Upload
truongque
View
234
Download
3
Embed Size (px)
Citation preview
ZXR10 8900ESeries Core Switch
Product Description
Version: 3.01.01
ZTE CORPORATIONNo. 55, Hi-tech Road South, ShenZhen, P.R.ChinaPostcode: 518057Tel: +86-755-26771900Fax: +86-755-26770801URL: http://ensupport.zte.com.cnE-mail: [email protected]
LEGAL INFORMATIONCopyright © 2013 ZTE CORPORATION.
The contents of this document are protected by copyright laws and international treaties. Any reproduction or
distribution of this document or any portion of this document, in any form by any means, without the prior written
consent of ZTE CORPORATION is prohibited. Additionally, the contents of this document are protected by
contractual confidentiality obligations.
All company, brand and product names are trade or service marks, or registered trade or service marks, of ZTE
CORPORATION or of their respective owners.
This document is provided “as is”, and all express, implied, or statutory warranties, representations or conditions
are disclaimed, including without limitation any implied warranty of merchantability, fitness for a particular purpose,
title or non-infringement. ZTE CORPORATION and its licensors shall not be liable for damages resulting from the
use of or reliance on the information contained herein.
ZTE CORPORATION or its licensors may have current or pending intellectual property rights or applications
covering the subject matter of this document. Except as expressly provided in any written license between ZTE
CORPORATION and its licensee, the user of this document shall not acquire any license to the subject matter
herein.
ZTE CORPORATION reserves the right to upgrade or make technical change to this product without further notice.
Users may visit ZTE technical support website http://ensupport.zte.com.cn to inquire related information.
The ultimate right to interpret this product resides in ZTE CORPORATION.
Revision History
Revision No. Revision Date Revision Reason
R1.0 2013-06-24 First edition
Serial Number: SJ-20121213142710-002
Publishing Date: 2013-6-24 (R1.0)
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ContentsAbout This Manual ......................................................................................... I
Chapter 1 Product Positioning and Characteristics ............................... 1-11.1 Product Positioning ............................................................................................ 1-1
1.2 Product Characteristics....................................................................................... 1-2
Chapter 2 Functions and Features ........................................................... 2-12.1 L2 Functions ...................................................................................................... 2-1
2.1.1 Basic Ethernet Functions .......................................................................... 2-1
2.1.2 VLAN Functions ....................................................................................... 2-2
2.1.3 Link Aggregation ...................................................................................... 2-4
2.1.4 L2 Multicast ............................................................................................. 2-5
2.2 L3 Functions ...................................................................................................... 2-5
2.3 MPLS and VPN Functions .................................................................................. 2-8
2.4 QoS ................................................................................................................ 2-10
2.5 Clock Synchronization ...................................................................................... 2-12
2.6 Protection for Reliability .................................................................................... 2-13
2.7 Security and Authentication............................................................................... 2-16
2.8 Network Traffic Analysis.................................................................................... 2-19
Chapter 3 Product Structure ..................................................................... 3-13.1 Product Overview............................................................................................... 3-1
3.2 Hardware Structure ............................................................................................ 3-4
3.3 Supported Boards .............................................................................................. 3-6
3.4 Software Structure.............................................................................................. 3-9
Chapter 4 Technical Specifications .......................................................... 4-1
Chapter 5 Networking Applications.......................................................... 5-15.1 Application in an Metro Ethernet Network............................................................. 5-1
5.2 Application in a Data Center................................................................................ 5-2
5.3 Application in Ethernet Layer 2 Convergence ....................................................... 5-3
5.4 Application in an Enterprise Network ................................................................... 5-4
5.5 Application in FTTx............................................................................................. 5-5
5.6 Application in a Core Network Bearer .................................................................. 5-6
5.7 Application in IP RAN ......................................................................................... 5-7
Chapter 6 Operation and Maintenance..................................................... 6-1
I
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
6.1 NetNumen U31 Unified Network Management Platform ........................................ 6-1
6.2 Maintenance and Management ........................................................................... 6-2
Chapter 7 Protocol and Standard Compliance........................................ 7-1
Figures............................................................................................................. I
Tables ............................................................................................................ III
Glossary .........................................................................................................V
II
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
About This ManualPurposeThis manual describes the positioning, characteristics, functions and features,architecture, network application, operation and maintenance, technical specifications,and complied protocols and standards of the ZXR10 8900E series products.
Intended AudienceThis manual is intended for network planning engineers.
What Is in This ManualThis manual contains the following chapters:
Chapter Summary
1, Product Positioning and
Characteristics
Describes the positioning and characteristics of the ZXR10 8900E series
products.
2, Functions and FeaturesDescribes the major functions and features supported by the ZXR10
8900E.
3, Product StructureDescribes the appearance, hardware structure, supported boards, and
software structure of the ZXR10 8900E.
4, Technical SpecificationsDescribes the basic specifications, interface specifications, and system
functions and features of the ZXR10 8900E.
5, Networking ApplicationsDescribes typical application of the ZXR10 8900E in actual networking
solutions.
6, Operation and Mainte-
nance
Describes the management and maintenance of the NetNumen U31 uni-
fied network management platform and the ZXR10 8900E.
I
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
II
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 1Product Positioning andCharacteristicsTable of Contents
Product Positioning ....................................................................................................1-1Product Characteristics ..............................................................................................1-2
1.1 Product PositioningThe ZXR10 8900E series core switches are new-generation, enhanced core switches.These switches provide extra large system capacity, high-density ports, and powerfulservice features to satisfy core equipment requirements of MAN, data center, campus,and enterprise network environments.
The ZXR10 8900E, designed as a user-oriented, large-capacity, and distributed system,provides high-density GE, 10 GE, and 40 GE/100 GE port solutions. The ZXR10 8900Euses energy-efficient components and uses an intelligent mechanism for managing fans,power supply, and physical ports to solve capacity expansion problems for users. TheZXR10 8900E provides high convergence with low costs, reduces the investment fee peruser, saves space occupied by devices, and lowers power consumption.
The ZXR10 8900E helps users to build highly-efficient, intelligent, and reliable networks,and reduces maintenance and duplicate investment costs by improving network reliabilityand stability. The ZXR10 8900E performs the following functions:
l Provides comprehensive security protection to guarantee network core security.l Provides multi-level QoS to guarantee end-to-end service experience and improve
network quality.l Provides reliable protection for users from device, link, to network levels by
independent monitoring platform, reconfigurable software, and various switchovertechnologies.
l Supports multi-service bearer and the IPv6 technology to provide IPTV solutions,fulfilling the need of integrated data and voice bearer and various networks.
The ZXR10 8900E series products include ZXR10 8912E, ZXR10 8908E, ZXR10 8905E,and ZXR10 8902E, which respectively provide 12, 8, 5, and 2 service slots and supporta variety of high-density interface boards and service functions. For their overview, seeFigure 1-1.
1-1
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
Figure 1-1 ZXR10 8900E Series Products
1.2 Product CharacteristicsMulti-scenario and All-service IdeasThe ZXR10 8900E provides all-service support, satisfying hierarchical andmultidimensional requirements of users and covering network hotspots and mainstreamscenarios such as Metro E, IPTV bearer, FTTX ultra wide band (UWB) convergence,IP-based 2G/3G/LTE Backhaul bearer (IP RAN), FMC network convergence, data center,and campus network. The specific characteristics include:
l A variety of VPN technologies, enhanced functions such as MPLS L3 VPN and VPLS,MPLS-TE, and multi-service bearer capability
l Rich QoS capabilities to support VPN QoS and provide differentiated services fordifferent application
l Layer-2 and layer-3 multicast protocols to provide high-rate multicast duplicationcapability and leading IPTV solutions to satisfy the requirements for large-capacityIPTV subscriber access and high-performance IP multicast video application
l SynE and 1588v2, Bits and GPS clock interfaces, and four types of clock sourceto implement frequency synchronization, providing perfect clock synchronizationand transmission solutions to radio access networks (RANs) and industry dedicateddevices (such as power supply) and achieving an all-IP-based mobile bearer networkand fix-mobile convergence (FMC) for all-service operators
l Distributed IPv6 to implement ASIC-based full wire-speed IPv6 forwarding, a varietyof IPv4/v6 transition technologies, and IPv6 multicast and application management,protecting profits of customers and adapting to network service developmentrequirements
l Hierarchical intelligent operation and maintenance, and graphical networkmanagement system, allowing users to easily perform multi-service deployment andmanagement
1-2
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 1 Product Positioning and Characteristics
40G/100G Port for a High-speed EraGiving full consideration to future network requirements, the ZXR10 8900E builds anext-generation network core by extra large capacity and high performance. Thus, ithelps mobile operators to meet mass traffic requirements, broadband operators to fulfillincreasing P2P and video demands, and enterprises to deal with intensive traffic by usingcloud computing, and finally provides Tbit/s ultra-high-speed networks. The specificcharacteristics include:
l A new switching network architecture that provides the largest single-slot switchingcapacity and whole-NE switching capacity in the industry
l Up to 96 40GE ports and or 576 10GE ports for a whole NEl Smooth upgrade of 100GE ports to fully protect investors' benefit
Multidimensional Security Model, Reinforcing the Network CoreThe ZXR10 8900E, focusing on the network core, provides a five-start network serviceguarantee through a 5-level model covering safe architecture, safe control, safe operatingsystem, safe computing, and safe services.
l Safe architecture
Supports hot backup for the control and forwarding engine, quick active/standbyswitchover, redundant backup and intelligent check, control and alarm for powersupply, fan, and clock modules, and hot-swapping for all components.
l Safe control
Provides high system stability by isolating control, monitoring, and forwarding.
l Safe operating system
Uses ZTE's new-generation multi-process software platform ZXROS, which providesthe most advanced software architecture reliability in the industry to implementfunction modularization, intelligent and dynamic loading, parallel processing, flexibleexpansion of new functions, and process-based intelligent dormancy that guaranteesservice upgrade without interruption.
l Safe computing
Provides multi-thread parallel high-performance computing based on multiple CPUsto guarantee seamless connection on different planes.
l Safe services
Supports a variety of reliability technologies and equipment-level to network-levelprotective switching technologies, and guarantees smooth operation of all servicesby the industry-leading OAM capability and security protection functions.
Low Carbon and Energy EfficientZTE is always committed to the R&D and application of "environment-friendly data"products and solutions, and insists on sustainable development and environment
1-3
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
efficiency. Based on product lifecycle considerations, ZTE makes all efforts to reduce itsproducts' influence on the environment. The specific characteristics include:
l 40nm highly-integrated chips, proper PCB layout, optimized heat dissipation designfor a single board or the whole cabinet, and highly-efficient power switch to guaranteean energy-efficient high-performance system.
l Intelligent power consumption control system: The power consumption control mod-ule of the operating system supports dynamic port power saving, intelligent line cardstartup, power supply, process dormancy, and service adjustment, 5-level fan speedadjustment, and fan sector control to achieve the maximum balance for the perform-ance-to-consumption ratio.
l Harmless material purchase, green certification for the production process,renewable, biodegradable, and environment-friendly packaging and shippingmaterial, in compliance with domestic and international RoHS standards and theconcept of "green earth, care nature".
l Reconstructable operating system architecture and ideal remote management tools,which greatly improve installation, debugging, operation and maintenance efficiency,increase the remote maintenance ratio, reduce OPEX, and lower attendance andenvironment costs.
1-4
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 2Functions and FeaturesTable of Contents
L2 Functions ..............................................................................................................2-1L3 Functions ..............................................................................................................2-5MPLS and VPN Functions..........................................................................................2-8QoS .........................................................................................................................2-10Clock Synchronization..............................................................................................2-12Protection for Reliability............................................................................................2-13Security and Authentication......................................................................................2-16Network Traffic Analysis ...........................................................................................2-19
2.1 L2 Functions
2.1.1 Basic Ethernet Functions
MAC Address ManagementThe ZXR10 8900E provides the basic functions of maintenance MAC address learningand synchronization, and implements the following management functions:
l MAC address bindingl MAC address filteringl MAC address number restrictionl MAC address permanencel MAC address multi-view display
Port MirroringThe port mirroring function automatically duplicates traffic from one port to another port,so that a network administrator can analyze the traffic in real time when solving networkproblems. Port mirroring provides a monitoring approach for the network administrator.For the ZXR10 8900E, any port can be configured as a mirrored port. The supportedmirroring types include:
l Mirroring between ports of different ratesl Many-to-one port mirroringl One-to-many port mirroringl Many-to-many port mirroringl Inter-line-card port mirroring, supporting simultaneous mirroring of multiple mirroring
groups
2-1
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
l RSPAN, ERSPAN, and other remote port mirroringl Stream-based mirroring
Port Security ProtectionThe ZXR10 8900E supports the following port security protection functions:
l Port traffic control, broadcast storm suppression, jumbo restriction, rate negotiation foreffective data traffic control on a port, which prevents network congestion and ensuresnormal network service operation.
l Line diagnosis, analysis, and testing, which checks whether lines or links are normaland accurately locates line-specific faults, making network management and faultlocating more easy.
l Loop detection for some or all ports (no detection by default), which checks forthe loops of the subscribers or switches connected to these ports, so that switchbroadcast storms and other abnormal situations can be avoided and the influencecan be constrained to the specific ports.
l VLAN-based loop detection not only for the VLAN where the PVID of a port islocated, but also for a VLAN specified by the subscriber on a port, which supportsloop detection on up to eight VLANs at the same time.
2.1.2 VLAN FunctionsThe ZXR10 8900E supports 802.1Q VLANs. For an untagged packet, the ZXR10 8900Esupports adding a subnet-based, protocol-based, or port-based VLAN tag to fulfill richVLAN functions.
In the 802.1Q VLAN protocol, a VLAN ID is represented by a 12-bit numeral. As aresult, the number of VLANs is limited to 4096 and cannot satisfy actual applicationrequirements. The ZXR10 8900E expands VLAN in four aspects including QinQ, PVLAN,VLAN translation, and layer-3 related super VLAN.
QinQQinQ allows multiple VLAN tags in an Ethernet frame. A subscriber's private networkVLAN tag is encapsulated into a public network VLAN tag, and then the double-taggedframe goes through the backbone network, providing a simple 2-layer VPN tunnel for thesubscriber. The ZXR10 8900E implements static configuration for QinQ. QinQ involvestwo VLAN types:
l Service VLAN (SVLAN)l Customers VLAN (CVLAN)
The ZXR10 8900E supports traditional SVLAN configuration and VFP-based SVLANconfiguration. The latter can implement traffic-type-based tagging.
2-2
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 2 Functions and Features
PVLANAll the servers are in the same subnet and can communicate only with their own gateway.This is called private VLAN (PVLAN).
A PVLAN effectively guarantees data communication security for an access network byconnecting all subscribers to a default gateway and isolating them from each other. Portsin the same VLAN cannot communicate with each, but they can traverse the trunk port.Thus, subscribers in the same VLAN are not affected by broadcast packets.
A PVLAN does not need protocol packet support, and can be implemented on the ZXR108900E by static configuration.
VLAN TranslationVLAN translation is an extended VLAN function. If a switch port is enabled with VLANtranslation, it is required that incoming data packets received on this port must be taggedpackets. VLAN translation uses "port number + vid in the tagged packet" as an index tolook up the MAC-VLAN table to obtain a new vid. Then, the packet is switched in the newVLAN. Thus, VLAN-to-VLAN translation is implemented.
VLAN translation is implemented on the ZXR10 8900E by static configuration. Besidesbasic single-tag conversion, the ZXR10 8900E can also implement the following functionsby combining VLAN translation and SVLAN:
l When a single-layer frame is received, add an outer tag according to policies. Mappingpolicies or 1-to-1 mapping can be configured.
l When a single-layer frame is received, modify the inner tag and add an outer tagaccording to policies. Mapping policies or 1-to-1 mapping can be configured.
l When a double-layer frame is received, delete the outer tag according to policies.l When a double-layer frame is received, delete the outer tag and modify the inner tag
according to policies. Mapping policies or 1-to-1 mapping can be configured.l When a double-layer frame is received, modify the outer tag according to policies.
Mapping policies or 1-to-1 mapping can be configured.l When a double-layer frame is received, modify the inner tag according to policies.
Mapping policies or 1-to-1 mapping can be configured.l When a double-layer frame is received, modify the inner and outer tags according to
policies. Mapping policies or 1-to-1 mapping can be configured.
Super VLANVLAN aggregation divides VLANs into super VLANs and sub VLANs. Multiple VLANs(called sub VLANs) are aggregated into one super VLAN, and all use the IP subnet anddefault gateway IP address of the super VLAN. The ZXR10 8900E can specify a specificsub VLAN to send ARP packets or VRRP heartbeat packets. In addition, the ZXR10 8900Esupports binding BFD to a specific super VLAN interface.
2-3
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
2.1.3 Link AggregationLink aggregation means that physical links of the same type of transmission media andthe same transmission rate are bound together to obtain a logical link. Link aggregationincreases bandwidth and achieves traffic load sharing.
