S5300V1R5C03 Product Description PDF

Quidway S5300 Series Ethernet Switches
V100R005C03
Product Description
Issue 01
Date 2010-10-21
HUAWEI TECHNOLOGIES CO., LTD.

Copyright © Huawei Technologies Co., Ltd. 2010. All rights reserved.
No part of this document may be reproduced or transmitted in any form or by any means without prior
written consent of Huawei Technologies Co., Ltd.
Trademarks and Permissions
and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.
All other trademarks and trade names mentioned in this document are the property of their respective
holders.
Notice
The purchased products, services and features are stipulated by the contract made between Huawei and
the customer. All or part of the products, services and features described in this document may not be
within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements,
information, and recommendations in this document are provided "AS IS" without warranties, guarantees or
representations of any kind, either express or implied.
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute the warranty of any kind, express or implied.
Huawei Technologies Co., Ltd.

Address: Huawei Industrial Base
Bantian, Longgang
Shenzhen 518129
People's Republic of China
Website: http://www.huawei.com
Email: support@huawei.com
Huawei Proprietary and Confidential

Issue 01 (2010-10-21) i
Copyright © Huawei Technologies Co., Ltd.
Product Description About This Document
About This Document
Intended Audience
This document describes the positioning, characteristics, architecture, link features, service
features, application scenarios, operation and maintenance functions, and technical
specifications of the Ethernet Switches .
This document helps you understand the characteristics and features of the Ethernet
Switches .
This document is intended for:
Network planning engineers
Hardware installation engineers
Commissioning engineers
Data configuration engineers
On-site maintenance engineers
Network monitoring engineers
System maintenance engineers
Symbol Conventions
The symbols that may be found in this document are defined as follows.
Symbol Description
Indicates a hazard with a high level of risk, which if not
avoided, will result in death or serious injuries.
Indicates a hazard with a medium or low level of risk,

which if not avoided, could result in minor or moderate
injuries.
Indicates a potentially hazardous situation that, if not
avoided, could cause device damage, data loss, and
performance degradation, or unexpected results.
Indicates a tip that may help you solve a problem or save
you time.
Issue 01 (2010-10-21) Huawei Proprietary and Confidential iii

About This Document Product Description
Symbol Description
Provides additional information to emphasize or
supplement important points of the main text.
Command Conventions
Convention Description
Boldface The keywords of a command line are in boldface.

Italic Command arguments are in italic.
[] Items (keywords or arguments) in square brackets [ ] are
optional.
{ x | y | ... } Alternative items are grouped in braces and separated by
vertical bars. One is selected.
[ x | y | ... ] Optional items are grouped in brackets and separated by
vertical bars. One item is selected or no item is selected.
{ x | y | ... } * Alternative items are grouped in braces and separated by
vertical bars. A minimum of one or a maximum of all can be
selected.
[ x | y | ... ] * Optional items are grouped in brackets and separated by
vertical bars. Several items or no item can be selected.
Update History
Updates between document issues are cumulative. Therefore, the latest document version
contains all updates made to previous versions.
Updates in Issue 01 (2010-10-21)

Initial commercial release.
iv Huawei Proprietary and Confidential Issue 01 (2010-10-21)

Product Description Contents
Contents
About This Document ................................................................................................................... iii

1 Product Positioning and Characteristics................................................................................1-1
1.1 Product Positioning ....................................................................................................................................... 1-1
1.2 Product Characteristics .................................................................................................................................. 1-1
1.2.1 Carrier-Class Maintainability ............................................................................................................... 1-2
1.2.2 Powerful Multi-service Access Capabilities ........................................................................................ 1-2
1.2.3 Flexible Networking Capability ........................................................................................................... 1-2
1.2.4 Network-Level QoS Guarantee ............................................................................................................ 1-3
1.2.5 High Extensibility ................................................................................................................................ 1-3
1.2.6 Comprehensive Security Measures ...................................................................................................... 1-3
1.2.7 Convenient Operation and Maintenance .............................................................................................. 1-3
1.2.8 Energy-Saving Design ......................................................................................................................... 1-4
1.2.9 Advanced Lightning Protection Technologies ..................................................................................... 1-4
1.2.10 Convenient PoE Power Supply .......................................................................................................... 1-4
1.2.11 Carrier-Class Warranty ....................................................................................................................... 1-4
2 Product Architecture ..................................................................................................................2-1

2.1 Introduction ................................................................................................................................................... 2-1
2.2 Device Architecture ....................................................................................................................................... 2-1
2.3 Hardware Modules ........................................................................................................................................ 2-7
2.3.1 SCU...................................................................................................................................................... 2-7
2.3.2 Power Supply ....................................................................................................................................... 2-8
2.3.3 Fan ....................................................................................................................................................... 2-8
2.3.4 Interface Card....................................................................................................................................... 2-8
2.4 Software Architecture.................................................................................................................................... 2-8
3 Link Features ...............................................................................................................................3-1

3.1 Ethernet Features ........................................................................................................................................... 3-1
3.1.1 Link Aggregation ................................................................................................................................. 3-1
3.1.2 Flow Control on an Interface ............................................................................................................... 3-2
3.1.3 VLAN .................................................................................................................................................. 3-2
3.1.4 QinQ .................................................................................................................................................... 3-4
3.2 STP/RSTP/MSTP.......................................................................................................................................... 3-5
3.2.1 STP and RSTP ..................................................................................................................................... 3-5
Issue 01 (2010-10-21) Huawei Proprietary and Confidential v

Contents Product Description
3.2.2 MSTP ................................................................................................................................................... 3-5

3.2.3 MSTP Protection .................................................................................................................................. 3-5
3.2.4 Partitioned STP and BPDU Tunnel ...................................................................................................... 3-6
3.3 RRPP ............................................................................................................................................................. 3-6
3.3.1 RRPP Ring Network Composition ....................................................................................................... 3-7
3.3.2 How Does RRPP Work ........................................................................................................................ 3-7
3.3.3 Various Topologies ............................................................................................................................... 3-7
3.4 Smart Link..................................................................................................................................................... 3-8
3.5 SEP ................................................................................................................................................................ 3-8
3.6 Interface Security .......................................................................................................................................... 3-9
3.7 Link Detection ............................................................................................................................................... 3-9
4 Service Features ..........................................................................................................................4-1

4.1 IPv4 Forwarding............................................................................................................................................ 4-1
4.1.1 IPv4 Features ....................................................................................................................................... 4-1
4.1.2 Unicast Routing Features ..................................................................................................................... 4-2
4.1.3 Multicast Routing Features .................................................................................................................. 4-2
4.2 IPv6 ............................................................................................................................................................... 4-2
4.3 Routing Protocol ........................................................................................................................................... 4-3
4.4 Multicast........................................................................................................................................................ 4-3
4.4.1 IGMP Snooping ................................................................................................................................... 4-3
4.4.2 IGMP Proxy ......................................................................................................................................... 4-4
4.4.3 Prompt Leave of Multicast Member Interfaces.................................................................................... 4-4
4.4.4 Multicast Traffic Control ..................................................................................................................... 4-4
4.4.5 Inter-VLAN Multicast Replication ...................................................................................................... 4-4
4.4.6 Controllable Multicast ......................................................................................................................... 4-4
4.5 QoS ............................................................................................................................................................... 4-4
4.5.1 Traffic Classification ............................................................................................................................ 4-5
4.5.2 Access Control and Re-marking .......................................................................................................... 4-5
4.5.3 Traffic Policing .................................................................................................................................... 4-5
4.5.4 Congestion Management...................................................................................................................... 4-6
4.5.5 Congestion Avoidance.......................................................................................................................... 4-6
4.5.6 Rate Limit on an Interface ................................................................................................................... 4-6
4.5.7 Two-Rate-Three-Color ......................................................................................................................... 4-7
4.5.8 Aggregate CAR .................................................................................................................................... 4-7
4.6 Security ......................................................................................................................................................... 4-7
4.6.1 Device Security .................................................................................................................................... 4-7
4.6.2 Service Security ................................................................................................................................... 4-8
4.6.3 Security Authentication ........................................................................................................................ 4-9
4.7 MAC-Forced Forwarding .............................................................................................................................. 4-9
4.8 DHCP .......................................................................................................................................................... 4-10
4.9 Network-Level HA...................................................................................................................................... 4-11
vi Huawei Proprietary and Confidential Issue 01 (2010-10-21)

Product Description Contents
4.9.1 MSTP Protective Switchover ............................................................................................................. 4-11

4.9.2 RRPP Rapid Protective Switchover ................................................................................................... 4-12
4.9.3 Smart Link Dual-Homing Protection ................................................................................................. 4-12
4.9.4 Ethernet OAM .................................................................................................................................... 4-12
4.10 LLDP ......................................................................................................................................................... 4-13
4.11 NQA .......................................................................................................................................................... 4-13
4.12 Cluster Management ................................................................................................................................. 4-13
4.13 Stacking ..................................................................................................................................................... 4-14
4.14 Web Server ................................................................................................................................................ 4-14
5 Networking and Applications .................................................................................................5-1

5.1 Application in a MAN ................................................................................................................................... 5-1
5.2 Multi-Topology Ring Network ...................................................................................................................... 5-2
5.3 VLAN Mapping ............................................................................................................................................ 5-3
5.4 Selective QinQ .............................................................................................................................................. 5-4
5.5 Application in IPTV Services ........................................................................................................................ 5-5
5.6 End-to-End QoS ............................................................................................................................................ 5-6
5.7 Partitioned STP at Access and Convergence Layers ..................................................................................... 5-7
5.8 Cluster Management ..................................................................................................................................... 5-8
6 Maintenance and Network Management System ...............................................................6-1

6.1 Maintenance and Management...................................................................................................................... 6-1
6.1.1 Various Configuration Methods ........................................................................................................... 6-1
6.1.2 Monitoring and Maintenance ............................................................................................................... 6-2
6.1.3 Diagnosis and Debugging .................................................................................................................... 6-2
6.1.4 Software Upgrade and In-Service Patching ......................................................................................... 6-3
6.1.5 Hardware Fault Handling ..................................................................................................................... 6-4
6.2 U2000 Network Management System .......................................................................................................... 6-4
6.2.1 Network Management Modes .............................................................................................................. 6-4
6.2.2 U2000................................................................................................................................................... 6-4
7 System Technical Specifications .............................................................................................7-1

7.1 Physical Specifications .................................................................................................................................. 7-1
7.2 Optical Module Attributes ............................................................................................................................. 7-3
7.3 System Configuration.................................................................................................................................... 7-5
7.4 List of Software Features .............................................................................................................................. 7-6
8 IEEE and IETF Comply Tables ................................................................................................8-1

8.1 IEEE Comply Table ...................................................................................................................................... 8-1
8.2 IETF Comply Table ....................................................................................................................................... 8-2
Issue 01 (2010-10-21) Huawei Proprietary and Confidential vii

Product Description Figures
Figures
Figure 2-1 Appearance of the S5328C-EI-24S ................................................................................................... 2-2
Figure 2-2 Appearances of the S5328C-EI ......................................................................................................... 2-2
Figure 2-3 Appearances of the S5328C-PWR-EI ............................................................................................... 2-2

Figure 2-4 Appearances of the S5328C-SI ......................................................................................................... 2-3
Figure 2-5 Appearances of the S5328C-PWR-SI ............................................................................................... 2-3
Figure 2-6 Appearances of the S5352C-EI ......................................................................................................... 2-3

Figure 2-7 Appearances of the S5352C-PWR-EI ............................................................................................... 2-4
Figure 2-8 Appearances of the S5352C-SI ......................................................................................................... 2-4
Figure 2-9 Appearances of the S5352C-PWR-SI ............................................................................................... 2-4

Figure 2-10 Appearance of the S5324TP-SI....................................................................................................... 2-5
Figure 2-11 Front view of the S5348TP-SI ........................................................................................................ 2-5
Figure 2-12 Back view of the S5348TP-PWR-SI............................................................................................... 2-5

Figure 2-13 Appearance of the S5324TP-PWR-SI ............................................................................................. 2-6
Figure 2-14 Appearance of the S5348TP-PWR-SI ............................................................................................. 2-6
Figure 2-15 Logical structure of hardware modules of the S5300 ..................................................................... 2-7
Figure 4-1 Connections at the access layer ...................................................................................................... 4-10
Figure 5-1 Application of the S5300 in a MAN ................................................................................................. 5-2
Figure 5-2 Application of the S5300 in a layered RRPP ring ............................................................................. 5-3
Figure 5-3 VLAN mapping networking ............................................................................................................. 5-4
Figure 5-4 Selective QinQ provided by the S5300 ............................................................................................. 5-5
Figure 5-5 Application of the S5300 in IPTV services ....................................................................................... 5-6

Figure 5-6 End-to-end QoS provided by the S5300 ........................................................................................... 5-7
Figure 5-7 Partitioned STP supported by the S5300 .......................................................................................... 5-8
Figure 5-8 Cluster management provided by the S5300 .................................................................................... 5-9
Issue 01 (2010-10-21) Huawei Proprietary and Confidential ix

Product Description Tables
Tables
Table 7-1 Physical specifications........................................................................................................................ 7-1
Table 7-2 Attributes of the ESFP (GE) optical module....................................................................................... 7-3
Table 7-3 Attributes of the ESFP (CWDM) optical module ............................................................................... 7-4
Table 7-4 Attributes of XFP optical module (10GE) .......................................................................................... 7-4
Table 7-5 Attributes of the SFP+ (10GE) optical module ................................................................................... 7-5
Table 7-6 System configuration .......................................................................................................................... 7-5

Table 7-7 List of software features ..................................................................................................................... 7-6
Issue 01 (2010-10-21) Huawei Proprietary and Confidential xi

Product Description 1 Product Positioning and Characteristics
1 Product Positioning and Characteristics
About This Chapter

1.1 Product Positioning
1.2 Product Characteristics
1.1 Product Positioning

The Quidway S5300 series Ethernet switches (hereinafter referred to as the S5300) provide
the access, aggregation, and data transport functions. They are developed by Huawei to meet
the requirements for reliable access and high-quality transmission of multiple services on the
metropolitan area network (MAN).
Positioned for the access layer or aggregation layer of the multi-service MAN, the S5300
provides large capacity, high port density, and cost-effective packet forwarding capabilities. In
addition, the S5300 provides multi-service access capabilities, excellent extensibility, quality
of service (QoS) guarantee, powerful multicast replication, and carrier-class security, and can
be used to build ring topologies of high reliability.
1.2 Product Characteristics

1.2.1 Carrier-Class Maintainability
1.2.2 Powerful Multi-service Access Capabilities
1.2.3 Flexible Networking Capability
1.2.4 Network-Level QoS Guarantee
1.2.5 High Extensibility
1.2.6 Comprehensive Security Measures
1.2.7 Convenient Operation and Maintenance
1.2.8 Energy-Saving Design
1.2.9 Advanced Lightning Protection Technologies
Issue 01 (2010-10-21) Huawei Proprietary and Confidential 1-1

1 Product Positioning and Characteristics Product Description
1.2.10 Convenient PoE Power Supply

1.2.11 Carrier-Class Warranty
1.2.1 Carrier-Class Maintainability

The carrier-class design of the S5300 is as follows:
− The fan modules and power supplies are field-replaceable, which facilitates
maintenance.
− The chassis is light and can be installed in a 600 mm deep cabinet conveniently.
The S5300 provides in-service patching and upgrading of the system software.
The S5300 supports the Rapid Ring Protection Protocol (RRPP), a fast protective
switchover mechanism, to implement fast switchover of services at the link level and
service level. This ensures carrier-class reliability.
1.2.2 Powerful Multi-service Access Capabilities

The S5300 is usually deployed on the access layer of the MAN to aggregate service traffic
from downstream devices such as the access media gateway (AMG), digital subscriber line
access multiplexer (DSLAM), and LAN switch (LSW) to upstream devices. It supports the
following services:
Voice services of the next generation network (NGN)
IPTV and video-on-demand (VoD) services
Broadband access services
The S5300 adopts the mature and economical IP core technology and the high-performance
Application Specific Integrated Circuit (ASIC) chip to provide a large switching capacity,
thus satisfying the requirements for low delay and high reliability of traditional
telecommunications services. In addition, the S5300 guarantees high bandwidth and supports
multi-service access by:
Adopting the Ethernet networking
Supporting multicast services
Providing QoS guarantee mechanisms and various protective switchover technologies
1.2.3 Flexible Networking Capability

The S5300 provides 10/100Base-TX Ethernet electrical interfaces and 1000Base-X Ethernet
optical interfacesThe S5300 provides 10M/100M Ethernet electrical interfaces, GE electrical
interfaces, and 100M/1000M Ethernet optical interfacesThe S5300 provides
10/100/1000Base-T Ethernet electrical interfaces, 1000Base-X Ethernet optical interfaces, and
10GE optical interfaces. It supports multiple interface types such as access, trunk, and hybrid.
The S5300 provides swappable Small Form-Factor Pluggable (SFP) optical modules for
optical fiber connections.For the 10GE optical fiber connections, the S-switch provides 10
Gigabit Small Form Factor Pluggable (XFP) and Small Form-Factor Pluggable Plus (SFP+)
optical modules. The length of optical fibers can be selected according to the transmission
distance.
The S5300 can be used to construct a tree, star, or ring Ethernet network. For the ring Ethernet,
the S5300 supports the Spanning Tree Protocol (STP) and RRPP to prevent loops and provide
rapid switchover.
1-2 Huawei Proprietary and Confidential Issue 01 (2010-10-21)

Product Description 1 Product Positioning and Characteristics
1.2.4 Network-Level QoS Guarantee

The S5300 provides comprehensive QoS mechanisms. It can intelligently identify services
and classify traffic according to Layer 2 to Layer 4 information in the Open System
Interconnection (OSI) model. Then, it provides various polices such as access traffic filter,
traffic policing, and queue scheduling to provide differentiated services.
1.2.5 High Extensibility

Based on the Huawei proprietary Versatile Routing Platform (VRP), the S5300 provides
high-speed switching and various service features by integrating network management
technologies.
The S5300 provides a versatile slot that supports various interface cards to meet the
requirements for service expansion.
1.2.6 Comprehensive Security Measures

The S5300 guarantees the security of network devices and data transmission. It provides the
following security measures to protect the network against attacks initiated by malicious
users:
Packet filtering based on MAC addresses
Various ACL policies
Mechanism of searching the forwarding table based on VLAN IDs and MAC addresses
Traffic suppression
Broadcast suppression on interfaces through specific commands based on the traffic rate
(in bps or pps) or bandwidth percentage.
In addition, the S5300 provides the following functions to ensure secure login of users:
Providing login passwords and password encryption for login users
Protecting commands through users levels and command levels
Locking the configuration terminal through a certain command to prevent illegal use of
the device
Displaying confirm or prompt information for important commands that affect system
performance
The S5300 provides the Automatic Laser Shutdown (ALS) function. That is, when the fiber is
broken, the S5300 stops transmitting laser. This protects users against the laser.
1.2.7 Convenient Operation and Maintenance

In addition to collecting traffic statistics based on interfaces and VLANs, the S5300 provides
fault detection and location tools such as ping and traceroute on an IP network. It can also
work with the Huawei U2000 network management system (NMS) to implement performance
monitoring, alarm report, and fast fault location.
Through the U2000, you can configure and manage the S5300, for example, manage
interfaces, VLANs, multicast services, software upgrading, and configuration files. The
U2000 supports various personalized configuration modes such as end-to-end configuration,
batch configuration, and configuration wizard. In addition, it provides default configuration
templates for management functions.

