ZXR10 5900E Product Description - libertyport.com · 6.1 NetNumen N31 Unified Network Management...

ZXR10 5900E

Product Description

ZXR10 5900E Product Description

ZTE Confidential Proprietary © 2010 ZTE CORPORATION. All rights reserved. I


Version Date Author Approved By Remarks

V2.0 2010-10-30 XUXIAODONG YUANZHIYONG

New Templates

Functions of ZXR10 5900E system indicators

Picture panel of clock module

© 2010 ZTE Corporation. All rights reserved.

ZTE CONFIDENTIAL: This document contains proprietary information of ZTE and is not to be disclosed or used without the prior written permission of ZTE.

Due to update and improvement of ZTE products and technologies, information in this document is subjected to change without notice.


II ©2010ZTE CORPORATION. All rights reserved. ZTE Confidential Proprietary

TABLE OF CONTENTS

1 Overview ......................................................................................................... 1

2 Features .......................................................................................................... 2

2.1 Superior Performance and Capacity ................................................................. 2

2.2 Enhanced Video Service Experience ................................................................ 2

2.3 Rich Service Platforms ..................................................................................... 2

2.4 Carrier-Class High Reliability ............................................................................ 3

2.5 Excellent Operation and Maintenance Design .................................................. 3

2.6 Energy Saving and Environment Protection ...................................................... 4

3 Functions ........................................................................................................ 5

3.1 Basic Function .................................................................................................. 5

3.1.1 MAC Address Management .............................................................................. 5

3.1.2 VLAN ................................................................................................................ 6

3.1.3 Port-Based VLAN ............................................................................................. 6

3.1.4 Protocol–Based VLAN ...................................................................................... 7

3.1.5 Subnet VLAN .................................................................................................... 7

3.1.6 PVLAN.............................................................................................................. 7

3.1.7 VLAN Translation ............................................................................................. 8

3.1.8 Super VLAN ..................................................................................................... 8

3.1.9 QinQ ................................................................................................................. 8

3.1.10 SVLAN.............................................................................................................. 9

3.1.11 STP ................................................................................................................ 10

3.1.12 Link Aggregation ............................................................................................. 11

3.1.13 Basic Ethernet Features ................................................................................. 12

3.1.14 IGMP Snooping .............................................................................................. 13

3.1.15 Ipv4 Multicast Route ....................................................................................... 13

3.1.16 Ipv6 Multicast Route ....................................................................................... 14

3.1.17 IPv4/IPv6 Route .............................................................................................. 14

3.2 Value-Added Service ...................................................................................... 16

3.2.1 Cluster Management ...................................................................................... 16

3.2.2 ESRP Ring Protection .................................................................................... 18

3.2.3 ZESS ZTE Ethernet Smart Switch .................................................................. 18

3.2.4 Security Feature ............................................................................................. 19

3.2.5 TR101 Feature ............................................................................................... 20

3.2.6 MPLS VPN ..................................................................................................... 20

3.2.7 LDP FRR ........................................................................................................ 21

3.2.8 Support External Alarm Input and Output ....................................................... 21

3.2.9 VCT Technology .......................................................................................... 22

3.2.10 SFP DOM ....................................................................................................... 22

3.2.11 SFlow ............................................................................................................. 22

3.2.12 ACL ................................................................................................................ 23

3.2.13 QoS ................................................................................................................ 24 3.2.13.1 Basic QoS Feature ............................................................................... 25 3.2.13.2 Ethernet QoS ........................................................................................ 26 3.2.13.3 MPLS QoS ........................................................................................... 27 3.2.13.4 HQoS .................................................................................................... 28

3.2.14 Port Mirroring .................................................................................................. 29


ZTE Confidential Proprietary © 2010 ZTE CORPORATION. All rights reserved. III

3.2.15 Traffic Statistics .............................................................................................. 29

3.2.16 NTP ................................................................................................................ 29

3.2.17 RADIUS .......................................................................................................... 29

3.2.18 SNMP ............................................................................................................. 29

3.2.19 RMON ............................................................................................................ 30

3.2.20 DOT1X Authentication .................................................................................... 31

3.2.21 IPTV ............................................................................................................... 31

3.2.22 VBAS .............................................................................................................. 32

3.2.23 ARP ................................................................................................................ 32

3.2.24 DHCPv4 ......................................................................................................... 33

3.2.25 DHCPv6 ......................................................................................................... 34

3.2.26 LLDP .............................................................................................................. 34

3.2.27 UDLD ............................................................................................................. 35

3.2.28 Stacking Service ............................................................................................. 37

3.2.29 VRRP ............................................................................................................. 39

3.2.30 Ethernet OAM ................................................................................................. 39 3.2.30.1 802.3ah................................................................................................. 39 3.2.30.2 CFM ...................................................................................................... 41

3.2.31 Multi-VRP CE ................................................................................................. 44

3.2.32 L2PT ............................................................................................................... 45

3.2.33 Dual-Port Loop Inspection .............................................................................. 46

3.2.34 IPFIX .............................................................................................................. 46

3.2.35 Features of Synchronous Clock ...................................................................... 47 3.2.35.1 System Clock Service .......................................................................... 47 3.2.35.2 Synchronous Ethernet Clock ................................................................ 47 3.2.35.3 IEEE 1588 v2 Clock ........................................................................... 47 3.2.35.4 Clock Protection Service ...................................................................... 48

4 System Architecture ..................................................................................... 49

4.1 Product Physical Structure.............................................................................. 49

4.2 Hardware Architecture .................................................................................... 50

4.2.1 Control Module and Switching Module ............................................................ 51 4.2.1.1 Interface ................................................................................................ 53 4.2.1.2 Indicator ................................................................................................ 54

4.2.2 Interface Module ............................................................................................. 56

4.2.3 Power Module ................................................................................................. 56

4.2.4 Clock Module .................................................................................................. 57

4.3 Software Architecture ..................................................................................... 57

4.3.1 Operation Support Subsystem ........................................................................ 59

4.3.2 MUX Subsystem ............................................................................................. 59

4.3.3 L2 Subsystem ................................................................................................. 60

4.3.4 L3 Subsystem ................................................................................................. 60

4.3.5 NM and Operation & Maintenance Subsystem ............................................... 61

4.4 ZXROS Platform ............................................................................................. 61

5 Technical Specifications .............................................................................. 69

5.1 Physical Indices .............................................................................................. 69

5.2 Capacity ......................................................................................................... 70

5.3 Performance ................................................................................................... 70

5.4 Power ............................................................................................................. 71

5.5 Working Environment ..................................................................................... 71

5.6 Environmental Classes ................................................................................... 71


IV ©2010ZTE CORPORATION. All rights reserved. ZTE Confidential Proprietary

5.7 Reliability ........................................................................................................ 71

6 Operation and Maintenance ......................................................................... 72

6.1 NetNumen N31 Unified Network Management Platform ................................. 72

6.1.1 Network Management Networking Mode ........................................................ 72

6.1.2 NetNumen N31 Network Management System ............................................... 73

6.2 Maintenance and Management ...................................................................... 75

6.2.1 Multiple Configuration Modes ......................................................................... 75

6.2.2 Monitoring, Controlling and Maintenance ........................................................ 76

6.2.3 Diagnosis and Debugging ............................................................................... 76

6.2.4 Software Upgrad ............................................................................................. 77

6.2.5 File System Management ............................................................................... 77

7 Installation .................................................................................................... 79

8 Networking .................................................................................................... 80

8.1 Product Features in Real Network Implementations ....................................... 80

8.1.1 SVLAN( Flexible QinQ) ................................................................................... 80

8.1.2 IPTV ............................................................................................................... 81

8.1.3 ESRP ............................................................................................................. 82 8.1.3.1 ZESS ..................................................................................................... 82

8.2 Integrated Networking Applications ................................................................. 83

8.2.1 MAN Access Layer Solution ........................................................................... 83

8.2.2 Enterprise Network Solution ........................................................................... 84

9 Configuration Instructions ........................................................................... 86

10 Glossary ........................................................................................................ 87


ZTE Confidential Proprietary © 2010 ZTE CORPORATION. All rights reserved. V

FIGURES

Figure 3-1 Specific QinQ Networking Application ................................................................. 9

Figure 3-2 The Networking Topology of Cluster Management ............................................ 17

Figure 3-3 The Rules for Switch Role Conversion .............................................................. 18

Figure 3-4 The networking topology of ZESS ..................................................................... 19

Figure 3-5 Alarm Interface .................................................................................................. 21

Figure 3-6 Basic Architecture of sFlow ............................................................................... 23

Figure 3-7 Traffic Policing with CIR/PIR ............................................................................. 25

Figure 3-8 5P3D Model based upon Ethernet Service ........................................................ 27

Figure 3-9 end to end MPLS QoS ...................................................................................... 27

Figure 3-10 Abstract architecture of HQoS ......................................................................... 28

Figure 3-11 False connection of interface .......................................................................... 37

Figure 3-12 Interface down ................................................................................................ 37

Figure 3-13 stacking framework ......................................................................................... 38

Figure 3-14 Relationship of sub-layers of OAM in ISO/IEC OSI reference model ............... 40

Figure 3-15 Maintenance domain ....................................................................................... 42

Figure 3-16 Ethernet Maintenance Domain Inclusive Relations.......................................... 43

Figure 3-17 L2TP Networking ............................................................................................ 45

Figure 4-1 The Front Panel of ZXR10 5928E ..................................................................... 50

Figure 4-2 The Front Panel of ZXR105928E-FI .................................................................. 50



Figure 4-5 The Front Panel of ZXR10 5928E with Clock Synchronization Interface Card ... 50

Figure 4-6 System hardware diagram of ZXR10 5900E ..................................................... 51

Figure 4-7 Diagram of main control card ............................................................................ 52

Figure 4-8 Functional Block Diagram for the Operation Support Subsystem ...................... 59

Figure 4-9 functional Block Diagram of the L2 Subsystem ................................................. 60

Figure 4-10 Functional Block Diagram of the L3 Subsystem .............................................. 61

TABLES

Table 4-1 The Assistant Interface Type and Interface Number of ZXR10 5900E ................ 53


VI ©2010ZTE CORPORATION. All rights reserved. ZTE Confidential Proprietary

Table 4-2 Feature of 100/1000Base-T Ethernet interface on main control card of ZXR10 5900E ................................................................................................................................... 53

Table 4-3 Functions of ZXR10 5900E system indicators .................................................... 54

Table 4-4 Service Interface Card of ZXR10 5900E ............................................................. 56

Table 4-5 Front panel of clock module ............................................................................... 57

Table 4-6 L2 Protocol Standard .......................................................................................... 62

Table 4-7 TCP/IP Protocol Standard .................................................................................. 62

Table 4-8 RIP Protocol Standard ........................................................................................ 63

Table 4-9 OSPF Protocol Standard .................................................................................... 63

Table 4-10 BGP Protocol Standard .................................................................................... 63

Table 4-11 ISIS Standard ................................................................................................... 64

Table 4-12 VRRP Standard ................................................................................................ 64

Table 4-13 LDP Standard ................................................................................................... 64

Table 4-14 IPV6 Standard .................................................................................................. 64

Table 4-15 Multicast Standard............................................................................................ 65

Table 4-16 Differentiated Services Standard ...................................................................... 65

Table 4-17 PPP Standard .................................................................................................. 65

Table 4-18 DHCP Standard ............................................................................................... 66

Table 4-19 Network Management Standard ....................................................................... 66

Table 5-1 Physical Parameters .......................................................................................... 69

Table 5-2 Basic Performance ............................................................................................. 70

Table 5-3 Reliability ............................................................................................................ 71

Table 8-1 SVLAN networking application ........................................................................... 80

Table 8-2 IPTV networking application ............................................................................... 81

Table 8-3 ZESR networking application ............................................................................. 82

Table 8-4 ZESS networking application .............................................................................. 83

Table 8-5 MAN Application ................................................................................................. 84

Table 8-6 Enterprise Network Application .......................................................................... 85

ZTE Confidential Proprietary © 2010 ZTE CORPORATION. All rights reserved. 1


1 Overview

ZXR10 5900E Series Gigabit L3 Switches introduced by ZTE aim at satisfying

aggregation market in the industry, in order to meet the requirements of service access

bearer network integrate data, voice, video and mobile services on a unified platform.

With high-performance software/hardware architecture, excellent switching capacity and

performance, simple operation and maintenance tool, ZXR10 5900E series products give

conveniences to develop sustaining carrier-class bearer network.

ZXR10 5900E series products make the equipment work longer and maximally protect

operator’s investment, with their High-speed back plane, advanced special core chips,

featuring their superior service extensibility and more value-added services. “Green

Environment Protection” design philosophy enables ZXR10 5900E series products to be

famous for its low power consumption in the industry. The tight architecture of the

equipment requires little space and costs in equipment operation. The modular dual

power supply design ensures high reliability, which greatly reduces the costs of operation

and maintenance, and realizes maximum profits.

ZXR10 5900E series all-GE intelligent routing switch includes four models, i.e.

5916E,5928E, 5928E-FI and 5952E. ZXR10 5916E provides 12 GE Ethernet electrical

interfaces, 1extension slot, 1 FE management interface, 1 Console port, 2 warning ports.

The subcard for the extension slot can be classified into 4 sorts: 4 GE SFP optical

interfaces, 4 GE electrical interfaces, 4 10GE optical interface, 2 10GE optical interfaces+

2 10GE stacking interfaces;ZXR10 5928E provides 24 GE Ethernet electrical interfaces,

1extension slot, 1 FE management interface, 1 Console port, 2 warning ports and 1 clock

synchronization subcard. The subcard for the extension slot can be classified into 4 sorts:

4 GE SFP optical interfaces, 4 GE electrical interfaces, 4 10GE optical interface, 2 10GE

optical interfaces+ 2 10GE stacking interfaces; ZXR10 5928E-FI provides 24 GE

Ethernet SFP interfaces, 1 extension slot, 1 FE management interface, 1 Console

interface and 2 warning interfaces. The subcard for the extension slots can be classified

into 4 sorts: 4 GE SFP optical interfaces, 4 GE electrical interfaces, 4 10GE optical

interfaces and 2 10GE optical interfaces + 2 10GE stacking intefaces;ZXR10 5952E

provides 4 linecards, 1 extension slot, 1 FE management interface, 1 Console interface

and 2 warning interfaces. each linecard supports 8-port GE optical/electrical interface.

The subcard for the extension slot can be classified into 4 sorts: 4 GE SFP optical

interfaces, 4 GE electrical interfaces, 4 10GE optical interfaces and 2 10GE optical

interfaces + 2 10GE stacking interfaces.


2 © 2010ZTE CORPORATION. All rights reserved. ZTE Confidential Proprietary

2 Features

2.1 Superior Performance and Capacity

By using the advanced hardware architecture and design philosophy, ZXR10 5900E

guarantees wire-speed forwarding of all services. Hardware-based IPv4/IPv6 forwarding

mechanism provides the optimal performance and flexibility, so it is capable to building

future-oriented basic network platform.

2.2 Enhanced Video Service Experience

ZXR10 5900E supports rich IPv4/IPv6 multicast protocols, multicast QoS, and solves the

management of traffic engineering issue caused by multi-port replication of multicast

service. It reduces the latency, jitter and abrupt packet loss of video stream. Besides, it

shortens the time for user’s video stream to join in or leave the network. At the same time,

multicast service access control technology ensures the secure access of multicast

service, and makes sure users can enjoy high-quality video service.

2.3 Rich Service Platforms

ZXR10 5900E series uses mature and unified ZXROS multi-service platform, providing

the most reliable, extensible and manageable protocol system for IPv4/IPv6. It gives full

support to L2 and L3 services and standard protocols. Also it is compatible with the

original network, so it is the best platform for network integration.

It supports enhanced Ethernet features such as SVLAN/ZESR (ESRP+/ZESS). Together

with highly efficient L2PT tunnel technology, it provides customers with all sorts of flexible

solutions.

The end-to-end OAM service management and performance monitoring based upon all

sorts of granularity e.g. physical port and logical link make the network operation more

transparent and convenient. It also provides highly qualified hierarchical QoS and

service-based awareness and control mechanisms. Each port provides large-capacity

hardware queue, so that it can support all kinds of services flexibly, and realize traffic

shaping, policy marking, queue scheduling and congestion control. It meets user’s

requirements for multiservice bandwidth control, realizes real SLA in the course of service

access, and provides solid guarantee to carrier’s precise operation.



2.4 Carrier-Class High Reliability

ZXR10 5900E series focuses on the design of carrier-class reliability. It uses modular

power supply system to provide redundant backup. it features powerful recovery

capability when encountering disaster and flexible failure processing capability. So in a

word, ZXR10 5900E series has integrated maintainability.

It supports ZESR(ESRP+). With creative single-point dual homing and multi-point dual

homing redundant backup design, it provides 50ms fast switchover, and offers reliable

guarantee to the implementation of large-scale triple play service.

With rich security and anti-attack mechanisms, ZXR10 5900E series device supports

wire-speed forwarding, packet inspection and traffic differentiation in the condition of

having thousands of ACL. It supports CPU protection, protocol message speed limitation,

DoS attack monitoring, IP Source guard DAI.

2.5 Excellent Operation and Maintenance Design

The increasing growth of network service makes fast deployment of network service to

become more and more important. ZXR10 5900E series uses ZTE’s unified network

management platform via which the graphic user interface provides customers with

service configuration, management, diagnosis, and monitoring. So that customers can

understand the network operating status at any time. The deep inspection carried out by

intelligent tools which simplifies failure location makes the network management much

easier. Finally, it realizes easy service deployment, transparent data forwarding,

intelligent failure processing, viewable service quality and clear network resource.

There is a handle outside the modular components of ZXR10 5900E series device, for

example the power supply module and extensive slot, so it is very easy to get these

modules in and out of the chassis. There’s also a fixed lock at the bottom of each slot.

when the slot is installed, the lock will fix the slot to avoid its loose.

All network cables and power cables, including the switches of power supply are in the

front of the panel. This gives after-sales engineer great conveniences in their work. All

jobs can be done as soon as they open the chassis, which truly improves engineer’s work

efficiency.

