32 by degrees.
l Reserve refers to reserved information.
Locating the Actual User Information Through VMAC

In the MA5606T system, if the VMAC function is successfully enabled, the system obtains the
physical information about the user port status and the line status based on the VMAC address.
This helps to locate the actual user information.
Based on the VMAC address, the mapping relation between the user-side MAC address and the
VMAC address can be obtained by:

l The physical location of the user port (shelf/slot/port number)

l The referenced PVC (VPI/VCI) of the user
l The service port of the user
21.8 SMAC
supported by the MA5606T. This topic provides the definition, principles, and reference of the
SMAC feature.
21.8.1 Introduction
SMAC feature.
21.8.2 Principles
This topic describes the working principles of the SMAC feature.
21.8.3 Reference
This topic provides the reference documents of the SMAC feature.
21.8.1 Introduction
SMAC feature.
Definition
supported by the MA5606T.
Purpose
To reduce the number of MAC addresses at the convergence layer, thus lowering the
requirements for the MAC address entries of the convergence-network devices, you can enable
the SMAC function. SMAC can prevent insecure actions, such as the forwarding of the
convergence network caused by forged MAC addresses of subscribers.
Specifications
The MA5606T supports the following SMAC specifications:
l Globally setting and querying the single-MAC allocation mode of the PPPoE subscriber
l Globally setting and querying the single-MAC allocation mode of the PPPoA subscriber
l Creating and deleting the entry of the PPPoE single-MAC online subscriber
l Setting and querying the MAC address of the board
l Querying and clearing the statistics of the PPPoE single-MAC subscriber packets
l Setting and querying the number of single-MAC sessions for an xDSL port
l Setting and querying the number of single-MAC sessions for a GPON traffic stream
l Co-existence of PPPoE single-MAC, PPPoA single-MAC, and PPPoE+

Limitation
l PPPoE single-MAC and anti MAC spoofing are mutually exclusive. If they are enabled at
the same time, PPPoE single-MAC takes precedence over anti MAC spoofing.
l If you change the MAC address allocation mode when there are online PPPoE subscribers,
the subscribers will get offline.
Availability
l Hardware Support
The xDSL, OPFA, and GPON service boards support this feature.
The ETHA/ETHB board does not support this feature.
l License Support
SMAC is a basic feature of the MA5606T. Therefore, no license is required for accessing
the corresponding service.
21.8.2 Principles
This topic describes the working principles of the SMAC feature.
The SMAC feature is a security solution put forth by Huawei.
The SMAC system architecture supports the following two independent application models:
l PPPoA single-MAC service model
l PPPoE single-MAC service model
PPPoA Single-MAC Service Model

Figure 21-14 shows the PPPoA single-MAC service model.
Figure 21-14 PPPoA single-MAC service model

PPPoA terminal IP DSLAM BRAS
LCP negotiation
PPPoE PADI
IP DSLAM caches LCP packet
and assigns a MAC address for PPPoE PADO
the PPPoA connection from
the pre-configured PPPoE PADR
MAC pool.
PPPoE PADS
IP DSLAM sends cached
Session ID setup
LCP packet through
the PPPoE tunnel. PPP LCP over PPPoE
Terminal and BRAS set up PPP link through the PPPoE tunnel.
Data Data
PPP PPP
AAL5/1483B PPPoE
ATM PVC Ethernet

The process of the PPPoA single-MAC service is as follows:

1. After you set the MAC address allocation mode to the single-MAC mode, the PPPoA
sessions of all the boards globally adopt the MAC address of the board as the source MAC
address.
2. After receiving the LCP Config-Req packet from a PPPoA subscriber, the MA5606T
buffers the packet and initiates a PPPoE session. In this session, the PADI packet is
broadcast, and its source MAC address is the MAC address allocated to the PPPoA
subscriber by the MA5606T.
3. The BRAS sends the PADO packet to the MA5606T.
4. The MA5606T obtains the MAC address of the BRAS and sends the PADR packet to the
BRAS.
5. The BRAS sends the PADS packet to the MA5606T.
6. After obtaining the session ID, the MA5606T sends the buffered LCP Config-Req packet
to the BRAS and enters the PPPoE session stage.
7. The subscriber sends a PPP packet. Then, the MA5606T encapsulates the packet into a
PPPoE packet according to the MAC address of the BRAS and the MAC address allocated
to the subscriber by the MA5606T, and sends the packet to the BRAS. In the case of
downstream packets, the MA5606T performs a reverse processing.
8. The BRAS sends the PADT packet, or the PPPoA subscriber sends the LCP Configure
Terminate packet to terminate the session.
PPPoE Single-MAC Service Model

Figure 21-15 shows the PPPoE single-MAC service model.
Figure 21-15 PPPoE Single-MAC Service Model
IP DSLAM recovers the DMAC

to the UMAC and sends it to IP DSLAM replaces the UMAC with
the subscriber terminal the VMAC and adds the subscriber
information to the Relay-Session-ID
PPPoE terminal IP DSLAM field of the packets BRAS
PPPoE PADI PPPoE PADI + Relay-session-ID
PPPoE PADO PPPoE PADO + Relay-session-ID
PPPoE PADR PPPoE PADR + Relay-session-ID
PPPoE PADS PPPoE PADS + Relay-session-ID
Session ID setup
PPP LCP over PPPoE

MAC1
MAC2
……
At the PPPoE session stage,
on the DSLAM the downstream
MAC1 MAC address of taffic is forwarded by session ID.
the line card
MAC2
……

The process of the PPPoE single-MAC service is as follows:
1. After you set the MAC address allocation mode to the single-MAC mode, the PPPoE
sessions of all the boards globally adopt the MAC address of the board as the source MAC
address.
2. At the PPPoE discovery stage, the PPPoE packets exchanged between the MA5606T and
the BRAS contain the Relay-Session-ID of the subscriber. After receiving a PPPoE packet
from the subscriber, the MA5606T replaces the source MAC address of the packet with
the single-MAC address of the board, inserts the Relay-Session-ID of the subscriber into
the packet, and then forwards the packet to the BRAS. The Relay-Session-ID is mainly the
index of the subscriber on the host.
3. After receiving the PPPoE packet containing the Relay-Session-ID of the subscriber from
the BRAS, the MA5606T analyzes the Relay-Session-ID, replaces the source MAC address
of the PPPoE packet with the MAC address of the PPPoE subscriber, and then forwards
the packet to the subscriber.
4. When the PPPoE discovery stage is terminated, the MA5606T generates the SMAC
hardware forwarding entry. In the follow-up operations, the MA5606T forwards the service
data according to the Session-ID of each PPPoE session.
5. At the PPPoE discovery stage, if the subscriber packet carries the subscriber Relay-Session-
ID, the PPPoE response packet sent by the BRAS needs to carry the subscriber Relay-
Session-ID.
21.8.3 Reference
This topic provides the reference documents of the SMAC feature.

l IETF RFC2364: PPP Over AAL5
l IETF RFC2516: A Method for Transmitting PPP Over Ethernet (PPPoE)
l DSL Froum TR-101: Migration to Ethernet-Based DSL Aggregation
21.9 Anti-MAC Spoofing

the system using a forged MAC address. This topic provides introduction to this feature and
21.9.1 Introduction
This topic describes the definition, purpose, specification, and availability of anti-MAC
spoofing.
21.9.2 Principle
This topic describes the implementation principles of the anti-MAC spoofing feature.
21.9.1 Introduction
This topic describes the definition, purpose, specification, and availability of anti-MAC
spoofing.

Definition
MAC spoofing attack means that a user forges a valid MAC address to attack a system.
If the forged MAC address is the MAC address of a valid user, the attack affects services of the
user.
If the forged MAC address is the MAC address of a system, or a large number of forged packets
of different MAC addresses are sent to the system, the attack might affect the system operation.
The system might even get down due to the attack.
the system using a forged MAC address.
Purpose
To guarantee the system security and carriers' network security, the MA5606T prevents the MAC
spoofing attack in the following ways:
l For PPPoE and DHCP access users, the MA5606T disables the dynamic MAC address
learning feature, and allows only the packets of trusty MAC addresses to pass through a
port. This avoids a large number of packets of suspect MAC addresses from entering
carriers' networks.
l The MA5606T can detect and forbid a malicious user to forge the MAC address of an online
valid user. This guarantees that the services provisioned to all the valid users are not
affected.
Specification
The MA5606T supports the following anti-MAC spoofing specifications:
Dynamic binding. The system supports binding of up to 8K dynamic MAC addresses:
l The system can be bound with up to 8K traffic streams.
l Each traffic stream can be bound with up to eight MAC addresses.
l If each traffic stream is bound with eight MAC addresses, then the system can be bound
with up to 1024 traffic streams.
l Disable the MAC address learning function.
Availability
l Hardware support
All the broadband access service boards support the anti-MAC spoofing feature.
l License support
The anti-MAC spoofing feature is the basic feature of the MA5606T. Therefore, no license
21.9.2 Principle
This topic describes the implementation principles of the anti-MAC spoofing feature.
Anti-MAC Spoofing (PPPoE Users)

For a PPPoE user, the MA5606T realizes the anti-MAC address spoofing in this way:

1. With the anti-MAC spoofing switch enabled, the MA5606T binds the user account with
the user's MAC address according the PPPoE packets received.
2. The MA5606T discards the data packets sent before the binding.
3. If the source MAC address contained in the data packets is the same as the one bound, the
MA5606T transmits the packets in the upstream direction, or else the MA5606T discards
the packets.
4. When the user gets offline, the MA5606T cancel the binding between the user account and
the MAC address.
Anti-MAC Spoofing (DHCP Users)

For a DHCP user, the MA5606T realizes the anti-MAC address spoofing in this way:
1. With the anti-MAC spoofing switch enabled, the MA5606T binds the user account with
the user's MAC address according the DHCP packets received.
3. If the source MAC address contained in the data packets is the same as the one bound, the
the packets.
the MAC address.
21.10 Anti-IP Spoofing

Anti-IP spoofing attack is a user security mechanism in which the system takes measures to
prevent a user from attacking the system using a forged IP address. This topic provides
21.10.1 Introduction
This topic describes the definition, purpose, specification, limitation, and availability of anti-IP
spoofing.
21.10.2 Principle
This topic describes the implementation principles of the anti-IP spoofing feature.
21.10.1 Introduction
This topic describes the definition, purpose, specification, limitation, and availability of anti-IP
spoofing.
Definition
IP spoofing attack means that a user forges a valid IP address to attack a system.
Anti-IP spoofing attack means the system takes measures to prevent a user from attacking the
system using a forged IP address.
Purpose
To guarantee the system security and carriers' network security, the MA5606T needs to prevent
the IP spoofing attack.

