Professional Documents
Culture Documents
ServiceRouter
V600R006C00
Product Description
Issue 01
Date 2012-11-10
and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.
All other trademarks and trade names mentioned in this document are the property of their respective
holders.
Notice
The purchased products, services and features are stipulated by the contract made between Huawei and
the customer. All or part of the products, services and features described in this document may not be
within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements,
information, and recommendations in this document are provided "AS IS" without warranties, guarantees or
representations of any kind, either express or implied.
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute a warranty of any kind, express or implied.
Website: http://www.huawei.com
Email: support@huawei.com
Purpose
This document describes the product positioning and features, product architecture, link
features, service features, application scenarios, operation and maintenance, and technical
specifications of the NE40E device.
This document provides an overall description of the NE40E device, which helps intended
readers get a general understanding of all the product features.
Related Versions
The following table lists the product versions related to this document.
Intended Audience
This document is intended for:
Network planning engineers
Hardware installation engineers
Commissioning engineers
Data configuration engineers
On-site maintenance engineers
Network monitoring engineers
System maintenance engineers
Symbol Conventions
The symbols that may be found in this document are defined as follows.
Symbol Description
Indicates a hazard with a high level of risk, which if not
avoided, will result in death or serious injury.
Change History
Updates between document issues are cumulative. Therefore, the latest document issue
contains all updates made in previous issues.
Contents
12 NMS ............................................................................................................................................. 66
A Acronyms and Abbreviations .................................................................................................. 68
2 Positioning
NE40E-X2 NE40E-X1
3 Product Architecture
Backplane
Control Bus Control Bus GE/Console/
2*10G MPU
Monitor Bus Monitor Bus Bits/USB
NPU (Slave)
Data Bus
MPU MPU
Monitoring System System
plane monitoring unit monitoring unit
The data plane is responsible for high speed processing and non-blocking switching of
data packets. It encapsulates or decapsulates packets, forwards IPv4/IPv6/MPLS packets,
performs QoS as well as scheduling and internal high-speed switching, and collects
statistics.
The control and management plane completes all control and management functions for
the system and is the core of the entire system. Control and management units process
protocols and signals, and maintain, manage, report on, and control system status.
The monitoring plane monitors the ambient environment to ensure secure and stable
operation of the system. It detects voltage levels, controls system power-on and-off,
monitors temperature, and controls fan modules. When a unit fails, the monitoring plane
isolates the faulty unit promptly so that other parts of the system can continue to run
normally.
Power FAN
Monitoring Monitoring
RPS RPS
SNMP
Master Slave
IPC
NPU
PIC
PIC
PIC
PIC
Power FAN
Monitoring Monitoring
RPS RPS
SNMP
Master Slave
IPC
NPU NPU
PIC
PIC
PIC
PIC
PIC
PIC
PIC
PIC
Software of the NE40E consists of the Routing Process System (RPS), power monitoring
system, fan monitoring system.
The RPS, which includes IPOS software, VRP software, and product-adaptation software, is
the control and management module that runs on the MPU. The RPS on the active MPU and
the one on the standby MPU back up each other. RPSs support IPv4/IPv6, MPLS, LDP, and
routing protocols, calculate routes, establish LSPs and multicast distribution trees, generate
unicast, multicast, and MPLS forwarding tables, and they deliver information concerning all
the preceding mentioned to the LPU.
The FSU implements the functions of the link layer and some functions of the IP protocol
stack on interfaces.
The EFU performs hardware-based IPv4/IPv6 forwarding, multicast forwarding, MPLS
forwarding, and has a statistics functions.
PIC
Datagram Datagram
Congestion Queue
QoS in the management scheduling QoS in the
upstream Queue Congestion downstream
scheduling management
TM Multicast replication
As shown in Figure 3-5, the Packet Forwarding Engine (PFE) adopts a Network Processor
(NP) or an Application Specific Integrated Circuit (ASIC) to implement high-speed packet
routing. External memory types include Static Random Access Memory (SRAM), Dynamic
Random Access Memory (DRAM), and Net Search Engine (NSE). The SRAM stores
forwarding entries; the DRAM stores packets; the NSE performs searching routing table.
Data forwarding processes can be divided into upstream and downstream processes based on
the direction of the data flow.
Upstream process: The Physical Interface Card (PIC) encapsulates packets to frames and
then sends them to the PFE. On the PFE of the inbound interface, the system
decapsulates the frames and identifies the packet types. It then classifies traffic according
to the QoS configurations on the inbound interface. After traffic classification, the
system searches the Forwarding Information Base (FIB) for the outbound interfaces and
next hops of packets to be forwarded. To forward an IPv4 unicast packet, for instance,
the system searches the FIB for the outbound interface and next hop according to the
destination IP address of the packet. Finally, the system sends the packets containing
information about outbound interfaces and next hops to the traffic management (TM)
module.
Downstream process: Information about packet types that have been identified in the
upstream process and about the outbound interfaces is encapsulated through the link
layer protocol and the packets are stored in corresponding queues for transmission. If an
IPv4 packet whose outbound interface is an Ethernet interface, the system needs to
obtain the MAC address of the next hop. Outgoing traffic is then classified according to
the QoS configurations on the outbound interfaces. Finally, the system encapsulates the
packets with new Layer 2 headers on the outbound interfaces and sends them to the PIC.
4 Technical Specifications
Physical Specifications
Item X2 X1
Dimensions (width x 442 mm x 220 mm x 222 mm 442 mm x 220 mm x 132 mm
depth x height) (5 U height) ( 17.40 in. x 8.66 in. x 5.20
in. )
Installation Mounted in an N63B cabinet, a standard 19-inch cabinet, or a
23-inch North American open rack
Weight (in full 22 kg 14 kg ( 30.87 lb )
configuration)
Typical power 650 W 350 W
Heat dissipation 2109 BTU/hour 1136 BTU/hour
DC input Rated -48 V
voltage voltage
Maximum -38 V to -72 V
voltage
range
AC input Rated 220 V
voltage voltage
Maximum 90 V to 275 V (recommend)
voltage 175 V to 275 V
range
Ambient Long-term 5C to +50C ( 23F to 122F )
temperat
ure Short-term -20C to +60C ( -4F to 140F ) (Short-term refers to a period of
not more than 96 consecutive hours and a total of not more than
15 days in 1 year.)
Remarks Temperature change rate limit: 30C/hour ( 86F/hour )
Item X2 X1
Storage temperature -40C to +70C ( -40F to 158F )
Relative Long-term 5% to 85% RH, non-condensing
ambient
humidity Short-term 5% to 95% RH, non-condensing
System Configuration
Item X2 X1
SDRAM 2 GB 2 GB
CF card 1 GB 1 GB
USB interface USB2.0 Host USB2.0 Host
Forwarding capacity 40 Gbit/s 20 Gbit/s
Packets forwarding rate 60 Mpps 30 Mpps
Backplane bandwidth 450 Gpbs 285 Gpbs
Interface capacity Non-line-rate: 75.2 Gbit/s Non-line-rate: 52 Gbit/s
Line-rate: 40Gbit/s Line-rate: 20Gbit/s
Number of subcard 8 4
slots
Number of MPU slots 2 2
Number of NPU slots 2 1
5 FPIC
The NE40E-X2 has eight slots for subcards. Subcards are hot swappable and support
automatic configuration recovery.
The NE40E-X1 has four slots for subcards. Subcards are hot swappable and support
automatic configuration recovery.
6 Link Features
VLAN sub-interfaces
Interface loopback, including local loopback and remote loopback
The E1 interface channalized from a CPOS interface, in compliance with SAToP, can
transparently transmit unstructured TDM services through PWs on an MPLS network.
