ZXR10 5100E oduct Pr Description - libertyport.com · ZTE CONFIDENTIAL: This document contains...

ZXR10 5100E Product Description

Version Date Author Approved By Remarks

V1.00 2010-12-30 XUXIAODONG YUANZHIYONG The first version

V1.1 2012-02-28 XUXIAODONG YUANZHIYONG Modifying ingress and egress ACL number

ZTE CONFIDENTIAL: This document contains proprietary information of ZTE and is not to be disclosed or used without the prior written permission of ZTE.

Due to update and improvement of ZTE products and technologies, information in this document is subjected to change without notice.

TABLE OF CONTENTS

1 Overview ......................................................................................................... 1

2 Features .......................................................................................................... 2 2.1 Superior Performance and Capacity ................................................................. 2 2.2 Enhanced Video Service Experience ................................................................ 2 2.3 Rich Service Platforms ..................................................................................... 2 2.4 Carrier-Class High Reliability ............................................................................ 2 2.5 Excellent Operation and Maintenance Design .................................................. 3 2.6 Energy Saving and Environment Protection ...................................................... 4

3 Functions ........................................................................................................ 5 3.1 Basic Function .................................................................................................. 5 3.1.1 MAC Address Management .............................................................................. 5 3.2 VLAN ................................................................................................................ 6 3.2.1 Port-Based VLAN ............................................................................................. 6 3.2.2 Protocol–Based VLAN ...................................................................................... 7 3.2.3 Subnet VLAN .................................................................................................... 7 3.2.4 PVLAN.............................................................................................................. 7 3.2.5 VLAN Translation ............................................................................................. 8 3.2.6 QinQ ................................................................................................................. 8 3.2.7 SVLAN.............................................................................................................. 9 3.2.8 STP ................................................................................................................ 10 3.2.9 Link Aggregation ............................................................................................. 11 3.2.10 Basic Ethernet Features ................................................................................. 12 3.2.11 IGMP Snooping .............................................................................................. 13 3.3 Value-Added Service ...................................................................................... 13 3.3.1 Cluster Management ...................................................................................... 13 3.3.2 ESRP Ring Protection .................................................................................... 15 3.3.3 ZESS ZTE Ethernet Smart Switch .................................................................. 15 3.3.4 Security Feature ............................................................................................. 16 3.3.5 TR101 Feature ............................................................................................... 17 3.3.6 Support External Alarm Input and Output ....................................................... 17 3.3.7 VCT Technology .......................................................................................... 18 3.3.8 SFP DOM ....................................................................................................... 18 3.3.9 SFlow ............................................................................................................. 18 3.3.10 ACL ................................................................................................................ 20 3.3.11 QoS ................................................................................................................ 21

3.3.11.1 Basic QoS Feature ............................................................................... 21 3.3.11.2 Ethernet QoS ........................................................................................ 23 3.3.11.3 Port Mirroring ........................................................................................ 23 3.3.11.4 Traffic Statistics .................................................................................... 23

3.3.12 NTP ................................................................................................................ 23 3.3.13 RADIUS .......................................................................................................... 24 3.3.14 SNMP ............................................................................................................. 24 3.3.15 RMON ............................................................................................................ 25 3.3.16 DOT1X Authentication .................................................................................... 25 3.3.17 IPTV ............................................................................................................... 26 3.3.18 VBAS .............................................................................................................. 26

3.3.19 ARP ................................................................................................................ 27 3.3.20 DHCPv4 ......................................................................................................... 28 3.3.21 DHCPv6 ......................................................................................................... 28 3.3.22 LLDP .............................................................................................................. 28 3.3.23 UDLD ............................................................................................................. 30 3.3.24 Ethernet OAM ................................................................................................. 32

3.3.24.1 802.3ah................................................................................................. 32 3.3.24.2 CFM ...................................................................................................... 34

3.3.25 L2PT ............................................................................................................... 36 3.3.26 Dual-Port Loop Inspection .............................................................................. 37

4 System Architecture ..................................................................................... 39 4.1 Product Physical Structure.............................................................................. 39 4.2 Hardware Architecture .................................................................................... 40 4.2.1 Control Module and Switching Module ............................................................ 41

4.2.1.1 Interface ................................................................................................ 43 4.2.1.2 Indicator ................................................................................................ 44

4.2.2 Interface Module ............................................................................................. 45 4.2.3 Power Module ................................................................................................. 46 4.3 Software Architecture ..................................................................................... 46 4.3.1 Operation Support Subsystem ........................................................................ 47 4.3.2 MUX Subsystem ............................................................................................. 48 4.3.3 L2 Subsystem ................................................................................................. 48 4.3.4 NM and Operation & Maintenance Subsystem ............................................... 49 4.4 ZXROS Platform ............................................................................................. 49

5 Technical Specifications .............................................................................. 53 5.1 Physical Indices .............................................................................................. 53 5.2 Capacity ......................................................................................................... 54 5.3 Performance ................................................................................................... 54 5.4 Power ............................................................................................................. 54 5.5 Working Environment ..................................................................................... 54 5.6 Environmental Classes ................................................................................... 55 5.7 Reliability ........................................................................................................ 55

6 Operation and Maintenance ......................................................................... 56 6.1 NetNumen N31 Unified Network Management Platform ................................. 56 6.1.1 Network Management Networking Mode ........................................................ 56 6.1.2 NetNumen N31 Network Management System ............................................... 57 6.2 Maintenance and Management ...................................................................... 59 6.2.1 Multiple Configuration Modes ......................................................................... 59 6.2.2 Monitoring, Controlling and Maintenance ........................................................ 60 6.2.3 Diagnosis and Debugging ............................................................................... 60 6.2.4 Software Upgrad ............................................................................................. 61 6.2.5 File System Management ............................................................................... 61

6.2.5.1 File system introduction ........................................................................ 61 6.2.5.2 File system operation ............................................................................ 61

7 Networking .................................................................................................... 63 7.1 Product Features in Real Network Implementations ....................................... 63 7.1.1 SVLAN( Flexible QinQ) ................................................................................... 63 7.1.2 ESRP ............................................................................................................. 65

7.1.3 ZESS .............................................................................................................. 65 7.2 Integrated Networking Applications ................................................................. 66 7.2.1 MAN Access Layer Solution ........................................................................... 66 7.2.2 Enterprise Network Solution ........................................................................... 67

8 Glossary ........................................................................................................ 69

FIGURES

Figure 3-1 Specific QinQ Networking Application ................................................................. 8

Figure 3-2 The Networking Topology of Cluster Management ............................................ 14

Figure 3-3 The Rules for Switch Role Conversion .............................................................. 15

Figure 3-4 T he networking topology of ZESS ..................................................................... 16

Figure 3-5 Alarm Interface .................................................................................................. 18

Figure 3-6 Basic Architecture of sFlow ............................................................................... 19

Figure 3-7 Traffic Policing with CIR/PIR ............................................................................. 22

Figure 3-8 5P3D Model based upon Ethernet Service ........................................................ 23

Figure 3-9 False connection of interface ............................................................................ 31

Figure 3-10 Interface down ................................................................................................ 31

Figure 3-12 Relationship of sub-layers of OAM in ISO/IEC OSI reference model ............... 32

Figure 3-13 Maintenance domain ....................................................................................... 34

Figure 3-14 Ethernet Maintenance Domain Inclusive Relations.......................................... 35

Figure 3-15 L2TP Networking ............................................................................................ 36

Figure 4-1 The Front Panel of ZXR10 5128E ..................................................................... 39

Figure 4-2 The Front Panel of ZXR105128E-FI .................................................................. 39

Figure 4-3 The Front Panel of ZXR10 5116E ..................................................................... 40

Figure 4-4 System hardware diagram of ZXR10 5100E ..................................................... 41

Figure 4-5 Diagram of main control card ............................................................................ 42

Figure 4-6 Functional Block Diagram for the Operation Support Subsystem ...................... 48

Figure 4-7 functional Block Diagram of the L2 Subsystem ................................................. 49

Figure 7-1 SVLAN networking application .......................................................................... 64

Figure 7-2 ZESR networking application ............................................................................ 65

Figure 7-3 ZESS networking application ............................................................................ 66

Figure 7-4 MAN Application ............................................................................................... 67

Figure 7-5 Enterprise Network Application ......................................................................... 68

TABLES

Table 4-1 The Assistant Interface Type and Interface Number of ZXR10 5100E ................ 43

Table 4-2 Feature of 100/1000Base-T Ethernet interface on main control card of ZXR10 5100E ................................................................................................................................... 43

Table 4-3 Functions of ZXR10 5100E system indicators .................................................... 44

Table 4-4 Service Interface Card of ZXR10 5100E ............................................................. 46

Table 4-5 L2 Protocol Standard .......................................................................................... 50

Table 4-6 TCP/IP Protocol Standard .................................................................................. 50

Table 4-7 D ifferentiated Services Standard ........................................................................ 51

Table 4-8 D HCP Standard ................................................................................................. 51

Table 4-9 Network Management Standard ......................................................................... 51

Table 5-1 P hysical Parameters .......................................................................................... 53

Table 5-2 B asic Performance ............................................................................................. 54

Table 5-3 Re liability ............................................................................................................ 55

1 Overview ZXR10 5100E Series Gigabit L2 Switches introduced by ZTE aim at satisfying access market in the industry, in order to meet the requirements of service access bearer network integrate data, voice, video and mobile services on a unified platform. With high-performance software/hardware architecture, excellent switching capacity and performance, simple operation and maintenance tool, ZXR10 5100E series products give conveniences to develop sustaining carrier-class bearer network.

ZXR10 5100E series products make the equipment work longer and maximally protect operator’s investment, with their High-speed back plane, advanced special core chips, featuring their superior service extensibility and more value-added services. “Green Environment Protection” design philosophy enables ZXR10 5100E series products to be famous for its low power consumption in the industry. The tight architecture of the equipment requires little space and costs in equipment operation. The modular dual power supply design ensures high reliability, which greatly reduces the costs of operation and maintenance, and realizes maximum profits.

ZXR10 5100E series all-GE L2 s witch includes three models, i.e. 5116E,5128E and 5128E-FI. ZXR10 5116E provides 12 GE Ethernet electrical interfaces, 1extension slot, 1 FE management interface, 1 Console port, 2 warning ports. The subcard for the extension slot can be classified into 3 sorts: 4 GE SFP optical interfaces, 4 GE electrical interfaces, 4 10GE optical interface 5128E provides 24 GE Ethernet electrical interfaces, 1extension slot, 1 FE management interface, 1 Console port, 2 warning ports. The subcard for the extension slot can be classified into 3 sorts: 4 GE SFP optical interfaces, 4 GE electrical interfaces, 4 10G E optical interface;ZXR10 5128E-FI provides 24 G E Ethernet SFP interfaces, 1 ex tension slot, 1 FE management interface, 1 C onsole interface and 2 warning interfaces. The subcard for the extension slots can be classified into 3 s orts: 4 G E SFP optical interfaces, 4 G E electrical interfaces, 4 10GE optical interfaces.

2 Features

2.1 Superior Performance and Capacity By using the advanced hardware architecture and design philosophy, ZXR10 5100E guarantees wire-speed forwarding of all services. Hardware-based IPv4/IPv6 forwarding mechanism provides the optimal performance and flexibility, so it is capable to building future-oriented basic network platform.

2.2 Enhanced Video Service Experience ZXR10 5100E supports multicast QoS, and solves the management of traffic engineering issue caused by multi-port replication of multicast service. It reduces the latency, jitter and abrupt packet loss of video stream. Besides, it shortens the time for user’s video stream to join in or leave the network. At the same time, multicast service access control technology ensures the secure access of multicast service, and makes sure users can enjoy high-quality video service.

2.3 Rich Service Platforms ZXR10 5100E series uses mature and unified ZXROS multi-service platform, providing the most reliable, extensible and manageable protocol system for IPv4/IPv6. It gives full support to L2 services and standard protocols. Also it is compatible with the original network, so it is the best platform for network integration.

It supports enhanced Ethernet features such as SVLAN/ZESR (ESRP+/ZESS). Together with highly efficient L2PT tunnel technology, it provides customers with all sorts of flexible solutions.

The end-to-end OAM service management and performance monitoring based upon all sorts of granularity e.g. physical port and logical link make the network operation more transparent and convenient. Each port provides large-capacity hardware queue, so that it can support all kinds of services flexibly, and realize traffic shaping, policy marking, queue scheduling and congestion control. It meets user’s requirements for multiservice bandwidth control, realizes real SLA in the course of service access, and provides solid guarantee to carrier’s precise operation.

2.4 Carrier-Class High Reliability ZXR10 5100E series focuses on t he design of carrier-class reliability. It uses modular power supply system to provide redundant backup. it features powerful recovery

capability when encountering disaster and flexible failure processing capability. So in a word, ZXR10 5100E series has integrated maintainability.

It supports ZESR(ESRP+). With creative single-point dual homing and multi-point dual homing redundant backup design, it provides 50ms fast switchover, and offers reliable guarantee to the implementation of large-scale triple play service.

With rich security and anti-attack mechanisms, ZXR10 5100E series device supports wire-speed forwarding, packet inspection and traffic differentiation in the condition of having thousands of ACL. It supports CPU protection, protocol message speed limitation, DoS attack monitoring, IP Source guard DAI.

