ZXR10 5900&5200 Series - Product Description

ZXR10 5900 5200 Product
Description
Downloaded from www.Manualslib.com manuals search engine
ZXR10 5900 5200 Product Description

Version
Date
Author
Approved By
Remarks
V1.00
2008-5-30
Mao yucheng
Ma gang
Not open to the Third Party
V2.00
2009-9-16
Mao yucheng
Ma gang
Updating format
2010 ZTE Corporation. All rights reserved.

ZTE CONFIDENTIAL: This document contains proprietary information of ZTE and is not to be
disclosed or used without the prior written permission of ZTE.
Due to update and improvement of ZTE products and technologies, information in this document
is subjected to change without notice.
ZTE Confidential Proprietary
TABLE OF CONTENTS
1
Overview .................................................................................................................1
2
2.1
2.2
2.3
2.4
2.5
2.6
2.7
2.8
2.9
Highlights................................................................................................................5
Fully Support IPv6....................................................................................................5
SVLAN.....................................................................................................................5
Innovative VCT Technology .....................................................................................8
VBS Realizes Precise User Location ........................................................................8
Redundant Power Supply System ............................................................................9
ZESR Ring Protection ..............................................................................................9
Stacking Function ..................................................................................................10
Supporting IPTV.....................................................................................................11
Powerful Security Feature ...................................................................................... 11
3
3.1
3.2
3.3
3.4
3.5
3.6
3.7
3.8
3.9
3.10
3.11
3.12
3.13
3.13.1
3.13.2
3.13.3
3.13.4
3.14
3.14.1
3.14.2
3.14.3
3.15
3.16
3.17
3.17.1
3.17.2
3.17.3
3.18
3.18.1
3.18.2
3.18.3
3.18.4
3.19
3.19.1
3.19.2
3.19.3
Functionality .........................................................................................................13
MAC Address Management ................................................................................... 13
Basic VLAN............................................................................................................13
QinQ ...................................................................................................................... 14
PVLAN................................................................................................................... 14
VLAN Translation ...................................................................................................15
Super VLAN ...........................................................................................................15
Spanning Tree Protocol (STP)................................................................................ 15
Link Aggregation ....................................................................................................16
Port Mirroring .........................................................................................................16
IGMP Snooping......................................................................................................17
802.1x.................................................................................................................... 17
VRRP Protocol .......................................................................................................18
IPv4 Unicast Routing Protocol ................................................................................ 18
RIP Protocol...........................................................................................................18
OSPF Protocol .......................................................................................................19
IS-IS Protocol.........................................................................................................20
BGP Protocol .........................................................................................................20
IPv4 Multicast Routing Protocol ..............................................................................21
IGMP protocol ........................................................................................................21
PIM-SM.................................................................................................................. 21
PIM-Snooping ........................................................................................................23
DHCP .................................................................................................................... 23
Super extendable stacking ..................................................................................... 23
IPv6 ....................................................................................................................... 23
IPv6 Routing Protocol .......................................................................................... 24
IPv6 Multicast Routing Protocol ..............................................................................24
The Transition Technology for IPv6 Deployment..................................................... 24
ACL Technology of 59/52 Switches ........................................................................24
Standard ACL ........................................................................................................25
Expanded ACL Technology .................................................................................... 25
L2 ACL .................................................................................................................. 26
Hybrid ACL technology........................................................................................... 27
QoS Technology ....................................................................................................28
Brief Introduction to QoS ........................................................................................ 28
QoS Technology for ZXR10 59/52 switch series ..................................................... 32
QoS Applications ...................................................................................................40
4
4.1
System Architecture ............................................................................................. 42

Product Physical Structure ..................................................................................... 42
II
4.2
4.2.1
4.2.2
4.2.3
4.3
4.3.1
4.3.2
4.3.3
Hardware Architecture............................................................................................ 44
Switching and Control Module ................................................................................ 45
Power Supply Module ............................................................................................ 46
Interface Modules ..................................................................................................46
Software Architecture ............................................................................................. 48
Overview................................................................................................................ 48
Description of Various Layers ................................................................................. 52
Functional Modules Description..............................................................................53
5
5.1
5.2
5.3
5.4
5.5
5.6
Technical Specifications ...................................................................................... 63

Physical Specifications ........................................................................................... 63
Capacity................................................................................................................. 63
Performance ..........................................................................................................63
Power Supply Specification .................................................................................... 65
Working Environment ............................................................................................. 65
Reliability ............................................................................................................... 66
Typical Networking ............................................................................................... 67
7
7.1
7.2
The Type and Specification of Cable and Fiber .................................................. 68

Model and Specification of Cable ...........................................................................68
Model and Specification of Fiber ............................................................................68
Acronyms and Abbreviations ..............................................................................69
III
FIGURES
Figure 1
Figure 2
Figure 3
Figure 4
Figure 5
Figure 6
Figure 7
Figure 8
Figure 9
Figure 10
Figure 11
Figure 12
Figure 13
Figure 14
Figure 15
Figure 16
Figure 17
Figure 18
Figure 19
Figure 20
Figure 21
Figure 22
Figure 23
Figure 24
Figure 25
Figure 26
Figure 27
Figure 28
Figure 29
Figure 30
User VLAN Tag Message ...........................................................................................7

User Band VLAN Tag Message..................................................................................7
Stack Example .........................................................................................................10
FIFO Scheduling ......................................................................................................33
SP Scheduling .........................................................................................................34
WRR scheduling ......................................................................................................34
WRR scheduling ......................................................................................................35
WFQ scheduling ......................................................................................................35
Relationships between WRED and Queue Mechanism .............................................37
Basic Processing of Traffic Control in CIR ................................................................ 38
TS processing ..........................................................................................................39
QoS Processing of the ZXR10 59/52 Switches Series ..............................................40
VOIP Support...........................................................................................................41
The front panel of ZXR10 5952/5252 ........................................................................42
The front panel of ZXR10 5928/5928-PS/5228 ......................................................... 42
The front panel of ZXR10 5928-FI/5228-FI ............................................................... 42
The front panel of ZXR10 5224 ................................................................................ 42
Functional Block Diagram for the hardware system of ZXR10 59/52 series ............... 44
Functional Block Diagram of Main Control Board ...................................................... 45
The AC power supply of ZXR10 59/52 series switch................................................. 46
The DC power supply of ZXR10 59/52 series switch................................................. 46
The Functional Block Diagram for 1-port 10GE interface board.................................47
The panel of 1-port 10GE optical interface board ...................................................... 47
The panel of 1-port 10GE electrical interface board .................................................. 48
The Functional Block Diagram for the Operation Support Subsystem ....................... 50
Functional Block Diagram of L2 Subsystem .............................................................. 51
Functional Block Diagram of L3 Subsystem .............................................................. 52
Software functional modules of ZXR10 59/52 series ................................................. 53
Functional Block Diagram of the Unicast Routing Protocol Subsystem...................... 59
Implementation in MAN ............................................................................................ 67
TABLES
Table 1
Table 2
Table 3
Table 4
Table 5
Table 6
Table 7
Table 8
Table 9
Basic features of ZXR10 59/52 intelligent secure Ethernet Switch ..............................2

Attributes Ethernet electric interface on the front panel of ZXR10
5952/5252/5928/5928-PS/5228 ................................................................................ 43
Indicators on the panel of ZXR59/52 series switch.................................................... 43
Attributes of gigabit Ethernet optical interface ........................................................... 44
The attributes of 10GE interface board .....................................................................48
The functions of the indicators on the panel of 1-port 10GE interface board ..............48
Models and Specifications of Cable ..........................................................................68
Specifications of 1000BASE-SX Fiber ......................................................................68
Acronyms and Abbreviations .................................................................................... 69
IV
Overview
With the exponential growth of Internet traffic, IP has globally become the first choice of
networking technology for building the new generation network infrastructure, and IPbased services are now becoming more important from networks of service providers.
Communication networks are experiencing intense evolution. To accommodate this
evolution, network carriers are taking new initiatives to build broadband IP networks that
simultaneously carry data, voice and video services.
As Ethernet switches provide broad range of services and deliver much higher
performance, they have been finding applications on increasingly more IP networks.
ZXR10 59/52 series L3 Gigabit Intelligent Switch launched by ZTE CORPORATION is
mean to fully satisfy IP routing/switching and high QoS assurance needs. This series
support complete IPv4 and IPv6 routing protocols, VLAN control, Ethernet switching,
QoS assurance mechanisms, traffic control, 802.1x, and anti-virus protection, as well as
complete service control and user management capability. These intelligent
characteristics make them all suitable to be used as L3 switches on service provider
networks, enterprise networks and campus networks that focus on service management
control and network security assurance capability.
Specifically designed for the access and aggregation layers of broadband IP MANs and
enterprise networks, ZTE ZXR10 59/52 series mid-range/high-end all-gigabit-port
intelligent Ethernet switches provide low to medium density of Ethernet ports, making
them most suitable to be used as user-side access device for intelligent broadband
residential areas, office buildings, hotels, college campuses and enterprise networks
(government networks), or as aggregation device for medium-size networks providing
users with high-speed, efficient and high price-performance-ratio aggregation solution.
Depending on actual network requirement, they offer different combinations of optical
and electrical interfaces for aggregation, for which they are ideal network
aggregation/access devices for large enterprises, high-grade residential areas, hotel,
and college campus networks.
The features of ZXR10 59 series intelligent secure Ethernet switch are:
Carrier-Class Reliability
Providing redundancy on the physical layer, supporting power redundancy and hotswappable modules; providing redundancy on the protocol layer, and supporting the
protocols such as LACP, VRRP and route load sharing.
Wire-Speed Forwarding and Filtering
ASIC hardware switching is used to ensure the wire-speed forwarding of L2, L3 and
IPv6 packets. ASIC hardware filtering is used to ensure packets filtering on L2-L7 and
wire-speed performance of L2-L4 ACL.
Various Protocols Support
Supporting complete and advanced network protocols such as L2, L3, unicast routing,
multicast routing, IPv4, IPv6 and access authentication, keeping up with current
development of the network, and meeting the needs of the users for building advanced
Ethernet networks.
2010ZTE Corporation. All rights reserved.
Open System Architecture, Superior Upgrade Capability
With superior upgrade capability, open system architecture is used to protect

subscribers investment and meet customers future requirements for new features.
The features of ZXR10 52 series intelligent secure Ethernet switch are:
Carrier-Class Reliability
It provides redundancy on the physical layer, supports power redundancy and hotswappable modules, provides redundancy on the protocol layer and supports the
protocols such as LACP and routing load sharing.
Wire-Speed Forwarding and Filtering
ASIC hardware switching is used to ensure the wire-speed forwarding of L2, L3 packets.
ASIC hardware filtering is used to ensure packets filtering on L2-L7 and wire-speed
performance of L2-L4 ACL.
Rich Network Protocol Supports
Supporting most advanced network protocols such as L2, L3, unicast routing, multicast
routing, IPv4, and access authentication, keeping up with current development of the
network, and meeting the needs of the users for building advanced Ethernet networks.
Open System Architecture, Superior Upgrade Capability
With superior upgrade capability, open system architecture is used to protect

subscribers investment and meet customers future requirements for new features.
Table 1
Basic features of ZXR10 59/52 intelligent secure Ethernet Switch
Item
Description
Basic features
Switching capacity: 5952/5252: 320G 5928/5928PS/5228/5928-FI/5228-FI/5224: 240G

Packet forwarding rate(PPS): 5952/5252: 131M
5928/5928-PS/5228/5928-FI/5228-FI: 95.2M
5224: 35.7M
Number of entries in the routing table: for 59-series, 16K (L3)
for 52-series, 4K (L3)
MAC address table size:
5952/5252/5928/5928-PS/5928-FI/5228/5228-FI: 16K
5224: 8K
Number of slots
ZXR10 5952/5252/5928/5928-PS/5228/5928-FI/5228-FI:
slots
Item
Description
L2 protocol support
Support IEEE 802.3, IEEE 802.3u, IEEE 802.3z, IEEE

802.3ae, IEEE 802.3x, and IEEE 802.1p, etc.
Support IEEE 802.1d STP, IEEE802.1w RSTP, IEEE802.1s
MSTP protocols
Support IEEE 802.3ad LACP link aggregation
Support IEEE802.1Q , VLAN number: 4094
Support VLAN based upon port, protocol and subnet, and
support PVLAN
Support dual VLAN labels (SVLAN or QinQ)
L3 protocol support
59-series support RIP1/2, OSPF, BGP, IS-IS, VRRP routing

protocols.
52-series support RIP1/2 routing protocol
Support Super VLAN
59-series support IPv6
Service functions
Multicast: 59 series supports multicast routing protocols such

as IGMP, PIM-DM/SM, MSDP and MBGP, etc. 52 series
supports IGMP multicast routing protocol.
Bandwidth control: Port-, application- and flow-based
bandwidth control with the granularity of 64kbps
Authentication function: Support 802.1x and RADIUS Client
DHCP: Support DHCP Relay and DHCP Server
5928-PS supports POE,IEEE 802.3af, power <30W every port.
Max support port number 24. The whole support power 820W
QoS attributes
Support eight priority queues

L2-based priority queuing
Flow control based on L2, L 3, L4 source and destination
L4-based application flow control
Stacking
Support super expansion stacking (SES) with maximum

support of 32
Interface module
1-port 10XGE interface(optical/XFP) 1-port 10XGE

interface(electrical/CX4)
Device
management
Support SNMP MIB, MIB II (RFC 1213)

Support RMONV1/V2/V3
Support port mirroring: Includes control module, feature port
and special slot
Support Console/Telnet/SSHmanagement
Power supply
Power supply (AC): 100V~240V, 50Hz ~60Hz

Power supply (DC): -57V~-40V
5952/5252 Power consumption with full configuration < 150W
5928/5228 Power consumption with full configuration <100 W
5928-PS Power consumption with full configuration <820 W
5928-FI/5228-FI Power consumption with full configuration <
100W
5224 Power consumption with full configuration 80W
Item
Description
Reliability
MTBF: >100000 hours

MTTR: <30 minutes
All the modules are hot-swappable, support external 12V
power supply redundancy.
Physical
parameters
Dimensions:
5952/5252
43.6(H)*442(W)*400(D)
5928/5928-PS/5228
43.6(H)*442(W)*360(D)
5928-FI/5228-FI 43.6(H)*442(W)*320(D)
5224
43.6(H)*442(W)*280(D)
Weight: 5952/5252 <12kg
5928/5228/5928-FI/5228-FI
5928-PS<9kg
5224 <6kg
Environmental
Requirements
<8kg
Operating temperature: -5C~+45C

Storage temperature: -40C~+70C
Operating relative humidity: 5%~95%, non-condensing
Highlights
2.1
Fully Support IPv6

Due to the rapid development of data network, NGN and 3G network, there are more
and more demands for IPv6 in the market. The worldwide research centers, carriers and
business customers are busy with the test and deployment of IPv6 network.
ZTE is an active participant in making national IPv6 standard. In 2002, ZTE achieved
High-Performance IPv6 Forwarding Platform project belonging to State 863 Project
Packet. From April 2nd to April 4th 2003, ZTE joined in Global IPv6 Peek Forum 2003
and showed its new IPv4/v6 dual-stack router and IPv6 network solution. In May 2004,
ZTE high-end router successfully passed MII (Ministry of Information Industry) IPv6
network access test. In September 2004, ZTE the first Chinese vendor got International
IPv6 Ready certificate. All the facts show that currently ZTE NGN IPv6 technology has
been in line with most International vendors.
Currently, the IPv6 protocols supported by ZTE ZXR10 59/52 series Ethernet switch
Support IPv6 basic protocols including IPv6 protocol and ND (Neighbor Discovery)
protocol.
Support TCP6, UDP6 and Socket IPv6.
Support Telnet6, gives convenient to remote user to log in via telnet6.
Support PMTU(Path MTU Discovery) function
Provide multiple IPv6 link detection method
Provide IPv6 policy route
Theres still a long way for us to develop IPv4 technology to IPv6 technology. ZTE
ZXR10 59/52 series Ethernet switch provides rich solutions to transfer IPv4 network to
IPv6 network. The following IPv4/IPv6 transition technologies are involved:
2.2
Supports IPv4/IPv6 dual stacking
Supports IPv6 tunnel: manual configured

tunnel
tunnel, auto configured tunnel, 6to4
SVLAN
SVLAN also named flexible QinQ is the development and enhancement of QinQ.
Compared with old QinQ which is not very flexible as it can only be implemented by
increasing outer label on the port, SVLAN based upon port and C-Tag can tag different
S-Tags as per different situations. In addition, it can keep COS of customer message
and copy 802.1p field of inner label to the outer label to keep the continuity of customer
QoS.
SVLAN has enhanced function of network user location, which enables QinQ to better
support PUPV (one VLAN per user) and PSPV (one VLAN per service). It is easy for
carriers operation and maintenance management. The most typical application is Triple
Play service in broadband to the home.
SVLAN can perfectly solve the problem of user location separation and service
differentiation in broadband network. It can implement operation and maintenance
management for one VLAN per user, which brings great convenience to network
management and maintenance. ZTE is always an advocator of this technology and
takes the leading position in the industry.
ZXR10 59/52 series switch supports SVLAN with the following applications and
functions:
Being able to distinguish different service VLAN at one port and tag different outer
layer label based on different service requirements.
Being able to implement coexistence of VLAN transparent transmission and QinQ

service at port. Being able to keep user label unchanged without adding new label
to user label when some VLAN packets are going through switch.
Being able to duplicate 801.1p field in user label to outer layer label to guarantee
that users service level is kept unchanged in QinQ network so as to keep the
consistency of QoS of user service.
In IEEE802.1ad, S-Tag is for 0x88A8-type Ethernet, and C-Tag is for 0x8100-type