The E1 interface channalized from a CPOS interface, in compliance with CESoPSN, can
transparently transmit structured TDM services through PWs on an MPLS network.
ML-PPP/PPP/HDLC/ATM/TDM/ATM IMA
The NE40E provides CPOS interfaces at 155 Mbit/s. At the link layer, CPOS interfaces
support the following protocols:
Frame Relay
ML-PPP
TDM
ATM IMA
Interface loopback, including local loopback and remote loopback
implements Layer 2 forwarding of IPoEoA packets between the Ethernet and PVC. By
converging the ATM backbone network and the IP network, IPoEoA supports various
Ethernet and IP services.
ATM cell relay
The NE40E supports PVC-based or PVP-based ATM cell relay and AAL5 SDU relay.
The NE40E supports the following ATM cell relay modes:
Interface-based ATM cell relay
1-to-1 VCC cell relay
N-to-1 VCC cell relay
1-to-1 VPC cell relay
N-to-1 VPC cell relay
ATM AAL5-SDU VCC transport
Interface loopback, including local loopback and remote loopback
Configuration of the MTUs for IPv4 and MPLS packets
Line clocks
Scrambling and descrambling of transmitted data
Configuration of the shutdown and undo shutdown commands on ATM interfaces
Configuration of the shutdown and undo shutdown commands on PVCs/PVPs
Configuration of the shutdown and undo shutdown commands on sub-interfaces
AAL5 SNAP encapsulation
Cell relay and IWF on different sub-interfaces of the same ATM interface
7 Service Features
Ethernet sub-interfaces
VLAN aggregated sub-interfaces
Port number-based VLAN division
VLAN mapping
VLAN stacking
MAC address limit
Unknown unicast/multicast/broadcast suppression
Spanning Tree Protocol (STP)/Rapid Spanning Tree Protocol (RSTP)
Multiple Spanning Tree Protocol (MSTP)
RRPP with switching time less than 50 ms
EType in the outer tag of QinQ packets used for interoperation with devices of other
vendors
Multicast QinQ
QinQ-based VLAN swapping
VLAN stacking can be applied in the following scenarios:
Access to VPLS
Access to VLL or PWE3
Translation sub-interface supporting 1to1, 1to2, 2to1, 2to2 VLAN tag translation
Sub-interface for QinQ VLAN tag termination supporting VLAN tag swapping
Sub-interface for dot1q VLAN tag termination, sub-interface for QinQ VLAN tag
termination, QinQ stacking sub-interface, and translation sub-interface supporting the
block action
ACLs based on double VLAN tags and 802.1p precedence
Sub-interfaces for QinQ VLAN tag termination accessing a VPLS network in
symmetrical mode supporting HQoS
Sub-interface for QinQ VLAN tag termination and sub-interface for dot1q VLAN tag
termination supporting IPv6 routing protocols
Sub-interface for QinQ VLAN tag termination and sub-interface for dot1q VLAN tag
termination supporting BFDv6
Dynamic QinQ triggered by ND/DHCPv6 in IPv6 scenarios
Sub-interface for QinQ VLAN tag termination and sub-interface for dot1q VLAN tag
termination supporting VRRPv6
Sub-interface for QinQ VLAN tag termination IPv4 URPF
Sub-interface for QinQ VLAN tag termination IPv6 URPF
MSTP
MSTP provides BPDU protection to defend against such attacks. After the BPDU protection
is enabled, the switch shuts down the edge port that receives BPDUs. At the same time, the
switch informs the NMS of the situation. The edge port can be enabled by the network
administrator.
NE40E can restrict the sending of Layer 2 and Layer 3 protocol packets such as RSTP and
DHCP through CP-CAR. This avoids influencing device performance.
7.2 IP Features
7.2.1 IPv4/IPv6 Dual Stack
The IPv4/IPv6 dual stack can be easily implemented and can smoothly interoperate with other
protocols. Figure 7-1 shows the structure of the IPv4/IPv6 dual stack.
IPv4/IPv6 Application
TCP UDP
IPv4 IPv6
Link Layer
IPv6 routing protocols, including Routing Information Protocol Next Generation (RIPng),
OSPFv3, IS-ISv6, and BGP4+
Static routes that are manually configured by the administrator to simplify network
configurations and improve network performance
Large-capacity routing table to effectively support the operation of a MAN.
Selection of the optimal route through the perfect routing policy
Import of routing information of other protocols
Use of routing policies in advertising and receiving routes and filtering of routes through
route attributes
Support for load balancing and configuring the maximum number of equal-cost routes
32-channel load balancing of IPv6 routes
Password authentication and MD5 authentication to improve network security
Restart of protocol processes through command lines
RIP-1 (classful routing protocol) and RIP-2 (classless routing protocol)
Advertisement of a default route from a RIP-enabled device to its peers and setting of the
metric of this route
RIP-triggered updates
Disabling a specified interface from sending or receiving OSPF or RIP packets
Association between OSPF and BGP
Association between OSPF and LDP
Fast OSPF convergence, which can be implemented in the following manners:
Adjusting the interval at which LSAs are sent
Enabling OSPF GR
Configuring BFD for OSPF
OSPF I-SPF and IS-IS I-SPF (I-SPF re-calculates only the affected routes of a shortest
path tree (SPT) rather the entire SPT)
OSPF PRC
OSPF calculation of link costs based on the reference bandwidth
Link costs can be manually configured or automatically calculated by the system based
on the reference bandwidth by using the following formula:
Link cost = Reference bandwidth/Interface bandwidth
The integer of the calculated result is the link cost. If the calculated result is smaller than
1, the cost is 1. The link cost can be changed by changing the reference bandwidth. By
default, the reference bandwidth of the NE40E is 100 Mbit/s. The value can be changed
to one in the range of 1 to 2147483648 in Mbit/s by running commands.
Two-level IS-IS in a routing domain
Association between IS-IS and LDP
IS-IS GR, OSPF GR and BGP GR, which ensure high reliability with Non-Stop
Forwarding (NSF)
BGP indirect next hop and dynamic update peer-groups
Policy-based route selection by BGP when there are multiple routes to the same
destination
BGP route reflector (RR), which addresses the problem of high costs of full-mesh
requirement when there are many IBGP peers
Sending of BGP Update packets that carry no private AS number
7.4 MPLS
The NE40E supports MPLS features, and static and dynamic LSPs. Static LSPs require that
the administrator configure the Label Switch Routers (LSRs) along the LSPs and set up LSPs
manually. Dynamic LSPs are set up dynamically in accordance with the routing information
through the Label Distribution Protocol (LDP) and RSVP-TE.
The delay for MPLS packets can be controlled in the following aspects:
In the case that there is no traffic congestion, the NE40E adopts a high-speed processor
to ensure line-rate forwarding and low delay.
In the case of traffic congestion, the NE40E ensures preferential forwarding and low
delay for traffic with high priority through mechanisms such as QoS, HQoS, MPLS TE,
and DS-TE.
MPLS is supported on all interfaces of the NE40E.
RFC 3032
RFC 3034
RFC 3035
RFC 3036
RFC 3037
The NE40E supports CR-LDP and RSVP-TE and can interoperate with non-Huawei
devices through CR-LDP or RSVP-TE.
MPLS TE
The MPLS TE technology combines the MPLS technology with traffic engineering. It can
reserve resources by setting up LSP tunnels for a specified path in an attempt to avoid
network congestion and balance network traffic.