The ZXR10 8900E supports the aggregation of static and dynamic links for FE, GE, and10 GE ports, as well as inter-line-card and inter-device link aggregation. Links aggregatedon the ZXR10 8900E to obtain a logical port called smartgroup, which can be used as acommon port.
Static AggregationStatic port trunking allows multiple physical ports to be manually added to a trunk group toobtain a logical port. However, when using this aggregation method, users cannot easilyobserve the statuses of the aggregate ports.
When configuring link aggregation on the ZXR10 8900E, comply with the followingprinciples, which are also applicable to LACP:
l Up to 128 trunk groups can be configured, each of which contains up to 8 memberports.
l A member port can be in access, trunk, or hybrid mode, and all the member portsmust be in the same mode.
l Inter-interface-board aggregation is supported . Member ports can be distributed onany interface board, but selected ports must be in full-duplex mode at the same rate.
LACPThe Link Aggregation Control Protocol (LACP) complies with the IEEE 802.3ad standard.The LACP allows multiple physical ports to be aggregated into a trunk group to obtain alogical port called smartgroup. The LACP automatically performs aggregation to achievethe maximum bandwidth. LACP aggregation is divided into static aggregation anddynamic aggregation. The former is configured manually, while the latter is performed bydynamically adding ports to an aggregate group through related protocols.
The ZXR10 8900E supports smartgroup configuration. Load sharing can be implementedby the following means, which are also applicable to static aggregation:
l By source MAC address, VLAN, Ethertype, and incoming portl By destination MAC address, VLAN, Ethertype, and incoming portl By source and destination MAC addresses, VLAN, Ethertype, and incoming portl By source IP address and source TCP or UDP port numberl By destination IP address and destination TCP or UDP port numberl By source and destination IP addresses and source and destination TCP or UDP port
numbers
2-4
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 2 Functions and Features
MC-LAGBesides intra-line-card and inter-line-card link aggregation, the ZXR10 8900E alsosupports Multi-Chassis Link Aggregation Group (MC-LAG) and the Spanning TreeProtocol (STP).
2.1.4 L2 MulticastThe ZXR10 8900E can implement layer-2 multicast and dynamically maintain a multicastgroup that users dynamically join and leave.
IGMP SnoopingBased on the layer-2 multicast technology, the ZXR10 8900E supports the IGMP snoopingtechnology to effectively manage multicast group members, suppress multicast flooding ina layer-2 network, and prevent unauthorized users from receiving multicast traffic.
If IGMP snooping is enabled on the ZXR10 8900E, multicast packets are multicast tospecific ports on layer 2. If IGMP snooping is not enabled, multicast packets are broadcastto all ports on layer 2. The ZXR10 8900E also supports MLDv1/v2-based MLD snoopingto implement smooth IPv4-to-IPv6 evolution.
IGMP ProxyThe ZXR10 8900E also supports the IGMP proxy function. Unlike IGMP snooping, whichobtains multicast information by listening to IGMP traffic, the IGMP proxy mechanismblocks and processes the IGMP requests from terminal users, and forwards them to anupper-layer router.
2.2 L3 FunctionsIPv4 Routing ProtocolsRIP
The Routing Information Protocol (RIP) is a distance-vector routing protocol based on thelocal network. The RIP uses UDP packets to exchange RIP routing information. A protocolpacket to be transported is encapsulated into a UDP packet. The routing information in aRIP packet contains the number of hops in a path from the source to a destination. Eachhop determines the route to the destination by the hop count. RFC has a limit on the hopcount. The maximum hop count is 15. Therefore, the RIP is applied to internal gatewaysin small-size autonomous systems.
On the ZXR10 8900E, the RIP has the following main functions:
l Sends and receives RIP packets according to the protocol, checks the correctness ofthe packets, and performs certain identity verifications.
l Supports RIPV1/V2, plain text and MD5 authentication, and route redistribution.
2-5
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
l Uses split horizon and trigger update mechanisms to prevent routing loops andshorten route convergence time.
l Supports protocol debugging.
OSPF
The Open Shortest Path First (OSPF) is an Interior Gateway Protocol (IGP) developed bythe IETF. TheOSPF uses a link state routing and Shortest Path First (SPF) algorithms. TheOSPF is loop-free, which is of great significance for mesh networks or LANs connectedthrough multiple bridges. Each OSPF router maintains an identical database describingthe Autonomous System (AS)'s topology. The database is composed of each router'spartial state information, such as the router's available interfaces, neighbors, connectednetworks, and external routing information of the AS.
On the ZXR10 8900E, the OSPF has the following main functions:
l Employs a hierarchical network topology that is applicable to large interconnectionnetworks.
l Uses the dynamic routing algorithm Dijkstra to automatically and quickly trace networktopology changes.
l Supports display and configuration commands from the primary console,SNMP-related command, display, and MIB variables.
l Supports routing protocol packet authentication, including simple passwordauthentication and MD5 authentication, to prevent routing protocol packets frombeing illegally modified.
l Uses retransmission and confirmation mechanisms to guarantee the reliability oflink-state synchronization.
l Supports a variety of distance metric solutions, such as physical distance, delay, andthroughput.
l Supports stub area and NSSA functionsl Supports Area Border Routers (ABRs) and Autonomous System Border Routers
(ASBRs).l Supports classless routing and route aggregation.l Controls route re-distribution and filtering by a route map.
IS-IS
The Intermediate System-to-Intermediate System (IS-IS) intra-domain routing protocolrepresents the OSI model for L3 switches. It can be applied to TCP/IP-based IP networks.The IS-IS protocol is easy to extend for other protocols mainly IPv6. The IS-IS systemis divided into two layers: the backbone (L2) and areas (L1). An L3 switches can onlybelong to one area. Ll switches know only topology of their own area. All the traffic toother areas is sent through the closest L2 switch. L2 switches compose the backbone,which is similar to the backbone area 0 in OSPF.
On the ZXR10 8900E, the IS-IS has the following main functions:
l Supports L1/L2 address aggregation.l Supports L1/L2 hierarchical routing and the ATT bit.l Supports the three area addresses and smooth area address migration.
2-6
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 2 Functions and Features
l Supports load balancing for the same destination.l Supports plain-text authentication for an interface or area.
BGP
The Border Gateway Protocol (BGP) is an exterior gateway protocol. Its basic function isto exchange loop-free routing information between multiple autonomous systems. Theinformation exchanged by the BGP carries rich attributes, which help to construct thetopology of ASs and implement AS-based routing policies. The routing information withAS IDs can also help eliminate routing loops.
On the ZXR10 8900E, the BGP has the following main functions:
l Applied to mass network application and backbone networks.l Supports eBGP and IBGP.l Supports the eBGP multi-hop technology.l Supports the community and route reflector attributes.l Supports AS alliance and route suppression.l Supports MP-BGP.l Supports MD5 authentication and route filtering.l Supports route redistribution.
Policy Routing
Policy routing matches specific values in an IP packet to with a policy set by a networkmanagement user. If the values satisfy the policy, the packet is forwarded accordingto the route specified by the policy. Otherwise, the packet is forwarded according to aconventional routing table.
The ZXR10 8900E implements ACL-based policy routing.
IPv6 RoutingThe ZXR10 8900E supports the following IPv6 unicast routing features:
l Supports IPv6 neighbor discovery protocols to discover routers and prefixes, resolveaddresses, determine next-hops, redirect routes, and detect unreachable neighborsand duplicate addresses, bringing more flexibility to node mobility.
l Supports the IPv6 MTU discovery protocol to dynamically identify the maximumtransmission unit (MTU) and ensure that the size of each packet sent by a node doesnot exceed the MTU value.
l Supports IPv6 static routing.l Supports the IPv6-based dynamic routing protocols RIPng, OSPFv3, ISISv6, and
BGP4+.
IPv4 to IPv6 TransitionThe ZXR10 8900E provides multiple mechanisms for IPv4 to IPv6 transition. For example,the dual-stack technology and various tunneling technologies, which are applicable todifferent scenarios. The ZXR10 8900E supports the following features:
l Supports IPv4/IPv6 dual-stack coexistence.
2-7
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
l Supports manually configured tunnels.l Supports 6to4 tunnels.l Supports ISATAP tunnels.l Supports 6PE tunnels.
L3 MulticastThe ZXR10 8900E supports the IGMPv2, IGMPv3, and MLDv1/v2 protocols, as well asIPv4/v6-based PIM-DM, PIM-SM, and PIM-SSM protocols, providing a complete set ofmulticast solutions. In addition, to provide enhanced and more reliable multicast servicesand guarantee the deployment and operation of the services, the ZXR10 8900E alsosupports the functions of multicast route guard and anycast RP.
Controllable MulticastThe ZXR10 8900E supports a complete set of controllable multicast features. Itimplements accurate control on multicast users by the functions of IGMP V1/V2/V3, IGMPSnooping, IGMP Proxy, IGMP Fastleave, multicast VLAN, Channel Access Control (CAC), and Call Detail Record (CDR),
The ZXR10 8900E also provides the following customized controllable multicastmanagement functions to allow you to directly manage IPTV channels and subscribers:
l Channel access controll Channel managementl Package managementl Preview configurationl Preview template managementl CDR recordingl Uniform network management through MIB
The ZXR10 8900E provides these controllable multicast functions to allow the networkoperator to accurately control their multicast services, perform overall subscribermanagement, and flexibly deploy IPTV services.
MCEThe Multi-VRF CE (MCE) technology extends CE capabilities to support VRF functions.Devices providing the MCE function are called MCE devices. The ZXR10 8900E supportsMCE configuration.
2.3 MPLS and VPN FunctionsBasic Functions of MPLSMultiprotocol Label Switching (MPLS) is a multi-layer switching technology. It combineslayer 2 switching technologies with layer 3 routing technologies, using labels to aggregate
2-8
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 2 Functions and Features
forwarded information. Running on the routing layer, MPLS supports various upper-layerprotocols and can be implemented on different physical platforms.
MPLS combines the performance and capabilities of Layer 2 switching with the flexibilityand scalability of Layer 3 routing, and thus simplifies MPLS network management andoptimizes network performance.
Now, the ZXR10 8900E provides a complete set of MPLS protocols and mainly providesthese functions:
l Supports the LDP and RSVP protocol.l Supports TTL value decreasing, loopback detection, policy management, and
penultimate hop popping.l Supports automatic label distribution by downstream and free label retention mode.l Supports LSP fast rerouting and RSVP-LSP establishment.
MPLS TEMPLS TE combines traffic engineering with the MPLS protocol to allow service providersto precisely control the path through which traffic goes. Thus, congestion nodes can beavoided, and paths will not be too overloaded or too idle, allowing bandwidth resourcesto be fully utilized. In addition, during the establishment of an LSP tunnel, MPLS TE canreserve resources to guarantee the quality of service.
The ZXR10 8900E supports MPLS TE and provides the following features:
l Provides the capability of forwarding IP packets through a non-IGP shortest path,effectively avoiding network congestion caused by unbalanced network traffic.
l Guarantees bandwidth by reserving bandwidth for key traffic, defining priorities, andusing bandwidth preemption mechanisms, so that packets will not be dropped due toinsufficient link bandwidth.
l Guarantees stable and reliable data transmission: When a link or transmission nodefails, the link can be quickly switched to a backup one through MPLS TE FRR andMPLS TE. In addition, LSP full-path protection is supported, which greatly reducesnegative impacts on traffic.
l Supports MPLS VPN over TE and LDP over RSVP, allowing TE tunnels to providebandwidth guarantee and service isolation for MPLS VPN services.
MPLS Layer 2 VPNMPLS layer 2 VPN falls into two categories:
l Virtual Private Wire Service (VPWS): Implements point-to-point communicationsbetween sites within a VPN.
l Virtual Private LAN Service (VPLS): Implements point-to-multipoint communications.In a VPLS network, a CE simply sends the data destined to all destinations to the PEconnected to the CE.
The ZXR10 8900E supports the VPWS drafted by Martini and the extended LDP toestablish different LSPs according to service types. It also supports Ethernet and VLANencapsulation, and LDP-based extended VPLS.
2-9
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
The ZXR10 8900E also supports hierarchical VPLS (HVPLS), with the access mode beingPW or QinQ.
MPLS Layer 3 VPNThe ZXR10 8900E supports all MPLS L3 VPN functions, including:
l Address overlappingl Static route, RIP, OSPF, and BGP access of a CEl The extended community attribute, capability negotiation, and route update of the
BGPl Binding a VLAN to a VRF
The ZXR10 8900E supports Multi-AS VPN, providing the following three inter-domain VPNdeployment solutions:
l VRF-to-VRF solutionl Single-hop MP-EBGP solutionl Multi Hop MP-EBGP solution
2.4 QoSBasic QoSAs the IP network is evolving, more and more new services demand that the IP networkprovide predictable as well as reliable transmission. Users demand that their network canprovide stable and high-performance services in any place and at any time.
Traffic engineering is intended for optimizing network performance. It can map traffic toactual physical channels and meanwhile automatically optimize network resources to fulfillthe serviceability required by particular application. It is a network engineering technologythat allows both macro regulation and micro control.
At present the key to traffic engineering is load balancing and network recovery. IP trafficengineering is to effectively implement the integration of the conventional best-effort IPservice and the QoS.
To fulfill the above objectives, the ZXR10 8900E provides the following functions:
Traffic Classification
Traffic means the packets sent through switches. Traffic classification is to classify thepackets according to particular characteristics. To achieve this purpose, you can use anACL, especially an extended ACL.
Packets can be classified by various ACL filtering options, such as source/destination IPaddress, source/destination MAC address, IP protocol type, TCP source/destination portnumber, UDP source/destination port number, DSCP, ToS, IP Precedence, VLAN ID, and802.1p priority.
Traffic Policing
2-10
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 2 Functions and Features
Traffic policing restricts the bandwidth for a specific service to reduce the impacts on otherservices. Actions taken when the traffic exceeds a limit include:
l Dropping or forwarding the packet.l Passing the packet through with a modification to the DSCP value.l Passing the packet through with a modification to the drop priority (packets with a high
drop priority are dropped first when the queue is congested)
The ZXR10 8900E implements the Single Rate Three Color Marker (RFC2697) and (TwoRate Three Color Marker) (RFC4115) functions. Both algorithms support Color-Blind modeand Color-Aware mode.
Traffic Shaping
Traffic shaping controls the rate of outputted packets, so that all the packets are sent outin an even rate. Through traffic shaping, packet rates can match downstream devices, sothat congestion and packet dropping can be avoided.
The ZXR10 8900E supports traffic shaping at two levels, namely, VLAN-based trafficshaping and port-based traffic shaping. Thus, the system can implement multi-level trafficcontrol and ensure hierarchical QoS and management.
Congestion Avoidance
The ZXR10 8900E uses the RED/WREDmethod to avoid congestion and improve networkquality.
The ZXR10 8900EWRED can perceive services, including the IP precedence, DSCP, andthe MPLS EXP bit, and can set different early drop policies for the packets of differentpriorities, so that differentiated drop features are provided to different services.
Queue Scheduling
Each physical port of the ZXR10 8900E supports eight output queues (numbered from 0to 7), which are called CoS queues. According to the CoS corresponding to the 802.1ptag in a packet, the ZXR10 8900E performs output queue operations on the ingress. Incase of network congestion, multiple packets compete for resources. This problem can besolved by queue scheduling.
The ZXR10 8900E supports three queue scheduling methods. The eight output queueson a port can use different scheduling methods.
l Strict priority (SP)l Weighted round robin (WRR)l Dynamic weighted round robin (DWRR)
The 802.1p tag contains packet priority information. If the packet entering a port does notcarry a 802.1p tag, a switch allocates a default 802.1p value to the packet.
Priority Tag
A priority tag re-assigns a set of service parameters to the particular traffic described in anACL. The following types of operations can be performed:
l Modifying the CoS queue of a packet and the 802.1p value
2-11
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
l Modifying the CoS queue of a packet, but keeping the 802.1p value unchangedl Modifying the DSCP value of a packetl Modifying the drop priority of a packet
Ethernet OAMAt present, the ZXR10 8900E supports the following Ethernet OAM standards:
l IEEE 802.3ah (Operations, Administration, and Maintenance-OAM)l IEEE 802.1ag (Connectivity Fault Management-CFM)
The ZXR10 8900E supports Ethernet OAM functions that support the above mentionedstandards. The functions include Ethernet continuity test (ETH-CC), Ethernet loopback(ETH-LB), Ethernet link tracing (ETH-LT), Ethernet frame loss measurement (ETH-LM),Ethernet frame delay measurement (ETH-DM), remote fault indication, and remoteloopback.
2.5 Clock SynchronizationThe trend to IP-based bearer networks requires the Ethernet to provide accurate clock tothe mobile wireless network, which has a strict requirement for high precision. Frequencysynchronization and time synchronization are both needed. The ZXR10 8900E supportsa synchronous Ethernet plus 1588v2 solution. It uses synchronous Ethernet to implementclock frequency synchronization, and uses IEEE 1588 to implement time synchronizationby frequency fine tuning and time maintenance.
