ZXR108900E - Liberty Port - IT and Telecommunications SeriesCoreSwitch Product Description Version:3.01.01 ZTECORPORATION No.55,Hi-techRoadSouth,ShenZhen,P.R.China Postcode:518057
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Chapter 5 Networking Applications.......................................................... 5-15.1 Application in an Metro Ethernet Network............................................................. 5-1
5.2 Application in a Data Center................................................................................ 5-2
5.3 Application in Ethernet Layer 2 Convergence ....................................................... 5-3
5.4 Application in an Enterprise Network ................................................................... 5-4
5.5 Application in FTTx............................................................................................. 5-5
5.6 Application in a Core Network Bearer .................................................................. 5-6
5.7 Application in IP RAN ......................................................................................... 5-7
Chapter 6 Operation and Maintenance..................................................... 6-1
I
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
About This ManualPurposeThis manual describes the positioning, characteristics, functions and features,architecture, network application, operation and maintenance, technical specifications,and complied protocols and standards of the ZXR10 8900E series products.
Intended AudienceThis manual is intended for network planning engineers.
What Is in This ManualThis manual contains the following chapters:
Chapter Summary
1, Product Positioning and
Characteristics
Describes the positioning and characteristics of the ZXR10 8900E series
products.
2, Functions and FeaturesDescribes the major functions and features supported by the ZXR10
8900E.
3, Product StructureDescribes the appearance, hardware structure, supported boards, and
software structure of the ZXR10 8900E.
4, Technical SpecificationsDescribes the basic specifications, interface specifications, and system
functions and features of the ZXR10 8900E.
5, Networking ApplicationsDescribes typical application of the ZXR10 8900E in actual networking
solutions.
6, Operation and Mainte-
nance
Describes the management and maintenance of the NetNumen U31 uni-
fied network management platform and the ZXR10 8900E.
I
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
II
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 1Product Positioning andCharacteristicsTable of Contents
1.1 Product PositioningThe ZXR10 8900E series core switches are new-generation, enhanced core switches.These switches provide extra large system capacity, high-density ports, and powerfulservice features to satisfy core equipment requirements of MAN, data center, campus,and enterprise network environments.
The ZXR10 8900E, designed as a user-oriented, large-capacity, and distributed system,provides high-density GE, 10 GE, and 40 GE/100 GE port solutions. The ZXR10 8900Euses energy-efficient components and uses an intelligent mechanism for managing fans,power supply, and physical ports to solve capacity expansion problems for users. TheZXR10 8900E provides high convergence with low costs, reduces the investment fee peruser, saves space occupied by devices, and lowers power consumption.
The ZXR10 8900E helps users to build highly-efficient, intelligent, and reliable networks,and reduces maintenance and duplicate investment costs by improving network reliabilityand stability. The ZXR10 8900E performs the following functions:
l Provides comprehensive security protection to guarantee network core security.l Provides multi-level QoS to guarantee end-to-end service experience and improve
network quality.l Provides reliable protection for users from device, link, to network levels by
independent monitoring platform, reconfigurable software, and various switchovertechnologies.
l Supports multi-service bearer and the IPv6 technology to provide IPTV solutions,fulfilling the need of integrated data and voice bearer and various networks.
The ZXR10 8900E series products include ZXR10 8912E, ZXR10 8908E, ZXR10 8905E,and ZXR10 8902E, which respectively provide 12, 8, 5, and 2 service slots and supporta variety of high-density interface boards and service functions. For their overview, seeFigure 1-1.
1-1
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
Figure 1-1 ZXR10 8900E Series Products
1.2 Product CharacteristicsMulti-scenario and All-service IdeasThe ZXR10 8900E provides all-service support, satisfying hierarchical andmultidimensional requirements of users and covering network hotspots and mainstreamscenarios such as Metro E, IPTV bearer, FTTX ultra wide band (UWB) convergence,IP-based 2G/3G/LTE Backhaul bearer (IP RAN), FMC network convergence, data center,and campus network. The specific characteristics include:
l A variety of VPN technologies, enhanced functions such as MPLS L3 VPN and VPLS,MPLS-TE, and multi-service bearer capability
l Rich QoS capabilities to support VPN QoS and provide differentiated services fordifferent application
l Layer-2 and layer-3 multicast protocols to provide high-rate multicast duplicationcapability and leading IPTV solutions to satisfy the requirements for large-capacityIPTV subscriber access and high-performance IP multicast video application
l SynE and 1588v2, Bits and GPS clock interfaces, and four types of clock sourceto implement frequency synchronization, providing perfect clock synchronizationand transmission solutions to radio access networks (RANs) and industry dedicateddevices (such as power supply) and achieving an all-IP-based mobile bearer networkand fix-mobile convergence (FMC) for all-service operators
l Distributed IPv6 to implement ASIC-based full wire-speed IPv6 forwarding, a varietyof IPv4/v6 transition technologies, and IPv6 multicast and application management,protecting profits of customers and adapting to network service developmentrequirements
l Hierarchical intelligent operation and maintenance, and graphical networkmanagement system, allowing users to easily perform multi-service deployment andmanagement
1-2
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 1 Product Positioning and Characteristics
40G/100G Port for a High-speed EraGiving full consideration to future network requirements, the ZXR10 8900E builds anext-generation network core by extra large capacity and high performance. Thus, ithelps mobile operators to meet mass traffic requirements, broadband operators to fulfillincreasing P2P and video demands, and enterprises to deal with intensive traffic by usingcloud computing, and finally provides Tbit/s ultra-high-speed networks. The specificcharacteristics include:
l A new switching network architecture that provides the largest single-slot switchingcapacity and whole-NE switching capacity in the industry
l Up to 96 40GE ports and or 576 10GE ports for a whole NEl Smooth upgrade of 100GE ports to fully protect investors' benefit
Multidimensional Security Model, Reinforcing the Network CoreThe ZXR10 8900E, focusing on the network core, provides a five-start network serviceguarantee through a 5-level model covering safe architecture, safe control, safe operatingsystem, safe computing, and safe services.
l Safe architecture
Supports hot backup for the control and forwarding engine, quick active/standbyswitchover, redundant backup and intelligent check, control and alarm for powersupply, fan, and clock modules, and hot-swapping for all components.
l Safe control
Provides high system stability by isolating control, monitoring, and forwarding.
l Safe operating system
Uses ZTE's new-generation multi-process software platform ZXROS, which providesthe most advanced software architecture reliability in the industry to implementfunction modularization, intelligent and dynamic loading, parallel processing, flexibleexpansion of new functions, and process-based intelligent dormancy that guaranteesservice upgrade without interruption.
l Safe computing
Provides multi-thread parallel high-performance computing based on multiple CPUsto guarantee seamless connection on different planes.
l Safe services
Supports a variety of reliability technologies and equipment-level to network-levelprotective switching technologies, and guarantees smooth operation of all servicesby the industry-leading OAM capability and security protection functions.
Low Carbon and Energy EfficientZTE is always committed to the R&D and application of "environment-friendly data"products and solutions, and insists on sustainable development and environment
1-3
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
efficiency. Based on product lifecycle considerations, ZTE makes all efforts to reduce itsproducts' influence on the environment. The specific characteristics include:
l 40nm highly-integrated chips, proper PCB layout, optimized heat dissipation designfor a single board or the whole cabinet, and highly-efficient power switch to guaranteean energy-efficient high-performance system.
l Intelligent power consumption control system: The power consumption control mod-ule of the operating system supports dynamic port power saving, intelligent line cardstartup, power supply, process dormancy, and service adjustment, 5-level fan speedadjustment, and fan sector control to achieve the maximum balance for the perform-ance-to-consumption ratio.
l Harmless material purchase, green certification for the production process,renewable, biodegradable, and environment-friendly packaging and shippingmaterial, in compliance with domestic and international RoHS standards and theconcept of "green earth, care nature".
l Reconstructable operating system architecture and ideal remote management tools,which greatly improve installation, debugging, operation and maintenance efficiency,increase the remote maintenance ratio, reduce OPEX, and lower attendance andenvironment costs.
1-4
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 2Functions and FeaturesTable of Contents
L2 Functions ..............................................................................................................2-1L3 Functions ..............................................................................................................2-5MPLS and VPN Functions..........................................................................................2-8QoS .........................................................................................................................2-10Clock Synchronization..............................................................................................2-12Protection for Reliability............................................................................................2-13Security and Authentication......................................................................................2-16Network Traffic Analysis ...........................................................................................2-19
2.1 L2 Functions
2.1.1 Basic Ethernet Functions
MAC Address ManagementThe ZXR10 8900E provides the basic functions of maintenance MAC address learningand synchronization, and implements the following management functions:
l MAC address bindingl MAC address filteringl MAC address number restrictionl MAC address permanencel MAC address multi-view display
Port MirroringThe port mirroring function automatically duplicates traffic from one port to another port,so that a network administrator can analyze the traffic in real time when solving networkproblems. Port mirroring provides a monitoring approach for the network administrator.For the ZXR10 8900E, any port can be configured as a mirrored port. The supportedmirroring types include:
l Mirroring between ports of different ratesl Many-to-one port mirroringl One-to-many port mirroringl Many-to-many port mirroringl Inter-line-card port mirroring, supporting simultaneous mirroring of multiple mirroring
groups
2-1
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
l RSPAN, ERSPAN, and other remote port mirroringl Stream-based mirroring
Port Security ProtectionThe ZXR10 8900E supports the following port security protection functions:
l Port traffic control, broadcast storm suppression, jumbo restriction, rate negotiation foreffective data traffic control on a port, which prevents network congestion and ensuresnormal network service operation.
l Line diagnosis, analysis, and testing, which checks whether lines or links are normaland accurately locates line-specific faults, making network management and faultlocating more easy.
l Loop detection for some or all ports (no detection by default), which checks forthe loops of the subscribers or switches connected to these ports, so that switchbroadcast storms and other abnormal situations can be avoided and the influencecan be constrained to the specific ports.
l VLAN-based loop detection not only for the VLAN where the PVID of a port islocated, but also for a VLAN specified by the subscriber on a port, which supportsloop detection on up to eight VLANs at the same time.