In the case of resource scarcity, MPLS TE allows the preemption of bandwidth resources of
LSPs with low priorities. This meets the demands of important services or the LSPs with large
bandwidth. When an LSP fails or a node is congested, MPLS TE can ensure smooth network
communication through the backup path and the fast reroute (FRR) function. Through
automatic re-optimization and bandwidth adjustment, MPLS TE improves the self-adaptation
capability of tunnels and properly allocates network resources.
The process of updating the network topology through the TEDB is as follows: When a link
goes Down, the CSPF failed link timer is enabled. If the IGP route is deleted or the link is
changed within the timeout period of the CSPF failed link timer, CSPF deletes the timer and
then updates the TEDB. If the IGP route is not deleted or the link is not changed after the
timeout period of the CSPF failed link timer expires, the link is considered Up.
MPLS TE provides the following functions:
Processing of static LSPs
MPLS can create and delete static LSPs, which require bandwidth but are manually
configured.
Processing of Constrained Route-Label Switched Path (CR-LSP) of various types and
route calculation through the CSPF algorithm
CR-LSPs are classified into the following types:
RSVP-TE
RSVP authentication complies with RFC 3097.
Auto routing
Auto routing works in either of the following modes:
IGP shortcut: An LSP is not advertised to neighboring routers. Therefore, other
routers cannot use the LSP.
Forwarding adjacency: An LSP is advertised to neighboring routers. Therefore, other
routers can use the LSP.
Fast reroute (FRR)
The switchover through FRR is within 50 ms, which minimizes the data loss when
network faults occur.
Auto FRR
Auto FRR is an extension to MPLS TE FRR. You can create a bypass tunnel that meets
the requirement on the LSP by configuring the attributes of the bypass tunnel, global
auto FRR, and auto FRR on the interface of the primary tunnel. With the change of the
primary tunnel, the previous bypass tunnel is deleted automatically. Then, a new bypass
tunnel that meets the requirement is set up.
Backup CR-LSP
The NE40E supports the following backup modes:
Hot backup
A backup CR-LSP is established immediately after the primary CR-LSP is
established. When the primary CR-LSP fails, MPLS TE switches traffic immediately
to the backup CR-LSP.
Ordinary backup
A backup CR-LSP is set up when the primary CR-LSP fails.
LDP over TE
In existing networks, not all devices support MPLS TE. It is possible that only the
devices at the network core support TE and the devices at the network edge use LDP.
The application of LDP over TE is therefore put forward. With LDP over TE, the TE
tunnel is considered as a hop of the entire LDP LSP. Through forwarding adjacency, one
MPLE TE tunnel can be considered as a virtual link and advertised to an IGP network.
Make-before-break
Make-before-break is a technology for ensuring highly reliable CR-LSP switchover. The
original path is not deleted until a new path has been created. Before a new CR-LSP is
created, the original CR-LSP is not deleted. After a new CR-LSP has been created, the
traffic is switched to the new CR-LSP first, and then the original CR-LSP is deleted. This
ensures non-stop traffic forwarding.
DS-TE
DS-TE implemented on the NE40E supports the Non-IETF mode and the IETF mode.
The Non-IETF (non-standard) mode supports two CTs (CT0 and CT1), eight
priorities (0-7), and two bandwidth constraint models (RDM and MAM).
The CT here refers to the class type of a corresponding service flow. The priority here
refers to the LSP preemption priority.
The IETF (standard) mode supports eight CTs (CT0 through CT7), eight priorities
(0-7), and three bandwidth constraint models (RDM, MAM, and Extended).
DS-TE supports TE FRR, hot standby, protection switchover, and CT-based traffic
statistics collection.
MPLS OAM
MPLS OAM functions are as follows:
MPLS OAM detection
MPLS OAM sends CV/FFD and BDI packets along an LSP to be detected and its reverse
LSP to detect its connectivity.
OAM auto protocol
Protection switching
VLL
The NE40E supports the following VLL functions:
Martini VLL
The Martini mode supports double labels. The inner label adopts extended LDP for
signaling in compliance with RFC 4096.
The type of VC FEC is 128. VC encapsulation types include 0x0004 Ethernet Tagged
Mode, 0x0005 Ethernet, and 0x000B IP Layer2 Transport.
Kompella VLL
VC encapsulation types of Kompella VLL include ATM-1to1-VCC, ATM-1to1-VPC,
ATM-AAL5-SDU, ATM-nto1-VCC, ATM-nto1-VPC, ATM-trans-cell, Ethernet, PPP,
VLAN, and IP-interworking.
Kompella VLL supports the local inter-board switching of packets in 802.1Q mode.
Kompella VLL supports inter-AS VPN.
CCC VLL
CCC VLL supports the local inter-board switching of packets in 802.1Q mode
SVC VLL
VPLS
In a VPLS network, PEs can be all connected to each other and enabled with split horizon to
prevent Layer 2 loops.
The implementations of VPLS control plane through BGP and LDP are called Kompella
VPLS and Martini VPLS respectively.
Kompella VPLS
Kompella VPLS has good scalability. With Kompella VPLS, BGP is adopted for
signaling, and VPN targets are configured to implement automatic discovery of VPLS
members. Therefore, the addition or deletion of PEs requires few additional operations.
Martini VPLS
Martini VPLS has poor scalability. With Martini VPLS, LDP is adopted for signaling,
and the peers of a PE need to be manually specified. PEs in a VPLS network are all
connected to each other. Therefore, adding a new PE requires configurations on all the
other associated PEs to be modified.A pseudo wire (PW) is actually a point-to-point link.
This means that using LDP to create, maintain, and delete the PW is more effective.
The NE40E supports the following VPLS functions:
Access to the VPLS network in QinQ mode
HVPLS
IGMP snooping for VPLS
One MAC address space for each VSI
VPLS learns MAC addresses in the following modes:
Unqualified mode: In this mode, a VSI can contain multiple VLANs sharing a MAC
address space and a broadcast domain. When learning MAC addresses, VPLS also
needs to learn VLAN IDs.
Qualified mode: In this mode, a VSI has only one VLAN, which has an independent
MAC address space and a broadcast domain. When learning MAC addresses, VPLS
does not need to learn VLAN IDs.
VPLS/HVPLS equal-cost load balancing
Fast switching of multicast traffic
mVPLS
STP over PW
STP over VPLS
Transparent transmission of certain types of link layer protocol packets
Interfaces can be configured to transparently transmit certain types of link layer protocol
packets, such as BPDUs, STP packets, LLDP packets, UDLD packets, CDP packets, and
HGMP packets.
Ethernet loop detection
PBB over VPLS
PBB VPLS interworking
The NE40E supports MP2MP PBB over VPLS to implement intercommunication
between VPLS and PBB networks.
PWE3
The NE40E supports the following PWE3 functions:
Virtual Circuit Connectivity Verification PING (VCCV-PING)
The NE40E supports the manual LDP PW connectivity detection on the UPE, including
the connectivity of static PWs, dynamic PWs, SS-PWs, and MS-PWs.
VCCV Ping over a static MS-PW
PW template
The NE40E supports the binding between a PW and a PW template, and the reset of
PWs.
The NE40E supports heterogeneous interworking.
Currently, the NE40E supports the transparent transmission of the following packets
through PWE3: ATM AAL5 SDU VCC transport, Ethernet, ATM n-to-one VCC cell
transport, IP Layer 2 transport, and ATM one-to-one VCC cell mode.
PW redundancy
The NE40E supports the circuit emulation service (CES) by using Pseudo-Wire
Emulation Edge to Edge (PWE3).
The CES is classified into the Structure-aware TDM Circuit Emulation Service over
Packet Switched Network (CESoPSN) and Structure-Agnostic TDM over Packet (SAToP)
service.