For DHCP access users, the MA5606T enables the feature of anti-IP spoofing, and allows only
the packets of trusty IP addresses allocated by the DHCP server to pass through a port. This
avoids the packets of forged or suspect IP addresses from entering carriers' networks.
Specification
The MA5606T supports the following anti-IP spoofing specifications:
Dynamic binding.
l The system supports binding of up to 8K dynamic IP addresses.

l The system can be bound with up to 8K traffic streams.
l Each traffic stream can be bound with up to eight IP addresses.
l If each traffic stream is bound with eight IP addresses, then the system can be bound with
up to 1024 traffic streams.
Limitation
Do not manually configure the binding between the user account and the IP address for a DHCP
user. The anti-IP spoofing feature allows the MA5606T to control the packets from the user.
For a user with a static IP address, the static IP address needs to be bound manually. In this way,
the MA5606T can control the IP address over the network.
Availability
l Hardware support
No additional hardware is required for supporting the anti-IP spoofing feature.
l License support
The anti-IP spoofing feature is the basic feature of the MA5606T. Therefore, no license is
21.10.2 Principle
This topic describes the implementation principles of the anti-IP spoofing feature.
The MA5606T realizes the anti-IP address spoofing in the following way:
1. With the anti-IP spoofing switch enabled, the MA5606T binds the user account with the
user's IP address according the DHCP packets received to generate the IP binding list.
3. If the source IP address contained in the data packets is the same as the one bound, the
the packets.
4. The system filters the IP packets based on the IP binding list. Meanwhile, the system filters
the user ARP packets.
l If the IP packets with a certain source IP address are allowed to pass, the ARP packets
with the same source IP address are also allowed to pass.
l If the IP packets with a certain source IP address cannot pass, neither can the ARP
packets with the same source IP address pass.

the IP address.

Feature Description 22 Subtended Network Configuration
22 Subtended Network Configuration
About This Chapter
A subtended network configuration is a configuration in which the MA5606T series devices are
subtended in several tiers through the FE/GE ports.
22.1 Introduction
acronyms and abbreviations related to a subtended network configuration.
22.2 Principle
This topic describes the operating principles of a subtended network configuration.
22.3 Reference
This topic describes the reference documents of a subtended network configuration.

22 Subtended Network Configuration Feature Description
22.1 Introduction
acronyms and abbreviations related to a subtended network configuration.
Definition
A subtended network configuration is a configuration in which the MA5606T series devices are
subtended in several tiers through the FE/GE ports.
Purpose
Subtended network configurations make the networking of the MA5606Ts more flexible, thus
saving the upstream optical fiber resources of the access point. The remote subtended network
configurations save the convergence equipment resource, simplify the networking, and facilities
the service configuration.
Specification
The MA5606T supports the following subtending specifications:
l The subtending ports of the MA5606T are provided by the MCUC board.
l Each MCUC board provides GE/FE/GPON optical port as the upstream ports or subtending
ports.
l It is recommended that up to seven nodes can be included in an RSTP/MSTP subtended
network.
Glossary
Table 22-1 lists the glossary of technical terms related to a subtended network configuration.
Table 22-1 Glossary of technical terms related to a subtended network configuration
Glossary Definition
Local subtended network configuration Subtending of multiple shelves in a cabinet,

or subtending of multiple shelves in different
local cabinets.
Remote subtended network configuration Subtending of remote shelves or other

DSLAM devices through fibers.

Table 22-2 lists the acronyms and abbreviations related to a subtended network configuration.

Feature Description 22 Subtended Network Configuration
Table 22-2 Acronyms and abbreviations related to a subtended network configuration

Acronym Full Expansion
RSTP Rapid Spanning Tree Protocol
MSTP Multiple Spanning Tree Protocol
22.2 Principle
This topic describes the operating principles of a subtended network configuration.
22.3 Reference
This topic describes the reference documents of a subtended network configuration.
The following lists the reference documents of a subtended network configuration:
l IEEE 802.1w Rapid Spanning Tree

Feature Description 23 Ethernet OAM
23 Ethernet OAM
About This Chapter
Operations, administration and maintenance (OAM) means a tool for monitoring and diagnosing
network faults.
23.1 Ethernet CFM OAM

Ethernet CFM OAM provides an end-to-end fault detection solution to monitor, diagnose, and
troubleshoot the Ethernet. This topic provides introduction to this feature and describes the
principles and reference documents of this feature.
23.2 Ethernet EFM OAM
Ethernet EFM OAM provides a mechanism for monitoring links. It is a mechanism at the datalink
layer, as a complement of the higher layer applications. This topic provides introduction to this

23 Ethernet OAM Feature Description
23.1 Ethernet CFM OAM

Ethernet CFM OAM provides an end-to-end fault detection solution to monitor, diagnose, and
troubleshoot the Ethernet. This topic provides introduction to this feature and describes the
principles and reference documents of this feature.
23.1.1 Introduction
CFM OAM.
23.1.2 Principle
This topic describes the implementation principles of Ethernet CFM OAM.
23.1.3 Reference
This topic describes the reference documents of Ethernet CFM OAM.
23.1.1 Introduction
CFM OAM.
Definition
In a broad sense, operations, OAM means a tool for monitoring and diagnosing network faults.
Ethernet OAM is defined as Connectivity Fault Management in IEEE 802.1ag to provide an
end-to-end fault detection and diagnosis solution.
Purpose
Ethernet is a widely used local area network technology because of its rich bandwidth, low cost,
convenience for plug-and-play, and support of multipoint operations.
As the Ethernet technology is gradually developing from carriers' networks to metropolitan area
networks (MANs) and wide area networks (WANs), the network management and maintenance
are increasingly important. Currently, however, Ethernet has no carrier-class management
capability, and thus fails to detect the L2 network faults.
Ethernet OAM provides an end-to-end fault detection solution to monitor, diagnose, and
troubleshoot the Ethernet.
Specification
The MA5606T supports the following Ethernet OAM specifications:
l Up to three maintenance domains (MDs)
l Up to 48 maintenance associations (MAs)
l Up to 48 MAs in an MD
l Support of a maintenance end point (MEP) and up to six remote maintenance end points
(RMEPs) by each MA
l LB and CC functions for a user-side CVLAN

l Transparent transmission of ETH OAM CFM packets from the user side to the network
side
Limitation
The MA5606T Ethernet OAM has the following limitations:
l If 48 MAs are configured in MD 0, no MA can be configured in MD 1 or MD 2.

l MEPs can be configured only on the upstream ports and the ports in the Ethernet subtending
board.
l The system supports neither maintenance association intermediate points (MIPs) nor
internal ports.
Availability
l Hardware support
The control board (MCUA) supports the Ethernet CFM OAM feature.
l License support
The Ethernet CFM OAM feature is an optional feature of the MA5606T. Therefore, the
23.1.2 Principle
This topic describes the implementation principles of Ethernet CFM OAM.
NOTE
The MEP refers to the port in the MA5606T herein unless otherwise specified.
Ethernet CFM
Ethernet CFM includes connectivity check, loopback detection, and linktrace (LT).
Figure 23-1 shows the connectivity check.
Figure 23-1 Connectivity check

Link 1 Link 2 Link 3 Link 4
MA5606T-1 Switch Switch MA5606T-2
Connectivity check message
To connect two MA5606Ts, configure the two MA5606Ts in the same MA (MA 0) of the same
MD (MD 0), and configure MA5606T-1 (MEP ID: 300) and MA5606T-2 (MEP ID: 5606) as
two MEPs. After Ethernet OAM is enabled, all MEPs initiatively send connectivity check
messages at intervals and receive the connectivity check messages from other MEPs.

Connectivity Check
The network connectivity is monitored through the connectivity check messages transmitted at
intervals to a multicast domain. The process is as follows:
l Each MEP (such as MA5606T-1) initiatively sends connectivity check messages at

intervals. A connectivity check message contains the configuration information of
MA5606T-1.
l Each MEP (such as MA5606T-2) can receive connectivity check messages without sending
the response messages. When MA5606T-2 receives the messages from any other MEP, it
checks the information contained in the messages.
l If an MEP fails to receive any messages or receives undesired messages within a certain
period of time, it indicates that the network fails.
As shown in Figure 23-1, if link 1 fails, MEP 5606 will fail to receive any connectivity check
message from MEP 300 within a certain period of time. In this case, MEP 5606 reports a message
loss alarm. In this way, the users of MA5606T-2 can know the connectivity with other networks
(such as the network in which MA5606T-1 is located).
Loopback Detection Messages and Responses
A loop message is sent from an MEP to a specified MIP or MEP to help locate the fault. The
MIP or MEP ahead of the fault location can respond to the loopback message, but the MIP or
MEP after the fault location fails to respond to the loopback message. In this way, the fault is
located accurately.
Figure 23-2 shows the loopback detection.
Figure 23-2 Loopback detection
MEP 300 MIP-0 MIP-1

MEP 5606
Loopback detection message

Loopback detection response
As shown in Figure 23-2:
1. MEP 300 sends a loopback detection message to MEP 5606.

2. After MEP 5606 receives the detection message, it sends a response message to MEP 300.
LT Messages and Responses
An LT message is used for checking the MIP path between two MEPs. All the MIPs in a link
respond to the MEP that initiates an LT message, and forward the LT message until the message
reaches the destination MIP/MEP.

If the destination point is an MEP, each MIP in an MA responds to the source MEP. Through
the received response, the source MEP knows the MAC addresses and locations of all the MIPs
as well as the link where the fault has occurred.
Figure 23-3 shows the LT.
Figure 23-3 LT
MIP-1
MEP 300
MIP-0 MIP-2 MEP 5606
LT message
LT response
1. MEP 300 sends an LT message to MEP 5606.

2. After receiving the message, an MIP between MEP 300 and MEP 5606 sends a response
to MEP 300 and forwards the message.
3. After receiving the message, MEP 5606 does not forward it, but sends a response directly
to MEP 300.
23.1.3 Reference
This topic describes the reference documents of Ethernet CFM OAM.
The following lists the reference documents of Ethernet CFM OAM:
l IEEE P802.1ag/D6.0, Connectivity Fault Management
23.2 Ethernet EFM OAM

Ethernet EFM OAM provides a mechanism for monitoring links. It is a mechanism at the datalink
layer, as a complement of the higher layer applications. This topic provides introduction to this
23.2.1 Introduction
This topic describes the definition, purpose, specification, and availability of Ethernet EFM
OAM.
23.2.2 Principle
This topic describes the implementation principles of the Ethernet EFM OAM feature.
23.2.3 Reference
This topic describes the reference documents of Ethernet EFM OAM.