M button on the front panel breaks through the design of the traditional switch via which

only link（active） and direct speed can be displayed. The mode switch button of the M

button can visually display the running sate of the switch such as CPU utilization,

memory utilization, CPU ARP attack number, whether the port learns MAC, whether the

existence of CRC error, display of entire bandwidth and network storm. Network servers

can also directly Ping to determine whether the links of network management are

connected. This can give more convenience to quick maintenance and efficient

management.



The external warning interface of ZXR10 5900E series has 3-line warning input and 5-line

control input. It enables the external warning of the system to be controlled effectively,

and reduces/avoids the loss caused by external warning.

By using VCT technology, ZXR10 5900E series Ethernet switch can implement remote

maintenance of cable. It can inspect the short circuit, open circuit on the cable, and make

sure the tolerance of location within 1 meter. By VCT, ZXR10 5900E series Ethernet

switch can detect the failure does not cause by the configuration error at Client, it is able

to locate the failure equipment, port and even the distance to the failed cable. In network

management center, failure location can be done to obviate most failures to make

network maintenance job easier. Furthermore, this method reduces the difficulties and

costs of operation maintenance at the same time.

2.6 Energy Saving and Environment Protection

In the test on comparing the power consumption of ZXR10 5900E and the devices from

other famous vendors in the industry, ZXR10 5900E shows much smaller power

consumption in both idle and full load conditions. Together with classic European design,

i.e.220mm deep, small size, light weight and large capacity, it helps the carrier to save the

energy and reduce the requirements for deployment environment efficiently.



3 Functions

3.1 Basic Function

3.1.1 MAC Address Management

MAC（Media Access Control）is the hardware label of network equipment. The switch

implements message forwarding according to MAC address. As an exclusive tag, MAC

address ensures the correct forwarding of messages.

Each switch takes care of a MAC address table. In this table, MAC address and switch

port are corresponding one by one. When the switch receives data, it will find out if this

data should be filtered or forwarded to the corresponding switch port in terms of MAC

address table. MAC address table is the foundation and premise for switch to implement

fast forwarding.

ZXR10 5900E series realizes the following MAC services:

MAC Address Fixation

When the network is operated steadily for a while, the locations of the equipment

linking to all ports of the switch are fixed. In other words, the ports corresponding to

all equipment’s MAC address in switch MAC address table are fixed, so the learnt

MAC address can be fixed.

MAC address fixation actually changes all dynamic MAC addresses to static mode.

After the conversion, these MAC addresses will not join in aging process. At the

same time, if the data from whose source MAC address are these addresses

appears on other ports, the switch will not have any chance to learn again any more.

Port Binding MAC Address

It is capable of adding dynamic, static and permanent MAC addresses in MAC

address table. For static or permanent MAC address, the relationship between MAC

address and port is fixed. This relationship will not stop until it is removed manually.

Restrict the Number of Port MAC Address

The capacity of switch MAC address is limited. When the number of the user in the

network reaches the limitation of the MAC address table, we can restrict the number

of the learnt MAC address that the port of the users with low priority is.

By restricting port MAC address, MAC address flooding which easily causes MAC

address table overflow can be avoided.



Port MAC Address Learning Protection

When abnormity of one port MAC address learning is found, the switch will protect

this port MAC address learning for a while. As soon as the port goes into protection

mode, it will not carry out any new MAC address learning; when the protection is

due, the port can implement MAC learning again.

The Filtering of Port Unknown MAC Address

In default mode, the filtering service of unknown MAC address of switch port is

disabled. The port does not filter unknown MAC address. If unknown MAC address

filtering service is configured on one port of the switch, the corresponding port will

discard and learn the packets with the unknown MAC address got by this port.

MAC Address Filtering

The data filtering in terms of MAC address consists of the following three modes:

1. Only match the source MAC address of the data, i.e. if the source MAC

address of the data is the set MAC address, then carries out the filtering.

2. Only match the destination MAC address of the data, i.e. if the destination

MAC address of the data is the set MAC address, then carries out the filtering.

3. Match the source or destination MAC address of the data, i.e. if the source

or destination MAC address of the data is the set MAC address, then carry out

the filtering.

3.1.2 VLAN

ZXR10 5900E series have basic L2/L3 switching functions. The forwarding carried out in

data link layer realizes the classification of virtual working group by supporting IEEE

802.1Q protocol. ZXR10 5900E series supports multiple ways to classify VLAN, i.e. the

classification based upon equipment port, or the classification based upon the host MAC

address and the network layer information of user’s message.

3.1.3 Port-Based VLAN

The port-based VLAN classification is simple and popular. It allocates different ports of

the equipment with different VLAN, so all traffics received by these ports belong to the

VLAN corresponding to this port. For example, port 1, 2 and 3 belong to the same VLAN,

other ports belong to other VLANs, as a result, and the frames received by port 1 are only

delivered to port 2 and port 3. If the VLAN user moves to a new place, it will not belong to

its original VLAN unless it is allocated with a new VLAN.



3.1.4 Protocol–Based VLAN

Protocol-based VLAN is flexible, so it is suitable for L3 or network with rich protocols.

Protocol-based VLAN is classified in terms of data packet’s network layer encapsulation

protocol, so the labels with the same data packet are in the same protocol VLAN. This

VLAN based upon network layer protocol enables broadcasting domain to cross multiple

VLAN switch,Therefore, users can move freely in the network, and its VLAN membership

will still remain.

Via this method, even user changes its location, he does not have to reconfigure its VLAN.

Besides, it can classify VLAN according to protocol type. Without requiring additional

frame label to mark VLAN, this method reduces network communications.

Protocol VLAN is set “enable” on the physical interface, and it can be disabled as

customer requires. It only classifies VLAN according to data packet label. It isolates

packets with different labels.

3.1.5 Subnet VLAN

Subnet VLAN is implemented in L2 VLAN, realizing data frame forwarding flexible.

Subnet VLAN determines the corresponding VLAN data will be forwarding according to

the source IP address of the data frame. This VLAN based upon the source IP address

enables users in different network segments cross multiple VLAN forwarding. But their

VLAN membership will still remain.

Subnet VLAN isolates data with different source IP addresses. So users can only get data

from the same network segment. The priority for UNTAG frame to forward subnet VLAN

is higher than protocol VLAN and PVID, TAG frame is forwarded in TAG mode, and its

priority is higher than subnet VLAN.

3.1.6 PVLAN

To enhance network security and isolate messages between users, each user will be

distributed with one VLAN traditionally. This method has the following obvious

drawbacks:

Currently 4094 VLANs are supported at most in IEEE 802.1Q standard. So the

limitation of the user number stops network extension.

Each VLAN is corresponding to one IP subnet, so many subnets will cause the

waste of IP address.

The planning and management of so many VLAN and IP subnets make network

management more complicated.

PVLAN（Private VLAN） aims at solving these problems.



PVLAN divided VLAN port into two categories: Isolate Port connecting with user’s port

and Promiscuous Port uplinking router. The isolate port which can not connect with each

other can only communicate with promiscuous port. Therefore, ports under the same

VLAN are isolated, and user can communicate with its default gateway only. It tightly

ensures network security.

3.1.7 VLAN Translation

VLAN translation is also an expansion of the VLAN function. It allows overlapping VLAN

IDs of different Ethernet switches accessing from the edge, and via VLAN translation

service, these overlapping VLAN IDs will be changed to different VLAN IDs and sent via

uplink port. So that users can be isolated in L2 core switch, which simplifies the

configuration of edge access switch.

3.1.8 Super VLAN

The traditional ISP network allocates each user an IP subnet. There are three IP

addresses used as subnet network number, broadcasting address and default gateway

respectively when every subnet is allocated. If there are lots of IP address remained in

some users’ subnet, they can not be used by other users either. This method may waste

a great number of IP addresses.

SuperVLAN solves this issue perfectly by aggregating multiple VLANs (normally called

sub-VLAN) to one SuperVLAN. These VLANs use the same IP subnet and default

network gateway.

Via SuperVLAN technology, ISP only needs to allocate one IP subnet to SuperVLAN, and

create one sub-VLAN to each user. All sub-VLANs can allocate IP addresses in the

subnet of SuperVLAN flexibly. They use the default gateway of SuperVLAN. Each VLAN

is an independent broadcasting domain, making sure the isolation of different users.

Different VLAN use SuperVLAN to route and communicate with each other.

3.1.9 QinQ

QinQ, also known as VLAN stacking, is a vivid name for the tunnel protocol based on

802.1Q encapsulation. Besides original VLAN label (Inner Label), QinQ technology adds

another VLAN label (Outer Label) which can cover the inner label.

QinQ does not need protocol support, via which simple L2VPN (L2 Virtual Private

Network) can be implemented. It is suitable for L3 switch in small LAN

Specific networking application based upon QinQ technology is as shown in the following

figure. The port connecting to user network is called Customer port, and the one

connecting operator network is named Uplink port. Operator network edge access

equipment is called PE (Provider Edge)



Figure 3-1 Specific QinQ Networking Application

Normally user network uses Trunk VLAN to access PE. The Uplink port in service

provider network interconnects with each other via Trunk VLAN mode.

When messages reaches customer port of switch A from user network 1, the switch A will

insert an outer label (VLAN ID is 10) no matter the message is tagged or untagged.

Messages is sent long the port with VLAN 10 in service provider network to switch B.

when switch B realizes user network 2 is connecting with customer port, it will detag the

outer label according to traditional 802.1Q protocol to resume user’s original messages.

Then the messages will be sent to user network 2.

In this way, streams between user network 1 and 2 can be transferred transparently via

service provider’s network. User network can freely plan its private network VLAN ID

without causing VLAN ID conflicts in service provider network.

3.1.10 SVLAN

SVLAN is also called flexible QinQ. It’s the development and enhancement of QinQ.

Original QinQ can only implement port-based outer layer label addition. It’s not flexible in

application. SVLAN can tag packets with different S-Tag label selectively based on port

and C-Tag. To keep client packet COS, it can duplicate 802.1p field in inner layer label to

outer layer label to keep user QoS continuity.

Compared with QinQ, SVLAN has enhanced function of network user location, which

enables QinQ to better support PUPV (one VLAN per user) and PSPV (one VLAN per

service). It is easy for carrier’s operation and maintenance management. The most

typical application is Triple Play service in broadband to the home.

VLAN can perfectly solve the problem of user location separation and service

differentiation in broadband network. It can implement operation and maintenance

management for one VLAN per user, which brings great convenience to network

management and maintenance. ZTE is always an advocator of this technology and takes

the leading position in the industry.



ZXR10 59E series switch supports SVLAN with the following applications and functions:

Being able to distinguish different service VLAN at one port and tag different outer layer

label based on different service requirements.

Being able to implement coexistence of VLAN transparent transmission and QinQ service

at port; being able to keep user label unchanged without adding new label to user label

when some VLAN packets are going through switch.

Being able to duplicate 802.1p field in user label to outer layer label to guarantee that

user’s service level is kept unchanged in QinQ network so as to keep the consistency of

QoS of user service.

IEEE802.1ad specifies that S-Tag Ethernet type is 0x88A8 and C-Tag Ethernet type is

0x8100. ZTE switch supports C-Tag and S-Tag Ethernet type at any designated port.

SVALN has two major applications in the network:

SVLAN is applied in user location separation and service differentiation in network and

Triple Play service in family broadband. SVALN QinQ can solve traditional 4096 VLAN

resource shortage problem so as to truly implement PUPV and PSPV.

3.1.11 STP

STP (Spanning Tree Protocol）is built particularly to eliminate network broadcasting storm

caused by circle links, and to provide network topology redundant backup service. Aiming

at generating “a tree”, the root of the tree is a switch named root bridege. According to

different configurations, different switches will be used as the root bridge. But there’s only

one root bridge at any time. A tree is formed starting from the root tree, and the root

bridge will send configuration message on a regular basis. Each switch who receives the

message will dispatch it to other ports after updating the received message on the basis

of its own configuration and network topology architecture. When one switch gets

configurations from two or more than two ports, there’s loop existing in the network. At

this moment, the switch will leave one port in forwarding mode, and block other ports to

get rid of loop. When one port does not get configuration message for a long time, it will

be considered by the switch as overtime configuration which may have changed the

network topology. So the network topology must be calculated again and generate a tree.

RSTP (Rapid Spanning Tree Protocol) is the optimization of spanning tree. ZXR10

5900E Ethernet switch supports this protocol. As for its rapidness, the latency caused by

root port and designated port getting into forwarding status in network equipment or link

changing period are shortened in some conditions, so network topology can get steady

much faster.

Rstp feature also support sbpdu guard, root guard, loop guard, edge－port and stp

ignored per vlan features, where BPDU guard： For access-layer equipment, access port

is normally connected with user terminal (e.g. PC) or file server directly. At this moment,



the access port is configured as edge port to realize fast migration of this port; when

these ports receive configuration messages (BPDU message), the system will

automatically set these ports as non-edge-ports. Recalculation of spanning tree causes

network topology concussion. Normally these ports will not receive STP configuration

messages. If someone make fake configuration message to raise malicious attack,

network concussion will happen.

RSTP provides BPDU protection to prevent these attacks； switch initiates BPDU

protection service, so that if the edge port receives the configuration message, the

system will terminate these ports and inform network management that these ports has

been shut down by RSTP. Only network administrator can resume these shutdown ports.

ROOT guard： In the network, when root bridge receives a bpdu message with higher

priority, it will not act as root bridge anymore so network topology will be changed, which

directly causes the breakdown of data forwarding. To prevent the root bridge from being

attacked, root protection service should be imitated over the port. So when it receives

high-priority messages, it will change to listen status and stop forwarding message. In 30

seconds, it will change to normal status automatically, which avoid frequent root bridge

change.

Loop guard：Loop protection can avoid the loop caused by one-way link failure. After

initiating loop guard service, the port will directly changes to loop－ inconsistent

blocking status if bpdu message does not arrive in expected time. The port does not

change to listening, learning, or forwarding status, otherwise stp will insist there’s

physical failure over port. When bpdu message is received, the port will be resumed.

3.1.12 Link Aggregation

Link aggregation is the process where the physical link segments with the same media

type and same transmission rate are bundled together, and appear as one link logically.

Switch decides via which port the message will be sent to the peer-end switch according

the port sharing policy user made. When switch detects one member port link breaks

down, it will stop sending messages over this port and recalculate message delivering

port in the rest links on the basis of load sharing policy. When the failed port is resumed,

the recalculation will be carried out again to get correct port. Link aggregation is a very

important technology in extending link bandwidth and realizing link transmission elasticity

and redundancy.

ZXR10 5900E supports two sort of link aggregation, i.e. static Trunk and LACP

Static Trunk adds multiple physical ports to Trunk group directly to form a logical port.

This method is not good for inspecting the status of link aggregation port.

LACP (Link Aggregation Control Protocol) follows IEEE 802.3ad standard. LACP

aggregates multiple physical ports dynamically to Trunk group via protocol to form a

logical port. LACP generates aggregation to get maximum bandwidth.



When configure link aggregation service on ZXR10 5900E, the following principles

should be followed:

Totally 32 Trunk groups should be configured. Each Trunk group consist of 8

member port at most.

Support cross-interface board aggregation. Member port can be distributed on any

interface board. But the selected port must be working in full-duplex modem and the

working speed must be the same.

The member port mode can be access, trunk or hybrid. But they must keep the

same.

The logical port formed by link aggregation on ZXR10 5900E is called smartgroup which

can be used as common port.

3.1.13 Basic Ethernet Features

ZXR10 5900E series supports the following basic Ethernet features:

Port mirroring

Port mirroring service can replicate the data of one or more than more ports

(reflector port)on the switch to a designated destination port (monitoring port). The

monitoring port can get the data on these reflector ports via mirroring image, so that,

it can carry out network traffic analysis and failure diagnosis. Also, it supports

remote SPAN（RSPAN、ERSPAN）.

Broadcasting storm suppression

It can restrict the number of broadcasting message allowed to pass Ethernet port per

second. When the broadcasting traffic exceeds the value user set, the system discards

the broadcasting traffic to control it to a reasonable scale. In this way, it effectively

suppresses broadcasting storm, avoids network congestion and ensures normal service

operation. The broadcasting storm suppression is set based upon speed, i.e. the smaller

the speed is, the less broadcasting traffic is allowed to pass.

Support the configuration of port speed, duplex mode, and self adaptation.

Support circuit diagnosis analysis test

ZXR10 5900E series supports Cable diagnosis analysis test, via which the abnormities of

the links between cables can be inspected. Besides, it can accurately find the location of

Cable failure, which gives conveniences to network management and failure location.

1000M Ethernet electrical interface uses network cable to connect other devices. There

are four pairs of twisted-pair cable, so when the device is working with 100M interface,

1-2 and 3-6 cable are used. And when 1000M mode is used, 1-2, 3-6, 4-5 and 7-8 cables



should be all used. The cable can inspect the status of each pair of twisted-pair cable,

including:

Open： Open circuit

Short： Short circuit

Good： good circuit

Broken： open or short circuit

Unknown： unknown result or no result

Crosstalk： coupling circuit

Fail： failed inspection

3.1.14 IGMP Snooping

The IGMP Snooping maintains the relationship between the multicast address and the

table of the LAN by listening to the IGMP packets communicated between the user and

the router. It maps the members of a multicast group into a VLAN. After receiving the

multicast packets, it forwards them only to the VLAN members in that multicast group.

IGMP Snooping and IGMP are the same in that they are both used for managing and

controlling the multicast groups through IGMP messages. However, they differ in that

IGMP runs on the network layer, while IGMP Snooping runs on the link layer. When the

switch receives IGMP packets, IGMP Snooping will parse the information contained in

them and establish and maintain a MAC multicast address table on L2.

When IGMP Snooping is enabled on the ZXR10 5900E, multicast packets are multicast

on L2. When no IGMP Snooping is enabled, multicast packets will be broadcast on L2.

3.1.15 Ipv4 Multicast Route

IP multicast route technology realizes single point-to multipoint fast data transmission in

IP network. IP multicast service can efficiently save network bandwidth, reduce network

load, so it is widely used in resource discovery, multimedia conference, data copy,

real-time data transmission, E-Game and emulation services. Multicast protocol consists

of inner and intra domain protocols, where intra-domain protocol contains MBGP and

MSDP, etc. and inner-domain protocol includes PIM-SM, PIM-DM and DVMRP, etc. the

inner-domain protocol is mainly classified into two categories, one is sparse-mode

multicast routing protocol including PIM-SM, and the other is dense-mode multicast

routing protocol with PIM-DM and DVMRP included. Currently, the most practical

multicast protocol is PIM-SM.