Carrier's carrier
Inter-AS VPN
The NE40E supports the following inter-AS VPN solutions described in RFC 2547bis:
VPN instance to VPN instance, also called Inter-Provider Backbones Option A
In Option A, sub-interfaces connecting the Autonomous System Boundary Routers
(ASBRs) manage VPN routes.
EBGP redistribution of labeled VPN-IPv4 routes, also called Inter-Provider
Backbones Option B
In Option B, ASBRs advertise labeled VPN-IPv4 routes to each other through
MP-EBGP.
Multihop EBGP redistribution of labeled VPN-IPv4 routes, also called Inter-Provider
Backbones Option C
In Option C, PEs advertise labeled VPN-IPv4 routes to each other through Multihop
MP-EBGP.
Multicast VPN
IPv6 VPN
The NE40E supports the following IPv6 VPN networking solutions:
Intranet VPN
Extranet VPN
Hub&Spoke
Inter-AS or multi-AS backbones VPN
Carriers' carrier
HoVPN
Resource reservation VPN (RRVPN)
Multi-role host
7.6 QoS
On the NE40E, you can collect traffic statistics on the packets on which QoS is performed and
view the statistics result through corresponding display commands.
The NE40E supports the following QoS functions:
Diff-Serv Model
Multiple service flows can be aggregated into a Behavior Aggregate (BA) and then processed
based on the same Per-Hop Behavior (PHB). This simplifies the processing and storage of
services.
On the Diff-Serv core network, packet-specific QoS is provided. Therefore, signaling
processing is not required.
Traffic Policing
CAR is mainly used for rate limit. In the implementation of CAR, a token bucket is used to
measure the data flows that pass through the interfaces on a router so that only the packets
assigned with tokens can go through the router in the specified time period. In this manner,
the rates of both incoming and outgoing traffic are controlled. In addition, the rate of certain
types of data flows can be controlled based on the information such as the IP address, port
number, and priority. Rate limit is not performed on the data flows that do not meet the
specified conditions, and such data flows are forwarded at the original interface rate.
CAR is mainly implemented at the edge of a network to ensure that core devices on the
network process data properly. The NE40E supports CAR for both incoming and outgoing
traffic.
Queue Scheduling
The NE40E supports FIFO, PQ, and WFQ for queue scheduling on interfaces.
The NE40E maps packets of different priorities to different queues and adopts Round Robin
(RR) on each interface for queue scheduling.
Priority Queues (PQs) are classified into four types: top PQs, middle PQs, normal PQs, and
bottom PQs. They are ordered in descending order of priorities. When packets leave queues,
PQ allows the packets in the top PQ to go first. Packets in the top PQ are sent as long as there
are packets in this PQ. The NE40E sends packets in the middle PQ only when all packets in
the top PQ are sent. Similarly, the NE40E sends packets in the normal PQ only when all
packets in the middle PQ are sent; the NE40E sends packets in the bottom PQ only when all
packets in the normal PQ are sent. As a result, the packets in the PQ of a higher priority are
always sent preferentially, which ensures that packets of key services are processed
preferentially when the network is congested. Packets of common services are processed
when the network is idle. In this manner, the quality of key services is guaranteed, and the
network resources are fully utilized.
Weight Fair Queuing (hereinafter referred to as WFQ) is a complex queuing process, which
ensures that the services with the same priority are fairly treated and the services with
different priorities are weighted. The number of WFQ queues can be pre-set and is allowed to
range from 16 to 4096. WFQ weights services based on their requirements for the bandwidth
and delay. The weights are determined by the IP precedence in the IP packet headers. With
WFQ, the NE40E implements dynamic traffic classification based on quintuples or ToS
values. The packets with the same quintuple (source IP address, destination IP address, source
port number, destination port number, and protocol number) or ToS value belong to the same
flow. Packets in one flow are placed in one queue through the Hash algorithm. When flows
enter queues, WFQ automatically places different flows into different queues based on the
Hash algorithm. When flows leave queues, WFQ allocates bandwidths to flows on the
outbound interface based on different IP precedence of the flows. The smaller the precedence
value of a flow, the smaller the bandwidth of the flow. In this manner, services of the same
precedence are treated fairly; services of different precedence are treated based on their
weights.
Congestion Avoidance
Congestion avoidance is a traffic control mechanism used to avoid network overload by
adjusting network traffic. With this mechanism, the NE40E can monitor the usage of network
resources (such as queues and buffers in the memory) and discard packets when the network
congestion intensifies.
Random Early Detection (RED) or Weighted Random Early Detection (WRED) algorithms
are frequently used in congestion avoidance.
The RED algorithm sets the upper and lower limits for each queue and specifies the following
rules:
When the length of a queue is below the lower limit, no packet is discarded.
When the length of a queue exceeds the upper limit, all the incoming packets are
discarded.
When the length of a queue is between the lower and upper limits, the incoming packets
are discarded randomly. A random number is set for each received packet, and the
random number is compared with the drop probability of the current queue. The packet
is discarded when the random number is larger than the drop probability. The longer the
queue, the higher the drop probability. The drop probability, however, has an upper limit.
Unlike RED, the random number in WRED is based on the IP precedence of IP packets.
WRED keeps a lower drop probability for the packets that have a higher IP precedence.
RED and WRED employ the random packet drop policy to avoid global TCP synchronization.
The NE40E adopts WRED to implement congestion avoidance.
The NE40E supports congestion avoidance in both inbound and outbound directions of an
interface. The WRED template is applied in the outbound direction; the default scheduling
policy in the system is applied in the inbound direction. In addition, WRED can be applied to
the Multicast Tunnel interface (MTI) that is bound to the distributed multicast VPN on the
NE40E.
The NE40E supports congestion avoidance based on services. The NE40E reserves on each
interface eight service queues, that is, BE, AF1, AF2, AF3, AF4, EF, CS6, and CS7. The
NE40E colors packets with red, yellow, and green to identify the priorities of packets and
discard certain packets.
HQoS
The NE40E supports the following HQoS functions:
Provides five levels of scheduling modes to ensure diverse services.
Sets parameters such as the maximum queue length, WRED, low delay, SP/WRR, CBS,
PBS, and statistics function for each queue.
Sets parameters such as the CIR, PIR, number of queues, and algorithm for scheduling
queues for each user.
Provides the traffic statistics function. Users can learn the bandwidth usage of services
and properly distribute the bandwidth by analyzing traffic.
Supports HQoS in the VPLS, L3VPN, VLL, and TE scenarios.
Supports interface-based, VLAN-based, user-based, and service-based HQoS.
QPPB
QPPB is the abbreviation of QoS Policy Propagation Through the Border Gateway Protocol.
The receiver of BGP routes performs the following operations:
Sets QoS parameters such as IP precedence and traffic behavior for a BGP route based
on the attributes of the route.
Classifies traffic according to QoS parameters and sets the QoS policy for the classified
traffic.
Forwards packets according to the locally configured QoS policies to propagate QoS
policies through BGP.
The receiver of BGP routes can set QoS parameters (IP precedence and associated traffic
behavior) based on the following attributes:
ACL
AS path list in routing information
Community attribute list in routing information
Metrics in routing information
IP prefix list
Mapping the 802.1p value in the inner VLAN tag to the 802.1p value in the outer
VLAN tag. The 802.1p values in multiple inner VLAN tags of different packets can
be mapped to the 802.1p value in one outer VLAN tag; whereas the 802.1p value in
one inner VLAN tag cannot be mapped to the 802.1p values in multiple outer VLAN
tags of different packets.