23.2.1 Introduction
This topic describes the definition, purpose, specification, and availability of Ethernet EFM
OAM.
Definition
OAM provides the capability for the network administrators to monitor the network health
conditions and to locate the faulty links and the faults.
Ethernet of First Mile (EFM) OAM is defined in IEEE 802.3ah Clause 57 by the IEEE EFM
Workgroup. It is an important part of Ethernet OAM. Ethernet EFM OAM provides a mechanism
for monitoring links, such as remote defect indication (RDI) and remote loopback control. It is
a mechanism at the datalink layer, as a complement of the higher layer applications.
Purpose
The MA5606T supports EFM OAM to obtain the alarm information such as RDI from the
Ethernet terminals and supports the exchange of the OAM Packet Data Units (OAMPDUs) to
obtain the information about the terminal device vendors.
Specification
The MA5606T supports the following Ethernet EFM OAM specifications:
l The MA5606T supports transmission, reception, and processing of Information
OAMPDUs to perform the OAM discovery and obtain the information about the terminal
device vendors.
l The MA5606T supports resolution of the received Event Notification OAMPDUs.
l The MA5606T supports remote loopback and the multiplexer state machine.
l The MA5606T supports transparent transmission of 802.3ah OAMPDUs from the user side
to the network side when the BPDU transparent transmission function is enabled.
Availability
l Hardware support
The OPFA, VDSA/VDTF, VDRD, VDMF and VDNF supports the Ethernet EFM OAM
feature.
l License support
The Ethernet EFM OAM feature is an optional feature of the MA5606T. Therefore, the
23.2.2 Principle
This topic describes the implementation principles of the Ethernet EFM OAM feature.
Figure 23-4 shows the networking of an Ethernet EFM OAM application.
Figure 23-4 Networking of an Ethernet EFM OAM application

Ethernet OAM packet
Ethernet link
ONU
OLT

Similar to the LACP packets, the EFM OAM packets are exchanged between two neighboring
entities on a link, and are not forwarded out of the link.
Main Functions of EFM OAM

The main functions of EFM OAM are as follows:
l RDI: If an Ethernet link between an ONU and an OLT supports the unidirectional
transmission (that is, when one direction is faulty, the other direction still can transmit data),
the end that receives the fault can transmit special OAMPDUs to notify the remote end of
the local fault.
l Remote loopback: The local end enables the remote end to change to the loopback state by
transmitting special OAMPDUs. After the remote end changes to the loopback state, the
packets from the local end to the remote end are looped back intactly, except OAMPDUs.
l Link detection: Some special events are defined. For example, if the number of errored
frames received within a certain period exceeds the threshold, the remote end is notified of
the information by the special OAMPDUs.
OAMPDUs
In addition to the RDI, remote loopback, and link detection functions, EFM OAM is also a
discovery mechanism, namely, an extended mechanism to the higher layer applications. The
earlier mentioned functions are implemented by the exchange of the following types of
OAMPDUs between two neighboring entities on an Ethernet link.
l Information OAMPDUs: They are used to transmit the OAM status information to the
remote end, including the OAM capability, Multiplexer and Parser status of the local end,
and whether the local end meets the OAM status requirement of the remote end. The OAM
capability herein refers to:
– Whether the unidirectional transmission is supported because this capability directly
determines whether RDI is supported.
– Whether the response to the variable request is supported. That is, whether the query of
the local end information is supported.
– Whether remote loopback is supported. That is, whether the local end changes to the
loopback state based on the setting on the remote end.
– Whether the link resolution event is supported. That is, whether the link events from
the remote end can be processed.
Information PDUs also include the Organizationally Unique Identifier (OUI) field, and the
Vendor Specific Information field, through which the vendor information of the remote
end is obtained.
l Event Notification OAMPDUs: They are used to notify the remote end of specific events,
such as how many errored frames are received in a certain period and what is the threshold
of the errored frames.
l Variable Request OAMPDUs: They are used to query one or more MIB variables to the
remote end, such as the number of correctly received or transmitted frames.
l Variable Response OAMPDUs: They are used to return one or more MIB variables to the
remote end after the Variable Request OAMPDUs are received.

l Loopback Control OAMPDUs: They are used to control the loopback state of the remote
end. When the remote end is in the loopback state, the data frames received by the remote
end are looped back to the local end, except OAMPDUs.
23.2.3 Reference
This topic describes the reference documents of Ethernet EFM OAM.
The following lists the reference documents of Ethernet EFM OAM:
l IEEE 802.3ah: Operations, Administration, and Maintenance (OAM)

Feature Description 24 VoIP
24 VoIP
About This Chapter
The VoIP service is a solution in which the voice compression technology is adopted and the
voice service is transmitted over the IP network.
24.1 Basic Features of VoIP

voice service is transmitted over the IP network. This topic provides introduction to this feature
24.2 VoIP (H.248)
The VoIP can be implemented based on the H.248 protocol. This topic provides introduction to
24.3 VoIP (MGCP)
The VoIP can be implemented based on the MGCP protocol. This topic provides introduction
to this feature and describes the principles and reference documents of this feature.
24.4 VoIP (SIP)
The VoIP can be implemented based on the SIP protocol. This topic provides introduction to

24 VoIP Feature Description
24.1 Basic Features of VoIP

voice service is transmitted over the IP network. This topic provides introduction to this feature
24.1.1 Introduction
This topic describes the definition, purpose, specification, and availability of VoIP.
24.1.2 Reference
This topic describes the reference documents of VoIP.
24.1.1 Introduction
This topic describes the definition, purpose, specification, and availability of VoIP.
Definition
The voice over IP (VoIP) service is a solution in which the voice compression technology is
adopted and the voice service is transmitted over the IP network.
Currently, there are three VoIP modes:
l PC to PC
The target users are teenagers.
l PC to phone
The target users are middle-aged and young people (such as international students) who
are sensitive to the communication prices.
l Phone to phone
The target users are traditional POTS users. The voice service is provided by the carrier
through the NGN softswitch network.
The description herein is based on the VoIP service in phone to phone mode.
Purpose
The voice service that is processed by the voice compression technology and transmitted over
the IP network can save the bandwidth resource and reduce the costs.
Specification
The MA5606T supports the following VoIP specifications:
l Up to 128 VoIP users

l The H.248/MGCP/SIP protocols
l GE cell bus and distributed DSP structure
– The DSP resource is distributed to the subscriber boards, and sufficient DSP resource
is allocated to their respective users.

– The fault of the DSP resources on a subscriber board does not affect users on other
boards.
l Table 24-1 lists the supported services.
Table 24-1 List of the VoIP services supported by the MA5606T

Type Service
Basic services Voice service, fax service, and modem service
Supplementary services Three-party service, call waiting, call transfer, message

waiting indication, calling party identification display, and
calling party identification limitation
Intelligent services 800 service and card service
Availability
l Hardware support
The VoIP forwarding logic subboard (FLBA) is required for supporting the VoIP feature.
l License support
The ACL feature is an optional feature of the MA5606T. Therefore, the license is required
24.1.2 Reference
This topic describes the reference documents of VoIP.
The following lists the reference documents of VoIP:
l ITU-T.H.248 Annex M2: Media Gateway resource congestion handling package
l ITU-T.H.248 Annex M4: H.248 packages for H.323 and H.324 interworking
l RFC3435: Media Gateway Control Protocol (MGCP) Version 1_0
l RFC3660: Basic Media Gateway Control Protocol (MGCP) Packages
l RFC3661: Media Gateway Control Protocol (MGCP) Return Code Usage
l IETF RFC 3261: Session Initiation Protocol
l TISNPAN TS 183 043: TISPAN NGN IMS-based PSTN/ISDN Emulation Call Control
Protocols Stage 3
24.2 VoIP (H.248)

The VoIP can be implemented based on the H.248 protocol. This topic provides introduction to
24.2.1 Introduction
This topic describes the definition, purpose, and specification of VoIP based on the H.248
protocol.
24.2.2 Principle
This topic describes the implementation principles of VoIP based on the H.248 protocol.

24.2.1 Introduction
This topic describes the definition, purpose, and specification of VoIP based on the H.248
protocol.
Definition
H.248 is a gateway control protocol. The media gateway controller (MGC, namely, the
softswitch) controls the media gateways (MGs) through the H.248 protocol so that various media
can communicate with each other. The ITU-T issued the first standard H.248: Version 1 of the
H.248 protocol in June, 2006.
H.248-based VoIP feature refers to the interconnection inside the IP network through H.248,
which provides the VoIP service.
Compared with the Media Gateway Control Protocol (MGCP), the H.248 protocol has the
following advantages:
l The H.248 protocol supports more types of access technologies.
l The H.248 protocol overcomes the description shortcomings of the MGCP protocol, and
supports the larger-scale network applications. Moreover, the H.248 protocol is more
flexible because the protocol can be easily expanded.
l The MGCP messages are borne on only the User Datagram Protocol (UDP), but the H.248
messages can be borne by various protocols, such as UDP, TCP, and the Simple Control
Transmission Protocol (SCTP).
24.2.2 Principle
This topic describes the implementation principles of VoIP based on the H.248 protocol.
Figure 24-1 shows the principle of the VoIP feature based on the H.248 protocol.
Figure 24-1 Principle of the VoIP feature based on the H.248 protocol
Softswitch (MGC)
H.248 H.248
MA5606T-0 MA5606T-1
Call
RTP Stream
Context
A0 A1

The basic process of call establishment and call release is as follows:

