advertisement
ZXR10 5900E Product
Description
ZXR10 5900E Product Description
ZXR10 5900E Product Description
Version
V2.0
V2.1
V2.2
V2.3
Date Author Reviewer Notes
2011-12-29 XUXIAODONG YUANZHIYONG
Deleting hot swapping feature for 8 GE optical/electrical line card
2011-12-29 XUXIAODONG YUANZHIYONG
Modifying ingress and egress ACL number
2012-12-10 XUXIAODONG YUANZHIYONG
Deleting IPv6 feature
Change figures
2014- 09- 02 JIANGXINHONG YUANZHIYONG Changed review comments
© 2012 ZTE Corporation. All rights reserved.
ZTE CONFIDENTIAL: This document contains proprietary information of ZTE and is not to be disclosed or used without the prior written permission of ZTE.
Due to update and improvement of ZTE products and technologies, information in this document is subjected to change without notice.
ZTE Confidential Proprietary 1
ZXR10 5900E Product Description
TABLE OF CONTENTS
Excellent Operation and Maintenance Design .................................................... 11
Energy Saving and Environment Protection ....................................................... 12
2 ZTE Confidential Proprietary
ZXR10 5900E Product Description
NM and Operation & Maintenance Subsystem ................................................... 84
ZTE Confidential Proprietary 3
ZXR10 5900E Product Description
NetNumen U31 Unified Network Management Platform..................................... 96
Network Management Networking Mode ........................................................... 96
NetNumen U31 Network Management System .................................................. 97
Product Features in Real Network Implementations ......................................... 104
4 ZTE Confidential Proprietary
ZXR10 5900E Product Description
FIGURES
Figure 3-13 Relationship of sub-layers of OAM in ISO/IEC OSI reference model ...............56
Figure 4-5 The Front Panel of ZXR10 5928E with Clock Synchronization Interface Card ..69
Figure 4-9 Functional Block Diagram for the Operation Support Subsystem ......................81
ZTE Confidential Proprietary 5
ZXR10 5900E Product Description
TABLES
Table 4-1 The Assistant Interface Type and Interface Number of ZXR10 5900E ...............73
Table 4-2 Feature of 100/1000Base-T Ethernet interface on main control card of ZXR10
6 ZTE Confidential Proprietary
ZXR10 5900E Product Description
ZTE Confidential Proprietary 7
ZXR10 5900E Product Description
1 Overview
ZXR10 5900E Series Gigabit L3 Switches introduced by ZTE aim at satisfying aggregation market in the industry, in order to meet the requirements of service access bearer network integrate data, voice, video and mobile services on a unified platform.
With high-performance software/hardware architecture, excellent switching capacity and performance, simple operation and maintenance tool, ZXR10 5900E series products give conveniences to develop sustaining carrier-class bearer network.
ZXR10 5900E series products make the equipment work longer and maximally protect operator
’s investment, with their High-speed back plane, advanced special core chips, featuring their superior service extensibility and more value-added services.
“Green
Environment Protection
” design philosophy enables ZXR10 5900E series products to be famous for its low power consumption in industry. The tight architecture of the equipment requires little space and costs in equipment operation. The modular dual power supply design ensures high reliability, which greatly reduces the costs of operation and maintenance, and realizes maximum profits.
ZXR10 5900E series all-GE intelligent routing switch includes four models, i.e.
5916E,5928E, 5928E-FI and 5952E. ZXR10 5916E provides 12 GE Ethernet electrical interfaces, 1 extension slot, 1 FE management interface, 1 Console port, 2 warning ports.
The sub-card for the extension slot can be classified into 4 sorts:4 GE SFP optical interfaces,4 GE electrical interfaces,2 10GE optical interface,4 10GE optical interface;ZXR10 5928E provides 24 GE Ethernet electrical interfaces,1 extension slot,1
FE management interface,1 Console port,2 warning ports and 1 clock synchronization sub-card.the sub-card for the extension slot can be classified into 4 sorts:4 GE SFP optical interfaces,4 GE electrical interfaces,2 10GE optical interface,4 10GE optical interface;ZXR10 5928E-FI provides 24 GE Ethernet SFP interfaces,1 extension slot,1 FE management interface,1 Console interface,2 warning interfaces and 1 clock synchronization sub-card. The sub-card for the extension slots can be classified into 4 sorts:4 GE SFP optical interfaces,4 GE electrical interfaces,2 10GE optical interfaces ,4
10GE optical interfaces;ZXR10 5952E provides 4 linecards,1 extension slot, 1 FE management interface, 1 Console interface and 2 warning interfaces. each line-card supports 8-port GE optical/electrical interface. The sub-card for the extension slot can be
8 ZTE Confidential Proprietary
ZXR10 5900E Product Description classified into 4 sorts:4 GE SFP optical interfaces,4 GE electrical interfaces,2 10GE optical interfaces,4 10GE optical interfaces.
ZTE Confidential Proprietary 9
ZXR10 5900E Product Description
2 Features
2.1 Superior Performance and Capacity
By using the advanced hardware architecture and design philosophy, ZXR10 5900E guarantees wire-speed forwarding of all services. Hardware-based IPv4 forwarding mechanism provides the optimal performance and flexibility, so it is capable to building future-oriented basic network platform.
2.2 Enhanced Video Service Experience
ZXR10 5900E supports rich IPv4 multicast protocols, multicast QoS, and solves the management of traffic engineering issue caused by multi-port replication of multicast service. It reduces the latency, jitter and abrupt packet loss of video stream. Besides, it shortens the time for user
’s video stream to join in or leave the network. At the same time, multicast service access control technology ensures the secure access of multicast service, and makes sure users can enjoy high-quality video service.
2.3 Rich Service Platforms
ZXR10 5900E series uses mature and unified ZXROS multi-service platform, providing the most reliable, extensible and manageable protocol system for IPv4.It gives full support to L2 and L3 services and standard protocols.Also.it is compatible with the original network, so it is the best platform for network integration.
It supports enhanced Ethernet features such as SVLAN/ZESR (ESRP+/ZESS). Together with highly efficient L2PT tunnel technology, it provides customers with all sorts of flexible solutions.
The end-to-end OAM service management and performance monitoring based upon all sorts of granularity e.g. physical port and logical link make the network operation more transparent and convenient. It also provides highly qualified hierarchical QoS and service-based awareness and control mechanisms. Each port provides large-capacity
10 ZTE Confidential Proprietary
ZXR10 5900E Product Description hardware queue, so that it can support all kinds of services flexibly, and realize traffic shaping, policy marking, queue scheduling and congestion control It to meet user
’s requirements for multiservice bandwidth control, realizes real SLA in the course of service access, and provides solid guarantee to carrier
’s precise operation.
2.4 Carrier-Class High Reliability
ZXR10 5900E series focuses on the design of carrier-class reliability. It uses modular power supply system to provide redundant backup. it features powerful recovery capability when encountering disaster and flexible failure processing capability. So in a word, ZXR10 5900E series has integrated maintainability.
It supports ZESR(ESRP+). With creative single-point dual homing and multi-point dual homing redundant backup design, it provides 50ms fast switchover, and offers reliable guarantee to the implementation of large-scale triple play service.
With rich security and anti-attack mechanisms, ZXR10 5900E series device supports wire-speed forwarding, packet inspection and traffic differentiation in the condition of having thousands of ACL. It supports CPU protection, protocol message speed limitation,
DoS attack monitoring, IP Source guard DAI.
2.5 Excellent Operation and Maintenance Design
The increasing growth of network service makes fast deployment of network service to become more and more important. ZXR10 5900E series uses ZTE
’s unified network management platform via which the graphic user interface provides customers with service configuration, management, diagnosis, and monitoring. So that customers can understand the network operating status at any time. The deep inspection carried out by intelligent tools which simplifies failure location makes the network management much easier. Finally, it realizes easy service deployment, transparent data forwarding, intelligent failure processing, viewable service quality and clear network resource.
There is a handle outside the modular components of ZXR10 5900E series device, for example the power supply module and extensive slot, so it is very easy to get these
ZTE Confidential Proprietary 11
ZXR10 5900E Product Description modules in and out of the chassis. There
’s also a fixed lock at the bottom of each slot. when the slot is installed, the lock will fix the slot to avoid its loose.
All network cables and power cables, including the switches of power supply are in the front of the panel. This gives after-sales engineer great conveniences in their work. All jobs can be done as soon as they open the chassis, which truly improves engineer
’s work efficiency.
M button on the front panel breaks through the design of the traditional switch via which only link(active) and direct speed can be displayed. The mode switch button of the M button can visually display the running sate of the switch such as CPU utilization, memory utilization, CPU ARP attack number, whether the port learns MAC, whether the existence of CRC error, display of entire bandwidth and network storm. Network servers can also directly Ping to determine whether the links of network management are connected. This can give more convenience to quick maintenance and efficient management.
The external warning interface of ZXR10 5900E series has 3-line warning input and
5-line control input. It enables the external warning of the system to be controlled effectively, and reduces/avoids the loss caused by external warning.
By using VCT technology, ZXR10 5900E series Ethernet switch can implement remote maintenance of cable. It can inspect the short circuit, open circuit on the cable, and make sure the tolerance of location within 1 meter. By VCT, ZXR10 5900E series Ethernet switch can detect the failure does not cause by the configuration error at Client, it is able to locate the failure equipment, port and even the distance to the failed cable. In network management center, failure location can be done to obviate most failures to make network maintenance job easier. Furthermore, this method reduces the difficulties and costs of operation maintenance at the same time.
2.6 Energy Saving and Environment Protection
In the test on comparing the power consumption of ZXR10 5900E and the devices from other famous vendors in the industry, ZXR10 5900E shows much smaller power consumption in both idle and full load conditions. Together with classic European design,
12 ZTE Confidential Proprietary
ZXR10 5900E Product Description i.e.220mm deep, small size, light weight and large capacity, it helps the carrier to save the energy and reduce the requirements for deployment environment efficiently.
ZTE Confidential Proprietary 13
ZXR10 5900E Product Description
3 Functions
3.1 Basic Function
3.1.1 MAC Address Management
MAC(Media Access Control)is the hardware label of network equipment. The switch implements message forwarding according to MAC address. As an exclusive tag, MAC address ensures the correct forwarding of messages.
Each switch takes care of a MAC address table. In this table, MAC address and switch port are corresponding one by one. When the switch receives data, it will find out if this data should be filtered or forwarded to the corresponding switch port in terms of MAC address table. MAC address table is the foundation and premise for switch to implement fast forwarding.
ZXR10 5900E series realizes the following MAC services:
MAC Address Fixation
When the network is operated steadily for a while, the locations of the equipment linking to all ports of the switch are fixed. In other words, the ports corresponding to all equipment
’s MAC address in switch MAC address table are fixed, so the learnt
MAC address can be fixed.
MAC address fixation actually changes all dynamic MAC addresses to static mode.
After the conversion, these MAC addresses will not join in aging process. At the same time, if the data from whose source MAC address are these addresses appears on other ports, the switch will not have any chance to learn again any more.
Port Binding MAC Address
14 ZTE Confidential Proprietary
ZXR10 5900E Product Description
It is capable of adding dynamic, static and permanent MAC addresses in MAC address table. For static or permanent MAC address, the relationship between MAC address and port is fixed. This relationship will not stop until it is removed manually.
Restrict the Number of Port MAC Address
The capacity of switch MAC address is limited. When the number of the user in the network reaches the limitation of the MAC address table, we can restrict the number of the learnt MAC address that the port of the users with low priority is.
By restricting port MAC address, MAC address flooding which easily causes MAC address table overflow can be avoided.
Port MAC Address Learning Protection
When abnormity of one port MAC address learning is found, the switch will protect this port MAC address learning for a while. As soon as the port goes into protection mode, it will not carry out any new MAC address learning; when the protection is due, the port can implement MAC learning again.
The Filtering of Port Unknown MAC Address
In default mode, the filtering service of unknown MAC address of switch port is disabled. The port does not filter unknown MAC address. If unknown MAC address filtering service is configured on one port of the switch, the corresponding port will discard and learn the packets with the unknown MAC address got by this port.
MAC Address Filtering
The data filtering in terms of MAC address consists of the following three modes:
Only match the source MAC address of the data, i.e. if the source MAC address of the data is the set MAC address, then carries out the filtering.
Only match the destination MAC address of the data, i.e. if the destination
MAC address of the data is the set MAC address, then carries out the filtering.
ZTE Confidential Proprietary 15
ZXR10 5900E Product Description
Match the source or destination MAC address of the data, i.e. if the source or destination MAC address of the data is the set MAC address, then carry out the filtering.
3.1.2 VLAN
ZXR10 5900E series have basic L2/L3 switching functions. The forwarding carried out in data link layer realizes the classification of virtual working group by supporting IEEE
802.1Q protocol. ZXR10 5900E series supports multiple ways to classify VLAN, i.e. the classification based upon equipment port, or the classification based upon the host MAC address and the network layer information of user
’s message.
3.1.2.1 Port-Based VLAN
The port-based VLAN classification is simple and popular. It allocates different ports of the equipment with different VLAN, so all traffics received by these ports belong to the
VLAN corresponding to this port.For example, port 1,2 and 3 belong to the same VLAN, other ports belong to other VLANs, as a result, and the frames received by port 1 are only delivered to port 2 and port 3. If the VLAN user moves to a new place, it will not belong to its original VLAN unless it is allocated with a new VLAN.
3.1.2.2 Protocol
–Based VLAN
Protocol-based VLAN is flexible, so it is suitable for L3 or network with rich protocols.
Protocol-based VLAN is classified in terms of data packet
’s network layer encapsulation protocol, so the labels with the same data packet are in the same protocol VLAN. This
VLAN based upon network layer protocol enables broadcasting domain to cross multiple
VLAN switch. Therefore, users can move freely in the network, and its VLAN membership will still remain.
Via this method, even user changes its location, he does not have to reconfigure its
VLAN. Besides, it can classify VLAN according to protocol type. Without requiring additional frame label to mark VLAN, this method reduces network communications.
16 ZTE Confidential Proprietary
ZXR10 5900E Product Description
Protocol VLAN is set
“enable” on the physical interface, and it can be disabled as customer requires. It only classifies VLAN according to data packet label. It isolates packets with different labels.
3.1.2.3 Subnet VLAN
Subnet VLAN is implemented in L2 VLAN, realizing data frame forwarding flexible.
Subnet VLAN determines the corresponding VLAN data will be forwarding according to the source IP address of the data frame. This VLAN based upon the source IP address enables users in different network segments cross multiple VLAN forwarding. But their
VLAN membership will still remain.
Subnet VLAN isolates data with different source IP addresses. So users can only get data from the same network segment. The priority for UNTAG frame to forward subnet
VLAN is higher than protocol VLAN and PVID, TAG frame is forwarded in TAG mode, and its priority is higher than subnet VLAN.
3.1.2.4 PVLAN
To enhance network security and isolate messages between users, each user will be distributed with one VLAN traditionally. This method has the following obvious drawbacks:
Currently 4094 VLANs are supported at most in IEEE 802.1Q standard. So the limitation of the user number stops network extension.
Each VLAN is corresponding to one IP sub-net, so many subnets will cause the waste of IP address.
The planning and management of so many VLAN and IP subnets make network management more complicated.
PVLAN(Private VLAN) aims at solving these problems.
PVLAN divided VLAN port into two categories: Isolate Port connecting with user
’s port and Promiscuous Port uplinking router. The isolate port which can
’t connect with each other can only communicate with promiscuous port. Therefore, ports under the same
ZTE Confidential Proprietary 17
ZXR10 5900E Product Description
VLAN are isolated, and user can communicate with its default gateway only.It tightly ensures network security.
3.1.2.5 VLAN Translation
VLAN translation is also an expansion of the VLAN function. It allows overlapping VLAN
IDs of different Ethernet switches accessing from the edge, and via VLAN translation service, these overlapping VLAN IDs will be changed to different VLAN IDs and sent via uplink port. So that users can be isolated in L2 core switch, which simplifies the configuration of edge access switch.
3.1.2.6 Super VLAN
The traditional ISP network allocates each user an IP subnet. There are three IP addresses used as subnet network number, broadcasting address and default gateway respectively when every subnet is allocated. If there are lots of IP address remained in some users
’ subnet, they can’t be used by other users either. This method may waste a great number of IP addresses.
SuperVLAN solves this issue perfectly by aggregating multiple VLANs (normally called sub-VLAN) to one SuperVLAN. These VLANs use the same IP subnet and default network gateway.
Via SuperVLAN technology, ISP only needs to allocate one IP subnet to SuperVLAN, and create one sub-VLAN to each user. All sub-VLANs can allocate IP addresses in the subnet of SuperVLAN flexibly. They use the default gateway of SuperVLAN. Each VLAN is an independent broadcasting domain, making sure the isolation of different users.
Different VLAN use SuperVLAN to route and communicate with each other.
3.1.2.7 QinQ
QinQ, also known as VLAN stacking, is a vivid name for the tunnel protocol based on
802.1Q encapsulation. Besides original VLAN label (Inner Label), QinQ technology adds another VLAN label (Outer Label) which can cover the inner label.
18 ZTE Confidential Proprietary
ZXR10 5900E Product Description
QinQ does not need protocol support, via which simple L2VPN (L2 Virtual Private
Network) can be implemented. It is suitable for L3 switch in small LAN
Specific networking application based upon QinQ technology is as shown in the following figure. The port connecting to user network is called Customer port, and the one connecting operator network is named Uplink port. Operator network edge access equipment is called PE (Provider Edge)
Figure 3-1 Specific QinQ Networking Application
Normally user network uses Trunk VLAN to access PE. The Uplink port in service provider network interconnects with each other via Trunk VLAN mode.
When messages reaches customer port of switch A from user network 1, the switch A will insert an outer label (VLAN ID is 10) no matter the message is tagged or untagged.