MPLS HQoS
MPLS QoS is a complete L2VPN/L3VPN QoS solution. It resorts to various QoS techniques
to meet the diversified and delicate QoS demands of VPN users. MPLS QoS provides relative
QoS on the MPLS Diff-Serv network and end-to-end QoS on the MPLE TE network. In
actual applications, the following QoS policies are supported.
QPPB applied to an L3VPN
MPLS Diff-Serv applied to an L2VPN/L3VPN
MPLS TE applied to an L2VPN/L3VPN
MPLS DS-TE applied to an L2VPN/L3VPN
VPN-based QoS applied to the network side of an L2VPN/L3VPN
links with low bandwidth are overloaded whereas links with high bandwidth are idle
does not exist.
The NE40E can balance traffic between physical interfaces or between physical interfaces and
logical interfaces. In addition, the NE40E can detect the changes of logical interface
bandwidth due to manual configuration of new member links or the status changes of member
links. When the bandwidth of a logical interface changes, traffic is automatically
load-balanced based on the new bandwidth proportion.
Statistics on the number of forwarding packets, bytes, and discarded packets of a user
queue which includes eight flow queues of different priorities
Statistics on the number of forwarded packets, bytes, and discarded packets of a user
group queue
Statistics on the number of forwarded packets, bytes, and discarded packets of eight
queues of different priorities on an interface
On an IP RAN network deployed with a large number of devices, the device deployment costs,
especially the costs of on-site software commissioning, are high. This greatly harms the
growth of profits. To address this issue, Huawei puts forward the PNP solution.
The PNP feature effectively reduces the on-site software commissioning time, frees engineers
from working in bad outdoor environments, and greatly speeds up the project process and
improves project quality.
Y.1731
Y.1731 supports the following functions:
Single-ended frame loss statistics collection, two-ended frame loss statistics collection,
one-way frame delay, two-way frame delay and one-way jitter
MPLS TP OAM
MPLS TP OAM supports the following functions:
Basic connectivity detection
LoopBack (LB)
Link Trace (LT)
Remote Defect Indication (RDI)
AIS
Single-ended frame loss statistics collection and two-ended frame loss statistics
collection
One-way frame delay and two-way frame delay
APS
The NE40E supports the following Automatic Protection Switching (APS) functions:
1+1 unidirectional mode and 1:1 bidirectional mode
Manual switching of APS groups
Forcible switching of APS groups
Locking of traffic on the working link of an APS group
Interface-based APS
Intra-LPU or inter-LPU APS
Inter-device APS, that is, Enhanced APS (E-APS)
Addition of the working and protect interfaces of an APS group to a trunk so that all
services are configured on the trunk
FRR
The NE40E provides multiple fast reroute (FRR) features. You can deploy FRR as required to
improve network reliability.
IP FRR
FRR switching can be complete in 50 ms. In this manner, the data loss caused by
network failures is minimized to a great extend.
FRR supported by the NE40E enables the system to monitor and save the status of LPUs
and interfaces in real time and to check the status of interfaces during packet forwarding.
When faults occur on an interface, the system can rapidly switch the traffic to another
pre-set route, thus reducing time between failures and the packet loss ratio.
LDP FRR
LDP FRR switching can be complete in 50 ms.
TE FRR
TE FRR is an MPLS TE technology used to protect local networks. Only the interfaces
with a transmission rate of over 100 Mbit/s support TE FRR. TE FRR switching can be
complete within 50 ms. It can minimize data loss when network failures occur.
TE FRR protects traffic only temporarily. When the protected LSP becomes normal or a
new LSP is established, traffic is switched back to the original protected LSP or the
newly established LSP.
When a link or a node on the LSP fails, traffic is switched to the protection link and the
ingress node of the LSP attempts to establish a new LSP, if an LSP is configured with TE
FRR.
With different protected objects, TE FRR is classified into the following types:
Link protection
Node protection
Auto FRR
Auto FRR is an extension of MPLS TE FRR. It automatically creates a bypass tunnel
that meets the requirements for the LSP through the configuration of the attributes of the
bypass tunnel, global auto FRR attributes, and interface-based auto FRR attributes on the
interface of the primary tunnel. When the primary tunnel changes to another path, the
previous bypass tunnel is automatically deleted. Then, a bypass tunnel that meets the
requirements is set up.
VLL FRR
By using performance management tools, the ISP can monitor the network status in real time
through the NMS. The ISP then check whether the forwarding capacity of the network
complies with the Service Level Agreement (SLA) signed with users and locate faults. The
ISP does not need to carry out detection on the user side, which greatly decreases maintenance
costs.
VRRP
VRRP dynamically associates the virtual router with a physical router that carries services.
When the physical router fails, another router is elected to take over services. Failover is
transparent to users and thus the internal network and the external network can communicate
without interruption.
The NE40E supports the following VRRP functions:
mVRRP
VGMP
E-VRRP
VRRP For IPv6
GR
Graceful Restart (GR) is a key technology in implementing HA. It is designed based on NSF.
GR switchover and subsequent restart can be performed by the administrator or triggered by
faults. GR neither deletes the routing information from the routing table or the FIB nor resets
the board during the switchover when faults occur. This prevents the service interruption of
the entire system.
The NE40E supports system-level GR and protocol-level GR. Protocol-based GR includes:
BGP GR
OSPF GR
IS-IS GR
MPLS LDP GR
Martini VLL GR
Martini VPLS GR
L3VPN GR
RSVP GR
PIM GR
BFD
BFD is a detection mechanism used uniformly in an entire network. It is used to rapidly detect
and monitor the connectivity of links or IP routes in a network.
BFD sends detection packets at both ends of a bidirectional link to check the link status in
both directions. The defect detection is implemented at the millisecond level. The NE40E
supports single-hop BFD and multi-hop BFD.
BFD of the NE40E supports the following applications.
BFD for VRRP
The system uses BFD to detect and monitor the connectivity of links or IP routes in a
network. The rapid VRRP switchover is thus triggered.
BFD for FRR
BFD for LDP FRR.
LDP FRR switchover is triggered after BFD detects faults on protected interfaces.
BFD for IP FRR and BFD for VPN FRR.
IP FRR and VPN FRR are triggered after BFD detects faults and reports fault
information to the upper layer applications.
BFD for static routes
BFD for IS-IS
The NE40E supports detection on the IS-IS adjacency by using the BFD session that is
configured statically.
BFD detects the fault of the link between the adjacent IS-IS nodes and rapidly reports the
fault to IS-IS. Thus fast convergence of IS-IS routes is performed.
BFD for OSPF/BGP
The NE40E supports OSPF and BGP in dynamically setting up and deleting the BFD
session.
BFD for PIM
BFD detection on IP-Trunks and Eth-Trunks
On the NE40E, BFD can detect a trunk and the member links of the trunk independently.
That is, it can detect the connectivity of the trunk and that of an important member link
of the trunk.
BFD for LSP
BFD for LSP performs fast fault detection of the LSP, the TE tunnel, and the PW. In this
manner, BFD for LSP implements fast switchover of MPLS services such as VPN FRR,
TE FRR, and VLL FRR.
BFD for Dot1q sub-interface
BFD for mVSI
Multi-hop BFD
BFD For IPv6
BFD for OSPFv3, BFD for ISISv6, BFD for BGP4+, and BFDv6 for default IPv6
BFD for VPLS PW
BFD for VPLS/VLL PW
VPLS over LDP FRR/FW unicast
7.11 Clock
The NE40E supports the following clock features:
CES ACR
CES DCR
Ethernet clock synchronization
The Ethernet interfaces on the LPUF-10 and LPUF-21 of theNE40E provide Ethernet
clock synchronization so that the clock quality and stratum of the network can be
guaranteed.