2.1.2 VLAN FunctionsThe ZXR10 8900E supports 802.1Q VLANs. For an untagged packet, the ZXR10 8900Esupports adding a subnet-based, protocol-based, or port-based VLAN tag to fulfill richVLAN functions.
In the 802.1Q VLAN protocol, a VLAN ID is represented by a 12-bit numeral. As aresult, the number of VLANs is limited to 4096 and cannot satisfy actual applicationrequirements. The ZXR10 8900E expands VLAN in four aspects including QinQ, PVLAN,VLAN translation, and layer-3 related super VLAN.
QinQQinQ allows multiple VLAN tags in an Ethernet frame. A subscriber's private networkVLAN tag is encapsulated into a public network VLAN tag, and then the double-taggedframe goes through the backbone network, providing a simple 2-layer VPN tunnel for thesubscriber. The ZXR10 8900E implements static configuration for QinQ. QinQ involvestwo VLAN types:
l Service VLAN (SVLAN)l Customers VLAN (CVLAN)
The ZXR10 8900E supports traditional SVLAN configuration and VFP-based SVLANconfiguration. The latter can implement traffic-type-based tagging.
2-2
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 2 Functions and Features
PVLANAll the servers are in the same subnet and can communicate only with their own gateway.This is called private VLAN (PVLAN).
A PVLAN effectively guarantees data communication security for an access network byconnecting all subscribers to a default gateway and isolating them from each other. Portsin the same VLAN cannot communicate with each, but they can traverse the trunk port.Thus, subscribers in the same VLAN are not affected by broadcast packets.
A PVLAN does not need protocol packet support, and can be implemented on the ZXR108900E by static configuration.
VLAN TranslationVLAN translation is an extended VLAN function. If a switch port is enabled with VLANtranslation, it is required that incoming data packets received on this port must be taggedpackets. VLAN translation uses "port number + vid in the tagged packet" as an index tolook up the MAC-VLAN table to obtain a new vid. Then, the packet is switched in the newVLAN. Thus, VLAN-to-VLAN translation is implemented.
VLAN translation is implemented on the ZXR10 8900E by static configuration. Besidesbasic single-tag conversion, the ZXR10 8900E can also implement the following functionsby combining VLAN translation and SVLAN:
l When a single-layer frame is received, add an outer tag according to policies. Mappingpolicies or 1-to-1 mapping can be configured.
l When a single-layer frame is received, modify the inner tag and add an outer tagaccording to policies. Mapping policies or 1-to-1 mapping can be configured.
l When a double-layer frame is received, delete the outer tag according to policies.l When a double-layer frame is received, delete the outer tag and modify the inner tag
according to policies. Mapping policies or 1-to-1 mapping can be configured.l When a double-layer frame is received, modify the outer tag according to policies.
Mapping policies or 1-to-1 mapping can be configured.l When a double-layer frame is received, modify the inner tag according to policies.
Mapping policies or 1-to-1 mapping can be configured.l When a double-layer frame is received, modify the inner and outer tags according to
policies. Mapping policies or 1-to-1 mapping can be configured.
Super VLANVLAN aggregation divides VLANs into super VLANs and sub VLANs. Multiple VLANs(called sub VLANs) are aggregated into one super VLAN, and all use the IP subnet anddefault gateway IP address of the super VLAN. The ZXR10 8900E can specify a specificsub VLAN to send ARP packets or VRRP heartbeat packets. In addition, the ZXR10 8900Esupports binding BFD to a specific super VLAN interface.
2-3
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
2.1.3 Link AggregationLink aggregation means that physical links of the same type of transmission media andthe same transmission rate are bound together to obtain a logical link. Link aggregationincreases bandwidth and achieves traffic load sharing.
The ZXR10 8900E supports the aggregation of static and dynamic links for FE, GE, and10 GE ports, as well as inter-line-card and inter-device link aggregation. Links aggregatedon the ZXR10 8900E to obtain a logical port called smartgroup, which can be used as acommon port.
Static AggregationStatic port trunking allows multiple physical ports to be manually added to a trunk group toobtain a logical port. However, when using this aggregation method, users cannot easilyobserve the statuses of the aggregate ports.
When configuring link aggregation on the ZXR10 8900E, comply with the followingprinciples, which are also applicable to LACP:
l Up to 128 trunk groups can be configured, each of which contains up to 8 memberports.
l A member port can be in access, trunk, or hybrid mode, and all the member portsmust be in the same mode.
l Inter-interface-board aggregation is supported . Member ports can be distributed onany interface board, but selected ports must be in full-duplex mode at the same rate.
LACPThe Link Aggregation Control Protocol (LACP) complies with the IEEE 802.3ad standard.The LACP allows multiple physical ports to be aggregated into a trunk group to obtain alogical port called smartgroup. The LACP automatically performs aggregation to achievethe maximum bandwidth. LACP aggregation is divided into static aggregation anddynamic aggregation. The former is configured manually, while the latter is performed bydynamically adding ports to an aggregate group through related protocols.
The ZXR10 8900E supports smartgroup configuration. Load sharing can be implementedby the following means, which are also applicable to static aggregation:
l By source MAC address, VLAN, Ethertype, and incoming portl By destination MAC address, VLAN, Ethertype, and incoming portl By source and destination MAC addresses, VLAN, Ethertype, and incoming portl By source IP address and source TCP or UDP port numberl By destination IP address and destination TCP or UDP port numberl By source and destination IP addresses and source and destination TCP or UDP port
numbers
2-4
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 2 Functions and Features
MC-LAGBesides intra-line-card and inter-line-card link aggregation, the ZXR10 8900E alsosupports Multi-Chassis Link Aggregation Group (MC-LAG) and the Spanning TreeProtocol (STP).
2.1.4 L2 MulticastThe ZXR10 8900E can implement layer-2 multicast and dynamically maintain a multicastgroup that users dynamically join and leave.
IGMP SnoopingBased on the layer-2 multicast technology, the ZXR10 8900E supports the IGMP snoopingtechnology to effectively manage multicast group members, suppress multicast flooding ina layer-2 network, and prevent unauthorized users from receiving multicast traffic.
If IGMP snooping is enabled on the ZXR10 8900E, multicast packets are multicast tospecific ports on layer 2. If IGMP snooping is not enabled, multicast packets are broadcastto all ports on layer 2. The ZXR10 8900E also supports MLDv1/v2-based MLD snoopingto implement smooth IPv4-to-IPv6 evolution.
IGMP ProxyThe ZXR10 8900E also supports the IGMP proxy function. Unlike IGMP snooping, whichobtains multicast information by listening to IGMP traffic, the IGMP proxy mechanismblocks and processes the IGMP requests from terminal users, and forwards them to anupper-layer router.
2.2 L3 FunctionsIPv4 Routing ProtocolsRIP
The Routing Information Protocol (RIP) is a distance-vector routing protocol based on thelocal network. The RIP uses UDP packets to exchange RIP routing information. A protocolpacket to be transported is encapsulated into a UDP packet. The routing information in aRIP packet contains the number of hops in a path from the source to a destination. Eachhop determines the route to the destination by the hop count. RFC has a limit on the hopcount. The maximum hop count is 15. Therefore, the RIP is applied to internal gatewaysin small-size autonomous systems.
On the ZXR10 8900E, the RIP has the following main functions:
l Sends and receives RIP packets according to the protocol, checks the correctness ofthe packets, and performs certain identity verifications.
l Supports RIPV1/V2, plain text and MD5 authentication, and route redistribution.
2-5
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
l Uses split horizon and trigger update mechanisms to prevent routing loops andshorten route convergence time.
l Supports protocol debugging.
OSPF
The Open Shortest Path First (OSPF) is an Interior Gateway Protocol (IGP) developed bythe IETF. TheOSPF uses a link state routing and Shortest Path First (SPF) algorithms. TheOSPF is loop-free, which is of great significance for mesh networks or LANs connectedthrough multiple bridges. Each OSPF router maintains an identical database describingthe Autonomous System (AS)'s topology. The database is composed of each router'spartial state information, such as the router's available interfaces, neighbors, connectednetworks, and external routing information of the AS.
On the ZXR10 8900E, the OSPF has the following main functions:
l Employs a hierarchical network topology that is applicable to large interconnectionnetworks.
l Uses the dynamic routing algorithm Dijkstra to automatically and quickly trace networktopology changes.
l Supports display and configuration commands from the primary console,SNMP-related command, display, and MIB variables.
l Supports routing protocol packet authentication, including simple passwordauthentication and MD5 authentication, to prevent routing protocol packets frombeing illegally modified.
l Uses retransmission and confirmation mechanisms to guarantee the reliability oflink-state synchronization.
l Supports a variety of distance metric solutions, such as physical distance, delay, andthroughput.
l Supports stub area and NSSA functionsl Supports Area Border Routers (ABRs) and Autonomous System Border Routers
(ASBRs).l Supports classless routing and route aggregation.l Controls route re-distribution and filtering by a route map.
IS-IS
The Intermediate System-to-Intermediate System (IS-IS) intra-domain routing protocolrepresents the OSI model for L3 switches. It can be applied to TCP/IP-based IP networks.The IS-IS protocol is easy to extend for other protocols mainly IPv6. The IS-IS systemis divided into two layers: the backbone (L2) and areas (L1). An L3 switches can onlybelong to one area. Ll switches know only topology of their own area. All the traffic toother areas is sent through the closest L2 switch. L2 switches compose the backbone,which is similar to the backbone area 0 in OSPF.
On the ZXR10 8900E, the IS-IS has the following main functions:
l Supports L1/L2 address aggregation.l Supports L1/L2 hierarchical routing and the ATT bit.l Supports the three area addresses and smooth area address migration.
2-6
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 2 Functions and Features
l Supports load balancing for the same destination.l Supports plain-text authentication for an interface or area.
BGP
The Border Gateway Protocol (BGP) is an exterior gateway protocol. Its basic function isto exchange loop-free routing information between multiple autonomous systems. Theinformation exchanged by the BGP carries rich attributes, which help to construct thetopology of ASs and implement AS-based routing policies. The routing information withAS IDs can also help eliminate routing loops.