2.5 Excellent Operation and Maintenance Design The increasing growth of network service makes fast deployment of network service to become more and m ore important. ZXR10 5100E series uses ZTE’s unified network management platform via which the graphic user interface provides customers with service configuration, management, diagnosis, and monitoring. So that customers can understand the network operating status at any time. The deep inspection carried out by intelligent tools which simplifies failure location makes the network management much easier. Finally, it realizes easy service deployment, transparent data forwarding, intelligent failure processing, viewable service quality and clear network resource.

There is a handle outside the modular components of ZXR10 5100E series device, for example the power supply module and extensive slot, so it is very easy to get these modules in and out of the chassis. There’s also a fixed lock at the bottom of each slot. when the slot is installed, the lock will fix the slot to avoid its loose.

All network cables and power cables, including the switches of power supply are in the front of the panel. This gives after-sales engineer great conveniences in their work. All jobs can be done as soon as they open the chassis, which truly improves engineer’s work efficiency.

M button on the front panel breaks through the design of the traditional switch via which only link（active） and direct speed can be displayed. The mode switch button of the M button can visually display the running sate of the switch such as CPU utilization, memory utilization, CPU ARP attack number, whether the port learns MAC, whether the existence of CRC error, display of entire bandwidth and network storm. Network servers can also directly Ping to determine whether the links of network management are connected. This can give more convenience to quick maintenance and efficient management.

The external warning interface of ZXR10 5100E series has 3-line warning input and 5-line control input. It enables the external warning of the system to be controlled effectively, and reduces/avoids the loss caused by external warning.

By using VCT technology, ZXR10 5100E series Ethernet switch can implement remote maintenance of cable. It can inspect the short circuit, open circuit on the cable, and make sure the tolerance of location within 1 meter. By VCT, ZXR10 5100E series Ethernet switch can detect the failure does not cause by the configuration error at Client, it is able to locate the failure equipment, port and even the distance to the failed cable. In network management center, failure location can be done to obviate most failures to make network maintenance job easier. Furthermore, this method reduces the difficulties and costs of operation maintenance at the same time.

2.6 Energy Saving and Environment Protection In the test on comparing the power consumption of ZXR10 5100E and the devices from other famous vendors in the industry, ZXR10 5100E shows much smaller power consumption in both idle and full load conditions. Together with classic European design, i.e.220mm deep, small size, light weight and large capacity, it helps the carrier to save the energy and reduce the requirements for deployment environment efficiently.

3 Functions

3.1 Basic Function

3.1.1 MAC Address Management

MAC（Media Access Control）is the hardware label of network equipment. The switch implements message forwarding according to MAC address. As an exclusive tag, MAC address ensures the correct forwarding of messages.

Each switch takes care of a MAC address table. In this table, MAC address and switch port are corresponding one by one. When the switch receives data, it will find out if this data should be f iltered or forwarded to the corresponding switch port in terms of MAC address table. MAC address table is the foundation and premise for switch to implement fast forwarding.

ZXR10 5100E series realizes the following MAC services:

MAC Address Fixation

When the network is operated steadily for a while, the locations of the equipment linking to all ports of the switch are fixed. In other words, the ports corresponding to all equipment’s MAC address in switch MAC address table are fixed, so the learnt MAC address can be fixed.

MAC address fixation actually changes all dynamic MAC addresses to static mode. After the conversion, these MAC addresses will not join in aging process. At the same time, if the data from whose source MAC address are these addresses appears on other ports, the switch will not have any chance to learn again any more.

Port B inding MAC Address

It is capable of adding dynamic, static and per manent MAC addresses in MAC address table. For static or permanent MAC address, the relationship between MAC address and port is fixed. This relationship will not stop until it is removed manually.

Restrict the Number of Port MAC Address

The capacity of switch MAC address is limited. When the number of the user in the network reaches the limitation of the MAC address table, we can restrict the number of the learnt MAC address that the port of the users with low priority is.

By restricting port MAC address, MAC address flooding which easily causes MAC address table overflow can be avoided.

Port MAC Address Learning Protection

When abnormity of one port MAC address learning is found, the switch will protect this port MAC address learning for a while. As soon as the port goes into protection mode, it will not carry out any new MAC address learning; when the protection is due, the port can implement MAC learning again.

The Filtering of Port Unknown MAC Address

In default mode, the filtering service of unknown MAC address of switch port is disabled. The port does not filter unknown MAC address. If unknown MAC address filtering service is configured on one port of the switch, the corresponding port will discard and learn the packets with the unknown MAC address got by this port.

MAC Address Filtering

The data filtering in terms of MAC address consists of the following three modes:

− 1. Only match the source MAC address of the data, i.e. if the source MAC address of the data is the set MAC address, then carries out the filtering.

− 2. Only match the destination MAC address of the data, i.e. if the destination MAC address of the data is the set MAC address, then carries out the filtering.

− 3. Match the source or destination MAC address of the data, i.e. if the source or destination MAC address of the data is the set MAC address, then carry out the filtering.

3.2 VLAN The forwarding carried out in data link layer realizes the classification of virtual working group by supporting IEEE 802.1Q protocol. ZXR10 5100E series supports multiple ways to classify VLAN, i.e. the classification based upon equipment port, or the classification based upon the host MAC address and the network layer information of user’s message.

3.2.1 Port-Based VLAN

The port-based VLAN classification is simple and popular. It allocates different ports of the equipment with different VLAN, so all traffics received by these ports belong to the VLAN corresponding to this port. For example, port 1, 2 and 3 belong to the same VLAN, other ports belong to other VLANs, as a result, and the frames received by port 1 are only delivered to port 2 and port 3. If the VLAN user moves to a new place, it will not belong to its original VLAN unless it is allocated with a new VLAN.

3.2.2 Protocol–Based VLAN

Protocol-based VLAN is flexible, so it is suitable for L3 or network with rich protocols. Protocol-based VLAN is classified in terms of data packet’s network layer encapsulation protocol, so the labels with the same data packet are in the same protocol VLAN. This VLAN based upon network layer protocol enables broadcasting domain to cross multiple VLAN switch,Therefore, users can move freely in the network, and its VLAN membership will still remain.

Via this method, even user changes its location, he does not have to reconfigure its VLAN. Besides, it can classify VLAN according to protocol type. Without requiring additional frame label to mark VLAN, this method reduces network communications.

Protocol VLAN is set “enable” on the physical interface, and it can be disabled as customer requires. It only classifies VLAN according to data packet label. It isolates packets with different labels.

3.2.3 Subnet VLAN

Subnet VLAN is implemented in L2 VLAN, realizing data frame forwarding flexible. Subnet VLAN determines the corresponding VLAN data will be forwarding according to the source IP address of the data frame. This VLAN based upon the source IP address enables users in different network segments cross multiple VLAN forwarding. But their VLAN membership will still remain.

Subnet VLAN isolates data with different source IP addresses. So users can only get data from the same network segment. The priority for UNTAG frame to forward subnet VLAN is higher than protocol VLAN and PVID, TAG frame is forwarded in TAG mode, and its priority is higher than subnet VLAN.

3.2.4 PVLAN

To enhance network security and isolate messages between users, each user will be distributed with one VLAN traditionally. This method has the following obvious drawbacks:

Currently 4094 VLANs are supported at most in IEEE 802.1Q standard. So the limitation of the user number stops network extension.

Each VLAN is corresponding to one IP subnet, so many subnets will cause the waste of IP address.

The planning and management of so many VLAN and IP subnets make network management more complicated.

PVLAN（Private VLAN） aims at solving these problems.

PVLAN divided VLAN port into two categories: Isolate Port connecting with user’s port and Promiscuous Port uplinking router. The isolate port which can not connect with each other can only communicate with promiscuous port. Therefore, ports under the same VLAN are isolated, and user can communicate with its default gateway only. It tightly ensures network security.

3.2.5 VLAN Translation

VLAN translation is also an expansion of the VLAN function. It allows overlapping VLAN IDs of different Ethernet switches accessing from the edge, and via VLAN translation service, these overlapping VLAN IDs will be changed to different VLAN IDs and sent via uplink port. So that users can be isolated in L2 core switch, which simplifies the configuration of edge access switch.

3.2.6 QinQ

QinQ, also known as VLAN stacking, is a vivid name for the tunnel protocol based on 802.1Q encapsulation. Besides original VLAN label (Inner Label), QinQ technology adds another VLAN label (Outer Label) which can cover the inner label.

QinQ does not need protocol support, via which simple L2VPN (L2 Virtual Private Network) can be implemented. It is suitable for L3 switch in small LAN

Specific networking application based upon QinQ technology is as shown in the following figure. The port connecting to user network is called Customer port, and the one connecting operator network is named Uplink port. Operator network edge access equipment is called PE (Provider Edge)

Figure 3-1 Specific QinQ Networking Application

Normally user network uses Trunk VLAN to access PE. The Uplink port in service provider network interconnects with each other via Trunk VLAN mode.

When messages reaches customer port of switch A from user network 1, the switch A will insert an outer label (VLAN ID is 10) no matter the message is tagged or untagged. Messages is sent long the port with VLAN 10 in service provider network to switch B. when switch B realizes user network 2 is connecting with customer port, it will detag the outer label according to traditional 802.1Q protocol to resume user’s original messages. Then the messages will be sent to user network 2.

In this way, streams between user network 1 and 2 can be transferred transparently via service provider’s network. User network can freely plan its private network VLAN ID without causing VLAN ID conflicts in service provider network.

3.2.7 SVLAN

SVLAN is also called flexible QinQ. It’s the development and en hancement of QinQ. Original QinQ can only implement port-based outer layer label addition. It’s not flexible in application. SVLAN can tag packets with different S-Tag label selectively based on port and C-Tag. To keep client packet COS, it can duplicate 802.1p field in inner layer label to outer layer label to keep user QoS continuity.

Compared with QinQ, SVLAN has enhanced function of network user location, which enables QinQ to better support PUPV (one VLAN per user) and PSPV (one VLAN per service). It is easy for carrier’s operation and m aintenance management. The most typical application is Triple Play service in broadband to the home.

VLAN can perfectly solve the problem of user location separation and service differentiation in broadband network. It can implement operation and maintenance management for one VLAN per user, which brings great convenience to network management and maintenance. ZTE is always an advocator of this technology and takes the leading position in the industry.

ZXR10 5100E series switch supports SVLAN with the following applications and functions:

Being able to distinguish different service VLAN at one port and tag different outer layer label based on different service requirements.

Being able to implement coexistence of VLAN transparent transmission and QinQ service at port; being able to keep user label unchanged without adding new label to user label when some VLAN packets are going through switch.

Being able to duplicate 802.1p field in user label to outer layer label to guarantee that user’s service level is kept unchanged in QinQ network so as to keep the consistency of QoS of user service.

IEEE802.1ad specifies that S-Tag Ethernet type is 0x88A8 and C-Tag Ethernet type is 0x8100. ZTE switch supports C-Tag and S-Tag Ethernet type at any designated port.

SVALN has two major applications in the network:

SVLAN is applied in user location separation and service differentiation in network and Triple Play service in family broadband. SVALN QinQ can solve traditional 4096 VLAN resource shortage problem so as to truly implement PUPV and PSPV.

3.2.8 STP

STP (Spanning Tree Protocol）is built particularly to eliminate network broadcasting storm caused by circle links, and to provide network topology redundant backup service. Aiming at generating “a tree”, the root of the tree is a switch named root bridege. According to different configurations, different switches will be used as the root bridge. But there’s only one root bridge at any time. A tree is formed starting from the root tree, and the root bridge will send configuration message on a regular basis. Each switch who receives the message will dispatch it to other ports after updating the received message on the basis of its own configuration and network topology architecture. When one s witch gets configurations from two or more than two ports, there’s loop existing in the network. At this moment, the switch will leave one port in forwarding mode, and block other ports to get rid of loop. When one port does not get configuration message for a long time, it will be considered by the switch as overtime configuration which may have changed the network topology. So the network topology must be calculated again and generate a tree.

RSTP (Rapid Spanning Tree Protocol) is the optimization of spanning tree. ZXR10 5100E Ethernet switch supports this protocol. As for its rapidness, the latency caused by root port and designated port getting into forwarding status in network equipment or link changing period are shortened in some conditions, so network topology can get steady much faster.

Rstp feature also support sbpdu guard, root guard, loop guard, edge－port and stp ignored per vlan features, where BPDU guard： For access-layer equipment, access port is normally connected with user terminal (e.g. PC) or file server directly. At this moment, the access port is configured as edge port to realize fast migration of this port; when these ports receive configuration messages (BPDU message), the system will automatically set these ports as non-edge-ports. Recalculation of spanning tree causes network topology concussion. Normally these ports will not receive STP configuration messages. If someone make fake configuration message to raise malicious attack, network concussion will happen.

RSTP provides BPDU protection to prevent these attacks； switch initiates BPDU protection service, so that if the edge port receives the configuration message, the system will terminate these ports and inform network management that these ports has been shut down by RSTP. Only network administrator can resume these shutdown ports.

ROOT guard： In the network, when root bridge receives a bpdu message with higher priority, it will not act as root bridge anymore so network topology will be changed, which directly causes the breakdown of data forwarding. To prevent the root bridge from being

attacked, root protection service should be imitated over the port. So when it receives high-priority messages, it will change to listen status and stop forwarding message. In 30 seconds, it will change to normal status automatically, which avoid frequent root bridge change.