Ethernet. ZTE switch supports any C-Tag and S-Tag Ethernet.
SVALN has two major applications in the network:

SVLAN is applied in user location separation and service differentiation in network and
Triple Play service in family broadband. SVALN QinQ can solve traditional 4096 VLAN
resource shortage problem so as to truly implement PUPV and PSPV.
Figure 1
User VLAN Tag Message
Figure 2 shows the adoption in L2 VPN of small network, or QinQ-based Tunnel or

QinQ-based VPN.
Figure 2
User Band VLAN Tag Message
In Figure 2, when customer messages with or without inner VLAN labels reach Ingress
PE (Provider Edge) switch, they may be tagged with corresponding outer labels
according to different switch ports, and then the messages will be transferred
transparently as per S-Tag in Provider Network. Later, theses customer messages will
de-capsulate their S-Tag on Egress PE equipment and then be sent to the related CE
equipment. The advantage of using QinQ VPN is that the Tag resources in Customer
Network and Provider Network are independent from each other. So customers can
make their own VLAN resource without concerning about the VLAN conflict in passing
Provider Network.
2.3
Innovative VCT Technology

VCT (Virtual Connection Test) designed based upon hardware detects the connection
fault. It realizes link diagnosis via TDR (Time Domain Reflection), and gives judgment on
the link faults for example open circuit, short circuit, impendence unmatched and normal
circuit. Besides, it can calculate the distance of the failed point of the link.
By using VCT technology, ZTE ZXR10 59/52 series Ethernet switches can carry out
remote maintenance to links to find out the open circuit, break circuit and the error for
detecting fault location is within 1 meter. Via VCT circuit, ZXR10 59/52 series Ethernet
switches can actively eliminate the incorrect customer configuration, and find out the
distance between the failed link and the equipment and port. It can locate and eliminate
most failures in network management center, which simplifies network maintenance and
reduces the costs and difficulties in network operation and maintenance.
2.4
VBS Realizes Precise User Location

VBAS (Virtual Broadband Access Server) is a query protocol used between IP-DSLAM
and BRAS.
It uses L2 end-to-end communication between BRAS and IP-DSLAM, i.e. the port
information query and responding message are directly encapsulated in L2 Ethernet
data frame, configure related DSLAM of VLAN on BAS and generates VBAS protocol in
the course of PPPoE session, that is, according to users VLAN, map to the
corresponding DSLAM, and BAS imitates user route label query to DSLAM actively, then
DSLAM gives BAS the route label of the responding customer. Here 59/52 series
switches are working as DSLAM device.
The implementation procedure of VBAS interaction:
User host initiates broadcasting session to generate data packet to ask for setting
up link, and wait for BAS responding.
After one or more than one BAS devices receive broadcasting, the data packets
providing by service are sent to user host if services can be provided.
Customer host selects one BAS as per a certain rule, and send unicast session to
require data packet.
When the selected BAS received the session for requiring data packet, it will
generate an exclusive Session ID, and then goes into PPP session stage after
sending data packet for confirmation to customer host.
When BAS sends data packet for confirmation, it will send VBAS request packet to
DSLAM for checking which physical port of DSLAM the MAC address of user host
comes from.
When DSLAM receives the request data packet from VBAS, it will send VBAS
responding data packet to BAS, and the relations between the MAC address and
DSLAM physical port will return.
When the user host receives the confirming data packet from the selected BAS,
PPP session will be carried on according to Session ID and BAS. Via LCP, send
request packet for ID confirmation to BAS in a point-to-point way.
BAS sends authentication request packet to its background authentication system

(e.g., Radius Server). The authentication request consists of user account,
password and the info of its physical port.
The background authentication system (e.g. Radius Server) returns the responding
packet of BAS authentication.
BAS returns responding packet of user host authentication.
If the authentication is passed, then set up PPP link, so that both sides in the
communication can implement PPP data transmission.
The VBAS protocol of ZTE ZXR10 59/52 series Ethernet switches has the following
merits:
2.5
Theres no need of hardware upgrade. With few changes, only software upgrade on
the existing IP DSLAM and BRAS is required.
Only carry out port naming to IP DSLAM instead of making complicate configuration
on BRAS, which indicates little work.
There is no need of changing the existing networking mode, which protects the
existing investment and keeps sound continuity.
The binding between user and IP DSLAM physical port can be realized, that is, user
network suffering info can be got and user port status can be grabbed in advance.
Redundant Power Supply System

ZXR10 59/52 series switches support AC/DC power supply mode. Designed with -48V
DC power supply mode and 220V AC power supply mode, it can adopt an external 12V
redundant power supply module as well. With 1+1 hot backup power supply module, it
enhances the reliability of power supply system.
2.6
ZESR Ring Protection

ZESR (ZTE Ethernet Smart Ring) designed and developed based upon EAPS principle
of RFC 3619 protocol is used to test if the ring can get through to make sure any logical
path between any two points is smooth. According to the change of the ring (on->down,
down->on), reset the port status (block, forward), so that the logical path can get
switched over quickly.
ZESR is also adaptive to multi-ring and multi-domain environment. Multiple rings
referring to different layers in network topology where each layer is one ring, and there
are two access points in the low-layer ring connecting with high-layer access ring, so
that network topology is an independent ring and the tangent part of one ring actually
looks as part of the other ring. The ring with highest level is called main ring, the others
are called access ring. Multiple domains refer to multiple protection instances on one
ring adaptive to different service VLANs standing independently with different logical
paths.
2.7
Stacking Function
ZXR10 52/59 supports SES stacking function. Stacking is a management domain
composing by some Ethernet switches connecting via stacking ports, where our main
switch and several standby switches exist. Normally daisy chain is used as shown in the
following figure:
Figure 3
Stack Example
Switches connect each other via stacking interfaces. Among devices, special protocol
message is used to control topology discovery, calculation, routing maintenance, etc.
The advantages stacking function brings to users are:
10
Sound Management: IRF stacking enables unified management of multiple devices.

One connection and one IP address can manage the entire Fabric, which obviously
reduces the costs.
Superior Extensibility: IRF stacking is capable of fitting different users demands and
guarantees smooth network extensibility, which maximally protects investment in
network upgrade.
N+1-mode backup features high reliability, which avoids single-point failure and
reduces service breakdown.
For single cassette switch, the system can implement the following characteristic
features:
Distributed management: in terms of management, all equipment belongs to one unit.
Administrator can control the devices via WEB, telnet, console, and SNMP. Different
devices are similar to different slots in a rack.
Distributed forwarding: instead of forwarding to the host, the message forwarding and
query can be done locally. With system redundancy, when one device breaks down,
other devices can implement normal forwarding as well.
Distributed link aggregation: support cross-device link aggregation, so that link backup
and load sharing can be implemented among devices.
2.8
Supporting IPTV
As a key technology of ZTE IPTV system, controllable multicast technology is mainly
used in broadband access network. The device (BRAS, DSLAM or Switch) realizing
multicast control policy is called multicast control point. The multicast control point
working as the ultimate point of user multicast IGMP query determine if multicast traffic
will be duplex to customer port as per related IGMP query and control policy. The closer
the multicast control point is from user, the less bandwidth the network requires. As an
important device implementing multicast control policy, the multicast control point must
support the following services: IGMP V1/V2, IGMP Snooping, IGMP Filter, IGMP Proxy,
IGMP Fast leave, MVR (Multicast VlLAN Register,), SGR(Static Group Register, static
multicast group register), UGAC(User Group Access Control, User Multicast Access
Control), and UGAR(User Group Access Record, User Multicast Access Record).
Users authority for demanding services is controlled by binding rule and channel.
2.9
Powerful Security Feature

ZXR10 52/59 switches provide customers with rich security features in control layer, data
layer and management layer of the devices respectively to implement overall protection.
The security mechanisms provided by these devices are:
Support MAC address table and ARP binding, MAC addresses filtering and
broadcasting suppression.
Support DHCP SNOOPING
Support CPU anti-attack (virus) protection, CPU overload/rhythm protection.

Support the feature of identifying multiple virus feature message, and filtering
LAND/BLAT/NULLScan/XmaScan/Smurf, SYN Flooding, Ping Flood, anti-DDoS
attack. Support Rood Guard of SPT, precaution against BPDU attack and ARP
attack.
Support uRPF unicast converse route inspection, precaution against pseudo

address attack.
Support OSPF/RIPv2/BGPv4 MD5 cipher text checking.
11
12
Support IP source Guard.
Support hierarchical user management, user encryption and SSH.
Functionality
3.1
MAC Address Management

For ZXR10 59/52 series, all forwarding tables and MAC addresses are closely related,
therefore MAC management module is the most fundamental as well as the most
important functional module in the Ethernet switch, since it performs basic functions
such as managing MAC addresses learning and performs the following management
operations:
3.2
MAC address binding: A specific MAC address can be bond with one port of the
switch. After that, no dynamic learning will be performed for the MAC address, so
that the physical location of a user can be restricted and important MAC addresses
can be protected
MAC address filtering: When the switch receives packets whose source or
destination MAC address are special MAC addresses, it can drop them to order to
filter some un-welcomed users
Number of MAC addresses restriction: The number of MAC addresses of some

ports can be restricted to control the number of users of these ports. In addition,
prevention is made at the ports when they are under DOS attack to avoid
exhaustion of system resources
MAC address freeze: For a network that runs stably, the addresses of certain
important physical ports, such as uplink ports, can be freezed, in order to prevent
network interruptions due to the use of key MAC addresses by unauthorized users
MAC address display in multiple views: The VLAN table can be shown with
statistics collection in multiple aspects, such as VLAN, port, static or dynamic etc, to
help network diagnosis and maintain network stability.
Basic VLAN
VLAN is a fundamental protocol for L2 switching equipment, which enables administrator
to divide a physical LAN into multiple VLANs. Each VLAN has a VLAN ID to identify itself
uniquely within the entire LAN. Multiple VLANs share the switching equipment and links
of the physical LAN.
Logically, each VLAN is like an independent LAN, and all network frame traffics of a
VLAN are restricted within the VLAN. Inter-VLAN access can only be done via L3
forwarding, since direct access is not possible. In this way, network performance is
improved, and total traffic in the physical LAN can be effectively decreased.
The function of the VLAN is to reduce broadcast storm on the network, and to enhance
security and allows centralized management of the network.
13
59/52 switches series support 802.1Q VLAN. For untagged packets, VLAN tags can be
added to them based on subnet, protocol or port, so that a great variety of VLAN
features can be supported.
In the 802.1Q VLAN protocol, a VLAN is represented by a 12-bit number, so the number
of VLANs is limited within 4096, limiting some practical applications. The 59/52 switches
series provide four kinds of extensions. The first three are QinQ, PVLAN and VLAN
Translation, and the last one is Layer-3 related Super VLAN feature.
3.3
QinQ
QinQ, also known as multi-layer VLAN tag stacking, is a visualized name for the
tunneling protocol based on 802.1Q encapsulation. Its basic idea is to encapsulate
private VLAN tag into public VLAN tag, so that packets pass through the backbone
network with two tags, offering users with a simple L2 VPN tunneling technology. The
QinQ protocol is a simple while easy-to-be-managed protocol, since it does not require
the support of particular control protocol but can be implemented via static configuration
only. It is particularly useful for the switches on the aggregation layer. By supporting
QinQ (double tags), the switches on the aggregation layer can effectively increase the
number of VLANs in the MAN.
At present, IEEE is developing a specification for VLAN stacking, that is, 802.1adProvider Bridge. The external VLAN layer is defined as Service VLAN --- SVLAN, for
which the specification is still in draft.
In the software system of the 59/52, the QinQ software function module performs static
configuration of QinQ, and perform appropriate configuration for the chipsets. In QinQ,
there are two forms of VLANs:
SVLAN (Service VLAN):
VLAN defined on the backbone network
CVLAN (Customers VLAN):
User-defined VLAN
The QinQ software function module adds one parameter in the VLAN table, to order to
indicate whether the VLAN is a SVLAN or CVLAN, and the bottom-layer driver interface
function is used to set the QinQ function for the chipset.
3.4
PVLAN
For the scenario where all servers are located within a subnet but they can only
communicate with their default gateways, this new VLAN feature is called Private VLAN.
In the concept of Private VLAN, there are three types of ports of the switch: Isolated Port,
Community Port and Promiscuous Port. They correspond to different VLAN types
respectively: Isolated port belongs to Isolated PVLAN, Community port belongs to
Community PVLAN, while Promiscuous VLAN represents one complete Private VLAN.
Either of the first two types of VLANs must be bound within a Primary VLAN, which a
Promiscuous Port should also be included. For Isolated PVLAN, an Isolated Port can
only communicate with a Promiscuous Port, but it cannot exchange any traffic with
another Isolated Port. For Community PVLAN, a Community Port can communicate with
not only a Promiscuous port but also with another Community Port. The Promiscuous
Port is connected to an interface of another router or L3 switch. The traffic it receives
can then be forwarded to an isolated port or Community port.
14
Using PVLAN can be very effective for ensuring the security of data communication in
the network. A user only needs to connect its default gateway. One PVLAN can provide
connections with L2 data communication security without multiple VLAN and IP subnet.
All the users are connected to the PVLAN, so they are connected to the default gateway,
without access between any other users in the PVLAN. The PVLAN function ensures
that the ports within one VLAN cannot communicate between each other, while traffic
can only pass through via the Trunk port. In this way, even broadcast traffic from one
user in a VLAN will not affect another user within the same VLAN.
The PVLAN can be implemented on the ZXR10 59/52 simply through static configuration.
3.5
VLAN Translation
VLAN translation is also an expansion of the VLAN function. If one port of the switch has
the VLAN translation function enabled, the incoming data streams from that port must be
tagged. The VLAN translation function looks up in the MAC-VLAN table for a new VID by
using the combination of VID contained in the tag and the port number as the index, and
then the data streams will be switched using the new VLAN. This is the process of
translation from one VLAN to another.
The VLAN translation can be implemented on the ZXR10 59/52 simply through static
configuration. However, it should be noted that if the VLAN translation function is started,
the VLANs cannot be differentiated based on MAC addresses. On the contrary, if the
VLANs are needed to be differentiated based on MAC address, VLAN translation
function should be disabled.
3.6
Super VLAN
Super VLAN allows that hosts within same physical switching equipment belong to
different virtual broadcast domains and resides within the same IPv4 subnet with the
same default gateway. In current large-scale LAN switching environment, this
mechanism has a number of advantages over the traditional IPv4 addressing
mechanism. Its most important advantage is that it preserves address space in the IPv4
system.
Super VLAN uses the concepts of super virtual network and virtual sub-network to
perform dual-classification on the VLAN. One or multiple virtual sub-networks belong to
one super virtual network, and they will use the default gateway IP address of the super
virtual network.
The Super VLAN function is a pure software function. This function is transparent to the
Ethernet ASIC chip, which still performs data exchange according to the VLAN setting
made by the software module. Super VLAN can be implemented on the ZXR10 59/52
simply through static configuration.
3.7
Spanning Tree Protocol (STP)