On the ZXR10 8900E, the BGP has the following main functions:
l Applied to mass network application and backbone networks.l Supports eBGP and IBGP.l Supports the eBGP multi-hop technology.l Supports the community and route reflector attributes.l Supports AS alliance and route suppression.l Supports MP-BGP.l Supports MD5 authentication and route filtering.l Supports route redistribution.
Policy Routing
Policy routing matches specific values in an IP packet to with a policy set by a networkmanagement user. If the values satisfy the policy, the packet is forwarded accordingto the route specified by the policy. Otherwise, the packet is forwarded according to aconventional routing table.
The ZXR10 8900E implements ACL-based policy routing.
IPv6 RoutingThe ZXR10 8900E supports the following IPv6 unicast routing features:
l Supports IPv6 neighbor discovery protocols to discover routers and prefixes, resolveaddresses, determine next-hops, redirect routes, and detect unreachable neighborsand duplicate addresses, bringing more flexibility to node mobility.
l Supports the IPv6 MTU discovery protocol to dynamically identify the maximumtransmission unit (MTU) and ensure that the size of each packet sent by a node doesnot exceed the MTU value.
l Supports IPv6 static routing.l Supports the IPv6-based dynamic routing protocols RIPng, OSPFv3, ISISv6, and
BGP4+.
IPv4 to IPv6 TransitionThe ZXR10 8900E provides multiple mechanisms for IPv4 to IPv6 transition. For example,the dual-stack technology and various tunneling technologies, which are applicable todifferent scenarios. The ZXR10 8900E supports the following features:
l Supports IPv4/IPv6 dual-stack coexistence.
2-7
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
L3 MulticastThe ZXR10 8900E supports the IGMPv2, IGMPv3, and MLDv1/v2 protocols, as well asIPv4/v6-based PIM-DM, PIM-SM, and PIM-SSM protocols, providing a complete set ofmulticast solutions. In addition, to provide enhanced and more reliable multicast servicesand guarantee the deployment and operation of the services, the ZXR10 8900E alsosupports the functions of multicast route guard and anycast RP.
Controllable MulticastThe ZXR10 8900E supports a complete set of controllable multicast features. Itimplements accurate control on multicast users by the functions of IGMP V1/V2/V3, IGMPSnooping, IGMP Proxy, IGMP Fastleave, multicast VLAN, Channel Access Control (CAC), and Call Detail Record (CDR),
The ZXR10 8900E also provides the following customized controllable multicastmanagement functions to allow you to directly manage IPTV channels and subscribers:
l Channel access controll Channel managementl Package managementl Preview configurationl Preview template managementl CDR recordingl Uniform network management through MIB
The ZXR10 8900E provides these controllable multicast functions to allow the networkoperator to accurately control their multicast services, perform overall subscribermanagement, and flexibly deploy IPTV services.
MCEThe Multi-VRF CE (MCE) technology extends CE capabilities to support VRF functions.Devices providing the MCE function are called MCE devices. The ZXR10 8900E supportsMCE configuration.
2.3 MPLS and VPN FunctionsBasic Functions of MPLSMultiprotocol Label Switching (MPLS) is a multi-layer switching technology. It combineslayer 2 switching technologies with layer 3 routing technologies, using labels to aggregate
2-8
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 2 Functions and Features
forwarded information. Running on the routing layer, MPLS supports various upper-layerprotocols and can be implemented on different physical platforms.
MPLS combines the performance and capabilities of Layer 2 switching with the flexibilityand scalability of Layer 3 routing, and thus simplifies MPLS network management andoptimizes network performance.
Now, the ZXR10 8900E provides a complete set of MPLS protocols and mainly providesthese functions:
l Supports the LDP and RSVP protocol.l Supports TTL value decreasing, loopback detection, policy management, and
penultimate hop popping.l Supports automatic label distribution by downstream and free label retention mode.l Supports LSP fast rerouting and RSVP-LSP establishment.
MPLS TEMPLS TE combines traffic engineering with the MPLS protocol to allow service providersto precisely control the path through which traffic goes. Thus, congestion nodes can beavoided, and paths will not be too overloaded or too idle, allowing bandwidth resourcesto be fully utilized. In addition, during the establishment of an LSP tunnel, MPLS TE canreserve resources to guarantee the quality of service.
The ZXR10 8900E supports MPLS TE and provides the following features:
l Provides the capability of forwarding IP packets through a non-IGP shortest path,effectively avoiding network congestion caused by unbalanced network traffic.
l Guarantees bandwidth by reserving bandwidth for key traffic, defining priorities, andusing bandwidth preemption mechanisms, so that packets will not be dropped due toinsufficient link bandwidth.
l Guarantees stable and reliable data transmission: When a link or transmission nodefails, the link can be quickly switched to a backup one through MPLS TE FRR andMPLS TE. In addition, LSP full-path protection is supported, which greatly reducesnegative impacts on traffic.
l Supports MPLS VPN over TE and LDP over RSVP, allowing TE tunnels to providebandwidth guarantee and service isolation for MPLS VPN services.
MPLS Layer 2 VPNMPLS layer 2 VPN falls into two categories:
l Virtual Private Wire Service (VPWS): Implements point-to-point communicationsbetween sites within a VPN.
l Virtual Private LAN Service (VPLS): Implements point-to-multipoint communications.In a VPLS network, a CE simply sends the data destined to all destinations to the PEconnected to the CE.
The ZXR10 8900E supports the VPWS drafted by Martini and the extended LDP toestablish different LSPs according to service types. It also supports Ethernet and VLANencapsulation, and LDP-based extended VPLS.
2-9
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
The ZXR10 8900E also supports hierarchical VPLS (HVPLS), with the access mode beingPW or QinQ.
l Address overlappingl Static route, RIP, OSPF, and BGP access of a CEl The extended community attribute, capability negotiation, and route update of the
BGPl Binding a VLAN to a VRF
The ZXR10 8900E supports Multi-AS VPN, providing the following three inter-domain VPNdeployment solutions:
l VRF-to-VRF solutionl Single-hop MP-EBGP solutionl Multi Hop MP-EBGP solution
2.4 QoSBasic QoSAs the IP network is evolving, more and more new services demand that the IP networkprovide predictable as well as reliable transmission. Users demand that their network canprovide stable and high-performance services in any place and at any time.
Traffic engineering is intended for optimizing network performance. It can map traffic toactual physical channels and meanwhile automatically optimize network resources to fulfillthe serviceability required by particular application. It is a network engineering technologythat allows both macro regulation and micro control.
At present the key to traffic engineering is load balancing and network recovery. IP trafficengineering is to effectively implement the integration of the conventional best-effort IPservice and the QoS.
To fulfill the above objectives, the ZXR10 8900E provides the following functions:
Traffic Classification
Traffic means the packets sent through switches. Traffic classification is to classify thepackets according to particular characteristics. To achieve this purpose, you can use anACL, especially an extended ACL.
Packets can be classified by various ACL filtering options, such as source/destination IPaddress, source/destination MAC address, IP protocol type, TCP source/destination portnumber, UDP source/destination port number, DSCP, ToS, IP Precedence, VLAN ID, and802.1p priority.
Traffic Policing
2-10
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 2 Functions and Features
Traffic policing restricts the bandwidth for a specific service to reduce the impacts on otherservices. Actions taken when the traffic exceeds a limit include:
l Dropping or forwarding the packet.l Passing the packet through with a modification to the DSCP value.l Passing the packet through with a modification to the drop priority (packets with a high
drop priority are dropped first when the queue is congested)
The ZXR10 8900E implements the Single Rate Three Color Marker (RFC2697) and (TwoRate Three Color Marker) (RFC4115) functions. Both algorithms support Color-Blind modeand Color-Aware mode.
Traffic Shaping
Traffic shaping controls the rate of outputted packets, so that all the packets are sent outin an even rate. Through traffic shaping, packet rates can match downstream devices, sothat congestion and packet dropping can be avoided.
The ZXR10 8900E supports traffic shaping at two levels, namely, VLAN-based trafficshaping and port-based traffic shaping. Thus, the system can implement multi-level trafficcontrol and ensure hierarchical QoS and management.
Congestion Avoidance
The ZXR10 8900E uses the RED/WREDmethod to avoid congestion and improve networkquality.
The ZXR10 8900EWRED can perceive services, including the IP precedence, DSCP, andthe MPLS EXP bit, and can set different early drop policies for the packets of differentpriorities, so that differentiated drop features are provided to different services.
Queue Scheduling
Each physical port of the ZXR10 8900E supports eight output queues (numbered from 0to 7), which are called CoS queues. According to the CoS corresponding to the 802.1ptag in a packet, the ZXR10 8900E performs output queue operations on the ingress. Incase of network congestion, multiple packets compete for resources. This problem can besolved by queue scheduling.
The ZXR10 8900E supports three queue scheduling methods. The eight output queueson a port can use different scheduling methods.
l Strict priority (SP)l Weighted round robin (WRR)l Dynamic weighted round robin (DWRR)
The 802.1p tag contains packet priority information. If the packet entering a port does notcarry a 802.1p tag, a switch allocates a default 802.1p value to the packet.
Priority Tag
A priority tag re-assigns a set of service parameters to the particular traffic described in anACL. The following types of operations can be performed:
l Modifying the CoS queue of a packet and the 802.1p value
2-11
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
l Modifying the CoS queue of a packet, but keeping the 802.1p value unchangedl Modifying the DSCP value of a packetl Modifying the drop priority of a packet
Ethernet OAMAt present, the ZXR10 8900E supports the following Ethernet OAM standards:
l IEEE 802.3ah (Operations, Administration, and Maintenance-OAM)l IEEE 802.1ag (Connectivity Fault Management-CFM)
The ZXR10 8900E supports Ethernet OAM functions that support the above mentionedstandards. The functions include Ethernet continuity test (ETH-CC), Ethernet loopback(ETH-LB), Ethernet link tracing (ETH-LT), Ethernet frame loss measurement (ETH-LM),Ethernet frame delay measurement (ETH-DM), remote fault indication, and remoteloopback.
2.5 Clock SynchronizationThe trend to IP-based bearer networks requires the Ethernet to provide accurate clock tothe mobile wireless network, which has a strict requirement for high precision. Frequencysynchronization and time synchronization are both needed. The ZXR10 8900E supportsa synchronous Ethernet plus 1588v2 solution. It uses synchronous Ethernet to implementclock frequency synchronization, and uses IEEE 1588 to implement time synchronizationby frequency fine tuning and time maintenance.