Loop guard：Loop protection can avoid the loop caused by one-way link failure. After initiating loop guard service, the port will directly changes to loop－ inconsistent blocking status if bpdu message does not arrive in expected time. The port does not change to listening, learning, or forwarding status, otherwise stp will insist there’s physical failure over port. When bpdu message is received, the port will be resumed.

3.2.9 Link Aggregation

Link aggregation is the process where the physical link segments with the same media type and same transmission rate are bundled together, and appear as one link logically. Switch decides via which port the message will be sent to the peer-end switch according the port sharing policy user made. When switch detects one member port link breaks down, it will stop sending messages over this port and recalculate message delivering port in the rest links on the basis of load sharing policy. When the failed port is resumed, the recalculation will be carried out again to get correct port. Link aggregation is a very important technology in extending link bandwidth and realizing link transmission elasticity and redundancy.

ZXR10 5100E supports two sort of link aggregation, i.e. static Trunk and LACP

Static Trunk adds multiple physical ports to Trunk group directly to form a logical port. This method is not good for inspecting the status of link aggregation port.

LACP (Link Aggregation Control Protocol) follows IEEE 802.3ad standard. LACP aggregates multiple physical ports dynamically to Trunk group via protocol to form a logical port. LACP generates aggregation to get maximum bandwidth.

When configure link aggregation service on ZXR10 5100E, the following principles should be followed:

Totally 32 Trunk groups should be configured. Each Trunk group consist of 8 member port at most.

Support cross-interface board aggregation. Member port can be distributed on any interface board. But the selected port must be working in full-duplex modem and the working speed must be the same.

The member port mode can be ac cess, trunk or hybrid. But they must keep the same.

The logical port formed by link aggregation on ZXR10 5100E is called smartgroup which can be used as common port.

3.2.10 Basic Ethernet Features

ZXR10 5100E series supports the following basic Ethernet features:

Port mirroring

Port mirroring service can replicate the data of one or more than more ports (reflector port)on the switch to a designated destination port (monitoring port). The monitoring port can get the data on these reflector ports via mirroring image, so that, it can carry out network traffic analysis and failure diagnosis. Also, it supports remote SPAN（RSPAN、ERSPAN）.

Broadcasting storm suppression

It can restrict the number of broadcasting message allowed to pass Ethernet port per second. When the broadcasting traffic exceeds the value user set, the system discards the broadcasting traffic to control it to a r easonable scale. In this way, it effectively suppresses broadcasting storm, avoids network congestion and ensures normal service operation. The broadcasting storm suppression is set based upon speed, i.e. the smaller the speed is, the less broadcasting traffic is allowed to pass.

Support the configuration of port speed, duplex mode, and self adaptation.

Support circuit diagnosis analysis test

ZXR10 5100E series supports Cable diagnosis analysis test, via which the abnormities of the links between cables can be inspected. Besides, it can accurately find the location of Cable failure, which gives conveniences to network management and failure location.

1000M Ethernet electrical interface uses network cable to connect other devices. There are four pairs of twisted-pair cable, so when the device is working with 100M interface, 1-2 and 3-6 cable are used. And when 1000M mode is used, 1-2, 3-6, 4-5 and 7-8 cables should be all used. The cable can inspect the status of each pair of twisted-pair cable, including:

− Open： Open circuit

− Short： Short circuit

− Good： good circuit

− Broken： open or short circuit

− Unknown： unknown result or no result

− Crosstalk： coupling circuit

− Fail： failed inspection

3.2.11 IGMP Snooping

The IGMP Snooping maintains the relationship between the multicast address and the table of the LAN by listening to the IGMP packets communicated between the user and the router. It maps the members of a multicast group into a VLAN. After receiving the multicast packets, it forwards them only to the VLAN members in that multicast group. IGMP Snooping and IGMP are the same in that they are both used for managing and controlling the multicast groups through IGMP messages. However, they differ in that IGMP runs on the network layer, while IGMP Snooping runs on the link layer. When the switch receives IGMP packets, IGMP Snooping will parse the information contained in them and establish and maintain a MAC multicast address table on L2.

When IGMP Snooping is enabled on the ZXR10 5100E, multicast packets are multicast on L2. When no IGMP Snooping is enabled, multicast packets will be broadcast on L2.

3.3 Value-Added Service

3.3.1 Cluster Management

Cluster refers to an aggregation formed by a group of switch in a particular broadcasting domain. This group of switch composes a uni fied management domain, providing a public IP address and management interface outside. Also it offers management and access capability to each member in the cluster.

The management switch responsible for configuring public IP address is called command switch, and other managed switches are named member switch. Normally, the member switch does not have public IP addresses, instead it uses DHCP-similar service of the command switch to distribute private address. The command switch and member switch compose cluster together (Private Network)

The isolation of broadcasting domain between public network and private network is proposed to be done on the command switch. Isolating the direct access to the private address, the command switch provides a m anagement maintenance tunnel outside to implement integrated cluster management.

The broadcasting domain of one cluster is normally composed by four roles of switch: command switch, member switch, candidate switch and independent switch.

There’s only one command switch in one cluster. The command switch can collect equipment topology automatically, and set up c luster. After building the cluster, the command switch provides a management tunnel for the cluster to manage the member switch. Before joining in the cluster, the member switch is the candidate switch. And the switch that does not support cluster management is called the independent switch.

Cluster management networking is as shown in the following Figure:

Figure 3-2 The Networking Topology of Cluster Management

TFTP Server110.1.1.2

NM110.1.1.1

Public networks

Candidate switch

Member switch

Member switchMember

switch

Outside cluster

Inside cluster

networks

Inside cluster ip pool

192.168.1.0/24

Command switch

100.1.1.10

The rules for the conversion of four-role switches in the cluster are as shown in the following Figure:

Figure 3-3 The Rules for Switch Role Conversion

Command swtich

Candidate switch

Member switch

Independent

switch

Destined for command switch

Destined for candidaate

switch(no member)

Destined for independent switch

Join cluter

Delete from cluster

Destined forcandidate switch

Destined for independent

switch(no member)

Destined for command switch

Destined for independent switch

3.3.2 ESRP Ring Protection

ESRP (Ethernet Smart Ring Protocol) is based on ITU G.8032 protocol. ESRP detects whether the ring is connected and guarantees there is only one logically connected path between any two nodes on the ring. It re-sets port state as blocked or forwarding based on ring changes (connected -> broken, broken -> connected) to quickly switch the logic path.

ESRP is suitable for multiple rings and multiple domains. Multiple rings are referred to in terms of network topology layers. Each layer is a ring. There are two access points on lower layer access ring to connect with higher layer access ring. The network topology is considered as an individual ring. A ring tangent with it is not a par t of it but a par t of another. The ring on the higher layer is called the main ring. Others are access rings. Multiple domains indicate there are multiple protecting instances on one ring which are suitable for different service VLAN. They have different logic paths and are independent from each other.

3.3.3 ZESS ZTE Ethernet Smart Switch

ZESS (ZTE Ethernet Smart Switch) describes a cost-effective link switchover mechanism. It enables the services to be switched over to backup link rapidly when the active link breaks down, so that normal service transmission can be guaranteed.

As the following figure shows, node 1 supports ZESS service. Port 1 is the master port and port 2 is the standby port. When node 1 inspects that both the master and standby ports are in UP mode, it will disable the service VLAN protection forwarding service of the standby port; when node 1 finds the master port is Down, it will block VLAN forwarding service of the master port, and enable VLAN forwarding service of the standby port; when node 1 inspects that the master port resumes to UP mode, the inverted and uninverted modes can be chosen. In inverted mode, the master port is opened and the standby port is blocked again. In uninverted mode, the master port keeps blocked mode, and t he standby port is open. In addition, when ZESS takes action, FDB of the blocked port should be updated.

Figure 3-4 The networking topology of ZESS

Upper network

Node 1

Node 2 Node 3

Master port Slave port

3.3.4 Security Feature

ZXR10 5100E provides users with rich security features, providing multi-dimensional protection in control layer, data layer, and management layer of the device. On data layer, the device provides address change scanning attack prevention, broadcast multicast packet rate restriction, port security protection, MAC address table and ARP binding, DHCP Snooping, IDS association etc. The control layer provides multiple layers of CPU packet receiving, interface address conflict detection, network topology change attack prevention, BPDU protection and root bridge protection. Management layer provides hierarchical user management, user password encryption, and SSH.

3.3.5 TR101 Feature

TR101 issued by Broadband Forum (the original DSL Forum) in April 2006 is a technical demand report satisfying broadband access network. In terms of TR-025 and TR-059 architectures, TR101 proposes a way to enable ATM aggregation network to access Ethernet aggregation network, also it raises an Ethernet-based topology model that meets the requirements of TR-058 operation. And it gives the specific requirements of BRAS devices in access aggregation network, the migration, interconnection, QoS, multicast, security and OAM of all AN nodes.

All mainstream carriers in Europe ask their access and aggregation switches to satisfy TR101. ZTE follows this demand and tries its best to make the product more satisfied to TR101. In doing so, ZTE focuses on:

Supporting MFF and making sure the isolation of users

For Pvlan, MFF not only realizes L2 isolation, but also makes sure more secure message processing and forwarding as it saves user’s basic information. At the same time, the gateway router controls the communications of all users in the same network segment of L2, which further enhances network security. Centralized management can be realized.

In addition to give support to DHCP 的 option82, it can also inspect the messages that DHCP server returns to customers. And the messages are forwarding as per port accurately, which prevents other people from getting customer’s individual information;

Supporting IGMP topology discovery. IGMP module when encounters topology change can actively send inspection information to accelerate multicast congestion

Adding IGMP statistical information.

3.3.6 Support External Alarm Input and Output

ZXR10 5100E as shown in figure 5 totally supports 3-line alarm input and 5-line control output

Figure 3-5 Alarm Interface

Blue indicates alarm input and red means control output. As figure 6 shows, if the power supply device connecting to alarm interface of the switch has some problems, the switch will get signal sent by the alarm input mechanism to show level switch, and then the switch will take some actions. For example, it can send warnings to upper monitoring server via network management interface, also it can control and reset the power supply device via control input mechanism.

3.3.7 VCT Te chnology

VCT (Virtual Cable Test) is a cable fault testing function based on hardware. It uses TDR (Time Domain Reflector) to implement cable diagnosis. It can provide cable error state such as open circuit, short circuit, un-matching impedance, normal cable etc. It can provide cable fault point distance.

3.3.8 SFP DOM

DOM (Digital Optical Monitoring) is a part of optical module. The optical module supporting DOM service can get temperature, voltage, current and the power consumption in processing traffic. In addition, each optical module is set with some threshold in operation (including alarm threshold and warning threshold). After initiating DOM service, the operating status can be polled via 12C bus of the optical module, and compare the status with the preset threshold. When the value exceeds the threshold, syslog and SNMP trap modes can be used to send warnings.

3.3.9 SFlow

With the increasing development of network services in commercial environment, the existing network becomes bigger and bigger. As there are more and more devices and traffics in the network, the cost in carrying out network maintenance is higher and higher. So how to manage network equipment efficiently and how to implement real-time traffic

monitoring and analysis have become more and more important to carriers. Currently, vendors provide multiple network traffic monitoring technologies respectively. But most of these traffic monitoring technologies are private or build based upon hardware. sFlow currently is the standard traffic monitoring technology listed by IETF, it requires simpler hardware, less resource and more universal technology, as a result, it has been implemented by many vendors.

sFlow services are mainly composed by three parts: sFlow message sampling unit, sFlow proxy unit, and sFlow analyzer. Usually, the sampling and proxy units of sFlow are integrated in network device, and sFlow analyzer is built at the exterior of the system, analyzing multiple sFlow proxy messages in the network. The entire system is basically as shown in the following Figure:

Figure 3-6 Basic Architecture of sFlow

Analysis

Measurements

sFlow Agents

sFlow Analyzer

TrafficData

Analysis

Measurements

sFlow Agents

sFlow Analyzer

TrafficData

sFlow sampling unit is the basic part of sFlow mechanism. It samples messages over the network interface that supports sFlow, and then it will send the messages to sFlow proxy unit for processing. sFlow Collector implements sFlow management, monitoring, collection and ana lysis. It is responsible for saving and analyzing messages from all sFlow Agent. Then it will give analysis report on traffic and service.

3.3.10 ACL

To filter data, a s eries of matching rules need to be configured for network device to identify the objects needs filtering. When particular object is identified, corresponding data packets are permitted or prohibited based on the pre-set policy. ACL (Access Control List) can implement all these functions.

Usually ACL is adopted to implement data packets filtering, policy routing and special traffic control. One ACL contains one or multiple rules for special types of data packets. The rules inform switch whether to permit or reject data packets that match the selecting standards specified in the rules.

As the data matching rule defined by ACL can also be used by applications where traffic should be classified, for example to define traffic classification rule in QoS

ZXR10 5100E provides the following four types of ACL and support two IPv6ACL types:

Basic ACL: only match source IP address.

Extension ACL: match source IP address, destination IP address, IP protocol type, TCP source port number, TCP destination port number, UDP source port number, UDP destination port number, ICMP type, ICMP Code, DSCP(DiffServ Code Point) , ToS and Precedence.

L2 ACL: match source MAC address, destination MAC address, source VLAN ID, L2 Ethernet protocol type, 802.1p precedence.

Hybrid ACL: match source MAC address, destination MAC address, source VLAN ID, source IP address, destination IP address, TCP source port number, TCP destination port number, UDP source port number, UDP destination port number, including all matching fields of the three types mentioned above.