STP is used to detect and eliminate loops between L2 switching functional units, and
provide redundancy links, for enhanced performance and reliability of the LAN.
This module performs the following two major functions:
15
Avoids network loop, prevents LAN broadcast storm due to such loop, and provides
redundant paths for backup.
Detect changes to the topology structure, and configure the spanning tree topology
again according to the change detected.
After the switch in a subnet executes STP, it will create a dynamic spanning tree
topology structure, where there will be no loop between any workstations in the LAN,
thus preventing broadcast storm. At the same time, STP also detects changes on the
topology, and creates a new spanning tree when the topology changes, providing fault
tolerance and allowing the re-configuration of the topology of the spanning tree.
According to the status information of the dynamic topology of the spanning tree, the
switch maintains and updates the MAC table, and finally implements forwarding on the
MAC layer.
STP is designed to allow the switch to dynamically detect a loop-free (tree) of the
topology and ensure adequate connectivity, so that there is always a path between two
LANs as long as physically possible. According to the principles of graph theory, any
route graph containing nodes and connection nodes has a spanning tree of the routes
that ensure the connectivity to the destination but have no loop. Therefore, the spanning
tree algorithm and protocol can avoid loops in any dynamic topology, and can eliminate
those loops between any two workstations.
The Multiple Spanning Tree Protocol (MSTP) defined by IEEE802.1s is compatible with
the RSTP defined by IEEE802.1w and the common STP defined by IEEE802.1D.
Therefore, the spanning tree module only needs to implement the MSTP. When MSTP is
enabled, it can be forcedly set to RSTP or STP, so mixed networking applications of STP
and RSTP are supported. In addition, enabling SPT on the aggregated links and support
of STP based on ports is also supported.
ZXR10 59/52 series support STP, RSTP, and MSTP, as well as the mixed network
applications described above.
3.8
Link Aggregation
Link aggregation is the process where multiple physical links with the same media type
and same transmission rate are bundled together, and appear as one link logically. It
allows parallel physical links between switches or between switches and servers in order
to increase bandwidth. As a result, it becomes an important technology in increasing link
bandwidth and allows transmission link creation in a flexible way with good resilience. In
Gigabit Ethernet, link aggregation can be used to create multi-gigabit connections. It can
also be used to create faster logical links for Fast Ethernet. Link aggregation can provide
good link resilience, since communication can be rapidly switched over to the
operational links when one or more links fail.
ZXR10 59/52 series implements link aggregation protocol LACP defined by IEEE
802.3ad, and supports link aggregation for gigabit Ethernet port and 10GE ports.
3.9
Port Mirroring
Port mirroring can automatically mirror traffic from one port to another, so that network
administrator can take a real-time analysis of the port traffic for detecting network faults,
16
and offers a monitoring mechanism for network management personnel. For ZXR10
59/52 series, any port can be configured as a mirror port. Mirroring is also possible
between ports operating at different rates. It is also possible to mirror traffic from multiple
ports to one port, and mirroring can be enabled as multiple mirroring groups.
3.10
IGMP Snooping
The IGMP Snooping maintains the relationship between multicast address and VLAN by
listening to IGMP packets transmitted between the user and the router. It maps members
of a multicast group into a VLAN. After receiving multicast packets, it forwards them only
to VLAN members in that multicast group. IGMP Snooping and IGMP are similar in that
they are both used for managing and controlling multicast groups through IGMP
messages. However, they differ in that IGMP runs on the network layer, while IGMP
Snooping runs on the link layer. When the switch receives IGMP packets, IGMP
Snooping will help analyze the information contained in them, establish and maintain a
MAC multicast address table on L2.
When IGMP Snooping is enabled on the ZXR10 59/52, multicast packets will be
multicast on L2. When no IGMP Snooping is enabled, multicast packets will be
broadcast on L2.
3.11
802.1x
802.1x is a Client/Server-based access control and authentication protocol. It is a
service which authenticates user devices connected to the system ports and determines
whether to allow users to access the system through the ports, in order to prevent
unauthorized data transfer between users and services provided by the system. Initially
access control of 802.1x only allows EAPOL frames to pass through from the user ports.
Other data are not allowed to pass through the ports unless authentication has been
done.
802.1x classifies the access point for which the authenticator system connects to LAN
into two logical ports: Controlled port and uncontrolled port. Regardless of its
authentication status, an uncontrolled port can freely exchange PDUs with other
systems. A controlled port can exchange PDUs with other systems only when its status
is authenticated. PAE is an entity that runs and authenticates related algorithms and
protocols. The authenticator PAE responds to the requests from the supplicant PAE and
provides authentication information. The authenticator PAE communicates with the
supplicant PAE, and sends the information received from the supplicant PAE to the
authentication server, which will verify this information so as to determine whether to
allow the supplicant to access its services. The authenticator PAE relies on the
authentication result to determine the status of the controlled port should be authorized
or unauthorized. The authenticator PAE performs protocols exchange with the supplicant
PAE over an uncontrolled port by using EAPOL protocol, and communicates with the
RADIUS server by using EAPOR protocol.
The 802.1x module mainly implements the following features:
Supports authenticator features
Local authentication
17
3.12
Allows the authenticator PAE to perform protocol exchange via uncontrolled port
and EAPOL
Supports operation on uncontrolled port by using AuthControlledPortControl with

the parameters of ForceUnauthorized, Auto, and ForceAuthorized
Supports operation on uncontrolled port by using AdminControlledDirections and

OperControlledDirections with parameter of Both
Supports periodic re-authentication of the supplicant by using a re-authentication

timer
Supports transparent transmission of 802.1x authentication packets when no

authentication is enabled
VRRP Protocol
VRRP protocol provides, via a set of verification and election mechanism, route backup
in a multi-address access network. Mainly based on the backup of gateway equipment
of a LAN, the protocol is responsible for ensuring the non-stop network operation for
host access, in other words, it provides route next hop backup for host access. By
providing simple test and election mechanism, VRRP can implement quick
active/standby switchover when failure occurs, which is 3 to 5 seconds by default. In
addition, it does not pose any special requirements for the access host.
Due to VRRP working mechanism, all the collaborative devices in one VRRP backup
group should be in one LAN, i.e. there isnt any inter-bridge device. As a result, in
todays networking that VLAN is preferred, the devices in one backup group should all in
the same VLAN, but one VLAN can consist of multiple VRRP backup groups.
3.13
IPv4 Unicast Routing Protocol
3.13.1
RIP Protocol
The implementation of RIP protocol is based on using distance vector routing algorithm
over the local network. RIP protocol uses UDP packet to exchange RIP routing
information for which RIP packets are encapsulated in UDP. The routing information of
RIP messages contains the number of routing nodes (number of hop) that the route has
transverse, and routing node will decide the route for each destination network as per
this hop number. The RFC standard limits the maximum hop number as 16 and it is
suitable as the interior gateway protocol for a small AS.
The main features of ZXR10 59/52 series RIP protocol are:
18
It can send and receive RIP message as per protocol, in addition, it can message
verification and implement ID authentication.
3.13.2
Support RIPV1/V2, authentication and MD5 authentication. Support route

redistribution.
Support Split-Horizon and event-based updated to avoid routing loops and fast
route convergence.
Support protocol-level DEBUG.
OSPF Protocol
OSPF, an interior gateway protocol developed by IETF, is based upon link status and
shortest path first (SPF) algorithm. OSPF can integrate routing table in a short time, and
avoid loopback, which is very important for meshed networks or different LANs
connecting via multiple routers. Each equipment that runs OSPF is responsible for
maintaining an unified database composed by the information on the status of parts of
every equipment including the available interface, neighbor information, status of the
network link to this equipment and routing information from external AS, in order to
establish the topology architecture of the AS. By using Link-State algorithm, OSPF
calculates the shortest path to all the destinations in each area. When equipment begins
operation or when there is any route change, this equipment allocated to OSPF will
broadcast LSA, which contains the information on link status and neighborhood status of
this equipment, to all other equipment within the same area. Base on these LSAs a link
status database will be created, where all equipment within the same OSPF area
maintains a special database describing topology structure of this area.
The main features of ZXR10 59 series OSPF are as follows:
Supports hierarchical network topology, which is suitable for large interconnected

networks.
Uses dynamic routing and Dijiksra algorithm for route calculation to allow fast and
automatic formulation of network topology structure.
Support status display and configuration commands from console, support

commands and status display related to SNMP as well as MIB parameters.
Support the authentication of routing protocol packet, including simple password

test and MD5 authentication in order to prevent routing protocol packets from being
altered.
Use resending and confirmation mechanism to ensure the reliability of

synchronization of link status.
Support various distance measurement solution, such as physical distance, delay

and throughput etc.
Support STUB AREA, NSSA feature.
Support area border router and Autonomic System Border Router.
19
3.13.3
Support classless inter-domain routing and route summary.
Route redistribution control and route filtering via Route Map.
IS-IS Protocol
Intermediate system to intermediate system (IS-IS) routing protocol, the routing protocol
from OSI, can be used for TCP/IP-based IP network. IS-IS can be easily extended,
mainly for IPv6. IS-IS system can be divided into two layers: backbone layer (L2) and
distribution layer (L1), one router can only belong to one layer. L1 routers only know their
local topologies, while all traffic to other areas will be sent to L2 routers. The L2 routers
compose the backbone area, which is similar to area 0 in OSPF backbone area.
ZXR10 IS-IS protocol has the following features:
3.13.4
Support L1 and L2 address summary
Support L1 and L2 hierarchical routing, and ATT-bit control feature.
Support three area addresses and smooth area address migration.
Support load-balancing towards the same destination.
Support the authentication of interface and area.
BGP Protocol
BGP, an external gateway protocol, is basically used to establish loop-free routing
information among autonomic systems. The parameters which BGP carries are rich in
which they can be used to create topology view of the autonomic systems, implement
routing policies for the autonomic system, as well as AS-path information in order to
avoid routing loops. AS, autonomous system, is the collection of routers and terminal
stations which are considered as one entity under the same management domain, and it
controls the expansion of routing table via BGP CIDR (Class-Independent Domain
Routing). BGP-4 also supports mechanism for route aggregation, including AS path
aggregation. The design of BGP is also intended to provide Internet with a structural
view by using AS. By dividing Internet into multiple autonomic systems, Internet can be
composed of many easy-controlled small networks into an extremely large-scale network.
These small networks which are called autonomic systems can organize their own rules
and management policies.
The main features of ZXR10 59 series BGP are as follows:
20
It is suitable for large network, normally for backbone network.
BGP supports EBGP and IBGP.
BGP supports EBGP multi-hop technology.
Support peer-group feature and route reflector.
Support AS confederation, route flap dampening.
Support MP-BGP.
Support MD5 authentication, routing filtering.
Support route redistribution.
3.14
IPv4 Multicast Routing Protocol
3.14.1
IGMP protocol
IGMP protocol is used by multicast router between host and the multicast router for
getting information of multicast group member.
Multicast router sends query message of group member to all the hosts on a regular
basis to make it be clear of the staffs in the network. The host will return a group
member report to tell which multicast group it belongs to. When one host wants to add in
a new group, it will immediately send group member report instead of waiting for an
enquiry.
When the host starts receiving information as a member of one group, the multicast
router makes sure if the member of the group participate in by checking the group
periodically. As long as there are some group members on this interface, the multicast
router will keep sending this group data to this interface. When the host leaves the
group, it will send a message to the multicast router to inform its leaving, and then the
multicast router will check if there is any active group member in this group. If there are
still some active group members, the multicast router will keep forwarding data. If not, no
data will be processed.
Now there are two existing versions: IGMP V1 and IGMP V2. With more enhanced
features, IGMP V2 compared with IGMP V1 uses 4 sorts of message to realize the
information interaction between the host and the router:
Group member query
V2 member report
Leaving report
V1 member report
V1 member report is used to be compatible with IGMP V1.
3.14.2
PIM-SM
PIM-SM is always the optimal multicast routing protocol in multicast network. To
implement multicast message distribution, PIM-SM adopts multicast information sink
display add-in mechanism to build share tree. Under a certain circumstance, information
21
sink can be switched over to SPT (shortest path tree). PIM-SM is independent from
unicast routing protocol. It uses unicast routing table instead of a certain unicast routing
protocol to implement RPF checking, PIM-SM is more suitable for the multicast network
with potential group member at the end of WAN connection. In addition, PIM-SM allows
SPT, so it reduces the latency caused by share tree which in other words enhances the
efficiency greatly.
PIM-SM uses share tree to deliver multicast data packet. One share tree has one center
point responsible for sending data packets for all source delivery port of one multicast
group. The message from each source delivery port will be routed along SPT to the
center point which is considered as the root node, and the packets will be dispatched to
each receiving port along SPT. The center of PIM-SM group is called RP (Rendezvous
Point). Every network may have multiple RP, but only one RP exists in one multicast
group.
There are three ways for router to get the location of RP. First of all, it can configure RP
statically on every router of the running PIM-SM. The other two ways are dynamic
depending on the PIM-SM version used in the network. PIM-SM V1 uses Auto-RP, and
PIM-SM V2 adopts candidate-RP.
PIM-SM V2 manually configures some routers running PIM-SM as candidate BSR
(Bootstrap Router), and selects the candidate BSR with the highest priority as official
BSR. BSR is in charge of collecting the candidate RP message of each multicast router,
finding out which candidate RP are in multicast domain, and informing all PIM routers
in PIM domain uniformly, therefore, all PIM routers will follow the unique RP selection
rule to pick up the best RP for each group in RP set. The candidate RP is configured
manually
The router running PIM-SM discovers each other and maintains the neighbor relations
by exchanging hello message. In multi-access network, hello message also consists of
the priority information of router, so that, DR can be chosen accordingly.
The multicast source and the first-hop router (DR connects with the source directly)
encapsulates data packet in a register message, and then this packet will be sent to RP
via unicast route. When RP receives this register message, it will capsulate the packet
and dispatches the message to the receiver of the group all the way along SPT.
Every host used for receiving will add in the multicast group via IGMP member report.
The last-hop router (or the DR in the multi-access network) will deliver the received addin message to RP for registration tier-by-tier. The media-router will check if the route of
this group has existed. If it has been there, the downstream query router will be added in
the share tree as a branch. If not, the message will be added in and sent to RP.
When RP or multicast router directly connects receiver, the share tree can be switched
over to source-based SPT. When RP receives a registration message from a new
multicast source, RP will return an add-in message to DR which directly connects with
the multicast source. So a STP from source to RP should be built.
When one DR or the router directly connecting with multicast members receive the first
multicast data packet from the multicast group, or when their received packets reach a
certain threshold , it can switch the share tree to source-based STP. As soon as the
switchover occurs, the router will send a graft message to upstream neighbor asking it to
leave the share tree.
22
3.14.3
PIM-Snooping
PIM Snooping multicast protocol sense get multicast route port and user port by sensing
HELLO and JOIN/PRUNE message of multicast protocol, so that multicast data can be
forwarded and network traffic can be reduced.
3.15
DHCP
DHCP is used for centralized management of IP address and other detailed
configuration related information in the network to reduce the complexity of address
configuration management. The client and server need to be in the same Broadcast
Domain when using DHCP service in the network. ZXR10 59/52 series support DHCP
SERVER function to allow this method to be used for building a network. On the other
hand, where the DHCP server and the client are not in the same Broadcast Domain, the
process can also forward DHCP request from one broadcast domain to the other. That is
what is called DHCP Relay.
ZXR10 59/52 switch series implements its in-built DHCP SERVER function through
DHCP protocol to allocate and manage DHCP client-end dynamic addresses. In
additional it can provide corresponding service management interface for the DHCP
clients it also supports the transparent forwarding between DHCP client and DHCP
SERVER through DHCP RELAY AGENT extended options of DHCP protocol.
3.16
Super extendable stacking