Messages is sent long the port with VLAN 10 in service provider network to switch B. when switch B realizes user network 2 is connecting with customer port, it will detag the outer label according to traditional 802.1Q protocol to resume user
’s original messages.
Then the messages will be sent to user network 2.
In this way, streams between user network 1 and 2 can be transferred transparently via service provider
’s network. User network can freely plan its private network VLAN ID without causing VLAN ID conflicts in service provider network.
ZTE Confidential Proprietary 19
ZXR10 5900E Product Description
3.1.3 SVLAN
SVLAN is also called flexible QinQ. It
’s the development and enhancement of QinQ.
Original QinQ can only implement port-based outer layer label addition. It
’s not flexible in application. SVLAN can tag packets with different S-Tag label selectively based on port and C-Tag. To keep client packet COS, it can duplicate 802.1p field in inner layer label to outer layer label to keep user QoS continuity.
Compared with QinQ, SVLAN has enhanced function of network user location, which enables QinQ to better support PUPV (one VLAN per user) and PSPV (one VLAN per service). It is easy for carrier
’s operation and maintenance management. The most typical application is Triple Play service in broadband to the home.
VLAN can perfectly solve the problem of user location separation and service differentiation in broadband network. It can implement operation and maintenance management for one VLAN per user, which brings great convenience to network management and maintenance. ZTE is always an advocator of this technology and takes the leading position in the industry.
ZXR10 59E series switch supports SVLAN with the following applications and functions:
Being able to distinguish different service VLAN at one port and tag different outer layer label based on different service requirements.
Being able to implement coexistence of VLAN transparent transmission and QinQ service at port; being able to keep user label unchanged without adding new label to user label when some VLAN packets are going through switch.
Being able to duplicate 802.1p field in user label to outer layer label to guarantee that user
’s service level is kept unchanged in QinQ network so as to keep the consistency of
QoS of user service.
IEEE802.1ad specifies that S-Tag Ethernet type is 0x88A8 and C-Tag Ethernet type is
0x8100. ZTE switch supports C-Tag and S-Tag Ethernet type at any designated port.
SVALN has two major applications in the network:
20 ZTE Confidential Proprietary
ZXR10 5900E Product Description
SVLAN is applied in user location separation and service differentiation in network and
Triple Play service in family broadband. SVALN QinQ can solve traditional 4096 VLAN resource shortage problem so as to truly implement PUPV and PSPV.
3.1.4 STP
STP (Spanning Tree Protocol)is built particularly to eliminate network broadcasting storm caused by circle links, and to provide network topology redundant backup service.
Aiming at generating
“a tree”, the root of the tree is a switch named root bridge.
According to different configurations, different switches will be used as the root bridge.
But there
’s only one root bridge at any time. A tree is formed starting from the root tree, and the root bridge will send configuration message on a regular basis. Each switch who receives the message will dispatch it to other ports after updating the received message on the basis of its own configuration and network topology architecture. When one switch gets configurations from two or more than two ports, there
’s loop existing in the network. At this moment, the switch will leave one port in forwarding mode, and block other ports to get rid of loop. When one port does not get configuration message for a long time, it will be considered by the switch as overtime configuration which may have changed the network topology. So the network topology must be calculated again and generate a tree.
RSTP (Rapid Spanning Tree Protocol) is the optimization of spanning tree. ZXR10
5900E Ethernet switch supports this protocol. As for its rapidness, the latency caused by root port and designated port getting into forwarding status in network equipment or link changing period are shortened in some conditions, so network topology can get steady much faster.
Rstp feature also support sbpdu guard, root guard, loop guard, edge-port and stp ignored per VLAN features, where BPDU guard: For access-layer equipment, access port is normally connected with user terminal (e.g. PC) or file server directly. At this moment, the access port is configured as edge port to realize fast migration of this port; when these ports receive configuration messages (BPDU message), the system will automatically set these ports as non-edge-ports. Recalculation of spanning tree causes network topology concussion. Normally these ports will not receive STP configuration messages. If someone make fake configuration message to raise malicious attack, network concussion will happen.
ZTE Confidential Proprietary 21
ZXR10 5900E Product Description
RSTP provides BPDU protection to prevent these attacks; switch initiates BPDU protection service, so that if the edge port receives the configuration message, the system will terminate these ports and inform network management that these ports has been shut down by RSTP. Only network administrator can resume these shutdown ports.
ROOT guard: In the network, when root bridge receives a BPDU message with higher priority, it will not act as root bridge anymore so network topology will be changed, which directly causes the breakdown of data forwarding. To prevent the root bridge from being attacked, root protection service should be imitated over the port. So when it receives high-priority messages, it will change to listen status and stop forwarding message. In 30 seconds, it will change to normal status automatically, which avoid frequent root bridge change.
Loop guard:Loop protection can avoid the loop caused by one-way link failure. After initiating loop guard service, the port will directly changes to loop-inconsistent blocking status if bpdu message does not arrive in expected time. The port does not change to listening, learning, or forwarding status, otherwise STP will insist there
’s physical failure over port. When bpdu message is received, the port will be resumed.
3.1.5 Link Aggregation
Link aggregation is the process where the physical link segments with the same media type and same transmission rate are bundled together, and appear as one link logically.
Switch decides via which port the message will be sent to the peer-end switch according the port sharing policy user made. When switch detects one member port link breaks down, it will stop sending messages over this port and recalculate message delivering port in the rest links on the basis of load sharing policy. When the failed port is resumed, the recalculation will be carried out again to get correct port. Link aggregation is a very important technology in extending link bandwidth and realizing link transmission elasticity and redundancy.
ZXR10 5900E supports two sort of link aggregation, i.e. static Trunk and LACP
Static Trunk adds multiple physical ports to Trunk group directly to form a logical port.
This method is not good for inspecting the status of link aggregation port.
22 ZTE Confidential Proprietary
ZXR10 5900E Product Description
LACP (Link Aggregation Control Protocol) follows IEEE 802.3ad standard. LACP aggregates multiple physical ports dynamically to Trunk group via protocol to form a logical port. LACP generates aggregation to get maximum bandwidth.
When configure link aggregation service on ZXR10 5900E, the following principles should be followed:
Totally 32 Trunk groups should be configured. Each Trunk group consist of 8 member port at most.
Support cross-interface board aggregation. Member port can be distributed on any interface board. But the selected port must be working in full-duplex modem and the working speed must be the same.
The member port mode can be access, trunk or hybrid. But they must keep the same.
The logical port formed by link aggregation on ZXR10 5900E is called smartgroup which can be used as common port.
3.1.6 Basic Ethernet Features
ZXR10 5900E series supports the following basic Ethernet features:
Port mirroring
Port mirroring service can replicate the data of one or more than more ports
(reflector port)on the switch to a designated destination port (monitoring port). The monitoring port can get the data on these reflector ports via mirroring image, so that, it can carry out network traffic analysis and failure diagnosis. Also, it supports remote SPAN(RSPAN、ERSPAN).
Broadcasting storm suppression
It can restrict the number of broadcasting message allowed to pass Ethernet port per second. When the broadcasting traffic exceeds the value user set, the system discards the broadcasting traffic to control it to a reasonable scale. In this way, it effectively suppresses broadcasting storm, avoids network congestion and ensures normal service
ZTE Confidential Proprietary 23
ZXR10 5900E Product Description operation. The broadcasting storm suppression is set based upon speed, i.e. the smaller the speed is, the less broadcasting traffic is allowed to pass.
Support the configuration of port speed, duplex mode, and self adaptation.
Support circuit diagnosis analysis test
ZXR10 5900E series supports Cable diagnosis analysis test, via which the abnormities of the links between cables can be inspected. Besides, it can accurately find the location of Cable failure, which gives conveniences to network management and failure location.
1000M Ethernet electrical interface uses network cable to connect other devices.
There are four pairs of twisted-pair cable, so when the device is working with 100M interface, 1-2 and 3-6 cable are used. And when 1000M mode is used, 1-2, 3-6, 4-5 and 7-8 cables should be all used. The cable can inspect the status of each pair of twisted-pair cable, including:
Open: Open circuit
Short: Short circuit
Good: good circuit
Broken: open or short circuit
Unknown: unknown result or no result
Crosstalk: coupling circuit
Fail: failed inspection
3.1.7 IGMP Snooping
The IGMP Snooping maintains the relationship between the multicast address and the table of the LAN by listening to the IGMP packets communicated between the user and the router. It maps the members of a multicast group into a VLAN. After receiving the multicast packets, it forwards them only to the VLAN members in that multicast group.
IGMP Snooping and IGMP are the same in that they are both used for managing and
24 ZTE Confidential Proprietary
ZXR10 5900E Product Description controlling the multicast groups through IGMP messages. However, they differ in that
IGMP runs on the network layer, while IGMP Snooping runs on the link layer. When the switch receives IGMP packets, IGMP Snooping will parse the information contained in them and establish and maintain a MAC multicast address table on L2.
When IGMP Snooping is enabled on the ZXR10 5900E, multicast packets are multicast on L2. When no IGMP Snooping is enabled, multicast packets will be broadcast on L2.
3.1.8 Ipv4 Multicast Route
IP multicast route technology realizes single point-to multipoint fast data transmission in
IP network. IP multicast service can efficiently save network bandwidth, reduce network load, so it is widely used in resource discovery, multimedia conference, data copy, real-time data transmission, E-Game and emulation services. Multicast protocol consists of inner and intra domain protocols, where intra-domain protocol contains MBGP and
MSDP, etc. and inner-domain protocol includes PIM-SM, PIM-DM and DVMRP, etc. the inner-domain protocol is mainly classified into two categories, one is sparse-mode multicast routing protocol including PIM-SM, and the other is dense-mode multicast routing protocol with PIM-DM and DVMRP included. Currently, the most practical multicast protocol is PIM-SM.
PIM-SM uses multicast sink display join-in mechanism to build sharing spanning tree in order to distribute multicast data messages. In a certain circumstance, sink can also be switched over to the shortest path tree. Besides, PIM-SM is independent from UNICAST routing protocol, instead of relying on a special UNICAST routing protocol it uses
UNICAST routing table to inspect RPF. PIM-SM is more suitable for the network with multicast members at the end of WAN (Wide Area Network) link; in addition, PIM-SM allows SPT, so it shortens the latency caused by using sharing tree. In a word, PIM-SM is usually the optimal multicast routing protocol used in the multicast network.
ZXR10 5900E series can completely support PIM-SM, and provide integrated multicast solutions.
ZTE Confidential Proprietary 25
ZXR10 5900E Product Description
3.1.9 IPv4 Route
In the network where ZXR10 5900E is used, user not only requires L2 switching, but also demands L3 route forwarding service.
ZXR10 5900E series supports the following IPv4 UNICAST routing features:
Support static route protocol. It is configured by administrator manually to simplify network configuration and enhance network performance. The static route is suitable for medium-sized network or simple network configuration.
Support IPv4-based dynamic routing protocols including RIP, OSPF, IS-IS and BGP.
It adapts to the change of network topology, upgrades route dynamically, so it is suitable for large-scale network with complicated networking topology.
Support policy route. It enables data packet to be forwarding as per user
’s designated policies. The policy route in some way realizes traffic engineering, which enables traffics with different service quality or different features(e.g. voice service and FTP)follow different paths.
3.1.10 Voice VLAN
Voice VLAN provides voice data packet with higher forwarding priority. When voice device access is detected, no matter what the default priority of the voice data flow it sends is, E series medium-end switches will transfer the legal voice data to the specified voice VLAN, distribute it a higher priority to guarantee they are forwarded with priority.
3.1.11 GVRP
Based on GARP (Generic Attribute Registration Protocol), GVRP (GARP VLAN
Registration Protocol) is a VLAN dynamic configuration technology. It is used in complicated networking environment. Distribution, registration and transmission of VLNA attribute in a dynamic way by GVRP can simplify VLAN configuration management, and reduces network interconnection problems caused by inconsistent configuration. GVRP implements VLAN attribute registration and cancellation by announcement and reclaim of the announcement. When the port receives a VLAN attribute announcement, it will register the VLAN information contained in the announcement and the port joins the
26 ZTE Confidential Proprietary
ZXR10 5900E Product Description
VLAN. When the port receives a VLAN attribute reclaim announcement, it cancels the
VLAN information contained in the announcement and the port quit the VLAN. The port will not join the dynamic VLAN without receiving VLAN registration information. In this way it realizes VLAN cutting and suppress the unnecessary traffic.
3.1.12 PPPoE+
PPPoE+ is also called PPPoE Intermediate Agent. Its implementation principles are similar to that of DHCP option82. It expands PPPoE packets. Working as the intermediate agent, the switch intercepts the protocol packets at PPPoE Discovery Stage.
It inserts TAG containing port information into payload of the packet for the server to identify the user port. Some BRAS will also inset TAG in response to the downlinking packet. Therefore, as the intermediate agent, the switch will delete the TAG in the downlinking packet. PPPoE+ processing procedure is shown in the following figure:
Figure 3-2 Processing procedure of PPPoE+
PPPoE
Host
PPPoE
Agent
Access
Concentrator
PADI
PADI + uPortID
PADO
PADR
PADR + uPortID
PADS
PPP Session Stage
PADT PADT
ZTE Confidential Proprietary 27
ZXR10 5900E Product Description
3.2 Value-Added Service
3.2.1 Cluster Management
Cluster refers to an aggregation formed by a group of switch in a particular broadcasting domain. This group of switch composes a unified management domain, providing a public IP address and management interface outside. Also it offers management and access capability to each member in the cluster.
The management switch responsible for configuring public IP address is called command switch, and other managed switches are named member switch. Normally, the member switch does not have public IP addresses, instead it uses DHCP-similar service of the command switch to distribute private address. The command switch and member switch compose cluster together (Private Network)
The isolation of broadcasting domain between public network and private network is proposed to be done on the command switch. Isolating the direct access to the private address, the command switch provides a management maintenance tunnel outside to implement integrated cluster management.
The broadcasting domain of one cluster is normally composed by four roles of switch: command switch, member switch, candidate switch and independent switch.
There
’s only one command switch in one cluster. The command switch can collect equipment topology automatically, and set up cluster. After building the cluster, the command switch provides a management tunnel for the cluster to manage the member switch. Before joining in the cluster, the member switch is the candidate switch. And the switch that does not support cluster management is called the independent switch.
Cluster management networking is as shown in the following Figure:
28 ZTE Confidential Proprietary
ZXR10 5900E Product Description
Figure 3-3 The Networking Topology of Cluster Management
TFTP Server
110.1.1.2
Public networks
100.1.1.10
NM
110.1.1.1
Inside cluster ip pool switch
192.168.1.0/24
Member switch networks
Member switch
Member switch
Member switch
Member switch
Outside cluster
Candidate switch
The rules for the conversion of four-role switches in the cluster are as shown in the following Figure:
ZTE Confidential Proprietary 29
ZXR10 5900E Product Description
Figure 3-4 The Rules for Switch Role Conversion
Member switch
Destined for independent switch
Delete from cluster
Join cluter
3.2.2
Candidate switch
ESRP Ring Protection
Destined for candidate switch
Destined for independent switch
Destined for command switch
Destined for candidaate
Destined for independent
Independent switch
Destined for command switch path.
ESRP is suitable for multiple rings and multiple domains. Multiple rings are referred to in terms of network topology layers. Each layer is a ring. There are two access points on lower layer access ring to connect with higher layer access ring. The network topology is considered as an individual ring. A ring tangent with it is not a part of it but a part of another. The ring on the higher layer is called the main ring. Others are access rings.
Multiple domains indicate there are multiple protecting instances on one ring which are suitable for different service VLAN. They have different logic paths and are independent from each other.
30 ZTE Confidential Proprietary
ZXR10 5900E Product Description
3.2.3 ZESS
ZESS (ZTE Ethernet Smart Switch) describes a cost-effective link switchover mechanism.
It enables the services to be switched over to backup link rapidly when the active link breaks down, so that normal service transmission can be guaranteed.
As the following figure shows, node 1 supports ZESS service. Port 1 is the master port and port 2 is the standby port. When node 1 inspects that both the master and standby ports are in UP mode, it will disable the service VLAN protection forwarding service of the standby port; when node 1 finds the master port is Down, it will block VLAN forwarding service of the master port, and enable VLAN forwarding service of the standby port; when node 1 inspects that the master port resumes to UP mode, the inverted and uninverted modes can be chosen. In inverted mode, the master port is opened and the standby port is blocked again. In uninverted mode, the master port keeps blocked mode, and the standby port is open. In addition, when ZESS takes action, FDB of the blocked port should be updated.
Figure 3-5 The networking topology of ZESS
Upper network
Node 2
Node 3
Master port
Slave port
Node 1
3.2.4 Security Feature
ZXR10 5900E provides users with rich security features, providing multi-dimensional protection in control layer, data layer, and management layer of the device. On data layer,
ZTE Confidential Proprietary 31
ZXR10 5900E Product Description the device provides address change scanning attack prevention, broadcast multicast packet rate restriction, port security protection, MAC address table and ARP binding,
DHCP Snooping, IDS association etc. The control layer provides multiple layers of CPU packet receiving, interface address conflict detection, network topology change attack prevention, BPDU protection and root bridge protection, and routing protocol encryption anti-attack protection. Management layer provides hierarchical user management, user password encryption, and SSH.
3.2.5 TR101 Feature
TR101 issued by Broadband Forum (the original DSL Forum) in April 2006 is a technical demand report satisfying broadband access network. In terms of TR-025 and TR-059 architectures, TR101 proposes a way to enable ATM aggregation network to access
Ethernet aggregation network, also it raises an Ethernet-based topology model that meets the requirements of TR-058 operation. And it gives the specific requirements of
BRAS devices in access aggregation network, the migration, interconnection, QoS, multicast, security and OAM of all AN nodes.
