introduction - comten.cl · superior qos processing separating the traffic management (tm) from the...
TRANSCRIPT
Introduction
Huawei Quidway NetEngine40E Universal Switching Router (abbreviated as NE40E) is a kind of edge router with the 10G
interface developed by Huawei Technologies Co., Ltd. Adopting a series of advanced technologies such as three-stage
switching fabric, network processors (NP) and ASIC Chipsets for forwarding engine, and the mature, stable VRP... routing
software of Huawei, the NE40E can provide unprecedented performance, preeminent scalability and high reliability, IPV4/
V6 dual protocol stacks, superior QoS features and abundant security functionality. The NE40E can provide rich edge
features like Provide Edge (PE), tunnels and queues, and kinds of high-density Line Processing Units (LPU). It features
large capacity, high performance and high reliability. With the excellent hardware and software architectures, the NE40E
can meet the availability requirements and the multi-service demands of carrier-class networks.
HU
AW
EI
TE
CH
NO
LO
GI
ES
1
Q u i d w a y ® N e t E n g i n e 40EUSR
Figure 1-1 NE40E
Uncompromising Performance for 10G Interface
The NE40E applies an advanced hardware forwarding technique. A single chassis supports the non-blocking, full-line-rate
switching of up to 8 10G-interfaces. The switching capacity can reach 320G, the forwarding capacity of the system can be
200 Mpps(packet per second), and the backplane capacity can achieve 1.28 T.
IPv4/v6 Dual Protocol Stacks
The NE40E supports both IPv4 and IPV6 protocol stacks and can work in the IPv4/IPv6 dual-stack mode.
Provide all IPv6 features and solutions for smooth transition from IPv4 networks to IPv6 networks.
Support IPv6 over IPv4 tunnel techniques: manually configured tunnel, automatic tunnel, GRE tunnels and 6to4 tunnel.
Compatibility and Expansion Capacity
The NE40E provides powerful compatibility and expansion capacity and supports smooth expansion as follows:
The NE40E is compatible with all LPUs (Line processing Unit) of the 10G NE5000E and NE80E core routers. It is
compatible with the high-density low-speed LPUs of the NE80 and NE40 routers through Fabric Adapter (FAD) boards.
The capacity of the backplane of the NE40E is 1.28T and can expand to 32 10G-interfaces, which reserves enough
bandwidth for future smooth expansion.
The NE40E forwards services through the Network Processor (NP), which is flexible in programming. You can add some
services by installing relevant software.
Designed with separated Traffic Management (TM) from the Packet Forwarding Engine (PFE), the NE40E supports two
PFEs, namely ASIC and NP, in order to satisfy various applications.
Carrier-Class Reliability
NE40E can meet the high reliability requirements for the carrier-class and high-end applications with the following features.
Adopting hot swappable boards, power modules and fans.
Providing the key modules redundant, such as: Router Processing Unit (SRU, 1+1), Switch fabric unit (SFU, 3+1), power
supply, fan modules, bus, and clocks.
Adopting the distributed hardware forwarding.
Separating the control channel from the service channel to provide a non-blocking control channel.
Possessing perfect system/board fault detection, LEDs, and NMS alarm function.
Applies the generic integrated NMS platform which is independently developed by HUAWEI.
Supports protection mechanisms such as IP/MPLS fast rerouting, interface automatic protection switching(APS/MSP),
Virtual Routing Redundancy Protocol (VRRP), RPR automatic protection switching.
2
Product Features
Superior QoS processing
Separating the traffic management (TM) from the packet forwarding engine (PFE), the NE40E can effectively control
Bandwidth, delay, jitter, and packet loss by its QoS features; the buffering mechanism on both upstream and downstream
results in a low packet drop rate. In addition, the NE40E also features that:
MPLS QoS is independent of IP QoS by individual queuing management mechanisms.
PQ and WRR/WFQ not only guarantee the fair dispatching but also ensure that high-precedence services are served
first.
Three-stage switching fabric is based on the Combined Input and Output Queuing (CIOQ), which guarantees the non-
blocking switching.
Flow-based dispatching facilitates the MPLS TE and supports the Diff-Serv and Inter-Serv.
Eight precedence queues per physical port prevent the high-precedence traffic from being interfered.
Independent Traffic Management processing module based on ASIC and NP provides the stable QoS performance.