1. MA5606T-0 detects that user A0 picks up the telephone, and then reports the off-hook
event to the softswitch through the Notify command.
2. After receiving the off-hook event, the softswitch sends the digitmap to MA5606T-0,
requires MA5606T-0 to play the dial tone for user A0, and then detects the number
receiving.
3. When user A0 dials a number, MA5606T-0 receives the number according to the digitmap
delivered by the softswitch, and reports the matching results to the softswitch.
4. The softswitch sends the Add command to MA5606T-0 for creating the context and adding
the termination and RTP termination of user A0 into the context.
5. After creating the context, MA5606T-0 responds to the softswitch. The session description
in the response provides the information on the grouping requirement from the peer end,
such as the IP address or the UDP port number.
6. The softswitch sends the Add command to MA5606T-1 for creating the context and adding
the termination and RTP termination of user A1 into the context, and then delivers the IP
address or UDP port number of user A0 to user A1.
7. After creating the context, MA5606T-1 responds to the softswitch. The session description
in the response provides the information on the grouping requirement from the peer end,
such as the IP address or the UDP port number.
8. MA5606T-1 detects that user A1 picks up the telephone, and then reports the off-hook
event to the softswitch. The softswitch runs the Modify command to stop the ring-back
tone of user A0 and the ringing tone of user A1.
9. The softswitch runs the Modify command to deliver the session description of
MA5606T-1 to user A0, and then users A0 and A1 can communicate with each other.
10. MA5606T-0 detects that user A0 puts down the telephone, and then reports the on-hook
11. The softswitch sends the Modify command to MA5606T-0 and MA5606T-1 respectively
to modify the RTP as "receive only."
12. The softswitch sends the Modify command to MA5606T-1 to require the busy tone for user
A1, and detects the on-hook event.
13. The softswitch sends the Subtract command to MA5606T-0, releasing the resources applied
for user A0's call.
14. MA5606T-1 detects that user A1 puts down the telephone, and then reports the on-hook
15. The softswitch sends the Subtract command to MA5606T-1, releasing the resources applied
for user A1's call.
16. The call between users A0 and A1 ends, and all the resources are released.
24.3 VoIP (MGCP)

The VoIP can be implemented based on the MGCP protocol. This topic provides introduction
to this feature and describes the principles and reference documents of this feature.
24.3.1 Introduction
This topic describes the definition, purpose, and specification of VoIP based on the MGCP
protocol.

24.3.2 Principle
This topic describes the implementation principles of VoIP based on the MGCP protocol.
24.3.1 Introduction
This topic describes the definition, purpose, and specification of VoIP based on the MGCP
protocol.
Definition
The MGCP protocol formulated by the IETF defines a call control structure in which call control
and service bearing are separated. The call control function is independent of the gateway, and
is processed by the MGC.
Therefore, essentially the MGCP protocol is a master/slave protocol. That is, the MG establishes
various service connections under control of the MGC.
24.3.2 Principle
This topic describes the implementation principles of VoIP based on the MGCP protocol.
Figure 24-2 shows the principle of the VoIP feature based on the MGCP protocol.
Figure 24-2 Principle of the VoIP feature based on the MGCP protocol
Softswitch (MGC)
MGCP MGCP
MA5606T-0 MA5606T-1
Call
RTP Stream
Context
EP0 EP1
The basic process of call establishment and call release is as follows:
1. MA5606T-0 detects that user EP0 picks up the telephone, and then reports the off-hook

2. After receiving the off-hook event, the softswitch sends the digitmap to MA5606T-0,
requires MA5606T-0 to play the dial tone for user EP0, and then detects the number
receiving.
3. When user EP0 dials a number, MA5606T-0 receives the number according to the digitmap
delivered by the softswitch, and reports the matching results to the softswitch.
4. The softswitch sends the CRCX command to the MA5606T-0 for establishing a connection
on the EP0 port.
5. MA5606T-0 distributes source for the connection, and responds to the softswitch. The
session description in the response provides the information on the grouping requirement
from the peer end, such as the IP address or the UDP port number.
6. The softswitch sends the CRCX command to the MA5606T-1 for establishing a connection
on the EP1 port.
7. MA5606T-1 distributes source for the connection, and responds to the softswitch. The
session description in the response provides the information on the grouping requirement
from the peer end, such as the IP address or the UDP port number.
8. MA5606T-1 detects that user EP1 picks up the telephone, and then sends the Notify
message to the softswitch. The softswitch runs the MDCX command to stop the ring-back
tone of user EP0 and the ringing of user EP1.
9. The softswitch runs the MDCX command to deliver the session description of
MA5606T-1 to user EP0, and then users EP0 and EP1 can communicate with each other.
10. MA5606T-0 detects that user EP0 puts down the telephone, and then reports the on-hook
event to the softswitch through the NTFY command.
11. The softswitch sends the MDCX command to MA5606T-0 and MA5606T-1 respectively
to modify the RTP as "receive only."
12. The softswitch sends the MDCX command to MA5606T-1 to require the busy tone for user
EP1, and detects the on-hook event.
13. The softswitch sends the DCLX command to the MA5606T-0, releasing the resources
applied for user EP0's call.
14. MA5606T-0 detects that user EP1 puts downs the telephone, and then reports the on-off
15. The softswitch sends the DCLX command to MA5606T-1, releasing the resources applied
for user EP1's call.
16. The call between users EP0 and EP1 ends and all the resources are released.
24.4 VoIP (SIP)

The VoIP can be implemented based on the SIP protocol. This topic provides introduction to
24.4.1 Introduction
This topic describes the definition, purpose, and specification of VoIP that is implemented based
on the SIP protocol.
24.4.2 Principle
This topic describes the implementation principles of VoIP based on the SIP protocol.

24.4.1 Introduction
This topic describes the definition, purpose, and specification of VoIP that is implemented based
on the SIP protocol.
Definition
The IP multimedia core network subsystem (IMS) is a subsystem that is proposed in the 3rd
Generation Partnership Project (3GPP) Release 5 to support the IP multimedia service. The IMS
includes all the core network elements that provide the audio, video, text, and instant messaging
services, and has been developed to a subsystem independent of any specific access network.
SIP is a control-layer protocol of the IMS and also one of the framework protocols stipulated
by the IETF for the multimedia communication system. SIP is an application-layer protocol for
creating, modifying, and terminating multimedia sessions. Used with other IETF protocols such
as Real-time Transport Protocol (RTP), Real-time Transport Control Protocol (RTCP), SDP,
Real-Time Streaming Protocol (RTSP), DNS and SCTP/TCP, SIP is used to complete session
establishment and media negotiation.
VoIP based on the SIP protocol is a solution in which the PSTN network and the IP network are
interconnected through the SIP protocol based on the IMS architecture to implement the VoIP
service.
NOTE
The PSTN herein refers to the PSTN service that is implemented based on the SIP protocol in an IMS
architecture and whose media bearer network is the IP packet switched network.
24.4.2 Principle
This topic describes the implementation principles of VoIP based on the SIP protocol.
In an IMS architecture, the MA5606T works as a voice over IP gateway (VGW). In the
downstream direction, the MA5606T connects to the VoIP user terminals. In the upstream
direction, the MA5606T connects to the IMS network through the Gm interface based on the
SIP protocol. Working with the IMS core network, the MA5606T provides the VoIP services,
including:
l Basic voice service
l Three-way calling
l Call waiting
l Caller identification display
l Message indicator service
l Malicious communication identification (MCID)
l Call transfer
l Conference call
Figure 24-3 illustrates the principles for implementing the VoIP feature based on the SIP
protocol.

Figure 24-3 Principles for implementing the VoIP feature based on the SIP protocol
SIP SIP
MA5606T-0
MA5606T- 1
Call
RTP Stream
A0 A1
Basic Voice Service

The basic voice service herein refers to the basic call connection function provided by the IMS
core network, including intra-office calls, local calls, domestic calls, international calls, and
transit calls.
The process of establishing and releasing a basic call is as follows:
1. MA5606T-0 detects that user A0 picks up the telephone, and then plays the dial tone for
user A0.
2. User A0 dials a telephone number, meanwhile MA5606T-0 stops playing the dial tone and
receives the number based on the local number list.
3. After receiving the number, MA5606T-0 reports the called number to the IMS core network
through an Invite message. The Invite message contains the session description which
provides the information required for the peer end to send packets to MA5606T-0, including
the IP address/UDP port number and the codec format.
4. The IMS core network finds MA5606T-1 to which the called party belongs based on the
called number and then forwards the Invite message.
5. MA5606T-1 finds called party A1 based on the related information in the Invite message,
and then delivers the ringing command. Meanwhile, user A1 hears the ringing tone and
MA5606T-1 sends a 180 Ringing message to the IMS core network.
6. The IMS core network forwards the 180 Ringing message to MA5606T-0, and then
MA5606T-0 sends the ringback tone to calling party A0.
7. MA5606T-1 detects that user A1 picks up the telephone, and then sends a 200 OK message
to the IMS core network. The 200 OK message contains the session description which
provides the information required for the peer end to send packets to MA5606T-1, including
the IP address/UDP port number and the codec format.
8. The IMS core network forwards the 200 OK message to MA5606T-0 to establish a session.

9. MA5606T-1 detects that user A1 puts down the telephone, and releases the resources for
the session established for user A1, and then reports a BYE message to the IMS core
network.
10. The IMS core network forwards the BYE message to MA5606T-0.
11. MA5606T-0 sends a response to the IMS core network and plays the busy tone for user
A0.
12. User A0 puts down the telephone, and MA5606T-0 releases the resources for the session
established for user A0.
13. The session between users A0 and A1 ends, and all the resources are released.
Three-Way Calling
Three-way calling is a service in which when you are talking on phone with the second party
and if you want to add the third party for talking, you can dial the telephone number of the third
party for three-party talking or separately talking with the third party without interrupting the
talking with the second party.
Call Waiting
Call waiting is a service in which if a calling party places a call to a called party which is otherwise
engaged, and the called party has the call waiting feature enabled, the called party is able to
suspend the current telephone call and switch to the new incoming call, and can then negotiate
with the new or current calling party an appropriate time to ring back if the message is important,
or to quickly handle a separate incoming call.
Caller Identification Display

Caller identification display is a service in which the VGW such as the MA5606T sends the
calling number to the called party and the calling number is displayed on the telephone or
equivalent terminal of the called party.
Message Indicator Service

The message indicator service is a service offered to notify a user of reading new messages. That
is, when the voice mailbox of the user has a new message, the LED on the terminal is illuminated
in voltage ascending or FSK mode, indicating that a message comes.
MCID
MCID is a service offered to the called party who can apply to the telephone exchange for
identifying the telephone number of the calling party in case of a malicious call, and then the
telephone exchange can identify the telephone number of the calling party who initiates the
malicious call through certain operations.
Call Transfer
Call transfer is a service offered to the called party who can transfer a coming call to a temporary
user by hooking so that the calling party can communicate with a new called party.
Conference Call
Conference call is a service offered by the VGW such as the MA5606T for communication
among three or more parties. The conference call can be a common reference call, a tandem

conference call, or a convenor-authorized conference call. Currently, the MA5606T supports

only the common reference call.