1588v2
The 1588v2 feature:
Supports the input and output of the externally synchronized time.
Supports 10M/100M/1000M/10G Ethernet interfaces and auto sensing of
10M/100M/1000M Ethernet interfaces.
Supports Eth-Trunk.
Supports OC, BC, E2ETC, P2PTC, E2ETCOC, P2PTCOC and TCandBC.
Allows the NE40E to function as a GrandMaster.
Supports slave-only when functioning as an OC.
Supports the dynamic BMC algorithm.
Supports two delay measurement methods: Delay and PDelay
Supports one-step mode and two-step mode in which 1588v2 packets that are used by
1588v2 devices to perform time synchronization are timestamped..
Supports multicast MAC encapsulation (the VLAN and 802.1p priority are
configurable).
Supports multicast UDP encapsulation (the source IP address, VLAN, and DSCP
priority are configurable).
Supports unicast MAC encapsulation (the destination MAC, VLAN, and 802.1p
priority are configurable).
Supports unicast UDP encapsulation (the source IP address, destination IP address,
destination MAC, VLAN, and DSCP priority are configurable).
Uses the clock recovered through the Precision Time Protocol (PTP) as the clock
source and supports the algorithm for dynamic clock source selection (based on the
priority and clock stratum).
Implements clock recovery that complies with G.813.
Implements frequency recovery that meets the requirements of the SDH equipment
clock (SEC) in G.823.
1588 ACR
Supports frequency synchronization only.
Supports the change of selected clock sources.
Supports unicast UDP encapsulation (and the DSCP field).
Complies with Recommendation G.8261 in terms of service modeling and
networking and performs clock recovery with accuracy that is prescribed by G.823.
Supports 1588v2 header overlapping without affecting forwarding capabilities.
Supports switchover between master and slave MPUs/SRUs without affecting
services.
Supports hot swapping of LPUs and sub-cards.
Supports clock synchronization.
The NE40E supports clock synchronization on CPOS interfaces, E1 interface, and WAN
interfaces to ensure high clock quality and stratum on the network.
Network Time Protocol (NTP) clock
The NE40E supports the following working modes of NTP:
Server/client mode
Peer mode
Broadcast mode
Multicast mode
The NE40E supports two NTP security mechanisms:
Access authority
The NE40E provides four levels of access control. After receiving an NTP access
request packet, the NE40E matches it from the lowest access control level to the
highest access control level. The first successfully matched access control level takes
effect. The matching order is as follows:
peer: indicates the minimum access control. The remote end can send a time request
and a control query to the local end. The local clock can also be synchronized with
the clock of the remote server.
server: indicates that the remote end can send a time request and a control query to
the local end. The local clock, however, is not synchronized with the clock of the
remote server.
synchronization: indicates that the remote end can only send a time request to the
local end.
query: indicates the maximum access control. The remote end can only send a control
query to the local end.
Authentication
When configuring NTP authentication, note the following rules:
The NTP authentication must be configured on both the client and the server; otherwise,
the authentication does not take effect. If NTP authentication is enabled, keys must be
configured and declared reliable.
The server and the client must be configured with the same key.
Internal clock
The NE40E provides an internal clock and can extract clock information from LPUs.
The clock precision reaches 4.6 ppm, that is, 0.00002s.
Extended SSM
The NE40E supports the following functions:
Sending and receiving of SSM information carrying Clock IDs
Clock ID configuration for a clock source
Clock source selection based on extended SSM
8 Security Features
Security Authentication
The NE40E supports the following security authentication functions:
AAA
Plain text authentication and MD5 encrypted text authentication supported by routing
protocols that include RIPv2, OSPF, IS-IS, and BGP
MD5 encrypted text authentication supported by LDP and RSVP
SNMPv3 encryption and authentication
URPF
The NE40E supports URPF for IPv4/IPv6 traffic.
Blackhole entries
Blackhole entries are used to filter out the data frames that contain specific destination
MAC addresses. Blackhole entries are configured by users and delivered to LPUs.
Blackhole entries do not age. After blackhole entries are configured and saved, they will
not be lost in the case of the system reset, LPU hot swap, or LPU reset.
IGMP Snooping
The NE40E supports IGMP snooping on Layer 2 interfaces, Layer 3 interfaces, QinQ
interfaces, STP topologies, RRPP rings, and VPLS PWs.
DHCP Snooping
DHCP snooping is mainly used to prevent DHCP Denial of Service (DoS) attacks, bogus
DHCP server attacks, ARP middleman attacks, and IP/MAC spoofing attacks when DHCP is
enabled on the NE40E.
The working mode of DHCP snooping varies with the attack type, as shown in Table 8-1.
Local URPF
If the route is a local route, the packets must pass URPF check before being sent to the
CPU.
Management and service plane protection
The function is to control protocol packets again at the control layer. Through three-level
policies (interface-level, board-based, and global), management and control plane
protection can flexibly specify the type of protocol packet that can be transmitted an
interface of a device.
Defense against TCP/IP packet attacks
The NE40E provides defense measures against attacks by sending the following types of
packets on TCP/IP networks:
Malformed packets
Null IGMP packets, packets with invalid TCP flag bits, LAND attack packets, IP
packets whose payloads are null, and smurf attack packets.
Fragmented packets
Packets with a huge number of fragments or packets that have a large offset value,
repetitive fragmented packets, tear Drop, syndrop, nesta, fawx, bonk, NewTear, Rose,
ping of death, and Jolt attacks
TCP SYN packet rate limited
UDP flood attack defense
Attack source tracing
When the NE40E is attacked, it obtains and stores suspicious packets, and then displays
the packets in a certain form through command lines or offline tools. This helps locate
the attack source easily.
When attacks occur, the system automatically removes the data encapsulated at upper
layers of the transmission layer and then caches the packets in memory. When there are a
certain number of packets in the cache, for example, 20000 packets on each LPU, the
earliest cached packets are overridden when more packets are cached.
GTSM
On the current network, attackers forge valid packets to attack routers, which overloads the
routers and consumes limited resources such as the CPU on the MPU. For example, an
attacker forges BGP protocol packets and continuously sends them to a router. After the LPU
of the router receives the packets, it finds that the packets are destined to itself and then sends
the packets directly to the BGP processing module on the MPU without checking the validity
of the packets. As a result, the system is abnormally busy processing these forged valid
packets and the CPU usage is high.
To guard against the preceding attacks, the NE40E provides the Generalized TTL Security
Mechanism (GTSM). The GTSM protects services above the IP layer by checking whether
the TTL value in the IP header is within a specified range. In actual applications, the GTSM is
mainly used to protect the TCP/IP-based control plane such as the routing protocol against
attacks of the CPU-utilization type such as CPU overload.
The NE40E supports BGP GTSM, BGP+ GTSM, OSPF GTSM, and LDP GTSM.
Local Mirroring
In local mirroring, an LPU can be configured with a physical observing port, multiple logical
observing ports, and multiple mirrored ports.
Local mirroring can be inter-LPU mirroring, which means that the observing port and
mirrored port reside on different LPUs. Inbound and outbound traffic mirroring is supported
in inter-board port mirroring
Mirroring between different types of interfaces is supported.
SSHv2
The NE40E supports the STelnet client and server and the SFTP client and server. Both
support SSH 1.5 and SSH 2.0.