The ZXR10 8900E can be configured with various clock source priorities, according towhich the clock sources are selected. The clock source of the highest priority is used.When this clock source fails, a clock source of one priority level lower takes effectimmediately. The clock source recovery policy is as follows: When the clock source ofa higher priority is recovered, the clock can choose to switch to the clock source of thehigher priority, depending on configuration.
Clock SourceThe ZXR10 8900E supports five types of clock sources. The main control determines todistribute which clock source to the whole system. The five types of clock sources are:
l Local clock: Local clock is used by system hardware, and it provides the most basicclock signals.
l BITS: Supports 2 MHz analog clock signals and 2 Mbits digital clock signals.l GPS: As the conventional mobile network clock source, GPS provides highly accurate
clock signals. It can provide 1PPS+TOD signals.l SyncE: Support synchronous Ethernet interfaces to restore and retrieve clocks from
the physical layer.l 1588v2: The IEEE 1588v2 is a precision time protocol. By transmitting messages
between active and standby devices, it implements accurate synchronization of theactive/standby clock and time.
2-12
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 2 Functions and Features
Synchronous EthernetThe ZXR10 8900E can retrieve line clocks from Ethernet links, and supports obtainingreference clocks through external synchronous interfaces (including BITS and GPS) asthe input for the system clock selection function. According to synchronization stateinformation or alarms, the system selects a proper clock source and export clock source.After determining the clock source, the system uses the highly accurate clock on Ethernetinterfaces to send data and transfer synchronization state information to implementend-to-end sent/received data synchronization on the Ethernet physical layer.
IEEE 1588 v2The ZXR10 8900E implements the IEEE 1588 v2 protocol, and supports the followingoperational modes:
l Normal clock
Only one port supports the 1588 protocol, which can be configured as grandmasteror slave.
l Border clock
Multiple ports support the 1588 protocol, which can be connected to multiple normalclocks or transparent clocks.
l Transparent clock
The 1588 protocol does not run on each node, but the node needs to modifytimestamps. When forwarding a time packet, the node updates the time correctionfield, which is in either E2E or P2P mode.
Clock ProtectionThe ZXR10 8900E supports two clock protection modes:
l Port selection protection
The ZXR10 8900E uses the SSM protocol and the best master clock (BMC) algorithmto implement automatic protective switching, and ensure reliable clock transfer.
l Dual-main-control protection
The ZXR10 8900E's active/standby main control modules always synchronize clockinformation. When a main control module receives a BITS or GPS clock signal, itdirectly forwards the signal to the other main control module.
2.6 Protection for ReliabilityEquipment ProtectionMain Control Module Protection
The ZXR10 8900E provides carrier-class reliability. It provides two main control boards,each of which has control modules and switching modules. The two main control boards
2-13
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
work in load-sharing or redundancy backup mode. Redundancy is supported for switchingmodules and main control modules. If an active module fails, services and data will beswitched to the standby module to guarantee uninterrupted data transfer and serviceoperation.
Power Module Protection
To satisfy telecom carriers' strict requirements for equipment reliability, the ZXR10 8900Eprovides a hot backup design for power supply, and supports 48 V DC and 220 V AC powersupply modes. DC power supply operates in 1+1 mode, while AC power supply operatesin 1+1 backup or 2+1 backup mode depending on rack configuration. Thus the reliabilityof the power supply system is improved. In addition, the ZXR10 8900E's power supplysystem provides various intelligent mechanisms to protect power supply, detect and reportfaults according to parameters such as voltage, current, temperature.
System Monitoring
The ZXR10 8900E satisfies carrier-class reliability requirements, and provides a whole setof system monitoring approaches to reduce customers' maintenance costs and improveequipment stability and reliability.
In terms of hardware, the ZXR10 8900E monitors ambient temperature, boardtemperature, fan status, power status, power consumption sampling (including PoEpower supply), and air volume (or calculated by temperature if conditions do not permit).In terms of software, the ZXR10 8900E actively collects the information about ambienttemperature, board temperature, fan status, power status, power consumption sampling(including PoE power supply), and air volume. If a fault occurs or an index exceedsits alarm threshold, the system raises an alarm and reports the fault. Alarm and faultinformation can be periodically stored and uploaded to a specified server.
Network Detection MechanismsDuring network equipment operation, link failures, single-point failures, and connectivityproblems may occur. To discover all sorts of faults in the network in time, and provideprotective measures, the ZXR10 8900E provides a series of effective network detectionmechanisms. In addition to the detection techniques mentioned below, the ZXR10 8900Ealso supports many fault detection and locating methods such as UDLD, IP Ping, IP Trace,multicast Traceroute, LSP Ping, and LSP Traceroute.
BFD
The ZXR10 8900E supports the BFD of static routes, OSPF and other dynamic routes,and VRRP to implement fast convergence. The ZXR10 8900E supports combining BFDand FRR technologies to provide a fast fault detection mechanism and implement fastrerouting.
OAM Detection
OAM provides rich detection methods (mainly the Ethernet OAM technology) for identifyingnetwork faults. Through OAM packet detection, the system can detect the link status, nodestatus, and tunnel connectivity, and trigger protective switching when finding a fault.
2-14
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 2 Functions and Features
SQA
The ZXR10 8900E supports ICMP-echo, DHCP, DNS, FTP, HTTP, UDP-jitter, SNMP, TCP,UDP-echo, Voice, and DLSw detection. It can link the detection results to functions suchas VRRP.
Intelligent Ethernet ProtectionThe ZXR10 8900E supports ZTE Ethernet Switch Ring (ZESR), ZTE Ethernet SmartSwitch (ZESS), and ZESR+, and provides ring network protection and dual-uplink linkprotection. ZESR/ZESS/ZSER+ comply with the ITU-T G.8032 standard.
Layer 3 Routing ProtectionThe ZXR10 8900E supports the following layer 3 routing protection functions:
l Enhanced VRRPl Route load sharingl Graceful Restart (GR)
VPN ProtectionThe ZXR10 8900E supports layer 3 route protection, mainly including PW protection andMPLS VPN dual-home protection. MPLS VPN dual-home protection can be dual-hominga CE to two PEs or dual-homing a UPE to two NPEs.
FRR ProtectionSupporting IP FRR
The switching speed of IP Fast ReRoute (IP-FRR) reaches 50 ms, which can minimizedata loss upon network failures. The IP FRR function computes backup routes in advance.If an active route fails, the IP FRR function does not re-compute routes, but switch trafficto a backup route. When the active route is restored to normal, the traffic is switched backto the active route.
The ZXR10 8900E supports static routing, OSPF, IS-IS, and RIP fast rerouting. Thus trafficcan be quickly switched in one direction, which satisfies the switching time requirement ofservices.
Supporting LDP FRR
The LDP FRR is an MPLS-related reliability technology. Through the Label DistributionProtocol (LDP), the LDP FRR distributes an active/standby label to a route. Due to theexistence of standby labels, a router can rapidly respond to route changes and switch to astandby label to implement switching protection with 50 ms after a network failure occurs.
The LDP FRR is a temporary protective measure. When the protected link is restored, thetraffic will be switched back to the original LSP. The LDP FRR does not depend on thecomplicated MPLS TE technology, and need not establish standby LSPs respectively forlinks, nodes, and paths. So, the implementation is easy.
Supporting MPLS TE FRR
2-15
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
The MPLS TE fast reroute (FRR) is a set of mechanisms in MPLS TE for protectinglinks and nodes. If an LSP link or node fails, the node where the failure is discoveredwill be protected, so that traffic can still pass through a protective link or node, and datatransfer is not interrupted. Meanwhile, the head node can continue initiating primary pathre-establishment.
Supporting L3VPN FRR
The L3VPN FRR solves the problem of end-to-end service convergence for a dual-homeCE, the most common network model. If a PE node fails, the L3VPN FRR can controlthe end-to-end service convergence time within 1 s. The MPLS TE FRR only solves thefailures of links or nodes, but it cannot implement end-to-end fast convergence in case ofa PE failure, which requires VPN route convergence.
2.7 Security and AuthenticationACLTo filter data, a network device should be configured with a series of matching rules toidentify the objects to be filtered. After particular objects are identified, the device permitsor denies the passing of the corresponding data packets, depending on preset policies.An Access Control List (ACL) can be used to implement these functions.
The ZXR10 8900E provides five types of ACLs:
l Link ACLsl IPv4 ACLsl IPv4 mixed ACLsl IPv6 ACLsl IPv6 mixed ACLs
Device AuthenticationAAA
The ZXR10 8900E support Authentication, Authorization and Accounting (AAA). It cannot only authenticate and authorize a subscriber by with the assistance of hierarchicalcommand line protection, but also verify the validity of network management users innetwork management. By using the AAA mechanism, the ZXR10 8900E can effectivelyprevent illegal subscribers from logging in.
For different subscriber access authentication policies, the device provides perfect AAAauthentication and authorization functions. According to different access authenticationrequirements, you can configure different access authentication policies to performauthentication and authorization on subscribers selectively.
The AAA supports three subscriber authentication modes:
l Local account verificationl Remote Authentication Dial-In User Service (RADIUS) verificationl Terminal Access Controller Access Control System (TACACS+) verification
2-16
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 2 Functions and Features
The AAA supports four authorization modes:
l Direct authorization: Subscribers are trusted and directly authorized.l Local account authorization: Authorizes subscribers according to the locally
configured accounts.l TACACS+ authorization: TACACS+ can separate authorization from authentication.
The TACACS+ server performs subscriber authorization.l Authorization after successful RADIUS authentication: The RADIUS protocol does
not allow the separation of authentication and authorization.
SSH
The Secure Shell (SSH), drafted by the IETF, is a security protocol established on theapplication and transport layers. The SSH is a reliable protocol that provides securityparticularly for remote login sessions and other network services. The SSH protocol caneffectively prevent information leakage during remote management. Through the SSHprotocol, data can be encrypted before transmission, and thus intermediary attacks canbe avoided.
The SSH supports two authentication modes:
l Password-based security verificationl Key-based security verification
The ZXR10 8900E supports SSHv2 security verification.
Hierarchical Commands
The ZXR10 8900E implements authority-based hierarchical command management. Upto 16 command authority levels are supported. Different login subscribers are boundto different authority levels. The lower the level, the less commands the subscriber isallowed to use. The administrator, who has the highest authority level, can set differentauthority levels for commands, and thus customized command authority configuration isimplemented.
Access Security802.1x
The ZXR10 8900E's 802.1X module performs the following functions:
l Supports the authenticator's functions.l Supports local authentication.l Supports that the authenticator PAE sends or receives EAPOL frames through an
uncontrolled port.l Supports manipulating a controlled port by using AuthControlledPortControl
parameter values including ForceUnauthorized, Auto, and ForceAuthorized.l Supports manipulating a controlled port by using both AdminControlledDirections and
OperControlledDirextions parameters.l Supports periodic re-authentication for a supplicant according to a re-authentication
timer.
2-17
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
l Supports transparent transmission of 802.1x authentication packets whenauthentication is not required.
DHCP
The ZXR10 8900E supports DHCPv4 server, DHCPv4/v6 relay, DHCPv4/v6 snooping, andDHCP option82 functions.
IP source guard
By establishing the binding relations between a port and a VLAN, MAC address, or IPaddress, an IP source guard checks the packet source and allows traffic satisfying specificconditions to pass, and thus packet security control is implemented. The IP source guardestablishes a binding table in either of the following forms:
l Static bindingl Dynamic binding
The ZXR10 8900E supports IPv4-based and IPv6-based IP Source Guard function.
DAI
Dynamic ARP Inspection (DAI) sends ARP packets up to a CPU for processing. Afterdetermining that the ARP packet is legal or not, the CPU forwards or drops it.
Network SecurityThe ZXR10 8900E implements network-based security protection, and every module hasthe security checking function. In the ZXR10 8900E, network security functions are asfollows:
l Prevents subscriber ARP snooping.l Supports MAC address flood protection, which restricts the number of MAC
addresses.l Sets broadcast packet thresholds on a port.l Filters layer 2, 3 and 4 ACLs together.l Filters routes.l Forbids ICMP redirection to prevent an attacker from sending fake ICMP packets.l Prevents CPU attacks, provides protocol packet protection, distributes different
hardware CPU queues to protocol packets, sets priorities, limit rates, performs QoSsuch as WRED, and protects CPU.
l Prevents DoS attacks by hardware queues, and supports preventing land | null-scan| ping-of-death | smurf | sys-fin | syn-port-less-1024 | xma-scan | ping-flood | syn-floodattacks (for ping-flood | syn-flood, rate limiting is supported).
l Prevents IPv4 URPF source address spoofing.l Supports automatic broadcast storm suppression.l Supports control/signaling MD5 authentication.l Supports DHCP snooping.l Supports DHCP snooping-based IP Source guard and DAI.l Supports IPv6 ND security.
DDoS Attack Prevention
2-18
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 2 Functions and Features
As the network environment becomesmore and more complicated, switches are facing thedemand for higher attack prevention capabilities. There are many methods and policiesfor DDoS attack prevention. CPU protection is one of the major methods.
The ZXR10 8900E's DDoS attack prevention supports most L2 and L3 protocols. L2protocols mainly include some STP and MSTP packets, as well as layer 2 ring networkpackets of switches. L3 protocols mainly includes the IPv4 and IPv6 protocols.
l IPv4 protocols: OSPF, PIM, IGMP, VRRP, ICMP, ARPREPLY, ARPREQUEST,GROUP MNG, VBASE, VRRP ARP, DHCP, RIP, BGP, Telnet, LDP_TCP, LDP_UDP,TTL, BPDU, SNMP, MSDP, and RADIUS.
l IPv6 protocols: MLD, ND, ICMP6, BGP4+, RIPNG, OSPFv3, LDPTCP6, LDPUDP6,Telnet6, and PIM6.
The ZXR10 8900E expands hierarchical CPU protection based on regular CPU protection.Hierarchical CPU protection includes hardware, software, and protocol stack protection.The ZXR10 8900E also prevents DDoS attacks by limiting MAC address learning, limitingthe port flow rate, and multi-layer ACL filtering.
uRPF
The ZXR10 8900E supports strict, loose, and loose-ingoring-default-route Unicast ReversePath Forwarding (uRPF).
l Strict uRPFmeans that a packet is dropped if the egress found according to the sourceaddress does not exactly match the ingress, or is handled properly otherwise.
l Loose uRPF means that the packet is handled normally if a route is found accordingto the source address and the default route's egress is consistent with the ingress, oris dropped otherwise.
l Loose-ingoring-default-route uRPF means that the packet is handled normally if aroute is found according to the source address and it is not the default route, or isdropped otherwise.
ND Security
The ZXR10 8900E supports the configuration of trusted switch ports, trusted switchaddresses, and ND learning quantity limit. It supports ND snooping-based ND packetfiltering by configuring a static binding relation between a port and a VLAN, IP address, orMAC address. It can also detect ND packets based on DHCPv6 snooping entries, allowlegal packets to pass, so that network risks are minimized.
2.8 Network Traffic AnalysisThe ZXR10 8900E supports mainstream network traffic analysis technologies includingIETF standard IPFIX and sflow.
2-19
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
This page intentionally left blank.
2-20
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 3Product StructureTable of Contents
Product Overview.......................................................................................................3-1Hardware Structure ....................................................................................................3-4Supported Boards ......................................................................................................3-6Software Structure......................................................................................................3-9
3.1 Product OverviewThe ZXR10 8900E uses a large-capacity rack architecture. The hardware system iscomposed of a chassis, a backplane, fan subracks, power supply modules, switchingmain control boards, and various link processing boards.
ZXR10 8912E OverviewFor the ZXR10 8912E overview, see Figure 3-1.
Figure 3-1 ZXR10 8912E Overview
For the ZXR10 8912E structure, see Figure 3-2.
3-1
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
Figure 3-2 ZXR10 8912E Structure
ZXR10 8908E OverviewFor the 8908E overview, see Figure 3-3.
Figure 3-3 ZXR10 8908E Overview
For the ZXR10 8908E structure, see Figure 3-4.
3-2
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 3 Product Structure
Figure 3-4 ZXR10 8908E Structure
ZXR10 8905E OverviewFor the 8905E overview, see Figure 3-5.
Figure 3-5 ZXR10 8905E Overview
For the ZXR10 8905E structure, see Figure 3-6.
3-3
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
Figure 3-6 ZXR10 8905E Structure
ZXR10 8902E OverviewFor the 8902E overview, see Figure 3-7.
Figure 3-7 ZXR10 8902E Overview
For the ZXR10 8902E structure, see Figure 3-8.
Figure 3-8 ZXR10 8902E Structure
3.2 Hardware StructureThe ZXR10 8900E series switch is a rack-based system and has three separate planes,including forwarding, control, and monitoring planes. The three planes work together toperform system functions. The system uses a new-generation high-capacity high-speedserial bus backplane to connect main control boards to various service line cards. Theprimary monitoring node on each main control board manages the monitored nodes on theline cards through a monitoring bus and collects monitoring information of the line cardsto implement intelligent equipment management.
3-4
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 3 Product Structure
High-capacity High-speed BackplaneThe system has the up-to-date design of passive high-capacity high-speed backplane andconnects main control boards and line cards through high-speed wiring, ensuring sufficientswitching capacity required by system operation.
