Quidway S3300 Product Description(V100R003C00_01)

78
Quidway S3300 Series Ethernet Switches V100R003C00 Product Description Issue 01 Date 2009-12-15 Huawei Proprietary and Confidential Copyright © Huawei Technologies Co., Ltd.

description

Quidway router product description

Transcript of Quidway S3300 Product Description(V100R003C00_01)

Page 1: Quidway S3300 Product Description(V100R003C00_01)

Quidway S3300 Series Ethernet Switches

V100R003C00

Product Description

Issue 01

Date 2009-12-15

Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Page 2: Quidway S3300 Product Description(V100R003C00_01)

Huawei Technologies Co., Ltd. provides customers with comprehensive technical support and service. For anyassistance, please contact our local office or company headquarters.

Huawei Technologies Co., Ltd.Address: Huawei Industrial Base

Bantian, LonggangShenzhen 518129People's Republic of China

Website: http://www.huawei.com

Email: [email protected]

Copyright © Huawei Technologies Co., Ltd. 2009. All rights reserved.No part of this document may be reproduced or transmitted in any form or by any means without prior writtenconsent of Huawei Technologies Co., Ltd. Trademarks and Permissions

and other Huawei trademarks are the property of Huawei Technologies Co., Ltd.All other trademarks and trade names mentioned in this document are the property of their respective holders. NoticeThe purchased products, services and features are stipulated by the contract made between Huawei and thecustomer. All or part of the products, services and features described in this document may not be within thepurchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information,and recommendations in this document are provided "AS IS" without warranties, guarantees or representationsof any kind, either express or implied.

The information in this document is subject to change without notice. Every effort has been made in thepreparation of this document to ensure accuracy of the contents, but all statements, information, andrecommendations in this document do not constitute the warranty of any kind, express or implied.

Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Page 3: Quidway S3300 Product Description(V100R003C00_01)

Contents

About This Document.....................................................................................................................1

1 Product Overview.......................................................................................................................1-11.1 Introduction.....................................................................................................................................................1-21.2 Carrier-class Maintainability...........................................................................................................................1-21.3 Multi-Service Access......................................................................................................................................1-21.4 Flexible Networking Capability......................................................................................................................1-31.5 End-to-End QoS..............................................................................................................................................1-31.6 Rich Expansibility...........................................................................................................................................1-31.7 Powerful Security Measures............................................................................................................................1-41.8 Convenient Operation, Administration, and Maintenance..............................................................................1-41.9 Green Design...................................................................................................................................................1-51.10 Lightningproof Technologies........................................................................................................................1-5

2 System Architecture...................................................................................................................2-12.1 Hardware Structure ........................................................................................................................................2-22.2 Functional Modules.........................................................................................................................................2-5

2.2.1 Hardware Logical Structure ..................................................................................................................2-52.2.2 SCU .......................................................................................................................................................2-6

2.3 Software Architecture ....................................................................................................................................2-7

3 Link Features...............................................................................................................................3-13.1 Basic Ethernet Features ..................................................................................................................................3-2

3.1.1 Link Aggregation ..................................................................................................................................3-23.1.2 Flow Control on Interfaces ....................................................................................................................3-23.1.3 Suppression of Broadcast Storms ..........................................................................................................3-23.1.4 VLAN ....................................................................................................................................................3-3

3.2 Advanced Ethernet Features ...........................................................................................................................3-43.2.1 VLAN Mapping ....................................................................................................................................3-43.2.2 QinQ ......................................................................................................................................................3-43.2.3 Selective QinQ.......................................................................................................................................3-4

3.3 STP, RSTP, and MSTP...................................................................................................................................3-53.3.1 STP and RSTP .......................................................................................................................................3-53.3.2 MSTP.....................................................................................................................................................3-53.3.3 MSTP Protection ...................................................................................................................................3-5

Quidway S3300 Series Ethernet SwitchesProduct Description Contents

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

i

Page 4: Quidway S3300 Product Description(V100R003C00_01)

3.3.4 Partitioned STP and BPDU Tunnel........................................................................................................3-63.4 RRPP ..............................................................................................................................................................3-6

3.4.1 Networking Structure ............................................................................................................................3-73.4.2 Working Machanism .............................................................................................................................3-73.4.3 Multiple Topologies ..............................................................................................................................3-7

3.5 Smart Link.......................................................................................................................................................3-83.6 Interface Security............................................................................................................................................3-83.7 Loop Detection................................................................................................................................................3-9

4 Service Features..........................................................................................................................4-14.1 IPv4 Forwarding..............................................................................................................................................4-2

4.1.1 IPv4 Features..........................................................................................................................................4-24.1.2 Unicast Routing Features.......................................................................................................................4-24.1.3 Multicast Routing Features....................................................................................................................4-2

4.2 Multicast .........................................................................................................................................................4-34.2.1 IGMP Snooping .....................................................................................................................................4-34.2.2 Prompt Leave of Multicast Member Interfaces .....................................................................................4-34.2.3 Flow Control of Multicast Traffic .........................................................................................................4-44.2.4 Multicast Across VLANs ......................................................................................................................4-44.2.5 Controllable Multicast............................................................................................................................4-4

4.3 QoS..................................................................................................................................................................4-44.3.1 Traffic Classification .............................................................................................................................4-54.3.2 Access Control and Re-marking............................................................................................................4-54.3.3 Traffic Policing .....................................................................................................................................4-64.3.4 Congestion Management .......................................................................................................................4-64.3.5 Congestion Avoidance...........................................................................................................................4-64.3.6 Rate Limit on Interfaces.........................................................................................................................4-74.3.7 Aggregation CAR...................................................................................................................................4-7

4.4 Routing Protocols ...........................................................................................................................................4-74.5 High Availability.............................................................................................................................................4-7

4.5.1 MSTP Link Backup and Protection ......................................................................................................4-74.5.2 RRPP Fast Protection Switchover .........................................................................................................4-84.5.3 Smart Link Dual-Homing Protection.....................................................................................................4-8

4.6 Ethernet OAM ................................................................................................................................................4-84.7 LLDP...............................................................................................................................................................4-84.8 Cluster Management.......................................................................................................................................4-94.9 Stacking...........................................................................................................................................................4-94.10 PoE..............................................................................................................................................................4-104.11 IPv6.............................................................................................................................................................4-104.12 Security........................................................................................................................................................4-10

4.12.1 Device Security .................................................................................................................................4-104.12.2 Service Security .................................................................................................................................4-124.12.3 Security Authentication......................................................................................................................4-12

ContentsQuidway S3300 Series Ethernet Switches

Product Description

ii Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Page 5: Quidway S3300 Product Description(V100R003C00_01)

4.13 MAC Forced Forwarding............................................................................................................................4-134.14 DHCP..........................................................................................................................................................4-14

5 Maintenance and Network Management..............................................................................5-15.1 Maintenance and Management........................................................................................................................5-2

5.1.1 Configuration Modes..............................................................................................................................5-25.1.2 Monitoring and Maintenance.................................................................................................................5-25.1.3 Diagnosis and Debugging......................................................................................................................5-35.1.4 Software Upgrade and In-Service Patching...........................................................................................5-45.1.5 Hardware Abnormality Handling...........................................................................................................5-4

5.2 U2000 .............................................................................................................................................................5-45.2.1 Network Management Modes................................................................................................................5-45.2.2 U2000 Station.........................................................................................................................................5-5

6 Networking Applications.........................................................................................................6-16.1 Application in the MAN..................................................................................................................................6-26.2 Application in the NGN Bearer Network........................................................................................................6-26.3 Layered Ring Network -RRPP........................................................................................................................6-36.4 Application of VLAN Mapping......................................................................................................................6-46.5 Application of Selective QinQ .......................................................................................................................6-56.6 Application of IPTV........................................................................................................................................6-66.7 End-to-End QoS .............................................................................................................................................6-76.8 Application of Cluster Management...............................................................................................................6-86.9 Access of Partitioned STP...............................................................................................................................6-9

7 System Specifications................................................................................................................7-17.1 Technical Specifications.................................................................................................................................7-2

7.1.1 Physical Specifications of the S-switch ................................................................................................7-27.1.2 System Configuration.............................................................................................................................7-3

7.2 List of Software Features................................................................................................................................7-4

Quidway S3300 Series Ethernet SwitchesProduct Description Contents

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

iii

Page 6: Quidway S3300 Product Description(V100R003C00_01)
Page 7: Quidway S3300 Product Description(V100R003C00_01)

Figures

Figure 2-1 Appearance of the S3328TP-SI/EI.....................................................................................................2-2Figure 2-2 Appearance of the S3328TP-EI-24S..................................................................................................2-3Figure 2-3 Appearance of the S3352P-EI-24S.....................................................................................................2-3Figure 2-4 Appearance of the S3352P-EI-48S.....................................................................................................2-4Figure 2-5 Appearance of the S3352P-SI/EI........................................................................................................2-4Figure 2-6 Appearance of the S3328TP-PWR-EI................................................................................................2-4Figure 2-7 Appearance of the S3352P-PWR-EI..................................................................................................2-5Figure 2-8 Logical structure of functional modules of the S-switch....................................................................2-6Figure 4-1 Connections of the access layer........................................................................................................4-13Figure 6-1 S-switch application in the MAN.......................................................................................................6-2Figure 6-2 S-switch application in the NGN........................................................................................................6-3Figure 6-3 S-switch application in layered RRPP ring........................................................................................6-4Figure 6-4 Application of the S-switch enabled with VLAN mapping................................................................6-5Figure 6-5 S-switch application in selective QinQ..............................................................................................6-6Figure 6-6 Application of the S-switch in IPTV services....................................................................................6-7Figure 6-7 End-to-end QoS provided by the S-switch.........................................................................................6-8Figure 6-8 Cluster management provided by the S-switch..................................................................................6-9Figure 6-9 Access of partitioned STP supported by the S-switch......................................................................6-10

Quidway S3300 Series Ethernet SwitchesProduct Description Figures

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

v

Page 8: Quidway S3300 Product Description(V100R003C00_01)
Page 9: Quidway S3300 Product Description(V100R003C00_01)

Tables

Table 7-1 Physical specifications of the S-switch................................................................................................7-2Table 7-2 System configuration of the S-switch..................................................................................................7-3Table 7-3 List of features supported by the S-switch...........................................................................................7-4

Quidway S3300 Series Ethernet SwitchesProduct Description Tables

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

vii

Page 10: Quidway S3300 Product Description(V100R003C00_01)
Page 11: Quidway S3300 Product Description(V100R003C00_01)

About This Document

PurposeThis document describes the product over, system architecture, service features, maintenanceand network management system, networking applications, and system specifications of the S-switch.

Related VersionsThe following table lists the product version related to this document.

Product Name Version

S3300 V100R003C00

Intended AudienceThis document is intended for:

l Policy planning engineers

l Installation and commissioning engineers

l NM configuration engineers

l Technical support engineers

OrganizationThis document is organized as follows.

Chapter Description

1 Product Overview Describes the technical features of the S-switch.

2 System Architecture Describes the structure, hardware, and software of the S-switch.

Quidway S3300 Series Ethernet SwitchesProduct Description About This Document

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

1

Page 12: Quidway S3300 Product Description(V100R003C00_01)

Chapter Description

3 Link Features Describes the link features of the S-switch.

4 Service Features Describes the service features of the S-switch.

5 Maintenance and NetworkManagement

Describes the operation and maintenance of the S-switch.

6 Networking Applications Describes the typical networking of the S-switch and thedeployment of the network.

7 System Specifications Describes the technical specifications and software featuresof the S-switch.

Conventions

Symbol Conventions

The symbols that may be found in this document are defined as follows.

Symbol Description

DANGERIndicates a hazard with a high level of risk, which ifnot avoided, will result in death or serious injury.

WARNINGIndicates a hazard with a medium or low level ofrisk, which if not avoided, could result in minor ormoderate injury.

CAUTIONIndicates a potentially hazardous situation, which ifnot avoided, could result in equipment damage, dataloss, performance degradation, or unexpectedresults.

TIP Indicates a tip that may help you solve a problem orsave time.

NOTE Provides additional information to emphasize orsupplement important points of the main text.

General Conventions

The general conventions that may be found in this document are defined as follows.

Convention Description

Times New Roman Normal paragraphs are in Times New Roman.

About This DocumentQuidway S3300 Series Ethernet Switches

Product Description

2 Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Page 13: Quidway S3300 Product Description(V100R003C00_01)

Convention Description

Boldface Names of files, directories, folders, and users are in boldface.For example, log in as user root.

Italic Book titles are in italics.

Courier New Examples of information displayed on the screen are in CourierNew.

Command Conventions

The command conventions that may be found in this document are defined as follows.

Convention Description

Boldface The keywords of a command line are in boldface.

Italic Command arguments are in italics.

[ ] Items (keywords or arguments) in brackets [ ] are optional.

{ x | y | ... } Optional items are grouped in braces and separated byvertical bars. One item is selected.

[ x | y | ... ] Optional items are grouped in brackets and separated byvertical bars. One item is selected or no item is selected.

{ x | y | ... }* Optional items are grouped in braces and separated byvertical bars. A minimum of one item or a maximum of allitems can be selected.

[ x | y | ... ]* Optional items are grouped in brackets and separated byvertical bars. Several items or no item can be selected.

&<1-n> The parameter before the & sign can be repeated 1 to n times.

# A line starting with the # sign is comments.

GUI Conventions

The GUI conventions that may be found in this document are defined as follows.

Convention Description

Boldface Buttons, menus, parameters, tabs, window, and dialog titlesare in boldface. For example, click OK.

