Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Date
Author
Approved By
Remarks
V1.0
2008-05-30
Mao yucheng
Gu chengyu
V2.0
2009-09-09
Mao yucheng
Gu chengyu
Updating format
TABLE OF CONTENTS
1
Overview ..................................................................................................................... 1
2
2.1
2.2
2.3
2.4
2.5
3
3.1
3.1.1
3.1.2
3.2
Functionality ............................................................................................................... 5
Basic Function ............................................................................................................. 5
Layer 2 protocol supported .......................................................................................... 5
Layer 3 protocol supported .......................................................................................... 5
Service Functions ........................................................................................................ 5
4
4.1
4.2
4.2.1
4.2.2
4.2.3
4.2.4
4.2.5
4.3
4.3.1
4.3.2
4.3.3
4.3.4
4.3.5
4.3.6
4.3.7
4.3.8
4.3.9
4.3.10
4.3.11
4.3.12
4.3.13
4.3.14
4.3.15
4.3.16
4.3.17
4.3.18
4.3.19
6
6.1
6.2
6.3
Networking ................................................................................................................ 75
Large scale MAN convergence layer networking application .................................... 75
Medium and small scale MAN core layer networking application ............................. 75
Campus Network Applications ................................................................................... 76
II
III
FIGURES
Figure 1
Figure 2
Figure 3
Figure 4
Figure 5
Figure 6
Figure 7
Figure 8
Figure 9
Figure 10
Figure 11
Figure 12
Figure 13
Figure 14
Figure 15
Figure 16
Figure 17
Figure 18
Figure 19
Figure 20
Figure 21
Figure 22
Figure 23
Figure 24
Figure 25
Figure 26
Figure 27
Figure 28
Figure 29
Figure 30
Figure 31
Figure 32
Figure 33
Figure 34
Figure 35
Figure 36
Figure 37
Figure 38
Figure 39
Figure 40
Figure 41
Figure 42
Figure 43
Figure 44
IV
Figure 45
Figure 46
Figure 47
Figure 48
Figure 49
Figure 50
Figure 51
Figure 52
Figure 53
TABLES
Table 1
Table 2
Table 3
Table 4
Table 5
Table 6
Table 7
Table 8
Table 9
Table 10
Table 11
Table 12
Table 13
Table 14
Table 15
Table 16
Table 17
Table 18
Table 19
Table 20
Table 21
Table 22
Table 23
Table 24
Table 25
Table 26
Table 27
Table 28
Table 29
Table 30
Table 31
Table 32
Table 33
Table 34
Table 35
Table 36
Table 37
Table 38
Table 39
Table 40
Table 41
Table 42
Table 43
Table 44
Table 45
VI
Overview
As Internet services are growing dramatically, IP has become the most widely used
transmission method for the new generation of network infrastructure in the world and
IP-based services will take the leading place in ISP networks. To be more competitive in
the transformation of communications networks, carriers are building broadband IP
networks to carry data, voice, and video services.
ZTE is an industry-leading data communication equipment provider. As one of the three
strategic products, data communication product line dedicates to advanced, stable and
reliable data products research and development, to provide operator, government, and
enterprise with full series of IP network data products and end-to-end individualized
solution.
ZXR10 8900 series Terabit MPLS routing switches are the latest introduced products by
ZTE with high capacity and performance for the core/aggregation layer of the network.
The series has the following models: ZXR10 8912, 8908, 8905, and 8902, among which
ZXR10 8912 reaches up to 2.88Tbps for the bandwidth of the backplane, 1152Gbps
switching capacity, 857Mpps packet forwarding rate. ZXR10 8900 family supports
L2/L3/L4 wire speed switching capability, mainly positioned at the core/aggregation layer
of carriers IP MAN, the campus, e-government and corporate network.
ZXR10 8900 series products adopt advanced modular design, a paralleling processing
mechanism based on multiple processors, and a CROSSBAR space-division switching
architecture. The key module adopts 1:1 redundancy backup. It support a wide variety of
interfaces, such as 10GE, GE and FE, providing multiple service functions such as ipv4,
ipv6, MPLS, NAT, multicast, QoS and broadband control. ZXR10 8900 Terabit routing
switch is applicable to the core layer and aggregation layer of various networks with its
high reliability, high scalability, and powerful service capabilities.
ZXR10 8900 series Terabit MPLS routing switch has the following features:
Supporting IPV4 and IPV6 dual protocol stacking: supporting IPv4/IPv6 dual
protocol stacking, supporting high-speed IPv4/v6 transition mechanism, manual
general tunnel and automatic 6To4 tunnel.
High performance price ratio: has more competitive price with the same
performance and configuration compared with equipment from other vendors.
multicast,
controllable
multicast,
cluster
Highlight Features
2.1
2.2
2.3
2.4
2.5
Functionality
ZXR10 8900 series Terabit MPLS routing switches are the latest introduced products by
ZTE with high capacity and performance for the core/aggregation layer of the network.
The series has the following models: ZXR10 8912, 8908,8905 and 8902 among which
ZXR10 8912 reaches up to 2.88Tbps for the bandwidth of the backplane, 1152Gbps
switching capacity, 857Mpps packet forwarding rate. ZXR10 8900 family supports
L2/L3/L4 wire speed switching capability, mainly positioned at the core/aggregation layer
of carriers IP MAN, campus, e-government and corporate network.
3.1
Basic Function
3.1.1
3.1.2
3.2
Supporting IPv4 routing protocols such as RIPv1/v2, OSPF, BGP, and IS-IS.
Service Functions
QoS: ZXR10 8900 series switch provides complete QoS support for IP DiffServ
solution. It is completely compatible with standards of DiffServ solution including
RFC2474, RFC2475, RFC2497, and RFC2498. It supports packet 802.1p and
DSCP priority re-marking, packets sending and receiving rate restriction at port,
packet re-orientation, CAR, 8 port output queue, port-based queue scheduling (SP,
WRR, WFQ, SP+WFQ, and SP+WRR), and QoS Profile management. It permits
QoS service solution customization by users to support DiffServ components
(including classifier, marker, measuring unit, shaper and dropper) and various PHB
(congestion management and congestion avoidance). It supports 8 priority queues,
L2-based priority queue, L3-based source and destination traffic control and L4
source and destination traffic control.
ACL: ZXR10 8900 series have powerful ACL functions. It implements ACL filtering
by hardware. It can implement full wire-speed ACL. 8900 series switch ACL is
divided into 4 categories: standard ACL, extended ACL, L2 ACL and hybrid ACL.
System Architecture
4.1
Figure 1
Table 1
Description
Items
Physical
parameters
of the
device
4.2
8902
8905
8908
8912
Dimension
(Width*Height*Depth)
442mm
175mm
420mm
442mm
440mm
450mm
442mm
577mm
450mm
442mm
755mm
450mm
Weight
<25kg
<38kg
<49kg
<65kg
Hardware Architecture
This chapter mainly introduces system hardware and operation principles of ZXR10
8900 series Switches, helping people to have a better understanding of this system. It
includes the systems general structure, functional modules, board schematics, and
operation principles. The general architecture of the system, functional modules, the
figure of board and the operation philosophy are as shown in the follows.
4.2.1
Figure 2
Figure 3
4.2.2
Figure 4
The architecture of ZXR10 8902 in is different. The first level switching is implemented
over ports, and the second switching carried out between two line cards will be
implemented via high-speed XAUI bus.
Figure 5
Presently, the line cards of ZXR10 8900 series 10G MPLS routing switches are
universal. The schematic drawings of ZXR10 8900 series including control module,
switching module, packet processing module, interface module and power supply
module are as shown in Figure 4 and Figure 5.
4.2.3
10
Figure 6
Serdes
SDRAM
Switching
Fabric
Serdes
CP
U
Console
Management
BOOTR
OM
In practical operation, the main control board of ZXR10 8902 implements control feature,
which is as shown in Figure 7.
Figure 7
4.2.3.1
Control Module
Control module composed by master processor and some external functional chips
provides all kinds of interfaces, for example, serial port and Ethernet port, to enable the
system to process all types of applications. Acting as the master processor, the highperformance POWER PC processor can support SDRAM of up to 1G, 64M FLASH
program storage and 512K BOOYROM to complete the following tasks:
11
4.2.3.2
Providing interfaces for the operation and management of all the line cards.
Switching Module
Designed with particular CROSSBAR chip, the switching module centralizes multiple
high-speed bidirectional interfaces, so it can implement wire-speed switching of multiple
line cards. The switching chip has the following features:
4.2.3.3
Supporting priority-based queue. When CoS queues are congested, frames can be
discarded selectively.
Figure 8
First-generation and second-generation back panel for 8908 main control card are
shown in Figure 9:
Figure 9
Back panel for 8905 main control card is shown in Figure 10:
12
Back panel for 8902 main control card is shown in Figure 11:
The main control board contains Console port, MGT port and SD port respectively,
where Console port is used to enable the switch to implement local configuration and
management, MGT port is 10/100BASE-TX port used for upgrade and network
management, and SD for inserting SD card of up to 1G is used to control the upgrade,
buffer storage and recovery of software. The features are as shown in Table 2
Table 2
Ports
Features
Console port
RJ45 connector
RS232, BaudRate: 9600bit/s
Transmission distance<15m
MGT port
RJ45 connector
Using Category-5 UTP cables
Transmission distance: 100m
Half duplex/Full duplex
There are many keys such as BST and EXCH, on the panel of the main control board.
Their functions are as shown in Table 3
Table 3
Keys
Functions
RST
EXCH
The indicators on the panel of main control board are as shown in Table 4
13
Table 4
Indicators
1~2/5/8/
12
RUN
ALM
RUN
ALM
RUN
ALM
RUN
ALM
POW1~
2/3
MST
RES
4.2.4
SD port ACT
ACT
LINK
Power Module
In considering the practical implementation, ZXR10 8900 10G MPLS switch is designed
with redundant power supply system to guarantee equipments high reliability required
by telecom. At the same time, 48V DC power supply mode and 220V AC power supply
mode are provided. In 1+1 mode, two groups of 48V DC power can be offered. And 2+1
backup of AC power supply module enhances the reliability of power supply system.
The DC power supply board of 8912/8908/8905 is as shown in Figure 12
14
4.2.5
Interface Module
The interface module of ZXR10 8900 series 10G MPLS Switches refers to the line
interface card. The existing available line cards include: GE electrical interface board,
10G Ethernet optical interface board, and protocol processing board. ZXR10 8900 series
10G MPLS Switches use swappable optical transceivers in all optical interfaces of line
cards. Therefore, one line card supports multiple transmission media and transmission
distances, and some line cards even provide different types of ports, which reduces the
number of extra line cards in many cases and minimizes users investments. In addition,
all the subscriber electrical interfaces in line cards have cable diagnostic function that
can check the connection of the connected cable and locate the short circuit or open
circuit in the cable with accuracy of one meter.
4.2.5.1
15
PP according to their MAC addresses and IP addresses. If the destination port is in the
current board, PP directly forwards the packets to the port. If the destination port is not in
the current board, it forwards the packets to the uplink interface of the current board.
After being switched on the main control board, the packets are forwarded to the port on
the target board. All the operations are performed at wire speed. Additionally, the board
can add a powerful coprocessor to implement packet processing from L2 to L7 to satisfy
the complex applications in practice.
4.2.5.2
4.2.5.3
16
Panel
Interface
All interfaces on the 12-port GE electrical interface board supports RJ45 interface,
four of which uses pluggable SFP optical transceivers and support the four common
distances of gigabit Ethernet networks, as shown in Table 5
Table 5
4.2.5.4
Port Type
Specifications
10/100/1000BAS
E-TX
SX (SFP-M500)
LX (SFP-S10K)
LH (SFP-S40K)
LH (SFP-S80K)
Panel
17
Interface
12-port GE optical interface board uses pluggable SFP optical transceivers, with
each port supporting the four common distances of gigabit Ethernet networks, as
shown in Table 6
Table 6
4.2.5.5
Port
Type
Specifications
SX (SFPM500)
LX (SFPS10K)
LH (SFPS40K)
LH (SFPS80K)
10/100/1
000BASE
-TX
18
Panel
Interface
All interfaces on the 24-port GE electrical interface board supports RJ45 electrical
interfaces, four of which use pluggable SFP optical transceivers and support the
four common distances of gigabit Ethernet networks, as shown in Table 7
Table 7
Port Type
Specifications
SX (SFP-M500)
LX (SFP-S10K)
LH (SFP-S40K)
LH (SFP-S80K)
LH (SFP-S120K)
10/100/1000BAS
E-TX
Indicator
There are 24 indicators on the panel of 24-port GE optical interface board. Each
user interface is corresponding to one indicator, and its features are as shown in
Table 8
19
Table 8
4.2.5.6
Indicators
Functions
LINK/ACT
Panel
Interface
24-port GE optical interface board uses pluggable SFP optical transceivers, with
each port supporting five common distances of gigabit Ethernet networks, as shown
in Table 9 .
Table 9
20
Port Type
Specifications
SX (SFP-M500)
LX (SFP-S10K)
LH (SFP-S40K)
Port Type
Specifications
LH (SFP-S80K)
LH (SFP-S120K)
10/100/1000BAS
E-TX
Indicator
There are 48 indicators on the panel of 24-port GE optical interface board. Each
user interface is corresponding to two indicators, and their features are as shown in
Table 10 .
Table 10
4.2.5.7
Indicators
Functions
LINK
ACT
Panel
Interface
21
48-port GE electrical interface board supports RJ45 port, and its features are as
shown in Table 11
Table 11
Port Type
Specifications
10/100/1000BAS
E-TX
Indicator
There are 48 indicators on the panel of 48-port GE electrical interface board. Each
user interface is corresponding to one indicator, and their features are as shown in
Table 12
Table 12
4.2.5.8
Indicators
Functions
LINK/ACT
Panel
Interface
48-port GE optical interface board uses pluggable SFP optical transceivers, with
each port supporting five common distances of gigabit Ethernet networks, as shown
in Table 13 .
22
Table 13
Port Type
Specifications
SX (SFP-M500)
LX (SFP-S10K)
LH (SFP-S40K)
LH (SFP-S80K)
LH (SFP-S120K)
Indicator
There are 48 indicators on the panel of 48-port GE optical interface board. Each
user interface is corresponding to one indicator, and their features are as shown in
Table 14 .
Table 14
4.2.5.9
Indicators
Functions
LINK/ACT
23
Panel
Figure 24 24-port GE Electrical +2-port 10G optical Ethernet Interface Board Panel
Interface
24-port GE Electrical Interface+ 2-port 10G optical Ethernet Interface Board
supports RJ45 electrical interface. And it uses 4 pluggable SFP optical transceivers
and 2 swappable XFP 10G optical interfaces , with each port supporting three
common distances of gigabit Ethernet networks, as shown in Table 15 and 0
Table 15 Specifications of the gigabit interfaces of the 24-port GE Electrical Interface+ 2-port
10G optical Ethernet Interface Board
24
Port Type
Specifications
SX (SFP-M500)
LX (SFP-S10K)
LH (SFP-S40K)
LH (SFP-S80K)
LH (SFP-S120K)
10/100/1000BAS
E-TX
Table 16 Specifications of the 10G interfaces of the 24-port GE Electrical Interface+ 2-port 10G
optical Ethernet Interface Board
Port Type
Specifications
SX (XFP-M300)
LR (XFP-S10K)
LH (XFP-S40K)
Indicator
There are 32 indicators on the panel of 24-port GE Electrical Interface+ 2-port 10G
optical Ethernet Interface Board. Each Gigabit interface is corresponding to one
indicator, and each 10G interface is corresponding to 2 indicators. Their functions
are as shown in Table 17
Table 17
Board
4.2.5.10
Indicators
Functions
LINK/ACT
LINK
ACT
Panel
25
Figure 25 24-port GE Optical interface +2-port 10G optical Ethernet Interface Board
Interface
24-port GE Optical Interface+2-port 10G optical Ethernet Interface Board supports
G and 10G optical interfaces, It can support five common distances of gigabit
Ethernet networks and three common distances of 10G Ethernet interfaces. At the
same time, 4 gigabit interfaces adopt RJ45 electrical interfaces. Their features are
as shown in Table 18 and Table 19
Table 18 Specifications of the gigabit interfaces of the 24-port GE Optical Interface+ 2-port 10G
optical Ethernet Interface Board
Port Type
Specifications
SX (SFP-M500)
LX (SFP-S10K)
LH (SFP-S40K)
LH (SFP-S80K)
LH (SFP-S120K)
10/100/1000BAS
E-TX
26
Port Type
Specifications
SX (XFP-M300)
Port Type
Specifications
LR (XFP-S10K)
LH (XFP-S40K)
Indicator
There are 36 indicators on the panel of 24-port GE Optical Interface+ 2-port 10G
Optical Ethernet Interface Board. Each Gigabit interface is corresponding to one
indicator, each Gigabit RJ45 interface is corresponding to 2 indicators, and each
10G interface is corresponding to 2 indicators. Their functions are as shown in
Table 20
Table 20 Functions of the Indicators on 24-port GE Optical Interface+ 2-port 10G Optical
Ethernet Interface Board
4.2.5.11
Indicators
Functions
LINK/ACT
LINK
ACT
Panel
Interface
27
The 2-port 10G Ethernet optical interface board uses a hot-swappable XFP optical
transceiver, which supports multiple transmission distance requirements, as shown
in Table 21
Table 21
Port Type
Specifications
SX (XFP-M300)
LR (XFP-S10K)
LH (XFP-S40K)
Indicator
There are 4 indicators on the panel of 2-port 10G Ethernet Optical interface board.
Their functions are as shown in Table 22
Table 22
4.2.5.12
Indicators
Functions
LINK
ACT
Panel
28
Interface
4-port 10G Ethernet optical interface board uses a hot-swappable XFP optical
transceiver, which supports multiple transmission distance requirements, as shown
in Table 23 .
Table 23
Port Type
Specifications
SX (XFP-M300)
LR (XFP-S10K)
LH (XFP-S40K)
Indicator
There are 8 indicators on the panel of 4-port 10G Ethernet Optical interface board.
Each interface is corresponding to two indicators. Their functions are as shown in
Table 24
Table 24
4.2.5.13
Indicators
Functions
LINK
ACT
Panel
29
Indicator
8-port 10G Ethernet optical interface board uses a hot-swappable XFP optical
transceiver, which supports multiple transmission distance requirements, as shown
in Table 25
Table 25
Port Type
Specifications
SX (XFP-M300)
LR (XFP-S10K)
LH (XFP-S40K)
Indicator
There are 16 indicators on the panel of 8-port 10G Ethernet Optical interface board.
Each interface is corresponding to two indicators. Their functions are as shown in
Table 26
Table 26
4.2.5.14
Indicators
Functions
LINK
ACT
30
Panel
Interface
24-port GE MPLS optical interface board uses pluggable SFP optical transceivers,
with each port supporting many common distances of gigabit Ethernet networks.
Table 27
Port Type
Specifications
SX (SFP-M500)
LX (SFP-S10K)
LH (SFP-S40K)
LH (SFP-S80K)
LH (SFP-S120K)
Indicator
There are 48 indicators on the panel of 24-port GE MPLS optical interface board.
Each user interface is corresponding to two indicators, and their features are as
shown.
Table 28
Indicators
Functions
LINK/ACK
31
4.2.5.15
Panel
Interface
48-port GE MPLS electrical interface board supports RJ45 port, and its features are
as shown
Table 29
Port Type
Specifications
10/100/1000BAS
E-TX
Indicator
There are 48 indicators on the panel of 48-port GE mpls electrical interface board.
Each user interface is corresponding to one indicator, and their features are as
shown in Table 12
Table 30
32
Indicators
Functions
LINK/ACT
4.2.5.16
Panel
Interface
48-port GE MPLS optical interface board uses pluggable SFP optical transceivers,
with each port supporting five common distances of gigabit Ethernet networks.
Table 31
Port Type
Specifications
SX (SFP-M500)
LX (SFP-S10K)
LH (SFP-S40K)
LH (SFP-S80K)
LH (SFP-S120K)
33
Indicator
There are 48 indicators on the panel of 48-port GE optical interface board. Each
user interface is corresponding to one indicator, and their features are as shown in
Table 32 .
Table 32
4.2.5.17
Indicators
Functions
LINK/ACT
24-Port GE Optical Port + 2-Port 10G MPLS Optical Ethernet Interface Board
24-Port GE Optical Port+2-Port 10G MPLS Optical Ethernet Interface Board provides 24
GE electrical interfaces, where twelve of then also support optical/electrical adaptive
Ethernet interfaces. In addition, 2-10G Ethernet XFP optical interfaces are provided.
This board support MPLS function, large table such as 512K MAC address .Packets
received from the GE and 10GE interfaces get to PP through PHY, and they are
forwarded by PP according to their MAC addresses, IP addresses and MPLS label. If
the destination port is in the existing board, PP directly forwards the packets to the port.
If the destination port is not in the existing board, it forwards the packets to the uplink
interface of the existing board. After being switched on the main control board, the
packets are forwarded to the port on the target board. All the operations are performed
at wire speed.
Panel
Figure 32 24-port GE Optical interface +2-port 10G MPLS optical Ethernet Interface Board
Interface
24-port GE Optical Interface+ 2-port 10G MPLS optical Ethernet Interface Board
supports G and 10G optical interfaces. It can support five common distances of
gigabit Ethernet networks and three common distances of 10G Ethernet interfaces.
At the same time, Twelve gigabit interfaces adopt RJ45 electrical interfaces.
34
Table 33 Specifications o the gigabit interfaces of the 24-port GE Optical Interface+ 2-port 10G
MPLS optical Ethernet Interface Board
Port Type
Specifications
SX (SFP-M500)
LX (SFP-S10K)
LH (SFP-S40K)
LH (SFP-S80K)
LH (SFP-S120K)
10/100/1000BAS
E-TX
the 24-port GE
Port Type
Specifications
SX (XFP-M300)
LR (XFP-S10K)
LH (XFP-S40K)
Indicator
There are 36 indicators on the panel of 24-port GE Optical Interface+ 2-port 10G
Optical Ethernet Interface Board. Each Gigabit interface is corresponding to one
indicator, each Gigabit RJ45 interface is corresponding to 2 indicators, and each
10G interface is corresponding to 2 indicators. Their functions are as shown in
Table 20
35
Table 35 Functions of the Indicators on 24-port GE Optical Interface+ 2-port 10G Optical
Ethernet Interface Board
4.2.5.18
Indicators
Functions
LINK/ACT
LINK
ACT
Panel
Interface
4-port 10G MPLS Ethernet optical interface board uses a hot-swappable XFP
optical transceiver, which supports multiple transmission distance requirements.
Table 36
36
Port Type
Specifications
SX (XFP-M300)
LR (XFP-S10K)
LH (XFP-S40K)
Indicator
There are 8 indicators on the panel of 4-port 10G Ethernet Optical interface board.
Each interface is corresponding to two indicators.
Table 37
4.2.5.19
Functions of the Indicators on 4-port 10G MPLS Ethernet optical interface board
Indicators
Functions
LINK
ACT
Panel
Interface
24-port GE OAM optical interface board uses pluggable SFP optical transceivers,
with each port supporting many common distances of gigabit Ethernet networks.
Table 38
Port Type
Specifications
SX (SFP-M500)
LX (SFP-S10K)
37
Port Type
Specifications
LH (SFP-S40K)
LH (SFP-S80K)
LH (SFP-S120K)
Indicator
There are 48 indicators on the panel of 24-port GE OAM optical interface board.
Each user interface is corresponding to two indicators, and their features are as
shown.
Table 39
4.2.5.20
Indicators
Functions
LINK/ACK
38
Panel
Interface
DPI board supports RJ45 port, and its features are as shown in Table 40 .
Table 40
Port Type
Specifications
10/100/1000BAS
E-TX
Indicator
There are 2 indicators on the panel of DPI board, and its features are as shown in
Table 41
Table 41
4.2.5.21
Indicators
Functions
LINK
ACT
Firewall board
FW (Firewall) board has a console panel port. User can connect PC serial port to the
console port by cable. Data flow that comes in the switch is redirected to FW board via
configuration, and FW communicates with CPU of the main control board. FW board
collects SysLog, statistical information, management information, and reports to the
network management or policy server. Main control board also regularly detect FW
board is working correctly, when the FW board does not work, the main control board
will redirect data stream to the normal forwarding port to ensure uninterrupted operations,
improve equipment reliability. FW board can be placed on any line card slot, and support
load-sharing of multiple FW boards. FW board can provide an external attack prevention,
anti-virus, bandwidth control, application-layer filtering capabilities to ensure network
security.
Panel
39
Interface
FW board supports RJ45 port, and its features are as shown in Table 42 .
Table 42
Port Type
Specifications
10/100/1000BAS
E-TX
Indicator
There are 2 indicators on the panel of FW board, and its features are as shown.
Table 43
Indicators
Functions
LINK
ACT
4.3
Software Architecture
4.3.1
40
Users can carry out Ethernet switch network management via serial port terminal,
Telnet, SNMP Manager, including network configuration management, failure
management, performance management, and security management.
The software can be upgraded smoothly. The active and standby protocol
processor cards as well as switching network card can be online upgraded.
As per system functions, the system software can be divided into the following five
subsystems.
4.3.1.1
Operation Support Subsystem, including BSP, ROS, SSP and VxWorks kernel.
41
O p e ra tio n S u p p o rt S u b s y s te m
P ro cess
c o m m u n ic a tio n
T im e r
m anagem ent
P ro cess
s c h e d u lin g
M e m o ry
m anagem ent
S y ste m c o n tro l
V e rs io n lo a d
S y ste m s u p p o rt
V x W o rk s s y s te m k e rn e l
BSP
SSP
H ard w are
4.3.1.2
MUX Subsystem
The MUX Subsystem implements the exchange between the driver and upper layer
software, and monitors and surveys the switchover chip and the software table of the
micro-code. This subsystem is to distribute, monitor and survey the data. Once the MUX
layer receives packets from the driver module, it distributes the packets by their types
according to the ETHER TYPES field in the MAC frame. The distribution also
encapsulates the delivery function of the driver for the upper layer modules to invoke.
When the upper layer modules send packets or protocol packets, they need to invoke
the delivery function of the MUX. The monitor and statistical function is to provide
statistics on the status of the drive layer, physical layer and the MUX layer, to monitor
the access to the register and sniff of packets, and to provide interface functions for the
OAM modules.
4.3.1.3
L2 Subsystem
It is to implement configuration management for the link layer (management layer), L2
protocol process (control layer), and data forwarding (data layer or the service layer).
The functional modules are illustrated as follows:
42
L2 Protocol Module
L2
Management Module
STP
LACP
GVRP
IGMP
Snooping
Port
Parameters
MAC
VLAN
Port Mirror
4.3.1.4
L3 Subsystem
Based on its software layers, this subsystem can be categorized into service control
layer and data forwarding layer. The service control layer contains the TCP/IP protocol
stack and IP forwarding support subsystem. The TCP/IP protocol stack consists of the
support protocol and the routing protocol. The support protocol implements the basic
protocols in the Ipv4 protocol family, provides services for the dynamic routing protocols,
and acts as the carrier of the network management and system supervision. As the
service provider of the upper layer application entities of the routing system, it is made
up of IP, ARP, ICMP, IGMP, TCP, UDP and Telnet protocol entities. The routing protocol
is to produce dynamic routes for unicast protocols like RIP, OSPF or BGP, and multicast
protocols like IGMP, PIM-SM, MSDP or MBGP. The routing protocol also contains LDP,
VRRP, and RSVP related upper layer protocols. The IP forwarding support subsystem
functions to add, delete, modify the forwarding table and associated policies, to create
and maintain indices, to propagate and synchronize the forwarding table, and to
exchange data between the CPU and the switch chip. The IP forwarding layer is to input,
forward and output the data in accordance with the policies, clauses and the routing
table produced at the IP service control layer.
43
System
Multicast System
Unicast System
VRRP
Routing Policies
Clauses
Policy Table
Output process
process
Forward
4.3.1.5
Input process
Forwarding Table
4.3.2
4.3.2.1
and
The
and
the
Ethernet-II, IEEE802.2, IEEE802.3, and IEEE802.1Q are supported over the Ethernet
interfaces.
4.3.2.2
4.3.2.3
44
4.3.2.4
Support IGMP, DVMRP, PIM-SM, PIM-DM and MSDP multicast routing protocols.
Functional Module
As Figure 40 shows, to implement protocols of layers previously mentioned, the software
architecture is divided as per functional modules.
4.3.3
ROS
The operating system ROS is a single-processor, multi-task, real-time operating system.
It is the core for software architecture of the routing switch. It is responsible to manage
the hardware architecture of the entire routing switch, providing a uniform operation
platform for the applications of the software system. Based on the VxWorks kernel,
single-processor based process scheduling, process synchronization, memory
45
4.3.4
Lower layer I/O operations, including direct and indirect read & write to the registry
and the memory
Initialization
DMA operations, packet exchange between the CPU and the exchange chip
Port operation, including port configuration, port mirror, port trunk, port rate shaping,
BC/MC/DLF rate restriction and port block.
L2 MAC table operations, including the addition, deletion, update and aging of the
MAC table
L3 Routing operations, including the setting and deletion of the precise matching
forwarding table, and the addition and deletion of the longest prefix matching table
LED Operations
MIB statistics
The forwarding core of the Ethernet routing switch is Ethernet ASIC chip, through which
the Layers 2 and 3 services, ACL and QoS functions of ZXR10 8900 series switches are
all implemented after the right configurations. The SSP switching subsystem ensures
accurate and sensible forwarding by configuring the chip attributes in the right way,
which is key to the software of ZXR10 8900 series switches.
46
4.3.5
4.3.6
4.3.7
4.3.7.1
MAC address binding: Bind a specific MAC address to the port of the switch. The
binding disables further dynamic address learning of the MAC address to limit the
physical location of the user and to protect important MAC addresses.
MAC address filter: The switch will discard the packet with its destination or source
MAC address a given MAC address to filter out some unwelcome users.
47
4.3.7.2
MAC address number limit: Restrict the number of the MAC addresses of some
ports to control the number of users. It is also for protection to prevent thorough
resource consumption when the ports have suffered from DOS attacks.
MAC address freezing: In a stable network, freeze some important physical ports,
such as the address of the uplink port, to prevent network interruption by
counterfeiting MAC addresses.
4.3.7.3
QinQ Module
QinQ, multi-layer VLAN tag stacking, is an intuitional name for the tunnel protocol
encapsulated with 802.1 Q. The core idea is to encapsulate the VLAN tag of the private
network to the public VLAN tag. The packet traverses the backbone network with dual
tags, thus providing a simpler L2 VPN tunnel for users. The QinQ protocol is simple and
easy to manage. It needs no support of the protocol packet. A static configuration settles
all, therefore, it is especially useful for the convergence layer switches. They can
effectively extend the number of VLANs in the MAN with the support of the QinQ
technology.
Now the IEEE is focusing on the specifications for the VLAN stacking, 802.1ad-Provider
Bridge. The external VLAN is defined as Service VLAN - SVLAN. These are still at the
draft stage.
48
The QinQ functional module in the 89 series software system just configures QinQ
statically before configuring the chip. There are two types of VLANs in the context of
QinQ:
SVLAN (Service VLAN): VLANs defined over the backbone network.
CVLAN (Customers VLAN): User-defined VLANs.
The software QinQ functional module provides an attribute in the VLAN table to identify
this VLAN a SVLAN or CVLAN. The associated QinQ function for the chip can be set
through the lower layer driving interface function.
4.3.7.4
PVLAN Module
When all servers are in the same subnet, and they can only communicate with their
default gateways, this new VLAN feature is of private VLAN. In the context of private
VLAN, the switch port can be isolated port, Community port or Promiscuous port. Each
of them corresponds to a VLAN type: The Isolated port is subject to the Isolated PVLAN,
and the Community port to Community PVLAN. The Primary VLAN represents a Private
VLAN. The Isolated and the Community VLANs can be bind together, so can the
Promiscuous port. In an Isolated PVLAN, the isolated port can only communicate with
the Promiscuous port with no exchange of stream. In a Community PVLAN, the
Community port can either communicate or exchange steams with the Promiscuous port.
The Promiscuous port can be connected to the router or L3 switch. It can forward its
received traffic stream to either isolated port or the Community port.
The application of PVLAN is effective to ensure the security of the communication of the
access network. Users only need to attach to their default gateways. A single PVLAN
provides secure connections as the L2 does with no multiple VLANs and IP subnets. All
users are accessed to the PVLAN to connect to the default gateway with no access to
any other user within the PVLAN. The PVLAN ensures no communication between ports
of the same VLAN, but is capable of trunk port penetration. In this way, users within the
same VLAN will not affected by the broadcast.
The PVLAN does not need the support of the protocol packet.
4.3.7.5
49
4.3.7.6
4.3.7.7
Preventing the broadcast storm of LAN caused by the network loop, and providing a
backup redundancy path.
Detecting the change of the topology structure and configuring a new spanning tree
topology according to this change.
The STP algorithm executed on the switch in a subnet will help to form a dynamic
topology of a spanning tree, which can ensure that no loop exists between any two
workstations within an LAN to prevent the broadcast storm from occurring. This
algorithm can monitor the change of the topology structure and help to establish a new
spanning tree according to its change. It can offer the switch a certain error tolerance
capability to reconfigure the topology structure of the spanning tree. Then the switch will
monitor and update the MAC route table according to the status of the dynamic topology
structure of the spanning tree to finally implement the routing on the MAC layer.
The purpose of spanning tree algorithm is to let the switch dynamically find a loop-free
subset (tree) with the topological structure and ensure an adequate connectivity. In this
way, if two LANs have the physical connection, the corresponding spanning tree path is
generated. Every line patterns including nodes or connecting nodes has one spanning
tree, which guarantees the destination connectivity and that no cycling is generated.
Therefore, the spanning tree algorithm and protocol can prevent the network cycling
issues occurring in any dynamic topology structure and remove the loop between two
working stations.
The multiple spanning tree protocol (MSTP) defined by IEEE802.1s is compatible with
the RSTP protocol defined in IEEE802.1w and the common STP protocol defined in
IEEE802.1D, therefore only the multiple spanning tree protocol (MSTP) needs to be
implemented by the STP software module. The RSTP or STP can be enabled forcibly
when enabling the MSTP protocol, so the combination using of STP and RSTP can be
50
supported. The functions of enabling STP on the aggregation link and on the port are
supported.
The ZXR10 8900 series support STP, RSTP, MSTP as well as the hybrid networking of
these three.
4.3.7.8
4.3.7.9
4.3.7.10
51
4.3.7.11
802.1X Module
802.1X, a Client/Server-based access control and authentication protocol, authorizes
users to access the system services via this port by giving them authentication so that
the unauthorized data transmission between users and services provided by the system
are inhibited. With the 802.1X access control, only the EAPOL frame is firstly allowed to
pass the port, and other data can pass this port only after being authenticated.
With 802.1X, of the access nodes of the authenticator system to LAN, two logical ports
are generated: controlled port and uncontrolled port. The uncontrolled port can
exchange PDU with other systems freely no matter whether the port is authorized or not,
while the controlled port exchanges PDU with other systems only when the port is
authorized. PAE is the entity of algorithm and protocol related to the authentication
mechanism. PAE of the requester is responsible for giving response to the request from
the PAE of the authenticator by providing the authentication messages. PAE of the
authenticator is to communicate with that of the requester and submit the messages
received from the PAE of the requester to the authentication server. Then the
authentication server will verify these messages to determine whether authorize the
requester to access the authenticator. PAE of the authenticator controls the port
authorization according to the authentication result. PAE of the authenticator exchanges
its EAPOL protocol with that of the requester via the uncontrolled port and
communicates with the RADIUS authentication server with EAPOR.
This 802.1X module functions to:
4.3.7.12
Supporting the PAE of the authenticator to exchange protocols with that of the
requester via an uncontrolled port.
ZESR Module
Basic Principles
ZESR is Ethernet ring technology based on EAPS (RFC3619) protocol. ZESR
allows network administrator to create Ethernet rings in a way similar to FDDI (Fiber
Distributed Data Interface) or SONET/SDH rings. ZESR can recover from any link
52
or node faults in less than 50 milliseconds. The specific recovery time is related to
the nodes number on the ring.
Working Mechanism
ZESR uses three mechanisms of link-down alarm, ring detection and ring recovery
to maintain the protocol.
53
4.3.7.13
Ring recovery: when there is link-down on the ring, the master equipment still
send diagnosis regularly from master port, but the slave port cant receive them.
After the recovery, the next diagnosis frame will be received by the slave port
of the master equipment, who will know the ring has been fully recovered. Thus
the master equipment will again set its slave port as blocking state, refresh its
L2 table, and send an announcement frame asking the slave equipments to
refresh their own L2 tables. However, since diagnosis frames are only sent in a
regular period, the master equipment wont receive them immediately when
slave equipments detect its recovery. Therefore, unless certain measures are
taken, this will cause the slave port of master equipment to be in non-blocking
state for a period, which will leads to temporary loop in topology, which may
cause broadcast storm. To avoid this, the slave equipment will immediately
configure its port as blocking state upon the moment of its recovery. Hereafter
when the slave equipment receives the announcement frame sent by master
equipment asking it to refresh its L2 table, it knows the master equipment has
already blocked its slave port. Then the slave equipment refreshes its L2 table
and un-blocks its recovered port. Till now, the ring comes back to its normal
working state.
PBT Module
54
Scalability
The impendent user and carrier networks introduced by PBT eliminate the
restriction of the range of traditional 4096 VLAN. Carriers backbone network can be
as large as 16M. All the services are transferred through tunnel safely, and
forwarded based upon destination address via B-DA+B-VID 60bit addressing.
Therefore, endless tunnel can be provided.
PBT encapsulate user frame at the edge of network. User message and address at
the backbone side are transparent. At the same time, as user does not know carrier
backbone MAC address, pseudo wire is used at network edge for encapsulation
mapping. PBT solves the security and extension problem of traditional Ethernet.
For the protection based upon PBT one-way tunnel inspection, BEB1 sends
CCM message in Master Trunk on a regular basis.
When the link is found broken down, (CCM message lost or received
RDI(Remote Defect Indication)), the service will be switched over to the
standby link, for example, on inspecting fault when BEB2 receiving CCM
55
QoS Guarantee
PBT supports hardware-based QoS. Many QoS services including flow
classification, speed limitation, speed shaping, congestion control, queue
scheduling, and 2R3C services can still be deployed via PBT technology. Map
service classification, speed limitation and priority required by user on PBT
UNI(User-Network-Interface). I-TAG and B-TAG 802.1P are used to mark the
priorities of the services. Make PCP(Priority Code Point)according to 802.1ad,
802.1P and 802.1ah I-TAG. Use DE (Drop Eligible) of 802.1p to classify services.
For instance, 5P3D classifies users into 5 levels, 3 types of Des are used to mark
one-level yellow and red services. As Figure 44 shows:
4.3.8
56
VRRP
By offering a set of detection and election mechanism, the VRRP fulfills the route
backup function during a multi-access LAN. It mainly backs up the gateway
equipment in the LAN to maintain the network systems continuous service of the
access hosts. In other words, it backs ups the next hop equipment of the access
hosts. The simple detection and election mechanism provided by VRRP enables a
rapid backup switchover in case of equipment fault in 3~5 seconds, which can meet
the requirements of service continuity and has no special requirements for the
access host.
Due to the limitation of the VRRP working mechanism, all cooperating equipments
in one VRRP backup group must be in the same VLAN that does not need to span
a network bridge. Similarly, in the common VLAN networking, the equipments in a
57
backup group must be in the same VLAN but multiple VRRP backup groups can
exist in one VLAN.
4.3.9
OSPFmodule
BGPmodule
RIPmodule
IS-ISmodule
4.3.9.1
RIP
RIP protocol is implemented based on the vector distance routing algorithm of the local
network. The RIP protocol exchanges RIP routing information through UDP packets,
which contain the protocol packets to send. The routing information in the RIP packets
includes the number of the routers on the route (the number of hops). The routers
determine the route to each destination network according to the number of hops. As
stipulated by the RFC, the count of hops should be no more than 16. Therefore, the RIP
is suitable to be used as the internal gateway of a small Autonomous System (AS).
RIP protocol of the ZXR10 8900 series switches performs the following functions:
58
Supports RIPV1/V2 and supports plain text authentication and MD5 authentication,
Supports reallocation of routes
Creates route loops and expedites route convergence, and updates the technology
with horizontal splitting and triggering
4.3.9.2
OSPF Protocol
As an internal gateway protocol (IGP) developed by IFTF, the OSPF is based on the link
status and the Shortest Path First (SPF) algorithm. The OSPF can converge the routing
table in a very short period, and avoid loops, a capability extremely important for mesh
networks or LANs connected with multiple bridges. In every device that runs OSPF, a
unified database is maintained to describe the topology of the autonomous system. This
database is composed of the local status information of each device, for example,
available interface and neighbor of the device, status of the network connected with the
device, and external route connected with the autonomous system. The OSPF uses the
link status algorithm to calculate the shortest paths from each area to all the destinations.
When one device first starts to work or any route changes, this device helps the device
that runs OSPF to disperse the LSAs to all the devices in the area of the same level.
These LSAs contain the link status of this equipment and its association information with
its neighbors. The information collected from these LSA forms the link status database.
In this area, each of all the devices has a particular database to describe the topology of
the area.
The OSPF protocol of the ZXR10 8900 perform the following functions:
Using the Dijiksra algorithm in route calculation so that the system can follow the
network topology change automatically and rapidly
Supporting the display and configuration commands from the primary console,
supports the commands, display and MIB variables related to SNMP
Controlling
mapping
59
4.3.9.3
IS-IS Protocol
The Intermediate System-to-Intermediate System (IS-IS) routing protocol is an
expression of the OSI model of the router, and it is used for IP networks based on
TCP/IP. The IS-IS is easy to expand, and it is mainly IPv6. The IS-IS system consists of
two layers: Backbone layer (L2) and area layer (L1). One router can only belong to one
area. The Ll router only knows the topology in its area, and all the traffics bound for
other areas are sent to the nearest L2 router. The L2 routers must form a backbone,
similar to the backbone area o of OSPF.
The IS-IS protocol of the ZXR10 8900 have the following characteristics:
4.3.9.4
BGP Protocol
The BGP is an external gateway protocol. Its basic function is to exchange loop-less
routing information between autonomous systems. The information exchanged by the
BGP carries a great variety of attributes which can be used to construct the topology of
the autonomous system and to implement AS based routing strategy. Its path reachability information with the AS serial No. can be used to eliminate route loop. As a
collection of routers and terminal sites, the ASs are under the same management and
control domain and are deemed as single entities and they control the expansion of the
routing table by classless inter-domain route selection of the BGP. The BGP-4 also
introduces a mechanism to support route aggregation, including the aggregation of the
AS paths. The BGP is designed to provide a structured view of the Internet through AS.
By dividing the Internet into multiple ASs, a large network is created with many smaller
but more easily manageable networks. In these smaller networks known as ASs, their
own rules and management strategies can be used.
The BGP protocol of the ZXR10 8900 have the following features:
60
Supporting
Supporting MP-BGP
4.3.10
4.3.11
4.3.11.1
61
IP routing processing
LSR
LSR
LDP
Ingress
LER
LDP
In
Egress
LER
Out
In
Out
In
Out
In
Out
As shown in Figure 47, the MPLS header contains 2-bit labels, 3-bit EXP (presently it is
CoS), 1-bit S used to identify whether this label is at the lowest bottom layer and 8-bit
TTL-Time to Live.
62
Supporting decreasing of TTL value, loop detection, strategy management and the
popping up of the second hop counted from back.
Supporting the downstream autonomous label distribution mode and free label
holding mode.
63
4.3.11.2
Supporting the rapid rerouting as well as the establishment of CR-LSP and RSVPLSP.
MPLS L3 VPN
As shown in Figure 48, a basic BGP/MPLS VPN network is composed of CE router, PE
router and P router. CE, as the edge equipment of client, refers to the routers or
switches connected to the network of carriers. The VPN function is provided by the PE
router, while the P router and the CE router have no special requirement for VPN
configuration.
To isolate route of one VPN from those of the public internet or other VPNs, the PE
router provides an isolated virtual routing forwarding (VRF) function to every VPN and
generates a VRF table for every VPN connected with a CE router. Clients or sites in this
VPN can only access the VRF table in this VPN.
During the BGP/MPLS VPN network construction, MP-BGP must be run on every PE
router (MP-BGP must be run between PE routers in MPLS VPN) for the learning and
announcing of VPN routes between PEs. MP-BGP inherits the feature of BGP that the
BGP routes are announced by the mode of full connection between peers running IGMP
within a same route domain. In the case that there is a large number of PEs, severe n
exponential issues and extendibility problem will come out. To avoid these problems,
route reflector can be used.
For the two sites in different ASs in a same VPN, the corresponding PE router will
forward the VPN-IPv4 routes through the EBGP connection rather than through the
IBGP. The specific methods include: back-to-back VRF method, distributing labeled
VPN-Ipv4 routes from one autonomous system to another and distributing the VPN-Ipv4
routes with Multi-hop EBGP.
ZXR10 8900 series switches support perfect MPLS L3 VPN function, address
overlapping, accesses of CE static route, RIP, OSPF and BGP, BGP extension attribute,
ability negotiation and route refresh and VRF binding on interface and in VLAN.
64
4.3.11.3
The most direct way to build L2 VPN is to build VC connection between CE and PE.
Carriers network MPLS LSP carries these connections respectively as shown in Figure
49. MPLS TE (Traffic Engineering) can also be applied to satisfy users QoS
requirements. In this solution, it is heavy workload to configure PVC between CE and PE
and MPLS LSP for bearing. Large quantity of LSP will occupy much resources of LSR
and reduce network scalability. To solve the scalability problem, Martini proposes to
establish fixed number of MPLS LSP between PE and network equipment. When VC
bearing service between user CE and PE needs to go through the network, it will enter
point-to-point sub-tunnel (i.e. pseudo-wire) in MPLSLSP. Then this LSP could be taken
as bearing channel for multiple VC. This is similar to the relationship between VC path
and VP channel in ATM. The related IETF draft defines encapsulation format for
signaling applied to build sub-tunnel and ATM, FR, and Ethernet data packets forwarded
via sub-tunnel. Although this way saves part of network resources (such as LSP
quantity), all the sub-tunnels need to be built manually when MPLS VPN is created in
large scale. Thus the configuration workload is heavy.
Virtual Private LAN Service (VPLS) is a kind of VPN which can handle multi-site link in
single bridging domain on IP/MPLS network managed by carriers. No matter where the
user sites in VPLS locate, they are considered to be in one LAN. VPLS connects with
users via Ethernet interface, which simplifies LAN/WAN border and enables the service
to be quickly and flexibly provided. In this case users take full control over routing. In
addition, since all of users routers in VPLS are part of the same subnet (LAN), a
simplified IP address solution comes into being. The advantage is especially obvious
65
compared with full mesh architecture composed of different point-to-point links. Carriers
can also benefit from low VPLS service management complexity.
As shown in Figure 50, CE1, CE2 and CE3 are in one VPLS domain VPLS A. They are
connected via a packet switching network (here is MPLS network). Each PE is equipped
with VPLS feature. Full meshed VC connection is built up between PE. If CE1 and CE3
want to communicate with each other, CE1 need to learn MAC address of CE3 first
based on data traffic. Meanwhile, PE1 requires that packets going to PE3 have two
labels. One is outer packet switching label, which is MPLS network here and the other is
inner VC label. When PE1 receives MAC frames with destination of CE3, PE detects the
inner and outer labels of packets arrive at
PE3 based on MAC address and other
information adds the labels to the data frames and transmits them on MPLS network.
Only inner label is left when data packets arrive at PE3. PE3 obtains the connecting port
of PE3 connecting to CE3 based on inner label and MAC address, and sends packets
via the port. The data arrives at CE3 so that communication between CE1 and CE3 is
accomplished. Here all operations are implemented based on L2. Carriers dont need to
care about routing configuration of users so that dependence of users on carriers is
reduced, and user service management by carriers is simplified as well.
ZXR10 8900 series support VPWS in Martini draft, and extended LDP. 8900 series can
build up different LSP channels based on service type. They support Ethernet
encapsulation and VLAN encapsulation. And they also support extended VPLS based
on LDP.
4.3.11.4
MPLS FRR
MPLS TE Fast Reroute is a mechanism used for link protection and node protection in
MPLS TE. When LSP link or node failure occurs, the node where failure occurs is
protected. In this way traffic is permitted to go through tunnel of protection link or node
so that data transmission will not be interrupted. At the same time head node can
continue to initiate main path reconstruction without data transmission being affected.
The basic principle of MPLS TE Fast Reroute is to protect one or multiple LSP by a LSP
established before hand, which is called fast reroute LSP. The protected LSP is called
66
main LSP. The ultimate aim of MPLS TE fast reroute is to protect main path by using
fast reroute tunnel to bypass the link or node with failure.
Fast reroute LSP and main LSP establishment involves every component of MPLS TE
system.
MPLS TE fast reroute is based on RSVP TE implementation and conforms to RFC4090
protocol.
There are two ways to implement fast reroute:
One-to-one Backup: establish one backup protective LSP for a main LSP. The
backup LSP is called Detour LSP.
Facility way is often adopted in MPLS TE FRR deployment. Establishment of main LSP
is the same with that of common LSP. RSVP sends PATH message to downstream from
the head node hop-by-hop. RSVP distributes labels when processing RESV message,
reserve resources and establish LSP. Bypass Tunnel could be established in two ways:
manual and automatic.
Bypass Tunnel could be manually configured to protect physical interface of the tunnel
when main LSP FRR is not configured with FRR. Manual Bypass Tunnel establishment
is triggered by PLR manual configuration. It is basically the same with that of common
LSP with the difference that it cannot configure fast reroute attribute. That is to say,
Bypass Tunnel couldnt act as main LSP at the same time. And LSP couldnt be
protected in nested way.
Automatic Bypass Tunnel simplifies manual configuration. When main LSP needs
protection from FRR, PLR can select or automatically create a Bypass Tunnel to protect
the main LSP.
Fast Reroute can implement link protection or node protection. When Bypass Tunnel is
needed, the links or nodes need protecting should be planned and which to choose
between link protection and node protection should be decided. Node protection can
also protect the link between the nodes being protected and PLR nodes being protected.
Bypass Tunnel is usually idle without forwarding data packets. If Bypass Tunnel is
also required to take common data packets forwarding task besides protecting main
LSP, enough bandwidth should be configured.
When link or node failure occurs, data packets can be automatically switched to
protective link if FRR is configured at interface. When link or data recovers from the
failure, normal forwarding path will automatically reconstruct.
