Miercom Report - Huawei S12700 Agile Switch

Miercom Report - Huawei S12700 Agile Switch
Key findings and conclusions:
 Huawei S12708 agile switch demonstrates 100% line rate
throughput with 384 10GE ports in full line rate throughput
tests
Lab Testing
Summary
Report
August 2013
Report SR130801
Product Category:
Enterprise
Switch
Vendor Tested:
 As a next-generation core switch for campus networks, the
S12708 switch has full programmability, is SDN ready, and
supports Protocol Oblivious Forwarding (POF)
 Resilient operation continues with fully loaded 384 10GE ports
even after removing one of four switching fabric modules
 Ethernet Ring Protection Switching (ERPS) and Smart Ethernet
Protection (SEP) demonstrated fault recovery in less than 50
milliseconds on an Open Ring Network
 Support for hardware-based Bidirectional Frequency
Distribution (BFD) with fast fault detection and switch back
without packet loss
H
uawei Technologies engaged Miercom to evaluate the S12700
series agile switches. Testing focused on Software-Defined
Networking (SDN) / Programmability capability, performance,
throughput, scalability and failover capability.
The S12700 series are LAN switches for campus core applications.
There are two models in the series: S12708 and S12712. The S12712
has 12 slots for line card modules. The model tested, the S12708,
offers eight slots for line card modules.
Performance testing verified 100% line rate throughput for all packet
sizes with zero frame loss, low latency and low jitter. The switching
fabric N + 1 redundancy was verified at the conclusion of the
throughput test by removing one of the four switching fabric modules
while the switch was fully loaded with full-mesh traffic.
Figure 1: Huawei S12708 Agile Switch
RFC 2544 Layer 2 Throughput
S12700 Series
Agile Switches
Throughput/Line Rate %
Product Tested:
100
100
100
100
100
100
100
100
64
128
256
512
1024
1280
1518
80
60
40
20
0
Source: Miercom, August 2013
Frame Size (Bytes)
The Huawei S12708 agile switch forwarded full line rate traffic with zero loss
for all frame sizes tested. The switch was configured with 384 x 10GE ports
in full mesh configuration and conducted in accordance with
RFC 2544.
The programmability tests involved a Huawei
Campus Controller to “program” or direct one or
more
S12708
switches.
The
advanced
programmability test was one of the first practical
examples of SDN that Miercom has observed in
hands-on testing.
Feature testing included CPU protection, fast fault
detection based on support for Bidirectional
Frequency Distribution (BFD) and protection and
recovery switching based on support for Ethernet
Ring Protection Switching (ERPS).
N + 1 Redundancy
The S12700 series agile switches have four
switching fabric modules. Following the RFC 2544
throughput test, for which the S12700 series agile
switch was fully loaded with full-mesh traffic, one of
the fabric modules was removed, stressing the
backplane.
The switch had sufficient capacity in the remaining
three switching fabric modules to quickly recover,
stabilize and resume operating at full line rate.
Programmability
Throughput Tests
Tests were conducted in accordance with RFC
2544 to determine Layer 2 throughput, latency,
jitter and frame loss on the S12708 agile switch.
Layer 2 frames were forwarded at 100% of line
rate for all frame sizes with zero frame loss. The
frame sizes tested ranged from 64 to 1518 bytes.
See Figure 1 on page 1.
The average latency observed across all 384 of
the 10GE ports ranged from 3.9µsec for 64-byte
packets to 29.7µsec for 1518-byte packets.
The average jitter observed across all ports
ranged from 1.8µsec for 64-byte packets to
5.0µsec for 1518-byte packets. See Figure 2 for
both latency and jitter measurements.
Large frames, 1518 bytes, were used to validate
aggregate throughput. Small frames of 64 bytes
were used to validate packet handling capability.
Programmability of the S12700 series agile
switches is provided by the Huawei SDN forwarding
plane technology, Protocol Oblivious Forwarding
(POF). Miercom believes POF to be more capable
than the original specification on which it is based,
OpenFlow 1.3 from the Open Networking
Foundation.
POF offers full backward compatibility with
OpenFlow 1.3 and applies to all routing protocols,
while OpenFlow applies to only IP routing.
POF provides benefits to user organizations in the
present and can future-proof the switching
infrastructure for the long haul.