SES (Super Extended Stacking) is a new generation of stacking technology. It can
integrate the resources of several switches; extend the whole exchange capacity and
port density to make several switches possess the characteristic of one Super Switch.
Compared with prior stacking technologies, SES is an essential extended stacking
technology. As an enhanced technology by using hardware and software together, a
Super Switch composed by SES stacking technology is in nature no longer several
isolated switch units, but a fully distributed system. This building-block structure enables
users to distribute investment and combine them according to their own needs. It gives
super strong scalability.
3.17
IPv6
IPv6, the new version of Internet Protocol, is raised due to the fast development of
Internet where the addresses IPv4 defined are exhausted and the inadequate address
space stops the future development of Internet. Therefore, to extend address space,
IPv6 is supposed to be used to redefine address space. IPv6 is designed for solving all
the problems IPv4 has, including the restriction to address number, security, automatic
configuration, extensibility and many other problems. It has become a worldwide
awareness that IPv6 replacing IPv4 will become the exclusive new generation
International Internet protocol.
23
3.17.1
IPv6
Routing Protocol
Currently, the popular routing protocols are RIP, OSPF, BGP and IS-IS, etc. In the
coming IPv6 time, these routing protocols running based upon IPv4 should be extended
to support IPv6 technology. ZTE ZXR10 5900 supports many IPv6 routing protocols, i.e.
BGP4+, RIPng, OSPFv3, and IS-IS v6.
3.17.2
IPv6 Multicast Routing Protocol

ZTE ZXR10 5900 also supports rich multicast routing protocols:
3.17.3
MLD (Multicast Listener Discovery Protocol)
PIM-SM(Protocol Independent Multicast Sparse Mode)
MLD-SNOOPING
The Transition Technology for IPv6 Deployment

Currently, the basic IPv6 protocols are getting mature, and mobile IPv6 a DHCPv6
protocols are in standard, therefore, the deployment and the implementation of IPv6
have stepped into a new stage.
In deploying IPv6, 59/52 series switches support the following transition technologies:
Tunnel Technology: consisting of IPv6 manual tunnel which features its sound security.
Normally it is used to uplink 6Bone without requiring DNS service, semi-manual GRE
tunnel, Tunnel Broker used for isolating IPv6 terminal system, automatic IPv4
compatible tunnel used by host with few traffic or small network, automatic 6To4 tunnel
between multiple IPv6 domains crossing IPv4 and ISATAP tunnel or 6over4 used for
campus network or route less station.
By dual stacking technology, all the devices in the backbone network can be upgraded
to dual-stacking devices for realizing independent V4 and V6 communication by IPv4
and IPv6 protocol stacking and the related routing protocols respectively.
3.18
ACL Technology of 59/52 Switches

The ZXR10 59/52 series are designed with a powerful ACL function. Since the ACL
filtering is implemented by hardware, ACL will not affect the forwarding of the packets,
and ACL can operate at full line-speed.
The ACL of the ZXR10 59/52 switches falls into four categories: Standard ACL,
expanded ACL, L2 ACL, and hybrid ACL.
24
3.18.1
Standard ACL
Standard ACL only filters L3 IP source addresses. In practice, most ACLs only perform
filtering based on IP source addresses, so that by putting such ACL put into the same
category, it can allow network administrators to manage the network easily. For example,
the network administrator only allows users in Vlan5, and a couple of managers on other
network segments to access the Internet. Other users are not allowed to access the
resources outside the enterprise network. One standard ACL can be created on the
Router, with the following three rules added:
Rule 1 permit 10.1.5.0
0.0.0.255
Rule 2 permit 10.1.6.66 0.0.0.0

Rule 3 deny any
With this ACL bonded to the Vlan3 interface of the Router, only all employees of the
marketing department and the managers of the R&D department (IP address: 10.1.6.66)
will be able to access the Internet.
If a department does not have too many employees, the network administrator can
flexibly enable the access to the Internet for a certain employee. Sometimes, the
network administrator wants to prohibit R&D personnel from accessing the Internet
during the working hours, but allow them to access the Internet during non-working
hours. In this case, a time-based ACL can be created. First, create one of the following
time ranges on the Router:
Time-range rd-internet 18:00-8:30, 12:00-14:00
Then, modify the above rules:
0.0.0.255
Rule 2 permit 10.1.6.66 0.0.0.0

0.0.0.255 time-range rd-internet
Rule 4 deny any

With this ACL bonded to the Vlan3 interface of the Router, all the employees of the
marketing department and the managers of the R&D department (IP address: 10.1.6.66)
will be able to access the Internet at any time, but other employees of the R&D
Department can only access the Internet during non-working hours.
The limitation of the standard ACL is that it can only filter source IP addresses. If the
network administrator wants to prohibit the employees from accessing Internet resource
of particular websites and particular TCP ports, the standard ACL cannot achieve this
purpose and the another type of ACL must be used.
3.18.2
Expanded ACL Technology

The expanded ACL performs filtering based on the header fields of IP, TCP, UDP, and
ICMP. The fields of IP header include source IP address, destination IP address,
protocol number, ToS, Precedence, DSCP, and Fragmentation. The fields of TCP header
25
include source port, destination port and Established. The fields of the UDP header
include source port and destination port. The fields of the ICMP header include Type and
Code. The expanded ACL can meet more complicated requirements from the network
administrator and allows granular traffic classification by filtering the multiple fields in the
L3 and L4 packets headers.
For example, the network administrator does not allow the employees of the marketing
department to access the network resources of the financial department. One expanded
ACL can be created in the switch, with the following rules added:
Rule 1 deny ip 10.1.5.0 0.0.0.255 10.1.4.0 0.0.0.255
Rule 2 permit ip 10.1.5.0 0.0.0.255 any
With this ACL bonded to the Vlan5 interface of the switch, the employees of the
marketing department can be prevented from accessing the network resources of the
financial department.
Another example, the employees of the R&D department are not allowed to access the
internal servers via Telnet. One expanded ACL can be created in the switch, with the
following rules added:
Rule 1 deny tcp 10.1.6.0 0.0.0.255 10.1.2.0 0.0.0.255 telnet
Rule 2 permit ip
10.1.6.0 0.0.0.255 any
With this ACL bonded to the Vlan6 interface of the switch, the employees of the R&D
department can be prevented from accessing the internal servers via Telnet. To prevent
the employees of the R&D department from accessing the internal servers during nonworking hours via Telnet, first create a time range on the switch:
Time-range rd-telnet 18:00-8:30, 12:00-14:00
Modify the above Rule:
Rule 1 deny tcp 10.1.6.0 0.0.0.255 10.1.2.0 0.0.0.255 telnet time-range rd-telnet
Rule 2 permit ip 10.1.6.0 0.0.0.255 any
With the ACL above bonded to the Vlan6 interface of the switch, the employees of the
R&D department can be prevented from accessing the internal servers via Telnet during
the non-working hours.
The expanded ACL can filter the fields in the IP header such as ToS, Precedence, and
DSCP. Therefore, this type of ACL is also used as QoS traffic classification technology,
in order to provide different type of traffic with different QoS assurances. The details
about QoS will be described in a following chapter.
3.18.3
L2 ACL
L2 ACL mainly perform filtering on the fields in L2 header, including source MAC,
destination MAC, Ethernet protocol type, VLAN label and VLAN priority. L2 ACL is
mainly used for access control over the same network segment. For cases where it is
26
not necessary to know the IP address or a protocol other than IP is used, some network
resources can be protected by filtering L2 MAC addresses and VLAN labels.
For example, on the network segment in the R&D department, some computers are
used for experiment, and they have no fixed IP addresses. The network administrator
only allows them to be used on the network segment of the R&D department. It is not
allowed to use any other enterprise network resources from these computers. One L2
ACL can be created in the Switch, with the following Rules added:
Rule 1 deny ip ingress 00d0.d0c1.12e3 0000.0000.0000 any
Rule 2 deny ip ingress 00d0.d0c1.12e4 0000.0000.0000 any
Rule 2 permit ip ingress any egress any
With the above ACL bonded to the access port for the R&D of the Switch, the two
experiment hosts with the MAC addresses of 00d0.d0c1.12e3 and 00d0.d0c1.12e4 can
only be used on the network segment of the R&D department, they cannot access any
other enterprise network resources.
Effective time range can also be defined for L2 ACL, just like standard or expanded ACL.
The system allows up to 100 L2 ACLs to be created, and each ACL can have as many
as 128 Rules.
3.18.4
Hybrid ACL technology

The hybrid ACL is capable of filtering packet headers of L2, L3 and L4. Fields for filtering
on L2 include VLAN label, source MAC address and destination MAC address. Fields for
filtering on L3 include source IP address, destination IP address, and IP protocol ID.
Fields for filtered on L4 include source port and destination port. The hybrid ACL
combines the characteristics of the expanded ACL and L2 ACL. Filtering based on IP
address and MAC address bonded together can be used to further implement controlled
access to the network resources.
For example, in the enterprise network, the IP addresses of the internal servers cannot
be modified. Now, there are three servers, of which 10.1.2.10 is open on Monday,
Wednesday and Friday each week, 10.1.2.12 is open on Tuesday, Thursday and
Saturday each week, and 10.1.2.14 is open every day. First, create two time ranges in
the Switch:
Time-range server1 Monday, Wednesday, Friday
Time-range server2 Tuesday, Thursday, Saturday
One hybrid ACL can be created in the Switch, with the following Rules added
Rule 1 permit ingress 00d0.d0c1.12fe 0000.0000.0000 egress any ip 10.1.2.10 0.0.0.0
any time-range server1
Rule 2 permit ingress 00d0.d0c1.12de 0000.0000.0000 egress any ip 10.1.2.12 0.0.0.0
any time-range server2
Rule 3 permit ingress 00d0.d0c1.12f5 0000.0000.0000 egress any ip 10.1.2.14 0.0.0.0
any
27
Rule 4 deny ingress any egress any ip any

With the above ACL bound to the Vlan2 interface of the internal server network, the
00d0.d0c1.12fe:10.1.2.10 server will be available on Monday, Wednesday, and Friday,
the 00d0.d0c1.12de:10.1.2.12 server will be available on Tuesday, Thursday and
Saturday, and the 00d0.d0c1.12f5:10.1.2.14 server will be available every day.
3.19
QoS Technology
3.19.1
Brief Introduction to QoS
3.19.1.1
Background of QoS
Our existing Internet can only provide best-effort service. With this service model, all
service flows are treated equally for the fair competition for the network resource.
Routers adopt a working style of FCFS (First Come First Service) for all IP packets. It
tries its best to send the IP packet to the destination. But it doesnt assure that sending
of IP packets is reliable or on time. This suits services like Email, Ftp, and WWW, etc.
With the fast development of Internet, IP service is also developing quickly and now it
has more varieties. Especially with the rise of multimedia service, computer is no longer
a tool for just processing data. It becomes closer and closer to our life. Interaction with
computers is becoming more and more real-time and lively, which accordingly put high
requirement for Internet network. For those applications with special requirements such
as bandwidth, delay and delay jitter etc., the existing best-effort service is obviously not
competent enough. Although network bandwidth and speed have increased greatly due
to the development of network technology, data transmitting over the network is also
increasing at the same speed, or even exceed the speed of network development. So
network bandwidth and speed still remain a bottleneck problem. Meanwhile, some new
applications developed in recent years (such as multimedia application, multicast
application etc.) not only increase the network traffic but change the traffic nature of the
Internet. Thus they have brand-new service requirements. If the network doesnt have
service quality warranty, if it cant reserve bandwidth or limit network delay, it wont
support those applications like VoIP, videoconference, which are sensitive to the
performance parameters such as network bandwidth, delay, jitter, and packet drop ratio.
3.19.1.2
Requirements of QoS Function

The objective of QoS is to effectively provide the user with end-to-end service quality
control or warranty. QoS is where a network unit (such as application, host or network
equipment) can ensure that its service flows and service requirements are satisfied on
certain level. QoS can control various network applications and meet the requirements
of various network applications.
28
Controlling the resource: for example, bandwidth used on backbone FTP can be
restricted. The access to database can also be offered with higher priority.
Customized service: users of an ISP (Internet Service Provider) probably will send
out voice, video-sending or other real-time services. QoS enables ISP to
differentiate the different packets and provide different services.
Coexistence of various requirements: it can provide bandwidth and low delay

guarantee for time-sensitive multimedia services, and wont be influenced by other
services using the network.
QoS doesnt create bandwidth. It just manages bandwidth based on the needs of
application and network status. QoS has a set of performance parameter including:
Service availability: the reliability of linking between the users and Internet services.
Transmission delay: the interval of packet sending and receiving between two
points of reference.
Variable delay: also called jitter, which indicates the difference in time interval
among packets of one stream of data flow sent over one route
Throughput: the rate of packet sending over the network. It can be put in the form of
average rate or peak value rate.
Packet drop ratio: the highest rate of packets dropped during the process of packets
transmission. Dropping of packets generally results from network congestion.
To ensure that users can obtain service quality they need from ISP, the users have to
sign SLA (Service Level Agreement) with ISP. And ISP also has to build TCA (Traffic
Condition Agreement) among each other. SLA standardizes the service types and traffic
volume for each type of traffic from the client-side network. TCA standardizes certain
criteria need to be fulfilled by data traffic different ISPs.
Therefore, when there is data flow entering a DS area, the ingress node will perform
traffic classification and conditioning, record status information of the flows (single data
flow or aggregated flow), and also the node will perform metering, marking, shaping and
dropping based on the stream profile agreed with the users in order to make the input
stream in compliance with SLA. Meanwhile, DSCP value is marked on the packet header,
which is added to the corresponding BA (Behavior Aggregate). Egress nodes possibly
need to regulate the output stream to ensure its in compliance with TCA of downstream
DS area.
To realize the above objective, the network elements in QoS domain provide the
following functions:
Packet Classification and Coloring
Traffic Policing
Traffic Shaping
Congestion Avoidance
29
3.19.1.3
Queue Management and Scheduling
Service Model
One way to implement QoS is to allocate resource to each data flow based on the
requirements of the service level. This method of using resource reservation to allocate
the bandwidth will not be suitable for Best-effort applications. Since bandwidth is
limited, the designer of QoS introduces the concept of priority, which makes Best-effort
data flows can also be given certain level of guarantee. Therefore, IP QoS can be
classified into two fundamental models:
Resource reservation-based: network resource is allocated and resource

management strategy is established based on QoS requirements of one certain
service. The IntServ (Integrated Services) proposed by IETF (Internet Engineering
Task Force) is based on this strategy. And RSVP protocol (Resource Reservation
Protocol) is the core of this model
Priority-based: edge network nodes to classify, shape and mark the service flows.
Core nodes allocate the resource based on resource management strategy, and
give priority to those services which has more demanding requirement in QoS.
DiffServ (Differentiated Services) proposed by IETF is based on this strategy.
These QoS methods can be applied to single data flow or aggregate flow. IP QoS can be
classified as follows based on different data flow applied to:
Applied to single data flow: single data flow is a single, one-direction data flow
between two applications (sender and receiver). It can be categorized based on five
parameters of transmission protocol, source address, source port number, target
address and target port number.
Applied to aggregate flow: aggregate flow is comprised by two or more single data
flow, which have something in common in respects of one or more parameters, for
example marking, priority and/or some authentication parameters.
To settle the problem of QoS, IETF has proposed several service models and systems:
30
Integrated service (IntServ) and Resource Reservation (RSVP): to put forward flow
specification (Flowspec) to the network in RSVP signaling, create and dismantle
service flow state on the transmission path. Host and network create and maintain
the service flow state information. Though RSVP is often applied in single data flow,
it also applied in resource reservation of aggregate flows.
Differentiated Services: in the differentiated services network, the border router

divides the user stream into different levels based on their stream profile and then
aggregates them into stream aggregate, and saves the aggregate information into
the DS code point domain of IP packet header, which is called DSCP (Differentiated
Services Code Point). The internal nodes provide scheduling and forwarding
services of different quality based on DSCP.
MPLS (Multi-Protocol Label Switch): To provide bandwidth management of stream

aggregate through network path control based on marking on packet headers.
SBM (Subnet Bandwidth Management): in charge of the classification and

prioritization of L2 (data link layer), and share and exchange information with IEEE
802 network.
Theoretically, IntServ/RSVP model can certainly provide guarantee for IP network QoS.
But later some network experiments have proved that this kind of service model has
obvious limitations: the scalability is not good and the more serious problem is that it
requires core network equipment to remain its state when it passes each single data flow,
where in practice core network equipment cannot achieve this. Though both major
network equipment manufacturer and host support RSVP, which is also widely accepted,
it is not the mainstream. The reasons for that are listed as follows:
The scalability is not good: the scalability is the most deadly problem of
IntServ/RSVP model. Its stream-based resource reservation, scheduling, and buffer
management can help to provide QoS guarantee. However, the state information
increases with the growth of service flow quantity, thus, routers on the way need to
maintain a soft state for each single data flow. While the memory capacity of the
network equipment is limited and soft state information can be saved is limited.
Therefore, its nearly impossible to meet the demand in a carrier-class network.
Too demanding for network equipment: all network equipments have to support
RSVP signal protocol, access control program, classifier and scheduler.
Per-flow state concept is introduced to RSVP. To data communication and real-time

application communication, IP network plays two different roles as connectionless
and connection network. It provides two kinds of function, which is contradictory to
its design principle of simplification.
Resource reservation doesnt suit short time stream such as Web stream. So Web
stream traffic exceeds 50% in Internet.
There is conflict between resource reservation and router protocol in IntServ/RSVP.