PIM-SM uses multicast sink display join-in mechanism to build sharing spanning tree in

order to distribute multicast data messages. In a certain circumstance, sink can also be

switched over to the shortest path tree. Besides, PIM-SM is independent from unicast

routing protocol, instead of relying on a special unicast routing protocol it uses unicast

routing table to inspect RPF. PIM-SM is more suitable for the network with multicast

members at the end of WAN (Wide Area Network) link; in addition, PIM-SM allows SPT,

so it shortens the latency caused by using sharing tree. In a word, PIM-SM is usually the

optimal multicast routing protocol used in the multicast network.

ZXR10 5900E series can completely support PIM-SM, and provide integrated multicast

solutions.

3.1.16 Ipv6 Multicast Route

IPv6 multicast protocol consists of group member management protocol and multicast

routing protocol. The group member management protocol is used to control the join-in or

leaving or multicast group member. And multicast routing protocol is responsible for

implementing information interaction among routers to build multicast tree.

ZXR10 5900E is capable of initiating IPv4 and IPv6 multicast routing services at the same

time. The following sorts of protocol are followed:

MLD(Multicast Listener Discovery Protocol)

PIM-SM(Protocol Independent Multicast Sparse Mode)

3.1.17 IPv4/IPv6 Route

In the network where ZXR10 5900E is used, user not only requires L2 switching, but also

demands L3 route forwarding service.

ZXR10 5900E series completely supports multiple sorts of unicast routing protocol and

route-based wire-speed forwarding. ZXR10 5900E provides many transition mechanisms

for the conversion from IPv4 network to IPv6 network. In addition to IPv4/IPv6

dual-stacking technology, all kinds of tunnel mechanism are also included.

IPv4 Route

ZXR105900E series supports the following IPv4 unicast routing features:

Support static route. It is configured by administrator manually to simplify network

configuration and enhance network performance. The static route is suitable for

medium-sized network or simple network configuration.

Support IPv4-based dynamic routing protocols including RIP, OSPF, IS-IS and BGP.

It adapts to the change of network topology, upgrades route dynamically, so it is

suitable for large-scale network with complicated networking topology.



Support policy route. It enables data packet to be forwarding as per user’s

designated policies. The policy route in some way realizes traffic engineering, which

enables traffics with different service quality or different features（e.g. voice service

and FTP）follow different paths.

ZXR10 5900E series supports the following IPv6 unicast routing features:

Support IPv6 neighbor discovery protocol. Neighbor discovery protocol realizes the

discovery of router and prefix, address resolution, confirmation of next hop,

relocation, unreachable neighbor inspection and repeat address inspection. It gives

a better support to the mobility of the node.

By supporting ND snooping service, the switch can bind the switch port, VLANID,

host MAC address, and IPV6 address configured by the host together by sensing

NDP protocol interacting between IPv6 gateway router and ipv6 host. Furthermore,

it arranges IPv6 source route inspection and fraud ipv6 address test to avoid

attacks.

Support IPv6 path MTU discovery protocol. It can dynamically discover the

maximum transport unit of the path, so that, it can make sure that the messages

sent by the node will not exceed path MTU value.

Support IPv6 static route.

Support IPv6-baesd dynamic routing protocols, including RIPng, OSPFv3, ISISv6

and BGP4+

IPv4/IPv6 Transition

ZXR10 5900E provides multiple transition mechanisms for the revolution from IP4v

network to IPv6 network. The dual-stacking technology and different sorts of tunnel

technology included are suitable for different scenarios.

Support IPv4/IPv6 dual protocol stackings. Dual-stacking technology can fully

enables the coexistence of IPv6 and IPv4. However, this method asks all devices

in the network support dual stackings mechanism, so it has higher requirements for

rebuilding IPv4 network. For emphasis, dual-stakcing technology is the foundation

of all following tunnel transition mechanisms.

Support manually configured tunnel. The manual tunnel technology is simple and

mature. But it requires high management costs and features poor extensibility, so it

is suitable for connecting two IPv6 subnets.

Support 6to4 tunnel. 6to4 technology uses special IPv6 address prefix to build

tunnel automatically, so that it can implement IPv6 network interconnection. This

mechanism consumes few IPv4 addresses, i.e. one IPv6 subnet only requires 1

public IPv4 address, so it is suitable for the interconnection of multiple IPv4/IPv6



subnets. The only drawback of 6to4 tunnel is that special IPv6 address that is 6to4

address must be used.

Support ISATAP tunnel. It allows the deployment of IPv6 in IPv4 network. By taking

IPv4 network as a NBMA link, it realizes multiple IPv6 host links in one domain.

3.2 Value-Added Service

3.2.1 Cluster Management

Cluster refers to an aggregation formed by a group of switch in a particular broadcasting

domain. This group of switch composes a unified management domain, providing a

public IP address and management interface outside. Also it offers management and

access capability to each member in the cluster.

The management switch responsible for configuring public IP address is called command

switch, and other managed switches are named member switch. Normally, the member

switch does not have public IP addresses, instead it uses DHCP-similar service of the

command switch to distribute private address. The command switch and member switch

compose cluster together (Private Network)

The isolation of broadcasting domain between public network and private network is

proposed to be done on the command switch. Isolating the direct access to the private

address, the command switch provides a management maintenance tunnel outside to

implement integrated cluster management.

The broadcasting domain of one cluster is normally composed by four roles of switch:

command switch, member switch, candidate switch and independent switch.

There’s only one command switch in one cluster. The command switch can collect

equipment topology automatically, and set up cluster. After building the cluster, the

command switch provides a management tunnel for the cluster to manage the member

switch. Before joining in the cluster, the member switch is the candidate switch. And the

switch that does not support cluster management is called the independent switch.

Cluster management networking is as shown in the following Figure:



Figure 3-2 The Networking Topology of Cluster Management

TFTP Server

110.1.1.2

NM

110.1.1.1

Public

networks

Candidate

switch

Member

switch

Member

switch

Member

switch

Member

switchMember

switch

Outside

cluster

Inside

cluster

networks

Inside cluster

ip pool

192.168.1.0/24

Command

switch

100.1.1.10

The rules for the conversion of four-role switches in the cluster are as shown in the

following Figure:



Figure 3-3 The Rules for Switch Role Conversion

Command swtich

Candidate switch

Member switch

Independent

switch

Destined for command switch

Destined for candidaate

switch(no member)

Destined for independent switch

Join cluter

Delete from cluster

Destined forcandidate switch

Destined for independent

switch(no member)

Destined for command switch

Destined for independent switch

3.2.2 ESRP Ring Protection

ESRP (Ethernet Smart Ring Protocol) is based on ITU G.8032 protocol. ESRP detects

whether the ring is connected and guarantees there is only one logically connected path

between any two nodes on the ring. It re-sets port state as blocked or forwarding based

on ring changes (connected -> broken, broken -> connected) to quickly switch the logic

path.

ESRP is suitable for multiple rings and multiple domains. Multiple rings are referred to in

terms of network topology layers. Each layer is a ring. There are two access points on

lower layer access ring to connect with higher layer access ring. The network topology is

considered as an individual ring. A ring tangent with it is not a part of it but a part of

another. The ring on the higher layer is called the main ring. Others are access rings.

Multiple domains indicate there are multiple protecting instances on one ring which are

suitable for different service VLAN. They have different logic paths and are independent

from each other.

3.2.3 ZESS ZTE Ethernet Smart Switch

ZESS (ZTE Ethernet Smart Switch) describes a cost-effective link switchover mechanism.

It enables the services to be switched over to backup link rapidly when the active link

breaks down, so that normal service transmission can be guaranteed.



As the following figure shows, node 1 supports ZESS service. Port 1 is the master port

and port 2 is the standby port. When node 1 inspects that both the master and standby

ports are in UP mode, it will disable the service VLAN protection forwarding service of the

standby port; when node 1 finds the master port is Down, it will block VLAN forwarding

service of the master port, and enable VLAN forwarding service of the standby port; when

node 1 inspects that the master port resumes to UP mode, the inverted and uninverted

modes can be chosen. In inverted mode, the master port is opened and the standby port

is blocked again. In uninverted mode, the master port keeps blocked mode, and the

standby port is open. In addition, when ZESS takes action, FDB of the blocked port

should be updated.

Figure 3-4 The networking topology of ZESS

Upper

network

Node 1

Node 2 Node 3

Master port Slave port

3.2.4 Security Feature

ZXR10 5900E provides users with rich security features, providing multi-dimensional

protection in control layer, data layer, and management layer of the device. On data layer,

the device provides address change scanning attack prevention, broadcast multicast

packet rate restriction, port security protection, MAC address table and ARP binding,

DHCP Snooping, IDS association etc. The control layer provides multiple layers of CPU

packet receiving, interface address conflict detection, network topology change attack

prevention, BPDU protection and root bridge protection, and routing protocol encryption

anti-attack protection. Management layer provides hierarchical user management, user

password encryption, and SSH.



3.2.5 TR101 Feature

TR101 issued by Broadband Forum (the original DSL Forum) in April 2006 is a technical

demand report satisfying broadband access network. In terms of TR-025 and TR-059

architectures, TR101 proposes a way to enable ATM aggregation network to access

Ethernet aggregation network, also it raises an Ethernet-based topology model that

meets the requirements of TR-058 operation. And it gives the specific requirements of

BRAS devices in access aggregation network, the migration, interconnection, QoS,

multicast, security and OAM of all AN nodes.

All mainstream carriers in Europe ask their access and aggregation switches to satisfy

TR101. ZTE follows this demand and tries its best to make the product more satisfied to

TR101. In doing so, ZTE focuses on:

Supporting MFF and making sure the isolation of users

For Pvlan, MFF not only realizes L2 isolation, but also makes sure more secure

message processing and forwarding as it saves user’s basic information. At the

same time, the gateway router controls the communications of all users in the same

network segment of L2, which further enhances network security. Centralized

management can be realized.

In addition to give support to DHCP 的 option82, it can also inspect the messages

that DHCP server returns to customers. And the messages are forwarding as per

port accurately, which prevents other people from getting customer’s individual

information;

Supporting IGMP topology discovery. IGMP module when encounters topology

change can actively send inspection information to accelerate multicast congestion

Adding IGMP statistical information.

3.2.6 MPLS VPN

Inheriting the advantages of traditional L2 VPN solution, MPLS L2 solution does not

implement any routing switching between PE and CE. Instead, it provides completely

independent operator network and VPN user network. The operator network only offers

customer L2 network services, and the customer network is on the stacking network. So

for customer, the operator only simply provides L2 connection. MPLS L2 VPN transparent

L2 transmission mechanism simplifies operator network architecture and configuration

management. At the same time, it gives full support to multi-service operation, therefore,

besides traditional IP service, operator also provides customers with IPv4, IPv6, IPX,

DECNet, OSI, SNA services, and some traditional circuit-based emulation, for example

TDM and ATM.

ZXR10 5900E supports MPLS L2 VPN service based upon the following connection

ways:



Point-to-Point Connection

Point-to-Point connection can conveniently provide major private line services for

VPN. It enables multiple technologies in the existing network to be used to connect

users. Keeping connections between the user and the operator, services after

encapsulation are transferred in operator’s IP backbone network.

Point-to-Multi-Point Connection

For large customer VPN service, it requires a large number of user sites and access

points, so operator should provide point-to-multi-point VPN service. ZXR10 5900E

supports VPLS (Virtual Private LAN Service) which is capable of building multiple

sites to connect VPN in single bridging domain of operator managed IP/MPLS

network. This method provides convenient MPLS L2 VPN solution.

3.2.7 LDP FRR

LDP FRR is MPLS-related reliability technology. It makes use of LDP (Label Distribution

Protocol) to dispatch active/standby labels for route. With standby label, swift response

can be given to the change of route, i.e. services can be switched over to the standby

label to accomplish 50ms network switchover protection. With FRR service on LSP,

services can be switched over to the backup link when one link or node on the protected

LSP breaks down. LDP FRR is a kind of temporary protection, so when the protected link

is resumed, the traffic will go back the original LSP.

3.2.8 Support External Alarm Input and Output

ZXR10 5900E as shown in figure 5 totally supports 3-line alarm input and 5-line control

output

Figure 3-5 Alarm Interface



Blue indicates alarm input and red means control output. As figure 6 shows, if the power

supply device connecting to alarm interface of the switch has some problems, the switch

will get signal sent by the alarm input mechanism to show level switch, and then the

switch will take some actions. For example, it can send warnings to upper monitoring

server via network management interface, also it can control and reset the power supply

device via control input mechanism.

3.2.9 VCT Technology

VCT (Virtual Cable Test) is a cable fault testing function based on hardware. It uses TDR

(Time Domain Reflector) to implement cable diagnosis. It can provide cable error state

such as open circuit, short circuit, un-matching impedance, normal cable etc. It can

provide cable fault point distance.

3.2.10 SFP DOM

DOM (Digital Optical Monitoring) is a part of optical module. The optical module

supporting DOM service can get temperature, voltage, current and the power

consumption in processing traffic. In addition, each optical module is set with some

threshold in operation (including alarm threshold and warning threshold). After initiating

DOM service, the operating status can be polled via 12C bus of the optical module, and

compare the status with the preset threshold. When the value exceeds the threshold,

syslog and SNMP trap modes can be used to send warnings.

3.2.11 SFlow

With the increasing development of network services in commercial environment, the

existing network becomes bigger and bigger. As there are more and more devices and

traffics in the network, the cost in carrying out network maintenance is higher and higher.

So how to manage network equipment efficiently and how to implement real-time traffic

monitoring and analysis have become more and more important to carriers. Currently,

vendors provide multiple network traffic monitoring technologies respectively. But most of

these traffic monitoring technologies are private or build based upon hardware. sFlow

currently is the standard traffic monitoring technology listed by IETF, it requires simpler

hardware, less resource and more universal technology, as a result, it has been

implemented by many vendors.

sFlow services are mainly composed by three parts: sFlow message sampling unit, sFlow

proxy unit, and sFlow analyzer. Usually, the sampling and proxy units of sFlow are

integrated in network device, and sFlow analyzer is built at the exterior of the system,

analyzing multiple sFlow proxy messages in the network. The entire system is basically

as shown in the following Figure:



Figure 3-6 Basic Architecture of sFlow

Analysis

Measurements

sFlow Agents

sFlow Analyzer

Traffic

Data

Analysis

Measurements

sFlow Agents

sFlow Analyzer

Traffic

Data

sFlow sampling unit is the basic part of sFlow mechanism. It samples messages over the

network interface that supports sFlow, and then it will send the messages to sFlow proxy

unit for processing. sFlow Collector implements sFlow management, monitoring,

collection and analysis. It is responsible for saving and analyzing messages from all

sFlow Agent. Then it will give analysis report on traffic and service.

3.2.12 ACL

To filter data, a series of matching rules need to be configured for network device to

identify the objects needs filtering. When particular object is identified, corresponding

data packets are permitted or prohibited based on the pre-set policy. ACL (Access

Control List) can implement all these functions.

Usually ACL is adopted to implement data packets filtering, policy routing and special

traffic control. One ACL contains one or multiple rules for special types of data packets.

The rules inform switch whether to permit or reject data packets that match the selecting

standards specified in the rules.

As the data matching rule defined by ACL can also be used by applications where traffic

should be classified, for example to define traffic classification rule in QoS



ZXR10 5900E provides the following four types of ACL and support two IPv6ACL types:

Basic ACL: only match source IP address.

Extension ACL: match source IP address, destination IP address, IP protocol type,

TCP source port number, TCP destination port number, UDP source port number,

UDP destination port number, ICMP type, ICMP Code, DSCP(DiffServ Code Point) ,

ToS and Precedence.

L2 ACL: match source MAC address, destination MAC address, source VLAN ID,

L2 Ethernet protocol type, 802.1p precedence.

Hybrid ACL: match source MAC address, destination MAC address, source VLAN

ID, source IP address, destination IP address, TCP source port number, TCP

destination port number, UDP source port number, UDP destination port number,

including all matching fields of the three types mentioned above.

Basic IPv6ACL: only match IP address of IPv6 source.

Extension IPv6ACL: Filter IPv6 source and destination addresses.

Each ACL has a visit number for identification. The range of this number of different

types of ACL is different:

Basic ACL：1~99

Extension ACL：100~199

L2 ACL：200~299

Hybrid ACL：300~349

Basic IPv6ACL：2000~2499

Extension IPv6ACL：2500~2999

Each ACL rule has 100 pieces at most, and the rule number ranges from 1 to 100.

3.2.13 QoS

Due to the increasing growth of multiple services (data, voice, video) and their different

requirements for service real-time capability (latency, jitter and packet loss rate) and

sensitivity of service reliability, nowadays networks are demanded to be able to

differentiate services, ensure user’s service quality according to SLA, realize QoS

guarantee in all implementation models, provide end-to-end service quality, make the

network appreciable and service manageable, realize service precise operation and

finally improve user’s service experience.



3.2.13.1 Basic QoS Feature

ZXR10 5900E support rich QoS features where Diffserv model known for its simple

configuration, superior flexibility and high extensibility wins the most extensive use.

ZXR10 5900E have the following Diffserv QoS features:

Traffic Classification and Marking. Service messages are divided into multiple

priorities or categories on the basis of service classification policy (including VLAN,

802.1P, DSCP, MAC address, IP address, TCP/UDP port number, and DSCP info.),

then these categories will be marked by ToS or DSCP fields of Ethernet message

CoS or IP head, or EXP field of MPLS. In this way, category-based traffic

scheduling, congestion management and traffic shaping can be implemented.

Different QoS mechanisms can be used on different types of service.

Traffic Policing. It is particularly used to restrict one stream or abrupt traffic which is

going to access one network. After setting a reasonable limit to the traffic, it will then

police or punish the exceeding part of the message, for example, discard the

message, color the message or reset the priority of the message. In this way, it

protects network resource and operators greatly at the same time.