Main Control BoardMain control boards are important integrated boards working in 1:1 backup mode.Each main control board includes a high-performance CPU, a large-memory storagespace, an inter-board switching module, a monitoring module, and a clock module. For8912E/8908E/8905E, each main control board also includes a high-capacity switchingmatrix, which has a multi-plane independent design to guarantee its switching capabilityand future expansion. For the 8902E, main control boards do not have a switching matrix.Line cards implements back-to-back connection through a high-speed backplane. Duringoperation, the ZXR10 8900E series switch's two main control boards interact closely.
Service Line CardsService line cards directly process packets and send them to specific ports on thedestination service line cards. Each service line card has its own forwarding informationbase, and forwarding decisions are made locally, ensuring wire-speed switching capability.Service line cards are diversified, and they can support clock or monitoring features.Depending on requirements, the following types of service line cards can be provided forthe time being:
l GE service cardsl 10-GE service cardsl 40-GE service cards
Power SupplyThe ZXR10 8900E has a brand new power supply design, which supports the maincontrol system's remote signaling/control over power supply. Through an RS485 port,the main control system can intelligently monitor the temperature over/under-voltage,power-off alarms, and current-limited state of the power supply system.
Intelligent Fan ShelfThe ZXR10 8900E system uses an intelligent fan shelf to adjust each fan's speed, raisesstalling alarms, and detect fan board temperature. In addition, the shelf can adjust fanspeed of each slot according to temperature, so that energy is saved.
3-5
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
3.3 Supported BoardsMain Control BoardFor the ZXR10 8912E/8908E/8905E, switching and control modules are integrated on amain control board. The main control board mainly consists of a CPU subcard, switchingchips, a clock system, and amonitoring subcard, and implements management and controlover the whole system and switches data packets among various line cards. From theperspective of functionality, the main control board consists of switching, control, clock,monitoring, out-band communication, power supply, and logical modules. For the maincontrol board diagram, see Figure 3-9.
Figure 3-9 8912E/8908E/8905E Main Control Board Diagram
The main control board of the ZXR10 8902E implements control functions. For the boarddiagram, see Figure 3-10.
Figure 3-10 8902E Main Control Board Diagram
Control Module
3-6
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 3 Product Structure
The control module consists of a main processor and some external functional chips. Itprovides various external operation interfaces, such as serial ports and Ethernet ports, toprocess various applications. The main control module mainly consists of the followingfunctional units:
l Network management unit: Runs a network management protocol, such as SNMP.l Protocol processing unit: runs network and routing protocols, such as OSPF, RIP, and
BGP-4. The protocol processing unit maintains a global routing table and forwardingtables, and maintains the consistency among processor nodes.
l Monitoring unit: Provides operation andmanagement interfaces for various line cards.l Internal communication unit: Provides a high-speed signaling channel between
boards, and allows the main control board to efficiently and accurately control themanagement CPUs of the other boards through the internal communication module,and to transfer routing information through that channel.
The main control module has the following features:
l High-performance CPU: Is capable of running layer 2 and layer 3 protocols andnetwork management and monitoring programs.
l GE channel: Can be connected to a management interface to provide the functionsof system management and program downloading and debugging.
l One RS232 serial port: Used for board debugging and management.l Temperature checking: Each main control board has a temperature checking device
that is connected to the CPU subcard to check the system temperature and reportsthe results to the back-end EMS.
l System log management: All system logs are stored in the system flash memory.l Clock chips are mounted on the CPU interface to provide an accurate clock to the
system.l Active/standby switching, active/standby state signal indication, line card reset
signals, and line card in-position checking.l Faults are classified into warning faults and switchover faults.l A routing data synchronization channel is provided between active and standby
boards.
Switching Module
The switching module performs data switching for the whole system, providing ahigh-speed and non-blocking switching channel among all line card units. The switchingmodules uses a dedicated CROSSBAR chip, which integrates multiple high-speedbidirectional interfaces to perform wire-speed switching. The switching chip performs thefollowing functions:
l Store-and-forward switching.l Supports 16 KB jumbo frames.l Supports priority queues that selectively drops frames in case of CoS queue
congestion.l Each port provides a set of management control counters.
Clock Module
3-7
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
This system uses the synchronous Ethernet technology to implement clock frequencysynchronization. It performs phase fine tuning and time maintenance according to theIEEE 1588 to synchronize clock time. The synchronous Ethernet can perform frequencysynchronization by the reference clocks generated by four types of clock sources includinglocal clock of the clock subcard, BITS (2MHz or 2Mbits), GPS, and line card clock recovery.
Monitoring Module
The monitoring module (IPMC) is a component of the device monitoring system.The monitoring module, hardware management bus, and software monitoring andmanagement module compose the intelligent platform management system. Themonitoring module mainly performs the following functions:
l Information gathering: The monitoring module gathers information about the ambienttemperature, board temperature, fan status, power supply status, and powersampling.
l Alarm: The monitoring module sets alarm parameters for all the monitored itemsmentioned above, and produces alarms in case of exceptions.
l Management: The monitoring module provides automatic or manual control of the fanspeed, and monitors board power-on/off.
Interface ModulesThe ZXR10 8900E series core switch's interface modules refer to line interface cards.Currently GE, 10 GE optical, and 40 GE optical interface boards are provided.
All the optical interfaces of the ZXR10 8900E uses pluggable optical modules. Thus, oneline card can satisfy the requirements for different transmission media and distances. andsome line cards even provide different types of interfaces to reduce the need for extra linecards. All the electrical interfaces in a line card have the cable diagnosis function, whichallows diagnosing cable connections at any time. During a diagnosis, short circuits andopen circuits can be identified, and the location where a fault occurs can be specified, withthe precision of 1 meter.
For the main interface board types of the ZXR10 8900E, see Table 3-1.
Table 3-1 8900E Interface Board Types
Boar-d/CardModel
Fixed Interface LineProcessing BoardName
Port Form Remarks
E1GF24A 24-port NP enhanced
Gigabit optical interface
board
24 GE optical ports,
supporting fast and
Gigabit SFP
NP extension is available, and MPLS,
large entries, Ethernet OAM, and
intelligent monitoring are supported.
H2GF24D 24-port Gigabit optical
interface board
24 GE optical ports,
supporting fast and
Gigabit SFP
MPLS, large entries, Ethernet OAM,
clock (SyncE or 1588v2), and intelligent
monitoring are supported.
3-8
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 3 Product Structure
Boar-d/CardModel
Fixed Interface LineProcessing BoardName
Port Form Remarks
H2GF48D 48-port Gigabit optical
interface board
48 GE optical ports,
supporting fast and
Gigabit SFP
MPLS, large entries, Ethernet OAM,
clock (SyncE or 1588v2), and intelligent
monitoring are supported.
H2GT48D 48-port Gigabit
electrical interface
board
48 GE electrical
ports, supporting
fast and Gigabit
adaptive.
MPLS, large entries, Ethernet OAM,
clock (SyncE or 1588v2), and intelligent
monitoring are supported.
H2XF8D 8-port 10 Gigabit
optical interface board
8*10 GE optical
ports, supporting
10G SFP+
MPLS, large entries, Ethernet OAM, and
intelligent monitoring are supported.
S1XF12A 12-port 10 Gigabit
optical interface board
8*10 GE optical
ports, supporting
10G SFP+
L2/L3, IPv4/v6 features, SyncE, and
intelligent monitoring are supported.
3.4 Software StructureIntroductionThe ZXR10 8900E series core switch is based on ZTE's new-generation IP protocol stackplatform Zhong Xing Route Operating System (ZXROS). The protocols of the platformimplements product-unrelated service functions. All software components can run in userstate of the microkernel system, and thus the system security is enhanced. The softwarecomponents belong to different independent process spaces, allowing illegal applicationoperations to be isolated. Component-based management is used. Component functionscan be independently developed, versions can be separately released, and componentscan be dynamically installed, uninstalled, or upgraded. Uninterrupted routing anddistributed processing is supported. Fast and reliable inter-CPU synchronization is alsosupported.
For the overall components of the ZXROS software platform, see Figure 3-11.
3-9
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
Figure 3-11 Framework of the New-generation ZXROS Software Platform System
The ZXROS software platform system includes the following subsystems:
l Route subsystem
Includes unicast and multicast routing protocols.
l L2 subsystem
Includes various layer 2 protocols.
l MPLS subsystem
Includes the LDP, RSVP, and PWE3 protocols.
l L3&PSS subsystem
Includes TCP/UDP, ARP, ND, packet sending/receiving, interface management,routing table, label table management, forwarding table integration, andsynchronization modules.
l Configuration and resource management subsystem
Includes ACL, route-map, L2VPN, and L3VPN configuration management modules,and label and IP pool resource management modules.
l Application protocol subsystem
Includes various application protocols such as Netflow, Radius, NTP, and Telnet.
Software CharacteristicsThe software platform's key and competitive technologies lie in the following aspects:
l System kernel resources run in privileged mode. All software components run in userstate in the microkernel system. Thus, the system security is enhanced.
l The software components belong to different independent process spaces, allowingillegal application operations to be isolated.
l Component functions can be independently developed, and versions can beseparately released.
3-10
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 3 Product Structure
l Software components can be dynamically installed, uninstalled, or upgraded online(ISCU-in-service component upgrade). Versions can be smoothly upgraded withoutservice interruption, and service customization requirements can be satisfied.
l The software system architecture supports distributed protocol processing. That is,protocols use independent processes, and messages are sent between processes.
l Fast inter-CPU synchronization is supported by using reliable multicast packets, andthus the route convergence speed is improved.
l Command configuration and protocol processing are separated, and platform andproduct command scripts are loosely associated.
l A uniform external interface is provided. Fast secondary development is supported.Outsourced software can be optimized.
l Nonstop routing (NSR) is supported.l Cluster technologies are supported.
In addition, the ZXROS software platform has the following characteristics:
l High reliability and stability: The software platform satisfies long-term stablenetwork operation requirements.
à Failures of one software component does not affect the other components.
à Components are independently developed, released, and upgraded.
à The platform and products are loosely coupled.
l Real-time performance: The software platform satisfies large dynamic routingprotocols, network management protocols, and time requirement of datasynchronization among multiple processors.
l Self-healing: System exceptions are detected, handled, and recorded. In case of anexception, the system can immediately perform recovery and switching.
l Maintainability: The usage and invoking status of core resources and systemservices can be traced and recorded. Software components are independent,making it easier to trace failures.
l Simplicity: The software platform only provides essential system services toapplications, and shields unnecessary system services.
l Encapsulation: Hardware features can be totally shielded, so that the applicationlayer is unrelated to the hardware. The software platform is uniform and portable toall processor applications.
l Smooth evolution: The software platform supports fast secondary development, andcan quickly integrate outsourced software and respond to customers' requirements intime.
3-11
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
This page intentionally left blank.
3-12
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 4Technical SpecificationsBasic SpecificationsFor the basic features and physical specifications of the ZXR10 8900E, refer to Table 4-1.
Table 4-1 Basic Features and Physical Specifications of the Device
DescriptionAttribute
8912E 8908E 8905E 8902E
Backplane
bandwidth
19.2 Tbps 12.8 Tbps 8 Tbps 3.2 Tbps
Switching
capability
5.12 Tbps 5.12 Tbps 3.2 Tbps 1.28 Tbps
Packet
forwarding
ratio
3840 Mpps 3840 Mpps 2400 Mpps 960 Mpps
Number of
GE ports
576 384 240 96
Basic
Per-
form-
ance
Spec-
ifica-
tions
Number of 10
GE ports
144 96 60 24
Dimensions
(height ×
width ×
depth)
753 mm * 442
mm * 446 mm
577 mm * 442
mm * 446 mm
442 mm * 442
mm * 446 mm
175 mm * 442
mm * 420 mmPhys-
ical
pa-
rame-
tersWeight (full
configura-
tion)
89.7 kg 64.9 kg 51.2 kg 24 kg
Total number
of slots
14 10 7 4Num-
ber of
slots Number of
service slots
12 8 5 2
4-1
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
DescriptionAttribute
8912E 8908E 8905E 8902E
Power supply
conditions
(AC)
100 V–240 V, 50 Hz –60 Hz
Power supply
conditions
(DC)
-57 V–-40 V
Po-
wer
sup-
plyMaximum
total
consumption
of the
device in full
configuration
2718 W 2084 W 1235 W 300 W
Operating
temperature
Long-term: -5℃–+45℃Short-term: -5℃–+50℃
Storage
temperature
-40℃–+70℃
Relative
humidity
5%–95%, without condensed moisture
Envi-
ron-
ment
re-
quire-
mentsEarthquake
resistance
Able to resist an earthquake of magnitude 8
Interface SpecificationsFor the optical and electrical interface features of the ZXR10 8900E, refer to Table 4-2.
Table 4-2 Optical and Electrical Interface Features
Port Type Feature Description
10 /100 /1000BASE-T In compliance with IEEE802.3z standards.
RJ45 connector.
Class 5 UTP twisted-pair wire, maximum transmission distance:
100 m.
Half duplex/full duplex, MDI/MDIX.
100BASE-FX (SFP-M02K) LC connector, multi-mode optical fiber, wavelength: 1310 nm,
maximum transmission distance: 2 km.
Transmission power: -19–-14 dBm, reception sensitivity: <-30 dBm
100BASE-FX (SFP-S15K) SFP optical module.
LC connector, single-mode optical fiber, wavelength: 1310 nm,
maximum transmission distance: 15 km.
Transmission power: -14–-8 dBm, reception sensitivity: <-31 dBm
4-2
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 4 Technical Specifications
Port Type Feature Description
100BASE-FX (SFP-S40K) LC connector, single-mode optical fiber, wavelength: 1310 nm,
maximum transmission distance: 40 km.
Transmission power: -4–-0 dBm, reception sensitivity: <-37 dBm
100BASE-FX (SFP-S80K) LC connector, single-mode optical fiber, wavelength: 1550 nm,
maximum transmission distance: 80 km.
Transmission power: -3–+3 dBm, reception sensitivity: <-37 dBm
1000BASE-SX (SFP-M500) LC connector, single-mode optical fiber, wavelength: 850 nm,
maximum transmission distance: 500 m.
Transmission power: -9.5–4 dBm, reception sensitivity: <-17 dBm
1000BASE-LX (SFP-S10K) LC connector, single-mode optical fiber, wavelength: 1310 nm,
maximum transmission distance: 10 km.
Transmission power: -9–3 dBm, reception sensitivity: <-20 dBm
1000BASE-LX (SFP-S40K) LC connector, single-mode optical fiber, wavelength: 1310 nm,
maximum transmission distance: 40 km.
Transmission power: -4.5–5 dBm, reception sensitivity: <-22 dBm
1000BASE-LX(SFP-S40K-
1550)
LC connector, single-mode optical fiber, wavelength: 1550 nm,
maximum transmission distance: 40 km.
Transmission power: -5–0 dBm, reception sensitivity: <-22 dBm
1000BASE-LH (SFP-S80K) LC connector, single-mode optical fiber, wavelength: 1550 nm,
maximum transmission distance: 80 km.
Transmission power: 0–3 dBm, reception sensitivity: <-22 dBm
1000BASE-LH (SFP-S120K) LC connector, single-mode optical fiber, wavelength: 1550 nm,
maximum transmission distance: 120 km.
Transmission power: 0–5 dBm, reception sensitivity: <-30 dBm
10GBASE-SR (SFP+-M300) LC connector, multi-mode optical fiber, wavelength: 850 nm,
maximum transmission distance: 300 m.
Transmission power: -7.3–-1.0 dBm, reception sensitivity: <-11.1
dBm
10GBASE-LR (SFP+-S10K) LC connector, single-mode optical fiber, wavelength: 1310 nm,
maximum transmission distance: 10 Km.
Transmission power: -8.2–0.5 dBm, reception sensitivity: <-10.3
dBm
10GBASE-ER/EW
(SFP+-S40K)
LC connector, single-mode optical fiber, wavelength: 1550 nm,
maximum transmission distance: 40 Km.
Transmission power: -4.7–4.0 dBm, reception sensitivity: <-14.1
dBm
System Functions and Featuresl L2 features
4-3
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
For L2 features of the ZXR10 8900E, refer to Table 4-3.
Table 4-3 L2 Features
Attribute Description
VLAN Supports port-based, protocol-based, and subnet-based VLANs.
Supports VLAN translation.
Supports PVLAN.
Supports super VLAN.
QinQ Supports QinQ-based forwarding.
Supports normal QinQ and port-based outer labels.
Supports selective QinQ and stream-based outer labels.
Supports selective QinQ inner priority mapping.
Supports TPID modification.
MAC Supports MAC address learning, aging, and solidifying.
Supports static MAC address setting.
Supports MAC address attack protection.
Supports MAC address binding.
Link
aggregation
Supports static link aggregation.
Supports dynamic LACP.
Supports stream-based load balancing
Supports inter-line card link aggregation.
Supports inter-rack link aggregation.
Port features Supports loopback detections.
Supports broadcast, multicast, and unknown unicast storm
suppression.
Supports layer 2 protocol protection and jumbo frame protection.