All mainstream carriers in Europe ask their access and aggregation switches to satisfy
TR101. ZTE follows this demand and tries its best to make the product more satisfied to
TR101. In doing so, ZTE focuses on:
Supporting MFF and making sure the isolation of users
For PVLAN, MFF not only realizes L2 isolation, but also makes sure more secure message processing and forwarding as it saves user
’s basic information. At the same time, the gateway router controls the communications of all users in the same network segment of L2, which further enhances network security. Centralized management can be realized.
In addition to give support to DHCP 的 option82, it can also inspect the messages that DHCP server returns to customers. And the messages are forwarding as per port accurately, which prevents other people from getting customer’s individual information;
Supporting IGMP topology discovery. IGMP module when encounters topology change can actively send inspection information to accelerate multicast congestion
32 ZTE Confidential Proprietary
ZXR10 5900E Product Description
Adding IGMP statistical information.
3.2.6 MPLS
Currently ZXR10 5900E series provide complete MPLS protocol with the main functions as follows
Support LDP and RSVP.
Support TTL value decrease progressively, loop detection, strategy management, and last-but-one hop pop-up.
Support downstream label self-distribution. Support free label keeping mode.
Support LSP fast reroute.
Support MP-BGP and MP-BGP graceful-restart
Support MPLS TE and MPLS TE FRR
Support Static LSP
3.2.6.1 MPLS L2VPN
ZXR10 5900E supports MPLS L2 VPN service with the following two connections:
Point-to-point connection
Point-to-point connection can easily provide main VPN private line services. It can use multiple technologies to connect users in the existing network, keeping the connection features between users and network providers. Services are transmitted on the IP backbone network of the network provider after they are encapsulated.
Point-to-multipoint connection
According to large customer
’s VPN needs, there are a great many of user sites with many access points. The network operator needs to provide point-to-multipoint VPN services. ZXR10 5900E supports VPLS (Virtual Private LAN Service) so that it can
ZTE Confidential Proprietary 33
ZXR10 5900E Product Description establish multi-site linking VPN in a single bringing domain in the IP/MPLS network that managed by the operator. In this way it provides a easy MPLS L2 VPN solution.
ZXR10 5900E supports MPLS L2 VPN service with the following functions:
Supports VPLS and VPWS
Supports VPLS over MPLS TE
Supports H-VPLS based on LDP
Supports mapping between MPLS label EXP and COS
Supports VPLS ring topology
Supports static configuration of PW
VPLS PE access mode support PORT,VLAN,VLAN+PORT
Supports static LSP configuration
Supports to work as UPE and NPE in VPLS
VPLS PW Support parameters negotiation including MTU,PW type and VCID
Supports LDP FRR
3.2.6.2 MPLS L3 VPN
ZXR10 5900E series support complete MPLS L3 VPN features:
Supports work as P and PE
Support MP-BGP and MP-BGP graceful-restart
MPLS forwarding for public network and private network
Support capability negotiation and route refresh capability
Support to work as MPLS L3VPN UPE
34 ZTE Confidential Proprietary
ZXR10 5900E Product Description
Support static route, RIP, OSPF and BGP access between PE and CE
3.2.6.3 MPLS TE FRR
MPLS TE fast reroute is a mechanism in MPLS TE for link protection and node protection.
When LSP link or node fails, it takes protection at the node. In this way it permits the traffic to continue going through the tunnel of the protected link or node so that the data transmission will not be interrupted. At the same time the head node can continue initiating re-establishment of main path with data transmission uninfluenced.
The basic principle of MPLS TE fast reroute is to use one established LSP to protect one or multiple LSP. The established LSP is called fast reroute LSP. The protected LSP is called main LSP. The ultimate purpose of MPLS TE fast reroute is to use fast reroute tunnel to bypass the tunnel or node with failure, so as to protect the main path.
The establishment of fast reroute LSP and main LSP involves every component of MPLS
TE system.
MPLS TE fast reroute is based on the implementation of RSVP TE. It follows RFC4090.
There are two ways to implement fast reroute:
One-to-one Backup: one to one backup protection: one main LSP establishes one backup protection LSP, which is called Detour LSP.
Facility Backup: one to multiple backup protection. Multiple main LSP establish one backup protection LSP, which is called Bypass Tunnel.
Facility is usually adopted to deploy MPLS TE FRR. The establishment of main LSP is the same with that of common LSP. RSVP sends PATH message from the head node to the downstream hop-by-hop, and sends RESV message from the tail node to the upstream hop-by-hop. It distributes labels when it deals with RESV message to reserve the resource and establish LSP. Bypass Tunnel can be established in two ways: manual and automatic. When main LSP is not equipped with FRR attribute, Bypass Tunnel can be manually configured to protect the physical interface of the tunnel. Its configuration is the same with that of the common LSP except the fact that it cannot be configured with fast reroute. That is to say, Bypass Tunnel cannot work as main LSP at the same time.
ZTE Confidential Proprietary 35
ZXR10 5900E Product Description
LSP cannot be protected by embedding. Automatic Bypass Tunnel is the simplified manual configuration. When main LSP needs FRR protection, it automatically establish a
Bypass Tunnel to protect the main LSP.A single automatic Bypass tunnel can protect multiple main LSP. Bypass Tunnel is usually idle, bearing no data services. If Bypass tunnel needs to assume data forwarding task when it is protecting main LSP, enough bandwidth should be configured. When link and node fails, if the interface is configured with FRR fast reroute protection, the data can be automatically switched to protection link.
When the failure is recovered, the normal forwarding path will be re-established.
Usually it
’s necessary to deploy MPLS TE FRR in MPLS TE network. It is decided by the features of MPLS TE. In pure IP network, when local failure occurs, LDP will initiate LSP establishment to the upstream node if there
’s other available route. Failure protection can be quickly implemented locally by this mechanism before the route change caused by the failure spread to the whole network. In the MPLS network where TE is not deployed, LDP is widely used to establish LDP by DU. When local failure occurs, LDP will initiate LSP establishment to upstream node if there
’s other available route. Since bandwidth, priority and link attribute related to TE are not considered, the possibility to successfully establish LSP is comparatively large. Thus the process from failure to recovery is short. However, in MPLS TE network, head node CSPF uses route information reckons out all route in the domain. RSVP establishes LDP based on the route. When there
’s local failure in the network, the whole LSP should be re-established.
And CSPF cannot reckon out valid path before the route change caused by the failure spread to the head node. Besides, local failure may lead to re-establishment of multiple
LSP in the network. In this way, compared with pure IP network and the MPLS network with no TE deployed, MPLS TE network may need longer time to recover from the local failure. So we establish a backup LSP in MPLS TE network, initiate FRR, and take quick switching when local failure occurs.
ZXR10 5900E supports MPLSTE service with the following features:
Using CSPF algorithm to calculate TE tunnel
TE FRR tunnel
CR-LSP tunnel
TE FRR and CR-LSP tunnel switchover less than 50ms
36 ZTE Confidential Proprietary
ZXR10 5900E Product Description
3.2.6.4 LDP FRR
LDP FRR is MPLS-related reliability technology. With the help of LDP label distribution protocol, it distributes main/backup label to route. Saving backup label, it make quick response to route change and switch to the backup label to implement 50ms switching protection against network failure. If LSP is configured with FRR, when a link or node on the protected LSP fails, the traffic will be switched to the backup link. LDP FRR is only a temporary protection measure. When the protected link recovers, the traffic will be switched back to the original LSP.
3.2.7 Support External Alarm Input and Output
ZXR10 5900E as shown in figure 5 totally supports 3-line alarm input and 5-line control output
Figure 3-6 Alarm Interface
Blue indicates alarm input and red means control output. As figure 6 shows, if the power supply device connecting to alarm interface of the switch has some problems, the switch will get signal sent by the alarm input mechanism to show level switch, and then the switch will take some actions. For example, it can send warnings to upper monitoring server via network management interface,also it can control and reset the power supply device via control input mechanism.
ZTE Confidential Proprietary 37
ZXR10 5900E Product Description
3.2.8 VCT Technology
VCT (Virtual Cable Test) is a cable fault testing function based on hardware. It uses TDR
(Time Domain Reflector) to implement cable diagnosis. It can provide cable error state such as open circuit, short circuit, un-matching impedance, normal cable etc. It can provide cable fault point distance.
3.2.9 SFP DOM
DOM (Digital Optical Monitoring) is a part of optical module. The optical module supporting DOM service can get temperature, voltage, current and the power consumption in processing traffic. In addition, each optical module is set with some threshold in operation (including alarm threshold and warning threshold). After initiating
DOM service, the operating status can be polled via 12C bus of the optical module, and compare the status with the preset threshold. When the value exceeds the threshold, syslog and SNMP trap modes can be used to send warnings.
3.2.10 SFlow
With the increasing development of network services in commercial environment, the existing network becomes bigger and bigger. As there are more and more devices and traffics in the network, the cost in carrying out network maintenance is higher and higher.
So how to manage network equipment efficiently and how to implement real-time traffic monitoring and analysis have become more and more important to carriers. Currently, vendors provide multiple network traffic monitoring technologies respectively. But most of these traffic monitoring technologies are private or build based upon hardware. sFlow currently is the standard traffic monitoring technology listed by IETF, it requires simpler hardware, less resource and more universal technology, as a result, it has been implemented by many vendors. sFlow services are mainly composed by three parts: sFlow message sampling unit, sFlow proxy unit, and sFlow analyzer. Usually, the sampling and proxy units of sFlow are integrated in network device, and sFlow analyzer is built at the exterior of the system, analyzing multiple sFlow proxy messages in the network. The entire system is basically as shown in the following Figure:
38 ZTE Confidential Proprietary
Figure 3-7 Basic Architecture of sFlow
ZXR10 5900E Product Description sFlow sampling unit is the basic part of sFlow mechanism. It samples messages over the network interface that supports sFlow, and then it will send the messages to sFlow proxy unit for processing. sFlow Collector implements sFlow management, monitoring, collection and analysis. It is responsible for saving and analyzing messages from all sFlow Agent. Then it will give analysis report on traffic and service.
3.2.11 ACL
To filter data, a series of matching rules need to be configured for network device to identify the objects needs filtering. When particular object is identified, corresponding data packets are permitted or prohibited based on the pre-set policy. ACL (Access
Control List) can implement all these functions.
Usually ACL is adopted to implement data packets filtering, policy routing and special traffic control. One ACL contains one or multiple rules for special types of data packets.
The rules inform switch whether to permit or reject data packets that match the selecting
ZTE Confidential Proprietary 39
ZXR10 5900E Product Description standards specified in the rules. As data flow passing an interface is bidirectional, the access control list should be adopted on the interface, simultaneously, which is egress direction (i.e. data flow moves away from router) and ingress direction (i.e. data flow enters router)
As the data matching rule defined by ACL can also be used by applications where traffic should be classified, for example to define traffic classification rule in QoS
ZXR10 5900E provides the following four types of ACL:
Basic ACL: only match source IP address.
Extension ACL: match source IP address, destination IP address, IP protocol type,
TCP source port number, TCP destination port number, UDP source port number,
UDP destination port number, ICMP type, ICMP Code, DSCP(DiffServ Code Point) ,
ToS and Precedence.
L2 ACL: match source MAC address, destination MAC address, source VLAN ID,
Interface, L2 Ethernet protocol type, 802.1p precedence.
Hybrid ACL: match source MAC address, destination MAC address, source VLAN
ID, source IP address, destination IP address, TCP source port number, TCP destination port number, UDP source port number, UDP destination port number, including all matching fields of the three types mentioned above.
Each ACL has a visit number for identification. The range of this number of different types of ACL is different:
Basic ACL:1~99
Extension ACL:100~199
L2 ACL:200~299
Hybrid ACL:300~349
Each ACL rule has 100 pieces at most, and the rule number ranges from 1 to 100.
40 ZTE Confidential Proprietary
ZXR10 5900E Product Description
3.2.12 QoS
Due to the increasing growth of multiple services (data, voice, video) and their different requirements for service real-time capability (latency, jitter and packet loss rate) and sensitivity of service reliability, nowadays networks are demanded to be able to differentiate services, ensure user
’s service quality according to SLA, realize QoS guarantee in all implementation models, provide end-to-end service quality, make the network appreciable and service manageable, realize service precise operation and finally improve user
’s service experience.
3.2.12.1 Basic QoS Feature
ZXR10 5900E support rich QoS features where Diffserv model known for its simple configuration, superior flexibility and high extensibility wins the most extensive use.
ZXR10 5900E have the following Diffserv QoS features:
Traffic Classification and Marking. Service messages are divided into multiple priorities or categories on the basis of service classification policy (including VLAN,
802.1P, DSCP, MAC address, IP address, TCP/UDP port number, and DSCP info.), then these categories will be marked by ToS or DSCP fields of Ethernet message
CoS or IP head, or EXP field of MPLS. In this way, category-based traffic scheduling, congestion management and traffic shaping can be implemented.
Different QoS mechanisms can be used on different types of service.
Traffic Policing. It is particularly used to restrict one stream or abrupt traffic which is going to access one network. After setting a reasonable limit to the traffic, it will then police or punish the exceeding part of the message, for example, discard the message, color the message or reset the priority of the message. In this way, it protects network resource and operators greatly at the same time.
Following srTCM (Single Rate Three Color Marker) and trTCM (Two Rate Three Color
Marker) algorithms introduced by IETF, ZXR10 5900E use two token buckets to evaluate the arrived messages. Compare messages according to CIR/PIR mode of token bucket in Color-Blind mode and Color-Aware mode, and color the part exceeding PIR red, the one exceeding CIR but under PIR yellow, and the one under CIR green. Hence, queue scheduling and congestion management can be done in terms of message colors.
ZTE Confidential Proprietary 41
ZXR10 5900E Product Description
Furthermore, the selection of MPLS tunnel path and hierarchical QoS scheduling can also be implemented according to message colors. In this way, service precise operation and management are realized. ZXR10 5900E support CIR/PIR service based upon port and flow, and they can be used in both incoming and outgoing directions.
Figure 3-8 Traffic Policing with CIR/PIR
42
Traffic Shaping. It is designed particularly to restrict one stream or abrupt traffic and make these messages sent out in evenly. Traffic shaping is normally done by cache and token bucket. When the message is sent in high speed, it will be saved in cache and then sent out evenly in the control of token bucket. Different from traffic policing, traffic shaping caches messages that do not match traffic feature, which prevents messages from being discarded and satisfies message traffic feature at the same time.
Queue Scheduling. For network unit, when the incoming speed of the packet is faster than their outgoing speed, congestion will happen at egress. When it occurs, firstly some messages will be discarded if there
’s not enough cache space. Also a resource scheduling mechanism should be made to enable messages to cache in the queue according to some policies. And then these messages will be taken out from the queue and forwarded as per some scheduling policies. Congestion management of the queue is very meaningful to bandwidth distribution, latency and jitter. ZXR10 5900E support PQ (Priority Queuing), Weighted Round Robin (WRR) and PQ+WRR queue scheduling methods.
Congestion Avoidance. Network equipment cache is limited, so queue scheduling which is one congestion management mechanism carried out in terms of different
ZTE Confidential Proprietary
ZXR10 5900E Product Description policies is also based upon the capability of the cache. It makes sure services of different queues and different priorities can be scheduled according to certain policies. When too many services are congested, and the queue length has reached its threshold, all new arrivals will be discarded. This discarding mechanism may cause TCP entire synchronization where messages of multiple TCP connection queues will decrease at the same time, so that TCP connections start congestion avoidance and slow start status to adjust traffic. What is worse, traffic peak will pear at the same time making the network traffic fluctuate between insufficient and saturation, which badly influence user’s service experience.
To improve network quality, ZXR10 5900E adopts WRED to avoid congestion. ZXR10
5900E WRED can be aware of services, set policies for discarding messages of different priorities, so that different messages can have different discarding policies.
3.2.12.2 Ethernet QoS
Because of the dramatic development of Metro Ethernet Service, there are more and more Ethernet services in the network. ZXR10 5900E can process service scheduling and congestion management as per the priority of VLAN frame. It can map IP message priority or EXP priority of MPLS message to VLAN priority of Ethernet message to realize integrated service scheduling. In QinQ mode, inner user VLAN priority can be mapped to outer operator
’s VLAN priority automatically, or outer VLAN priority can be modified according to user
’s service. This realizes integrated and manageable services from user service to operator service tunnel.
Traditional Ethernet service is actually VLAN priority guarantee service based upon
Ethernet message. Normally there are 8 corresponding service types, and these services can not be colored, so that, Ethernet service can not color services according to CIR/PIR service marks to provide more differentiated service quality. In order to enhance Ethernet service quality control and realize 5P3D model based upon VLAN service, ZXR10 5900E classifies services according to 802.1P DE(Drop Eligible) which makes user services into
5 levels and 3 discarding priorities to color services.
ZTE Confidential Proprietary 43
ZXR10 5900E Product Description
Figure 3-9 5P3D Model based upon Ethernet Service
3.2.12.3 MPLS QoS
MPLS QoS is an important part of QoS service deployment. Since DiffServe has good deployment flexibility and scalability, QoS is usually implemented by DiffServe in practical MPLS networking solution. ZXR10 5900E supports MPLS QoS based on
DiffServe model. Traditional IP QoS decides the service level based on IP priority or
DSCP to implement differentiated service. MPLS QoS differentiates data flow of different services based on EXP value, and implements mapping between MPLS EXP and IP as well as Ethernet, so as to realize differentiated services and guarantee quality of voice and video services. At MPLS Ingress PE, the IP priority of the packets or VLAN priority takes mapping of duplication in CoS doman of the label. The classified traffic is monitored, shaped and scheduled. Service level is differentiated based on CoS field of
MPLS label to guarantee the network service quality.
Figure 3-10 end to end MPLS QoS
3.2.13 Port and VLAN Mirroring
Port and VLAN mirroring is actually to replicate services with matched ACL rule to CPU or designated port for message analysis and monitoring. Normally it is used for network failure diagnosis.