Following srTCM (Single Rate Three Color Marker) and trTCM (Two Rate Three Color

Marker) algorithms introduced by IETF, ZXR10 5900E use two token buckets to evaluate

the arrived messages. Compare messages according to CIR/PIR mode of token bucket

in Color-Blind mode and Color-Aware mode, and color the part exceeding PIR red, the

one exceeding CIR but under PIR yellow, and the one under CIR green. Hence, queue

scheduling and congestion management can be done in terms of message colors.

Furthermore, the selection of MPLS tunnel path and hierarchical QoS scheduling can

also be implemented according to message colors. In this way, service precise operation

and management are realized. ZXR10 5900E support CIR/PIR service based upon port

and flow, and they can be used in both incoming and outgoing directions.

Figure 3-7 Traffic Policing with CIR/PIR

Traffic Shaping. It is designed particularly to restrict one stream or abrupt traffic and

make these messages sent out in evenly. Traffic shaping is normally done by cache



and token bucket. When the message is sent in high speed, it will be saved in cache

and then sent out evenly in the control of token bucket. Different from traffic policing,

traffic shaping caches messages that do not match traffic feature, which prevents

messages from being discarded and satisfies message traffic feature at the same

time.

Queue Scheduling. For network unit, when the incoming speed of the packet is

faster than their outgoing speed, congestion will happen at egress. When it occurs,

firstly some messages will be discarded if there’s not enough cache space. Also a

resource scheduling mechanism should be made to enable messages to cache in

the queue according to some policies. And then these messages will be taken out

from the queue and forwarded as per some scheduling policies. Congestion

management of the queue is very meaningful to bandwidth distribution, latency and

jitter. ZXR10 5900E support PQ (Priority Queuing), Weighted Fair Queuing (WFQ)

and PQ+WFQ queue scheduling methods.

Congestion Avoidance. Network equipment cache is limited, so queue scheduling

which is one congestion management mechanism carried out in terms of different

policies is also based upon the capability of the cache. It makes sure services of

different queues and different priorities can be scheduled according to certain

policies. When too many services are congested, and the queue length has reached

its threshold, all new arrivals will be discarded. This discarding mechanism may

cause TCP entire synchronization where messages of multiple TCP connection

queues will decrease at the same time, so that TCP connections start congestion

avoidance and slow start status to adjust traffic. What is worse, traffic peak will pear

at the same time making the network traffic fluctuate between insufficient and

saturation, which badly influence user’s service experience.

To improve network quality, ZXR10 5900E adopts WRED to avoid congestion. ZXR10

5900E WRED can be aware of services, set policies for discarding messages of different

priorities, so that different messages can have different discarding policies.

3.2.13.2 Ethernet QoS

Because of the dramatic development of Metro Ethernet Service, there are more and

more Ethernet services in the network. ZXR10 5900E can process service scheduling

and congestion management as per the priority of VLAN frame. It can map IP message

priority or EXP priority of MPLS message to VLAN priority of Ethernet message to realize

integrated service scheduling. In QinQ mode, inner user VLAN priority can be mapped to

outer operator’s VLAN priority automatically, or outer VLAN priority can be modified

according to user’s service. This realizes integrated and manageable services from user

service to operator service tunnel.

Traditional Ethernet service is actually VLAN priority guarantee service based upon

Ethernet message. Normally there are 8 corresponding service types, and these services

can not be colored, so that, Ethernet service can not color services according to CIR/PIR

service marks to provide more differentiated service quality. In order to enhance Ethernet



service quality control and realize 5P3D model based upon VLAN service, ZXR10 5900E

classifies services according to 802.1P DE(Drop Eligible) which makes user services into

5 levels and 3 discarding priorities to color services.

Figure 3-8 5P3D Model based upon Ethernet Service

3.2.13.3 MPLS QoS

As DiffServe features sound flexibility and extensibility in deployment, it usually uses

DiffServe model to implement QoS in MPLs networking solution. ZXR10 5900E support

DiffServe-based MPLS QoS. Traditional IP QoS determines service level and realizes

differentiated service according to IP priority or DSCP, instead, MPLS QoS uses EXP

value to distinguish different services and implement the priority mapping among MPLS

EXP, IP and Ethernet to realize differentiated services and guarantee the quality of voice,

and video services. On MPLS Ingress PE node, message IP priority or VLAN priority is

mapped or replicated to label CoS domain. The mapping consists of Uniform and

Pipe/Short pipe modes. Or EXP value can be redefined according to service protocol,

and execute traffic policing, traffic shaping and traffic scheduling over the classified traffic.

In MPLS backbone network, distinguish service level according CoS field of MPLS label

to make sure service quality of the backbone network. On MPLS Egress node (including

the last but one node), redeploy the priority of IP or Ethernet service as per Uniform, Pipe,

and Short Pipe model, End-to-end QoS is provided based upon DiffServe model.

Figure 3-9 end to end MPLS QoS



3.2.13.4 HQoS

Due to the increasing growth of network user and service in the market, both user and

operator prefer to have differentiated services to realize precise operation management

based upon user service, improve user service experience, get better services and more

profits. HQoS can provide high-quality service and user with precise service quality,

reduce construction costs in accessing network equipment, simplify entire network

operation costs, enhance entire network service quality and finally brings operator

differentiated competition. It is largely required by user and market.

HQoS realizes more precise scheduling by classification. It provides more reliable service

support for users to implement multiple services. The abstract architecture of HQoS is as

shown in the following Figure:

Figure 3-10 Abstract architecture of HQoS

Hierarchical QoS of ZXR10 5900E mainly has the following features:

Support 2-tier hierarchical QoS to satisfy real network deployment

Each scheduling node should support multiple scheduling algorithms including SP

and WFQ to provide service mechanisms according to different scheduling policies.

Support complete traffic policing and traffic control. Support multiple traffic policing

algorithms. Support CIR and PIR configurations.

Support congestion avoidance. To ensure normal operation of all services, it

supports RED and WRED congestion avoidance algorithm, so that messages can

be discarded optionally according to message discarding priority. It improves user’s

service quality greatly.



3.2.14 Port Mirroring

Port mirroring is actually to replicate services with matched ACL rule to CPU or

designated port for message analysis and monitoring. Normally it is used for network

failure diagnosis.

3.2.15 Traffic Statistics

Traffic statistics service is used to calculate service packets, so that real network status

can be known for further reasonable network resource distribution. Traffic statistics

mainly refers to the number of the packet ingress port receives.

3.2.16 NTP

NTP (Network Time Protocol) is a time synchronous protocol used between different

network members. Its transport is based upon UDP. The devices implementing NTP

adjust system clocks automatically by exchanging NTP messages. In this way, they keep

their clock the same. ZXR10 5900E can be deployed as NTP Client in real network

application.

3.2.17 RADIUS

RADIUS（Remote Authentication Dial In User Service） is a standard AAA(Authorization,

Authentication, Accounting) protocol. For router, AAA can authenticate users accessing

routing switch to prevent illegal users from accessing. At the same time, services like

DOT1X also needs to use RADIUS for authentication and accounting.

Currently, ZXR10 5900E supports RADIUS authentication service. It can provide

accessed routing switch with Telnet user authentication.

ZXR10 5900E supports multiple RADIUS server groups. Each RADIUS is allowed to

configure 3 authentication servers. Each group can set the time for setting server and the

time for resetting. The administrator is capable of configuring different RADIUS group to

choose specific RADIUS server.

3.2.18 SNMP

The SNMP subsystem implements the SNMP AGENT function, and supports all the

protocol operations of the SNMP agent specified in SNMP V1 /V2c/V3.

The protocol operations of SNMPv1 are:

get-request

get-next-request



get-response

set-request

trap

The protocol operations of SNMPv2 are:

get-request

get-next-request

get-bulk-request response

set-request

inform-request

snmpV2-trap

The Management Information Library (MIB) is described by using SMIv1 and SMIv2. The

MIB consists of the following parts:

Management objects supported by the core router

Management objects of the routing protocol

Management objects of the network management protocol

Management objects of the TCP/IP support protocol

Management objects of the high-speed network interface

Management objects of important data and configuration parameters

Management objects compatible with SMIv1

System configuration parameters

3.2.19 RMON

We can use RMON (Remote Monitoring) to keep an eye on remote services. By using

RMON, data collection and processing are done by a remote inspector, i.e. routing switch

system. The routing switch at the same time contains a RMON proxy software handling

communication by SNMP and network management. Usually, information only goes from

routing switch to network management system when special requirements are raised.



3.2.20 DOT1X Authentication

802.1X is Client/Server-based access control and authentication protocol. It connects to

user equipment at system port via authentication to make sure if this user is authorized to

access system service via this port. This method prevents unauthorized data processing

between user and service provided by the system. In the beginning, 802.1X access

control only allows EAPOL frame to pass the access connecting with user equipment.

Other data can access this port after authentication.

802.1X connects the authentication system to LAN and generates two logical ports:

controlled port and uncontrolled port. The uncontrolled port which is free from the

authorization status of the port can exchange PDU with other system. However, the

controlled port can only switch PDU with other systems when it is authorization. PAE is

the entity of algorithms and protocols related to operation and authentication. The

requesting PAE respond to the requests from authentication PAE, so that it can provide

authentication information. The authentication PAE is responsible for the communication

with requesting PAE, and it also delivers the information coming from requesting PAE to

authentication server. Then after verifying this information, the authentication server

confirms if the requester will be authorized to access authenticator’s service. The

authenticating PAE relies on the authentication result to control the authorization of

controlled port and the status of the uncontrolled port. The authenticating PAE enables

the uncontrolled port and EAPOL exchange protocol with requesting PAE, and EAPOR

communicates with RADIUS authentication server.

ZXR10 5900E series products mainly support the following 802.1X services:

Support all services of authenticator

Support local authentication

Support authenticating PAE to exchange protocol via uncontrolled port and EAPOL

Support AuthControlledPortControl parameter ForceUnauthorized, Auto,

ForceAuthorized to operate the controlled port

Support both AdminControlledDirectionsand OperControlledDirextions to operate

the controlled port

Support requestor’s regular reauthentication by reauthentication timer

Without authentication, it supports the transparent transmission of 802.1x

authentication packet

3.2.21 IPTV

IPTV is also name interactive network TV which is introduced by operator on the basis of

broadband. By using IP broadband network, it integrates Internet, multimedia and

communication technologies, providing users with many interactive services, e.g. live TV



program, on-demand video service and network surfer service. So user can take

advantage of these services by PC or “IP set-top box + TV”.

As one of the key technologies of ZTE IPTV system architecture, controllable multicast

mainly implements at broadband access network side. The device implementing

multicast controlling policy (BRAS, DSLAM or switch) is called multicast controlling point,

which works as the terminating point of user multicast IGMP request and determines

whether to duplicate multicast stream to user port based on corresponding IGMP request

and control policy. The multicast controlling point near user saves more network

bandwidth. As the key device implementing multicast controlling policy, multicast

controlling point supports the following features: IGMP V1/V2, IGMP Snooping, IGMP

Filter, IGMP Proxy, IGMP Fast leave, MVR (Multicast VLAN Register), SGR (Static Group

Register), UGAC (User Group Access Control), UGAR (User Group Access Record) etc.

Multicast on demand authority of user can be controlled by rule and channel binding.

3.2.22 VBAS

VBAS is the short form for Virtual Broadband Access Server. It is a kind of query protocol

expanded between IP-DSLAM and BRAS device. Point-to-point communication is used

between BRAS and IP-DSLAM, i.e. port information query and respinding message can

be encapsulated in L2 Ethernet data frame.

The implementation principle is that L2 point-to-point communication between BRAS and

IP-DSLAM. That is to say, port information query and responding packets are directly

encapsulated in L2 Ethernet data frame. Configure DSLAM corresponding to VLAN on

BAS. Initiate VBAS during PPPoE calling process. That is to say, mapping user band

VLAN to corresponding DSLAM. BAS actively initiate user line identity query to DSLAM,

which provides BAS with responding user line identity. The local 59E series switch is

DSLAM device

VBAS protocol is implemented by sending VBAS message between BAS and DSLAM.

3.2.23 ARP

When one network device is sending data to another one, in addition to IP address of the

destination equipment, it should also be clear of the MAC address of the destination

equipment. ARP（Address Resolution Protocol）is made to map IP address to MAC

address to make sure successful communication. When one device is communicating

with an unknown device in the network, the MAC address of the unknown device will be

get firstly via ARP. The specific procedures are:

The source equipment broadcasts ARP requests with destination device’s IP address,

and all devices in the network will receive this ARP request. If one device realizes that the

request is based upon its own IP address, it will then record sender’s ARP information

and send ARP response containing its MAC address to source device. In this way, the

source device gets the MAC address of the destination device via this ARP response.



In order to reduce ARP packet in the network and accelerate data delivery, IP address

and MAC address mapping is cached in the local ARP table. When equipment is going to

send data, it will firstly check ARP table according to IP address. If the MAC address of

the destination equipment is found in the ARP table, there is no need to send ARP

request any more. At the same time, due to the limited space in switch ARP table and the

frequent changes of network equipment, the switch should renew ARP table on time

(Delete the old items and add in new ones). The dynamic items in ARP table can be

deleted automatically, and this course is called ARP aging.

To make the network safer, ZXR10 5900E is able to change the learnt dynamic ARP to

static ARP, manual static ARP and eternal ARP table item. Both static ARP and eternal

ARP table item do not experience ARP aging. The eternal ARP still exist after reinitiating

the switch, however the static ARP will disappear. To prevent from ARP attack, ZXR10

5900E supports ARP protection service, restricting the number of the ARP the switch or

other L3 interfaces learn.

3.2.24 DHCPv4

The DHCP manages the IP address and other related configuration information used on

the network, to reduce the complexity in managing the address configuration. When the

DHCP service is used on the network, the client and server must be in the same

broadcast domain. If a network is built in this way, the ZXR10 5900E must provide the

DHCP SERVER function. In another application, the DHCP server and the users are not

in the same broadcast domain. The client obtains its address through transit via the

ZXR10 5900E. This is what referred to as DHCP relay technically.

The ZXR10 5900E implement the built-in DHCP SERVER function through the DHCP

protocol, to enable the dynamic address allocation and management of the DHCP

CLIENT, and at the same time provide the user management module on the destination

equipment system with the appropriate service management interface for the DHCP

CLIENT. They implement transparent interaction between the DHCP CLIENT and DHCP

SERVER through the DHCP RELAY AGENT expansion option of the DHCP protocol, to

enable the dynamic address allocation and management of the DHCP CLIENT, and at

the same time provide the service management module on the destination equipment

system with the appropriate service management interface for the DHCP CLIENT.

ZXR10 5900E series support DHCP Client and automatic download of default

configuration file via DHCP option field. Without any extra configuration, the device can

get IP address, Gateway IP address, and host configuration information, etc. after

receiving discovery message, DHCP server will find corresponding preserved IP address

as per MAC address, and send other information for example host name, TFTP IP

address, Configuration file name to DHCP client via DHCP option at the same time. Then

DGCP client will download configuration file from TFTP server via this information, and

then initiate new configuration file with DHCP protocol acting to download configuration

file at the same time.



3.2.25 DHCPv6

DHCPv6 (Dynamic Host Configuration Protocol for IPv6,) is designed particularly for IPv6

addressing solution. It is used to allocate IPv6 prefixes, IPv6 addresses and other

network configuration parameters to hosts.

ZXR10 5900E realizes the DHCPv6 fservices, so that it can provide address

configuration with clear status display for IPv6 host. It also supports DHCPv6 snooping

and DHCPv6 relay.

With the DHCPv6 snooping capability, ZXR10 5900E supports trust port. It forwards the

DHCP packet received by the trust port. The packet from by trusted ports will be checked.

So that, the illegal one can be discarded. This method can .avoid private server.

DHCPv6 relay realizes the server and the Client which do not belong to the same link can

forward messages. This method prevents DHCPv6 server from being deployed in every

link, which on one hand saves costs, on the other hand gives conveniences to integrated

management.

3.2.26 LLDP

LLDP（Link Layer Discovery Protocol）is a new protocol defined in 802.1ab, which

enables adjacent devices to send messages to each other, thus updates physical

topology information and establishes device management information base. LLDP

working process is as follows:

1. Sends link and management information of local device to the adjacent device;

2. Local device receives network management information from adjacent device;

3. Store the network management information of adjacent device in MIB base of local

device. Network management software can query L2 connection in MIB base.

LLDP doesn’t work as configuration protocol for remote system, nor signaling control

protocol between ports. LLDP can discover inconsistency in configuration of L2 protocol

for adjacent devices, but it only reports the problem to the upper level management

device without providing mechanism to solve the problem.

To be simple, LLDP is a kind of neighbor discovery protocol. It defines criteria for network

devices in Ethernet such as switch, router and wireless LAN access points to enable

them to announce their existence to other nodes in the network and to store the discovery

information of each adjacent device. For example, the information of device configuration

and device identification can be declared by this protocol.

LLDP defines a universal announcement information set, a protocol that transmits the

announcement, and a method to store the received announcement information. The

device that announces its own information can put multiple announcements in one



LLDPDU (Link Layer Discovery Protocol Data Unit) to transmit them. The LLDPDU

contains a series of short message unit with variable length, which is called

type-length-value (TLV) with the description as follows:

Type indicates the type of the information needs to be sent

Length indicates the bytes of the information

Value indicates the actual information needs to be sent

Each LLDPDU contains four compulsory TLV and one optional TLV:

Device ID TLV

Port ID TLV

TTL TLV

Optional TLV

LLDPDU end TLV

Device ID and port ID are used to identify the sender

TTL TLV notifies the receiver of the reservation period of all the information. If no update

is received from the sender in this period, all related information will be dropped by the

receiver. IEEE has defined a suggested update frequency of one transmission per 30

seconds.

Optional TLV contains basic management TVL set (such as port description TVL), special

TLV set organized by IEEE 802.1 and special TLV set organized by IEEE 802.3.

LLDPDU end TLV indicates the end of LLDPDU.

3.2.27 UDLD

UDLD is a L2 logic link detection protocol which can detect logic connection of Ethernet

link and verify physical connection. Different from physical connection detection, UDLD

detects based on neighbors. L1 devices are transparent to UDLD.