The ZXR10 8900E can be configured with various clock source priorities, according towhich the clock sources are selected. The clock source of the highest priority is used.When this clock source fails, a clock source of one priority level lower takes effectimmediately. The clock source recovery policy is as follows: When the clock source ofa higher priority is recovered, the clock can choose to switch to the clock source of thehigher priority, depending on configuration.
Clock SourceThe ZXR10 8900E supports five types of clock sources. The main control determines todistribute which clock source to the whole system. The five types of clock sources are:
l Local clock: Local clock is used by system hardware, and it provides the most basicclock signals.
l BITS: Supports 2 MHz analog clock signals and 2 Mbits digital clock signals.l GPS: As the conventional mobile network clock source, GPS provides highly accurate
clock signals. It can provide 1PPS+TOD signals.l SyncE: Support synchronous Ethernet interfaces to restore and retrieve clocks from
the physical layer.l 1588v2: The IEEE 1588v2 is a precision time protocol. By transmitting messages
between active and standby devices, it implements accurate synchronization of theactive/standby clock and time.
2-12
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 2 Functions and Features
Synchronous EthernetThe ZXR10 8900E can retrieve line clocks from Ethernet links, and supports obtainingreference clocks through external synchronous interfaces (including BITS and GPS) asthe input for the system clock selection function. According to synchronization stateinformation or alarms, the system selects a proper clock source and export clock source.After determining the clock source, the system uses the highly accurate clock on Ethernetinterfaces to send data and transfer synchronization state information to implementend-to-end sent/received data synchronization on the Ethernet physical layer.
IEEE 1588 v2The ZXR10 8900E implements the IEEE 1588 v2 protocol, and supports the followingoperational modes:
l Normal clock
Only one port supports the 1588 protocol, which can be configured as grandmasteror slave.
l Border clock
Multiple ports support the 1588 protocol, which can be connected to multiple normalclocks or transparent clocks.
l Transparent clock
The 1588 protocol does not run on each node, but the node needs to modifytimestamps. When forwarding a time packet, the node updates the time correctionfield, which is in either E2E or P2P mode.
Clock ProtectionThe ZXR10 8900E supports two clock protection modes:
l Port selection protection
The ZXR10 8900E uses the SSM protocol and the best master clock (BMC) algorithmto implement automatic protective switching, and ensure reliable clock transfer.
l Dual-main-control protection
The ZXR10 8900E's active/standby main control modules always synchronize clockinformation. When a main control module receives a BITS or GPS clock signal, itdirectly forwards the signal to the other main control module.
2.6 Protection for ReliabilityEquipment ProtectionMain Control Module Protection
The ZXR10 8900E provides carrier-class reliability. It provides two main control boards,each of which has control modules and switching modules. The two main control boards
2-13
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
work in load-sharing or redundancy backup mode. Redundancy is supported for switchingmodules and main control modules. If an active module fails, services and data will beswitched to the standby module to guarantee uninterrupted data transfer and serviceoperation.
Power Module Protection
To satisfy telecom carriers' strict requirements for equipment reliability, the ZXR10 8900Eprovides a hot backup design for power supply, and supports 48 V DC and 220 V AC powersupply modes. DC power supply operates in 1+1 mode, while AC power supply operatesin 1+1 backup or 2+1 backup mode depending on rack configuration. Thus the reliabilityof the power supply system is improved. In addition, the ZXR10 8900E's power supplysystem provides various intelligent mechanisms to protect power supply, detect and reportfaults according to parameters such as voltage, current, temperature.
System Monitoring
The ZXR10 8900E satisfies carrier-class reliability requirements, and provides a whole setof system monitoring approaches to reduce customers' maintenance costs and improveequipment stability and reliability.
In terms of hardware, the ZXR10 8900E monitors ambient temperature, boardtemperature, fan status, power status, power consumption sampling (including PoEpower supply), and air volume (or calculated by temperature if conditions do not permit).In terms of software, the ZXR10 8900E actively collects the information about ambienttemperature, board temperature, fan status, power status, power consumption sampling(including PoE power supply), and air volume. If a fault occurs or an index exceedsits alarm threshold, the system raises an alarm and reports the fault. Alarm and faultinformation can be periodically stored and uploaded to a specified server.
Network Detection MechanismsDuring network equipment operation, link failures, single-point failures, and connectivityproblems may occur. To discover all sorts of faults in the network in time, and provideprotective measures, the ZXR10 8900E provides a series of effective network detectionmechanisms. In addition to the detection techniques mentioned below, the ZXR10 8900Ealso supports many fault detection and locating methods such as UDLD, IP Ping, IP Trace,multicast Traceroute, LSP Ping, and LSP Traceroute.
BFD
The ZXR10 8900E supports the BFD of static routes, OSPF and other dynamic routes,and VRRP to implement fast convergence. The ZXR10 8900E supports combining BFDand FRR technologies to provide a fast fault detection mechanism and implement fastrerouting.
OAM Detection
OAM provides rich detection methods (mainly the Ethernet OAM technology) for identifyingnetwork faults. Through OAM packet detection, the system can detect the link status, nodestatus, and tunnel connectivity, and trigger protective switching when finding a fault.
2-14
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 2 Functions and Features
SQA
The ZXR10 8900E supports ICMP-echo, DHCP, DNS, FTP, HTTP, UDP-jitter, SNMP, TCP,UDP-echo, Voice, and DLSw detection. It can link the detection results to functions suchas VRRP.
Intelligent Ethernet ProtectionThe ZXR10 8900E supports ZTE Ethernet Switch Ring (ZESR), ZTE Ethernet SmartSwitch (ZESS), and ZESR+, and provides ring network protection and dual-uplink linkprotection. ZESR/ZESS/ZSER+ comply with the ITU-T G.8032 standard.
Layer 3 Routing ProtectionThe ZXR10 8900E supports the following layer 3 routing protection functions:
l Enhanced VRRPl Route load sharingl Graceful Restart (GR)
VPN ProtectionThe ZXR10 8900E supports layer 3 route protection, mainly including PW protection andMPLS VPN dual-home protection. MPLS VPN dual-home protection can be dual-hominga CE to two PEs or dual-homing a UPE to two NPEs.
FRR ProtectionSupporting IP FRR
The switching speed of IP Fast ReRoute (IP-FRR) reaches 50 ms, which can minimizedata loss upon network failures. The IP FRR function computes backup routes in advance.If an active route fails, the IP FRR function does not re-compute routes, but switch trafficto a backup route. When the active route is restored to normal, the traffic is switched backto the active route.
The ZXR10 8900E supports static routing, OSPF, IS-IS, and RIP fast rerouting. Thus trafficcan be quickly switched in one direction, which satisfies the switching time requirement ofservices.
Supporting LDP FRR
The LDP FRR is an MPLS-related reliability technology. Through the Label DistributionProtocol (LDP), the LDP FRR distributes an active/standby label to a route. Due to theexistence of standby labels, a router can rapidly respond to route changes and switch to astandby label to implement switching protection with 50 ms after a network failure occurs.
The LDP FRR is a temporary protective measure. When the protected link is restored, thetraffic will be switched back to the original LSP. The LDP FRR does not depend on thecomplicated MPLS TE technology, and need not establish standby LSPs respectively forlinks, nodes, and paths. So, the implementation is easy.
Supporting MPLS TE FRR
2-15
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
The MPLS TE fast reroute (FRR) is a set of mechanisms in MPLS TE for protectinglinks and nodes. If an LSP link or node fails, the node where the failure is discoveredwill be protected, so that traffic can still pass through a protective link or node, and datatransfer is not interrupted. Meanwhile, the head node can continue initiating primary pathre-establishment.
Supporting L3VPN FRR
The L3VPN FRR solves the problem of end-to-end service convergence for a dual-homeCE, the most common network model. If a PE node fails, the L3VPN FRR can controlthe end-to-end service convergence time within 1 s. The MPLS TE FRR only solves thefailures of links or nodes, but it cannot implement end-to-end fast convergence in case ofa PE failure, which requires VPN route convergence.
2.7 Security and AuthenticationACLTo filter data, a network device should be configured with a series of matching rules toidentify the objects to be filtered. After particular objects are identified, the device permitsor denies the passing of the corresponding data packets, depending on preset policies.An Access Control List (ACL) can be used to implement these functions.
The ZXR10 8900E provides five types of ACLs:
l Link ACLsl IPv4 ACLsl IPv4 mixed ACLsl IPv6 ACLsl IPv6 mixed ACLs
Device AuthenticationAAA
The ZXR10 8900E support Authentication, Authorization and Accounting (AAA). It cannot only authenticate and authorize a subscriber by with the assistance of hierarchicalcommand line protection, but also verify the validity of network management users innetwork management. By using the AAA mechanism, the ZXR10 8900E can effectivelyprevent illegal subscribers from logging in.
For different subscriber access authentication policies, the device provides perfect AAAauthentication and authorization functions. According to different access authenticationrequirements, you can configure different access authentication policies to performauthentication and authorization on subscribers selectively.
The AAA supports three subscriber authentication modes:
l Local account verificationl Remote Authentication Dial-In User Service (RADIUS) verificationl Terminal Access Controller Access Control System (TACACS+) verification
2-16
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 2 Functions and Features
The AAA supports four authorization modes:
l Direct authorization: Subscribers are trusted and directly authorized.l Local account authorization: Authorizes subscribers according to the locally
configured accounts.l TACACS+ authorization: TACACS+ can separate authorization from authentication.
The TACACS+ server performs subscriber authorization.l Authorization after successful RADIUS authentication: The RADIUS protocol does
not allow the separation of authentication and authorization.
SSH
The Secure Shell (SSH), drafted by the IETF, is a security protocol established on theapplication and transport layers. The SSH is a reliable protocol that provides securityparticularly for remote login sessions and other network services. The SSH protocol caneffectively prevent information leakage during remote management. Through the SSHprotocol, data can be encrypted before transmission, and thus intermediary attacks canbe avoided.
The SSH supports two authentication modes:
l Password-based security verificationl Key-based security verification
The ZXR10 8900E supports SSHv2 security verification.