Feature Description 25 ISDN
25 ISDN
About This Chapter
The integrated services digital network (ISDN) is a Consultative Committee of International

Telegraph and Telephone (CCITT) standard, providing integrated transmission of voice, video,
and data. The ISDN enables a simultaneous transmission of voice, video and data on the data
channel.
25.1 ISDN Feature Description

This topic describes the basic feature and the operating principles of the ISDN.
25.2 Basic Rate Adaptation (BRA)
This topic describes the basic feature and the operating principles of the BRA.
25.3 Primary Rate Adaptation (PRA)
This topic describes the basic feature and the operating principles of the PRA.

25 ISDN Feature Description
25.1 ISDN Feature Description

This topic describes the basic feature and the operating principles of the ISDN.
25.1.1 Introduction
This topic describes the definition, purpose, specification, limitation, and availability of ISDN.
25.1.2 Principle
This topic describes the implementation principles of the ISDN feature.
25.1.3 Reference
This topic describes the reference documents of the ISDN.
25.1.1 Introduction
This topic describes the definition, purpose, specification, limitation, and availability of ISDN.
Definition
The integrated services digital network (ISDN) is a Consultative Committee of International
Telegraph and Telephone (CCITT) standard, providing integrated transmission of voice, video,
and data. The ISDN enables a simultaneous transmission of voice, video and data on the data
channel.
The ISDN supports the joint switchover of H.248 and IUA and the overload control of ISDN
emergency call.
The ISDN supports two types of services:

l Basic rate interface (BRI): provides the rate of 144 kbit/s, provided by two B channels and
one D channel. The rate of the B channel is 64 kbit/s, and that of the D channel is 16 kbit/
s.
l Primary rate interface (PRI): provides the rates of 2.048 Mbit/s, provided by 30 B channels
and one D channel. The rates of both the B channel and the D channel are 64 kbit/s.
The B channel is used to bear services, and the D channel is used to bear the call control signaling
and maintenance management signaling.
Purpose
The MA5606T supports the ISDN access to provide the integrated services of voice, video, and
data for users.
Specification
The MA5606T supports the following ISDN specifications:
l Up to 64 ISDN BRA users

l Up to 4 ISDN PRA users
l Flexible terminal ID configuration

Limitation
Currently, only the ISDN service based on the H.248 protocol is supported.
Availability
l Hardware support
The DSRD and DSRE boards support the ISDN BRA feature.
The EDTB supports the ISDN PRA feature.
l License support
The number of the ISDN ports supported by the MA5606T is under license. Therefore, the
25.1.2 Principle
This topic describes the implementation principles of the ISDN feature.
ISDN System Structure

Figure 25-1 shows the ISDN system structure.
Figure 25-1 ISDN system structure

Softswitch (MGC)
H.248 signaling
traffic
Media
stream
H.248 signaling
traffic MG
Peer device
E1
NT1
PBX
TA
PSTN ISDN PSTN Phone

Phone Phone
BRA user
PRA user

The ISDN users include the BRA users and the PRA users.
l The BRA users can connect the ISDN telephone with the NT1 directly, or connect the
common telephone through the TA. On the MG side, the BRA users access the network
through the BRA port. NT1 and the MG are connected by a POTS line.
l The PRA users access the network through the E1 port with the PBX. The PBX and the
gateway are connected by an E1 cable.
ISDN Call Control Process-Call Setup

The ISDN uses the Q.931 protocol to control the call. An L2 link, which complies with the Q.
921 protocol, is set up between the gateway and the NT1/PBX to carry Q.931 messages. Set up
an IUA link to bear the Q.931 messages between the gateway and softswitch.
Figure 25-2 and Figure 25-3 show the process for controlling the setup of an ISDN call. Figure
25-2 shows steps 1-8, and Figure 25-3 shows steps 9-16.
Figure 25-4 shows the control process of the ISDN call disconnection.
Figure 25-2 ISDN call control process-call setup 1
TE1 MG1 MGC MG2 TE2
SETUP
SETUP ACK
SG{cg/dt}
IMFOMATION
SG{}
IMFOMATION
CALL PROCEEDING
ADD
ADD ACK ADD

ADD ACK
NOTE
In the figure, the blue line is the H.248 signaling, and the red line is the Q.931 signaling.

Figure 25-3 ISDN call control process-call setup 2
TE1 MG1 MGC MG2 TE2 TE3

SETUP
MOD
ALERTING ALERTING
SG{cg/rt}
CONNECT
SG{}
RELEASE
MOD
RELEASE COMPLETE
CONNECT
CONNECT ACK CONNECT ACK
In conversation
NOTE
In the primitive Q.931, the gateway is not involved in the call control. The call control gateway
only separates the terminal Q.931 primitive from the Q.921 packets, encapsulates the Q.931
primitive to the IUA information packet, and then sends the packets to the softswitch.
The DSP channel resources that the gateway manage are distributed and released according to
the H.248 signaling or the MGCP signaling delivered by the softswitch in the call process.
The call setup process is as follows:
1. The host hooks off and initiates a call setup.

2. The softswitch responds with a SETUP_ACK message, and requests more call information,
such as the called number.
3. The softswitch delivers the dial tone through the modify command. In the ISDN, the
digitmap is not included.
4. The calling party dials, and the number is carried by the primitive IMFORMATION to the
softswitch.
5. After receiving a number, the softswitch stops the signal tone through the modify
command.
6. The softswitch responds with a CALL PROCEEDING message, which indicates that the
call is being set up.
7. The softswitch enables the calling party and the called party to distribute the context through
the add command, and the RTP mode is switched to the Rx-Tx mode.
8. When the called party responds to the add command, the softswitch modifies the Routing
Table Protocol (RTP) remote attribute on the calling party side through the modify
command.
9. The softswitch delivers the SETUP request to the called party for setting up a call

10. After receiving the call, the called party starts ringing and sends ALERTING. If the
ALERTING reaches the calling party, the call is connected.
11. The softswitch delivers the ringing tone to the calling party through the modify command.
12. The called party hooks off and sends CONNECT. If the CONNECT reaches, the call is
connected.
13. The calling party responds CONNECT_ACK.
14. The softswitch stops the ringing tone through the modify command.
15. The softswitch modifies the RTP remote attribute on the calling party through the
modify command.
16. The call setup ends.
ISDN Call Control Process-Call Disconnection
Figure 25-4 ISDN call control process-call disconnection
TE1 MG1 MGC MG2 TE2

DISCONNECT
RELEASE
DISCONNECT
SUB
SG{cg/rt}
SUB ACK
RELEASE COMPLETE RELEASE
RELEASE COMPLETE
DISCONNECT
SUB
SUB ACK
NOTE
The call disconnection process is as follows:
1. One party hooks on, and sends DISCONNECT to the MGC.

2. The softswitch sends DISCONNECT to the other party, and sends RELEASE to the party
who hooks on.
3. The softswitch delivers the sub command to delete the context to the party who hooks on.
4. The softswitch delivers the busy tone to the party who does not hook on through the
modify command.
5. The party who hooks on finishes the call disconnection, and sends
RELEASE_COMPLETE to the softswitch.
6. After receiving the disconnection, the other party sends RELEASE to the softswitch.

7. The softswitch sends RELEASE_COMPLETE to the other party.

8. The other party hooks on, and sends DISCONNECT to the softswitch.
9. The softswitch delivers the sub command to delete the context to the party who hooks on
subsequently.
10. The call disconnection is complete.
25.1.3 Reference
This topic describes the reference documents of the ISDN.
The following lists the reference documents of the ISDN:

l ITU-T Q.920 ISDN user-network interface data link layer General aspects
l ITU-T Q.921 ISDN user-network interface - Data link layer specification
l ITU-T Q.930 Digital Subscriber Signalling System No.1 (DSS 1) -ISDN User-Network
Interface Layer 3 - General Aspects
l ITU-T Q.931 ISDN user-network interface layer 3 specification for basic call control
l ITU-T Q.932 Digital Subscriber Signalling System No. 1 - Generic procedures for the
control of ISDN supplementary services
l ITU-T H.248 Media gateway overload control package
25.2 Basic Rate Adaptation (BRA)

This topic describes the basic feature and the operating principles of the BRA.
25.2.1 Introduction
This topic describes the definition, purpose, and specification of BRA.
25.2.2 Principle
This topic describes the implementation principles of the ISDN BRA feature.
25.2.1 Introduction
This topic describes the definition, purpose, and specification of BRA.
Definition
BRA refers that the ISDN users access the MG through the BRI by the H.248 protocol.
Purpose
The BRA provides the BRA access, performs multimedia communication (voice, video, and
data) from point to point or from point to multipoint.
Specification
The MA5606T supports the following BRA services:
l One port connects up to eight terminals. Only two ports, however, can be used
simultaneously.

l Up to 64 ISDN BRA users are supported.
25.2.2 Principle
This topic describes the implementation principles of the ISDN BRA feature.
Figure 25-5 shows the principles of the ISDN BRA.
Figure 25-5 Principles of the ISDN BRA

Softswitch (MGC)
Peer device MG
NT1
NT1
IUA call control signaling traffic

Media stream ISDN Phone
H.248 media control signaling traffic
User Access
Entering the AN from the MG side, the BRA user call from the deactivated state experiences
four stages: activation, TEI application, layer 2 link setup, and layer 3 call control. If the port
terminal is activated, or the TEI is distributed, or the link is set up, skip to next stage.
Call Control
According to the signaling round-trip control, the call signaling on the MG is sent to the
softswitch through the IUA (as the red line in the figure). The softswitch delivers the media
control information through the H.248 protocol, and controls the resources on the MG (as the
blue line in the figure), such as the B channel, context (H.248), and terminal.