Firstly UDLD needs to establish neighbor relationships. When an Ethernet interface with

status of UP launches UDLD, the interface sends neighbor joining Hello message to its

adjacent device. The interface launching UDLD of the adjacent device sends back an

Echo message. Receiving an Echo message indicates that the device considers the two

devices are interconnected. It establishes neighbor relationship with the peer-end and

also sends an Echo message. Receiving this Echo message by the peer-end, neighbor

relationship on the two devices are both established.



After establishing neighbor relationship, they send Hello messages regularly to check

whether the link works well. The device updates the buffered neighbor information stored

at local and reset time for neighbor timeout. If no Hello detecting message is received

until neighbor aging time, the link is considered as abnormal. Corresponding processing

will be taken based on different work mode.

There are two work modes for UDLD: common mode and aggressive mode. In common

mode, an interface is Down only when protocol packets are received confirming link

single pass. No processing will be taken at the interface if no corresponding packets are

received or link single pass cannot be affirmed. In aggressive mode, the interface is

Down as long as two-way expedite link cannot be guaranteed. The common place of

these two modes is that alarm will be printed as long as normal link status cannot be

affirmed.

Generally speaking, UDLD makes interface Down in the following situations:

In common mode, sends Hello neighbor joining message, and receives Echo

message which indicates the neighbor of the peer-end is not itself.

In aggressive mode, sends Hello neighbor joining message, and receives Echo

message which indicates the neighbor of the peer-end is not itself.

In aggressive mode, receives Hello neighbor joining message, and sends Echo

message; but no Echo message from the peer-end is received.

In aggressive mode, all neighbors at the interface exceed the aging period, and no

Hello detection message is received.

When the interface is Down or other accidents occurs that leads to failure of the interface,

the device needs to send a flush message to notify the adjacent L2 device to delete the

information of it.

Initiate UDLD: if the Echo message received indicates that the neighbor of the peer-end

is not itself; it’s a false connection of interface. UDLD shut down the interface whatever

the mode is as shown iin the following Figure:



Figure 3-11 False connection of interface

Device A

PORT

TX RX

PORT

TX RX

Device B

PORT

TX RX

PORT

TX RX

Figure 3-12 Interface down

Device A

PORT

TX RX

PORT

TX RX

Device B

PORT

TX RX

PORT

TX RX

PORT

TX RX

PORT

TX RX

Aging time is the protocol packet sending interval (15 seconds by default) ×3. Shut

down the interface if no packet is received within aging time if aggressive mode is

configured.

3.2.28 Stacking Service

ZXR10 5900E supports SES stacking service. Stacking is actually a management domain

composed by some Ethernet switches interconnecting with each other via stacking port.



This management domain consists of an active switch and several standby switches.

Usually daisy chain is used as shown in the following Figure:

Figure 3-13 stacking framework

The switches connect with each other via stacking ports and special protocols are used

among devices to control topology discovery, calculation, election and route

maintenance.

Stacking benefits users in the following ways:

1. Sound management. Stacking can realize unified management of multiple devices.

One link and one IP address enable sound management of the entire system. Also it

can reduce management costs;

2. Superior extensibility. Stacking enables user’s on-demand purchase and smooth

extension of network capacity. As a result, in the course of network upgrading, it can

give user’s investment maximum protection;

3. High redundant backup. High reliability with N+1 backup avoids single-point failure

and reduces service breakdown.

4. Compared with single cassette switch, the system can implement the following

characteristic services:

5. Distributed management: for management, all devices have one unit. The

administrator can manage the device via WEB, telnet, console, and SNMP. Different

equipment is similar to different slots of chassis.



6. Distributed forwarding: message forwarding and search can be done locally. So,

when one equipment breaks down, other equipment can still work normally, which

makes the system more redundant.

7. Distributed link aggregation: support cross-equipment link aggregation, so that link

backup and load sharing can be implemented among equipment.

3.2.29 VRRP

Normally the host in one broadcasting domain will be set with a default gateway working

as the next hop of routing packet. When this default gateway can not work normally, the

host in this broadcasting domain can not communicate with the hosts in other networks

any more. To avoid this sort of single-point failure, multiple router interfaces can be set in

one broadcasting domain and implement VRRP on these routers (Virtual Router

Redundancy Protocol).

VRRP put multiple router interfaces belonging to one broadcasting domain into one group

to form a virtual router. It also allocates an IP address to the virtual router as its interface

address. This interface address can either be one router interface address or the third

party’s address. This virtual address will take effect only when it is in the same network

segment as real interface address.

If router interface address is used, this router with this IP address will act as the master

router, and other routers work as the slave ones. If the third party’s address is used,

router with high priority will work as the master router; if two routers have the same

priority, the one with bigger real IP address will be the master router.

Set IP address of the virtual router on the host in this broadcasting domain as network

gateway. When the master router breaks down, the slave router with the highest priority

will replace it and cause none influence to the host. Only if all routers in this VRRP

group work in abnormal condition, the host in this domain can not communicate outside

any more.

We classify these routers into multiple groups and make them backup each other. And

different IP addresses are used by the host in the domain as network gateway to realized

balanced load.

3.2.30 Ethernet OAM

3.2.30.1 802.3ah

IEEE 802.3ah mainly implements link level management, taking monitoring and failure

processing of point-to-point Ethernet link in the network. Sometimes “last mile detection”

is just about this. Link layer OAM is mainly applied for point-to-point direct link detection.



Figure 3-14 Relationship of sub-layers of OAM in ISO/IEC OSI reference model

Figure above is the location of OAM in ISO/IEC OSI reference model. Above OAM is LLC

logic link control or other MAC client layer. Below OAM is MAC layer or optional MAC

control sub-layer. OAM layer is optional. OAM covers the following three functions:

Remote discovery

Remote loopback

Link monitoring

DTE involved in OAM sub-layer supports active/passive mode. When OAM is enabled,

DTE that both modes support should choose active or passive.

Remote discovery

OAM provides a mechanism to check whether remote DTE has OAM sub-layers. If

discovery unsatisfied, OAM client learns that discovery is unsuccessful; and generates

discovery unsuccessful alarm. There may be two reasons for unsuccessful discovery:

one is that the peer-end doesn’t start OAM; the other is link connection failure. During the

process of remote discovery, label domain of OAMPDU message carries urgent link

event (including link failure, urgent failure and emergencies). But the particular failure

definition of link failure, urgent failure and emergencies are relevant to their

implementation. One way to learn about link failure via remote discovery is by OAMPDU

timeout; and the other way is to define some specific urgent link events to let client layer

to learn about link failure from OAMPDU.

DTE that configured with active mode launches the discovery process. Once the

discovery process is completed, when the counterpart entity connecting to remote OAM

is in active mode, active DTE is permitted to send any OAMPDU. DTE that configured

with passive mode doesn’t launch discovery process. It provides feedback of discovery

process launched by remote DTE.

Remote loopback

OAM provides optional data link layer frame-level loopback mode controlled by remote.

OAM remote loopback can be applied for failure location and link performance test. When



remote DTE is in OAM remote loopback mode, the statistic data of local and remote DTE

can be queried and compared at any moment. Query could be implemented before,

during, or after loopback is sent to remote DTE. Besides, OAM sub-layer loopback frame

can be analyzed to get additional information concerned link health (to determine frame

dropping caused by link failure).

If OAM client has sent loopback control OAMPDU, and when it waits the counterpart DTE

to indicate its responding message OAMPDU locating at OAM remote loopback, whether

OAM client implements OAM remote loopback command on peer-end device is

determined by the following process: a) if local DTE source address is larger than that of

the peer-end, enter OAM remote loopback based on peer-end command. b) If local DTE

source address is smaller than that of the peer-end, ignore OAM remote loopback

command of the peer-end and go on working as if nothing is received.

Link monitoring

OAMPDU。Link monitoring is a feature to make statistics of error symbols or error frames

received by physical layer within certain interval. Based on the implementation there is a

counter at driver all along making statistics of error frames, error symbols and total

frames received. The platform reads the information regularly and takes processing

based on these error symbols, error frames and total frames. Corresponding event notice

will be generated as per which kind of event occurred is detected.

There are four types of link events:

Link error symbol period event. Count error symbols generated in particular period,

which is determined by the quantity of symbols received in certain period by the

physical layer.

Error frame event. Count error frames generated in particular period, which

specifies certain interval.

Error frame period event. Count error frames generated in particular period, which is

determined by the quantity of frames received.

Error frame second accumulation event. Count error frame seconds in particular

period, which is determined by the time interval.

3.2.30.2 CFM

Connectivity Fault Management (CFM) can effectively check, separate virtual bridge LAN

and report its connection fault. It is mainly oriented to carrier’s network and also effective

to customer network (C-VLAN) as well.

Main basis of CFM that current switches support: IEEE 802.1ag implementation.



To manage and maintain the network, network administrator plans network service and

network layers by dividing the whole network into multiple Management Domains (MD). A

single domain is shown in the following Figure.

The domain defines a series of ports at edge device and internal device. The gray points

at the edge device are service ports connecting to device outside the domain. They are

defined as Maintenance End Point (MEP). There are also some black ports (including

those at the device inside the domain) which are ports connecting devices inside the

domain. They are defined as Maintenance Intermediate Point (MIP). Domain

management is implemented by the defined MEP and MIP.

Figure 3-15 Maintenance domain

Maintenance Domain

As shown in the following Figure, a network can be divided into user domain, provider

domain and operator domain. Each domain is designated with a level from 0 to 7. The

level for domain determines the inclusion relations. Domain with higher level can contain

domain with lower level; not vice versa. Domains with the same level cannot contain each

other. Thus the domain with the largest coverage has the highest level. Domain inclusive

relations could be tangent (internally or externally) and inclusive, but not intersecting.

Connection Fault Management (CFM) can effectively check, separate virtual bridge LAN

and report its connection fault. It is mainly oriented to carrier’s network and also effective

to customer network (C-VLAN) as well.

Configure multiple embedded Maintenance Domains (MD) via one bridge network

or a network containing a bridge network.

Configure a Maintenance Association (MA) identified by an individual MD in any

given bridge and a group of VLAN.



Format of protocol, process and CFM protocol packet used to detect and separate

connection fault report.

Capacity of Maintenance Point (MP) configuration and management in MA. MP is

used to generate corresponding CFM packets.

Command MPs implements affirmed fault separation and inspect result.

Figure 3-16 Ethernet Maintenance Domain Inclusive Relations

CE

CE

CE CE

CE

CE

CE

PEPE

PEPE

Operator

Domain

Provider

Domain

Customer

Domain

Scenario A:

Touching Domains OkScenario B:

Intersecting Domains Not

AllowedScenario C:

Nested Domains Ok

Path Discovery: MEP discovers with LTM/LTR message by tracking a MEP to another

MEP, or the path went through between MIP.

Fault Detection: MEP checks the network connection by CCM message that sent and

received regularly. Connection failure and NonWill connection (connected by mistake).

Fault acknowledgement and isolation: it’s a kind of behavior of management. The

administrator acknowledges fault by LBM/LBR and implements certain isolation.

Fault notification: when there is connection fault in MEP direction, corresponding report

message will be sent to designated management system (such as NMS and TRAP).

Network status detection: Learn about network connection or network delay and jitter by

checking packets from MEP to MEP with time stamps or sending and receiving of packets

with counter.



MP is the smallest entity on management layer to implement functions, including MEP

and MIP. Comparatively, MEP implements more complicated functions than MIP does. It’s

also more complicated to manage configuration than MIP. It can be said that CFM

functions are implemented by MEP, which can send, receive and process any messages

mentioned above. While MIP can only process LTM and LBM message; and send LTR

and LBR message as well.

3.2.31 Multi-VRP CE

MVCE provides a kind of function similar to hierarchical PE, which transfer part of PE

functions to CE. But MVCE doesn’t need to support MPLS, thus it has low requirements

on access and aggregation equipment. The corresponding device should not be called as

hierarchical PE. The corresponding device to MVCE is still CE.

User data flows are terminated at CE, which avoids bad impact of broadcast traffic on PE.

Complete isolation of different service transmission is implemented at CE, which solves

traditional LAN security problem with low cost. User isolation and security guarantee that

need to be implemented by PE are currently implemented by CE, which conforms to the

development trend of marginalized network security and current requirements of carrier

on bearer network.

A comparison between MVCE and hierarchical PE:

Interfaces between two layers are at least as much as VPN quantity;

The upper layer PE needs to reconfigure VRF that is already configured on MVCE;

Run a IGP/BGP counterpart or configure static routing for each VPN;

Lower layer device doesn’t support MPLS.

MVCE requires the device to support VPN access with IP address overlapping. With the

development of technology, MVCE can be implemented on medium-end switch.

Configure multiple VRF on MVCE corresponding to multiple VPN sites. Each VFR needs

an uplink interface to connect to PE. Configure the same VRF at the corresponding

interface on PE.

Since MVCE doesn’t need to support MPLS, there are still ordinary data packets between

MVCE and PE instead of MPLS labels. Differently, there is a layer of MPLS labels

between hierarchical PE. Thus VPN traffic can only be differentiated by interface on PE,

which means PE shall has exactly the same VPN interfaces as much as the VPN MVCE

supports.(which is the same as ordinary PE supports L3 VPN configuration.)

A CE with MVCE features actually simulates multiple CE. Each virtual CE is separated

from each other and is able to be accessed to multiple VPN users. PE won’t perceive

whether it is multiple CE or one MVCE. Thus PE doesn’t need any expansion.



If dynamic routing protocol is run between MVCE and PE, the routing protocol needs to

support multiple instances. PE and MVCE exchange routing information via standard

EBGP, OSPF, RIP or static route.

Static route and RIP are both standard protocols. But each VRF runs different instances

without interference to each other. If static route is configured, it will be ok if it supports

VRF.

3.2.32 L2PT

In QinQ VPN mode, if VPN uses locating at different places want to initiate their L2

protocol for example, STP, LACP, ZDP, they need to use core network to transfer these

L2 protocol messages transparently, and these messages with preserved MAC address

for bridge can not process transparent transmission normally. L2PT (layer 2 protocol

transportation) solves this problem, so it is widely used to transfer user network L2

protocol message in QinQ VPN.

L2PT networking is as shown in the following figure.

Edge Switches: It locating at the edge of operator network connects customer

network equipment.

Layer 2 protocol transportation port: On port of Edge Switch. The encapsulation of

decapsulation L2 protocol message.

Transportation PDU: Encapsulated protocol message, for example ZDP, STP and

LACP, etc.

Figure 3-17 L2TP Networking

On the port without initiated L2PT, L2 protocol messages （STP，ZDP，LACP）instead

of being forwarded is either discarded or sent up for protocol processing, which will cause

several blocked stp domains in customer network as per different locations, so that the



entire customer VPN can not run an integrated STP topology. L2PT transfer BPDU

message transparently in VPN, which helps customers to supply the gap.

The received L2 protocol messages will be encapsulated at the transportation port of

edge switch, then broadcast the encapsulated messages. Initiate remote transportation

switch port to encapsulate these messages.

The message encapsulation and decapsulation can be done by changing message MAC

address.

3.2.33 Dual-Port Loop Inspection

The failure network connection or configuration easily causes forwarding loop in L2

network, which makes the equipment keep sending broadcasting, multicast and unknown

unicast messages. It not only wastes network resource greatly, but also fails the entire

network sometimes. To inspect loops inL2 network on time and avoid serious influence to

the entire network, there must be a mechanism in the network to inspect loops and inform

user to check connection and configuration on time. Also this mechanism should be able

to shut down the failed port to eliminate loop. This is loop inspection mechanism.

ZXR10 5900E sends loop inspection message from one port on a regular basis, and it

checks if messages return to the equipment on the other port to make sure if there’s loop

between the port sent message and the monitoring port, and if the port with loop is clear.

When loops are found in the network, ZXR10 5900E will shut down the port with loops

and send warnings (trap) to user.

3.2.34 IPFIX

IPFIX (IP Flow Information export) is a standard protocol issued by IETF for network flow

information measurement. This protocol is mainly known for unified IP data flow statistics

and output standard. To output date completely, IPFIX default uses 7 key domains to

indicate each data flow: source IP address, destination IP address, TCP/UDP source port,

TCP/UDP destination port, type of L3 protocol, type-of-service protocol byte and input

logical interface. If all 7 key domains of different IP messages match each other, these

IP message will be considered as the same data flow. By recording features of network

flow for example traffic duration and average length of message, the network

administrator can understand the existing network operation, and implement network

optimization, security check and traffic billing according to this information.

IPFIX –defined format is based upon Cisco Netflow Version 9 data output format, which

enables IP flow to be transferred from one exporter to collector. ZXR10 5900E can be the

exporter responsible for gathering and saving the special data flow crossing the switch. It

counts byte and packet for every received packet and save this statistical information to

memory for regular collection by Collector. ZXR10 5900E is able to record 2000 pieces of

outgoing data and 2000 pieces of incoming data flow.



3.2.35 Features of Synchronous Clock

3.2.35.1 System Clock Service

As an IP transmission platform with network-based synchronous clock, ZXR10 5900E

has many ways to choose synchronous clock source as the system clock to realize

network clock synchronization.

ZXR10 5900E is capable of the following system clock services:

Provide BITS external clock input/output interface. It realizes 1-line external output

interface and 1-line input interface

Support GPS interface service and provide 1PPS +TOD signal. Realize 1-line GPS

input and 1-line GPS output.

Support synchronous Ethernet interface service.

Support the delivery of SSM information. As per SSM information, the clock unit

realizes clock synchronization in the entire network. It supports automatic

high-priority clock selection and avoids the formation of ring on a regular basis.

3.2.35.2 Synchronous Ethernet Clock

ZXR10 5900E is capable of implementing synchronous Ethernet clock in the physical

layer, which goes in line with G.8261.

The synchronous Ethernet extracts the clock via the serial bit traffic in the physical layer,

so that it can realize SDH-similar clock precise. Although it can realize network clock

synchronization at the same time, this method can not realize precise time

synchronization. The precision of the synchronous Ethernet clock which is irrelevant to

the load and packet forwarding latency of Ethernet link layer is guaranteed by the

physical layer.