> Multi-level menus are in boldface and separated by the ">"signs. For example, choose File > Create > Folder.

Quidway S3300 Series Ethernet SwitchesProduct Description About This Document

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

3

Page 14: Quidway S3300 Product Description(V100R003C00_01)

Keyboard OperationsThe keyboard operations that may be found in this document are defined as follows.

Format Description

Key Press the key. For example, press Enter and press Tab.

Key 1+Key 2 Press the keys concurrently. For example, pressing Ctrl+Alt+A means the three keys should be pressed concurrently.

Key 1, Key 2 Press the keys in turn. For example, pressing Alt, A meansthe two keys should be pressed in turn.

Mouse OperationsThe mouse operations that may be found in this document are defined as follows.

Action Description

Click Select and release the primary mouse button without movingthe pointer.

Double-click Press the primary mouse button twice continuously andquickly without moving the pointer.

Drag Press and hold the primary mouse button and move thepointer to a certain position.

Update HistoryUpdates between document issues are cumulative. Therefore, the latest document issue containsall updates made in previous issues.

Updates in Issue 01 (2009-12-15)Initial commercial release.

About This DocumentQuidway S3300 Series Ethernet Switches

Product Description

4 Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Page 15: Quidway S3300 Product Description(V100R003C00_01)

1 Product Overview

About This Chapter

1.1 Introduction

1.2 Carrier-class Maintainability

1.3 Multi-Service Access

1.4 Flexible Networking Capability

1.5 End-to-End QoS

1.6 Rich Expansibility

1.7 Powerful Security Measures

1.8 Convenient Operation, Administration, and Maintenance

1.9 Green Design

1.10 Lightningproof Technologies

Quidway S3300 Series Ethernet SwitchesProduct Description 1 Product Overview

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

1-1

Page 16: Quidway S3300 Product Description(V100R003C00_01)

1.1 IntroductionWith the popularization of IP networks and the trend of using triple play services, MetropolitanArea Networks (MANs) bear more services and the quality of transmission is highly required.To meet this requirement, Huawei develops the Quidway S-switch Series Ethernet Switches(hereinafter referred to as the S-switch) that can access, converge, and transmit services.

By adopting the mature and economical mechanism of packet forwarding based on the IP kerneltechnology, the S-switch can be deployed at the access and convergence layers of the MAN.

The S-switch can be used to set up various network topologies with high reliability. The S-switch supports multi-service access, high expansibility, and high Quality of Service (QoS). TheS-switch also supports strong multicast replication capability and guarantees carrier-classsecurity.

1.2 Carrier-class MaintainabilityThe S-switch has the following carrier-class features:

l The chassis adopts the front-access design, which facilitates routine operations andmaintenance.

l The chassis is small in size, which effectively saves the space of the equipment room andreduces the Capital Expenditure (CapEx). The device can be easily installed in a cabinetof any type, which facilitates deployment.

The S-switch provides in-service patching for and upgrading of the system software. The S-switch also supports the fast protection switching based on the Rapid Ring Protection Protocol(RRPP). Thus, the S-switch can perform prompt protection switching of links and services, andaccomplishes carrier-class reliability.

1.3 Multi-Service AccessThe S-switch can be deployed at the access layer of a MAN to access different services of lowerlayer networks and to converge services to an upstream device. The services can be:

l Next-Generation Network (NGN) voice services

l IPTV services and Video-on-Demand (VOD) services

l Broadband access services

By adopting the IP kernel technology, and the Application Specific Integrated Circuit (ASIC)of high performance, the S-switch provides a large capacity for data switching to meet therequirements for:

l Short delay

l Low jitter

l High availability

In addition, the S-switch guarantees high bandwidth and provides multi-service access by:

l Adopting the Ethernet networking techniques

1 Product OverviewQuidway S3300 Series Ethernet Switches

Product Description

1-2 Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Page 17: Quidway S3300 Product Description(V100R003C00_01)

l Supporting multicast services

l Providing a sound QoS mechanism

l Supporting various protection switching technologies

The S2300 can access the following services from the following devices:

l Access Media Gateway (AMG)

l Digital Subscriber LAN Access Multiplexer (DSLAM)

l LAN switch (LSW)

The S2300 can then converge services to service processing devices such as the BroadbandRemote Access Server (BRAS) or router through an upstream S9300 or other convergencedevices.

1.4 Flexible Networking CapabilityThe S-switch provides 10/100 Mbit/s Electrical Ethernet interfaces , 1000 Mbit/s ElectricalEthernet interfaces and 100/1000 Mbit/s Optical Ethernet interfaces. The S-switch supports threetypes of Ethernet ports that make the networking more flexible.

l Access interfaces

l Trunk interfaces

l Hybrid interfaces

The S-switch provides Small Form-Factor Pluggable (SFP) optical modules for fiberconnections. You can choose one of the following optical modules according to the transmissiondistance:

l Multi-mode short-distance optical module (550 m)

l Single-mode middle-range optical module (10 km)

For a ring Ethernet, the S-switch supports the Spanning Tree Protocol (STP) and the Rapid RingProtection Protocol (RRPP) to prevent loops and realize fast protection switching.

1.5 End-to-End QoSThe S-switch provides a complete QoS mechanism. It performs QoS by first classifying thetraffic from Layer 2 to Layer 4 defined in the Open System Interconnection (OSI) model.

The S-switch then provides differentiated services for different services by using the followingmethods:

l Access filtering

l Traffic policing

l Queue scheduling

1.6 Rich ExpansibilityBased on Huawei Versatile Routing Platform (VRP), the S-switch provides high-speedswitching and rich service features by integrating network management technologies.

Quidway S3300 Series Ethernet SwitchesProduct Description 1 Product Overview

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

1-3

Page 18: Quidway S3300 Product Description(V100R003C00_01)

l The QinQ and VLAN mapping technologies expand the scopes of VLANs.

l The selective QinQ technique makes the S-switch select different paths for various services.

1.7 Powerful Security MeasuresThe S-switch provides security measures to protect the device and data transmission againstmalicious attacks. The S-switch supports the following security features:

l Packet filtering based on the MAC address

l ACL rules

l Mechanism of searching the forwarding table based on the VLAN ID and MAC address

l Suppression of broadcast storms to defend a network against attacks

Based on the VRP, the S-switch provides the following protection methods for user login:

l Provides password authentication for login users and supporting password encryption.

l Provides hierarchical protection for commands by configuring the levels of login users andcommands.

l Locks the configuration terminal through commands to prevent illegal use.

l Provides confirmation and prompts for important commands that affect systemperformance.

1.8 Convenient Operation, Administration, andMaintenance

In addition to collecting traffic statistics based on interfaces and VLANs, the S-switch providesfault detection and location techniques such as ping and traceroute in an IP network.

Cooperating with the network management system (NMS) such as Huawei U2000, the S-switch can provide performance monitoring, alarms, and fast fault location.

Through the U2000, you can perform the following operations for the S-switch:

l Device management

l Interface management

l VLAN management

l Software upgrading management

l Configuration file management

The U2000 also provides various customized configuration methods, including:

l End-to-end configuration

l Batch configuration

l Configuration wizard

In addition, the U2000 provides default configuration templates for different management items.

The S-switch also supports the Huawei Group Management Protocol (HGMP). By using HGMP,you can manage multiple Layer 2 switches through one S-switch.

1 Product OverviewQuidway S3300 Series Ethernet Switches

Product Description

1-4 Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Page 19: Quidway S3300 Product Description(V100R003C00_01)

The S-switch also supports the Huawei Group Management Protocol (HGMP). By using HGMP,you can manage multiple Layer 2 switches through one S-switch.

1.9 Green DesignThe S-switch adopts the following energy-saving methods:

l Natural heat dissipation is adopted on the deveices with 24 electrical interfaces to save thepower consumption of fans.

l If no device connected to the service interface is detected, the chip enters the power-savingmode to reduce power consumption.

Natural heat dissipation has the following advantages:l The reliability of the product is enhanced.

l No noise pollution is produced.

l The routine maintenance of fans is avoided, which saves the maintenance cost.

l No extra power is consummated by fans, which enhances the power efficiency of thesystem.

l Board corrosion is effectively avoided through natural heat dissipation.

1.10 Lightningproof TechnologiesThe S-switch, adopting the Huawei's patented lightningproof technologies, can stand the toughenvironments. In this manner, there is a small chance that the S-switch is damaged by thelightning strike. The reliability of the S2300 is greatly improved, and the security coefficient isthus upgraded by 30 times.

Quidway S3300 Series Ethernet SwitchesProduct Description 1 Product Overview

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

1-5

Page 20: Quidway S3300 Product Description(V100R003C00_01)
Page 21: Quidway S3300 Product Description(V100R003C00_01)

2 System Architecture

About This Chapter

2.1 Hardware Structure

2.2 Functional Modules

2.3 Software Architecture

Quidway S3300 Series Ethernet SwitchesProduct Description 2 System Architecture

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

2-1

Page 22: Quidway S3300 Product Description(V100R003C00_01)

2.1 Hardware StructureHardware components of the S-switch are centralized for management. System units and cablesof the S-switch are accessible from the front panel. The S-switch is a 1U high box device withthe following parts:

l Box

l Power module

l Switch Control Unit (SCU)

The S-switch can be mounted in either the European Telecommunications Standards Institute(ETSI) or the International Electrotechnical Commission (IEC) 297 cabinet.

At present, the S-switch has the following models:

l S3328TP-SI/EI

l S3328TP-EI-24S

l S3352P-EI-24S

l S3352P-EI-48S

l S3352P-SI/EI

l S3328TP-PWR-EI

l S3352P-PWR-EI

Appearance of the S3328TP-SI/EIFigure 2-1 shows the appearance of the S3328TP-SI/EI.

Figure 2-1 Appearance of the S3328TP-SI/EI

1 2 3 4 5 6

9 810

7

1: Grounding terminal 2: Power switch

3: Power interface 4: 10/100 Mbit/s Ethernet interface

5: Optical interface indicator 6: Power light

7: Run indicator 8: Console interface

9: Combo interface 10: Optical interface

2 System ArchitectureQuidway S3300 Series Ethernet Switches

Product Description

2-2 Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Page 23: Quidway S3300 Product Description(V100R003C00_01)

The chassis of the S3328TP-SI/EI is 1 U (1 U = 44.45 mm) high with the dimensions of 442.0mm x 220.0 mm x 43.6 mm (width x depth x height).

The power module is on the left side of the S3328TP-SI/EI and the SCU is in the central part ofthe chassis.

l The S3328TP-SI/EI supports either an alternating current (AC) or a direct current (DC)power module.

l The SCU on the S3328TP-SI/EI provides one console interface, twenty-four 10/100 Mbit/s Ethernet electrical interfaces, two 1000 Mbit/s Ethernet optical interfaces, and two combointerfaces.

Appearance of the S3328TP-EI-24S

Figure 2-2 shows the appearance of the S3328TP-EI-24S.

Figure 2-2 Appearance of the S3328TP-EI-24S

The chassis of the S3328TP-EI-24S is 1 U (1 U = 44.45 mm) high with the dimensions of 442.0mm x 220.0 mm x 43.6 mm (width x depth x height).

The power module is on the left side of the S3328TP-EI-24S and the SCU is in the central partof the chassis.

l The S3328TP-EI-24S supports either an AC or a DC power module.

l The SCU on the S3328TP-EI-24S provides one console interface, twenty-four 100 Mbit/sEthernet optical interfaces, two 1000 Mbit/s Ethernet optical interfaces, and two combointerfaces.

Appearance of the S3352P-EI-24S

Figure 2-3 shows the appearance of the S3352P-EI-24S.

Figure 2-3 Appearance of the S3352P-EI-24S

The chassis of the S3352P-EI-24S is 1 U (1 U = 44.45 mm) high with the dimensions of 442.0mm x 420.0 mm x 43.6 mm (width x depth x height).

l The S3352P-EI-24S supports either an AC or a DC power module.

l The SCU on the S3352P-EI-24S provides one console interface, twenty-four 10/100 Mbit/s Ethernet electrical interfaces, twenty-four 100 Mbit/s Ethernet optical interfaces, two

Quidway S3300 Series Ethernet SwitchesProduct Description 2 System Architecture

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

2-3

Page 24: Quidway S3300 Product Description(V100R003C00_01)

100/1000 Mbit/s Ethernet optical interfaces, and two 1000 Mbit/s Ethernet opticalinterfaces.

Appearance of the S3352P-EI-48SFigure 2-4 shows the appearance of the S3352P-EI-48S.

Figure 2-4 Appearance of the S3352P-EI-48S

The chassis of the S3352P-EI-48S is 1 U (1 U = 44.45 mm) high with the dimensions of 442.0mm x 420.0 mm x 43.6 mm (width x depth x height).

l The S3352P-EI-48S supports either an AC or a DC power module.

l The SCU on the S3352P-EI-48S provides one console interface, forty-eight 100 Mbit/sEthernet optical interfaces, two 100/1000 Mbit/s Ethernet optical interfaces, and two 1000Mbit/s Ethernet optical interfaces.

Appearance of the S3352P-SI/EIFigure 2-5 shows the appearance of the S3352P-SI/EI.

Figure 2-5 Appearance of the S3352P-SI/EI

The chassis of the S3352P-SI/EI is 1 U (1 U = 44.45 mm) high with the dimensions of 442.0mm x 220.0 mm x 43.6 mm (width x depth x height).

l The S3352P-SI/EI supports either an AC or a DC power module.

l The SCU on the S3352P-SI/EI provides one console interface, forty-eight 10/100 Mbit/sEthernet electrical interfaces, two 100/1000 Mbit/s Ethernet optical interfaces, and two1000 Mbit/s Ethernet optical interfaces.