Create an IUA service environment on the MG and MGC sides. Bear the Q.931 signaling on the
DSL board to the SCTP link, pack the signaling through the IUA protocol stack, and then send
the packet to the MGC. Switch the Q.931 signaling on the MGC side. The MGC sends the Q.
931 signaling to the peer end through the SCTP link to perform ISDN signaling call.
Working Mode
The BRA working modes include point to multipoint (P2MP) and point to point (P2P).
l Under the P2MP mode, one NT1 can connect to multiple terminals. Multiple layer 2 links
can be created at the same time, and up to two users can call simultaneously. If no call
service exists, the system can deactivate automatically to save the power.
l Under the P2P mode, one NT1 can connect to one terminal only. The layer 2 link is always
set up to ensure the service bearing at any moment. No matter the call service exists, the
link is activated.
Terminal Power Supply Mode

The BRA power supply is to provide power for the terminal. Two terminal power supply modes
are provided:
l Local power supply: The terminal applies battery or connects to the power supply.
l NT1 power supply: The terminal accepts the NT1 power supply only. The NT1 power
supply falls into two types:
– Local power supply: The NT1 connects to the local power supply.
– Gateway power supply: Configure the remote power supply attribute of the BRA port
on the gateway.
Terminal Identifier Distribution

Under the P2MP mode, if the physical line of the BRA user is activated, one BRA port can
connect multiple terminals. A terminal equipment identifier (TEI) is needed to identify the
terminal.
The TEI can be specified by the terminal, or distributed on the network side.
l The TEI that the terminal specifies ranges 0-63.
l The TEI on the network side is distributed by the subscriber board, ranging 64-126.
l The 127, as a multicast TEI, is used when the BRA user is called (all the users under the
same port share the same telephone number). When the destination terminal is unknown,
the connections to all the terminals are initiated.
l Under the P2P mode, the terminal TER is 0.
25.3 Primary Rate Adaptation (PRA)

This topic describes the basic feature and the operating principles of the PRA.
25.3.1 Introduction
This topic describes the definition, purpose, and specification of PRA.
25.3.2 Principle
This topic describes the implementation principles of the ISDN PRA feature.

25.3.1 Introduction
This topic describes the definition, purpose, and specification of PRA.
Definition
The PRA refers to that the ISDN users access the MG through the PRI by using the H.248
protocol.
Purpose
The PRA user access is supported on the MG. The central offices can access the PRA users
through the mini-switch PBX. For the internal users, they can communicate with each other. For
the external users, they can communicate with the PSTN users.
Specification
The MA5606T supports the following PRA services:
l Timeslot 0 is used for frame synchronization, and timeslot 16 is used for signaling
transmission as the D channel. Other timeslots are used for service data transmission as the
B channel.
l Up to 4 ISDN PRA users are supported.
25.3.2 Principle
This topic describes the implementation principles of the ISDN PRA feature.
The PRA call process is the same as the BRA call process. For the BRA call process, refer to
25.2.2 Principle.
After one PRA user is configured, 32 timeslots with the rate of 64 kbit/s are provided. In which,
timeslots 1-15 , 17-31 are for the B channel, timeslot 16 is for the D channel, and timeslot 0 is
for the frame synchronization.
For a PRA user, the TEI of the layer 2 link is 0.
For a PRA user, the working mode and power supply mode are not involved. The terminal is
powered by the PBX.

Feature Description 26 Overload Control
26 Overload Control
About This Chapter
Overload occurs when the usage of the CPU and DSP resources increases and reaches a certain
threshold in the case that a large number of AG calls occur concurrently. In this case, calls cannot
be processed normally. Overload control refers to the control over calls, which ensures that the
calls from guaranteed subscribers and emergency call subscriber are processed in time,
improving the system stability and usability.
26.1 MG Overload Control

This topic describes the basic feature and working principles of the MG overload control.
26.2 Upstream Bandwidth Overload Control
This topic describes the basic feature and working principles of the upstream bandwidth overload
control.
26.3 MGC Overload Control
This topic describes the basic feature and working principles of the MGG overload control.
26.4 Broadband Packets Overload Control
This topic describes the feature of broadband packets overload control in its introduction,
principles, and reference.

26 Overload Control Feature Description
26.1 MG Overload Control

This topic describes the basic feature and working principles of the MG overload control.
26.1.1 Introduction
This topic describes the definition, purpose, and specifications of the MG overload control
feature.
26.1.2 Principles
This topic describes the working principles of the MG overload control feature.
26.1.3 Reference
This topic provides the reference documents of the MG overload feature.
26.1.1 Introduction
This topic describes the definition, purpose, and specifications of the MG overload control
feature.
Definition
MG overload control is a method used by the MA5606T to detect overload and process new
calls according to a certain algorithm or rule to ensure normal running of the device when some
abnormalities cause the call proceeding capability to decline or the proceeding delay to increase.
Purpose
Overload control is used for the following purposes:
l Preventing device overload

l Ensuring the call proceeding quality
l Improving user satisfaction as much as possible
l Ensuring normal running of the device when being overloaded and obtaining the maximum
call processing capability of the device at the same time
Specifications
The MG overload control (H.248) is supported.
l The MG overload control is classified into the following:

– Restriction-level overload: When such overload occurs, the calls with high priority are
guaranteed.
– Block-level overload: When such overload occurs, the calls at all levels are rejected.
l Minimum CPU utilization corresponding to the restriction-level overload (unit: %): 30-99
l Minimum CPU utilization corresponding to the block-level overload (unit: %): 31-100
l Maximum occupancy rate of the common-level call channel (unit: %): 1-100
l Maximum occupancy rate of the next highest level call channel (unit: %): 1-100

Glossary
Table 26-1 Glossary of the overload control feature

Term Description
Leaky bucket algorithm There is a water leak valve at the bottom of the leaky bucket
with a certain capacity. The water that flows from the valve is
called leak rate. When water flows out, the leaky bucket
casually receives uncertain quantities of water that is poured
into it. To prevent the liquid in the leaky bucket from
exceeding the capacity of the leaky bucket and over flowing,
control the newly poured water according to the leak rate.
Based on the preceding leaky bucket model, the leaky bucket
algorithm adjusts the leak rate of the system and control the
new calls entering the system to avoid abnormalities
(overflow) in the case of large volume of traffic.
Table 26-2 Acronyms and abbreviations of the overload control feature

MG Media gateway
26.1.2 Principles
This topic describes the working principles of the MG overload control feature.
Caller
Figure 26-1 shows the overload control process when the subscriber acts as a caller.

Figure 26-1 Operating principles for implementing the MG overload control

The subscriber picks up
the phone.
Whether does the

N
MG reach the block-
level overload?
N Whether does the MG

reach the restriction-
level overload? Y
N
Whether a common
subscriber port?
Y
Common call
Whether is an N
emergency call
allowed?
Return OK Y
The local plays the dialing tone
and receives the number.
Emergency call digitmap

matching
Whether does the

emergency call N
digitmap match? ？
Y N Whether is overload
not eliminated or
port not preferred? ？
Save the subscriber dialing number in
the bffer, and clear the information Y
about digitmap matching
Report the subscriber off-hook The local plays the busy tone to
information saved in the buffer, and wait the subscriber. Return Failed
for the MGC to deliver digitmap
Return Failed
Return OK
The MA5606T adopts the port priority and call priority as the decision criteria of the overload
control. The process of the MG overload control is as follows:
1. The user picks up the phone and then the MG checks whether the overload is block-level
overload. If yes, the MG directly rejects the call. If not, the MG proceeds with step 2.
2. The MG checks whether the overload is restriction-level overload. If not, the MG proceeds
with step 8. If yes, the MG proceeds with step 3.
3. The MG checks whether the user is a common user. If not, the MG proceeds with step 8.
If yes, the MG proceeds with step 4.

4. The MG check whether the emergency call is allowed. If yes, the MG plays the dialing
tone and receives the phone number, and then proceeds with step 5.
5. The MG checks whether the received phone number matches the emergency call digitmap.
If yes, the MG proceeds with step 6. If not, the MG proceeds with step 7.
6. The MG reports the user off-hook information saved in the buffer to the MGC and waits
for the MGC to deliver the digitmap and then the MG can run the normal process.
7. The MG checks whether the overload is cleared. If not, the MG plays the busy tone to the
user and rejects the call. If yes, the MG proceeds with step 6.
8. The MG enters the normal process of calls.
Callee
The overload control process when the subscriber acts as the callee is the same as that when the
subscriber acts as the caller, except that after the peer call enters the MG, the MA5606T adopts
only the call priority as the decision criterion for overload control.
POWER-DIALER Processing
The MG overload control adopts the leaky bucket algorithm. The system processing capability
is supposed to be the leak rate of a leaky bucket and new calls be the water poured into the leaky
bucket. The water in the leaky bucket flows out when time goes by. If during a period too much
water is poured into the leaky bucket, causing the water level to exceed the limit of the leaky
bucket, the system takes measures to reject certain new calls and to maintain the water level of
the leaky bucket under the security level.
In the case of detection and rejection of the user that frequently and quickly picks up and hangs
up the phone, Figure 26-2 shows the principles for processing the POWER-DIALER.

Figure 26-2 Principles for processing the POWER-DIALER

Subscriber hooks off the
phone
Port in Yes Message count plus 1, and

the POWER-DIALER
message discarded
state?
No
Message count plus 1
Message
count exceeds the No
threshold?
Yes
Detection No
Detection time exceeds the Message passes
No
time exceeds the threshold?
threshold?
Yes
Yes
During detection
No
time, average messages
(offhook) exceed the set
value?
Yes
Detection time
Yes
exceeds the
threshold?
No Port turns into POWER

-
DIALER state
Alarm generated and Message count is set
recovery timer started to 1, message passes
Message passes Message discarded and and start/end time is
start/end time refreshed refreshed
The overload control process is as follows:

1. The initialization port of the system is not in the POWER-DIALER state.
2. The subscriber port reports the hookff or flash pressing message. If the port is already in
the POWER-DIALER state, the message is discarded directly. In the case of an on-hook
message, the message and the corresponding off-hook message are cleared together.
3. If the port is not in the POWER-DIALER state, statistics measurement is required and
whether the threshold is reached need to be determined.
4. If the port enters the POWER-DIALER state, an alarm is reported, recording the current
state; the message is not reported, and the status recovery timer is started.
5. If the port does not enter the POWER-DIALER state, the message passes and the statistics
message is refreshed.
Off-Hook and On-Hook of the PSTN Subscriber

Figure 26-3 shows the overload control process in the case of off-hook and on-hook of the PSTN
subscriber.