Supports port flow control.
Support 1-minute peak statistics.
Support default shutdown of a port.
ARP Supports static ARP configuration.
Supports dynamic ARP learning and aging.
Supports ARP agent.
Supports ARP anti-attack protection.
STP Supports STP, RSTP, and MSTP.
Supports BPDU protection.
MIRROR Supports ingress mirroring, egress mirroring, 1-to-many, many-to-1,
and many-to-many mirroring, stream mirroring, and CPU mirroring.
Supports RSPAN and ERSPAN.
L2
features
Ethernet
OAM
Supports IEEE 802.1ag.
Supports IEEE 802.3ah.
l L3 features
4-4
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 4 Technical Specifications
For the L3 features of the ZXR10 8900E, refer to Table 4-4.
Table 4-4 L3 Features
Attribute Description
IPv4 unicast
routing
Supports IPv4 unicast static routing.
Supports RIPv1/v2, OSPFv2, IS-IS, and BGP-4.
Supports policy routing and routing policies.
Supports VRRP.
Supports URPF.
Supports ECMP.L3
features IPv6 unicast
routing
Supports the ND protocol, ND protocol protection, and IPv6 path
MTU.
Supports IPv6 static routing.
Supports RIPng, OSPFv3, IS-ISv6, and BGP4+.
Supports 6to4, 6in4, and ISATAP tunnels.
Supports 6PE.
l Multicast features
For the multicastfeatures of the ZXR10 8900E, refer to Table 4-5.
Table 4-5 Multicast Features
Attribute Description
L2 multicast Supports IGMP Snooping/proxy.
Supports IGMP rate limit and IGMP rate filter.
Supports MLD snooping.
Supports PIM snooping
Supports inter-VLAN multicast duplication.Multicast
featuresL3 multicast Supports static multicast.
Supports IGMPv1/v2/v3 and MLDv1/v2.
Supports PIM-SM, PIM-SSM, PIM-DM, and MSDP.
Supports Anycast RP
l MPLS features
For the MPLS features of the ZXR10 8900E, refer to Table 4-6.
4-5
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
Table 4-6 MPLS Features
Attribute Description
Basic
features
Supports LDP.
Supports RSVP/RSVP-TE.
MPLS L2
VPN
Supports VPLS, VPWS, and H-VPLS (Qinq or LSP access).
Supports Vrf to Vrf/single-hop M-EBGP/multi-hop M-EBGP
inter-domain L2 VPN deployment.
Supports CE dual-PE protection.
Supports UPE dual-NPE protection.
MPLS L3
VPN
Supports L3 VPN FRR.
Supports L3 VPN ECMP.
Supports Vrf to Vrf/single-hop M-EBGP/multi-hop M-EBGP
inter-domain L3 VPN deployment.
Supports Multi-VRF (MCE).
MPLS
features
MPLS TE Supports static LSPs.
Supports displaying LSP tunnels.
Supports LSP tunnel priority/preemption/backup.
Supports MPLS TE FRR.
Supports MPLS L2VPN /MPLS L3VPN Over TE.
Supports LDP over TE.
l QoS features
For the QoS features of the ZXR10 8900E, refer to Table 4-7.
Table 4-7 QoS Features
Attribute Description
Traffic
classification
Supports traffic classification by physical port.
Supports traffic classification by physical port and ACL.
Packet
re-tagging
Supports 802.1p priority, IP Precedence, IP DSCP, IP TOS, and
MPLS EXP re-tagging.
Supports double-layer label mapping.
Traffic
policing
Supports incoming port CAR.
Supports stream-based CAR.
Supports incoming/outgoing traffic policing.
Supports re-tagging after traffic policing.
Congestion
control
Supports stream-based bandwidth control.
Supports RED and WRED.
Queue
scheduling
Supports up to eight priority queues, each of which supports
minimum/maximum bandwidth management.
Supports SP, WRR, SP+WRR, and WDRR scheduling.
QoS
features
4-6
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 4 Technical Specifications
Attribute Description
Traffic
shaping
Supports port-based traffic shaping.
Supports VLAN-based traffic shaping.
l Service management features
For the service management features of the ZXR10 8900E, refer to ZXR108900ETable 4-8.
Table 4-8 Service Management Features
Attribute Description
Service management
Supports IEEE 802.1x, 802.1x Relay, 802.1x RADIUS accounting,
and forcing subscribers to get offline.
Supports AAA authentication.
Supports hierarchical subscriber management.
Supports IPTV management (CAC, CDR, and UMS).
Supports DHCPv4/v6 Server, DHCP v4/v6 Relay, and DHCP v4/v6
Snooping.
Supports DHCP OPTION 82.
l Reliability
For the device and network reliability features of the ZXR10 8900E, refer to Table 4-9.
Table 4-9 Reliability Features
DescriptionAttribute
8912E 8908E 8905E 8902E
MTBF 400000 hours
MTTR < 30 minutes
Reliability ≥ 99.999%
Hot-
swapping
Supported by all boards.
Main control
redundancy
1:1
Device
reliabil-
ity
Power supply
redundancy
Power supply
redundancy
(AC: 2+1; DC:
1+1)
Power supply redundancy (AC: 1+1; DC: 1+1)
4-7
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
DescriptionAttribute
8912E 8908E 8905E 8902E
Network reliability
Supports MPLS-TE end-to-end path protection.
Supports MPLS-TE FRR.
Supports IP FRR.
Supports LDP FRR.
Supports multicast FRR.
Supports Static Routing, LDP, OSPF, ISIS, BGP, RIP, VRRP, LSP,
FRR, PIM DR, and Super VLAN’s BFD.
Supports Graceful Restart.
Supports NSF in case of active/standby switchover.
Supports VRRP, multi-backup configuration, backup priority
configuration, VRRP switching authentication, and priority
replacement mode.
Supports VPLS ring network protection.
Supports ESRP+ Ethernet ring network protection.
Supports double uplink dual-home protection.
Supports ECMP.
Supports UDLD.
Supports LLDP.
Supports LACP and MC-LAG.
l Security features
For the security features of the ZXR10 8900E, refer to Table 4-10.
Table 4-10 Security Features
Attribute Description
Attack
prevention
Supports DOS attack prevention.
Supports BPDU attack prevention.
Supports CPU protection.
Supports ARP attack prevention.
Supports MAC address flood protection.
Supports IPv4 uRPF.
Supports hierarchical command protection.
Supports abnormal and error packet protection.
Supports SYN FLOOD attack prevention.
Supports PING FLOOD attack prevention.
Supports Ping of Death attack prevention.
Supports SNMP attack prevention.
Supports fake source IP address attack prevention.
Supports ARP spoofing.
Security
features
4-8
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 4 Technical Specifications
Attribute Description
CPU
security
protection
Supports protocol priority processing configuration.
Supports protocol protection.
Supports filtering the packets sent to a CPU.
Advanced
security
features
Supports data log monitoring.
Supports automatic suppression of broadcast storms.
Supports filtering layer 2, 3 and 4 ACLs together.
Supports control/signaling MD5 authentication.
Supports IP source guard/DAI.
Supports ND security.
l Clock synchronization
For the clock synchronization features of the ZXR10 8900E, refer to Table 4-11.
Table 4-11 Clock Synchronization Features
Attribute Description
Syn-
chronous
Ethernet
Supports port-based clock recovery.
Supports overall clock distribution.
Supports clock retrieval (line, external 2 Mbit/HZ, or GPS clock).
Supports SSM processing.Clock syn-
chronization IEEE
1588v2
Supports protocol-based clock recovery.
Supports transparent transmission of clocks.
Supports P2P and E2E modes.
Supports precision time synchronization.
Supports the BMC algorithm.
l O&M features
For the O&M features of the ZXR10 8900E, refer to ZXR10 8900ETable 4-12.
Table 4-12 O&M Features
Attribute Description
O&M Supports the command line function.
Supports hierarchical management authority.
Supports password aging and confirmation.
Supports control console management.
Supports subscriber access service management.
Supports remote access by SSH, TELNET, or SNMP, and the
FTP/TFTP function.
Supports various alarms (sound or light).
Supports the ZXNM01 unified network management system.
Supports CLI and hierarchical network management.
Supports subscriber access control.
O&M
4-9
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
Attribute Description
Supports storage and restoration configuration.
Supports log management, Syslog, and REMON functions.
Supports time management and NTP functions.
Supports IPv6 equipment management.
Supports basic MIB functions.
Supports traffic statistics.
Cluster
manage-
ment
ZGMP, LLDP/ZTP/ZGMP.
Traffic
analysis
IPFIX, SFlow.
OAM Supports Ethernet OAM.
Supports OAM tools (such as LSP Ping or LSP trace route).
4-10
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 5Networking ApplicationsTable of Contents
Application in an Metro Ethernet Network...................................................................5-1Application in a Data Center .......................................................................................5-2Application in Ethernet Layer 2 Convergence .............................................................5-3Application in an Enterprise Network ..........................................................................5-4Application in FTTx.....................................................................................................5-5Application in a Core Network Bearer .........................................................................5-6Application in IP RAN .................................................................................................5-7
5.1 Application in an Metro Ethernet NetworkThe ZXR10 8900E can be deployed in the convergence layer of anMetro Ethernet network,which is uniformly borne by mobile/fixed network broadband/key customer, to satisfy therequirement for separated voice, video, data, and IPTV services. The ZXR10 8900E usesthe VPN technology to implement all-service bearer and service separation, and uses ringnetwork, various protection technologies, and OAM to provide carrier-class reliability tocarriers:
l In MPLS-to-edge mode, it implements end-to-end separation between service andbearer to provide higher reliability and higher security.
l With the MPLS VPN technology, it provides different service functions over differentservice planes.
l With the MPLS TE/FRR/BFD technologies, it implements fast protective switchingwithin 50 ms.
l With Ethernet OAM, it implements quick fault discovery to improve network operationand maintenance capabilities
For the common networking solution of Metro Ethernet multi-service bearer, see Figure5-1.
5-1
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
Figure 5-1 Application in an Metro Ethernet Network
5.2 Application in a Data CenterDue to the growing demand for broadband networks and growing number of fixed networkand broadband subscribers, interactive service traffic increases dramatically, and variousInternet application surges in scale. Thus, old data centers are facing higher resourceand O&M demands, and the pressure of expansion, consumption, and maintenance fordata center devices is great. The ZXR10 8900E has high-density 10 Gigabit ports andhigh-performance switching capacity, and thus can be deployed at the core/convergencelayer of data centers to help reduce customer TCO and solve expansion and maintenanceproblems.
l The ZXR10 8900E has high bandwidth, high performance, and large capacity toprovide a high-speed channel for data centers and cloud computing and ensurenon-blocking traffic.
l The ZXR10 8900E has rich network management features, provides graphicalnetwork management to help data center maintenance personnel, and providesnorthbound interfaces to implement unified network management.
l As an environment-friendly product, the ZXR10 8900E uses 40 nm chips andallows line cards or ports to be enabled on demand, effectively reducing the powerconsumption of data center network equipment.
l The ZXR10 8900E integrates multiple security technologies to provide securityprotection from equipment level to network level. It uses firewall boards to preventdata centers from external network attacks, and uses DoS and CPU protectiontechnologies to prevent itself from attacks.
For the common network of a data center, see Figure 5-2.
5-2
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 5 Networking Applications
Figure 5-2 Application in a Data Center
5.3 Application in Ethernet Layer 2 ConvergenceBy mature commercial use, the ZXR10 8900E proves its perfect application andsignificance in Ethernet layer 2 convergence. Based on the ZXR10 8900E' rich Ethernetlayer 2 convergence features and to meet the requirements for higher bandwidth, capacity,and convergence ratio as well as the requirements for subscriber isolation, serviceseparation, and differentiated for multiple access modes, the ZXR10 8900E providesthe following capabilities to provide powerful support for the high-speed development ofcarrier networks:
l Supports QoS to bring more precision in network resource distribution andmanagement.
l Provides ring network protection on the convergence layer, and uses ZTE's ZESR+(EAPS) Ethernet ring technology to implement 50 ms protective switching.
l Uses the VLAN and QinQ technologies to isolate subscribers or separate subscribersfrom the carrier, facilitating service plane expansion and subscriber management.
l Supports carrier-class switching capacity and provides T-level switching capabilityamong all series, allowing smooth evolution to the switching capabilities at higherlevels and satisfying carrier-class layer 2 convergence requirements.
For the common networking solution of Ethernet layer 2 convergence, see Figure 5-3.
5-3
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
Figure 5-3 Application in Ethernet Layer 2 Convergence
5.4 Application in an Enterprise NetworkA campus network's core layer requires high bandwidth and high-density ports. So, thewhole network must support subscriber access authentication, security protection, andother security policies. The ZXR10 8900E can be deployed in the campus network'score layer to provide high-speed forwarding and service guarantee. The ZXR10 8900E’senterprise network scenario has the following features:
l For enterprise network subscribers, it is even more important to reduce operationand maintenance costs and improve internal security. The ZXR10 8900E supportsrich security features, and supports the DHCP server, and snooping functions tohelp subscribers to manage addresses. It also supports various authenticationmechanisms such as Radius and TACACS+, and implements hierarchical authoritymanagement. It provides IP source Guard, DAI, anti-DoS attacks, and other securityprotection functions to minimize network attacks. It supports SQA, and learns theoperational status of each application server, and thus network failures can beavoided.
l For information security purposes, it is essential for an enterprise network to guardagainst external network attacks and threats. In addition, egress traffic statistics and
5-4
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 5 Networking Applications
control are also needed to identify illegal traffic and applications. The ZXR10 8900Eprovides various traffic analysis tools to implement traffic analysis, differentiated QoS,and network security protection, and finally achieve specific service control.
l Provides a complete set of IPv6 solutions. Through dual-stack and various v4/v6tunneling technologies, it implements IPv4-to-IPv6 seamless transition.
l Supports various tunneling technologies, such as MPLS L2/L3 VPN, QinQ, and L2PT,to satisfy the requirements of isolated internal service logics for different enterprises.
For the common network of an enterprise network, see Figure 5-4.
Figure 5-4 Application in an Enterprise Network
5.5 Application in FTTxAs subscribers' service requirements are gradually growing, higher access bandwidthand QoS are demanded, and the legacy DSL access shows inability to satisfy servicedevelopment trends in the future. With the decrease in the costs of optical fibers,E-FTTx access becomes the major trend towards the future. The ZXR10 8900Esupports environment-friendly E-FTTx access to satisfy both the numerous cable accessrequirements in the existing network and FE/GE access scenarios:
l It has rich interface boards, and provides high-density and high-bandwidth access tosufficiently satisfy FTTx's requirements for high density and expendability.
l By using various QoS features, it implements control over different services andprovides satisfactory user experience for short-delay and low-jitter services.
l It supports the SVLAN technology and can effectively isolate services and subscribersto guarantee network security.
5-5
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
l By using the ITU-T G.8032 standard Ethernet intelligent ring protection technology, itsatisfies different reliability requirements of different subscribers.
l The IP over DWDM technology, which is implemented based on switches, requireslow costs in network establishment and maintenance, and is highly expandable.
For the common network of FTTx, see Figure 5-5.
Figure 5-5 Application in FTTx
5.6 Application in a Core Network BearerThe evolution from fixed core networks to softswitch is towards the all-IP trend. The mobilecore network has experienced the separation of the circuit domain and the packet domain,and its bearer is more and more IP-based. As the core network is evolving, the IMS totallyseparates service, control, and bearer planes, and implements the integration of 2G/3G,mobile, and fixed network services. The IMS network is completely IP-based. The ZXR108900E can satisfy the requirements for various core networks. It acts as a PE or CR toimplement carrier-class core network multi-service bearer:
l It supports enhanced VRRP, associates VRRPwith BFD, and provides active/standbyredundancy for core network elements, and thus ensure the core network reliability.
l It supports various FRR, and implements 50 ms fast switching by fast detectionfunctions such as BFD.
l It supports Multi-VRF, and separates the traffic by service or logical interface toimprove device utilization.
l It supports the MPLS VPN technology, implements independent management ofaccess subscribers for different VPNs, distinguishes the routing and network topologyinformation of different VPN subscribers, and uses traffic engineering to ensure theQoS of core network services.
5-6
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 5 Networking Applications
For the common network of a core network bearer, see Figure 5-6.
Figure 5-6 Application in a Core Network Bearer
5.7 Application in IP RANIP backhaul mainly resolves the interconnection between a base station and a wirelessservice control point (gateway) to implement IP-based mobile voice and data servicebearer. In a legacy 2G network, a BTS uses TDM E1/T1 to access the base stationcontroller (BSC). With the development of the wireless network, IP-based Node Bemerges in 3G networks to replace BTS, providing Ethernet interfaces to allow wirelesstraffic to access or converge on an RNC through a switch. An IP backhaul networkhas requirements for clock synchronization, highexpendabilityy, and high reliability. TheZXR10 8900E can be deployed at IP backhaul convergence nodes to serve the IPbackhaul network. :
l IP backhaul requires clock synchronization throughout the network. The ZXR108900E provides the SyncE+1588v2 solution to synchronize high-precision clocksignals (such as BITS) to all base stations.
l A base station's access ring and convergence ring both require ring networkprotection. The ZXR10 8900E uses a ZESR+ (EAPS) Ethernet ring network to meetthe 50 ms switching time requirement.
l It supports superVLAN and QinQ to relieve gateway load in case of multi-base stationaccess, reduce IP address consumption, implement uniform management of basestations, and enhance network expendability.
5-7
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
l The ZXR10 8900E supports the VPLS/H-VPLS andMPLS L3VPN technology to bettersatisfy multipoint-to-multipoint access requirements.
For the common network of an IP Backhaul network, see Figure 5-7.
Figure 5-7 Application in IP RAN
5-8
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 6Operation and MaintenanceTable of Contents
NetNumen U31 Unified Network Management Platform .............................................6-1Maintenance and Management ..................................................................................6-2
6.1 NetNumen U31 Unified Network ManagementPlatform
With the development of all-IP technologies, the telecommunication industry is confrontedwith great changes towards the mainstream trend for broadband, mobility, andconvergence. The all-IP network architecture requires that the existing operation andmanagement be transformed from vertical to horizontal direction. Thus, operation costscan be reduced and O&M efficiency can be improved.
Faced with the future network development trend, ZTE releases the unified networkmanagement platform NetNumen™ U31, and the sub-product NetNumen™ U31 (BN)implements unified management for all bearer network devices. The U31 not onlyprovides multi-domain device management, but implements the convergence of elementlayer management and network layer management, breaking through the verticalmanagement model and satisfying flat management requirements.
Networking ModeBetween the NetNumen U31 and the ZXR10 8900E, in-band or out-band managementcan be implemented.
l In-band management
In-band management means that network management information can betransferred in the same channel as service information, without the need to establishan extra DCN network. The NetNumen U31 need only be connected to a neighbornetwork device and configured with SNMP parameters.
In-band management is flexible and does not need extra investment. However,network management information occupies the service bandwidth, and thus servicequality may be affected.
l Out-band management
Out-band management means that network management information is separatelytransferred in a network management network and an extra DCN network is needed.The NetNumen U31 system is connected to the out-band management port of the
6-1
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
ZXR10 8900E, and thus network management information and service informationare separately transferred.
Out-band management allows network management information to be transferredmore reliably, even if the service channel is interrupted. However, to build a separatenetwork management network is restricted by region and needs extra investment.
NetNumen U31The NetNumen™ U31 (BN) is a unified management platform for all bearer networkdevices of ZTE. It implements integrated management of transmission, wavelengthdivision, PTN, and IP devices (routers and switches). The U31 is located on the networkelement management layer or subnet management layer, and is a new-generationnetwork management system. It provides powerful functions for managing the networkelement layer and network layer.
The NetNumen™ U31 (BN) uses distributed, multi-process, and modular design tomanage all-series bearer network devices. The U31 provides configuration, fault,performance, maintenance, path, security, system, and report management functions.It guarantees device stability, and implements management and control on networkelements and regional networks.
The system uses various network management technologies, and is designed anddeveloped based on the TMN concept of ITU-T and industry-leading experience innetwork management software development. It provides powerful management functionsand flexible networking capability. The U31 system provides the following functions forthe ZXR10 8900E:
l Fault management: Guarantees stable network operation.l Performance management: Helps users to fully understand the network service
status.l Resource management: Helps users to use network resources properly.l View management: Presents network operation status clearly.l Configuration management: Helps users to deploy services quickly.l Security management: Guarantees network security.l Northbound interface: Helpful for integration.
6.2 Maintenance and ManagementVarious Configuration ModesThe ZXR10 8900E provides various device login and management configuration modes,which allow users to choose proper connection configuration modes according to theirscenarios, and thus devices can be maintained more easily.
l Serial connection configuration
Serial connection configuration uses the VT100 terminal method, and thehyperterminal tool provided by the Windows operating system can be used for
6-2
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 6 Operation and Maintenance
configuration. If the device is bare or without configuration or connection, thisconnection configuration mode must be selected.
l Telnet connection configuration
à Telnet to the management Ethernet port (10/100/1000Base-T) on a Telnet maincontrol board to configure the switch.
à On a VLAN interface, configure the IP address, set the username and password,and telnet to the IP address of the VLAN interface to configure the switch.
When a user remotely logs into the device and communicates with the device properly,this connection configuration mode can be selected.
l SSH connection configuration
On the ZXR10 8900E, enable the SSH server function, and use the SSH clientsoftware to connect the IP address of the VLAN interface or management Ethernetport to configure the switch in a more secure way. If the user requires secure remotelogin, this connection mode can be selected.
l SNMP connection configuration
The back-end network management server acts as the SNMP server, and thefront-end ZXR10 8900E acts as the SNMP client. The front end and back end sharethe same MIB, and use the network management software to manage and configurethe ZXR10 8900E. This connection configuration mode helps users to effectivelymanage and configure network devices by using network management software.
Monitoring and MaintenanceThe ZXR10 8900E provides various methods for monitoring, manage, and maintaindevices, so that the devices can be handled properly in case of exceptions and users canlearn all the parameters about the device operation.
Device Monitoring
l Power supply, fan, and main control modules, and all interface boards have indicatorsthat indicate the operational status of a component.
l Hot-swapping and switchover events of main control boards are recorded for users toreview.
l Sound and message alarm are raised when a fan, power supply module, ortemperature is abnormal.
l Version consistency is checked automatically during system operation.l Board temperature is automatically monitored during system operation, and
temperature control and message alarm functions are provided.l Software running status is monitored by the system, and line cards are restarted or
active/standby main control board switchover is performed when an exception occursand affects the device.
Management and Maintenance
l Command lines provide flexible online help.
6-3
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
l Hierarchical user authority management and hierarchical commands are provided.l An information centers is supported to provide uniform management for logs, alarms,
and debugging information.l Switch cluster management is supported, providing a uniform channel for managing
and maintaining different devices.l The basic information about main control boards, interface boards, and optical
modules can be queried through the CLI.l A variety of information can be queried, including the version, component status,
ambient temperature, CPU, and memory usage.l All information can be collected with one key, and command results can be displayed
on the device or outputted to a file. Hardware environment, software information,version information, data configuration, real-time operational status, and protocolinformation can be displayed and be automatically or manually outputted.
Diagnosis and Debugging
l Ping and TraceRoute: Checks whether a network connection is reachable, andrecords the transmission path of data packets online as a reference for locating faults.
l Debugging: Every software feature provides rich debugging commands, eachof which supports multiple parameters that can be flexibly controlled. By usingdebugging commands, users can output the processing, packet sending/receiving,and error checking information about this feature.
l Mirroring: Supports interface-based mirroring, which means that the packets on theobserved interface in the incoming, outgoing, or both directions are duplicated to theobserving interface without any change. RSPAN and ERSPAN are supported forremote port mirroring.
l OAM: Various OAM packets are used to detect the network condition and monitordevice, link, and network faults, helping users to quickly locate the faults.
l SQA: Various detection packets are sent to detect the online and operational statusesof most applications and services.
Software UpgradeThe ZXR10 8900E provides software upgrade in normal and abnormal situations.
l Version upgrade when the system is abnormal: If a device cannot be started properly,to upgrade the software version, a user can modify the BOOT mode and downloadthe latest version through the management Ethernet port.
l Version upgrade when the system is normal: If a device is normal, the software versioncan be locally upgraded or remotely upgraded through the FTP.
File System ManagementOverview
In the ZXR10 8900E, software version files and configuration files are stored in a flashmemory. During software upgrade, configuration storage need flash operations. The flashmemory contains three default directories IMG, CFG, and DATA.
6-4
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 6 Operation and Maintenance
l IMG: Stores software version files, whose extension names are .zar. Version upgradeis to modify the software version files in this directory.
l CFG: Stores the configuration file named startrun.dat.l DATA: Stores device exception information files, in the format of “time.zte”.
File System Operations
l File backup and recovery: The software version files, configuration files, and log fileson the ZXR10 8900E can be backed up to a back-end server through the FTP/TFTP,or the backup files can be recovered from the server.
l File import and export: Files can be copied to a back-end host through the FTP/TFTP.By exporting/importing the files, users can obtain alarm files and modify configurationfiles.
6-5
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
This page intentionally left blank.
6-6
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 7Protocol and StandardComplianceThe ZXR10 8900E complies with the following protocols and standards (They are changedfrequently, so the following are only for your reference.)
Ethernet StandardsFor the Ethernet standards that the ZXR10 8900E complies with, refer to Table 7-1.
Table 7-1 Ethernet Standards
Standard No. Standard Name
RFC 0826 An Ethernet Address Resolution Protocol or
Converting Network Protocol Addresses to 48.bit
Ethernet Address for Transmission on Ethernet
Hardware
RFC 1042 A Standard for the Transmission of IP Datagrams
over IEEE 802 Networks
RFC 3069 VLAN Aggregation for Efficient IP Address
Allocation
RFC 5171 Cisco Systems UniDirectional Link Detection
(UDLD) Protocol
IEEE 802.1ab Station and Media Access Control Connectivity
Discovery
IEEE 802.1d Media Access Control (MAC) Bridges.
Specifies an architecture and protocol for the
interconnection of IEEE 802 LANs below the
MAC service boundary
IEEE 802.1q IEEE Standard for Local and Metropolitan Area
Networks: Virtual Bridged Local Area Networks
IEEE 802.1s The amendment to IEEE Std 802.1D: Multiple
Spanning Trees
IEEE 802.1t 802.1D Maintenance
IEEE 802.1w The amendment to IEEE Std 802.1D: Rapid
Reconfiguration
7-1
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
Standard No. Standard Name
IEEE 802.1ap Management Information Base (MIB) definitions
for VLAN Bridges
IEEE 802.2 IEEE Standards for Local Area Networks: Logical
Link Control (LLC)
IEEE 802.3 IEEE Standards for Local Area Networks: Carrier
Sense Multiple Access with Collision Detection
(CSMA/CD) Access, Method and Physical Layer
Specifications
IEEE 802.3ad Link Aggregation Control Protocol
IEEE 802.3ae 10 Gbit/s Ethernet Standard
IEEE 802.3af PoE(Power-over-Ethernet)
IEEE 802.3ag Connectivity Fault Management
IEEE 802.3ah Ethernet First Mile
IEEE 802.3z Gigabit fiber
IP StandardsFor the IP standards that the ZXR10 8900E complies with, refer to Table 7-2.
Table 7-2 IP Standards
Standard No. Standard Name
RFC 791 Internet Protocol
RFC 1122 Requirements for Internet Hosts - Communication
Layers
RFC 1812 Requirements for IP Version 4 Routers
RFC 1981 Path MTU Discovery for IP version 6
RFC 2292 Advanced Sockets API for IPv6
RFC 2373 IP Version 6 Addressing Architecture
RFC 2374 An IPv6 Aggregatable Global Unicast Address
Format
RFC 2375 IPv6 Multicast Address Assignments
RFC 2460 Internet Protocol, Version 6 (IPv6) Specification
RFC 2461 Neighbor Discovery for IP Version 6 (IPv6)
RFC 2462 IPv6 Stateless Address Autoconfiguration
RFC 2464 Transmission of IPv6 Packets over Ethernet
Networks
RFC 2472 IP Version 6 over PPP
7-2
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 7 Protocol and Standard Compliance
Standard No. Standard Name
RFC 3306 Unicast-Prefix-based IPv6 Multicast Addresses
RFC 4193 Unique Local IPv6 Unicast Addresses
UDP StandardsFor the UDP standards that the ZXR10 8900E complies with, refer to Table 7-3.
Table 7-3 UDP Standards
Standard No. Standard Name
RFC 0768 User Datagram Protocol
TCP StandardsFor the TCP standards that the ZXR10 8900E complies with, refer to Table 7-4.
Table 7-4 TCP Standards
Standard No. Standard Name
RFC 0793 TRANSMISSION CONTROL PROTOCOL
RFC 2001 TCP Slow Start, Congestion Avoidance,Fast
Retransmit, and Fast Recovery Algorithms
RFC 2385 Protection of BGP Sessions via the TCP MD5
Signature Option
RFC 2581 TCP Congestion Control
RFC 2988 Computing TCP's Retransmission Timer
RFC 4987 TCP SYN Flooding Attacks and Common
Mitigations
ICMP StandardsFor the ICMP standards that the ZXR10 8900E complies with, refer to Table 7-5.
Table 7-5 ICMP Standards
Standard No. Standard Name
RFC 0792 Internet Control Message Protocol
RFC 2463 Internet Control Message Protocol (ICMPv6)
for the Internet Protocol Version 6 (IPv6)
Specification
RFC 4950 ICMP Extensions for Multiprotocol Label
Switching
SOCKET StandardsFor the SOCKET standards that the ZXR10 8900E complies with, refer to Table 7-6.
7-3
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
Table 7-6 SOCKET Standards
Standard No. Standard Name
RFC 2553 Basic Socket Interface Extensions for IPv6
Tunneling StandardsFor the tunneling standards that the ZXR10 8900E complies with, refer to Table 7-7.
Table 7-7 Tunneling Standards
Standard No. Standard Name
RFC 2473 Generic Packet Tunneling in IPv6 Specification
RFC 2784 Generic Routing Encapsulation (GRE)
RFC 2890 Key and Sequence Number Extensions to GRE
RFC 2893 Transition Mechanisms for IPv6 Hosts and
Routers
RFC 3056 Connection of IPv6 Domains via IPv4 Clouds
RFC 4214 Intra-Site Automatic Tunnel Addressing Protocol
SSH StandardsFor the SSH standards that the ZXR10 8900E complies with, refer to Table 7-8.
Table 7-8 SSH Standards
Standard No. Standard Name
RFC 4250 The Secure Shell (SSH) Protocol Assigned
Numbers
RFC 4251 The Secure Shell (SSH) Protocol Architecture
RFC 4252 The Secure Shell (SSH) Authentication Protocol
RFC 4253 The Secure Shell (SSH) Transport Layer Protocol
RFC 4254 The Secure Shell (SSH) Connection Protocol
RFC 4255 Using DNS to Securely Publish Secure Shell
(SSH) Key Fingerprints
RFC 4256 Generic Message Exchange Authentication for
the Secure Shell Protocol (SSH)
RFC 4335 The Secure Shell (SSH) Session Channel Break
Extension
RFC 4344 The Secure Shell (SSH) Transport Layer
Encryption Modes
RFC 4345 Improved Arcfour Modes for the Secure Shell
(SSH) Transport Layer Protocol
7-4
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 7 Protocol and Standard Compliance
Standard No. Standard Name
RFC 4419 Diffie-Hellman Group Exchange for the Secure
Shell (SSH) Transport Layer Protocol
RFC 4432 RSA Key Exchange for the Secure Shell (SSH)
Transport Layer Protocol
RFC 4462 Generic Security Service Application Program
Interface (GSS-API) Authentication and Key
Exchange for the Secure Shell (SSH) Protocol
RFC 4716 The Secure Shell (SSH) Public Key File Format
RFC 4742 Using the NETCONF Configuration Protocol over
Secure SHell (SSH)
RFC 4819 Secure Shell Public Key Subsystem
draft-ylonen-ssh-protocol-00 The SSH (Secure Shell) Remote Login Protocol
draft-ietf-secsh-architecture-14 SSH Protocol Architecture
draft-ietf-secsh-assignednumbers-05-from-04.diff SSH Protocol Assigned Numbers
SFTP StandardsFor the SFTP standards that the ZXR10 8900E complies with, refer to Table 7-9.
Table 7-9 SFTP Standards
Standard No. Standard Name
draft-ietf-secsh-filexfer-13 SSH File Transfer Protocol
RIP StandardsFor the RIP standards that the ZXR10 8900E complies with, refer to Table 7-10.
Table 7-10 RIP Standards
Standard No. Standard Name
RFC 1058 Routing Information Protocol (RIP)
RFC 1722 RIP Version 2 Protocol Applicability Statement
RFC 1724 DRAFT STANDARD
RFC 1923 RIPv1 Applicability Statement for Historic Status
RFC 2080 RIPng support
RFC 2081 RIPng Protocol Applicability Statement
RFC 2453 RIP Version 2
OSPF StandardsFor the OSPF standards that the ZXR10 8900E complies with, refer to Table 7-11.
7-5
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
Table 7-11 OSPF Standards
Standard No. Standard Name
RFC 1131 OSPF specification
RFC 1242 OSPF specification Benchmarking terminology
for network interconnection devices
RFC 1245 OSPF Protocol Analysis
RFC 1246 Experience with the OSPF Protocol
RFC 1247 OSPF Version 2
RFC 1248 OSPF Version 2 Management Information Base
RFC 1252 OSPF Version 2 Management Information Base
RFC 1253 OSPF Version 2 Management Information Base
RFC 1364 BGP OSPF Interaction
RFC 1370 Applicability Statement for OSPF
RFC 1403 BGP OSPF Interaction
RFC 1583 OSPF Version 2
RFC 1584 Multicast Extensions to OSPF
RFC 1585 MOSPF: Analysis and Experience
RFC 1586 Guidelines for Running OSPF Over Frame Relay
Networks
RFC 1587 The OSPF NSSA Option
RFC 1765 OSPF Database Overflow
RFC 1793 Extending OSPF to Support Demand Circuits
RFC 1850 OSPF Version 2 Management Information Base
RFC 2154 OSPF with Digital Signatures
RFC 2178 OSPF Version 2
RFC 2328 OSPF Version 2
RFC 2329 OSPF Standardization Report
RFC 2370 The OSPF Opaque LSA Option
RFC 2676 QoS Routing Mechanisms and OSPF Extensions
RFC 2740 OSPF for IPv6 (OSPFv3)
RFC 2844 OSPF over ATM and Proxy-PAR
RFC 3101 The OSPF NSSA Option
RFC 3137 OSPF Stub Router Advertisement
7-6
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 7 Protocol and Standard Compliance
Standard No. Standard Name
RFC 3509 Alternative Implementations of OSPF Area
Border Routers
RFC 3623 OSPF Graceful Restart
RFC 3630 Traffic Engineering Extensions to OSPF
RFC 3883 Detecting Inactive Neighbors over OSPF Demand
Circuits (DC)
RFC 4061 Benchmarking Basic OSPF Single Router Control
Plane Convergence
RFC 4062 OSPF Benchmarking Terminology and Concepts
RFC 4063 Considerations When Using Basic OSPF
Convergence Benchmarks
RFC 4136 OSPF Refresh and Flooding Reduction in Stable
Topologies
RFC 4167 Graceful OSPF Restart Implementation Report
RFC 4222 Prioritized Treatment of Specific OSPF Version 2
Packets and Congestion Avoidance
RFC 4552 Authentication/Confidentiality for OSPFv3
RFC 4577 OSPF as the Provider/Customer Edge Protocol
for BGP/MPLS IP Virtual Private Networks
(VPNs)
RFC 4750 OSPF Version 2 Management Information Base
RFC 4811 OSPF Out-of-Band Link State Database (LSDB)
Resynchronization
RFC 4812 OSPF Restart Signaling
RFC 4813 OSPF Link-Local Signaling
RFC 4915 Multi-Topology (MT) Routing in OSPF
RFC 4940 IANA Considerations for OSPF
RFC 4970 Extensions to OSPF for Advertising Optional
Router
RFC 5340 OSPF for IPv6 (OSPFv3)
RFC 5643 Management Information Base for OSPFv3
BGP StandardsFor the BGP standards that the ZXR10 8900E complies with, refer to Table 7-12.
7-7
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
Table 7-12 BGP Standards
Standard No. Standard Name
RFC 1265 BGP Protocol Analysis
RFC 1266 Experience with the BGP Protocol
RFC 1321 The MD5 Message-Digest Algorithm
RFC 1403 BGP OSPF Interaction
RFC 1772 Application of the Border Gateway Protocol in the
Internet
RFC 1773 Experience with the BGP-4 protocol
RFC 1774 BGP-4 Protocol Analysis
RFC 1930 Guidelines for creation, selection, and registration
of an Autonomous System (AS)
RFC 1997 BGP Community Attribute
RFC 1998 An Application of the BGP Community Attribute
in Multi-home Routing
RFC 2270 Using a Dedicated AS for Sites Homed to a
Single Provider
RFC 2385 Protection of BGP Sessions via the TCP MD5
Signature Option
RFC 2439 BGP Route Flap Damping
RFC 2519 A Framework for Inter-Domain Route Aggregation
RFC 2545 BGP support IPV6
RFC 2918 Route Refresh Capability for BGP-4
RFC 3107 Carrying Label Information in BGP-4
RFC 3562 Key Management Considerations for the TCP
MD5 Signature Option
RFC 4271 A Border Gateway Protocol 4 (BGP-4)
RFC 4272 BGP Security Vulnerabilities Analysis
RFC 4273 Definitions of Managed Objects for BGP-4
RFC 4274 BGP-4 Protocol Analysis
RFC 4275 BGP-4 MIB Implementation Survey
RFC 4276 BGP 4 Implementation Report
RFC 4277 Experience with the BGP-4 Protocol
RFC 4360 BGP Extended Communities Attribute
RFC 4364 BGP/MPLS IP Virtual Private Networks
7-8
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 7 Protocol and Standard Compliance
Standard No. Standard Name
RFC 4365 Applicability Statement for BGP/MPLS IP Virtual
Private Networks (VPNs)
RFC 4382 MPLS/BGP Layer 3 Virtual Private Network
(VPN) Management information Base
RFC 4451 BGP MULTI_EXIT_DISC (MED) Considerations
RFC 4456 BGP Route Reflection: An Alternative to Full
Mesh Internal BGP (IBGP)
RFC 4486 Subcodes for BGP Cease Notification Message
RFC 4724 Graceful Restart Mechanism for BGP
RFC 4760 Multiprotocol Extensions for BGP-4
RFC 4781 Graceful Restart Mechanism for BGP with MPLS
RFC 4798 Connecting IPv6 Islands over IPv4 MPLS using
IPv6 Provider Edge Routers (6PE)
RFC 5065 Autonomous System Confederations for BGP
RFC 5492 Capabilities Advertisement with BGP-4
IS-IS StandardsFor the IS-IS standards that the ZXR10 8900E complies with, refer to Table 7-13.
Table 7-13 IS-IS Standards
Standard No. Standard Name
RFC 1142 OSI IS-IS Intra-domain Routing Protocol
ISO 10589 IS-IS intra-domain routing protocol
RFC 1195 Use of OSI Is-Is for Routing in TCP/IP and Dual
nvironments
RFC 2104 HMAC: Keyed-Hashing for Message
Authentication
RFC 2973 Support IS-IS Mesh Groups
RFC 3258 Distributing Authoritative Name Servers via
Shared Unicast Addresses
RFC 3277 IS-IS Transient Blackhole Avoidance
RFC 3359 Reserved Type, Length and Value (TLV)
Codepoints in Intermediate System to
Intermediate System
RFC 3719 Recommendations for Interoperable Networks
using IS-IS
7-9
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
Standard No. Standard Name
RFC 3787 Recommendations for Interoperable IP Networks
using IS-IS
RFC 4444 Management Information Base for Intermediate
System to Intermediate System (IS-IS)
RFC 4972 Routing Extensions for Discovery of Multiprotocol
(MPLS) Label Switch Router (LSR) Traffic
Engineering (TE) Mesh Membership
RFC 5029 Definition of an IS-IS Link Attribute Sub-TLV
RFC 5120 M-ISIS: Multi Topology (MT) Routing in
Intermediate System to Intermediate Systems
(IS-ISs)
RFC 5130 A Policy Control Mechanism in IS-IS Using
Administrative Tags
RFC 5308 Routing IPv6 with IS-IS
RFC 5309 Point-to-Point Operation over LAN in Link State
Routing Protocols
RFC 5310 IS-IS Generic Cryptographic Authentication
Multicast StandardsFor the multicast standards that the ZXR10 8900E complies with, refer to Table 7-14.
Table 7-14 Multicast Standards
Standard No. Standard Name
RFC 1112 Host Extensions for IP Multicasting
RFC 2236 Internet Group Management Protocol, Version 2
RFC 2710 Multicast Listener Discovery (MLD) for IPv6
RFC 3376 Internet Group Management Protocol, Version 3
RFC 3446 Anycast Rendevous Point (RP) mechanism
using Protocol Independent Multicast (PIM) and
Multicast Source Discovery Protocol (MSDP)
RFC 3569 An Overview of Source-Specific Multicast (SSM)
RFC 3618 Multicast Source Discovery Protocol (MSDP)
RFC 3810 Multicast Listener Discovery Version 2 (MLDv2)
for IPv6
RFC 3956 Embedding the Rendezvous Point (RP) Address
in an IPv6 Multicast Address
7-10
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 7 Protocol and Standard Compliance
Standard No. Standard Name
RFC 3973 Protocol Independent Multicast - Dense
Mode(PIM-DM):Protocol Specification (Revised)
RFC 4541 Considerations for Internet Group Management
Protocol (IGMP) and Multicast Listener Discovery
(MLD) Snooping Switches
RFC 4601 Protocol Independent Multicast - Sparse Mode
(PIM-SM): Protocol Specification (Revised)
RFC 4604 Using Internet Group Management Protocol
Version 3 (IGMPv3) and Multicast Listener
Discovery Protocol Version 2 (MLDv2) for
Source-Specific Multicast
RFC 5059 Bootstrap Router (BSR) Mechanism for Protocol
Independent Multicast (PIM)
draft-rosen-vpn-mcast-8 Multicast in MPLS-BGP IP VPNs
MPLS StandardsFor the MPLS standards that the ZXR10 8900E complies with, refer to Table 7-15.
Table 7-15 MPLS Standards
Standard No. Standard Name
RFC 2205 Resource ReSerVation Protocol (RSVP) - Version
1 Functional Specification
RFC 2209 Resource ReSerVation Protocol (RSVP) - Version
1 Message Processing Rules
RFC 2210 The Use of RSVP with IETF Integrated Services
RFC 2702 Requirements for Traffic Engineering Over MPLS
RFC 2747 RSVP Cryptographic Authentication
RFC 2961 RSVP Refresh Overhead Reduction Extensions
RFC 3031 Multiprotocol Label Switching Architecture
RFC 3032 MPLS Label Stack Encoding
RFC 3037 LDP Applicability
RFC 3107 Support BGP carry Label for MPLS
RFC 3209 RSVP-TE Extensions to RSVP for LSP Tunnels
RFC 3210 Applicability Statement for Extensions to RSVP
for LSP-Tunnels
RFC 3215 LDP State Machine
7-11
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
Standard No. Standard Name
RFC 3270 Multi-Protocol Label Switching (MPLS) Support
of Differentiated Services
RFC 3272 Overview and Principles of Internet Traffic
Engineering
RFC 3443 Time To Live (TTL) Processing in Multi-Protocol
Label Switching (MPLS) Networks
RFC 3469 Framework for Multi-Protocol Label Switching
(MPLS)-based Recovery
RFC 3478 Graceful Restart Mechanism for LDP
RFC 3479 Fault Tolerance for the Label Distribution Protocol
(LDP)
RFC 3612 Applicability Statement for Restart Mechanisms
for the Label Distribution Protocol (LDP)
RFC 4023 Encapsulating MPLS in IP or Generic Routing
Encapsulation (GRE) 2005-12-07
RFC 4090 Fast Reroute Extensions to RSVP-TE for LSP
Tunnels
RFC 4124 Protocol Extensions for Support of DS-TE
RFC 4125 Maximum Allocation Bandwidth Constraints
Model for Diffserv-aware MPLS Traffic
Engineering
RFC 4126 Max Allocation with Reservation Bandwidth
Constraints Model for Diffserv-aware MPLS
Traffic Engineering & Performance Comparisons
RFC 4127 Generalized MPLS Signaling - RSVP-TE
Extensions
RFC 4182 Removing a Restriction on the use of MPLS
Explicit NULL
RFC 4197 Requirements for Edge-to-Edge Emulation of
Time Division Multiplexed (TDM) Circuits over
Packet Switching Networks
RFC 4221 Multiprotocol Label Switching (MPLS)
Management Overview
RFC 4379 Detecting Multi-Protocol Label Switched (MPLS)
Data Plane Failures
RFC 4447 Pseudowire Setup and Maintenance Using the
Label Distribution Protocol (LDP)
7-12
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 7 Protocol and Standard Compliance
Standard No. Standard Name
RFC 4448 Encapsulation Methods for Transport of Ethernet
over MPLS Networks
RFC 4558 Node-ID Based Resource Reservation Protocol
(RSVP) Hello
RFC 4874 Exclude Routes - Extension to RSVP-TE
RFC 4905 Encapsulation Methods for Transport of Layer 2
Frames Over MPLS Networks
RFC 4906 Transport of Layer 2 Frames Over MPLS
draft-ietf-mpls-lsp-ping-version-09 Detecting Multi-Protocol Label Switched (MPLS)
Data Plane Failures
draft-ietf-ccamp-inter-domain-framework-04 Mechanisms for Inter-AS or Inter-Domain Traffic
Engineering
draft-minei-diffserv-te-multi-class-02 Extensions for Differentiated Services-aware
Traffic Engineered LSPs
LDP StandardsFor the LDP standards that the ZXR10 8900E complies with, refer to Table 7-16.
Table 7-16 LDP Standards
Standard No. Standard Name
RFC 3037 LDP Applicability
RFC 3215 LDP State Machine
RFC 3478 Graceful Restart Mechanism for LDP–GR helper
RFC 3479 Fault Tolerance for the Label Distribution Protocol
(LDP)
RFC 3612 Applicability Statement for Restart Mechanisms
for the Label Distribution Protocol (LDP)
RFC 4447 Pseudowire Setup and Maintenance Using the
Label Distribution Protocol (LDP)
RFC 4762 Virtual Private LAN Service (VPLS) Using Label
Distribution Protocol (LDP) Signaling
RFC 5036 LDP Specification
RFC 5037 Experience with the Label Distribution Protocol
(LDP)
RSVP-TE StandardsFor the RSVP-TE standards that the ZXR10 8900E complies with, refer to Table 7-17.
7-13
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
Table 7-17 RSVP-TE Standards
Standard No. Standard Name
RFC 2430 A Provider Architecture for Differentiated Services
and Traffic Engineering (PASTE)
RFC 2702 Requirements for Traffic Engineering over MPLS
RFC 2747 RSVP Cryptographic Authentication
RFC 3209 RSVP Cryptographic Authentication
RFC 3209 Extensions to RSVP for Tunnels
RFC 4090 Fast reroute Extensions to RSVP-TE for LSP
Tunnels
VPLS StandardsFor the VPLS standards that the ZXR10 8900E complies with, refer to Table 7-18.
Table 7-18 VPLS Standards
Standard No. Standard Name
RFC 4761 Virtual Private LAN Service (VPLS) Using BGP
for Auto-Discovery and Signaling
RFC 4762 Virtual Private LAN Service (VPLS) Using Label
Distribution Protocol (LDP) Signaling
RFC 4664 Framework for Layer 2 Virtual Private Networks
(L2VPNs)
RFC 4665 Service Requirements for Layer 2
Provider-Provisioned Virtual Private Networks
NTP StandardsFor the NTP standards that the ZXR10 8900E complies with, refer to Table 7-19.
Table 7-19 NTP Standards
Standard No. Standard Name
RFC 1305 Network Time Protocol (Version 3) Specification,
Implementation and Analysis
RFC 4330 Simple Network Time Protocol (SNTP) Version 4
for IPv4, IPv6 and OSI
IPV6 StandardsFor the IPV6 standards that the ZXR10 8900E complies with, refer to Table 7-20.
7-14
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 7 Protocol and Standard Compliance
Table 7-20 IPV6 Standards
Standard No. Standard Name
RFC 1886 DNS Extensions to Support IP version 6
RFC 1887 An Architecture for IPv6 Unicast Address
Allocation
RFC 1970 Neighbor Discovery for IP Version 6 (IPv6)
RFC 2023 IP Version 6 over PPP
RFC 2373 IP Version 6 Addressing Architecture
RFC 2374 An IPv6 Aggregatable Global Unicast Address
Format
RFC 2375 IPv6 Multicast Address Assignments
RFC 2452 MIB for TCP6
RFC 2454 MIB for UDP6
RFC 2460 Internet Protocol, Version 6 (IPv6) Specification
RFC 2461 Neighbor Discovery for IP Version 6 (IPv6)
RFC 2462 IPv6 Stateless Address Auto configuration
RFC 2463 Internet Control Message Protocol (ICMPv6)
for the Internet Protocol Version 6 (IPv6)
Specification
RFC 2464 Transmission of IPv6 Packets over Ethernet
Networks
RFC 2470 Transmission of IPv6 Packets over Token Ring
Networks
RFC 2472 IP Version 6 over PPP
RFC 2473 Generic Packet Tunneling in IPv6 Specification
RFC 2529 Transmission of IPv6 over IPv4 Domains without
Explicit Tunnels
RFC 2893 Transition Mechanisms for IPv6 Hosts and
Routers
RFC 3056 Connection of IPv6 Domains via IPv4 Clouds
RFC 3363 Representing Internet Protocol version 6 (IPv6)
Addresses in the Domain Name System (DNS)
RFC 3493 Basic Socket Interface Extensions for IPv6
RFC 3513 IP Version 6 Addressing Architecture
RFC 3542 Advanced Sockets API for IPv6
RFC 3587 An Aggregatable Global Unicast Address Format
7-15
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
Standard No. Standard Name
RFC 3775 Mobility Support in IPv6
IPSec StandardsFor the IPSec standards that the ZXR10 8900E complies with, refer to Table 7-21.