Appearance of the S3328TP-PWR-EIFigure 2-6 shows the appearance of the S3328TP-PWR-EI.

Figure 2-6 Appearance of the S3328TP-PWR-EI

2 System ArchitectureQuidway S3300 Series Ethernet Switches

Product Description

2-4 Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Page 25: Quidway S3300 Product Description(V100R003C00_01)

The chassis of the S3328TP-PWR-EI is 1 U (1 U = 44.45 mm) high with the dimensions of 442.0mm x 420.0 mm x 43.6 mm (width x depth x height).

l The S3328TP-PWR-EI supports AC power supply.

l The 24 downlink electrical interfaces on the S3328TP-PWR-EI support PoE power supply.The maximum power of each interface is 15.4 W, complying with the IEEE 802.3afstandard.

l The SCU on the S3328TP-PWR-EI provides one console interface, twenty-four 10/100Mbit/s Ethernet electrical interfaces, two 1000 Mbit/s Ethernet optical interfaces, and twoCombo interfaces.

Appearance of the S3352P-PWR-EIFigure 2-7 shows the appearance of the S3352P-PWR-EI.

Figure 2-7 Appearance of the S3352P-PWR-EI

The chassis of the S3352P-PWR-EI is 1 U (1 U = 44.45 mm) high with the dimensions of 442.0mm x 420.0 mm x 43.6 mm (width x depth x height).

l The S3352P-PWR-EI supports AC power supply.

l The 48 downlink electrical interfaces on the S3352P-PWR-EI support PoE power supply.The maximum power of each interface is 15.4 W, complying with the IEEE 802.3afstandard.

l The SCU on the S3352P-PWR-EI provides one console interface,forty-eight 10/100 Mbit/s Ethernet electrical interfaces, two 1000 Mbit/s Ethernet optical interfaces.

2.2 Functional Modules

2.2.1 Hardware Logical Structure

2.2.2 SCU

2.2.1 Hardware Logical StructureFigure 2-8 shows the logical structure of hardware modules of the S-switch.

Quidway S3300 Series Ethernet SwitchesProduct Description 2 System Architecture

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

2-5

Page 26: Quidway S3300 Product Description(V100R003C00_01)

Figure 2-8 Logical structure of functional modules of the S-switch

Powersupply

Data bus Control bus

SCU

Switchunit

Controlunit Fiber/cable

……Portmodule

The hardware modules of the S-switch consist of a SCU and a power module.

l SCU: The SCU that is responsible for packet exchange and device management consistsof a control module, a switching module, and an interface module. The SCU providesEthernet interfaces for Ethernet services.

l Power module: Either an AC or a DC power module is supported. The DC or AC powermodule supplies power to the entire system, generates the working voltage, and adjusts thesequence in which the working voltages are on and off.

2.2.2 SCUThe S-switch have one SCU fixed on it. The SCU consists of the control module, a switchingmodule, and an interface module.

Control Module

The control module performs the following functions:

l Processes protocol packets, such as STP and RRPP.

l Manages the system and monitors the system performance according to the users'instructions, and provides a feedback of the running status of the device.

Switching Module

The switching module, also called the switching network, is responsible for the exchange ofpackets, replication of multicast packets, QoS scheduling, and access control on the interfacemodule of the SCU.

The switching module uses a high-performance ASIC chip to forward packets at wire speed. Inaddition, the switching module performs fast data switching at various priorities.

2 System ArchitectureQuidway S3300 Series Ethernet Switches

Product Description

2-6 Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Page 27: Quidway S3300 Product Description(V100R003C00_01)

Power ModuleThe S-switch supports the AC input and DC input. The DC input voltage ranges from -36 V DCto -72 V DC. The AC input voltage ranges from 90 V AC to 264 V AC.

Interface ModuleThe interface module has multiple Ethernet interfaces for accessing Ethernet services.

2.3 Software ArchitectureThe S-switch runs on the latest VRP version 5 (VRPv5) to provide software features. VRPv5consists of the following parts:

l System service planeIt provides the following functions based on the operating system:– Task management

– Memory management

– Timer

– Software loading and patching

This enhances the modular technology to facilitate system upgrade and customization.l General control plane

It is the core of the VRP data communication platform. It functions as the basis of securityand QoS, and provides the following functions:– Link management

– IP protocol stack

– Routing protocol processing

– It is used to control the data forwarding plane and carry out various functions of thedevice.

– Data forwarding plane

It forwards data under the control of the general control plane to carry out data transmission.VRPv5 supports data forwarding based on software and hardware.

l Service control planeIt controls and manages the system based on users or interfaces. It implements theauthentication, authorization, and accounting for users through the DHCP Option 82 field.It also implements authentication for access interfaces through IEEE 802.1x.

l System management planeIt provides user interfaces and manages input/output ports. It is the basis of networkmanagement and maintenance.

Quidway S3300 Series Ethernet SwitchesProduct Description 2 System Architecture

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

2-7

Page 28: Quidway S3300 Product Description(V100R003C00_01)
Page 29: Quidway S3300 Product Description(V100R003C00_01)

3 Link Features

About This Chapter

3.1 Basic Ethernet Features

3.2 Advanced Ethernet Features

3.3 STP, RSTP, and MSTP

3.4 RRPP

3.5 Smart Link

3.6 Interface Security

3.7 Loop Detection

Quidway S3300 Series Ethernet SwitchesProduct Description 3 Link Features

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

3-1

Page 30: Quidway S3300 Product Description(V100R003C00_01)

3.1 Basic Ethernet Features

3.1.1 Link Aggregation

3.1.2 Flow Control on Interfaces

3.1.3 Suppression of Broadcast Storms

3.1.4 VLAN

3.1.1 Link AggregationLink aggregation, also referred to as interface aggregation, is the binding of multiple physicalEthernet ports into a logical interface, for example, an Eth-Trunk.

After link aggregation, the traffic transmitted through the logical interface is automaticallybalanced among the aggregated physical interfaces. This is called load balancing. When one ofthe aggregated interfaces fails, the traffic is balanced among the remaining interfaces withoutinterruption. When the faulty interface recovers, the traffic is balanced among all interfacesagain.

The S-switch supports link aggregation among FE or GE interfaces. Load balancing on the S-switch is based on the following information:

l Source MAC address

l Destination MAC address

l Source MAC address plus destination MAC address

l Source IP address

l Destination IP address

l Source IP address plus destination IP address

Link aggregation can easily increase the bandwidth and improve link reliability with a low cost,without upgrading the hardware.

3.1.2 Flow Control on InterfacesFlow control is a method to handle congestion on an interface. The S-switch performs flowcontrol on interfaces by using a hardware-based backpressure mechanism. In full duplex mode,the S-switch supports the IEEE 802.3x flow control. In half duplex mode, it supports thebackpressure flow control.

When congestion occurs, the S-switch sends consecutive pause frames to the upstream deviceto request it to stop sending data for a period of time. When the upstream device receives a pauseframe, it reduces the volume of traffic on its outbound interface. Flow control takes effect on allthe traffic on an interface.

3.1.3 Suppression of Broadcast StormsSuppression of broadcast storms limits the volume of unknown unicast packets, multicastpackets, and broadcast packets to a reasonable range. This can reduce the impact of such packetson network efficiency.

3 Link FeaturesQuidway S3300 Series Ethernet Switches

Product Description

3-2 Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Page 31: Quidway S3300 Product Description(V100R003C00_01)

The S-switch implements this function based on interfaces. When an interface is enabled withsuch function, it monitors the received unknown unicast packets, multicast packets, andbroadcast packets. Based on monitoring results, the S-switch determines whether the volume ofthe packets exceeds the threshold. If yes, the S-switch discards the excessive packets to keep thetraffic within the limit. In this manner, the S-switch ensures the normal transmission of services.

3.1.4 VLANThe Virtual Local Area Network (VLAN) is a type of technology used to divide LANs logically.The VLAN technology conforms to IEEE 802.1Q.

VLAN ClassificationA physical LAN can be divided into several VLANs, and several physical LANs can be groupedinto a same VLAN. The S-switchs in a same VLAN belong to the same broadcast domain andcan communicate with each other. Different VLANs are isolated from each other, so S-switchsin different VLANs cannot communicate with each other.

The S-switch supports the following VLAN classification modes:

l VLAN classification based on interfacesVLAN members are defined based on interfaces. After a specified interface is added to aspecified VLAN, the interface can forward packets of the specified VLAN.

l VLAN classification based on MAC addressesVLAN members are defined based on source MAC addresses of packets. After a specifiedpacket is added to the tag of the VLAN, the packet is sent.

l VLAN classification based on protocolsThe S-switch allocates different VLAN IDs for packets according to the protocol orprotocol suite types to which the packets received on interfaces belong, and encapsulationformats.

l VLAN classification based on IP subnetworksVLAN members are defined based on the source IP addresses and subnet masks of packets.After receiving untagged packets, the S-switch determines the VLANs to which the packetsbelong according to the source IP addresses of the packets before sending them tocorresponding VLANs.

VLAN AggregationTo interconnect VLANs on the S-switch, you need to assign an IP address to each VLANIFinterface. If there is a large number of VLANs, many IP addresses are used. VLAN aggregationcan solve the problem that each VLAN interface uses an IP address.

An aggregated VLAN is also called a super VLAN. Multiple VLANs can be aggregated to asuper VLAN. The VLANs that form into a super VLAN are called sub VLANs.

Voice VLANA voice VLAN is dedicated to voice flows. After the interfaces connected to voice devices areadded to a voice VLAN, all voice flows are transmitted in the voice VLAN.

Using voice VLANs, you can effectively configure the Quality of Services (QoS) of voice flowsand increase the transmission priority of voice flows. In this way, the quality of voice servicescan be guaranteed.

Quidway S3300 Series Ethernet SwitchesProduct Description 3 Link Features

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

3-3

Page 32: Quidway S3300 Product Description(V100R003C00_01)

3.2 Advanced Ethernet Features

3.2.1 VLAN Mapping

3.2.2 QinQ

3.2.3 Selective QinQ

3.2.1 VLAN MappingThe S-switch provides the VLAN mapping mechanism. It replaces the VLAN tag of incomingpackets with another VLAN tag according to the preset mapping table of VLAN tags. In thismanner, services can be transmitted in different VLANs.

The S-switch supports one-to-one mapping of Customer-VLAN (C-VLAN) tags and Service-VLAN (S-VLAN) tags.

NOTE

l C-VLAN is the VLAN to which an interface on the user side belongs. It is used to identify a user or aclass of users.

l S-VLAN is designated by an Internet Service Provider (ISP) on the network side. It is used to identifya type of the service.

3.2.2 QinQQinQ enables the S-switch to automatically add another VLAN tag to a tagged VLAN frame.The QinQ technology provides a tunnel based on the VLAN to implement communicationbetween networks at different locations and with different VLAN IDs.

The QinQ technology provides a Layer 2 VPN solution to transparently transmit user VLANframes over public networks. On the S-switch, the interfaces enabled with QinQ support doubleVLAN tags. The interfaces append another tag with the same VLAN ID to the tagged incomingframes. In this manner, the same outer tag indicates the same public network.

Usually, Internet Service Providers (ISPs) manage VLANs in the public network, and usersmanage user VLANs. Therefore, VLAN tags of different user networks may be overlapped.Through the QinQ function, however, packets from different user networks are added with thesame outer VLAN tag of the public network and VLAN tags of user networks are not used. Inthis manner, the packets are transparently transmitted over the public network, effectivelyseparating user networks from a public network.

So far, the S-switch supports the basic QinQ and the selective QinQ. Based on ports, the basicQinQ is realized on the FE port, Eth-trunk port or GE port. The VLAN to which the port belongsdetermines the outer VLAN tag of the frame.

3.2.3 Selective QinQThe S-switch supports the selective QinQ technique. On one hand, selective QinQ expands thespace of VLAN tags. On the other hand, it enables the S-switch to select outer VLAN tagsflexibly based on the user's VLAN tags of the received packets. In this case, various user servicescan travel along different paths. This facilitates the service deployment.

3 Link FeaturesQuidway S3300 Series Ethernet Switches

Product Description

3-4 Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Page 33: Quidway S3300 Product Description(V100R003C00_01)

For example, voice packets from different VLANs are labeled with the same outer tag so toobtain the same QoS; common data services are labeled with different VLAN tag so to obtaindifferent QoS.

The selective QinQ feature can be applied to both the incoming frames and the outgoing frames.This makes the networking more flexible. For the incoming frames, the S-switch adds an outertag of the public network based on the VLAN tag of the user network. For the outgoing frames,the S-switch matches and strips the tag of the public network.

3.3 STP, RSTP, and MSTP

3.3.1 STP and RSTP

3.3.2 MSTP

3.3.3 MSTP Protection

3.3.4 Partitioned STP and BPDU Tunnel

3.3.1 STP and RSTPSTP and the Rapid Spanning Tree Protocol (RSTP), which are data link layer managementprotocols, are applied to the LAN to prevent loops. STP blocks redundant links and prunes anetwork into a loop-free network. RSTP is improved on the basis of STP. It speeds up networkconvergence by providing fast transfer of the interface status.

STP and RSTP remove broadcast storms caused by loops, and provide backup links.

3.3.2 MSTPThe Multiple Spanning Tree Protocol (MSTP) is developed on the basis of STP and RSTP.MSTP divides a network into multiple regions. Based on VLAN tags, each region has severalspanning trees that are independent of each other. As a result, the entire network is pruned intoa loop-free network. Broadcast storms are thus avoided on the network.