MPLS TE FRR usually needs to be deployed in MPLS TE network, which is determined
by the feature of MPLS TE itself. In pure IP network, when local failure occurs, packets
will be forwarded via other available routes to the same destination. This mechanism
alone can implement local failure protection quickly before route changes caused by
failure spreading to the whole network. In MPLS network without configuring TE, LDP
establishing LSP based on DU is often adopted. When local failure occurs, LDP initiates
LSP establishment to upstream nodes if there are other available routes. Since needs
67
related to TE such as bandwidth, priority and link attribute are not considered, the LSP is
of great possibility to be established successfully. Thus the failure and recovery cost a
little time. In MPLS network, head node CSPF calculates all routes in domain by routing
information. RSVP establishes LSP based on this path. When there is local failure in
network, the whole LSP needs to be rebuilt. CSPF cannot reckon out effective path
before route changes caused by failure spreading to the head node. Besides, local
failure may lead to reconstruction of multiple LSP in the network. In this way, during the
process of establishing LSP according to newly calculated path, problems probably
occur such as inadequate bandwidth. Therefore, compared with pure IP network and
MPLS network without TE deployment, MPLS TE network may need more time to
recover from local failure. So a backup LSP is established in MPLS TE network before
hand, FRR is started to fast switch services in case of network local failure.
4.3.12
Application sub-system
Application sub-system discussed here involves the upper three layers in OSI reference
model. It indicates FTP, TFTP, TELNET, DHCP and NAT application. The upper three
layers are application layers compared with the lower four, but actually they serve other
software sub-systems. FTP and TFTP mainly serve file systems of router itself. They can
implement related file duplication command of operation and maintenance sub-system.
FTP and TFTP both implement server and client function. Server side can support
connection with other client and various commands and file transmission function. Client
can enable its router system to communicate with host (router) with server functions, and
can implement transmission such as version file transmission.
TELNET mainly serve operation and maintenance sub-system, enabling router
maintenance staff to manage routers via TELNET. TELNET and FTP both receive and
send packets using primitive provided by lower layer TCP. TFTP receives and sends
packets using primitive provided by lower layer UDP.
4.3.13
DHCP
DHCP is IP address and other detailed configuration related information used in
integrated management network to reduce the complexity of address configuration
management. The client and server need to be in the same Broadcast Domain when
using DHCP service in the network. ZXR10 8900 series needs to provide DHCP
SERVER function if this method is adopted to build a network. In another application
case, the process for the client to obtain the address is transferred and implemented by
ZXR10 8900 if DHCP server and the client are not in the same Broadcast Domain.
Thats what is called DHCP trunk technically.
ZXR10 8900 switch series implement their in-built DHCP SERVER function through
DHCP protocol to allocate and manage DHCP CLIENT-end dynamic addresses.
Meanwhile they provide corresponding service management interface of DHCP CLIENT
for client management module in the system of target machine, they carry out
transparent interaction between DHCP CLIENT and DHCP SERVER through DHCP
RELAY AGENT extended options of DHCP protocol to accomplish the allocation and
management of DHCP CLIENT-end dynamic addresses and at the same time they
provide corresponding service management interface of DHCP CLIENT for client
management module in the system of target machine.
68
4.3.14
4.3.15
Security Subsystem
For protection from virus on the network, the ideal conditions would be that user-level
virus detection can be provided, so it is expected that the user can install patches and
anti-virus software. However, in many cases, users cannot accomplish this task, so the
switch is required to provide network-level virus detection and alarming.
In addition, the switch must enhance its protection against attacks from malicious users,
so as to avoid switch and network security breach. ZXR10 8900 support network-based
security protection mechanisms. Therefore, in our system, security detection function is
distributed among the modules, instead of providing a dedicated IDS module.
In ZXR10 8900 series, the security subsystem performs the following functions:
Detects viruses which may cause network traffic burst such as SQL worm, Red
Code, and Blaster etc., and generates corresponding alarm or closes the user
port.
MAC address flood protection, for which it limits the number of MAC addresses of
the ports
Route filtering
Disables ICMP redirection function and prevents the attackers from sending false
ICMP packets
69
4.3.16
4.3.17
SNMP Subsystem
The SNMP subsystem implements SNMP AGENT function, and supports all protocol
operations of SNMP agent specified in SNMP V1 /V2/V3.
The Management Information Library (MIB) is described by SMIv1 and SMIv2. The MIB
consists of the following parts:
The related software subsystems are integrated with the related sub-agent functions.
70
4.3.18
Monitoring Subsystem
The monitoring subsystem of ZXR10 8900 implement on-line detection of the state of
the boards and ports. The on-line detection for a board can be categorized into the
following processes based on the loop detection functions provided by different chips of
the board:
4.3.19
Loop detection for internal data bus: it is mainly adopted to detect if the connection
of internal data bus in the system is normal
Line self-loop: it is mainly adopted to detect if the data transmission of the line side
is going smoothly
IPv6 Subsystem
ZXR10 8900 series fully support IPv6, and supports IPv4, dual-stack operation and
conversion between IPv4 and IPv6.
Technical Specifications
Table 44
Description
Item
Basic
Functions
Number of
Slots
8912
8908
8905
8902
Backplane
bandwidth
2.88Tbps
1.92Tbps
1.2Tbps
480Gbps
Switching
capacity
1152Gbps
768Gbps
480Gbps
192Gbps
Packet
forwarding rate
857Mpps
571Mpps
357Mpps
143Mpps
Entries in the
routing table
512 K (layer 3)
Depth of the
MAC address
table
512 K (layer 2)
Total slots
14
10
Service slots
12
VLAN 4096,
71
Description
Item
8912
8908
8905
8902
Service features
QOS feature
Interface module
72
Description
Item
8912
8908
8905
8902
Power supply
Reliability
Physical
Parameters
Environmental
Requirements
Power supply
(AC)
Power Supply
(DC)
-57V~-40V
Maximum
power supply
(full load)
<1800W
MTBF
>200000 hours
MTTR
<30 minutes
Hotswappability
Main control
redundancy
backup
Power supply
redundancy
backup
Power supply
redundancy backup (AC
2+1, DC 1+1)
Power supply
redundancy backup (
AC 1+1, DC 1+1)
Dimensions
(WHD)
442mm
755mm
450mm
442mm
577mm
450mm
442mm
440mm
450mm
442mm
175mm
420mm
Weight
<65kg
<49kg
<38kg
<25kg
Operating
temperature
0~+40
<1200W
<720W
<288W
73
Description
Item
74
8912
8908
8905
Storage
temperature
-40~+70
Humidity
10%~90%, (non-condensing)
Earthquake
Anti-8 earthquake
8902
Networking
6.1
6.2
75
Figure 52 Medium and small scale MAN core layer networking application
6.3
76
Abbreviations
Full Characteristics
BGP
CoS
Class of Service
CVLAN
Customers VLAN
DHCP
GVRP
HPS
IGMP
IS-IS
LACP
LDP
LESR
LSR
MAC
MBGP
MIB
MPLS
MSDP
NAT
NP
Network Processor
OAM
OSPF
PIM-DM/SM
PP
Packet Processor
PPP
PVLAN
Private VLAN
QoS
Quality of Service
RIP
RSVP
SNMP
STP
SVLAN
Service VLAN
TCP
UDP
77
78
Abbreviations
Full Characteristics
uRPF
VLAN
VPWS
VRRP
WLAN
XDSL