3.2.35.3 IEEE 1588 v2 Clock

ZXR10 5900E supports IEEE 1588 v2 protocol, and realizes clock and time

synchronization.

As precise time synchronization protocol, IEEE 1588v2 which is also called PTP protocol

is an active/standby synchronous system. In the course of system synchronization, the

active clock issues PTP clock synchronization protocol and time information on a regular

basis, and the standby clock port receives the timestamp sent by the active clock. Then

the latency and time difference by using active and standby routes can be calculated

accordingly. At the same time, the local time can be adjusted as per the time difference,



which makes the time of the standby device to have the same frequency and phase with

the active device.

3.2.35.4 Clock Protection Service

ZXR10 5900E uses protocols based upon SSM and BMC to enable the clock link to

implement automatic protection switchover. It ensures the reliable synchronous

transmission.

It calculates the synchronous path with the best synchronous information as per

clock path selection algorithm, which avoids the damage of the clock.

When the network breaks down, it switches over the clock information according to

clock path algorithm.

It enables the synchronous lockup, hold-on and free oscillation services of clock

information.

ZTE Confidential Proprietary © 2010 ZTE Corporation. All rights reserved. 49


4 System Architecture

4.1 Product Physical Structure

ZXR10 5900E series All-GE Intelligent routing switch has totally four models: ZXR10

5916E, ZXR10 5928E, ZXR10 5928E-FI and ZXR10 5952E. The chassis of ZXR10

5916E, ZXR10 5928E and ZXR10 5928E-FI is 1U(1U=44.45mm), and the size is

44.45mm×442mm×220mm (H×W×D). With 2U-height chassis, ZXR10 5952E has the

size of ZXR10 5952E is 88.9mm×442mm×220mm (H ×W×D). Using modular

swappable dual power supply, ZXR10 5900E is capable of flexible configuration and

changing, as well as more powerful reliability. All cables including power supply cable and

network cable are coming out in front of the chassis. It supports 3-line warning input and

5-line control output. The M button on the front panel can vividly display the running

status of the switch.

The interfaces and slots for each model of ZXR10 5900E series are shown as follows:

ZXR10 5916E provides 12 fixed GE electrical interface with the electrical interface type of

RJ45. It supports category 5 and above twisted-pair, 1 expanded slot, 1 100M

management port, 1 Console port and 2 alarm ports.

ZXR10 5928E provides 24 fixed GE electrical interfaces with the electrical interfaces type

of RJ45. It supports category 5 and above twisted-pair, 1 expanded slot, 1 100M

management port, 1 Console port and 2 alarm ports. It supports clock module

RS-59EC-BITS-GPS plugging in the second power supply slot (PWRII) on 5928E as

shown in Figure 18.

ZXR10 5928E-FI provides 24 fixed GE SFP interfaces. It supports various GE optical

modules satisfying SPF standards. It supports 1 expanded slot, 1 100M management

port, 1 Console port and 2 alarm ports.

ZXR10 5952E provides fixed 16 GE optical interfaces. It supports various GE optical

modules satisfying SPF standards. It supports 4 line card slots, 1 expanded slot, 1 100M

management port, 1 Console port and 2 alarm ports. Each line card supports 8-port GE

optical or electrical port. The line card supports hot swapping.

The sub-cards for expanded slots of four ZXR10 5900E models have four patterns: 4 GE

SFP optical ports, 4 GE electrical ports, 4 10G optical ports, and 2 10G optical ports+2

10G stacking ports.



Figure 4-1 The Front Panel of ZXR10 5928E

Figure 4-2 The Front Panel of ZXR105928E-FI



Figure 4-5 The Front Panel of ZXR10 5928E with Clock Synchronization Interface Card

4.2 Hardware Architecture

ZXR10 5900E series product is composed of control module, switching module, interface

module, power supply module, and monitoring module. ZXR10 5928E also supports

clock module and external GPS module.

1. Control module. Control module is composed of main processor and some external

functional chips, realizing the processing of various applications. Providing serial

interface for external management configuration, it implements data operation and

maintenance.



2. Switching module. Switching module is a packet processor. It implements

processing and switching of data packets sent by each port.

3. Interface module. Interface module is composed of interface chip and

corresponding circuit nearby. It mainly implements external user connection and

receiving & sending of data packets.

4. Power supply module. Power supply module supports 1+1 backup and hot

swapping. Adopting 220V AC power supply or -48V DC power supply, it provides

other parts in the system with the necessary power supply.

5. Monitoring module. 3-port dry contact signal input and 5-port dry contact signal

output.

Figure 4-6 System hardware diagram of ZXR10 5900E

4.2.1 Control Module and Switching Module

Control and switching module is the core part of ZXR10 5900E. It mainly implements two

functions of control module and switching module.

In ZXR10 5900E system, control and switching module is installed in cassette structure

with no independent panel. Its interfaces and signal indicators are on the front panel of

the system. Its block diagram is shown in the following Figure:



Figure 4-7 Diagram of main control card

Switch

CPU system

SDRAM

BOOTROM

10/100/1000M interface signal


Console interface

MGT

interface

Switch

CPU system

SDRAM

BOOTROM



Console interface

MGT

interface

The control module is composed of the main processor and some external application

chips. It provides external operation interfaces, for example, serial ports and Ethernet

ports, by which the system can process all kinds of applications. The main processor is a

high-performance CPU processor, which performs the following functions:

System NM protocol, for example, SNMP

Network protocols, for example, OSPF, RIP, and BGP-4

Providing the operation and management interfaces for line cards

Data operation and maintenance

The switch module is designed with a dedicated Switch chip, which is integrated with

multiple Gigabit and Gigabit bi-directional interfaces, allowing it to process wire-speed

switching of multiple ports. The Switch chip provides the following functions:

1. Store and forward switching

2. Supporting 9KB jumbo frames

3. Supporting priority queuing, where frames can be dropped selectively when the CoS

queue is in congestion

4. Providing one management and control timer for each port



4.2.1.1 Interface

Console Port

Management terminal performs operations and maintenance on ZXR10 5900E

through Console port. It is connected with COM port on management terminal by

serial cable. One end of the serial cable connecting ZXR10 5900E is RJ45 plug, and

the other end of the cable is DB9 female plug, connected to management terminal.

Management Interface

Management terminal can perform operations and maintenance on ZXR10 5900E

through management interface, which supports 100Base-TX.

External Alarm Interface

It supports 5-port external alarm input and 3-port alarm output with the interface physical

plug of RJ45.

100/1000Base-T Ethernet Interface

Table 4-1 The Assistant Interface Type and Interface Number of ZXR10 5900E

Assistant Interface Parameter Remarks

External Alarm Interface Support 5-port external warning input and 3-port warning output

RJ45

Console Interface Support 1-port Console interface

RJ45

Network Management Interface

Support 1-port network management interface

RJ45

Main control card of ZXR10 5916E and ZXR10 5928E supports 1000 Base-T and

100Base-TX on CAT5. The characteristics are as shown in the following table:

Table 4-2 Feature of 100/1000Base-T Ethernet interface on main control card of ZXR10 5900E

Port type Features

100/1000Base-T

Conforming the following standards:

1000BASE-T IEEE 802.3u

RJ45 plug

CAT5 Unshielded Twisted Pair (UTP) with the longest transmission distance

100m

MDI/MDIX



4.2.1.2 Indicator

There are 14 indicators on front panel of ZXR10 5916E, where 12 indicators are port

status indicators. There are 1 system indicators SYS/ALM and 1 management interface

indicator MNG.

There are 26 indicators on front panel of ZXR10 5928E and 5928E-FI, where 24

indicators are port status indicators. There are 1 system indicators SYS/ALM and 1

management interface indicator MNG.

There are 19 indicators on front panel of ZXR10 5952E, where 16 indicators are port

status indicators. There are 2 system indicators SYS/ALM and FAN and 1 management

interface indicator MNG. Each of the four user-side line card has 8 port indicators.

Functions of ZXR10 5900E system indicators are shown in the following table:

Table 4-3 Functions of ZXR10 5900E system indicators

Indicators Off Green Red

SYS/ALM The equipment is power off

Green indicator flashes: the equipment works well

Red indicator flashes: error occurs to the equipment

MNG No connection

Green indicator on: link

Green indicator flashes: active

FAN Fan chassis is not connected

Green indicator flashes: all fans work well

Red indicator flashes: error occurs to one or more fans

There is a MODE button on the front panel of ZXR105900E. M_button function provides

some display function of key statistics data and indicator function of key event by using

panel indicator, which makes it convenient to maintain our equipment. M_button function

mainly includes the following modes:

1. LINK mode (LINK): in this mode, port indicator displays LINK/ACT state of port. If

port is in link state, the green indicator is on. If there is traffic, green indicator is

flashing. If port is not in link state, the indicator is off.

2. SPD mode (SPD): in this mode, port indicator displays the current speed of port. If

port speed is the same as port default speed, green indicator is on. If not, yellow

indicator is on.

3. DUP mode (DUP): in this mode, port indicator displays duplex state. If port is in

full-duplex state, green indicator is on. If port is in half-duplex state, yellow indicator

is on.



4. STAT mode (STAT): in this mode, port indicator displays STP state. If port STP

state is Forward, green indicator is on. If port STP state is Disable, green indicator is

off. If it’s other state, yellow indicator is on.

5. CPU utilization ratio mode (CPU%): in this mode, port indicator displays the current

CPU utilization ratio. 5916E uses the indicator of port 1~12 to view, each port

indicates 8%.5928E and 5928E-FI use the indicator of port 1~20 to view, each port

indicates 5%. 5952E uses the indicator of port 1~16 on MP board to view, each port

indicates 6.25%.

6. Memory utilization ratio mode (MEM%): in this mode, port indicator displays the

current memory utilization ratio. 5916E use the indicator of port 1~12 to view, each

port indicates 8%.5928E and 5928E-FI use the indicator of port 1~20 to view, each

port indicates 5%. 5952E uses the indicator of port 1~16 on MP board to view, each

port indicates 6.25%.

7. Uplink port outbound bandwidth occupation rate mode (BW%): in this mode, port

indicator displays current uplink port outbound bandwidth occupation rate, take the

uplink port current speed as baseline. 5916E use the indicator of port 1~12 to view,

each port indicates 8%.5928E and 5928E-FI use the indicator of port 1~20 to view,

each port indicates 5%. 5952E uses the indicator of port 1~16 on MP board to view,

each port indicates 6.25%.

8. Uplink port inbound bandwidth occupation rate mode (BW%): in this mode, port

indicator displays current uplink port inbound bandwidth occupation rate, taking the

uplink port current speed as baseline. 5916E use the indicator of port 1~12 to view,

each port indicates 8%. 5928E and 5928E-FI use the indicator of port 1~20 to view,

each port indicates 5%. 5952E uses the indicator of port 1~16 on MP board to view,

each port indicates 6.25%.

9. PING network management center mode (PING): in this mode, use the first 5 port

indicators to view. Equipment will send 5 ICMP packets to network management

center, for each ICMP packet, if receive the correct reply, the corresponding

indicator will turn green, if not, turn yellow.

10. CRC port display mode (CRC): in this mode, port indicator displays CRC error. If

port has CRC error frame statistics, green indicator is on. Otherwise green indicator

is off.

11. STORM port display mode (STORM): in this mode, port indicator displays storm port.

If port is storm port, green indicator is on. Otherwise green indicator is off.

12. NoMAC port display mode (NoMAC): in this mode, port indicator displays if MAC is

learned. If port does not learn MAC, green indicator is on. Otherwise green indicator

is off.



4.2.2 Interface Module

ZXR10 5900E supports 4-port gigabit Ethernet optical/electrical interface card, 4-port

10G Ethernet optical interface card, 2-port 10G optical port+2-port 10G stacking interface

card, and 8-port GE Ethernet optical/electrical interface card. GE Ethernet interface card

support optical/electrical adaptive interface. All optical interfaces use swappable optical

modules, so one line card can support multiple sorts of transmission media and distance.

This decreases the number of extra line card in different situations, and helps operator to

get maximum profit from minimum investment.

ZXR10 5928E supports synchronous clock module, providing Ethernet synchronous

clock feature.

The interface cards ZXR10 5900E supports are shown in table .

Table 4-4 Service Interface Card of ZXR10 5900E

Interface Card Type

Description Remarks

GE Interface Card

4-Port GE Electrical Interface Card

Fit 5916E, 5928E, 5928E-FI and 5952E. Not support hot-swappable service.

4-Port GE Optical Interface Card

Fit 5916E ,5928E, 5928E-FI and 5952E. Not support hot-swappable service.

8-Port GE Electrical Interface Card Fit 5952E only. Support hot-swappable service.

8-Port GE Optical Interface Card Fit 5952E only. Support hot-swappable service.

10GE Interface Card

4-Port 10GE Optical Interface Card


2 10GE Optical Interfaces+ 2 10GE Stacking Interface Cards


Clock Synchronization Interface Card

2 2M BITS Interfaces +2 GPS interfaces. 2M interfaces are 75Ω and coaxial. GPS interface is RJ45 interface.

Fit 5928E only. Not support hot-swappable service.

4.2.3 Power Module

ZXR10 5900E supports dual power supply modules. Two modules support AC-DC power

supply and DC-DC power supply respectively. They both support 1+1 hot backup input



through the front panel. It supports hot swapping service. A power supply module adopts

220V input.

4.2.4 Clock Module

ZXR10 5928E supports clock module, plugging in the second power supply slot of 5928E.

The clock module has the following functions:

1. Supports synchronization with GPS.

2. Supports BITS clock synchronization with 2MBits or 2MHz.

3. Supports 1588v2 synchronous Ethernet.

4. Supports SyncE based on physical layer clock recovery

5. Supports automatic switchover between different reference sources.

6. Supports Stratum 2 clock holdover.

7. Provides external 1-port BITS IN, 1-port BITS OUT, 1-port GPS input (PPS&TOD IN)

and 1-port GPS output (PPS & TOD OUT).

There are 6 indicators on the clock module panel, which are BTIS IN, BITS OUT,

PPS&TOD IN green and yellow, and PPS&TOD OUT green and yellow.The front panel of

clock module is shown as follows:

Table 4-5 Front panel of clock module

4.3 Software Architecture

ZXR10 5900E series products are multi-layer switches with L2 switching and L3 routing

capabilities and support for multiple functions, providing L2/3 wire speed switching and

routing and QoS assurance. The system software performs management, control, and



data forwarding. Its basic operations include system start, configuration management,

running of protocols, maintenance of tables, setting switch chips, and status control, as

well as software forwarding of some special packets. The system software must

implement the following functions:

Implementing major L2 protocol functions, including 802.1D STP protocol, 802.1P

priority control, related functions of 802.1Q VLAN, and 802.3ad link aggregation

Supporting Ipv4 protocol stacks and basic routing protocols

Implementing multi-layer services such as ACL and DHCP

Implementing some broadband access functions

Implementing network management protocol SNMPv3 and Agent

Allowing users to perform network management via the serial terminal, Telnet, or

SNMP Manager, including network configuration management, fault management,

performance management and security management.

Smooth upgrade of the software version, and on-line upgrade of the active/standby

protocol processing cards and switching network cards.

Network security function

Based on the system functions mentioned above, the system software could be

divided into five subsystems.

Operation support subsystem, including software modules such as BSP, ROS, SSP,

and VxWorks kernel

MUX subsystem, including the data distribution module, statistics and monitoring

module, and driving and encapsulation module. The data distribution module

distributes data packets to the driver and upper-layer software. The statistics and

monitoring module measures data, forwards information, and monitors the software

table.

L2 subsystem, including processing STP protocol, LACP protocol, IGMP

SNOOPING protocol, MAC address management, VLAN management and L2 data

forwarding

L3 subsystem, which implements basic protocols of TCP/IP, such as IP, ARP, ICMP,

TCP, and UDP, and application protocols such as FTP and Telnet, and implements

unicast and multicast routing protocols, performing L3 data forwarding.

NM and operation & maintenance subsystem, which implements the Agent function of the

SNMP network management, supports command line management, provides operation &

maintenance interfaces, and provides MIB information.



4.3.1 Operation Support Subsystem

The operation support subsystem drives and encapsulates the bottom-layer hardware,

providing support for other software systems on the upper layer. This subsystem provides

support for the running of the hardware, allocating resources for the hardware, and

provides the hardware-related interfaces for the upper-layer software. The operation

support subsystem relies on the RoS platform of the ZXR10, and it is composed of

system support, system control, version load control, BSP, and SSP. It can be further

divided into the operating system kernel, process scheduling, process communication,

timer management, and memory management modules. The functional block diagram for

the operation support subsystem is shown as follow:

Figure 4-8 Functional Block Diagram for the Operation Support Subsystem

4.3.2 MUX Subsystem

The MUX subsystem exchanges information with the driver and the upper-layer software,

and measures and monitors the software table of the switch chip. The MUX subsystem

mainly performs data distribution and measurement and monitoring. After the MUX layer

receives the data packets from the driving module, it forwards the packets by type

according to the ETHER TYPES fields in the MAC frames. The data distribution of the

MUX also includes the encapsulation of the data sending function of the driver, to provide

the modules on the upper layer with a new data sending function for invocation. When the

modules on the upper layer have data packets or protocol packets to send, they can

invoke the data sending function provided by the MUX. The measurement and monitoring



function measures the status of the driver layer, physical layer and MUX layer, measures

the packets received/sent, monitors the access to the register, and performs the sniffer

operations to the data packets, providing the OAM module with the interface function.

4.3.3 L2 Subsystem

The L2 subsystem performs configuration management (management layer) on the data

link layer, protocol processing on L2 (control layer), and data forwarding (data layer or

service layer). The function modules are illustrated as follow:

Figure 4-9 functional Block Diagram of the L2 Subsystem

4.3.4 L3 Subsystem

By software layer, the L3 subsystem consists of the service control layer and

data-forwarding layer. Where, the service control layer is composed of the TCP/IP and IP

forwarding support subsystem. The TCP/IP consists of the support protocols and routing

protocols. The support protocols are the basic protocols in the Ipv4 protocol suite,

providing services to the dynamic routing protocols, while acting as the entities of network

management and system monitoring. As the service provider for the upper-layer

application entities on the whole router system, support protocols consist of IP, ARP,

ICMP, IGMP, TCP, UDP and Telnet protocol entities. Routing protocols are used to

generate dynamic routes, and they consist of unicast routing protocols such as RIP,

OSPF, and BGP, and multicast routing protocols such as IGMP, PIM-SM, MSDP and

MBGP, and they provide related upper-layer protocols such as LDP, VRRP, and RSVP.