Hierarchical Commands
The ZXR10 8900E implements authority-based hierarchical command management. Upto 16 command authority levels are supported. Different login subscribers are boundto different authority levels. The lower the level, the less commands the subscriber isallowed to use. The administrator, who has the highest authority level, can set differentauthority levels for commands, and thus customized command authority configuration isimplemented.
Access Security802.1x
The ZXR10 8900E's 802.1X module performs the following functions:
l Supports the authenticator's functions.l Supports local authentication.l Supports that the authenticator PAE sends or receives EAPOL frames through an
uncontrolled port.l Supports manipulating a controlled port by using AuthControlledPortControl
parameter values including ForceUnauthorized, Auto, and ForceAuthorized.l Supports manipulating a controlled port by using both AdminControlledDirections and
OperControlledDirextions parameters.l Supports periodic re-authentication for a supplicant according to a re-authentication
timer.
2-17
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
l Supports transparent transmission of 802.1x authentication packets whenauthentication is not required.
By establishing the binding relations between a port and a VLAN, MAC address, or IPaddress, an IP source guard checks the packet source and allows traffic satisfying specificconditions to pass, and thus packet security control is implemented. The IP source guardestablishes a binding table in either of the following forms:
l Static bindingl Dynamic binding
The ZXR10 8900E supports IPv4-based and IPv6-based IP Source Guard function.
DAI
Dynamic ARP Inspection (DAI) sends ARP packets up to a CPU for processing. Afterdetermining that the ARP packet is legal or not, the CPU forwards or drops it.
Network SecurityThe ZXR10 8900E implements network-based security protection, and every module hasthe security checking function. In the ZXR10 8900E, network security functions are asfollows:
l Prevents subscriber ARP snooping.l Supports MAC address flood protection, which restricts the number of MAC
addresses.l Sets broadcast packet thresholds on a port.l Filters layer 2, 3 and 4 ACLs together.l Filters routes.l Forbids ICMP redirection to prevent an attacker from sending fake ICMP packets.l Prevents CPU attacks, provides protocol packet protection, distributes different
hardware CPU queues to protocol packets, sets priorities, limit rates, performs QoSsuch as WRED, and protects CPU.
l Prevents DoS attacks by hardware queues, and supports preventing land | null-scan| ping-of-death | smurf | sys-fin | syn-port-less-1024 | xma-scan | ping-flood | syn-floodattacks (for ping-flood | syn-flood, rate limiting is supported).
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 2 Functions and Features
As the network environment becomesmore and more complicated, switches are facing thedemand for higher attack prevention capabilities. There are many methods and policiesfor DDoS attack prevention. CPU protection is one of the major methods.
The ZXR10 8900E's DDoS attack prevention supports most L2 and L3 protocols. L2protocols mainly include some STP and MSTP packets, as well as layer 2 ring networkpackets of switches. L3 protocols mainly includes the IPv4 and IPv6 protocols.
l IPv6 protocols: MLD, ND, ICMP6, BGP4+, RIPNG, OSPFv3, LDPTCP6, LDPUDP6,Telnet6, and PIM6.
The ZXR10 8900E expands hierarchical CPU protection based on regular CPU protection.Hierarchical CPU protection includes hardware, software, and protocol stack protection.The ZXR10 8900E also prevents DDoS attacks by limiting MAC address learning, limitingthe port flow rate, and multi-layer ACL filtering.
uRPF
The ZXR10 8900E supports strict, loose, and loose-ingoring-default-route Unicast ReversePath Forwarding (uRPF).
l Strict uRPFmeans that a packet is dropped if the egress found according to the sourceaddress does not exactly match the ingress, or is handled properly otherwise.
l Loose uRPF means that the packet is handled normally if a route is found accordingto the source address and the default route's egress is consistent with the ingress, oris dropped otherwise.
l Loose-ingoring-default-route uRPF means that the packet is handled normally if aroute is found according to the source address and it is not the default route, or isdropped otherwise.
ND Security
The ZXR10 8900E supports the configuration of trusted switch ports, trusted switchaddresses, and ND learning quantity limit. It supports ND snooping-based ND packetfiltering by configuring a static binding relation between a port and a VLAN, IP address, orMAC address. It can also detect ND packets based on DHCPv6 snooping entries, allowlegal packets to pass, so that network risks are minimized.
2.8 Network Traffic AnalysisThe ZXR10 8900E supports mainstream network traffic analysis technologies includingIETF standard IPFIX and sflow.
2-19
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
This page intentionally left blank.
2-20
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
3.1 Product OverviewThe ZXR10 8900E uses a large-capacity rack architecture. The hardware system iscomposed of a chassis, a backplane, fan subracks, power supply modules, switchingmain control boards, and various link processing boards.
ZXR10 8912E OverviewFor the ZXR10 8912E overview, see Figure 3-1.
Figure 3-1 ZXR10 8912E Overview
For the ZXR10 8912E structure, see Figure 3-2.
3-1
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
Figure 3-2 ZXR10 8912E Structure
ZXR10 8908E OverviewFor the 8908E overview, see Figure 3-3.
Figure 3-3 ZXR10 8908E Overview
For the ZXR10 8908E structure, see Figure 3-4.
3-2
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 3 Product Structure
Figure 3-4 ZXR10 8908E Structure
ZXR10 8905E OverviewFor the 8905E overview, see Figure 3-5.
Figure 3-5 ZXR10 8905E Overview
For the ZXR10 8905E structure, see Figure 3-6.
3-3
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
Figure 3-6 ZXR10 8905E Structure
ZXR10 8902E OverviewFor the 8902E overview, see Figure 3-7.
Figure 3-7 ZXR10 8902E Overview
For the ZXR10 8902E structure, see Figure 3-8.
Figure 3-8 ZXR10 8902E Structure
3.2 Hardware StructureThe ZXR10 8900E series switch is a rack-based system and has three separate planes,including forwarding, control, and monitoring planes. The three planes work together toperform system functions. The system uses a new-generation high-capacity high-speedserial bus backplane to connect main control boards to various service line cards. Theprimary monitoring node on each main control board manages the monitored nodes on theline cards through a monitoring bus and collects monitoring information of the line cardsto implement intelligent equipment management.
3-4
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 3 Product Structure
High-capacity High-speed BackplaneThe system has the up-to-date design of passive high-capacity high-speed backplane andconnects main control boards and line cards through high-speed wiring, ensuring sufficientswitching capacity required by system operation.
Main Control BoardMain control boards are important integrated boards working in 1:1 backup mode.Each main control board includes a high-performance CPU, a large-memory storagespace, an inter-board switching module, a monitoring module, and a clock module. For8912E/8908E/8905E, each main control board also includes a high-capacity switchingmatrix, which has a multi-plane independent design to guarantee its switching capabilityand future expansion. For the 8902E, main control boards do not have a switching matrix.Line cards implements back-to-back connection through a high-speed backplane. Duringoperation, the ZXR10 8900E series switch's two main control boards interact closely.
Service Line CardsService line cards directly process packets and send them to specific ports on thedestination service line cards. Each service line card has its own forwarding informationbase, and forwarding decisions are made locally, ensuring wire-speed switching capability.Service line cards are diversified, and they can support clock or monitoring features.Depending on requirements, the following types of service line cards can be provided forthe time being:
l GE service cardsl 10-GE service cardsl 40-GE service cards
Power SupplyThe ZXR10 8900E has a brand new power supply design, which supports the maincontrol system's remote signaling/control over power supply. Through an RS485 port,the main control system can intelligently monitor the temperature over/under-voltage,power-off alarms, and current-limited state of the power supply system.
Intelligent Fan ShelfThe ZXR10 8900E system uses an intelligent fan shelf to adjust each fan's speed, raisesstalling alarms, and detect fan board temperature. In addition, the shelf can adjust fanspeed of each slot according to temperature, so that energy is saved.
3-5
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
3.3 Supported BoardsMain Control BoardFor the ZXR10 8912E/8908E/8905E, switching and control modules are integrated on amain control board. The main control board mainly consists of a CPU subcard, switchingchips, a clock system, and amonitoring subcard, and implements management and controlover the whole system and switches data packets among various line cards. From theperspective of functionality, the main control board consists of switching, control, clock,monitoring, out-band communication, power supply, and logical modules. For the maincontrol board diagram, see Figure 3-9.
Figure 3-9 8912E/8908E/8905E Main Control Board Diagram
The main control board of the ZXR10 8902E implements control functions. For the boarddiagram, see Figure 3-10.
Figure 3-10 8902E Main Control Board Diagram
Control Module
3-6
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 3 Product Structure
The control module consists of a main processor and some external functional chips. Itprovides various external operation interfaces, such as serial ports and Ethernet ports, toprocess various applications. The main control module mainly consists of the followingfunctional units:
l Network management unit: Runs a network management protocol, such as SNMP.l Protocol processing unit: runs network and routing protocols, such as OSPF, RIP, and
BGP-4. The protocol processing unit maintains a global routing table and forwardingtables, and maintains the consistency among processor nodes.
l Monitoring unit: Provides operation andmanagement interfaces for various line cards.l Internal communication unit: Provides a high-speed signaling channel between
boards, and allows the main control board to efficiently and accurately control themanagement CPUs of the other boards through the internal communication module,and to transfer routing information through that channel.
The main control module has the following features:
l High-performance CPU: Is capable of running layer 2 and layer 3 protocols andnetwork management and monitoring programs.
l GE channel: Can be connected to a management interface to provide the functionsof system management and program downloading and debugging.
l One RS232 serial port: Used for board debugging and management.l Temperature checking: Each main control board has a temperature checking device
that is connected to the CPU subcard to check the system temperature and reportsthe results to the back-end EMS.
l System log management: All system logs are stored in the system flash memory.l Clock chips are mounted on the CPU interface to provide an accurate clock to the
system.l Active/standby switching, active/standby state signal indication, line card reset
signals, and line card in-position checking.l Faults are classified into warning faults and switchover faults.l A routing data synchronization channel is provided between active and standby
boards.