Figure 26-3 MG overload control process-Off-hook and on-hook of the PSTN subscriber
Message from PSTN port
received
Offhook/Onhook
No
/Hooking/Pulse Passed
dialing message?
Yes
In
Yes
POWER DIALER Discarded
-
state?
No
Offhook
message Hooking message
Check message type
Onhook Pulse dialing

message
In offhook state?
Yes
Is VAG overloaded?
Check No
the pending state Yes
No
Yes
Not in In offhook queue?
In OFF-HOOK or the
In ON-HOOK queue
ON-OFF-HOOK pending
queue queue No
Cleared with Check

Error message the peer whether it can
returned Passed Discarded
message pass
In the case of the ON HOOK

If it is in the ON-HOOK queue, respectively check
queue, enter the ON- whether the offhook and
OFF-HOOK queue; The message passes if
onhook messages can pass
otherwise, enter the not in the pending queue;
Otherwise, check whether
OFF- HOOK queue. otherwise, it is discarded.
the offhook message can
pass.
The overload control process is as follows:

1. In the case of the messages reported by the subscriber port: The system filters the messages
by message type. Then, the system checks whether the subscriber port is in the POWER-
DIALER state. After the port passes the judgment, the system checks whether the port need
to enter the Pending state.
2. In the case of the off-hook messages, if the port is already overloaded, the port is added to
the Pending queue to which the port belongs. If the port is not in the Pending state, the
system determines whether the port passes judgment by using the leaky bucket algorithm.
3. In the case of the on-hook messages, the system pairs one message with another for
elimination according the Pending state. After that, the system uses the leaky bucket
algorithm for judgment and the overload control functional module checks the current
overload state of the system to determine whether the current message is allowed to be
processed.
4. In the case of the flash-hooking messages, the system checks whether the port is in the off-
hook state and whether the off-hook message is in the Pending queue. Only the flash-

hooking messages that are not in the Pending queue are allowed to pass when the port is
in the off-hook state.
5. The messages that are generated in the pulse dialing mode are allowed to pass only when
the port is not in the Pending queue.
ISDN Subscriber Acting as a Caller

Figure 26-4 shows the overload control process in the case of off-hook and on-hook of the ISDN
subscriber acting as a caller.
Figure 26-4 MG overload control process-ISDN subscriber acting as a caller

Message fromthe ISDN
port received
Offhook/Onhook Yes
state of the port
recorded?
No
No Previous offhook No
Offhook message?
message rejected?
Yes Yes
The message Reject the Record port state (initial
passes message state:Idle)
Yes ISDN port in No

the Idle state?
Offhook Other No The message

message Check the messages In the filter state? passes
message type
Yes
Released message
Is it the
No Restart the30s
Yes released
In offhook state? timer
message?
Pass
No The message passes Yes
and set the setup
Pass the No
leaky bucket? retransmit flag to
false. Clear the port state
Set the message state to and stop the 30s
timer
filter and start the 10s
Yes
timer. The entry is deleted
if the start fails.
Start the 30s timer. The message passes,

entry is deleted if the and the port state is
start fails. cleared.
Compared with the PSTN caller control process, the ISDN caller control process is more
complicated. This is mainly caused by status judgment. The brief control process is as follows:

1. The messages reported by the ISDN port are processed according to the port status and the
reported messages. If the message is the first SETUP message of the port, the message
enters the leaky bucket to determine whether it can pass or not. If the message passes the
judgment, the port message status is recorded as Idle; if the message does not pass the
judgment, the port message status is recorded as Filter.
2. The following messages of the port are judged according to the port status. If the port is in
the Idle state, the messages are allowed to pass and the port message status changes
according to the message type. If the port is in the Filter state, the messages are not allowed
to pass and the port message status changes according to the message type.
Subscriber Acting as a Callee

Figure 26-5 shows the overload control process in the case of off-hook and on-hook of the
subscriber acting as a callee.
Figure 26-5 MG overload control process-subscriber acting as a callee
Network-side message is
received
Can
incoming calls pass Yes
The message passes
through the leaky
bucket?
No
Is the softswitch No
The message is rejected
support H248.11?
Yes
The message passes
26.1.3 Reference
This topic provides the reference documents of the MG overload feature.

l ITU-T.H.248.11 Infrastructure of audiovisual services - Communication procedures
26.2 Upstream Bandwidth Overload Control

This topic describes the basic feature and working principles of the upstream bandwidth overload
control.
26.2.1 Introduction

This topic describes the definition, purpose, and specifications of the feature of upstream
bandwidth overload control.
26.2.2 Principles
This topic describes the working principles of the feature of upstream bandwidth overload
control.
26.2.1 Introduction
This topic describes the definition, purpose, and specifications of the feature of upstream
bandwidth overload control.
Definition
When the bandwidth traffic on the access side of the MG reaches or exceeds the limit and affects
the service, calls are restricted by using the bandwidth traffic on the MG side, and the bandwidth
occupied by the current call in the system is calculated to control the call traffic of the MG.
Purpose
Upstream bandwidth overload control aims at ensuring the maximum satisfaction of the call
user, and the normal call voice quality.
Specifications
The MA5606T supports the following specifications for upstream bandwidth overload control:
l Range of the maximum upstream bandwidth (unit: 100 kbit/s): 2-1000
l Range of the bandwidth reserved for the emergency call (unit: 100 kbit/s): 1-999
26.2.2 Principles
This topic describes the working principles of the feature of upstream bandwidth overload
control.
Calls are divided into two categories when the MG uses the upstream bandwidth for call
restriction:
l Category 1: Common calls from the common port subscribers
l Category 2: Calls from the uncommon port subscribers or emergency calls from the
common port subscribers
When supporting upstream bandwidth overload control, the MG reserves certain bandwidth for
the calls from category 2 subscribers. When the call bandwidth reaches the restriction level, the
MG rejects the calls from category 1 subscribers and allows calls from category 2 subscribers.
Figure 26-6 shows the processing on user off-hook in the case of upstream bandwidth overload
control.

Figure 26-6 Processing on user off-hook in the case of upstream bandwidth overload control
User hooks off the phone
No Bandwidth
call restriction
enabled? No
Yes
No Urgent digitmap No
Insufficient
is configured?
bandwidth?
Yes Yes
Uncommon port? Reserved No

bandwidth is
sufficient?
Yes
Yes
Reserved No
bandwidth is
sufficient?
Process for urgent call
Yes
offhook
Set the call tag
as urgent call Deliver the busy
tone to the user
Normal connection
Return Failed
Return OK
Figure 26-7 shows the processing on the callee in the case of upstream bandwidth overload
control.

Figure 26-7 Processing on the callee in the case of upstream bandwidth overload control
Enter the process for called
user
No Bandwidth call
restriction enabled?
Yes
No
Insufficient
bandwidth?
Yes
The call No
is with high priority or
urgent?
Report the insufficient

Yes resources error to MGC
Normal connection
Return OK
26.3 MGC Overload Control

This topic describes the basic feature and working principles of the MGG overload control.
26.3.1 Introduction
This topic describes the definition, purpose, and specifications of the MGC overload control
feature.
26.3.2 Principles
This topic describes the working principles of the MGC overload control feature.
26.3.1 Introduction
This topic describes the definition, purpose, and specifications of the MGC overload control
feature.
Definition
MGC overload refers to the overload generated when the call volume of each area increases
instantly, or in some abnormal cases, when the MGC processing loading is too heavy. In this
case, normal calls may even be affected.

Purpose
The MGC overload control aims at preventing the MGC overload, or when the MGC is
overloaded, helping the MGC to restrict its call volume and handle the overload.
Specifications
By default, the MA5606T supports this feature. You can enable or disable this feature through
the CLI.
26.3.2 Principles
This topic describes the working principles of the MGC overload control feature.
Operating Principles of the MGC Overload Control

Figure 26-8 shows the working principles of the MGC overload control.
Figure 26-8 Operating principles of the MGC overload control

MGC
MG 1 MG 2 MG N
The MGC controls each MG through signaling and each MG reports the received call to the
MGC for processing. In this case, even if the call volume increase is small for each MG, the call
volume increase may be very large for the MGC, causing the MGC overload.
To prevent the MGC from entering the overload state, the MG's cooperation is required for
restricting the call volume. The MG supports the etsi-nr packet of the MGC to cooperate with
the MGC to restrict the call volume.
When supporting the MGC to restrict user calls, the MG processes the calls according to the
user priority. In the MA5606T, users are divided into three categories (CAT3: common user;
CAT2: next highest priority user; CAT3: highest priority user).
If the MA5606T receives the user off-hook message after the MGC overload control is enabled
on the MG, based on the user priority and the call pass rate delivered by the MGC, the
MA5606T uses the leaky bucket algorithm to determine whether to allow the current call or not.
The MG will record the statistics related to the leaky bucket.
Introduction to the etsi_nr Packet

The etsi_nr packet has two attributes. One is notrat that is the maximum number of reported off-
hooks in one second, which is controlled by the MG. The other is OffHookNot, which indicates

whether to report off-hook as well when the MG directly reports the phone number that matches
the emergency call digitmap. The etsi_nr packet is processed as follows:
l The MG resolves the etsi_nr packet delivered from the MGC. If the etsi_nr packet is not
delivered to the Root node, the MG replies to the softswitch that the H.248 syntax is
incorrect.
l The MG processes the two attributes of the etsi_nr packet as follows:
– If the softswitch does not issue the packet, the default value of interface notrat is -1.0,
and that of OffHookNot is Required.
– If there is the notrat attribute and the attribute value is the correct floating point number,
the packet is processed based on the attribute value as follows:
– If notrat ≥ 0.0, the MG determines based on the leaky bucket algorithm whether to
report the off-hook of the caller to the MGC.
– If notrat < 0.0, the MG uses the static leaky rate that is configured through the CLI.
– If there is the notrat attribute but the attribute value is not the correct floating point
number, the H.248 syntax error is returned.
– If there is the OffHookNot attribute, the MG based on the OffHookNot attribute value
sets whether to report the off-hook message saved in the buffer for the emergency call
of common users to the MGC.
26.4 Broadband Packets Overload Control

This topic describes the feature of broadband packets overload control in its introduction,
principles, and reference.
26.4.1 Introduction
and abbreviations of the feature of broadband packets overload control.
26.4.2 Principles
This topic describes the working principles of the feature of broadband packets overload control.
26.4.1 Introduction
and abbreviations of the feature of broadband packets overload control.
Definition
When a large number of service packets are processed concurrently, the utilization ratio of
system resources increases sharply. When the service quantity exceeds the maximum bearing
capability of the system, overload occurs. In this case, without control, the service processing
capability of the system may be below the capability of the idle system, or, even worse, the entire
system is down. Therefore, the system must have a mechanism for checking whether the system
is overloaded. If it is overloaded, the system discards certain tasks according to rules to reduce
the system payload and to ensure that certain services in the system run in the normal state.
There are many methods for overload control. Broadband packets overload control is one of
them. When the system CPU usage exceeds the threshold, the system discards certain packets
according to preset rules.