From the perspective of routers, its a good path. But from the perspective of
resource reservation, theres no enough resource for reservation, so path cannot be
create for data flow, thus, this process has to stay here, waiting for the upper layer
to dismantle this timeout application process and set up a new path.
Therefore, its hard to implement IntServ QoS guarantee. It needs complicated streambased resource reservation, connection control, QoS router and scheduling mechanism.
Link state is always changing in complicated large-scale network such as Internet. So its
very difficult to reserve bandwidth resource effectively. Whats more, resource
reservation itself is contradictory to the main feature of IP network - connectionless.
More importantly, IntServ faces the problems of scalability and robustness. That is
because that its hard to maintain the consistency of the state of the dynamic,
replication-allowed streams in a distributed network circumstance.
31
The key characteristic of DiffServ is simple, effective, and highly scalable. It implements
aggregation mechanism to aggregate several service flows with similar attributes and
provide service for the whole aggregated stream instead of each single service flow.
That is to say, the DiffServ edge network equipment maintains per-flow state. The core
network equipment only forwards packets without maintaining state information. This
kind of core-stateless structure has high scalability.
DiffServ greatly reduces signaling overhead and put emphasis on stream aggregate with
a set of PHB (Per-Hop-Behavior) which is applicable for whole service network. We
can classify the data flows according to pre-determined rules, so that we can aggregate
numerous application data flow into a few levels of data flows. Specifically, border nodes
classify, shape, mark and aggregate service flows into different stream aggregate based
on user stream profile and resource reservation. Stream aggregate information is
included in DSCP mark domain of packet IP header. Core network equipment would
take stream aggregate as service object when performing scheduling and forwarding of
IP packets. This process is called PHB, which is actually a relative priority mechanism.
3.19.2
QoS Technology for ZXR10 59/52 switch series

The ZXR10 59/52 switch series provide comprehensive QoS support for IP DiffServ
solution, and are completely compatible with the related standards of the IETF DiffServ
solution, including RFC2474, RFC2475, RFC2497, and RFC2498. These products
support IP Precedence or DSCP as the QoS in-band identifications, and support
DiffServ-related functional components such as the flow controllers (including classifier,
marker, measurement unit, and shaper) and various PHBs (congestion management
and congestion avoidance).
The QoS of the Ethernet switches feature the following:
3.19.2.1
Packet Classification
Priority Marking
Congestion Management
Congestion Avoidance
Traffic Policing
Traffic Shaping
Physical interface total rate limiting
Packet Classification and Priority Marking

Packets Classification is to classify data packets into a number of priority levels or ToS
(Type of Service). For example, packets can be classified into up to eight types, with
packets marked with first three bit (IP priority) of the Type of Service (ToS) field of the IP
packet header, or into at most 64 types with the packets marked with Differentiated
Services Code Point (DSCP, the first six digits of the ToS field). When the packets have
32
been classified, QoS features can be applied to the different types, to perform classbased congestion management and traffic shaping.
Network administrators can configure the policy for classifying packets. This policy not
only includes in-band identifications parameters such as IP priority or DSCP value of IP
packet and CoS value of 802.1p, but can also specify input interface, source address,
destination address, MAC address, IP protocol or application port number, etc. The
classification result is beyond scope limits, which can be a flow determined by the
quintuple (source address, source port number, protocol number, destination address,
destination port number), or all packets destined toward a network segment. The ACL,
especially the expanded ACL technology, can be used to classify packets into different
types based on different requirements.
Usually when packets are classified at the edge network, IP priority or DSCP is marked
at the same time in order to simply use the IP priority or DSCP as the criteria for
classification inside the network. And this priority can be used by queuing technology to
process packets differently. Downstream networks can selectively receive the classified
results from upstream, or re-classify the packet flow based on their own classification
criteria.
For example, perform classification and marking at the edge network as follows:
To aggregate all VOIP data packets into the EF ToS, and mark the packet IP priority as 5
or the DSCP value as EF aggregate all VOIP control packets into the AF ToS, and the
packet IP priority as 4, or the DSCP value as AF31.
When packets are marked and classified at the edge network, differentiated services can
be provided to different types traffic in the intermediate nodes of the network according
to the labels. For example, the delay and less jitter are ensured for packets of the EF
ToS in the above example, and are put under traffic policing, while for the AF ToS,
appropriate bandwidth is still assured even during traffic congestion, etc.
3.19.2.2
Congestion Management
Congestion management usually employs queuing technology, which packets are
temporarily buffered into queues inside the router based on appropriate policies, and
withdraw from the queue by certain scheduling policy before being sent out of the
interface. Depending on the in-queue and out-queue policy, congestion management
can be classified as follows:
1. First In First Out Queuing, FIFO
Figure 4
FIFO Scheduling
As indicated in Figure 4, instead of classifying the packets, the FIFO queuing (FIFO
hereinafter) accepts the packets into the queue based on their arriving sequence at the
interface when the speed of the packets arriving at the interface is faster than the speed
33
that the interface can send. At the same time, the FIFO sends the packets out of the
queue at the exit at their in-queue sequence on FIFO basis.
2. Strict Priority Queuing, SP
Figure 5
SP Scheduling
As shown in Figure 5, the Strict Priority Queuing (SP hereinafter) classifies the packets,
based on VLAN CoS value, IP packet priority/DSCP, or n-tuple conditions. In the
example shown in Figure 5, all the packets are classified into four types to belong to any
of the four SP queues, and respectively sent to the corresponding queue based on their
types. The four SP queues are high-priority, medium-priority, normal-priority, and lowpriority queues. When the SP sends packets out of the queue, it first sends out packets
from the high-priority queue until all packets in high-priority queue are sent out. Then SP
sends those in the medium-priority queue until no packet is left in the medium-priority
queue. Then it proceeds to sending those in the normal-priority queue and low-priority
queue in turn. In this way packets classified into higher priority are sent first, and those
with lower priority will be postponed by those of higher priority in case of congestion. In
this mechanism, packets (such as VOIP) of higher priority are processed firstly, leaving
those of lower priority (such as E-Mail) processed when the network is idle after critical
services are done, which ensures the priority of higher priority services and makes full
use of network resources as well.
3. Weighted Round Robin Queuing, WRR
Figure 6
34
WRR scheduling
As shown in Figure 6, the WRR classifies the packets according to such conditions as
VLAN CoS value, IP packet priority/DSCP, and n-tuple, ultimately into eight types that
respectively belong to one of the eight queues of the WRR. Then it sends the packets into
the corresponding queues according to the type of the packet. The eight WRR queues can
be allocated with the interface bandwidths to seize as per the ratio defined by the user.
When send the packets out of the queue, the WRR takes packets of appropriate amount,
according to the defined bandwidth ratio, from queues 1 to 8 respectively, and sends them
out from the interface.
4. Deficit Weighted Round Robin Queuing, DWRR
Figure 7
WRR scheduling
Compared with the packet-based WRR, the byte-based DWRR takes into account of the
factor of packet length, further improving the fairness of queue scheduling.
Depending on the weighted value configured for the queue, the DWRR allocates
Quantum for each queue. When scheduling the out-queue packets, it decides the
number of bytes of the queues based on the current Deficit Counter, deciding the
bandwidth of each of the queues.
5. Weighted Fair Queuing, WFQ
Figure 8
WFQ scheduling
35
As shown in Figure 8, the WFQ classifies packets by their flows, grouping the packets
with the same source IP address, destination address, source port number, destination
port number, protocol number, and IP priority in the IP network into one flow. Each flow is
allocated a queue, and different flows are allocated into different queues as much as
possible. There are at most eight queues. When flows are being sent out of the queue,
WFQ allocates the exit bandwidth to be seized by each flow according to its IP priority.
The smaller the priority value is, the less the bandwidth will be allocated. The larger the
priority value is, the more bandwidth will be allocated, which assures the fairness
between services of the same priority, and the weighted value between services of
different priority. For example, if there are currently eight flows in the interface, with the
priorities 0, 1, 2, 3, 4, 5. 6, and 7, the total bandwidth quantum will be the sum of the
priorities of all the flows + 1 for each flow, that is, 1 + 2 + 3 + 4 + 5 + 6 + 7 + 8 = 36. The
bandwidth ratio to be seized by each flow is: (its priority+1)/ (sum of all (flow priorities +
1)), that is, 1/36, 2/36, 3/36, 4/36, 5/36, 6/36, 7/36, and 8/36.
Another example, if there are four flows currently, and the priority of three is 4 and that of
the one is 5, the total bandwidth quantum will be (4 + 1) * 3 + (5 + 1) = 21. In this case,
the bandwidth ratio of the three priority 4 flows is 5/21, and that of priority 5 flow is 6/21.
This evidences the weighted value to the services of different priorities by the WFQ on
fair basis, and the weighted value depends on the IP priority carried in the IP packet
header.
3.19.2.3
Congestion avoidance
Due to limited memory resource, traditionally all arriving packets will be dropped when
the queue length is up to a specified maximum. For TCP packets, dropping large
quantity of packets will result in TCP timeout, which will trigger the -start and congestion
avoidance mechanism of TCP to reduce the rate of sending packets. When the queue
drops packets of several TCP connections at the same time, it will trigger slow-start and
congestion avoidance at these connections at the same time, which is referred to as
TCP global synchronization. In this way these TCP connections will send fewer packets
to the queue, keeping the packets traffic sent to the queue lower than the line forwarding
speed, and reducing line bandwidth utilization. Traffic packets sent to the queue will
keep changing drastically, where traffic on the line keep fluctuating to be either minimal
or fully saturated.
To prevent the above situation from happening, packet drop strategy of Weighted
Random Early Detection (WRED) can be employed, which allow users to set thresholds
for the queues. When the queue length is below the low threshold, WRED drops no
packets. When the length is between the low and high thresholds, WRED begins to drop
packets randomly (the longer the queue is, the higher the probability of being dropped
will be) .when the queue length is longer than the high threshold, it drops all packets.
As WRED drops packets randomly, it prevents several TCP connections from slowing
down their sending speed at the same time, which avoids the global TCP
synchronization phenomenon. When packets of a TCP connection are dropped and TCP
connection begins to slow down its sending speed, the rest of TCP connections still
maintain a high sending speed. In this way there are always TCP connections engaged
in high speed sending, which improves the bandwidth utilization.
If packets are dropped based by simple comparison between instantaneous queue
length and thresholds set by the user (which is the absolute length for setting queue
thresholds), data flows will probably be treated unfairly. Therefore average queue length
is used instead for comparing with the user-configured threshold to decide dropping.
Here the average queue length refers to the result of the queue length being filtered by
36
low-pass. It can both indicate the changing trend of the queue, and be insensitive to
burst changes of queue length, and avoid unfair treatment to those data flows.
WRED is aware of in-band QoS identifications such as IP priority and DSCP, and can set
the packets of different IP priorities or DSCP with different queue length filtering
parameters, queue thresholds, and drop probability etc., thus it offers different dropping
characteristics for packets with different priorities.
The relationship between WRED and queue mechanism is shown in Figure 9:
Figure 9
Relationships between WRED and Queue Mechanism
With WRED and WFQ used together, flow-based WRED can be implemented. The
reason is that different flows have their own queues when being classified, and smaller
flows tend to have shorter queue length, which reduces their probability of being
dropped. While larger flows tend to have longer queue length and may be dropped more,
which protects the interests of those smaller flows.
3.19.2.4
Traffic policing
Traffic policing is typically used to restrict traffic and bursts which enter certain
connection of a network. The ZXR10 59/52 switch series support traffic policing
algorithm in RFC-defined single-rate and dual-rate color-blind/color-sensitive mode.
When packets meet conditions such as excessive packet traffic for a connection, traffic
policing will process them in different ways such as dropping packets or resetting their
priority, etc. A common practice is using Committed Information Rate (CIR) to restrict the
traffic for certain type of packets, such as confining the HTTP packets to within 50% of
the network bandwidth.
For ISPs, it is critical to control the traffic sent into the network by the users. For
enterprise networks, restricting the traffic of some applications prove to be an effective
tool to control network state, since network administrators can use the CIR to control the
traffic.
CIR controls traffic using Token Buckets (TB):
37
Figure 10 Basic Processing of Traffic Control in CIR
Figure 10 illustrates the basic processing of traffic control in CIR. First, packets are
classified according to the preset match rules, leaving packets without specified traffic
characteristics to be forwarded without processing by the TB. Packets which needs
traffic control, however, will enter the TB for processing. If there are enough tokens in the
TB for sending packets, they are allowed to pass and be sent further. If the tokens in the
TB dont meet the requirements for packet forwarding, the packets will be dropped. In
this way, it can control the traffic for a specific type of packets.
The token bucket will automatically places tokens into the bucket at a rate specified by
user, where it is also possible to set the capacity of the bucket. When the tokens in the
bucket exceed bucket capacity, no more tokens will be added into it. When the packets
are processed in the bucket which has enough tokens to send packets, the packets will
be allowed to pass and be forwarded. At the same time, tokens in the bucket are
reduced accordingly based on packet length, and packets will be dropped when the
tokens become so few that no packet can be sent.
TB is an effective tool to control data traffic. When the bucket is filled with tokens,
packets represented by all tokens in the bucket can be sent, which allows burst data
transmission. When the bucket runs out of tokens, no packet can be sent until new
tokens are generated in the bucket. This confines packet traffic to less than or equal to
the speed of token generation, for the purpose of traffic limitation.
In practice, traffic policing of ZXR10 59/52 switch series not only can control traffic, but
also can mark or re-mark the packets. Specifically, traffic policing can set or modify the
IP packet priority by marking the packets.
For example, when packets conform to traffic characteristics, their priority can be set as
5. When packets do not conform to traffic characteristics, they can either be dropped, or
sent further with their priority set as 1. In this way subsequent processing will ensure that
packets of priority 5 will not be dropped, and those of priority 1 will be sent when the
network is not congested. In case of congestion, packets of priority 1 will be dropped
before those of priority 5.
Traffic policy can give different traffic characteristics and marking characteristics for
different packet categories, that is, to classify packets and provide different packets with
appropriate traffic characteristics and marking characteristics.
38
3.19.2.5
Traffic shaping
Traffic shaping is typically used to restrict traffic and burst for a connection of a network,
so that these packets can be forwarded at a smoother rate. Traffic shaping is usually
implemented by buffer and token bucket. When packets are being sent too fast, they are
first cached into the buffer, before they can be sent at a constant speed under the control
of token bucket.
Traffic Shaping (TS) can shape irregular traffics or those who do not conform to pre-set
traffic characteristics in order to facilitate bandwidth match between upstream and
downstream of the network.
Similar to traffic policing, TS also controls the traffic with token bucket technology. The
difference between TS and traffic policing are as follows: traffic policing drops nonconforming packets against the traffic characteristics during packet traffic control, while
TS buffers these packets in order to minimize drops and to meet the traffic
characteristics for the packets.
The basic processing of TS is shown in Figure 11, in which the queue for packet
buffering is called a TS queue.
Figure 11 TS processing
The TS can shape packet traffic specified on an interface or for all packets. Arriving
packets are classified first, and those requiring no TS processing will be forwarded
directly, without token bucket processing. Packets in need of TS processing will be
compared against the tokens in the bucket, and the bucket continues to place tokens
into the bucket at the speed specified by user. When there are enough tokens in the
bucket to send packets, the packets are allowed to be forwarded. At the same time,
tokens in the bucket are reduced accordingly based on the packet length. When tokens
in the bucket are reduced so few that no packet can be sent; the packets will be buffered
into the TS queue. If there are packets in the TS queue, the TS will take them from the
queue and send them by a cycle. Each time it sends packets, the packets will be
compared with tokens in the bucket, until the number of tokens in the bucket is reduced
to so few that no packet in the queue can be sent, or until all the packets in the bucket
have been sent.
3.19.2.6
Physical Interface Total Rate Limiting(Link Rate-Limiting, LR)