1 Product Positioning and Characteristics Product Description
The S5300 supports the Huawei Group Management Protocol (HGMP). Through HGMP, an
S5300 can manage multiple Layer 2 switches by automatically collecting topology
information and using a uniform management channel.
1.2.8 Energy-Saving Design

The S5300 adopts the following measures to save energy:
Low noise fans that can adjust the speed automatically are used, thus reducing noises in
the system and power consumption of fans
The chip switches to the power saving mode when no connected device is detected on a
service interface, that is, the interface is idle.
It uses highly-integrated and energy-saving chips produced through advanced processing
techniques. With the help of the intelligent device management system, the chips not
only improve system performance but also greatly reduce power consumption of the
entire system.
1.2.9 Advanced Lightning Protection Technologies

The S5300 adopts the Huawei patented lightning protection technologies, for example,
cabling without the cabling rack, to protect the equipment in atrocious environments. The
lightning protection technologies reduce the probability of damages caused by lightning and
increase the safety factor by 30 times, thus greatly improving the device reliability.
1.2.10 Convenient PoE Power Supply

The S5300 has the PoE function. It provides centralized power supply for the attached IP
phone, wireless access point (AP), portable device charger, POS machine, camera, and data
collector through twisted pairs.
The PoE function of the S5300 complies with IEEE 802.3af and IEEE 802.3at. The S5300
can provide power for the devices of different vendors remotely. In IEEE 802.3at, the
maximum power supply capability is 30 W. This capability ensures adequate power for IP
video phone, dualband WiFi AP, IP camera, multi-function STB11, and RFID and simplifies
the network.
The S5300 has the ability to control power supply based on time range, thus effectively
managing network devices, reducing power consumption, and lowering the OPEX.
1.2.11 Carrier-Class Warranty

The S5300 provides comprehensive Carrier-Class Warranty. This warranty grants the
replacement of any faulty element in the switch for the time period of 03 years.
The Carrier-Class Warranty of the S5300 also provides totally free of charge upgrade of the
Huawei proprietary Versatile Routing Platform (VRP) during the warranty.

Product Description 2 Product Architecture
2 Product Architecture
About This Chapter

2.1 Introduction
2.2 Device Architecture
2.3 Hardware Modules
2.4 Software Architecture
2.1 Introduction
The S5300 series adopt the integrated hardware platform and have the front-access structure.
The hardware consists of the 19-inch rack mountable chassis, power supply, fan, SCU, and
interface card for upstream services. The width of the S5300 complies with the industry
standards, and the S5300 can be installed in an IEC 297 cabinet or an ETSI cabinet. The
S5300 is always sold with all the cables and accessories needed to its installation on a 19-inch
cabinet.
The S5300 series include the S5300C and S5300TP. The S5300C switches include S5328C-EI,
S5328C-EI-24S, S5352C-EI, S5328C-PWR-EI, S5352C-PWR-EI, S5328C-SI, S5352C-SI,
S5328C-PWR-SI, and S5352C-PWR-SI. The S5300TP switches include S5324TP-SI,
S5348TP-SI, S5324TP-PWR-SI, and S5348TP-PWR-SI.
2.2 Device Architecture

When a 4-port GE SFP optical interface card or a 4-port 10GE SFP+ optical interface card is used,
an extend channel card is required.
A 2-port 10GE SFP+ optical interface card or a 2-port 10GE XFP optical interface card can be used
together with a stack card. A 4-port optical interface card or a 4-port 10GE SFP+ optical interface
card cannot be used together with a stack card. A 2-port (10GE SFP+ or 10GE XFP) optical interface
card and a 4-port (GE SFP or 10GE SFP+) optical interface card cannot be used together.
Appearance of the S5328C-EI-24S

Figure 2-1 shows the appearance of the S5328C-EI-24S.

2 Product Architecture Product Description
Figure 2-1 Appearance of the S5328C-EI-24S
The chassis of the S5328C-EI-24S is 1 U (1 U = 44.45 mm) high and its dimensions are 442.0
mm x 420.0 mm x 43.6 mm (width x depth x height).
The two power supplies are on the left-rear side of the chassis, and the fan is at the
middle-rear of the chassis.
The S5328C-EI-24S uses either an AC power supply or a DC power supply.
The SCU provides one console port, one MEth port, 24 100/1000BASE-X optical ports,
four 10/100/1000BASE-T combo ports (multiplexed with the last four 100/1000BASE-X
ports), a front card slot, and a rear card slot.
The front card slot supports the 2-port 10GE XFP optical interface card, 4-port GE SFP
optical interface card, 2-port 10GE SFP+ optical interface card, and 4-port 10GE SFP+
optical interface card. The rear card slot supports the extend channel card and stack card.
Appearances of the S5328C-EI and S5328C-PWR-EI

Figure 2-2 and Figure 2-3 shows the appearances of the S5328C-EI and S5328C-PWR-EI.
Figure 2-2 Appearances of the S5328C-EI
Figure 2-3 Appearances of the S5328C-PWR-EI
The chassis of the S5328C-EI and S5328C-PWR-EI is 1 U high and its dimensions are 442.0
The S5328C-EI uses either an AC power supply or a DC power supply.
The S5328C-PWR-EI uses the AC power supply.
The 24 downlink electrical ports of the S5328C-PWR-EI support PoE power supply.
Each port provides a maximum of 30 W power. The PoE power supply complies with the
IEEE 802.3at. The S5328C-PWR-EI can provide the maximum power for at most 12
ports.
The SCU provides one console port, one MEth port, twenty-four 10/100/1000BASE-T
ports, one front card slot, and one rear card slot.

optical interface card, and 4-port 10GE SFP+ optical interface card. The S5328C-EI
supports the 4-port 10GE SFP+ optical interface card in addition to the preceding
interface cards. The rear card slot supports the extend channel card and stack card.
Appearances of the S5328C-SI and S5328C-PWR-SI

Figure 2-4 and Figure 2-5 show the appearances of the S5328C-SI and S5328C-PWR-SI.
Figure 2-4 Appearances of the S5328C-SI
Figure 2-5 Appearances of the S5328C-PWR-SI
The chassis of the S5328C-SI or S5328C-PWR-SI is 1 U high and its dimensions are 442.0
The S5328C-SI uses either an AC power supply or a DC power supply.
The S5328C-PWR-SI uses the AC power supply.
The 24 downlink electrical ports of the S5328C-PWR-SI support PoE power supply.
IEEE 802.3at. The S5328C-PWR-SI can provide the maximum power for at most 12
ports.
ports, four 100/1000BASE-X combo ports (multiplexed with the last four
10/100/1000BASE-T ports), one front card slot, and one rear card slot.
Appearances of the S5352C-EI and S5352C-PWR-EI

Figure 2-6 and Figure 2-7 show the appearances of the S5352C-EI and S5352C-PWR-EI.
Figure 2-6 Appearances of the S5352C-EI

Figure 2-7 Appearances of the S5352C-PWR-EI
The chassis of the S5352C-EI or S5352C-PWR-EI is 1 U high and its dimensions are 442.0
The S5352C-EI uses either an AC power supply or a DC power supply.
The S5352C-PWR-EI uses the AC power supply.
The 48 downlink electrical ports of the S5352C-PWR-EI support PoE power supply.
IEEE 802.3at. The S5352C-PWR-EI can provide the maximum port for at most 24 ports.
The SCU provides one console port, one MEth port, fourty-eight 10/100/1000BASE-T
ports, one front card slot, and one rear card slot.
optical interface card, and 4-port 10GE SFP+ optical interface card. The rear card slot
supports the extend channel card and stack card.
Appearances of the S5352C-SI and S5352C-PWR-SI

Figure 2-8 and Figure 2-9 show the appearances of the S5352C-SI and S5352C-PWR-SI.
Figure 2-8 Appearances of the S5352C-SI
Figure 2-9 Appearances of the S5352C-PWR-SI
The chassis of the S5352C-SI or S5352C-PWR-SI is 1 U high and its dimensions are 442.0
The S5352C-SI uses either an AC power supply or a DC power supply.
The S5352C-PWR-SI uses the AC power supply.
The 48 downlink electrical ports of the S5352C-PWR-SI support PoE power supply.

IEEE 802.3at. The S5352C-PWR-SI can provide the maximum power for at most 24
ports.
The SCU provides one console port, one MEth port, fourty-eight 10/100/1000BASE-T
ports, one USB port, one front card slot, and one rear card slot.
Appearance of the S5324TP-SI

Figure 2-10 shows the appearance of the S5324TP-SI.
Figure 2-10 Appearance of the S5324TP-SI
The chassis of the S5324TP-SI is 1 U high and its dimensions are 442.0 mm x 220.0 mm x
43.6 mm (width x depth x height).
The S5324TP-SI uses an AC power supply or a DC power supply. It also supports the
RPS DC power supply.
10/100/1000BASE-T ports), and one USB port.
Appearance of the S5348TP-SI

Figure 2-11 and Figure 2-12 show the appearance of the S5348TP-SI.
Figure 2-11 Front view of the S5348TP-SI
Figure 2-12 Back view of the S5348TP-PWR-SI
The chassis of the S5348TP-SI is 1 U high and its dimensions are 442.0 mm x 420.0 mm x
43.6 mm (width x depth x height).
Double power supplies are at the left-rear side of the chassis; the fan is at the middle-rear of
the chassis; the RPS DC power supply is at the right-rear side of the chassis.

The S5348TP-SI uses an AC power supply or a DC power supply. It also supports the
RPS DC power supply.
The SCU provides one console port, one MEth port, forty-eight 10/100/1000BASE-T
Appearance of the S5324TP-PWR-SI

Figure 2-13 shows the appearance of the S5324TP-PWR-SI.
Figure 2-13 Appearance of the S5324TP-PWR-SI
The chassis of the S5324TP-PWR-SI is 1 U high and its dimensions are 442.0 mm x 420.0
mm x 43.6 mm (width x depth x height).
The S5324TP-PWR-SI uses the AC power supply.
The 24 downlink electrical ports of the S5324TP-PWR-SI support PoE power supply.
IEEE 802.3at. The S5324TP-PWR-SI can provide the maximum power for at most 12
ports.
Appearance of the S5348TP-PWR-SI

Figure 2-14 shows the appearance of the S5348TP-PWR-SI.
Figure 2-14 Appearance of the S5348TP-PWR-SI
The chassis of the S5348TP-PWR-SI is 1 U high and its dimensions are 442.0 mm x 420.0
mm x 43.6 mm (width x depth x height).
The S5348TP-PWR-SI uses the AC power supply.
The 48 downlink electrical ports of the S5348TP-PWR-SI support PoE power supply.
IEEE 802.3at. The S5348TP-PWR-SI can provide the maximum power for at most 12
ports.

The SCU provides one console port, one MEth port, forty-eight 10/100/1000BASE-T
2.3 Hardware Modules

Figure 2-15 shows the logical structure of hardware modules of the S5300.
Figure 2-15 Logical structure of hardware modules of the S5300
SCU
Control
Fiber/Cable
unit
Port ……
module
Switch
unit
Power
supply
Data bus Control bus
Hardware modules of the S5300 refer to the interface card, SCU, power supply, and fan.
2.3.1 SCU
2.3.2 Power Supply
2.3.3 Fan
2.3.4 Interface Card
2.3.1 SCU
The SCU is fixed on the S5300. Each S5300has one SCU.
The SCU is responsible for packet switching and device management. It integrates multiple
functional modules, namely, the main control module, switching module, and interface
module.
Main Control Module

The main control module implements the following functions:
Processing protocols

Functioning as an agent of the user to manage the system and monitor the system
performance according to instructions of the user, and report the running status of the
device to the user
Monitoring and maintaining the interface module and switching module on the SCU.
Switching Module
The switching module, also called the switching fabric, is responsible for packet exchange,
multicast replication, QoS scheduling, and access control on the interface module of the SCU.
The switching module adopts high performance ASIC chips to implement line-speed
forwarding and fast switching of data with different priorities.
Interface Module
The interface module provides Ethernet interfaces for accessing Ethernet services.
2.3.2 Power Supply

The S5300 can use either the DC power supply or the AC power supply. The S5328C-EI,
S5328C-EI-24S, S5352C-EI, S5324TP-PWR-SI, S5348TP-PWR-SI, S5328C-PWR-EI,
S5352C-PWR-EI, S5328C-SI, S5352C-SI, S5328C-PWR-SI, and S5352C-PWR-SI support
1:1 backup power supplies.
The S5300 of the PWR type supports only the AC power supply.
The S5324TP-SI and S5348TP-SI RPS DC power supply.
2.3.3 Fan
The fans forcibly cool the system.
The S5324TP-PWR-SI, S5348TP-PWR-SI, S5328C-SI, S5352C-SI, S5328C-PWR-SI,
S5352C-PWR-SI, S5328C-PWR-EI, S5352C-PWR-EI, S5328C-EI, S5352C-EI, and
S5328C-EI-24S support the hot pluggable fans. The fans can be replaced on site and
maintained in service.
2.3.4 Interface Card

The S5300C series switches support the interface card for upstream services. The interface
card improves the networking flexibility, and provides the cost-effective and personalized
solutions to customers.
The cards of the S5300C are not hot swappable.
2.4 Software Architecture

The S5300 runs on the latest VRP version 5 (VRPv5) to provide various features. VRPv5
consists of the following parts:
System service plane

This plane provides task and memory management, timer, software loading and patching
on the basis of the operating system. In addition, it enhances modular technology to
facilitate system upgrade and customization.
General control plane
This plane is the core of the VRP data communication platform, providing link
management, IP protocol stack, and routing protocol processing, and implementing the
security and QoS functions. It is used to control the data forwarding plane and
implement functions of the device.
Data forwarding plane
This plane forwards data under the control of the general control plane. The VRPv5
supports data forwarding based on software and hardware.
Service control plane
This plane controls and manages services based on users or interfaces. It implements the
authentication, authorization, and accounting for users through DHCP Option 82 and
implements authentication for access interfaces through IEEE 802.1x.
System management plane
This plane provides a graphic user interface and manages the input and output
information for network management and maintenance.

Product Description 3 Link Features
3 Link Features
About This Chapter

3.1 Ethernet Features
3.2 STP/RSTP/MSTP
3.3 RRPP
3.4 Smart Link
3.5 SEP
3.6 Interface Security
3.7 Link Detection
3.1 Ethernet Features

3.1.1 Link Aggregation
3.1.2 Flow Control on an Interface
3.1.3 VLAN
3.1.4 QinQ
3.1.1 Link Aggregation

Link aggregation is a function that binds multiple physical interfaces on one device or
multiple devices into a logical interface (such as an Eth-Trunk). This logical interface is also
called a load balancing group or a link aggregation group.
After multiple physical interfaces are bound into a logical interface, the S5300 load balances
the traffic passing through the logical interface among the member interfaces. When a
member interface fails, the traffic on this interface is shared by the other member interfaces
without interrupting services. When the faulty interface recovers, the traffic is balanced
among all interfaces again.
Currently, the S5300 supports the link aggregation feature defined in IEEE 802.3ad between
XGE interfaces, GE interfaces or FE interfaces. Through the link aggregation feature, it is
possible to create 20 aggregation groups, each of them containing up to 8 members.

3 Link Features Product Description
Load balancing can be implemented based on the following information:

Source MAC address
Destination MAC address
Source MAC address and destination MAC address
Source IP address
Destination IP address
Source IP address and destination IP address
Using the link aggregation technology, you can increase the bandwidth and improve link
reliability without upgrading the hardware, thus saving costs.
3.1.2 Flow Control on an Interface

Flow control on an interface is a method of congestion management. It applies to all types of
flows. The S5300 implements flow control on an interface by using the hardware
backpressure mechanism. When an interface works in full duplex mode, the S5300
implements flow control complying with IEEE 802.3x. When the interface works in half
duplex mode, the S5300 implements flow control through the backpressure mechanism. The
half or full duplex mode can be set manually or automatically.
When congestion occurs, the S5300 sends continuous Pause frames to the upstream device,
requesting it to stop sending data for a specified period of time. When the upstream device
receives the pause frames, it reduces the volume of traffic sent from its outbound interface.
Flow control on an interface does not identify flow types.
3.1.3 VLAN
A local area network (LAN) can be divided into several logical LANs. Each logical LAN is a
broadcast domain, which is called a virtual LAN (VLAN). To put it simply, devices on a LAN
are logically grouped into different LAN segments, irrespective of their physical locations. In
this manner, VLANs isolate broadcast domains on a LAN.
Methods to Define VLANs

A physical LAN can be divided into several VLANs, and several physical LANs can be
grouped into a VLAN. Devices on a VLAN belong to the same broadcast domain and can
communicate with each other. Different VLANs are isolated from each other, so devices on
different VLANs cannot communicate with each other.
The S5300 supports the following methods to define VLANs:
Based on interfaces
After an interface is added to a VLAN, packets received by the interface are sent on the
VLAN.
Based on MAC addresses
VLAN members are defined according to source MAC addresses of packets. When an
interface of the S5300 receives a packet, the S5300 determines the VLAN ID of the
packet according to the source MAC address of the packet and sends the packet on the
corresponding VLAN.
Based on protocols
The S5300 determines the VLAN ID of a received packet according to the protocol (or
protocol suite) and encapsulation format of the packet.

Based on IP subnets
VLAN members are defined according to the source IP addresses and the subnet masks
of packets. When an interface of the S5300 receives a packet, the S5300 determines the
VLAN ID of the packet according to the source IP address of the packet and sends the
packet on the corresponding VLAN.
Based on policies
VLAN members are defined according to the MAC+IP or MAC+IP+port binding policy.
When an interface of the S5300 receives a packet, the S5300 determines the VLAN ID
of the packet according to the binding policy and sends the packet on the corresponding
VLAN.
VLAN Aggregation
To implement communication between VLANs on the S5300, you need to configure VLANIF
interfaces and assign an IP address to each VLANIF interfaces. Therefore, this wastes IP
addresses when there are many VLANs. VLAN aggregation can solve this problem.
VLAN aggregation means that multiple VLANs are aggregated into a super-VLAN. The
VLANs that form the super-VLAN is called sub-VLANs.
MUX VLAN
The MUX VLAN function is used to isolate Layer 2 traffic between the interfaces of a VLAN.
For example, on an intranet, a user interface can communicate with a server interface, but the
user interfaces cannot communicate with each other.
This function involves a MUX VLAN and several subordinate VLANs. Subordinate VLANs
are classified into subordinate group VLANs and subordinate separate VLANs. Ports on
subordinate VLANs can communicate with ports on the MUX VLAN. Ports on a subordinate
group VLAN can communicate with each other but cannot communicate with ports on other
subordinate group VLANs. Ports on a subordinate separate VLAN cannot communicate with
each other.
DHCP Policy VLAN

After DHCP policy VLANs are configured on the S5300, VLANs are allocated to hosts
connected to interfaces of the S5300 based on IP addresses of hosts. When a host is connected
to an interface of the S5300, the host cannot be added to a VLAN because it has not obtained
a valid IP address. The DHCP policy VLAN function enables new hosts to obtain valid IP
addresses and be added to corresponding VLANs based on obtained IP addresses.
The S5300 supports the following DHCP policy VLAN functions:
Generic DHCP policy VLAN
DHCP policy VLAN based on MAC addresses
DHCP policy VLAN based on interfaces
Voice VLAN
A voice VLAN is used to transmit voice data flows. You can create a voice VLAN and add the
interface connected to the voice device to the voice VLAN. Then voice data flows can be
transmitted on the voice VLAN.

You can apply special QoS configuration to the voice data packets transmitted on the voice
VLAN so that voice data packets are transmitted with high priority. The quality of the voice
service is ensured.
VLAN Mapping
VLAN mapping means that the S5300 replaces the outer VLAN tags of data frames to the
specified VLAN tags according to the preset VLAN mapping table so that services are
transmitted according to the network planning of the carrier.
The S5300 supports the mapping from one or more customer VLAN IDs (C-VLANs) to a
service VLAN ID (S-VLAN).
C-VLAN is the VLAN that a user-side interface belongs to. It identifies a user or a type of users.
An S-VLAN is a VLAN defined on the public network by the carrier. The S-VLAN ID identifies a
service.
VLAN Switching
VLAN switching is a forwarding technology based on VLAN tags. A static forwarding path
must be configured on switching nodes on a network to implement VLAN switching. After
receiving packets from certain VLANs, a switch forwards them to corresponding interfaces
according to the VLAN switching table without searching the MAC address table. This
improves the forwarding efficiency and security, and prevents MAC address attacks and
broadcast storms.
The S5300 implements the following functions through VLAN switching:
Adding an outer VLAN tag to packets (stack-vlan)
Translating VLAN tags between interfaces (switch-vlan)
3.1.4 QinQ
The 802.1Q-in-802.1Q (QinQ) protocol is a Layer 2 tunneling protocol based on the IEEE
802.1Q. A frame transmitted on the public network has double 802.1Q tags. One tag identifies
the public network and the other identifies the private network.
Usually, carriers define VLANs on the public network, and users define VLANs on their own
private networks. Therefore, different private networks may use the same VLAN ID. Through
the QinQ function, the S5300 adds public VLAN tags to the packets from private networks.
Then the private VLAN tag becomes the inner VLAN tag. In this way, packets from user
networks are transmitted transparently on the public network, and thus user networks are
separated from the public network.
Currently, the S5300 supports basic QinQ and selective QinQ.
Basic QinQ
Basic QinQ is implemented based on interfaces. All the frames that reach the public
network through an interface are tagged with the same public VLAN ID.
Selective QinQ
Selective QinQ extends the basic QinQ function. It enables an interface to determine the
outer VLAN tag according to the private VLAN tag so that packets from different private
networks are transmitted through different paths. Thus different services can be
identified and service deployment is easier. For example, voice data packets from

different VLANs are tagged with the same outer tag to obtain the same QoS level;
common data services are tagged with another VLAN tag to obtain different QoS level.
3.2 STP/RSTP/MSTP
3.2.1 STP and RSTP
3.2.2 MSTP
3.2.3 MSTP Protection
3.2.4 Partitioned STP and BPDU Tunnel
3.2.1 STP and RSTP

The Spanning Tree Protocol (STP) and the Rapid Spanning Tree Protocol (RSTP) are
link-layer management protocols and are mainly applied to LANs to prevent loops. STP
blocks redundant links and trims a network into a tree topology free from loops. RSTP
enhances STP. It provides fast transition of interfaces status to speed up network convergence.
STP and RSTP prevent broadcast storms caused by loops and provides backup links for data
forwarding.
3.2.2 MSTP
The Multiple Spanning Tree Protocol (MSTP) is developed based on STP and RSTP. MSTP
divides a network into multiple regions. Based on VLAN tags, each region has several
spanning trees that are independent of each other. As a result, the entire network is trimmed to
a tree topology that is free from loops. Broadcast storms are thus prevented on the network.
MSTP associates VLANs with spanning trees so that packets of different VLANs are
transmitted along different spanning trees. This speeds up network convergence and
implements load balancing.
Different from STP and RSTP, MSTP provides multiple backup links to implement load
balancing among VLANs.
3.2.3 MSTP Protection

BPDU Protection
The S5300 provides Bridge Protocol Data Unit (BPDU) protection when MSTP is enabled.
When BPDU protection is enabled, the S5300 shuts down the edge port that receives a
protocol BPDU instead of turning the edge port into a non-edge port. In this case, the
spanning tree is not recalculated, and thus network flapping is prevented.
Root Protection
The S5300 provides root protection when MSTP is enabled. It retains the role of the root
switch by maintaining the role of the designated port as follows:
When the designated port enabled with root protection receives a BPDU of higher priority, the
port does not change to a non-designated port. Instead, it turns to the Listening state and stops
forwarding packets. If the port does not receive protocol BPDUs of higher priority for a long
time, it restores the Forwarding state. This prevents network flapping.

Loop Protection
After loop protection is enabled on the S5300, it sets the root port to the Blocking state if the
root port does not receive protocol BPDUs from the upstream device. If the port receives
protocol BPDUs again, it becomes the root port and changes to the Forwarding state. If no
protocol BPDU is received, the port remains in the Blocking state and does not forward
packets. In this way, loops are prevented on the network.
3.2.4 Partitioned STP and BPDU Tunnel

Partitioned STP
To improve the reliability of links on the MAN, the S5300 can be dual-homed to the upstream
Ethernet. In addition, MSTP needs to run on the user network, MAN, and upstream network
to prevent loops. The traditional MSTP networks are not divided. In this case, the
convergence speed of an MSTP network is low because the network is large. As a result, the
forwarding capability of the network is degraded.
By using the partitioned STP technology, the S5300 logically allocates a VLAN for each
partitioned STP network. Thus the entire MSTP network is divided into three partitioned STP
networks on the basis of user network, MAN, and upstream network. The tagged BPDUs can
be forwarded only within the VLAN that the tag belongs to. Partitioned STP allows BPDUs to
be transmitted within a certain range. This prevents loops and speeds up convergence.
BPDU Tunnel
On a partitioned STP network, the S5300 considers the tagged BPDUs as common Layer 2
frames. That is, the S5300 forwards the BPDUs within the VLAN to which the tag belongs
rather than sending them to the MSTP module. After the BPDU tunnel is configured, the
devices on the MAN do not participate in the topology calculation of the partitioned STP
network. Thus, the convergence speed of the network is improved.
To implement the BPDU tunnel function, the access device at the edge of the MAN must be
configured with MSTP Snooping. If the forwarding path is changed because of the topology
change on the partitioned STP network, the device can detect the topology change, and then
notify other devices on the network of the topology change. In this way, the packets are
forwarded according to the new topology.
3.3 RRPP
The Rapid Ring Protection Protocol (RRPP) is a link layer protocol applied to the Ethernet
ring. It can prevent the broadcast storm caused by the loops in the Ethernet ring. The topology
convergence speed on the network running RRPP is much faster than that on the network
running other protocols such as STP. This is because the RRPP packets are forwarded through
hardware.
In addition, the RRPP ring supports link bundle, which is widely used on the high-bandwidth
ring networks.
3.3.1 RRPP Ring Network Composition
3.3.2 How Does RRPP Work
3.3.3 Various Topologies

3.3.1 RRPP Ring Network Composition

An RRPP domain consists of a group of S5300s with the same domain ID and control VLAN
ID. An RRPP domain consists of the following elements:
A physical RRPP ring maps a ring-shaped Ethernet topology. An RRPP domain is
composed of multiple rings connected with each other. One of them is the primary ring
and the others are subrings.
An RRPP domain can be configured with a main control VLAN and a sub control VLAN.
The main control VLAN transmits packets of the primary ring; the sub control VLAN
transmits packets of subrings.
A control VLAN transmits only RRPP packets; a data VLAN transmits only data
packets.
The master node initiates the polling and determines how to handle topology changes.
The transit node monitors the status of its directly connected RRPP links. When the link
status changes, the transit node notifies the master node. The master node then decides
how to handle the change.
3.3.2 How Does RRPP Work

The master node on a ring has a primary interface and a secondary interface. The primary
interface on the master node periodically transmits hello messages. If the secondary interface
on the master node receives the hello messages, it indicates that the path is a closed ring, and
the master node blocks the secondary interface. This prevents loops on the network.
If the secondary interface on the master node fails to receive a hello message in a certain
period, it indicates that the link on the ring is faulty, and the master node opens the secondary
interface.
3.3.3 Various Topologies

Single RRPP Ring
There is only one Ethernet ring on a network and only one RRPP domain exists. In this case,
the network can respond to topology changes quickly. The fast convergence of the RRPP ring
is thus performed and Layer 2 and Layer 3 services can be quickly switched.
Tangent RRPP Rings

There are two or more Ethernet rings on a network and only one public node exits between
each pair of rings. The rings belong to different RRPP domains.
This networking is suitable for large-scale networks that need to be managed in different
domains. When one ring is faulty or recovers, other domains are not affected. The
convergence process of the RRPP ring in the local domain is the same as the convergence
process of a sing RRPP ring.
Intersecting RRPP Rings

There are two or more Ethernet rings on a network and two public nodes exit between each
pair of rings. The rings belong to the same RRPP domain. One ring is the primary ring, and
the others are the subrings.

The protocol packets on a subring are transmitted through the channel between the two
interfaces connecting the primary ring and the subring. The primary ring can be considered as
a node on the subring. This networking is applicable to the convergence of a dual-homing
network. Through this networking, the upstream links are backed up.
Connecting RRPP Network with Other Networks

When an RRPP ring is adjacent to an Ethernet ring enabled with STP, only the tangent rings
are supported, but the intersecting rings are not supported. This prevents the conflict between
RRPP and STP if both of them calculate the interface status.
3.4 Smart Link

Smart Link is a flexible link backup mechanism, which provides an effective and reliable
solution for dual-homed networking. Compared with STP, Smart Link provides faster
convergence speed. On a dual-homed network, the configuration of Smart Link is simpler
than the configuration of RRPP.
Smart Link implements fast protective switchover when the active link fails on the
dual-homed network. In normal situations, there is an active link and a standby link in the two
upstream links. That is, one upstream interface is in Forwarding state, and the other is in
Block state. When the active link fails, the Smart Link group quickly switches traffic to the
standby link.
Smart Link provides manual switchover and automatic switchover. When a link is faulty, the
Smart Link group sends Flush packets to neighboring devices, requesting the devices to
update their MAC tables and ARP tables.
When multiple devices at different layers are connected for convergence, Monitor Link that
adopts the interface association mechanism monitors upstream links. This improves the
backup function of Smart Link. When an upstream link is faulty, Monitor Link blocks the
downstream interface. After the upstream link recovers, the downstream interface is opened.
This switches traffic between different paths for transmission.
3.5 SEP
The Smart Ethernet Protection (SEP) protocol is a ring network protocol applied to the link
layer of an Ethernet network. The SEP protocol works on the basis of SEP segments. An SEP
segment consists of a group of switching devices that are configured with the same SEP
segment ID and control VLAN ID.
Most metropolitan area networks (MANs) and enterprise intranets adopt the ring networking
to ensure high reliability. The services, however, are affected if any node on the ring fails.
Generally, a ring network adopts the Resilient Packet Ring (RPR) or Ethernet ring technology.
The costs of the RPR technology are high because it requires special hardware components.
The Ethernet ring is improved and its costs are low; therefore, more and more MANs and
enterprise intranets adopt the Ethernet ring.
Huawei originates the SEP protocol, which achieves the protective switchover on the open
ring and closed ring and displays the uncertain blocked points or ring network topology.
Compared with other Ethernet ring technologies, SEP has the following advantages:
It can run on a network together with STP, RSTP, MSTP, and RRPP.

It solves the problem of unidirectional traffic.

Unidirectional traffic may cause unidirectional broadcast storms on the network. The
SEP protocol can prevent unidirectional broadcast storms because it can detect the
unidirectional traffic effectively.
It supports the display of network topology. The network topology is displayed on the
basis of SEP segments.
When the devices of other vendors are used on the network, the SEP can also prevent
loops, but does not need to be configured on these devices.
3.6 Interface Security

Interface security is a security mechanism to control the access to a network. It checks
whether the source MAC addresses of data frames received on an interface are valid. When
detecting packets with invalid source MAC addresses, it takes certain actions to protect the
interface.
After security protection is enabled on an interface, the S5300 considers the following types
of MAC addresses valid:
Static MAC addresses that are manually configured
Dynamic or static MAC addresses in the DHCP snooping table
Dynamic MAC addresses that are learned before the number of learned MAC addresses
reaches the limit
When the interface receives frames with invalid source MAC addresses, the S5300 triggers
the interface security function to discard the frames or generates an alarm according to the
configuration.
3.7 Link Detection

Link detection includes loopback detection and virtual cable test (VCT). They provide users
with two means to detect link faults on LANs.
Loopback detection is used to check whether loops exist on a LAN. The S-switch sends
specific packets to detect loopback on the entire LAN.
VCT is mainly used to estimate the length of a network cable and locate the failure point
of the cable. The S-switch simulates radar to detect cable faults and locate the failure
points on the basis of a single link.

Product Description 4 Service Features
4 Service Features
About This Chapter

4.1 IPv4 Forwarding
4.2 IPv6
4.3 Routing Protocol
4.4 Multicast
4.5 QoS
4.6 Security
4.7 MAC-Forced Forwarding
4.8 DHCP
4.9 Network-Level HA
4.10 LLDP
4.11 NQA
4.12 Cluster Management
4.13 Stacking
4.14 Web Server
4.1 IPv4 Forwarding

4.1.1 IPv4 Features
4.1.2 Unicast Routing Features
4.1.3 Multicast Routing Features
4.1.1 IPv4 Features

The S5300 supports the following IPv4 features:

4 Service Features Product Description
TCP/IP protocol stack, including ICMP, IP, TCP, UDP, socket (TCP/UDP/Raw IP), and
ARP
Static DNS and specified DNS server
FTP server/client, TFTP client, and SSH
Ping, tracert, and Network Quality Analysis (NQA): NQA can detect the status of ICMP,
TCP, UDP, DHCP, FTP, HTTP and SNMP services and test the response time of various
services
DHCP Server, DHCP-Relay, DHCP Client, and DHCP Snooping
BFD, including BFD for OSPF, BFD for ISIS, BFD for BGP, and BFD for PIM
4.1.2 Unicast Routing Features

The S5300 supports the following unicast routing features:
IPv4 unicast forwarding at line speed through bottom-layer ASIC chips
IPv4 routing protocols, including RIP v1/v2, OSPF v1/v2, IS-IS, and BGPv4
Virtual Routing Forwarding (VRF)
Static routes to all the subnets directly connected to the switch and that are manually
configured by the administrator, which simplify network configurations and improve
network performance
Dynamic routes to all the subnets directly connected to the switch
Selection of the optimal route through the perfect routing policy
4.1.3 Multicast Routing Features

The S5300 supports the multicast function. This saves network bandwidth and reduces
network load. The S5300 also guarantees QoS of multicast traffic and forwards multicast
traffic at line speed. It supports the following multicast routing features:
IPv4 multicast forwarding at line speed through the bottom-layer ASIC chips
Multicast protocols, including IGMP, and PIM-SM, PIM-DM, MSDP, and MBGP
ASM and SSM
Anycast RP: Multiple RPs can exist in a domain and they are configured as MSDP peers.
A multicast source can register with the nearest RP, and the receiver can also choose the
nearest RP and join the shared tree of the RP. In this manner, load balancing is carried
out among the RPs. When an RP fails, its previously registered sources and receivers
choose another nearest RP. This implements the backup of RPs.
Multicast static routes
Routing policy used for receiving, importing, and advertising multicast routes. When
forwarding IP multicast packets, the S5300 can filter and forward the packets based on
policies.
PIM BFD
RPF check
4.2 IPv6
The S5300 provides the IPv6 host function, which protects the investment of customers and
prevents repeat investment during network upgrade.

The IPv6 functions supported by the S5300 include:

IPv6 protocol stack
Unicast routing protocols: RIPng and OSPFv3
VRRP6
IPv4/IPv6 transition technologies
4.3 Routing Protocol

The S5300 supports the following unicast routing features:
Static routes that are manually configured by the administrator, which simplify network
configurations and improve network performance
IPv4 routing protocols:
− Open Shortest Path First version 2 (OSPFv2)
− Intermediate System-to-Intermediate System (IS-IS)
− Border Gateway Protocol version 4 (BGPv4)
− Routing Information Protocol (RIP)
Selection of the optimal route through the perfect routing policy
4.4 Multicast
The Internet Group Management Protocol (IGMP) is a protocol used to manage IP multicast
members in the TCP/IP suite. It sets up and maintains the member relationship between IP
hosts and their directly connected multicast routers.
4.4.1 IGMP Snooping
4.4.2 IGMP Proxy
4.4.3 Prompt Leave of Multicast Member Interfaces
4.4.4 Multicast Traffic Control
4.4.5 Inter-VLAN Multicast Replication
4.4.6 Controllable Multicast
4.4.1 IGMP Snooping

Located between hosts and a multicast router, the S5300 supports static multicast forwarding
entries and generates a dynamic Layer 2 multicast forwarding table with multicast groups,
VLANs, and outbound interfaces by listening to IGMP messages.
When the S5300 receives a multicast packet, it forwards the packet only to the members on
the VLAN corresponding to the multicast group. The multicast packet is transmitted in
multicast mode on the VLAN according to the Layer 2 forwarding table. This saves
bandwidth and enhances the security of information transfer.

4.4.2 IGMP Proxy

IGMP proxy is deployed on the switch that is located between the router and hosts. Then the
switch serves as an agent server. The switch terminates IGMP protocol packets sent by hosts
to the router and responds to the IGMP Query messages for the hosts. In addition, the switch
processes IGMP protocol packets sent by the router and the hosts. In this manner, the
forwarding entries for Layer 2 multicast are created.
4.4.3 Prompt Leave of Multicast Member Interfaces

When a multicast member leaves a multicast group, the host sends an IGMP Leave message.
When an interface on the S5300 is connected to only one host, the S5300 deletes the multicast
forwarding entry of the interface immediately after receiving the IGMP Leave message. This
saves bandwidth and system resources and implements fast switching of services.
4.4.4 Multicast Traffic Control

Unknown multicast packets refer to the multicast packets that do not have forwarding entries
in the multicast forwarding table. When receiving unknown multicast packets, the S5300
discards the packets or broadcasts them on the VLAN that the inbound interface belongs to.
The S5300 can also control multicast traffic volume by limiting the percentage or rate (in pps)
of multicast packets on an Ethernet interface.
4.4.5 Inter-VLAN Multicast Replication

Inter-VLAN multicast replication means that an S-VLAN aggregates multicast flows and
replicates the flows to different C-VLANs.
The S5300 forwards multicast packets through the multicast VLAN, and then replicates the
packets based on the multicast routing entries. Then, the S5300 sends these packets to
different C-VLANs. Inter-VLAN multicast replication transmits unicast and multicast data in
different VLANs. It facilitates the management and control of multicast flows and saves
bandwidth.
4.4.6 Controllable Multicast

Multicast protocols do not provide user authentication. Therefore, a user can join or leave a
multicast group freely. The multicast source does not know when a user joins or leaves a
multicast group, so the number of users receiving multicast traffic on a network in a certain
period is unknown. Therefore, the carrier cannot perform accounting for the users. The
controllable multicast technology is introduced to solve these problems. Users have to pass
authentication before receiving multicast traffic. Furthermore, only authorized multicast
traffic can be received by users. Users who pass authentication are allowed to preview
unauthorized multicast traffic and can receive multicast traffic in specified periods within a
day. Controllable multicast does not apply to static multicast.
4.5 QoS
The S5300 provides the class-based QoS mechanism and supports the 802.1p priority. It
provides guarantee of low end-to-end delay, jitter, and high bandwidth.
The S5300 classifies traffic according to certain rules and then performs corresponding
actions on the packets such as priority re-marking, traffic policing, congestion management,

congestion avoidance, and rate limit on the interface. In this way, value-added services such
as NGN services, IPTV, and broadband access are provided with better network service.
4.5.1 Traffic Classification
4.5.2 Access Control and Re-marking
4.5.3 Traffic Policing
4.5.4 Congestion Management
4.5.5 Congestion Avoidance
4.5.6 Rate Limit on an Interface
4.5.7 Two-Rate-Three-Color
4.5.8 Aggregate CAR
4.5.1 Traffic Classification

Traffic classification is a function of identifying the packets of a certain type by matching
information in the packet header. For example, the 802.1p priority of the packets sent by the
Operating Support System (OSS) and NMS is set to 7; the 802.1p priority of VoIP packets is
set to 6; the 802.1p priority of BTV packets and VOD packets is set to 5 or 4; the 802.1p
priority of packets sent by VPN users is set to 3, 2, or 1 according to the level of VPN users;
the 802.1p priority of packets of the Internet access service is set to 0. Then the packets can be
classified based on their 802.1p priorities.
The S5300 adopts a hardware classifier to guarantee line-speed transmission of services data
on interfaces. The S5300 supports traffic classification based on the source MAC address,
destination MAC address, VLAN tag, ToS/DSCP field, and IP quintuple (protocol, source IP
address, destination IP address, source TCP/UDP port number, destination TCP/UDP port
number). In addition, the S5300 can use self-defined character strings to classify packets
according to Layer 2 to Layer 4 information in the OSI model. It supports abundant
classification rules so that carriers can define classification rules according to their own needs.
4.5.2 Access Control and Re-marking

After traffic classification, the S5300 performs access control on the packets, that is, permits
or denies the packets. Then, the S5300 re-marks the following fields in the packets:
802.1p field, that is, the PRI field in a VLAN tag
DSCP field
Precedence field of IP packets
VLAN ID
Destination MAC addresses
4.5.3 Traffic Policing

The S5300 uses the token bucket algorithm to control the Committed Access Rate (CAR) of
network traffic.
The S5300 controls the rate of traffic by adjusting the rate of placing tokens. Each token
equals a forwarding rate of 64 kbit/s. The S5300 "punishes" the excessive traffic to limit the
incoming traffic within a proper range and to protect the network resources and the interests
of carriers.

4.5.4 Congestion Management

The S5300 manages traffic congestion through queue scheduling. Each outbound interface on
the S5300 is configured with eight queues. After traffic classification, packets are sent to the
corresponding queues based on their priorities.
The S5300 provides the following queue scheduling policies:
PQ
In priority queuing (PQ) mode, the S5300 schedules packets strictly based on the
priorities of queues. This mode ensures that delay-sensitive services are scheduled
preferentially.
DRR
In Deficit Round Robin (DRR) mode, the S5300 cyclically schedules packets in the
queues based on priorities of queues and the maximum length of packets that the
interface allows. If one queue has no packets, the S5300 skips over it and schedules
packets in the next queue.
PQ+DRR
In PQ+DRR mode, the S5300 divides the eight queues on each interface into two groups.
It performs PQ scheduling for one group and DRR scheduling for the other.
WRR
In Weight Round Robin (WRR) mode, the S5300 schedules packets in the queues
cyclically based on the weights of queues. If one queue has no packets, the S5300 skips
over it and schedules packets in the next queue. WRR ensures that packets of low
priority can obtain bandwidth in time.
PQ+WRR
The S5300 divides the eight queues on each interface into two groups. It performs WRR
scheduling for one group and PQ+WRR scheduling for the other.
4.5.5 Congestion Avoidance

Congestion avoidance is a flow control technology that relieves overload on a network by
adjusting the network traffic. By monitoring the network resources in use, such as queues and
memory buffers, the S5300 automatically discards packets when congestion occurs or tends to
aggravate.
S5300The S5300 adopts the Weighted Random Early Detection (WRED) technology to avoid
congestion. After traffic classification, the S5300 marks packets with two types of drop
precedence. Packets with low request for QoS are marked with high drop precedence, and the
other packets are regarded as normal packets. Based on the drop precedence of the packets,
the S5300 can discard packets to adjust the rate of the outbound traffic sent from its
interfaces.
4.5.6 Rate Limit on an Interface

Rate limit on an interface is used to adjust the rate of traffic on an outbound interface to
prevent burst traffic. The S5300 uses the token bucket and a buffer to limit the traffic rate on
an outbound interface, implementing traffic shaping. When the rate of packets exceeds the
rate limit, the S5300 buffers excessive packets and sends them when the traffic rate falls
below the limit. In this manner, the transmission rate is smoothed.

4.5.7 Two-Rate-Three-Color
The S5300 controls traffic according to the result of traffic classification and discards the
excessive packets. The S5300 supports two-rate-three-color. You can set the following
parameters on the S5300:
Committed Information Rate (CIR), which is the allowed rate at which traffic can pass
through
Committed Burst Size (CBS), which is the maximum size of traffic that can pass through
Peak Information Rate (PIR), which is the peak rate at which traffic can pass through
Peak Burst Size (PBS), which is the peak size of traffic that can pass through
In addition, the S5300 can mark packets red, green, or yellow according to traffic volume, and
map behaviors to the colors, such as forwarding or discarding the packets. The S5300 can also
re-mark packets.
4.5.8 Aggregate CAR

Aggregate CAR is the CAR applied to multiple interfaces to implement traffic policing for
service flows on the interfaces. The sum of rate limits on the interfaces must be equal to or
smaller than the aggregate CAR. Aggregate CAR can also implement traffic policing on a
VLAN. After traffic classification, the S5300 controls the rate of the service flows on the
VLAN. Excessive packets are discarded when the traffic rate exceeds the limit.
4.6 Security
The S5300 guarantees both device security and service security.
4.6.1 Device Security
4.6.2 Service Security
4.6.3 Security Authentication
4.6.1 Device Security

Hierarchical Command Protection
When a user logs in to the S5300 from an Ethernet interface through Telnet, the S5300
authenticates the user to ensure security. The user can configure and maintain the S5300 only
after passing the authentication.
The S5300 adopts a hierarchical protection mode for commands. Commands are classified
into the visit level, monitoring level, configuration level, and management level, with their
levels in ascending order. Login users are also classified into four levels, corresponding to the
four levels of commands. After logging in to the S5300, a user can run only the commands at
the same or lower level. This mode effectively controls the user authority.
The S5300 extends command levels and user levels to 16 levels so that users are managed
more refinedly.

Remote SSH Login

The S5300 supports the Secure Shell (SSH) for many concurrent connections. On an insecure
network, SSH provides powerful security guarantee and authentication for login users and can
defend against various attacks.
Encrypted Authentication Through SNMPv3

The S5300 supports encrypted authentication through SNMPv3. When S5300 is managed by
an NMS workstation through SNMP, it adopts the encrypted authentication mode in
user-based security mode (USM) to ensure security.
AAA
The S5300 supports the Authentication, Authorization, and Accounting (AAA). Using AAA
and hierarchical command protection, the S5300 can authenticate and authorize login users. In
addition, it can authenticate the NMS administrator. AAA effectively prevents unauthorized
users from logging in to the S5300.
The S5300 supports authentication methods such as local authentication, RADIUS
authentication, and HWTACAS+ authentication.
CPU Channel Protection

The S5300 can filter the protocol packets and management packets sent to the CPU based on
the protocol ID, interface, and combination of interface and VLAN. This protects the CPU
channels against Denial of Service (DoS) attacks.
Limit of MAC Address Learning on Interfaces

You can set the maximum number of MAC addresses learned by an interface on the S5300 to
prevent hackers from initiating source MAC address attack from the interface. This ensures
that the MAC address entries of the S5300 will not be used up.
4.6.2 Service Security

VLAN
The S5300 supports the division of a LAN into multiple VLANs. Devices on different
VLANs cannot communicate with each other. This isolates broadcast domains and improves
service security.
Blackhole MAC Address Entry

The S5300 supports blackhole MAC address entries. When receiving a packet, the S5300
compares the source or destination MAC address of the packet with its MAC address entries.
If the source or destination MAC address of packet is the same as a blackhole MAC address,
the S5300 discards the packet.
When detecting attacking packets from a MAC address, you can set a blackhole MAC address
entry on the S5300 to filter out the packets with the MAC address.

MAC Table Searching Based on VLAN+MAC

The S5300 supports MAC table searching based on VLANs and MAC addresses to improve
interface security. You can add static MAC address entries in the MAC table to map specific
MAC addresses to interfaces. In this way, specific devices are bound to interfaces so that
hackers cannot attack the S5300 by using fake MAC addresses.
Port Isolation
Port isolation prevents ports on the same S5300 from sending Layer 2 packets to each other.
The S5300 supports unidirectional and bidirectional port isolation. Port isolation ensures
security of user networks and helps to construct low-cost intelligent community networks.
Port isolation also limits unnecessary broadcast packets and thus increases network
throughput.
Packet Filtering
Packet filtering is used to filter out invalid or unwanted packets.
The S5300 filters packets based on user-defined rules. For example, it filters packets by
checking the MAC address, IP address, port number, and VLAN ID of packets. Packet
filtering does not check the session status or analyze the data. By filtering packets, the S5300
can effectively control the packets passing through it.
4.6.3 Security Authentication

The 802.1x protocol is a port-based network access control protocol. It authenticates and
controls access devices on a LAN based on interfaces. A user device can access resources on
the LAN only after it passes the authentication on the access interface.
MAC address-based authentication controls the network access authority of a user based on
the access interface and MAC address of the user. The user does not need to install any
authentication client software. After detecting the MAC address of the user for the first time,
the device starts authenticating the user. During the authentication, the user does not need to
enter the user name or password.
4.7 MAC-Forced Forwarding

The access layer provides network connections between the user-side hosts and the
carrier-side access routers (ARs), especially the reliable connections between the hosts with
the Internet or other IP networks.
The access layer can be divided into the user network and convergence network. The user
network is connected to the access node (AN) through a subscriber line, which is a physical
line and usually called "the first mile."
The subscriber line is then connected to the convergence network through the AN. In this
manner, the AN is the border between the subscriber line and the convergence network. User
traffic is centralized and aggregated on the convergence network, which is usually called "the
second mile." For details, see Figure 4-1.

Figure 4-1 Connections at the access layer
Customer
Access Aggregation Access Subscriber
Premises
Routers Network Nodes Lines
Networks
AR
AN
AN
AN
AR
At the access layer, the carrier has the following requirements:

In order that the carrier uses the AR to perform secure filtering, policy scheduling, and
accounting for the traffic, the ARs need to perform Layer 3 forwarding for the traffic of
different user hosts in different networks. The ARs, however, cannot forward packets
through Layer 2 switching.
The efficiency of address assignment needs to be improved to save IPv4 addresses. The
effectiveness of address assignment needs to be improved if an address is assigned from
a large address pool rather than a small and independent network segment to the host.
To implement user isolation at the access layer and meet the preceding requirements of the
carrier, the MAC-Forced Forwarding (MFF) protocol is introduced.
MFF is a security protocol that isolates the user hosts accessing the same device. When MFF
is running, its security program applies to any shared access media, bringing no extra
problems to these networks.
In addition to Layer 2 isolation, the AN that runs MFF discards any upstream broadcast
packets except for DHCP packets and ARP request packets. The AN discards DHCP response
packets received through the subscriber line and limits the rate of DHCP broadcast packets.
The AN that runs MFF must track the IPv4 addresses allocated to the subscriber line. This is
to discard the upstream traffic with the fake IPv4 source addresses.
4.8 DHCP
DHCP Client and DHCP Server
DHCP adopts the client/server mode, that is, the DHCP client sends request messages to the
DHCP server. Then, the DHCP server returns the configuration according to the policy.

The DHCP server assigns an IP address to the client by using an address pool. When the client
sends a DHCP request to the server, the DHCP server selects a proper address pool based on a
certain algorithm, finds an idle IP address from the pool, and delivers the IP address along
with other related parameters, such as the DNS address and the address lease, to the client.
To dynamically allocate IP addresses to clients, you need to first configure the address pool
range on the DHCP server. Currently, an address pool can be configured with only one
address range and the address range is determined by the mask length.
DHCP Snooping
The S5300 can be deployed between the DHCP server and the DHCP client and it monitors
the DHCP messages between the DHCP server and the DHCP client. The S5300 creates the
IP+MAC+port binding table according to the monitoring result to filter out invalid packets.
The S5300 can also append the Option 82 field to DHCP messages or remove the Option 82
field.
After receiving a Request message from the DHCP client, the S5300 appends the Option
82 field to the Request message. The DHCP server enforces the IP address allocation
policy according to the Option 82 field.
The DHCP server appends the Option 82 field to a Response message. The S5300
analyzes the Option 82 field, determines a forwarding interface, removes the Option 82
field, and then forwards the message to a user.
The Option 82 field contains the user circuit IDs. This can effectively prevent attackers from
modifying the DHCP messages.
DHCP Relay
The DHCP client and the DHCP server send broadcast packets during the allocation of IP
addresses. Therefore, DHCP can be applied only when the DHCP client and DHCP server are
in the same subnet. It is a waste of money to deploy a DHCP server in each network segment.
The DHCP relay is introduced to solve this problem. Through DHCP relay, a DHCP client in a
subnet can communicate with the DHCP server in another subnet and finally obtains an IP
address. In this manner, the DHCP clients on different network segments can use the same
DHCP server. This reduces costs and achieves centralized management.
4.9 Network-Level HA
4.9.1 MSTP Protective Switchover
4.9.2 RRPP Rapid Protective Switchover
4.9.3 Smart Link Dual-Homing Protection
4.9.4 Ethernet OAM
4.9.1 MSTP Protective Switchover

The S5300 supports MSTP to eliminate broadcast storms on a network and provide redundant
links for data transmission.

The S5300 provides the root protection function. To retain the role of the root device, you
need to set the role of a designated interface to remain unchanged when the interface receives
a BPDU with higher priority. This prevents incorrect change of the network topology.
The S5300 provides the loop protection function. If the root interface cannot receive any
BPDU from the upstream device, the root interface enters the blocking state and stops
forwarding packets. At the same time, no new root interface is elected. This prevents loops on
the network.
4.9.2 RRPP Rapid Protective Switchover

An RRPP ring is applied to the protected dual-homed networks. The RRPP ring can be
deployed between CEs and UPEs, or between UPEs and NPEs.
An RRPP ring is composed of a master node and multiple transit nodes that are connected to
each other. The master node periodically sends out protocol packets from the primary
interface to monitor the link status. If the link fails, the master node can enable the secondary
interface to realize self-healing.
If a single-point failure occurs on the ring, the RRPP can enable the backup link as soon as
possible and the link among nodes can recover quickly.
4.9.3 Smart Link Dual-Homing Protection

The S5300 is dual-homed to an upstream device through the Smart Link technology. The
downstream links of the S5300 form a Monitor Link group. The layer-by-layer connection of
convergence implements association between Smart Link and Monitor Link. When no
upstream links exist, the S5300 disables the downstream interface and switches traffic
between different paths through the interface association mechanism.
4.9.4 Ethernet OAM

Conforming to IEEE 802.3ah, the S5300 supports the point-to-point Ethernet fault
management to detect faults in the first mile of the directly connected link on the user side of
the Ethernet. At present, the S5300 supports the following functions defined in IEEE 802.3ah:
OAM discovery
Link monitoring
Fault notification
Remote loopback
The S5300 provides end-to-end Ethernet OAM complying with IEEE 802.3ag to detect
connectivity faults on a network. The S5300 supports end-to-end connectivity fault detection,
fault notification, fault verification, and fault location.
The S5300 provides the performance management function. Performance management is used
to measure the packet loss ratio, delay, and jitter during packet transmission, and collect
statistics on various types of packets. Performance management is performed at the user
access points. By using performance management tools, a carrier can monitor the network
running status and locate faults through the network management system. The carrier can then
check whether the forwarding capacity of the network complies with the Service Level
Agreement (SLA) signed with users.
Ethernet OAM improves management and maintenance capabilities on the Ethernet and
guarantees a stable network.

4.10 LLDP
The S5300 supports the Link Layer Discovery Protocol (LLDP) that conforms to IEEE
802.1ab. LLDP is a link layer protocol used for interconnected devices to obtain the
connection information of each other.
Using LLDP, the local NMS can obtain the link layer information of all devices on the local
network and details about the network topology. Thus the NMS can manage a larger area on
the network.
The LLDP-enabled interfaces on the S5300 periodically notify the neighbors of its own status.
If the status of an interface changes, the interface sends status update messages to the directly
connected neighboring device. The neighboring device stores the status update message in the
standard SNMP MIB. Then the NMS can obtain the link layer information of the network
from the MIB to calculate the topology of the entire network.
4.11 NQA
With the development of value-added services, users and carriers demand increasingly high
QoS. After voice over IP and video over IP services are launched, carriers and users all tend to
sign Service Level Agreements (SLAs). To show whether the committed bandwidth meets
users' requirement, network carriers need to know the network performance in time according
to statistical parameters such as the delay, jitter, and packet loss ratio on network devices.
The S5300 supports Network Quality Analysis (NQA). NQA tests the performance of
different protocols running on a network so that carriers can collect the network performance
indexes of networks in real time, such as the total delay of the Hypertext Transfer Protocol
(HTTP) service, delay in the Transmission Control Protocol (TCP) connection, file
transmission speed, and delay in File Transfer Protocol (FTP) connection. By controlling
these indexes, carriers can provide network services of different levels and charge services
differently. NQA is also an effective tool for diagnosing and locating faults on a network.

The Huawei Group Management Protocol (HGMP) is a Huawei proprietary protocol used to
manage multiple S5300s or other switches through one S5300. In HGMP implementation, the
Neighbor Discovery Protocol (NDP) is used to collect information about directly connected
neighbors including the device type, software version, hardware version, connected interface,
and member ID. The Network Topology Discovery Protocol (NTDP) is used to collect
topology information.
As defined in HGMP, a management domain (namely a cluster) consists of a command switch
and multiple member switches. The S5300 can function as a command switch or a member
switch.
Member switch
A member switch is managed by the command switch. Member switches are usually
Layer 2 switches and do not need public IP addresses. When the S5300 functions as a
member switch, it is managed by a high-end device.
Command switch

The command switch functions as the proxy of the external network management station
or server to manage the member switches of a cluster. It has a public IP address and can
manage other switches.
In actual application, the S5300 usually functions as a command switch to manage a large
number of member switches on a residential network in a centralized manner.
Automatically detects new remote devices and adds them to the cluster.
Collects and maintains the network topology information from the member switches in
the cluster.
Provides methods of batch configurations and upgrade for member switches in the
cluster.
HGMP saves IP addresses by managing devices in a cluster.
4.13 Stacking
Stacking means that the switches located in the same place are connected through the stacking
cable or high-speed uplink interfaces, and thus the switches form a reliable switch group. In a
switch group, the S5300s are connected through the stack interfaces. Through stacking, the
user can manage and maintain the switches uniformly; therefore, the stacking reduces the
maintenance cost of the user.
The stacked switches have three roles:
Master switch
The master switch functions as the proxy of the external network management station or
server to manage the member switches of a cluster. It has a public IP address and can
manage other switches.
Backup switch
As the backup of the master switch, the backup switch becomes the master if the master
switch is faulty and takes over the work of the master switch.
Member switch
A member switch only processes service traffic on the network and is managed by the
master switch.
4.14 Web Server

Users can manage network devices through the GUI provided by the Web Server. This
reduces requirements for junior maintenance personnel.

Product Description 5 Networking and Applications
5 Networking and Applications
About This Chapter

5.1 Application in a MAN
5.2 Multi-Topology Ring Network
5.3 VLAN Mapping
5.4 Selective QinQ
5.5 Application in IPTV Services
5.6 End-to-End QoS
5.7 Partitioned STP at Access and Convergence Layers
5.1 Application in a MAN

The S5300 is mainly deployed at the access layer of a MAN. Figure 5-1 shows the networking
diagram.

5 Networking and Applications Product Description
Figure 5-1 Application of the S5300 in a MAN
Router
IP/MPLS Core
BRAS BRAS
SwitchA
SwitchB
SwitchC
RRPP
RRPP SwitchD
LANSwitch DSLAM
SwitchE
AMG
Intranet Intranet
SOHOI Residental Commerical Residental

area center area
In the MAN, the S5300 provides the following functions:

SwitchD and switchE are directly connected to the user hosts and aggregate the user
services to switchB.
SwitchC is connected to a LAN switch or Digital Subscriber Line Access Multiplexer
(DSLAM) and aggregates service traffic to the core layer of the network.
SwitchB is connected to an Access Media Gateway (AMG) and aggregates the access
services from the AMG to the core layer.
SwitchA, SwitchB, and SwitchC form an RRPP ring and SwitchB, SwitchD, and
SwitchE form an RRPP ring. The RRPP rings improve service reliability through the
rapid switchover mechanism, and improve the fault management and link maintenance
capabilities through the Ethernet OAM function.
The S5300 provides VLAN mapping, selective QinQ, inter-VLAN multicast replication,
and various attack-defense measures.
5.2 Multi-Topology Ring Network

The S5300 can be used in a layered RRPP ring. Figure 5-2 shows the networking diagram.

Figure 5-2 Application of the S5300 in a layered RRPP ring
Router
IP/MPLS
BRAS BRAS
Core
SwitchA SwitchB
SwitchC
SwitchF
RRPP
RRPP
SwitchK SwitchE SwitchD RRPP SwitchG
RRPP
RRPP Intranet
RRPP
SOHO SwitchH
SwitchJ
Intranet
Residental Commerical
area center
SwitchH, switchG, switchJ, and switchK function as the UPEs, and switchA and switchB
function as the PE-AGGs. The switches form an RRPP Ethernet ring .
A metro Ethernet set up by the S5300s supports multiple RRPP domains. Each RRPP domain
supports a primary ring and multiple subrings, forming a two-layer RRPP ring network. One
layer is the convergence layer and the other is the access layer. The two layers can be either
tangent or intersecting.
The RRPP ring carries the leased line service of enterprises and broadband access services.
The links on the RRPP ring can be bound through GE interfaces to meet the demand for high
bandwidth. The RRPP ring also provides rapid protective switchover of services.
5.3 VLAN Mapping

The S5300 provides the VLAN mapping function. Figure 5-3 shows the networking of VLAN
mapping.

Figure 5-3 VLAN mapping networking
Video
TMG server
PSTN Router I n t e rnet
Access
BRAS convergence BRAS
ISP network network
VLAN1-1000 V50 V350 V850
Switch
User network
VLAN101-500 LAN Switch
AMG
VLAN401-600 DSLAM
VLAN401-700
V450 V450 V450
Intranet
SOHO Residential VLAN401-700

VLAN101-500 area
VLAN401-600
After VLAN mapping is configured, ISPs need to manage only VLAN tags on the MAN, and
different user networks can use same VLAN tags. The S5300 aggregates traffic from user
networks to the ISP network and implements VLAN mapping between user networks and the
ISP network. VLAN mapping implements communication between VLANs and facilitates
service deployment.
When the S5300 receives service packets sent from a user network to the ISP network, it
replaces the C-VLAN tag of the packets with the S-VLAN tag specified by the ISP. For
example:
Replaces C-VLAN 450 of Small Office/Home Office (SOHO) with S-VLAN 850.
Replaces C-VLAN 450 of the residential community with S-VLAN 50.
Replaces C-VLAN 450 of an enterprise intranet with S-VLAN 350.
When receiving service packets sent from the ISP network to an enterprise intranet, the S5300
replaces the S-VLAN tag with the C-VLAN tag of the enterprise intranet.
5.4 Selective QinQ

The S5300 provides the selective QinQ function. Figure 5-4 shows the networking of
selective QinQ.

Figure 5-4 Selective QinQ provided by the S5300
Video
TMG server
PSTN I n t ernet
Router
BRAS BRAS
ISP network V30 V450 V10 V100

VLAN1-1000 V30 V650 V10 V600
Switch
V30 V850 V10 V800
User network
LAN
VLAN1-1000 LAN DSLAM
Switch
Switch
V100 V450 V600 V650 V800 V850
VLAN1-500 VLAN500-700 VLAN700-1000
With the selective QinQ function, the S5300 can aggregate services and choose different paths
for various services. This achieves the flexible deployment of services.
The three enterprise intranets need to transmit data, voice, and video services. The S5300 adds
another VLAN tag to the tagged packets based on the type of access services, for example:
Add S-VLAN tag VLAN 10 to the data service packets from the user network tagged by
VLAN 100, VLAN 600, or VLAN 800.
Add S-VLAN tag VLAN 30 to the video service packets from the user network tagged
by VLAN 450, VLAN 650, or VLAN 850.
5.5 Application in IPTV Services

Figure 5-5 shows the application of the S5300 in IPTV services.

Figure 5-5 Application of the S5300 in IPTV services
Video
NSM
server
IP/MPLS
Core Router
SwitchB SwitchA
Access
convergence
network
SwitchC
RRPP DSLAM
SwitchD
DSLAM STB
DSLAM
STB BTV
STB
BTV BTV
Video stream
SwitchC and SwitchD function as UPEs and provide the IGMP snooping function. They can
serve as the replication and control point for multicast services at the access layer of the MAN
to meet the demand for large-capacity multicast services. The DSLAM provides the IGMP
proxy function to control the user access to multicast services based on the user authority
configured on the NSM.
SwitchB, SwitchC, and SwitchD form an RRPP Ethernet ring to ensure high quality of the
Broadband Television (BTV) service. The RRPP ring has the following advantages:
The RRPP ring improves availability of the BTV service through the rapid protective
switchover mechanism.
Only one copy of multicast packets needs to be transmitted on the RRPP ring, which
saves bandwidth.
In addition, SwitchA, SwitchB, SwitchC, and SwitchD allow interfaces to join or leave
multicast groups quickly, which implements fast switching of services.
5.6 End-to-End QoS

The S5300 provides the end-to-end QoS function. Figure 5-6 shows the networking where the
end-to-end QoS is configured.

Figure 5-6 End-to-end QoS provided by the S5300
IP/MPLS core
BRAS
SwitchA
SwitchB
SwitchC
RRPP
SwitchD
RRPP SwitchE
DSLAM
LAN Switch
AMG
SwitchF
STB
Intranet
BTV
SOHO Phone
upstream
downstream
SwitchC, switchD, switchE, and switchF function as the UPEs, and switchA and switchB
function as UPE or PE-AGG. The UPE or PE-AGG provides end-to-end QoS guarantee for
the services on the LAN switch and DSLAM.
At the ingress of the access and convergence layer, the S5300 classifies data, voice, and
video services. The S5300 then polices traffic and re-marks the precedence of packets.
The RRPP nodes, including the across-ring nodes, schedule the queues. At the copy node,
the S5300 restores the RRPP level to the 802.1p priority.
At the egress of the access and convergence layer, the S5300 performs queue scheduling
and rate limit.
By mapping 802.1p priorities to different packets, the S5300 provides end-to QoS guarantee
for the entire network.
5.7 Partitioned STP at Access and Convergence Layers

Figure 5-7 shows the networking of partitioned STP supported by the S5300.

Figure 5-7 Partitioned STP supported by the S5300
Residential area A
Access SwitchH Intranet D
SwitchE convergence
network
SwitchA
IP/MPLS Router SwitchD
Router core SwitchB
SwitchC
SwitchJ SwitchF
Intranet C
Residential area B
As shown in the figure, enterprise intranets C and D, and residential communities A and B are
all connected to a MAN. SwitchA, SwitchB, SwitchC, and SwitchD function as UPEs and
connect to the enterprise intranets and residential communities directly. The UPEs are dual
homed to SwitchE, SwitchF, SwitchH, and SwitchJ to improve link reliability.
Each UPE is dual homed to the MAN and forms a partitioned STP network with two
PE-AGGs. For example, SwitchA, SwitchE, and SwitchJ form a partitioned STP
network.
SwitchC and SwitchD at the egress of the intranets are on the same VLAN with SwitchE,
SwitchF, SwitchH, and SwitchJ. BPDUs of intranet C and intranet D are transmitted
transparently on this VLAN.
SwitchA and SwitchB at the ingress of the residential communities are on the same
VLAN with SwitchE, SwitchF, SwitchH, and SwitchJ. BPDUs of community A and
community B are transmitted transparently on this VLAN.
SwitchE, SwitchF, SwitchH, and SwitchJ on the MAN support BPDU tunneling and
MSTP snooping.
The partitioned STP technology enables BPDUs of a user network to be transmitted
transparently on the ISP network so that the user network can calculate a uniform spanning
tree. In this way, users on the same network can communicate with each other even though
they are in different geographical locations. In addition, the user network and ISP network use
independent spanning trees.

Figure 5-8 shows the networking of the cluster management function provided by the S5300.

Figure 5-8 Cluster management provided by the S5300
NSM
IP/MPLS core
SwitchA
SwitchB SwitchC
STP/RRPP AMG
SwitchD
Phone
DSLAM
SOHO Intranet Commercial
center
Residential
area
Building Building
corridor Residential corridor
area
As shown in the figure, the network is divided into three HGMP domains, which are managed
by SwitchB, SwitchC, and SwitchD respectively. SwitchB, SwitchC, and SwitchD collect and
maintain information about Layer 2 switches in each domain and manage and maintain Layer
2 switches uniformly.
Cluster management enables the network administrator to manage a large number of scattered
Layer 2 switches conveniently and implements fast deployment of Layer 2 switches. In
addition, cluster management saves IP addresses and reduces the OPEX.

Product Description 6 Maintenance and Network Management System
6 Maintenance and Network Management

System
About This Chapter

6.1 Maintenance and Management
6.2 U2000 Network Management System
6.1 Maintenance and Management

6.1.1 Various Configuration Methods
6.1.2 Monitoring and Maintenance
6.1.3 Diagnosis and Debugging
6.1.4 Software Upgrade and In-Service Patching
6.1.5 Hardware Fault Handling
6.1.1 Various Configuration Methods

Configuration Modes
The S5300 supports the following configuration and management modes:
Command line
A user connects to the console port of the S5300 through the console terminal, and then
configures various functions and sets parameters in the command line interface (CLI).
Network management station
A user configures and manages the S5300 through the SNMP protocol.
HGMP
A user logs in to the S5300 to manage Layer 2 switches or other S5300s in the same
cluster based on HGMP.

6 Maintenance and Network Management System Product Description
Login Modes
The S5300 provides a console port. A user can connect to the console port through the serial
port on a console terminal, and then configure the S5300 locally or remotely.
In addition, the user can telnet to the service interface of the S5300 for configuration and
management.
The S5300 supports multiple authentication modes, including non-authentication, local
authentication, and AAA.
6.1.2 Monitoring and Maintenance

Hardware Monitoring
The S5300 provides the following hardware monitoring functions:
Sends a trap when the temperature of the device becomes abnormal.
Provides the re-detection function to prevent incorrect detection because of instant
interference.
Checks version matching automatically when the system is running.
Device Management and Maintenance

The S5300 provides various management and maintenance functions:
Provides flexible online help for the command line in Chinese or English.
Provides hierarchical commands and user authority management.
Provides an information center to uniformly manage logs, traps, and debugging
information and redirects information as required.
Provides the electronic labels. A user can view the basic information about the SCU and
optical modules through the CLI, and back up the information to an external server
through FTP.
Supports the display of the software version, module status, ambient temperature, CPU
usage, and memory usage.
6.1.3 Diagnosis and Debugging

Ping and TraceRoute
On traditional IP networks, the S5300 provides the following tools to check network
connectivity:
Ping
TraceRoute
These tools are used to test network connectivity and record transmission paths of packets to
assist fault location.
Debugging
The S5300 provides various debugging commands for each software feature. Each debugging
command supports multiple parameters and can be flexibly controlled. The debugging

commands display the detailed information about processes, packet receiving and sending,
and error check during the running of a feature.
Black Box
The S5300 provides the black box function to record information on the feature modules,
tasks, and events. In addition, the black box records the final results, process status, and
function calling track to facilitate fault location.
VCT
A user can run the VCT commands on the switch. According to Time Domain Reflectometry
(TDR) theory, an interface can receive the reflected signal after transmitting the test signal.
Then the user can know the cable status according to the characteristics of the reflected signal.
Mirroring
The S5300 supports interface- or flow-based mirroring.
Port mirroring
The incoming traffic, outgoing traffic, or both incoming and outgoing traffic at an
observed interface is completely copied to an observing interface.
Flow mirroring
The traffic at an observed interface is completely copied to an observing interface.
By connecting a monitoring host to an observing interface on the S5300, a network
administrator can easily observe the packets that pass through the S5300 in real time. The
mirroring result serves as a basis for traffic detection, fault location, and data analysis.
6.1.4 Software Upgrade and In-Service Patching

Software Upgrade
The S5300 can detect the integrity and validity of the system software before the upgrade
and provides various methods of upgrading the software:
Local upgrade
When the S5300 is powered on, the software can be loaded and upgraded through the
BootROM menu.
Remote in-service upgrade
When the S5300 runs normally, it can download the software through FTP or TFTP. The
new software is run when the S5300 is restarted. This realizes the remote seamless
software upgrade.
The S5300 supports rollback to the previous version in case of upgrade failure.
In-Service Patching
The S5300 supports in-service patching to protect services from being affected when a patch
is installed. The software can be restored to the earlier version, and the device data before and
after in-service patching is recorded.

6 Maintenance and Network Management System Product Description
6.1.5 Hardware Fault Handling

The S5300 supports automatic and manual intervention when a hardware fault occurs, for
example, a chip on a board fails. The maintenance personnel can locate a hardware fault and
handle it quickly to shorten service interruption.
6.2 U2000 Network Management System

The S5300 uses the Huawei U2000 as a centralized NMS. The U2000 supports a
multi-language graphical user interface (GUI) for convenient and visualized operations. The
U2000 also provides northbound interfaces for connecting to a third-party NMS so that it can
work with other NMSs of carriers.
6.2.1 Network Management Modes
6.2.2 U2000
6.2.1 Network Management Modes

The NMS can manage the S5300 in two modes: inband and outband.
Inband Management
In inband management mode, the network management information is transmitted through the
service channel of the S5300, and no additional communications network is required between
the NMS and the S5300. The network administrator simply needs to connect the NMS to the
adjacent network devices and set the SNMP parameters.
The inband management mode features flexible networking and does not rely on geographical
locations. In addition, it guarantees the channel security better than the outbound management
mode. However, the network management information consumes bandwidth of the service
channel. And if the service channel fails, the NMS cannot manage the S5300 remotely.
Outband Management
In outbound management mode, an independent network needs to be set up between the
S5300 and the NMS so that the network management information is separated from the
service information.
This mode ensures reliable transmission of the network management information and the
NMS can still manage the S5300 when the service channel fails. However, the independent
NMS network is limited by geographical locations.
6.2.2 U2000
The U2000 can display the software version, and save and restore configuration files and VRP
mapping programs. The U2000 also supports in-service patching for the S5300 through CLI.
The U2000 provides the following functions.
Resource Management
The U2000 provides resource management to help you easily manage network resources
including devices, boards, interfaces, and links on a large and complicated network. Through

the U2000, you can query and manage resources of the S5300 and locate abnormal resources
on the network.
View Management
The U2000 provides a unified topology view of all devices on a network to help you obtain
network information directly and conveniently. The U2000 provides a powerful topology
management function. You can browse device information in the system topology view,
protocol topology view, and user-defined view. In addition, the U2000 provides friendly
interfaces for operation and maintenance of the network and devices.
The protocol topology views include the HGMP view and Ethernet view, which cover the
topologies of various networking modes and network layers of the S5300. These views
support automatic topology discovery to reflect changes of the network topology and device
status in real time.
Configuration Management
Configuration management is used to configure the S5300 and it supports management of
devices, interfaces, VLANs, Layer 2 features, software upgrade, and configuration files. the
U2000 provides personalized configuration modes such as end-to-end configuration, batch
configuration, and configuration wizard, and provides default configuration templates.
Fault Management
Fault management is an important and commonly used management method for maintaining
networks. Through the GUI, you can query and monitor the running status and faults of the
S5300 in real time, filter faults, locate faults, confirm faults, and analyze faults. The U2000
can generate alarm sounds or display alarms on the alarm panel. It can be connected to an
alarm box for convenient routine maintenance.
Performance Management
The U2000 can collect performance data, monitor the device performance, and analyze the
collected data. It provides various reports and charts about device performance. In addition,
the U2000 collects statistics about device load and user access so that you can know the QoS
of the network and thus assess and adjust network resource configuration in time.
Performance management serves resource management, and performance data is displayed on
the GUI in iWeb mode.
Security Management
The U2000 provides various measures for security management. Users are authenticated
uniformly on the U2000 and their operation authority is configured based on the minimum
granularity principle. The U2000 authenticates users strictly to ensure system security. It also
provides detailed operation logs for you to query and analyze user operations.
Security management supports user management, access control, user group management, and
operation management.

Product Description 7 System Technical Specifications
7 System Technical Specifications
About This Chapter

7.1 Physical Specifications
7.2 Optical Module Attributes
7.3 System Configuration
7.4 List of Software Features
7.1 Physical Specifications

Table 7-1 Physical specifications
Item Description
Dimensions (width x depth x S5324TP-SI: 442.0 mm x 220.0 mm x 43.6 mm
height) S5328C-EI-24S: 442.0 mm x 420.0 mm x 43.6 mm
S5328C-PWR-EI: 442.0 mm x 420.0 mm x 43.6 mm
S5328C-SI: 442.0 mm x 420.0 mm x 43.6 mm
S5328C-PWR-SI: 442.0 mm x 420.0 mm x 43.6 mm
S5352C-EI: 442.0 mm x 420.0 mm x 43.6 mm
S5352C-PWR-EI: 442.0 mm x 420.0 mm x 43.6 mm
S5352C-SI: 442.0 mm x 420.0 mm x 43.6 mm
S5352C-PWR-SI: 442.0 mm x 420.0 mm x 43.6 mm
S5348TP-SI: 442.0 mm x 420.0 mm x 43.6 mm
S5324TP-PWR-SI: 442.0 mm x 420.0 mm x 43.6 mm
S5348TP-PWR-SI: 442.0 mm x 420.0 mm x 43.6 mm

7 System Technical Specifications Product Description
Item Description
Maximum power (full S5328C-EI: 60W
configuration) S5352C-EI: 88W
S5328C-EI-24S: 63W
S5328C-SI: 56W
S5352C-SI: 78W
S5324TP-SI: 40W
S5348TP-SI: 64W
S5324TP-PWR-SI: 455 W (Dissipated power: 85 W,
PoE: 370 W)
S5348TP-PWR-SI: 907 W (Dissipated power: 167 W,
PoE: 740 W)
S5328C-PWR-SI: 891 W (Dissipated power: 151 W,
PoE: 740 W)
S5352C-PWR-SI: 917 W (Dissipated power: 177 W,
PoE: 740 W)
S5328C-PWR-EI: 472 W (Dissipated power: 102 W,
PoE: 370 W)
S5352C-PWR-EI: 930 W (Dissipated power: 190 W,
PoE: 740 W)
Weight Full ≤ 8.5 kg
configuration
Empty chassis ≤ 5 kg
DC input Rated voltage –48V DC to –60V DC
voltage
Maximum –36V DC to –72V DC
voltage
AC input Rated voltage 100V AC to 240V AC
voltage
Maximum 90V AC to 264V AC
voltage
Temperature Long-term 0°C to 50°C
operating
temperature
Short-term -5°C to 55°C
operating
temperature
Storage -40°C to 70°C
temperature
Relative humidity 10%RH to 90%RH
Altitude Long-term 0 m to 2000 m
operating
altitude

Item Description
Storage altitude 0 m to 2000 m
7.2 Optical Module Attributes

Table 7-2 Attributes of the ESFP (GE) optical module
Attribu Specification
te
Transmi 0.5 km 10 km 10 km 10 km 40 km 40 km 80 km 100 km
ssion (single- (single-
distance mode mode
bidirect bidirect
ional ional
fiber) fiber)
Center 850 nm 1310 Sendin Sendin 1550 1310 1550 1550
wavelen nm g: 1310 g: 1490 nm nm nm nm
gth nm nm
Receivi Receivi
ng: ng:
1490 1310
nm nm
Transmi -9.5 -9.0 -9.0 -9.0 -5.0 -5.0 -2.0 0 dBm
tting dBm to dBm to dBm to dBm to dBm to dBm to dBm to to 5.0
power -2.5 -3.0 -3.0 -3.0 0 dBm 0 dBm 5.0 dBm
dBm dBm dBm dBm dBm
Receiver -17.0 -20.0 -19.5 -19.5 -22.0 -22.0 -22.0 -30.0
sensitivi dBm dBm dBm dBm dBm dBm dBm dBm
ty
Overloa 0 dBm -3.0 -3.0 -3.0 -3.0 -3.0 -3.0 -9.0
d power dBm dBm dBm dBm dBm dBm dBm
Extincti 9.0 dB 9.0 dB 6.0 dB 6.0 dB 8.5 dB 9.0 dB 9.0 dB 8.0 dB
on ratio
Type of LC LC LC LC LC LC LC LC
the
optical
connect
or
Fiber Multi- Single Single Single Single Single Single Single
type mode mode mode mode mode mode mode mode

Table 7-3 Attributes of the ESFP (CWDM) optical module
Attribu Specification
te
Transmi 80 km 80 km 80 km 80 km 80 km 80 km 80 km 80 km
ssion
distance
Center 1571 1591 1551 1511 1611 1491 1531 1471
wavelen nm nm nm nm nm nm nm nm
gth
Transmi 0 dBm 0 dBm 0 dBm 0 dBm 0 dBm 0 dBm 0 dBm 0 dBm
tting to 5.0 to 5.0 to 5.0 to 5.0 to 5.0 to 5.0 to 5.0 to 5.0
power dBm dBm dBm dBm dBm dBm dBm dBm
Receiver -28.0 -28.0 -28.0 -28.0 -28.0 -28.0 -28.0 -28.0
sensitivi dBm dBm dBm dBm dBm dBm dBm dBm
ty
Overloa -9.0 -9.0 -9.0 -9.0 -9.0 -9.0 -9.0 -9.0
d power dBm dBm dBm dBm dBm dBm dBm dBm
Extincti 8.5 dB 8.5 dB 8.5 dB 8.5 dB 8.5 dB 8.5 dB 8.5 dB 8.5 dB
on ratio
Type of LC LC LC LC LC LC LC LC
the
optical
connect
or
Table 7-4 Attributes of XFP optical module (10GE)
Attribute Specification
Transmission 0.3 km 10 km 40 km 80 km
distance
Center 850 nm 1310 nm 1550 nm 1550 nm
wavelength
Transmitting -7.3 dBm to -6.0 dBm to -1.0 dBm to 2.0 0 dBm to 4.0
power -1.0 dBm -1.0 dBm dBm dBm
Receiver -7.5 dBm -14.4 dBm -15.0 dBm -24.0 dBm
sensitivity
Overload power -1.0 dBm 0.5 dBm -1.0 dBm -7.0 dBm
Extinction ratio 3.0 dB 6.0 dB 8.2 dB 9.0 dB
Type of the LC LC LC LC
optical connector
Fiber type Multi-mode Single mode Single mode Single mode

Table 7-5 Attributes of the SFP+ (10GE) optical module
Attribute Specification
Transmission distance 0.3 km 10 km 40 km
Center wavelength 850 nm 1310 nm 1550 nm
Transmitting power -7.3 dBm to -1.0 -8.2 dBm to 0.5 -4.7 dBm to 4.0
dBm dBm dBm
Receiver sensitivity -11.1 dBm -12.6 dBm -14.1 dBm
Overload power -1.0 dBm 0.5 dBm -1.0 dBm
Extinction ratio 3.0 dB 3.5 dB 3.5 dB
Type of the optical LC LC LC
connector
Fiber type Multi-mode Single mode Single mode
7.3 System Configuration

Table 7-6 System configuration
Item Parameter
Processor S5300C-EI: 533 MHz
S5300C-SI: 800 MHz
S5300TP-SI: 800 MHz
Switching capacity S5324: 48Gbit/s
S5328: 88Gbit/s
S5348: 96Gbit/s
S5352: 136Gbit/s
Packet forwarding S5324: 35.71 Mpps
capacity S5328: 65.47 Mpps
S5348: 71.42 Mpps
S5352: 101.19 Mpps
DDR memory 256 MB
Flash Memory 32 MB
Stacking Bandwidth 48 Gbit/s

7.4 List of Software Features

Table 7-7 List of software features
Attribute Description
Ethernet Ethernet Operating modes, including full duplex, half duplex, and
features auto-negotiation
Operating rates of an Ethernet interface, including 10
Mbit/s, 100 Mbit/s, 1000 Mbit/s, 10 Gbit/s, and
auto-negotiation
Cable type detection (direct or cross-over)
Flow control on interfaces
Jumbo frames
Link aggregation
Load balancing among the links of a trunk
Interface isolation and forwarding restriction on interfaces
Port Security
Suppression of broadcast storms
VLAN Access modes of access, trunk, hybrid, and QinQ
Default VLAN
VLAN mapping.
Selective QinQ
Voice VLAN
VLAN switching
DHCP policy VLAN
MAC Automatic learning and aging of MAC addresses
Static, dynamic, and blackhole MAC address entries
Packet filtering based on source MAC addresses
Limitation on MAC address learning on interfaces
ARP Static and dynamic ARP entries
ARP on a VLAN
Aging of ARP entries
SmartLink SmartLink
SmartLink multi-instance
MonitorLink
LLDP LLDP
NAC NAC
VCT VCT

Ethernet MSTP STP
loop RSTP
protection
MSTP
BPDU protection, Root protection, and loop protection
Partitioned STP and BPDU tunnels
RRPP RRPP protective switchover
Single RRPP ring, tangent RRPP rings, and intersecting
RRPP rings
Hybrid networking of RRPP rings and other ring networks
IPv4/IPv6 IPv4 features ARP/RARP
forwardin ARP proxy
g
Auto-detection
Unicast Up to 12,000 routes (S53EI) / 2,000 routes (S53SI)
routing Static routes
RIP-1/RIP-2 (2,000 routes)
OSPF v1/v2 (12,000 routes on S53EI)
BGP (12,000 routes on S53EI)
IS-IS (12,000 routes on S53EI)
Routing policies and policy-based routes
uRPF check
VRF
DHCP Client/Server/Relay
DHCP snooping
Multicast IGMPv1/v2/v3 (512 groups on S53EI)
routing IGMP Snooping v1/v2/v3 (up to 1,000 groups)
PIM-DM (2,000 entries on S53EI)
PIM-SM (2,000 unicast routes on S53EI)
PIM-SSM
MBGP
MSDP
Multicast routing policy
RPF
IPv6 features IPv6 protocol stack
IPv6 unicast routing protocols: RIPng and OSPFv3
VRRP6
IPv4/IPv6 transition technologies

Device BFD Basic BFD functions
reliability BFD for OSPF
BFD for IS-IS
BFD for BGP
BFD for PIM
Others VRRP
Layer 2 Layer 2 IGMP snooping
multicast multicast IGMP proxy
Prompt leave
Multicast traffic control
Inter-VLAN multicast replication
Controllable multicast
Ethernet EFM OAM Neighbor discovery
OAM Link monitoring
Fault notification
Remote loopback
QoS Traffic Traffic classification based on the combination of the L2
classification protocol header, IP quintuple, outgoing interface, and
802.1p field
Traffic classification based on the C-VID and C-PRI of
QinQ packets
Traffic Access control after traffic classification
behaviors Traffic policing based on traffic classification
Re-marking based on traffic classification
Class-based packet queuing
Combination of traffic classification and traffic behaviors
Queue PQ
scheduling DRR
PQ+DRR
WRR
PQ+WRR
Congestion SRED
avoidance
Rate limit on Rate limit on outbound interfaces
outbound
interfaces

Configura Terminal Configurations through command lines
tion and service Help information in English and Chinese
maintenan
ce
Login through console and Telnet terminals
Information exchange between terminals through the send
function
File system File system
Directory and file management
File upload and download through FTP or TFTP
Debugging Centralized management of logs, alarms, and debugging
and information
maintenance Electronic label
User operation logs
Detailed debugging information for diagnosing network
faults
Network test tools such as traceroute and ping commands
Interface mirroring and flow mirroring
Version Software loading on the entire equipment and online
upgrade software loading
Online upgrade of the BootROM
In-service patching
Security System Hierarchical command line protection to prevent
and security unauthorized users from accessing the S5300
managem SSH v2.0 (up to 16 user levels)
ent
RADIUS authentication and HWTACACS authentication
ACL filtering
DHCP packet filtering (with Option 82)
Defense against control packet attacks
Defense against attacks of source address spoofing, LAND,
SYN flood (TCP SYN), smurf, ping flood (ICMP echo),
Teardrop, and Ping of Death
Network Ping and traceroute
management SNMPv1/v2c/v3
Standard MIB
RMON
Cluster HGMPv2
management S5300 functioning as the command switch
S5300 functioning as the member switch
S5300 joining cluster automatically
Member switches using private IP addresses
Logging in to the member switch through Telnet


Product Description 8 IEEE and IETF Comply Tables
8 IEEE and IETF Comply Tables
About This Chapter

8.1 IEEE Comply Table
8.2 IETF Comply Table
8.1 IEEE Comply Table

Table 8-1 IEEE Comply Table
Standard Number Standard Topic

IEEE Standard for Local and metropolitan area
IEEE 802.1AB-2005 networks: Station and Media Access Control
Connectivity Discovery
IEEE 802.1ad Provider Bridges
IEEE 802.1ah Provider Backbone Bridges
IEEE 802.1D Spanning Tree Protocol
IEEE Standards for Local and Metropolitan Area
IEEE 802.1p
Networks: Virtual Bridged Local Area Networks
IEEE 802.1Q Virtual Bridged Local Area Networks
IEEE 802.1s Multiple Spanning Tree Protocol
IEEE 802.1w Rapid Spanning Tree Protocol
IEEE 802.1x Port-Based Network Access Control
Information technology— Telecommunications and
information exchange between systems— Local and
IEEE 802.2
metropolitan area networks— Specific requirements
Part 2: Logical Link Control

8 IEEE and IETF Comply Tables Product Description
Standard Number Standard Topic

Carrier Sense Multiple Access with Collision Detection
IEEE 802.3 (CSMA/CD) access method and physical layer
specifications
Physical Layer Parameters and Specifications for 1000
IEEE 802.3ab Mb/s Operation Over 4 Pair of Category 5 Balanced
Copper Cabling, Type 1000BASE-T
IEEE 802.3ad Link Aggregation Control Protocol
IEEE 802.3ae 10Gb/s Ethernet
Carrier Sense Multiple Access with Collision Detection
(CSMA/CD) Access Method and Physical Layer
IEEE 802.3ah Specifications Amendment:Media Access Control
Parameters, Physical Layers, and Management
Parameters for Subscriber Access Networks
IEEE 802.3x Full Duplex and flow control
IEEE 802.3z Gigabit Ethernet
Virtual Bridged Local Area Networks— Amendment
IEEE P802.1ag 5:Connectivity
Fault Management
IEEE802.3af DTE Power via MIDI
IEEE802.3at Data Terminal Equipment (DTE) Power via the Media
Dependent Interface (MDI) Enhancements
8.2 IETF Comply Table

Table 8-2 IETF Comply Table
Standard Number Standard Topic S53-SI S53-EI
RFC 0135 Response to NWG/RFC 110 √ √

RFC 0768 User Datagram Protocol. √ √
RFC 0791 Internet Protocol √ √
RFC 0792 Internet Control Message Protocol √ √
RFC 0793 Transmission Control Protocol √ √
√ √
Window and Acknowledgement Strategy
RFC 0813 in TCP/IP
RFC 0826 Ethernet Address Resolution Protocol √ √

RFC 0854 Telnet Protocol Specification. √ √

RFC 0855 Telnet Option Specifications √ √
RFC 0857 TELNET ECHO OPTION √ √
RFC 0858 Telnet Suppress Go Ahead Option √ √
Standard for the transmission of IP
datagrams over Ethernet networks. C.
RFC 0894 Hornig. Apr-01-1984. (Format:
√ √
TXT=5697 bytes) (Also STD0041)
(Status: STANDARD)
RFC 0950 Internet Standard Subnetting Procedure √ √

RFC 0951 Bootstrap Protocol √ √
RFC 0959 File Transfer Protocol √ √
Protocol Standard for a NetBIOS Service
√ √
on a TCP/UDP Transport: Concepts and
RFC 1001 Methods
Protocol Standard for a NetBIOS Service
√ √
on a TCP/UDP Transport: Detailed
RFC 1002 Specifications
√ √
RFC 1027 Using ARP to Implement Transparent
Subnet Gateways
RFC 1034 Domain Names - Concepts and Facilities √ √

√ √
Domain Names - Implementation and
RFC 1035
Specification
√ √
RFC 1042 A Standard for the Transmission of IP
Datagrams over IEEE 802 Networks
RFC 1058 Routing Information Protocol √ √

RFC 1071 Computing the Internet Checksum √ √
RFC 1091 Telnet Terminal-Type Option √ √
RFC 1105 Border Gateway Protocol BGP × √
RFC 1112 Host extensions for IP multicasting √ √
√ √
Requirements for Internet Hosts -
RFC 1122
Communication Layers.
RFC 1131 OSPF specification × √

√ √
Incremental updating of the Internet
RFC 1141
checksum

RFC 1142 OSI IS-IS Intra-domain Routing Protocol × √

Compressing TCP/IP headers for
low-speed serial links. V. Jacobson.
RFC 1144 Feb-01-1990. (Format: TXT=120959,
√ √
PS=534729, PDF=255616 bytes) (Status:
PROPOSED STANDARD)
Structure and identification of
√ √
RFC 1155 management information for
TCP/IP-based internets
√ √
A Simple Network Management Protocol
RFC 1157
(SNMP)
RFC 1163 A Border Gateway Protocol (BGP) × √

× √
Application of the Border Gateway
RFC 1164 Protocol in the Internet
× √
Use of OSI IS-IS for Routing in TCP/IP
RFC 1195
and Dual Environments
RFC 1200 IAB official protocol standards √ √

FYI on Questions and Answers: Answers
√ √
to commonly asked "new Internet user"
RFC 1206 questions.
FYI on Questions and Answers: Answers
√ √
to commonly asked "experienced Internet
RFC 1207 user" questions
RFC 1208 Glossary of networking terms √ √

Network and infrastructure user
√ √
requirements for transatlantic research
RFC 1210 collaboration:
√ √
Problems with the maintenance of large
RFC 1211 mailing lists
RFC 1212 Concise MIB Definitions √ √

Management Information Base for
√ √
RFC 1213 Network Management of TCP/IP-based
internets: MIB-II.
√ √
Definitions of Managed Objects for Data
RFC 1214 Link Switching using SMIv2.
√ √
RFC 1215 A Convention for Defining Traps for use
with the SNMP
√ √
Gigabit network economics and paradigm
RFC 1216 shifts

RFC 1219 On the assignment of subnet numbers. √ √

RFC 1229 Extensions to the generic-interface MIB √ √
√ √
Reassignment of experimental MIBs to
RFC 1239 standard MIBs
√ √
Benchmarking terminology for network
RFC 1242 interconnection devices
RFC 1244 Site Security Handbook √ √

RFC 1245 OSPF Protocol Analysis × √
RFC 1246 Experience with the OSPF Protocol × √
RFC 1247 OSPF Version 2 × √
× √
OSPF Version 2 Management Information
RFC 1248 Base
RFC 1250 IAB Official Protocol Standards √ √

× √
RFC 1252 Base
× √
RFC 1253 Base
RFC 1256 ICMP Router Discovery Messages √ √

RFC 1265 BGP Protocol Analysis × √
RFC 1266 Experience with the BGP Protocol × √
RFC 1267 A Border Gateway Protocol 3 (BGP-3) × √
× √
× √
Definitions of Managed Objects for the
RFC 1269 Border Gateway Protocol:Version 3
RFC 1305 Network Time Protocol (Version 3)
√ √
Specification, Implementation and
Analysis
√ √
RFC 1315 Management Information Base for Frame
Relay DTEs
RFC 1321 The MD5 Message-Digest Algorithm √ √

RFC 1323 TCP Extensions for High Performance √ √
√ √
Type of Service in the Internet Protocol
RFC 1349 Suite

RFC 1350 The TFTP Protocol (Revision 2) √ √

× √
RIP Version 2 Carrying Additional
RFC 1388 Information
RFC 1389 RIP Version 2 MIB Extension × √

Default Route Advertisement in BGP2
× √
and BGP3 Version of the Border Gateway
RFC 1397 Protocol
RFC 1403 BGP OSPF Interaction × √

Classless Inter-Domain Routing (CIDR):
× √
RFC 1519 an Address Assignment and Aggregation
Strategy
√ √
DHCP Options and BOOTP Vendor
RFC 1533
Extensions Class-identifier
√ √
Interoperation Between DHCP and
RFC 1534 BOOTP
√ √
Common DNS Data File Configuration
RFC 1537 Errors
√ √
Clarifications and Extensions for the
RFC 1542
Bootstrap Protocol
√ √
RFC 1573 Evolution of the Interfaces Group of
MIB-II

RFC 1587 The OSPF NSSA Option × √
√ √
Computation of the Internet Checksum via
RFC 1624 Incremental Update
√ √
RFC 1643
Ethernet-like Interface Types
√ √
RFC 1650
Ethernet-like Interface Types using SMIv2
RFC 1654 A Border Gateway Protocol 4 (BGP-4). × √

× √
× √
BGP-4 Protocol Document Roadmap and
RFC 1656 Implementation Experience
RFC 1657 basic BGP4 MIB × √

RFC 1700 Assigned Numbers × √

RFC 1721 RIP Version 2 Protocol Analysis × √

× √
RIP Version 2 Protocol Applicability
RFC 1722
Statement
× √
RIP Version 2 Carrying Additional
RFC 1723
Information
RFC 1724 RIP Version 2 MIB Extension × √

√ √
Remote Network Monitoring Management
RFC 1757 Information Base
RFC 1765 OSPF Database Overflow × √

RFC 1772 BGP basic functions support × √
× √
Experience with the BGP-4 protocol
RFC 1773 (obsoletes RFC 1656)
RFC 1774 BGP-4 Protocol Analysis × √

RFC 1812 Requirements for IP Version 4 Routers √ √
RFC 1828 IP Authentication using Keyed MD5 √ √
× √
RFC 1850
Base
RFC 1878 Variable Length Subnet Table For IPv4 √ √

RFC 1886 DNS Extensions to Support IP version 6 √ √
√ √
RFC 1887 An Architecture for IPv6 Unicast Address
Allocation
√ √
Introduction to Community-based
RFC 1901
SNMPv2
Structure of Management Information for
√ √
Version 2 of the Simple Network
RFC 1902 Management Protocol (SNMPv2)
Structure of Management Information for
× √
Version 2 of the Simple Network
RFC 1902 Management Protocol (SNMPv2)
Textual Conventions for Version 2 of the
√ √
Simple Network Management Protocol
RFC 1903 (SNMPv2)
Conformance Statements for Version 2 of
√ √
the Simple Network Management Protocol
RFC 1904 (SNMPv2)


Protocol Operations for Version 2 of the
√ √
RFC 1905 Simple Network Management Protocol
(SNMPv2)
Transport Mappings for Version 2 of the
√ √
(SNMPv2)
√ √
RFC 1907 Version 2 of the Simple Network
Management Protocol (SNMPv2)
RFC 1910 User-based Security Model for SNMPv2 √ √

Guidelines for creation, selection, and
√ √
registration of an Autonomous System
RFC 1930 (AS)
√ √
Benchmarking Methodology for Network
RFC 1944 Interconnect Devices
× √
Autonomous System Confederations for
RFC 1965 BGP
RFC 1966 BGP Route-Reflection × √

√ √
RFC 1970 Neighbor Discovery for IP Version 6
(IPv6)
RFC 1981 Path MTU Discovery for IP version 6 × √

RFC 1997 BGP Community Attribute × √
× √
An Application of the BGP Community
RFC 1998
Attribute
√ √
SNMPv2 Management Information Base
RFC 2011
for the Internet Protocol using SMIv2
√ √
RFC 2012 for the Transmission Control Protocol
usingSMIv2
√ √
RFC 2013 for the User Datagram Protocol using
SMIv2
√ √
RFC 2021 Remote Network Monitoring Management
Information Base Version 2 using SMIv2
RFC 2080 RIPng for IPv6 √ √

RFC 2081 RIPng Protocol Applicability Statement × √
RFC 2082 RIP-2 MD5 Authentication × √

× √
HMAC: Keyed-Hashing for Message
RFC 2104
Authentication
RFC 2131 Dynamic Host Configuration Protocol. √ √

√ √
DHCP Options and BOOTP Vendor
RFC 2132
Extensions
√ √
Remote Authentication Dial In User
RFC 2138
Service (RADIUS)
RFC 2139 RADIUS Accounting √ √

√ √
General Characterization Parameters for
RFC 2215 Integrated Service Network Elements
√ √
Internet Group Management Protocol,
RFC 2236
Version 2
RFC 2246 TLS Protocol √ √

Network Ingress Filtering: Defeating
√ √
RFC 2267 Denial of Service Attacks which employ
IP Source Address Spoofing
√ √
Using a Dedicated AS for Sites Homed to
RFC 2270 a Single Provider
RFC 2273 SNMPv3 Applications √ √

User-based Security Model (USM) for
√ √
RFC 2274 version 3 of the Simple Network
View-based Access Control Model
√ √
(VACM) for the Simple Network
RFC 2275 Management Protocol (SNMP)
RFC 2283 Multiprotocol Extensions for BGP-4 × √

√ √
PPP Extensible Authentication Protocol
RFC 2284
(EAP)
√ √
Benchmarking Terminology for LAN
RFC 2285 Switching Devices
√ √
Recommendations on Queue Management
RFC 2309
and Congestion Avoidance in the Internet.

RFC 2329 OSPF Standardization Report × √
RFC 2338 Virtual Router Redundancy Protocol × √
× √
Protocol Independent Multicast-Sparse
RFC 2362
Mode (PIM-SM):Protocol Specification


RFC 2373 IP Version 6 Addressing Architecture √ √
√ √
RFC 2374 An IPv6 Aggregatable Global Unicast
Address Format
√ √
RFC 2375 An Architecture for Differentiated
Services
RFC 2385 TCP MD5 × √

√ √
A Framework for QoS-based Routing in
RFC 2386 the Internet
RFC 2411 IP Security Document Roadmap √ √

RFC 2452 MIB for TCP6 √ √
RFC 2453 RIP Version 2. √ √
√ √
RFC 2460 Internet Protocol, Version 6 (IPv6)
Specification
√ √
RFC 2461 Neighbor Discovery for IP Version 6
(IPv6)
RFC 2462 IPv6 Stateless Address Auto configuration √ √
RFC 2463 Internet Control Message Protocol
√ √
(ICMPv6) for the Internet Protocol
Version 6 (IPv6)Specification
√ √
RFC 2464 Transmission of IPv6 Packets over
Ethernet Networks
√ √
RFC 2465 Management Information Base for IP
Version
RFC 2466 MIB for ICMP6 √ √
√ √
RFC 2473 Generic Packet Tunneling in IPv6
Specification
RFC 2474 Definition of the Differentiated Services
√ √
Field (DS Field) in the IPv4 and IPv6
Headers
RFC 2475 An Architecture for Differentiated Service √ √

Textual Conventions for MIB Modules
√ √
Using Performance History Based on 15
RFC 2493 Minute Intervals
√ √
A Framework for Inter-Domain Route
RFC 2519 Aggregation
√ √
Benchmarking Methodology for Network
RFC 2544 Interconnect Devices


RFC 2545 BGP support IPV6 √ √
RFC 2547 BGP/MPLS VPNs × √
√ √
RFC 2553 Basic Socket Interface Extensions for
IPv6
Introduction to Version 3 of the
√ √
RFC 2570 Internet-standard Network Management
Framework
√ √
An Architecture for Describing SNMP
RFC 2571
Management Frameworks
Message Processing and Dispatching for
√ √
RFC 2572 the Simple Network Management Protocol
(SNMP)
RFC 2573 SNMP Applications √ √

RFC 2574 SNMPV3 √ √
View-based Access Control Model
√ √
RFC 2575 (VACM) for the Simple Network
Management Protocol (SNMP)
Coexistence between Version 1, Version
√ √
RFC 2576 2, and Version 3 of the Internet-standard
Network Management Framework
√ √
Structure of Management Information
RFC 2578
Version 2 (SMIv2)
RFC 2579 Textual conventions for SMIv2 √ √

RFC 2580 Conformance Statements for SMIv2 √ √
RFC 2581 TCP Congestion Control √ √
RFC 2597 Assured Forwarding PHB Group √ √
RFC 2598 An Expedited Forwarding PHB √ √
RFC 2618 RADIUS Authentication Client MIB √ √
RFC 2620 RADIUS Accounting Client MIB √ √
√ √
RFC 2644 Changing the Default for Directed
Broadcasts in Routers.
√ √
RFC 2665 Definitions of Managed Objects for the
Ethernet-like Interface Types
√ √
RFC 2668 Definitions of Managed Objects for IEEE
802.3 Medium Attachment Units (MAUs)


RFC 2674 Definitions of Managed Objects for
√ √
Bridges with Traffic Classes, Multicast
Filtering and Virtual LAN Extensions
RFC 2680 A One-way Packet Loss Metric for IPPM √ √

RFC 2681 A Round-trip Delay Metric for IPPM √ √
√ √
DNS extensions to Network Address
RFC 2694 Translators (DNS_ALG)
RFC 2697 A Single Rate Three Color Marker √ √
RFC 2698 A Two Rate Three Color Marker √ √
√ √
Multicast Listener Discovery (MLD) for
RFC 2710
IPv6
RFC 2716 PPP EAP-TLS Authentication Protocol √ √

RFC 2737 Entity MIB (Version 2) √ √
× √
Dynamic Hostname Exchange Mechanism
RFC 2763
for IS-IS
√ √
Stateless IP/ICMP Translation Algorithm
RFC 2765 (SIIT)
√ √
Network Address Translation protocol
RFC 2766 Translation (NAT-PT)
× √
RFC 2787
Virtual Router Redundancy Protocol
√ √
Remote Network Monitoring Management
RFC 2819
Information Base
Network Ingress Filtering: Defeating
√ √
Denial of Service Attacks which employ
RFC 2827 IP Source Address Spoofing.
RFC 2842 Capabilities Advertisement with BGP-4 × √

RFC 2863 The Interfaces Group MIB √ √
√ √
Remote Authentication Dial In User
RFC 2865
Service (RADIUS)
RFC 2866 RADIUS Accounting √ √

RFC 2869 RADIUS Extensions √ √
√ √
RFC 2893 Transition Mechanisms for IPv6 Hosts
and Routers

√ √
RFC 2895 Remote Network Monitoring MIB
Protocol Identifier Reference
RFC 2903 Generic AAA Architecture √ √

RFC 2904 AAA Authorization Framework √ √
RFC 2905 AAA Authorization Application Examples √ √
RFC 2906 AAA Authorization Requirements √ √
RFC 2918 Route Refresh Capability for BGP-4 × √
× √
Domain-wide Prefix Distribution with
RFC 2966
Two-Level IS-IS
RFC 2973 IS-IS Mesh Groups × √

√ √
RFC 2992 Analysis of an Equal-Cost Multi-Path
Algorithm
RFC 3046 DHCP Option82 √ √

√ √
RFC 3056 Connection of IPv6 Domains via IPv4
Clouds
Definition of Differentiated Services Per
√ √
Domain Behaviors and Rules for their
RFC 3086 Specification
RFC 3101 The OSPF NSA Option × √

RFC 3164 The BSD Syslog Protocol √ √
√ √
The Addition of Explicit Congestion
RFC 3168
Notification (ECN) to IP
RFC 3201 Circuit to Interface MIB √ √

√ √
An Expedited Forwarding PHB (Per-Hop
RFC 3246 Behavior)
√ √
A Delay Bound alternative revision of
RFC 3248 RFC 2598
√ √
New Terminology and Clarifications for
RFC 3260 Diffserv
RFC 3277 IS-IS Transient Blackhole Avoidance × √

√ √
An Informal Management Model for
RFC 3290 Diffserv Routers
Reserved Type, Length and Value (TLV)
× √
RFC 3359 Codepoints in Intermediate System to
Intermediate System

× √
Three-Way Handshake for IS-IS
RFC 3373
Point-to-Point Adjacencies
× √
Internet Group Management Protocol,
RFC 3376
Version 3
RFC 3392 Support BGP capabliteis advertisement × √

An Architecture for Describing Simple
√ √
Network Management Protocol (SNMP)
RFC 3411 management frameworks
Message processing and dispatching for
√ √
(SNMP)
√ √
Simple Network Management Protocol
RFC 3413
(SNMP) Applications
User-based Security Model (USM) for
√ √
RFC 3414 version 3 of the Simple Network
View-based Access control model
√ √
RFC 3415 (VACM) for the Simple Network
Management Protocol (SNMP)
Version 2 of The Protocol Operations for
√ √
(SNMP)
√ √
Transport Mappings for the Simple
RFC 3417
Network Management Protocol (SNMP)
Management Information Base (MIB) for
√ √
(SNMP)
Anycast Rendevous Point (RP)
mechanism using Protocol Independent
RFC 3446
× √
Multicast (PIM) and Multicast Source
Discovery Protocol (MSDP)
√ √
RFC 3493 Basic Socket Interface Extensions for
IPv6
Configuring Networks and Devices with
√ √
(SNMP).
× √
Internet Protocol Version 6 (IPv6)
RFC 3513
Addresing Architecture
√ √
Overview of the 2002 IAB Network
RFC 3535 Management Workshop.
RFC 3542 Advanced Sockets API for IPv6 √ √

IANA Considerations for RADIUS
√ √
(Remote Authentication Dial In User
RFC 3575 Service)
Dynamic Authorization Extensions to
√ √
RFC 3576 Remote Authentication Dial In User
Service (RADIUS)
√ √
Introduction to the Remote Monitoring
RFC 3577 (RMON) Family of MIB Modules
√ √
An Aggregatable Global Unicast Address
RFC 3587 Format
× √
Source Addres Selection for Multicast
RFC 3590
Listener Discovery Protocol
Textual Conventions for MIB Modules
√ √
RFC 3593 Using Performance History Based on 15
Minute Intervals
× √
Multicast Source Discovery Protocol
RFC 3618
(MSDP)
√ √
RFC 3635 Ethernet-like Interface Types
√ √
Definitions of Managed Objects for IEEE
RFC 3636 802.3 Medium Attachment Units (MAUs).
× √
Recommendations for Interoperable
RFC 3719
Networks using IS-IS
IANA Guidelines for the Registry of
√ √
Remote Monitoring (RMON) MIB
RFC 3737 modules
RFC 3748 Extensible Authentication Protocol (EAP) √ √
× √
Virtual Router Redundancy Protocol
RFC 3768 (VRRP)
RFC 3784 IS-IS extensions for Traffic Engineering × √

× √
Extending the Number of IS-IS LSP
RFC 3786
Fragments Beyond the 256 Limit
× √
Recommendations for Interoperable IP
RFC 3787
Networks using IS-IS
Multiprotocol Label Switching (MPLS)
√ √
Traffic Engineering (TE) Management
RFC 3812 Information Base (MIB)
RFC 3847 Restart signaling for IS-IS × √

× √
Embedding the Rendezvous Point (RP)
RFC 3956 Address in an IPv6 Multicast Address
Protocol Independent Multicast - Dense
× √
RFC 3973 Mode (PIM-DM): Protocol Specification
(Revised)
√ √
RFC 4001 Textual Conventions for Internet Network
Addresses
A Differentiated Service Two-Rate,
√ √
Three-Color Marker with Efficient
RFC 4115 Handling of in-Profile Traffic
RFC 4223 Reclassification of RFC 1863 to Historic √ √

RFC 4274 BGP-4 Protocol Analysis × √
RFC 4276 BGP 4 Implementation Report × √
RFC 4277 Experience with the BGP-4 Protocol × √
RFC 4292 IP Forwarding Table MIB √ √
√ √
Security Architecture for the Internet
RFC 4301 Protocol
√ √
Bridges with Traffic Classes, Multicast
Filtering, and Virtual LAN Extensions
RFC 4364 BGP/MPLS IP Virtual Private Networks × √

MPLS/BGP Layer 3 Virtual Private
× √
Network (VPN) Management nformation
RFC 4382 Base
× √
Intermediate System to Intermediate
RFC 4444 System (IS-IS)
× √
BGP Route Reflection: An Alternative to
RFC 4456 Full Mesh Internal BGP (IBGP)
Considerations for Internet Group
Management Protocol (IGMP) and
RFC 4541
√ √
Multicast Listener Discovery (MLD)
Snooping Switches
√ √
Remote Ping, Traceroute, and Lookup
Operations
RFC 4562 MAC-Forced Forwarding √ √


Protocol Independent Multicast - Sparse
× √
RFC 4601 Mode (PIM-SM): Protocol Specification
(Revised)
RFC 4607 Source-Specific Multicast for IP × √

× √
Connecting IPv6 Islands over IPv4 MPLS
RFC 4798 using IPv6 Provider Edge Routers (6PE)
× √
RFC 4905 Encapsulation Methods for Transport of
Layer 2 Frames over MPLS Networks
× √
Autonomous System Confederations for
RFC 5065 BGP
√ √
Deprecation of Type 0 Routing Headers in
RFC 5095 IPv6
RFC 5187 OSPFv3 Graceful Restart × √

RFC 5340 OSPF for IPv6 × √
× √
Textual Representation of Autonomous
RFC 5396 System (AS) Numbers
RFC 5492 Capabilities Advertisement with BGP-4 × √

× √
4-Octet AS Specific BGP Extended
RFC 5668 Community
draft-grant-tacacs-02 TACACS ＋ √ √
× √
draft-holbrook-idmr-i Using IGMPv3 and MLDv2 For
gmpv3-ssm-08.txt Source-Specific Multicast
draft-ietf-bfd-base-05 Bidirectional Forwarding Detection × √

× √
draft-ietf-bfd-generic- Generic Application of BFD
02
× √
03
× √
04
× √
05
× √
draft-ietf-bfd-multiho
BFD for Multihop Paths
p-06
× √
draft-ietf-bfd-multiho BFD for Multihop Paths
p-07

× √
draft-ietf-bfd-multiho BFD for Multihop Paths
p-08
× √
draft-ietf-bfd-v4v6-1h
BFD for IPv4 and IPv6 (Single Hop)
op-04
× √
draft-ietf-bfd-v4v6-1h
BFD for IPv4 and IPv6 (Single Hop)
op-05
× √
draft-ietf-bfd-v4v6-1h BFD for IPv4 and IPv6 (Single Hop)
op-07
× √
op-08
× √
op-09
× √
op-10
× √
draft-ietf-isis-wg-mib-
Management Information Base for IS-IS
20
× √
draft-ietf-isis-wg-mult M-ISIS: Multi Topology (MT) Routing in
i-topology-11.txt IS-IS
√ √
draft-ietf-magma- Considerations for IGMP and MLD
snoop-11 Snooping Switches
draft-ietf-magma-snoo Considerations for Internet Group
p-12.txt Management Protocol (IGMP)and
√ √
Multicast Listener Discovery (MLD)
Snooping Switches
√ √
draft-ietf-ngtrans-isata Intra-Site Automatic Tunnel Addressing
p-20.txt Protocol(ISATAP)
draft-ietf-ospf-lls-00 OSPF Link-local Signaling × √

× √
draft-ietf-ospf-oob-res OSPF Out-of-band LSDB
ync-01 resynchronization
× √
draft-ietf-ospf-restart-
OSPF Restart Signaling
01
× √
draft-ietf-pim-dm-new Protocol Independent Multicast - Dense
-v2-02.txt Mode (PIM-DM)
× √
draft-ietf-pim-ipv6-03 Protocol Independent Multicast Routing
in the Internet Protocol Version 6 (IPv6)
× √
draft-ietf-pim-sm-bsr- Bootstrap Router (BSR) Mechanism for
09.txt PIM Sparse Mode
× √
draft-ietf-pim-sm-v2- Protocol Independent Multicast - Sparse
new-12.txt Mode (PIM-SM) .

× √
draft-ietf-pim-v2-dm- Protocol Independent Multicast Version 2
03 Dense Mode Specification
draft-ietf-ssm-arch-01 Source-Specific Multicast for IP × √
draft-ietf-ssm-arch-02 Source-Specific Multicast for IP × √
× √
draft-ietf-ssm-overvie Source-Specific Multicast for IP
w-04
× √
draft-ietf-ssm-overvie An Overview of Source-Specific Multicast
w-05 (SSM)
× √
draft-ietf-ssm-overvie
Source-Specific Multicast for IP
w-xx
√ √
draft-irtf-secsh-filexfe
r-14.txt SFTP
× √
draft-rosen-vpn-mcast Multicast in MPLS/BGP VPNs
-08
× √
draft-rosen-vpn-mcast
Multicast in MPLS/BGP VPNs, Option 2
-08.txt
√ √
draft-tcpm-tcpsecure-
00.txt
√ √
draft-ylonen-ssh-proto
SSH protocol
col-00
DSL Evolution – Architecture
√ √
DSL Forum Requirements for the Support of
QoS-Enabled IP Services
√ √
Chuck Forsberg, "XMODEM/YMODEM
Xmodem
Protocol Reference"


S5300V1R5C03 Product Description PDF

Uploaded by

Copyright:

Available Formats

S5300V1R5C03 Product Description PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

S5300V1R5C03 Product Description PDF

Uploaded by

Copyright:

Available Formats

Quidway S5300 Series Ethernet Switches

HUAWEI TECHNOLOGIES CO., LTD.

Trademarks and Permissions

Huawei Technologies Co., Ltd.

Huawei Proprietary and Confidential

About This Document

Indicates a hazard with a medium or low level of risk,

Issue 01 (2010-10-21) Huawei Proprietary and Confidential iii

Boldface The keywords of a command line are in boldface.

Updates in Issue 01 (2010-10-21)

iv Huawei Proprietary and Confidential Issue 01 (2010-10-21)

About This Document ................................................................................................................... iii

2 Product Architecture ..................................................................................................................2-1

3 Link Features ...............................................................................................................................3-1

Issue 01 (2010-10-21) Huawei Proprietary and Confidential v

3.2.2 MSTP ................................................................................................................................................... 3-5

4 Service Features ..........................................................................................................................4-1

vi Huawei Proprietary and Confidential Issue 01 (2010-10-21)

4.9.1 MSTP Protective Switchover ............................................................................................................. 4-11

5 Networking and Applications .................................................................................................5-1

6 Maintenance and Network Management System ...............................................................6-1

7 System Technical Specifications .............................................................................................7-1

8 IEEE and IETF Comply Tables ................................................................................................8-1

Issue 01 (2010-10-21) Huawei Proprietary and Confidential vii

Figure 2-1 Appearance of the S5328C-EI-24S ................................................................................................... 2-2

Figure 2-2 Appearances of the S5328C-EI ......................................................................................................... 2-2

Figure 2-3 Appearances of the S5328C-PWR-EI ............................................................................................... 2-2

Figure 2-5 Appearances of the S5328C-PWR-SI ............................................................................................... 2-3

Figure 2-6 Appearances of the S5352C-EI ......................................................................................................... 2-3

Figure 2-8 Appearances of the S5352C-SI ......................................................................................................... 2-4

Figure 2-9 Appearances of the S5352C-PWR-SI ............................................................................................... 2-4

Figure 2-11 Front view of the S5348TP-SI ........................................................................................................ 2-5

Figure 2-12 Back view of the S5348TP-PWR-SI............................................................................................... 2-5

Figure 2-14 Appearance of the S5348TP-PWR-SI ............................................................................................. 2-6

Figure 5-1 Application of the S5300 in a MAN ................................................................................................. 5-2

Figure 5-4 Selective QinQ provided by the S5300 ............................................................................................. 5-5

Figure 5-5 Application of the S5300 in IPTV services ....................................................................................... 5-6

Figure 5-7 Partitioned STP supported by the S5300 .......................................................................................... 5-8

Figure 5-8 Cluster management provided by the S5300 .................................................................................... 5-9

Issue 01 (2010-10-21) Huawei Proprietary and Confidential ix

Table 7-1 Physical specifications........................................................................................................................ 7-1

Table 7-2 Attributes of the ESFP (GE) optical module....................................................................................... 7-3

Table 7-6 System configuration .......................................................................................................................... 7-5

Issue 01 (2010-10-21) Huawei Proprietary and Confidential xi

1 Product Positioning and Characteristics

About This Chapter

1.1 Product Positioning

1.2 Product Characteristics

Issue 01 (2010-10-21) Huawei Proprietary and Confidential 1-1

1.2.10 Convenient PoE Power Supply

1.2.1 Carrier-Class Maintainability

1.2.2 Powerful Multi-service Access Capabilities

1.2.3 Flexible Networking Capability

1-2 Huawei Proprietary and Confidential Issue 01 (2010-10-21)

1.2.4 Network-Level QoS Guarantee

1.2.5 High Extensibility

1.2.6 Comprehensive Security Measures

1.2.7 Convenient Operation and Maintenance

Issue 01 (2010-10-21) Huawei Proprietary and Confidential 1-3