Basic IPv6ACL: only match IP address of IPv6 source.

Extension IPv6ACL: Filter IPv6 source and destination addresses.

Each ACL has a visit number for identification. The range of this number of different types of ACL is different:

− Basic ACL：1~99

− Extension ACL：100~199

− L2 ACL：200~299

− Hybrid ACL：300~349

− Basic IPv6ACL：2000~2499

− Extension IPv6ACL：2500~2999

Each ACL rule has 100 pieces at most, and the rule number ranges from 1 to 100.

3.3.11 QoS

Due to the increasing growth of multiple services (data, voice, video) and their different requirements for service real-time capability (latency, jitter and packet loss rate) and sensitivity of service reliability, nowadays networks are demanded to be able to differentiate services, ensure user’s service quality according to SLA, realize QoS guarantee in all implementation models, provide end-to-end service quality, make the network appreciable and service manageable, realize service precise operation and finally improve user’s service experience.

3.3.11.1 Basic QoS Feature

ZXR10 5100E support rich QoS features where Diffserv model known for its simple configuration, superior flexibility and high extensibility wins the most extensive use. ZXR10 5100E have the following Diffserv QoS features:

Traffic Classification and Marking. Service messages are divided into multiple priorities or categories on the basis of service classification policy (including VLAN, 802.1P, DSCP, MAC address, IP address, TCP/UDP port number, and DSCP info.), then these categories will be marked by ToS or DSCP fields of Ethernet message CoS or IP head, or EXP field of MPLS. In this way, category-based traffic scheduling, congestion management and traffic shaping can be implemented. Different QoS mechanisms can be used on different types of service.

Traffic Policing. It is particularly used to restrict one stream or abrupt traffic which is going to access one network. After setting a reasonable limit to the traffic, it will then police or punish the exceeding part of the message, for example, discard the message, color the message or reset the priority of the message. In this way, it protects network resource and operators greatly at the same time.

Following srTCM (Single Rate Three Color Marker) and trTCM (Two Rate Three Color Marker) algorithms introduced by IETF, ZXR10 5100E use two token buckets to evaluate the arrived messages. Compare messages according to CIR/PIR mode of token bucket in Color-Blind mode and Color-Aware mode, and color the part exceeding PIR red, the one exceeding CIR but under PIR yellow, and the one under CIR green. Hence, queue scheduling and congestion management can be done in terms of message colors. In this way, service precise operation and management are realized. ZXR10 5100E support CIR/PIR service based upon port and flow, and they can be used in both incoming and outgoing directions.

Figure 3-7 Traffic Policing with CIR/PIR

Traffic Shaping. It is designed particularly to restrict one stream or abrupt traffic and make these messages sent out in evenly. Traffic shaping is normally done by cache and token bucket. When the message is sent in high speed, it will be saved in cache and then sent out evenly in the control of token bucket. Different from traffic policing, traffic shaping caches messages that do not match traffic feature, which prevents messages from being discarded and satisfies message traffic feature at the same time.

Queue Scheduling. For network unit, when the incoming speed of the packet is faster than their outgoing speed, congestion will happen at egress. When it occurs, firstly some messages will be discarded if there’s not enough cache space. Also a resource scheduling mechanism should be made to enable messages to cache in the queue according to some policies. And then these messages will be taken out from the queue and forwarded as per some scheduling policies. Congestion management of the queue is very meaningful to bandwidth distribution, latency and jitter. ZXR10 5100E support PQ (Priority Queuing), Weighted Fair Queuing (WFQ) and PQ+WFQ queue scheduling methods.

Congestion Avoidance. Network equipment cache is limited, so queue scheduling which is one congestion management mechanism carried out in terms of different policies is also based upon the capability of the cache. It makes sure services of different queues and different priorities can be scheduled according to certain policies. When too many services are congested, and the queue length has reached its threshold, all new arrivals will be discarded. This discarding mechanism may cause TCP entire synchronization where messages of multiple TCP connection queues will decrease at the same time, so that TCP connections start congestion avoidance and slow start status to adjust traffic. What is worse, traffic peak will pear at the same time making the network traffic fluctuate between insufficient and saturation, which badly influence user’s service experience.

To improve network quality, ZXR10 5100E adopts WRED to avoid congestion. ZXR10 5100E WRED can be aware of services, set policies for discarding messages of different priorities, so that different messages can have different discarding policies.

3.3.11.2 Ethernet QoS

Because of the dramatic development of Metro Ethernet Service, there are more and more Ethernet services in the network. ZXR10 5100E can process service scheduling and congestion management as per the priority of VLAN frame. It can map IP message priority or EXP priority of MPLS message to VLAN priority of Ethernet message to realize integrated service scheduling. In QinQ mode, inner user VLAN priority can be mapped to outer operator’s VLAN priority automatically, or outer VLAN priority can be modified according to user’s service. This realizes integrated and manageable services from user service to operator service tunnel.

Traditional Ethernet service is actually VLAN priority guarantee service based upon Ethernet message. Normally there are 8 corresponding service types, and these services can not be colored, so that, Ethernet service can not color services according to CIR/PIR service marks to provide more differentiated service quality. In order to enhance Ethernet service quality control and realize 5P3D model based upon VLAN service, ZXR10 5100E classifies services according to 802.1P DE(Drop Eligible) which makes user services into 5 levels and 3 discarding priorities to color services.

Figure 3-8 5P3D Model based upon Ethernet Service

3.3.11.3 Port Mirroring

Port mirroring is actually to replicate services with matched ACL rule to CPU or designated port for message analysis and monitoring. Normally it is used for network failure diagnosis.

3.3.11.4 Traffic Statistics

Traffic statistics service is used to calculate service packets, so that real network status can be k nown for further reasonable network resource distribution. Traffic statistics mainly refers to the number of the packet ingress port receives.

3.3.12 NTP

NTP (Network Time Protocol) is a time synchronous protocol used between different network members. Its transport is based upon UDP. The devices implementing NTP

adjust system clocks automatically by exchanging NTP messages. In this way, they keep their clock the same. ZXR10 5100E can be deployed as NTP Client in real network application.

3.3.13 RADIUS

RADIUS（Remote Authentication Dial In User Service） is a standard AAA(Authorization, Authentication, Accounting) pr otocol. For router, AAA can authenticate users accessing routing switch to prevent illegal users from accessing. At the same time, services like DOT1X also needs to use RADIUS for authentication and accounting.

Currently, ZXR10 5100E supports RADIUS authentication service. It can provide accessed routing switch with Telnet user authentication.

ZXR10 5100E supports multiple RADIUS server groups. Each RADIUS is allowed to configure 3 authentication servers. Each group can set the time for setting server and the time for resetting. The administrator is capable of configuring different RADIUS group to choose specific RADIUS server.

3.3.14 SNMP

The SNMP subsystem implements the SNMP AGENT function, and supports all the protocol operations of the SNMP agent specified in SNMP V1 /V2c/V3.

The protocol operations of SNMPv1 are:

get-request

get-next-request

get-response

set-request

The protocol operations of SNMPv2 are:

get-request

get-next-request

get-bulk-request response

set-request

inform-request

snmpV2-trap

The Management Information Library (MIB) is described by using SMIv1 and SMIv2. The MIB consists of the following parts:

Management objects of the network management protocol

Management objects of the TCP/IP support protocol

Management objects of the high-speed network interface

Management objects of important data and configuration parameters

Management objects compatible with SMIv1

System configuration parameters

3.3.15 RMON

We can use RMON (Remote Monitoring) to keep an eye on remote services. By using RMON, data collection and processing are done by a remote inspector, i.e. routing switch system. The routing switch at the same time contains a RMON proxy software handling communication by SNMP and network management. Usually, information only goes from routing switch to network management system when special requirements are raised.

3.3.16 DOT1X Authentication

802.1X is Client/Server-based access control and authentication protocol. It connects to user equipment at system port via authentication to make sure if this user is authorized to access system service via this port. This method prevents unauthorized data processing between user and service provided by the system. In the beginning, 802.1X access control only allows EAPOL frame to pass the access connecting with user equipment. Other data can access this port after authentication.

802.1X connects the authentication system to LAN and generates two logical ports: controlled port and uncontrolled port. The uncontrolled port which is free from the authorization status of the port can exchange PDU with other system. However, the controlled port can only switch PDU with other systems when it is authorization. PAE is the entity of algorithms and protocols related to operation and authentication. The requesting PAE respond to the requests from authentication PAE, so that it can provide authentication information. The authentication PAE is responsible for the communication with requesting PAE, and it also delivers the information coming from requesting PAE to authentication server. Then after verifying this information, the authentication server confirms if the requester will be authorized to access authenticator’s service. The authenticating PAE relies on the authentication result to control the authorization of controlled port and the status of the uncontrolled port. The authenticating PAE enables

the uncontrolled port and EAPOL exchange protocol with requesting PAE, and EAPOR communicates with RADIUS authentication server.

ZXR10 5100E series products mainly support the following 802.1X services:

Support all services of authenticator

Support local authentication

Support authenticating PAE to exchange protocol via uncontrolled port and EAPOL

Support AuthControlledPortControl parameter ForceUnauthorized, Auto, ForceAuthorized to operate the controlled port

Support both AdminControlledDirectionsand OperControlledDirextions to operate the controlled port

Support requestor’s regular reauthentication by reauthentication timer

Without authentication, it supports the transparent transmission of 802.1x authentication packet

3.3.17 IPTV

IPTV is also name interactive network TV which is introduced by operator on the basis of broadband. By using IP broadband network, it integrates Internet, multimedia and communication technologies, providing users with many interactive services, e.g. live TV program, on-demand video service and network surfer service. So user can take advantage of these services by PC or “IP set-top box + TV”.

As one of the key technologies of ZTE IPTV system architecture, controllable multicast mainly implements at broadband access network side. The device implementing multicast controlling policy (BRAS, DSLAM or switch) is called multicast controlling point, which works as the terminating point of user multicast IGMP request and determines whether to duplicate multicast stream to user port based on corresponding IGMP request and control policy. The multicast controlling point near user saves more network bandwidth. As the key device implementing multicast controlling policy, multicast controlling point supports the following features: IGMP V1/V2, IGMP Snooping, IGMP Filter, IGMP Proxy, IGMP Fast leave, MVR (Multicast VLAN Register), SGR (Static Group Register), UGAC (User Group Access Control), UGAR (User Group Access Record) etc. Multicast on demand authority of user can be controlled by rule and channel binding.

3.3.18 VBAS

VBAS is the short form for Virtual Broadband Access Server. It is a kind of query protocol expanded between IP-DSLAM and BRAS device. Point-to-point communication is used

between BRAS and IP-DSLAM, i.e. port information query and respinding message can be encapsulated in L2 Ethernet data frame.

The implementation principle is that L2 point-to-point communication between BRAS and IP-DSLAM. That is to say, port information query and responding packets are directly encapsulated in L2 Ethernet data frame. Configure DSLAM corresponding to VLAN on BAS. Initiate VBAS during PPPoE calling process. That is to say, mapping user band VLAN to corresponding DSLAM. BAS actively initiate user line identity query to DSLAM, which provides BAS with responding user line identity. The local 5100E series switch is DSLAM device

VBAS protocol is implemented by sending VBAS message between BAS and DSLAM.

3.3.19 ARP

When one network device is sending data to another one, in addition to IP address of the destination equipment, it should also be clear of the MAC address of the destination equipment. ARP（Address Resolution Protocol）is made to map IP address to MAC address to make sure successful communication. When one device is communicating with an unknown device in the network, the MAC address of the unknown device will be get firstly via ARP. The specific procedures are:

The source equipment broadcasts ARP requests with destination device’s IP address, and all devices in the network will receive this ARP request. If one device realizes that the request is based upon its own IP address, it will then record sender’s ARP information and send ARP response containing its MAC address to source device. In this way, the source device gets the MAC address of the destination device via this ARP response.

In order to reduce ARP packet in the network and accelerate data delivery, IP address and MAC address mapping is cached in the local ARP table. When equipment is going to send data, it will firstly check ARP table according to IP address. If the MAC address of the destination equipment is found in the ARP table, there is no need to send ARP request any more. At the same time, due to the limited space in switch ARP table and the frequent changes of network equipment, the switch should renew ARP table on time (Delete the old items and add in new ones). The dynamic items in ARP table can be deleted automatically, and this course is called ARP aging.

To make the network safer, ZXR10 5100E is able to change the learnt dynamic ARP to static ARP, manual static ARP and eternal ARP table item. Both static ARP and eternal ARP table item do not experience ARP aging. The eternal ARP still exist after reinitiating the switch, however the static ARP will disappear. To prevent from ARP attack, ZXR10 5100E supports ARP protection service, restricting the number of the ARP the switch learn.

3.3.20 DHCPv4

The DHCP manages the IP address and other related configuration information used on the network, to reduce the complexity in managing the address configuration. When the DHCP service is used on the network, the client and server must be in the same broadcast domain.

ZXR10 5100E series support DHCP Client and automatic download of default configuration file via DHCP option field. Without any extra configuration, the device can get IP address, Gateway IP address, and host configuration information, etc. after receiving discovery message, DHCP server will find corresponding preserved IP address as per MAC address, and send other information for example host name, TFTP IP address, Configuration file name to DHCP client via DHCP option at the same time. Then DGCP client will download configuration file from TFTP server via this information, and then initiate new configuration file with DHCP protocol acting to download configuration file at the same time.