LR can restrict the total rate of interface packets (including control packets) rate on a
physical interface, and still uses the token bucket for traffic control. If the user has
configured LR which specifies traffic characteristics at an interface of the switch, all
packets sent through the interface will first be processed by port-based token bucket. If
39
there are enough tokens in the bucket to send packets, packets can be sent. If the
tokens cannot meet packet-sending conditions, the packets will be put into the QoS
queue for congestion management. In this way the packet traffic through the physical
interface can be controlled.
Likewise, since token bucket is used to control traffic, tokens (if there are any in the
bucket) allow burst transmission of packets. When the bucket runs out of tokens, no
packet can be sent until new tokens are generated in the bucket. This confines the
packet traffic to less than or equal to the speed of token generating, so that traffic can be
limited, and burst traffic can be allowed to pass.
Compared with traffic policing, the LR can restrict all packets passing the physical
interface. Traffic policing is flow specific and does not apply for those packets not
configured with traffic policing.
To sum up, the QoS processing of the ZXR10 59/52 switch series is shown in Figure 12:
Figure 12 QoS Processing of the ZXR10 59/52 Switches Series
3.19.3
QoS Applications
3.19.3.1
PHB Assurance of Voice and Video Service Types

Ongoing development of the network enables people to come up with non-traditional
data applications such as IP voice (VOIP) and video-conferencing. The integration of
voice, video and data networks into one network is an inevitable trend of network
development, which can lower network maintenance costs and enhance the
competitiveness of communication service providers. This requires the IP network to
guarantee voice information delay and delay jitter requirements, and to provide voice
quality comparable to Public Switched Telephone Network (PSTN).
The abundant QoS mechanism of ZXR10 59/52 switch series can fully satisfy the above
requirements of merging three networks into one. The following technologies can also be
integrated to reduce the transmission delay of voice packets:
The SP queue scheduling algorithm puts voice packets into high-priority queues,
ensuring them to be scheduled first in case of congestion. The queue scheduling mode
of SP and WRR combined can also be used, as shown in Figure 13:
40
Figure 13 VOIP Support
In the applications of the three networks integrated, traffics on the router are classified
into the three categories of voice, video and data, and these categories are set with
different priorities with the coloring function of traffic policing. At the same time, the SP
queue, WRR queue, or SP/WRR combined queue are configured to ensure voice
packets of high priority are served first in case of network congestions, reducing the
transmission delay of voice packets. Traffic policing and traffic shaping are configured on
the router to control the packet traffic when they enter the DS (DiffServ) area from the
router. When the packets enter the DS area; they will be forwarded based on the packet
category at the corresponding PHB. Routers of the DS area can be configured with
WRED to lower the possibilities of network congestions, and queue technologies of SP
or WRR can be used to ensure the priority scheduling of voice packets in case of
network congestion to reduce the packet transmission delay and delay jitter, ultimately to
improve the transmission quality of time-sensitive real-time voice services..
3.19.3.2
Summary of Applications
With the development of network applications and flourishing of new services such as
VoIP and videoconferencing which are different from traditional data communication, the
integration of voice, video and data networks is an inevitable trend in network
development. For voice, video and data communications that pose different network
service requirements, the IP core network should be able to differentiate these
communications, and provide them with different services. The abundant QoS features
of the ZXR10 59/52 switch series can provide the functions of packet classification and
coloring, congestion management and congestion avoidance, traffic policing and traffic
shaping. Networks built with such network equipments as the ZXR10 59/52 switch series
can support QoS. It is capable of providing and ensuring expected services for different
categories of the communication packets. For network carriers and users in the industry,
these QoS features can be configured flexibly to provide the services of their customers
with scalable and effective differentiated services, and implement and ensure the
committed QoS.
41
System Architecture
4.1
Product Physical Structure

The front panels of ZXR10 5952/5252/5928/5928-PS/5228/5928-FI/5228-FI/5224 are:
Figure 14 The front panel of ZXR10 5952/5252
Figure 15 The front panel of ZXR10 5928/5928-PS/5228
Figure 16 The front panel of ZXR10 5928-FI/5228-FI
Figure 17 The front panel of ZXR10 5224
The front panel of ZXR10 5952/5252 has 44*GE electric interfaces, 4*GE
optical/electrical adaptive interfaces and one Console port. For ZXR10 5928/5928PS/5228, there are 20*GE electrical interfaces, 4*GE optical/electrical adaptive
interfaces and one Console port on the front panel. For ZXR10 5928-FI/5228-FI, there
are 20*GE interfaces, 4*GE optical/electric adaptive interfaces and one Console port on
the front panel. On the front panel of ZXR10 5224, there are 20*GE interfaces, 4*G
optical/electrical adaptive interfaces and one Console port. Used for the local
configuration and management of the switch, the Console interface is embedded with
one MGT port that is 10/100BASE-TX port for upgrade and network management, which
shares one RJ45 socket with the Console interface. Table 2 shows the attributes of
MGT port. GE port supports adaptive 10/100/1000Mbps Ethernet. Packets from GE port
will go to packet processor (PP) after being sent to PHY and MAC of main control board,
42
then PP will forward those packets as per their different MAC address and IP address.
All the ports support wire-speed processing, Table 2 below shows their attributes.
Table 2
Attributes Ethernet electric interface on the front panel of ZXR10
5952/5252/5928/5928-PS/5228
Port Type
Description
10Base-T
Complying IEEE 802.3 standard

RJ45 connector
Using Unshielded Twisted Pair (UTP) Categories 3, 4 and 5
Maximum transmission distance of 185
Half-duplex/full duplex
MDI/MDIX
100Base-TX
Complying IEEE 802.3u standard

RJ45 connector
Using Unshielded Twisted Pair (UTP) Categories 5
Maximum transmission distance of 100m
Half-duplex/full duplex
MDI/MDIX
1000Base-T
Complying IEEE 802.3z standard

RJ45 connector
Using Unshielded Twisted Pair (UTP) Categories 5
Maximum transmission distance of 100m
Full duplex
MDI/MDIX
There are some indicators corresponding to link status, operation alarm and power
supply on the front panel of ZXR10 59/52 series switch. The following tables show their
features.
Table 3
Indicators on the panel of ZXR59/52 series switch
Indicator
Features
RUN
Flashing: The main control board is working properly

OFF: The main control board malfunctions
PWR
ON: The main control board has no alarm

OFF: The main control board has alarm
LNK/ACT
ON: The interface has a link established

OFF: The interface has not any connection with other interfaces
Flashing: The interface is receiving/sending data
FDX
OFF: The interface is in half-duplex working condition

ON: The interface is in full-duplex working condition.
43
Table 4
4.2
Attributes of gigabit Ethernet optical interface
Port Type
Attributes
SX(SFP-M500)
LC connector, multi-mode fiber, 850nm wavelength, with a

maximum transmission distance of 500m
Transmitted power: -9.5dBm~-4dBm, reception sensitivity:<18dBm
LX(SFP-S10K)
LC connector, single-mode fiber, 1310nm wavelength, with a

maximum transmission distance of 10km
Transmitted power: -9.5dBm~-3dBm, reception sensitivity:<20dBm
LH(SFP-S40K)

Transmitted power: -4dBm~0dBm, reception sensitivity:<22dBm
LH(SFP-S80K)

Transmitted power: 0dBm~5dBm, reception sensitivity:<-22dBm
Hardware Architecture
ZXR10 5952/5928/5928-PS/5928-FI and ZXR10 5252/5228/5228-FI support 24/28*GE
and 4*10GE uplink interfaces. ZXR10 5224 has 24*GE interfaces. ZXR10
5252/5228/5228-FI /5224 supports complete L2 features as well as basic L3 features.
ZXR10 5952/5928/5928-FI supports complete L2 and L3 features, with single-stage
switching being used for processing and forwarding of packets from GE and 10GE ports.
Figure 18 Functional Block Diagram for the hardware system of ZXR10 59/52 series
At present, ZXR10 5928-FI/5228-FI is designed with similar hardware architecture,

ZXR10 5928/5928-PS/5228 and 5952/5252 are also designed with the similar
architecture. ZXR10 5928/5928-PS/5228 and 5952/5252 are designed with the 1U
appearance, where the front panel provides 20/44*1000Mbps electrical interfaces and
4*1000Mbps optical/electrical adaptive interfaces, and the rear panel provides four
service slots supporting four 10G uplink interfaces. ZXR10 5928-FI/5228-FI designed
with 1U appearance, where the front panel supports 20*1000Mbps optical interfaces and
4 *1000Mbps optical/electrical adaptive port, and the rear panel provides four service
44
slots that support four Gigabit uplink interfaces. ZXR10 5224 is designed with 1U
appearance, where the front panel supports 20*1000M electrical interface and 4*1000M
optical/electrical adaptive interface.
The system of ZXR10 5952/5252/5928/5928-PS /5228/5928-FI/5228-FI/5224 consists of
one main control board and some service cards. As per different functions these
modules have, they can be classified into switching and control module, power supply
module and interface module. For details, please refer to figure 3
4.2.1
Switching and Control Module

In practice, switching module and control module are integrated on the same main
control board, and figure4 shows its functional block diagram.
Figure 19 Functional Block Diagram of Main Control Board
10/100/1000M Interface Signal

SDRAM
Console interface
Switch
CPU System
MGT interface
BOOTROM
10/100/1000M Interface Signal
4.2.1.1
Control Module
The control module is composed of main processor and other external I/O chipsets
providing external operation interfaces, for example, serial ports and Ethernet ports. The
control module allows the system to process different applications. The main processor
uses high-performance CPU processor supporting 256M SDRAM, 169M FLASH
Program Memory and 512K BOOTROM. It performs the following functions:
System network management protocol, for example SNMP, etc.
Networking protocols, e.g. OSPF, RIP, and BGP-4 etc
Providing the operation and management interfaces for line cards
System configuration and maintenance
45
4.2.1.2
Switching Module
The switching module is designed with a dedicated Switch chip, which is integrated with
multiple GE and 10GE duplex interfaces, allowing it to perform wire-speed processing of
multiple ports. The Switch chip provides the following functions:
4.2.2
Store-and-forward switching
Supporting 9KB jumbo frame
Supporting priority queuing. Frames can be discarded selectively when CoS queue
is in congestion.
Providing one management and control timer for each port
Power Supply Module

The ZXR10 59/52 series support both AC and DC power source, where -48V DC or
220V AC power source can be used, as well as 12V exterior redundant power module in
1+1 hot backup, for higher reliability of the power system.
Figure 20 shows an AC power supply module of ZXR10 59/52 series switch. Figure 21
shows a DC power supply module of ZXR10 59/52 series switch.
Figure 20 The AC power supply of ZXR10 59/52 series switch
Figure 21 The DC power supply of ZXR10 59/52 series switch
4.2.3
Interface Modules
ZXR10 5952/5252/5928/5928-PS/5228/5928-FI/5228-FI interface modules consist of
10GE interface modules which supports optical interfaces with plug-in optical modules,
therefore, one line card can support different transmission medias and transmission
distances, providing subscribers with the most cost-effective investment by reducing the
extra line cards in different situations. As all electrical interfaces on the line card of
ZXR10 59/52 series switch support cable diagnoses feature by which the connections of
all the cables can be detected at any time, short circuit and open circuit of the cable can
46
be diagnosed immediately. In addition, the failure part can be located as precise as

within 1 meter.
4.2.3.1
1-Port 10GE Interface Board
Working Principle
There are two types of 1-port 10GE interface board: one can provide single-port 10G
XFP Ethernet optical interfaces, the other can provide single-port 10G CX4 Ethernet
electrical interfaces. The service board has one 10G optical interface or one 10G
electrical interface, where packets received by the 10G port PHY will be forwarded to
main control board PP which performs forwarding as per the MAC address and IP
address of the packet, and all the ports can perform in wire speed. Figure 22 shows the
working principle of 1-port 10GE interface board.
Figure 22 The Functional Block Diagram for 1-port 10GE interface board
Indicators and Attributes of the Panel
Figure 23 shows 1-port 10GE interface board.
Figure 23 The panel of 1-port 10GE optical interface board
47
Figure 24 The panel of 1-port 10GE electrical interface board
The optical module used by 1-port 10GE optical interface board is the plug-in XFP
optical module. Table 5 shows all its attributes:
Table 5
The attributes of 10GE interface board
Port Type
Attributes
CX4
CX4 electrical interface, transmission distance: 2m
XFP(XFP-S10K)
1310nm, XFP packaged , SC, SMF, DFB laser, maximum

transmission distance 10km
There are two indicators on the panel of 1-port GE interface board, and Table 6 shows
their features respectively.
Table 6
The functions of the indicators on the panel of 1-port 10GE interface board
Indicator
Features
LINK
On, link of this interface has been established,

Off, this interface does not link to any other interfaces.
ACT
Off, no data is under transmission

Flashing, data transmission
4.3
Software Architecture
4.3.1
Overview
ZXR10 59/52 series switches are multi-layer switches with provide L2 switching and L3
routing capabilities and support multiple functions, providing L2/3 wire-speed switching
and routing with QoS assurance. The operating system software performs system
management, control, and data forwarding. Its basic operations include system start,
configuration management, running of routing protocols, maintenance of various tables,
switch chipset configurations and status control, as well as software forwarding of
certain exceptional packets. The system software is required to support the following
functions:
48
4.3.1.1
Support fundamental L2 protocols, including 802.1D STP protocol, 802.1P priority

control, related functions of 802.1Q VLAN, and 802.3ad link aggregation
Support IPv4 protocol stacks and basic routing protocols
Support higher layer services, e.g. ACL and DHCP
Support partial broadband access functions
Implement Agent function of network management protocol SNMPv3
Allow users to perform network management via serial terminal, Telnet, or SNMP
Manager for tasks including network configuration management, fault management,
performance management and security management
Smooth software upgrade, with on-line upgrade of the active/standby protocol

processing cards, switching modules and network modules
Support various network security features
Based on the system functions mentioned above, the system software can be
classified into five subsystems.
Operation support subsystem, including software modules such as BSP, ROS,

SSP, and VxWorks kernel
MUX subsystem, including data distribution module, statistics and monitoring

module, and hardware driver software module. The data distribution module
distributes data packets to the hardware driver(s) and upper-layer software. The
statistics and monitoring module is responsible for forwarding data statistics and
performs monitoring on the hardware driver(s) and software table(s) etc.
L2 sub-system, including STP protocol, LACP protocol, IGMP SNOOPING protocol,

MAC address management, VLAN management and L2 data forwarding.
L3 subsystem, which implements basic protocols of TCP/IP such as IP, ARP, ICMP,
TCP and UDP, and application protocols such as FTP and Telnet, and implements
unicast and multicast routing protocols, and performs L3 data forwarding.
Network management, operation & maintenance subsystem, which implements the

Agent function of the SNMP network management protocol, which supports
command line management, and provides operation & maintenance interfaces, and
also provides MIB information.
Operation Support Subsystem

The operation support subsystem drives and performs encapsulation for the bottomlayer hardware, and provides support for other software systems on the upper layer. This
49
subsystem provides support for the running of the hardware, allocating resources for the
hardware, and provides hardware-related interfaces for the upper-layer software. The
operation support subsystem relies on the RoS platform of the ZXR10, and it is
composed of system support, system control, software version control, BSP, and SSP. It
can be further divided into operating system kernel, process scheduling, process
communication, timer management, and memory management modules. The functional
block diagram for the operation support subsystem is shown in the following figure
Figure 25 The Functional Block Diagram for the Operation Support Subsystem
4.3.1.2
MUX Subsystem
The MUX subsystem exchanges information between the hardware driver and the
upper-layer software, and performs measurement and monitoring on the software table
of the switch chipset(s). The MUX subsystem mainly performs data distribution and
measurement and monitoring. After the MUX layer receives data from hardware driver
module, it performs forwarding by type according to the ETHER TYPES fields in the
MAC frames. The data distribution of the MUX also performs encapsulation for the data
sending to the hardware driver, providing the upper layer software modules with a data
sending function for invocation. When the modules on the upper layer have data packets
or protocol packets to send, they can invoke the data sending function provided by the
MUX. The measurement and monitoring function measures the status of hardware driver
layer, physical layer and MUX layer, measures packets received/sent, monitors access
to the register, performs sniff operations to the data packets, and provides OAM module
with interface function.
50
4.3.1.3
L2 Sub-System
The L2 subsystem mainly performs configuration management on the data link layer
(management layer), L2 protocols processing (control layer), data forwarding (data layer
or service layer) etc. The module functions are illustrated in the following diagram.
Figure 26 Functional Block Diagram of L2 Subsystem
L2 Protocol Module
L2
Management Module
STP
LACP
GVRP
IGMP
Snooping
Port
Parameters
MAC
VLAN
Port Mirror
L2 Software Forwarding L2 Hardware Forwarding