44 ZTE Confidential Proprietary
ZXR10 5900E Product Description
3.2.14 Traffic Statistics
Traffic statistics service is used to calculate service packets, so that real network status can be known for further reasonable network resource distribution. Traffic statistics mainly refers to the number of the packet ingress port receives.
3.2.15 NTP
NTP (Network Time Protocol) is a time synchronous protocol used between different network members. Its transport is based upon UDP. The devices implementing NTP adjust system clocks automatically by exchanging NTP messages. In this way, they keep their clock the same. ZXR10 5900E can be deployed as NTP Client in real network application.
3.2.16 RADIUS
RADIUS(Remote Authentication Dial In User Service) is a standard AAA(Authorization,
Authentication, Accounting) protocol. For router, AAA can authenticate users accessing routing switch to prevent illegal users from accessing. At the same time, services like
DOT1X also needs to use RADIUS for authentication and accounting.
Currently, ZXR10 5900E supports RADIUS authentication service. It can provide accessed routing switch with Telnet user authentication.
ZXR10 5900E supports multiple RADIUS server groups. Each RADIUS is allowed to configure 3 authentication servers. Each group can set the time for setting server and the time for resetting. The administrator is capable of configuring different RADIUS group to choose specific RADIUS server.
3.2.17 TACACS+
TACACS+(terminal Access Controller Access-Control System Plus) supports independent authentication, authorization, and accounting. It allows different TACACS+ security servers to work as the authentication, authorization and accounting servers, respectively.
ZTE Confidential Proprietary 45
ZXR10 5900E Product Description
ZXR10 5900E supports the TACACS+ authentication function to provide authentication for the TELNET users accessing the device.
ZXR10 5900E supports multiple TACACS+ server groups. In each TACACS+ group, there are at most four authentication servers.
3.2.18 SNMP
The SNMP subsystem implements the SNMP AGENT function, and supports all the protocol operations of the SNMP agent specified in SNMP V1 /V2c/V3.
The protocol operations of SNMPv1 are:
get-request
get-next-request
get-response
set-request
trap
The protocol operations of SNMPv2 are:
get-request
get-next-request
get-bulk-request response
set-request
inform-request
snmpV2-trap
The Management Information Library (MIB) is described by using SMIv1 and SMIv2. The
MIB consists of the following parts:
Management objects supported by the core router
46 ZTE Confidential Proprietary
ZTE Confidential Proprietary
ZXR10 5900E Product Description
Management objects of the routing protocol
Management objects of the network management protocol
Management objects of the TCP/IP support protocol
Management objects of the high-speed network interface
Management objects of important data and configuration parameters
Management objects compatible with SMIv1
System configuration parameters
3.2.19 RMON
We can use RMON (Remote Monitoring) to keep an eye on remote services. By using
RMON, data collection and processing are done by a remote inspector, i.e. routing switch system. The routing switch at the same time contains a RMON proxy software handling communication by SNMP and network management. Usually, information only goes from routing switch to network management system when special requirements are raised.
3.2.20 DOT1X Authentication
802.1X is Client/Server-based access control and authentication protocol. It connects to user equipment at system port via authentication to make sure if this user is authorized to access system service via this port. This method prevents unauthorized data processing between user and service provided by the system. In the beginning, 802.1X access control only allows EAPOL (RFC2869/RFC3579) frame to pass the access connecting with user equipment. Other data can access this port after authentication.
802.1X connects the authentication system to LAN and generates two logical ports: controlled port and uncontrolled port. The uncontrolled port which is free from the authorization status of the port can exchange PDU with other system. However, the controlled port can only switch PDU with other systems when it is authorization. PAE is the entity of algorithms and protocols related to operation and authentication. The requesting PAE respond to the requests from authentication PAE, so that it can provide authentication information. The authentication PAE is responsible for the communication
47
ZXR10 5900E Product Description with requesting PAE, and it also delivers the information coming from requesting PAE to authentication server. Then after verifying this information, the authentication server confirms if the requester will be authorized to access authenticator
’s service. The authenticating PAE relies on the authentication result to control the authorization of controlled port and the status of the uncontrolled port. The authenticating PAE enables the uncontrolled port and EAPOL exchange protocol with requesting PAE, and EAPOR communicates with RADIUS authentication server.
ZXR10 5900E series products mainly support the following 802.1X services:
Support all services of authenticator
Support local authentication
Support authenticating PAE to exchange protocol via uncontrolled port and EAPOL
Support parameters such as AuthControlledPortControl ForceUnauthorized,
Auto,ForceAuthorized to operate the controlled port
Support both AdminControlledDirections and OperControlledDirextions to operate the controlled port
Support requestor
’s regular re-authentication by re-authentication timer
Without authentication, it supports the transparent transmission of 802.1x authentication packet
3.2.21 IPTV
IPTV is also name interactive network TV which is introduced by operator on the basis of broadband. By using IP broadband network, it integrates Internet, multimedia and communication technologies, providing users with many interactive services, e.g. live TV program, on-demand video service and network surfer service.So user can take advantage of these services by PC or
“IP set-top box + TV”.
As one of the key technologies of ZTE IPTV system architecture, controllable multicast mainly implements at broadband access network side. The device implementing multicast controlling policy (BRAS, DSLAM or switch) is called multicast controlling point,
48 ZTE Confidential Proprietary
ZXR10 5900E Product Description which works as the terminating point of user multicast IGMP request and determines whether to duplicate multicast stream to user port based on corresponding IGMP request and control policy. The multicast controlling point near user saves more network bandwidth. As the key device implementing multicast controlling policy, multicast controlling point supports the following features: IGMP V1/V2, IGMP Snooping, IGMP
Filter, IGMP Proxy, IGMP Fast leave, MVR (Multicast VLAN Register), SGR (Static
Group Register), UGAC (User Group Access Control), UGAR (User Group Access
Record) etc. Multicast on demand authority of user can be controlled by rule and channel binding.
3.2.22 VBAS
VBAS is the short form for Virtual Broadband Access Server. It is a kind of query protocol expanded between IP-DSLAM and BRAS device. Point-to-point communication is used between BRAS and IP-DSLAM, i.e. port information query and respinding message can be encapsulated in L2 Ethernet data frame.
The implementation principle is that L2 point-to-point communication between BRAS and
IP-DSLAM. That is to say, port information query and responding packets are directly encapsulated in L2 Ethernet data frame. Configure DSLAM corresponding to VLAN on
BAS. Initiate VBAS during PPPoE calling process. That is to say, mapping user band
VLAN to corresponding DSLAM. BAS actively initiate user line identity query to DSLAM, which provides BAS with responding user line identity. The local 59E series switch is
DSLAM device
VBAS protocol is implemented by sending VBAS message between BAS and DSLAM.
3.2.23 ARP
When one network device is sending data to another one, in addition to IP address of the destination equipment, it should also be clear of the MAC address of the destination equipment. ARP(Address Resolution Protocol)is made to map IP address to MAC address to make sure successful communication. When one device is communicating with an unknown device in the network, the MAC address of the unknown device will be get firstly via ARP. The specific procedures are:
ZTE Confidential Proprietary 49
ZXR10 5900E Product Description
The source equipment broadcasts ARP requests with destination device
’s IP address, and all devices in the network will receive this ARP request. If one device realizes that the request is based upon its own IP address, it will then record sender
’s ARP information and send ARP response containing its MAC address to source device. In this way, the source device gets the MAC address of the destination device via this ARP response.
In order to reduce ARP packet in the network and accelerate data delivery, IP address and MAC address mapping is cached in the local ARP table. When equipment is going to send data, it will firstly check ARP table according to IP address. If the MAC address of the destination equipment is found in the ARP table, there is no need to send ARP request any more. At the same time, due to the limited space in switch ARP table and the frequent changes of network equipment, the switch should renew ARP table on time
(Delete the old items and add in new ones). The dynamic items in ARP table can be deleted automatically, and this course is called ARP aging.
To make the network safer, ZXR10 5900E is able to change the learnt dynamic ARP to static ARP, manual static ARP and eternal ARP table item. Both static ARP and eternal
ARP table item do not experience ARP aging. The eternal ARP still exist after reinitiating the switch, however the static ARP will disappear. To prevent from ARP attack, ZXR10
5900E supports ARP protection service, restricting the number of the ARP the switch or other L3 interfaces learn.
3.2.24 DHCPv4
The DHCP manages the IP address and other related configuration information used on the network, to reduce the complexity in managing the address configuration. When the
DHCP service is used on the network, the client and server must be in the same broadcast domain. If a network is built in this way, the ZXR10 5900E must provide the
DHCP SERVER function. In another application, the DHCP server and the users are not in the same broadcast domain. The client obtains its address through transit via the
ZXR10 5900E. This is what referred to as DHCP relay technically.
The ZXR10 5900E implement the built-in DHCP SERVER function through the DHCP protocol, to enable the dynamic address allocation and management of the DHCP
CLIENT, and at the same time provide the user management module on the destination
50 ZTE Confidential Proprietary
ZXR10 5900E Product Description equipment system with the appropriate service management interface for the DHCP
CLIENT. They implement transparent interaction between the DHCP CLIENT and DHCP
SERVER through the DHCP RELAY AGENT expansion option of the DHCP protocol, to enable the dynamic address allocation and management of the DHCP CLIENT, and at the same time provide the service management module on the destination equipment system with the appropriate service management interface for the DHCP CLIENT.
ZXR10 5900E series support DHCP Client and automatic download of default configuration file via DHCP option field. Without any extra configuration, the device can get IP address, Gateway IP address, and host configuration information, etc. after receiving discovery message, DHCP server will find corresponding preserved IP address as per MAC address, and send other information for example host name, TFTP IP address, Configuration file name to DHCP client via DHCP option at the same time. Then
DGCP client will download configuration file from TFTP server via this information, and then initiate new configuration file with DHCP protocol acting to download configuration file at the same time.
3.2.25 LLDP
LLDP(Link Layer Discovery Protocol)is a new protocol defined in 802.1ab, which enables adjacent devices to send messages to each other, thus updates physical topology information and establishes device management information base. LLDP working process is as follows:
1. Sends link and management information of local device to the adjacent device;
2. Local device receives network management information from adjacent device;
3. Store the network management information of adjacent device in MIB base of local device. Network management software can query L2 connection in MIB base.
LLDP doesn
’t work as configuration protocol for remote system, nor signaling control protocol between ports. LLDP can discover inconsistency in configuration of L2 protocol for adjacent devices, but it only reports the problem to the upper level management device without providing mechanism to solve the problem.
ZTE Confidential Proprietary 51
ZXR10 5900E Product Description
To be simple, LLDP is a kind of neighbor discovery protocol. It defines criteria for network devices in Ethernet such as switch, router and wireless LAN access points to enable them to announce their existence to other nodes in the network and to store the discovery information of each adjacent device. For example, the information of device configuration and device identification can be declared by this protocol.
LLDP defines a universal announcement information set, a protocol that transmits the announcement, and a method to store the received announcement information. The device that announces its own information can put multiple announcements in one
LLDPDU (Link Layer Discovery Protocol Data Unit) to transmit them. The LLDPDU contains a series of short message unit with variable length, which is called type-length-value (TLV) with the description as follows:
Type indicates the type of the information needs to be sent
Length indicates the bytes of the information
Value indicates the actual information needs to be sent
Each LLDPDU contains four compulsory TLV and one optional TLV:
Device ID TLV
Port ID TLV
TTL TLV
Optional TLV
LLDPDU end TLV
Device ID and port ID are used to identify the sender
TTL TLV notifies the receiver of the reservation period of all the information. If no update is received from the sender in this period, all related information will be dropped by the receiver. IEEE has defined a suggested update frequency of one transmission per 30 seconds.
52 ZTE Confidential Proprietary
ZXR10 5900E Product Description
Optional TLV contains basic management TVL set (such as port description TVL), special TLV set organized by IEEE 802.1 and special TLV set organized by IEEE 802.3.
LLDPDU end TLV indicates the end of LLDPDU.
3.2.26 UDLD
UDLD is a L2 logic link detection protocol which can detect logic connection of Ethernet link and verify physical connection. Different from physical connection detection, UDLD detects based on neighbors. L1 devices are transparent to UDLD.
Firstly UDLD needs to establish neighbor relationships. When an Ethernet interface with status of UP launches UDLD, the interface sends neighbor joining Hello message to its adjacent device. The interface launching UDLD of the adjacent device sends back an
Echo message. Receiving an Echo message indicates that the device considers the two devices are interconnected. It establishes neighbor relationship with the peer-end and also sends an Echo message. Receiving this Echo message by the peer-end, neighbor relationship on the two devices are both established.
After establishing neighbor relationship, they send Hello messages regularly to check whether the link works well. The device updates the buffered neighbor information stored at local and reset time for neighbor timeout. If no Hello detecting message is received until neighbor aging time, the link is considered as abnormal. Corresponding processing will be taken based on different work mode.
There are two work modes for UDLD: common mode and aggressive mode. In common mode, an interface is Down only when protocol packets are received confirming link single pass. No processing will be taken at the interface if no corresponding packets are received or link single pass cannot be affirmed. In aggressive mode, the interface is
Down as long as two-way expedite link cannot be guaranteed. The common place of these two modes is that alarm will be printed as long as normal link status cannot be affirmed.
Generally speaking, UDLD makes interface Down in the following situations:
In common mode, sends Hello neighbor joining message, and receives Echo message which indicates the neighbor of the peer-end is not itself.
ZTE Confidential Proprietary 53
ZXR10 5900E Product Description
In aggressive mode, sends Hello neighbor joining message, and receives Echo message which indicates the neighbor of the peer-end is not itself.
In aggressive mode, receives Hello neighbor joining message, and sends Echo message; but no Echo message from the peer-end is received.
In aggressive mode, all neighbors at the interface exceed the aging period, and no
Hello detection message is received.
When the interface is Down or other accidents occurs that leads to failure of the interface, the device needs to send a flush message to notify the adjacent L2 device to delete the information of it.
Initiate UDLD: if the Echo message received indicates that the neighbor of the peer-end is not itself; it
’s a false connection of interface. UDLD shut down the interface whatever the mode is as shown iin the following Figure:
Figure 3-11 False connection of interface
Device A
TX
PORT
RX
TX
PORT
RX
TX
PORT
RX
Device B
TX
PORT
RX
54 ZTE Confidential Proprietary
Figure 3-12 Interface down
TX
PORT
RX
Device A
TX
PORT
RX
ZXR10 5900E Product Description
TX
PORT
RX
TX
PORT
RX
TX
PORT
RX
Device B
TX
PORT
RX
Aging time is the protocol packet sending interval (15 seconds by default) ×3. Shut down the interface if no packet is received within aging time if aggressive mode is configured.
3.2.27 VRRP
Normally the host in one broadcasting domain will be set with a default gateway working as the next hop of routing packet. When this default gateway can not work normally, the host in this broadcasting domain can not communicate with the hosts in other networks any more. To avoid this sort of single-point failure, multiple router interfaces can be set in one broadcasting domain and implement VRRP on these routers (Virtual Router
Redundancy Protocol).
VRRP put multiple router interfaces belonging to one broadcasting domain into one group to form a virtual router. It also allocates an IP address to the virtual router as its interface address. This interface address can either be one router interface address or the third party
’s address. This virtual address will take effect only when it is in the same network segment as real interface address.
If router interface address is used, this router with this IP address will act as the master router, and other routers work as the slave ones. If the third party
’s address is used,
ZTE Confidential Proprietary 55
ZXR10 5900E Product Description router with high priority will work as the master router; if two routers have the same priority, the one with bigger real IP address will be the master router.
Set IP address of the virtual router on the host in this broadcasting domain as network gateway. When the master router breaks down, the slave router with the highest priority will replace it and cause none influence to the host. Only if all routers in this VRRP group work in abnormal condition, the host in this domain can not communicate outside any more.
We classify these routers into multiple groups and make them backup each other. And different IP addresses are used by the host in the domain as network gateway to realized balanced load.
3.2.28 Ethernet OAM
3.2.28.1 802.3ah
IEEE 802.3ah mainly implements link level management, taking monitoring and failure processing of point-to-point Ethernet link in the network. Sometimes
“last mile detection” is just about this. Link layer OAM is mainly applied for point-to-point direct link detection.
Figure 3-13 Relationship of sub-layers of OAM in ISO/IEC OSI reference model
56
Figure above is the location of OAM in ISO/IEC OSI reference model. Above OAM is LLC logic link control or other MAC client layer. Below OAM is MAC layer or optional MAC control sub-layer. OAM layer is optional. OAM covers the following three functions:
Remote discovery
ZTE Confidential Proprietary
ZXR10 5900E Product Description
Remote loopback
Link monitoring
DTE involved in OAM sub-layer supports active/passive mode. When OAM is enabled, DTE that both modes support should choose active or passive.
Remote discovery
OAM provides a mechanism to check whether remote DTE has OAM sub-layers. If discovery unsatisfied, OAM client learns that discovery is unsuccessful; and generates discovery unsuccessful alarm. There may be two reasons for unsuccessful discovery: one is that the peer-end doesn
’t start OAM; the other is link connection failure. During the process of remote discovery, label domain of OAMPDU message carries urgent link event (including link failure, urgent failure and emergencies). But the particular failure definition of link failure, urgent failure and emergencies are relevant to their implementation.
One way to learn about link failure via remote discovery is by OAMPDU timeout; and the other way is to define some specific urgent link events to let client layer to learn about link failure from OAMPDU.
DTE that configured with active mode launches the discovery process. Once the discovery process is completed, when the counterpart entity connecting to remote OAM is in active mode, active DTE is permitted to send any OAMPDU.
DTE that configured with passive mode doesn
’t launch discovery process. It provides feedback of discovery process launched by remote DTE.
Remote loopback
OAM provides optional data link layer frame-level loopback mode controlled by remote. OAM remote loopback can be applied for failure location and link performance test. When remote DTE is in OAM remote loopback mode, the statistic data of local and remote DTE can be queried and compared at any moment. Query could be implemented before, during, or after loopback is sent to remote DTE. Besides, OAM sub-layer loopback frame can be analyzed to get additional information concerned link health (to determine frame dropping caused by link failure).
ZTE Confidential Proprietary 57
ZXR10 5900E Product Description
If OAM client has sent loopback control OAMPDU, and when it waits the counterpart DTE to indicate its responding message OAMPDU locating at OAM remote loopback, whether OAM client implements OAM remote loopback command on peer-end device is determined by the following process: a) if local
DTE source address is larger than that of the peer-end, enter OAM remote loopback based on peer-end command. b) If local DTE source address is smaller than that of the peer-end, ignore OAM remote loopback command of the peer-end and go on working as if nothing is received.
Link monitoring OAMPDU
Link monitoring is a feature to make statistics of error symbols or error frames received by physical layer within certain interval. Based on the implementation there is a counter at driver all along making statistics of error frames, error symbols and total frames received. The platform reads the information regularly and takes processing based on these error symbols, error frames and total frames.
Corresponding event notice will be generated as per which kind of event occurred is detected. There are four types of link events:
Link error symbol period event. Count error symbols generated in particular period, which is determined by the quantity of symbols received in certain period by the physical layer.
Error frame event. Count error frames generated in particular period, which specifies certain interval.
Error frame period event. Count error frames generated in particular period, which is determined by the quantity of frames received.
Error frame second accumulation event. Count error frame seconds in particular period, which is determined by the time interval.
3.2.28.2 CFM
Connectivity Fault Management (CFM) can effectively check, separate virtual bridge LAN and report its connection fault. It is mainly oriented to carrier
’s network and also effective to customer network (C-VLAN) as well.
58 ZTE Confidential Proprietary
ZXR10 5900E Product Description
Main basis of CFM that current switches support: IEEE 802.1ag implementation.
To manage and maintain the network, network administrator plans network service and network layers by dividing the whole network into multiple Management Domains (MD).
A single domain is shown in the following Figure.
The domain defines a series of ports at edge device and internal device. The gray points at the edge device are service ports connecting to device outside the domain. They are defined as Maintenance End Point (MEP). There are also some black ports (including those at the device inside the domain) which are ports connecting devices inside the domain. They are defined as Maintenance Intermediate Point (MIP). Domain management is implemented by the defined MEP and MIP.
Figure 3-14 Maintenance domain
Maintenance Domain
As shown in the Figure, a network can be divided into user domain, provider domain and operator domain. Each domain is designated with a level from 0 to 7. The level for domain determines the inclusion relations. Domain with higher level can contain domain with lower level; not vice versa. Domains with the same level cannot contain each other.
Thus the domain with the largest coverage has the highest level. Domain inclusive relations could be tangent (internally or externally) and inclusive, but not intersecting.
ZTE Confidential Proprietary 59
ZXR10 5900E Product Description
Connection Fault Management (CFM) can effectively check, separate virtual bridge LAN and report its connection fault. It is mainly oriented to carrier
’s network and also effective to customer network (C-VLAN) as well.
Configure multiple embedded Maintenance Domains (MD) via one bridge network or a network containing a bridge network.
Configure a Maintenance Association (MA) identified by an individual MD in any given bridge and a group of VLAN.
Format of protocol, process and CFM protocol packet used to detect and separate connection fault report.
Capacity of Maintenance Point (MP) configuration and management in MA. MP is used to generate corresponding CFM packets.
Command MPs implements affirmed fault separation and inspect result.
Figure 3-15 Ethernet Maintenance Domain Inclusive Relations
60
CE
CE
Operator
Domain
Provider
Domain
PE
CE PE
Scenario A:
Touching Domains Ok
Scenario B:
Intersecting Domains Not
Allowed
PE CE
PE
CE
CE
CE
Customer
Domain
Scenario C:
Nested Domains Ok
ZTE Confidential Proprietary
ZXR10 5900E Product Description
Path Discovery: MEP discovers with LTM/LTR message by tracking a MEP to another
MEP, or the path went through between MIP.
Fault Detection: MEP checks the network connection by CCM message that sent and received regularly. Connection failure and NonWill connection (connected by mistake).
Fault acknowledgement and isolation: it
’s a kind of behavior of management. The administrator acknowledges fault by LBM/LBR and implements certain isolation.
Fault notification: when there is connection fault in MEP direction, corresponding report message will be sent to designated management system (such as NMS and TRAP).
Network status detection: Learn about network connection or network delay and jitter by checking packets from MEP to MEP with time stamps or sending and receiving of packets with counter.
MP is the smallest entity on management layer to implement functions, including MEP and MIP. Comparatively, MEP implements more complicated functions than MIP does.
It
’s also more complicated to manage configuration than MIP. It can be said that CFM functions are implemented by MEP, which can send, receive and process any messages mentioned above. While MIP can only process LTM and LBM message; and send LTR and LBR message as well.
3.2.28.3 Y.1731
E series medium-end switch supports the following Y.1731 features:
AIS (Alarm Indication Signal)
RDI (Remote Defect Indication)
LCK
Single-directional and bi-directional dealy detection
ZTE Confidential Proprietary 61
ZXR10 5900E Product Description
3.2.29 Multi-VRP CE
MVCE provides a kind of function similar to hierarchical PE, which transfer part of PE functions to CE. But MVCE doesn
’t need to support MPLS, thus it has low requirements on access and aggregation equipment. The corresponding device should not be called as hierarchical PE. The corresponding device to MVCE is still CE.
User data flows are terminated at CE, which avoids bad impact of broadcast traffic on PE.
Complete isolation of different service transmission is implemented at CE, which solves traditional LAN security problem with low cost. User isolation and security guarantee that need to be implemented by PE are currently implemented by CE, which conforms to the development trend of marginalized network security and current requirements of carrier on bearer network.
A comparison between MVCE and hierarchical PE:
Interfaces between two layers are at least as much as VPN quantity;
The upper layer PE needs to reconfigure VRF that is already configured on MVCE;
Run a IGP/BGP counterpart or configure static routing for each VPN;
Lower layer device doesn
’t support MPLS.
MVCE requires the device to support VPN access with IP address overlapping. With the development of technology, MVCE can be implemented on medium-end switch.
Configure multiple VRF on MVCE corresponding to multiple VPN sites. Each VFR needs an uplink interface to connect to PE. Configure the same VRF at the corresponding interface on PE.
Since MVCE doesn
’t need to support MPLS, there are still ordinary data packets between MVCE and PE instead of MPLS labels. Differently, there is a layer of MPLS labels between hierarchical PE. Thus VPN traffic can only be differentiated by interface on PE, which means PE shall has exactly the same VPN interfaces as much as the VPN
MVCE supports.(which is the same as ordinary PE supports L3 VPN configuration.)
62 ZTE Confidential Proprietary
ZXR10 5900E Product Description
A CE with MVCE features actually simulates multiple CE. Each virtual CE is separated from each other and is able to be accessed to multiple VPN users. PE won
’t perceive whether it is multiple CE or one MVCE. Thus PE doesn
’t need any expansion.
If dynamic routing protocol is run between MVCE and PE, the routing protocol needs to support multiple instances. PE and MVCE exchange routing information via standard
EBGP, OSPF, RIP or static route.
Static route and RIP are both standard protocols. But each VRF runs different instances without interference to each other. If static route is configured, it will be ok if it supports
VRF.
3.2.30 L2PT
In QinQ VPN mode, if VPN uses locating at different places want to initiate their L2 protocol for example, STP, LACP, ZDP, they need to use core network to transfer these
L2 protocol messages transparently, and these messages with preserved MAC address for bridge can not process transparent transmission normally. L2PT Layer 2 Protocol
Tunnel) solves this problem, so it is widely used to transfer user network L2 protocol message in QinQ VPN.
L2PT networking is as shown in the following figure.
Edge Switches:It locating at the edge of operator network connects customer network equipment.
Layer 2 protocol transportation port: On port of Edge Switch. The encapsulation of decapsulated L2 protocol message.
Transportation PDU: Encapsulated protocol message, for example ZDP, STP and
LACP, etc.
ZTE Confidential Proprietary 63
ZXR10 5900E Product Description
Figure 3-16 L2PT Networking
On the port without initiated L2PT, L2 protocol messages (STP,ZDP,LACP)instead of being forwarded is either discarded or sent up for protocol processing, which will cause several blocked STP domains in customer network as per different locations, so that the entire customer VPN can not run an integrated STP topology. L2PT transfer
BPDU message transparently in VPN, which helps customers to supply the gap.
The received L2 protocol messages will be encapsulated at the transportation port of edge switch, then broadcast the encapsulated messages. Initiate remote transportation switch port to encapsulate these messages.
The message encapsulation and decapsulation can be done by changing message MAC address.
3.2.31 Dual-Port Loop Inspection
The failure network connection or configuration easily causes forwarding loop in L2 network, which makes the equipment keep sending broadcasting, multicast and unknown UNICAST messages. It not only wastes network resource greatly, but also fails the entire network sometimes. To inspect loops inL2 network on time and avoid serious influence to the entire network, there must be a mechanism in the network to inspect loops and inform user to check connection and configuration on time. Also this mechanism should be able to shut down the failed port to eliminate loop. This is loop inspection mechanism.
ZXR10 5900E sends loop inspection message from one port on a regular basis, and it checks if messages return to the equipment on the other port to make sure if there
’s loop
64 ZTE Confidential Proprietary
ZXR10 5900E Product Description between the port sent message and the monitoring port, and if the port with loop is clear.
When loops are found in the network, ZXR10 5900E will shut down the port with loops and send warnings (trap) to user.
3.2.32 IPFIX
IPFIX (IP Flow Information export) is a standard protocol issued by IETF for network flow information measurement. This protocol is mainly known for unified IP data flow statistics and output standard. To output date completely IPFIX default uses 7 key domains to indicate each data flow: source IP address, destination IP address, TCP/UDP source port, TCP/UDP destination port, type of L3 protocol, type-of-service protocol byte and input logical interface. If all 7 key domains of different IP messages match each other, these IP message will be considered as the same data flow. By recording features of network flow for example traffic duration and average length of message, the network administrator can understand the existing network operation, and implement network optimization, security check and traffic billing according to this information.
IPFIX
–defined format is based upon Cisco Netflow Version 9 data output format, which enables IP flow to be transferred from one exporter to collector. ZXR10 5900E can be the exporter responsible for gathering and saving the special data flow crossing the switch. It counts byte and packet for every received packet and save this statistical information to memory for regular collection by Collector. ZXR10 5900E is able to record 2000 pieces of outgoing data and 2000 pieces of incoming data flow.
3.2.33 Features of Synchronous Clock
3.2.33.1 System Clock Service
As an IP transmission platform with network-based synchronous clock, ZXR10 5900E has many ways to choose synchronous clock source as the system clock to realize network clock synchronization.
ZXR10 5900E is capable of the following system clock services:
Provide BITS external clock input/output interface. It realizes 1-line external output interface and 1-line input interface
ZTE Confidential Proprietary 65
ZXR10 5900E Product Description
Support GPS interface service and provide 1PPS +TOD signal. Realize 1-line GPS input and 1-line GPS output.
Support synchronous Ethernet interface service.
Support the delivery of SSM information. As per SSM information, the clock unit realizes clock synchronization in the entire network. It supports automatic high-priority clock selection and avoids the formation of ring on a regular basis.
3.2.33.2 Synchronous Ethernet Clock
ZXR10 5900E is capable of implementing synchronous Ethernet clock in the physical layer, which goes in line with G.8261.
The synchronous Ethernet extracts the clock via the serial bit traffic in the physical layer, so that it can realize SDH-similar clock precise. Although it can realize network clock synchronization at the same time, this method can not realize precise time synchronization. The precision of the synchronous Ethernet clock which is irrelevant to the load and packet forwarding latency of Ethernet link layer is guaranteed by the physical layer.
3.2.33.3 IEEE 1588v2 Clock
ZXR10 5900E supports IEEE 1588 v2 to implement clock and time synchronization.
IEEE 1588v2 is a kind of precise time synchronization protocol, which is PTP in short form. It is a main/standby synchronization system. In system synchronization process, main/standby clock releases PTP time synchronization prootocl and time information regularly. It receives time stamp sent by main clock port. The system reckons out main/standby line time delay and main/standby difference, and adjust the local time to make the standby device keeps the same frequency and phase with the main device.
The medium-end switch 5928E and 5928E-FI supports:
IEEE 1588 v2 L2 and L3 multicast
IEEE 1588 v2 L3 unicast
66 ZTE Confidential Proprietary
ZXR10 5900E Product Description
TC, OC and BC
TC supports one-step and two-step methods
3.2.33.4 Clock Protection Service
ZXR10 5900E adopts protocol based on SSM and BMC to implement clock link self-protection to guarantee reliable transport of synchronization.
It reckons out the optimal synchronization path of synchronization information based on clock path selection algorithm to avoid clock loop.
It takes protection switching of clock information based on clock path algorithm when failure occurs in the network.
It provides clock information synchronization locking and keeping, as well as free oscillation.
ZTE Confidential Proprietary 67
ZXR10 5900E Product Description
4 System Architecture
4.1 Product Physical Structure
ZXR10 5900E series All-GE Intelligent routing switch has totally four models: ZXR10
5916E, ZXR10 5928E, ZXR10 5928E-FI and ZXR10 5952E. The chassis of ZXR10
5916E, ZXR10 5928E and ZXR10 5928E-FI is 1U, and the size is 43.6mm×442mm×
220mm (H×W×D). With 2U-height chassis, ZXR10 5952E has the size of ZXR10
5952E is 88.1mm ×442mm ×220mm (H ×W ×D). Using modular swappable dual power supply, ZXR10 5900E is capable of flexible configuration and changing, as well as more powerful reliability. All cables including power supply cable and network cable are coming out in front of the chassis. It supports 3-line warning input and 5-line control output. The M button on the front panel can vividly display the running status of the switch.
The interfaces and slots for each model of ZXR10 5900E series are shown as follows:
ZXR10 5916E provides 12 fixed GE electrical interface with the electrical interface type of RJ45. It supports category 5 and above twisted-pair, 1 expanded slot, 1 100M management port, 1 Console port and 2 alarm ports.
ZXR10 5928E provides 24 fixed GE electrical interfaces with the electrical interfaces type of RJ45. It supports category 5 and above twisted-pair, 1 expanded slot,1 100M management port,1 Console port and 2 alarm ports.It supports clock module
RS-59EC-BITS-GPS plugging in the second power supply slot (PWRII).
ZXR10 5928E-FI provides 24 fixed GE SFP interfaces. It supports various GE optical modules satisfying SPF standards. It supports 1 expanded slot,1 100M management port,
1 Console port and 2 alarm ports. It supports clock module RS-59EC-BITS-GPS plugging in the second power supply slot.
ZXR10 5952E provides 16-port GE electrical interface main control card and 16-port GE optical interface main control card. It supports 4 line card slots, 1 expanded slot, 1 100M
68 ZTE Confidential Proprietary
ZXR10 5900E Product Description management port, 1 Console port and 2 alarm ports. Each line card supports 8-port GE optical or electrical port.
The sub-cards for expanded slots of ZXR10 5900E models have four patterns: 4-port GE
SFP optical sub-card, 4-port GE electrical sub-card, 2-port 10G SFP+ optical sub-card
4-port 10G SFP+ optical sub-card.
Figure 4-1 The Front Panel of ZXR10 5928E
Figure 4-2 The Front Panel of ZXR105928E-FI
Figure 4-3 The Front Panel of ZXR10 5952E
Figure 4-4 The Front Panel of ZXR10 5916E
Figure 4-5 The Front Panel of ZXR10 5928E with Clock Synchronization Interface Card
ZTE Confidential Proprietary 69
ZXR10 5900E Product Description
4.2 Hardware Architecture
ZXR10 5900E series product is composed of control module, switching module, interface module, power supply module, and monitoring module. ZXR10 5928E also supports clock module and external GPS module.
1. Control module. Control module is composed of main processor and some external functional chips, realizing the processing of various applications. Providing serial interface for external management configuration, it implements data operation and maintenance.
2. Switching module. Switching module is a packet processor. It implements processing and switching of data packets sent by each port.
3. Interface module. Interface module is composed of interface chip and corresponding circuit nearby. It mainly implements external user connection and receiving & sending of data packets.
4. Power supply module. Power supply module supports 1+1 backup and hot swapping. Adopting 220V AC power supply or -48V DC power supply.5900E series supports power supply consumption monitoring. It can monitor the consumption of the whole device by certain software.5916E,5928E and 5928E-FI support dual-input
DC power supply unit. It permits two-port DC input on one DC power supply uint to guarantee the reliability of power supply.
5. Monitoring module.3-port dry contact signal input and 5-port dry contact signal output.
70 ZTE Confidential Proprietary
Figure 4-6 System hardware diagram of ZXR10 5900E
ZXR10 5900E Product Description
4.2.1 Control Module and Switching Module
Control and switching module is the core part of ZXR10 5900E. It mainly implements two functions of control module and switching module.
In ZXR10 5900E system, control and switching module is installed in cassette structure with no independent panel. Its interfaces and signal indicators are on the front panel of the system. Its block diagram is shown in the following Figure:
ZTE Confidential Proprietary 71
ZXR10 5900E Product Description
Figure 4-7 Diagram of main control card
72
The control module is composed of the main processor and some external application chips. It provides external operation interfaces, for example, serial ports and Ethernet ports, by which the system can process all kinds of applications. The main processor is a high-performance CPU processor, which performs the following functions:
System NM protocol, for example, SNMP
Network protocols, for example, OSPF, RIP, and BGP-4
Providing the operation and management interfaces for line cards
Data operation and maintenance
The switch module is designed with a dedicated Switch chip, which is integrated with multiple Gigabit and Gigabit bi-directional interfaces, allowing it to process wire-speed switching of multiple ports. The Switch chip provides the following functions:
1. Store and forward switching
2. Supporting 9KB jumbo frames
ZTE Confidential Proprietary
ZXR10 5900E Product Description
3. Supporting priority queuing, where frames can be dropped selectively when the
CoS queue is in congestion
4. Providing one management and control timer for each port
4.2.1.1 Interface
Console Port
Management terminal performs operations and maintenance on ZXR10 5900E through Console port. It is connected with COM port on management terminal by serial cable. One end of the serial cable connecting ZXR10 5900E is RJ45 plug, and the other end of the cable is DB9 female plug, connected to management terminal.
Management Interface
Management terminal can perform operations and maintenance on ZXR10 5900E through management interface, which supports 100Base-TX.
External Alarm Interface
It supports 5-port external alarm input and 3-port alarm output with the interface physical plug of RJ45.
100/1000Base-T Ethernet Interface
Table 4-1 The Assistant Interface Type and Interface Number of ZXR10 5900E
Assistant Interface
External Alarm Interface
Console Interface
Network Management
Interface
Parameter
Support 5-port external warning input and 3-port warning output
Support 1-port Console interface
Support 1-port network management interface
RJ45
RJ45
RJ45
Remarks
ZTE Confidential Proprietary 73
ZXR10 5900E Product Description
Main control card of ZXR10 5916E and ZXR10 5928E supports 1000 Base-T and
100Base-TX on CAT5. The characteristics are as shown in the following table:
Table 4-2 Feature of 100/1000Base-T Ethernet interface on main control card of
ZXR10 5900E
Port type
100/1000Base-T
Features
Conforming the following standards:
1000BASE-T IEEE 802.3u
RJ45 plug
CAT5 Unshielded Twisted Pair (UTP) with the longest transmission distance
100m
MDI/MDIX
4.2.1.2 Indicator
There are 14 indicators on front panel of ZXR10 5916E, where 12 indicators are port status indicators. There are 1 system indicators SYS/ALM and 1 management interface indicator MNG.
There are 26 indicators on front panel of ZXR10 5928E and 5928E-FI,where 24 indicators are port status indicators. There are 1 system indicators SYS/ALM and 1 management interface indicator MNG.
There are 19 indicators on front panel of ZXR10 5952E, where 16 indicators are port status indicators. There are 2 system indicators SYS/ALM and FAN and 1 management interface indicator MNG. Each of the four user-side line card has 8 port indicators.
Functions of ZXR10 5900E system indicators are shown in the following table:
Table 4-3 Functions of ZXR10 5900E system indicators
Indicators Off
SYS/ALM
The equipment is power off
Green
Green indicator flashes: the equipment works well
Red
Red indicator flashes: error occurs to the equipment
74 ZTE Confidential Proprietary
ZXR10 5900E Product Description
Indicators
MNG
FAN
Off
No connection
Fan chassis is not connected
Green
Green indicator on: link
Green indicator flashes: active
Green indicator flashes: all fans work well
Red
Red indicator flashes: error occurs to one or more fans
There is a MODE button on the front panel of ZXR105900E. M_button function provides some display function of key statistics data and indicator function of key event by using panel indicator, which makes it convenient to maintain our equipment. M_button function mainly includes the following modes:
1. LINK mode (LINK): in this mode, port indicator displays LINK/ACT state of port. If port is in link state, the green indicator is on. If there is traffic, green indicator is flashing. If port is not in link state, the indicator is off.
2. SPD mode (SPD): in this mode, port indicator displays the current speed of port. If port speed is the same as port default speed, green indicator is on. If not, yellow indicator is on.
3. DUP mode (DUP): in this mode, port indicator displays duplex state. If port is in full-duplex state, green indicator is on. If port is in half-duplex state, yellow indicator is on.
4. STAT mode (STAT): in this mode, port indicator displays STP state. If port STP state is Forward, green indicator is on. If port STP state is Disable, green indicator is off. If it
’s other state, yellow indicator is on.
5. CPU utilization ratio mode (CPU%): in this mode, port indicator displays the current
CPU utilization ratio. 5916E uses the indicator of port 1~12 to view, each port indicates 8%.5928E and 5928E-FI use the indicator of port 1~20 to view, each port indicates 5%. 5952E uses the indicator of port 1~16 on MP board to view, each port indicates 6.25%.
ZTE Confidential Proprietary 75
ZXR10 5900E Product Description
6. Memory utilization ratio mode (MEM%): in this mode, port indicator displays the current memory utilization ratio. 5916E use the indicator of port 1~12 to view, each port indicates 8%.5928E and 5928E-FI use the indicator of port 1~20 to view, each port indicates 5%. 5952E uses the indicator of port 1~16 on MP board to view, each port indicates 6.25%.
7. Uplink port outbound bandwidth occupation rate mode (
BW%): in this mode, port indicator displays current uplink port outbound bandwidth occupation rate, take the uplink port current speed as baseline. 5916E use the indicator of port 1~12 to view, each port indicates 8%.5928E and 5928E-FI use the indicator of port 1~20 to view, each port indicates 5%. 5952E uses the indicator of port 1~16 on MP board to view, each port indicates 6.25%.
8. Uplink port inbound bandwidth occupation rate mode (
BW%): in this mode, port indicator displays current uplink port inbound bandwidth occupation rate, taking the uplink port current speed as baseline. 5916E use the indicator of port 1~12 to view, each port indicates 8%. 5928E and 5928E-FI use the indicator of port 1~20 to view, each port indicates 5%. 5952E uses the indicator of port 1~16 on MP board to view, each port indicates 6.25%.
9. PING network management center mode (PING): in this mode, use the first 5 port indicators to view. Equipment will send 5 ICMP packets to network management center, for each ICMP packet, if receive the correct reply, the corresponding indicator will turn green, if not, turn yellow.
10. CRC port display mode (CRC): in this mode, port indicator displays CRC error. If port has CRC error frame statistics, green indicator is on. Otherwise green indicator is off.
11. STORM port display mode (STORM): in this mode, port indicator displays storm port. If port is storm port, green indicator is on. Otherwise green indicator is off.
12. NoMAC port display mode (NoMAC): in this mode, port indicator displays if MAC is learned. If port does not learn MAC, green indicator is on. Otherwise green indicator is off.
76 ZTE Confidential Proprietary
ZXR10 5900E Product Description
4.2.2 Interface Module
ZXR10 5900E supports 4-port gigabit Ethernet optical/electrical interface card, 4-port
10G Ethernet optical interface card, and 8-port GE Ethernet optical/electrical interface card. GE Ethernet interface card support optical/electrical adaptive interface. All optical interfaces use swappable optical modules, so one line card can support multiple sorts of transmission media and distance. This decreases the number of extra line card in different situations, and helps operator to get maximum profit from minimum investment.
ZXR10 5928E supports synchronous clock module, providing Ethernet synchronous clock feature.
The interface cards ZXR10 5900E supports are shown in table 4.
Table 4-4 Service Interface Card of ZXR10 5900E
Interface Card
Card
Type
GE Interface
Description
4-Port GE Electrical Interface Card
4-Port GE Optical Interface Card
8-Port GE Electrical Interface Card
8-Port GE Optical Interface Card main control card on 5952E
16-port GE electrical interface main control card
16-port GE optical interface main control card.
Remarks
Fit 5916E, 5928E,
5928E-FI and 5952E.
Not support hot-swappable service.
Fit 5916E ,5928E,
5928E-FI and 5952E.
Not support hot-swappable service.
Fit 5952E only. No support hot-swappable service.
Fit 5952E only. No support hot-swappable service.
Only for 5952E, Not support hot-swappable service.
Only for 5952E, Not support hot-swappable service.
ZTE Confidential Proprietary 77
ZXR10 5900E Product Description
Interface Card
Type
Description Remarks
10GE Interface
Card
Clock
Synchronization
Interface Card
4-Port 10GE Optical Interface Card
2-Port 10GE Optical Interface Card
Fit 5916E, 5928E,
5928E-FI and 5952E.
Not support hot-swappable service.
Fit 5916E, 5928E,
5928E-FI and 5952E.
Not support hot-swappable service.
2 2M BITS Interfaces +2 GPS interfaces. 2M interfaces are 75
Ω and coaxial. GPS interface is RJ45 interface.
Fit 5928E only. Not support hot-swappable service.
4.2.3 Power Module
ZXR10 5900E supports dual power supply modules. Two modules support AC-DC power supply and DC-DC power supply respectively. They both support 1+1 hot backup input through the front panel. It supports hot swapping service. A power supply module adopts
220V input.
5916E,5928E and 5928E-FI support dual-input DC power supply unit. It permits two-port
DC input on one DC power supply unit to guarantee the reliability of power supply.
5900E series supports power supply consumption monitoring. It can monitor the consumption of the whole device by certain software.
4.2.4 Clock Module
ZXR10 5928E supports clock module, plugging in the second power supply slot of 5928E.
The clock module has the following functions:
1. Supports synchronization with GPS.
2. Supports BITS clock synchronization with 2MBits or 2MHz.
3. Supports 1588v2 synchronous Ethernet.
78 ZTE Confidential Proprietary
ZXR10 5900E Product Description
4. Supports SyncE based on physical layer clock recovery
5. Supports automatic switchover between different reference sources.
6. Supports Stratum 2 clock holdover.
7. Provides external 1-port BITS IN, 1-port BITS OUT, 1-port GPS input (PPS&TOD IN) and 1-port GPS output (PPS & TOD OUT).
There are 6 indicators on the clock module panel, which are BTIS IN, BITS OUT,
PPS&TOD IN green and yellow, and PPS&TOD OUT green and yellow.The front panel of clock module is shown as follows:
Figure 4-8 Front panel of clock module
4.3 Software Architecture
ZXR10 5900E series products are multi-layer switches with L2 switching and L3 routing capabilities and support for multiple functions, providing L2/3 wire speed switching and routing and QoS assurance. The system software performs management, control, and data forwarding. Its basic operations include system start, configuration management, running of protocols, maintenance of tables, setting switch chips, and status control, as well as software forwarding of some special packets. The system software must implement the following functions:
Implementing major L2 protocol functions, including 802.1D STP protocol, 802.1P priority control, related functions of 802.1Q VLAN, and 802.3ad link aggregation
ZTE Confidential Proprietary 79
ZXR10 5900E Product Description
Supporting Ipv4 protocol stacks and basic routing protocols
Implementing multi-layer services such as ACL and DHCP
Implementing some broadband access functions
Implementing network management protocol SNMPv3 and Agent
Allowing users to perform network management via the serial terminal, Telnet, or
SNMP Manager, including network configuration management, fault management, performance management and security management.
Smooth upgrade of the software version, and on-line upgrade of the active/standby protocol processing cards and switching network cards.
Network security function
Based on the system functions mentioned above, the system software could be divided into five subsystems.
Operation support subsystem, including software modules such as BSP, ROS, SSP, and VxWorks kernel
MUX subsystem, including the data distribution module, statistics and monitoring module, and driving and encapsulation module. The data distribution module distributes data packets to the driver and upper-layer software. The statistics and monitoring module measures data, forwards information, and monitors the software table.
L2 subsystem, including processing STP protocol, LACP protocol, IGMP
SNOOPING protocol, MAC address management, VLAN management and L2 data forwarding
L3 subsystem, which implements basic protocols of TCP/IP, such as IP, ARP, ICMP,
TCP, and UDP, and application protocols such as FTP and Telnet, and implements unicast and multicast routing protocols, performing L3 data forwarding.
80 ZTE Confidential Proprietary
ZXR10 5900E Product Description
NM and operation & maintenance subsystem, which implements the Agent function of the SNMP network management, supports command line management, provides operation & maintenance interfaces, and provides MIB information.
4.3.1 Operation Support Subsystem
The operation support subsystem drives and encapsulates the bottom-layer hardware, providing support for other software systems on the upper layer. This subsystem provides support for the running of the hardware, allocating resources for the hardware, and provides the hardware-related interfaces for the upper-layer software. The operation support subsystem relies on the ROS platform of the ZXR10, and it is composed of system support, system control, version load control, BSP, and SSP. It can be further divided into the operating system kernel, process scheduling, process communication, timer management, and memory management modules. The functional block diagram for the operation support subsystem is shown as follow:
Figure 4-9 Functional Block Diagram for the Operation Support Subsystem
ZTE Confidential Proprietary 81
ZXR10 5900E Product Description
4.3.2 MUX Subsystem
The MUX subsystem exchanges information with the driver and the upper-layer software, and measures and monitors the software table of the switch chip. The MUX subsystem mainly performs data distribution and measurement and monitoring. After the MUX layer receives the data packets from the driving module, it forwards the packets by type according to the ETHER TYPES fields in the MAC frames. The data distribution of the
MUX also includes the encapsulation of the data sending function of the driver, to provide the modules on the upper layer with a new data sending function for invocation. When the modules on the upper layer have data packets or protocol packets to send, they can invoke the data sending function provided by the MUX. The measurement and monitoring function measures the status of the driver layer, physical layer and MUX layer, measures the packets received/sent, monitors the access to the register, and performs the sniffer operations to the data packets, providing the OAM module with the interface function.
4.3.3 L2 Subsystem
The L2 subsystem performs configuration management (management layer) on the data link layer, protocol processing on L2 (control layer), and data forwarding (data layer or service layer). The function modules are illustrated as follow:
Figure 4-10 functional Block Diagram of the L2 Subsystem
82 ZTE Confidential Proprietary
ZXR10 5900E Product Description
4.3.4 L3 Subsystem
By software layer, the L3 subsystem consists of the service control layer and data-forwarding layer. Where, the service control layer is composed of the TCP/IP and IP forwarding support subsystem. The TCP/IP consists of the support protocols and routing protocols. The support protocols are the basic protocols in the Ipv4 protocol suite, providing services to the dynamic routing protocols, while acting as the entities of network management and system monitoring. As the service provider for the upper-layer application entities on the whole router system, support protocols consist of IP, ARP,
ICMP, IGMP, TCP, UDP and Telnet protocol entities. Routing protocols are used to generate dynamic routes, and they consist of unicast routing protocols such as RIP,
OSPF, and BGP, and multicast routing protocols such as IGMP, PIM-SM, MSDP and
MBGP, and they provide related upper-layer protocols such as LDP, VRRP, and RSVP.
The IP forwarding and support subsystem is responsible for deletion and modification of the forwarding table and the related strategies, and establishment and maintenance of indexes, and data interaction between the CPU and switch chip. The IP data forwarding layer inputs, forwards and outputs the data of the strategies, rules and routing tables created by the switch chip according to the IP service control layer.
Figure 4-11 Functional Block Diagram of the L3 Subsystem
ZTE Confidential Proprietary 83
ZXR10 5900E Product Description
4.3.5 NM and Operation & Maintenance Subsystem
The foreground NM and Operation & Maintenance subsystem uses TCP/IP to implement the agent of the SNMP NM, and meets the management requirements by using the execution entities of the managed entities on the bottom layer. The background NM communicates with the foreground NM via the network to manage the foreground system.
In this way, the management network is isolated from the transmission network.
4.3.6 ZXROS Platform
ZXROS is a multitask-based distributed real-time network operating system, providing unified IP protocol supported by all devices from ZTE. ZXROS offers a mature and steady architecture, and has been extensively used by lots of carriers. With reinforcement and extension on the basis of the original platform, the existing platform in terms of user
’s service requirements give more consideration on user’s OPEX, CAPEX, service scalability and implementation.
Sound Encapsulation
The configurations of all products are in the same style, which makes user easy to operate and maintain.
Powerful Monitoring Service
Monitor process and memory abnormities.
Monitor the working status of power supply module, fan, voltage, current, and working temperature.
Provide fast failure location to guarantee high reliability of the product version.
Flexible Modular Components
All service module based upon ZXROS can be added or uninstalled easily; new services can be developed based upon the original architecture.
Based upon user
’s demands, provide flexible on-demand service and fast respond to user
’s requirements.