The IP forwarding and support subsystem is responsible for deletion and modification of

the forwarding table and the related strategies, and establishment and maintenance of

indexes, and data interaction between the CPU and switch chip. The IP data forwarding

layer inputs, forwards and outputs the data of the strategies, rules and routing tables

created by the switch chip according to the IP service control layer.



Figure 4-10 Functional Block Diagram of the L3 Subsystem

4.3.5 NM and Operation & Maintenance Subsystem

The foreground NM and Operation & Maintenance subsystem uses TCP/IP to implement

the agent of the SNMP NM, and meets the management requirements by using the

execution entities of the managed entities on the bottom layer. The background NM

communicates with the foreground NM via the network to manage the foreground system.

In this way, the management network is isolated from the transmission network.

4.4 ZXROS Platform

ZXROS is a multitask-based distributed real-time network operating system, providing

unified IP protocol supported by all devices from ZTE. ZXROS offers a mature and steady

architecture, and has been extensively used by lots of carriers. With reinforcement and

extension on the basis of the original platform, the existing platform in terms of user ’s

service requirements give more consideration on user ’s OPEX, CAPEX, service

scalability and implementation.

Sound Encapsulation

The configurations of all products are in the same style, which makes user

easy to operate and maintain.

Powerful Monitoring Service

Monitor process and memory abnormities.



Monitor the working status of power supply module, fan, voltage, current, and working temperature.

Provide fast failure location to guarantee high reliability of the product version.

Flexible Modular Components

All service module based upon ZXROS can be added or uninstalled easily;

new services can be developed based upon the original architecture.

Based upon user’s demands, provide flexible on-demand service and fast

respond to user’s requirements.

With superior interoperation, it follows the following standard and protocols

Table 4-6 L2 Protocol Standard

L2 Protocol Standard

IEEE 802.1d Bridging IEEE802.1x Port Based Network Access

EEE 802.1s Multiple Spanning Tree IEEE 802.3ad Link Aggregation

IEEE 802.1w Rapid Spanning Tree IEEE 802.3ag Service Layer OAM

IEEE 802.1Q VLAN tagging IEEE 802.3ah Provider Backbone B

9216 bytes jumbo frame forward on Ethernet and pos interface

IEEE 802.1ab LLDP(Link Layer Discovery Protocol)

IEEE 802.1ad VLAN stacking, Select QinQ, VLAN translate

IGMP v1/v2 snooping/proxy

IEEE 802.3 10BaseT IEEE 802.3ae 10Gpbs Ethernet

IEEE802.3ah Ethernet OAM IEEE 802.3x Flow Control

IEEE 802.3 100BaseT IEEE 802.3z 1000BaseSX/LX

IEEE 802.3u 100BaseTx IEEE 802.3ae 10Gbps Ethernet

ESRP Ethernet smart Ring Protocol ZESS ZTE Ethernet smart switch

IEEE 802.1p VLAN Priority

Table 4-7 TCP/IP Protocol Standard

TCP Protocol Standard

RFC 768 UDP RFC 791 IP

RFC 792 ICMP RFC 793 TCP

RFC 826 ARP RFC 854 Telnet

RFC 951 BootP RFC 1350 TFTP

RFC 1519 CIDR RFC 1812 Requirements for IPv4 Routers

RFC 2328 TFTP Blocksize Option RFC 2347 TFTP option Extension

RFC2349TFTPTimeoutIntervaland TransferSize option

RFC 2401 Security Architecture for Internet Protocol

draft-ietf-bfd-mib-00.txt Bidirectional draft-ietf-bfd-base-02.txt Bidirectional



TCP Protocol Standard

Forwarding Detection Management Information Base

Forwarding Detection

draft-ietf-bfd-v4v6-1hop-02.txt BFD IPv4 and IPv6(Single Hop)

Table 4-8 RIP Protocol Standard

RIP Protocol Standard

RFC 1058 RIP Version1 RFC 2453 RIP Version2

RFC 2082 RIP-2 MD5 Authentication

Table 4-9 OSPF Protocol Standard

OSPF Protocol Standard

FC 1765 OSPF Database Overflow RFC 2328 OSPF Version 2

FC 2370 Opaque LSA Support RFC 2740 OSPF for IPv6(OSPFv3)

RFC 3101 OSPF NSSA Option RFC 3137 OSPF Stub Router Advertisement

RFC 3623 Graceful OSPF Restart–GR helper

Table 4-10 BGP Protocol Standard

BGP Protocol Standard

RFC 1597 BGP Default Route Advertisement

RFC 1772 Application of BGP in the Internet

RFC 1965 Confederations for BGP RFC 1997 BGP Attribute Communities

RFC 2385 Protection of BGP Sessions via MD5

RFC 2459 BGP Route-Flap Dampening

draft-ietf-idr-rfc2796bis-02.txt RFC 2796 BGP Route Reflection

RFC 2918 Route Refresh Capabil-ity for BGP4

draft-ietf-idr-rfc2858bis-09.txt

draft-ietf-idr-rfc3065bis-05.txt RFC 3065 Confederations for BGP

RFC 4271 BGP-4 (previously RFC 1771) RFC 3592 Capabilities Advertise-ment with BGP4

RFC 4364 BGP/MPLS IP Virtual Private Networks (VPNs)

RFC 4360 BGP Extended Communities Attribute

RFC 4724 Graceful Restart Mechanism for BGP–GR helper

RFC 4760 Multi-protocol Extensions for BGP

RFC 4203 for Shared Risk Link Group (SRLG) sub-TLV



Table 4-11 ISIS Standard

ISIS Standard

RFC 1142 OSI IS-IS Intra-domain Routing Protocol (ISO 10589)

RFC 1195 Use of OSI IS-IS for routing in TCP/IP&dual environments

RFC 2763 Dynamic Hostname Exchange for IS-IS

RFC 2973 IS-IS Mesh Groups

RFC 3373 Three-Way Handshake for Intermediate System to Inter-mediate System (IS-IS) Point-to-Point Adjacencies

RFC 2966 Domain-wide Prefix Distribution with Two-Level IS-IS

RFC 3567 Intermediate System to Intermediate System(IS-IS)

Cryptographic Authentication

RFC 3719 recommendations for Interoperable Networks using IS-IS

RFC 3784 Intermediate System to Intermediate

System(IS-IS) Extensions for Traffic Engineering (TE)

RFC 3787 Recommendations for Interoperable IP Networks

RFC 3847 Restart Signaling for IS-IS–GR helper

RFC 4205 for Shared Risk Link Group (SRLG) TLV

draft-ietf-isis-igp-p2p-over-lan-05.txt

Table 4-12 VRRP Standard

VRRP Standard

RFC 2787 Definitions of Managed Objects for the Virtual Router Redundancy Protocol

RFC 3768 Virtual Router Redundancy Protocol

Table 4-13 LDP Standard

LDP Standard

RFC 3036 LDP Specification draft-jork-ldp-igp-sync-03

RFC 3037 LDP Applicability RFC 3478 Graceful Restart Mechanism for LDP–GR helper

Table 4-14 IPV6 Standard

IPV6 Standard

RFC 1981 Path MTU Discovery for IPv6 RFC 2375 IPv6 Multicast Address Assignments

RFC 2460 Internet Protocol Version 6(IPv6) Specification

RFC 2461 Neighbor Discovery for IPv6

RFC 2462 IPv6 Stateless Address Auto configuration

RFC 2463 Internet Control Message Protocol(ICMPv6) for the Internet Protocol Version 6 Specification

RFC 2464 Transmission of IPv6 Packets over Ethernet Networks

RFC 2529 Transmission of IPv6 over IPv4 Domains without Explicit Tunnels



IPV6 Standard

RFC 2545 Use of BGP-4 Multi-protocol Extension for IPv6 Inter-Domain Routing

RFC 2710 Multicast Listener Discovery (MLD) for IPv6

RFC 2740 OSPF for IPv6 RFC 3306 Unicast-Prefix-based IPv6 Multicast Addresses

RFC 3315 Dynamic Host Configu-ration Protocol for IPv6

RFC 3587 IPv6 Global Unicast Address Format

RFC 3590 SourceAddress Selection for the Multicast Listener Discovery (MLD) Protocol

RFC 3810 Multicast Listener Discovery Version 2 (MLDv2) for IPv6

RFC 4007 IPv6 Scoped Address Architecture

RFC 4193 Unique Local IPv6 Unicast Addresses

RFC 4291 IPv6 Addressing Architecture RFC 4659 BGP-MPLS IP Virtual Private Network(VPN) Extension for IPv6 VPN

RFC 5072 IP Version 6 over PPP

Table 4-15 Multicast Standard

Multicast Standard

RFC 1112 Host Extensions for IP Multicasting(Snooping)

RFC 2236 Internet Group Man-agement Protocol

RFC 2362 Protocol Independent Multicast-Sparse Mode(PIM-SM)

RFC 3376Internet Group Management Protocol Version3

RFC 3446 Anycast Rendevous Point(RP) mechanism using Protocol Independent Multicast(PIM) and Multicast Source Discovery Protocol(MSDP)

RFC 3618 Multicast Source Discovery Protocol (MSDP)

RFC 4601 Protocol Independent Multicast-Sparse Mode(PIM-SM)

RFC 4604 Using IGMPv3 and MLDv2 forSource-Specific Multicast

RFC 4607 Source-Specific Multicast for IP

RFC 4608 Source-Specific Protocol Independent Multicast in 232/8

RFC 4610 Anycast-RP Using Protocol Independent Multicast(PIM)

draft-ietf-pim-sm-bsr-06.txt

draft-rosen-vpn-mcast-08.txt draft-ietf-mboned-msdp-mib-01.txt

Table 4-16 Differentiated Services Standard

Differentiated Services Standard

RFC 2474 Definition of the DS Field the IPv4 and IPv6 Headers(Rev)

RFC 2598 An Expedited Forwarding PHB

RFC 2597 Assured Forwarding PHB Group (rev3260)

RFC 3140 Per-Hop Behavior Identification Codes

Table 4-17 PPP Standard

PPP Standard



PPP Standard

RFC 1332 PPP IPCP RFC 1377 PPP OSINLCP

RFC 1662 PPP in HDLC-like Framing RFC 1638/2878 PPP BCP

RFC 1661 PPP RFC 1989 PPP Link Quality Monitoring

RFC 1990 The PPP Multilink Protocol(MP)

RFC 2516 A Method for Transmitting PPP Over Ethernet

RFC 2615 PPP over SONET/SDH

Table 4-18 DHCP Standard

DHCP Standard

RFC 2131 DynamicHost-Configuration Protocol(REV)

RFC 3046DHCP Relay Agent Information Option(Option 82)

Table 4-19 Network Management Standard

Network Management Standard

ITU-T M.3000, Overview of TMN recommendations

ITU-T M.3010, PrincIPles for a Telecommunications management network

ITU-T M.3016, TMN security overview ITU-T M.3020, TMN Interface Specification Methodology

ITU-T M.3100 Generic Network Information Model

ITU-T M.3101, Managed Object Conformance Statements for the Generic Network Information Model

ITU-T M.3200, TMN management services and telecommunications managed areas: overview

ITU-T M.3300, TMN F interface requirements

ITU-T M.3400, TMN Management Function

ITU-T Temporary Document 69 (IP Experts): Revised draft document on IP access network architecture

ITU-T X.701-X.709, Systems Management framework and architecture

ITU-T X.710-X.719, Management Communication Service and Protocol

ITU-T X.720-X.729, Structure of Management Information

ITU-T X.730-X.799, Management functions

RFC1157, Simple Network Management Protocol

RFC1213, Management Information Base for Network Management of TCP/IP based internets: MIB-II

RFC1901, Introduction to Community-based SNMPv2

RFC1902, Structure of Management Information for Version 2 of the Simple Network Management Protocol (SNMPv2)

RFC1903, Textual Conventions for Version 2 of the Simple Network Management Protocol (SNMPv2)

RFC1905, Protocol Operations for Version 2 of the Simple Network Management Protocol (SNMPv2)

RFC2037, Entity MIB using SMIv2 RFC2233, The Interface Group MIB using SMIv2




RFC1558, A String Representation of LDAP Search Filters

RFC1558, A String Representation of LDAP Search Filters

RFC1777, Lightweight Directory Access Protocol

RFC1778, The String Representation of Standard Attribute Syntaxes

RFC1959, An LDAP URL Format RFC2251, Lightweight Directory Access Protocol (v3)

RFC1493, Definitions of Managed Objects for Bridges

GB901, A Service management Business Process Model

GB910，Telecom Operations Map GB909，Generic Requirements for

Telecommunications Management Building Blocks

RFC1757, Remote Network Monitoring Management Information Base

GB908，Network Management Detailed

Operations Map

RFC1757, Remote Network Monitoring Management Information Base

GB914，System Integration Map

GB917, SLA Management Handbook V1.5

NMF038, Bandwidth Management Ensemble V1.0

TMF508, Connection and Service Management Information Model Business Agreement

TMF801, Plug and Play Service Fulfillment Phase 2 Validation Specification V1.0

TMF605, Connection and Service Management Information Model

NMF037, Sub-System Alarm Surveillance Ensemble V1.0

TMF053, NGOSS Architecture Technology Neutral Specification V1.5

TMF053A, NGOSS Architecture Technology Neutral Specification V1.5

TMF053B, NGOSS Architecture Technology Neutral Specification V1.5

TMF821, IP VPN Management Interface Implementation Specification V1.5

TMF816, B2B Managed Service for DSL Interface Implementation Specification V1.5

Interworking Between CORBA and TMN System Specification V1.0

YD/T 852-1996 General design principle of TMN

YD/T 871-1996 General information model of TMN

YD/T XXXX-2001 General technical specification of broadband MAN

YD/T XXXX-2001 IP Network technical specification-network performance parameter and availability

YD/T XXXX-2000 IP Network technical specification –network in general

YDN 075-1998 China public multimedia communications network management specification

YDN 075-1998 China public multimedia communications network management standard

RFC 1215 A Convention for Defin-ing Traps for use with the SNMP

RFC 1657 BGP4-MIB RFC 1724 RIPv2-MIB

RFC 1850 OSPF-MIB RFC 1907 SNMPv2-MIB

RFC 2096 IP-FORWARD-MIB RFC 2011 IP-MIB

RFC 2012 TCP-MIB RFC 2013 UDP-MIB

RFC 2138 RADIUS RFC 2206 RSVP-MIB

RFC 2452 IPv6 Management Information RFC 2454 IPv6 Management Information




Base for the Transmission Control Protocol

Base for the User Datagram Protocol

RFC 2987 VRRP-MIB RFC 3014 NOTIFICATION-LOGMIB

RFC 3019 IP Version 6 Manage-mentInformation Base for The Multicast Listener Discovery Protocol

RFC 3164 Syslog

draft-ietf-disman-alarm-mib-04.txt draft-ietf-ospf-mib-update-04.txt

draft-ietf-isis-wg-mib-05.txt draft-ietf-mpls-lsr-mib-06.txt

draft-ietf-mpls-te-mib-04.txt draft-ietf-mpls-ldp-mib-07.txt



5 Technical Specifications

5.1 Physical Indices

Table 5-1 Physical Parameters

Physical Parameter 5916E/5928E/5928E-FI 5952E

Size(H×W×D) 44.45mm×442mm×220mm

88.9mm×442mm×220mm

Weight (Full Configuration, including two power supply modules and subcards)

ZXR10 5928E：4.8kg

ZXR10 5928E-FI：4.8kg

ZXR10 5916E：3.8kg

10kg

Power Consumption

ZXR10 5928E:

The minimum:<43w

The maximum:<63w

ZXR10 5928E-FI:

The minimum:<35w

The maximum:<64w

ZXR10 5916E:

The minimum:<30w

The maximum:<45w

The minimum:<53w

The maximum:<122w

Working Temperature long-term: -5℃～+50℃;short-term: -5℃～+55℃

Storage Temperature -40℃～70℃

Working Humidity Relative humidity 10%～90%, non-condensing.

Anti-lightening AC power supply provides 6KV anti-lightening capability

Power supply AC power supply: 100V～240V, 50Hz～60Hz

DC power supply: -40V～-57V

Anti-Seismic Design Anti-8 magnitude earthquake design

Reliability

MTBF:>200000 hours

MTTR:<30 minutes

EMC:

FCC Part 15 (CFR 47) Class A

EN55022 Class A

ETSI EN 300 386 V1.3.1

EN55024

Safety:

UL 60950 3rd Edition

CSA C22.2 No 60950 3rd Edition

EN 60950

EC 60950

EN60825-1+A1 and EN60825-2



5.2 Capacity

See the table named “Basic Performance”.

5.3 Performance

Table 5-2 Basic Performance

Basic Performance Indices 5916E/5928E/5928E-FI 5952E

Swathing capacity 128G 176G

Packet forwarding capability

5928Eand5928E-FI: 95M

5916E:77M 131M

L2 Features

MAC address table

32K

VLAN number 4K

L2 multicast table 1K

L3 Features

Ipv4 Routing table 12K network segment route/8k host route

L3 multicast table 4K

IPv6 routing table 6K network segment route/4k host route

MPLS

Label stacking 3

LDP FRR switchover time

50ms-200ms

QoS

Ingress ACL rule number

512

Egress ACL rule number

4k

CAR granularity 64 kbit/s

COS queue number

8 queues per port

Cos Queue for CPU

48

HQoS level 2 layers

MPLS L2VPN

VRF 2K

VPLS instance number

2K

Extension LDP 64

Ethernet

OAM

MD 8

LMEP 256

RMEP 2K

CC delivery frequency

3.3ms/10ms/100ms/1s/10s



5.4 Power

See the table 5-1.

5.5 Working Environment

See the table 5-1.

5.6 Environmental Classes

See the table 5-1.