3.3.21 DHCPv6

ZXR10 5100E supports DHCPv6 snooping and DHCPv6 relay.With the DHCPv6 snooping capability, ZXR10 5100E supports trust port. It forwards the DHCP packet received by the trust port. The packet from by trusted ports will be checked. So that, the illegal one can be discarded. This method can .avoid private server.

DHCPv6 relay realizes the server and the Client which do not belong to the same link can forward messages. This method prevents DHCPv6 server from being deployed in every link, which on one hand saves costs, on the other hand gives conveniences to integrated management.

3.3.22 LLDP

LLDP（Link Layer Discovery Protocol）is a ne w protocol defined in 802.1ab, which enables adjacent devices to send messages to each other, thus updates physical topology information and establishes device management information base. LLDP working process is as follows:

1. Sends link and management information of local device to the adjacent device;

2. Local device receives network management information from adjacent device;

3. Store the network management information of adjacent device in MIB base of local device. Network management software can query L2 connection in MIB base.

LLDP doesn’t work as configuration protocol for remote system, nor signaling control protocol between ports. LLDP can discover inconsistency in configuration of L2 protocol

for adjacent devices, but it only reports the problem to the upper level management device without providing mechanism to solve the problem.

To be simple, LLDP is a kind of neighbor discovery protocol. It defines criteria for network devices in Ethernet such as switch, router and wireless LAN access points to enable them to announce their existence to other nodes in the network and to store the discovery information of each adjacent device. For example, the information of device configuration and device identification can be declared by this protocol.

LLDP defines a universal announcement information set, a protocol that transmits the announcement, and a method to store the received announcement information. The device that announces its own information can put multiple announcements in one LLDPDU (Link Layer Discovery Protocol Data Unit) to transmit them. The LLDPDU contains a s eries of short message unit with variable length, which is called type-length-value (TLV) with the description as follows:

Type indicates the type of the information needs to be sent

Length indicates the bytes of the information

Value indicates the actual information needs to be sent

Each LLDPDU contains four compulsory TLV and one optional TLV:

Device ID TLV

Port ID TLV

TTL TLV

Optional TLV

LLDPDU end TLV

Device ID and port ID are used to identify the sender

TTL TLV notifies the receiver of the reservation period of all the information. If no update is received from the sender in this period, all related information will be dropped by the receiver. IEEE has defined a suggested update frequency of one transmission per 30 seconds.

Optional TLV contains basic management TVL set (such as port description TVL), special TLV set organized by IEEE 802.1 and special TLV set organized by IEEE 802.3.

LLDPDU end TLV indicates the end of LLDPDU.

3.3.23 UDLD

UDLD is a L2 logic link detection protocol which can detect logic connection of Ethernet link and verify physical connection. Different from physical connection detection, UDLD detects based on neighbors. L1 devices are transparent to UDLD.

Firstly UDLD needs to establish neighbor relationships. When an Ethernet interface with status of UP launches UDLD, the interface sends neighbor joining Hello message to its adjacent device. The interface launching UDLD of the adjacent device sends back an Echo message. Receiving an Echo message indicates that the device considers the two devices are interconnected. It establishes neighbor relationship with the peer-end and also sends an Echo message. Receiving this Echo message by the peer-end, neighbor relationship on the two devices are both established.

After establishing neighbor relationship, they send Hello messages regularly to check whether the link works well. The device updates the buffered neighbor information stored at local and reset time for neighbor timeout. If no Hello detecting message is received until neighbor aging time, the link is considered as abnormal. Corresponding processing will be taken based on different work mode.

There are two work modes for UDLD: common mode and aggressive mode. In common mode, an interface is Down only when protocol packets are received confirming link single pass. No processing will be taken at the interface if no corresponding packets are received or link single pass cannot be affirmed. In aggressive mode, the interface is Down as long as two-way expedite link cannot be g uaranteed. The common place of these two modes is that alarm will be printed as long as normal link status cannot be affirmed.

Generally speaking, UDLD makes interface Down in the following situations:

In common mode, sends Hello neighbor joining message, and receives Echo message which indicates the neighbor of the peer-end is not itself.

In aggressive mode, sends Hello neighbor joining message, and r eceives Echo message which indicates the neighbor of the peer-end is not itself.

In aggressive mode, receives Hello neighbor joining message, and s ends Echo message; but no Echo message from the peer-end is received.

In aggressive mode, all neighbors at the interface exceed the aging period, and no Hello detection message is received.

When the interface is Down or other accidents occurs that leads to failure of the interface, the device needs to send a flush message to notify the adjacent L2 device to delete the information of it.

Initiate UDLD: if the Echo message received indicates that the neighbor of the peer-end is not itself; it’s a false connection of interface. UDLD shut down the interface whatever the mode is as shown iin the following Figure:

Figure 3-9 False connection of interface

Device ADevice A

PORTPORT

TXTX RXRX

PORTPORT

TXTX RXRX

Device BDevice B

PORTPORT

TXTX RXRXPORTPORT

TXTX RXRX

Figure 3-10 Interface down

Device ADevice A

PORTPORT

TXTX RXRX

PORTPORT

TXTX RXRX

Device BDevice B

PORTPORT

TXTX RXRXPORTPORT

TXTX RXRX

PORTPORT

TXTX RXRX

PORTPORTTXTX RXRX

Aging time is the protocol packet sending interval (15 seconds by default) ×3. Shut down the interface if no packet is received within aging time if aggressive mode is configured.

3.3.24 Ethernet OAM

3.3.24.1 802.3ah

IEEE 802.3ah mainly implements link level management, taking monitoring and failure processing of point-to-point Ethernet link in the network. Sometimes “last mile detection” is just about this. Link layer OAM is mainly applied for point-to-point direct link detection.

Figure 3-11 Relationship of sub-layers of OAM in ISO/IEC OSI reference model

Figure above is the location of OAM in ISO/IEC OSI reference model. Above OAM is LLC logic link control or other MAC client layer. Below OAM is MAC layer or optional MAC control sub-layer. OAM layer is optional. OAM covers the following three functions:

Remote discovery

Remote loopback

Link monitoring

DTE involved in OAM sub-layer supports active/passive mode. When OAM is enabled, DTE that both modes support should choose active or passive.

Remote discovery

OAM provides a m echanism to check whether remote DTE has OAM sub-layers. If discovery unsatisfied, OAM client learns that discovery is unsuccessful; and generates discovery unsuccessful alarm. There may be t wo reasons for unsuccessful discovery: one is that the peer-end doesn’t start OAM; the other is link connection failure. During the process of remote discovery, label domain of OAMPDU message carries urgent link event (including link failure, urgent failure and emergencies). But the particular failure definition of link failure, urgent failure and emergencies are relevant to their implementation. One way to learn about link failure via remote discovery is by OAMPDU timeout; and the other way is to define some specific urgent link events to let client layer to learn about link failure from OAMPDU.

DTE that configured with active mode launches the discovery process. Once the discovery process is completed, when the counterpart entity connecting to remote OAM is in active mode, active DTE is permitted to send any OAMPDU. DTE that configured with passive mode doesn’t launch discovery process. It provides feedback of discovery process launched by remote DTE.

Remote loopback

OAM provides optional data link layer frame-level loopback mode controlled by remote. OAM remote loopback can be applied for failure location and link performance test. When remote DTE is in OAM remote loopback mode, the statistic data of local and remote DTE can be queried and compared at any moment. Query could be i mplemented before, during, or after loopback is sent to remote DTE. Besides, OAM sub-layer loopback frame can be analyzed to get additional information concerned link health (to determine frame dropping caused by link failure).

If OAM client has sent loopback control OAMPDU, and when it waits the counterpart DTE to indicate its responding message OAMPDU locating at OAM remote loopback, whether OAM client implements OAM remote loopback command on pe er-end device is determined by the following process: a) if local DTE source address is larger than that of the peer-end, enter OAM remote loopback based on peer-end command. b) If local DTE source address is smaller than that of the peer-end, ignore OAM remote loopback command of the peer-end and go on working as if nothing is received.

Link monitoring

OAMPDU。Link monitoring is a feature to make statistics of error symbols or error frames received by physical layer within certain interval. Based on the implementation there is a counter at driver all along making statistics of error frames, error symbols and total frames received. The platform reads the information regularly and takes processing based on these error symbols, error frames and total frames. Corresponding event notice will be generated as per which kind of event occurred is detected.

There are four types of link events:

Link error symbol period event. Count error symbols generated in particular period, which is determined by the quantity of symbols received in certain period by the physical layer.

Error frame event. Count error frames generated in particular period, which specifies certain interval.

Error frame period event. Count error frames generated in particular period, which is determined by the quantity of frames received.

Error frame second accumulation event. Count error frame seconds in particular period, which is determined by the time interval.

3.3.24.2 CFM

Connectivity Fault Management (CFM) can effectively check, separate virtual bridge LAN and report its connection fault. It is mainly oriented to carrier’s network and also effective to customer network (C-VLAN) as well.

Main basis of CFM that current switches support: IEEE 802.1ag implementation.

To manage and maintain the network, network administrator plans network service and network layers by dividing the whole network into multiple Management Domains (MD). A single domain is shown in the following Figure.

The domain defines a series of ports at edge device and internal device. The gray points at the edge device are service ports connecting to device outside the domain. They are defined as Maintenance End Point (MEP). There are also some black ports (including those at the device inside the domain) which are ports connecting devices inside the domain. They are defined as Maintenance Intermediate Point (MIP). Domain management is implemented by the defined MEP and MIP.

Figure 3-12 Maintenance domain

Maintenance Domain

As shown in the following Figure, a network can be divided into user domain, provider domain and operator domain. Each domain is designated with a level from 0 to 7. The level for domain determines the inclusion relations. Domain with higher level can contain domain with lower level; not vice versa. Domains with the same level cannot contain each other. Thus the domain with the largest coverage has the highest level. Domain inclusive relations could be tangent (internally or externally) and inclusive, but not intersecting.

Connection Fault Management (CFM) can effectively check, separate virtual bridge LAN and report its connection fault. It is mainly oriented to carrier’s network and also effective to customer network (C-VLAN) as well.

Configure multiple embedded Maintenance Domains (MD) via one bridge network or a network containing a bridge network.

Configure a Maintenance Association (MA) identified by an individual MD in any given bridge and a group of VLAN.

Format of protocol, process and CFM protocol packet used to detect and separate connection fault report.

Capacity of Maintenance Point (MP) configuration and management in MA. MP is used to generate corresponding CFM packets.

Command MPs implements affirmed fault separation and inspect result.

Figure 3-13 Ethernet Maintenance Domain Inclusive Relations

OperatorDomain

ProviderDomain

CustomerDomain

Scenario A:Touching Domains Ok Scenario B:

Intersecting Domains Not Allowed Scenario C:

Nested Domains Ok

Path Discovery: MEP discovers with LTM/LTR message by tracking a MEP to another MEP, or the path went through between MIP.

Fault Detection: MEP checks the network connection by CCM message that sent and received regularly. Connection failure and NonWill connection (connected by mistake).

Fault acknowledgement and isolation: it’s a kind of behavior of management. The administrator acknowledges fault by LBM/LBR and implements certain isolation.

Fault notification: when there is connection fault in MEP direction, corresponding report message will be sent to designated management system (such as NMS and TRAP).

Network status detection: Learn about network connection or network delay and jitter by checking packets from MEP to MEP with time stamps or sending and receiving of packets with counter.

MP is the smallest entity on management layer to implement functions, including MEP and MIP. Comparatively, MEP implements more complicated functions than MIP does. It’s also more complicated to manage configuration than MIP. It can be said that CFM functions are implemented by MEP, which can send, receive and process any messages mentioned above. While MIP can only process LTM and LBM message; and send LTR and LBR message as well.

3.3.25 L2PT

In QinQ VPN mode, if VPN uses locating at different places want to initiate their L2 protocol for example, STP, LACP, ZDP, they need to use core network to transfer these L2 protocol messages transparently, and these messages with preserved MAC address for bridge can not process transparent transmission normally. L2PT (layer 2 protocol transportation) solves this problem, so it is widely used to transfer user network L2 protocol message in QinQ VPN.

L2PT networking is as shown in the following figure.

Edge Switches: It locating at the edge of operator network connects customer network equipment.

Layer 2 protocol transportation port: On port of Edge Switch. The encapsulation of decapsulation L2 protocol message.

Transportation PDU: Encapsulated protocol message, for example ZDP, STP and LACP, etc.

Figure 3-14 L2TP Networking

On the port without initiated L2PT, L2 protocol messages （STP，ZDP，LACP）instead of being forwarded is either discarded or sent up for protocol processing, which will cause several blocked stp domains in customer network as per different locations, so that the entire customer VPN can not run an i ntegrated STP topology. L2PT transfer BPDU message transparently in VPN, which helps customers to supply the gap.

The received L2 protocol messages will be encapsulated at the transportation port of edge switch, then broadcast the encapsulated messages. Initiate remote transportation switch port to encapsulate these messages.

The message encapsulation and decapsulation can be done by changing message MAC address.

3.3.26 Dual-Port Loop Inspection

The failure network connection or configuration easily causes forwarding loop in L2 network, which makes the equipment keep sending broadcasting, multicast and unknown unicast messages. It not only wastes network resource greatly, but also fails the entire network sometimes. To inspect loops inL2 network on time and avoid serious influence to the entire network, there must be a mechanism in the network to inspect loops and inform user to check connection and configuration on time. Also this mechanism should be able to shut down the failed port to eliminate loop. This is loop inspection mechanism.