Purpose
The MA5606T supports broadband and narrowband services concurrently. When the system
traffic is heavy, the voice service needs to be guaranteed first to ensure the connection of the
ongoing conversation. Provided that the voice service is guaranteed, the packets of the broadband
service are processed according to the priority.
Specifications
l The leaky bucket thresholds such as the CPU usage can be set to 30-99. By default, the
first-level threshold is 80 and the second-level threshold is 90.
l The leaky bucket adjustment factor can be set to 1-1000. By default, it is 20.
l Each of the eight WRR weights is configurable from 1 to 100.
l For eight WRR queues, the mapping between the 802.1p priority and queue ID is
configurable.
Availability
l Hardware Support
None
l License Support
The feature of broadband packets overload control is a basic feature of the MA5606T.
Therefore, the corresponding service is provided with no license.
26.4.2 Principles
This topic describes the working principles of the feature of broadband packets overload control.
Packet Processing According to the Queue Priority

Voice packets and management packets have the highest priority. As for other types of packets,
queues are created respectively according to the 802.1p priority (0-7), and the packets are
scheduled by using the WRR algorithm. You can set the weights for eight queues according to
actual requirements. When the system is busy, packets are scheduled to the leaky bucket
according to the WRR algorithm.
Leaky Bucket Algorithm

1. Packets enter the leaky bucket after being processed by the WRR algorithm. Then, the leaky
bucket algorithm helps to determine the packets that are actually processed by the system.
2. The function of each leaky bucket parameter is follows:
l Leaky bucket threshold (N): indicates the default system capacity, ranging from 1 to
2000. By default, it is 1000, in the unit of number of packets.
l Target control threshold of CPU usage (T1): indicates the upper limit for the system
CPU usage, ranging from 30% to 100%. By default, it is 80%. Its corresponding water
level is N1 = N x T1.
l Second-level control threshold of CPU usage (T2): indicates the threshold of the system
resources that are allowed to allocated to each type of service when the current water
level of the system exceeds N1, ranging from 30% to 100%. By default, it is 90%. T2
≥T1, and the corresponding water level is N2 = N x T2.

l Current leak rate of the leaky bucket (L): The current leak rate is dynamically adjusted
according to the CPU usage, ranging from 1 to 2000. By default, it is 800, in the unit
of PPS.
l Adjustment factor (S): namely, the adjustment step. The smaller the step, the faster the
leak rate is upshifted or downshifted, and the larger the jitter of the leaky bucket. On
the contrary, the larger the step, the slower the adjustment speed, and the smaller the
jitter. The adjustment step ranges from 1 to 1000. By default, it is 20.

Feature Description A Acronyms and Abbreviations
A Acronyms and Abbreviations
A
ABR Area Border Router
AC Attachment Circuit
ACL Access Control List
ANCP Access Node Control Protocol
ARP Address Resolution Protocol
AS Autonomous System
ASBR Autonomous System Boundary Router
B
BPDU Bridge Protocol Data Unit
BRAS Broadband Remote Access Server
C
CAC Connection Admission Control
CAR Committed Access Rate
CBR Constant Bit Rate
CBS Committed Burst Size
CC Continuity Check Message
CE Customer Edge
CFM Connectivity Fault Management
CIR Committed Information Rate
CLI Command Line Interface
Issue 03 (2010-01-28) Huawei Proprietary and Confidential A-1

A Acronyms and Abbreviations Feature Description
CM Color Mode
CoS Class of Service
CST Common Spanning Tree
CIST Common and Internal Spanning Tree
CSPF Constraint Shortest Path First
D
DHCP Dynamic Host Configuration Protocol
DHCP Relay Dynamic Host Configuration Protocol Relay
DHCP option82 DHCP relay agent option 82
DMT Discrete Multi-Tone
DoS Denial of Service attack
DSLAM Digital Subscriber Line Access Multiplexer
E
EFM Ethernet of First Mile
F
FTTB Fiber To The Building
FTTH Fiber To The Home
FTTx Fiber To The x
FTP File Transfer Protocol
G
GEM GPON Encapsulation Mode
GPON Gigabit-capable Passive Optical Network
GSMP General Switch Management Protocol
H
HQoS Hierarchical QoS
I
ICMP Internet Control Message Protocol
IGMP Internet Group Management Protocol
A-2 Huawei Proprietary and Confidential Issue 03 (2010-01-28)

IP Internet Protocol
IPoA Internet Protocol Over ATM
IPoE IP over Ethernet
IST Internal Spanning Tree
IWF Interworking Function
L
LB Loopback
LT Linktrace
M
MIB Management Information Base
MSTP Multiple Spanning Tree Protocol
MSTR Multiple Spanning Tree Regions
MSTI Multiple Spanning Tree Instance
N
NTP Network Time Protocol
NRT-VBR Non-Real Time Variable Bit Rate
O
OAM Operations Administration and Maintenance
OAMPDU OAM Packet Data Unit
ODN Optical Distribution Network
OLT Optical Line Terminal
OMCI Optical Network Termination Management and Control Interface
ONU Optical Network Unit
ONT Optical Network Terminal
OPEX Operating Expenditures
OSPF Open Shortest Path First
OSS Operation Support System
P
P2P Point To Point
PBS Peak Burst Size

A Acronyms and Abbreviations Feature Description
PIR Peak Information Rate

PMD Physical Media Dependent
PMS-TC Physical Media Specific Transmission Convergence
PON Passive Optical Network
PSTN Public Switched Telephone Network
PVC Permanent Virtual Channel
PQ Priority Queuing
PTM Packet Transfer Mode
PBO Power Back Off
PITP Policy Information Transfer Protocol
PPPoA Point to Point Protocol over ATM Adaptation Layer 5
PPPoE Point-to-Point Protocol over Ethernet
PVP Permanent Virtual Path
Q
QinQ 802.1Q in 802.1Q
QoS Quality of Service
R
RAIO Relay Agent Information Option
RDI Remote Default Indication
RFI Radio Frequency Interference
RIP Routing Information Protocol
RSTP Rapid Spanning Tree Protocol
RT-VBR Real Time Variable Bit Rate
S
SFTP Secure File Transfer Protocol
SNMP Simple Network Management Protocol
SSH Secure Shell
STP Spanning Tree Protocol
SHDSL.bis Single-line high speed digital subscriber line.bis
A-4 Huawei Proprietary and Confidential Issue 03 (2010-01-28)

SPF Shortest Path First

SSM Specific Source Multicast
T
T-CONT Transmission Containers
TC-PAM Trellis Coded Pulse Amplitude Modulation
TDM Time Division Multiple
TDMA Time Division Multiple Access
TDMoGEM TDM over GEM
TFTP Trivial File Transfer Protocol
TLV Type, Length, Value
ToS Type of Service
trTCM Two Rate Three Color Marker
U
UBR Unspecified Bit Rate
V
VBAS Virtual Broadband Access Server
VLAN Virtual LAN
W
WRR Weighted Round Robin
X
xDSL x Digital Subscriber Line


MA5606T Feature Description (V800R006C02 - 03)

Hochgeladen von

Dokumentinformationen

Originalbeschreibung:

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

MA5606T Feature Description (V800R006C02 - 03)

Hochgeladen von

Copyright:

Verfügbare Formate

SmartAX MA5606T Multi-service Access Module

HUAWEI TECHNOLOGIES CO., LTD.

Trademarks and Permissions

Huawei Technologies Co., Ltd.

Issue 03 (2010-01-28) Huawei Proprietary and Confidential i

About This Document

Product Name Version

N2000 BMS V200R012C03

Issue 03 (2010-01-28) Huawei Proprietary and Confidential iii

l Network planning engineers

1 GPON Upstream GPON upstream transmission means transmission of data

2 VDSL2 Access VDSL2 supports a high bandwidth (symmetric rates of up

3 ADSL2+ Access Asymmetrical digital subscriber loop (ADSL) is an

4 SHDSL SHDSL is an xDSL access technology, just like ADSL and

5 DLM/DSM This topic describes the DLM/DSM feature in its

7 IPoA Access IPoA access is an access mode in which the payloads of IP

iv Huawei Proprietary and Confidential Issue 03 (2010-01-28)

9 VLAN Virtual local area network (VLAN) is a technology used to

10 HWTACACS HWTACACS is a security protocol with enhanced

12 Transparent Transparent transmission of protocol packets refers to the

14 QoS QoS refers to quality of service. Settings of different QoS

15 ANCP ANCP refers to the Access Node Control Protocol which is

16 MSTP The Multiple Spanning Tree Protocol (MSTP) is compatible

17 Multicast Multicast refers to the point-to-multipoint communication

18 Triple Play Triple play is a service provisioning mode in which

19 Ethernet Link Ethernet link aggregation refers to aggregation of multiple

20 System Security System security refers to prevention of attacks to the system.

21 User Security User security is a mechanism which guarantees the security

Issue 03 (2010-01-28) Huawei Proprietary and Confidential v

22 Subtended Network A subtended network configuration is a configuration in

23 Ethernet OAM Operations, administration and maintenance (OAM) means

24 VoIP The VoIP service is a solution in which the voice

25 ISDN The integrated services digital network (ISDN) is a

Indicates a hazard with a high level of risk which, if not

Indicates a hazard with a medium or low level of risk which,

Indicates a potentially hazardous situation that, if not

vi Huawei Proprietary and Confidential Issue 03 (2010-01-28)

Indicates a tip that may help you solve a problem or save

Provides additional information to emphasize or

Times New Roman Normal paragraphs are in Times New Roman.

Boldface Names of files, directories, folders, and users are in

Italic Book titles are in italics.

Boldface The keywords of a command line are in boldface.

Italic Command arguments are in italics.

[] Items (keywords or arguments) in square brackets [ ] are

{ x | y | ... } Alternative items are grouped in braces and separated by

[ x | y | ... ] Optional alternative items are grouped in square brackets

{ x | y | ... } * Alternative items are grouped in braces and separated by

Boldface Buttons, menus, parameters, tabs, window, and dialog titles

Issue 03 (2010-01-28) Huawei Proprietary and Confidential vii

> Multi-level menus are in boldface and separated by the ">"

Double-click Press the primary mouse button twice continuously and

Delete: The command authorization in 10.2 Principle.

viii Huawei Proprietary and Confidential Issue 03 (2010-01-28)

Issue 03 (2010-01-28) Huawei Proprietary and Confidential ix

About This Document...................................................................................................................iii

Issue 03 (2010-01-28) Huawei Proprietary and Confidential xi

8 P2P FE Optical Access...............................................................................................................8-1

11 DNS Client.............................................................................................................................. 11-1

12 Transparent Transmission of Protocol Packets................................................................12-1

xii Huawei Proprietary and Confidential Issue 03 (2010-01-28)

Issue 03 (2010-01-28) Huawei Proprietary and Confidential xiii