Security Guarantee
The NE40E takes a serial of security measures for the data of Internet Service Provider (ISP) networks and end users. The
measures can prevent Denial of Service (DoS) attacks, illegal accesses, and control plane overload. The distributed
architecture separates the data plane from the control plane, which makes the NE40E provide the leading security feature:
Supporting two kinds of user authentication modes for logging in: local authentication and RADIUS/TACACS authentication.
Secure Shell (SSH) for the authentication and end-to-end encryption.
Integration with SSH based on Authentication, Authorization and Accounting (AAA).
EACL (Enhanced ACL) -based packet filtering.
Hardware-based packet filtering and sampling to implement the high performance and scalability.
Multiple authentication methods (plain text authentication, MD5) for important routing protocols (IS-IS, RIP, BGP-4,
OSPF).
ACL on the forwarding plane and control plane.
Rate-limit for each interface/ACL entry.
Port mirroring of IP and MPLS traffic.
HU
AW
EI
TE
CH
NO
LO
GI
ES
3
Software Specifications
Item Description
Performance Forwarding capability of IPv4 packets: wire speed forwarding for various interfaces
Forwarding capability of IPv6 packets: wire speed forwarding for various interfaces
Packet forwarding rate reaches 200Mpps/single chassis system
Layer 2 Protocol LAN protocol: Ethernet II, Ethernet SNAP, Ethernet SAP, LACP (IEEE 802.3ad), 802.3z,
802.3ae
WAN protocol: PPP, MP, HDLC,POS, ATM
Layer 2 VLAN forwarding, VLAN aggregation, VLAN Trunk, L2QoS, STP/RSTP/MSTP,
VLAN Translation, Port Binding and VPLS (Virtual Private LAN Service)
IPV4 Routing Static routing
Protocol Support for RIP, OSPF, IS-IS, and BGP-4 routing protocols
All ports can provide wire speed forwarding under complex routing environments such as
routing flapping
IPV6 Routing Protocol Support for the Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6)
dual protocol stacks
Support for basic transition technologies from IPv4 to IPv6: manually configuration tunnels,
automatic configuration tunnels, 6to4 tunnels, GRE tunnels, hardware-support NAT-PT, etc
IPV6 static routing
Dynamic routing protocols: BGP4/BGP4+, RIPng, OSPFv3 and ISISv6
QoS Support for simple traffic classification
Support for complex traffic classification: based-on port, based on layer-2, layer-3 or layer-
4 packets
Support for Traffic policing and traffic shaping based on srTCM or trTCM
Support for Diff-Serv EF, AF services, GTS
Support for PQ/CQ/WFQ/CBQ, LLS/LLQ/NLS
Support for RED, WRED
Support for Policy Routing
Support for MPLS QoS
Support for Layer 2 QoS
Specifications
4
Security & Support for AAA, and RADIUS/TACACS
Authentication Support for ACL, and packet filtering firewall
Support for the hierarchical protection of command line to ensure that unauthorized users
cannot invade the router
Provide the record of user access log
Support for Port Mirroring
Support for NetStream
Support for attack defense
Support for unicast Reverse Path Forwarding (uRPF)
MPLS VPN Support for wire speed MPLS forwarding
Support for L2/L3 MPLS VPN and VPLS , can be deployed as provider (P) or provider edge
(PE) router
Support for MPLS TE and FRR
Support for LDP FRR
Support for Layer two tunneling protocol (L2TP)
Support for Generic Routing Encapsulation (GRE)
Support for HoVPN (Hierarchy of VPN)
Support for Multi-role Host
Support for Multicast VPN
All above feature conform to the corresponding IETF standards, and can inter-operation
with other vendors
Multicast Support for Multicast Source Discovery Protocol (MSDP)
Support for Internet Group Management Protocol (IGMP)
Support for Protocol Independent Multicast-Dense Mode (PIM-DM)
Support for Protocol Independent Multicast-Sparse Mode (PIM-SM)
Support for Multi-protocol Border Gateway Protocol (MBGP)
NAT Dedicated NAT service board supports bi-directional Gigabit wire speed network address
translation capability
Each board supports 1,000,000 simultaneous concurrent connections, 200,000 new
connections per second, 500,000 refreshed NAT entries
Support for IPv6/IPv4 NAT-PT
Network Management
Provide two modes for configuration: command line and NMS
HU
AW
EI
TE
CH
NO
LO
GI
ES
5
Support for the inter-operation with HUAWEI carrier-class MPLS VPN Management System
Support for HGMP (Huawei Group Management Protocol)
Support for SNMP V1,V2 and V3 and RMON
Support for SSH
Maintenance Support for automatic fault diagnosis function
Support for implement remote configuration maintenance via AUX
Support for online debug and upgrade
Reliability Router processing unit (SRU) redundancy 1:1
Switching fabric redundancy 3+1
Power module redundancy 1+1
Fan redundancy 1+1
Support for all modules online insertion and removal
Support for MPLS Fast Reroute (FRR)
Support for Nonstop Forwarding(NSF)
Support for RPR self-healing ring for a MAN or long-haul National network
6
Hardware Specifications
Item Description
System Architecture Hardware is composed of an integrated chassis (with a backplane), power module,
ventilation/heat-dissipation system, and boards;
NP-based and ASIC-based distributed forwarding;
CIOQ (Combined Input and Output Queuing) - based three-stage switching fabric to
guarantee the non-blocking switching.