POF enables users to make changes to the
switching infrastructure that typically requires a
patch from the vendor. Examples include trying a
new protocol, testing a new RFC handle or adding
a specific security requirement for handling traffic.
Figure 2: Huawei S12708 Agile Switch
Average Latency and Average Jitter
6
35
5.0
30
5.0
5.0
5
29.7
3.5
21.0
27.0
4
20
3
15
1.8
2.1
10
5
3.9
12.5
1.7
2
4.9
5.7
128
256
Jitter (s)
Latency (s)
25
Average
Latency
Average
Jitter
1
0
The Huawei
S12708 agile switch
demonstrated
excellent low latency
with consistent (low
jitter) performance
during testing with full
line rate traffic to 384
x 10GE traffic load in
accordance with
RFC 2544.
0
64
Source: Miercom, August 2013
512
1024
1280
1518
Frame Size (Bytes)
Copyright © 2013 Miercom
Huawei S12700 Series Agile Switches
Page 2
The Huawei S12700 series
agile switches provide an
easy-to-use interface for
adding custom header
information to Ethernet
frames for special purpose
use of Software Defined
Networking (SDN). In this
example, the custom
header was specified to
indicate specific location
details: building, floor,
room and seat numbers.
Command instructions to
the switch could then make
traffic forwarding decisions
based on these simple
locations identified in
these fields.
Figure 3: Huawei S12700 Agile Switch
Campus Controller Interface
Source: Miercom, August 2013
Because POF applies to all protocols, in the future
it will be able to control traffic types that have yet
to be introduced.
Basic Programmability A Huawei Campus
Controller successfully programmed a S12700
agile switch to forward a non-standard Ethernet
packet type, 0x0889, created from the Spirent
TestCenter traffic generator.
Usually, a switch will drop non-standard traffic
types that are not defined as valid Ethernet frame
types. In this test, however, we programmed a
S12700 agile switch to forward traffic (non-standard
0x0889 type) generated from the Spirent
TestCenter through the switch under test. The
Spirent test system accurately reported the nonstandard Ethernet frames being forwarded through
the switch when it was programmed to do so. We
also verified that the switch would drop these nonstandard frames when we removed the command
to forward the non-standard traffic, as expected.
Figure 4: Huawei S12700 Agile Switch SDN Programmable Interface
and Spirent TestCenter Generating Custom Ethernet Frames
The Huawei Campus
Controller interface is
shown here and used to
program the SDN
functionality of the
S12700 agile switch.
The interface of the
Spirent TestCenter,
shown here, was used
to generate traffic and
monitor the custom
Ethernet frames used in
the testing to prove the
non-standard Ethernet
frame-handling ability of
the Huawei S12700
agile switch.
Source: Miercom, August 2013
Copyright © 2013 Miercom
Huawei S12700 Series Agile Switches
Page 3
Center generated 64 Kbps of traffic. The amount
of traffic allowed to pass through the switch by its
rate limiting functionality was 32 kbps. CPU
utilization stayed below three percent for the
duration of the test.
Figure 5: User-defined Flow Table
Rule Sets
Rate Limiting and Blocking The switch was
subjected to DoS flood attack of 150 packets per
second, which exceeded the defined threshold.
The switch blocked the IP addresses of offending
sources for five minutes. CPU utilization remained
less than three percent for the duration of the test.
Whitelist A whitelist of IP addresses that were to
be excluded from blocking during the DoS attack in
the test were entered into the ACL of a S12700
agile switch.
Source: Miercom, August 2013
A user-defined rule example for the Campus Controller
shown here is used to apply, forward or remove the
custom header for traffic through the Huawei S12700
agile switch.
The switch successfully allowed traffic from the
whitelist of IP addresses to pass through
uninhibited even when traffic exceeded the
threshold for rate limiting and blocking.
Advanced Programmability In this test, three
Huawei S12700 agile switches were used to
simulate a small campus network. In Diagram 1
on page 7, DUT-2 is the core switch. DUT-1 and
DUT-3 are access switches that connect directly
to users.
The CPU was protected as utilization remained
below five percent for the duration of the test.
Testing verified that the core switch can be
programmed by the Campus Controller to
encapsulate packets with a non-standard,
additional header containing administrator-defined
information.