L2 Switch
Module
4.3.1.4
L3 Sub-System
From the perspective of software hierarchy, the L3 subsystem consists of service control
layer and data forwarding layer, where the service control layer is composed of the
TCP/IP protocol stack and IP forwarding support subsystem. TCP/IP protocol support
includes basic protocols and routing protocols. The basic protocols are the fundamental
protocols in IPv4 protocol suite, which provide services to dynamic routing protocols,
network management and system monitoring. It is mainly consisted of IP, ARP, ICMP,
IGMP, TCP, UDP and Telnet protocol entities which provide fundamental services to the
upper layers. Routing protocols are used to generate dynamic routes, and they consist
of unicast routing protocols such as RIP, OSPF, and BGP, and multicast routing
protocols such as IGMP, PIM-SM, MSDP and MBGP. They also provide related upperlayer protocols such as LDP, VRRP, and RSVP. The IP forwarding and support
subsystem is responsible for the add/remove and modification on the forwarding table
and related policies. It also performs establishment and maintenance of indexes, as well
as data interaction between the CPU and switch chipsets etc. The IP data forwarding
layer performs ingress / forwarding / egress via the switching chipsets, based on the
policy created by the IP service control layer, configuration rules or the routing table.
51
Figure 27 Functional Block Diagram of L3 Subsystem

Unicast Routing
System
Multicast Routing
System
ACL, QoS,
VRRP, Routing
Policy
IP Service Control Layer
Clauses
Rules
Policy Table
Eg
ss ss
Outpu
tre
Proce
Process
Forwarding
4.3.1.5
Inp
ut
Pro
In
gre
sscess
IP Data Forwarding Layer
Forwarding Table
Network Management, Configuration and Maintenance Subsystem

The front NM and Configuration & Maintenance subsystem uses TCP/IP to implement
SNMP NM agent, and performs management by using execution entities of the
managed parties on the bottom layer. The backend NM communicates with the frontend
NM via the network to manage the front systems. In this way, it is possible to isolate the
management network from the transmission network.
4.3.2
Description of Various Layers
4.3.2.1
Data Link Layer Protocol Software

The Ethernet port supports Ethernet-II, IEEE802.2, IEEE802.3, IEEE802.1Q.
4.3.2.2
Network Layer Protocol Software

For network layer protocols, only the IP protocol is supported. L3 protocols such as IPX
and AppleTalk are not supported.
4.3.2.3
Upper-Layer Protocol Software

This refers to the protocols on top of IP:
52
Supports TCP and UDP.
Supports unicast routing protocols including RIPv1/v2, OSPF, IS-IS and BGP.
4.3.3
Supports multicast routing protocols including IGMP, DVMRP, PIM-SM, PIM-DM

and MSDP.
Supports application protocols including TELNET, FTP, and TFTP.
Functional Modules Description

The software is divided into multiple functional modules as shown in Figure 28
Figure 28 Software functional modules of ZXR10 59/52 series
4.3.3.1
Real-Time Operating System ROS

The ROS is a multi-tasking real-time operating system which is the core of the switch
software architecture. It manages the whole hardware system of the switch on the
bottom layer while provides an integrated operation platform for the applications on the
upper layers.
Design Requirements
The design of ROS should meet the following requirements:
53
High reliability: Meeting the requirement for long-time stable running of the Internet
backbone network
Real-time: Meeting the requirement data synchronization between large-scale

dynamic routing protocols, NM protocols, and multiple processes
Self-healing: Capable of detecting, handling and recording the faults within the
whole system, and performing error recovery and equipment switch-over in the
event of failures
Maintainability: Capable of tracing and recording the utilization and scheduling of

core resources and system services
Simplicity: Providing necessary system services to application programs only, while

shielding unnecessary system services
Encapsulation: Capable of completely shielding hardware features, to make the

application layer independent of the hardware, completely encapsulating the core
resources and system services of the third-party real-time operating system
(VxWorks), and providing the applications of the processors with a unified and
portable software platform
General Design
Based on the VxWorks kernel, the software is designed to implement process

scheduling, process synchronization, memory management, and timing management
based on a single processor, while providing the core functions such as the
communication between the multiple processes of one CPU and that between those of
multiple CPUs, to provide the upper layer with stable, efficient and reliable system
services
Process Management
The process management sub-module provides the creation, scheduling, and interprocess synchronization of user processes by using task management interface offered
by the VxWorks kernel. As this system has only a small number of user processes, the
kernel is used to perform task-level encapsulation of all user processes, and to
implement creation, synchronization and scheduling of user processes. Dynamic
creation of user processes is not supported, and private processes not registered in this
module cannot use the timer management of this module and the communication
module. Instead, they are scheduled directly by the Kennel, and the communications
between the processes are managed by themselves via the messaging mechanism
offered by the kernel.
Based on the location of the destination process, process communication may be the
communication between the processes of one CPU or between different CPUs. Process
communication is performed by using the messaging mechanism provided by the kernel.
Process communication between different CPUs is performed via 100M Ethernet
interfaces between the system boards. Inter-board communication is based on TCP
connections.
Process
communication
implements
priority-based
message
communication. This module provides four priorities, the message processing of which is
performed by using the existing algorithms of the ROS (message queue is divided into
54
four priority classes, and messages of different priorities are accepted and rejected
based on the depth of the message queues dynamically monitored), and different
algorithms (for example, strict priority, weighted round robin, etc.) are used for the
implementation.
The process communication sub-module can also implement process communication,
both intra-processor and inter-processor, through asynchronized messages. Two
suspension mechanisms are provided for the sending of messages: Timeout suspension
and no suspension.
Timer and Clock Management
Every process can be set with multiple timers for triggering timing service and timeout
processing. There are relative timers and absolute timers. Relative timers include singletime and cyclic timers according to the times of activation. Depending on whether the
period of the timer is configurable, there are named timers and nameless timers. A
named timer is a timer whose period can be modified on-line by using OAM
configuration. In addition, ROS also supports timers with random delay.
Timers are handled in a way that they are appended to the queue when they expire. The
timing period actually used is divided into segments, and the timer control module
describes the appropriate queue indexes. Therefore, the inserted delay is basically
constant, and it is not necessary to find the insertion position in the timer queue every
time when a new timer is set, since it can be simply appended to the tail of the queue.
However, or timers longer than 999.9S and absolute timers are still managed in the old
way that is based on a single queue.
Memory Management
The buffer is an important resource of the system. To efficiently use limited memory
resource and minimize memory fragments, requests from the application layers for the
buffer are handled differently in the design of the module. When the needed buffer is
greater than 8192 minus the memory block of the description header information of the
buffer, one buffer will be obtained from buffer areas of 64, 128, 256, 512, 1024, 2048,
4096, and 8192 specified by the ROS. Other needs for large memory obtain the buffer
areas by using the heap management module of the ROS. The buffer areas of each size
are managed in a queue, with the function interface for request and return provided. The
buffer queue is a simple cyclic queue. At request, one idle block is taken from the head
of the queue, and at return, the block is returned to the tail of the same queue. Since
every task of the system will request and return the buffer queue, mutual exclusion
control must be enforced. Every buffer has a memory control block (MCB), which
records the queue of that buffer and its occupation flag. At the request for a pointer and
return of a pointer, the MCB prevents invalid memory from being returned to the queue.
The MCB will check the simple memory access out-of-bound errors and perform
appropriate processing by invoking the specified hook program. In the debug version,
the boards with hardware MMU can monitor memory overrun by MMU.
In the module, heap management only performs simple encapsulation of the memory
management allocation function of the VxWorks. The heap space is determined during
execution. The space from the high-end of the physical memory to the highest end
occupied by the system with the specified memory block space excluded is created as a
separate MEM area of the VxWorks for heap management. Similarly, memory allocation
and release of the heap are subjected to measurement and memory out-of-bound check.
System Control
55
The functions of the system control module are:
Starts the processes in the specified order
Maintains the chassis diagram, which collects and updates running status
information of the switch chassis during its operation, including port status etc.,
and takes appropriate actions when the port is Up/Down
Starts scheduling fixed timer after receiving notification from system process
management module. After the system control process receives notification
from the scheduled timer it displays the result on the user interface, and stops
timer scheduling when the synchronization in finished, and displays welcome
information.
Starts multiple timers of different periods to perform the following functions:
Process monitoring: The system control process starts timer to monitor the
status of all the processes at regular intervals. When any process is suspended,
the system will print prompt message in Debug version, while the system will
reset the board in Release version.
Clearing the Watchdog: The Watchdog is added to avoid the faults that may
occur during the running of the board. The software can set the WDG_TIME. If
the watchdog is not cleared in this period, the watchdog will reset the
equipment. The watchdog is cleared by the system control process. If the
system control process fails to clear the watchdog within WDG_TIME due to
reasons such as suspension, the equipment will be reset.
System running indicator/panel indicator control: The system running

indicator indicates the current running status of the system, and the panel
indicator indicates the running status of the boards. The system control
process invokes the panel indicator driver function provided by the BSP to
periodically turn on and off the running indicator and other alarm control and
port status indicators.
Providing statistics: It is to provide statistics of the resources and the running

status of the processes in the system. The statistics covers the size of the
memory, memory utilization, CPU utilization, system running time, and the
processes encapsulated by the ROS. The parameters about the processes
include stack size, scheduling times, CPU occupation time, seizure times, and
the information about the process synchronous/asynchronous message
queues.
Software Upgrade
First, the upgrade software is obtained from a specified FTP server from the network and
then stored in the FLASH. The local file system is a DOS-type file system. After the
software has been verified as valid, the compressed software file is decompressed, and
then stored in the RADDISK. Version upgrade is simple, thus remote version upgrade
can be done easily.
56
4.3.3.2
SSP Switching Sub-system

The target of the SSP switching subsystem is the Ethernet switching chipset in the
system. Its major functions are to initialize the hardware, collect configuration, collect
status and statistics information, and exchange packets between the CPU and the
switch chipset. The functions it performs can be generally categorized into the following
parts:
Low-level I/O operations, including reading/writing registers directly/indirectly, and

reading and writing of memory
Hardware initialization
DMA operations, and packets exchange between the CPU and the switch chip
Port operations, including port configuration, port mirroring, port TRUNK, port rate
shaping, BC/MC/DLF rate limiting, and port blocking etc.
VLAN operations, including addition, deletion, and update of VLANs
L2 MAC table operations, including addition, deletion and aging of MAC tables
L3 route operations, including configuration and removal of the exact-path-match

forwarding table, addition and deletion of longest-prefix-match table
ACL configuration, working together to implement certain QoS functions
COS, and DSCP, working together to implement certain QoS functions
Spanning Tree configurations
LED operations
MIB statistics
The forwarding core of the Ethernet routing switch is the ASIC chip. For ZXR10 59/52,
L2/3 services, ACL and QoS are performed by the ASIC chip with the correct setting by
the SSP subsystem. The SSP ensures that the system data are forwarded appropriately
and correctly by properly setting the hardware attributes of the Ethernet chip, which is
the key of the system software of the ZXR10 59/52.
4.3.3.3
Software Forwarding Support Subsystem

As a conversion bridge, the software forwarding support subsystem converts forwarding
tables, rule tables and policy tables generated by the protocols as required by the SSP,
and add, deletes or updates these tables. It also needs to process the data that the
Ethernet packet processor cannot process, for example, IP packets with options and IP
header errors. In multicast forwarding, the IP forwarding support module collects
multicast forwarding data, and provides them to the multicast routing protocol for
processing.
57
In broadband access applications, the software forwarding support subsystem performs

user authentication, detection, management and billing, and at the same time maintains
user access control information of the Ethernet ASIC chip.
4.3.3.4
IP Support Protocol Sub-System

It consists of the following sub-modules.
IP basic protocol module
This module includes IP/ICMP/ARP protocol processing and routing table management.
The IP protocol part transfers IP packets over the network layer, while providing
functions such as error control, IP option, TOS, segment reassembly and security
service etc. The IP module provides local transfer and forwarding of IP packets, for
encapsulation and distribution for upper-layer protocols.
The ARP protocol part provides the mapping between IP addresses to MAC addresses.
ARP packets are directly encapsulated as link-layer frames (Ethernet frames in this
system), but they are closely combined with IP. With ARP mechanism, the MAC address
corresponding to an IP address can be obtained.
The ICMP protocol part provides control and error information transfer function. ICMP
packets are encapsulated as IP packets, which is tightly integrated with the IP layer. This
is a part that IP protocol must implement. It includes receiving ICMP error packets,
sending them to the appropriate network layer for processing, responding to ICMP
request packets, creating and sending ICMP packets under the request of the IP layer or
transmission layer.
The IP routing table management part performs operation and maintenance of the
routing table, providing interfaces to the routing protocol for creating, updating, and
deleting routing tables entries, and providing related interfaces for route hashing for
route search from the IP layer.
4.3.3.5
The TCP protocol processing module processes the TCP data from the IP basic
protocol module, sending the packets of the protocols such as TELNET and BGP to
the appropriate processing modules.
The UDP protocol processing module processes UDP data from IP, and forwards
data from protocols such as FTP, SNMP, and DHCP to appropriate processing
modules.
Unicast Routing Sub-System

As the source for the creation of unicast route forwarding table for ZXR10 59/52 series,
unicast routing protocol sub-system collect network topology information by interacting
with other routers in the network to create IP unicast routing table. In addition, it also
transfers routing table information to IP forwarding layer, so that ZXR10 59/52 series
products can provide unicast IP packet forwarding.
As Figure 29 shows, the unicast routing sub-system contains the following modules:
58
Figure 29 Functional Block Diagram of the Unicast Routing Protocol Subsystem
OSPF
Protocol
Module
BGP
Protocol
Module
RIP
Protocol
Module
IS-IS
Protocol
Module
Unicast Protocol Interaction Module
4.3.3.6
Multicast Routing Sub-System

IP multicast routing technology enables effective point-to-multipoint data transmission
over an IP network. IP multicast can effectively reduce network bandwidth and reduce
network load, therefore IP multicast routing technology has found wide applications in
many aspects such as resource discovery, multimedia conference, data replication, realtime data transmission, gaming and simulation. Multicast routing protocols can be
classified into intra-domain protocols and inter-domain protocols. Inter-domain protocols
include MBGP and MSDP, while intra-domain protocols include PIM-SM, PIM-DM, and
DVMRP. Intra-domain protocols can be further divided into two categories. One is sparse
multicast routing protocol, including PIM-SM. The other is dense multicast routing
protocols, including PIM-DM and DVMRP.
PIM-SM constructs a shared-tree for distributing multicast packets by using an explicit
join mechanism over a rendezvous point (RP). When certain conditions are met, the RP
can also switch over to the shortest path tree. In addition, PIM-SM is independent of
unicast routing protocol, since it performs RPF check by using unicast routing table,
rather than relying on a particular unicast routing protocol. PIM-SM is more suitable for a
wide-area multicast network where there are potential multicast group members at the
network end. In addition, PIM-SM allows the use of the SPT, so it reduces the network
delay as a result of rendezvous point used, and hence increases efficiency. Therefore,
PIM-SM is typically the best choice of the multicast routing protocol in a multicast
network domain.
Multicast Source Discovery Protocol (MSDP) module is based on TCP transmission
control protocol, to provide PIM-SM with other multicast source existence information
outside the PIM domain. The MSDP protocol is a mechanism that allows RPs in the
PIM-SM domains to share active source information. Each RP knows the receivers in its
own local domain. When a RP in a remote domain learn information about new active
source, they can send the information to the RPs in other domains. In this way, multicast
data packets can be forwarded between domains.
ZXR1059/52 series completely support PIM-SM and MSDP protocols, and can provide
complete multicast solutions.
4.3.3.7
Application Sub-System
The application subsystem corresponds to the three upper layers of the OSI reference
model. The applications include FTP, TFTP and TELNET, DHCP and NAT. In practice all
of them serve other software subsystems. FTP and TFTP serve the file system of the
59
router, and it can receive commands from the Operation & Maintenance subsystem.
Both FTP and TFTP supports server/client function. The server can receive the
connections from other clients and instructions and perform file transfer. The client
function allows the router system to communicate with the hosts (routers) with the server
function, for performing such tasks as software file transfer.
TELNET provides services for the Operation & Maintenance subsystem, to allow the
maintenance personnel of the router to manage the router via TELNET. Both TELNET
and FTP use primitives provided by the lower-layer TCP to receive and transmit packets.
TFTP uses the primitives provided by the lower-layer UDP to receive and transmit
packets.
4.3.3.8
Statistics and Alarm Subsystem

The statistics and alarm subsystem is also a function that the ZXR10 59/52 must provide.
This subsystem interacts with all other subsystems of the software. This system receives
statistics and alarm configuration information from management and maintenance
subsystem. All software subsystems send related statistics and alarm information to the
statistics and alarm subsystem, which performs appropriate operations according to the
configuration information of the statistics and alarm based on the alarm levels. For
example, it may write logs to store alarm information through file operation primitives
provided by ROS or notify the maintenance terminals to display the alarms, or send the
IP information of the alarms to the specified destination address via the IP route
subsystem. It stores the statistics and provides the interface by which the maintenance
and management subsystem can query it.
4.3.3.9
Security Subsystem
For protection from virus on the network, the ideal conditions would be that user-level
virus detection can be provided, so it is expected that the user can install patches and
anti-virus software. However, in many cases, users cannot accomplish this task, so the
switch is required to provide network-level virus detection and alarming.
In addition, the switch must enhance its protection against attacks from malicious users,
so as to avoid switch and network security breach. ZXR10 59/52 supports networkbased security protection mechanisms. Therefore, in our system, security detection
function is distributed among the modules, instead of providing a dedicated IDS module.
In ZXR10 59/52 series, the security subsystem performs the following functions:
60
Detects viruses that can cause network traffic surge such as SQL worm, code
red and Blast, and produces appropriate alarm or shuts down the user port
Prevents ARP Spoofing from users
MAC address flood protection, for which it limits the number of MAC addresses of
the ports
Setup broadcast packet threshold of the ports
Mixed ACL filtering of L2, L3, and L4
4.3.3.10
Route filtering
Disables ICMP redirection function and prevents the attackers from sending false
ICMP packets
Prevents DoS (Denial of Service) attacks
Maintenance and Management Subsystem

During the running of the routing switch, users must be able to monitor its running status
and that of the whole network in real time. Users also need to configure and manage the
router and the whole network, so an interface must be provided to allow the routing
switch and the user to interact. This interface must provide all the necessary functions
and is easy to operate. An industry-standard command line interface is used. The
command line interface supports user mode, privileged mode and configuration mode,
and enables users to configure the router and manage its faults.
The maintenance management subsystem receives user commands from Telnet,
compiles them and checks their validity, and then creates the execution ID based on the
compilation result, before sending them to the command execution sub-module for
execution. During the execution process, it will invoke services provided by the database
module to save the command configuration.
This maintenance and management subsystem is usually composed of the command
compilation module, command execution module and database.
4.3.3.11
SNMP Subsystem
The SNMP subsystem implements SNMP AGENT function, and supports all protocol
operations of SNMP agent specified in SNMP V1 /V2c/V3.
The protocol operations of SNMPv1 are:
get-request
get-next-request
get-response
set-request
trap
The protocol operations of SNMPv2 are:
get-request
get-next-request
get-bulk-request response
61
set-request
inform-request
snmpV2-trap
The Management Information Library (MIB) is described by SMIv1 and SMIv2. The MIB
consists of the following parts:
Management objects supported by the core router
Management objects of the routing protocol
Management objects of the network management protocol
Management objects of the TCP/IP support protocol
Management objects of the high-speed network interface
Management objects of important data and configuration parameters
Management objects compatible with SMIv1
System configuration parameters
Other protocol management objects
The related software subsystems are integrated with the related sub-agent functions.
4.3.3.12
Monitoring Subsystem
The monitoring subsystem of the ZXR10 59/52 implements on-line detection of the state
of the boards and ports. The on-line detection for a board can be categorized into the
following processes based on the loop detection functions provided by different chips of
the board:
Loop detection for internal data bus: it is mainly adopted to detect if the connection of
internal data bus in the system is normal.
62
Intra-chipset self-loop: it is mainly adopted to detect if a major chipset on the

board is working in the right way.
Line self-loop: it is mainly adopted to detect if the data transmission of the line
side is going smoothly.
Technical Specifications
The basic functions and specifications of ZXR10 59/52/59/52-FI L3 Intelligent Ethernet
switches are:
5.1
Physical Specifications
5.2
Size:
5952/5252 44(H)*442(W)*400(D)
5928/5928-PS/5228 44(H)*442(S)*360(D)
5928-FI/5228-FI 44(H)*442(W)*320(D)
5224 44(H)*442(W)*280(D)
Weight:
5952/5252 <12kg
5928/5228/5928-FI/5228-FI <8kg
5928-PS<9kg
5224 <6kg
Capacity
Slot Number:
ZXR10 5952/5252/5928/5928-PS /5228/5928-FI/5228-FI:
4 slots
Interface Modules:
1-port 10XGE interface (optical/XFP) 1-port 10XGEinterface (electrical/CX4)
5.3
Performance
Basic Performance
Switching Capability: 5952/5252: 320G
5928/5928-PS /5228/5928-FI/5228-FI: 240G.
63
64
5224: 240G
Packet Forwarding Rate (PPS): 5952/5252: 131M.
5928/5928-PS /5228/5928-FI/5228-FI: 95M.
5224: 36M
Size of Routing Table:
4K L3 routing information in 52 series switches.
Depth of MAC Address Table: 5952/5252/5928/5928-PS /5928-FI/5228/5228-FI:

16K.
5224: 8K
16 K L3 routing information in 59 series switches.
L2 Protocols
Support IEEE 802.3, IEEE 802.3u, IEEE 802.3z, IEEE 802.3ae, IEEE 802.3x
and IEEE 802.1p
Support IEEE 802.1d STP, IEEE802.1w RSTP, and IEEE802.1s MSTP

protocols
Support IEEE 802.3ad LACP link aggregation
Support IEEE802.1Q with 4094 VLANs
Support VLAN based upon port, protocol and subnet. Support PVLAN
Support dual VLAN labels (SVLAN or QinQ)
L3 Protocol
59/52 series switches support multiple routing protocols, such as RIP1/2, OSPF,
BGP, IS-IS, and VRRP.
Support Super VLAN
59/52 series switches support IPv6
Service Function
Multicast: 59 series support multiple multicast routing protocols, such as IGMP,

PIM-DM/SM, MSDP, and MBGP.
52 series switches support IGMP multicast routing protocol.
Bandwidth Control: Bandwidth control can be realized based on port,

implementation and traffic. The controlled granularity is 64K.
Authentication: Support 802.1x and RADIUS Client functions.
5.4
DHCP: Support DGCP Relay and DHCP Server functions.
POE: 5928-PS supports POE, IEEE 802.3af, power <30W every port. Max
support port number 24. The whole support power 820W
QOS Function
Support 8 priority queues
Support L2-based priority queue
Support traffic control on the basis of the source and destination of L2, L3 and
L4.
Support L4-based implementation traffic control
Equipment Management and Maintenance
Support SNMP MIB, MIB II (RFC 1213)
Support RMONV1/V2/V3
Support port mirroring image: Mirroring image consists of control module,

attribute port and special slot
Support Console/Telnet/SSH management
Power Supply Specification

AC: 100V~240V, 50Hz ~60Hz
DC: -57V~-40V
Total power consumption of 5952/5252 in the condition of full load< 150W
Total power consumption of 5928/5228 in the condition of full load <100 W
Total power consumption of 5928-PS in the condition of full load <820 W
Total power consumption of5928-FI/5228-FI in the condition of full load < 100W
Total power consumption of5224in the condition of full load < 80W
5.5
Working Environment
Working Temperature: -5 ~+45
Storage temperature: -40 ~+70
Relative Working Humidity: 5%~95%, non-condensing
65
5.6
Reliability
MTBF: >100000 hours
MTTR: <30 minutes
ZXR10 59/52-FI supports extra 12V DC power supply for redundant backup.
66
Typical Networking
Implementations in the Access Layer of MAN:
ZXR10 59/52 L3 intelligent Ethernet switch is suitable for the access layer of MAN
running as community switch. In such circumstance, 59/52 series switches in the access
layer connecting with users directly provide rich bandwidth and access management as
shown in Figure 30.
Figure 30 Implementation in MAN
67
The Type and Specification of Cable and

Fiber
7.1
Model and Specification of Cable

Table 7
7.2
Models and Specifications of Cable
Cable
Model
Maximum
Length
Connector
10BASE-T
3,4,5-class 100UTP
200 m
RJ-45
100BASETX
5-class -100UTP
100 m
RJ-45
100BASEFX
50/125 or
2 km
SC
100BASEFX
9/125 micron core SMF
15 km
SC
100BASEFX
9/125 micron core SMF
40 km
SC
1000BASESX
50/125 or 62.5/125 micron core MMF
Please refer
to Table 4
LC
1000BASELX
9/125 micron SMF
5 km
LC
1000BASET
5-class enhanced 5-class 100 UTP
100 m
RJ-45
62.5/125 micron core(MMF)
Model and Specification of Fiber

Table 8
Specifications of 1000BASE-SX Fiber
Fiber Diameter
62.5/125 micron MMF
50/125 micron MMF
68
Fiber Bandwidth
Maximum Fiber Length
160 MHz/km
220 m
200 MHz/km
275 m
400 MHz/km
500 m
500 MHz/km
550 m
Acronyms and Abbreviations

Table 9
Acronyms and Abbreviations
Abbreviations
Full Characteristics
GSM
Global System for Mobile communications
EDGE
Enhanced Data rates for GSM Evolution
WCDMA
Wideband Code Division Multiple Access
CN
Core Network
GERAN
GSM Edge Radio Access Network
UTRAN
UMTS Terrestrial Radio Access Network
MS/UE
Mobile Station/User Equipment
BSC
Base Station Controller
RNC
Radio Network Controller
BTS
Base Transceiver Station
SDR
Software Defined Radio
CDMA2000
Code Division Multiple Access 2000
WiMAX
Worldwide Interoperability for Microwave Access
MicroTCA
Micro Telecommunications Computing Architecture
eEDGE
Enhanced EDGE
HSPA+
High Speed Packet Access Plus
GE
Gigabit Ethernet
SDH
Synchronous Digital Hierarchy
CAPEX
Capital Expenditure
OPEX
Operational Expenditure
RF
Radio Frequency
LTE
Long Term Evolution
CPRI
Common Public Radio Interface
BBU
Base Band processing Unit
RRU
Remote Radio Unit
FP
Frame Protocol
ATM
Asynchronous Transfer Mode
DTX
Discontinuous transmission
TA
Time Advance
BCCH
Broadcast Control Channel
I/Q
In-phase / Quadrature
FR
Full Rate
EFR
Enhanced Full Rate
HR
Half Rate
AMR
Adaptive Multi Rate
69
70
Abbreviations
RTT
Round Trip Time
GPS
Global Positioning System
AGPS
Assisted GPS
CS
Circuit Switch
PS
Packet Switch
UL
Up Link
DL
Down Link
R99
WCDMA Release 99
R4
WCDMA Release 4
R5
WCDMA Release 5
R6
WCDMA Release 6
R7
WCDMA Release 7
PtP
Point to Point
PtM
Point to Multi-point
64QAM
64 grade Amplitude Modulation
MIMO
Multi Input Multi Output
CC
Control & Clock module
FS
Fabric Switch module
UBPG
Universal Base band Processing for GSM
BPC
Base band Processing type C for WCDMA
SA
Site Alarm module
PM
Power Module
FAM
Fan Module
BB
Base Band
USB
Universal Serial Bus
BITS
Building Integrated Timing Supply
3GPP
3 Generation Partnership Project
NBAP
Node B Application Part
CS
Carrier Sector
CE
Channel Element
TNS
Transport Network Sub-system
RCS
Radio Control Sub-system
DBS
Data Base Sub-system
BBS
Base Band Sub-system
BRS
Barrier Sub-system
BRACS
Barrier Access Control Sub-system
OAM
Operating And Maintenance
LMT
Local Maintenance Terminal
OSS
Operation Support Sub-system
rd
Abbreviations
VxWorks
Winder River provided OS
BSP
Board Support Package
SCS
System Control Sub-system
NOP
Network Optimization & Planning
MTBF
Mean Time Between Failures
MTTR
Mean Time To Recovery
NM
NetNumen
CORBA
Common Object Request Broker Architecture
SNMP
Simple Network Management Protocol
NMS
Network Management System
71

ZXR10 5900&5200 Series - Product Description

Uploaded by

Copyright:

Available Formats

ZXR10 5900&5200 Series - Product Description

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

ZXR10 5900&5200 Series - Product Description

Uploaded by

Copyright:

Available Formats

ZXR10 5900 5200 Product

Downloaded from www.Manualslib.com manuals search engine

Downloaded from www.Manualslib.com manuals search engine

ZXR10 5900 5200 Product Description

ZXR10 5900 5200 Product Description

Not open to the Third Party

2010 ZTE Corporation. All rights reserved.

ZTE Confidential Proprietary

Downloaded from www.Manualslib.com manuals search engine

2010 ZTE Corporation. All rights reserved.

ZXR10 5900 5200 Product Description

System Architecture ............................................................................................. 42

2010 ZTE Corporation. All rights reserved.

Downloaded from www.Manualslib.com manuals search engine

ZTE Confidential Proprietary

ZXR10 5900 5200 Product Description

Technical Specifications ...................................................................................... 63

Typical Networking ............................................................................................... 67

The Type and Specification of Cable and Fiber .................................................. 68

Acronyms and Abbreviations ..............................................................................69

ZTE Confidential Proprietary

Downloaded from www.Manualslib.com manuals search engine

2010 ZTE Corporation. All rights reserved.

ZXR10 5900 5200 Product Description

User VLAN Tag Message ...........................................................................................7

Basic features of ZXR10 59/52 intelligent secure Ethernet Switch ..............................2

2010 ZTE Corporation. All rights reserved.

Downloaded from www.Manualslib.com manuals search engine

ZTE Confidential Proprietary

ZXR10 5900 5200 Product Description

Wire-Speed Forwarding and Filtering

Various Protocols Support

ZTE Confidential Proprietary

Downloaded from www.Manualslib.com manuals search engine

2010ZTE Corporation. All rights reserved.

ZXR10 5900 5200 Product Description

Open System Architecture, Superior Upgrade Capability

With superior upgrade capability, open system architecture is used to protect

Wire-Speed Forwarding and Filtering

Rich Network Protocol Supports

Open System Architecture, Superior Upgrade Capability

With superior upgrade capability, open system architecture is used to protect

Basic features of ZXR10 59/52 intelligent secure Ethernet Switch

Switching capacity: 5952/5252: 320G 5928/5928PS/5228/5928-FI/5228-FI/5224: 240G

2010 ZTE Corporation. All rights reserved.

Downloaded from www.Manualslib.com manuals search engine

ZTE Confidential Proprietary

ZXR10 5900 5200 Product Description

Support IEEE 802.3, IEEE 802.3u, IEEE 802.3z, IEEE

59-series support RIP1/2, OSPF, BGP, IS-IS, VRRP routing

Multicast: 59 series supports multicast routing protocols such

Support eight priority queues

Support super expansion stacking (SES) with maximum

1-port 10XGE interface(optical/XFP) 1-port 10XGE

Support SNMP MIB, MIB II (RFC 1213)

Power supply (AC): 100V~240V, 50Hz ~60Hz

ZTE Confidential Proprietary

Downloaded from www.Manualslib.com manuals search engine

2010ZTE Corporation. All rights reserved.

ZXR10 5900 5200 Product Description