Number of SRU slots 2
SDRAM 1 GMB (It can be extended to 2 GMB)
Number of SFU slots 2
Number of LPU slots 8
Switching capacity 320Gbps
Forwarding capability 200Mpps
Dimensions (W X D X H) 442 mm x 669 mm x 889 mm(22U)
Weight < 200 kg(fully configured); 75 kg (empty)
4.8 kg (LPU),3.4 kg (SRU),1.8 kg (SFU)
Maximum power 3000 W
DC input voltage -38 V to -72 V
AC input voltage 176 V to 275 V
Environmental Long-term °C to 45 °C
temperature Short-term 0 °C to 55 °C
Environmental Long-term 5% to 85% RH, non-condensing
relative humidity Short-term 5% to 95% RH, non-condensing
Altitude No performance degradation within 5000 meters
HU
AW
EI
TE
CH
NO
LO
GI
ES
7
8
ModulesThe NE40E supports the following multifunctional interface modules.
1. Routed Ethernet LPU 16-port 10/100M adaptive Ethernet Electrical Interface LPU
4-port Gigabit Ethernet Optical Interface LPU
10-port Gigabit Ethernet Optical Interface LPU (SFP optical module)
1-port 10G Ethernet Optical Interface LPU (Fixed optical module)
2. Switched Ethernet LPU 24-port 10M/100M/1000M Ethernet Electrical Interface LPU
48-port 10M/100M/1000M Ethernet Electrical Interface LPU
20-port Gigabit Ethernet Optical Interface LPU (SFP optical module)
2-port 10G Ethernet Optical Interface LPU (XFP optical module)
3. POS Optical Interface LPU 8-port STM-1/OC-3c POS Optical Interface LPU (SFP optical module)
1-port STM-16/OC-48c POS Optical Interface LPU (Fixed optical module)
4-port STM-16/OC-48c POS Optical Interface LPU (SFP optical module)
1-port STM-64/OC-192c POS Optical Interface LPU (Fixed optical module)
1-port STM-64/OC-192c POS Optical Interface LPU (XFP optical module)
4. ATM optical LPU 8-port STM-1/OC-3c ATM Optical Interface LPU (Fixed optical module)
5. RPR optical LPU 1-port STM-64/OC-192c RPR Optical Interface LPU (XFP optical module)
6. Others The NE40E is compatible with all LPUs (Line Processing Unit) of the 10G NE5000E and NE80E core routers. It is
compatible with the high-density low-speed LPUs of the NE80 and NE40 routers through Fabric Adapter (FAD)
boards.
HU
AW
EI
TE
CH
NO
LO
GI
ES
9
Applications
Application on Provincial Backbone Network
As shown in Figure 1-2, the core layer of the provincial backbone network is composed of NE5000E/NE80E devices. The
NE40E devices act as the city nodes to converge the traffic from the MAN, leased line convergence, narrowband access,
and Internet Data Center (IDC).
Figure 1-2 Application on provincial backbone network
This solution can be used to establish, expand or reconstruct provincial backbone networks of large Interim inter-switch
Signaling Protocol (ISP). These ISPs own access services and cost advantages, as well as transmission resources. In the
case of transmission resources shortage, the link bandwidth can be reduced accordingly without changing the network
topology. The devices on the convergence layer or above have the wire-speed forwarding capability. The entire network
supports MPLS VPN.
10
Application on IPv6 Backbone Network
Figure 1-3 Application on IPv6 backbone network
The IPv6 application on the backbone network does not impact the original IPv4 services such as IPv4 forwarding and
MPLS VPN. So there are two problems to be solved:
Interconnection between IPv6 islands
Interworking between an IPv6 network and an IPv4 network
To solve these problems, the NE40E provides the following solutions based on IPv6 techniques:
All the routers on the backbone network support IPv4/IPv6 dual stacks. In this case, IPv4 services are forwarded with the
IPv4 technology and IPv6 services are forwarded with the IPv6 technology. Both of the problems can be solved.