ZXR10 5100E sends loop inspection message from one port on a regular basis, and it checks if messages return to the equipment on the other port to make sure if there’s loop between the port sent message and the monitoring port, and if the port with loop is clear. When loops are found in the network, ZXR10 5100E will shut down the port with loops and send warnings (trap) to user.

4 System Architecture

4.1 Product Physical Structure ZXR10 5100E series All-GE L2 switch has totally thre models: ZXR10 5116E, ZXR10 5128E and ZXR10 5128E-FI. The chassis of ZXR10 5116E, ZXR10 5128E and ZXR10 5128E-FI is 1U(1U=44.45mm), and the size is 44.45mm×442mm×220mm (H×W×D). Using modular swappable dual power supply, ZXR10 5100E is capable of flexible configuration and changing, as well as more powerful reliability. All cables including power supply cable and network cable are coming out in front of the chassis. It supports 3-line warning input and 5-line control output. The M button on the front panel can vividly display the running status of the switch.

The interfaces and slots for each model of ZXR10 5100E series are shown as follows:

ZXR10 5116E provides 12 fixed GE electrical interface with the electrical interface type of RJ45. It supports category 5 a nd above twisted-pair, 1 expanded slot, 1 100M management port, 1 Console port and 2 alarm ports.

ZXR10 5128E provides 24 fixed GE electrical interfaces with the electrical interfaces type of RJ45. It supports category 5 and above twisted-pair, 1 expanded slot, 1 100M management port, 1 Console port and 2 alarm ports.

ZXR10 5128E-FI provides 24 fixed GE SFP interfaces. It supports various GE optical modules satisfying SPF standards. It supports 1 ex panded slot, 1 10 0M management port, 1 Console port and 2 alarm ports.

The sub-cards for expanded slots of three ZXR10 5100E models have four patterns: 4 GE SFP optical ports, 4 GE electrical ports, 4 10G optical ports.

Figure 4-1 The Front Panel of ZXR10 5128E

Figure 4-2 The Front Panel of ZXR105128E-FI

Figure 4-3 The Front Panel of ZXR10 5116E

4.2 Hardware Architecture ZXR10 5100E series product is composed of control module,switching module,interface module,power supply module,and monitoring module.

1. Control module. Control module is composed of main processor and some external functional chips, realizing the processing of various applications. Providing serial interface for external management configuration, it implements data operation and maintenance.

2. Switching module. Switching module is a p acket processor. It implements processing and switching of data packets sent by each port.

3. Interface module. Interface module is composed of interface chip and corresponding circuit nearby. It mainly implements external user connection and receiving & sending of data packets.

4. Power supply module. Power supply module supports 1+1 backup and hot swapping. Adopting 220V AC power supply or -48V DC power supply, it provides other parts in the system with the necessary power supply.

5. Monitoring module. 3-port dry contact signal input and 5-port dry contact signal output.

Figure 4-4 System hardware diagram of ZXR10 5100E

4.2.1 Control Module and Switching Module

Control and switching module is the core part of ZXR10 5100E. It mainly implements two functions of control module and switching module.

In ZXR10 5100E system, control and switching module is installed in cassette structure with no independent panel. Its interfaces and signal indicators are on the front panel of the system. Its block diagram is shown in the following Figure:

Figure 4-5 Diagram of main control card

SwitchCPU system

BOOTROM

10/100/1000M interface signal

Console interface

MGT interface

SwitchCPU system

BOOTROM

10/100/1000M interface signal

Console interface

MGT interface

The control module is composed of the main processor and some external application chips. It provides external operation interfaces, for example, serial ports and Ethernet ports, by which the system can process all kinds of applications. The main processor is a high-performance CPU processor, which performs the following functions:

System NM protocol, for example, SNMP

Static IP route network protocols

Providing the operation and management interfaces for line cards

Data operation and maintenance

The switch module is designed with a de dicated Switch chip, which is integrated with multiple Gigabit and Gigabit bi-directional interfaces, allowing it to process wire-speed switching of multiple ports. The Switch chip provides the following functions:

1. Store and forward switching

2. Supporting 9KB jumbo frames

3. Supporting priority queuing, where frames can be dropped selectively when the CoS queue is in congestion

4. Providing one management and control timer for each port

4.2.1.1 Interface

Console Port

Management terminal performs operations and maintenance on ZXR10 5100E through Console port. It is connected with COM port on management terminal by serial cable. One end of the serial cable connecting ZXR10 5100E is RJ45 plug, and the other end of the cable is DB9 female plug, connected to management terminal.

Management Interface

Management terminal can perform operations and maintenance on ZXR10 5100E through management interface, which supports 100Base-TX.

External Alarm Interface

It supports 5-port external alarm input and 3-port alarm output with the interface physical plug of RJ45.

100/1000Base-T Ethernet Interface

Table 4-1 The Assistant Interface Type and Interface Number of ZXR10 5100E

Assistant Interface Parameter Remarks External Alarm Interface Support 5-port external

warning input and 3-port warning output

Console Interface Support 1-port Console interface

Network Management Interface

Support 1-port network management interface

Main control card of ZXR10 5116E and ZXR10 5128E supports 1000 Base-T and 100Base-TX on CAT5. The characteristics are as shown in the following table:

Table 4-2 Feature of 100/1000Base-T Ethernet interface on main control card of ZXR10 5100E

Port type Features

100/1000Base-T

Conforming the following standards: 1000BASE-T IEEE 802.3u RJ45 plug CAT5 Unshielded Twisted Pair (UTP) with the longest transmission distance 100m MDI/MDIX

4.2.1.2 Indicator

There are 14 indicators on front panel of ZXR10 5116E, where 12 indicators are port status indicators. There are 1 system indicators SYS/ALM and 1 management interface indicator MNG.

There are 26 indicators on front panel of ZXR10 5128E and 5128E-FI, where 24 indicators are port status indicators. There are 1 system indicators SYS/ALM and 1 management interface indicator MNG.

Functions of ZXR10 5100E system indicators are shown in the following table:

Table 4-3 Functions of ZXR10 5100E system indicators

Indicators Off Green Red

SYS/ALM The equipment is power off

Green indicator flashes: the equipment works well

Red indicator flashes: error occurs to the equipment

MNG No connection

Green indicator on: link Green indicator flashes: active

FAN Fan chassis is not connected

Green indicator flashes: all fans work well

Red indicator flashes: error occurs to one or more fans

There is a MODE button on the front panel of ZXR105100E. M_button function provides some display function of key statistics data and indicator function of key event by using panel indicator, which makes it convenient to maintain our equipment. M_button function mainly includes the following modes:

1. LINK mode (LINK): in this mode, port indicator displays LINK/ACT state of port. If port is in link state, the green indicator is on. If there is traffic, green indicator is flashing. If port is not in link state, the indicator is off.

2. SPD mode (SPD): in this mode, port indicator displays the current speed of port. If port speed is the same as port default speed, green indicator is on. If not, yellow indicator is on.

3. DUP mode (DUP): in this mode, port indicator displays duplex state. If port is in full-duplex state, green indicator is on. If port is in half-duplex state, yellow indicator is on.

4. STAT mode (STAT): in this mode, port indicator displays STP state. If port STP state is Forward, green indicator is on. If port STP state is Disable, green indicator is off. If it’s other state, yellow indicator is on.

5. CPU utilization ratio mode (CPU%): in this mode, port indicator displays the current CPU utilization ratio. 5116E uses the indicator of port 1~12 to view, each port indicates 8%.5128E and 5128E-FI use the indicator of port 1~20 to view, each port indicates 5%.

6. Memory utilization ratio mode (MEM%): in this mode, port indicator displays the current memory utilization ratio. 5116E use the indicator of port 1~12 to view, each port indicates 8%.5128E and 5128E-FI use the indicator of port 1~20 to view, each port indicates 5%.

7. Uplink port outbound bandwidth occupation rate mode (↑BW%): in this mode, port indicator displays current uplink port outbound bandwidth occupation rate, take the uplink port current speed as baseline. 5116E use the indicator of port 1~12 to view, each port indicates 8%.5128E and 5128E-FI use the indicator of port 1~20 to view, each port indicates 5%.

8. Uplink port inbound bandwidth occupation rate mode (↓BW%): in this mode, port indicator displays current uplink port inbound bandwidth occupation rate, taking the uplink port current speed as baseline. 5116E use the indicator of port 1~12 to view, each port indicates 8%. 5128E and 5128E-FI use the indicator of port 1~20 to view, each port indicates 5%.

9. PING network management center mode (PING): in this mode, use the first 5 port indicators to view. Equipment will send 5 ICMP packets to network management center, for each ICMP packet, if receive the correct reply, the corresponding indicator will turn green, if not, turn yellow.

10. CRC port display mode (CRC): in this mode, port indicator displays CRC error. If port has CRC error frame statistics, green indicator is on. Otherwise green indicator is off.

11. STORM port display mode (STORM): in this mode, port indicator displays storm port. If port is storm port, green indicator is on. Otherwise green indicator is off.

12. NoMAC port display mode (NoMAC): in this mode, port indicator displays if MAC is learned. If port does not learn MAC, green indicator is on. Otherwise green indicator is off.

4.2.2 Interface Module

ZXR10 5100E supports 4-port gigabit Ethernet optical/electrical interface card, 4-port 10G Ethernet optical interface card. GE Ethernet interface card support optical/electrical adaptive interface. All optical interfaces use swappable optical modules, so one line card can support multiple sorts of transmission media and distance. This decreases the number of extra line card in different situations, and helps operator to get maximum profit from minimum investment.

The interface cards ZXR10 5100E supports are shown in table 4.

Table 4-4 Service Interface Card of ZXR10 5100E

Interface Card Type Description Remarks

GE Interface Card

4-Port GE Electrical Interface Card Fit 5116E, 5128E, 5128E-FI. Not support hot-swappable service.

4-Port GE Optical Interface Card Fit 5116E ,5128E, 5128E-FI. Not support hot-swappable service.

10GE Interface Card 4-Port 10GE Optical Interface Card

Fit 5116E, 5128E, 5128E-FI. Not support hot-swappable service.

4.2.3 Power Module

ZXR10 5100E supports dual power supply modules. Two modules support AC-DC power supply and DC-DC power supply respectively. They both support 1+1 hot backup input through the front panel. It supports hot swapping service. A power supply module adopts 220V input.

4.3 Software Architecture ZXR10 5100E series products support for multiple functions, providing L2 wire speed switching QoS assurance. The system software performs management, control, and data forwarding. Its basic operations include system start, configuration management, running of protocols, maintenance of tables, setting switch chips, and status control, as well as software forwarding of some special packets. The system software must implement the following functions:

Implementing major L2 protocol functions, including 802.1D STP protocol, 802.1P priority control, related functions of 802.1Q VLAN, and 802.3ad link aggregation

Supporting Ipv4 protocol stacks and basic static routing protocols

Implementing multi-layer services such as ACL and DHCP

Implementing some broadband access functions

Implementing network management protocol SNMPv3 and Agent

Allowing users to perform network management via the serial terminal, Telnet, or SNMP Manager, including network configuration management, fault management, performance management and security management.

Smooth upgrade of the software version, and on-line upgrade of the active/standby protocol processing cards and switching network cards.

Network security function

Based on the system functions mentioned above, the system software could be divided into five subsystems.

Operation support subsystem, including software modules such as BSP, ROS, SSP, and VxWorks kernel

MUX subsystem, including the data distribution module, statistics and monitoring module, and driving and encapsulation module. The data distribution module distributes data packets to the driver and upper-layer software. The statistics and monitoring module measures data, forwards information, and monitors the software table.

L2 subsystem, including processing STP protocol, LACP protocol, IGMP SNOOPING protocol, MAC address management, VLAN management and L2 data forwarding

L3 subsystem, which implements basic protocols of TCP/IP, such as IP, ARP, ICMP, TCP, and UDP, and application protocols such as FTP and Telnet.

NM and operation & maintenance subsystem, which implements the Agent function of the SNMP network management, supports command line management, provides operation & maintenance interfaces, and provides MIB information.

4.3.1 Operation Support Subsystem

The operation support subsystem drives and encapsulates the bottom-layer hardware, providing support for other software systems on the upper layer. This subsystem provides support for the running of the hardware, allocating resources for the hardware, and provides the hardware-related interfaces for the upper-layer software. The operation support subsystem relies on t he RoS platform of the ZXR10, and it is composed of system support, system control, version load control, BSP, and SSP. It can be further divided into the operating system kernel, process scheduling, process communication, timer management, and memory management modules. The functional block diagram for the operation support subsystem is shown as follow:

Figure 4-6 Functional Block Diagram for the Operation Support Subsystem

4.3.2 MUX Subsystem

The MUX subsystem exchanges information with the driver and the upper-layer software, and measures and monitors the software table of the switch chip. The MUX subsystem mainly performs data distribution and measurement and monitoring. After the MUX layer receives the data packets from the driving module, it forwards the packets by type according to the ETHER TYPES fields in the MAC frames. The data distribution of the MUX also includes the encapsulation of the data sending function of the driver, to provide the modules on the upper layer with a new data sending function for invocation. When the modules on t he upper layer have data packets or protocol packets to send, they can invoke the data sending function provided by the MUX. The measurement and monitoring function measures the status of the driver layer, physical layer and MUX layer, measures the packets received/sent, monitors the access to the register, and performs the sniffer operations to the data packets, providing the OAM module with the interface function.