Switching Module
The switching module performs data switching for the whole system, providing ahigh-speed and non-blocking switching channel among all line card units. The switchingmodules uses a dedicated CROSSBAR chip, which integrates multiple high-speedbidirectional interfaces to perform wire-speed switching. The switching chip performs thefollowing functions:
l Store-and-forward switching.l Supports 16 KB jumbo frames.l Supports priority queues that selectively drops frames in case of CoS queue
congestion.l Each port provides a set of management control counters.
Clock Module
3-7
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
This system uses the synchronous Ethernet technology to implement clock frequencysynchronization. It performs phase fine tuning and time maintenance according to theIEEE 1588 to synchronize clock time. The synchronous Ethernet can perform frequencysynchronization by the reference clocks generated by four types of clock sources includinglocal clock of the clock subcard, BITS (2MHz or 2Mbits), GPS, and line card clock recovery.
Monitoring Module
The monitoring module (IPMC) is a component of the device monitoring system.The monitoring module, hardware management bus, and software monitoring andmanagement module compose the intelligent platform management system. Themonitoring module mainly performs the following functions:
l Information gathering: The monitoring module gathers information about the ambienttemperature, board temperature, fan status, power supply status, and powersampling.
l Alarm: The monitoring module sets alarm parameters for all the monitored itemsmentioned above, and produces alarms in case of exceptions.
l Management: The monitoring module provides automatic or manual control of the fanspeed, and monitors board power-on/off.
Interface ModulesThe ZXR10 8900E series core switch's interface modules refer to line interface cards.Currently GE, 10 GE optical, and 40 GE optical interface boards are provided.
All the optical interfaces of the ZXR10 8900E uses pluggable optical modules. Thus, oneline card can satisfy the requirements for different transmission media and distances. andsome line cards even provide different types of interfaces to reduce the need for extra linecards. All the electrical interfaces in a line card have the cable diagnosis function, whichallows diagnosing cable connections at any time. During a diagnosis, short circuits andopen circuits can be identified, and the location where a fault occurs can be specified, withthe precision of 1 meter.
For the main interface board types of the ZXR10 8900E, see Table 3-1.
Table 3-1 8900E Interface Board Types
Boar-d/CardModel
Fixed Interface LineProcessing BoardName
Port Form Remarks
E1GF24A 24-port NP enhanced
Gigabit optical interface
board
24 GE optical ports,
supporting fast and
Gigabit SFP
NP extension is available, and MPLS,
large entries, Ethernet OAM, and
intelligent monitoring are supported.
H2GF24D 24-port Gigabit optical
interface board
24 GE optical ports,
supporting fast and
Gigabit SFP
MPLS, large entries, Ethernet OAM,
clock (SyncE or 1588v2), and intelligent
monitoring are supported.
3-8
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 3 Product Structure
Boar-d/CardModel
Fixed Interface LineProcessing BoardName
Port Form Remarks
H2GF48D 48-port Gigabit optical
interface board
48 GE optical ports,
supporting fast and
Gigabit SFP
MPLS, large entries, Ethernet OAM,
clock (SyncE or 1588v2), and intelligent
monitoring are supported.
H2GT48D 48-port Gigabit
electrical interface
board
48 GE electrical
ports, supporting
fast and Gigabit
adaptive.
MPLS, large entries, Ethernet OAM,
clock (SyncE or 1588v2), and intelligent
monitoring are supported.
H2XF8D 8-port 10 Gigabit
optical interface board
8*10 GE optical
ports, supporting
10G SFP+
MPLS, large entries, Ethernet OAM, and
intelligent monitoring are supported.
S1XF12A 12-port 10 Gigabit
optical interface board
8*10 GE optical
ports, supporting
10G SFP+
L2/L3, IPv4/v6 features, SyncE, and
intelligent monitoring are supported.
3.4 Software StructureIntroductionThe ZXR10 8900E series core switch is based on ZTE's new-generation IP protocol stackplatform Zhong Xing Route Operating System (ZXROS). The protocols of the platformimplements product-unrelated service functions. All software components can run in userstate of the microkernel system, and thus the system security is enhanced. The softwarecomponents belong to different independent process spaces, allowing illegal applicationoperations to be isolated. Component-based management is used. Component functionscan be independently developed, versions can be separately released, and componentscan be dynamically installed, uninstalled, or upgraded. Uninterrupted routing anddistributed processing is supported. Fast and reliable inter-CPU synchronization is alsosupported.
For the overall components of the ZXROS software platform, see Figure 3-11.
3-9
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
Figure 3-11 Framework of the New-generation ZXROS Software Platform System
The ZXROS software platform system includes the following subsystems:
Includes ACL, route-map, L2VPN, and L3VPN configuration management modules,and label and IP pool resource management modules.
l Application protocol subsystem
Includes various application protocols such as Netflow, Radius, NTP, and Telnet.
Software CharacteristicsThe software platform's key and competitive technologies lie in the following aspects:
l System kernel resources run in privileged mode. All software components run in userstate in the microkernel system. Thus, the system security is enhanced.
l The software components belong to different independent process spaces, allowingillegal application operations to be isolated.
l Component functions can be independently developed, and versions can beseparately released.
3-10
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 3 Product Structure
l Software components can be dynamically installed, uninstalled, or upgraded online(ISCU-in-service component upgrade). Versions can be smoothly upgraded withoutservice interruption, and service customization requirements can be satisfied.
l The software system architecture supports distributed protocol processing. That is,protocols use independent processes, and messages are sent between processes.
l Fast inter-CPU synchronization is supported by using reliable multicast packets, andthus the route convergence speed is improved.
l Command configuration and protocol processing are separated, and platform andproduct command scripts are loosely associated.
l A uniform external interface is provided. Fast secondary development is supported.Outsourced software can be optimized.
l Nonstop routing (NSR) is supported.l Cluster technologies are supported.
In addition, the ZXROS software platform has the following characteristics:
l High reliability and stability: The software platform satisfies long-term stablenetwork operation requirements.
à Failures of one software component does not affect the other components.
à Components are independently developed, released, and upgraded.
à The platform and products are loosely coupled.
l Real-time performance: The software platform satisfies large dynamic routingprotocols, network management protocols, and time requirement of datasynchronization among multiple processors.
l Self-healing: System exceptions are detected, handled, and recorded. In case of anexception, the system can immediately perform recovery and switching.
l Maintainability: The usage and invoking status of core resources and systemservices can be traced and recorded. Software components are independent,making it easier to trace failures.
l Simplicity: The software platform only provides essential system services toapplications, and shields unnecessary system services.
l Encapsulation: Hardware features can be totally shielded, so that the applicationlayer is unrelated to the hardware. The software platform is uniform and portable toall processor applications.
l Smooth evolution: The software platform supports fast secondary development, andcan quickly integrate outsourced software and respond to customers' requirements intime.
3-11
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
This page intentionally left blank.
3-12
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 4Technical SpecificationsBasic SpecificationsFor the basic features and physical specifications of the ZXR10 8900E, refer to Table 4-1.
Table 4-1 Basic Features and Physical Specifications of the Device
DescriptionAttribute
8912E 8908E 8905E 8902E
Backplane
bandwidth
19.2 Tbps 12.8 Tbps 8 Tbps 3.2 Tbps
Switching
capability
5.12 Tbps 5.12 Tbps 3.2 Tbps 1.28 Tbps
Packet
forwarding
ratio
3840 Mpps 3840 Mpps 2400 Mpps 960 Mpps
Number of
GE ports
576 384 240 96
Basic
Per-
form-
ance
Spec-
ifica-
tions
Number of 10
GE ports
144 96 60 24
Dimensions
(height ×
width ×
depth)
753 mm * 442
mm * 446 mm
577 mm * 442
mm * 446 mm
442 mm * 442
mm * 446 mm
175 mm * 442
mm * 420 mmPhys-
ical
pa-
rame-
tersWeight (full
configura-
tion)
89.7 kg 64.9 kg 51.2 kg 24 kg
Total number
of slots
14 10 7 4Num-
ber of
slots Number of
service slots
12 8 5 2
4-1
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
DescriptionAttribute
8912E 8908E 8905E 8902E
Power supply
conditions
(AC)
100 V–240 V, 50 Hz –60 Hz
Power supply
conditions
(DC)
-57 V–-40 V
Po-
wer
sup-
plyMaximum
total
consumption
of the
device in full
configuration
2718 W 2084 W 1235 W 300 W
Operating
temperature
Long-term: -5℃–+45℃Short-term: -5℃–+50℃
Storage
temperature
-40℃–+70℃
Relative
humidity
5%–95%, without condensed moisture
Envi-
ron-
ment
re-
quire-
mentsEarthquake
resistance
Able to resist an earthquake of magnitude 8
Interface SpecificationsFor the optical and electrical interface features of the ZXR10 8900E, refer to Table 4-2.
Table 4-2 Optical and Electrical Interface Features
Port Type Feature Description
10 /100 /1000BASE-T In compliance with IEEE802.3z standards.
RJ45 connector.
Class 5 UTP twisted-pair wire, maximum transmission distance:
Supports automatic suppression of broadcast storms.
Supports filtering layer 2, 3 and 4 ACLs together.
Supports control/signaling MD5 authentication.
Supports IP source guard/DAI.
Supports ND security.
l Clock synchronization
For the clock synchronization features of the ZXR10 8900E, refer to Table 4-11.
Table 4-11 Clock Synchronization Features
Attribute Description
Syn-
chronous
Ethernet
Supports port-based clock recovery.
Supports overall clock distribution.
Supports clock retrieval (line, external 2 Mbit/HZ, or GPS clock).
Supports SSM processing.Clock syn-
chronization IEEE
1588v2
Supports protocol-based clock recovery.
Supports transparent transmission of clocks.
Supports P2P and E2E modes.
Supports precision time synchronization.
Supports the BMC algorithm.
l O&M features
For the O&M features of the ZXR10 8900E, refer to ZXR10 8900ETable 4-12.
Table 4-12 O&M Features
Attribute Description
O&M Supports the command line function.
Supports hierarchical management authority.
Supports password aging and confirmation.
Supports control console management.
Supports subscriber access service management.
Supports remote access by SSH, TELNET, or SNMP, and the
FTP/TFTP function.
Supports various alarms (sound or light).
Supports the ZXNM01 unified network management system.
Supports CLI and hierarchical network management.
Supports subscriber access control.