The interconnection between IPv6 islands can be implemented through layer-3 tunnels, that is, manually configured
tunnels or 6to4 tunnels. In this solution, the core router needs to support only IPv4 forwarding. The interworking between
an IPv6 network and an IPv4 network can be implemented by configuring the NAT-PT on gateways.
The interconnection between IPv6 islands can be implemented through MPLS layer-2 tunnels by using MPLS L2 VPN
techniques such as VPLS and CCC. In this solution, the core router needs to support only MPLS forwarding. The
interworking between an IPv6 network and an IPv4 network can be implemented by configuring the NAT-PT on gateways.
HU
AW
EI
TE
CH
NO
LO
GI
ES
11
Application on MPLS L2VPN Network
Figure 1-4 Application on MPLS L2VPN network
In this application, the NE5000E/NE80E functions as the MPLS core device to provide the MPLS forwarding function, and
acts as the ASBR for inter-domain communications. The NE40E acts as the PE device to provide VPN users with point-to-
point VLL services and point-to-multipoint VPLS services.
Application on MPLS L3VPN Network
Figure 1-5 Application on MPLS L3VPN network
In this application the NE5000E/NE80E routers serve as P routers in the network core. For the inter-domain VPN application,
the NE40E can act as an ASBR as well as a CE device. As a PE device, the NE40E can also provide the NAT function for
Internet access services.
12
Application of RPR in MAN
Figure 1-6 Application of RPR ring network in MAN
The RPR technology has the fast self-healing feature and can utilize the bandwidth efficiently. The RPR networking is
flexible and simple, and is applicable to the setup of the MAN. In networking, the NE40E or NE80E serves as the core
router to set up the core ring network. The NE40E serves as the router of the convergence layer to set up the access ring
networks that keep tangent with or intersect the core ring network. The core ring network implements large-granularity
traffic scheduling and takes one or two routers as the upstream node.
The NE40E provides high-density downstream GE interface, FE interfaces, as well as other types of interfaces such as
E1/Ce1 interface and E3/T3 interfaces. These interfaces can be directly connected with the Ethernet switch or leased
lines.
Huawei End-to-End Solutions
VoIP Products and SolutionQuidway A8010 Expert VoIP Gateway
Quidway A8010 Mini-Expert VoIP Gateway
Quidway A8010 VoIP GateKeeper
BRASQuidway MA5200G Broadband Intelligent Access Server
Quidway MA5200F Compact Broadband Intelligent
Access Server
Access ServersQuidway A8010 Expert Remote Access Server
Quidway A8010 Mini-Expert Remote Access Server
WLAN Products and SolutionHuawei C9012 WLAN Authentication Server
Quidway W1006E WLAN Access Point
Quidway W1003 WLAN Access Point
Quidway W1003A WLAN Access Point
Quidway WL100M WLAN Cardbus Adapter
Huawei WG202 GPRS+WLAN Combo Card
Network Management SolutioniManager N2000 Datacomm Management System
iManager NSM VPN Manager
iManager NSM QoS Manager
iTellin AAA System
Router SeriesQuidway NetEngine 5000E Terabit Switching Router
Quidway NetEngine 80/80E Core Switching Router
Quidway NetEngine 40/40E Series Universal Switching
Routers
Quidway NetEngine 20/20E Series High-Performance Edge
Routers
Quidway NetEngine 16E/08E/05 Series Multi-Service Edge
Routers
Quidway AR 46 Series Enterprise Core Routers
Quidway AR 28 Series Modular Branch Routers
Quidway AR 18 Series Access Routers
LAN Switch Series Quidway S8500 Series 10G Core Routing Switches
Quidway S8016 Multi-Service Backbone Routing Switch
Quidway S6500 Series Gigabit Routing Switches
Quidway S5516 Gigabit Routing Switch
Quidway S5000 Series Gigabit Intelligent Layer 2 Ethernet
Switches
Quidway S3900 Series Intelligent Routing Switches
Quidway S3500 Series Intelligent Routing Switches
Quidway S3000 Series Intelligent Layer 2 Ethernet Switches
Quidway S2000 Series Enterprise Desktop Switches
Security & VPN ProductsQuidway Eudemon 1000/500/200/100 Series Firewalls
Quidway Eudemon 2000 Series Session Border Conctrollers
Quidway SecPath Series Security Gateways