Introduction - :: Comten :: Partner Oficial Huawei ... · Introduction The Quidway® NetEngine 80E...
Transcript of Introduction - :: Comten :: Partner Oficial Huawei ... · Introduction The Quidway® NetEngine 80E...
Introduction
The Quidway® NetEngine 80E core router ( NE80E for short) is the new generation high-end core router developed by
Huawei Technologies Co., Ltd. Providing full line-rate 10G interface, the NE80E can be applied in the IP backbone network,
Metro area network or as the core node in large networks with heavy traffic to bear multiple services. Adopting a series of
advanced technologies such as three-stage switching fabric, network processors (NP) and ASIC Chipsets for forwarding
engine, and the mature, stable VRP routing software of Huawei, the NE80E can provide high performance, preeminent
scalability and high reliability, IPv4/v6 dual protocol stacks, superior QoS features and abundant security functionality.
With excellent hardware and software architectures design, the NE80E can meet the availability requirements and multi-
service demands of the carrier-class networks.
1
Q u i d w a y ® N e t E n g i n e 80 ECore R o u t e r
Figure 1-1 Quidway® NetEngine80E
HU
AW
EI
TE
CH
NO
LO
GI
ES
2
Product Features
2.1 10G Performance and Terabit Capacity
The NE80E has taken an advanced hardware forwarding technology. A single NE80E chassis can support non-
blocking, full line-rate switching of up to 16 10G-interfaces, with a total interface capacity of 320G. The NE80E's
switching capacity reaches 640G, while the forwarding capacity 400Mpps, and the backplane capacity 4T.
2.2 Carrier-Class Architecture Design
The NE80E chassis adopts carrier class design with hot swappable boards. The chassis dimensions are 442 mm x
600 mm x 1600 mm (width x depth x height). It can be mounted in an N68-22 cabinet or a 19” standard cabinet. The
hardware structure of the NE80E has the following features in maintainability:
The backplane is installed from the rear of the chassis, which facilitates installation and maintenance.
There are two cable-management brackets respectively above and below the board cage, which facilitates the
cable layout and board installation and maintenance.
The fan modules can operate independently and support hot swap.
Two fan modules provide the function of heat dissipation for two board cages.
The NE80E provides a powerful monitoring system. The Main Processing Unit (MPU) implements the management
and maintenance for the whole system, including the boards, fans, Liquid Crystal Display (LCD) modules, and power
distribution modules, etc..
With module-level shielding performance and a steel sheet for each panel, the NE80E realizes the Electromagnetic
Compatibility (EMC) isolation between boards.
2.3 High Reliability
NE80E can meet the high reliability requirements for the carrier-class and high-end applications with the following
features.
Adopting hot swappable boards, power modules and fans.
Providing redundant key modules, such as: Main Processing Unit (MPU, 1+1), Switch Fabric Unit (SFU, 3+1),
power supply, fan modules, bus, and clocks.
Adopting the distributed hardware forwarding.
Separating the control channel from the service channel to provide a non-blocking control channel.
Possessing system/board fault detection, LEDs, and NMS alarm function.
Applying the generic integrated NMS platform which is independently developed by Huawei.
Supporting protection mechanisms such as IP/MPLS fast rerouting, interface automatic protection switching (APS/
MSP), Virtual Routing Redundancy Protocol (VRRP), RPR automatic protection switching.
3
2.4 Uncompromising IPv4 and IPv6 Compatibility
The NE80E fully supports IPv4 and IPv6 dual protocols stacks. It can provide all IPv6 features, and so offers a good
solution to smooth transition from IPv4 networks to IPv6 networks.
The NE80E supports three kinds of IPv6 over IPv4 tunnel techniques: manually configured tunnel, automatically
configured tunnel, and 6to4 tunnel. The large-capacity routing table and forwarding table enables the NE80E to
serve as the Virtual Private Network Provider Edge (VPN PE), and allows the future expansion of services.
The NE80E supports the distributed forwarding of both IPv4/IPv6 and Multi-Protocol Label Switching (MPLS). Due
to its powerful routing capability, the NE80E can be applied in the Internet backbone network. IPv4 supports the
routing table with a capacity of 3.2M routing entries, and IPv6 supports the routing table with a capacity of 2.6M
routing entries. The NE80E supports such IPv4 dynamic routing protocols as Routing Information Protocol (RIP),
Open Shortest Path First (OSPF), Intermediate System-Intermediate System (IS-IS), Border Gateway Protocol (BGP)
and multicast protocols. The NE80E supports such IPv6 dynamic routing protocols as BGP4+, RIPng, OSPFv3 and
IS-ISv6.
2.5 Excellent QoS Mechanism
The NE80E provides excellent QoS scheduling and buffer mechanisms, including:
PQ and Weighted Round Robin (WRR) / Weighted Fair Queuing (WFQ): guarantees the fair dispatching and
ensures that high-priority services are served first.
Three-stage switching network: is based on the Combined Input and Output Queuing (CIOQ) against Head of Line
(HOL) congestion.
Flow-based dispatching: facilitates MPLS TE and supports the Diff-Serv and Inter-Serv.
Hardware-based QoS functions: guarantees line-rate forwarding while providing QoS services.
The QoS mechanism can meet the requirements of the IP Telecom Network (IPTN). It can guarantee the delay, jitter,
bandwidth and packet drop ratio of different services. It also guarantees the launch of carrier-class services such as
the Voice over IP (VoIP).
2.6 Comprehensive Security Design
The distributed design of the NE80E isolates the data plane from the control plane. This design allows the NE80E to
offer industry-leading security features. With various security measures, the NE80E can prevent Denial-of-Service
(DoS) attacks, illegal accesses, and overload of the control plane, and offer data protection to ISP networks and
terminal users.
The NE80E offers the following security features:
Two user authentication modes: local authentication and RADIUS authentication
HU
AW
EI
TE
CH
NO
LO
GI
ES
EACL-based packet filtering
Hardware-based packet filtering and sampling with high performance and scalability
Multiple authentication methods (plain text authentication and MD5 for example) for important routing protocols
such as OSPF, IS-IS, RIP and BGP-4.
ACL on the forwarding plane and the control plane and rate-limit for each interface and ACL entry
4
3.1 Software Specifications
Item Description
Performance Forwarding capability of IPv4 packets: wire speed forwarding for various interfaces
Forwarding capability of IPv6 packets: wire speed forwarding for various interfaces
Packet forwarding rate reaches 400Mpps per chassis
IPV4 Routing Static routing
Protocol Support for RIP, OSPF, IS-IS, and BGP-4 routing protocols
All ports can provide wire speed forwarding under complex routing environments such as routing
flapping
IPV6 Routing Support for IPv4 and IPv6 dual protocol stacks
Protocol Support for basic transition technologies from IPv4 to IPv6: manually configuration tunnels,
automatic configuration tunnels, 6to4 tunnels, GRE tunnels, hardware-support NAT-PT, etc
IPV6 static routing
Support for BGP4+, RIPng, OSPFv3, ISISv6
QoS Support for simple traffic classification
Support for complex traffic classification: port based; based on layer-2, layer-3 or layer-4 packets
Support for traffic policing and traffic shaping based on srTCM or trTCM
Support for Diff-Serv EF, AF services, GTS
Support for PQ/CQ/WFQ/CBQ, LLS/LLQ/NLS
Support for RED/WRED/SARED
Support for Policy Routing
Support for MPLS QoS
Support for Layer 2 QoS
Security & Support for AAA, and RADIUS/TACACS
Authentication Support for ACL, and packet filtering firewall
Support for hierarchical protection of command line to ensure that unauthorized users cannot
invade the router
Providing record of user access log
Support for Port Mirroring
Support for NetStream