5.7 Reliability

Table 5-3 Reliability

Item Description

Reliability

Support non-stop upgrade

Support VBRP protocol, support multiple backups configuration, support backup priority setting, support VRRP switching authentication, support priority replacement mode

Support ZESR(ESRP+) Ethernet ring protection

Support ZESS dual-homing protection

Support ECMP



6 Operation and Maintenance

6.1 NetNumen N31 Unified Network Management Platform

Due to the development of IP network, there are more and more services implemented by

IP network. At the same time, the network ranges larger, and configures harder, plus

user’s higher expectation, the network management becomes more and more difficult.

Only manual management and passive inspection can not meet the requirements of

running the entire system.

Now the maintenance engineer is focusing on how to deploy service swiftly, how to keep

steady network operation, how to predict the operating quality of the network and how to

locate the failure as soon as it happens. Therefore, the active network monitoring,

automatic network failure inspection and recovery, and sound network operation are

urgently required to guarantee maximum network profit.

ZTE giving positive response to the call of the times develops NetNumen N31 unified

network management system. It is an integrated network management system

composed by router, switch and CE, responsible for network element management,

network management and service management. It supports multiple sorts of database,

has graphic interface in different languages for convenient operation. Besides, this

system also provides flexible northbound interface, supporting powerful interconnecting

integration.

6.1.1 Network Management Networking Mode

Between NetNumen N31 NMS and ZXR10 5900E series equipment, inband

management and outband management networking modes can be used.

Inband Management

Inband Management, i.e. instead of requiring an extra DCN, network management

information and service data are delivered in the same channel. NetNumen N31

only has to connect with its nearby network equipments, and then together with

configured SNMP, it can arrange management.

The advantage of inband management is that flexible networking does not ask for

extra investment. But the network management information takes up service

bandwidth, so it may seriously affect service quality.

Outband Management



Outband management, i.e. the network management information is delivered in

service data independent from service data, so extra DCN is needed. NetNumen

N31 network management system is connected with the outband management

interface of ZXR10 5900E, so that network management information and service

information can be delivered independently.

By using outband management, the breakup of the service channel will not prevent

the network management station to do equipment management, so that the

transport of network information becomes more reliable. But the independent

network is limited by the geographic reasons and requires extra investment.

6.1.2 NetNumen N31 Network Management System

NetNumen N31 network management system is an integrated management system

designed by ZTE for its router, switch and CE. It covers network element

management, network management and service management. NetNumen N31

network management system provides the following services.

Failure management makes sure steady network operation

In the maintenance of network management, the administrator urgently needs to

know the network operating status to make sure steady network operation. The

failure management of NetNumen N31 is responsible for receiving real-time

equipment warning and network events from all NE, so that it can give audible and

visible information to maintenance staffs; after being confirmed by maintenance

staffs, the collected warning report will be saved for future statistics and search.

Failure management is the most important and commonly used method in user’s

network operating maintenance. Via failure management, user can arrange

information search, real-time monitoring, failure filtering, failure location, failure

confirmation, failure deletion, and failure analysis for ZXR105900E series device.

Besides, NetNumen N31 system also provides voice prompt, graphic warning

display, and informs user the failure by sending Email and messages via warning

system, Email system, SMS system, which simplifies user’s daily maintenance.

Performance management enables complete understanding of network services

The traffic direction, traffic load and network load are the key issues in network

management. The performance management module of NetNumen N31 is mainly

responsible for the performance monitoring and analysis of data network and its

equipments. The performance data collected by network element will generate

performance report after a certain processing, so that maintenance and

management departments can get information to guide network engineering, plan,

network scheduling and improve network operating quality. Via performance

management, user can implement load, traffic direction and interface load collection,

get timely service quality report and give prompt evaluations and adjustment on

entire network resource configuration.



Resource management makes reasonable use of network resource

The resource management realizes the management of physical resource and

logical resource, so it is an inevitable basic system in carrier’s service progress. Also

it is the critical precondition for realizing automatic service initiation and automatic

service guarantee. Via resource management, user via the resource management

system not only can get information of the management of the equipment, module,

interface and link in the network, but also can know the operating status of the

logical resources, such as, VLAN resource, L2/L3 VPN resource, and MAC

addresses.

View management makes network operation clear and easy

View management provides unified network topology and multi-view management,

which enables the user to be aware of the network topology and equipment

operating running status in the entire network. At the same time, it provides

maintenance interfaces for network and equipment. User utilizes view management

to know the operating status and warning status of the equipment. And also, it

supports fast navigation to other management systems.

Configuration management enables fast service deployment

The configuration management implements the configuration of ZXR10 5900E

series, including equipment management, interface management, VLAN

management, L2 attribute management, MPLS management, routing protocol

management, QoS management, software upgrade management, and configuration

file management; Also it supports many customer-friendly configuration modes,

such as end-to-end configuration, in-batch configuration, guiding configuration.

Besides, it offers default configuration models to corresponding management.

Security management protects network from hacking

The security management is mainly responsible for user’s legal network operation. It

implements the management of user, user group and role. By arranging correct

relationships between user, user group and role, it provides administrators with

security control mechanism. Via login Authentication, it prevents illegal users from

accessing the system. By authorized operation, it offers security mechanism to

administrator’s secure operation.

Northbound interface gives conveniences to integration

Due to the fast development of telecom industry, one carrier nowadays should

manage multiple different network element equipment or professional network

management system. The drawbacks for instance no interaction among different

professional network management systems, complicated management content, and

multiple operating interfaces become more and more obvious. To enhance the

integrated network management level and effect of telecom enterprise, one network

management station can be used to implement all sorts of management and control



to the interconnected networks, so that, the integrated entire network management

comes true.

The integrated network management connects with professional network

management via interface. So the professional network management should

provide standard open northbound interface to the integrated network management

system, so that, it can integrate with the integrated network management system

rapidly and reliably. NetNumen N31 supports many types of northbound interface,

e.g. CORBA, SNMP, TL1 and FTP.

6.2 Maintenance and Management

6.2.1 Multiple Configuration Modes

ZXR10 5900E series equipment provides multiple equipment login and

management configuration modes, which enables user to choose the optimal way to

configuring its connections. It makes the equipment maintenance easier.

Multiple configuration and management modes:

Serial interface connection configuration: Serial interface connection configuration

uses VT100 terminal mode. It can use super terminal tool provided by Windows

operating system to complete the configuration; for the bare metal or connectionless

equipment, this method is the only choice;

Telnet connection configuration: 1. Via the IP address of the management Ethernet

interface telnet （10/100Base-TX）on telnet main control board to configure switch;

2. Configure IP address over VLAN interface and set user name and password. Via

the IP address of telnet VLAN interface, it implements switch configuration; when

user requires remote login, and is able to communicating with equipment, this

connection configuration mode can be used;

SSH（Secure Shell） protocol connection configuration: Initiate SSH service on

ZXR10 5900E series equipment, connect the VLAN interface IP address or

management Ethernet port IP address via SSH client software to implement more

secure switch configuration. When users require remote login with high demands for

security, this connection configuration can be chosen;

SNMP connection configuration: The background network server acts as SNMP

server, the front equipment ZXR10 5900E series equipment works as SNMP Client.

The background and front equipment share one MIB to manage the configuration of

ZXR10 5900E series equipment via network management software; This

connection configuration mode enables the user to implement effective

management configuration via network management software.



6.2.2 Monitoring, Controlling and Maintenance

ZXR10 5900E series is capable of multiple ways of equipment policing, management and

maintenance, which enables the equipment to process all sorts of abnormity correctly,

and provide users with all types of parameter in the course of equipment operation.

Equipment Monitoring, Controlling:

There are indicators on power supply module, fan, MSC and all LICs. They show the

operating status of these components;

The MSC switchover and hot swappable records are kept for future reference;

When the fan, power supply or temperature goes wrong, the voice warning and

software warning will be generated;

The system inspects the suitability of software versions during operation

automatically;

The system operation automatically monitors the module temperature, and provides

temperature control warning and software warning;

The system monitors the operating status of the software, when abnormity happens,

the LIC will be restarted and MSC switchover will be implemented as well.

Equipment management and maintenance:

The command line provides flexible online help;

Provide hierarchical user authority management and hierarchical commands;

Support information center, provide unified management of log, alarm and

scheduling information;

Via CLI, user can check the basic information of all MSC, LIC, and optical modules;

Provide multiple sorts of information query, including version, component status,

temperature, CPU and memory availability.

6.2.3 Diagnosis and Debugging

ZXR10 5900E series provides multiple sorts of diagnosis and debugging methods,

enabling user to have multiple ways to adjust equipment and get more debugging

information.

Ping and TraceRoute: by inspecting whether or not the network connection is

reachable and recording the transport path online, maintenance staffs can get link

information for further analysis of failure locating;



Debugging: rich debug commands are provided for each software feature. Every

debug command supports multiple debugging parameters, so it can be controlled

flexibly. Via debug command, specific information of the progress, packet

processing and error inspection of the service in the course of operation can be

displayed;

Mirroring image service: it supports interface-based mirroring image, via which the

incoming, outgoing or bidirectional packets are replicated to the observed interface.

6.2.4 Software Upgrad

ZXR10 5900E provides software upgrade modes in both normal and abnormal

conditions.

Upgrade when the system is abnormal: Provide software upgrade when the

equipment can not be initiated normally. Via modifying boot initation mode, load new

software version from the management Ethernet interface to complete initiation

upgrade;

Upgrade when the system is normal: Provide local or remote FTP online upgrade

when the equipment is in normal condition.

6.2.5 File System Management

File system introduction

In ZXR10 5900E series equipment, the main storage device on MSC is FLASH, in

which software version file and configuration file are saved. So both software

upgrade and configuration storage will have some implementations on FLASH.

FLASH consists of three categories: IMG, CFG and DATA.

IMG: This category is used to save software version file. Software version file with

the extension name of “.zar” is a particular compressed file. The version upgrade

actually is the change of the software version file in this category.

CFG: This category is used to save configuration file whose name is “startrun.dat”;

DATA: This category is used to save abnormal information of the equipment. The

file name format is “YYYY-MM-DD HH-mm-SS.zte” .

File system operation

File backup and recovery: By using FTP/TFTP, the backup of software version file,

configuration file and log of ZXR10 5900E series equipment can be save to the

background server. Or the backup file can be restored from the background server;



File import and export: support the import/export of the file, after that, FTP/TFTP will

replicate the file to the background host. The warning file and configuration file can

be imported and exported for upgrade;.



7 Installation

Please refer to ZXR10 5900E V2.8.23B) Series L3 Intelligent Ethernet Switch Hardware

Manual.



8 Networking

8.1 Product Features in Real Network Implementations

8.1.1 SVLAN( Flexible QinQ)

SVLAN of ZXR10 5900E implements the function of providing SPVLAN label based on

traffic. That is to say, it provides users with corresponding SPVLAN label on one

Customer port based on their needs according to different CVLAN label carried by

packets.

By SVLAN, users can implement mapping from QoS of CVLAN label to SPVLAN.

As shown in the following figure, to implement one VLAN per user and sole identification

for user, start QinQ on user access aggregation switch ZXR10 5900E. In this way inner

layer and outer layer VLAN are combined to represent a user. Outer layer VLAN is

selected based on inner layer VLAN or ACL traffic.

Table 8-1 SVLAN networking application



8.1.2 IPTV

Table 8-2 IPTV networking application

As one of the key technologies of ZTE IPTV system architecture, controllable multicast is

mainly implemented at broadband access network side. The device implementing

multicast control policy (BRAS, DSLAM or switch) is called multicast controlling point. As

the terminating point of user multicast IGMP request, multicast controlling point decides

whether to duplicate multicast traffic to user port based on corresponding IGMP request

and control policy. The nearer multicast controlling point gets to the user, the more

network bandwidth can be saved. As a key device implementing multicast control policy,

multicast control point needs to support the following features: IGMP V1/V2, IGMP

Snooping, IGMP Filter, IGMP Proxy, IGMP Fastleave, MVR（Multicast Vlan Register）,

SGR（Static Group Register）, UGAC（User Group Access Control）, and UGAR（User

Group Access Record）. User demanding authorities are controlled by rules and channel

binding.

As shown in Figure,multicast controlling point is configured on aggregation device ZXR10

5900E. It can establish multicast forwarding table items based on IGMP packets to

implement user access control configuration so as to implement preview, play control of

the channel and to implement IPTV demands of the users.



8.1.3 ESRP

Table 8-3 ZESR networking application

ESRP（Ethernet Smart Ring Protocol）is based on ITU G.8032 protocol. It checks whether

the loop is connected to make sure that there is only one logically connected path

between any two points on the ring. It re-set port status (block or forward) based on loop

changes (connected-blocked; blocked-connected) to make logic path switch quickly.

Show as figure above, to enhance the network reliability, ESRP is deployed in the middle

of access/aggregation layer. When a device on the ring fails, forwarding will not be

impacted. The secondary port will be unblocked to implement reverse data forwarding. At

the same time MAC table item is notified to get updated to guarantee non-interrupted

services.

8.1.3.1 ZESS

Protecting the uplink links of access/aggregation layer device is a problem that

users keep focusing on. Traditional technologies can only implement dual uplink

links protection of a single device with single point error on uplinking device. To

meet the practical networking needs, ZTE develops more advanced ZESS.

The application of ZXR10 5900E in ZESS is shown in Figure:



Table 8-4 ZESS networking application

ZXR10 5900E supports ZESS uplink link protection. It can implement single device

dual uplink networking such as ZESS domain4 and ZESS domain5. It can

implement square connection of two devices and the upper layer NPE such as

ZESS domain1. It can also implement crossing connection of two devices and upper

layer NPE such as ZESS domain2 and ZESS domain3.

ZXR10 5900E ZESS supports main/standby and load sharing mode. In

main/standby mode, the standby link doesn’t carry traffic in normal situation. In load

balancing mode, two uplink links can carry part of traffic respectively so as to

implement load balancing.

8.2 Integrated Networking Applications

8.2.1 MAN Access Layer Solution

As L3 intelligent Ethernet switch, ZXR10 5900E series switches are suitable for the

access layer of MAN working as the communicate switch. In this way, 5900E series

switches connect with users in the access layer, providing rich bandwidth and access

management services. The specific application is as shown in figure.



Table 8-5 MAN Application

Backbone Layer

Core Layer

Aggregation Layer

Access

Layer

Internet

ZXR10 5900E

Network and Service

Management

ZXR10 5900E59E

DSLAM

8.2.2 Enterprise Network Solution

Community network requires large capacity, high port density and high bandwidth.

10G-based ZXR10 5900E series switches are very suitable for community network. They

connect users with the aggregation/access layers, offering various bandwidth and access

management services. The specific application is as shown in figure.



Table 8-6 Enterprise Network Application

Backbone Layer

Core Layer

Aggregation Layer

Access

Layer

Internet

59E59E

Network and

Service Management

DSLAM

Product Description


9 Configuration Instructions

Please refer to ZXR10 5900 series (V2.8.23B) L3 Intelligent Ethernet Switch User

Manual Basic Configuration Volume, ZXR10 5900E series (V2.8.23B) L3 Intelligent

Ethernet Switch User Manual Ethernet Switching Volume, ZXR10 5900E series

(V2.8.23B) L3 Intelligent Ethernet Switch User Manual IPv4 Route Volume,ZXR10 5900E

series (V2.8.23B) L3 Intelligent Ethernet Switch User Manual IPv6 Volume.

Product Description


10 Glossary Abbreviations Full Characteristics

MLD Multicast Listener Discovery Protocol

PIM-SM Protocol Independent Multicast Sparse Mode

PIM-DM Protocol Independent Multicast-Dense Mode

RIP Routing Information Protocol

ARP Address Resolution Protocol

ACL Access Control List

BFD Bidirectional Forwarding Detection

FRR Fast Re-route

OSPF Open Shortest Path First

IS-IS Intermediate System-to-Intermediate System

BGP Border Gateway Protocol

ISATAP Internet/Site Automatic Tunnel Addressing Protocol

COS Class of Service

TOS Type of Service

BRAS Broadband Remote Access Server

DSLAM Digital Subscriber Line Access Multiplexer

SSH Secure Shell

VRRP Virtual Router Redundancy Protocol

RED Random Early Detection

DSCP Differentiated Services Code Point

MPLS Multi-Protocol Label Switching

PE Provider's edge router

CE Custom Edge Router r

RMON Remote Monitor

SNMP Simple Network Management Protocol

DHCP Dynamic Host Control Protocol

ESRP Ethernet Smart Ring Protocol

ERSPAN Encapsulated Remote SPAN

OAM Operations，Administration and Maintenance

QoS Quality of Service

ZESS ZTE Ethernet Smart Switch

IGMP Internet Group Management Protocol

PVLAN Private VLAN

PUPV Per User Per VLAN

PSPV Per Service Per VLAN

STP Spanning Tree Protocol

Product Description


Abbreviations Full Characteristics

RSTP Rapid Spanning Tree Protocol

LACP Link Aggregation Control Protocol

BPDU bridge protocol data unit

DVMRP Distance vector multicast routing protocol

MAC Media Access Control

DCN Data Communication Network

VPN Virtual Private Network

TFTP Trivial File Transfer Protocol

GPS Global Positioning System

TOD time of day

IPFIX IP Flow Information eXport

UDLD UniDirectional Link Detection

LLDP Link Layer Discovery Protocol

SSM Synchronous Status Message

BMC best measurement capability

PTP Precision Time Synchronization Protocol

L2TP layer 2 protocol transportation

VCT Virtual Cable Tester

VRF VPN Routing and Forwarding

LDP Label Distribution Protocol

BITS Building Integrated Timing Supply

CFM Connectivity Fault Management

MA Maintenance Association

MP Maintenance Point

MD Maintenance Domains

LTM LinkTrace Messages

LBM LoopBack. Messages

LTR LinkTrace Reply

LBR LoopBack Reply

IEEE Institute of Electrical and Electronics Engineers

RADIUS Remote Authentication Dial In User Service

ZXR10 5900E Product Description - libertyport.com · 6.1 NetNumen N31 Unified Network Management...

Documents

Transcript of ZXR10 5900E Product Description - libertyport.com · 6.1 NetNumen N31 Unified Network Management...