Table 7-21 IPSec Standards
Standard No. Standard Name
RFC 2104 HMAC: Keyed-Hashing for Message
Authentication
RFC 2401 Security Architecture for the Internet Protocol
RFC 2402 IP Authentication Header
RFC 2403 The Use of HMAC-MD5-96 within ESP and AH
RFC 2404 The Use of HMAC-SHA-1-96 within ESP and AH
RFC 2405 The ESP DES-CBC Cipher Algorithm With
Explicit IV
RFC 2406 IP Encapsulating Security Payload (ESP)
RFC 2407 The Internet IP Security Domain of Interpretation
for ISAKMP
RFC 2408 Internet Security Association and Key
Management Protocol(ISAKMP)
RFC 2409 The Internet Key Exchange (IKE)
RFC 2410 The NULL Encryption Algorithm and Its Use With
IPsec
RFC 2412 The OAKLEY Key Determination Protocol
RFC 2451 The ESP CBC-Mode Cipher Algorithms
RADIUS StandardsFor the RADIUS standards that the ZXR10 8900E complies with, refer to Table 7-22.
Table 7-22 RADIUS Standards
Standard No. Standard Name
RFC 2865 Remote Authentication Dial In User Service
(RADIUS)
RFC 2866 RADIUS Accounting
RFC 2867 RADIUS Accounting Modifications for Tunnel
Protocol Support
RFC 2868 RADIUS Attributes for Tunnel Protocol Support
7-16
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 7 Protocol and Standard Compliance
Standard No. Standard Name
RFC 2869 RADIUS Extensions
RFC 3162 RADIUS and IPv6
RFC 3576 Dynamic Authorization Extensions to Remote
Authentication Dial In User Service (RADIUS)
RFC 3580 IEEE 802.1X Remote Authentication Dial In User
Service (RADIUS)
RFC 4590 RADIUS Extension for Digest Authentication
RFC 4675 RADIUS Attributes for Virtual LAN and Priority
Support
RFC 4679 DSL Forum Vendor-Specific RADIUS Attributes
TACACS+ StandardsFor the TACACS+ standards that the ZXR10 8900E complies with, refer to Table 7-23.
Table 7-23 TACACS+ Standards
Standard No. Standard Name
draft-grant-tacacs-02 The TACACS+ Protocol Version 1.78
Differentiated Services StandardsFor the differentiated services standards that the ZXR10 8900E complies with, refer toTable 7-24.
Table 7-24 Differentiated Services Standards
Standard No. Standard Name
RFC 2474 Definition of the DS Field the IPv4 and IPv6
Headers(Rev)
RFC 2597 Assured Forwarding PHB Group (rev3260)
RFC 2598 An Expedited Forwarding PHB
RFC 3140 Per-Hop Behavior Identification Codes
VRRP StandardsFor the VRRP standards that the ZXR10 8900E complies with, refer to Table 7-25.
Table 7-25 VRRP Standards
Standard No. Standard Name
RFC 2787 Definitions of Managed Objects for the Virtual
Router Redundancy Protocol
7-17
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
Standard No. Standard Name
RFC 3590 Source Address Selection for the Multicast
Listener Discovery (MLD) Protocol
RFC 3768 Virtual Router Redundancy Protocol
RFC 3810 Multicast Listener Discovery Version 2 (MLDv2)
for IPv6
RFC 4007 IPv6 Scoped Address Architecture
RFC 4193 Unique Local IPv6 Unicast Addresses
RFC 4291 IPv6 Addressing Architecture
RFC 4659 BGP-MPLS IP Virtual Private Network(VPN)
Extension for IPv6 VPN
RFC 5072 IP Version 6 over PPP
DHCP StandardsFor the DHCP standards that the ZXR10 8900E complies with, refer to Table 7-26.
Table 7-26 DHCP Standards
Standard No. Standard Name
RFC 1533 DHCP Options and BOOTP Vendor
ExtensionsClass-identifier
RFC 1534 Interoperation Between DHCP and BOOTP
RFC 2131 Dynamic Host Configuration Protocol
RFC 2132 DHCP Options and BOOTP Vendor Extensions
RFC 3046 DHCP Relay Agent Information Option
RFC 3396 Encoding Long Options in the Dynamic Host
Configuration Protocol (DHCPv4)
BFD StandardsFor the BFD standards that the ZXR10 8900E complies with, refer to Table 7-27.
Table 7-27 BFD Standards
Standard No. Standard Name
draft-ietf-bfd-base-09 Bidirectional Forwarding Detection
draft-ietf-bfd-generic-05 Generic Application of BFD
draft-ietf-bfd-mib-07 BFD Management Information Base
draft-ietf-bfd-mpls-07 BFD For MPLS LSPs
draft-ietf-bfd-multihop-07 BFD for Multihop Paths
7-18
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 7 Protocol and Standard Compliance
Standard No. Standard Name
draft-ietf-bfd-v4v6-1hop-09 BFD for IPv4 and IPv6 (Single Hop)
draft-ietf-pwe3-vccv-bfd-05 Bidirectional Forwarding Detection (BFD) for
the Pseudowire Virtual Circuit Connectivity
Verification (VCCV)
draft-palanivelan-bfd-v2-gr-01 BFD with Graceful Restart
Network Management StandardsFor the network management standards that the ZXR10 8900E complies with, refer toTable 7-28.
Table 7-28 Network Management Standards
Standard No. Standard Name
ITU-T M.3000 Overview of TMN recommendations
ITU-T M.3010 Principles for a Telecommunications management
network
ITU-T M.3016 TMN security overview
ITU-T M.3020 TMN Interface Specification Methodology
ITU-T M.3100 Generic Network Information Model
ITU-T M.3001 Managed Object Conformance Statements for
the Generic Network Information Model
ITU-T M.3200 TMN management services and telecommunica-
tions managed areas: overview
ITU-T M.3300 TMN F interface requirements
ITU-T M.3400 TMN Management Function
TU-T Temporary Document 69 (IP Experts) Revised draft document on IP access network
architecture
ITU-T X.701-X.709 Systems Management framework and
architecture
ITU-T X.710-X.719 Management Communication Service and
Protocol
ITU-T X.720-X.729 Structure of Management Information
ITU-T X.730-X.799 Management functions
RFC 1157 Simple Network Management Protocol
RFC 1213 Management Information Base for Network
Management of TCP/IP based internets: MIB-II
RFC 1215 A Convention for Defin-ing Traps for use with the
SNMP
7-19
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
Standard No. Standard Name
RFC 1493 Definitions of Managed Objects for Bridges
RFC 1558 A String Representation of LDAP Search Filters
RFC 1657 BGP4-MIB
RFC 1724 RIPv2-MIB
RFC 1757 Remote Network Monitoring Management
Information Base
RFC 1777 Lightweight Directory Access Protocol
RFC 1778 The String Representation of Standard Attribute
Syntaxes
RFC 1850 OSPF-MIB
RFC 1901 Introduction to Community-based SNMPv2
RFC 1902 Structure of Management Information for Version
2 of the Simple Network Management Protocol
(SNMPv2)
RFC 1903 Textual Conventions for Version 2 of the Simple
Network Management Protocol (SNMPv2)
RFC 1905 Protocol Operations for Version 2 of the Simple
Network Management Protocol (SNMPv2)
RFC 1907 Management Information Base for Version 2
of the Simple Network Management Protocol
(SNMPv2)
RFC 1959 An LDAP URL Format
RFC 2011 SNMPv2 MIB for IP
RFC 2012 SNMPv2 MIB for TCP
RFC 2013 SNMPv2 MIB for UDP
RFC 2037 Entity MIB using SMIv2
RFC 2096 IP-FORWARD-MIB
RFC 2138 RADIUS
RFC 2206 RSVP-MIB
RFC 2233 The Interface Group MIB using SMIv2
RFC 2251 Lightweight Directory Access Protocol (v3)
RFC 2271 An Architecture for Describing SNMP
Management Frameworks
RFC 2273 SNMPv3 Applications
7-20
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Chapter 7 Protocol and Standard Compliance
Standard No. Standard Name
RFC 2452 IPv6 Management Information Base for
theTransmission Control Protocol
RFC 2454 IPv6 Management Information Base for the User
Datagram Protocol
RFC 2465 Management Information Base for IP Version 6:
Textual
RFC 2571 An Architecture for Describing SNMP
Management Frameworks
RFC 2572 Message Processing and Dispatching for the
imple Network Management Protocol (SNMP)
RFC 2574 User-based Security Model (USM) for version
3 of the Simple Network Management Protocol
(SNMPv3)
RFC 2863 The Interfaces Group MIB
RFC 2987 VRRP-MIB
RFC 3014 NOTIFICATION-LOGMIB
RFC 3019 IP Version 6 Management Information Base for
The Multicast Listener Discovery Protocol
RFC 3164 The BSD syslog Protocol
RFC 3291 Textual Conventions for Internet Network
Addresses
RFC 4293 Management Information Base for the Internet
Protocol (IP)
GB901 A Service management Business Process Model
GB908 Network Management Detailed Operations Map
GB909 Generic Requirements for Telecommunications
Management Building Blocks
GB910 Telecom Operations Map
GB914 System Integration Map
GB917 SLA Management Handbook V1.5
NMF037 Sub-System Alarm Surveillance Ensemble V1.0
NMF038 Bandwidth Management Ensemble V1.0
TMF053 NGOSS Architecture Technology Neutral
Specification V1.5
TMF053A NGOSS Architecture Technology Neutral
Specification V1.5
7-21
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
Standard No. Standard Name
TMF053B NGOSS Architecture Technology Neutral
Specification V1.5
TMF508 Connection and Service Management Information
Model Business Agreement
TMF605 Connection and Service Management Information
Model
TMF801 Plug and Play Service Fulfillment Phase 2
Validation Specification V1.0
TMF816 B2B Managed Service for DSL Interface
Implementation Specification V1.5
TMF821 IP VPN Management Interface Implementation
Specification V1.5
YD/T 852-1996 Telecommunication Management Network (TMN)
General Design Principles
YD/T 871-1996 Telecommunication Management Network (TMN)
General Information Model
YD/T XXXX-2001 Broadband MAN Overall Technology
Requirements
YD/T XXXX-2001 IP Network Technology Requirements: Network
Performance Specifications and Availability
YD/T XXXX-2001 IP Network Technology Requirements: Network
Overview
YDN 075-1998 China Public Multimedia Communications
Network Management Specification
YDN 075-1998 China Public Multimedia Communications
Network Management Specification
FTP/TFTP StandardsFor the FTP/TFTP standards that the ZXR10 8900E complies with, refer to Table 7-29.
Table 7-29 FTP/TFTP Standards
Standard No. Standard Name
RFC 1350 The TFTP PROTOCOL (REVISION 2)
RFC 4217 Securing FTP with TLS
7-22
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
FiguresFigure 1-1 ZXR10 8900E Series Products ................................................................ 1-2
Figure 3-1 ZXR10 8912E Overview........................................................................... 3-1
Figure 3-2 ZXR10 8912E Structure........................................................................... 3-2
Figure 3-3 ZXR10 8908E Overview........................................................................... 3-2
Figure 3-4 ZXR10 8908E Structure........................................................................... 3-3
Figure 3-5 ZXR10 8905E Overview........................................................................... 3-3
Figure 3-6 ZXR10 8905E Structure........................................................................... 3-4
Figure 3-7 ZXR10 8902E Overview........................................................................... 3-4
Figure 3-8 ZXR10 8902E Structure........................................................................... 3-4
Figure 3-9 8912E/8908E/8905E Main Control Board Diagram .................................. 3-6
Figure 3-10 8902E Main Control Board Diagram....................................................... 3-6
Figure 3-11 Framework of the New-generation ZXROS Software PlatformSystem ................................................................................................. 3-10
Figure 5-1 Application in an Metro Ethernet Network ................................................ 5-2
Figure 5-2 Application in a Data Center .................................................................... 5-3
Figure 5-3 Application in Ethernet Layer 2 Convergence........................................... 5-4
Figure 5-4 Application in an Enterprise Network........................................................ 5-5
Figure 5-5 Application in FTTx .................................................................................. 5-6
Figure 5-6 Application in a Core Network Bearer ...................................................... 5-7
Figure 5-7 Application in IP RAN............................................................................... 5-8
I
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Figures
This page intentionally left blank.
II
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
TablesTable 3-1 8900E Interface Board Types .................................................................... 3-8
Table 4-1 Basic Features and Physical Specifications of the Device ......................... 4-1
Table 4-2 Optical and Electrical Interface Features ................................................... 4-2
Table 4-3 L2 Features ............................................................................................... 4-4
Table 4-4 L3 Features ............................................................................................... 4-5
Table 4-5 Multicast Features ..................................................................................... 4-5
Table 4-6 MPLS Features ......................................................................................... 4-6
Table 4-7 QoS Features............................................................................................ 4-6
Table 4-8 Service Management Features.................................................................. 4-7
Table 4-9 Reliability Features.................................................................................... 4-7
Table 4-10 Security Features .................................................................................... 4-8
Table 4-11 Clock Synchronization Features............................................................... 4-9
Table 4-12 O&M Features......................................................................................... 4-9
Table 7-1 Ethernet Standards ................................................................................... 7-1
Table 7-2 IP Standards ............................................................................................. 7-2
Table 7-3 UDP Standards ......................................................................................... 7-3
Table 7-4 TCP Standards.......................................................................................... 7-3
Table 7-5 ICMP Standards ........................................................................................ 7-3
Table 7-6 SOCKET Standards .................................................................................. 7-4
Table 7-7 Tunneling Standards ................................................................................. 7-4
Table 7-8 SSH Standards ......................................................................................... 7-4
Table 7-9 SFTP Standards........................................................................................ 7-5
Table 7-10 RIP Standards......................................................................................... 7-5
Table 7-11 OSPF Standards ..................................................................................... 7-6
Table 7-12 BGP Standards ....................................................................................... 7-8
Table 7-13 IS-IS Standards ....................................................................................... 7-9
Table 7-14 Multicast Standards ............................................................................... 7-10
Table 7-15 MPLS Standards ................................................................................... 7-11
Table 7-16 LDP Standards ...................................................................................... 7-13
Table 7-17 RSVP-TE Standards.............................................................................. 7-14
Table 7-18 VPLS Standards.................................................................................... 7-14
Table 7-19 NTP Standards...................................................................................... 7-14
III
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
Table 7-20 IPV6 Standards ..................................................................................... 7-15
Table 7-21 IPSec Standards ................................................................................... 7-16
Table 7-22 RADIUS Standards................................................................................ 7-16
Table 7-23 TACACS+ Standards............................................................................. 7-17
Table 7-24 Differentiated Services Standards.......................................................... 7-17
Table 7-25 VRRP Standards ................................................................................... 7-17
Table 7-26 DHCP Standards................................................................................... 7-18
Table 7-27 BFD Standards...................................................................................... 7-18
Table 7-28 Network Management Standards .......................................................... 7-19
Table 7-29 FTP/TFTP Standards ............................................................................ 7-22
IV
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
GlossaryAAA- Authentication, Authorization and Accounting
ACL- Access Control List
ARP- Address Resolution Protocol
ASIC- Application Specific Integrated Circuit
BFD- Bidirectional Forwarding Detection
BGP- Border Gateway Protocol
CAC- Channel Access Control
CDR- Call Detail Record
CVLAN- Customer Virtual Local Area Network
DDoS- Distributed Denial of Service
DHCP- Dynamic Host Configuration Protocol
DWRR- Deficit Weighted Round Robin
FMC- Fixed Mobile Convergence
FRR- Fast Reroute
GPS- Global Positioning System
HVPLS- Hierarchical Virtual Private LAN Service
ICMP- Internet Control Message Protocol
V
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
IGMP- Internet Group Management Protocol
IPTV- Internet Protocol Television
IS-IS- Intermediate System-to-Intermediate System
LACP- Link Aggregation Control Protocol
LSP- Label Switched Path
MAC- Media Access Control
MLD- Multicast Listener Discovery
MPLS- Multiprotocol Label Switching
MSDP- Multicast Source Discovery Protocol
OAM- Operation, Administration and Maintenance
OPEX- Operating Expenditure
OSPF- Open Shortest Path First
PIM- Protocol Independent Multicast
PVLAN- Private Virtual Local Area Network
QoS- Quality of Service
RADIUS- Remote Authentication Dial In User Service
RED- Random Early Detection
RIP- Routing Information Protocol
RIPng- Routing Information Protocol next generation
VI
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
Glossary
SNMP- Simple Network Management Protocol
SP- Strict Priority
SSH- Secure Shell
SVLAN- Service Virtual Local Area Network
SVLAN- Selective Virtual Local Area Network
TACACS+- Terminal Access Controller Access-Control System Plus
TE- Traffic Engineering
TTL- Time To Live
VLAN- Virtual Local Area Network
VLL- Virtual Leased Line
VPLS- Virtual Private LAN Service
VPN- Virtual Private Network
VPWS- Virtual Private Wire Service
VRF- Virtual Route Forwarding Table
VRF- Virtual Route Forwarding
VRRP- Virtual Router Redundancy Protocol
WRED- Weighted Random Early Detection
WRR- Weighted Round Robin
ZESR- ZTE Ethernet Switch Ring
VII
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential
ZXR10 8900E Product Description
ZESS- ZTE Ethernet Smart Switch
VIII
SJ-20121213142710-002|2013-6-24 (R1.0) ZTE Proprietary and Confidential