Support for attack defense
Support for unicast Reverse Path Forwarding (uRPF)
Specifications
5
HU
AW
EI
TE
CH
NO
LO
GI
ES
MPLS VPN Support for wire speed MPLS forwarding
Support for L2/L3 MPLS VPN, being able to be deployed as provider (P) or provider edge (PE) router
Support for MPLS TE and FRR
Support for Multicast VPN
All above features conform to the corresponding IETF standards, inter-operable with other vendors
Multicast Support for Internet Group Management Protocol (IGMP)
Support for Protocol Independent Multicast-Dense Mode (PIM-DM)
Support for Protocol Independent Multicast-Sparse Mode (PIM-SM)
Support for Multi-protocol Border Gateway Protocol (MBGP)
Support for Multicast Source Discovery Protocol (MSDP)
Network Providing two modes for configuration: command line and NMS
Management Support the inter-operation with Huawei carrier-class MPLS VPN Management System
Support for HGMP (Huawei Group Management Protocol)
Support for SNMP V1,V2 and V3 and RMON
Support for SSH
Maintenance Support for automatic fault diagnosis function
Support for implement remote configuration maintenance via AUX
Support for online debug and upgrade
Reliability Main Processing Unit (MPU) redundancy 1+1
Switching fabric redundancy 3+1
Power module redundancy 1+1
Fan redundancy 1+1
Support for online insertion and removal for all mudules
Support for Nonstop Forwarding(NSF)
Support for self-constrain standing routing (SCSR)
GR Protocol-level GR: IS-IS (v4/v6), OSPF, BGP4 and LDP
System-level GR
Other Support for Fast Reroute
Support for VRRP
Support for APDP
Support for UP/DOWN dampening control of interfaces
6
3.2 Hardware Specifications
Item Description
System Architecture Hardware is composed of an integrated chassis (with a backplane), power module,
ventilation/heat-dissipation system, and boards
NP-based distributed forwarding
CIOQ (Combined Input and Output Queuing) - based three-stage switching fabric to
guarantee the non-blocking switching
Number of MPU slots 2
SDRAM 1 GB (It can be extended to 2 GB)
Number of SFU slots 4
Number of LPU slots 16
Switching capacity 640Gbps
Forwarding capability 400Mpps
Dimensions 442 mm x 600 mm x 1600 mm
(W X D X H)
Weight 200 kg if fully configured, 90kg if empty
4.8 kg (LPU)
3.8 kg (MPU)
3.2 kg (SFU)
Maximum power 5000 W
DC input voltage Rated voltage range -48 VDC / -60 VDC
Maximum voltage range -38 V to -72 V
Environmental Long-term 5°C to 45°C
temperature Short-term 0°C to 55°C
Remarks Restriction on the temperature variation rate: 30°C/hour
Environmental relative Long-term 5% to 85% RH, non-condensing
humidity Short-term 5% to 95% RH, non-condensing
Altitude Less than 5000 meters
7
HU
AW
EI
TE
CH
NO
LO
GI
ES
Modules4.1 Ethernet LPU
1-port 10G Ethernet optical interface LAN card (fixed optical module)
1-port 10G Ethernet optical interface WAN card (fixed optical module)
10-port Gigabit Ethernet optical interface card (SFP optical module)
16-port 10M/100M adaptive Ethernet electrical interface card
4-port Gigabit Ethernet optical interface LPU (fixed optical module)
4.2 POS LPU 1-port OC-192c/STM-64c POS optical interface card (Fixed optical module)
4-port OC-48c/STM-16c POS optical interface card (SFP optical module)
1-port OC-48c/STM-16c POS optical interface card (fixed optical module)
8-port OC-3c/STM-1 POS optical interface card (SFP optical module)
8-port OC-3c/STM-1 POS optical interface card (fixed optical module)
4.3 ATM LPU 8-port STM-1/OC-3c ATM optical interface card (fixed optical module)
4.4 Service Provider Unit (SPU) NetStream SPU
4.5 Others
Fabric Adapter Board (FAD)
With the Fabric Adapter Board (FAD), the NE80E is compatible with interface cards or service boards of the NE40
and NE80. The FAD functions to:
Provide connector interfaces that are compatible with interface cards or service boards of the NE40/NE80 for
signal conversion such as power supply, control signals and network cable signals.
Provide NE80E compatible backplane connector interfaces for signal conversion such as power supply, control
signals and network cable signals.
Carry out signal conversion between NE40/NE80 interface cards and the NE80E.
8
Applications
The NE80E is mainly used in the IP core/backbone network or as the convergence node. It can also act as the gateway in
the data center network with carrier class features. The NE80E provides multiple services such as the IPv4/IPv6 routing
and high-speed forwarding, MPLS, and IP multicast. In addition, it provides the MPLS TE to solve the traffic problem in the
backbone network. The applications include:
Core node application in the national/provincial backbone network
Point of Presence (PoP) application in the national/provincial backbone network
Core node application in the Metropolitan Area Network (MAN)
The NE80E has the following typical applications at present.
5.1 Application in the National Backbone Network
NAP: Network Access Point
Figure 5-1 Application in the national backbone network
As shown in Figure 5-1, the national backbone network is connected upstream to the international egress, and down-
stream to provincial backbone networks. It is also connected with other ISP networks through NAPs. The NE80E can work
as the core node of the national backbone network because of its large capacity, high-density ports, and powerful routing
and high-speed forwarding capability.
9
HU
AW
EI
TE
CH
NO
LO
GI
ES
NE80E
NE80E
NE80E
NE80E
NE80E
NAP
NE80E
NE80E�/NE80 NE80E�
/NE80
NE80E�/NE80
NE80E�/NE80
Provincial�backbone
Provincial�backbone
Interationalegress
Interational�egress
National�backbone
5.2 Application in the Provincial Backbone Network
Figure 5-2 Application in the provincial backbone network
As shown in Figure 5-2, the core layer of the provincial backbone network is composed of NE80E routers. The NE80/NE40
routers act as the city nodes to converge the traffic from the MAN, leased line convergence, narrowband access, and
Internet Data Center (IDC).
This solution is applicable to establishing, expanding or reconstructing large ISP provincial backbone networks. Usually,
these ISPs have access services and cost advantages, as well as transmission resources. In the case of transmission
resources shortage, the link bandwidth can be reduced accordingly without changing the network topology. The devices
on the convergence layer or above have the line rate forwarding capability. The entire network supports MPLS VPN.
10
NE80E
NE80E
NE80E
NE80E
POS 10G
POS 10G
POS 10GPOS 10G GEGE
POS 10G
POS 10G
City node City nodeNE80E/�NE40
MANIDCLeased line�
convergenceLeased line�convergence
NE80E/�NE40
Provincial�backbone
NE80E/�NE40
NE80E/�NE40
NE80E/�NE40 NE80E/�
NE40
5.3 Application in the IPv6 Backbone Network
PE: Provider Edge NAT-PT: Network Address Translation Protocol Translation
Figure 5-3 Application in the IPv6 backbone network
The IPv6 application in the backbone network should not impact on the original IPv4 services such as IPv4 forwarding and
MPLS VPN. So there are tow problems to be solved:
Interconnection between IPv6 islands
Interworking between IPv6 and IPv4 networks
The NE80E brings forward the following solutions based on IPv6 techniques:
All the routers in the backbone network support the IPv4/IPv6 dual-stack. In this case, IPv4 services are forwarded over
IPv4, while IPv6 services are forwarded over IPv6.
The interconnection between IPv6 islands can be implemented through L3 tunnels, manually configured tunnels or 6to4
tunnels. The core router needs only to support the IPv4 forwarding. The interworking between IPv6 and IPv4 networks
can be implemented by configuring the NAT-PT on gateways.
The interconnection between IPv6 islands can be implemented through MPLS L2 tunnels by applying MPLS L2 VPN
techniques such as VPLS and CCC. The core router needs only to support the MPLS forwarding. The interworking
between IPv6 and IPv4 networks can be implemented by configuring the NAT-PT on gateways.
11
HU
AW
EI
TE
CH
NO
LO
GI
ES
NAT-PT
PE/NAT-PT
NE80E
NE40E
SOHO�IPv6
SOHO�IPv6
NE80E
NE80E NE80E
PE
PE
L3 L3
L2L2
PE
IPv6�CORE
IPv6 EDCE
NE40E/�NE80E
NE80E/�NE40E
IPv6�internet
IPv4�internetIPv6
IPv6/v4
5.4 Application in the MPLS L3VPN Network
Figure 5-4 Application in the MPLS L3VPN network
In this application, the NE80E routers serve as the Providers (Ps) in the network core. For a multi-AS (Autonomous
System) VPN application, the NE80E can also act as a Customer Edge (CE) device when it is an Autonomous System
Boundary Router (ASBR). The NE80/40 routers serve as the Provider Edge (PE) devices, providing the NAT and the
Internet access.
12
NE80E
NE80E
NE80E
VPN1
VPNVPN
VPN3 VPN2VPN3 VPN2
VPN1
PE
PE
PE
PE
CE
CE
CECE CE
CEVLAN VLAN VLAN VLANS8016
S8016
CE
VPN2
P
PP
NE80E/�NE40ENE80E/�
NE40E
NE80E/�NE40ENE80E/�
NE40E
MPLS�CORE
MPLS EDCE
Huawei End-to-End Solutions
VoIP Products and SolutionQuidway A8010 Expert VoIP Gateway
Quidway A8010 Mini-Expert VoIP Gateway
Quidway A8010 VoIP GateKeeper
BRASQuidway MA5200G Broadband Intelligent Access Server
Quidway MA5200F Compact Broadband Intelligent
Access Server
Access ServersQuidway A8010 Expert Remote Access Server
Quidway A8010 Mini-Expert Remote Access Server
WLAN Products and SolutionHuawei C9012 WLAN Authentication Server
Quidway W1006E WLAN Access Point
Quidway W1003 WLAN Access Point
Quidway W1003A WLAN Access Point
Quidway WL100M WLAN Cardbus Adapter
Huawei WG202 GPRS+WLAN Combo Card
Network Management SolutioniManager N2000 Datacomm Management System
iManager NSM VPN Manager
iManager NSM QoS Manager
iTellin AAA System
Router SeriesQuidway NetEngine 5000E Terabit Switching Router
Quidway NetEngine 80/80E Core Switching Router
Quidway NetEngine 40/40E Series Universal Switching
Routers
Quidway NetEngine 20/20E Series High-Performance Edge
Routers
Quidway NetEngine 16E/08E/05 Series Multi-Service Edge
Routers
Quidway AR 46 Series Enterprise Core Routers
Quidway AR 28 Series Modular Branch Routers
Quidway AR 18 Series Access Routers
LAN Switch Series Quidway S8500 Series 10G Core Routing Switches
Quidway S8016 Multi-Service Backbone Routing Switch
Quidway S6500 Series Gigabit Routing Switches
Quidway S5516 Gigabit Routing Switch
Quidway S5000 Series Gigabit Intelligent Layer 2 Ethernet
Switches
Quidway S3900 Series Intelligent Routing Switches
Quidway S3500 Series Intelligent Routing Switches
Quidway S3000 Series Intelligent Layer 2 Ethernet Switches
Quidway S2000 Series Enterprise Desktop Switches
Security & VPN ProductsQuidway Eudemon 1000/500/200/100 Series Firewalls
Quidway Eudemon 2000 Series Session Border Conctrollers
Quidway SecPath Series Security Gateways