O&M
4-9
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
Attribute Description
Supports storage and restoration configuration.
Supports log management, Syslog, and REMON functions.
Supports time management and NTP functions.
Supports IPv6 equipment management.
Supports basic MIB functions.
Supports traffic statistics.
Cluster
manage-
ment
ZGMP, LLDP/ZTP/ZGMP.
Traffic
analysis
IPFIX, SFlow.
OAM Supports Ethernet OAM.
Supports OAM tools (such as LSP Ping or LSP trace route).
4-10
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 5Networking ApplicationsTable of Contents
Application in an Metro Ethernet Network...................................................................5-1Application in a Data Center .......................................................................................5-2Application in Ethernet Layer 2 Convergence .............................................................5-3Application in an Enterprise Network ..........................................................................5-4Application in FTTx.....................................................................................................5-5Application in a Core Network Bearer .........................................................................5-6Application in IP RAN .................................................................................................5-7
5.1 Application in an Metro Ethernet NetworkThe ZXR10 8900E can be deployed in the convergence layer of anMetro Ethernet network,which is uniformly borne by mobile/fixed network broadband/key customer, to satisfy therequirement for separated voice, video, data, and IPTV services. The ZXR10 8900E usesthe VPN technology to implement all-service bearer and service separation, and uses ringnetwork, various protection technologies, and OAM to provide carrier-class reliability tocarriers:
l In MPLS-to-edge mode, it implements end-to-end separation between service andbearer to provide higher reliability and higher security.
l With the MPLS VPN technology, it provides different service functions over differentservice planes.
l With the MPLS TE/FRR/BFD technologies, it implements fast protective switchingwithin 50 ms.
l With Ethernet OAM, it implements quick fault discovery to improve network operationand maintenance capabilities
For the common networking solution of Metro Ethernet multi-service bearer, see Figure5-1.
5-1
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
Figure 5-1 Application in an Metro Ethernet Network
5.2 Application in a Data CenterDue to the growing demand for broadband networks and growing number of fixed networkand broadband subscribers, interactive service traffic increases dramatically, and variousInternet application surges in scale. Thus, old data centers are facing higher resourceand O&M demands, and the pressure of expansion, consumption, and maintenance fordata center devices is great. The ZXR10 8900E has high-density 10 Gigabit ports andhigh-performance switching capacity, and thus can be deployed at the core/convergencelayer of data centers to help reduce customer TCO and solve expansion and maintenanceproblems.
l The ZXR10 8900E has high bandwidth, high performance, and large capacity toprovide a high-speed channel for data centers and cloud computing and ensurenon-blocking traffic.
l The ZXR10 8900E has rich network management features, provides graphicalnetwork management to help data center maintenance personnel, and providesnorthbound interfaces to implement unified network management.
l As an environment-friendly product, the ZXR10 8900E uses 40 nm chips andallows line cards or ports to be enabled on demand, effectively reducing the powerconsumption of data center network equipment.
l The ZXR10 8900E integrates multiple security technologies to provide securityprotection from equipment level to network level. It uses firewall boards to preventdata centers from external network attacks, and uses DoS and CPU protectiontechnologies to prevent itself from attacks.
For the common network of a data center, see Figure 5-2.
5-2
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 5 Networking Applications
Figure 5-2 Application in a Data Center
5.3 Application in Ethernet Layer 2 ConvergenceBy mature commercial use, the ZXR10 8900E proves its perfect application andsignificance in Ethernet layer 2 convergence. Based on the ZXR10 8900E' rich Ethernetlayer 2 convergence features and to meet the requirements for higher bandwidth, capacity,and convergence ratio as well as the requirements for subscriber isolation, serviceseparation, and differentiated for multiple access modes, the ZXR10 8900E providesthe following capabilities to provide powerful support for the high-speed development ofcarrier networks:
l Supports QoS to bring more precision in network resource distribution andmanagement.
l Provides ring network protection on the convergence layer, and uses ZTE's ZESR+(EAPS) Ethernet ring technology to implement 50 ms protective switching.
l Uses the VLAN and QinQ technologies to isolate subscribers or separate subscribersfrom the carrier, facilitating service plane expansion and subscriber management.
l Supports carrier-class switching capacity and provides T-level switching capabilityamong all series, allowing smooth evolution to the switching capabilities at higherlevels and satisfying carrier-class layer 2 convergence requirements.
For the common networking solution of Ethernet layer 2 convergence, see Figure 5-3.
5-3
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
Figure 5-3 Application in Ethernet Layer 2 Convergence
5.4 Application in an Enterprise NetworkA campus network's core layer requires high bandwidth and high-density ports. So, thewhole network must support subscriber access authentication, security protection, andother security policies. The ZXR10 8900E can be deployed in the campus network'score layer to provide high-speed forwarding and service guarantee. The ZXR10 8900E’senterprise network scenario has the following features:
l For enterprise network subscribers, it is even more important to reduce operationand maintenance costs and improve internal security. The ZXR10 8900E supportsrich security features, and supports the DHCP server, and snooping functions tohelp subscribers to manage addresses. It also supports various authenticationmechanisms such as Radius and TACACS+, and implements hierarchical authoritymanagement. It provides IP source Guard, DAI, anti-DoS attacks, and other securityprotection functions to minimize network attacks. It supports SQA, and learns theoperational status of each application server, and thus network failures can beavoided.
l For information security purposes, it is essential for an enterprise network to guardagainst external network attacks and threats. In addition, egress traffic statistics and
5-4
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 5 Networking Applications
control are also needed to identify illegal traffic and applications. The ZXR10 8900Eprovides various traffic analysis tools to implement traffic analysis, differentiated QoS,and network security protection, and finally achieve specific service control.
l Provides a complete set of IPv6 solutions. Through dual-stack and various v4/v6tunneling technologies, it implements IPv4-to-IPv6 seamless transition.
l Supports various tunneling technologies, such as MPLS L2/L3 VPN, QinQ, and L2PT,to satisfy the requirements of isolated internal service logics for different enterprises.
For the common network of an enterprise network, see Figure 5-4.
Figure 5-4 Application in an Enterprise Network
5.5 Application in FTTxAs subscribers' service requirements are gradually growing, higher access bandwidthand QoS are demanded, and the legacy DSL access shows inability to satisfy servicedevelopment trends in the future. With the decrease in the costs of optical fibers,E-FTTx access becomes the major trend towards the future. The ZXR10 8900Esupports environment-friendly E-FTTx access to satisfy both the numerous cable accessrequirements in the existing network and FE/GE access scenarios:
l It has rich interface boards, and provides high-density and high-bandwidth access tosufficiently satisfy FTTx's requirements for high density and expendability.
l By using various QoS features, it implements control over different services andprovides satisfactory user experience for short-delay and low-jitter services.
l It supports the SVLAN technology and can effectively isolate services and subscribersto guarantee network security.
5-5
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
l By using the ITU-T G.8032 standard Ethernet intelligent ring protection technology, itsatisfies different reliability requirements of different subscribers.
l The IP over DWDM technology, which is implemented based on switches, requireslow costs in network establishment and maintenance, and is highly expandable.
For the common network of FTTx, see Figure 5-5.
Figure 5-5 Application in FTTx
5.6 Application in a Core Network BearerThe evolution from fixed core networks to softswitch is towards the all-IP trend. The mobilecore network has experienced the separation of the circuit domain and the packet domain,and its bearer is more and more IP-based. As the core network is evolving, the IMS totallyseparates service, control, and bearer planes, and implements the integration of 2G/3G,mobile, and fixed network services. The IMS network is completely IP-based. The ZXR108900E can satisfy the requirements for various core networks. It acts as a PE or CR toimplement carrier-class core network multi-service bearer:
l It supports enhanced VRRP, associates VRRPwith BFD, and provides active/standbyredundancy for core network elements, and thus ensure the core network reliability.
l It supports various FRR, and implements 50 ms fast switching by fast detectionfunctions such as BFD.
l It supports Multi-VRF, and separates the traffic by service or logical interface toimprove device utilization.
l It supports the MPLS VPN technology, implements independent management ofaccess subscribers for different VPNs, distinguishes the routing and network topologyinformation of different VPN subscribers, and uses traffic engineering to ensure theQoS of core network services.
5-6
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 5 Networking Applications
For the common network of a core network bearer, see Figure 5-6.
Figure 5-6 Application in a Core Network Bearer
5.7 Application in IP RANIP backhaul mainly resolves the interconnection between a base station and a wirelessservice control point (gateway) to implement IP-based mobile voice and data servicebearer. In a legacy 2G network, a BTS uses TDM E1/T1 to access the base stationcontroller (BSC). With the development of the wireless network, IP-based Node Bemerges in 3G networks to replace BTS, providing Ethernet interfaces to allow wirelesstraffic to access or converge on an RNC through a switch. An IP backhaul networkhas requirements for clock synchronization, highexpendabilityy, and high reliability. TheZXR10 8900E can be deployed at IP backhaul convergence nodes to serve the IPbackhaul network. :
l IP backhaul requires clock synchronization throughout the network. The ZXR108900E provides the SyncE+1588v2 solution to synchronize high-precision clocksignals (such as BITS) to all base stations.
l A base station's access ring and convergence ring both require ring networkprotection. The ZXR10 8900E uses a ZESR+ (EAPS) Ethernet ring network to meetthe 50 ms switching time requirement.
l It supports superVLAN and QinQ to relieve gateway load in case of multi-base stationaccess, reduce IP address consumption, implement uniform management of basestations, and enhance network expendability.
5-7
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
l The ZXR10 8900E supports the VPLS/H-VPLS andMPLS L3VPN technology to bettersatisfy multipoint-to-multipoint access requirements.
For the common network of an IP Backhaul network, see Figure 5-7.
Figure 5-7 Application in IP RAN
5-8
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 6Operation and MaintenanceTable of Contents
NetNumen U31 Unified Network Management Platform .............................................6-1Maintenance and Management ..................................................................................6-2
With the development of all-IP technologies, the telecommunication industry is confrontedwith great changes towards the mainstream trend for broadband, mobility, andconvergence. The all-IP network architecture requires that the existing operation andmanagement be transformed from vertical to horizontal direction. Thus, operation costscan be reduced and O&M efficiency can be improved.