Bidirectional Forwarding Detection
The Campus Controller also could provide the
commands to remove the added header as well
as define the destinations to which traffic can be
forwarded.
As shown in Diagram 1, the non-standard,
additional header was user-defined information,
including the building, room, floor and seat.
The success of this test was one of the first
practical examples of SDN that Miercom has
observed in hands-on testing.
Rate Limiting & Blocking Protection
Three tests carried out with the Spirent Test
Center validated the ability of the Huawei S12700
series agile switches to protect the CPU from
overburdening of resources due to excessive
traffic.
Rate Limiting
The S12700 agile switch
overcame a simulated DoS flood attack of double
the designated traffic rate. The Spirent Test
Copyright © 2013 Miercom
Note: The Huawei S12700 series agile switches
can be configured to send an SNMP alert when the
traffic limit is reached.
Linkage Huawei S12700 series agile switches
support Bidirectional Frequency Detection (BFD)
linkage between switches.
BFD is a detection protocol that verifies connectivity
between network nodes and provides rapid failure
detection, while maintaining low overhead. It is a
single, standardized method of detecting link,
device and protocol failure for any encapsulation
topology at any protocol layer and over any media.
One of the problem scenarios that BFD solves is
the lack of fast fault detection where no routing
protocols exist, such as the lower layers of
Ethernet. Without BFD, an Ethernet node cannot
rely on an “interface down” event to trigger network
reconvergence. It must wait for higher layer
protocol timers to time out before determining that a
neighboring node is not reachable.
In this test, two Huawei S12700 series agile
switches (DUT-1 and DUT-2) and a Huawei S5700
series switch (S57) were linked in a VLAN. A BFD
session was initiated between DUT-1 and DUT-2.
Linkage was verified as shutting down Port 1 on
DUT-1 caused Port 2 on DUT-2 to shut down. See
Diagram 2 on page 8.
Huawei S12700 Series Agile Switches
Page 4
Linkage under OSPF This test validated the
ability of the S12700 series agile switches with
BFD enabled and running under Open Shortest
Path First (OSPF) to quickly detect a failure,
recover in the desired timeframe and reroute
traffic.
OSPF is a Layer 3 interior routing protocol for IP
networks. Because BFD is protocol-neutral and
can be used at any layer, it can provide failure
detection under OSPF.
In Diagram 3 on page 8, the two Huawei S12700
series agile switches (DUT-1 and DUT-2) with
BFD enabled and running under OSPF were
linked with two other Huawei switches (Switch 3
and Switch 4).
The test generation platform delivered routable,
128-byte traffic at 10,000 frames per second (fps)
to Port 1 of DUT-1 and Port 1 of DUT-2. The
direct route between DUT-1 and DUT-2 was set
as higher cost path, forcing traffic to flow via
Switch 3 and Switch 4.
A failure was created by disconnecting the link
between Switch 3 and Switch 4. The switch over
of traffic to the direct (higher cost) path between
DUT-1 and DUT-2 and reconvergence occurred in
65 milliseconds (ms), one-third less time than the
expected 100ms.
It was very impressive to note that cutover back to
the original state occurred without any packet loss
under a heavy traffic load condition.
Ethernet Ring Protection Switching
Tests were conducted to validate the support of
the Huawei S12700 series agile switches for
Ethernet Ring Protection Switching (ERPS), which
provides protection and recovery switching in less
than 50 ms for Ethernet traffic in a ring topology. It
also insures that no loops are formed.
In the event of a failure, a single ring in the ring
topology that usually is blocked is unblocked to
allow traffic to flow and reconvergence to occur.
ERPS on Open Ring Network This test utilized
an ERPS “semi ring” neighboring a Spanning Tree
Protocol topology.
The ERPS semi ring in Diagram 4 on page 8
consisted of two Huawei S12700 series agile
switches (DUT-1 and DUT-2). The tester
generated 10,000 fps of routable IP traffic via
Path A.
The spanning tree protocol caused the switch to
block the connection between the C3750 (Cisco
Copyright © 2013 Miercom
switch) and DUT-2 to avoid a looping condition.
Also, the ERPS semi-ring connection blocked
Port 6 of S57_1.
A link failure of Port 1 on DUT 1 was introduced.
STP switched the state of the connection between
the C3750 and DUT-2 to forwarding from blocking,
allowing traffic to flow and reconvergence to occur.
Recovery of the spanning tree topology occurred in
139 ms. Recovery to the original topology took
12 ms.
For the ERPS rerouting test, the Port 5 connection
from S57_1 to DUT-2 was interrupted, causing the
ERPS semi ring to reconverge with traffic flowing
through Path C.
Multiple Instances of ERPS Support for ERPS
and the ability to properly route traffic through a test
network of two ERPS rings was validated in this
test. See Diagram 5 on page 9.
The same load of routable IP traffic was used as in
the previous test, 10,000 fps.
The Huawei S12700 series agile switches are
DUT-1 and DUT-2. Huawei S5700 series switches
are S57_1 and S57_2.
Loop avoidance in ERPS is achieved by
guaranteeing that at any time, traffic may flow on all
but one of the ring links. That link, the Ring
Protection Leader (RPL), is blocked under normal
conditions. In case of a failure, one end of the RPL
is unblocked to allow it to handle traffic.
For this test, Port 3 on DUT-1 was configured as
the RPL for one instance of ERPS. Port 2 on S57_1
was configured as the RPL for the second instance
of ERPS. The ports initially would be blocked to
avoid a looping condition.
Upon interrupting traffic by disconnecting Port 1 on
DUT-2, the ring topology reconverged to Path B.
The interruption and reconvergence took 16 ms.
The switches in the ERPS rings were set to allow
one minute to elapse before reconverging the
network, which took 7.25 ms. One minute was a
good length of time to help avoid route flapping by
ensuring a stable, reconnected state.
Smart Ethernet Protocol
This test proved the S12700 series agile switches
can successfully reroute traffic through a hybrid
environment with fast reconvergence, minimum
cutover times and no route flapping. A hybrid ring
consisting of a SEP “semi ring” neighboring a
Multiple Spanning Tree Protocol (MSTP) network
was utilized. See Diagram 6 on page 9.
Huawei S12700 Series Agile Switches
Page 5
Smart Ethernet Protection (SEP) protocol delivers
fault convergence in under 50ms for ring
networks. Multiple Spanning Tree Protocol
(MSTP) configures a separate Spanning Tree
for each VLAN group and blocks all but one of
the possible alternate paths within each
Spanning Tree.
In the test bed, the DUT is a S12700 agile switch.
C3750, a Cisco switch, is the root switch for the
MSTP network. S57_1, S57_2 and S57_3 are
Huawei S5700 series switches.
In normal state, the MSTP topology blocks Port 3
of the DUTs to prevent a looping condition. Also,
the SEP semi-ring topology blocks Port 6 of
switch S57_3.
Upon interrupting Port 2 on the DUT, the MSTP
reconverged to allow traffic to flow in 19.7 ms.
When the port connection was restored, cutover
back to the original topology took 22.4 ms after
the configured wait time of one minute to avoid
route flapping.
A second interruption, Port 5 of the DUT, forced a
reconvergence of the SEP semi ring. Traffic was
then rerouted to Path C. The time needed to
reconverge was 45.7 ms.
When the port connection was restored, cutover
back to original topology took 8.4 ms after the
configured wait time of one minute to avoid route
flapping.
Easy Operation Solution
Two tests verified the functionality of the Easy
Operation Solution in the Huawei S12700 series
agile switches. The functionality is rare and
ingeniously simple.
The first test utilized a S12700 agile switch as a
“commander” to aid in the initial configuration of
new devices on the network. In the second test, the
commander aided in updating software of the same
devices.
In Diagram 7 on page 9, the S12700 agile switch is
the DUT. When new, un-configured devices were
added to the network (Huawei S5700 switches,
S57_1 client and S57_2 client), they obtained the
configuration file from the SFTP server in the
following way. They contacted the gateway (DHCP
server) to obtain the IP address of the commander,
which redirected to the SFTP server.
In the second test, Client1 and Client2 followed the
same path to the SFTP server to update software.
Examples of software that can be updated include
the configuration file and firmware. Patches also
can be received in this way, a time-saving
alternative to contacting the vendor.
As a commander, the Huawei S12700 series agile
switches can command 255 devices.
Energy-Efficient Ethernet
This portion of testing validated support of the
Huawei S12700 series agile switches for IEEE
Figure 6: Huawei S12700 Agile Switch Power Savings
Due to Energy Efficient Ethernet (IEEE 802.3az)
1,075
1,059.9
1,050
1,020.7
1,025
1,000
986.7
991.5
1,002.3
975
Watts
1,059.5
1,005.6
EEE
Disabled
982.2
950
925
900
EEE
Enabled
939.0
922.1
875
850
825
Idle
with Link
10%
Source: Miercom, August 2013
Copyright © 2013 Miercom
30%
50%
The Huawei S12700
agile switch exhibits
very low power
consumption during fully
loaded 384 x 1GE port
tests. Additional energy
savings was achieved
when 802.3az Energy
Efficient Ethernet setting
was enabled on the
switch. The switch
exhibits lower power
consumption than most
switches in this class,
even before the EEE
savings feature was
enabled.
100%
Load Types
Huawei S12700 Series Agile Switches
Page 6
802.3az, the Energy Efficient Ethernet standard,
which allows energy to be saved on a per-port
basis by capitalizing on the periods of inactivity
between packet transmission and powering down
the physical interface for brief periods of time
during periods of low link utilization.
The S12700 agile switch was tested for power
consumption with EEE disabled. Results then
were compared to results with EEE enabled.
With all 384 links up, no traffic and EEE disabled,
the measured power consumption for the S12700
agile switch was 986.7 watts. It is a testament to
the switch’s energy-efficient switching fabric that
consumption only increased by less than 74
watts, to 1,059.9 watts while handling a 100%
load of Layer 2, IMIX traffic.
With EEE enabled, the S12700 agile switch
consumed 922 watts with all 384 links up and no
traffic applied. It then was tested while handling
various levels of IMIX traffic: 10% (939 watts),
30% (982), 50% (1,002) and 100% (1,060). See
Figure 6 on page 6 for more details.
MAC Address Table Capacity
Testing verified a capacity of 1,048,576
addresses for the MAC table of the Huawei
S12700 series agile switches. This number is
slightly higher than the vendor specification of one
million.
FIB Routing Table Capacity
Testing verified a capacity of 3 million IPv4 routes
and one million IPv6 routes.
Bottom Line
The Huawei S12700 series agile switches can
play a significant role in campus networks now
and for years to come, thanks to its future-proof
design and capability to accommodate evolving
user needs.
Key components of the future-proof design include
large capacity of MAC, FIB and ARP tables as well
as its SDN-ready/programmable architecture.
Overall, we found the Huawei S12700 series agile
switches to be full-featured, high-performance
Layer 2 and Layer 3 Ethernet LAN switches for
core campus network applications.
The switches provide a strong combination of high
performance, a rich feature set, high resiliency and
excellent programmability for multiple protocols.
Diagram 1: Programmability
Enhanced Function of Programmability
Assume that:
DUT-1 connects to users
located in:
Building A, Floor 2, Room 3
DUT-3 connects to users
located in:
Building B, Floor 4, Room 5
Copyright © 2013 Miercom
Huawei S12700 Series Agile Switches
Page 7
Diagram 2: Bidirectional Forwarding Detection
Linkage between BFD and Interface
Diagram 3: Bidirectional Forwarding Detection
Linkage under OSPF
Switch 4
Switch 3
Diagram 4: Ethernet
ERPS (G.8032) on an Open Ring Network
Path A
Copyright © 2013 Miercom
Path B
Huawei S12700 Series Agile Switches
Path C
Page 8
Diagram 5: Ethernet - ERPS Multi-Instance
Port_1
Port_2
ERPS Blocked
VLAN 2000
MSTI 20
S57_1
DUT_2
DUT_1
Link
Failure
ERPS Blocked
VLAN 2000
MSTI 20
S57_1
DUT_2
Port_2
Port_2
Port_3
Port_3
Port_3
Port_3
Port_2
X
DUT_1
Port_2
Port_2
Port_1
Port_1 Port_1
Port_1
Port_1
Port_1
Port_2
ERPS Blocked
VLAN 1000
MSTI 10
Port_1
S57_2
S57_2
Tester
VLAN 1000 Tport_1
Port_2
Tester
VLAN 2000
VLAN 1000 Tport_1
Tport_2
Path A
VLAN 2000
Tport_2
Path B
Diagram 6: SEP on an Open Ring Network
Path A
Path B
Path C
Diagram 7: Easy Operation with Commander
This topology was
used for demonstrating
deploying new devices,
updating software and
loading patches
through SFTP.
Copyright © 2013 Miercom
Huawei S12700 Series Agile Switches
Page 9
Test Bed Diagram
Load Generator
Switch Under Test
(SUT)
Load Generator
Spirent
TestCenter
Ixia
XM12
Huawei S12700
Agile Switch
Source: Miercom, August 2013
How We Did It
The Huawei S12700 agile switch was evaluated for Software-Defined Networking (SDN) programmable
capability, performance, features and energy efficiency. The Huawei S12700 agile switch chassis
evaluated was running the latest firmware available. We tested the Huawei S12708 agile switch, however,
while on-site, we also observed the operation of other switches in the S12700 series. Specific results
apply to the Huawei S12708 switch, but general implementation procedures are the same for all models in
the Huawei S12700 series agile switches.
For performance testing, Miercom and Huawei engineers used load generators to ensure that the
maximum potential of the switch was validated. For feature testing, the load generators were configured to
specifically test certain functionalities to verify that they were working appropriately and routing correctly.
Energy efficiency was determined by measuring energy consumption without any energy saving features
enabled and then repeating the testing with these features turned on to compare savings.
State of the art, industry recognized test and measurement equipment was used in the testing. Two
different traffic generators were used including the Ixia XM12 running IxNetwork version 5.50.121.48 and
Spirent TestCenter running version 3.76.0076.
Utilizing RFC 2544, RFC 3918, and RFC 2889 standards for load testing, Miercom was able to obtain
industry applicable metrics for latency, throughput, and other statistical measurements such as out of
sequence errors and jitter to ensure validity of the metrics observed. Analyzing the statistics, we were able
to produce accurate results for public distribution.
The tests in this report are intended to be reproducible for customers who wish to recreate them with the
appropriate test and measurement equipment. Current or prospective customers interested in repeating
these results may contact [email protected] for details on the configurations applied to the Switch
Under Test and test tools used in this evaluation. Miercom recommends customers conduct their own
needs analysis study and test specifically for the expected environment for product deployment before
making a product selection.
Copyright © 2013 Miercom
Huawei S12700 Series Agile Switches
Page 10
Miercom Performance Verified
The performance of Huawei S12700 series agile switches
was verified by Miercom in hands-on testing.
The switches proved fully programmable, full line rate
throughput, and excellent resiliency and redundant fault
tolerant configuration. Excellent, below industry average
power consumption was noted while the switch was fully
loaded in test scenarios.
The switches achieved the performance required for
applicability in a campus core deployment and achieved
the Miercom Performance Verified Certification.
Huawei Technologies, Co., Ltd.
Huawei S12700
Agile Switch
www.huawei.com
About Miercom’s Product Testing Services
Miercom has hundreds of product-comparison analyses
published over the years in leading network trade
periodicals
including
Network
World,
Business
Communications Review, Tech Web - NoJitter,
Communications News, xchange, Internet Telephony and
other leading publications. Miercom’s reputation as the
leading, independent product test center is unquestioned.
Miercom’s private test services include competitive product
analyses, as well as individual product evaluations.
Miercom features comprehensive certification and test
programs including: Certified Interoperable, Certified
Reliable, Certified Secure and Certified Green. Products
may also be evaluated under the NetWORKS As
Advertised program, the industry’s most thorough and
trusted assessment for product usability and performance.
Report SR130801
[email protected]

www.miercom.com

Before printing, please
consider electronic distribution
Product names or services mentioned in this report are registered trademarks of their respective owners. Miercom makes every effort to ensure that
information contained within our reports is accurate and complete, but is not liable for any errors, inaccuracies or omissions. Miercom is not liable for
damages arising out of or related to the information contained within this report. Consult with professional services such as Miercom Consulting for
specific customer needs analysis.
Copyright © 2013 Miercom
Huawei S12700 Series Agile Switches
Page 11
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertisement