ZXR108900E - Liberty Port - IT and Telecommunications SeriesCoreSwitch Product Description Version:3.01.01 ZTECORPORATION No.55,Hi-techRoadSouth,ShenZhen,P.R.China Postcode:518057

ZXR10 8900ESeries Core Switch

Product Description

Version: 3.01.01

ZTE CORPORATIONNo. 55, Hi-tech Road South, ShenZhen, P.R.ChinaPostcode: 518057Tel: +86-755-26771900Fax: +86-755-26770801URL: http://ensupport.zte.com.cnE-mail: [email protected]

LEGAL INFORMATIONCopyright © 2013 ZTE CORPORATION.

The contents of this document are protected by copyright laws and international treaties. Any reproduction or

distribution of this document or any portion of this document, in any form by any means, without the prior written

consent of ZTE CORPORATION is prohibited. Additionally, the contents of this document are protected by

contractual confidentiality obligations.

All company, brand and product names are trade or service marks, or registered trade or service marks, of ZTE

CORPORATION or of their respective owners.

This document is provided “as is”, and all express, implied, or statutory warranties, representations or conditions

are disclaimed, including without limitation any implied warranty of merchantability, fitness for a particular purpose,

title or non-infringement. ZTE CORPORATION and its licensors shall not be liable for damages resulting from the

use of or reliance on the information contained herein.

ZTE CORPORATION or its licensors may have current or pending intellectual property rights or applications

covering the subject matter of this document. Except as expressly provided in any written license between ZTE

CORPORATION and its licensee, the user of this document shall not acquire any license to the subject matter

herein.

ZTE CORPORATION reserves the right to upgrade or make technical change to this product without further notice.

Users may visit ZTE technical support website http://ensupport.zte.com.cn to inquire related information.

The ultimate right to interpret this product resides in ZTE CORPORATION.

Revision History

Revision No. Revision Date Revision Reason

R1.0 2013-06-24 First edition

Serial Number: SJ-20121213142710-002

Publishing Date: 2013-6-24 (R1.0)

SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential

ContentsAbout This Manual ......................................................................................... I

Chapter 1 Product Positioning and Characteristics ............................... 1-11.1 Product Positioning ............................................................................................ 1-1

1.2 Product Characteristics....................................................................................... 1-2

Chapter 2 Functions and Features ........................................................... 2-12.1 L2 Functions ...................................................................................................... 2-1

2.1.1 Basic Ethernet Functions .......................................................................... 2-1

2.1.2 VLAN Functions ....................................................................................... 2-2

2.1.3 Link Aggregation ...................................................................................... 2-4

2.1.4 L2 Multicast ............................................................................................. 2-5

2.2 L3 Functions ...................................................................................................... 2-5

2.3 MPLS and VPN Functions .................................................................................. 2-8

2.4 QoS ................................................................................................................ 2-10

2.5 Clock Synchronization ...................................................................................... 2-12

2.6 Protection for Reliability .................................................................................... 2-13

2.7 Security and Authentication............................................................................... 2-16

2.8 Network Traffic Analysis.................................................................................... 2-19

Chapter 3 Product Structure ..................................................................... 3-13.1 Product Overview............................................................................................... 3-1

3.2 Hardware Structure ............................................................................................ 3-4

3.3 Supported Boards .............................................................................................. 3-6

3.4 Software Structure.............................................................................................. 3-9

Chapter 4 Technical Specifications .......................................................... 4-1

Chapter 5 Networking Applications.......................................................... 5-15.1 Application in an Metro Ethernet Network............................................................. 5-1

5.2 Application in a Data Center................................................................................ 5-2

5.3 Application in Ethernet Layer 2 Convergence ....................................................... 5-3

5.4 Application in an Enterprise Network ................................................................... 5-4

5.5 Application in FTTx............................................................................................. 5-5

5.6 Application in a Core Network Bearer .................................................................. 5-6

5.7 Application in IP RAN ......................................................................................... 5-7

Chapter 6 Operation and Maintenance..................................................... 6-1

I


6.1 NetNumen U31 Unified Network Management Platform ........................................ 6-1

6.2 Maintenance and Management ........................................................................... 6-2

Chapter 7 Protocol and Standard Compliance........................................ 7-1

Figures............................................................................................................. I

Tables ............................................................................................................ III

Glossary .........................................................................................................V

II


About This ManualPurposeThis manual describes the positioning, characteristics, functions and features,architecture, network application, operation and maintenance, technical specifications,and complied protocols and standards of the ZXR10 8900E series products.

Intended AudienceThis manual is intended for network planning engineers.

What Is in This ManualThis manual contains the following chapters:

Chapter Summary

1, Product Positioning and

Characteristics

Describes the positioning and characteristics of the ZXR10 8900E series

products.

2, Functions and FeaturesDescribes the major functions and features supported by the ZXR10

8900E.

3, Product StructureDescribes the appearance, hardware structure, supported boards, and

software structure of the ZXR10 8900E.

4, Technical SpecificationsDescribes the basic specifications, interface specifications, and system

functions and features of the ZXR10 8900E.

5, Networking ApplicationsDescribes typical application of the ZXR10 8900E in actual networking

solutions.

6, Operation and Mainte-

nance

Describes the management and maintenance of the NetNumen U31 uni-

fied network management platform and the ZXR10 8900E.

I


II


Chapter 1Product Positioning andCharacteristicsTable of Contents

Product Positioning ....................................................................................................1-1Product Characteristics ..............................................................................................1-2

1.1 Product PositioningThe ZXR10 8900E series core switches are new-generation, enhanced core switches.These switches provide extra large system capacity, high-density ports, and powerfulservice features to satisfy core equipment requirements of MAN, data center, campus,and enterprise network environments.

The ZXR10 8900E, designed as a user-oriented, large-capacity, and distributed system,provides high-density GE, 10 GE, and 40 GE/100 GE port solutions. The ZXR10 8900Euses energy-efficient components and uses an intelligent mechanism for managing fans,power supply, and physical ports to solve capacity expansion problems for users. TheZXR10 8900E provides high convergence with low costs, reduces the investment fee peruser, saves space occupied by devices, and lowers power consumption.

The ZXR10 8900E helps users to build highly-efficient, intelligent, and reliable networks,and reduces maintenance and duplicate investment costs by improving network reliabilityand stability. The ZXR10 8900E performs the following functions:

l Provides comprehensive security protection to guarantee network core security.l Provides multi-level QoS to guarantee end-to-end service experience and improve

network quality.l Provides reliable protection for users from device, link, to network levels by

independent monitoring platform, reconfigurable software, and various switchovertechnologies.

l Supports multi-service bearer and the IPv6 technology to provide IPTV solutions,fulfilling the need of integrated data and voice bearer and various networks.

The ZXR10 8900E series products include ZXR10 8912E, ZXR10 8908E, ZXR10 8905E,and ZXR10 8902E, which respectively provide 12, 8, 5, and 2 service slots and supporta variety of high-density interface boards and service functions. For their overview, seeFigure 1-1.

1-1


ZXR10 8900E Product Description

Figure 1-1 ZXR10 8900E Series Products

1.2 Product CharacteristicsMulti-scenario and All-service IdeasThe ZXR10 8900E provides all-service support, satisfying hierarchical andmultidimensional requirements of users and covering network hotspots and mainstreamscenarios such as Metro E, IPTV bearer, FTTX ultra wide band (UWB) convergence,IP-based 2G/3G/LTE Backhaul bearer (IP RAN), FMC network convergence, data center,and campus network. The specific characteristics include:

l A variety of VPN technologies, enhanced functions such as MPLS L3 VPN and VPLS,MPLS-TE, and multi-service bearer capability

l Rich QoS capabilities to support VPN QoS and provide differentiated services fordifferent application

l Layer-2 and layer-3 multicast protocols to provide high-rate multicast duplicationcapability and leading IPTV solutions to satisfy the requirements for large-capacityIPTV subscriber access and high-performance IP multicast video application

l SynE and 1588v2, Bits and GPS clock interfaces, and four types of clock sourceto implement frequency synchronization, providing perfect clock synchronizationand transmission solutions to radio access networks (RANs) and industry dedicateddevices (such as power supply) and achieving an all-IP-based mobile bearer networkand fix-mobile convergence (FMC) for all-service operators

l Distributed IPv6 to implement ASIC-based full wire-speed IPv6 forwarding, a varietyof IPv4/v6 transition technologies, and IPv6 multicast and application management,protecting profits of customers and adapting to network service developmentrequirements

l Hierarchical intelligent operation and maintenance, and graphical networkmanagement system, allowing users to easily perform multi-service deployment andmanagement

1-2


Chapter 1 Product Positioning and Characteristics

40G/100G Port for a High-speed EraGiving full consideration to future network requirements, the ZXR10 8900E builds anext-generation network core by extra large capacity and high performance. Thus, ithelps mobile operators to meet mass traffic requirements, broadband operators to fulfillincreasing P2P and video demands, and enterprises to deal with intensive traffic by usingcloud computing, and finally provides Tbit/s ultra-high-speed networks. The specificcharacteristics include:

l A new switching network architecture that provides the largest single-slot switchingcapacity and whole-NE switching capacity in the industry

l Up to 96 40GE ports and or 576 10GE ports for a whole NEl Smooth upgrade of 100GE ports to fully protect investors' benefit

Multidimensional Security Model, Reinforcing the Network CoreThe ZXR10 8900E, focusing on the network core, provides a five-start network serviceguarantee through a 5-level model covering safe architecture, safe control, safe operatingsystem, safe computing, and safe services.

l Safe architecture

Supports hot backup for the control and forwarding engine, quick active/standbyswitchover, redundant backup and intelligent check, control and alarm for powersupply, fan, and clock modules, and hot-swapping for all components.

l Safe control

Provides high system stability by isolating control, monitoring, and forwarding.

l Safe operating system

Uses ZTE's new-generation multi-process software platform ZXROS, which providesthe most advanced software architecture reliability in the industry to implementfunction modularization, intelligent and dynamic loading, parallel processing, flexibleexpansion of new functions, and process-based intelligent dormancy that guaranteesservice upgrade without interruption.

l Safe computing

Provides multi-thread parallel high-performance computing based on multiple CPUsto guarantee seamless connection on different planes.

l Safe services

Supports a variety of reliability technologies and equipment-level to network-levelprotective switching technologies, and guarantees smooth operation of all servicesby the industry-leading OAM capability and security protection functions.

Low Carbon and Energy EfficientZTE is always committed to the R&D and application of "environment-friendly data"products and solutions, and insists on sustainable development and environment

1-3



efficiency. Based on product lifecycle considerations, ZTE makes all efforts to reduce itsproducts' influence on the environment. The specific characteristics include:

l 40nm highly-integrated chips, proper PCB layout, optimized heat dissipation designfor a single board or the whole cabinet, and highly-efficient power switch to guaranteean energy-efficient high-performance system.

l Intelligent power consumption control system: The power consumption control mod-ule of the operating system supports dynamic port power saving, intelligent line cardstartup, power supply, process dormancy, and service adjustment, 5-level fan speedadjustment, and fan sector control to achieve the maximum balance for the perform-ance-to-consumption ratio.

l Harmless material purchase, green certification for the production process,renewable, biodegradable, and environment-friendly packaging and shippingmaterial, in compliance with domestic and international RoHS standards and theconcept of "green earth, care nature".

l Reconstructable operating system architecture and ideal remote management tools,which greatly improve installation, debugging, operation and maintenance efficiency,increase the remote maintenance ratio, reduce OPEX, and lower attendance andenvironment costs.

1-4


Chapter 2Functions and FeaturesTable of Contents

L2 Functions ..............................................................................................................2-1L3 Functions ..............................................................................................................2-5MPLS and VPN Functions..........................................................................................2-8QoS .........................................................................................................................2-10Clock Synchronization..............................................................................................2-12Protection for Reliability............................................................................................2-13Security and Authentication......................................................................................2-16Network Traffic Analysis ...........................................................................................2-19

2.1 L2 Functions

2.1.1 Basic Ethernet Functions

MAC Address ManagementThe ZXR10 8900E provides the basic functions of maintenance MAC address learningand synchronization, and implements the following management functions:

l MAC address bindingl MAC address filteringl MAC address number restrictionl MAC address permanencel MAC address multi-view display

Port MirroringThe port mirroring function automatically duplicates traffic from one port to another port,so that a network administrator can analyze the traffic in real time when solving networkproblems. Port mirroring provides a monitoring approach for the network administrator.For the ZXR10 8900E, any port can be configured as a mirrored port. The supportedmirroring types include:

l Mirroring between ports of different ratesl Many-to-one port mirroringl One-to-many port mirroringl Many-to-many port mirroringl Inter-line-card port mirroring, supporting simultaneous mirroring of multiple mirroring

groups

2-1



l RSPAN, ERSPAN, and other remote port mirroringl Stream-based mirroring

Port Security ProtectionThe ZXR10 8900E supports the following port security protection functions:

l Port traffic control, broadcast storm suppression, jumbo restriction, rate negotiation foreffective data traffic control on a port, which prevents network congestion and ensuresnormal network service operation.

l Line diagnosis, analysis, and testing, which checks whether lines or links are normaland accurately locates line-specific faults, making network management and faultlocating more easy.

l Loop detection for some or all ports (no detection by default), which checks forthe loops of the subscribers or switches connected to these ports, so that switchbroadcast storms and other abnormal situations can be avoided and the influencecan be constrained to the specific ports.

l VLAN-based loop detection not only for the VLAN where the PVID of a port islocated, but also for a VLAN specified by the subscriber on a port, which supportsloop detection on up to eight VLANs at the same time.

2.1.2 VLAN FunctionsThe ZXR10 8900E supports 802.1Q VLANs. For an untagged packet, the ZXR10 8900Esupports adding a subnet-based, protocol-based, or port-based VLAN tag to fulfill richVLAN functions.

In the 802.1Q VLAN protocol, a VLAN ID is represented by a 12-bit numeral. As aresult, the number of VLANs is limited to 4096 and cannot satisfy actual applicationrequirements. The ZXR10 8900E expands VLAN in four aspects including QinQ, PVLAN,VLAN translation, and layer-3 related super VLAN.

QinQQinQ allows multiple VLAN tags in an Ethernet frame. A subscriber's private networkVLAN tag is encapsulated into a public network VLAN tag, and then the double-taggedframe goes through the backbone network, providing a simple 2-layer VPN tunnel for thesubscriber. The ZXR10 8900E implements static configuration for QinQ. QinQ involvestwo VLAN types:

l Service VLAN (SVLAN)l Customers VLAN (CVLAN)

The ZXR10 8900E supports traditional SVLAN configuration and VFP-based SVLANconfiguration. The latter can implement traffic-type-based tagging.

2-2


Chapter 2 Functions and Features

PVLANAll the servers are in the same subnet and can communicate only with their own gateway.This is called private VLAN (PVLAN).

A PVLAN effectively guarantees data communication security for an access network byconnecting all subscribers to a default gateway and isolating them from each other. Portsin the same VLAN cannot communicate with each, but they can traverse the trunk port.Thus, subscribers in the same VLAN are not affected by broadcast packets.

A PVLAN does not need protocol packet support, and can be implemented on the ZXR108900E by static configuration.

VLAN TranslationVLAN translation is an extended VLAN function. If a switch port is enabled with VLANtranslation, it is required that incoming data packets received on this port must be taggedpackets. VLAN translation uses "port number + vid in the tagged packet" as an index tolook up the MAC-VLAN table to obtain a new vid. Then, the packet is switched in the newVLAN. Thus, VLAN-to-VLAN translation is implemented.

VLAN translation is implemented on the ZXR10 8900E by static configuration. Besidesbasic single-tag conversion, the ZXR10 8900E can also implement the following functionsby combining VLAN translation and SVLAN:

l When a single-layer frame is received, add an outer tag according to policies. Mappingpolicies or 1-to-1 mapping can be configured.

l When a single-layer frame is received, modify the inner tag and add an outer tagaccording to policies. Mapping policies or 1-to-1 mapping can be configured.

l When a double-layer frame is received, delete the outer tag according to policies.l When a double-layer frame is received, delete the outer tag and modify the inner tag

according to policies. Mapping policies or 1-to-1 mapping can be configured.l When a double-layer frame is received, modify the outer tag according to policies.

Mapping policies or 1-to-1 mapping can be configured.l When a double-layer frame is received, modify the inner tag according to policies.

Mapping policies or 1-to-1 mapping can be configured.l When a double-layer frame is received, modify the inner and outer tags according to

policies. Mapping policies or 1-to-1 mapping can be configured.

Super VLANVLAN aggregation divides VLANs into super VLANs and sub VLANs. Multiple VLANs(called sub VLANs) are aggregated into one super VLAN, and all use the IP subnet anddefault gateway IP address of the super VLAN. The ZXR10 8900E can specify a specificsub VLAN to send ARP packets or VRRP heartbeat packets. In addition, the ZXR10 8900Esupports binding BFD to a specific super VLAN interface.

2-3



2.1.3 Link AggregationLink aggregation means that physical links of the same type of transmission media andthe same transmission rate are bound together to obtain a logical link. Link aggregationincreases bandwidth and achieves traffic load sharing.

The ZXR10 8900E supports the aggregation of static and dynamic links for FE, GE, and10 GE ports, as well as inter-line-card and inter-device link aggregation. Links aggregatedon the ZXR10 8900E to obtain a logical port called smartgroup, which can be used as acommon port.

Static AggregationStatic port trunking allows multiple physical ports to be manually added to a trunk group toobtain a logical port. However, when using this aggregation method, users cannot easilyobserve the statuses of the aggregate ports.

When configuring link aggregation on the ZXR10 8900E, comply with the followingprinciples, which are also applicable to LACP:

l Up to 128 trunk groups can be configured, each of which contains up to 8 memberports.

l A member port can be in access, trunk, or hybrid mode, and all the member portsmust be in the same mode.

l Inter-interface-board aggregation is supported . Member ports can be distributed onany interface board, but selected ports must be in full-duplex mode at the same rate.

LACPThe Link Aggregation Control Protocol (LACP) complies with the IEEE 802.3ad standard.The LACP allows multiple physical ports to be aggregated into a trunk group to obtain alogical port called smartgroup. The LACP automatically performs aggregation to achievethe maximum bandwidth. LACP aggregation is divided into static aggregation anddynamic aggregation. The former is configured manually, while the latter is performed bydynamically adding ports to an aggregate group through related protocols.

The ZXR10 8900E supports smartgroup configuration. Load sharing can be implementedby the following means, which are also applicable to static aggregation:

l By source MAC address, VLAN, Ethertype, and incoming portl By destination MAC address, VLAN, Ethertype, and incoming portl By source and destination MAC addresses, VLAN, Ethertype, and incoming portl By source IP address and source TCP or UDP port numberl By destination IP address and destination TCP or UDP port numberl By source and destination IP addresses and source and destination TCP or UDP port

numbers

2-4



MC-LAGBesides intra-line-card and inter-line-card link aggregation, the ZXR10 8900E alsosupports Multi-Chassis Link Aggregation Group (MC-LAG) and the Spanning TreeProtocol (STP).

2.1.4 L2 MulticastThe ZXR10 8900E can implement layer-2 multicast and dynamically maintain a multicastgroup that users dynamically join and leave.

IGMP SnoopingBased on the layer-2 multicast technology, the ZXR10 8900E supports the IGMP snoopingtechnology to effectively manage multicast group members, suppress multicast flooding ina layer-2 network, and prevent unauthorized users from receiving multicast traffic.

If IGMP snooping is enabled on the ZXR10 8900E, multicast packets are multicast tospecific ports on layer 2. If IGMP snooping is not enabled, multicast packets are broadcastto all ports on layer 2. The ZXR10 8900E also supports MLDv1/v2-based MLD snoopingto implement smooth IPv4-to-IPv6 evolution.

IGMP ProxyThe ZXR10 8900E also supports the IGMP proxy function. Unlike IGMP snooping, whichobtains multicast information by listening to IGMP traffic, the IGMP proxy mechanismblocks and processes the IGMP requests from terminal users, and forwards them to anupper-layer router.

2.2 L3 FunctionsIPv4 Routing ProtocolsRIP

The Routing Information Protocol (RIP) is a distance-vector routing protocol based on thelocal network. The RIP uses UDP packets to exchange RIP routing information. A protocolpacket to be transported is encapsulated into a UDP packet. The routing information in aRIP packet contains the number of hops in a path from the source to a destination. Eachhop determines the route to the destination by the hop count. RFC has a limit on the hopcount. The maximum hop count is 15. Therefore, the RIP is applied to internal gatewaysin small-size autonomous systems.

On the ZXR10 8900E, the RIP has the following main functions:

l Sends and receives RIP packets according to the protocol, checks the correctness ofthe packets, and performs certain identity verifications.

l Supports RIPV1/V2, plain text and MD5 authentication, and route redistribution.

2-5



l Uses split horizon and trigger update mechanisms to prevent routing loops andshorten route convergence time.

l Supports protocol debugging.

OSPF

The Open Shortest Path First (OSPF) is an Interior Gateway Protocol (IGP) developed bythe IETF. TheOSPF uses a link state routing and Shortest Path First (SPF) algorithms. TheOSPF is loop-free, which is of great significance for mesh networks or LANs connectedthrough multiple bridges. Each OSPF router maintains an identical database describingthe Autonomous System (AS)'s topology. The database is composed of each router'spartial state information, such as the router's available interfaces, neighbors, connectednetworks, and external routing information of the AS.

On the ZXR10 8900E, the OSPF has the following main functions:

l Employs a hierarchical network topology that is applicable to large interconnectionnetworks.

l Uses the dynamic routing algorithm Dijkstra to automatically and quickly trace networktopology changes.

l Supports display and configuration commands from the primary console,SNMP-related command, display, and MIB variables.

l Supports routing protocol packet authentication, including simple passwordauthentication and MD5 authentication, to prevent routing protocol packets frombeing illegally modified.

l Uses retransmission and confirmation mechanisms to guarantee the reliability oflink-state synchronization.

l Supports a variety of distance metric solutions, such as physical distance, delay, andthroughput.

l Supports stub area and NSSA functionsl Supports Area Border Routers (ABRs) and Autonomous System Border Routers

(ASBRs).l Supports classless routing and route aggregation.l Controls route re-distribution and filtering by a route map.

IS-IS

The Intermediate System-to-Intermediate System (IS-IS) intra-domain routing protocolrepresents the OSI model for L3 switches. It can be applied to TCP/IP-based IP networks.The IS-IS protocol is easy to extend for other protocols mainly IPv6. The IS-IS systemis divided into two layers: the backbone (L2) and areas (L1). An L3 switches can onlybelong to one area. Ll switches know only topology of their own area. All the traffic toother areas is sent through the closest L2 switch. L2 switches compose the backbone,which is similar to the backbone area 0 in OSPF.

On the ZXR10 8900E, the IS-IS has the following main functions:

l Supports L1/L2 address aggregation.l Supports L1/L2 hierarchical routing and the ATT bit.l Supports the three area addresses and smooth area address migration.

2-6



l Supports load balancing for the same destination.l Supports plain-text authentication for an interface or area.

BGP

The Border Gateway Protocol (BGP) is an exterior gateway protocol. Its basic function isto exchange loop-free routing information between multiple autonomous systems. Theinformation exchanged by the BGP carries rich attributes, which help to construct thetopology of ASs and implement AS-based routing policies. The routing information withAS IDs can also help eliminate routing loops.

On the ZXR10 8900E, the BGP has the following main functions:

l Applied to mass network application and backbone networks.l Supports eBGP and IBGP.l Supports the eBGP multi-hop technology.l Supports the community and route reflector attributes.l Supports AS alliance and route suppression.l Supports MP-BGP.l Supports MD5 authentication and route filtering.l Supports route redistribution.

Policy Routing

Policy routing matches specific values in an IP packet to with a policy set by a networkmanagement user. If the values satisfy the policy, the packet is forwarded accordingto the route specified by the policy. Otherwise, the packet is forwarded according to aconventional routing table.

The ZXR10 8900E implements ACL-based policy routing.

IPv6 RoutingThe ZXR10 8900E supports the following IPv6 unicast routing features:

l Supports IPv6 neighbor discovery protocols to discover routers and prefixes, resolveaddresses, determine next-hops, redirect routes, and detect unreachable neighborsand duplicate addresses, bringing more flexibility to node mobility.

l Supports the IPv6 MTU discovery protocol to dynamically identify the maximumtransmission unit (MTU) and ensure that the size of each packet sent by a node doesnot exceed the MTU value.

l Supports IPv6 static routing.l Supports the IPv6-based dynamic routing protocols RIPng, OSPFv3, ISISv6, and

BGP4+.

IPv4 to IPv6 TransitionThe ZXR10 8900E provides multiple mechanisms for IPv4 to IPv6 transition. For example,the dual-stack technology and various tunneling technologies, which are applicable todifferent scenarios. The ZXR10 8900E supports the following features:

l Supports IPv4/IPv6 dual-stack coexistence.

2-7



l Supports manually configured tunnels.l Supports 6to4 tunnels.l Supports ISATAP tunnels.l Supports 6PE tunnels.

L3 MulticastThe ZXR10 8900E supports the IGMPv2, IGMPv3, and MLDv1/v2 protocols, as well asIPv4/v6-based PIM-DM, PIM-SM, and PIM-SSM protocols, providing a complete set ofmulticast solutions. In addition, to provide enhanced and more reliable multicast servicesand guarantee the deployment and operation of the services, the ZXR10 8900E alsosupports the functions of multicast route guard and anycast RP.

Controllable MulticastThe ZXR10 8900E supports a complete set of controllable multicast features. Itimplements accurate control on multicast users by the functions of IGMP V1/V2/V3, IGMPSnooping, IGMP Proxy, IGMP Fastleave, multicast VLAN, Channel Access Control (CAC), and Call Detail Record (CDR),

The ZXR10 8900E also provides the following customized controllable multicastmanagement functions to allow you to directly manage IPTV channels and subscribers:

l Channel access controll Channel managementl Package managementl Preview configurationl Preview template managementl CDR recordingl Uniform network management through MIB

The ZXR10 8900E provides these controllable multicast functions to allow the networkoperator to accurately control their multicast services, perform overall subscribermanagement, and flexibly deploy IPTV services.

MCEThe Multi-VRF CE (MCE) technology extends CE capabilities to support VRF functions.Devices providing the MCE function are called MCE devices. The ZXR10 8900E supportsMCE configuration.

2.3 MPLS and VPN FunctionsBasic Functions of MPLSMultiprotocol Label Switching (MPLS) is a multi-layer switching technology. It combineslayer 2 switching technologies with layer 3 routing technologies, using labels to aggregate

2-8



forwarded information. Running on the routing layer, MPLS supports various upper-layerprotocols and can be implemented on different physical platforms.

MPLS combines the performance and capabilities of Layer 2 switching with the flexibilityand scalability of Layer 3 routing, and thus simplifies MPLS network management andoptimizes network performance.

Now, the ZXR10 8900E provides a complete set of MPLS protocols and mainly providesthese functions:

l Supports the LDP and RSVP protocol.l Supports TTL value decreasing, loopback detection, policy management, and

penultimate hop popping.l Supports automatic label distribution by downstream and free label retention mode.l Supports LSP fast rerouting and RSVP-LSP establishment.

MPLS TEMPLS TE combines traffic engineering with the MPLS protocol to allow service providersto precisely control the path through which traffic goes. Thus, congestion nodes can beavoided, and paths will not be too overloaded or too idle, allowing bandwidth resourcesto be fully utilized. In addition, during the establishment of an LSP tunnel, MPLS TE canreserve resources to guarantee the quality of service.

The ZXR10 8900E supports MPLS TE and provides the following features:

l Provides the capability of forwarding IP packets through a non-IGP shortest path,effectively avoiding network congestion caused by unbalanced network traffic.

l Guarantees bandwidth by reserving bandwidth for key traffic, defining priorities, andusing bandwidth preemption mechanisms, so that packets will not be dropped due toinsufficient link bandwidth.

l Guarantees stable and reliable data transmission: When a link or transmission nodefails, the link can be quickly switched to a backup one through MPLS TE FRR andMPLS TE. In addition, LSP full-path protection is supported, which greatly reducesnegative impacts on traffic.

l Supports MPLS VPN over TE and LDP over RSVP, allowing TE tunnels to providebandwidth guarantee and service isolation for MPLS VPN services.

MPLS Layer 2 VPNMPLS layer 2 VPN falls into two categories:

l Virtual Private Wire Service (VPWS): Implements point-to-point communicationsbetween sites within a VPN.

l Virtual Private LAN Service (VPLS): Implements point-to-multipoint communications.In a VPLS network, a CE simply sends the data destined to all destinations to the PEconnected to the CE.

The ZXR10 8900E supports the VPWS drafted by Martini and the extended LDP toestablish different LSPs according to service types. It also supports Ethernet and VLANencapsulation, and LDP-based extended VPLS.

2-9



The ZXR10 8900E also supports hierarchical VPLS (HVPLS), with the access mode beingPW or QinQ.

MPLS Layer 3 VPNThe ZXR10 8900E supports all MPLS L3 VPN functions, including:

l Address overlappingl Static route, RIP, OSPF, and BGP access of a CEl The extended community attribute, capability negotiation, and route update of the

BGPl Binding a VLAN to a VRF

The ZXR10 8900E supports Multi-AS VPN, providing the following three inter-domain VPNdeployment solutions:

l VRF-to-VRF solutionl Single-hop MP-EBGP solutionl Multi Hop MP-EBGP solution

2.4 QoSBasic QoSAs the IP network is evolving, more and more new services demand that the IP networkprovide predictable as well as reliable transmission. Users demand that their network canprovide stable and high-performance services in any place and at any time.

Traffic engineering is intended for optimizing network performance. It can map traffic toactual physical channels and meanwhile automatically optimize network resources to fulfillthe serviceability required by particular application. It is a network engineering technologythat allows both macro regulation and micro control.

At present the key to traffic engineering is load balancing and network recovery. IP trafficengineering is to effectively implement the integration of the conventional best-effort IPservice and the QoS.

To fulfill the above objectives, the ZXR10 8900E provides the following functions:

Traffic Classification

Traffic means the packets sent through switches. Traffic classification is to classify thepackets according to particular characteristics. To achieve this purpose, you can use anACL, especially an extended ACL.

Packets can be classified by various ACL filtering options, such as source/destination IPaddress, source/destination MAC address, IP protocol type, TCP source/destination portnumber, UDP source/destination port number, DSCP, ToS, IP Precedence, VLAN ID, and802.1p priority.

Traffic Policing

2-10



Traffic policing restricts the bandwidth for a specific service to reduce the impacts on otherservices. Actions taken when the traffic exceeds a limit include:

l Dropping or forwarding the packet.l Passing the packet through with a modification to the DSCP value.l Passing the packet through with a modification to the drop priority (packets with a high

drop priority are dropped first when the queue is congested)

The ZXR10 8900E implements the Single Rate Three Color Marker (RFC2697) and (TwoRate Three Color Marker) (RFC4115) functions. Both algorithms support Color-Blind modeand Color-Aware mode.

Traffic Shaping

Traffic shaping controls the rate of outputted packets, so that all the packets are sent outin an even rate. Through traffic shaping, packet rates can match downstream devices, sothat congestion and packet dropping can be avoided.

The ZXR10 8900E supports traffic shaping at two levels, namely, VLAN-based trafficshaping and port-based traffic shaping. Thus, the system can implement multi-level trafficcontrol and ensure hierarchical QoS and management.

Congestion Avoidance

The ZXR10 8900E uses the RED/WREDmethod to avoid congestion and improve networkquality.

The ZXR10 8900EWRED can perceive services, including the IP precedence, DSCP, andthe MPLS EXP bit, and can set different early drop policies for the packets of differentpriorities, so that differentiated drop features are provided to different services.

Queue Scheduling

Each physical port of the ZXR10 8900E supports eight output queues (numbered from 0to 7), which are called CoS queues. According to the CoS corresponding to the 802.1ptag in a packet, the ZXR10 8900E performs output queue operations on the ingress. Incase of network congestion, multiple packets compete for resources. This problem can besolved by queue scheduling.

The ZXR10 8900E supports three queue scheduling methods. The eight output queueson a port can use different scheduling methods.

l Strict priority (SP)l Weighted round robin (WRR)l Dynamic weighted round robin (DWRR)

The 802.1p tag contains packet priority information. If the packet entering a port does notcarry a 802.1p tag, a switch allocates a default 802.1p value to the packet.

Priority Tag

A priority tag re-assigns a set of service parameters to the particular traffic described in anACL. The following types of operations can be performed:

l Modifying the CoS queue of a packet and the 802.1p value

2-11



l Modifying the CoS queue of a packet, but keeping the 802.1p value unchangedl Modifying the DSCP value of a packetl Modifying the drop priority of a packet

Ethernet OAMAt present, the ZXR10 8900E supports the following Ethernet OAM standards:

l IEEE 802.3ah (Operations, Administration, and Maintenance-OAM)l IEEE 802.1ag (Connectivity Fault Management-CFM)

The ZXR10 8900E supports Ethernet OAM functions that support the above mentionedstandards. The functions include Ethernet continuity test (ETH-CC), Ethernet loopback(ETH-LB), Ethernet link tracing (ETH-LT), Ethernet frame loss measurement (ETH-LM),Ethernet frame delay measurement (ETH-DM), remote fault indication, and remoteloopback.

2.5 Clock SynchronizationThe trend to IP-based bearer networks requires the Ethernet to provide accurate clock tothe mobile wireless network, which has a strict requirement for high precision. Frequencysynchronization and time synchronization are both needed. The ZXR10 8900E supportsa synchronous Ethernet plus 1588v2 solution. It uses synchronous Ethernet to implementclock frequency synchronization, and uses IEEE 1588 to implement time synchronizationby frequency fine tuning and time maintenance.

The ZXR10 8900E can be configured with various clock source priorities, according towhich the clock sources are selected. The clock source of the highest priority is used.When this clock source fails, a clock source of one priority level lower takes effectimmediately. The clock source recovery policy is as follows: When the clock source ofa higher priority is recovered, the clock can choose to switch to the clock source of thehigher priority, depending on configuration.

Clock SourceThe ZXR10 8900E supports five types of clock sources. The main control determines todistribute which clock source to the whole system. The five types of clock sources are:

l Local clock: Local clock is used by system hardware, and it provides the most basicclock signals.

l BITS: Supports 2 MHz analog clock signals and 2 Mbits digital clock signals.l GPS: As the conventional mobile network clock source, GPS provides highly accurate

clock signals. It can provide 1PPS+TOD signals.l SyncE: Support synchronous Ethernet interfaces to restore and retrieve clocks from

the physical layer.l 1588v2: The IEEE 1588v2 is a precision time protocol. By transmitting messages

between active and standby devices, it implements accurate synchronization of theactive/standby clock and time.

2-12



Synchronous EthernetThe ZXR10 8900E can retrieve line clocks from Ethernet links, and supports obtainingreference clocks through external synchronous interfaces (including BITS and GPS) asthe input for the system clock selection function. According to synchronization stateinformation or alarms, the system selects a proper clock source and export clock source.After determining the clock source, the system uses the highly accurate clock on Ethernetinterfaces to send data and transfer synchronization state information to implementend-to-end sent/received data synchronization on the Ethernet physical layer.

IEEE 1588 v2The ZXR10 8900E implements the IEEE 1588 v2 protocol, and supports the followingoperational modes:

l Normal clock

Only one port supports the 1588 protocol, which can be configured as grandmasteror slave.

l Border clock

Multiple ports support the 1588 protocol, which can be connected to multiple normalclocks or transparent clocks.

l Transparent clock

The 1588 protocol does not run on each node, but the node needs to modifytimestamps. When forwarding a time packet, the node updates the time correctionfield, which is in either E2E or P2P mode.

Clock ProtectionThe ZXR10 8900E supports two clock protection modes:

l Port selection protection

The ZXR10 8900E uses the SSM protocol and the best master clock (BMC) algorithmto implement automatic protective switching, and ensure reliable clock transfer.

l Dual-main-control protection

The ZXR10 8900E's active/standby main control modules always synchronize clockinformation. When a main control module receives a BITS or GPS clock signal, itdirectly forwards the signal to the other main control module.

2.6 Protection for ReliabilityEquipment ProtectionMain Control Module Protection

The ZXR10 8900E provides carrier-class reliability. It provides two main control boards,each of which has control modules and switching modules. The two main control boards

2-13



work in load-sharing or redundancy backup mode. Redundancy is supported for switchingmodules and main control modules. If an active module fails, services and data will beswitched to the standby module to guarantee uninterrupted data transfer and serviceoperation.

Power Module Protection

To satisfy telecom carriers' strict requirements for equipment reliability, the ZXR10 8900Eprovides a hot backup design for power supply, and supports 48 V DC and 220 V AC powersupply modes. DC power supply operates in 1+1 mode, while AC power supply operatesin 1+1 backup or 2+1 backup mode depending on rack configuration. Thus the reliabilityof the power supply system is improved. In addition, the ZXR10 8900E's power supplysystem provides various intelligent mechanisms to protect power supply, detect and reportfaults according to parameters such as voltage, current, temperature.

System Monitoring

The ZXR10 8900E satisfies carrier-class reliability requirements, and provides a whole setof system monitoring approaches to reduce customers' maintenance costs and improveequipment stability and reliability.

In terms of hardware, the ZXR10 8900E monitors ambient temperature, boardtemperature, fan status, power status, power consumption sampling (including PoEpower supply), and air volume (or calculated by temperature if conditions do not permit).In terms of software, the ZXR10 8900E actively collects the information about ambienttemperature, board temperature, fan status, power status, power consumption sampling(including PoE power supply), and air volume. If a fault occurs or an index exceedsits alarm threshold, the system raises an alarm and reports the fault. Alarm and faultinformation can be periodically stored and uploaded to a specified server.

Network Detection MechanismsDuring network equipment operation, link failures, single-point failures, and connectivityproblems may occur. To discover all sorts of faults in the network in time, and provideprotective measures, the ZXR10 8900E provides a series of effective network detectionmechanisms. In addition to the detection techniques mentioned below, the ZXR10 8900Ealso supports many fault detection and locating methods such as UDLD, IP Ping, IP Trace,multicast Traceroute, LSP Ping, and LSP Traceroute.

BFD

The ZXR10 8900E supports the BFD of static routes, OSPF and other dynamic routes,and VRRP to implement fast convergence. The ZXR10 8900E supports combining BFDand FRR technologies to provide a fast fault detection mechanism and implement fastrerouting.

OAM Detection

OAM provides rich detection methods (mainly the Ethernet OAM technology) for identifyingnetwork faults. Through OAM packet detection, the system can detect the link status, nodestatus, and tunnel connectivity, and trigger protective switching when finding a fault.

2-14



SQA

The ZXR10 8900E supports ICMP-echo, DHCP, DNS, FTP, HTTP, UDP-jitter, SNMP, TCP,UDP-echo, Voice, and DLSw detection. It can link the detection results to functions suchas VRRP.

Intelligent Ethernet ProtectionThe ZXR10 8900E supports ZTE Ethernet Switch Ring (ZESR), ZTE Ethernet SmartSwitch (ZESS), and ZESR+, and provides ring network protection and dual-uplink linkprotection. ZESR/ZESS/ZSER+ comply with the ITU-T G.8032 standard.

Layer 3 Routing ProtectionThe ZXR10 8900E supports the following layer 3 routing protection functions:

l Enhanced VRRPl Route load sharingl Graceful Restart (GR)

VPN ProtectionThe ZXR10 8900E supports layer 3 route protection, mainly including PW protection andMPLS VPN dual-home protection. MPLS VPN dual-home protection can be dual-hominga CE to two PEs or dual-homing a UPE to two NPEs.

FRR ProtectionSupporting IP FRR

The switching speed of IP Fast ReRoute (IP-FRR) reaches 50 ms, which can minimizedata loss upon network failures. The IP FRR function computes backup routes in advance.If an active route fails, the IP FRR function does not re-compute routes, but switch trafficto a backup route. When the active route is restored to normal, the traffic is switched backto the active route.

The ZXR10 8900E supports static routing, OSPF, IS-IS, and RIP fast rerouting. Thus trafficcan be quickly switched in one direction, which satisfies the switching time requirement ofservices.

Supporting LDP FRR

The LDP FRR is an MPLS-related reliability technology. Through the Label DistributionProtocol (LDP), the LDP FRR distributes an active/standby label to a route. Due to theexistence of standby labels, a router can rapidly respond to route changes and switch to astandby label to implement switching protection with 50 ms after a network failure occurs.

The LDP FRR is a temporary protective measure. When the protected link is restored, thetraffic will be switched back to the original LSP. The LDP FRR does not depend on thecomplicated MPLS TE technology, and need not establish standby LSPs respectively forlinks, nodes, and paths. So, the implementation is easy.

Supporting MPLS TE FRR

2-15



The MPLS TE fast reroute (FRR) is a set of mechanisms in MPLS TE for protectinglinks and nodes. If an LSP link or node fails, the node where the failure is discoveredwill be protected, so that traffic can still pass through a protective link or node, and datatransfer is not interrupted. Meanwhile, the head node can continue initiating primary pathre-establishment.

Supporting L3VPN FRR

The L3VPN FRR solves the problem of end-to-end service convergence for a dual-homeCE, the most common network model. If a PE node fails, the L3VPN FRR can controlthe end-to-end service convergence time within 1 s. The MPLS TE FRR only solves thefailures of links or nodes, but it cannot implement end-to-end fast convergence in case ofa PE failure, which requires VPN route convergence.

2.7 Security and AuthenticationACLTo filter data, a network device should be configured with a series of matching rules toidentify the objects to be filtered. After particular objects are identified, the device permitsor denies the passing of the corresponding data packets, depending on preset policies.An Access Control List (ACL) can be used to implement these functions.

The ZXR10 8900E provides five types of ACLs:

l Link ACLsl IPv4 ACLsl IPv4 mixed ACLsl IPv6 ACLsl IPv6 mixed ACLs

Device AuthenticationAAA

The ZXR10 8900E support Authentication, Authorization and Accounting (AAA). It cannot only authenticate and authorize a subscriber by with the assistance of hierarchicalcommand line protection, but also verify the validity of network management users innetwork management. By using the AAA mechanism, the ZXR10 8900E can effectivelyprevent illegal subscribers from logging in.

For different subscriber access authentication policies, the device provides perfect AAAauthentication and authorization functions. According to different access authenticationrequirements, you can configure different access authentication policies to performauthentication and authorization on subscribers selectively.

The AAA supports three subscriber authentication modes:

l Local account verificationl Remote Authentication Dial-In User Service (RADIUS) verificationl Terminal Access Controller Access Control System (TACACS+) verification

2-16



The AAA supports four authorization modes:

l Direct authorization: Subscribers are trusted and directly authorized.l Local account authorization: Authorizes subscribers according to the locally

configured accounts.l TACACS+ authorization: TACACS+ can separate authorization from authentication.

The TACACS+ server performs subscriber authorization.l Authorization after successful RADIUS authentication: The RADIUS protocol does

not allow the separation of authentication and authorization.

SSH

The Secure Shell (SSH), drafted by the IETF, is a security protocol established on theapplication and transport layers. The SSH is a reliable protocol that provides securityparticularly for remote login sessions and other network services. The SSH protocol caneffectively prevent information leakage during remote management. Through the SSHprotocol, data can be encrypted before transmission, and thus intermediary attacks canbe avoided.

The SSH supports two authentication modes:

l Password-based security verificationl Key-based security verification

The ZXR10 8900E supports SSHv2 security verification.

Hierarchical Commands

The ZXR10 8900E implements authority-based hierarchical command management. Upto 16 command authority levels are supported. Different login subscribers are boundto different authority levels. The lower the level, the less commands the subscriber isallowed to use. The administrator, who has the highest authority level, can set differentauthority levels for commands, and thus customized command authority configuration isimplemented.

Access Security802.1x

The ZXR10 8900E's 802.1X module performs the following functions:

l Supports the authenticator's functions.l Supports local authentication.l Supports that the authenticator PAE sends or receives EAPOL frames through an

uncontrolled port.l Supports manipulating a controlled port by using AuthControlledPortControl

parameter values including ForceUnauthorized, Auto, and ForceAuthorized.l Supports manipulating a controlled port by using both AdminControlledDirections and

OperControlledDirextions parameters.l Supports periodic re-authentication for a supplicant according to a re-authentication

timer.

2-17



l Supports transparent transmission of 802.1x authentication packets whenauthentication is not required.

DHCP

The ZXR10 8900E supports DHCPv4 server, DHCPv4/v6 relay, DHCPv4/v6 snooping, andDHCP option82 functions.

IP source guard

By establishing the binding relations between a port and a VLAN, MAC address, or IPaddress, an IP source guard checks the packet source and allows traffic satisfying specificconditions to pass, and thus packet security control is implemented. The IP source guardestablishes a binding table in either of the following forms:

l Static bindingl Dynamic binding

The ZXR10 8900E supports IPv4-based and IPv6-based IP Source Guard function.

DAI

Dynamic ARP Inspection (DAI) sends ARP packets up to a CPU for processing. Afterdetermining that the ARP packet is legal or not, the CPU forwards or drops it.

Network SecurityThe ZXR10 8900E implements network-based security protection, and every module hasthe security checking function. In the ZXR10 8900E, network security functions are asfollows:

l Prevents subscriber ARP snooping.l Supports MAC address flood protection, which restricts the number of MAC

addresses.l Sets broadcast packet thresholds on a port.l Filters layer 2, 3 and 4 ACLs together.l Filters routes.l Forbids ICMP redirection to prevent an attacker from sending fake ICMP packets.l Prevents CPU attacks, provides protocol packet protection, distributes different

hardware CPU queues to protocol packets, sets priorities, limit rates, performs QoSsuch as WRED, and protects CPU.

l Prevents DoS attacks by hardware queues, and supports preventing land | null-scan| ping-of-death | smurf | sys-fin | syn-port-less-1024 | xma-scan | ping-flood | syn-floodattacks (for ping-flood | syn-flood, rate limiting is supported).

l Prevents IPv4 URPF source address spoofing.l Supports automatic broadcast storm suppression.l Supports control/signaling MD5 authentication.l Supports DHCP snooping.l Supports DHCP snooping-based IP Source guard and DAI.l Supports IPv6 ND security.

DDoS Attack Prevention

2-18



As the network environment becomesmore and more complicated, switches are facing thedemand for higher attack prevention capabilities. There are many methods and policiesfor DDoS attack prevention. CPU protection is one of the major methods.

The ZXR10 8900E's DDoS attack prevention supports most L2 and L3 protocols. L2protocols mainly include some STP and MSTP packets, as well as layer 2 ring networkpackets of switches. L3 protocols mainly includes the IPv4 and IPv6 protocols.

l IPv4 protocols: OSPF, PIM, IGMP, VRRP, ICMP, ARPREPLY, ARPREQUEST,GROUP MNG, VBASE, VRRP ARP, DHCP, RIP, BGP, Telnet, LDP_TCP, LDP_UDP,TTL, BPDU, SNMP, MSDP, and RADIUS.

l IPv6 protocols: MLD, ND, ICMP6, BGP4+, RIPNG, OSPFv3, LDPTCP6, LDPUDP6,Telnet6, and PIM6.

The ZXR10 8900E expands hierarchical CPU protection based on regular CPU protection.Hierarchical CPU protection includes hardware, software, and protocol stack protection.The ZXR10 8900E also prevents DDoS attacks by limiting MAC address learning, limitingthe port flow rate, and multi-layer ACL filtering.

uRPF

The ZXR10 8900E supports strict, loose, and loose-ingoring-default-route Unicast ReversePath Forwarding (uRPF).

l Strict uRPFmeans that a packet is dropped if the egress found according to the sourceaddress does not exactly match the ingress, or is handled properly otherwise.

l Loose uRPF means that the packet is handled normally if a route is found accordingto the source address and the default route's egress is consistent with the ingress, oris dropped otherwise.

l Loose-ingoring-default-route uRPF means that the packet is handled normally if aroute is found according to the source address and it is not the default route, or isdropped otherwise.

ND Security

The ZXR10 8900E supports the configuration of trusted switch ports, trusted switchaddresses, and ND learning quantity limit. It supports ND snooping-based ND packetfiltering by configuring a static binding relation between a port and a VLAN, IP address, orMAC address. It can also detect ND packets based on DHCPv6 snooping entries, allowlegal packets to pass, so that network risks are minimized.

2.8 Network Traffic AnalysisThe ZXR10 8900E supports mainstream network traffic analysis technologies includingIETF standard IPFIX and sflow.

2-19



This page intentionally left blank.

2-20


Chapter 3Product StructureTable of Contents

Product Overview.......................................................................................................3-1Hardware Structure ....................................................................................................3-4Supported Boards ......................................................................................................3-6Software Structure......................................................................................................3-9

3.1 Product OverviewThe ZXR10 8900E uses a large-capacity rack architecture. The hardware system iscomposed of a chassis, a backplane, fan subracks, power supply modules, switchingmain control boards, and various link processing boards.

ZXR10 8912E OverviewFor the ZXR10 8912E overview, see Figure 3-1.

Figure 3-1 ZXR10 8912E Overview

For the ZXR10 8912E structure, see Figure 3-2.

3-1



Figure 3-2 ZXR10 8912E Structure

ZXR10 8908E OverviewFor the 8908E overview, see Figure 3-3.



3-2


Chapter 3 Product Structure





3-3








3.2 Hardware StructureThe ZXR10 8900E series switch is a rack-based system and has three separate planes,including forwarding, control, and monitoring planes. The three planes work together toperform system functions. The system uses a new-generation high-capacity high-speedserial bus backplane to connect main control boards to various service line cards. Theprimary monitoring node on each main control board manages the monitored nodes on theline cards through a monitoring bus and collects monitoring information of the line cardsto implement intelligent equipment management.

3-4



High-capacity High-speed BackplaneThe system has the up-to-date design of passive high-capacity high-speed backplane andconnects main control boards and line cards through high-speed wiring, ensuring sufficientswitching capacity required by system operation.

Main Control BoardMain control boards are important integrated boards working in 1:1 backup mode.Each main control board includes a high-performance CPU, a large-memory storagespace, an inter-board switching module, a monitoring module, and a clock module. For8912E/8908E/8905E, each main control board also includes a high-capacity switchingmatrix, which has a multi-plane independent design to guarantee its switching capabilityand future expansion. For the 8902E, main control boards do not have a switching matrix.Line cards implements back-to-back connection through a high-speed backplane. Duringoperation, the ZXR10 8900E series switch's two main control boards interact closely.

Service Line CardsService line cards directly process packets and send them to specific ports on thedestination service line cards. Each service line card has its own forwarding informationbase, and forwarding decisions are made locally, ensuring wire-speed switching capability.Service line cards are diversified, and they can support clock or monitoring features.Depending on requirements, the following types of service line cards can be provided forthe time being:

l GE service cardsl 10-GE service cardsl 40-GE service cards

Power SupplyThe ZXR10 8900E has a brand new power supply design, which supports the maincontrol system's remote signaling/control over power supply. Through an RS485 port,the main control system can intelligently monitor the temperature over/under-voltage,power-off alarms, and current-limited state of the power supply system.

Intelligent Fan ShelfThe ZXR10 8900E system uses an intelligent fan shelf to adjust each fan's speed, raisesstalling alarms, and detect fan board temperature. In addition, the shelf can adjust fanspeed of each slot according to temperature, so that energy is saved.

3-5



3.3 Supported BoardsMain Control BoardFor the ZXR10 8912E/8908E/8905E, switching and control modules are integrated on amain control board. The main control board mainly consists of a CPU subcard, switchingchips, a clock system, and amonitoring subcard, and implements management and controlover the whole system and switches data packets among various line cards. From theperspective of functionality, the main control board consists of switching, control, clock,monitoring, out-band communication, power supply, and logical modules. For the maincontrol board diagram, see Figure 3-9.

Figure 3-9 8912E/8908E/8905E Main Control Board Diagram

The main control board of the ZXR10 8902E implements control functions. For the boarddiagram, see Figure 3-10.

Figure 3-10 8902E Main Control Board Diagram

Control Module

3-6



The control module consists of a main processor and some external functional chips. Itprovides various external operation interfaces, such as serial ports and Ethernet ports, toprocess various applications. The main control module mainly consists of the followingfunctional units:

l Network management unit: Runs a network management protocol, such as SNMP.l Protocol processing unit: runs network and routing protocols, such as OSPF, RIP, and

BGP-4. The protocol processing unit maintains a global routing table and forwardingtables, and maintains the consistency among processor nodes.

l Monitoring unit: Provides operation andmanagement interfaces for various line cards.l Internal communication unit: Provides a high-speed signaling channel between

boards, and allows the main control board to efficiently and accurately control themanagement CPUs of the other boards through the internal communication module,and to transfer routing information through that channel.

The main control module has the following features:

l High-performance CPU: Is capable of running layer 2 and layer 3 protocols andnetwork management and monitoring programs.

l GE channel: Can be connected to a management interface to provide the functionsof system management and program downloading and debugging.

l One RS232 serial port: Used for board debugging and management.l Temperature checking: Each main control board has a temperature checking device

that is connected to the CPU subcard to check the system temperature and reportsthe results to the back-end EMS.

l System log management: All system logs are stored in the system flash memory.l Clock chips are mounted on the CPU interface to provide an accurate clock to the

system.l Active/standby switching, active/standby state signal indication, line card reset

signals, and line card in-position checking.l Faults are classified into warning faults and switchover faults.l A routing data synchronization channel is provided between active and standby

boards.

Switching Module

The switching module performs data switching for the whole system, providing ahigh-speed and non-blocking switching channel among all line card units. The switchingmodules uses a dedicated CROSSBAR chip, which integrates multiple high-speedbidirectional interfaces to perform wire-speed switching. The switching chip performs thefollowing functions:

l Store-and-forward switching.l Supports 16 KB jumbo frames.l Supports priority queues that selectively drops frames in case of CoS queue

congestion.l Each port provides a set of management control counters.

Clock Module

3-7



This system uses the synchronous Ethernet technology to implement clock frequencysynchronization. It performs phase fine tuning and time maintenance according to theIEEE 1588 to synchronize clock time. The synchronous Ethernet can perform frequencysynchronization by the reference clocks generated by four types of clock sources includinglocal clock of the clock subcard, BITS (2MHz or 2Mbits), GPS, and line card clock recovery.

Monitoring Module

The monitoring module (IPMC) is a component of the device monitoring system.The monitoring module, hardware management bus, and software monitoring andmanagement module compose the intelligent platform management system. Themonitoring module mainly performs the following functions:

l Information gathering: The monitoring module gathers information about the ambienttemperature, board temperature, fan status, power supply status, and powersampling.

l Alarm: The monitoring module sets alarm parameters for all the monitored itemsmentioned above, and produces alarms in case of exceptions.

l Management: The monitoring module provides automatic or manual control of the fanspeed, and monitors board power-on/off.

Interface ModulesThe ZXR10 8900E series core switch's interface modules refer to line interface cards.Currently GE, 10 GE optical, and 40 GE optical interface boards are provided.

All the optical interfaces of the ZXR10 8900E uses pluggable optical modules. Thus, oneline card can satisfy the requirements for different transmission media and distances. andsome line cards even provide different types of interfaces to reduce the need for extra linecards. All the electrical interfaces in a line card have the cable diagnosis function, whichallows diagnosing cable connections at any time. During a diagnosis, short circuits andopen circuits can be identified, and the location where a fault occurs can be specified, withthe precision of 1 meter.

For the main interface board types of the ZXR10 8900E, see Table 3-1.

Table 3-1 8900E Interface Board Types

Boar-d/CardModel

Fixed Interface LineProcessing BoardName

Port Form Remarks

E1GF24A 24-port NP enhanced

Gigabit optical interface

board

24 GE optical ports,

supporting fast and

Gigabit SFP

NP extension is available, and MPLS,

large entries, Ethernet OAM, and

intelligent monitoring are supported.

H2GF24D 24-port Gigabit optical

interface board


supporting fast and

Gigabit SFP

MPLS, large entries, Ethernet OAM,

clock (SyncE or 1588v2), and intelligent

monitoring are supported.

3-8



Boar-d/CardModel

Fixed Interface LineProcessing BoardName

Port Form Remarks

H2GF48D 48-port Gigabit optical

interface board


supporting fast and

Gigabit SFP




H2GT48D 48-port Gigabit

electrical interface

board

48 GE electrical

ports, supporting

fast and Gigabit

adaptive.




H2XF8D 8-port 10 Gigabit

optical interface board

8*10 GE optical

ports, supporting

10G SFP+

MPLS, large entries, Ethernet OAM, and


S1XF12A 12-port 10 Gigabit

optical interface board

8*10 GE optical

ports, supporting

10G SFP+

L2/L3, IPv4/v6 features, SyncE, and


3.4 Software StructureIntroductionThe ZXR10 8900E series core switch is based on ZTE's new-generation IP protocol stackplatform Zhong Xing Route Operating System (ZXROS). The protocols of the platformimplements product-unrelated service functions. All software components can run in userstate of the microkernel system, and thus the system security is enhanced. The softwarecomponents belong to different independent process spaces, allowing illegal applicationoperations to be isolated. Component-based management is used. Component functionscan be independently developed, versions can be separately released, and componentscan be dynamically installed, uninstalled, or upgraded. Uninterrupted routing anddistributed processing is supported. Fast and reliable inter-CPU synchronization is alsosupported.

For the overall components of the ZXROS software platform, see Figure 3-11.

3-9



Figure 3-11 Framework of the New-generation ZXROS Software Platform System

The ZXROS software platform system includes the following subsystems:

l Route subsystem

Includes unicast and multicast routing protocols.

l L2 subsystem

Includes various layer 2 protocols.

l MPLS subsystem

Includes the LDP, RSVP, and PWE3 protocols.

l L3&PSS subsystem

Includes TCP/UDP, ARP, ND, packet sending/receiving, interface management,routing table, label table management, forwarding table integration, andsynchronization modules.

l Configuration and resource management subsystem

Includes ACL, route-map, L2VPN, and L3VPN configuration management modules,and label and IP pool resource management modules.

l Application protocol subsystem

Includes various application protocols such as Netflow, Radius, NTP, and Telnet.

Software CharacteristicsThe software platform's key and competitive technologies lie in the following aspects:

l System kernel resources run in privileged mode. All software components run in userstate in the microkernel system. Thus, the system security is enhanced.

l The software components belong to different independent process spaces, allowingillegal application operations to be isolated.

l Component functions can be independently developed, and versions can beseparately released.

3-10



l Software components can be dynamically installed, uninstalled, or upgraded online(ISCU-in-service component upgrade). Versions can be smoothly upgraded withoutservice interruption, and service customization requirements can be satisfied.

l The software system architecture supports distributed protocol processing. That is,protocols use independent processes, and messages are sent between processes.

l Fast inter-CPU synchronization is supported by using reliable multicast packets, andthus the route convergence speed is improved.

l Command configuration and protocol processing are separated, and platform andproduct command scripts are loosely associated.

l A uniform external interface is provided. Fast secondary development is supported.Outsourced software can be optimized.

l Nonstop routing (NSR) is supported.l Cluster technologies are supported.

In addition, the ZXROS software platform has the following characteristics:

l High reliability and stability: The software platform satisfies long-term stablenetwork operation requirements.

à Failures of one software component does not affect the other components.

à Components are independently developed, released, and upgraded.

à The platform and products are loosely coupled.

l Real-time performance: The software platform satisfies large dynamic routingprotocols, network management protocols, and time requirement of datasynchronization among multiple processors.

l Self-healing: System exceptions are detected, handled, and recorded. In case of anexception, the system can immediately perform recovery and switching.

l Maintainability: The usage and invoking status of core resources and systemservices can be traced and recorded. Software components are independent,making it easier to trace failures.

l Simplicity: The software platform only provides essential system services toapplications, and shields unnecessary system services.

l Encapsulation: Hardware features can be totally shielded, so that the applicationlayer is unrelated to the hardware. The software platform is uniform and portable toall processor applications.

l Smooth evolution: The software platform supports fast secondary development, andcan quickly integrate outsourced software and respond to customers' requirements intime.

3-11




3-12


Chapter 4Technical SpecificationsBasic SpecificationsFor the basic features and physical specifications of the ZXR10 8900E, refer to Table 4-1.

Table 4-1 Basic Features and Physical Specifications of the Device

DescriptionAttribute

8912E 8908E 8905E 8902E

Backplane

bandwidth

19.2 Tbps 12.8 Tbps 8 Tbps 3.2 Tbps

Switching

capability

5.12 Tbps 5.12 Tbps 3.2 Tbps 1.28 Tbps

Packet

forwarding

ratio

3840 Mpps 3840 Mpps 2400 Mpps 960 Mpps

Number of

GE ports

576 384 240 96

Basic

Per-

form-

ance

Spec-

ifica-

tions

Number of 10

GE ports

144 96 60 24

Dimensions

(height ×

width ×

depth)

753 mm * 442

mm * 446 mm

577 mm * 442

mm * 446 mm

442 mm * 442

mm * 446 mm

175 mm * 442

mm * 420 mmPhys-

ical

pa-

rame-

tersWeight (full

configura-

tion)

89.7 kg 64.9 kg 51.2 kg 24 kg

Total number

of slots

14 10 7 4Num-

ber of

slots Number of

service slots

12 8 5 2

4-1




8912E 8908E 8905E 8902E

Power supply

conditions

(AC)

100 V–240 V, 50 Hz –60 Hz

Power supply

conditions

(DC)

-57 V–-40 V

Po-

wer

sup-

plyMaximum

total

consumption

of the

device in full

configuration

2718 W 2084 W 1235 W 300 W

Operating

temperature

Long-term: -5℃–+45℃Short-term: -5℃–+50℃

Storage

temperature

-40℃–+70℃

Relative

humidity

5%–95%, without condensed moisture

Envi-

ron-

ment

re-

quire-

mentsEarthquake

resistance

Able to resist an earthquake of magnitude 8

Interface SpecificationsFor the optical and electrical interface features of the ZXR10 8900E, refer to Table 4-2.

Table 4-2 Optical and Electrical Interface Features

Port Type Feature Description

10 /100 /1000BASE-T In compliance with IEEE802.3z standards.

RJ45 connector.

Class 5 UTP twisted-pair wire, maximum transmission distance:

100 m.

Half duplex/full duplex, MDI/MDIX.

100BASE-FX (SFP-M02K) LC connector, multi-mode optical fiber, wavelength: 1310 nm,

maximum transmission distance: 2 km.

Transmission power: -19–-14 dBm, reception sensitivity: <-30 dBm

100BASE-FX (SFP-S15K) SFP optical module.

LC connector, single-mode optical fiber, wavelength: 1310 nm,



4-2


Chapter 4 Technical Specifications

Port Type Feature Description

100BASE-FX (SFP-S40K) LC connector, single-mode optical fiber, wavelength: 1310 nm,



100BASE-FX (SFP-S80K) LC connector, single-mode optical fiber, wavelength: 1550 nm,


Transmission power: -3–+3 dBm, reception sensitivity: <-37 dBm

1000BASE-SX (SFP-M500) LC connector, single-mode optical fiber, wavelength: 850 nm,

maximum transmission distance: 500 m.

Transmission power: -9.5–4 dBm, reception sensitivity: <-17 dBm

1000BASE-LX (SFP-S10K) LC connector, single-mode optical fiber, wavelength: 1310 nm,


Transmission power: -9–3 dBm, reception sensitivity: <-20 dBm

1000BASE-LX (SFP-S40K) LC connector, single-mode optical fiber, wavelength: 1310 nm,


Transmission power: -4.5–5 dBm, reception sensitivity: <-22 dBm

1000BASE-LX(SFP-S40K-

1550)



Transmission power: -5–0 dBm, reception sensitivity: <-22 dBm

1000BASE-LH (SFP-S80K) LC connector, single-mode optical fiber, wavelength: 1550 nm,


Transmission power: 0–3 dBm, reception sensitivity: <-22 dBm

1000BASE-LH (SFP-S120K) LC connector, single-mode optical fiber, wavelength: 1550 nm,


Transmission power: 0–5 dBm, reception sensitivity: <-30 dBm

10GBASE-SR (SFP+-M300) LC connector, multi-mode optical fiber, wavelength: 850 nm,

maximum transmission distance: 300 m.

Transmission power: -7.3–-1.0 dBm, reception sensitivity: <-11.1

dBm

10GBASE-LR (SFP+-S10K) LC connector, single-mode optical fiber, wavelength: 1310 nm,

maximum transmission distance: 10 Km.

Transmission power: -8.2–0.5 dBm, reception sensitivity: <-10.3

dBm

10GBASE-ER/EW

(SFP+-S40K)


maximum transmission distance: 40 Km.

Transmission power: -4.7–4.0 dBm, reception sensitivity: <-14.1

dBm

System Functions and Featuresl L2 features

4-3



For L2 features of the ZXR10 8900E, refer to Table 4-3.

Table 4-3 L2 Features

Attribute Description

VLAN Supports port-based, protocol-based, and subnet-based VLANs.

Supports VLAN translation.

Supports PVLAN.

Supports super VLAN.

QinQ Supports QinQ-based forwarding.

Supports normal QinQ and port-based outer labels.

Supports selective QinQ and stream-based outer labels.

Supports selective QinQ inner priority mapping.

Supports TPID modification.

MAC Supports MAC address learning, aging, and solidifying.

Supports static MAC address setting.

Supports MAC address attack protection.

Supports MAC address binding.

Link

aggregation

Supports static link aggregation.

Supports dynamic LACP.

Supports stream-based load balancing

Supports inter-line card link aggregation.

Supports inter-rack link aggregation.

Port features Supports loopback detections.

Supports broadcast, multicast, and unknown unicast storm

suppression.

Supports layer 2 protocol protection and jumbo frame protection.

Supports port flow control.

Support 1-minute peak statistics.

Support default shutdown of a port.

ARP Supports static ARP configuration.

Supports dynamic ARP learning and aging.

Supports ARP agent.

Supports ARP anti-attack protection.

STP Supports STP, RSTP, and MSTP.

Supports BPDU protection.

MIRROR Supports ingress mirroring, egress mirroring, 1-to-many, many-to-1,

and many-to-many mirroring, stream mirroring, and CPU mirroring.

Supports RSPAN and ERSPAN.

L2

features

Ethernet

OAM

Supports IEEE 802.1ag.

Supports IEEE 802.3ah.

l L3 features

4-4



For the L3 features of the ZXR10 8900E, refer to Table 4-4.

Table 4-4 L3 Features


IPv4 unicast

routing

Supports IPv4 unicast static routing.

Supports RIPv1/v2, OSPFv2, IS-IS, and BGP-4.

Supports policy routing and routing policies.

Supports VRRP.

Supports URPF.

Supports ECMP.L3

features IPv6 unicast

routing

Supports the ND protocol, ND protocol protection, and IPv6 path

MTU.

Supports IPv6 static routing.

Supports RIPng, OSPFv3, IS-ISv6, and BGP4+.

Supports 6to4, 6in4, and ISATAP tunnels.

Supports 6PE.

l Multicast features

For the multicastfeatures of the ZXR10 8900E, refer to Table 4-5.

Table 4-5 Multicast Features


L2 multicast Supports IGMP Snooping/proxy.

Supports IGMP rate limit and IGMP rate filter.

Supports MLD snooping.

Supports PIM snooping

Supports inter-VLAN multicast duplication.Multicast

featuresL3 multicast Supports static multicast.

Supports IGMPv1/v2/v3 and MLDv1/v2.

Supports PIM-SM, PIM-SSM, PIM-DM, and MSDP.

Supports Anycast RP

l MPLS features

For the MPLS features of the ZXR10 8900E, refer to Table 4-6.

4-5



Table 4-6 MPLS Features


Basic

features

Supports LDP.

Supports RSVP/RSVP-TE.

MPLS L2

VPN

Supports VPLS, VPWS, and H-VPLS (Qinq or LSP access).

Supports Vrf to Vrf/single-hop M-EBGP/multi-hop M-EBGP

inter-domain L2 VPN deployment.

Supports CE dual-PE protection.

Supports UPE dual-NPE protection.

MPLS L3

VPN

Supports L3 VPN FRR.

Supports L3 VPN ECMP.

Supports Vrf to Vrf/single-hop M-EBGP/multi-hop M-EBGP

inter-domain L3 VPN deployment.

Supports Multi-VRF (MCE).

MPLS

features

MPLS TE Supports static LSPs.

Supports displaying LSP tunnels.

Supports LSP tunnel priority/preemption/backup.

Supports MPLS TE FRR.

Supports MPLS L2VPN /MPLS L3VPN Over TE.

Supports LDP over TE.

l QoS features

For the QoS features of the ZXR10 8900E, refer to Table 4-7.

Table 4-7 QoS Features


Traffic

classification

Supports traffic classification by physical port.

Supports traffic classification by physical port and ACL.

Packet

re-tagging

Supports 802.1p priority, IP Precedence, IP DSCP, IP TOS, and

MPLS EXP re-tagging.

Supports double-layer label mapping.

Traffic

policing

Supports incoming port CAR.

Supports stream-based CAR.

Supports incoming/outgoing traffic policing.

Supports re-tagging after traffic policing.

Congestion

control

Supports stream-based bandwidth control.

Supports RED and WRED.

Queue

scheduling

Supports up to eight priority queues, each of which supports

minimum/maximum bandwidth management.

Supports SP, WRR, SP+WRR, and WDRR scheduling.

QoS

features

4-6




Traffic

shaping

Supports port-based traffic shaping.

Supports VLAN-based traffic shaping.

l Service management features

For the service management features of the ZXR10 8900E, refer to ZXR108900ETable 4-8.

Table 4-8 Service Management Features


Service management

Supports IEEE 802.1x, 802.1x Relay, 802.1x RADIUS accounting,

and forcing subscribers to get offline.

Supports AAA authentication.

Supports hierarchical subscriber management.

Supports IPTV management (CAC, CDR, and UMS).

Supports DHCPv4/v6 Server, DHCP v4/v6 Relay, and DHCP v4/v6

Snooping.

Supports DHCP OPTION 82.

l Reliability

For the device and network reliability features of the ZXR10 8900E, refer to Table 4-9.

Table 4-9 Reliability Features


8912E 8908E 8905E 8902E

MTBF 400000 hours

MTTR < 30 minutes

Reliability ≥ 99.999%

Hot-

swapping

Supported by all boards.

Main control

redundancy

1:1

Device

reliabil-

ity

Power supply

redundancy

Power supply

redundancy

(AC: 2+1; DC:

1+1)

Power supply redundancy (AC: 1+1; DC: 1+1)

4-7




8912E 8908E 8905E 8902E

Network reliability

Supports MPLS-TE end-to-end path protection.

Supports MPLS-TE FRR.

Supports IP FRR.

Supports LDP FRR.

Supports multicast FRR.

Supports Static Routing, LDP, OSPF, ISIS, BGP, RIP, VRRP, LSP,

FRR, PIM DR, and Super VLAN’s BFD.

Supports Graceful Restart.

Supports NSF in case of active/standby switchover.

Supports VRRP, multi-backup configuration, backup priority

configuration, VRRP switching authentication, and priority

replacement mode.

Supports VPLS ring network protection.

Supports ESRP+ Ethernet ring network protection.

Supports double uplink dual-home protection.

Supports ECMP.

Supports UDLD.

Supports LLDP.

Supports LACP and MC-LAG.

l Security features

For the security features of the ZXR10 8900E, refer to Table 4-10.

Table 4-10 Security Features


Attack

prevention

Supports DOS attack prevention.

Supports BPDU attack prevention.

Supports CPU protection.

Supports ARP attack prevention.

Supports MAC address flood protection.

Supports IPv4 uRPF.

Supports hierarchical command protection.

Supports abnormal and error packet protection.

Supports SYN FLOOD attack prevention.

Supports PING FLOOD attack prevention.

Supports Ping of Death attack prevention.

Supports SNMP attack prevention.

Supports fake source IP address attack prevention.

Supports ARP spoofing.

Security

features

4-8




CPU

security

protection

Supports protocol priority processing configuration.

Supports protocol protection.

Supports filtering the packets sent to a CPU.

Advanced

security

features

Supports data log monitoring.

Supports automatic suppression of broadcast storms.

Supports filtering layer 2, 3 and 4 ACLs together.

Supports control/signaling MD5 authentication.

Supports IP source guard/DAI.

Supports ND security.

l Clock synchronization

For the clock synchronization features of the ZXR10 8900E, refer to Table 4-11.

Table 4-11 Clock Synchronization Features


Syn-

chronous

Ethernet

Supports port-based clock recovery.

Supports overall clock distribution.

Supports clock retrieval (line, external 2 Mbit/HZ, or GPS clock).

Supports SSM processing.Clock syn-

chronization IEEE

1588v2

Supports protocol-based clock recovery.

Supports transparent transmission of clocks.

Supports P2P and E2E modes.

Supports precision time synchronization.

Supports the BMC algorithm.

l O&M features

For the O&M features of the ZXR10 8900E, refer to ZXR10 8900ETable 4-12.

Table 4-12 O&M Features


O&M Supports the command line function.

Supports hierarchical management authority.

Supports password aging and confirmation.

Supports control console management.

Supports subscriber access service management.

Supports remote access by SSH, TELNET, or SNMP, and the

FTP/TFTP function.

Supports various alarms (sound or light).

Supports the ZXNM01 unified network management system.

Supports CLI and hierarchical network management.

Supports subscriber access control.

O&M

4-9




Supports storage and restoration configuration.

Supports log management, Syslog, and REMON functions.

Supports time management and NTP functions.

Supports IPv6 equipment management.

Supports basic MIB functions.

Supports traffic statistics.

Cluster

manage-

ment

ZGMP, LLDP/ZTP/ZGMP.

Traffic

analysis

IPFIX, SFlow.

OAM Supports Ethernet OAM.

Supports OAM tools (such as LSP Ping or LSP trace route).

4-10


Chapter 5Networking ApplicationsTable of Contents

Application in an Metro Ethernet Network...................................................................5-1Application in a Data Center .......................................................................................5-2Application in Ethernet Layer 2 Convergence .............................................................5-3Application in an Enterprise Network ..........................................................................5-4Application in FTTx.....................................................................................................5-5Application in a Core Network Bearer .........................................................................5-6Application in IP RAN .................................................................................................5-7

5.1 Application in an Metro Ethernet NetworkThe ZXR10 8900E can be deployed in the convergence layer of anMetro Ethernet network,which is uniformly borne by mobile/fixed network broadband/key customer, to satisfy therequirement for separated voice, video, data, and IPTV services. The ZXR10 8900E usesthe VPN technology to implement all-service bearer and service separation, and uses ringnetwork, various protection technologies, and OAM to provide carrier-class reliability tocarriers:

l In MPLS-to-edge mode, it implements end-to-end separation between service andbearer to provide higher reliability and higher security.

l With the MPLS VPN technology, it provides different service functions over differentservice planes.

l With the MPLS TE/FRR/BFD technologies, it implements fast protective switchingwithin 50 ms.

l With Ethernet OAM, it implements quick fault discovery to improve network operationand maintenance capabilities

For the common networking solution of Metro Ethernet multi-service bearer, see Figure5-1.

5-1



Figure 5-1 Application in an Metro Ethernet Network

5.2 Application in a Data CenterDue to the growing demand for broadband networks and growing number of fixed networkand broadband subscribers, interactive service traffic increases dramatically, and variousInternet application surges in scale. Thus, old data centers are facing higher resourceand O&M demands, and the pressure of expansion, consumption, and maintenance fordata center devices is great. The ZXR10 8900E has high-density 10 Gigabit ports andhigh-performance switching capacity, and thus can be deployed at the core/convergencelayer of data centers to help reduce customer TCO and solve expansion and maintenanceproblems.

l The ZXR10 8900E has high bandwidth, high performance, and large capacity toprovide a high-speed channel for data centers and cloud computing and ensurenon-blocking traffic.

l The ZXR10 8900E has rich network management features, provides graphicalnetwork management to help data center maintenance personnel, and providesnorthbound interfaces to implement unified network management.

l As an environment-friendly product, the ZXR10 8900E uses 40 nm chips andallows line cards or ports to be enabled on demand, effectively reducing the powerconsumption of data center network equipment.

l The ZXR10 8900E integrates multiple security technologies to provide securityprotection from equipment level to network level. It uses firewall boards to preventdata centers from external network attacks, and uses DoS and CPU protectiontechnologies to prevent itself from attacks.

For the common network of a data center, see Figure 5-2.

5-2


Chapter 5 Networking Applications

Figure 5-2 Application in a Data Center

5.3 Application in Ethernet Layer 2 ConvergenceBy mature commercial use, the ZXR10 8900E proves its perfect application andsignificance in Ethernet layer 2 convergence. Based on the ZXR10 8900E' rich Ethernetlayer 2 convergence features and to meet the requirements for higher bandwidth, capacity,and convergence ratio as well as the requirements for subscriber isolation, serviceseparation, and differentiated for multiple access modes, the ZXR10 8900E providesthe following capabilities to provide powerful support for the high-speed development ofcarrier networks:

l Supports QoS to bring more precision in network resource distribution andmanagement.

l Provides ring network protection on the convergence layer, and uses ZTE's ZESR+(EAPS) Ethernet ring technology to implement 50 ms protective switching.

l Uses the VLAN and QinQ technologies to isolate subscribers or separate subscribersfrom the carrier, facilitating service plane expansion and subscriber management.

l Supports carrier-class switching capacity and provides T-level switching capabilityamong all series, allowing smooth evolution to the switching capabilities at higherlevels and satisfying carrier-class layer 2 convergence requirements.

For the common networking solution of Ethernet layer 2 convergence, see Figure 5-3.

5-3



Figure 5-3 Application in Ethernet Layer 2 Convergence

5.4 Application in an Enterprise NetworkA campus network's core layer requires high bandwidth and high-density ports. So, thewhole network must support subscriber access authentication, security protection, andother security policies. The ZXR10 8900E can be deployed in the campus network'score layer to provide high-speed forwarding and service guarantee. The ZXR10 8900E’senterprise network scenario has the following features:

l For enterprise network subscribers, it is even more important to reduce operationand maintenance costs and improve internal security. The ZXR10 8900E supportsrich security features, and supports the DHCP server, and snooping functions tohelp subscribers to manage addresses. It also supports various authenticationmechanisms such as Radius and TACACS+, and implements hierarchical authoritymanagement. It provides IP source Guard, DAI, anti-DoS attacks, and other securityprotection functions to minimize network attacks. It supports SQA, and learns theoperational status of each application server, and thus network failures can beavoided.

l For information security purposes, it is essential for an enterprise network to guardagainst external network attacks and threats. In addition, egress traffic statistics and

5-4



control are also needed to identify illegal traffic and applications. The ZXR10 8900Eprovides various traffic analysis tools to implement traffic analysis, differentiated QoS,and network security protection, and finally achieve specific service control.

l Provides a complete set of IPv6 solutions. Through dual-stack and various v4/v6tunneling technologies, it implements IPv4-to-IPv6 seamless transition.

l Supports various tunneling technologies, such as MPLS L2/L3 VPN, QinQ, and L2PT,to satisfy the requirements of isolated internal service logics for different enterprises.

For the common network of an enterprise network, see Figure 5-4.

Figure 5-4 Application in an Enterprise Network

5.5 Application in FTTxAs subscribers' service requirements are gradually growing, higher access bandwidthand QoS are demanded, and the legacy DSL access shows inability to satisfy servicedevelopment trends in the future. With the decrease in the costs of optical fibers,E-FTTx access becomes the major trend towards the future. The ZXR10 8900Esupports environment-friendly E-FTTx access to satisfy both the numerous cable accessrequirements in the existing network and FE/GE access scenarios:

l It has rich interface boards, and provides high-density and high-bandwidth access tosufficiently satisfy FTTx's requirements for high density and expendability.

l By using various QoS features, it implements control over different services andprovides satisfactory user experience for short-delay and low-jitter services.

l It supports the SVLAN technology and can effectively isolate services and subscribersto guarantee network security.

5-5



l By using the ITU-T G.8032 standard Ethernet intelligent ring protection technology, itsatisfies different reliability requirements of different subscribers.

l The IP over DWDM technology, which is implemented based on switches, requireslow costs in network establishment and maintenance, and is highly expandable.

For the common network of FTTx, see Figure 5-5.

Figure 5-5 Application in FTTx

5.6 Application in a Core Network BearerThe evolution from fixed core networks to softswitch is towards the all-IP trend. The mobilecore network has experienced the separation of the circuit domain and the packet domain,and its bearer is more and more IP-based. As the core network is evolving, the IMS totallyseparates service, control, and bearer planes, and implements the integration of 2G/3G,mobile, and fixed network services. The IMS network is completely IP-based. The ZXR108900E can satisfy the requirements for various core networks. It acts as a PE or CR toimplement carrier-class core network multi-service bearer:

l It supports enhanced VRRP, associates VRRPwith BFD, and provides active/standbyredundancy for core network elements, and thus ensure the core network reliability.

l It supports various FRR, and implements 50 ms fast switching by fast detectionfunctions such as BFD.

l It supports Multi-VRF, and separates the traffic by service or logical interface toimprove device utilization.

l It supports the MPLS VPN technology, implements independent management ofaccess subscribers for different VPNs, distinguishes the routing and network topologyinformation of different VPN subscribers, and uses traffic engineering to ensure theQoS of core network services.

5-6



For the common network of a core network bearer, see Figure 5-6.

Figure 5-6 Application in a Core Network Bearer

5.7 Application in IP RANIP backhaul mainly resolves the interconnection between a base station and a wirelessservice control point (gateway) to implement IP-based mobile voice and data servicebearer. In a legacy 2G network, a BTS uses TDM E1/T1 to access the base stationcontroller (BSC). With the development of the wireless network, IP-based Node Bemerges in 3G networks to replace BTS, providing Ethernet interfaces to allow wirelesstraffic to access or converge on an RNC through a switch. An IP backhaul networkhas requirements for clock synchronization, highexpendabilityy, and high reliability. TheZXR10 8900E can be deployed at IP backhaul convergence nodes to serve the IPbackhaul network. :

l IP backhaul requires clock synchronization throughout the network. The ZXR108900E provides the SyncE+1588v2 solution to synchronize high-precision clocksignals (such as BITS) to all base stations.

l A base station's access ring and convergence ring both require ring networkprotection. The ZXR10 8900E uses a ZESR+ (EAPS) Ethernet ring network to meetthe 50 ms switching time requirement.

l It supports superVLAN and QinQ to relieve gateway load in case of multi-base stationaccess, reduce IP address consumption, implement uniform management of basestations, and enhance network expendability.

5-7



l The ZXR10 8900E supports the VPLS/H-VPLS andMPLS L3VPN technology to bettersatisfy multipoint-to-multipoint access requirements.

For the common network of an IP Backhaul network, see Figure 5-7.

Figure 5-7 Application in IP RAN

5-8


Chapter 6Operation and MaintenanceTable of Contents

NetNumen U31 Unified Network Management Platform .............................................6-1Maintenance and Management ..................................................................................6-2

6.1 NetNumen U31 Unified Network ManagementPlatform

With the development of all-IP technologies, the telecommunication industry is confrontedwith great changes towards the mainstream trend for broadband, mobility, andconvergence. The all-IP network architecture requires that the existing operation andmanagement be transformed from vertical to horizontal direction. Thus, operation costscan be reduced and O&M efficiency can be improved.

Faced with the future network development trend, ZTE releases the unified networkmanagement platform NetNumen™ U31, and the sub-product NetNumen™ U31 (BN)implements unified management for all bearer network devices. The U31 not onlyprovides multi-domain device management, but implements the convergence of elementlayer management and network layer management, breaking through the verticalmanagement model and satisfying flat management requirements.

Networking ModeBetween the NetNumen U31 and the ZXR10 8900E, in-band or out-band managementcan be implemented.

l In-band management

In-band management means that network management information can betransferred in the same channel as service information, without the need to establishan extra DCN network. The NetNumen U31 need only be connected to a neighbornetwork device and configured with SNMP parameters.

In-band management is flexible and does not need extra investment. However,network management information occupies the service bandwidth, and thus servicequality may be affected.

l Out-band management

Out-band management means that network management information is separatelytransferred in a network management network and an extra DCN network is needed.The NetNumen U31 system is connected to the out-band management port of the

6-1



ZXR10 8900E, and thus network management information and service informationare separately transferred.

Out-band management allows network management information to be transferredmore reliably, even if the service channel is interrupted. However, to build a separatenetwork management network is restricted by region and needs extra investment.

NetNumen U31The NetNumen™ U31 (BN) is a unified management platform for all bearer networkdevices of ZTE. It implements integrated management of transmission, wavelengthdivision, PTN, and IP devices (routers and switches). The U31 is located on the networkelement management layer or subnet management layer, and is a new-generationnetwork management system. It provides powerful functions for managing the networkelement layer and network layer.

The NetNumen™ U31 (BN) uses distributed, multi-process, and modular design tomanage all-series bearer network devices. The U31 provides configuration, fault,performance, maintenance, path, security, system, and report management functions.It guarantees device stability, and implements management and control on networkelements and regional networks.

The system uses various network management technologies, and is designed anddeveloped based on the TMN concept of ITU-T and industry-leading experience innetwork management software development. It provides powerful management functionsand flexible networking capability. The U31 system provides the following functions forthe ZXR10 8900E:

l Fault management: Guarantees stable network operation.l Performance management: Helps users to fully understand the network service

status.l Resource management: Helps users to use network resources properly.l View management: Presents network operation status clearly.l Configuration management: Helps users to deploy services quickly.l Security management: Guarantees network security.l Northbound interface: Helpful for integration.

6.2 Maintenance and ManagementVarious Configuration ModesThe ZXR10 8900E provides various device login and management configuration modes,which allow users to choose proper connection configuration modes according to theirscenarios, and thus devices can be maintained more easily.

l Serial connection configuration

Serial connection configuration uses the VT100 terminal method, and thehyperterminal tool provided by the Windows operating system can be used for

6-2


Chapter 6 Operation and Maintenance

configuration. If the device is bare or without configuration or connection, thisconnection configuration mode must be selected.

l Telnet connection configuration

à Telnet to the management Ethernet port (10/100/1000Base-T) on a Telnet maincontrol board to configure the switch.

à On a VLAN interface, configure the IP address, set the username and password,and telnet to the IP address of the VLAN interface to configure the switch.

When a user remotely logs into the device and communicates with the device properly,this connection configuration mode can be selected.

l SSH connection configuration

On the ZXR10 8900E, enable the SSH server function, and use the SSH clientsoftware to connect the IP address of the VLAN interface or management Ethernetport to configure the switch in a more secure way. If the user requires secure remotelogin, this connection mode can be selected.

l SNMP connection configuration

The back-end network management server acts as the SNMP server, and thefront-end ZXR10 8900E acts as the SNMP client. The front end and back end sharethe same MIB, and use the network management software to manage and configurethe ZXR10 8900E. This connection configuration mode helps users to effectivelymanage and configure network devices by using network management software.

Monitoring and MaintenanceThe ZXR10 8900E provides various methods for monitoring, manage, and maintaindevices, so that the devices can be handled properly in case of exceptions and users canlearn all the parameters about the device operation.

Device Monitoring

l Power supply, fan, and main control modules, and all interface boards have indicatorsthat indicate the operational status of a component.

l Hot-swapping and switchover events of main control boards are recorded for users toreview.

l Sound and message alarm are raised when a fan, power supply module, ortemperature is abnormal.

l Version consistency is checked automatically during system operation.l Board temperature is automatically monitored during system operation, and

temperature control and message alarm functions are provided.l Software running status is monitored by the system, and line cards are restarted or

active/standby main control board switchover is performed when an exception occursand affects the device.

Management and Maintenance

l Command lines provide flexible online help.

6-3



l Hierarchical user authority management and hierarchical commands are provided.l An information centers is supported to provide uniform management for logs, alarms,

and debugging information.l Switch cluster management is supported, providing a uniform channel for managing

and maintaining different devices.l The basic information about main control boards, interface boards, and optical

modules can be queried through the CLI.l A variety of information can be queried, including the version, component status,

ambient temperature, CPU, and memory usage.l All information can be collected with one key, and command results can be displayed

on the device or outputted to a file. Hardware environment, software information,version information, data configuration, real-time operational status, and protocolinformation can be displayed and be automatically or manually outputted.

Diagnosis and Debugging

l Ping and TraceRoute: Checks whether a network connection is reachable, andrecords the transmission path of data packets online as a reference for locating faults.

l Debugging: Every software feature provides rich debugging commands, eachof which supports multiple parameters that can be flexibly controlled. By usingdebugging commands, users can output the processing, packet sending/receiving,and error checking information about this feature.

l Mirroring: Supports interface-based mirroring, which means that the packets on theobserved interface in the incoming, outgoing, or both directions are duplicated to theobserving interface without any change. RSPAN and ERSPAN are supported forremote port mirroring.

l OAM: Various OAM packets are used to detect the network condition and monitordevice, link, and network faults, helping users to quickly locate the faults.

l SQA: Various detection packets are sent to detect the online and operational statusesof most applications and services.

Software UpgradeThe ZXR10 8900E provides software upgrade in normal and abnormal situations.

l Version upgrade when the system is abnormal: If a device cannot be started properly,to upgrade the software version, a user can modify the BOOT mode and downloadthe latest version through the management Ethernet port.

l Version upgrade when the system is normal: If a device is normal, the software versioncan be locally upgraded or remotely upgraded through the FTP.

File System ManagementOverview

In the ZXR10 8900E, software version files and configuration files are stored in a flashmemory. During software upgrade, configuration storage need flash operations. The flashmemory contains three default directories IMG, CFG, and DATA.

6-4


Chapter 6 Operation and Maintenance

l IMG: Stores software version files, whose extension names are .zar. Version upgradeis to modify the software version files in this directory.

l CFG: Stores the configuration file named startrun.dat.l DATA: Stores device exception information files, in the format of “time.zte”.

File System Operations

l File backup and recovery: The software version files, configuration files, and log fileson the ZXR10 8900E can be backed up to a back-end server through the FTP/TFTP,or the backup files can be recovered from the server.

l File import and export: Files can be copied to a back-end host through the FTP/TFTP.By exporting/importing the files, users can obtain alarm files and modify configurationfiles.

6-5




6-6


Chapter 7Protocol and StandardComplianceThe ZXR10 8900E complies with the following protocols and standards (They are changedfrequently, so the following are only for your reference.)

Ethernet StandardsFor the Ethernet standards that the ZXR10 8900E complies with, refer to Table 7-1.

Table 7-1 Ethernet Standards

Standard No. Standard Name

RFC 0826 An Ethernet Address Resolution Protocol or

Converting Network Protocol Addresses to 48.bit

Ethernet Address for Transmission on Ethernet

Hardware

RFC 1042 A Standard for the Transmission of IP Datagrams

over IEEE 802 Networks

RFC 3069 VLAN Aggregation for Efficient IP Address

Allocation

RFC 5171 Cisco Systems UniDirectional Link Detection

(UDLD) Protocol

IEEE 802.1ab Station and Media Access Control Connectivity

Discovery

IEEE 802.1d Media Access Control (MAC) Bridges.

Specifies an architecture and protocol for the

interconnection of IEEE 802 LANs below the

MAC service boundary

IEEE 802.1q IEEE Standard for Local and Metropolitan Area

Networks: Virtual Bridged Local Area Networks

IEEE 802.1s The amendment to IEEE Std 802.1D: Multiple

Spanning Trees

IEEE 802.1t 802.1D Maintenance

IEEE 802.1w The amendment to IEEE Std 802.1D: Rapid

Reconfiguration

7-1




IEEE 802.1ap Management Information Base (MIB) definitions

for VLAN Bridges

IEEE 802.2 IEEE Standards for Local Area Networks: Logical

Link Control (LLC)

IEEE 802.3 IEEE Standards for Local Area Networks: Carrier

Sense Multiple Access with Collision Detection

(CSMA/CD) Access, Method and Physical Layer

Specifications

IEEE 802.3ad Link Aggregation Control Protocol

IEEE 802.3ae 10 Gbit/s Ethernet Standard

IEEE 802.3af PoE(Power-over-Ethernet)

IEEE 802.3ag Connectivity Fault Management

IEEE 802.3ah Ethernet First Mile

IEEE 802.3z Gigabit fiber

IP StandardsFor the IP standards that the ZXR10 8900E complies with, refer to Table 7-2.

Table 7-2 IP Standards


RFC 791 Internet Protocol

RFC 1122 Requirements for Internet Hosts - Communication

Layers

RFC 1812 Requirements for IP Version 4 Routers

RFC 1981 Path MTU Discovery for IP version 6

RFC 2292 Advanced Sockets API for IPv6

RFC 2373 IP Version 6 Addressing Architecture

RFC 2374 An IPv6 Aggregatable Global Unicast Address

Format

RFC 2375 IPv6 Multicast Address Assignments

RFC 2460 Internet Protocol, Version 6 (IPv6) Specification

RFC 2461 Neighbor Discovery for IP Version 6 (IPv6)

RFC 2462 IPv6 Stateless Address Autoconfiguration

RFC 2464 Transmission of IPv6 Packets over Ethernet

Networks

RFC 2472 IP Version 6 over PPP

7-2


Chapter 7 Protocol and Standard Compliance


RFC 3306 Unicast-Prefix-based IPv6 Multicast Addresses

RFC 4193 Unique Local IPv6 Unicast Addresses

UDP StandardsFor the UDP standards that the ZXR10 8900E complies with, refer to Table 7-3.

Table 7-3 UDP Standards


RFC 0768 User Datagram Protocol

TCP StandardsFor the TCP standards that the ZXR10 8900E complies with, refer to Table 7-4.

Table 7-4 TCP Standards


RFC 0793 TRANSMISSION CONTROL PROTOCOL

RFC 2001 TCP Slow Start, Congestion Avoidance,Fast

Retransmit, and Fast Recovery Algorithms

RFC 2385 Protection of BGP Sessions via the TCP MD5

Signature Option

RFC 2581 TCP Congestion Control

RFC 2988 Computing TCP's Retransmission Timer

RFC 4987 TCP SYN Flooding Attacks and Common

Mitigations

ICMP StandardsFor the ICMP standards that the ZXR10 8900E complies with, refer to Table 7-5.

Table 7-5 ICMP Standards


RFC 0792 Internet Control Message Protocol

RFC 2463 Internet Control Message Protocol (ICMPv6)

for the Internet Protocol Version 6 (IPv6)

Specification

RFC 4950 ICMP Extensions for Multiprotocol Label

Switching

SOCKET StandardsFor the SOCKET standards that the ZXR10 8900E complies with, refer to Table 7-6.

7-3



Table 7-6 SOCKET Standards


RFC 2553 Basic Socket Interface Extensions for IPv6

Tunneling StandardsFor the tunneling standards that the ZXR10 8900E complies with, refer to Table 7-7.

Table 7-7 Tunneling Standards


RFC 2473 Generic Packet Tunneling in IPv6 Specification

RFC 2784 Generic Routing Encapsulation (GRE)

RFC 2890 Key and Sequence Number Extensions to GRE

RFC 2893 Transition Mechanisms for IPv6 Hosts and

Routers

RFC 3056 Connection of IPv6 Domains via IPv4 Clouds

RFC 4214 Intra-Site Automatic Tunnel Addressing Protocol

SSH StandardsFor the SSH standards that the ZXR10 8900E complies with, refer to Table 7-8.

Table 7-8 SSH Standards


RFC 4250 The Secure Shell (SSH) Protocol Assigned

Numbers

RFC 4251 The Secure Shell (SSH) Protocol Architecture

RFC 4252 The Secure Shell (SSH) Authentication Protocol

RFC 4253 The Secure Shell (SSH) Transport Layer Protocol

RFC 4254 The Secure Shell (SSH) Connection Protocol

RFC 4255 Using DNS to Securely Publish Secure Shell

(SSH) Key Fingerprints

RFC 4256 Generic Message Exchange Authentication for

the Secure Shell Protocol (SSH)

RFC 4335 The Secure Shell (SSH) Session Channel Break

Extension

RFC 4344 The Secure Shell (SSH) Transport Layer

Encryption Modes

RFC 4345 Improved Arcfour Modes for the Secure Shell

(SSH) Transport Layer Protocol

7-4




RFC 4419 Diffie-Hellman Group Exchange for the Secure

Shell (SSH) Transport Layer Protocol

RFC 4432 RSA Key Exchange for the Secure Shell (SSH)

Transport Layer Protocol

RFC 4462 Generic Security Service Application Program

Interface (GSS-API) Authentication and Key

Exchange for the Secure Shell (SSH) Protocol

RFC 4716 The Secure Shell (SSH) Public Key File Format

RFC 4742 Using the NETCONF Configuration Protocol over

Secure SHell (SSH)

RFC 4819 Secure Shell Public Key Subsystem

draft-ylonen-ssh-protocol-00 The SSH (Secure Shell) Remote Login Protocol

draft-ietf-secsh-architecture-14 SSH Protocol Architecture

draft-ietf-secsh-assignednumbers-05-from-04.diff SSH Protocol Assigned Numbers

SFTP StandardsFor the SFTP standards that the ZXR10 8900E complies with, refer to Table 7-9.

Table 7-9 SFTP Standards


draft-ietf-secsh-filexfer-13 SSH File Transfer Protocol

RIP StandardsFor the RIP standards that the ZXR10 8900E complies with, refer to Table 7-10.

Table 7-10 RIP Standards


RFC 1058 Routing Information Protocol (RIP)

RFC 1722 RIP Version 2 Protocol Applicability Statement

RFC 1724 DRAFT STANDARD

RFC 1923 RIPv1 Applicability Statement for Historic Status

RFC 2080 RIPng support

RFC 2081 RIPng Protocol Applicability Statement

RFC 2453 RIP Version 2

OSPF StandardsFor the OSPF standards that the ZXR10 8900E complies with, refer to Table 7-11.

7-5



Table 7-11 OSPF Standards


RFC 1131 OSPF specification

RFC 1242 OSPF specification Benchmarking terminology

for network interconnection devices

RFC 1245 OSPF Protocol Analysis

RFC 1246 Experience with the OSPF Protocol

RFC 1247 OSPF Version 2

RFC 1248 OSPF Version 2 Management Information Base



RFC 1364 BGP OSPF Interaction

RFC 1370 Applicability Statement for OSPF



RFC 1584 Multicast Extensions to OSPF

RFC 1585 MOSPF: Analysis and Experience

RFC 1586 Guidelines for Running OSPF Over Frame Relay

Networks

RFC 1587 The OSPF NSSA Option

RFC 1765 OSPF Database Overflow

RFC 1793 Extending OSPF to Support Demand Circuits


RFC 2154 OSPF with Digital Signatures



RFC 2329 OSPF Standardization Report

RFC 2370 The OSPF Opaque LSA Option

RFC 2676 QoS Routing Mechanisms and OSPF Extensions

RFC 2740 OSPF for IPv6 (OSPFv3)

RFC 2844 OSPF over ATM and Proxy-PAR

RFC 3101 The OSPF NSSA Option

RFC 3137 OSPF Stub Router Advertisement

7-6




RFC 3509 Alternative Implementations of OSPF Area

Border Routers

RFC 3623 OSPF Graceful Restart

RFC 3630 Traffic Engineering Extensions to OSPF

RFC 3883 Detecting Inactive Neighbors over OSPF Demand

Circuits (DC)

RFC 4061 Benchmarking Basic OSPF Single Router Control

Plane Convergence

RFC 4062 OSPF Benchmarking Terminology and Concepts

RFC 4063 Considerations When Using Basic OSPF

Convergence Benchmarks

RFC 4136 OSPF Refresh and Flooding Reduction in Stable

Topologies

RFC 4167 Graceful OSPF Restart Implementation Report

RFC 4222 Prioritized Treatment of Specific OSPF Version 2

Packets and Congestion Avoidance

RFC 4552 Authentication/Confidentiality for OSPFv3

RFC 4577 OSPF as the Provider/Customer Edge Protocol

for BGP/MPLS IP Virtual Private Networks

(VPNs)


RFC 4811 OSPF Out-of-Band Link State Database (LSDB)

Resynchronization

RFC 4812 OSPF Restart Signaling

RFC 4813 OSPF Link-Local Signaling

RFC 4915 Multi-Topology (MT) Routing in OSPF

RFC 4940 IANA Considerations for OSPF

RFC 4970 Extensions to OSPF for Advertising Optional

Router

RFC 5340 OSPF for IPv6 (OSPFv3)

RFC 5643 Management Information Base for OSPFv3

BGP StandardsFor the BGP standards that the ZXR10 8900E complies with, refer to Table 7-12.

7-7



Table 7-12 BGP Standards


RFC 1265 BGP Protocol Analysis

RFC 1266 Experience with the BGP Protocol

RFC 1321 The MD5 Message-Digest Algorithm


RFC 1772 Application of the Border Gateway Protocol in the

Internet

RFC 1773 Experience with the BGP-4 protocol

RFC 1774 BGP-4 Protocol Analysis

RFC 1930 Guidelines for creation, selection, and registration

of an Autonomous System (AS)

RFC 1997 BGP Community Attribute

RFC 1998 An Application of the BGP Community Attribute

in Multi-home Routing

RFC 2270 Using a Dedicated AS for Sites Homed to a

Single Provider

RFC 2385 Protection of BGP Sessions via the TCP MD5

Signature Option

RFC 2439 BGP Route Flap Damping

RFC 2519 A Framework for Inter-Domain Route Aggregation

RFC 2545 BGP support IPV6

RFC 2918 Route Refresh Capability for BGP-4

RFC 3107 Carrying Label Information in BGP-4

RFC 3562 Key Management Considerations for the TCP

MD5 Signature Option

RFC 4271 A Border Gateway Protocol 4 (BGP-4)

RFC 4272 BGP Security Vulnerabilities Analysis

RFC 4273 Definitions of Managed Objects for BGP-4

RFC 4274 BGP-4 Protocol Analysis

RFC 4275 BGP-4 MIB Implementation Survey

RFC 4276 BGP 4 Implementation Report

RFC 4277 Experience with the BGP-4 Protocol

RFC 4360 BGP Extended Communities Attribute

RFC 4364 BGP/MPLS IP Virtual Private Networks

7-8




RFC 4365 Applicability Statement for BGP/MPLS IP Virtual

Private Networks (VPNs)

RFC 4382 MPLS/BGP Layer 3 Virtual Private Network

(VPN) Management information Base

RFC 4451 BGP MULTI_EXIT_DISC (MED) Considerations

RFC 4456 BGP Route Reflection: An Alternative to Full

Mesh Internal BGP (IBGP)

RFC 4486 Subcodes for BGP Cease Notification Message

RFC 4724 Graceful Restart Mechanism for BGP

RFC 4760 Multiprotocol Extensions for BGP-4

RFC 4781 Graceful Restart Mechanism for BGP with MPLS

RFC 4798 Connecting IPv6 Islands over IPv4 MPLS using

IPv6 Provider Edge Routers (6PE)

RFC 5065 Autonomous System Confederations for BGP

RFC 5492 Capabilities Advertisement with BGP-4

IS-IS StandardsFor the IS-IS standards that the ZXR10 8900E complies with, refer to Table 7-13.

Table 7-13 IS-IS Standards


RFC 1142 OSI IS-IS Intra-domain Routing Protocol

ISO 10589 IS-IS intra-domain routing protocol

RFC 1195 Use of OSI Is-Is for Routing in TCP/IP and Dual

nvironments

RFC 2104 HMAC: Keyed-Hashing for Message

Authentication

RFC 2973 Support IS-IS Mesh Groups

RFC 3258 Distributing Authoritative Name Servers via

Shared Unicast Addresses

RFC 3277 IS-IS Transient Blackhole Avoidance

RFC 3359 Reserved Type, Length and Value (TLV)

Codepoints in Intermediate System to

Intermediate System

RFC 3719 Recommendations for Interoperable Networks

using IS-IS

7-9




RFC 3787 Recommendations for Interoperable IP Networks

using IS-IS

RFC 4444 Management Information Base for Intermediate

System to Intermediate System (IS-IS)

RFC 4972 Routing Extensions for Discovery of Multiprotocol

(MPLS) Label Switch Router (LSR) Traffic

Engineering (TE) Mesh Membership

RFC 5029 Definition of an IS-IS Link Attribute Sub-TLV

RFC 5120 M-ISIS: Multi Topology (MT) Routing in

Intermediate System to Intermediate Systems

(IS-ISs)

RFC 5130 A Policy Control Mechanism in IS-IS Using

Administrative Tags

RFC 5308 Routing IPv6 with IS-IS

RFC 5309 Point-to-Point Operation over LAN in Link State

Routing Protocols

RFC 5310 IS-IS Generic Cryptographic Authentication

Multicast StandardsFor the multicast standards that the ZXR10 8900E complies with, refer to Table 7-14.

Table 7-14 Multicast Standards


RFC 1112 Host Extensions for IP Multicasting

RFC 2236 Internet Group Management Protocol, Version 2

RFC 2710 Multicast Listener Discovery (MLD) for IPv6

RFC 3376 Internet Group Management Protocol, Version 3

RFC 3446 Anycast Rendevous Point (RP) mechanism

using Protocol Independent Multicast (PIM) and

Multicast Source Discovery Protocol (MSDP)

RFC 3569 An Overview of Source-Specific Multicast (SSM)

RFC 3618 Multicast Source Discovery Protocol (MSDP)

RFC 3810 Multicast Listener Discovery Version 2 (MLDv2)

for IPv6

RFC 3956 Embedding the Rendezvous Point (RP) Address

in an IPv6 Multicast Address

7-10




RFC 3973 Protocol Independent Multicast - Dense

Mode(PIM-DM):Protocol Specification (Revised)

RFC 4541 Considerations for Internet Group Management

Protocol (IGMP) and Multicast Listener Discovery

(MLD) Snooping Switches

RFC 4601 Protocol Independent Multicast - Sparse Mode

(PIM-SM): Protocol Specification (Revised)

RFC 4604 Using Internet Group Management Protocol

Version 3 (IGMPv3) and Multicast Listener

Discovery Protocol Version 2 (MLDv2) for

Source-Specific Multicast

RFC 5059 Bootstrap Router (BSR) Mechanism for Protocol

Independent Multicast (PIM)

draft-rosen-vpn-mcast-8 Multicast in MPLS-BGP IP VPNs

MPLS StandardsFor the MPLS standards that the ZXR10 8900E complies with, refer to Table 7-15.

Table 7-15 MPLS Standards


RFC 2205 Resource ReSerVation Protocol (RSVP) - Version

1 Functional Specification

RFC 2209 Resource ReSerVation Protocol (RSVP) - Version

1 Message Processing Rules

RFC 2210 The Use of RSVP with IETF Integrated Services

RFC 2702 Requirements for Traffic Engineering Over MPLS

RFC 2747 RSVP Cryptographic Authentication

RFC 2961 RSVP Refresh Overhead Reduction Extensions

RFC 3031 Multiprotocol Label Switching Architecture

RFC 3032 MPLS Label Stack Encoding

RFC 3037 LDP Applicability

RFC 3107 Support BGP carry Label for MPLS

RFC 3209 RSVP-TE Extensions to RSVP for LSP Tunnels

RFC 3210 Applicability Statement for Extensions to RSVP

for LSP-Tunnels

RFC 3215 LDP State Machine

7-11




RFC 3270 Multi-Protocol Label Switching (MPLS) Support

of Differentiated Services

RFC 3272 Overview and Principles of Internet Traffic

Engineering

RFC 3443 Time To Live (TTL) Processing in Multi-Protocol

Label Switching (MPLS) Networks

RFC 3469 Framework for Multi-Protocol Label Switching

(MPLS)-based Recovery

RFC 3478 Graceful Restart Mechanism for LDP

RFC 3479 Fault Tolerance for the Label Distribution Protocol

(LDP)

RFC 3612 Applicability Statement for Restart Mechanisms

for the Label Distribution Protocol (LDP)

RFC 4023 Encapsulating MPLS in IP or Generic Routing

Encapsulation (GRE) 2005-12-07

RFC 4090 Fast Reroute Extensions to RSVP-TE for LSP

Tunnels

RFC 4124 Protocol Extensions for Support of DS-TE

RFC 4125 Maximum Allocation Bandwidth Constraints

Model for Diffserv-aware MPLS Traffic

Engineering

RFC 4126 Max Allocation with Reservation Bandwidth

Constraints Model for Diffserv-aware MPLS

Traffic Engineering & Performance Comparisons

RFC 4127 Generalized MPLS Signaling - RSVP-TE

Extensions

RFC 4182 Removing a Restriction on the use of MPLS

Explicit NULL

RFC 4197 Requirements for Edge-to-Edge Emulation of

Time Division Multiplexed (TDM) Circuits over

Packet Switching Networks

RFC 4221 Multiprotocol Label Switching (MPLS)

Management Overview

RFC 4379 Detecting Multi-Protocol Label Switched (MPLS)

Data Plane Failures

RFC 4447 Pseudowire Setup and Maintenance Using the

Label Distribution Protocol (LDP)

7-12




RFC 4448 Encapsulation Methods for Transport of Ethernet

over MPLS Networks

RFC 4558 Node-ID Based Resource Reservation Protocol

(RSVP) Hello

RFC 4874 Exclude Routes - Extension to RSVP-TE

RFC 4905 Encapsulation Methods for Transport of Layer 2

Frames Over MPLS Networks

RFC 4906 Transport of Layer 2 Frames Over MPLS

draft-ietf-mpls-lsp-ping-version-09 Detecting Multi-Protocol Label Switched (MPLS)

Data Plane Failures

draft-ietf-ccamp-inter-domain-framework-04 Mechanisms for Inter-AS or Inter-Domain Traffic

Engineering

draft-minei-diffserv-te-multi-class-02 Extensions for Differentiated Services-aware

Traffic Engineered LSPs

LDP StandardsFor the LDP standards that the ZXR10 8900E complies with, refer to Table 7-16.

Table 7-16 LDP Standards


RFC 3037 LDP Applicability

RFC 3215 LDP State Machine

RFC 3478 Graceful Restart Mechanism for LDP–GR helper

RFC 3479 Fault Tolerance for the Label Distribution Protocol

(LDP)

RFC 3612 Applicability Statement for Restart Mechanisms

for the Label Distribution Protocol (LDP)

RFC 4447 Pseudowire Setup and Maintenance Using the

Label Distribution Protocol (LDP)

RFC 4762 Virtual Private LAN Service (VPLS) Using Label

Distribution Protocol (LDP) Signaling

RFC 5036 LDP Specification

RFC 5037 Experience with the Label Distribution Protocol

(LDP)

RSVP-TE StandardsFor the RSVP-TE standards that the ZXR10 8900E complies with, refer to Table 7-17.

7-13



Table 7-17 RSVP-TE Standards


RFC 2430 A Provider Architecture for Differentiated Services

and Traffic Engineering (PASTE)

RFC 2702 Requirements for Traffic Engineering over MPLS



RFC 3209 Extensions to RSVP for Tunnels

RFC 4090 Fast reroute Extensions to RSVP-TE for LSP

Tunnels

VPLS StandardsFor the VPLS standards that the ZXR10 8900E complies with, refer to Table 7-18.

Table 7-18 VPLS Standards


RFC 4761 Virtual Private LAN Service (VPLS) Using BGP

for Auto-Discovery and Signaling

RFC 4762 Virtual Private LAN Service (VPLS) Using Label

Distribution Protocol (LDP) Signaling

RFC 4664 Framework for Layer 2 Virtual Private Networks

(L2VPNs)

RFC 4665 Service Requirements for Layer 2

Provider-Provisioned Virtual Private Networks

NTP StandardsFor the NTP standards that the ZXR10 8900E complies with, refer to Table 7-19.

Table 7-19 NTP Standards


RFC 1305 Network Time Protocol (Version 3) Specification,

Implementation and Analysis

RFC 4330 Simple Network Time Protocol (SNTP) Version 4

for IPv4, IPv6 and OSI

IPV6 StandardsFor the IPV6 standards that the ZXR10 8900E complies with, refer to Table 7-20.

7-14



Table 7-20 IPV6 Standards


RFC 1886 DNS Extensions to Support IP version 6

RFC 1887 An Architecture for IPv6 Unicast Address

Allocation




RFC 2374 An IPv6 Aggregatable Global Unicast Address

Format

RFC 2375 IPv6 Multicast Address Assignments

RFC 2452 MIB for TCP6

RFC 2454 MIB for UDP6

RFC 2460 Internet Protocol, Version 6 (IPv6) Specification


RFC 2462 IPv6 Stateless Address Auto configuration

RFC 2463 Internet Control Message Protocol (ICMPv6)

for the Internet Protocol Version 6 (IPv6)

Specification

RFC 2464 Transmission of IPv6 Packets over Ethernet

Networks

RFC 2470 Transmission of IPv6 Packets over Token Ring

Networks


RFC 2473 Generic Packet Tunneling in IPv6 Specification

RFC 2529 Transmission of IPv6 over IPv4 Domains without

Explicit Tunnels

RFC 2893 Transition Mechanisms for IPv6 Hosts and

Routers

RFC 3056 Connection of IPv6 Domains via IPv4 Clouds

RFC 3363 Representing Internet Protocol version 6 (IPv6)

Addresses in the Domain Name System (DNS)

RFC 3493 Basic Socket Interface Extensions for IPv6


RFC 3542 Advanced Sockets API for IPv6

RFC 3587 An Aggregatable Global Unicast Address Format

7-15




RFC 3775 Mobility Support in IPv6

IPSec StandardsFor the IPSec standards that the ZXR10 8900E complies with, refer to Table 7-21.

Table 7-21 IPSec Standards


RFC 2104 HMAC: Keyed-Hashing for Message

Authentication

RFC 2401 Security Architecture for the Internet Protocol

RFC 2402 IP Authentication Header

RFC 2403 The Use of HMAC-MD5-96 within ESP and AH

RFC 2404 The Use of HMAC-SHA-1-96 within ESP and AH

RFC 2405 The ESP DES-CBC Cipher Algorithm With

Explicit IV

RFC 2406 IP Encapsulating Security Payload (ESP)

RFC 2407 The Internet IP Security Domain of Interpretation

for ISAKMP

RFC 2408 Internet Security Association and Key

Management Protocol(ISAKMP)

RFC 2409 The Internet Key Exchange (IKE)

RFC 2410 The NULL Encryption Algorithm and Its Use With

IPsec

RFC 2412 The OAKLEY Key Determination Protocol

RFC 2451 The ESP CBC-Mode Cipher Algorithms

RADIUS StandardsFor the RADIUS standards that the ZXR10 8900E complies with, refer to Table 7-22.

Table 7-22 RADIUS Standards


RFC 2865 Remote Authentication Dial In User Service

(RADIUS)

RFC 2866 RADIUS Accounting

RFC 2867 RADIUS Accounting Modifications for Tunnel

Protocol Support

RFC 2868 RADIUS Attributes for Tunnel Protocol Support

7-16




RFC 2869 RADIUS Extensions

RFC 3162 RADIUS and IPv6

RFC 3576 Dynamic Authorization Extensions to Remote

Authentication Dial In User Service (RADIUS)

RFC 3580 IEEE 802.1X Remote Authentication Dial In User

Service (RADIUS)

RFC 4590 RADIUS Extension for Digest Authentication

RFC 4675 RADIUS Attributes for Virtual LAN and Priority

Support

RFC 4679 DSL Forum Vendor-Specific RADIUS Attributes

TACACS+ StandardsFor the TACACS+ standards that the ZXR10 8900E complies with, refer to Table 7-23.

Table 7-23 TACACS+ Standards


draft-grant-tacacs-02 The TACACS+ Protocol Version 1.78

Differentiated Services StandardsFor the differentiated services standards that the ZXR10 8900E complies with, refer toTable 7-24.

Table 7-24 Differentiated Services Standards


RFC 2474 Definition of the DS Field the IPv4 and IPv6

Headers(Rev)

RFC 2597 Assured Forwarding PHB Group (rev3260)

RFC 2598 An Expedited Forwarding PHB

RFC 3140 Per-Hop Behavior Identification Codes

VRRP StandardsFor the VRRP standards that the ZXR10 8900E complies with, refer to Table 7-25.

Table 7-25 VRRP Standards


RFC 2787 Definitions of Managed Objects for the Virtual

Router Redundancy Protocol

7-17




RFC 3590 Source Address Selection for the Multicast

Listener Discovery (MLD) Protocol

RFC 3768 Virtual Router Redundancy Protocol

RFC 3810 Multicast Listener Discovery Version 2 (MLDv2)

for IPv6

RFC 4007 IPv6 Scoped Address Architecture

RFC 4193 Unique Local IPv6 Unicast Addresses

RFC 4291 IPv6 Addressing Architecture

RFC 4659 BGP-MPLS IP Virtual Private Network(VPN)

Extension for IPv6 VPN


DHCP StandardsFor the DHCP standards that the ZXR10 8900E complies with, refer to Table 7-26.

Table 7-26 DHCP Standards


RFC 1533 DHCP Options and BOOTP Vendor

ExtensionsClass-identifier

RFC 1534 Interoperation Between DHCP and BOOTP

RFC 2131 Dynamic Host Configuration Protocol

RFC 2132 DHCP Options and BOOTP Vendor Extensions

RFC 3046 DHCP Relay Agent Information Option

RFC 3396 Encoding Long Options in the Dynamic Host

Configuration Protocol (DHCPv4)

BFD StandardsFor the BFD standards that the ZXR10 8900E complies with, refer to Table 7-27.

Table 7-27 BFD Standards


draft-ietf-bfd-base-09 Bidirectional Forwarding Detection

draft-ietf-bfd-generic-05 Generic Application of BFD

draft-ietf-bfd-mib-07 BFD Management Information Base

draft-ietf-bfd-mpls-07 BFD For MPLS LSPs

draft-ietf-bfd-multihop-07 BFD for Multihop Paths

7-18




draft-ietf-bfd-v4v6-1hop-09 BFD for IPv4 and IPv6 (Single Hop)

draft-ietf-pwe3-vccv-bfd-05 Bidirectional Forwarding Detection (BFD) for

the Pseudowire Virtual Circuit Connectivity

Verification (VCCV)

draft-palanivelan-bfd-v2-gr-01 BFD with Graceful Restart

Network Management StandardsFor the network management standards that the ZXR10 8900E complies with, refer toTable 7-28.

Table 7-28 Network Management Standards


ITU-T M.3000 Overview of TMN recommendations

ITU-T M.3010 Principles for a Telecommunications management

network

ITU-T M.3016 TMN security overview

ITU-T M.3020 TMN Interface Specification Methodology

ITU-T M.3100 Generic Network Information Model

ITU-T M.3001 Managed Object Conformance Statements for

the Generic Network Information Model

ITU-T M.3200 TMN management services and telecommunica-

tions managed areas: overview

ITU-T M.3300 TMN F interface requirements

ITU-T M.3400 TMN Management Function

TU-T Temporary Document 69 (IP Experts) Revised draft document on IP access network

architecture

ITU-T X.701-X.709 Systems Management framework and

architecture

ITU-T X.710-X.719 Management Communication Service and

Protocol

ITU-T X.720-X.729 Structure of Management Information

ITU-T X.730-X.799 Management functions

RFC 1157 Simple Network Management Protocol

RFC 1213 Management Information Base for Network

Management of TCP/IP based internets: MIB-II

RFC 1215 A Convention for Defin-ing Traps for use with the

SNMP

7-19




RFC 1493 Definitions of Managed Objects for Bridges

RFC 1558 A String Representation of LDAP Search Filters

RFC 1657 BGP4-MIB

RFC 1724 RIPv2-MIB

RFC 1757 Remote Network Monitoring Management

Information Base

RFC 1777 Lightweight Directory Access Protocol

RFC 1778 The String Representation of Standard Attribute

Syntaxes

RFC 1850 OSPF-MIB

RFC 1901 Introduction to Community-based SNMPv2

RFC 1902 Structure of Management Information for Version

2 of the Simple Network Management Protocol

(SNMPv2)

RFC 1903 Textual Conventions for Version 2 of the Simple

Network Management Protocol (SNMPv2)

RFC 1905 Protocol Operations for Version 2 of the Simple

Network Management Protocol (SNMPv2)

RFC 1907 Management Information Base for Version 2

of the Simple Network Management Protocol

(SNMPv2)

RFC 1959 An LDAP URL Format

RFC 2011 SNMPv2 MIB for IP

RFC 2012 SNMPv2 MIB for TCP

RFC 2013 SNMPv2 MIB for UDP

RFC 2037 Entity MIB using SMIv2

RFC 2096 IP-FORWARD-MIB

RFC 2138 RADIUS

RFC 2206 RSVP-MIB

RFC 2233 The Interface Group MIB using SMIv2

RFC 2251 Lightweight Directory Access Protocol (v3)

RFC 2271 An Architecture for Describing SNMP

Management Frameworks

RFC 2273 SNMPv3 Applications

7-20




RFC 2452 IPv6 Management Information Base for

theTransmission Control Protocol

RFC 2454 IPv6 Management Information Base for the User

Datagram Protocol

RFC 2465 Management Information Base for IP Version 6:

Textual

RFC 2571 An Architecture for Describing SNMP

Management Frameworks

RFC 2572 Message Processing and Dispatching for the

imple Network Management Protocol (SNMP)

RFC 2574 User-based Security Model (USM) for version

3 of the Simple Network Management Protocol

(SNMPv3)

RFC 2863 The Interfaces Group MIB

RFC 2987 VRRP-MIB

RFC 3014 NOTIFICATION-LOGMIB

RFC 3019 IP Version 6 Management Information Base for

The Multicast Listener Discovery Protocol

RFC 3164 The BSD syslog Protocol

RFC 3291 Textual Conventions for Internet Network

Addresses

RFC 4293 Management Information Base for the Internet

Protocol (IP)

GB901 A Service management Business Process Model

GB908 Network Management Detailed Operations Map

GB909 Generic Requirements for Telecommunications

Management Building Blocks

GB910 Telecom Operations Map

GB914 System Integration Map

GB917 SLA Management Handbook V1.5

NMF037 Sub-System Alarm Surveillance Ensemble V1.0

NMF038 Bandwidth Management Ensemble V1.0

TMF053 NGOSS Architecture Technology Neutral

Specification V1.5

TMF053A NGOSS Architecture Technology Neutral

Specification V1.5

7-21




TMF053B NGOSS Architecture Technology Neutral

Specification V1.5

TMF508 Connection and Service Management Information

Model Business Agreement

TMF605 Connection and Service Management Information

Model

TMF801 Plug and Play Service Fulfillment Phase 2

Validation Specification V1.0

TMF816 B2B Managed Service for DSL Interface

Implementation Specification V1.5

TMF821 IP VPN Management Interface Implementation

Specification V1.5

YD/T 852-1996 Telecommunication Management Network (TMN)

General Design Principles

YD/T 871-1996 Telecommunication Management Network (TMN)

General Information Model

YD/T XXXX-2001 Broadband MAN Overall Technology

Requirements

YD/T XXXX-2001 IP Network Technology Requirements: Network

Performance Specifications and Availability

YD/T XXXX-2001 IP Network Technology Requirements: Network

Overview

YDN 075-1998 China Public Multimedia Communications

Network Management Specification

YDN 075-1998 China Public Multimedia Communications

Network Management Specification

FTP/TFTP StandardsFor the FTP/TFTP standards that the ZXR10 8900E complies with, refer to Table 7-29.

Table 7-29 FTP/TFTP Standards


RFC 1350 The TFTP PROTOCOL (REVISION 2)

RFC 4217 Securing FTP with TLS

7-22


FiguresFigure 1-1 ZXR10 8900E Series Products ................................................................ 1-2

Figure 3-1 ZXR10 8912E Overview........................................................................... 3-1

Figure 3-2 ZXR10 8912E Structure........................................................................... 3-2







Figure 3-9 8912E/8908E/8905E Main Control Board Diagram .................................. 3-6

Figure 3-10 8902E Main Control Board Diagram....................................................... 3-6

Figure 3-11 Framework of the New-generation ZXROS Software PlatformSystem ................................................................................................. 3-10

Figure 5-1 Application in an Metro Ethernet Network ................................................ 5-2

Figure 5-2 Application in a Data Center .................................................................... 5-3

Figure 5-3 Application in Ethernet Layer 2 Convergence........................................... 5-4

Figure 5-4 Application in an Enterprise Network........................................................ 5-5

Figure 5-5 Application in FTTx .................................................................................. 5-6

Figure 5-6 Application in a Core Network Bearer ...................................................... 5-7

Figure 5-7 Application in IP RAN............................................................................... 5-8

I


Figures


II


TablesTable 3-1 8900E Interface Board Types .................................................................... 3-8

Table 4-1 Basic Features and Physical Specifications of the Device ......................... 4-1

Table 4-2 Optical and Electrical Interface Features ................................................... 4-2

Table 4-3 L2 Features ............................................................................................... 4-4

Table 4-4 L3 Features ............................................................................................... 4-5

Table 4-5 Multicast Features ..................................................................................... 4-5

Table 4-6 MPLS Features ......................................................................................... 4-6

Table 4-7 QoS Features............................................................................................ 4-6

Table 4-8 Service Management Features.................................................................. 4-7

Table 4-9 Reliability Features.................................................................................... 4-7

Table 4-10 Security Features .................................................................................... 4-8

Table 4-11 Clock Synchronization Features............................................................... 4-9

Table 4-12 O&M Features......................................................................................... 4-9

Table 7-1 Ethernet Standards ................................................................................... 7-1

Table 7-2 IP Standards ............................................................................................. 7-2

Table 7-3 UDP Standards ......................................................................................... 7-3

Table 7-4 TCP Standards.......................................................................................... 7-3

Table 7-5 ICMP Standards ........................................................................................ 7-3

Table 7-6 SOCKET Standards .................................................................................. 7-4

Table 7-7 Tunneling Standards ................................................................................. 7-4

Table 7-8 SSH Standards ......................................................................................... 7-4

Table 7-9 SFTP Standards........................................................................................ 7-5

Table 7-10 RIP Standards......................................................................................... 7-5

Table 7-11 OSPF Standards ..................................................................................... 7-6

Table 7-12 BGP Standards ....................................................................................... 7-8

Table 7-13 IS-IS Standards ....................................................................................... 7-9

Table 7-14 Multicast Standards ............................................................................... 7-10

Table 7-15 MPLS Standards ................................................................................... 7-11

Table 7-16 LDP Standards ...................................................................................... 7-13

Table 7-17 RSVP-TE Standards.............................................................................. 7-14

Table 7-18 VPLS Standards.................................................................................... 7-14

Table 7-19 NTP Standards...................................................................................... 7-14

III



Table 7-20 IPV6 Standards ..................................................................................... 7-15

Table 7-21 IPSec Standards ................................................................................... 7-16

Table 7-22 RADIUS Standards................................................................................ 7-16

Table 7-23 TACACS+ Standards............................................................................. 7-17

Table 7-24 Differentiated Services Standards.......................................................... 7-17

Table 7-25 VRRP Standards ................................................................................... 7-17

Table 7-26 DHCP Standards................................................................................... 7-18

Table 7-27 BFD Standards...................................................................................... 7-18

Table 7-28 Network Management Standards .......................................................... 7-19

Table 7-29 FTP/TFTP Standards ............................................................................ 7-22

IV


GlossaryAAA- Authentication, Authorization and Accounting

ACL- Access Control List

ARP- Address Resolution Protocol

ASIC- Application Specific Integrated Circuit

BFD- Bidirectional Forwarding Detection

BGP- Border Gateway Protocol

CAC- Channel Access Control

CDR- Call Detail Record

CVLAN- Customer Virtual Local Area Network

DDoS- Distributed Denial of Service

DHCP- Dynamic Host Configuration Protocol

DWRR- Deficit Weighted Round Robin

FMC- Fixed Mobile Convergence

FRR- Fast Reroute

GPS- Global Positioning System

HVPLS- Hierarchical Virtual Private LAN Service

ICMP- Internet Control Message Protocol

V



IGMP- Internet Group Management Protocol

IPTV- Internet Protocol Television

IS-IS- Intermediate System-to-Intermediate System

LACP- Link Aggregation Control Protocol

LSP- Label Switched Path

MAC- Media Access Control

MLD- Multicast Listener Discovery

MPLS- Multiprotocol Label Switching

MSDP- Multicast Source Discovery Protocol

OAM- Operation, Administration and Maintenance

OPEX- Operating Expenditure

OSPF- Open Shortest Path First

PIM- Protocol Independent Multicast

PVLAN- Private Virtual Local Area Network

QoS- Quality of Service

RADIUS- Remote Authentication Dial In User Service

RED- Random Early Detection

RIP- Routing Information Protocol

RIPng- Routing Information Protocol next generation

VI


Glossary

SNMP- Simple Network Management Protocol

SP- Strict Priority

SSH- Secure Shell

SVLAN- Service Virtual Local Area Network

SVLAN- Selective Virtual Local Area Network

TACACS+- Terminal Access Controller Access-Control System Plus

TE- Traffic Engineering

TTL- Time To Live

VLAN- Virtual Local Area Network

VLL- Virtual Leased Line

VPLS- Virtual Private LAN Service

VPN- Virtual Private Network

VPWS- Virtual Private Wire Service

VRF- Virtual Route Forwarding Table

VRF- Virtual Route Forwarding

VRRP- Virtual Router Redundancy Protocol

WRED- Weighted Random Early Detection

WRR- Weighted Round Robin

ZESR- ZTE Ethernet Switch Ring

VII



ZESS- ZTE Ethernet Smart Switch

VIII


Documents

ZXR108900E - Liberty Port - IT and Telecommunications SeriesCoreSwitch Product Description Version:3.01.01 ZTECORPORATION No.55,Hi-techRoadSouth,ShenZhen,P.R.China Postcode:518057