84 ZTE Confidential Proprietary
ZXR10 5900E Product Description
With superior interoperation, it follows the following standard and protocols
Table 4-5 L2 Protocol Standard
L2 Protocol Standard
IEEE 802.1d Bridging
EEE 802.1s Multiple Spanning Tree
IEEE802.1x Port Based Network Access
IEEE 802.3ad Link Aggregation
IEEE 802.1w Rapid Spanning Tree IEEE 802.3ag Service Layer OAM
IEEE 802.1Q VLAN tagging
9216 bytes jumbo frame forward on
Ethernet and pos interface
IEEE 802.1ad VLAN stacking, Select
QinQ, VLAN translate
IEEE 802.3ah Provider Backbone B
IEEE 802.1ab LLDP(Link Layer Discovery
Protocol)
IGMP v1/v2 snooping/proxy
IEEE 802.3 10BaseT
IEEE802.3ah Ethernet OAM
IEEE 802.3 100BaseT
IEEE 802.3u 100BaseTx
ESRP Ethernet smart Ring Protocol
IEEE 802.1p VLAN Priority
IEEE 802.3ae 10Gpbs Ethernet
IEEE 802.3x Flow Control
IEEE 802.3z 1000BaseSX/LX
IEEE 802.3ae 10Gbps Ethernet
ZESS ZTE Ethernet smart switch
Table 4-6 TCP/IP Protocol Standard
RFC 768 UDP
RFC 792 ICMP
RFC 826 ARP
RFC 951 BootP
RFC 1519 CIDR
RFC 2328 TFTP Blocksize Option
RFC2349TFTPTimeoutIntervaland
TransferSize option draft-ietf-bfd-mib-00.txt Bidirectional
Forwarding Detection Management
Information Base
TCP Protocol Standard
RFC 791 IP
RFC 793 TCP
RFC 854 Telnet
RFC 1350 TFTP
RFC 1812 Requirements for IPv4 Routers
RFC 2347 TFTP option Extension
RFC 2401 Security Architecture for
Internet Protocol draft-ietf-bfd-base-02.txt Bidirectional
Forwarding Detection
ZTE Confidential Proprietary 85
ZXR10 5900E Product Description
Table 4-7 RIP Protocol Standard
RIP Protocol Standard
RFC 1058 RIP Version1
RFC 2082 RIP-2 MD5 Authentication
RFC 2453 RIP Version2
Table 4-8 OSPF Protocol Standard
OSPF Protocol Standard
FC 1765 OSPF Database Overflow
FC 2370 Opaque LSA Support
RFC 3101 OSPF NSSA Option
RFC 2328 OSPF Version 2
RFC 3137 OSPF Stub Router
Advertisement
RFC 3623 Graceful OSPF Restart
–GR helper
Table 4-9 BGP Protocol Standard
RFC 1597 BGP Default Route
Advertisement
BGP Protocol Standard
RFC 1772 Application of BGP in the
Internet
RFC 1965 Confederations for BGP
RFC 2385 Protection of BGP Sessions via MD5 draft-ietf-idr-rfc2796bis-02.txt
RFC 1997 BGP Attribute Communities
RFC 2439 BGP Route-Flap Dampening
RFC 2796 BGP Route Reflection
RFC 2918 Route Refresh Capabil-ity for
BGP4 draft-ietf-idr-rfc3065bis-05.txt
RFC 4271 BGP-4 (previously RFC 1771) RFC 3592 Capabilities Advertise-ment with BGP4
RFC 4364 BGP/MPLS IP Virtual Private
Networks (VPNs)
RFC 4724 Graceful Restart Mechanism for BGP
–GR helper draft-ietf-idr-rfc2858bis-09.txt
RFC 3065 Confederations for BGP
RFC 4360 BGP Extended Communities
Attribute
RFC 4760 Multi-protocol Extensions for
BGP
RFC 4203 for Shared Risk Link Group
(SRLG) sub-TLV
86 ZTE Confidential Proprietary
ZXR10 5900E Product Description
Table 4-10 ISIS Standard
ISIS Standard
RFC 1142 OSI IS-IS Intra-domain Routing
Protocol (ISO 10589)
RFC 1195 Use of OSI IS-IS for routing in TCP/IP&dual environments
RFC 2763 Dynamic Hostname Exchange for IS-IS
RFC 3373 Three-Way Handshake for
Intermediate System to Inter-mediate
System (IS-IS) Point-to-Point
Adjacencies
RFC 3567 Intermediate System to
Intermediate System(IS-IS)
RFC 3719 recommendations for
Interoperable Networks using IS-IS
RFC 2973 IS-IS Mesh Groups
RFC 2966 Domain-wide Prefix
Distribution with Two-Level IS-IS
Cryptographic Authentication
System(IS-IS) Extensions for Traffic
Engineering (TE)
RFC 3847 Restart Signaling for IS-IS
–GR helper draft-ietf-isis-igp-p2p-over-lan-05.txt
RFC 3784 Intermediate System to
Intermediate
RFC 3787 Recommendations for
Interoperable IP Networks
RFC 4205 for Shared Risk Link Group
(SRLG) TLV
Table 4-11 VRRP Standard
RFC 2787 Definitions of Managed
Objects for the Virtual Router
Redundancy Protocol
VRRP Standard
RFC 3768 Virtual Router Redundancy
Protocol
Table 4-12 LDP Standard
RFC 3036 LDP Specification
RFC 3037 LDP Applicability
LDP Standard
draft-jork-ldp-igp-sync-03
RFC 3478 Graceful Restart Mechanism for LDP
–GR helper
Table 4-13 Multicast Standard
Multicast Standard
ZTE Confidential Proprietary 87
ZXR10 5900E Product Description
Multicast Standard
RFC 1112 Host Extensions for IP
Multicasting(Snooping)
RFC 2236 Internet Group Man-agement
Protocol
RFC 2362 Protocol Independent
Multicast-Sparse Mode(PIM-SM)
RFC 3376Internet Group Management
Protocol Version3
RFC 3446 Anycast Rendevous Point(RP) mechanism using Protocol Independent
Multicast(PIM) and Multicast Source
Discovery Protocol(MSDP)
RFC 3618 Multicast Source Discovery
Protocol (MSDP)
RFC 4601 Protocol Independent
Multicast-Sparse Mode(PIM-SM)
RFC 4604 Using IGMPv3 and MLDv2 forSource-Specific Multicast
RFC 4607 Source-Specific Multicast for
IP
RFC 4610 Anycast-RP Using Protocol
Independent Multicast(PIM) draft-rosen-vpn-mcast-08.txt
RFC 4608 Source-Specific Protocol
Independent Multicast in 232/8 draft-ietf-pim-sm-bsr-06.txt draft-ietf-mboned-msdp-mib-01.txt
Table 4-14 Differentiated Services Standard
Differentiated Services Standard
RFC 3140 Per-Hop Behavior
Identification Codes
RFC 2598 An Expedited Forwarding PHB
RFC 2597 Assured Forwarding PHB
Group (rev3260)
RFC 3140 Per-Hop Behavior
Identification Codes
Table 4-15 PPP Standard
PPP Standard
RFC 1332 PPP IPCP
RFC 1662 PPP in HDLC-like Framing
RFC 1377 PPP OSINLCP
RFC 1638/2878 PPP BCP
RFC 1661 PPP
RFC 1990 The PPP Multilink
Protocol(MP)
RFC 1989 PPP Link Quality Monitoring
RFC 2516 A Method for Transmitting
PPP Over Ethernet
RFC 2615 PPP over SONET/SDH
88 ZTE Confidential Proprietary
ZXR10 5900E Product Description
Table 4-16 DHCP Standard
DHCP Standard
RFC 2131 DynamicHost-Configuration
Protocol(REV)
RFC 3046DHCP Relay Agent
Information Option(Option 82)
Table 4-17 Network Management Standard
ITU-T M.3000, Overview of TMN recommendations
Network Management Standard
ITU-T M.3016, TMN security overview
ITU-T M.3010, PrincIPles for a
Telecommunications management network
ITU-T M.3020, TMN Interface
Specification Methodology
ITU-T M.3100 Generic Network
Information Model
ITU-T M.3101, Managed Object
Conformance Statements for the Generic
Network Information Model
ITU-T M.3200, TMN management services and telecommunications managed areas: overview
RFC1157, Simple Network Management
Protocol
RFC1901, Introduction to
Community-based SNMPv2
ITU-T M.3300, TMN F interface requirements
ITU-T M.3400, TMN Management
Function
ITU-T X.701-X.709, Systems
Management framework and architecture
ITU-T X.720-X.729, Structure of
Management Information
ITU-T Temporary Document 69 (IP
Experts): Revised draft document on IP access network architecture
ITU-T X.710-X.719, Management
Communication Service and Protocol
ITU-T X.730-X.799, Management functions
RFC1213, Management Information
Base for Network Management of TCP/IP based internets: MIB-II
RFC1902, Structure of Management
Information for Version 2 of the Simple
Network Management Protocol
(SNMPv2)
RFC1903, Textual Conventions for
Version 2 of the Simple Network
Management Protocol (SNMPv2)
RFC1905, Protocol Operations for
RFC1904, Conformance Statements for
Version 2 of the Simple Network
Management Protocol (SNMPv2)
RFC1906, Transport Mappings for
ZTE Confidential Proprietary 89
ZXR10 5900E Product Description
Network Management Standard
Version 2 of the Simple Network
Management Protocol (SNMPv2)
Version 2 of the Simple Network
Management Protocol (SNMPv2)
RFC1907, Management Information Base for Version 2 of the Simple Network
Management Protocol (SNMPv2)
RFC2251, Lightweight Directory Access
Protocol (v3)
RFC2570 Introduction to Version 3 of the Internet-standard Network
Management Framework
RFC2571 An Architecture for
Describing SNMP Management
Frameworks
RFC2572 Message Processing and
Dispatching for the Simple Network
Management Protocol (SNMP)
RFC2573 SNMP Applications
RFC2574 User-based Security Model
(USM) for version 3 of the Simple
Network Management Protocol
(SNMPv3)
RFC2575 View-based Access
Control Model (VACM) for the Simple
Network Management Protocol (SNMP)
RFC2037, Entity MIB using SMIv2
RFC1558, A String Representation of
LDAP Search Filters
RFC1777, Lightweight Directory Access
Protocol
RFC1959, An LDAP URL Format
RFC2233, The Interface Group MIB using
SMIv2
RFC1558, A String Representation of
LDAP Search Filters
RFC1778, The String Representation of
Standard Attribute Syntaxes
RFC2251, Lightweight Directory Access
Protocol (v3)
RFC1493, Definitions of Managed
Objects for Bridges
GB910,Telecom Operations Map
RFC1757, Remote Network Monitoring
Management Information Base
GB901, A Service management Business
Process Model
GB909,Generic Requirements for
Telecommunications Management
Building Blocks
GB908,Network Management Detailed
Operations Map
RFC1757, Remote Network Monitoring
Management Information Base
GB917, SLA Management Handbook
V1.5
GB914,System Integration Map
NMF038, Bandwidth Management
Ensemble V1.0
TMF508, Connection and Service
Management Information Model Business
TMF801, Plug and Play Service
Fulfillment Phase 2 Validation
90 ZTE Confidential Proprietary
ZXR10 5900E Product Description
Agreement
Network Management Standard
Specification V1.0
TMF605, Connection and Service
Management Information Model
TMF053, NGOSS Architecture
Technology Neutral Specification V1.5
TMF053B, NGOSS Architecture
Technology Neutral Specification V1.5
TMF816, B2B Managed Service for DSL
Interface Implementation Specification
V1.5
YD/T 852-1996 General design principle of TMN
NMF037, Sub-System Alarm Surveillance
Ensemble V1.0
TMF053A, NGOSS Architecture
Technology Neutral Specification V1.5
TMF821, IP VPN Management Interface
Implementation Specification V1.5
Interworking Between CORBA and TMN
System Specification V1.0
YD/T XXXX-2001 General technical specification of broadband MAN
YD/T XXXX-2000 IP Network technical specification
–network in general
YD/T 871-1996 General information model of TMN
YD/T XXXX-2001 IP Network technical specification-network performance parameter and availability
YDN 075-1998 China public multimedia communications network management specification
YDN 075-1998 China public multimedia communications network management standard
RFC 1215 A Convention for Defin-ing
Traps for use with the SNMP
RFC 1657 BGP4-MIB
RFC 1850 OSPF-MIB
RFC 2096 IP-FORWARD-MIB
RFC 2012 TCP-MIB
RFC 2138 RADIUS
RFC 2987 VRRP-MIB draft-ietf-mpls-ldp-mib-07.txt draft-ietf-disman-alarm-mib-04.txt draft-ietf-isis-wg-mib-05.txt draft-ietf-mpls-te-mib-04.txt
RFC 1724 RIPv2-MIB
RFC 1907 SNMPv2-MIB
RFC 2011 IP-MIB
RFC 2013 UDP-MIB
RFC 2206 RSVP-MIB
RFC 3014 NOTIFICATION-LOGMIB
RFC 3164 Syslog draft-ietf-ospf-mib-update-04.txt draft-ietf-mpls-lsr-mib-06.txt
ZTE Confidential Proprietary 91
ZXR10 5900E Product Description
5 Technical Specifications
5.1 Physical Indices
Table 5-1 Physical Parameters
Physical Parameter
Size(H×W×D)
5916E/5928E/5928E-FI
43.6mm×442mm×
220mm
Weight (Full
Configuration, including two power supply modules and subcards)
ZXR10 5928E:4.8kg
ZXR10 5928E-FI:4.8kg
ZXR10 5916E:4.8kg
Power Consumption
ZXR10 5928E:
The minimum:<43w
The maximum:<63w
ZXR10 5928E-FI:
The minimum:<35w
The maximum:<64w
ZXR10 5916E:
The minimum:<38w
The maximum:<55w
Working Temperature
Storage Temperature
Working Humidity
Anti-lightening
Power supply
Anti-Seismic Design
Reliability
88.1mm×442mm×220mm
10kg
5952E
The minimum:<53w
The maximum:<122w long-term: -5℃~+50℃;short-term: -5℃~+55℃
-40℃~70℃
Relative Humidity 10%~90%, non-condensing.
AC power supply provides 6KV anti-lightening capability
AC power supply: 100V~240V, 50Hz~60Hz
DC power supply: -40V~-57V
Anti-8 magnitude earthquake design
MTBF:>200000 hours
MTTR:<30 minutes
EMC:
FCC Part 15 (CFR 47) Class A
EN55022 Class A
92 ZTE Confidential Proprietary
ZXR10 5900E Product Description
Physical Parameter 5916E/5928E/5928E-FI
ETSI EN 300 386 V1.3.1
EN55024
Safety:
UL 60950 3rd Edition
CSA C22.2 No 60950 3rd Edition
EN 60950
EC 60950
EN60825-1+A1 and EN60825-2
5952E
5.2 Capacity
See the table named
“Basic Performance”.
5.3 Performance
Table 5-2 Basic Performance
Basic Performance Indices 5916E/5928E/5928E-FI
Switching capacity
5916E:104G
5928E/5928E-FI :128G
Packet forwarding capability
5928E and 5928E-FI: 95M
5916E:77M
L2 Features
L3 Features
MPLS
5952E
176G
131M
MAC address table
VLAN translation
32K
VLAN number 4K
L2 multicast table 1K
Ingress:8K,Egres:8K
Ipv4 Routing table 12K network segment route/8k host route
L3 multicast table 4K
3 Label stacking
Numbers of lables(whole chassis shared)
8K
ZTE Confidential Proprietary 93
ZXR10 5900E Product Description
QoS
Ethernet
OAM
Basic Performance Indices 5916E/5928E/5928E-FI
Maximum quantity of public network label
4k
Maximum quantity of private network label
4k
LDP FRR switchover time
Ingress ACL rule number
50ms-200ms
4K
MPLS
L2VPN/L3VPN
Egress ACL rule number
CAR granularity
COS queue number
Cos Queue for
CPU
VRF quantity
512
64 kbit/s
8 queues per port
48
1022
VRF quantity
PW quantity
1K
1K
Combined number of public route and private route
12K
Number of
MP-BGP
Inter AS L3VPN supported
Number of MPLS
TE tunnel
48
Option A and option B
64
Extension LDP 64
MD 8
LMEP
RMEP
256
2K
CC delivery
3.3ms/10ms/100ms/1s/10s
5952E
94 ZTE Confidential Proprietary
ZXR10 5900E Product Description
Basic Performance Indices
frequency
5916E/5928E/5928E-FI 5952E
5.4 Power
See the table 5-1.
5.5 Working Environment
See the table 5-1.
5.6 Environmental Classes
See the table 5-1.
5.7 Reliability
Table 5-3 Reliability
Item
Reliability
Description
Support non-stop upgrade
Support VBRP protocol, support multiple backups configuration, support backup priority setting, support
VRRP switching authentication, support priority replacement mode
Support ZESR(ESRP+) Ethernet ring protection
Support ZESS dual-homing protection
Support ECMP
ZTE Confidential Proprietary 95
ZXR10 5900E Product Description
6 Operation and Maintenance
6.1 NetNumen U31 Unified Network Management
Platform
Due to the development of IP network, there are more and more services implemented by IP network. At the same time, the network ranges larger, and configures harder, plus user’s higher expectation, the network management becomes more and more difficult.
Only manual management and passive inspection can not meet the requirements of running the entire system.
Now the maintenance engineer is focusing on how to deploy service swiftly, how to keep steady network operation, how to predict the operating quality of the network and how to locate the failure as soon as it happens. Therefore, the active network monitoring, automatic network failure inspection and recovery, and sound network operation are urgently required to guarantee maximum network profit.
ZTE giving positive response to the call of the times develops NetNumen U31 unified network management system. It is an integrated network management system composed by router, switch and CE, responsible for network element management, network management and service management. It supports multiple sorts of database, has graphic interface in different languages for convenient operation. Besides, this system also provides flexible northbound interface, supporting powerful interconnecting integration.
6.1.1 Network Management Networking Mode
Between NetNumen U31 NMS and ZXR10 5900E series equipment, inband management and outband management networking modes can be used.
Inband Management
96 ZTE Confidential Proprietary
ZXR10 5900E Product Description
Inband Management, i.e. instead of requiring an extra DCN, network management information and service data are delivered in the same channel. NetNumen U31 only has to connect with its nearby network equipments, and then together with configured SNMP, it can arrange management.
The advantage of inband management is that flexible networking does not ask for extra investment. But the network management information takes up service bandwidth, so it may seriously affect service quality.
Outband Management
Outband management, i.e. the network management information is delivered in service data independent from service data, so extra DCN is needed. NetNumen
U31 network management system is connected with the outband management interface of ZXR10 5900E, so that network management information and service information can be delivered independently.
By using outband management, the breakup of the service channel will not prevent the network management station to do equipment management, so that the transport of network information becomes more reliable. But the independent network is limited by the geographic reasons and requires extra investment.
6.1.2 NetNumen U31 Network Management System
NetNumen U31 network management system is an integrated management system designed by ZTE for its router, switch It covers network element management, network management and service management. NetNumen U31 network management system provides the following services.
Failure management makes sure steady network operation
In the maintenance of network management, the administrator urgently needs to know the network operating status to make sure steady network operation. The failure management of NetNumen U31 is responsible for receiving real-time equipment warning and network events from all NE, so that it can give audible and visible information to maintenance staffs; after being confirmed by maintenance staffs, the collected warning report will be saved for future statistics and search.
ZTE Confidential Proprietary 97
ZXR10 5900E Product Description
Failure management is the most important and common ly used method in user’s network operating maintenance. Via failure management, user can arrange information search, real-time monitoring, failure filtering, failure location, failure confirmation, failure deletion, and failure analysis for ZXR10 5900E series device.