In MSTP, VLANs and spanning trees can be associated. Thus, the convergence speed isimproved and load balancing is guaranteed because frames are forwarded along different trees.

Compared with STP and RSTP, MSTP provides multiple backup links for load balancingbetween VLANs.

3.3.3 MSTP Protection

BPDU ProtectionThe S-switch provides the Bridge Protocol Data Unit (BPDU) protection when MSTP is appliedon the network. When the BPDU protection is enabled, the S-switch shuts down the edgeinterface that receives a protocol BPDU rather than turns the edge interface into a non-edgeinterface. As a result, the spanning tree is not recalculated and route flapping is avoided.

Root ProtectionThe S-switch provides root protection when MSTP is applied to a network. The S-switch protectsthe root switch by maintaining the role of designated interfaces as follows:

Quidway S3300 Series Ethernet SwitchesProduct Description 3 Link Features

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

3-5

Page 34: Quidway S3300 Product Description(V100R003C00_01)

l If receiving protocol BPDUs with a higher priority, the interface enabled with rootprotection turns to the listening state and stops forwarding frames.

l If the interface does not receive protocol BPDUs with a higher priority for a long time, itreturns to the forwarding state. In this manner, route flapping is avoided.

Loop ProtectionAfter loop protection is enabled on the S-switch, the root interface turns to the blocking state, ifthe S-switch does not receive any protocol BPDUs from an upstream interface. If protocolBPDUs are received, the blocked interface turns into the root interface and changes to theforwarding state. If no protocol BPDU is received, the blocked interface remains in the blockingstate. This protects the S-switch against possible spanning-tree loops.

3.3.4 Partitioned STP and BPDU Tunnel

Partitioned STPTo improve the reliability of links on the MAN, the S-switch is dual-homed to the upstreamEthernet. MSTP in run on the user network, MAN, and the upstream network together to preventloops. Traditionally, multiple spanning tree (MST) regions are not divided. In this case, theconvergence of the MSTP topology is slow. As a result, the forwarding capability is reduced.

The S-switch introduces the partitioned STP to divide the entire MSTP network into threepartitioned STP networks that correspond to the user network, MAN, and the upstream network.Each partitioned STP network belongs to one VLAN. The BPDU tagged with a VLAN tag canbe forwarded only within the VLAN that the tag belongs to. The method of restricting the BPDUtransmission range is called the partitioned STP function, which prevents loops and speeds upconvergence.

BPDU TunnelOn the partitioned STP network, the S-switch considers BPDUs that are attached with tags ascommon Layer 2 data frames. Thus, the BPDUs are forwarded within the VLAN to which tagsbelong without being processed as BPDUs by the MSTP module. With BPDU tunnel enabled,devices on the MAN do not participate in calculating the topology of the partitioned STP. Thus,the convergence speed is improved.

When the BPDU tunnel function is implemented, the S-switch at the edge of the MAN needs toenable the MSTP snooping function. When the change of the topology in the partitioned STPresults in the switching of the forwarding link, the S-switch monitors topology changes andnotifies other devices on the network of the topology changes. Then the frames are forwardedaccording to the new topology.

3.4 RRPPThe Rapid Ring Protection Protocol (RRPP) is a link layer protocol designed for Ethernet rings.RRPP can prevent broadcast storm caused by data loops. Compared with STP, RRPP packetforwarding is based on the hardware, and therefore the topology convergence of RRPP is muchfaster than that of STP.

RRPP also supports link aggregation, which is suitable for ring networks that require largebandwidth.

3 Link FeaturesQuidway S3300 Series Ethernet Switches

Product Description

3-6 Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Page 35: Quidway S3300 Product Description(V100R003C00_01)

3.4.1 Networking Structure

3.4.2 Working Machanism

3.4.3 Multiple Topologies

3.4.1 Networking StructureAn RRPP domain consists of a group of S-switch with the same domain ID and control VLAN.A domain consists of the following elements:

l A physical RRPP ring applies to a ring-shaped Ethernet topology. An RRPP domainconsists of multiple rings connected with other. One of them is the primary ring and theothers are subrings.

l An RRPP domain supports two control VLANs. The control VLAN of the primary ring isused to transmit protocol packets on the primary ring. The control VLAN of the subring isused to transmit protocol packets on the subring.

l A control VLAN is used to transmit RRPP protocol packets; a data VLAN is used totransmit data packets.

l The master node initiates polling mechanism and makes decision of operation when thetopology changes.

l The transit node monitors the connected RRPP link and notifies the master node of the linkchange for decision.

3.4.2 Working MachanismThe master node has the primary port and secondary port on the ring. The primary port on themaster node periodically sends out the Hello message. If the secondary port of the master nodereceives the Hello message, this indicates that the path is a closed ring, and the master node willkeep the secondary port blocked.

If the secondary port of the master node fails to receive the Hello message in a certain period,this indicates the ring link is in fault, and the master node will unblock the secondary port.

3.4.3 Multiple Topologies

Single RRPP Ring

There is only one Ethernet ring in the network and only one RRPP domain is defined. In thiscase, topology can change and response quickly to realize fast convergence of RRPP. In addition,services of Layer 2 and layer 3 can fast switchover.

Tangent RRPP Rings

There are two or more Ethernet rings in the network topology and only one common node exitsbetween each pair of rings. In this case, one RRPP domain must be defined for each ring. Ringsbelong to different RRPP domain.

This networking is suitable for large networks and peer networks that need to be managed indifferent domains. When one ring is shut down or recovered, no other domain is affected. Theconvergence of RRPP in the same domain functions the same as that of the single RRPP ring.

Quidway S3300 Series Ethernet SwitchesProduct Description 3 Link Features

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

3-7

Page 36: Quidway S3300 Product Description(V100R003C00_01)

Intersectant RRPP RingsThere are two or more Ethernet rings in the network topology and two common nodes existbetween each pair of rings. In this case, only one RRPP domain is defined in which one ringmust be defined as the primary ring and the rest as subrings.

Subring protocol messages are transmitted through the channel, across the primary ring, betweenthe edge ports of the subrings. The primary ring works as a node on the subring. This networkingis applied for dual-homing convergence and provides uplink backup.

Hybrid Networking of RRPP and Other NetworksWhen a RRPP ring is adjacent to an Ethernet ring with STP enabled, the network only supportstangent rings of the RRPP ring and the Ethernet ring with STP enabled. The network does notsupport the intersectant rings of the RRPP ring and the Ethernet ring with STP enabled to avoidresource conflict.

3.5 Smart LinkSmart Link is a flexible link backup mechanism, which provides an effective and reliable solutionin the dual-homed networking. Compared with STP, Smart Link provides faster convergence.Compared with RRPP, Smart Link is simpler to be configured on the dual-homed network.

On the dual-homed network, Smart Link implements fast protection switchover after the activelink is faulty. In normal situations, there is an active link and a standby link in the two upstreamlinks. Active indicates that the interface is forwarding packets; standby indicates that theinterface is blocked. When the active link is faulty, the Smart Link group quickly switches trafficto the standby link.

Smart Link provides both manual and automatic link switchover. When a link is faulty, the SmartLink group sends Flush packets to neighboring devices for updating their MAC tables and ARPtables.

When multiple devices on different layers are connected for convergence, Monitor Link that isused for interface association monitors upstream links. This improves the backup function ofSmart Link. When an upstream link is faulty, Monitor Link is triggered to disable the downstreaminterface. When the faulty upstream link recovers, the downstream interface is re-enabled. Thisswitches traffic between different paths for transmission.

3.6 Interface SecurityAs a security mechanism to control network access, security protection on interfaces protectsthe security of interfaces. It detects illegal packets and takes corresponding protection actionsby checking whether the source MAC addresses of received data frames are secure MACaddresses.

Ethernet interfaces on the S-switch support the function of security protection on interfaces.After the function of security protection on interfaces is enabled on an Ethernet interface, theS-switch considers the following types of MAC addresses valid:

l Static MAC addresses that are manually configured

l Dynamic or static MAC addresses in a Dynamic Host Configuration Protocol (DHCP)snooping binding table

3 Link FeaturesQuidway S3300 Series Ethernet Switches

Product Description

3-8 Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Page 37: Quidway S3300 Product Description(V100R003C00_01)

l Dynamic MAC addresses learnt before the number of MAC addresses reaches the upperlimit

Source MAC addresses that do not fall into the preceding three types are considered invalid.When an interface receives packets with invalid source MAC addresses, security protection takeseffect on the interface. Then, the traffic is discarded or alarms are generated.

3.7 Loop DetectionLoop detection avoids broadcast storms caused by loops. After detecting loops, the S-switchtakes the corresponding protection action to avoid broadcast storms and ensures traffic securityof other users.

Ethernet interfaces of the S-switch support loop detection. After loop detection is enabled onEthernet interfaces, the S-switch takes the corresponding protection action when loops occur oninterfaces:

l Block (default action): Interfaces on which loops occur are isolated from all other interfaces,that is, packets sent from interfaces on which loops occur are not received by otherinterfaces. After three detection periods, interfaces are automatically removed fromisolation if no loop occurs.

l Shutdown: Interfaces on which loops occur are shut down. You can restore the interfacesin the command line mode on the S-switch.

Quidway S3300 Series Ethernet SwitchesProduct Description 3 Link Features

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

3-9

Page 38: Quidway S3300 Product Description(V100R003C00_01)
Page 39: Quidway S3300 Product Description(V100R003C00_01)

4 Service Features

About This Chapter

4.1 IPv4 Forwarding

4.2 Multicast

4.3 QoS

4.4 Routing Protocols

4.5 High Availability

4.6 Ethernet OAM

4.7 LLDP

4.8 Cluster Management

4.9 Stacking

4.10 PoE

4.11 IPv6

4.12 Security

4.13 MAC Forced Forwarding

4.14 DHCP

Quidway S3300 Series Ethernet SwitchesProduct Description 4 Service Features

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

4-1

Page 40: Quidway S3300 Product Description(V100R003C00_01)

4.1 IPv4 Forwarding

4.1.1 IPv4 Features

4.1.2 Unicast Routing Features

4.1.3 Multicast Routing Features

4.1.1 IPv4 FeaturesThe S-switch supports the following IPv4 features:

l TCP/IP protocol suite, including ICMP, IP, TCP, UDP, socket (TCP/UDP/Raw IP), andARP.

l Static DNS and specifying a DNS server.

l FTP server/client, TFTP client, and SSH.

l Operations of ping, tracert, and Network Quality Analysis (NQA)NQA can detect whetherICMP, TCP, UDP, DHCP, FTP, HyperText Transfer Protocol (HTTP), and SimpleNetwork Management Protocol (SNMP) services are available and test response time ofthe services.

l DHCP server, DHCP relay agent, DHCP client, and DHCP snooping.

l Bidirectional Forwarding Detection (BFD) fast detection, BFD for OSPF, BFD for IS-IS,BFD for BGP, and BFD for Protocol Independent Multicast (PIM).

4.1.2 Unicast Routing FeaturesThe S-switch supports the following unicast routing features:

l IPv4 unicast forwarding at line speed through ASICs

l IPv4 routing protocols, including RIP v1/v2, OSPF, IS-IS, and BGP v4

l Virtual Routing Forwarding (VRF)

l Static routes that are manually configured by the administrator to simplify networkconfigurations and improve network performance

l Selection of an optimal route through the perfect routing policy

4.1.3 Multicast Routing FeaturesThe S-switch supports multicast, which saves network bandwidth and reduces network loads.The S-switch also ensures QoS of multicast traffic and forwards multicast traffic at line speed.The S-switch supports the following multicast routing features:

l IPv4 multicast forwarding at line speed through ASICs.

l Multicast protocols, including IGMP, PIM-DM, PIM-SM, MSDP, and MBGP.

l Any-Source Multicast (ASM) and Source-Specific Multicast (SSM).

l Anycast RP.

l Multiple RPs can exist in a domain and they are configured as MSDP peers.

4 Service FeaturesQuidway S3300 Series Ethernet Switches

Product Description

4-2 Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Page 41: Quidway S3300 Product Description(V100R003C00_01)

l A multicast source can register with the nearest RP, and the receiver can also choose thenearest RP to join its shared tree. In this manner, load balancing is carried out among theRPs.

l When an RP fails, its previously registered source and receiver choose another nearest RPinstead. This implements the backup of RPs.

l Multicast static routes.

l Filtering of the routes with the routing policy when the multicast routing module receives,imports, and distributes multicast routes.

l Filtering and forwarding of the multicast packets according to the routing policy when IPmulticast packets are forwarded.

l Addition and deletion of dummy entries.

l PIM BFD.

l RPF check.

4.2 MulticastIn the TCP/IP suite, IGMP manages IP multicast members. IGMP sets up and maintains themulticast member relationship between IP hosts and adjacent multicast routers.

4.2.1 IGMP Snooping

4.2.2 Prompt Leave of Multicast Member Interfaces

4.2.3 Flow Control of Multicast Traffic

4.2.4 Multicast Across VLANs

4.2.5 Controllable Multicast

4.2.1 IGMP SnoopingLocated between the host and a multicast router, the S-switch can maintain multicast memberrelationships statically. In addition, the S-switch sets up the mapping between multicast groups,VLAN IDs, and outbound interfaces, and dynamically generates a Layer 2 forwarding table formulticast packets by detecting IGMP messages.

When receiving a multicast packet, the S-switch forwards the packet to only members in thecorresponding VLAN of the multicast group. It multicasts packets in VLANs according to theLayer 2 forwarding table. This reduces the number of packets transmitted over the network tosave network bandwidth, and improves the security of packet transmission.