Regulation Compliance
The NE40E complies with the following energy conservation and emission reduction
regulations:
Directive 2002/95/EC on the Restriction of the Use of certain Hazardous Substances in
Electrical and Electronic Equipment (RoHS)
Regulation (EC) No 1907/2006 concerning the Registration, Evaluation, Authorization
and Restriction of Chemicals (REACH)
Directive 2002/96/EC on waste electrical and electronic equipment (WEEE)
ATIS-0600015.03.2009 Energy Efficiency for Telecommunications Equipment:
Methodology for Measurement and Reporting for Router and Ethernet Switch Products
Directive 2009/125/EC establishing a framework for the setting of ecodesign
requirements for energy-related products (recast)
10 Applicable Environment
Distribution I n t ernet
node
BRAS Internet
DSLAM
CMTS Aggregafion P/PE
Node
P/PE SoftX
VoD ES
Distribution P/PE
node
AccSwitch PE VoD CS
The convergence layer device accesses and forwards the services through the IP or MPLS
technologies. Personal services are accessed to the convergence node through the DSLAM,
and corporate services are converged at Layer 2 through a switch or are directly accessed to
the convergence node.
DSLAM: is short for the Digital Subscriber Line Access Multiplexer that accesses the
personal services through the permanent virtual circuit (PVC). The DLSAM adds the
VLAN or QinQ tag based on the types of users and services, and is generally connected
to the aggregation node.
Switch: refers to the access switch that converges the Layer 2 corporate services to the
aggregation node.
Aggregation node: refers to the aggregation node connected to the distributed service
node (PE). The aggregation node distinguishes the VLAN or QinQ user services,
forwards Layer 3 services or VPN services, or transparently transmits services to the
BRAS or the centralized PE through the IP or MPLS technologies.
Distribution node: refers to the distribution node that converges the services in the metro
Ethernet. The distribution node terminates the IP or MPLS technologies and
transparently transmits the services to the BRAS or the centralized PE.
BRAS: refers to a device that processes PPPoE login services of individual users.
PE: refers to the centralized service node, which can also serve as the distribution node.
PE accesses the services that should be converged and processed, such as centralized
L3VPN services.
P/PE: refers to the core forwarding node or the edge node on the backbone network. P or
PE rapidly forwards the services or accesses the services to the backbone network.
The NE40E is applicable to the aggregation node and the distribution node to guarantee the
access of individual services and corporate services.
through different tunnels based on the VLAN or QinQ tag identified at the aggregation
node.
E-LAN: The NE40E at the aggregation node creates the VSI, and forwards the service
data to different VSIs for forwarding after the VLAN or QinQ tag is identified. The
service data can also be accessed to the E-LAN services through H-PVLS, during which
the VSI is created by the distribution node.
L3VPN: The services are accessed to the Virtual Route Forwarding (VRF) at the
aggregation node, or accessed to the centralized service node for VRF forwarding
through HoVPN.
IP RAN Solution
Services of the 2G RAN network, mainly a small number of voice services, are transmitted
over TDM links. Usually one to three E1 interfaces on a BTS are connected to a BSC. Some
mobile carriers do not have fixed network infrastructure, and have to lease E1 lines of
fixed-line networks, which costs a lot. Services between the BTSs and BSCs in the same city
can be transparently transmitted over TDM links in a Metro Ethernet (ME) network.
For a 2G RAN network, a Packet Switching Network (PSN) is constructed through NE40Es
between the BTSs and a BSC. The NE40E is connected to the BTSs in the downstream
through n x E1 links, and to the BSC in the upstream through n x E1 links or 155-Mbit/s
links.
Mobile providers worldwide have been constructing the Radio Access Network (RAN)
continuously. The 2G RAN network is based on TDM/SDH, and thus it has a lower utilization
of bandwidth, is hard to expand, and is inflexible to configure. Therefore, IP RAN is a trend.
UMTS R99/R4 defines ATM as the protocol used during the transmission of the services
between the Node B and RNC, with E1 IMA interfaces connecting the two ends. Figure 10-2
shows the networking diagram.
E1
TD
M*
N CX600
CX600
E1 TDM E1 TDM*N
BSC
MPLS over SDH/ME
CX600 RNC
Node B A) CX600
IM
M
AT
1(
*E Transparent transmission
N
of ATM cells through PWE3
Deploying NE40E on a Metro Ethernet-based MPLS network can solve the problem of
bandwidth multiplexing. Node B is connected to the NE40E that supports E1 IMA interfaces.
After the NE40E terminates IMA, the high-speed ATM cell flow is transparently transmitted
through ATM PWE3 to the NE40E at the RNC side. Then, the NE40E at the RNC side divides
the high-speed ATM cell flow into n x E1 links, and sends multiple channels of low-speed
cells to the RNC. For the Node B and RNC, the NE40E and MPLS network are transparent.
That is, multiple E1 interfaces on the Node B and RNC are directly connected through the
TDM link.
GPS GPS
POS
BC BC
1588v2 1588v2
GE GE
BC BC
FE E1 E1 FE
1588v2 1588v2
In distributed deployment mode, CGN cards are installed on access nodes (BRASs) to provide
the CGN function, which brings no changes to existing aggregation nodes (CRs). Distributed
deployment applies to the networks on which a large amount of services are transmitted on
CRs, a large number of BRASs are connected to CRs, or a large number of devices need to be
deployed or upgraded.
0 Emer A fatal exception occurs on the device. The system is unable to function
gency properly and must be restarted. For example, the device is restarted due to
program exceptions or memory usage errors are detected.
1 Alert A serious exception occurs on the device, which requires immediate
actions. For example, the memory usage of the device reaches the upper
threshold.
2 Critic A critical exception occurs on the device, which needs to be handled and
The information center supports 10 channels, of which channels 0 through 5 each have a
default channel name. By default, the six channels correspond to six directions in which
information is output. The log information on the CF card is output to log files through
Channel 9 by default. This means that a total of seven default output directions are supported.
When multiple log hosts are configured, you can configure log information to be output to
different log hosts through one channel or multiple channels. For example, you can configure
some log information to be output to a log host through Channel 2 (loghost), and some log
information to a log host through Channel 6. In addition, you can change the name of Channel
6 to implement the desired channel management.
The NE40E stores all alarms in a log file, and provides the CF card to store the log file. How
long the alarms can be stored depends on the number of the alarms. Generally, the alarms can
be stored for months.
11.4 HGMP
The NE40E supports the Huawei Group Management Protocol (HGMP). HGMP is a cluster
management protocol developed by Huawei.
HGMP is used to group Layer 2 devices that are connected to the NE40E into a unified
management domain, that is, a cluster. HGMP supports automatic collection of network
topologies and provides integrated maintenance and management channels. In this manner, a
cluster uses only one IP address for external communications, simplifying device management
and saving IP addresses.
11.7 NQA
The NE40E supports Network Quality Analysis (NQA).NQA measures the performance of
different protocols running on the network. In that case, carriers can collect the operation
index of networks in real time, such as:
Total delay of the HTTP
Delay in TCP connection
Delay in DNS resolution
File transmission speed
Delay in FTP connection
DNS resolution error rate.
Taking control of these indexes, carriers can provide network services of different levels
and charge differently. NQA is also an effective tool for diagnosing and locating a
network fault.
NQA supports the following functions:
PWE3 traceroute
Multicast ping
Multicast traceroute
Traceroute function through DISMAN-TRACEROUTE-MIB
Ping/UDP/TCP/SNMP functions through DISMAN-PING-MIB
CE-ping (ping the host from a VPLS PW)
VPLS MAC ping and VPLS MAC trace
VPLS MAC purge and VPLS MAC populate
LSP ping, LSP tracerout, and MPLS jitter
Verification of DNS functions through DISMAN-NSLOOKUP-MIB
NMS management over all NQA functions through NQA-MIB
Transmission of consecutive 3000 simulated voice packets in one test
Minimum transmission intervals at 10 ms
NQA for multiple next hops in packet redirection
The rollback function provided by the NE40E prevents the services from being affected by
the failure in system upgrade.
