Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
V1.0 2009/3/10 Liu Qiming YUANYUFENG Not open to the third party
WAN
V1.1 2010/11/03 ZHU HAIDONG Not open to the third party
YUNFEI
Liang
V1.2 2011-1-13 ZHU HAIDONG Not open to the third party
Yulong
TABLE OF CONTENTS
TABLE OF CONTENTS......................................................................................................... 2
FIGURES 5
TABLES 5
1 Overview ............................................................................................................ 8
3 Functionality .................................................................................................... 14
3.1 Routing Protocols............................................................................................... 14
3.1.1 Unicast Routing Protocols .................................................................................. 14
3.1.2 Multicast Routing Protocols ................................................................................ 17
3.2 QoS and Traffic Engineering .............................................................................. 18
3.2.1 Flow Classification and Queue Scheduling ........................................................ 18
3.2.2 Traffic Engineering ............................................................................................. 22
3.2.3 Implementation of Control/Service Policy ........................................................... 24
3.3 MPLS and VPN Service ..................................................................................... 24
3.3.1 MPLS Overview ................................................................................................. 24
3.3.2 MPLS L3 VPN .................................................................................................... 26
3.3.3 MPLS L2 VPN.................................................................................................... 27
3.4 Network Availability ............................................................................................ 28
3.4.1 IP-FRR/LDP-FRR .............................................................................................. 28
3.4.2 MPLS-FRR ........................................................................................................ 28
3.4.3 Graceful Restart ................................................................................................. 28
3.4.4 VRRP................................................................................................................. 29
3.4.5 BFD ................................................................................................................... 29
3.5 Security Features ............................................................................................... 30
FIGURES
TABLES
1 Overview
ZXR10 M6000 series devices introduced by ZTE in 2009 are new generation
carrier-class Broadband Multi-Service Gateway (BMSG). Designed based upon ZTE’s
rich experiences in Broadband Remote Access System (BRAS) and high-end router
research for many years, ZXR10 M6000 absorbs all advantages of BRAS and high-end
router, inherits the soul of the technologies ZTE accumulated in developing its router and
BRAS products. Besides, it uses unified ZXROS software platform, integrates services of
router and BRAS. As a result, it is a new generation integrated service platform on the
basis of ZTE’s deep understanding of telecom market and its glorious achievement in
this industry.
With creative system architecture, ZXR10 M6000 supports seamless upgrade service
from 100G to next generation 400G; it is capable of large traffic management and hard
QoS support, integrating multi-service capabilities, enabling a number of users to
implement fast access. It fully supports MPLS, MPLS VPN and integrated IPv4/v6 dual
protocol stacks.
ZXR10 M6000 provides integrated visible operating and management tool, which greatly
simplifies the deployment and management of large-scale network. With tight and large
switching capacity, it saves the space in the equipment room and reduces the number of
the requiring element. Large-capacity high-density design and multi-service integration
reduce network layer, in this way the flat network simplifies POP architecture and saves
network construction costs at the same time. By using special switching chip featuring
low power consumption and large capacity, together with energy-saving hardware
architecture, ZXR10 M6000 shows excellent performance in saving energy.
2 Highlight Features
ZXR10 M6000 supports integrated services of business customer and public customer to
get accessed on the same platform. Also, it implements SR and BRAS services at the
same time, which accordingly saves equipment room and reduces user’s investment.
ZXR10 M6000 greatly decreases operator’s network construction costs, realizes fast
service deployment and network reconfiguration.
With advanced system architecture, distributed and modular design philosophy, ZXR10
M6000 series have largest switch fabric capacity and highest performance packet
processor in industry to provide best performance and flexibility. M6000 series can
construct network platform facing future.
ZXR10 M6000 provides various service accesses for flexible networking as follows:
Providing various interface types such as 100GE, 10GE LAN/WAN, GE, FE, 10G
POS, 2.5G POS, 622M POS/ATM, 155M POS/ATM, Channelized 155M POS,
E1/CE1 etc. Be capable of upgrade to support 400G interface smoothly to fully
meet various requirements for customers to construct network.
Route protocol: Supporting IPv4/IPv6 static routing and multiple dynamic routing
protocols such as RIP/RIPng, OSPFv2/v3, IS-ISv4/v6, and BGP4/BGP4+,
IGMPv1/v2/v3, MLDv1/v2/v3, PIM-DM, PIM-SM, PIM-SSM, MSDP, LDP, OSPF-TE,
ISIS-TE, RSVP-TE.
Rich billing services: Support time or traffic-based billing for individual customers,
and multiple sorts of prepaying card and rechargeable card. Support precise billing
based upon VPN (VPLS, L2TP and GRE) traffic. Support traffic-based billing
arranged for group customer, which is capable of real-time billing service and
pre-paying service.
forwarding (NSF) during restart of the control plane and non-stop routing (NSR).
Triple planes design with individual data forwarding plane, control plane and system
management plane. Routing Engine and Forwarding Engine are separated.
Supporting advanced Fast ReRoute (FRR) technology to protect node and line level
failure to guarantee network stability.
Supporting fast failure detecting BFD for everything to implement 50ms failure
recovery and binding BFD with various route protocols, VRRP, VRRP Track and
LDP. Supporting IGP FRR/LDP FRR/IP FRR/RSVP TE FRR and satisfying
carrier-class protection requirements for key services.
Full modular hardware architecture is the hardware basis for equipment security
guarantee.
Self-owned operating system with highly modular structure, isolated process space,
and separated controlling plane and forwarding plane is the software basis for
equipment security guarantee.
Adopting CAR (Committed Access Rate) to restrict ICMP protocol data packets rate
to avoid CPU processing packets being overloaded.
ZXR10 M6000 supports graphical network management system, provides easy service
Supporting ZTE NetNumen integrated NMS. Its graphic user interface (GUI)
supports hierarchical password setting to protect router operation. Providing
multiple management interfaces such as Console and Ethernet, supporting inband
and outband NM information channel.
Providing complete and easy VPN service management system, graphical service
wizard, simple “fool“ configuration, featured large customer self-management,
which brings great convenience for user’s VPN service development.
ZTE provides individualized service customization to realize win-win with the customer.
ZTE provides fast service customization, which closely tracks users’ requirements
and develops featured and competitive services. ZTE cooperates with customer to
implement featured function development and service customization.
3 Functionality
ZXR10 M6000 fully supports all types of unicast routing protocol. Its main features
include:
Supporting IPv4 dynamic routing protocol: BGP4, OSPF, IS-IS and RIP.
Basic and enhanced BGP protocol functions, including route damping, route
reflector, confederation, and extended community, etc;
MP-BGP;
VPN access;
BGP FRR.
OSPF routing protocol exchanges routing information among all the routers within
one AS. It is an interior gateway protocol (IGP) based upon link status. OSPF
creates link status database by announcing network interface status among routers,
and generates the shortest path tree. Then each OSPF router uses these shortest
paths to create routing table.
NSSA;
OSPF-TE;
OSPF FRR.
IS-IS-TE;
IS-IS FRR.
RIP protocol is a dynamic routing protocol running on UDP protocol module. As the
earliest and simplest routing protocol promoted by IPv4 network, it is implemented
based upon distance vector algorithm of local network. RIP broadcasts route by
ZXR10 M6000 supports all types of intra-domain, inter-domain and client multicast
routing protocol of IPv4 and IPv6. It supports controllable multicast and provides QoS
guarantee.
Supporting IPv4 client multicast routing protocols, IGMPv1, IGMPv2 and IGMPv3.
Supporting PIM-SSM. When multicast source has not been confirmed, it can
directly join in multicast source without registering to Rendezvous Point (RP).
Supporting Anycast RP. Multiple RPs exists in a multicast domain. MSDP peers are
set among RPs. Multicast source can choose the nearest RP for registration;
receiver can add the nearest RP to its sharing tree. Hence, RP load sharing can be
implemented. When one RP is invalid, another nearest RP will substitute it to realize
RP redundant backup;
With the further development of IP network, more and more new services not only ask IP
network for reliable information delivery, but also requires predictable information
transport. Users hope that their networks can provide steady services in any
circumstance, but more advanced switch and higher bandwidth can only release the
pressure of data transmission bandwidth and QoS guarantee. However, the routing
system of traditional IP network for example internal gateway protocol OSPF and RIP,
external gateway protocol BGP4 can only provide reachable services to fit data
transmission, it is not capable of adjusting entire network resources. And this algorithm
may cause the aggregation of data traffic at network transmission side in one link, one
node or one interface. Traffic engineering aims at optimizing network performance. It can
map traffic to physical path, and optimize network resources automatically at the same
time to create network engineering technology that meets special requirements of
particular application program, and enables macro-adjustment and micro control.