4.2.2 Prompt Leave of Multicast Member InterfacesWhen a multicast member leaves a group, the host is triggered to send an IGMP Leave message.When an interface on the S-switch is connected to only one host, the S-switch directly deletesthe corresponding multicast forwarding entry of the interface when receiving the IGMP Leavemessage. After that, the S-switch does not forward IGMP Query messages to the interface. Thissaves the bandwidth and system resources, and implements fast switching of services.

Quidway S3300 Series Ethernet SwitchesProduct Description 4 Service Features

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

4-3

Page 42: Quidway S3300 Product Description(V100R003C00_01)

4.2.3 Flow Control of Multicast TrafficUnknown multicast packets refer to those packets for which no forwarding entry is found in themulticast forwarding table. When receiving unknown multicast packets, the S-switch can discardthem or broadcast them in the VLAN to which the receive interface belongs.

To control multicast traffic, the S-switch also supports the limit to the maximum percentage ofmulticast traffic at Ethernet interfaces.

4.2.4 Multicast Across VLANsThe function of multicast across VLANs means converging the multicast packets using ISPVLAN and coping these multicast packets to different user VLANs.

The S-switch forwards multicast packets through the multicast VLAN, and copies the packetsbased on the multicast entries. Then, the S-switch sends these packets to the VLANs of differentusers. The multicast across VLANs enables the S-switch to send unicast packets and multicastpackets in different VLANs. This helps managing and controlling the multicast traffic and tosave the bandwidth resource.

4.2.5 Controllable MulticastNo multicast protocol provides user authentication. Thus, a user can join a multicast group andleave the group at random. The multicast source does not know when a user joins or leaves amulticast group, so the number of users receiving multicast traffic on a network in a certainperiod is unknown. Therefore, the carrier cannot bill the users.

The controllable multicast technology is introduced to solve these problems. Users have to passauthentication before receiving multicast traffic. Furthermore, only authorized multicast trafficcan be received by users. Users who pass authentication are allowed to preview unauthorizedmulticast traffic and can receive multicast traffic in specified periods in a day. Staticallyconfigured multicast traffic is not controlled by controllable multicast.

4.3 QoSThe S-switch provides the class-based QoS mechanism, and supports the mapping of the 802.1ppriority. The QoS supported by the S-switch guarantees end-to-end delay, jitter, and bandwidth.

The S-switch supports classification of traffic based on specific rules. After traffic classification,the S-switch can then perform the following behaviors for the traffic:

l Re-marking

l Traffic policing

l Congestion management

l Congestion avoidance

l Rate limit at the interface

In this manner, the S-switch can provide high-quality network services for added-value servicessuch as NGN, IPTV, and broadband access.

4.3.1 Traffic Classification

4.3.2 Access Control and Re-marking

4 Service FeaturesQuidway S3300 Series Ethernet Switches

Product Description

4-4 Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Page 43: Quidway S3300 Product Description(V100R003C00_01)

4.3.3 Traffic Policing

4.3.4 Congestion Management

4.3.5 Congestion Avoidance

4.3.6 Rate Limit on Interfaces

4.3.7 Aggregation CAR

4.3.1 Traffic ClassificationTraffic classification is used to identify packets that match a certain rule by comparing theheaders of packets with certain rules.

For example:

l Identify the 802.1p priority of the Operating Support System (OSS) packets and NMSpackets as 7

l Identify the 802.1p priority of VoIP packets as 6

l Identify the 802.1p priority of BTV and VOD packets as 5 or 4

l Identify VPN users as 3, 2, or 1 based on their significance

l Identify the 802.1p priority of the internet access service as 0

This implements the classification of packets based on the 802.1p priority.

The S-switch adopts a hardware classifier and thus guarantees wire-speed transmission ofservices on interfaces. The S-switch supports traffic classification based on the following:

l Source MAC addresses

l Destination MAC addresses

l VLAN tags

l ToS or DSCP field

l Quintuple information, namely, protocol type, source IP address, destination IP address,source TCP/UDP port number, and destination TCP/UDP port number

The S-switch also supports traffic classification for Layer 2 to Layer 4 information of the OSImodel based on the customized rule string. ISPs can define the traffic classification rules asrequired.

4.3.2 Access Control and Re-markingAfter traffic classification, the S-switch controls the access of packets first. That is, the S-switch allows or denies the forwarding of the packets. Then, the S-switch re-marks the followingfields in the packets:

l 802.1p priority, that is, PRI field in a VLAN tag

l DSCP field

l Precedence field of IP packets

l VLAN ID

l Destination MAC addresses of packets

Quidway S3300 Series Ethernet SwitchesProduct Description 4 Service Features

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

4-5

Page 44: Quidway S3300 Product Description(V100R003C00_01)

4.3.3 Traffic PolicingThe S-switch uses the token bucket algorithm to perform the Committed Access Rate (CAR)mechanism to police and control incoming traffic.

The S-switch controls the rate of traffic by adjusting the rate of putting tokens. Each token equalsa forwarding rate of 64 kbit/s. The S-switch punishes the excessive traffic to limit the incomingtraffic within a reasonable range and to protect network resources and the interests of the ISP.

4.3.4 Congestion ManagementThe S-switch manages traffic congestion by using queue scheduling mechanisms. There areeight queues on each outbound interface of the S-switch. After traffic classification, packetsenter the corresponding queues based on their precedence fields.

The S-switch provides the following queue scheduling methods:

l Priority Queuing (PQ) schedulingIn this mode, the S-switch schedules queues strictly based on the priorities of queues. PQguarantees that services demanding a short delay are scheduled first.

l DRR schedulingThe S-switch cyclically schedules packets in queues based on priorities of queues and themaximum length of packets that interfaces of the S-switch allows packets to pass through.If the current queue has no packets, the S-switch skips over the current queue and schedulespackets in the next queue.

l PQ + DRR schedulingThe S-switch divides the eight queues on each interface into two groups. The S-switchschedules one group of queues in PQ and the other group of queues in DRR. Thecombination of PQ scheduling and DRR scheduling can be used to highlight theiradvantages.

l Weight Round Robin (WRR) schedulingIn this mode, the S-switch schedules queues cyclically based on the weights of queues. Ifno packets wait in the current queue, the S-switch skips over it and schedules packets inthe next queue. WRR guarantees the network bandwidth for services with a low priority.

l PQ + WRR schedulingThe S-switch divides the eight queues on each interface into two groups. The S-switchschedules one group of queues in PQ scheduling mode and the other group of queues inWRR scheduling mode. The combination of PQ scheduling and WRR scheduling can beused to highlight their advantages.

4.3.5 Congestion AvoidanceCongestion avoidance is a flow control technique used to relieve overload in the network byadjusting the network traffic. By means of watching the used network resources, such as queuesand memory buffers, the S-switch automatically discards packets when congestion occurs ortends to aggravate.

The S-switch adopts the Simple Random Early Detection (SRED) technique to carry outcongestion avoidance. After traffic classification, the S-switch can marks packets with one oftwo drop precedence. Packets with low request for QoS are marked with high drop precedence,and other packets are regarded as normal packets.

4 Service FeaturesQuidway S3300 Series Ethernet Switches

Product Description

4-6 Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Page 45: Quidway S3300 Product Description(V100R003C00_01)

Based on the queue depth and the configured threshold for the traffic, the S-switch can thendiscard packets to adjust the rate of the outgoing traffic from its ports.

4.3.6 Rate Limit on InterfacesRate limit on interfaces is used to adjust the rate of traffic on an interface, which avoids trafficburst and reduces packet loss ratio. The S-switch uses the token bucket and a buffer to limit thetraffic rate on interfaces, implementing traffic shaping. The S-switch buffers the packets thatexceed the interface rate and then sends them at leisure later. In this manner, the transmissionrate is smoothed.

4.3.7 Aggregation CARThe aggregation CAR technology uses the same CAR to police service flows on multipleinterfaces. That is, the service flows on these interfaces must be in the range set by theaggregation CAR. The aggregation CAR technology can also police traffic in a VLAN. Aftertraffic classification, the volume of traffic in the VLAN is controlled, and the packets that exceedthe traffic limit are discarded.

4.4 Routing ProtocolsThe S-switch supports rich unicast routing features:

l Static routes: simplifies network configuration and improves network performance. Staticroutes are manually configured by the ISP.

l IPv4 routing protocols:

– Open Shortest Path First (OSPFv2)

– Intermediate System-to-Intermediate System (IS-IS)

– Border Gateway Protocol (BGP-4)

– Routing Information Protocol(RIP)

l Routing policy: selects the best route.

4.5 High Availability

4.5.1 MSTP Link Backup and Protection

4.5.2 RRPP Fast Protection Switchover

4.5.3 Smart Link Dual-Homing Protection

4.5.1 MSTP Link Backup and ProtectionThe S-switch supports the MSTP technique, which removes broadcast storms in the networkand provides redundant links for data transmission.

The S-switch offers the root protection function. To protect the role of the root port, the role ofspecific ports can be set to remain unchanged when they receive higher-priority BPDU. Thiscan protect the network topology from changing by mistake.

Quidway S3300 Series Ethernet SwitchesProduct Description 4 Service Features

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

4-7

Page 46: Quidway S3300 Product Description(V100R003C00_01)

The S-switch also offers the loop protection function. When the root port cannot receive BPDUfrom the uplink device, the root port enters the blocking state and stops forwarding packets. Atthe same time, no new root port will be elected. This prevents the network from link loops.

4.5.2 RRPP Fast Protection SwitchoverAn RRPP ring is set up on the FE, Eth-trunk or GE port to saves the investment greatly. TheRRPP ring can be applied to the network enabled with dual-homed protection. The RRPP ringcan also be deployed between CE and UPE, or UPE and NPE.

An RRPP ring is composed of a master node and multiple transit nodes. The master node sendsout periodic message from the primary port to detect the link state. If the link fails, the masternode can enable the secondary port to realize self-healing.

If one node in the ring fails, the RRPP can enable the standby link as soon as possible and thelink among nodes can recover quickly.

4.5.3 Smart Link Dual-Homing ProtectionThe S-switch is dual-homed to upstream devices through the Smart Link technology.Downstream links of the S-switch form Monitor Link. The layer-by-layer connection ofconvergence implements association between Smart Link and Monitor Link. When no upstreamlinks exist, the S-switch disables the downstream interface and switches traffic between differentpaths for transmission through the interface association mechanism.

4.6 Ethernet OAMConforming to IEEE 802.3ah and IEEE 802.1ag, the S-switch supports the point-to-pointEthernet fault management. IEEE 802.3ah can be used to detect faults in the first mile of thedirect link on the user side of the Ethernet. At present, the S-switch supports automatic neighbordiscovery, link fault monitoring, remote fault notification, and remote loopback configurationdefined in IEEE 802.3ah. IEEE 802.1ag fulfills end-to-end Ethernet OAM.

The main functions of Ethernet OAM are as follows:l Fault management

The S-switch can detect the network connectivity by sending a detection packet at scheduledtime or through manual triggering.

l Performance managementPerformance management is used to measure the packet loss ratio, delay, and jitter duringthe transmission of packets. It also collects statistics on various types of traffic. It isperformed at the user access points. By using performance management tools, an ISP canmonitor the network running status and locate faults through a Network ManagementSystem (NMS). The ISP checks whether the forwarding capacity of the network complieswith the Service Level Agreement (SLA) signed with users.

Ethernet OAM improves network management and maintenance capabilities on Ethernet andguarantees a stable network.

4.7 LLDPThe S-switch supports LLDP that conforms to IEEE 802.1ab.LLDP is a link layer protocol usedfor interconnected devices to obtain the collection information of each other.

4 Service FeaturesQuidway S3300 Series Ethernet Switches

Product Description

4-8 Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Page 47: Quidway S3300 Product Description(V100R003C00_01)

Using LLDP, the local NMS can acquire the link layer information of all devices in the localnetwork and the details about the network topology. This expands the scope of networkmanagement.

Interfaces with LLDP enabled on the S-switch regularly notify the neighbors of local interfacestatuses. If interface states change, interfaces on the S-switch notify neighboring devices directlyconnected to the S-switch of state updates. Neighboring devices store states of the S-switch inthe standard SNMP management information base (MIB). The NMS can obtain the link layerinformation of the network in the MIB to calculate the topology of the entire network.

4.8 Cluster ManagementThe Huawei Group Management Protocol (HGMP) is a proprietary protocol developed byHuawei. It is used to manage multiple devices with one S-switch. In HGMP, the NeighborDiscovery Protocol (NDP) is used to collect information about neighbors directly connected tothe S-switch. The information collected includes the device model, software version, hardwareversion, connection interface, and member number. Network Topology Discovery Protocol(NTDP) packets are used to collect topology information.

As defined in HGMP, a cluster, that is, a management domain, consists of an administratorswitch and multiple member switches. The S-switch can serve as an administrator switch or amember switch.

l Member switchIt is managed by the administrator switch. Member switches are usually Layer 2 switchesand do not need public IP addresses. When serving as a member switch, the S-switch ismanaged by a high-end device.

l Administrator switchIt serves as the proxy of an external network management station or as a server to managemember switches in the cluster. It needs a public IP address and can allocate private IPaddresses to member switches in the cluster.

In applications, the S-switch usually serves as the administrator switch to mange a great numberof member switches in the residential network. It is used to:

l Automatically discover new remote devices and add them to the cluster.l Collect and maintain the network topology information of the member switches in the

cluster.l Provide member switches in the cluster by means of centralized and batch configuration

or upgrade.

HGMP greatly saves IP address resources by managing devices in a cluster.

4.9 StackingThe power cables or high-speed upstream interfaces of the switches at the same physical locationcan be stacked to form a device group of high reliability. This technology is called stacking. Forthe S-switch, stacking is implemented through stacking interfaces. Through stacking, themanagement and maintenance of switches can be centralized to reduce the maintenance cost ofthe customer. To implement staking, it is required that the stacking switches be of the sameproduct model.

A stacking member plays one of the following roles:

Quidway S3300 Series Ethernet SwitchesProduct Description 4 Service Features

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

4-9

Page 48: Quidway S3300 Product Description(V100R003C00_01)

l Master switchThe master switch functions as the agent for the external Network Management Station(NMS) or the member switches of the cluster. The master switch must be configured withthe IP address of the public network to manage the other switches.

l Backup switchThe backup switch functions as a backup for the master switch. When the master switch isfaulty, the backup switch becomes the new master switch and takes over the tasks of theoriginal master switch.

l Member switchThe member switch functions as a pure service switch and passively receives themanagement of the master switch.

4.10 PoEPoE is short for Power over Ethernet. The switches that support PoE can directly supply powerfor terminals through Ethernet cables. Thus, the early-stage investment cost of the customer isreduced.

For example, you can adopt switches to supply power for Access Points (APs) when deployinga Wireless Fidelity (WiFi) network. The solution is convenient and the cost is low.

4.11 IPv6The IPv6-related functions supported by the S-switch protect the customer investment with themaximum probability. The functions also prevent repeated investment of the customer in devicesduring the network upgrade.

The S-switch supports the following IPv6 functions:

l IPv6 protocol stack

l Unicast routing protocol: RIPng and OSPFv3

4.12 SecurityIn addition to security guarantee for itself, the S-switch also ensures security for transmissionservices.

4.12.1 Device Security

4.12.2 Service Security

4.12.3 Security Authentication

4.12.1 Device Security

Hierarchical Command LinesFor security reasons, the S-switch authenticates users who log in to the device through Ethernetinterfaces in Telnet mode. Users can log in to the device to configure and maintain it only afterthey pass the authentication.

4 Service FeaturesQuidway S3300 Series Ethernet Switches

Product Description

4-10 Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Page 49: Quidway S3300 Product Description(V100R003C00_01)

Hierarchical protection is applied for command lines. The command lines are divided into thefollowing levels in an ascending order:

l Visit level

l Monitoring level

l Configuration level

l Management level

Similarly, login users are also classified into four levels, corresponding to the four levels ofcommand lines. After logging in to the S-switch, users can run only the commands with the sameor lower level than the user level. This mechanism effectively controls the authority of loginusers.

The S-switch supports the extension of command levels and user levels, which can be mappedfrom 4 levels to 16 levels. This level mapping implements fine management on the user levels.

Remote Login Through SSHThe S-switch supports Secure Shell (SSH). On a network without security guarantee, SSHprovides powerful guarantee of security and authentication for login users and can defend againstillegal attacks.

Encryption Authentication in SNMPThe S-switch supports encryption authentication in SNMP. It authenticates the validity of themanagement from a network management station, by checking the IP address of the station.

Authentication, Authorization, and AccountingThe S-switch supports Authentication, Authorization and Accounting (AAA). It can authenticateand authorize login users together with hierarchical command line protection. In addition, it canauthorize the validity of an NMS administrator. The S-switch can defend against login of illegalusers based on AAA.

The authentication mode can be local, RADIUS, or HWTACAS.

CPU Channel ProtectionThe S-switch can filter the packets delivered to the Central Process Unit (CPU) based on protocolnumber, port number, and combination of VLAN IDs and port numbers. This can protect theCPU channels against Denial of Service (DoS) attacks.

Limit of MAC Address Learning at InterfacesThe S-switch supports the setting of the maximum number of MAC addresses learnt by aninterface. This can defend against attacks of source MAC addresses and thus prevents the MACtable resources of the S-switch from being exhausted.

Quidway S3300 Series Ethernet SwitchesProduct Description 4 Service Features

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

4-11

Page 50: Quidway S3300 Product Description(V100R003C00_01)

4.12.2 Service Security

Division of VLANsThe S-switch supports the division of a LAN into multiple VLANs. Devices in different VLANscannot communicate with each other. This effectively isolates broadcast domains and improvesthe security of services.

Blackhole MAC Address EntriesThe S-switch supports blackhole MAC address entries. When receiving a packet, the S-switchcompares the source and destination MAC addresses of the packet with its MAC address entries.If the MAC addresses of the packet are the same as those of a blackhole entry, the packet isdiscarded.

When detecting that packets with a specific MAC address are prone to attacks, the administratorcan set a blackhole MAC address entry to filter the packets with that MAC address. This candefend against attacks with the MAC address.

Searching for MAC Address Entries Based on the Combination of the VLAN IDand MAC Address

To improve security of interfaces, the S-switch can search for MAC address entries based onthe combination of the VLAN ID and MAC address. Static MAC entries can be set in a MACaddress table to map specific MAC addresses to interfaces. In this case, the S-switch defendsagainst attacks of forged MAC addresses.

Port IsolationPort isolation is used to deny the forwarding of Layer 2 packets between interfaces on the sameS-switch. The S-switch supports unidirectional and bidirectional port isolation. Using portisolation, the S-switch can:

l Prevent access between interfaces.

l Offers security guarantee to residential networks.

l Helps construct low-cost intelligent community networks.

l Limits unnecessary broadcasting of packets and thus increases the network throughput.

Packet FilteringPacket filtering is used to filter out illegal or unwanted packets.

The S-switch filters packets based on user-defined rules. For example, it filters packets bychecking the MAC address, IP address, port number and VLAN ID of the packets. Packetfiltering neither checks the status of sessions nor analyzes the data.

By filtering packets, the S-switch can effectively control the packets passing the device.

4.12.3 Security Authentication802.1x is a port-based network access control protocol. "Port-based network access control"indicates that access devices connected to the interface of the access device in the LAN are

4 Service FeaturesQuidway S3300 Series Ethernet Switches

Product Description

4-12 Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Page 51: Quidway S3300 Product Description(V100R003C00_01)

authenticated and controlled. If user devices connected to the interface can pass authentication,they can access resources in the LAN; if not, they cannot access resources in the LAN.

MAC address authentication is an authentication method that controls the network accessauthority of a user based on the interface and MAC address. Thus, you need not install any clientauthentication software. After detecting the MAC address of a user for the first time, the devicestarts authenticating the user. During the authentication, the user does not need to enter theusername or password manually.

4.13 MAC Forced ForwardingThe main purpose of the access layer is to provide network connection between the hosts at theuser side and the access routers (ARs) at the carrier side, especially reliable connection with theInternet and other IP networks.

The access layer can be divided into the user network and convergence network. The usernetwork is connected to the access node (AN) through a subscriber line, which is a physical lineand usually called "the first mile."

The subscriber line is then connected to the convergence network through the AN. In this manner,the AN acts as the border between the subscriber line and the convergence network. User trafficis centralized and converged on the convergence network, which is usually called "the secondmile." See Figure 4-1.

Figure 4-1 Connections of the access layer

A carrier's requirements for the access layer are as follows:

l Traffic on various networks and user hosts is forwarded at Layer 3 rather than switched atLayer 2 through ARs. This enables the carrier to filter, schedule, and bill user traffic throughthe ARs.

Quidway S3300 Series Ethernet SwitchesProduct Description 4 Service Features

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

4-13

Page 52: Quidway S3300 Product Description(V100R003C00_01)

l The efficiency of address assignment needs to be improved to save IPv4 addresses. Theeffectiveness of address assignment needs to be improved if an address is assigned from alarge address pool rather than a small and independent network segment to the host.

To implement user isolation at the access layer and meet the preceding requirements of thecarrier, MAC Forced Forwarding (MFF) is introduced.

MFF is a security protocol and ensures that user hosts accessing the device with the same mediaare isolated. When MFF is run, its security program applies to any shared access media, bringingno extra problems to these networks.

In addition to Layer 2 isolation, the AN that runs MFF discards any upstream broadcast packetsexcept for DHCP messages and ARP request messages. The AN discards DHCP responsemessages received through the subscriber line and limits the rate of DHCP broadcast messages.

The AN that runs MFF must track the IPv4 addresses allocated to the subscriber line. This is toobtain information about the discarded upstream packets that carry spoofing IPv4 addresses.

4.14 DHCPDHCP Snooping

The S-switch can be deployed between the DHCP server and the DHCP client and is responsiblefor monitoring interacted DHCP messages of the DHCP server and the DHCP client. The S-switch creates a binding table containing IP addresses, MAC addresses and port according tothe monitoring result to suppress invalid packets. The S-switch can append or remove theOption82 field for DHCP messages.

l After receiving a Request message from the DHCP client, the S-switch appends theOption82 field to the Request message. The DHCP server performs the IP addressassignment policy by identifying the Option82 field.

l The DHCP server appends the Option82 field to a Response message. The S-switch0analyzes the Option82 field, determines a forwarding interface, removes the Option82 field,and then forwards the message to a user.

Circuit IDs of users are recorded in the Option82 field. This can effectively prevent attackersfrom tempering with DHCP messages.

DHCP Client and DHCP ServerDHCP functions in client/server mode. The DHCP server offers configuration information tothe DHCP client on request.

A DHCP server assigns IP addresses to clients through the address pool. When a client sends aDHCP request to the server, the DHCP server selects a proper address pool based on a certainalgorithm. The server selects an unassigned IP address from the pool, and sends the client theIP address along with other related parameters, such as the DNS server address and lease period.

To dynamically allocate IP addresses to clients, you need to first configure the address poolrange on the DHCP server. At present, an address pool can be configured with only one addressrange. The address range is set through the mask.

DHCP relayThe DHCP client and DHCP server send broadcast packets when IP addresses are dynamicallyallocated to them. Therefore, DHCP can be applied only when the DHCP client and DHCP server

4 Service FeaturesQuidway S3300 Series Ethernet Switches

Product Description

4-14 Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Page 53: Quidway S3300 Product Description(V100R003C00_01)

are in the same subnet. It is uneconomical to deploy a DHCP server in each network segmentto dynamically configure the host.

DHCP relay is introduced to solve this problem. Through DHCP relay, a DHCP client in a subnetcan communicate with the DHCP server in another subnet and finally obtains an IP address. Inthis manner, DHCP clients in multiple subnets can use one DHCP server. This saves cost andfacilitates centralized management.

Quidway S3300 Series Ethernet SwitchesProduct Description 4 Service Features

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

4-15

Page 54: Quidway S3300 Product Description(V100R003C00_01)
Page 55: Quidway S3300 Product Description(V100R003C00_01)

5 Maintenance and Network Management

About This Chapter

5.1 Maintenance and Management

5.2 U2000

Quidway S3300 Series Ethernet SwitchesProduct Description 5 Maintenance and Network Management

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

5-1

Page 56: Quidway S3300 Product Description(V100R003C00_01)

5.1 Maintenance and Management

5.1.1 Configuration Modes

5.1.2 Monitoring and Maintenance

5.1.3 Diagnosis and Debugging

5.1.4 Software Upgrade and In-Service Patching

5.1.5 Hardware Abnormality Handling

5.1.1 Configuration Modes

Multiple Maintenance ModesThe S-switch supports the following configuration modes:

l Through the CLIUsers can configure and manage the S-switch by logging in to the device from a terminatorthrough the Console port or in Telnet mode through a VLANIF interface.

l Through an NMSYou can configure and manage the S-switch according to SNMP through an NMS.

l Through HGMPYou can log in to the S-switch to manage Layer 2 switches and other S-switch in the samecluster based on HGMP.

Login ModesThe S-switch offers a Console port. Users can log on to the Console port of the S-switch throughthe RS-232 serial port of a terminal device to perform local configuration.

In addition, you can log in to service interfaces of the S-switch through Telnet from other devices.

To satisfy different security demands, the S-switch provides the following measures toauthenticate login users:

l Non-authentication

l Local authentication

l AAA authentication

5.1.2 Monitoring and Maintenance

Hardware MonitoringThe S-switch provides the following functions for hardware monitoring:

l Provides the hardware with second-time fault detection to avoid errors made from instantinterference during the detection.

l Automatically checks the version matching when the system is running.

5 Maintenance and Network ManagementQuidway S3300 Series Ethernet Switches

Product Description

5-2 Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Page 57: Quidway S3300 Product Description(V100R003C00_01)

Device Management and MaintenanceThe S-switch provides the following management and maintenance functions:

l Provides command lines with flexible online help and operation interface in two languages:Chinese and English.

l Provides hierarchical command lines and management of user authorities.

l Supports the information center to provide the uniform management of logs, traps, anddebugging information, and redirects information as required.

l Provides the electronic label function. You can check the basic information about the SCUand optical modules through CLI, and copy the information to an external server throughFTP.

l Supports the display of the system status and version, status of each module, temperature,usage of CPU, and memory.

5.1.3 Diagnosis and Debugging

Ping and TraceRouteOn traditional IP networks, the S-switch provides the following tools to check the connectivity:

l Ping

l TraceRoute

These tools are used to test network connectivity and record transmission paths of packets toassist fault analysis.

DebuggingThe S-switch provides various debugging commands for each software feature. Each debuggingcommand supports multiple parameters and can be flexibly controlled. The debuggingcommands can display the process, packets received and transmitted, and error check of a feature.

Black Box FunctionThe S-switch provides the black box function to record information on the feature modules,tasks, and events. The final records of the process status and tracks of functions calling can beused to locate faults rapidly after a fault occurs.

MirroringThe S-switch supports port mirroring and flow mirroring.

l Interface mirroringIncoming traffic, outgoing traffic, or both incoming and outgoing traffic on an observedport is completely copied to the observing interface.

l Flow mirroringObserved flows are completely copied to the observing interface.

By connecting a monitoring host to an observing interface on the S-switch, you can observe thepackets that pass through the S-switch in a real-time and convenient manner. The mirroringfunction provides a basis for traffic detection, fault allocation, and data analysis.

Quidway S3300 Series Ethernet SwitchesProduct Description 5 Maintenance and Network Management

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

5-3

Page 58: Quidway S3300 Product Description(V100R003C00_01)

5.1.4 Software Upgrade and In-Service Patching

Software UpgradeThe S-switch can detect the integrity and validity of the system software before the upgrade andprovides various methods of upgrading the software:

l Local upgradeWhen the S-switch is booted, the software can be loaded and upgraded through theBootROM menu.

l Remote in-service upgradeWhen the S-switch runs properly, the software can be uploaded through FTP or TFTP. Thenew software is run when the S-switch is restarted. This implements the seamless softwareupgrade remotely.

In-Service PatchingThe S-switch supports in-service patching to protect services from being affected when a patchis installed. The patch can be rolled back to the previous versions and device information beforeand after in-service patching is recorded.

5.1.5 Hardware Abnormality HandlingThe S-switch supports automatic and manual intervention when a hardware abnormality occurs,for example, a chip on a board fails. In this manner, the maintenance personnel can locate ahardware abnormality and swiftly handle it to avoid service interruption.

5.2 U2000The S-switch adopts the Huawei U2000 as the centralized network management system. TheU2000 supports multi-language graphic user interface (GUI) that is convenient for operation.The U2000 provides northbound interfaces for connecting the third-party NMS and can beintegrated with other NMSs.

5.2.1 Network Management Modes

5.2.2 U2000 Station

5.2.1 Network Management ModesThe U2000 can manage S-switchs in two modes: in-band and out-band management.

In-band ManagementIn this mode, no additional communication channel is needed between the S-switch and theU2000. The network management information is transmitted over service channels of the S-switch. To enable in-band management, you only need to connect the U2000 to the nearestnetwork devices and then configure the SNMP parameters used for management.

The in-band mode has the following advantages:

l Flexible networking

5 Maintenance and Network ManagementQuidway S3300 Series Ethernet Switches

Product Description

5-4 Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Page 59: Quidway S3300 Product Description(V100R003C00_01)

l Less dependency on the location

l Better channel security

The in-band mode has the following disadvantages:

l The in-band management occupies the service bandwidth of the S-switch.

l The NM station is unable to manage devices from the remote if the service channel fails.

Out-band ManagementIf an independent network is set up between the S-switch and the U2000, you can choose theout-band management mode. The information channel for out-band management is independentof the service channels of the S-switch.

The out-band mode has the advantage that even if the service channel fails, the U2000 can stillmanage the devices. The limitation of this mode, however, is that the independent networkingis much limited by locations.

5.2.2 U2000 StationThe U2000 provides the following functions.

Resource ManagementThe U2000 provides resource management to facilitate users to manage the resources in thenetwork such as devices, interfaces, and links. Through resource management, users can queryand manage the S-switch. In addition, users can query and locate the abnormal resources.

View ManagementTopology management provides a unified topology view for all devices in the network to helpusers know their networks directly and conveniently. The U2000 provides many powerfulfunctions to manage the topology. Users can browse information through the system topologyview, protocol topology view and user-defined view. The U2000 also provides user friendlyinterfaces for operation and maintenance of networks and devices.

The protocol topology views include the HGMP view and Ethernet view, which cover thetopology of various networking modes and network hierarchies of the S-switch. These viewssupport automatic discovery of the network topology and reflect the change of the networktopology and device status.

Configuration ManagementConfiguration management is used to configure the S-switch, including management of thedevice, interfaces, VLAN, Layer 2 features, software upgrading, and configuration files.

The U2000 supports end-to-end configuration, batch configuration, and wizard configuration.In addition, the U2000 provides default configuration templates for the correspondingmanagement.

Fault ManagementFault management is an important and popular management method for maintaining networks.Through the GUI, the U2000 provides the following functions for fault management:

Quidway S3300 Series Ethernet SwitchesProduct Description 5 Maintenance and Network Management

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

5-5

Page 60: Quidway S3300 Product Description(V100R003C00_01)

l Supports queries about the running status and fault detection of the S-switch.

l Supports the real-time monitoring, fault filtering, fault location, fault verification, and faultanalysis of devices.

l Makes faults visible by providing sound prompt and graphic display for faults.

The U2000 can be connected to an alarm box, which facilitates routine maintenance.

Performance ManagementThe U2000 can collect data and monitor the device performance, and analyze the collected data.It provides rich reports and graphic display about the device performance. It collects statisticson device load and access data. Based on this statistics, users can know QoS in the network,evaluate and adjust network resources in time.

The U2000 manages the device performance focused on resource management and displaysinterface in iWeb mode.

Security ManagementSecurity management of the U2000 provides multiple measures to authorize user operations andto ensure system security, including:

l NMS uniform authentication

l Minimum authority of different operations

In addition, the U2000 provides detailed logs, query and analysis of user operations.

Security management supports the following:

l User management

l Access control

l User group management

l Operation management

5 Maintenance and Network ManagementQuidway S3300 Series Ethernet Switches

Product Description

5-6 Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Page 61: Quidway S3300 Product Description(V100R003C00_01)

6 Networking Applications

About This Chapter

6.1 Application in the MAN

6.2 Application in the NGN Bearer Network

6.3 Layered Ring Network -RRPP

6.4 Application of VLAN Mapping

6.5 Application of Selective QinQ

6.6 Application of IPTV

6.7 End-to-End QoS

6.8 Application of Cluster Management

6.9 Access of Partitioned STP

Quidway S3300 Series Ethernet SwitchesProduct Description 6 Networking Applications

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

6-1

Page 62: Quidway S3300 Product Description(V100R003C00_01)

6.1 Application in the MANThe S-switch is mainly deployed at the access layer of the MAN. Figure 6-1 shows thenetworking diagram.

Figure 6-1 S-switch application in the MAN

IP/MPLSCoreBRAS BRAS

Router

RRPP

S9300

S3300S9300

Corelayer

Convergenceaccess layer

Accesslayer

RRPP

S3300

S3300

LSW DSLAM

wirelessaccess

WiMaxAMG

SOHO Residentalarea

Residentalarea

Commericalcenter

Intranet Intranet

In the MAN, the S-switch provide the following access functions:

l The S-switch directly connects user devices. The services of users are converged to theS9300 through the S-switch.

l The S-switch connects Layer 2 switches (LSW) or Digital Subscriber Line AccessMultiplexer (DSLAM), and converges the access services from LSWs or DSLAMs to thecore layer.

l The S-switch connects the Access Media Gateway (AMG) and converges the accessservices from the AMG to the core layer.

l The S-switchs form an RRPP ring to improve the availability of services through the fastprotection switching provided by RRPP. The S-switch also supports Ethernet OAM toimprove fault management and maintenance on links.

l The S-switch provides VLAN mapping, QoS, selective QinQ, replication of multicastpackets across VLANs, and various security measures used to defend against attacks.

6.2 Application in the NGN Bearer NetworkFigure 6-2 shows the application of the S-switch in the NGN bearer network.

6 Networking ApplicationsQuidway S3300 Series Ethernet Switches

Product Description

6-2 Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Page 63: Quidway S3300 Product Description(V100R003C00_01)

Figure 6-2 S-switch application in the NGN

IP/MPLSCore

BRAS

BRAS

Router

RRPP

S9300

S3300S9300

AMGS3300

LSWDSLAM

wirelessaccess

WiMax

SOHO

ResidentialArea Phone

bar

RM SoftX APP server

PSTN

TMG

SOHO

Homegateway

GameBoxPDABTV VoWLAN

WiFi

In the NGN bearer network, the S9300 acts as the convergence device for the AMG to convergethe voice or video services from the AMGs to the core network.

l The S-switch converges the broadband access services and NGN access services to theRRPP Ring.

l The S9300 is connected to two uplink BRASs. The dual-homed connection improves thereliability of the service.

6.3 Layered Ring Network -RRPPThe S-switch can be applied in the layered RRPP ring. The networking for the layer RRPP ringis shown in Figure 6-3.

Quidway S3300 Series Ethernet SwitchesProduct Description 6 Networking Applications

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

6-3

Page 64: Quidway S3300 Product Description(V100R003C00_01)

Figure 6-3 S-switch application in layered RRPP ring

IP/MPLSCoreBRAS BRAS

Router

RRPP

ResidentialArea

CommericalCenter

Intranet

IntranetRRPP

RRPP

RRPP

RRPP

SOHO

S3300

RRPP

S9300S9300

S3300

S3300

S3300

S9300S9300

S9300

S3300

In the MAN Ethernet connected by GE ports, the S9300 acts as the PE-AGG device and the S-switch acts as the UPE device. The MAN Ethernet applies the dual RRPP networking structure.One is the convergence layer and the other access layer. The dual RRPP rings can either betangent or intersectant.

l The convergence layer is located between the PE-AGG devices; the access layer is locatedbetween PE-AGG and UPE devices.

l If RRPP ring in the access layer and that in the convergence layer are tangent, differentRRPP domains are defined.

l If RRPP ring in the access layer and that in the convergence layer are intersectant, only oneRRPP domain is defined. RRPP ring in the convergence layer is the primary ring; RRPPring in the access layer in the subring.

6.4 Application of VLAN MappingThe S-switch provides the VLAN mapping function. Figure 6-4 shows the networking whereVLAN mapping is used.

6 Networking ApplicationsQuidway S3300 Series Ethernet Switches

Product Description

6-4 Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Page 65: Quidway S3300 Product Description(V100R003C00_01)

Figure 6-4 Application of the S-switch enabled with VLAN mapping

AccessConvergence

network

BRAS BRAS

Router

S3300

AMGLSW DSLAM

SOHOVLAN101-500

PSTN

TMG VideoServer

InternetInternetInternetInternet

V50 V350 V850

Residential Area

V450 V450 V450

ISP networkVLAN1-1000

User networkVLAN101-500VLAN401-600VLAN401-700

VLAN401-600 VLAN401-700

Intranet

Enterprises manage their VLAN tags. The VLAN tags of different enterprises can overlap. TheISP manages only VLAN tags of the MAN.

As the convergence device connecting the customer network to the ISP network, the S-switchmaps VLAN tags between the customer network and the ISP network. In this manner, servicesin different VLANs can be transmitted and services can be flexibly deployed.

For upstream services transmitted from the customer network to the ISP network, the S-switch replaces the C-VLAN tag with the S-VLAN tag. For example, the S-switch:

l Replaces VLAN 450 of SOHO with VLAN 850 of the ISP network.

l Replaces VLAN 450 of the residential area with VLAN 50 of the ISP network.

l Replaces VLAN 450 of the enterprise network with VLAN 350 of the ISP network.

For downstream services, the S-switch replaces the S-VLAN tag with the C-VLAN tag.

6.5 Application of Selective QinQThe S-switch provides the selective QinQ function. The networking of selective QinQ is shownin Figure 6-5.

Quidway S3300 Series Ethernet SwitchesProduct Description 6 Networking Applications

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

6-5

Page 66: Quidway S3300 Product Description(V100R003C00_01)

Figure 6-5 S-switch application in selective QinQ

BRAS BRAS

Router

S3300

LSW DSLAM

VLAN1-500

PSTN

TMG VideoServer

InternetInternetInternetInternet

ISP networkVLAN1-1000

User network

VLAN500-700 VLAN700-1000

VLAN1-1000

V30 V450

V30 V650

V30 V850

V10 V100

V10 V600

V10 V800

V100 V450 V600 V650 V800 V850

LSW

QinQ extends greatly the VLAN tag space. Offering the selective QinQ function, the S-switchcan converge services and choose different paths for various services.

The three enterprise networks shown in Figure 6-5 all need to transmit data, voice and videoservices. The S-switch can append an external ISP VLAN tag to the packets of each kind ofaccess services. For example:

l Add an external ISP VLAN tag VLAN10 for data services of VLAN100, VLAN600 andVLAN800 from the customer networks.

l Add an external ISP VLAN tag VLAN30 for video services of VLAN450, VLAN650 andVLAN850 from the customer networks.

6.6 Application of IPTVFigure 6-6 shows the application of the S-switch in IPTV services.

6 Networking ApplicationsQuidway S3300 Series Ethernet Switches

Product Description

6-6 Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Page 67: Quidway S3300 Product Description(V100R003C00_01)

Figure 6-6 Application of the S-switch in IPTV services

IP/MPLSCore

BTV

BTV Video stream

S3300

VideoServerNSM

S9300

RRPP

DSLAM

DSLAM

DSLAM

BTV

AccessConvergence

Network

STBSTBSTBSTB

STBSTBSTBSTB

STBSTBSTBSTB

S9300

S3300

As shown in Figure 6-6, the S-switch, which serves as a UPE, supports IGMP snooping. It canserve as the replication and control point for multicast services at the access layer of the MANto meet the demand for large-capacity multicast services. The DSLAM provides the IGMP proxyfunction to control users' multicasting authority based on the authority of users configured bythe NSM.

To ensure high quality in transmitting broadband television (BTV) services, the RRPP ringcomposed of the S-switch and the S9300 provides the following functions:l The RRPP ring supports fast protection switching, which ensures the availability of BTV

services.l Only one copy of multicast packets need be transmitted in the RRPP ring, which saves

bandwidth.

In addition, the S-switch supports prompt join or leave of interfaces to implement fast switchingof services.

6.7 End-to-End QoSFigure 6-7 shows the networking diagram for the end-to-end QoS provided by the .

Quidway S3300 Series Ethernet SwitchesProduct Description 6 Networking Applications

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

6-7

Page 68: Quidway S3300 Product Description(V100R003C00_01)

Figure 6-7 End-to-end QoS provided by the S-switch

IP/MPLSCore

BRAS

S9300

AMG

DSLAM

Core layer

Convergenceaccess layer

RRPPS9300

S3300

RRPP S3300

S3300

S3300

SOHO

LSW

IntranetPhone

BarBTV

STBSTBSTBSTB

upstream

downstream

As shown in Figure 6-7, the S-switch acts as a UPE. The S9300 acts as a UPE or a PE-AGG.The S-switch guarantees access services from LSWs or DSLAMs with end-to-end QoS, as thesequence numbers shown in Figure 6-7:

l At the ingress of the access convergence layer, the S-switch classifies data, voice, and videoservices. The S-switch then polices traffic and re-marks the precedence of packets.

l RRPP stations including cross-ring stations schedule queues. At the RRPP copy station,the S-switch restores the RRPP priority to the 802.1p priority.

l At the egress of the access convergence layer, the S-switch performs queue scheduling andrate limit at interfaces.

By mapping 802.1p priorities to different packets, the S-switch ensures end-to-end QoS forpackets.

6.8 Application of Cluster ManagementFigure 6-8 shows the networking of the cluster management function provided by the S-switch.

6 Networking ApplicationsQuidway S3300 Series Ethernet Switches

Product Description

6-8 Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Page 69: Quidway S3300 Product Description(V100R003C00_01)

Figure 6-8 Cluster management provided by the S-switch

IP/MPLSCore

Residentialarea

STP/RRPP

NSM

S9300

DSLAMSOHO

Intranet

Buildingcorridor

Buildingcorridor

AMG

S3300S9300

Commercialcenter

Phonebar

Residentialarea

S3300

A large number of Layer 2 switches are usually deployed on an enterprise intranet, in a residentialarea or in a building corridor. Upgrading or configuring these separated Layer 2 switches isinconvenient. To manage these Layer 2 switches in a centralized manner, network administratorsmust group them into HGMP domains based on the network topology.

HGMP allows the Layer 2 switches to be divided into many HGMP clusters to achievecentralized management. The S-switch collects and maintains the information of the Layer 2switches in the HGMP clusters, and manages them.

Cluster management effectively saves IP addresses, reduces operation expenditure, andfacilitates rapid deployment of Layer 2 switches.

6.9 Access of Partitioned STPFigure 6-9 shows how the S-switch accesses the partitioned STP.

Quidway S3300 Series Ethernet SwitchesProduct Description 6 Networking Applications

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

6-9

Page 70: Quidway S3300 Product Description(V100R003C00_01)

Figure 6-9 Access of partitioned STP supported by the S-switch

Intranet DAccess

convergencenetwork

Residentialarea A

S3300-A

S3300-C

S9300-A

S9300-C

S9300-D

S9300-BS3300-B

S3300-DIP/MPLS

Core

Residentialarea B

Intranet C

As shown in Figure 6-9, intranets C and D, residential areas A and B are all connected to aMAN. The S-switch acts as a UPE to access intranets and residential areas. The S-switch is thenconnected to the upstream S9300 through double links, which improves the link reliability.

l The S-switch is connected to the MAN in dual-homing mode. The S-switch and the twoS9300s at the edge of the MAN form a partitioned STP domain. For example, the networkformed by S-switch-A, S9300-A, and S9300-C is a partitioned STP domain.

l S-switch-C and S-switch-D at the egress of intranets and S9300-C and S9300-D at the edgeof the MAN all belong to VLAN 10. In VLAN 10, BPDUs of intranets C and D aretransmitted transparently.

l S-switch-A and S-switch-B at the egress of the two residential areas and S9300-A andS9300-B at the edge of the MAN all belong to VLAN 20. In VLAN 20, BPDUs of residentialareas A and B are transmitted transparently.

l All the S9300s in the MAN support BPDU tunnel and MSTP snooping.

Through the partitioned STP technology, users in the same customer network but at differentlocations can transmit BPDUs in tunnels across the provider network. In this manner, thespanning tree can be computed in the partitioned customer network. The customer network andthe provider network have their own spanning trees, which are independent of each other.

6 Networking ApplicationsQuidway S3300 Series Ethernet Switches

Product Description

6-10 Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Page 71: Quidway S3300 Product Description(V100R003C00_01)

7 System Specifications

About This Chapter

7.1 Technical Specifications

7.2 List of Software Features

Quidway S3300 Series Ethernet SwitchesProduct Description 7 System Specifications

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

7-1

Page 72: Quidway S3300 Product Description(V100R003C00_01)

7.1 Technical Specifications

7.1.1 Physical Specifications of the S-switch

7.1.2 System Configuration

7.1.1 Physical Specifications of the S-switch

Table 7-1 Physical specifications of the S-switch

Item Specification

Dimensions (width x depth xheight)

l S3328TP-EI/SI:442.0mm×220.0mm×43.6mm

l S3328TP-EI-24S:442.0mm×220.0mm×43.6mm

l S3352P-EI/SI:442.0mm×220.0mm×43.6mm

l S3352P-EI-24S:442.0mm×420.0mm×43.6mm

l S3352P-EI-48S:442.0mm×420.0mm×43.6mm

l S3328TP-PWR-EI:442.0mm×420.0mm×43.6mm

l S3352P-PWR-EI:442.0mm×420.0mm×43.6mm

Maximum power (configured tothe full capacity)

l S3328TP-SI/EI:20W

l S3328TP-EI-24S:52W

l S3352P-SI/EI:38W

l S3352P-EI-24S:65W

l S3352P-EI-48S:90W

l S3328TP-PWR-EI:448W(Dissipated power:78W,PoE:370W)

l S3352P-PWR-EI:880W(Dissipated power:140W,PoE:740W)

Weight Full configuration ≤6.5kg

Emptyconfiguration

≤5kg

DC inputvoltage

Rated voltage –48V DC to–60V DC

Maximumvoltage range

–36V DC to–72V DC

AC inputvoltage

Rated voltage 100V AC to 240V AC

Maximumvoltage range

90V AC to 264V AC

Temperature Long-termoperation

0°C to 50°C

7 System SpecificationsQuidway S3300 Series Ethernet Switches

Product Description

7-2 Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Page 73: Quidway S3300 Product Description(V100R003C00_01)

Item Specification

Short-termoperation

–5°C to 55°C

Storage –40°C to 70°C

Relative humidity 10% RH to 90% RH

Altitude forinstallation

Long-termoperation

0 m to 2000 m

Storage 0 m to 2000 m

7.1.2 System Configuration

Table 7-2 System configuration of the S-switch

Item Specification of the S-switch

Processor S3328: Dominant frequency 266MHzS3352: Dominant frequency 200MHz

Switching capacity l S3328:12.8Gbit/s

l S3352:17.6Gbit/s

Packet forwardingcapacity

l S3328:9.6Mpps

l S3352:13.1Mpps

DDR memory 128MB

Flash memory 16MB

Quidway S3300 Series Ethernet SwitchesProduct Description 7 System Specifications

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

7-3

Page 74: Quidway S3300 Product Description(V100R003C00_01)

7.2 List of Software Features

Table 7-3 List of features supported by the S-switch

Feature Description

Ethernet Ethernet l Supports operating modes of full-duplex, half-duplex, andauto-negotiation.

l Supports the 10-Mbit/s, 100-Mbit/s, 1000-Mbit/s, and auto-negotiation rate of Ethernet interfaces.

l Supports flow control on interfaces.

l Supports Jumbo packets.

l Supports link aggregation.

l Supports load balancing on links in a trunk.

l Supports port isolation and forwarding restriction oninterfaces.

l Supports the suppression of broadcast storms.

VLAN l Supports access modes of access, trunk, hybrid, and QinQ.

l Supports the configuration of default VLANs.

l Supports VLAN mapping.

l Supports selective QinQ.

l Supports Voice VLAN.

MAC l Supports the automatic learning and aging of MACaddresses.

l Supports static, dynamic, and blackhole MAC entries.

l Supports the filtering of packets based on their source MACaddresses.

l Supports the limit of MAC address learning on interfaces.

ARP l Supports static and dynamic ARP entries.

l Supports ARP applied to a VLAN.

l Supports the aging of ARP entries.

Smartlink l Supports Smartlink.

l Supports Smartlink multi-instance.

l Supports Monitorlink.

LLDP Supports LLDP

7 System SpecificationsQuidway S3300 Series Ethernet Switches

Product Description

7-4 Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Page 75: Quidway S3300 Product Description(V100R003C00_01)

Feature Description

ProtectionagainstEthernetloops

MSTP l Supports STP.

l Supports RSTP.

l Supports MSTP.

l Supports BPDU protection, root protection, and loopprotection.

l Supports partitioned STP and BPDU tunnel.

RRPP l Supports RRPP protection switchover.

l Supports single RRPP ring, tangent RRPP rings andintersectant RRPP rings.

l Supports hybrid networking of RRPP and other networks.

IPv4forwarding

IPv4 features l Supports ARP/RARP.

l Supports ARP proxy.

l Supports auto-detection.

Unicastroutingfeatures

l Static routes

l RIP-1/RIP-2

l OSPF

l BGP

l IS-IS

l Routing policies and policy routes

l uRPF check

l VRF

l Supports DHCP Client/Server/Relay

l Supports DHCP snooping

Multicastroutingfeatures

l IGMPv1/v2/v3

l PIM-DM

l PIM-SM

l PIM-SSM

l MBGP

l MSDP

l Multicast routing policy

l RPF

Devicereliability

BFD l Basic functions of BFD

l BFD FOR OSPF

l BFD FOR IS-IS

l BFD FOR BGP

l BFD FOR PIM

Quidway S3300 Series Ethernet SwitchesProduct Description 7 System Specifications

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

7-5

Page 76: Quidway S3300 Product Description(V100R003C00_01)

Feature Description

Others VRRP

Layer 2multicastfeatures

Layer 2multicastfeatures

l Supports IGMP snooping.

l Supports the prompt leave mechanism for users.

l Supports flow control of multicast traffic.

l Supports the replication of multicast packets across VLANs.

l Supports controllable multicast.

Eth OAM EFM OAM l Automatic neighbor discovery

l Link fault monitoring

l Remote fault notification

l Remote loopback configuration

QoSfeatures

Trafficclassification

l Supports traffic classification based on the combination ofLayer 2 protocol header, IP quintuple, outbound interface,and 802.1p priority.

l Supports classification based on the C-VID and C-PRI ofQinQ packets.

Trafficbehavior

l Performs access control for packets after trafficclassification.

l Supports traffic classification based on CAR.

l Re-marks packets based on the results of traffic classification.

l Sends packets to specified scheduling queues after trafficclassification.

l Supports the combined application of traffic classificationand traffic behavior.

Queuescheduling

l Supports PQ scheduling.

l Supports DRR scheduling.

l Supports PQ + DRR scheduling.

l Supports WRR scheduling.

l Supports PQ + WRR scheduling.

Congestionavoidanceand rate limit

l Supports SRED.

Rate limit onoutboundinterfaces

Supports the rate limit on outbound interfaces.

7 System SpecificationsQuidway S3300 Series Ethernet Switches

Product Description

7-6 Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Page 77: Quidway S3300 Product Description(V100R003C00_01)

Feature Description

Configuration andmaintenance

Terminalservices

l Supports configurations through CLI.

l Supports prompt and online help in English and Chinese.

l Supports terminal services through the console interface orTelnet.

l Provides the send function for terminal users to communicatewith each other.

File system l Supports file systems.

l Supports directories and file management.

l Supports the downloading and uploading of files through FTPand TFTP.

Debuggingandmaintenance

l Provides unified management on logs, traps, and debuggingmessages.

l Provides the electronic label function.

l Supports the log recording of user operations.

l Provides detailed debugging information to diagnosenetwork faults.

l Provides network test tools such as tracert and pingcommands.

l Provides interface mirroring and traffic mirroring.

Softwareupgrade

l Supports the in-service loading of the VRP.

l Supports the in-service upgrade of BootROM.

l Supports in-service patching.

Securityandmanagement

Systemsecurity

l Provides command line-based hierarchical protection toprevent against unauthorized users from accessing the device.

l Supports SSH v2.0.

l Supports RADIUS and HWTACACS authentication for userlogins.

l Supports the filtering of packets through ACL rules.

l Supports the filtering of DHCP packets by appending Option82.

l Supports the prevention of attacks by sending controlpackets.

l Supports defences against attacks of source address spoofing,LAND, SYN flood (TCP SYN), Smurf, ping flood (ICMPEcho), Teardrop, and Ping of Death.

NetworkManagement

l Supports the ping and traceroute functions of ICMP.

l Supports SNMPv1/v2c/v3.

l Supports standard MIBs.

l Supports RMON.

Quidway S3300 Series Ethernet SwitchesProduct Description 7 System Specifications

Issue 01 (2009-12-15) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

7-7

Page 78: Quidway S3300 Product Description(V100R003C00_01)

Feature Description

Clustermanagement

l Supports HGMPv2.

l Supports the S-switch to be an administrator switch.

l Supports the S-switch to be a member switch.

l Supports automatic addition of member switches.

l Supports private IP addresses of member switches.

l Supports the login of member switches through Telnet.

7 System SpecificationsQuidway S3300 Series Ethernet Switches

Product Description

7-8 Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)