4.3.3 L2 Subsystem

The L2 subsystem performs configuration management (management layer) on the data link layer, protocol processing on L2 (control layer), and data forwarding (data layer or service layer). The function modules are illustrated as follow:

Figure 4-7 functional Block Diagram of the L2 Subsystem

4.3.4 NM and Operation & Maintenance Subsystem

The foreground NM and Operation & Maintenance subsystem uses TCP/IP to implement the agent of the SNMP NM, and meets the management requirements by using the execution entities of the managed entities on t he bottom layer. The background NM communicates with the foreground NM via the network to manage the foreground system. In this way, the management network is isolated from the transmission network.

4.4 ZXROS Platform ZXROS is a multitask-based distributed real-time network operating system, providing unified IP protocol supported by all devices from ZTE. ZXROS offers a mature and steady architecture, and has been extensively used by lots of carriers. With reinforcement and extension on the basis of the original platform, the existing platform in terms of user’s service requirements give more consideration on user’s OPEX, CAPEX, service scalability and implementation.

Sound Encapsulation

− The configurations of all products are in the same style, which makes user easy to operate and maintain.

Powerful Monitoring Service

− Monitor process and memory abnormities.

− Monitor the working status of power supply module, fan, voltage, current, and working temperature.

− Provide fast failure location to guarantee high reliability of the product version.

Flexible Modular Components

− All service module based upon ZXROS can be added or uninstalled easily; new services can be developed based upon the original architecture.

− Based upon user’s demands, provide flexible on-demand service and fast respond to user’s requirements.

With superior interoperation, it follows the following standard and protocols

Table 4-5 L2 Protocol Standard

L2 Protocol Standard IEEE 802.1d Bridging IEEE802.1x Port Based Network Access EEE 802.1s Multiple Spanning Tree IEEE 802.3ad Link Aggregation IEEE 802.1w Rapid Spanning Tree IEEE 802.3ag Service Layer OAM IEEE 802.1Q VLAN tagging IEEE 802.3ah Provider Backbone B 9216 bytes jumbo frame forward on Ethernet and pos interface

IEEE 802.1ab LLDP(Link Layer Discovery Protocol)

IEEE 802.1ad VLAN stacking, Select QinQ, VLAN translate IGMP v1/v2 snooping/proxy

IEEE 802.3 10BaseT IEEE 802.3ae 10Gpbs Ethernet IEEE802.3ah Ethernet OAM IEEE 802.3x Flow Control IEEE 802.3 100BaseT IEEE 802.3z 1000BaseSX/LX IEEE 802.3u 100BaseTx IEEE 802.3ae 10Gbps Ethernet ESRP Ethernet smart Ring Protocol ZESS ZTE Ethernet smart switch IEEE 802.1p VLAN Priority

Table 4-6 TCP/IP Protocol Standard

TCP/IP Protocol Standard RFC 768 UDP RFC 791 IP RFC 792 ICMP RFC 793 TCP RFC 826 ARP RFC 854 Telnet RFC 951 BootP RFC 1350 TFTP

RFC 2328 TFTP Blocksize Option RFC 2401 Security Architecture for Internet Protocol

RFC2349TFTPTimeoutIntervaland TransferSize option RFC 2347 TFTP option Extension

Table 4-7 Differentiated Services Standard

Differentiated Services Standard RFC 2474 Definition of the DS Field the IPv4 and IPv6 Headers(Rev) RFC 2598 An Expedited Forwarding PHB

RFC 2597 Assured Forwarding PHB Group (rev3260)

RFC 3140 Per-Hop Behavior Identification Codes

Table 4-8 DHCP Standard

DHCP Standard RFC 2131 DynamicHost-Configuration Protocol(REV)

RFC 3046DHCP Relay Agent Information Option(Option 82)

Table 4-9 Network Management Standard

Network Management Standard

ITU-T M.3000, Overview of TMN recommendations

ITU-T M.3010, PrincIPles for a Telecommunications management network

ITU-T M.3016, TMN security overview ITU-T M.3020, TMN Interface Specification Methodology

ITU-T M.3100 Generic Network Information Model

ITU-T M.3101, Managed Object Conformance Statements for the Generic Network Information Model

ITU-T M.3200, TMN management services and telecommunications managed areas: overview

ITU-T M.3300, TMN F interface requirements

ITU-T M.3400, TMN Management Function

ITU-T Temporary Document 69 (IP Experts): Revised draft document on IP access network architecture

ITU-T X.701-X.709, Systems Management framework and architecture

ITU-T X.710-X.719, Management Communication Service and Protocol

ITU-T X.720-X.729, Structure of Management Information

ITU-T X.730-X.799, Management functions

RFC1157, Simple Network Management Protocol

RFC1213, Management Information Base for Network Management of TCP/IP based internets: MIB-II

RFC1901, Introduction to Community-based SNMPv2

RFC1902, Structure of Management Information for Version 2 of the Simple Network Management Protocol (SNMPv2)

RFC1903, Textual Conventions for Version 2 of the Simple Network Management Protocol (SNMPv2)

RFC1905, Protocol Operations for Version 2 of the Simple Network Management Protocol (SNMPv2)

RFC2037, Entity MIB using SMIv2 RFC2233, The Interface Group MIB using SMIv2

RFC1558, A String Representation of RFC1558, A String Representation of

Network Management Standard LDAP Search Filters LDAP Search Filters RFC1777, Lightweight Directory Access Protocol

RFC1778, The String Representation of Standard Attribute Syntaxes

RFC1959, An LDAP URL Format RFC2251, Lightweight Directory Access Protocol (v3)

RFC1493, Definitions of Managed Objects for Bridges

GB901, A Service management Business Process Model

GB910，Telecom Operations Map GB909，Generic Requirements for Telecommunications Management Building Blocks

RFC1757, Remote Network Monitoring Management Information Base

GB908，Network Management Detailed Operations Map

RFC1757, Remote Network Monitoring Management Information Base GB914，System Integration Map

GB917, SLA Management Handbook V1.5

NMF038, Bandwidth Management Ensemble V1.0

TMF508, Connection and Service Management Information Model Business Agreement

TMF801, Plug and Play Service Fulfillment Phase 2 Validation Specification V1.0

TMF605, Connection and Service Management Information Model

NMF037, Sub-System Alarm Surveillance Ensemble V1.0

TMF053, NGOSS Architecture Technology Neutral Specification V1.5

TMF053A, NGOSS Architecture Technology Neutral Specification V1.5

TMF053B, NGOSS Architecture Technology Neutral Specification V1.5 RFC 1907 SNMPv2-MIB

TMF816, B2B Managed Service for DSL Interface Implementation Specification V1.5

Interworking Between CORBA and TMN System Specification V1.0

YD/T 852-1996 General design principle of TMN

YD/T 871-1996 General information model of TMN

YD/T XXXX-2001 General technical specification of broadband MAN

YD/T XXXX-2001 IP Network technical specification-network performance parameter and availability

YD/T XXXX-2000 IP Network technical specification –network in general

YDN 075-1998 China public multimedia communications network management specification

YDN 075-1998 China public multimedia communications network management standard

RFC 1215 A Convention for Defin-ing Traps for use with the SNMP

RFC 2138 RADIUS RFC 3014 NOTIFICATION-LOGMIB draft-ietf-disman-alarm-mib-04.txt RFC 3164 Syslog

5 Technical Specifications

5.1 Physical Indices

Table 5-1 Physical Parameters

Physical Parameter 5116E/5128E/5128E-FI Size(H×W×D) 44.45mm×442mm×220mm

Weight (Full Configuration, including two power supply modules and s ubcards)

ZXR10 5128E：4.8kg ZXR10 5128E-FI：4.8kg ZXR10 5116E：3.8kg

Power Consumption

ZXR10 5128E: The minimum:<43w The maximum:<63w ZXR10 5128E-FI: The minimum:<35w The maximum:<64w ZXR10 5116E: The minimum:<30w The maximum:<45w

Working Temperature long-term: -5℃～+50℃;short-term: -5℃～+55℃

Storage Temperature -40℃～70℃

Working Humidity Relative humidity 10%～90%, non-condensing.

Anti-lightening AC power supply provides 6KV anti-lightening capability

Power supply AC power supply: 100V～240V, 50Hz～60Hz DC power supply: -40V～-57V

Anti-Seismic Design Anti-8 magnitude earthquake design

Reliability

MTBF:>200000 hours MTTR:<30 minutes EMC: FCC Part 15 (CFR 47) Class A EN55022 Class A ETSI EN 300 386 V1.3.1 EN55024 Safety: UL 60950 3rd Edition CSA C22.2 No 60950 3rd Edition EN 60950 EC 60950 EN60825-1+A1 and EN60825-2

5.2 Capacity See the table named “Basic Performance”.

5.3 Performance

Table 5-2 Basic Performance

Basic Performance Indices 5116E/5128E/5128E-FI

Forwarding performance

Swathing capacity 128G

Packet forwarding capability

5128Eand5128E-FI: 95M 5116E:77M

L2 Features

MAC address table 32K

VLAN number 4K L2 multicast table 1K

Ingress ACL rule number 4k

Egress ACL rule number 512

CAR granularity 64 kbit/s COS queue number

8 queues per port

Cos Queue for CPU

HQoS level 2 l ayers

Ethernet OAM

MD 8 LMEP 256 RMEP 2K CC delivery frequency 3.3ms/10ms/100ms/1s/10s

5.4 Power See the table 5-1.

5.5 Working Environment See the table 5-1.

5.6 Environmental Classes See the table 5-1.

5.7 Reliability

Table 5-3 Reliability

Item Description

Reliability Support ZESR(ESRP+) Ethernet ring protection Support ZESS dual-homing protection

6 Operation and Maintenance

6.1 NetNumen N31 Unified Network Management Platform Due to the development of IP network, there are more and more services implemented by IP network. At the same time, the network ranges larger, and configures harder, plus user’s higher expectation, the network management becomes more and more difficult. Only manual management and p assive inspection can not meet the requirements of running the entire system.

Now the maintenance engineer is focusing on how to deploy service swiftly, how to keep steady network operation, how to predict the operating quality of the network and how to locate the failure as soon as it happens. Therefore, the active network monitoring, automatic network failure inspection and recovery, and sound network operation are urgently required to guarantee maximum network profit.

ZTE giving positive response to the call of the times develops NetNumen N31 unified network management system. It is an i ntegrated network management system composed by router, switch and CE, responsible for network element management, network management and service management. It supports multiple sorts of database, has graphic interface in different languages for convenient operation. Besides, this system also provides flexible northbound interface, supporting powerful interconnecting integration.

6.1.1 Network Management Networking Mode

Between NetNumen N31 NMS and ZXR10 5100E series equipment, inband management and outband management networking modes can be used.

Inband Management

Inband Management, i.e. instead of requiring an extra DCN, network management information and s ervice data are delivered in the same channel. NetNumen N31 only has to connect with its nearby network equipments, and then together with configured SNMP, it can arrange management.

The advantage of inband management is that flexible networking does not ask for extra investment. But the network management information takes up service bandwidth, so it may seriously affect service quality.

Outband Management

Outband management, i.e. the network management information is delivered in service data independent from service data, so extra DCN is needed. NetNumen N31 network management system is connected with the outband management interface of ZXR10 5100E, so that network management information and s ervice information can be delivered independently.

By using outband management, the breakup of the service channel will not prevent the network management station to do equipment management, so that the transport of network information becomes more reliable. But the independent network is limited by the geographic reasons and requires extra investment.

6.1.2 NetNumen N31 Network Management System

NetNumen N31 network management system is an integrated management system designed by ZTE for its router, switch and CE. It covers network element management, network management and service management. NetNumen N31 network management system provides the following services.

Failure management makes sure steady network operation

In the maintenance of network management, the administrator urgently needs to know the network operating status to make sure steady network operation. The failure management of NetNumen N31 is responsible for receiving real-time equipment warning and network events from all NE, so that it can give audible and visible information to maintenance staffs; after being confirmed by maintenance staffs, the collected warning report will be saved for future statistics and search. Failure management is the most important and c ommonly used method in user’s network operating maintenance. Via failure management, user can arrange information search, real-time monitoring, failure filtering, failure location, failure confirmation, failure deletion, and failure analysis for ZXR105100E series device. Besides, NetNumen N31 system also provides voice prompt, graphic warning display, and informs user the failure by sending Email and messages via warning system, Email system, SMS system, which simplifies user’s daily maintenance.

Performance management enables complete understanding of network services

The traffic direction, traffic load and network load are the key issues in network management. The performance management module of NetNumen N31 is mainly responsible for the performance monitoring and analysis of data network and its equipments. The performance data collected by network element will generate performance report after a c ertain processing, so that maintenance and management departments can get information to guide network engineering, plan, network scheduling and improve network operating quality. Via performance management, user can implement load, traffic direction and interface load collection, get timely service quality report and give prompt evaluations and adjustment on entire network resource configuration.

Resource management makes reasonable use of network resource

The resource management realizes the management of physical resource and logical resource, so it is an inevitable basic system in carrier’s service progress. Also it is the critical precondition for realizing automatic service initiation and automatic service guarantee. Via resource management, user via the resource management system not only can get information of the management of the equipment, module, interface and link in the network, but also can know the operating status of the logical resources, such as, VLAN resource, and MAC addresses.