11.10 License
With the variation of the NE40E software functions and higher ratio of software cost
occupying the overall cost, the current service mode cannot satisfy the development
requirements of customers and carriers.
Common users need to reduce the purchase cost.
Upgrade and expansion users need to effectively control the capacity and functions.
To satisfy the requirements of different users, the NE40E needs to implement the flexible
authorization to service modules.
For the authorization control of service modules, the NE40E provides the License
authorization management platform . Through the License authorization mode:
Common users can purchase service modules as required and reduce the purchase cost.
Upgrade and expansion users can expand the capacity, and support and maintain the
functions by applying for a new License.
12 NMS
SNMP
The NE40E supports device operation and management by the network management station
through SNMP.
The NE40E supports SNMPv1, SNMPv2c, and SNMPv3.
SNMPv1
SNMPv1 supports community name-based and MIB view-based access control.
SNMPv2c
SNMPv2c supports community name-based and MIB view-based access control.
SNMPv3
SNMPv3 inherits the basic functions of SNMPv2c, defines a management frame, and
introduces a User-based Security Model (USM) to provide a more secure access control
mechanism for users.
SNMPv3 supports user groups, user group-based access control, user-based access
control, and authentication and encryption mechanisms.
NMS
The NE40E adopts Huawei iManager U2000 network management system. The U2000
improves its management capability, scalability, and usability to construct a unified and
customer-oriented next-generation NMS.
Unified and Abundant NBIs
Unified NBIs enable the U2000 to manage transport equipment, access equipment, IP
equipment.
Abundant NBIs (XML, CORBA, SNMP, TLI, TEXT, and Customer OSS Test) address
the needs for OSS integration.
Unified Network Management
The U2000 manages transport equipment, access equipment, IP equipment in a unified
manner.
In addition, the U2000 manages end-to-end (E2E) services. The services include MSTP,
WDM, Microwave, PTN, ATN, CX, Router, and Switch services.
LLDP
The Link Layer Discovery Protocol (LLDP) is a Layer 2 protocol defined in IEEE 802.1ab.
LLDP specifies that the status information is stored on all interfaces and the device can send
its status to the neighbor stations. The interfaces can also send information about changes in
the status to the neighbor stations as required. The neighbor stations then store the received
information in the standard SNMP MIB. The NMS can search for Layer 2 information in the
MIB. As specified in the IEEE 802.1ab standard, the NMS can also discover unreasonable
Layer 2 configurations based on information provided by LLDP.
When LLDP runs on the devices, the NMS can obtain Layer 2 information about all the
devices to which it connects and detailed network topology information. This is helpful to the
rapid expansion of the network and acquirement of detailed network topologies and changes.
LLDP also helps discover unreasonable configurations on networks and reports the
configurations to the NMS. This removes incorrect configurations in time.
A
AAA Authentication, Authorization and Accounting
AAL5 ATM Adaptation Layer 5
AC Access Controller
ACL Access Control List
AF Assured Forwarding
ANSI American National Standard Institute
AP Access Point
ARP Address Resolution Protocol
ASBR Autonomous System Boundary Router
ASIC Application Specific Integrated Circuit
ATM Asynchronous Transfer Mode
AUX Auxiliary (port)
B
BE Best-Effort
BGP Border Gateway Protocol
BGP4 BGP Version 4
BoD Bandwidth on Demand
C
CAR Committed Access Rate
CBR Constant Bit Rate
CE Customer Edge
D
DAA Destination Address Accounting
DC Direct Current
DHCP Dynamic Host Configuration Protocol
DNS Domain Name Server
DS Differentiated Services
E
EACL Enhanced Access Control List
EF Expedited Forwarding
EMC EElectroMagnetic Compatibility
F
FCC Fast Channel Change
FE Fast Ethernet
FEC Forwarding Equivalence Class
FIB Forward Information Base
FIFO First In First Out
FR Frame Relay
FTP File Transfer Protocol
G
GE Gigabit Ethernet
GRE Generic Routing Encapsulation
GTS Generic Traffic Shaping
HA High availablity
HDLC High level Data Link Control
HTTP Hyper Text Transport Protocol
I
iVSE Integrated Value-added Service Engine
ICMP Internet Control Message Protocol
IDC Internet Data Center
IEEE Institute of Electrical and Electronics Engineers
IETF Internet Engineering Task Force
IGMP Internet Group Management Protocol
IGP Interior Gateway Protocol
IP Internet Protocol
IPoA IP Over ATM
IPTN IP Telephony Network
IPTV Internet Protocol Television
IPv4 IP version 4
IPv6 IP version 6
IPX Internet Packet Exchange
IS-IS Intermedia System-Intermedia System;
ISP Interim inter-switch Signaling Protocol
ITU International Telecommunication Union - Telecommunication
Standardization Sector
L
L2TP Layer 2 Tunneling Protocol
LAN Local Area Network
LCD Liquid Crystal Display
LCP Link Control Protocol
LDP Label Distribution Protocol
LER Label switching Edge Router
LPU Line Processing Unit
LSP Label Switched Path
N
NAT Network Address Translation
NLS Network Layer Signaling
NP Network Processor
NTP Network Time Protocol
NVRAM Non-Volatile Random Access Memory
O
OSPF Open Shortest Path First
P
PAP Password Authentication Protocol
PBB Provider Backbone Bridge
PE Provider Edge
PFE Packet Forwarding Engine
PIC Parallel Interference Cancellation
PIM-DM Protocol Independent Multicast-Dense Mode
PIM-SM Protocol Independent Multicast-Sparse Mode
POP Point Of Presence
Q
QoE Quality of Experience
QoS Quality of Service
R
RADIUS Remote Authentication Dial in User Service
RAM Random-Access Memory
RED Random Early Detection
RFC Requirement for Comments
RH Relative Humidity
RIP Routing Information Protocol
RMON Remote Monitoring
ROM Read Only Memory
RP Rendezvous Point
RSVP Resource Reservation Protocol
RSVP-TE RSVP-Traffic Engineering
S
SAP Service Advertising Protocol
SCSR Self-Contained Standing Routing
SDH Synchronous Digital Hierarchy
SDRAM Synchronous Dynamic Random Access Memory
SFU Switch Fabric Unit
SLA Service Level Agreement
SNAP SubNet Attachment Point
SNMP Simple Network Management Protocol
SONET Synchronous Optical Network
SP Strict Priority
SPI4 SDH Physical Interface
SSH Secure Shell
STM-16 SDH Transport Module -16
SVC Switching Virtual Connection
T
TCP Transfer Control Protocol
TE Traffic Engineering
TFTP Trivial File Transfer Protocol
TM Traffic Manager
ToS Type of Service
TP Topology and Protection packet
U
UBR Unspecified Bit Rate
UDP User Datagram Protocol
UNI User Network Interface
UTP Unshielded Twisted Pair
V
VBR-NRT Non-Real Time Variable Bit Rate
VBR-RT Real Time Variable Bit Rate
VC Virtual Circuit
VCI Virtual Channel Identifier
VDC Variable Dispersion Compensator
VLAN Virtual Local Area Network
VLL Virtual Leased Line
VPI Virtual Path Identifier
VPLS Virtual Private LAN Service
VPN Virtual Private Network
VRP Versatile Routing Platform
VRRP Virtual Router Redundancy Protocol
W
WAN Wide Area Network
WFQ Weighted Fair Queuing
WRED Weighted Random Early Detection
WRR Weighted Round Robin