Besides, NetNumen U31 system also provides voice prompt, graphic warning display, and informs user the failure by sending Email and messages via warning system, Email system, SMS system, which simplifies user’s daily maintenance.
Performance management enables complete understanding of network services
The traffic direction, traffic load and network load are the key issues in network management. The performance management module of NetNumen U31 is mainly responsible for the performance monitoring and analysis of data network and its equipments. The performance data collected by network element will generate performance report after a certain processing, so that maintenance and management departments can get information to guide network engineering, plan, network scheduling and improve network operating quality. Via performance management, user can implement load, traffic direction and interface load collection, get timely service quality report and give prompt evaluations and adjustment on entire network resource configuration.
Resource management makes reasonable use of network resource
The resource management realizes the management of physical resource and logical resource, so it is an inevitable basic system in carrier’s service progress.
Also it is the critical precondition for realizing automatic service initiation and automatic service guarantee. Via resource management, user via the resource management system not only can get information of the management of the equipment, module, interface and link in the network, but also can know the operating status of the logical resources, such as, VLAN resource, L2/L3 VPN resource, and MAC addresses.
View management makes network operation clear and easy
View management provides unified network topology and multi-view management, which enables the user to be aware of the network topology and equipment operating running status in the entire network. At the same time, it provides
98 ZTE Confidential Proprietary
ZXR10 5900E Product Description maintenance interfaces for network and equipment. User utilizes view management to know the operating status and warning status of the equipment. And also, it supports fast navigation to other management systems.
Configuration management enables fast service deployment
The configuration management implements the configuration of ZXR10 5900E series, including equipment management, interface management, VLAN management, L2 attribute management, MPLS management, routing protocol management, QoS management, software upgrade management, and configuration file management; Also it supports many customer-friendly configuration modes, such as end-to-end configuration, in-batch configuration, guiding configuration. Besides, it offers default configuration models to corresponding management.
Security management protects network from hacking
The security management is mainly responsible for user’s legal network operation.
It implements the management of user, user group and role. By arranging correct relationships between user, user group and role, it provides administrators with security control mechanism. Via login Authentication, it prevents illegal users from accessing the system. By authorized operation, it offers security mechanism to a dministrator’s secure operation.
Northbound interface gives conveniences to integration
Due to the fast development of telecom industry, one carrier nowadays should manage multiple different network element equipment or professional network management system. The drawbacks for instance no interaction among different professional network management systems, complicated management content, and multiple operating interfaces become more and more obvious. To enhance the integrated network management level and effect of telecom enterprise, one network management station can be used to implement all sorts of management and control to the interconnected networks, so that, the integrated entire network management comes true.
ZTE Confidential Proprietary 99
ZXR10 5900E Product Description
The integrated network management connects with professional network management via interface. So the professional network management should provide standard open northbound interface to the integrated network management system, so that, it can integrate with the integrated network management system rapidly and reliably. NetNumen U31 supports many types of northbound interface, e.g. CORBA, SNMP, TL1 XML and FTP.
6.2 Maintenance and Management
6.2.1 Multiple Configuration Modes
ZXR10 5900E series equipment provides multiple equipment login and management configuration modes, which enables user to choose the optimal way to configuring its connections. It makes the equipment maintenance easier.
Multiple configuration and management modes:
Serial interface connection configuration: Serial interface connection configuration uses VT100 terminal mode. It can use super terminal tool provided by Windows operating system to complete the configuration; for the bare metal or connectionless equipment, this method is the only choice;
Telnet connection configuration: 1. Via the IP address of the management Ethernet interface telnet (10/100Base-TX)on telnet main control board to configure switch;
2. Configure IP address over VLAN interface and set user name and password. Via the IP address of telnet VLAN interface, it implements switch configuration; when user requires remote login, and is able to communicating with equipment, this connection configuration mode can be used;
SSH(Secure Shell) protocol connection configuration: Initiate SSH service on
ZXR10 5900E series equipment, connect the VLAN interface IP address or management Ethernet port IP address via SSH client software to implement more secure switch configuration. When users require remote login with high demands for security, this connection configuration can be chosen;
100 ZTE Confidential Proprietary
ZXR10 5900E Product Description
SNMP connection configuration: The background network server acts as SNMP server, the front equipment ZXR10 5900E series equipment works as SNMP Client.
The background and front equipment share one MIB to manage the configuration of
ZXR10 5900E series equipment via network management software; This connection configuration mode enables the user to implement effective management configuration via network management software.
6.2.2
Monitoring, Controlling and Maintenance
ZXR10 5900E series is capable of multiple ways of equipment policing, management and maintenance, which enables the equipment to process all sorts of abnormity correctly, and provide users with all types of parameter in the course of equipment operation.
Equipment Monitoring, Controlling:
There are indicators on power supply module, fan, MSC and all LICs. They show the operating status of these components;
The MSC switchover and hot swappable records are kept for future reference;
When the fan, power supply or temperature goes wrong, the voice warning and software warning will be generated;
The system inspects the suitability of software versions during operation automatically;
The system operation automatically monitors the module temperature, and provides temperature control warning and software warning;
The system monitors the operating status of the software, when abnormity happens, the LIC will be restarted and MSC switchover will be implemented as well.
Equipment management and maintenance:
The command line provides flexible online help;
Provide hierarchical user authority management and hierarchical commands;
ZTE Confidential Proprietary 101
ZXR10 5900E Product Description
Support information center, provide unified management of log, alarm and scheduling information;
Via CLI, user can check the basic information of all MSC, LIC, and optical modules;
Provide multiple sorts of information query, including version, component status, temperature,CPU and memory availability.
6.2.3 Diagnosis and Debugging
ZXR10 5900E series provides multiple sorts of diagnosis and debugging methods, enabling user to have multiple ways to adjust equipment and get more debugging information.
Ping and TraceRoute: by inspecting whether or not the network connection is reachable and recording the transport path online, maintenance staffs can get link information for further analysis of failure locating;
Debugging: rich debug commands are provided for each software feature. Every debug command supports multiple debugging parameters, so it can be controlled flexibly. Via debug command, specific information of the progress, packet processing and error inspection of the service in the course of operation can be displayed;
Mirroring image service: it supports interface-based mirroring image, via which the incoming, outgoing or bidirectional packets are replicated to the observed interface.
6.2.4 Software Upgrad
ZXR10 5900E provides software upgrade modes in both normal and abnormal conditions.
Upgrade when the system is abnormal: Provide software upgrade when the equipment can not be initiated normally. Via modifying boot initation mode, load new software version from the management Ethernet interface to complete initiation upgrade;
102 ZTE Confidential Proprietary
ZXR10 5900E Product Description
Upgrade when the system is normal: Provide local or remote FTP online upgrade when the equipment is in normal condition.
6.2.5
File System Management
In ZXR10 5900E series equipment, the main storage device on MSC is FLASH, in which software version file and configuration file are saved. So both software upgrade and configuration storage will have some implementations on FLASH. FLASH consists of three categories: IMG, CFG and DATA.
IMG: This category is used to save software version file. Software version file with the extension name of “.zar” is a particular compressed file. The version upgrade actually is the change of the software version file in this category.
CFG: This category is used to save configuration file whose name is “startrun.dat”;
DATA: This category is used to save abnormal information of the equipment. The file name format is “YYYY-MM-DD HH-mm-SS.zte” .
File system operation
File backup and recovery: By using FTP/TFTP, the backup of software version file, configuration file and log of ZXR10 5900E series equipment can be save to the background server. Or the backup file can be restored from the background server;
File import and export: support the import/export of the file, after that, FTP/TFTP will replicate the file to the background host. The warning file and configuration file can be imported and exported for upgrade;.
ZTE Confidential Proprietary 103
ZXR10 5900E Product Description
7 Networking
7.1 Product Features in Real Network Implementations
7.1.1 SVLAN( Flexible QinQ)
SVLAN of ZXR10 5900E implements the function of providing SPVLAN label based on traffic. That is to say, it provides users with corresponding SPVLAN label on one
Customer port based on their needs according to different CVLAN label carried by packets.
By SVLAN, users can implement mapping from QoS of CVLAN label to SPVLAN.
As shown in the following figure, to implement one VLAN per user and sole identification for user, start QinQ on user access aggregation switch ZXR10 5900E. In this way inner layer and outer layer VLAN are combined to represent a user. Outer layer VLAN is selected based on inner layer VLAN or ACL traffic.
104 ZTE Confidential Proprietary
Figure 7-1 SVLAN networking application
ZXR10 5900E Product Description
7.1.2 IPTV
Figure 7-2 IPTV networking application
ZTE Confidential Proprietary 105
ZXR10 5900E Product Description
As one of the key technologies of ZTE IPTV system architecture, controllable multicast is mainly implemented at broadband access network side. The device implementing multicast control policy (BRAS,DSLAM or switch) is called multicast controlling point. As the terminating point of user multicast IGMP request, multicast controlling point decides whether to duplicate multicast traffic to user port based on corresponding IGMP request and control policy. The nearer multicast controlling point gets to the user, the more network bandwidth can be saved. As a key device implementing multicast control policy, multicast control point needs to support the following features: IGMP V1/V2, IGMP
Snooping, IGMP Filter, IGMP Proxy, IGMP Fast leave, MVR(Multicast VLAN Register),
SGR(Static Group Register), UGAC(User Group Access Control), and UGAR(User
Group Access Record). User demanding authorities are controlled by rules and channel binding.
As shown in Figure, multicast controlling point is configured on aggregation device
ZXR10 5900E. It can establish multicast forwarding table items based on IGMP packets to implement user access control configuration so as to implement preview, play control of the channel and to implement IPTV demands of the users.
106 ZTE Confidential Proprietary
7.1.3 ESRP
Figure 7-3 ZESR networking application
ZXR10 5900E Product Description
ESRP(Ethernet Smart Ring Protocol)is based on ITU G.8032 protocol.It checks whether the loop is connected to make sure that there is only one logically connected path between any two points on the ring. It re-set port status (block or forward) based on loop changes (connected-blocked; blocked-connected) to make logic path switch quickly.
Show as figure above, to enhance the network reliability, ESRP is deployed in the middle of access/aggregation layer. When a device on the ring fails, forwarding will not be impacted. The secondary port will be unblocked to implement reverse data forwarding. At the same time MAC table item is notified to get updated to guarantee non-interrupted services.
7.1.4 ZESS
Protecting the uplink links of access/aggregation layer device is a problem that users keep focusing on. Traditional technologies can only implement dual uplink links
ZTE Confidential Proprietary 107
ZXR10 5900E Product Description protection of a single device with single point error on uplinking device. To meet the practical networking needs, ZTE develops more advanced ZESS.
The application of ZXR10 5900E in ZESS is shown in Figure:
Figure 7-4 ZESS networking application
108
ZXR10 5900E supports ZESS uplink link protection. It can implement single device dual uplink networking such as ZESS domain4 and ZESS domain5. It can implement square connection of two devices and the upper layer NPE such as ZESS domain1. It can also implement crossing connection of two devices and upper layer NPE such as ZESS domain2 and ZESS domain3.
ZXR10 5900E ZESS supports main/standby and load sharing mode. In main/standby mode, the standby link doesn
’t carry traffic in normal situation. In load balancing mode, two uplink links can carry part of traffic respectively so as to implement load balancing.
ZTE Confidential Proprietary
ZXR10 5900E Product Description
7.2 Integrated Networking Applications
7.2.1 MAN Access Layer Solution
As L3 intelligent Ethernet switch, ZXR10 5900E series switches are suitable for the access layer of MAN working as the communicate switch. In this way, 5900E series switches connect with users in the access layer, providing rich bandwidth and access management services. The specific application is as shown in figure.
Figure 7-5 MAN Application
Internet
IP Backbone Layer
IP Core Layer
Aggregation Layer
Access Layer
5900E 3900E
2900E
DSLAM
7.2.2 Enterprise Network Solution
Community network requires large capacity, high port density and high bandwidth.
10G-based ZXR10 5900E series switches are very suitable for community network. They connect users with the aggregation/access layers, offering various bandwidth and access management services. The specific application is as shown in figure.
ZTE Confidential Proprietary 109
ZXR10 5900E Product Description
Figure 7-6 Enterprise Network Application
Internet
IP Backbone Layer
IP Core Layer
Aggregation Layer
Access Layer
5900E
DSLAM
3900E
2900E
110 ZTE Confidential Proprietary
ZXR10 5900E Product Description
8 Glossary
Abbreviations
MLD
DSLAM
SSH
VRRP
RED
DSCP
MPLS
PE
CE
RMON
SNMP
DHCP
ESRP
ERSPAN
PIM-SM
PIM-DM
RIP
ARP
ACL
BFD
FRR
OSPF
IS-IS
BGP
ISATAP
COS
TOS
BRAS
Full Characteristics
Multicast Listener Discovery Protocol
Protocol Independent Multicast Sparse Mode
Protocol Independent Multicast-Dense Mode
Routing Information Protocol
Address Resolution Protocol
Access Control List
Bidirectional Forwarding Detection
Fast Re-route
Open Shortest Path First
Intermediate System-to-Intermediate System
Border Gateway Protocol
Internet/Site Automatic Tunnel Addressing Protocol
Class of Service
Type of Service
Broadband Remote Access Server
Digital Subscriber Line Access Multiplexer
Secure Shell
Virtual Router Redundancy Protocol
Random Early Detection
Differentiated Services Code Point
Multi-Protocol Label Switching
Provider's edge router
Custom Edge Router r
Remote Monitor
Simple Network Management Protocol
Dynamic Host Control Protocol
Ethernet Smart Ring Protocol
Encapsulated Remote SPAN
ZTE Confidential Proprietary 111
ZXR10 5900E Product Description
LLDP
SSM
BMC
PTP
L2TP
VCT
VRF
LDP
BITS
CFM
MA
DCN
VPN
TFTP
GPS
TOD
IPFIX
UDLD
STP
RSTP
LACP
BPDU
DVMRP
MAC
OAM
QoS
ZESS
IGMP
PVLAN
PUPV
PSPV
Abbreviations Full Characteristics
Operations,Administration and Maintenance
Quality of Service
ZTE Ethernet Smart Switch
Internet Group Management Protocol
Private VLAN
Per User Per VLAN
Per Service Per VLAN
Spanning Tree Protocol
Rapid Spanning Tree Protocol
Link Aggregation Control Protocol bridge protocol data unit
Distance vector multicast routing protocol
Media Access Control
Data Communication Network
Virtual Private Network
Trivial File Transfer Protocol
Global Positioning System time of day
IP Flow Information eXport
UniDirectional Link Detection
Link Layer Discovery Protocol
Synchronous Status Message best measurement capability
Precision Time Synchronization Protocol layer 2 protocol transportation
Virtual Cable Tester
VPN Routing and Forwarding
Label Distribution Protocol
Building Integrated Timing Supply
Connectivity Fault Management
Maintenance Association
112 ZTE Confidential Proprietary
Abbreviations
MP
MD
LTM
LBM
LTR
LBR
IEEE
RADIUS
ZXR10 5900E Product Description
Full Characteristics
Maintenance Point
Maintenance Domains
LinkTrace Messages
LoopBack. Messages
LinkTrace Reply
LoopBack Reply
Institute of Electrical and Electronics Engineers
Remote Authentication Dial In User Service
ZTE Confidential Proprietary 113
advertisement
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Related manuals
advertisement
Table of contents
- 10 Overview
- 12 Features
- 12 Superior Performance and Capacity
- 12 Enhanced Video Service Experience
- 12 Rich Service Platforms
- 13 Carrier-Class High Reliability
- 13 Excellent Operation and Maintenance Design
- 14 Energy Saving and Environment Protection
- 16 Functions
- 16 Basic Function
- 16 MAC Address Management
- 22 SVLAN
- 24 Link Aggregation
- 25 Basic Ethernet Features
- 26 IGMP Snooping
- 27 Ipv4 Multicast Route
- 28 IPv4 Route
- 28 Voice VLAN
- 29 PPPoE
- 30 Value-Added Service
- 30 Cluster Management
- 32 ESRP Ring Protection
- 33 Security Feature
- 34 TR101 Feature
- 39 Support External Alarm Input and Output
- 40 VCT Technology
- 40 SFP DOM
- 40 SFlow
- 46 Port and VLAN Mirroring
- 47 Traffic Statistics
- 47 RADIUS
- 47 TACACS
- 49 DOT1X Authentication
- 52 DHCPv
- 58 Ethernet OAM
- 64 Multi-VRP CE
- 66 Dual-Port Loop Inspection
- 67 IPFIX
- 67 Features of Synchronous Clock
- 70 System Architecture
- 70 Product Physical Structure
- 72 Hardware Architecture
- 73 Control Module and Switching Module
- 79 Interface Module
- 80 Power Module
- 80 Clock Module
- 81 Software Architecture
- 83 Operation Support Subsystem
- 84 MUX Subsystem
- 84 L2 Subsystem
- 85 L3 Subsystem
- 86 NM and Operation & Maintenance Subsystem
- 86 ZXROS Platform
- 94 Technical Specifications
- 94 Physical Indices
- 95 Capacity
- 95 Performance
- 97 Power
- 97 Working Environment
- 97 Environmental Classes
- 97 Reliability
- 98 Operation and Maintenance
- 98 NetNumen U31 Unified Network Management Platform
- 98 Network Management Networking Mode
- 99 NetNumen U31 Network Management System
- 102 Maintenance and Management
- 102 Multiple Configuration Modes
- 103 Monitoring, Controlling and Maintenance
- 104 Diagnosis and Debugging
- 104 Software Upgrad
- 105 File System Management
- 106 Networking
- 106 Product Features in Real Network Implementations
- 106 SVLAN( Flexible QinQ)
- 111 Integrated Networking Applications
- 111 MAN Access Layer Solution
- 111 Enterprise Network Solution
- 113 Glossary