View management makes network operation clear and easy

View management provides unified network topology and multi-view management, which enables the user to be aware of the network topology and equipment operating running status in the entire network. At the same time, it provides maintenance interfaces for network and equipment. User utilizes view management to know the operating status and warning status of the equipment. And also, it supports fast navigation to other management systems.

Configuration management enables fast service deployment

The configuration management implements the configuration of ZXR10 5100E series, including equipment management, interface management, VLAN management, L2 attribute management, QoS management, software upgrade management, and c onfiguration file management; Also it supports many customer-friendly configuration modes, such as end-to-end configuration, in-batch configuration, guiding configuration. Besides, it offers default configuration models to corresponding management.

Security management protects network from hacking

The security management is mainly responsible for user’s legal network operation. It implements the management of user, user group and role. By arranging correct relationships between user, user group and role, it provides administrators with security control mechanism. Via login Authentication, it prevents illegal users from accessing the system. By authorized operation, it offers security mechanism to administrator’s secure operation.

Northbound interface gives conveniences to integration

Due to the fast development of telecom industry, one carrier nowadays should manage multiple different network element equipment or professional network management system. The drawbacks for instance no interaction among different professional network management systems, complicated management content, and multiple operating interfaces become more and more obvious. To enhance the integrated network management level and effect of telecom enterprise, one network management station can be used to implement all sorts of management and control

to the interconnected networks, so that, the integrated entire network management comes true.

The integrated network management connects with professional network management via interface. So the professional network management should provide standard open northbound interface to the integrated network management system, so that, it can integrate with the integrated network management system rapidly and reliably. NetNumen N31 supports many types of northbound interface, e.g. CORBA, SNMP, TL1 and FTP.

6.2 Maintenance and Management

6.2.1 Multiple Configuration Modes

ZXR10 5100E series equipment provides multiple equipment login and management configuration modes, which enables user to choose the optimal way to configuring its connections. It makes the equipment maintenance easier.

Multiple configuration and management modes:

Serial interface connection configuration: Serial interface connection configuration uses VT100 terminal mode. It can use super terminal tool provided by Windows operating system to complete the configuration; for the bare metal or connectionless equipment, this method is the only choice;

Telnet connection configuration: 1. Via the IP address of the management Ethernet interface telnet （10/100Base-TX）on telnet main control board to configure switch; 2. Configure IP address over VLAN interface and set user name and password. Via the IP address of telnet VLAN interface, it implements switch configuration; when user requires remote login, and is able to communicating with equipment, this connection configuration mode can be used;

SSH（Secure Shell） protocol connection configuration: Initiate SSH service on ZXR10 5100E series equipment, connect the VLAN interface IP address or management Ethernet port IP address via SSH client software to implement more secure switch configuration. When users require remote login with high demands for security, this connection configuration can be chosen;

SNMP connection configuration: The background network server acts as SNMP server, the front equipment ZXR10 5100E series equipment works as SNMP Client. The background and front equipment share one MIB to manage the configuration of ZXR10 5100E series equipment via network management software; This connection configuration mode enables the user to implement effective management configuration via network management software.

6.2.2 Monitoring, Controlling and Maintenance

ZXR10 5100E series is capable of multiple ways of equipment policing, management and maintenance, which enables the equipment to process all sorts of abnormity correctly, and provide users with all types of parameter in the course of equipment operation.

Equipment Monitoring, Controlling:

There are indicators on power supply module, fan, MSC and all LICs. They show the operating status of these components;

The MSC switchover and hot swappable records are kept for future reference;

When the fan, power supply or temperature goes wrong, the voice warning and software warning will be generated;

The system inspects the suitability of software versions during operation automatically;

The system operation automatically monitors the module temperature, and provides temperature control warning and software warning;

The system monitors the operating status of the software, when abnormity happens, the LIC will be restarted and MSC switchover will be implemented as well.

Equipment management and maintenance:

The command line provides flexible online help;

Provide hierarchical user authority management and hierarchical commands;

Support information center, provide unified management of log, alarm and scheduling information;

Via CLI, user can check the basic information of all MSC, LIC, and optical modules;

Provide multiple sorts of information query, including version, component status, temperature, CPU and memory availability.

6.2.3 Diagnosis and Debugging

ZXR10 5100E series provides multiple sorts of diagnosis and debugging methods, enabling user to have multiple ways to adjust equipment and get more debugging information.

Ping and TraceRoute: by inspecting whether or not the network connection is reachable and recording the transport path online, maintenance staffs can get link information for further analysis of failure locating;

Debugging: rich debug commands are provided for each software feature. Every debug command supports multiple debugging parameters, so it can be controlled flexibly. Via debug command, specific information of the progress, packet processing and error inspection of the service in the course of operation can be displayed;

Mirroring image service: it supports interface-based mirroring image, via which the incoming, outgoing or bidirectional packets are replicated to the observed interface.

6.2.4 Software Upgrad

ZXR10 5100E provides software upgrade modes in both normal and abn ormal conditions.

Upgrade when the system is abnormal: Provide software upgrade when the equipment can not be initiated normally. Via modifying boot initation mode, load new software version from the management Ethernet interface to complete initiation upgrade;

Upgrade when the system is normal: Provide local or remote FTP online upgrade when the equipment is in normal condition.

6.2.5 File System Management

6.2.5.1 File system introduction

In ZXR10 5100E series equipment, the main storage device on MSC is FLASH, in which software version file and configuration file are saved. So both software upgrade and configuration storage will have some implementations on FLASH. FLASH consists of three categories: IMG, CFG and DATA.

IMG: This category is used to save software version file. Software version file with the extension name of “.zar” is a particular compressed file. The version upgrade actually is the change of the software version file in this category.

CFG: This category is used to save configuration file whose name is “startrun.dat”;

DATA: This category is used to save abnormal information of the equipment. The file name format is “ YYYY-MM-DD HH-mm-SS.zte” .

6.2.5.2 File system operation

File backup and recovery: By using FTP/TFTP, the backup of software version file, configuration file and log of ZXR10 5100E series equipment can be s ave to the background server. Or the backup file can be restored from the background server;

File import and export: support the import/export of the file, after that, FTP/TFTP will replicate the file to the background host. The warning file and configuration file can be imported and exported for upgrade;.

7 Networking

7.1 Product Features in Real Network Implementations

7.1.1 SVLAN( Flexible QinQ)

SVLAN of ZXR10 5100E implements the function of providing SPVLAN label based on traffic. That is to say, it provides users with corresponding SPVLAN label on one Customer port based on their needs according to different CVLAN label carried by packets.

By SVLAN, users can implement mapping from QoS of CVLAN label to SPVLAN.

As shown in the following figure, to implement one VLAN per user and sole identification for user, start QinQ on user access aggregation switch ZXR10 5100E. In this way inner layer and outer layer VLAN are combined to represent a user. Outer layer VLAN is selected based on inner layer VLAN or ACL traffic.

Figure 7-1 SVLAN networking application

7.1.2 ESRP

Figure 7-2 ZESR networking application

ESRP（Ethernet Smart Ring Protocol）is based on ITU G.8032 protocol. It checks whether the loop is connected to make sure that there is only one logically connected path between any two points on the ring. It re-set port status (block or forward) based on loop changes (connected-blocked; blocked-connected) to make logic path switch quickly.

Show as figure above, to enhance the network reliability, ESRP is deployed in the middle of access/aggregation layer. When a dev ice on t he ring fails, forwarding will not be impacted. The secondary port will be unblocked to implement reverse data forwarding. At the same time MAC table item is notified to get updated to guarantee non-interrupted services.

7.1.3 ZESS

Protecting the uplink links of access/aggregation layer device is a problem that users keep focusing on. Traditional technologies can only implement dual uplink links protection of a single device with single point error on uplinking device. To meet the practical networking needs, ZTE develops more advanced ZESS.

The application of ZXR10 5100E in ZESS is shown in Figure:

Figure 7-3 ZESS networking application

ZXR10 5100E supports ZESS uplink link protection. It can implement single device dual uplink networking such as ZESS domain4 and ZESS domain5. It can implement square connection of two devices and the upper layer NPE such as ZESS domain1. It can also implement crossing connection of two devices and upper layer NPE such as ZESS domain2 and ZESS domain3.

ZXR10 5100E ZESS supports main/standby and load sharing mode. In main/standby mode, the standby link doesn’t carry traffic in normal situation. In load balancing mode, two uplink links can carry part of traffic respectively so as to implement load balancing.

7.2 Integrated Networking Applications

7.2.1 MAN Access Layer Solution

It provides 1000M access and 10GE uplink. Working with 802.1x authentication, IP source guard, DAI, security port and conversion from dynamic MAC to static, it can satisfy most of the requirements of enterprise network access.

Figure 7-4 MAN Application

7.2.2 Enterprise Network Solution

MAN access can adopt ordinary tree type and ZESR plus PVLAN. Working with DHCP snooping and ip source guard, it provides users with high security guarantee. At the same time, ZXR10 5100E can use QinQ or SVLAN to further distinguish users and services, and to provide rich control information for service planning of the whole network.

Figure 7-5 Enterprise Network Application

8 Glossary Abbreviations Full Characteristics

ARP Address Resolution Protocol ACL Access Control List COS Class of Service BRAS Broadband Remote Access Server DSLAM Digital Subscriber Line Access Multiplexer SSH Secure Shell RED Random Early Detection DSCP Differentiated Services Code Point RMON Remote Monitor SNMP Simple Network Management Protocol DHCP Dynamic Host Control Protocol ESRP Ethernet Smart Ring Protocol ERSPAN Encapsulated Remote SPAN

OAM Operations，Administration and Maintenance

QoS Quality of Service ZESS ZTE Ethernet Smart Switch PVLAN Private VLAN PUPV Per User Per VLAN PSPV Per Service Per VLAN STP Spanning Tree Protocol RSTP Rapid Spanning Tree Protocol LACP Link Aggregation Control Protocol BPDU bridge protocol data unit DCN Data Communication Network TFTP Trivial File Transfer Protocol UDLD UniDirectional Link Detection LLDP Link Layer Discovery Protocol L2TP layer 2 protocol transportation VCT Virtual Cable Tester CFM Connectivity Fault Management MA Maintenance Association MP Maintenance Point MD Maintenance Domains LTM LinkTrace Messages LBM LoopBack. Messages LTR LinkTrace Reply

Abbreviations Full Characteristics LBR LoopBack Reply IEEE Institute of Electrical and Electronics Engineers RADIUS Remote Authentication Dial In User Service

ZXR10 5100E oduct Pr Description - libertyport.com · ZTE CONFIDENTIAL: This document contains...

Documents

Transcript of ZXR10 5100E oduct Pr Description - libertyport.com · ZTE CONFIDENTIAL: This document contains...

FEB 2013 VOL. 15 NO. 1 ISSUE 144 - ZTE€¦ · 3 ZTE TECHNOLOGIES FEB 2013 FEB 2013 ZTE TECHNOLOGIES 4 9 January 2013, Las Vegas, N.V. ― ZTE announced the world debut of the ZTE

Zte Lte1800

ZTE DRBC ( ZTE Dynamic Radio Bearer Control Algorithm )

Zte Lte Apt 700mhz Terminal White Paper Zte June 2013

ZXR10M6000 - libertyport.com · Carrier-ClassRouter ProductDescription(M6000-16&-8) Version: 2.00.20 ... ZTE CORPORATION or its licensors may have current or pending intellectual

ZXDU68T451 - libertyport.com · manual. l Connectthebatterycablesaccordingtotheinstructions. ... contactusbye-mailat800@zte.com.cn.Youcanalsocallourcustomersupportcenter at(86)75526771900.

ZTE Corporation - Asit · © ZTE Corporation. ... © ZTE Corporation. All rights reserved 3 ZTE at glance ... bolstered by growth in the company’s Carrier Networks

ZTE N910 User Manual - Compare Cellularimages.comparecellular.com/phones/1875/zte anthem.pdf · ZTE N910 User Manual . 2 LEGAL INFORMATION ... The manual is published by ZTE Corporation.

ZTE Blade V PLUS ZTE Blade V580 User Guide · ZTE Blade V PLUS ZTE Blade V580 User Guide ZTE Australia provides dedicated support with a local call centre and social media outreach.

5GNewRadio:PhysicalLayerOverview - ZTE

user-manual-ZTE-ZTE TEL-E.pdf

ZXDU58W121 - libertyport.com · E-mail: support@zte.com.cn. LEGAL INFORMATION ... W121(V4.0)system. Intended Audience Thismanualisintendedfor: l Planningengineers l Maintenanceengineers

Zte Co cloud ZTE U Sapphire Data Center

Catalogo Zte

Manual Zte

ZTE 4G Fit Smart User Guide - ZTE Australia

ZTE BLADE A910 User Manual2 ZTE ZTE BLADE A910 ... · ZTE BLADE A910 User Manual ... ZTE Corporation expressly disclaims any liability for faults and damages caused by unauthorized

IBM · Netcool/OMNIbus Probe for ZTE ZXONM E300 and U31 Wired (CORBA): Reference Guide. Chapter 1. Probe for ZTE ZXONM E300 and U31 Wired (CORBA) The ZTE E300, ZTE T3, and ZTE U31

Yong Guo, ZTE Dekun Liu, Huawei Junwen Zhang, ZTE

Zte Enterprise