Currently the key point of traffic engineering is: load balance and network recovery. The
implementation of IP traffic engineering intends to realized the integration of the
best-effort traditional IP network and QoS mechanism.
ZXR10 M6000 identifies data flow using L2/L3/L4 information: L2 traffic classification
based upon 802.1p priority or MAC address, L3 traffic classification based upon source
IP address and destination IP address, L4 traffic classification based upon both source
IP address/destination IP address, and TCP/UDP-based upon source/destination port,
TOS information, protocol type, ingoing subnet or physical interface. Once the traffic is
classified, users can implements CAR or queue scheduling mechanism. ZXR10 M6000
provides hardware-based speed restriction capability, and access speed control
mechanism provides precise bandwidth distribution policy.
The hardware-based access speed control capability of ZXR10 M6000 is also called
HRL(Hardware Rate Limiting), which makes sure other connections for example NAT,
ACL and WAN are free from affection. All interfaces with access speed control service
can guarantee controllable and reliable network access free from DOS attack. At the
same time, carriers can use this service to build hierarchical services with different prices,
which efficiently take advantage of bandwidth.
ZXR10 M6000 supports three types of hardware-based access speed limiting mode:
Port Rate Limiting. This speed limiting mode can be used over the physical
incoming or outgoing port that requires bandwidth limits, providing bidirectional
speed restriction service (no matter what kind of traffic is forwarded on this physical
port). Via this service, the network administrator or service provider can restrict the
practical speed of each physical port, and the network administrator now is capable
of allocating bandwidth between different users to guarantee saturation of the uplink,
the service provider can give key users bandwidth guarantee. Moreover, the uplink
and downlink bandwidths can be configured respectively. Precise services can be
provided on one port to meet user’s requirements for unbalanced uplink and
downlink bandwidth.
Aggregate Rate Limiting. This speed restriction mode can be done on the basis of
traffic policy, providing bandwidth control to one protocol or traffic. It can define
either a traffic policy for one subnet or a policy for aggregation traffic which by the
way can be incoming traffic or outgoing traffic of a certain application. Each traffic
policy is composed by multiple applications with flexible traffic control. The network
administrator can restrict the total amount the traffic via this service, or it can limit
the traffic of a certain subnet.
PQ (Priority Queue)
FIFO-First-In First-Out queue doesn’t classify packets. When packets ingress rate is
faster than interface transmission rate, FIFO will put the packets into queue based on
packets’ arrival sequence. At the same time, FIFO let packets get out at the queue exit
PQ-Priority Queuing classifies all packets into up to four types based on prior
configuration, puts them into four queues with different priorities respectively based on
FIFO policy. When packets get out of the queue, the queue with higher priority enjoys
absolute priority over the queue with lower priority. Packets in queue with lower priority
can be transmitted only when transmission of packets in queue with higher priority is
completed. And transmission of packets in queue with lower priority will be preempted by
packets in queue with higher priority in case of network congestion. So this queuing
mechanism can guarantee that data packets of important services (given higher priority)
are absolutely firstly transmitted. However, if the rate of packets with higher priority is
always faster than interface rate, packets with lower priority will never get an opportunity
to be transmitted.
if they are smaller than the minimal threshold. All packets will be dropped if they are
bigger than the threshold. When buffer is between the two thresholds, the dropping rate
will be a function of average queue length, which is an average value during the whole
operation process. Since data packets are dropped randomly, packets in all traffic flows
are dropped at different time, “global synchronization“ phenomenon which usually goes
together with drop-tail.
MPLS TE is a technology combining TE and MPLS. By MPLS TE, service provider can
accurately control the path traffic goes through so as to avoid the nodes with congestion
and solve the problem of part of path being overloaded while the other part of path being
idle; so that fully utilize the current bandwidth resource. Meanwhile, MPLS TE can
reserve resource during the process of LSP tunnel establishment in order to ensure QoS.
MPLS TE use CSPF (Constrained Shortest Path First) algorithm to calculate the shortest
path to certain node.
RSVP is the short form for Resource Reservation Protocol, which is initiated by receiver
to reserve resource for unicast and multicast data flows. RSVP-TE is the technology
implementing MPLS Traffic Engineering by using extended RSVP as signaling protocol
DS-TE function
E-LSP.
To make sure the successful delivery of all services in the network, different services
should be classified into different priority queues for transmission; to control the use of
network bandwidth, the related services or user’s transport traffic should be shaped (i.e.
speed restriction); to control user to access different services, ACL especially
application-based ACL should be set; to provide particular route path for special users
and services, policy-based route should be set; packet loss mechanism (e.g. WRED)
should be set when congestion occurs.
The control/service policies above are very important for the reasonable and efficient
network implementation. Considerate and hierarchical implementation should be done in
practice. Different network layers play different roles and accomplish different policy
tasks in network operation.
The interface module of ZXR10 M6000 supports Hardware Routing Table, routing table
and some ACL can be stored in interface module directly. All data traffics on the router
are directly forwarded by ASIC chip, which further releases CPU and faster than
traffic-based L3 switching mode (The first data packet experiences CPU process, the
interface module memories the forwarding result of data traffic. Other packets and the
repeated data traffic will be forwarded via ASIC chip).This forwarding mode is a new
technology generated based upon the increasing development of backbone link
bandwidth technology. It enables the route processing speed of backbone equipment
especially the equipment in the core layer to be more corresponding to the link with large
bandwidth (OC-48c, OC-192c and high-speed DWDM).
MPLS is based on per-hop route, which allows easier forwarding mechanism. As the
general mode and general routing protocol of label distribution are used on multiple types
of medium (e.g. packet, cell and frame, etc). MPLS supports highly efficient route for all
sorts of purpose (e.g. QoS route) and general traffic engineering and other operation
methods.
In MPLS VPN, carrier allocates each VPN a label named as route distinguisher (RD). RD
is unique in carrier’s network. MBGP is a route protocol extension based on BGP, which
defines VPN connection by multi-protocol extension and common features. In MPLS
VPN, BGP only sends information to the sites belong to a same VPN. It makes sure the
basic security by steams isolation. As data is forwarded along LSP, and the special path
LSP defined is fixed, which in other words guarantees security at the same time. This
label-based mode provides the same confidentiality as frame relay and ATM. Carrier
instead of user connects a special VPN to interface when using VPN, so that, data
packet forwarding is decided by ingress label. As spoofing port cannot be formed, MPLS
VPN is free from spoofing attack.
Supporting basic functions and label forwarding services of MPLS, realizing LDP
signaling protocol.
Supporting Graceful Restart over MPLS signaling protocol. When protocol breaks
down, label can be forwarded as well.
Supporting MPLS Ping/Tracert. MPLS echo request and MPLS echo reply are used
to test the usability of LSP.
Supporting TE FRR. When LSP breaks down, data flow can be switched over
rapidly.
MPLS VPN is a new VPN technology, realizing ISP data confidentiality and supporting
nonexclusive but appropriative IP address. As a result, MPLS forwarding instead of
relying on the destination address in packet head is based upon the marked value.
MPLS allows ISP to provide VPN by simple and flexible tunnel mechanism.
As there’s no extra demand for users, users do not have to change anything. The
configuration is also very simple when user wants to join in VPN.
VPN use can adopt his old private address without any change. VPN-ID is used in
the backbone network for keeping uniqueness in the entire network.
ZXR10 M6000 supports MPLS/BGP-based L3 VPN. Providing users with virtual private
network service by using existing public network resource, ZXR10 M6000 satisfies users’
service requirement of private data transmission on public network and security
requirement. VPN end-to-end solution provided can meet these service requirements.
Supporting dynamic (BGP, RIP, OSPF, and IS-IS) and static (static route) VPN
access.
To exchange VC label between PE, Martini-mode extends LDP and adds VC FEC type.
Besides, two PE exchanging VC labels may not be directly connected, so LDP must use
remote peer to establish session via which VC FEC and VC label are transmitted.
3.4.1 IP-FRR/LDP-FRR
The switching interval of IP-FRR (IP Fast ReRoute) can be in 50ms level, which can
reduce data loss in case of network failure to the utmost extent.
IP FRR supported by ZXR10 M6000 uses loop avoidance policy configured by routing
protocol module based on user’s need to provide loop-free main/backup route. It
synchronizes main/backup route with interface line card. The forwarding module
implements traffic forwarding based on main route and check the port status of main
route at the same time. When abnormal situation occur at the port, ZXR10 M6000 quickly
switch the traffic to backup route so that switching time is reduced and packets lost are
reduced.
3.4.2 MPLS-FRR
MPLS Fast ReRoute, full form for MPLS-FRR, is the technology of MPLS-TE network
local protection. Once LSP is configured with FRR, when a link or node on the protected
LSP fails, traffic will be switched to backup link. FRR is only a temporary protection
measure. When the protected link recovers or new LSP is established, traffic will be
switched to the original LSP or new LSP.
3.4.4 VRRP
VRRP protocol implements gateway backup function in the multiple-access LAN (such
as Ethernet) by providing a set of checking and election mechanism. VRRP maintains
uninterruptible service of network system for accessed host equipment by backup of
gateway equipment in LAN. That is to say, VRRP backups route next-hop equipment of
accessed host equipment.
3.4.5 BFD
One important performance of network equipment is to quickly detect the fault between
adjacent systems, and to create other path as soon as possible. BFD (Bidirectional
Forwarding Detection) just perfectly fulfill this aim. The main function of BFD is to provide
The network environment is becoming more and more complicated. Route processor on
control layer is core component processing various complicated protocol data packets,
which may encounter network storm and DDOS attack. To avoid service breakdown
caused by influence of these abnormal situations on CPU, ZXR10 M6000 implements
complicated traffic control mechanism over traffic on control layer.
CPU traffic transmitted is divided into multiple priority queues, ensuring that
important protocol packets such as BGP, OSPF and data packets customized by
administrator are given priority to be transmitted and processed. Each queue has
different threshold for different types of packets.
Supporting configuration of transmitting number per second and sending priority for
particular rules.
ZXR10 M6000 can effectively ensure that important data packets with higher priority can
be firstly transmitted and shield abnormal packets attack by data packet priority
classification, different handling, multiple queue transmitting technology, transmitting
policy configuration at port, and transmitting traffic flow rate restriction.
AAA
Local authentication
Direct trust-based authorization: trust the user and offer authority with no need
of account.
Protocol Security
RIP v2, OSPF, IS-IS, and BGP support MD5-based cipher text authentication.
ZXR10 M6000 supports uRPF (Unicast Reverse Path Forwarding), preventing network
attacks based on source address spoofing. Among common DoS attacks there is a kind
of source address spoofing with which the attacker spoofs a source address (usually a
legal network address) to access to the attacked equipment so as to prevent it from
providing normal services. URPF can effectively defend against this attack.
ACL checking
ZXR10 M6000 supports flexible port mirroring function. It can duplicate all data on a port
to another one, enabling network administrator to check and analyze port traffic.
ZXR10 M6000 supports duplicating traffic on one port matching certain requirements to
another port based on users’ selecting requirements; so as to enable network
administrator to check and analyze the data.
3.5.5 Netflow
ZXR10 M6000 supports netflow, which is a kind of technology based on sampling and
designed to monitor the network. Main features of netflow are:
3.6 IPv4/IPv6
3.6.1 IPv4
Supporting basic TCP/IP protocol stacking, including ARP, IP, ICMP, TCP, UDP
and Socket.
Supporting TELNET Client, TELNET Server and SSH Server (version 1, version 2),
giving conveniences to remote login.
Supporting the transmission of FTP client, FTP server and TFTP Client files.
M6000 also provides many link detection and diagnosis technology of IPv4 protocol,
including:
3.6.2 IPv6
ZXR10 M6000 supports IPv6. The features of its supported IPv6 protocol are:
Supporting TELNET6, which gives conveniences for remote login via telnet6.
Supporting IPv4/IPv6 dual protocol stacks. Realize both IPv4 and IPv6 functions.
M6000 can also provide various IPv6 evolution solutions, such as Dual Stack, 6RD,
DS-Lite, NAT444, PNAT, NAT64+DNS64 and so on.
And support flexible ALG functions, such as FTP, Real Time Streaming Protocol, ICMP,
Used in service control layer, ZXR10 M6000 enables the access of a large number of
broadband users. By supporting different access modes, i.e. ADSL, LAN and WLAN, it
satisfies the demands of different types of operator and service provider. Based upon
simple, highly efficient and unified user management mode, ZXR10 M6000 provides
multiple ways for flexible authentication, authorization and billing management.
IPoE service is one kind of access and authentication service. In the IPoE service, users
get accessed via physical links like Ethernet. Get IP address by configuring fixed IP
address or dynamic DHCP, and check ID via Web authentication, Option60
authentication or circuit authentication.
In this access mode, the client can not access the network after getting IP address via
DHCP Server (either embedded DHCP server in M6000 or extra DHCP server). No
matter what URL the user input in the browser, M6000 will connect to the designated
WEB page by force. After inputting the user account and password in this page, the
program will send the account and password to M6000. Then this information will be
delivered to RADIUS Server for authentication. After that, M6000 will modify the user’s
ACL, so that the user can access the network.
When the user is unconventionally offline, break down the network and turn off the
device provided the user’s host is down. ZXR10 M6000 can provide multiple inspection
ways, e.g. traffic-based determination which checks if the user’s host is under normal
operation via ARP message.
DCHP modes supported by ZXR10 M6000 include: embedded DHCP Server and DHCP
Relay. In address capture stage, DHCP Relay control communicaitons via Relay devices.
In address renewal stage, instead of processing the renew messages of DHCP Clinet,
DHCP Relay directly sends the message to DGCP Server via the forwarding platform.
The packets returned by the Server is processed in the same way. In other words, in the
renewal stage, DHCP Client and Server communiate with each directly. And the Relay
device instead of being processed by the control plane only implements forwarding
service.
A subscriber opens the client and applies for an address through DHCP.
When receiving the message, ZXR10 M6000 obtains the circuit information of the
port that receives the message. It searches for corresponding subscriber and
domain name according to the circuit information, and then searches for the
authentication mode of the subscriber according to the domain. If the local
authentication mode is configured, ZXR10 M6000 starts the local authentication
flow. It compares the subscriber information obtained with the local subscriber
information configured (including username, password and domain name). If the
information is consistent, the subscriber passes through the authentication
successfully. The server will assign an IP address and reply with a DHCP Offer
message. If the authentication mode is Remote Authentication Dial in User Service
(RADIUS), it is necessary to configure subscriber authentication information that is
consistent with the circuit information on the RADIUS server. The flow is the same
as that of local authentication after the subscriber passes the authentication.
When receiving the DHCP Offer message sent by ZXR10 M6000, the client replies
with a DHCP Request message. After ZXR10 M6000 receives the Request
message, it searches for the address assignment address information of the
subscriber according to the hardware address. If the information is found, ZXR10
M6000 will reply with an ACK message, and then the subscriber can get online
successfully. Otherwise, the subscriber will reply with a NAK message and send a
DHCP Discover message again.
A subscriber opens the client and applies for an address through DHCP.
When receiving the message, ZXR10 M6000 obtains the option60 information from
the message. Then it resolves the information according to the Option60 resolution
method that the subscriber configures. ZXR10 M6000 obtains the authentication
mode according to the domain name. If it is local authentication, ZXR10 M6000
starts the local authentication flow. It compares the subscriber information obtained
with the local subscriber information configured. If the information is consistent, the
subscriber passes through the authentication successfully. The server will assign
an IP address and reply with a DHCP Offer message. If the information is not
consistent, the server will not assign an address or reply with a DHCP Offer
message. If the authentication mode is RADIUS, it is necessary to configure
subscriber authentication information that is consistent with the circuit information
on the RADIUS server. The flow is the same as that of local authentication after the
subscriber passes the authentication.
When receiving the DHCP Offer message sent by ZXR10 M6000, the client replies
with a DHCP Request message. After ZXR10 M6000 receives the Request
message, it searches for the address assignment address information of the
subscriber according to the hardware address. If the information is found, ZXR10
M6000 will reply with an ACK message, and then the subscriber can get online
successfully. Otherwise, the subscriber will reply with a NAK message and send a
DHCP Discover message again.
PPPoE access is a link access technology via which user accesses the broadband
access server by PPP dialer. In this way, user can intercommunicate with ZXR10 M6000
via PPPoE protocol. ZXR10 M6000 is responsible for terminating PPPoE connection.
Bearing PPP data on Ethernet, PPPoE (Point-to-Point Protocol over Ethernet) provides a
standard in the broadcasting network for multiple hosts linking to remote broadband
access server. PPPoE protocol consists of two stages, i.e. PPPoE discovery stage and
PPPoE session stage. The discovery stage is used to build link layer connection
between the host and BRAS (discover MAC of BRAS) and create a PPPoE session ID
which will accompany this PPP dial-up number until the user is off the line. The session
stage mainly includes negotiation data link layer parameters, e.g. authentication
negotiation and MRU negotiation, and negotiation network layer parameters like IP
address negotiation. The implementation of the session stage consists of three steps:
creation of LCP, AUTH ahtneitcation and NCP (IPCP ) negotiation stage. LCP is used to
negotiate some parameters of the link. It is responsible for creating and maintaining links.
AUTH contains two authentication ways: PAP and CHAP. PAP (Password
Authentication Protocol) whose password is cipher text is a two-handshake
authentication. NCP mainly including IPCP and IPXCP is the most commonly used
IPCP protocol. In running IPCP, dynamic IP address negotiation of the point-to-point
devices are implemented.
Precise user location technology which defines user’s uniqueness not only gives
conveniences to service and user management, but also provides users with different
levels of service which effectively prevent their accounts from being stolen.
PPPoE+ standing for PPPoE Intermediate agent. Usually, DSLAM is used to realize
PPPoE Intermediate agent and the modification of PPPoE message. Add identifier
of user’s route to PADI and PADO in PPPoE discovery stage. ZXR10 M6000
implements LAC service and gets user’s route identifier. PPPoE+ is only suitable for
PPPoE access.
The implementation of VBAS (Virtual BAS) requires the coupling of DSLAM and
BRAS. Set DSLAM corresponding to VLAN on BRAS. In terms of user’s bandwidth
VLAN, BRAS maps the packet to the related DSLAM. When BRAS initiate the query
this DSLAM for user route identifier, the DSLAM returns the identifier to BRAS. The
implementation of VBAS requires one-by-one corresponding VLAN and DSLAM on
BRAS.
Before tagging 802.1q protocol, QinQ mechanism encapsulates 802.1q protocol tag
again. The inner label marks customer, and the outer label indicates service
provider network. Via label extension, user route identifier can be realized. QinQ
gives a better way to solve the inadequate VLAN issue (maximally 4K).
After getting user’s route information via precise location technology, ZXR10 M6000 will
send its NAS-PORT-ID field which is put in RADIUS request Packet to RADIUS server
for authentication. If the binding parameter is not right, RADIUS server will return
access-reject message, so that, ZXR10 M6000 will reject user’s connection request.
The simple redundancy and backup of device key components and link layer can not
enable non-blocking services user requires.
ZXR10 M6000 supports PPPoE / IPoE, IP Host, PPPoE / IPoE access VPN, multicast
and other hot standby technologies. It means to build "forever working" networks for
customers.
The hot standby technology synchronizes user information between active and standby
devices. After active/standby switchover, user does not need to reinitiate request for
connection. It does not have any awareness of the fault at all.
convergence.
(6) Since fault state is abnormal, it is suggested to configure VRRP groups
occupAtion. After recovery, BMSG-1 becomes the active equipment again. User
traffic returns to the initial stage when the fault is removed.
AAA treats domain as a complete control entity. The user should be fallen into a certain
domain when being authenticated. It means that a domain should be chosen for a user
when he is authenticated. Only then authentication, authorization and account can be
carried on according to domain configuration.
All functions of the AAA module are performed within the domain management entity.
Different domains are independent from each other with different authentication and
accounting policies. All processes of authentication and accounting go along within the
range of domain control. To achieve core control of AAA module, authentication policies
(local, none and radius), hierarchical authentication and billing Radius server group can
be performed according to the domain policy or user’s default template. And billing
protecting mechanism is provided by handshake detection, redundant backup, load
balance, re-send, detailed list of calls local stored etc. of authentication server.
Default user module is a generic collection of accounts authority and it is the only
authority information under such circumstance. Its application makes user account
management convenient, where shared authority within one domain can be configured.
For access users without specified authority can be authorized in this default user
module.
The combination of user name and domain name is the only identification for local
users to manage his accounts. It supports remote authentication, so that the user’s
domain name is not required to be pre-exist in the system. The accounts
management of local user is the central database of local authentication.
In a distributed way, Radius server manages configures servers and usage policies,
network parameters and domain feature of Radius protocol package. That is to say,
Radius server group implements all the configurations related to Radius.
Service access control list implements the mapping of users to domain and can
control the user’s domain according to user’s physical link. SAL can prohibit or
permit access of certain domains from certain interfaces, and performs mapping of
users to domain at the same time. The user without a domain name can be
assigned to one domain by means of default-domain configuration. If the domain the
user belonging to is not configured (including domain name not added during the
user’s entry), it can be assigned to roaming domain; otherwise if roaming domain
has not been configured, then the user cannot get access. SAL can also perform
domain name translation as well as translating all domains to an appointed one, and
domain replace function from one domain name translate to another domain name.
After these steps, end users must have been belonged to on domain.
SAL is associated in circuit interface. If not, the processing principle is: no access
without user domain name; access according to domain name via domain search,
otherwise no access allowed.
If there is still no domain name after domain mapping, the user cannot access
unless “permit any” has been configured; if a roaming domain is configured, the user
belongs to it, otherwise he cannot access.
Account name analysis: usually user accounts takes the format of user name
plus domain name, while account analysis means to dissemble the account
loaded by the user to user name and domain name.
Default domain function: If the user does not enter a domain name when
performing authentication, the default domain function can provide a shared
default domain as a control entity for the user to access.
Domain name mapping function: This function substitutes the user input
domain with specified domain(s) for authentication, making it available for an
entity to possession several domain names.
Domain control function: SAL domain control function can prohibit and permit
users in the appointed domains to access for more convenient access control.
Roaming domain function: roaming domain function is useful when the domain
the user loads is not configured in its access point, which needs to implement
user’s access control. When ZXR10 M6000 has determined that the
user-entered domain is not configured in the local area, it will make use of
roaming domain configured by SAL as a control entity for user to access.
Given broadband access services are becoming more and more comprehensive; the
requirement for user service control is also becoming higher. Thus, more granular and
more intelligent management capabilities are being requested by the carriers.
To meet the requirements, ZXR10 M6000 implements interval management for three
services, namely, ACL, QoS and management domain respectively. Managers can
define different intervals for different service policies to provide users with diversified and
differentiated services.
ACL and QoS interval management: When a user has been authenticated, it will
dynamically obtain ACL or QoS from interval management system according to
configured authentication period and applies it in the user’s attribute. Then, when the
user is online, it will apply the corresponding ACL or QoS and modifies user’s attributes,
implementing different authority within different intervals.
Domain interval management: A basic domain function only implements simple function
of access prohibition or permission, however, it’s often required to control access for
different intervals in practical. Via domain interval management, manager can control
different access in different intervals in one domain.
Working as RADIUS client and RADIUS server in communication, ZXR10 M6000 can
implement remote authentication, authorization and accounting. The specific services
are:
RADIUS server selection policy supports First mode and Round-Robin mode.
ZXR10 M6000 supports two selection algorithms, i.e. first algorithm and round-robin
algorithm. The basic principle of Frist algorithm is very easy: if the existing server is still
available, use the existing one primarily. If the existing server does not respond, choose
the next valid server. The Round-robin algorithm also follows a simple theory: ignoring
the status of the existing server, choose the next valid server directly.
For example: provided there are three servers, i.e. A, B and C. If server B is used for
authentication, based upon first algorithm it will continue working if it is still valid in later
user authentication. Otherwise, server C (If it is valid) or server A (If server C is invalid,
use server A instead) will be used. If round-robin algorithm is used, use the server C (if
valid) or server A (if C is invalid, use server A instead) directly in the authentication.
ZXR10 M6000 supports active/standby RADIUS server switchover. When the active
RADIUS server breaks down, the system must send the authentication accounting
information automatically to the standby RADIUS server. Then the backup one will
implement authentication and accounting services. Then when the active RADIUS
recovers, ZXR10 M6000 can switch the information back to the active RADIUS. There is
As users always care accounting service, the accounting information should be not only
accurate but also complete. However, if RADIUS is bothered by unsmooth traffic or
overloaded accounting server, it may lose accounting information. ZXR10 M6000
provides local accounting protection, i.e. if the accounting server does not give any
response to user’s accounting information sent by ZXR10 M6000, the accounting service
is defaulted as failed. Then this accounting information (including start accounting packet
and end accounting packet) will be sent to local accounting cache.
ZXR10 M6000 supports that the dispatched feature of RADIUS dynamically adjusts
user’s bandwidth or restrict the access to particular resources. It supports RFC3576.
RADIUS server confirms the user as per its account number, then it changes the user’s
IP, ACL, QoS and uplink/downlink traffic bandwidth control. The modified information will
be sent to ZXR10 M6000 via CoA-request information. ZXR10 M6000 searches for
corresponding users according to related user’s circuit information in the request, and it
will change the user’s related service data. During the entire course, the user is normally
online, and there’s no need for PPP reset.
Clock synchronization includes two synchronous information: on one hand it’s the time
(phase) synchronization, phase between the signals is consistent, that is, phase
difference between signals is a constant zero; on the other hand, it’s the frequency
synchronization, the frequency between the signals maintains a strict relationship, the
effective moments appeare in the same average rates, to maintain all devices in the
ZXR10 M6000 supports IEEE 1588v2 protocol. 1588V2 protocol provides a set of
precise time synchronization program -PTP (Precision Time Protocol), which supports
time and frequency synchronization, providing sub-microsecond time synchronization
accuracy. In 1588V2 protocol, PTP packets can have a variety of packages, such as
UDP (IPV4, IPV6), Ethernet and so on. At the same time, PTP packets can be transmited
by multicast mode or unicast mode.
To the communication, clock can be divided into the master clock and the slave clock. In
theory, any clock can serve as the master clock and slave clock, but a PTP
communication subnet can have only one master clock. Optimal clock throughout the
system clock is the GMC (Grandmaster Clock), which is the best stability, accuracy,
reliability and so on. According to the precision and level of the clock on each node, and
traceability of UTC (Universal Time Clock), the best master clock algorithm automatically
selects the subnet master clock; in only one subnet system, the master clock is the GMC.
Each system has only one GMC, and each subnet has only one master clock, slave
clock should keep pace with the master clock.
Due to the development of IP network, there is more and more service implemented by
IP network. At the same time, the network ranges larger, and configures harder, plus
user’s higher expectation, the network management becomes more and more difficult.
Only manual management and passive inspection cannot meet the requirements of
running the entire system.
Now the maintenance engineer is focusing on how to deploy service swiftly, how to keep
steady network operation, how to predict the operating quality of the network and how to
locate the failure as soon as it happens. Therefore, the active network monitoring,
automatic network failure inspection and recovery, and sound network operation are
urgently required to guarantee maximum network profit.
ZTE giving positive response to the call of the times develops Netnumen unified network
management system. It is an integrated network management system composed by
router, switch and CE, responsible for network element management, network
management and service network management. It supports multiple sorts of database,
has graphic interface in different languages for convenient operation. Besides, this
system also provides flexible northbound interface, supporting powerful interconnecting
integration.
Inband Management
The advantage of inband management is that flexible networking does not ask for
Outband Management
By using outband management; the breakup the service channel will prevent the
network management station to do equipment management, so that the transport of
network information becomes more reliable. But due to the huge geographic limits,
the independent network management network requires extra investment.
The traffic direction, traffic load and network load are the key issues in network
management. The performance management module of Netnumen is mainly
responsible for the performance monitoring and analysis of data network and its
equipments. The performance data collected by network element will generate
performance report after a certain processing, so that maintenance and
management departments can get information to guide network engineering, plan,
network scheduling and improve network operating quality. Via performance
management, user can implement load, traffic direction and interface load collection,
get timely service quality report and give prompt evaluations and adjustment on
entire network resource configuration.
The security management is mainly responsible for user’s legal network operation. It
realizes the management of user, user group and role. By arranging correct
relationships between user, user group and role, it provides administrators with
security control mechanism. Via login authentication, it prevents illegal users from
accessing the system. By authorized operation, it offers security mechanism to
administrator’s secure operation.
Due to the fast development of telecom industry, one carrier nowadays should
manage multiple different network element equipment or professional network
management system. The drawbacks for instance non-interaction among different
professional network management systems, complicated management content, and
multiple operating interfaces become more and more obvious. To enhance the
integrated network management level and effect of telecom enterprise, one network
management station can be used to implement all sorts of management and control
to the interconnected networks, so that, the integrated entire network management
comes true.
The integrated network management connects with professional network
management via interface. So the professional network management should
provide standard open northbound interface to the integrated network management
system, so that, it can integrate with the integrated network management system
rapidly and reliably. Netnumen supports many types of northbound interface, e.g.
CORBA, SNMP, TL1 and FTP.
ZXR10 M6000 has clear maintenance interface which also enables easy operation. User
management is carried out based upon differentiated authorities to make sure the
security of equipment maintenance. ZXR10 M6000 can provide online software upgrade,
BOOTROM upgrade; outband network management, equipment self-diagnosis, and
record of abnormal equipment file.
management configuration modes, which enables user to choose the optimal way
to configuring its connections. It makes the equipment maintenance easier.
Equipment Policing:
There are indicators on power supply module, fan, MSC and all LICs. They show
the operating status of these components;
Fan monitoring is done by special fan module which can test the operation and
status. Besides, it is also capable of intelligent fan speed adjustment.
When the fan, power supply or temperature goes working, the voice awarding and
software warning will be generated;
The MSC switchover and hot swappable records are kept for reference;
The system monitors the operating status of the software, when abnormity happens,
the LIC will be restarted and MSC switchover will be implemented as well;
Via CLI, user can check the basic information of all MSC, LIC, and optical modules;
User can decide if console login require user name and password or not;
ZXR10 M6000 series provides multiple sorts of diagnosis and scheduling methods,
enabling user to have multiple ways to adjust equipment and get more scheduling
information. Support dedicated diagnosis test command mode, complete equipment
diagnosis and test, which enables equipment test to be carried out at any time. And
when the equipment breaks down, it can be inspected remotely.
Support the display of status of internal register of line card and memory
address
Ping and Trace Route: by inspecting if the network connection is reachable, the
transport path of the online record packet acts as the reference;
Debug: rich debug commands are provided to each of software. Every debug
command supports multiple debugging parameters, so it can be controlled flexibly.
Via debug command, specific information on the progress, message processing
and tolerance inspection of the service in the course of operation can be displayed;
Mirroring image service: it supports interface-based mirroring image, via which the
incoming, outgoing or bidirectional messages are replicated to the observed
interface.
ZXR10 M6000 provides software upgrade modes in both normal and abnormal
conditions.
Upgrade when the system is abnormal: Provide software upgrade when the
equipment cannot be initiated normally. Via modifying boot initiation mode, load
new software version from the management Ethernet interface to complete initiation
upgrade;
Upgrade when the system is normal: Provide local or remote FTP online upgrade
when the equipment is in normal condition.
4 System Architecture
ZXR10 M6000 series product uses chassis-based architecture that is popular in the
industry. Adopting all-in-one chassis and modular architecture, it uses hot swappable line
card modules and components, so it features flexible scalability.
The entire equipment is mainly composed by chassis, LCD display module, fan tray, air
intake plane, backplane, power supply module, management processor unit, switch
fabric unit and service line cards.
boards, soleplate, top plate, and structure tracks. The module insert and cabling can be
done in the front of chassis. The LCD module, power supply module and fan tray are
designed in modular architecture. The entire device is 19 inch which totally goes in line
with the industry standard; as a result, it can be put in IEC 297 or ETSI standard racks.
The appearance and planar layout of ZXR10 M6000-16 are shown respectively as
follows:
442mm
2
3
4 4
4 4
4 4
4
5 1686.2mm
6
6
6 6
5
4
4 4
4 4
4 4
4 4
3
1 LCD
2 2 Fan tray
7 3 Cable bracket
4 Line card
8 5 MPU
600mm
6 SFU
7 Air filter
8 Power module
The chassis of ZR10 M6000-16 is 38U(1U=44.45mm) high and its entire size goes like
442mm(W)*1686.3mm(H)*600mm(D). With vertical slots, ZXR10 M6000-16 is designed
with 22 slots including 16 service line card slots, 2 MPU (management process unit) and
4 SFU (switch fabric unit). The MPU is designed in 1:1 redundant backup and SFU is in
3+1 redundant backup.
1*CF card interface and 2*USB interfaces. It is capable of connecting with external
storage to save configuration file, etc.
1*10/100M Ethernet electrical interface and 1*RS232 interface that are used for
configuration and control;
The power supply module is designed in online backup mode. It is capable of providing
-48V DC or 220V AC modes. DC power supply mode is in 1+1 design, which enables 2
groups of -48V DC offer electricity at the same time. AC power supply mode uses 1+1
backup to enhance the reliability of the entire power supply system.
The real-time temperature, power consumption, version and equipment alarm can be
shown on LCD on the top side of the chassis. Besides, airs filter locating above the
power supply module to prevent dusts from falling down to the chassis. There are two fan
trays on the top and bottom part of the chassis respectively. The entire chassis adopts
bottom-to-top ventilation cooling mode. Two sets of cable brackets on the top and bottom
parts of the line card respectively, which are give conveniences for cabling.
The appearance and architecture layout of ZXR10 M6000-8 are shown respectively as
follows:
442m
m
2
2
3
1152.9
mm
4
4 4
4 4
4 4
4 6
6
6
7 1 LCD
2 Fan tray
5
3 Cable bracket
5
4 Line card
5 MPU
8 6 SFU
600m
m 7 Air filter
8 Power module
The chassis of ZXR10 M6000-8 is 27U(1U=44.45mm) high and its entire size goes like
442mm(W)*1152.9mm(H)*600mm(D). With vertical slots, ZXR10 M6000-8 is designed
with13 slots including 8 service line cards, 2 MPU and 3 SFU. The MPU is designed in
1:1 redundant backup and SFU is in 2+1 redundant backup.
1*CF card interface and 2*USB interfaces. It is capable of connecting with external
storage to save upgrade file, etc.
1*10/100M Ethernet electrical interface and 1*RS232 interface that are used for
configuration and control;
The power supply module is designed in hot backup mode. It is capable of providing
-48V DC or 220V AC modes. DC power supply mode is in 1+1 design, which enables 2
groups of -48V DC offer electricity at the same time. AC power supply mode uses 1+1
backup to enhance the reliability of the entire power supply system.
The real-time temperature, power consumption, version and equipment alarm can be
shown on LCD on the top side of the chassis. Besides, air filter prevents dusts from
falling down to the chassis. There are two fan trays on the bottom part of the chassis.
The entire chassis adopts bottom-to-top ventilation cooling mode. Cable bracket locates
on the top part of the line card.
The appearance and architecture layout of ZXR10 M6000-8S are as shown as follows:
441mm
750mm
1
7
1 Cable bracket
2 2 2 Service cards
2 2
2 2 3 SRU cards
2 2
4 SFU cards
3 619.5mm 5 Air inlets
3
6 Transversal dust screen
4
7 Handles
8 Sub-rack mounting flange
9 Side air inlets
8
6
5
9
Cable bracket
00 1 2 3 10 8 1110 4 5 6 77
SFU
PFU+PIU
PFU+PIU
PFU+PIU
PFU+PIU
PFU+PIU
PFU+PIU
PFU+PIU
PFU+PIU
SFU
SRU
SFU
SRU
9
SFU
FAN
Air inlets
The chassis of ZR10 M6000-8S is 14U (1U=44.45mm) high and its entire size goes like
441mm*619.5mm*750mm (W*H*D). With vertical slots, ZXR10 M6000-8S is designed
with 12 slots including 8 service line card slots, 2 SRU (switch router unit) and 2 SFU
(switch fabric unit). The SRU is designed in 1:1 redundant backup and SFU is in 3+1
redundant backup.
2 x CLK port (SMB), as 2.048MHZ or 2.048MBit/s clock input and output interfaces
2 x GPS port (RJ45), as the external GPS clock input and output interfaces
The power supply module is designed in online backup mode. It is capable of providing
-48V DC modes. DC power supply mode is in 2+2 design, which enables 2 groups of
-48V DC offer electricity at the same time to enhance the reliability of the entire power
supply system.
There are five groups of fans trays on the top-back part of the chassis respectively. So,
the wind comes into the chassis from the front and both sides and goes out of it from the
back-top.
One set of cable brackets on the top part of the line card, which gives conveniences for
cabling.
The appearance and architecture layout of ZXR10 M6000-5S AC and DC are shown as
follows:
5 442mm
1 1 Service cards
1 2 SRU cards
1
3 AC Power module
2
2 4 Sub-rack mounting flange
1
1 5 Cable bracket
1 352.8mm 1
6 Handles
3
630mm
95mm
5 442mm
1 1 Service cards
1 2 SRU cards
1
3 Handles
2
2 4 Sub-rack mounting flange
1 5 Cable bracket
1 308.4mm
630mm
95mm
4 PFU+PIU
3 PFU+PIU
2 PFU+PIU
6 SRU
5 SRU
1 PFU+PIU
0 PFU+PIU
4 PFU+PIU
3 PFU+PIU
2 PFU+PIU
6 SRU
5 SRU
1 PFU+PIU
0 PFU+PIU
The chassis of ZXR10 M6000-5S AC is 8U (1U=44.45mm) high and its entire size goes
like 442mm*352.8mm*725mm (W*H*D). And the chassis of ZXR10 M6000-5S DC is 7U
high and its entire size goes like 442mm*308.4mm*725mm (W*H*D).
With horizontal slots, ZXR10 M6000-5S is designed with7 slots including 5 service line
cards and 2 SRU. The SRU is designed in 1:1 redundant backup and Switch Fabric Unit
is in 1+1 redundant backup.
2 x CLK port (SMB), as 2.048MHZ or 2.048MBit/s clock input and output interfaces
2 x GPS port (RJ45), as the external GPS clock input and output interfaces
The power supply module is designed in hot backup mode. It is capable of providing
-48V DC or 110/220V AC modes. DC power supply mode is in 1+1 design, which
enables 2 groups of -48V DC offer electricity at the same time. AC power supply mode
uses 2+2 backup to enhance the reliability of the entire power supply system.
Air filter prevents dusts from falling down to the chassis. The entire chassis adopts
side-to-back ventilation cooling mode.
Two sets of cable brackets on the both sides, which give conveniences for cabling.
The appearance and architecture layout of ZXR10 M6000-3S AC and DC are shown as
follows:
6
1 Service cards
5 442mm
1 2 MPU cards
1
3 AC Power module
1
4 Sub-rack mounting
2
3 219.4mm flange
5 Cable bracket
628mm
4 6 Handles
1
95mm
5 442mm
1 1 Service cards
1 2 MPU cards
1 3 Handles
2
175mm 4 Sub-rack mounting
628mm
4
flange
1
5 Cable bracket
95mm
2 PFU+PIU
1 PFU+PIU
0 PFU+PIU
3 MPU 4 MPU
2 PFU+PIU
1 PFU+PIU
0 PFU+PIU
3 MPU 4 MPU
The chassis of ZXR10 M6000-3S AC is 5U (1U=44.45mm) high and its entire size goes
like 442mm*219.5mm*723mm (W*H*D). And the chassis of ZXR10 M6000-3S DC is 4U
high and its entire size goes like 442mm*175mm*723mm (W*H*D). With horizontal slots,
ZXR10 M6000-3S is designed with5 slots including 3 service line cards and 2 MPU. The
MPU is designed in 1:1 redundant backup.
2 x CLK port (SMB), as 2.048MHZ or 2.048MBit/s clock input and output interfaces
2 x GPS port (RJ45), as the external GPS clock input and output interfaces
The power supply module is designed in hot backup mode. It is capable of providing
-48V DC or 110/220V AC modes. DC power supply mode is in 1+1 design, which
enables 2 groups of -48V DC offer electricity at the same time. AC power supply mode
uses 1+1 backup to enhance the reliability of the entire power supply system.
Air filter prevents dusts from falling down to the chassis. There are two groups of fans
trays on the back part of the chassis. The entire chassis adopts side-to-back ventilation
cooling mode.
Two sets of cable brackets on the both sides, which give conveniences for cabling.
The hardware of ZXR10 M6000 uses many key technologies, such as distributed parallel
processing, Cross-bar space division switching, fast route search, multi-level traffic
management, etc. All its components are designed with redundant backup protection,
featuring carrier-class reliability. Based upon the hardware of high-end router that’s now
popular in the industry, ZXR10 M6000 creates brand-new switching architecture to
enable easier system capacity extension. With distributed protocol processing, it greatly
enhances the processing performance and flexibility of all sorts of protocols.
With rack-based design, ZXR10 M6000 series product is mainly composed by the
following subunit: physical line interface subunit, packet forward subunit, and service
processor subunit, switch fabric subunit, management process subunit, and backplane
subunit, power supply subunit, monitoring alarming subunit and diagnosis and debugging
subunit. All the subunits interconnect with each other via large-capacity serial bus or
Ethernet bus. The general hardware architecture of ZXR10 M6000-16 and ZXR10
M6000-8 are as shown in 0 and 0 respectively.
b
a Ethernet
General Service card GSU Management Process Unit MPU
Power/CLK c Power/CLK
k Ethernet Maintenance
RS232
Service Switch Control p switch unit Management
processi interface l unit ZXR10-OAM
2.048MHz
ng unit unit a Control
HSSL n System 2.048Mbps
management and Clock
TOD/PP1
e maintenance unit S
module
1 MS
2
8
Power
Power Fan
supply module
module .. 5
2
1 1
2
3
4
b
a Ethernet
General Service card GSU Management Process Unit MPU
Power/CLK c Power/CLK
k Ethernet Maintenance
RS232
Service Switch Control p switch unit Management
processi interface l unit ZXR10-OAM
2.048MHz
ng unit unit a Control
HSSL n System 2.048Mbps
management and Clock
TOD/PP1
e maintenance unit S
module
1 MS
2
5
Power
Power Fan
supply module
module
3
2
1 1
2
1
2
3
b Ethernet
General Service card GSU a Management Process Unit MPU
Power/CLK c Power/CLK
k Ethernet Maintenance RS232
Service Switch Control p switch unit Managemen
processin interface l ZXR10-OAM
a t unit 2.048MHz
g unit unit HSSL Control
n System 2.048Mbps
e Clock TOD/PP1S
management and
maintenance unit module
1 M S
2
3
Power
Fan module
Power
supply
module
2
1
1
2
The corresponding interface buses connecting to the backplane of ZXR10 M6000 consist
of: switching fabric interface fast Serdes bus for service transmission, switching
management interface for the transmission of management data, 1000M Ethernet
Serdes bus for intercommunications among all hardware modules, system clock bus
provided by the clock subcard on MPU, and intelligent platform management bus and
monitoring bus for managing hardware system. In addition, MPU also provides the bus
and I/O interface for the management of system power supply. All management modules,
switching modules, power supply module, data switching Serdes, communication Serdes,
and management bus are in redundant design.
Totally independent data forwarding platform, local control platform, remote control
plane enable isolated physical tunnels for delivering control plane message and
control plane configuration information. This method ensures the independent
operation of data plane and control platform.
Advanced switching fabric architecture via VOQ (Virtual Output Queue) technology
realizes multiple virtual output queues in one physical tunnel, which realizes
end-to-end traffic control and QoS in switching plane. It realizes real non-blocking
service.
PFU also supports local FLASH to save image file, which greatly shortens the
version download in the course of system initiation.
Physical Interface Unit (PIU) flexible subcard enables the PFU to support hybrid
interface cards with different speed and types. It gives conveniences to flexible
networking.
Support node/link redundancy and non-stop service. Known for carrier-class high
reliability and stability, the hardware guarantees the redundancy of SFU and MPU.
So when failure happens or repair takes place, the wire-speed forwarding and QoS
can be guaranteed.
LCD gives real-time display on the monitoring information, such as power supply
status, fan, temperature and version, etc.
As core control node of the product, management process unit of ZXR10 M6000 is
responsible for the entire management and maintenance of the chassis. When MPU
receives the related routing information sent by line cards, it will initiate dynamic routing
protocol, receive and send routing information, calculate routing table. Also, it uses
different processes to handle routing information of different types, and forms entire
routing table finally. Then via internal 1000M Ethernet bus, it delivers entire routing table
to each line card and service card. The active and standby MPU communicate with each
other via special internal communication tunnel. A dedicated circuit on MPU monitors the
operation status of CPU in real time, so when serious fault like storage ECC verifying
error and the breakdown of Ethernet switching chip, the hardware will implement the
switchover of main and standby MPUs.
Processing all sorts of protocol and signaling to realize the control and
announcement of the system status. Isolating forwarding plane and control plane,
isolating routing protocol control plane and configuration operation management
plane. Enhance the reliability of protocol control plane and the manageability of the
equipment.
The inter-slot outbands communication of the entire system. The local switching
module inbuilt in the board provides modules with non-stop intraboard outband
communication to realize the interboard control, maintenance and information
exchange correctly. The isolation of interboard communication service and data
service guarantees the absolute reliability of the system interboard information.
Ethernet switching unit (ESU) provides control communication tunnel for MPU, line card
and SFU. It realizes data communication and equipment management between MPU
and all other cards.
It provides all line cards with highly precise and reliable SDH (Synchronous Digital
Hierarchy) interface clock signal. It supports 2MBITS, 2MHz, GPS and line clock as
reference. By changing oven controlled crystal oscillators and software, type-III or type-II
clocks can be implemented. The clock processing unit provides system switch fabric with
highly reliable synchronized clock, and guarantees the clock synchronization of the
switch fabric and line card.
The environment monitoring alarm unit is responsible for collecting the working status of
the rack and giving on time alarm. Besides, all these information will be displayed on
LCD, which on the other hand offers a sound man-machine interface to maintenance
engineer.
The switch forward unit of ZXR10 M6000 is the core of data switching plane, taking care
of the unblocked switching. By using high-performance switching fabric, SFU integrates
creative capacity extension solution, implements multicast tunnel management,
intelligent monitoring and entire queue management. ZXR10 M6000-16 has 3+1
redundant SFU, ZXR10 M6000-8 has 2+1 redundant SFU, ZXR10 M6000-8S has 3+1
redundant SFU, and ZXR10 M6000-5S has 1+1 redundant SFU.
To ensure the reliability and redundancy of the switching system, the maximum
3-time speedup ratio is used. For M6000-16, 3+1 load sharing and redundant
design, plus 4 pieces of SFU working at the same time, so when 1 SFU breaks
down, the rest 3 still can provide adequate switching capacity for entire system
switching process. And it’s similar to M6000-8 with 2+1 redundancy.
Monitoring and test bus independent from service has independent power supply,
providing the monitoring information on the power, voltage, current, temperature of
SFU, the control of hot swappable module, reset and boot-up, etc.
The line card of ZXR10 M6000 is composed by PFU and PIU. There are following logical
subunit: physical line interface unit, forwarding unit, traffic management unit, switching
fabric interface unit and CPU control unit. It implements fast processing and forwarding,
takes care of the maintenance and management of link protocol and service forwarding
tables. The Line card architecture show as below:
Physical line interface unit: it implements the processing in physical layer and data
link layer, such as the link identification, access, optical/electrical conversion,
coding/decoding and framing.
Ingress Fabric Q switching interface unit and Egress Fabric Q switching interface
unit.
CPU control unit: implement local protocol message processing, manage and
configure all sorts of chip and table entry on the line card.
ZXR10 M6000 provides rich service line cards, covering many types of interface, e.g.
Ethernet/POS/cPOS/E1 /E3. Besides, it supports multiple sorts of interface rate and port
density to meet the requirements of different network and services. It gives users
conveniences to implement flexible configuration.
According to different sizes, the existing interface card of ZXR10 M6000 consists of three
categories: full-high PIU, half-high PIU and 1/4 PIU. Depended on types of PFU, each
service slot can be configured with one full-height PIU or at most two half-height PIUs or
at most four 1/4 PIUs. And PIU also supports the hybrid configuration. ZXR10 M6000
full-high PIU mainly are high-density Ethernet /POS interface cards and high-speed
interface. The half-high PIU and 1/4 PIU of ZXR10 M6000 is designed for enhancing
network flexibility, reducing user’s network costs, and meeting different user and network
requirements. Also, PFU supports the access of PIU with hybrid types, which effectively
enhances the flexibility of user’s configuration, simplifies user’s choices and reduces
carrier’s OPEX and CAPEX.
Service processor unit is responsible for processing all sorts of complicated services and
protocols. Working together with different service licenses, ZXR10 M6000 can offer
services like CGN (Carrier Grade NAT), Netflow, L2TP, IPsec and DPI etc.
Taking up one slot, service processor unit does not provide outward interfaces. As per
different uploaded software, service processor unit offers different services.
ZXR10 M6000 uses load sharing parallel processing mode to enhance processing
capability.
The signal backplane unit of ZXR10 M6000 is the bridge of line card, MPU, SFU and
other components, which interconnects all sorts of data, control and power signal of the
functional units.
Dual-star topology enhances the reliability and redundancy of the switching fabric
ZXR10 M6000 power supply module is designed in N+N redundant mode, supporting DC
and AC power supply models. Two groups of power supply modules work independently.
They are hot swappable, so when one power supply module breaks down or is plugged
out, the system won’t be affected, which on the other hand enhances equipment
reliability. The power supply module is designed in environment protection mode,
capable of exceed outgoing traffic protection, exceed outgoing voltage protection,
short-circuit protection, alarm provision and anti-lightening protection. Also it can send
error alarming information via monitoring tunnel to LCD in time.
Based upon ZTE’s self-researched route operation system ZXROS, ZXR10 M6000 can
be adaptive to all kinds of network in any high-performance and complicated commercial
environment. This software has the most integrated network features built based upon
international standard. The entire software architecture is as shown as following:
Support Protocol
Network Management
MPLS Protocol
SNMP Subsystem
Subsystem
Statistical Alarm
Subsystem
The Security
Subsystem
The Security
Subsystem
Subsystem
Subsystem
Multicast Routing
Unicast Routing
Protocol
Protocol Subsystem
Subsystem
IP Routing Subsystem
L2 Protocol Subsystem
Hardware & Drive Subsystem: Provide drives for the software of MPU, line card,
backplane, fan and power supply module ;
Unicast Routing Protocol Subsystem: it forms unicast forwarding routing table for
lower layers to forward unicast packet.
Multicast Routing Protocol Subsystem: it forms multicast forwarding routing table for
lower layers to forward multicast packet.
MPLS Protocol Subsystem: implement LDP, RSVP-TE, and L2/L3 VPN. Provide
Statistical Alarm Subsystem: maintain all sorts of statistical alarm and configuration
information, store all kinds of statistical information, and provide query interface
SNMP Subsystem: implement SNMP AGENT service, support all the protocol
operations of SNMP agent made in SNMP V1 /V2/V3
Encapsulation
Support multiple operating systems and the smooth upgrade of the operating
system.
Monitoring
Monitor the working status of power supply module, fan, voltage, current, and
working temperature.
Provide fast failure location to guarantee high reliability of the product version.
Modular Components
5 Technical Specifications
Item Parameters
Physical Dimensions
441*619.5 442*308.3 442*175*7
Paramet (W*H*D
*749.4 *740 38
er mm) (DC) 442*1686* 442*1197.
Dimensions 600 3*600
442*352.8 442*219.4
(W*H*D NA
*740 *738
mm) (AC)
load)
Service Slot 16 8 8 5 3
Reliability ≥99.999%
Hot Swap All modules are hot-swappable, interface sub-modules are not
ability hot-swappable
Power DC: 1+1 DC: 1+1 DC: 2+2 DC: 1+1 DC: 1+1
Supply AC: 4+4 AC: 2+2 AC: 1+1 AC: 1+1
Module
Redundant
Backup
Noise <70dB
Parameters
Item
M6000-16 M6000-8 M6000-8S M6000-5S M6000-3S
MAC
Address 256K 256K
L2
Table
Feature
VLAN
64K 64K
Number
Routing 4M
4M
Table
L3 Multicast 64K
L3 64K
Table
Feature
IPv6 1M
Routing 1M
Table
LSP
500K 500K
Number
Number of
MPLS LDP 2000 2000
Neighbors
Time for
<50ms <50ms
MPLS FRR
Switchover
QoS CAR
8 kbit/s 8 Kbps
Granularity
HQoS Level 5 5
VRF
Routing 1M 1M
Table
VPLS Entity
16K 16K
Number
PPPoE
32K/slot 32K/slot
User
256K/chassis 256K/160K/96K /chassis
BRAS Number
Maximum
configured 10 7 7 4 2
boards
SPU-NA Maximum
T concurrent
sessions 12M
per
SPU-NAT
Item Descriptions
L2 Features VLAN Support VLAN based upon port, protocol, subnet
and MAC address
Item Descriptions
Item Descriptions
Item Descriptions
QoS Traffic Support traffic classification based upon physical
Classification port
Support traffic classification based upon VLAN ID
Support IP classification based upon source and
destination addresses
Support port classification based upon TCP/UDP
Support traffic classification based upon DSCP
domain
Support traffic classification based upon protocol
number
Item Descriptions
Item Descriptions
Reliability Support MPLS-TE tunnel end-to-end path protection
Support MPLS-TE FRR
Support BFD for Static Routing , Policy Routing, LDP, OSPF,
ISIS, BGP, VRRP, FRR
Support VPN FRR, IP FRR, LDP FRR
Support Graceful Restart
Support NSF/NSR
Support ISSU
Support VRRP
Item Descriptions
Item Descriptions
Item Descriptions
L2 Protocol Standard
RFC 3101 OSPF NSSA Option RFC 3137 OSPF Stub Router
Advertisement
RFC 1397 BGP Default Route RFC 1772 Application of BGP in the
Advertisement Internet
RFC 1965 Confederations for BGP RFC 1997 BGP Attribute Communities
RFC 2385 Protection of BGP Sessions RFC 2439 BGP Route-Flap Dampening
via MD5
draft-ietf-idr-rfc2796bis-02.txt draft-ietf-idr-rfc2858bis-09.txt
RFC 2918 Route Refresh Capability for RFC 3065 Confederations for BGP
BGP4
RFC 4271 BGP-4 (previously RFC 1771) RFC 4360 BGP Extended Communities
Attribute
RFC 4724 Graceful Restart Mechanism RFC 4760 Multi-protocol Extensions for
for BGP-GR helper BGP
ISIS Standard
RFC 1142 OSI IS-IS Intra-domain RFC 1195 Use of OSI IS-IS for routing
Routing Protocol (ISO 10589) in TCP/IP&dual environments
RFC 2763 Dynamic Hostname Exchange RFC 2973 IS-IS Mesh Groups
for IS-IS
RFC 3847 Restart Signaling for IS-IS-GR RFC 4205 for Shared Risk Link Group
helper (SRLG) TLV
draft-ietf-isis-igp-p2p-over-lan-05.txt
VRRP Standard
LDP Standard
IPV6 Standard
RFC 1981 Path MTU Discovery for IPv6 RFC 2375 IPv6 Multicast Address
Assignments
RFC 2460 Internet Protocol Version RFC 2461 Neighbor Discovery for IPv6
6(IPv6) Specification
RFC 2462 IPv6 Stateless Address Auto RFC 2463 Internet Control Message
configuration Protocol(ICMPv6) for the Internet
Protocol Version 6 Specification
RFC 2464 Transmission of IPv6 Packets RFC 5072 IP Version 6 over PPP
over Ethernet Networks
RFC 2545 Use of BGP-4 Multi-protocol RFC 2710 Multicast Listener Discovery
Extension for IPv6 Inter-Domain Routing (MLD) for IPv6
RFC 3315 Dynamic Host Configuration RFC 3587 IPv6 Global Unicast Address
Protocol for IPv6 Format
RFC 3590 Source Address Selection for RFC 3810 Multicast Listener Discovery
the Multicast Listener Discovery (MLD) Version 2 (MLDv2) for IPv6
Protocol
RFC 4007 IPv6 Scoped Address RFC 4193 Unique Local IPv6 Unicast
Architecture Addresses
RFC 4291 IPv6 Addressing Architecture RFC 4659 BGP-MPLS IP Virtual Private
Network(VPN) Extension for IPv6 VPN
Multicast Standard
RFC 1112 Host Extensions for IP RFC 2236 Internet Group Man-agement
Multicasting(Snooping) Protocol
RFC 4601 Protocol Independent RFC 4604 Using IGMPv3 and MLDv2 for
Multicast-Sparse Mode(PIM-SM) Source-Specific Multicast
draft-rosen-vpn-mcast-08.txt draft-ietf-mboned-msdp-mib-01.txt
MPLS Standard
RSVP-TE Standard
RFC 2474 Definition of the DS Field the RFC 2598 An Expedited Forwarding PHB
IPv4 and IPv6 Headers(Rev)
PPP Standard
RFC 1990 The PPP Multilink RFC 2516 A Method for Transmitting PPP
Protocol(MP) Over Ethernet
ATM Standard
RFC 1626 Default IP MTU for use over RFC2684 MultIProtocol Encapsulation
ATM AAL5 over ATM Adaptation Layer 5
DHCP Standard
VPLS Standard
PW Standard
RFC 3985 Pseudo Wire Emulation RFC 4385 Pseudo Wire Emulation
Edge-to-Edge(PWE3) Edge-to-Edge(PWE3) Control Word for
Use over an MPLS PSN
RFC 3916 Requirements for PWE3 RFC 4446 IANA Allocations for PWE3
RFC 4447 Pseudowire Setup and RFC 4448 Encapsulation Methods for
Maintenance Using Transport of Ethernet over MPLS
LDP(draft-ietf-pwe3-control-protocol-17.t Networks(draft-ietf-pwe3-ethernet-encap-
xt) 11.txt)
RFC 4619 Encapsulation Methods for RFC 4717 Encapsulation Methods for
Transport of Frame Relay over MPLS Transport ATM over MPLS Networks
Networks(draft-ietf-pwe3-frame-relay-07.t (draft-ietf-pwe3-atm-encap-10.txt)
xt)
RFC 4816 PWE3 ATM Transparent Cell RFC 5085,Pseudowire Virtual Circuit
Transport Connectivity Verification (VCCV):A
Service(draft-ietf-pwe3-cell-transport-04.t Control Channel for Pseudowire
xt)
draft-ietf-l2vpn-arp-mediation-04.txt draft-ietf-pwe3-ms-pw-arch-02.txt
MFA Forum 9.0.0 The Use of Virtual MFA Forum 12.0.0 Multiservice
trunks for ATM/MPLS Control Plane Interworking-Ethernet over MPLS
Interworking
RFC2037, Entity MIB using SMIv2 RFC2233, The Interface Group MIB using
SMIv2
Protocol (v3)
TMF816, B2B Managed Service for DSL Interworking Between CORBA and TMN
Interface Implementation Specification System Specification V1.0
V1.5
YD/T 852-1996 TMN General Design YD/T 871-1996 TMN General Information
Principle Model
YDN 075-1998 China Public Multimedia RFC 1215 A Convention for Defin-ing
Communications Network Management Traps for use with the SNMP
Standard
RFC 2452 IPv6 Management Information RFC 2454 IPv6 Management Information
Base for the Transmission Control Base for the User Datagram Protocol
Protocol
draft-ietf-disman-alarm-mib-04.txt draft-ietf-ospf-mib-update-04.txt
draft-ietf-isis-wg-mib-05.txt draft-ietf-mpls-lsr-mib-06.txt
draft-ietf-mpls-te-mib-04.txt draft-ietf-mpls-ldp-mib-07.txt
7 Abbreviation
AS Autonomous System
CE1 Channelized E1
GR Graceful Restart
IP Internet Protocol
PQ Priority Queue
SR Service Router
TE Traffic Engineering
TM Traffic Manager
AS Autonomous System