Faced with the future network development trend, ZTE releases the unified networkmanagement platform NetNumen™ U31, and the sub-product NetNumen™ U31 (BN)implements unified management for all bearer network devices. The U31 not onlyprovides multi-domain device management, but implements the convergence of elementlayer management and network layer management, breaking through the verticalmanagement model and satisfying flat management requirements.
Networking ModeBetween the NetNumen U31 and the ZXR10 8900E, in-band or out-band managementcan be implemented.
l In-band management
In-band management means that network management information can betransferred in the same channel as service information, without the need to establishan extra DCN network. The NetNumen U31 need only be connected to a neighbornetwork device and configured with SNMP parameters.
In-band management is flexible and does not need extra investment. However,network management information occupies the service bandwidth, and thus servicequality may be affected.
l Out-band management
Out-band management means that network management information is separatelytransferred in a network management network and an extra DCN network is needed.The NetNumen U31 system is connected to the out-band management port of the
6-1
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
ZXR10 8900E, and thus network management information and service informationare separately transferred.
Out-band management allows network management information to be transferredmore reliably, even if the service channel is interrupted. However, to build a separatenetwork management network is restricted by region and needs extra investment.
NetNumen U31The NetNumen™ U31 (BN) is a unified management platform for all bearer networkdevices of ZTE. It implements integrated management of transmission, wavelengthdivision, PTN, and IP devices (routers and switches). The U31 is located on the networkelement management layer or subnet management layer, and is a new-generationnetwork management system. It provides powerful functions for managing the networkelement layer and network layer.
The NetNumen™ U31 (BN) uses distributed, multi-process, and modular design tomanage all-series bearer network devices. The U31 provides configuration, fault,performance, maintenance, path, security, system, and report management functions.It guarantees device stability, and implements management and control on networkelements and regional networks.
The system uses various network management technologies, and is designed anddeveloped based on the TMN concept of ITU-T and industry-leading experience innetwork management software development. It provides powerful management functionsand flexible networking capability. The U31 system provides the following functions forthe ZXR10 8900E:
l Fault management: Guarantees stable network operation.l Performance management: Helps users to fully understand the network service
status.l Resource management: Helps users to use network resources properly.l View management: Presents network operation status clearly.l Configuration management: Helps users to deploy services quickly.l Security management: Guarantees network security.l Northbound interface: Helpful for integration.
6.2 Maintenance and ManagementVarious Configuration ModesThe ZXR10 8900E provides various device login and management configuration modes,which allow users to choose proper connection configuration modes according to theirscenarios, and thus devices can be maintained more easily.
l Serial connection configuration
Serial connection configuration uses the VT100 terminal method, and thehyperterminal tool provided by the Windows operating system can be used for
6-2
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 6 Operation and Maintenance
configuration. If the device is bare or without configuration or connection, thisconnection configuration mode must be selected.
l Telnet connection configuration
à Telnet to the management Ethernet port (10/100/1000Base-T) on a Telnet maincontrol board to configure the switch.
à On a VLAN interface, configure the IP address, set the username and password,and telnet to the IP address of the VLAN interface to configure the switch.
When a user remotely logs into the device and communicates with the device properly,this connection configuration mode can be selected.
l SSH connection configuration
On the ZXR10 8900E, enable the SSH server function, and use the SSH clientsoftware to connect the IP address of the VLAN interface or management Ethernetport to configure the switch in a more secure way. If the user requires secure remotelogin, this connection mode can be selected.
l SNMP connection configuration
The back-end network management server acts as the SNMP server, and thefront-end ZXR10 8900E acts as the SNMP client. The front end and back end sharethe same MIB, and use the network management software to manage and configurethe ZXR10 8900E. This connection configuration mode helps users to effectivelymanage and configure network devices by using network management software.
Monitoring and MaintenanceThe ZXR10 8900E provides various methods for monitoring, manage, and maintaindevices, so that the devices can be handled properly in case of exceptions and users canlearn all the parameters about the device operation.
Device Monitoring
l Power supply, fan, and main control modules, and all interface boards have indicatorsthat indicate the operational status of a component.
l Hot-swapping and switchover events of main control boards are recorded for users toreview.
l Sound and message alarm are raised when a fan, power supply module, ortemperature is abnormal.
l Version consistency is checked automatically during system operation.l Board temperature is automatically monitored during system operation, and
temperature control and message alarm functions are provided.l Software running status is monitored by the system, and line cards are restarted or
active/standby main control board switchover is performed when an exception occursand affects the device.
Management and Maintenance
l Command lines provide flexible online help.
6-3
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
l Hierarchical user authority management and hierarchical commands are provided.l An information centers is supported to provide uniform management for logs, alarms,
and debugging information.l Switch cluster management is supported, providing a uniform channel for managing
and maintaining different devices.l The basic information about main control boards, interface boards, and optical
modules can be queried through the CLI.l A variety of information can be queried, including the version, component status,
ambient temperature, CPU, and memory usage.l All information can be collected with one key, and command results can be displayed
on the device or outputted to a file. Hardware environment, software information,version information, data configuration, real-time operational status, and protocolinformation can be displayed and be automatically or manually outputted.
Diagnosis and Debugging
l Ping and TraceRoute: Checks whether a network connection is reachable, andrecords the transmission path of data packets online as a reference for locating faults.
l Debugging: Every software feature provides rich debugging commands, eachof which supports multiple parameters that can be flexibly controlled. By usingdebugging commands, users can output the processing, packet sending/receiving,and error checking information about this feature.
l Mirroring: Supports interface-based mirroring, which means that the packets on theobserved interface in the incoming, outgoing, or both directions are duplicated to theobserving interface without any change. RSPAN and ERSPAN are supported forremote port mirroring.
l OAM: Various OAM packets are used to detect the network condition and monitordevice, link, and network faults, helping users to quickly locate the faults.
l SQA: Various detection packets are sent to detect the online and operational statusesof most applications and services.
Software UpgradeThe ZXR10 8900E provides software upgrade in normal and abnormal situations.
l Version upgrade when the system is abnormal: If a device cannot be started properly,to upgrade the software version, a user can modify the BOOT mode and downloadthe latest version through the management Ethernet port.
l Version upgrade when the system is normal: If a device is normal, the software versioncan be locally upgraded or remotely upgraded through the FTP.
File System ManagementOverview
In the ZXR10 8900E, software version files and configuration files are stored in a flashmemory. During software upgrade, configuration storage need flash operations. The flashmemory contains three default directories IMG, CFG, and DATA.
6-4
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 6 Operation and Maintenance
l IMG: Stores software version files, whose extension names are .zar. Version upgradeis to modify the software version files in this directory.
l CFG: Stores the configuration file named startrun.dat.l DATA: Stores device exception information files, in the format of “time.zte”.
File System Operations
l File backup and recovery: The software version files, configuration files, and log fileson the ZXR10 8900E can be backed up to a back-end server through the FTP/TFTP,or the backup files can be recovered from the server.
l File import and export: Files can be copied to a back-end host through the FTP/TFTP.By exporting/importing the files, users can obtain alarm files and modify configurationfiles.
6-5
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
This page intentionally left blank.
6-6
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 7Protocol and StandardComplianceThe ZXR10 8900E complies with the following protocols and standards (They are changedfrequently, so the following are only for your reference.)
Ethernet StandardsFor the Ethernet standards that the ZXR10 8900E complies with, refer to Table 7-1.
Table 7-1 Ethernet Standards
Standard No. Standard Name
RFC 0826 An Ethernet Address Resolution Protocol or
Converting Network Protocol Addresses to 48.bit
Ethernet Address for Transmission on Ethernet
Hardware
RFC 1042 A Standard for the Transmission of IP Datagrams
over IEEE 802 Networks
RFC 3069 VLAN Aggregation for Efficient IP Address
Allocation
RFC 5171 Cisco Systems UniDirectional Link Detection
(UDLD) Protocol
IEEE 802.1ab Station and Media Access Control Connectivity
Discovery
IEEE 802.1d Media Access Control (MAC) Bridges.
Specifies an architecture and protocol for the
interconnection of IEEE 802 LANs below the
MAC service boundary
IEEE 802.1q IEEE Standard for Local and Metropolitan Area
Networks: Virtual Bridged Local Area Networks
IEEE 802.1s The amendment to IEEE Std 802.1D: Multiple
Spanning Trees
IEEE 802.1t 802.1D Maintenance
IEEE 802.1w The amendment to IEEE Std 802.1D: Rapid
Reconfiguration
7-1
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
Standard No. Standard Name
IEEE 802.1ap Management Information Base (MIB) definitions
for VLAN Bridges
IEEE 802.2 IEEE Standards for Local Area Networks: Logical
Link Control (LLC)
IEEE 802.3 IEEE Standards for Local Area Networks: Carrier
Sense Multiple Access with Collision Detection
(CSMA/CD) Access, Method and Physical Layer
Specifications
IEEE 802.3ad Link Aggregation Control Protocol
IEEE 802.3ae 10 Gbit/s Ethernet Standard
IEEE 802.3af PoE(Power-over-Ethernet)
IEEE 802.3ag Connectivity Fault Management
IEEE 802.3ah Ethernet First Mile
IEEE 802.3z Gigabit fiber
IP StandardsFor the IP standards that the ZXR10 8900E complies with, refer to Table 7-2.
Table 7-2 IP Standards
Standard No. Standard Name
RFC 791 Internet Protocol
RFC 1122 Requirements for Internet Hosts - Communication
Layers
RFC 1812 Requirements for IP Version 4 Routers
RFC 1981 Path MTU Discovery for IP version 6
RFC 2292 Advanced Sockets API for IPv6
RFC 2373 IP Version 6 Addressing Architecture
RFC 2374 An IPv6 Aggregatable Global Unicast Address
Format
RFC 2375 IPv6 Multicast Address Assignments
RFC 2460 Internet Protocol, Version 6 (IPv6) Specification
RFC 2461 Neighbor Discovery for IP Version 6 (IPv6)
RFC 2462 IPv6 Stateless Address Autoconfiguration
RFC 2464 Transmission of IPv6 Packets over Ethernet
Networks
RFC 2472 IP Version 6 over PPP
7-2
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential