Manual ZTE ZXR10-5900-serie PDF

ZXR10 5900E
Product Description
ZXR10 5900E Product Description
Version Data Author Approved By Remarks
V1.0 2009-9-10 Wang YanHua Mao yuchyeng Not available for the Third Party
© 2009 ZTE Corporation. All rights reserved.

ZTE CONFIDENTIAL: This document contains proprietary information of ZTE and is not to be
disclosed or used without the prior written permission of ZTE.
Due to update and improvement of ZTE products and technologies, information in this document
is subjected to change without notice.
ZTE Confidential Proprietary © 2009 ZTE Corporation. All rights reserved. I

TABLE OF CONTENTS
1 Overview ..................................................................................................................... 1
2 Equipment Highlights ................................................................................................ 2

2.1 Superior Performance and Capacity ........................................................................... 2
2.2 Enhanced Video Service Experience .......................................................................... 2
2.3 Rich Service Platforms ................................................................................................ 2
2.4 Carrier-Class High Reliability....................................................................................... 2
2.5 Excellent Operation and Maintenance Design ............................................................ 3
2.6 Energy Saving and Environment Protection................................................................ 4
3 Functionality ............................................................................................................... 4
3.1 Basic Services ............................................................................................................. 4
3.1.1 MAC Address Management......................................................................................... 4
3.1.2 VLAN............................................................................................................................ 5
3.1.3 SVLAN ......................................................................................................................... 8
3.1.4 STP .............................................................................................................................. 9
3.1.5 Link Aggregation ........................................................................................................ 10
3.1.6 Basic Ethernet Features ............................................................................................ 11
3.1.7 IGMP Snooping ......................................................................................................... 12
3.1.8 Ipv4 Multicast Route .................................................................................................. 12
3.1.9 Ipv6 Multicast Route .................................................................................................. 12
3.1.10 IPv4/IPv6 Route ......................................................................................................... 13
3.2 Value-Added Service ................................................................................................. 14
3.2.1 Cluster Management ................................................................................................. 14
3.2.2 ZESR Protection ........................................................................................................ 15
3.2.3 ZESS ZTE Ethernet Smart Switch............................................................................. 16
3.2.4 Security Feature ........................................................................................................ 16
3.2.5 TR101 Feature........................................................................................................... 17
3.2.6 VPLS And VPWS....................................................................................................... 17
3.2.7 LDP FRR.................................................................................................................... 18
3.2.8 Support External Alarm Input and Output.................................................................. 18
3.2.9 VCT Technology ....................................................................................................... 19
3.2.10 SFP DOM................................................................................................................... 19
3.2.11 SFlow ......................................................................................................................... 20
3.2.12 ACL ............................................................................................................................ 20
3.2.13 QoS............................................................................................................................ 21
3.2.14 Port Mirroring ............................................................................................................. 25
3.2.15 Traffic Statistics ......................................................................................................... 25
3.2.16 NTP............................................................................................................................ 26
3.2.17 RADIUS ..................................................................................................................... 26
3.2.18 SNMP......................................................................................................................... 26
3.2.19 RMON ........................................................................................................................ 27
3.2.20 DOT1X Authentication ............................................................................................... 27
3.2.21 IPTV ........................................................................................................................... 28
3.2.22 VBAS ......................................................................................................................... 28
3.2.23 ARP............................................................................................................................ 29
3.2.24 DHCP......................................................................................................................... 29
3.2.25 LLDP .......................................................................................................................... 30
3.2.26 UDLD ......................................................................................................................... 31
3.2.27 Stacking Service ........................................................................................................ 33
3.2.28 VRRP ......................................................................................................................... 34
3.2.29 Ethernet OAM ............................................................................................................ 35
ZTE Confidential Proprietary © 2009 ZTE Corporation. All rights reserved. II

3.2.30 Multi-VRP CE............................................................................................................. 39

3.2.31 L2PT .......................................................................................................................... 40
3.2.32 Dual-Port Loop Inspection ......................................................................................... 40
3.2.33 IPFIX .......................................................................................................................... 41
4 System Architecture ................................................................................................ 41

4.1 Product Appearance .................................................................................................. 41
4.1.1 Appearance of ZXR10 5900E Series Products ......................................................... 41
4.2 Hardware Architecture ............................................................................................... 43
4.2.1 Entire Hardware Architecture..................................................................................... 43
4.2.2 Hardware System Working Principle ......................................................................... 43
4.2.3 Introduction of Modules ............................................................................................. 44
4.3 Software Architecture ................................................................................................ 45
4.3.1 Operation Support Subsystem .................................................................................. 46
4.3.2 MUX Subsystem ........................................................................................................ 47
4.3.3 L2 Subsystem ............................................................................................................ 47
4.3.4 L3 Subsystem ............................................................................................................ 48
4.3.5 NM and Operation & Maintenance Subsystem ......................................................... 49
4.4 ZXROS Platform ........................................................................................................ 49
5 Technical Parameters and Specifications ............................................................. 57

5.1 Physical Parameters.................................................................................................. 57
5.2 Basic Performance Indices ........................................................................................ 57
5.3 System Software Attributes ....................................................................................... 59
5.3.1 L2 Attributes............................................................................................................... 59
5.3.2 L3 Attributes............................................................................................................... 60
5.3.3 MPLS ......................................................................................................................... 60
5.3.4 QoS............................................................................................................................ 60
5.3.5 Service Management................................................................................................. 61
5.3.6 Reliability.................................................................................................................... 61
5.3.7 Security ...................................................................................................................... 62
5.3.8 Operation and Maintenance ...................................................................................... 62
6 Analysis of Product TCO ......................................................................................... 63

6.1 Analysis of CAPEX .................................................................................................... 63
6.2 Analysis of OPEX ...................................................................................................... 63
7 Networking Application ........................................................................................... 64

7.1 SVLAN( Flexible QinQ).............................................................................................. 64
7.2 IPTV ........................................................................................................................... 65
7.3 ZESR ......................................................................................................................... 66
7.4 ZESS.......................................................................................................................... 66
8 Integrated Networking Applications....................................................................... 67

8.1 MAN Access Layer Solution ...................................................................................... 67
8.2 Enterprise Network Solution ...................................................................................... 68
9 Operation and Maintenance .................................................................................... 69

9.1 NetNumen N31 Unified Network Management Platform........................................... 69
9.1.1 Network Management Networking Mode .................................................................. 69
9.1.2 NetNumen N31 Network Management System......................................................... 70
9.2 Maintenance and Management ................................................................................. 72
9.2.1 Multiple Configuration Modes .................................................................................... 72
9.2.2 Monitoring, Controlling and Maintenance .................................................................. 73
9.2.3 Diagnosis and Debugging.......................................................................................... 73
9.2.4 Software Upgrad ........................................................................................................ 74
ZTE Confidential Proprietary © 2009 ZTE Corporation. All rights reserved. III
9.2.5 File System Management .......................................................................................... 74
10 Abbreviation ............................................................................................................. 76
Figures
Figure 1 The Front Panel of ZXR10 5928E ................................................................................ 1

Figure 2 The Front Panel of ZXR10 5928E-FI ............................................................................. 1
Figure 3 The Front Panel of ZXR10 5952E ................................................................................. 1
Figure 4 Specific QinQ Networking Application ........................................................................... 8
Figure 5 The Networking Topology of Cluster Management ..................................................... 15
Figure 6 The Rules for Switch Role Conversion ........................................................................ 15
Figure 7 The networking topology of ZESS ............................................................................... 16
Figure 8 Alarm Interface............................................................................................................. 19
Figure 9 Basic Architecture of SFlow......................................................................................... 20
Figure 10 Traffic Policing with CIR/PIR........................................................................................ 22
Figure 11 5P3D Model based upon Ethernet Service.................................................................. 24
Figure 12 end to end MPLS QoS ................................................................................................. 24
Figure 13 Abstract architecture of HQoS ..................................................................................... 25
Figure 14 False connection of interface....................................................................................... 32
Figure 15 Interface down ............................................................................................................. 33
Figure 16 stacking framework ...................................................................................................... 33
Figure 17 Relationship of sub-layers of OAM in ISO/IEC OSI reference model.......................... 35
Figure 18 Maintenance Domain ................................................................................................... 37
Figure 19 Ethernet Maintenance Domain Inclusive Relations ..................................................... 38
Figure 20 L2PT Networking ......................................................................................................... 40
Figure 21 The Appearance of ZXR10 5928E............................................................................... 42
Figure 22 Appearance of ZXR10 5928E-FI ................................................................................. 42
Figure 23 The Front Panel of ZXR10 5952E ............................................................................... 42
Figure 24 Hardware Block Diagram for the Hardware of ZXR 10 5900E .................................... 43
Figure 25 Diagram of main control card....................................................................................... 44
Figure 26 Functional Block Diagram for the Operation Support Subsystem ............................... 47
Figure 27 functional Block Diagram of the L2 Subsystem ........................................................... 48
Figure 28 Functional Block Diagram of the L3 Subsystem .......................................................... 49
Figure 29 IPTV networking application ........................................................................................ 65
Figure 30 ZESR networking application....................................................................................... 66
Figure 31 ZESS networking application....................................................................................... 67
Figure 32 MAN Application .......................................................................................................... 68
Figure 33 Enterprise Network Application.................................................................................... 68
ZTE Confidential Proprietary © 2009 ZTE Corporation. All rights reserved. IV

TABLES
Table 1 L2 Protocol Standard ................................................................................................... 50

Table 2 TCP/IP Protocol Standard ........................................................................................... 50
Table 3 RIP Protocol Standard ................................................................................................. 50
Table 4 OSPF Protocol Standard ............................................................................................. 51
Table 5 BGP Protocol Standard................................................................................................ 51
Table 6 ISIS Standard............................................................................................................... 51
Table 7 VRRP Standard ........................................................................................................... 52
Table 8 LDP Standard .............................................................................................................. 52
Table 9 IPV6 Standard.............................................................................................................. 52
Table 10 Multicast Standard ....................................................................................................... 53
Table 11 Differentiated Services Standard ................................................................................. 53
Table 12 PPP Standard .............................................................................................................. 54
Table 13 DHCP Standard ........................................................................................................... 54
Table 14 Network Management Standard .................................................................................. 54
Table 15 Physical parameters .................................................................................................... 57
Table 16 Basic performance indices........................................................................................... 57
Table 17 L2 Attributs ................................................................................................................... 59
Table 18 L3 Attributes ................................................................................................................. 60
Table 19 mpls.............................................................................................................................. 60
Table 20 QoS .............................................................................................................................. 60
Table 21 Service Management ................................................................................................... 61
Table 22 reliability ....................................................................................................................... 61
Table 23 security......................................................................................................................... 62
Table 24 Operation and maintenance ........................................................................................ 62
Table 25 Abbrebiation................................................................................................................. 76
ZTE Confidential Proprietary © 2009 ZTE Corporation. All rights reserved. V

1 Overview
ZXR10 5900E Series Gigabit L3 Switches introduced by ZTE aim at satisfying
aggregation market in the industry. By focusing on the implementation of all-service IP
bearer network, they in order to meet the requirements of service access bearer network
integrate data, voice, video and mobile services on a unified platform. With high-
performance software/hardware architecture, excellent switching capacity and
performance, simple operation and maintenance tool, ZXR10 5900E series products
give conveniences to develop sustaining carrier-class bearer network.
High-speed back plane, advanced special core chips of ZXR10 5900E series products
featuring their superior service extensibility and more value-added services make the
equipment work longer and maximally protect operator’s investment. “Green
Environment Protection” design philosophy enables ZXR10 5900E series products to be
famous for its low power consumption in the industry. The tight architecture of the
equipment requires little space and costs in equipment operation. The modular dual
power supply design ensures high reliability, which greatly reduces operation and
maintenance costs, and realizes maximum profits.
ZXR10 5900E series products consist of 3 models: ZXR10 5900E, ZXR10 5928E-FI,
and ZXR10 5952E. ZXR10 5928E supports 24 gigabit electrical interfaces and 1
extension slot. ZXR10 5928E-FI supports 24 gigabit optical interfaces and 1 extension
slots. ZXR10 5952E supports 1 extension slot and 4 subcards where 8-port gigabit
optical/electrical interface is supported per subcard. ZXR 10 5900E series products
support three types of extension slots: 4 gigabit optical slots, 4 gigabit electrical slots,
and 4 10GE optical slots.
The Appearances of the Equipment are as shown in figure1, figure2 and figure3:
Figure 1 The Front Panel of ZXR10 5928E
Figure 2 The Front Panel of ZXR10 5928E-FI
ZTE Confidential Proprietary © 2009 ZTE Corporation. All rights reserved. 1

2 Equipment Highlights
2.1 Superior Performance and Capacity

By using the advanced hardware architecture and design philosophy, ZXR10 5900E
guarantees wire-speed forwarding of all services. Hardware-based IPv4/IPv6 forwarding
mechanism provides the optimal performance and flexibility, so it is capable to building
future-oriented basic network platform.
ZXR10 5900E has 240G switching capacity, high-density port and wire-speed
forwarding. It effectively enhances the efficiency of customer network upgrade and
deployment.
2.2 Enhanced Video Service Experience

ZXR10 5900E supports rich IPv4/IPv6 multicast protocols, multicast QoS, and solves the
management of traffic engineering issue caused by multi-port replication of multicast
service. It reduces the latency, jitter and abrupt packet loss of video stream. Besides, it
shortens the time for user’s video stream to join in or leave the network. At the same
time, multicast service access control technology ensures the secure access of multicast
service, and makes sure users can enjoy high-quality video service.
2.3 Rich Service Platforms

ZXR10 5900E series uses mature and unified ZXROS multi-service platform, providing
the most reliable, extensible a d manageable protocol system for IPv4/IPv6. It gives full
support to L2 and L3 services and standard protocols. Also it is compatible with the
original network, so it is the best platform for network integration.
It supports enhanced Ethernet features such as SVLAN/ZESR (ESRP+/ZESS). Together

with highly efficient L2PT tunnel technology, it provides customers with all sorts of
flexible solutions.
The end-to-end OAM service management and performance monitoring based upon all
sorts of granularity e.g. physical port and logical link make the network operation more
transparent and convenient. It also provides highly qualified hierarchical QoS and
service-based awareness and control mechanisms. Each port provides large-capacity
hardware queue, so that it can support all kinds of services flexibly, and realize traffic
shaping, policy marking, queue scheduling and congestion control. It meets user’s
requirements for multiservice bandwidth control, realizes real SLA in the course of
service access, and provides solid guarantee to carrier’s precise operation.
2.4 Carrier-Class High Reliability

ZXR10 5900E series focuses on the design of carrier-class reliability. It uses modular
power supply system to provide redundant backup. By supporting hotswappable
mechanism, it features powerful recovery capability when encountering disaster and

flexible failure processing capability. So in a word, ZXR10 5900E series has integrated
maintainability.
It supports ZESR(ESRP+). With creative single-point dual homing and multi-point dual
homing redundant backup design, it provides 50ms fast switchover, and offers reliable
guarantee to the implementation of large-scale triple play service.
With rich security and anti-attack mechanisms, ZXR10 5900E series device supports
wire-speed forwarding packet inspection and traffic differentiation in the condition of
having thousands of ACL. It supports CPU protection, protocol message speed limitation,
and DoS attack monitoring.
2.5 Excellent Operation and Maintenance Design

The increasing growth of network service makes fast deployment of network service to
become more and more important. ZXR10 5900E series uses ZTE’s unified network
management platform via which the graphic user interface provides customers with
service configuration, management, diagnosis, and monitoring. So that customers can
understand the network operating status at any time. The deep inspection carried out by
intelligent tools which simplifies failure location makes the network management much
easier. Finally, it realizes easy service deployment, transparent data forwarding,
intelligent failure processing, viewable service quality and clear network resource.
There is a handle outside the modular components of ZXR10 5900E series device, for
example the power supply module and extensive slot, so it is very easy for people to get
these modules in and out of the chassis. There’s also a fixed lock at the bottom of each
slot. So when the slot is installed, the lock will fix the slot to avoid its loose.
All network cables and power cables, including the switches of power supply are in the
front of the panel. This gives after-sales engineer great conveniences in their work. All
jobs can be done as soon as they open the chassis, which truly improves engineer’s
work efficiency.
M button on the front panel breaks through the design of the traditional switch via which
only link（active） and direct speed can be displayed. M button can also show the
common status of the port: duplex status. It simplifies operation and maintenance.
The external warning interface of ZXR10 5900E series has 3-line warning input and 5-
line control input. It enables the external warning of the system to be controlled
effectively, and reduces/avoids the loss caused by external warning.
By using VCT technology, ZXR10 5900E series Ethernet switch can implement remote
maintenance of cable. It can inspect the short circuit, open circuit on the cable, and
make sure the tolerance of location within 1 meter. By VCT, ZXR10 5900E series
Ethernet switch can detect the failure does not cause by the configuration error at Client,
it is able to locate the failure equipment, port and even the distance to the failed cable. In
network management center, failure location can be done to obviate most failures to
make network maintenance job easier. Furthermore, this method reduces the difficulties
and costs of operation maintenance at the same time.

2.6 Energy Saving and Environment Protection

With windless and mute fan system, the low power consumption of ZXR10 5900E is
famous in the industry. In the test on comparing the power consumption of ZXR10
5900E and the devices from other famous vendors in the industry, ZXR10 5900E shows
much smaller power consumption in both idle and full load conditions. Together with
classic European design, i.e. less than 220mm deep, small size, light weight and large
capacity, it helps the carrier to save the energy and reduce the requirements for
deployment environment efficiently.
3 Functionality
3.1 Basic Services

ZXR10 5900E series Ethernet switches consist of 3 models: ZXR10 5928E, ZXR10
5928E-FI and ZXR10 5952E.
ZXR10 5900E realizes wire-speed L2/L3 switching, giving extensive support to multiple
sorts of protocol and offering different services.
3.1.1 MAC Address Management
MAC（Media Access Control）is the hardware label of network equipment. The switch
implements message forwarding according to MAC address. As an exclusive tag, MAC
address ensures the correct forwarding of messages.
Each switch takes care of a MAC address table. In this table, MAC address and switch
port are corresponding one by one. When the switch receives data, it will find out if this
data should be filtered or forwarded to the corresponding switch port in terms of MAC
address table. MAC address table is the foundation and premise for switch to implement
fast forwarding.
ZXR10 5900E series realizes the following MAC services:
• MAC Address Fixation
When the network is operated steadily for a while, the locations of the equipment linking
to all ports of the switch are fixed. In other words, the ports corresponding to all
equipment’s MAC address in switch MAC address table are fixed, so the learnt MAC
address can be fixed.
MAC address fixation actually changes all dynamic MAC addresses to static mode. After
the conversion, these MAC addresses will not join in aging process. At the same time, if
the data from whose source MAC address are these addresses appears on other ports,
the switch will not have any chance to learn again any more.
• Port Binding MAC Address

It is capable of adding dynamic, static and permanent MAC addresses in MAC address
table. For static or permanent MAC address, the relationship between MAC address and
port is fixed. This relationship will not stop until it is removed manually.
• Restrict the Number of Port MAC Address
The capacity of switch MAC address is limited. When the number of the user in the
network reaches the limitation of the MAC address table, we can restrict the number of
the learnt MAC address that the port of the users with low priority is.
By restricting port MAC address, MAC address flooding which easily causes MAC
address table overflow can be avoided.
• Port MAC Address Learning Protection
When abnormity of one port MAC address learning is found, the switch will protect this
port MAC address learning for a while. As soon as the port goes into protection mode, it
will not carry out any new MAC address learning; when the protection is due, the port
can implement MAC learning again.
The Filtering of Port Unknown MAC Address
In default mode, the filtering service of unknown MAC address of switch port is disabled.
The port does not filter unknown MAC address. If unknown MAC address filtering
service is configured on one port of the switch, the corresponding port will discard and
learn the packets with the unknown MAC address got by this port.
• MAC Address Filtering
The data filtering in terms of MAC address consists of the following three modes:
− Only match the source MAC address of the data, i.e. if the source MAC
address of the data is the set MAC address, then carries out the filtering.
− Only match the destination MAC address of the data, i.e. if the destination
MAC address of the data is the set MAC address, then carries out the filtering.
− Match the source or destination MAC address of the data, i.e. if the source or
destination MAC address of the data is the set MAC address, then carry out
the filtering.
3.1.2 VLAN
ZXR10 5900E series has basic L2/L3 switching functions. The forwarding carried out in
data link layer realizes the classification of virtual working group by supporting IEEE
802.1Q protocol. ZXR10 5900E series supports multiple ways to classify VLAN, i.e. the
classification based upon equipment port, or the classification based upon the host MAC
address and the network layer information of user’s message.
• Port-Based VLAN
The port-based VLAN classification is simple and popular. It allocates different ports of
the equipment with different VLAN, so that all traffics received by these ports belong to

the VLAN corresponding to this port. For example, port 1, 2 and 3 belong to the same
VLAN, other ports belong to other VLANs, as a result, and the frames received by port 1
are only delivered to port 2 and port 3. If the VLAN user moves to a new place, it will not
belong to its original VLAN unless it is allocated with a new VLAN.
• Protocol–Based VLAN
Protocol-based VLAN is flexible, so it is suitable for L3 or network with rich protocols.

Protocol-based VLAN is classified in terms of data packet’s network layer encapsulation
protocol, so the labels with the same data packet are in the same protocol VLAN. This
VLAN based upon network layer protocol enables broadcasting domain to cross multiple
VLAN switch. Therefore, users can move freely in the network, and its VLAN
membership will still remain.
Via this method, even user changes its location, he does not have to reconfigure its
VLAN. Besides, it can classify VLAN according to protocol type. Without requiring
additional frame label to mark VLAN, this method reduces network communications.
Protocol VLAN is set “enable” on the physical interface, and it can be disabled as
customer requires. It only classifies VLAN according to data packet label. It isolates
packets with different labels.
• Subnet VLAN
Subnet VLAN is implemented in L2 VLAN, realizing data frame forwarding. Subnet

VLAN determines the corresponding VLAN data will be forwarding according to the
source IP address of the data frame. This VLAN based upon the source IP address
enables users in different network segments cross multiple VLAN forwarding. But their
VLAN membership will still remain.
Subnet VLAN isolates data with different source IP addresses. So users can only get
data from the same network segment. The priority for UNTAG frame to forward subnet
VLAN is higher than protocol VLAN and PVID, TAG frame is forwarded in TAG mode,
and its priority is higher than subnet VLAN.
• PVLAN
To enhance network security and isolate messages between users, each user will be
distributed with one VLAN traditionally. This method has the following obvious
drawbacks:
− Currently 4094 VLANs are supported at most in IEEE 802.1Q standard. So the
limitation of the user number stops network extension.
− Each VLAN is corresponding to one IP subnet, so many subnets will cause the
waste of IP address.
− The planning and management of so many VLAN and IP subnets make

network management more complicated.
PVLAN（Private VLAN） aims at solving these problems.
PVLAN divided VLAN port into two categories: Isolate Port connecting with user’s port
and Promiscuous Port uplinking router. The isolate port which can not connect with each
other can only communicate with promiscuous port. Therefore, ports under the same

VLAN are isolated, and user can communicate with its default gateway only. It tightly
ensures network security.
• VLAN Translation
VLAN translation is also an expansion of the VLAN function. It allows overlapping VLAN
IDs of different Ethernet switches accessing from the edge, and via VLAN translation
service, these overlapping VLAN IDs will be changed to different VLAN IDs and sent via
uplink port. So that users can be isolated in L2 core switch, which simplifies the
configuration of edge access switch.
• Super VLAN
The traditional ISP network allocates each user an IP subnet. There are three IP
addresses used as subnet network number, broadcasting address and default gateway
respectively when every subnet is allocated. If there are lots of IP address remained in
some users’ subnet, they can not be used by other users either. This method may waste
a great number of IP addresses.
SuperVLAN solves this issue perfectly by aggregating multiple VLANs (normally called
sub-VLAN) to one SuperVLAN. These VLANs use the same IP subnet and default
network gateway.
Via SuperVLAN technology, ISP only needs to allocate one IP subnet to SuperVLAN,
and create one sub-VLAN to each user. All sub-VLANs can allocate IP addresses in the
subnet of SuperVLAN flexibly. They use the default gateway of SuperVLAN. Each VLAN
is an independent broadcasting domain, making sure the isolation of different users.
Different VLAN use SuperVLAN to route and communicate with each other.
• QinQ
QinQ, also known as VLAN stacking, is a vivid name for the tunnel protocol based on
802.1Q encapsulation. Besides original VLAN label (Inner Label), QinQ technology adds
another VLAN label (Outer Label) which can cover the inner label.
QinQ does not need protocol support, via which simple L2VPN (L2 Virtual Private
Network) can be implemented. It is suitable for L3 switch in small LAN
Specific networking application based upon QinQ technology is as shown in figure 4.

The port connecting to user network is called Customer port, and the one connecting
operator network is named Uplink port. Operator network edge access equipment is
called PE (Provider Edge)

Figure 4 Specific QinQ Networking Application
Normally user network uses Trunk VLAN to access PE. The Uplink port in service
provider network interconnects with each other via Trunk VLAN mode.
When messages reaches customer port of switch A from user network 1, the switch A
will insert an outer label (VLAN ID is 10) no matter the message is tagged or untagged.
Messages is sent long the port with VLAN 10 in service provider network to switch B.
when switch B realizes user network 2 is connecting with customer port, it will detag the
outer label according to traditional 802.1Q protocol to resume user’s original messages.
Then the messages will be sent to user network 2.
In this way, streams between user network 1 and 2 can be transferred transparently via
service provider’s network. User network can freely plan its private network VLAN ID
without causing VLAN ID conflicts in service provider network.
3.1.3 SVLAN
SVLAN is also called flexible QinQ. It’s the development and enhancement of QinQ.
Original QinQ can only implement port-based outer layer label addition. It’s not flexible in
application. SVLAN can tag packets with different S-Tag label selectively based on port
and C-Tag. To keep client packet COS, it can duplicate 802.1p field in inner layer label
to outer layer label to keep user QoS continuity.
Compared with QinQ, SVLAN has enhanced function of network user location, which
enables QinQ to better support PUPV (one VLAN per user) and PSPV (one VLAN per
service). It is easy for carrier’s operation and maintenance management. The most
typical application is Triple Play service in broadband to the home.
VLAN can perfectly solve the problem of user location separation and service
differentiation in broadband network. It can implement operation and maintenance
management for one VLAN per user, which brings great convenience to network
management and maintenance. ZTE is always an advocator of this technology and
takes the leading position in the industry.
ZXR10 59E series switch supports SVLAN with the following applications and functions:

Being able to distinguish different service VLAN at one port and tag different outer layer
label based on different service requirements.
Being able to implement coexistence of VLAN transparent transmission and QinQ

service at port; being able to keep user label unchanged without adding new label to
user label when some VLAN packets are going through switch.
Being able to duplicate 802.1p field in user label to outer layer label to guarantee that
user’s service level is kept unchanged in QinQ network so as to keep the consistency of
QoS of user service.
IEEE802.1ad specifies that S-Tag Ethernet type is 0x88A8 and C-Tag Ethernet type is
0x8100. ZTE switch supports C-Tag and S-Tag Ethernet type at any designated port.
SVALN has two major applications in the network:
SVLAN is applied in user location separation and service differentiation in network and
Triple Play service in family broadband. SVALN QinQ can solve traditional 4096 VLAN
resource shortage problem so as to truly implement PUPV and PSPV.
3.1.4 STP
STP (Spanning Tree Protocol）is built particularly to eliminate network broadcasting

storm caused by circle links, and to provide network topology redundant backup service.
Aiming at generating “a tree”, the root of the tree is a switch named root bridege.
According to different configurations, different switches will be used as the root bridge.
But there’s only one root bridge only at any time. A tree is formed starting from the root
tree, and the root bridge will send configuration message on a regular basis. Each
switch who receives the message will dispatch it to other ports after updating the
received message on the basis of its own configuration and network topology
architecture. When one switch gets configurations from two or more than two ports,
there’s loop existing in the network. At this moment, the switch will leave one port in
forwarding mode, and block other ports to get rid of loop. When one port does not get
configuration message for a long time, it will be considered by the switch as overtime
configuration which may have changed the network topology. So the network topology
must be calculated again and generate a tree.
RSTP (Rapid Spanning Tree Protocol) is the optimization of spanning tree. ZXR10
5900E Ethernet switch supports this protocol. As for its rapidness, the latency caused by
root port and designated port getting into forwarding status in network equipment or link
changing period are shortened in some conditions, so network topology can get steady
much faster.
Rstp feature also support sbpdu guard, root guard, loop guard, edge－port and stp
ignored per vlan features, where
BPDU guard：： For access-layer equipment, access port is normally connected with
user terminal (e.g. PC) or file server directly. At this moment, the access port is
configured as edge port to realize fast migration of this port; when these ports receive
configuration messages (BPDU message), the system will automatically set these ports
as non-edge-ports. Recalculation of spanning tree causes network topology concussion.
Normally these ports will not receive STP configuration messages. If someone make
fake configuration message to raise malicious attack, network concussion will happen.

RSTP provides BPDU protection to prevent these attacks ； switch initiates BPDU
protection service, so that if the edge port receives the configuration message, the
system will terminate these ports and inform network management that these ports has
been shut down by RSTP. Only network administrator can resume these shutdown ports.
ROOT guard：： In the network, when root bridge receives a bupdu message with higher
priority, it will not act as root bridge anymore so network topology will be changed which
directly causes the breakdown of data forwarding. To prevent the root bridge from being
attacked, root protection service should be imitated over the port. So when it receives
high-priority messages, it will change to listen status and stop forwarding message. In 30
seconds, it will change to normal status automatically, which avoid frequent root bridge
change.
Loop guard：：Loop protection can avoid the loop caused by one-way link failure. After
initiating loop guard service, the port will directly changes to loop － inconsistent
blocking status if bpdu message does not arrive in expected time. The port does not
change to listening, learning, or forwarding status, otherwise stp will insist there’s
physical failure over port. When bpdu message is received, the port will be resumed.
3.1.5 Link Aggregation
Link aggregation is the process where the physical link segments with the same media
type and same transmission rate are bundled together, and appear as one link logically.
Switch decides via which port the message will be sent to the peer-end switch according
the port sharing policy user made. When switch detects one member port link breaks
down, it will stop sending messages over this port and recalculate message delivering
port in the rest links on the basis of load sharing policy. When the failed port is resumed,
the recalculation will be carried out again to get correct port. Link aggregation is a very
important technology in extending link bandwidth and realizing link transmission
elasticity and redundancy.
ZXR10 5900E supports two sort of link aggregation, i.e. static Trunk and LACP
Static Trunk adds multiple physical ports to Trunk group directly to form a logical port.
This method is not good for inspecting the status of link aggregation port.
LACP (Link Aggregation Control Protocol) follows IEEE 802.3ad standard. LACP
aggregates multiple physical ports dynamically to Trunk group via protocol to form a
logical port. LACP generates aggregation to get maximum bandwidth.
When configure link aggregation service on ZXR10 5900E, the following principles
should be followed:
• Totally 32 Trunk groups should be configured. Each Trunk group consist of 8

member port at most.
• Support cross-interface board aggregation. Member port can be distributed on any

interface board. But the selected port must be working in full-duplex modem and the
working speed must be the same.
• The member port mode can be access, trunk or hybrid. But they must keep the
same.

The logical port formed by link aggregation on ZXR10 5900E is called smartgroup which
can be used as common port.
3.1.6 Basic Ethernet Features
ZXR10 5900E series supports the following basic Ethernet features:
• Port mirroring
Port mirroring service can replicate the data of one or more than more ports (reflector
port)on the switch to a designated destination port (monitoring port). The monitoring port
can get the data on these reflector ports via mirroring image, so that, it can carry out
network traffic analysis and failure diagnosis. Also, it supports remote SPAN（RSPAN）.
• Broadcasting storm suppression
It can restrict the number of broadcasting message allowed to pass Ethernet port per
second. When the broadcasting traffic exceeds the value user set, the system discards
the broadcasting traffic to control it to a reasonable scale. In this way, it effectively
suppresses broadcasting storm, avoids network congestion and ensures normal service
operation. The broadcasting storm suppression is set based upon speed, i.e. the smaller
the speed is, the less broadcasting traffic is allowed to pass.
• Support the configuration of port speed, duplex mode, and self adaption
• Support circuit diagnosis analysis test
ZXR10 5900E series supports Cable diagnosis analysis test, via which the abnormities
of the links between cables can be inspected. Besides, it can accurately find the location
of Cable failure, which gives conveniences to network management and failure location.
1000M Ethernet electrical interface uses network cable to connect other devices. There
are four pairs of twisted-pair cable, so when the device is working with 100M interface,
1-2 and 3-6 cable are used. And when 1000M mode is used, 1-2, 3-6, 4-5 and 7-8
cables should be all used. The cable can inspect the status of each pair of twisted-pair
cable, including:
1． Open： Open circuit
2． Short： Short circuit
3． Good： good circuit
4． Broken： open or short circuit
5． Unknown： unknown result or no result
6． Crosstalk： coupling circuit
7．Fail： failed inspection

3.1.7 IGMP Snooping
The IGMP Snooping maintains the relationship between the multicast address and the
table of the LAN by listening to the IGMP packets communicated between the user and
the router. It maps the members of a multicast group into a VLAN. After receiving the
multicast packets, it forwards them only to the VLAN members in that multicast group.
IGMP Snooping and IGMP are the same in that they are both used for managing and
controlling the multicast groups through IGMP messages. However, they differ in that
IGMP runs on the network layer, while IGMP Snooping runs on the link layer. When the
switch receives IGMP packets, IGMP Snooping will parse the information contained in
them and establish and maintain a MAC multicast address table on L2.
When IGMP Snooping is enabled on the ZXR10 5900E, multicast packets are multicast
on L2. When no IGMP Snooping is enabled, multicast packets will be broadcast on L2.
3.1.8 Ipv4 Multicast Route
IP multicast route technology realizes single point-to multipoint fast data transmission in
IP network. IP multicast service can efficiently save network bandwidth, reduce network
load, so it is widely used in resource discovery, multimedia conference, data copy, real-
time data transmission, E-Game and emulation services. Multicast protocol consists of
inner and intra domain protocols, where intra-domain protocol contains MBGP and
MSDP, etc. and inner-domain protocol includes PIM-SM, PIM-DM and DVMRP, etc. the
inner-domain protocol is mainly classified into two categories, one is sparse-mode
multicast routing protocol including PIM-SM, and the other is dense-mode multicast
routing protocol with PIM-DM and DVMRP included. Currently, the most practical
multicast protocol is PIM-SM.
PIM-SM uses multicast sink display join-in mechanism to build sharing spanning tree in
order to distribute multicast data messages. In a certain circumstance, sink can also be
switched over to the shortest path tree. Besides, PIM-SM is independent from unicast
routing protocol, instead of relying on a special unicast routing protocol it uses unicast
routing table to inspect RPF. PIM-SM is more suitable for the network with multicast
members at the end of WAN (Wide Area Network) link; in addition, PIM-SM allows SPT,
so it shortens the latency caused by using sharing tree. In a word, PIM-SM is usually the
optimal multicast routing protocol used in the multicast network.
ZXR10 5900E series can completely support PIM-SM, and provide integrated multicast
solutions.
3.1.9 Ipv6 Multicast Route
IPv6 multicast protocol consists of group member management protocol and multicast
routing protocol. The group member management protocol is used to control the join-in
or leaving or multicast group member. And multicast routing protocol is responsible for
implementing information interaction among routers to build multicast tree.
ZXR10 5900E series supports the following sorts of protocol:
• MLD(Multicast Listener Discovery Protocol)
• PIM-SM(Protocol Independent Multicast Sparse Mode)

3.1.10 IPv4/IPv6 Route
In the network where ZXR10 5900E is used, user not only requires L2 switching, but
also demands L3 route forwarding service.
ZXR10 5900E series completely supports multiple sorts of unicast routing protocol and
route-based wire-speed forwarding. ZXR10 5900E provides many transition
mechanisms for the conversion from IPv4 network to IPv6 network. In addition to
IPv4/IPv6 dual-stacking technology, all kinds of tunnel mechanism are also included.
IPv4 Route
ZXR105900E series supports the following IPv4 unicast routing features:
• Support static route. It is configured by administrator manually to simplify network

configuration and enhance network performance. The static route is suitable for
medium-sized network or simple network configuration.
• Support IPv4-based dynamic routing protocols including RIP, OSPF, IS-IS and BGP.
It adapts to the change of network topology, upgrades route dynamically, so it is
suitable for large-scale network with complicated networking topology.
• Support policy route. It enables data packet to be forwarding as per user’s

designated policies. The policy route in some way realizes traffic engineering, which
enables traffics with different service quality or different features（e.g. voice service
and FTP）follow different paths.
IPv6 Route
ZXR10 5900E series supports the following IPv6 unicast routing features:
• Support IPv6 neighbor discovery protocol. Neighbor discovery protocol realizes the
discovery of router and prefix, address resolution, confirmation of next hop,
relocation, unreachable neighbor inspection and repeat address inspection. It gives
a better support to the mobility of the node.
• Support IPv6 path MTU discovery protocol. It can dynamically discover the
maximum transport unit of the path, so that, it can make sure that the messages
sent by the node will not exceed path MTU value.
• Support IPv6 static route.
• Support IPv6-baesd dynamic routing protocols, including RIPng, OSPFv3, ISISv6

and BGP4+
IPv4/IPv6 Transition
ZXR10 5900E provides multiple transition mechanisms for the revolution from IP4v
network to IPv6 network. The dual-stacking technology and different sorts of tunnel
technology included are suitable for different scenarios.

• Support IPv4/IPv6 dual protocol stackings. Dual-stacking technology can fully

enables the coexistence of IPv6 and IPv4. However, this method asks all devices in
the network support dual stackings mechanism, so it has higher requirements for
rebuilding IPv4 network. For emphasis, dual-stakcing technology is the foundation
of all following tunnel transition mechanisms.
• Support manually configured tunnel. The manual tunnel technology is simple and
mature. But it requires high management costs and features poor extensibility, so it
is suitable for connecting two IPv6 subnets.
• Support 6to4 tunnel. 6to4 technology uses special IPv6 address prefix to build
tunnel automatically, so that it can implement IPv6 network interconnection. This
mechanism consumes few IPv4 addresses, i.e. one IPv6 subnet only requires 1
public IPv4 address, so it is suitable for the interconnection of multiple IPv4/IPv6
subnets. The only drawback of 6to4 tunnel is that special IPv6 address that is 6to4
address must be used.
• Support ISATAP tunnel. It allows the deployment of IPv6 in IPv4 network. By taking
IPv4 network as a NBMA link, it realizes multiple IPv6 host links in one domain.
3.2 Value-Added Service
3.2.1 Cluster Management
Cluster refers to an aggregation formed by a group of switch in a particular broadcasting

domain. This group of switch composes a unified management domain, providing a
public IP address and management interface outside. Also it offers management and
access capability to each member in the cluster.
The management switch responsible for configuring public IP address is called

command switch, and other managed switches are named member switch. Normally,
the member switch does not have public IP addresses, instead it uses DHCP-similar
service of the command switch to distribute private address. The command switch and
member switch compose cluster together (Private Network)
The isolation of broadcasting domain between public network and private network is
proposed to be done on the command switch. Isolating the direct access to the private
address, the command switch provides a management maintenance tunnel outside to
implement integrated cluster management.
The broadcasting domain of one cluster is normally composed by four roles of switch:
command switch, member switch, candidate switch and independent switch.
There’s only one command switch in one cluster. The command switch can collect
equipment topology automatically, and set up cluster. After building the cluster, the
command switch provides a management tunnel for the cluster to manage the member
switch. Before joining in the cluster, the member switch is the candidate switch. And the
switch that does not support cluster management is called the independent switch.

Cluster management networking is as shown in figure 5
Figure 5 The Networking Topology of Cluster Management
The rules for the conversion of four-role switches in the cluster are as shown in figure 6.
Member swi t ch
Dest i ned f or
i ndependent swi t ch
Del et e f r om Joi n
cl ust er cl ut er
Dest i ned f or
Candi dat e candi dat e swi t ch I ndependent
swi t ch swi t ch
Dest i ned f or
i ndependent swi t ch
Dest i ned f or Dest i ned f or
command swi t ch candi daat e
swi t ch( no member ) Dest i ned f or
i ndependent
swi t ch( no member )
Command swt i ch
Dest i ned f or command swi t ch
Figure 6 The Rules for Switch Role Conversion
3.2.2 ZESR Protection
Improved based on EAPS principle of RFC3619 protocol, ZESR（ZTE Ethernet Switch

Ring）detects whether the ring is connected and guarantees there is only one logically
connected path between any two nodes on the ring. It re-sets port state as blocked or

forwarding based on ring changes (connected -> broken, broken -> connected) to
quickly switch the logic path.
ZESR is suitable for multiple rings and multiple domains. Multiple rings are referred to in
terms of network topology layers. Each layer is a ring. There are two access points on
lower layer access ring to connect with higher layer access ring. The network topology is
considered as an individual ring. A ring tangent with it is not a part of it but a part of
another. The ring on the higher layer is called the main ring. Others are access rings.
Multiple domains indicate there are multiple protecting instances on one ring which are
suitable for different service VLAN. They have different logic paths and are independent
from each other.
3.2.3 ZESS ZTE Ethernet Smart Switch
ZESS (ZTE Ethernet Smart Switch) describes a cost-effective link switchover

mechanism. It enables the services to be switched over to backup link rapidly when the
active link breaks down, so that normal service transmission can be guaranteed.
As figure 7shows, node 1 supports ZESS service. Port 1 is the master port and port 2 is
the standby port. When node 1 inspects that both the master and standby ports are in
UP mode, it will disable the service VLAN protection forwarding service of the standby
port; when node 1 finds the master port is Down, it will block VLAN forwarding service of
the master port, and enable VLAN forwarding service of the standby port; when node 1
inspects that the master port resumes to UP mode, the inverted and uninverted modes
can be chosen. In interverted mode, the master port is opened and the standby port is
blocked again. In uninverted mode, the master port keeps blocked mode, and the
standby port is open. In addition, when ZESS takes action, FDB of the blocked port
should be updated.
Figure 7 The networking topology of ZESS
3.2.4 Security Feature
ZXR10 5900E provides users with rich security features, providing multi-dimensional
protection in control layer, data layer, and management layer of the device. On data
layer, the device provides address change scanning attack prevention, broadcast

multicast packet rate restriction, port security protection, MAC address table and ARP
binding, DHCP Snooping, IDS association etc. The control layer provides multiple layers
of CPU packet receiving, interface address conflict detection, network topology change
attack prevention, BPDU protection and root bridge protection, and routing protocol
encryption anti-attack protection. Management layer provides hierarchical user
management, user password encryption, and SSH.
3.2.5 TR101 Feature
TR101 issued by DSL in April 2006 is suitable for technical demand report of broadband
access network. In terms of TR-025 and TR-059 architectures, TR101 proposes a way
to enable ATM aggregation network to access Ethernet aggregation network, also it
raises an Ethernet-based topology model that meets the requirements of TR-058
operation. And it gives the specific requirements of BRAS devices in access aggregation
network, the migration, interconnection, QoS, multicast, security and OAM of all AN
nodes.
All mainstream carriers in Europe ask their access and aggregation switches to satisfy
TR101. ZTE follows this demand and tries its best to make the product more satisfied to
TR101. In doing so, ZTE focuses on:
• Supporting MFF and making sure the isolation of users
For Pvlan, MFF not only realizes L2 isolation, but also makes sure more secure
message processing and forwarding as it saves user’s basic information. At the same
time, the gateway router controls the communications of all users in the same network
segment of L2, which further enhances network security. Centralized management can
be realized.
• In addition to give support to DHCP 的 option82, it can also inspect the messages
that DHCP server returns to customers. And the messages are forwarding as per
port accurately, which prevents other people from getting customer’s individual
information;
• Supporting IGMP topology discovery. IGMP module when encounters topology

change can actively send inspection information to accelerate multicast congestion
• Adding igmp statistical information.
3.2.6 VPLS And VPWS
Inheriting the advantages of traditional L2 VPN-based solution, MPLS-based L2 solution

does not implement any routing switch between PE and CE, instead, it provides
completely independent operator network and VPN user network. Operator network only
offers customer L2 network services, and customer network is on the stacking network,
so for customer, operator only provides simple L2 connection. MPLS L2 VPN
transparent L2 transmission mechanism simplifies operator network architecture and
configuration management. At the same time, it gives full support to multi-service
operation, therefore, besides traditional IP service, operator also provides customers
with IPv4, IPv6, IPX, DECNet, OSI, SNA serives, and some traditional circuit-based
emulation, for example TDM and ATM.

ZXR10 5900E support MPLS L2 VPN service based upon the following connection ways:
Point-to-Point Connection
Point-to-Point connection can conveniently provide major private line services for VPN. It
enables multiple technologies in the existing network to be used to connect users.
Keeping connections between user and operator, services after encapsulation are
transferred in operator’s IP backbone network.
Point-to-Multi-Point Connection
For large customer VPN service, it requires a large number of user sites and access
points, so operator should provide point-to-multi-point VPN service. ZXR10 5900E
supports VPLS (Virtual Private LAN Service) which is capable of building multiple sites
to connect VPN in single bridging domain of operator managed IP/MPLs network. This
method provides convenient MPLs L2 VPN solution.
3.2.7 LDP FRR
LDP FRR is MPLS-related reliability technology. It makes use of LDP (Label Distribution
Protocol) to dispatch active/standby labels for route. With standby label, swift response
can be given to the change of route, i.e. services can be switched over to the standby
label to accomplish 50ms network switchover protection. With FRR service on LSP,
services can be switched over to the backup link when one link or node on the protected
LSP breaks down. LDP FRR is a kind of temporary protection, so when the protected
link is resumed, the traffic will go back the original LSP.
3.2.8 Support External Alarm Input and Output
ZXR10 5900E as shown in figure 8 totally supports 3-line alarm input and 5-line control
output

Figure 8 Alarm Interface
Blue indicates alarm input and red means control output. As figure 6 shows, if the power
supply device connecting to alarm interface of the switch has some problems, the switch
will get signal sent by the alarm input mechanism to show level switch, and then the
switch will take some actions. For example, it can send warnings to upper monitoring
server via network management interface, also it can control and reset the power supply
device via control input mechanism.
3.2.9 VCT Technology
VCT (Virtual Cable Test) is a cable fault testing function based on hardware. It uses
TDR (Time Domain Reflector) to implement cable diagnosis. It can provide cable error
state such as open circuit, short circuit, un-matching impedance, normal cable etc. It can
provide cable fault point distance.
3.2.10 SFP DOM
DOM (Digital Optical Monitoring) is a part of optical module. The optical module
supporting DOM service can get temperature, voltage, current and the power
consumption in processing traffic. In addition, each optical module is set with some
threshold in operation (including alarm threshold and warning threshold). After initiating
DOM service, the operating status can be polled via 12C bus of the optical module, and

compare the status with the preset threshold. When the value exceeds the threshold,
syslog and SNMP trap modes can be used to send warnings.
3.2.11 SFlow
With the increasing development of network services in commercial environment, the

existing network becomes bigger and bigger. As there are more and more devices and
traffics in the network, the cost in carrying out network maintenance is higher and higher.
So how to manage network equipment efficiently and how to implement real-time traffic
monitoring and analysis have become more and more important to carriers. Currently,
vendors provide multiple network traffic monitoring technologies respectively. But most
of these traffic monitoring technologies are private or build based upon hardware. sFlow
currently is the standard traffic monitoring technology listed by IETF, it requires simpler
hardware, less resource and more universal technology, as a result, it has been
implemented by many vendors.
sFlow services are mainly composed by three parts: sFlow message sampling unit,
sFlow proxy unit, and sFlow analyzer. Usually, the sampling and proxy units of sFlow are
integrated in network device, and sFlow analyzer is built at the exterior of the system,
analyzing multiple sFlow proxy messages in the network. The entire system is basically
as shown in figure 9:
Figure 9 Basic Architecture of SFlow
sFlow sampling unit is the basic part of sFlow mechanism. It samples messages over
the network interface that supports sFlow, and then it will send the messages to sFlow
proxy unit for processing. sFlow Collector implements sFlow management, monitoring,
collection and analysis. It is responsible for saving and analyzing messages from all
sFlow Agent. Then it will give analysis report on traffic and service.
3.2.12 ACL
To filter data, a series of matching rules need to be configured for network device to
identify the objects needs filtering. When particular object is identified, corresponding
data packets are permitted or prohibited based on the pre-set policy. ACL (Access
Control List) can implement all these functions.

Usually ACL is adopted to implement data packets filtering, policy routing and special
traffic control. One ACL contains one or multiple rules for special types of data packets.
The rules inform switch whether to permit or reject data packets that match the selecting
standards specified in the rules.
As the data matching rule defined by ACL can also be used by applications where traffic
should be classified, for example to define traffic classification rule in QoS
ZXR10 5900E provides the following four types of ACL and support two IPv6ACL types:
• Basic ACL: only match source IP address.
• Extension ACL: match source IP address, destination IP address, IP protocol type,

TCP source port number, TCP destination port number, UDP source port number,
UDP destination port number, ICMP type, ICMP Code, DSCP(DiffServ Code Point) ,
ToS and Precedence.
• L2 ACL: match source MAC address, destination MAC address, source VLAN ID,
L2 Ethernet protocol type, 802.1p precedence.
• Hybrid ACL: match source MAC address, destination MAC address, source VLAN
ID, source IP address, destination IP address, TCP source port number, TCP
destination port number, UDP source port number, UDP destination port number,
including all matching fields of the three types mentioned above.
• Basic IPv6ACL: only match IP address of IPv6 source.
• Extension IPv6ACL: Filter IPv6 source and destination addresses.
• Each ACL has a visit number for identification. The range of this number of different
types of ACL is different:
− Basic ACL：1~99
− Extension ACL：100~199
− L2 ACL：200~299
− Hybrid ACL：300~349
− Basic IPv6ACL：2000~2499
− Extension IPv6ACL：2500~2999
Each ACL rule has 100 pieces at most, and the rule number ranges from 1 to 100.
3.2.13 QoS
Due to the increasing growth of multiple services (data, voice, video) and their different
requirements for service real-time capability (latency, jitter and packet loss rate) and

sensitivity of service reliability, nowadays networks are demanded to be able to

differentiate services, ensure user’s service quality according to SLA, realize QoS
guarantee in all implementation models, provide end-to-end service quality, make the
network appreciable and service manageable, realize service precise operation and
finally improve user’s service experience.
• Basic QoS Feature
ZXR10 5900E support rich QoS features where Diffserv model known for its simple
configuration, superior flexibility and high extensibility wins the most extensive use.
ZXR10 5900E have the following Diffserv QoS features:
− Traffic Classification and Marking. Service messages are divided into multiple
priorities or categories on the basis of service classification policy (including
VLAN, 802.1P, DSCP, MAC address, IP address, TCP/UDP port number, and
DSCP info.), then these categories will be marked by ToS or DSCP fields of
Ethernet message CoS or IP head, or EXP field of MPLS. In this way,
category-based traffic scheduling, congestion management and traffic shaping
can be implemented. Different QoS mechanisms can be used on different
types of service.
− Traffic Policing. It is particularly used to restrict one stream or abrupt traffic

which is going to access one network. After setting a reasonable limit to the
traffic, it will then police or punish the exceeding part of the message, for
example, discard the message, color the message or reset the priority of the
message. In this way, it protects network resource and operators greatly at the
same time.
Following srTCM (Single Rate Three Color Marker) and trTCM (Two Rate Three Color
Marker) algorithms introduced by IETF, ZXR10 5900E use two token buckets to
evaluate the arrived messages. Compare messages according to CIR/PIR mode of
token bucket in Color-Blind moe and Color-Aware mode, and color the part exceeding
PIR red, the one exceeding CIR but under PIR yellow, and the one under CIR green.
Hence, queue scheduling and congestion management can be done in terms of
message colors. Furthermore, the selection of MPLS tunnel path and hierarchical QoS
scheduling can also be implemented according to message colors. In this way, service
precise operation and management are realized. ZXR10 5900E support CIR/PIR service
based upon port and flow, and they can be used in both incoming and outgoing
directions.
Figure 10 Traffic Policing with CIR/PIR

• Traffic Shaping. It is designed particularly to restrict one stream or abrupt traffic and
make these messages sent out in evenly. Traffic shaping is normally done by cache
and token bucket. When the message is sent in high speed, it will be saved in
cache and then sent out evenly in the control of token bucket. Different from traffic
policing, traffic shaping caches messages that do not match traffic feature, which
prevents messages from being discarded and satisfies message traffic feature at
the same time.
• Queue Scheduling. For network unit, when the incoming speed of the packet is
faster than their outgoing speed, congestion will happen at egress. When it occurs,
firstly some messages will be discarded if there’s not enough cache space. Also a
resource scheduling mechanism should be made to enable messages to cache in
the queue according to some policies. And then these messages will be taken out
from the queue and forwarded as per some scheduling policies. Congestion
management of the queue is very meaningful to bandwidth distribution, latency and
jitter. ZXR10 5900E support PQ (Priority Queuing), Weighted Fair Queuing (WFQ)
and PQ+WFQ queue scheduling methods.
• Congestion Avoidance. Network equipment cache is limited, so queue scheduling

which is one congestion management mechanism carried out in terms of different
policies is also based upon the capability of the cache. It makes sure services of
different queues and different priorities can be scheduled according to certain
policies. When too many services are congested, and the queue length has reached
its threshold, all new arrivals will be discarded. This discarding mechanism may
cause TCP entire synchronization where messages of multiple TCP connection
queues will decrease at the same time, so that TCP connections start congestion
avoidance and slow start status to adjust traffic. What is worse, traffic peak will pear
at the same time making the network traffic fluctuate between insufficient and
saturation, which badly influence user’s service experience.
To improve network quality, ZXR10 5900E adopts WRED to avoid congestion. ZXR10
5900E WRED can be aware of services, set policies for discarding messages of different
priorities, so that different messages can have different discarding policies.
3.2.13.1 Ethernet QoS
Because of the dramatic development of Metro Ethernet Service, there are more and
more Ethernet services in the network. ZXR10 5900E can process service scheduling
and congestion management as per the priority of VLAN frame. It can map IP message
priority or EXP priority of MPLS message to VLAN priority of Ethernet message to
realize integrated service scheduling. In QinQ mode, inner user VLAN priority can be
mapped to outer operator’s VLAN priority automatically, or outer VLAN priority can be
modified according to user’s service. This realizes integrated and manageable services
from user service to operator service tunnel.
Traditional Ethernet service is actually VLAN priority guarantee service based upon
Ethernet message. Normally there are 8 corresponding service types, and these
services can not be colored, so that, Ethernet service can not color services according to
CIR/PIR service marks to provide more differentiated service quality. In order to enhance

Ethernet service quality control and realize 5P3D model based upon VLAN service,
ZXR10 5900E classifies services according to 802.1P DE(Drop Eligible) which makes
user services into 5 levels and 3 discarding priorities to color services.
Figure 11 5P3D Model based upon Ethernet Service
3.2.13.2 MPLS QoS
As DiffServe features sound flexibility and extensibility in deployment, it usually uses

DiffServe model to implement QoS in MPLs networking solution. ZXR10 5900E support
DiffServe-based MPLS QoS. Traditional IP QoS determines service level and realizes
differentiated service according to IP priority or DSCP, instead, MPLS QoS uses EXP
value to distinguish different services and implement the priority mapping among MPLS
EXP, IP and Ethernet to realize differentiated services and guarantee the quality of voice,
and video services. On MPLS Ingress PE node, message IP priority or VLAN priority is
mapped or replicated to label CoS domain. The mapping consists of Uniform and
Pipe/Short pipe modes. Or EXP value can be redefined according to service protocol,
and execute traffic policing, traffic shaping and traffic scheduling over the classified
traffic. In MPLS backbone network, distinguish service level according CoS field of
MPLS label to make sure service quality of the backbone network. On MPLs Egress
node (including the last but one node), redeploy the priority of IP or Ethernet service as
per Uniform, Pipe, and Short Pipe model, End-to-end QoS is provided based upon
DiffServe model.
Figure 12 end to end MPLS QoS
3.2.13.3 HQoS
Due to the increasing growth of network user and service in the market, both user and
operator prefer to have differentiated services to realize precise operation management
based upon user service, improve user service experience, get better services and more
profits. HQoS can provide high-quality service and user with precise service quality,
reduce construction costs in accessing network equipment, simplify entire network
operation costs, enhance entire network service quality and finally brings operator
differentiated competition. It is largely required by user and market.

HQoS realizes more precise scheduling by classification. It provides more reliable

service support for users to implement multiple services. The abstract architecture of
HQoS is as shown in figure 13.
Figure 13 Abstract architecture of HQoS
Hierarchical QoS of ZXR10 5900E mainly has the following features:
• Support 2-tier hierarchical QoS to satisfy real network deployment
• Each scheduling node should support multiple scheduling algorithms including SP

and WFQ to provide service mechanisms according to different scheduling policies.
• Support complete traffic policing and traffic control. Support multiple traffic policing
algorithms. Support CIR and PIR configurations.
• Support congestion avoidance. To ensure normal operation of all services, it

supports RED and WRED congestion avoidance algorithm, so that messages can
be discarded optionally according to message discarding priority. It improves user’s
service quality greatly.
3.2.14 Port Mirroring
Port mirroring is actually to replicate services with matched ACL rule to CPU or
designated port for message analysis and monitoring. Normally it is used for network
failure diagnosis.
3.2.15 Traffic Statistics
Traffic statistics service is used to calculate service packets, so that real network status
can be known for further reasonable network resource distribution. Traffic statistics
mainly refers to the number of the packet ingress port receives.

3.2.16 NTP
NTP (Network Time Protocol) is a time synchronous protocol used between different
network members. Its transport is based upon UDP. The devices implementing NTP
adjust system clocks automatically by exchanging NTP messages. In this way, they
keep their clock the same. ZXR10 5900E can be deployed as NTP Client in real network
application.
3.2.17 RADIUS
RADIUS （ Remote Authentication Dial In User Service ） is a standard

AAA(Authorization, Authentication, Accounting) protocol. For router, AAA can
authenticate users accessing routing switch to prevent illegal users from accessing. At
the same time, services like DOT1X also needs to use RADIUS for authentication and
accounting.
Currently, ZXR10 5900E supports RADIUS authentication service. It can provide

accessed routing switch with Telnet user authentication.
ZXR10 5900E supports multiple RADIUS server groups. Each RADIUS is allowed to
configure 3 authentication servers. Each group can set the time for setting server and
the time for resetting. The administrator is capable of configuring different RADIUS
group to choose specific RADIUS server.
3.2.18 SNMP
The SNMP subsystem implements the SNMP AGENT function, and supports all the
protocol operations of the SNMP agent specified in SNMP V1 /V2c/V3.
The protocol operations of SNMPv1 are:
• get-request
• get-next-request
• get-response
• set-request
• trap
The protocol operations of SNMPv2 are:
• get-request
• get-next-request
• get-bulk-request response
• set-request

• inform-request
• snmpV2-trap
The Management Information Library (MIB) is described by using SMIv1 and SMIv2. The
MIB consists of the following parts:
• Management objects supported by the core router
• Management objects of the routing protocol
• Management objects of the network management protocol
• Management objects of the TCP/IP support protocol
• Management objects of the high-speed network interface
• Management objects of important data and configuration parameters
• Management objects compatible with SMIv1
• System configuration parameters
3.2.19 RMON
We can use RMON (Remote Monitoring) to keep an eye on remote services. By

usingRMON, data collection and processing are done by a remote inspector, i.e. routing
switch system. The routing switch at the same time contains a RMON proxy software
handling communication by SNMP and network management. Usually, information only
goes from routing switch to network management system when special requirements are
raised.
3.2.20 DOT1X Authentication
802.1X is Client/Server-based access control and authentication protocol. It connects to

user equipment at system port via authentication to make sure if this user is authorized
to access system service via this port. This method prevents unauthorized data
processing between user and service provided by the system. In the beginning, 802.1X
access control only allows EAPOL frame to pass the access connecting with user
equipment. Other data can access this port after authentication.
802.1X connects the authentication system to LAN and generates two logical ports:
controlled port and uncontrolled port. The uncontrolled port which is free from the
authorization status of the port can exchange PDU with other system. However, the
controlled port can only switch PDU with other systems when it is authorization. PAE is
the entity of algoithems and protocols related to operation and authentication. The
requesting PAE respond to the requests from authentication PAE, so that it can provide
authentication information. The authentication PAE is responsible for the communication
with requesting PAE, and it also delivers the information coming from requesting PAE to
authentication server. Then after verifying this information, the authentication server

confirms if the requester will be authorized to access authenticator’s service. The

authenticating PAE relies on the authentication result to control the authorization of
controlled port and the status of the uncontrolled port. The authenticating PAE enables
the uncontrolled port and EAPOL exchange protocol with requesting PAE, and EAPOR
communicates with RADIUS authentication server.
ZXR10 5900E series products mainly support the following 802.1X services:
• Support all services of authenticator
• Support local authentication
• Support authenticating PAE to exchange protocol via uncontrolled port and EAPOL
• Support AuthControlledPortControl parameter ForceUnauthorized, Auto,

ForceAuthorized to operate the controlled port
• Support both AdminControlledDirectionsand OperControlledDirextions to operate

the controlled port
• Support requestor’s regular reauthentication by reauthentication timer
• Without authentication, it supports the transparent transmission of 802.1x

authentication packet
3.2.21 IPTV
IPTV is also name interactive network TV which is introduced by operator on the basis of
broadband. By using IP broadband network, it integrates Internet, multimedia and
communication technologies, providing users with many interactive services, e.g. live TV
program, on-demand video service and network surfer service. So user can take
advantage of these services by PC or “IP set-top box + TV”.
As one of the key technologies of ZTE IPTV system architecture, controllable multicast
mainly implements at broadband access network side. The device implementing
multicast controlling policy (BRAS, DSLAM or switch) is called multicast controlling point,
which works as the terminating point of user multicast IGMP request and determines
whether to duplicate multicast stream to user port based on corresponding IGMP
request and control policy. The multicast controlling point near user saves more network
bandwidth. As the key device implementing multicast controlling policy, multicast
controlling point supports the following features: IGMP V1/V2, IGMP Snooping, IGMP
Filter, IGMP Proxy, IGMP Fast leave, MVR (Multicast VLAN Register), SGR (Static
Group Register), UGAC (User Group Access Control), UGAR (User Group Access
Record) etc. Multicast on demand authority of user can be controlled by rule and
channel binding.
3.2.22 VBAS
VBAS is the short form for Virtual Broadband Access Server. It is a kind of query
protocol expanded between IP-DSLAM and BRAS device. Point-to-point communication

is used between BRAS and IP-DSLAM, i.e. port information query and respinding
message can be encapsulated in L2 Ethernet data frame.
The implementation principle is that L2 point-to-point communication between BRAS

and IP-DSLAM. That is to say, port information query and responding packets are
directly encapsulated in L2 Ethernet data frame. Configure DSLAM corresponding to
VLAN on BAS. Initiate VBAS during PPPoE calling process. That is to say, mapping
user band VLAN to corresponding DSLAM. BAS actively initiate user line identity query
to DSLAM, which provides BAS with responding user line identity. The local 59E series
switch is DSLAM device
VBAS protocol is implemented by sending VBAS message between BAS and DSLAM.
3.2.23 ARP
When one network device is sending data to another one, in addition to IP address of
the destination equipment, it should also be clear of the MAC address of the destination
equipment. ARP（Address Resolution Protocol）is made to map IP address to MAC
address to make sure successful communication. When one device is communicating
with an unknown device in the network, the MAC address of the unknown device will be
get firstly via ARP. The specific procedures are:
The source equipment broadcasts ARP requests with destination device’s IP address,
and all devices in the network will receive this ARP request. If one device realizes that
the request is based upon its own IP address, it will then record sender’s ARP
information and send ARP response containing its MAC address to source device. In
this way, the source device gets the MAC address of the destination device via this ARP
response.
In order to reduce ARP packet in the network and accelerate data delivery, IP address
and MAC address mapping is cached in the local ARP table. When equipment is going
to send data, it will firstly check ARP table according to IP address. If the MAC address
of the destination equipment is found in the ARP table, there is no need to send ARP
request any more. At the same time, due to the limited space in switch ARP table and
the frequent changes of network equipment, the switch should renew ARP table on time
(Delete the old items and add in new ones). The dynamic items in ARP table can be
deleted automatically, and this course is called ARP aging.
To make the network safer, ZXR10 5900E is able to change the learnt dynamic ARP to
static ARP, manual static ARP and eternal ARP table item. Both static ARP and eternal
ARP table item do not experience ARP aging. The eternal ARP still exist after reinitiating
the switch, however the static ARP will disappear. To prevent from ARP attack, ZXR10
5900E supports ARP protection service, restricting the number of the ARP the switch or
other L3 interfaces learn.
3.2.24 DHCP
The DHCP manages the IP address and other related configuration information used on
the network, to reduce the complexity in managing the address configuration. When the
DHCP service is used on the network, the client and server must be in the same
broadcast domain. If a network is built in this way, the ZXR10 5900E must provide the
DHCP SERVER function. In another application, the DHCP server and the users are not

in the same broadcast domain. The client obtains its address through transit via the
ZXR10 5900E. This is what referred to as DHCP relay technically.
The ZXR10 5900E implement the built-in DHCP SERVER function through the DHCP
protocol, to enable the dynamic address allocation and management of the DHCP
CLIENT, and at the same time provide the user management module on the destination
equipment system with the appropriate service management interface for the DHCP
CLIENT. They implement transparent interaction between the DHCP CLIENT and DHCP
SERVER through the DHCP RELAY AGENT expansion option of the DHCP protocol, to
enable the dynamic address allocation and management of the DHCP CLIENT, and at
the same time provide the service management module on the destination equipment
system with the appropriate service management interface for the DHCP CLIENT.
ZXR10 5900E series support DHCP Client and automatic download of default
configuration file via DHCP option field. Without any extra configuration, the device can
get IP address, Gateway IP address, and host configuration information, etc. after
receiving discovery message, DHCP server will find corresponding preserved IP address
as per MAC address, and send other information for example host name, TFTP IP
address, Configuration file name to DHCP client via DHCP option at the same time.
Then DGCP client will download configuration file from TFTP server via this information,
and then initiate new configuration file with DHCP protocol acting to download
configuration file at the same time.
3.2.25 LLDP
LLDP（Link Layer Discovery Protocol）is a new protocol defined in 802.1ab, which

enables adjacent devices to send messages to each other, thus updates physical
topology information and establishes device management information base. LLDP
working process is as follows:
• Sends link and management information of local device to the adjacent device;
• Local device receives network management information from adjacent device;
• Store the network management information of adjacent device in MIB base of local
device. Network management software can query L2 connection in MIB base.
LLDP doesn’t work as configuration protocol for remote system, nor signaling control
protocol between ports. LLDP can discover inconsistency in configuration of L2 protocol
for adjacent devices, but it only reports the problem to the upper level management
device without providing mechanism to solve the problem.
To be simple, LLDP is a kind of neighbor discovery protocol. It defines criteria for

network devices in Ethernet such as switch, router and wireless LAN access points to
enable them to announce their existence to other nodes in the network and to store the
discovery information of each adjacent device. For example, the information of device
configuration and device identification can be declared by this protocol.
LLDP defines a universal announcement information set, a protocol that transmits the
announcement, and a method to store the received announcement information. The
device that announces its own information can put multiple announcements in one
LLDPDU (Link Layer Discovery Protocol Data Unit) to transmit them. The LLDPDU

contains a series of short message unit with variable length, which is called type-length-
value (TLV) with the description as follows:
• Type indicates the type of the information needs to be sent
• Length indicates the bytes of the information
• Value indicates the actual information needs to be sent
Each LLDPDU contains four compulsory TLV and one optional TLV:
• Device ID TLV
• Port ID TLV
• TTL TLV
• Optional TLV
• LLDPDU end TLV
Device ID and port ID are used to identify the sender
TTL TLV notifies the receiver of the reservation period of all the information. If no update
is received from the sender in this period, all related information will be dropped by the
receiver. IEEE has defined a suggested update frequency of one transmission per 30
seconds.
Optional TLV contains basic management TVL set (such as port description TVL),
special TLV set organized by IEEE 802.1 and special TLV set organized by IEEE 802.3.
LLDPDU end TLV indicates the end of LLDPDU.
3.2.26 UDLD
UDLD is a L2 logic link detection protocol which can detect logic connection of Ethernet
link and verify physical connection. Different from physical connection detection, UDLD
detects based on neighbors. L1 devices are transparent to UDLD.
Firstly UDLD needs to establish neighbor relationships. When an Ethernet interface with
status of UP launches UDLD, the interface sends neighbor joining Hello message to its
adjacent device. The interface launching UDLD of the adjacent device sends back an
Echo message. Receiving an Echo message indicates that the device considers the two
devices are interconnected. It establishes neighbor relationship with the peer-end and
also sends an Echo message. Receiving this Echo message by the peer-end, neighbor
relationship on the two devices are both established.
After establishing neighbor relationship, they send Hello messages regularly to check
whether the link works well. The device updates the buffered neighbor information
stored at local and reset time for neighbor timeout. If no Hello detecting message is
received until neighbor aging time, the link is considered as abnormal. Corresponding
processing will be taken based on different work mode.

There are two work modes for UDLD: common mode and aggressive mode. In common
mode, an interface is Down only when protocol packets are received confirming link
single pass. No processing will be taken at the interface if no corresponding packets are
received or link single pass cannot be affirmed. In aggressive mode, the interface is
Down as long as two-way expedite link cannot be guaranteed. The common place of
these two modes is that alarm will be printed as long as normal link status cannot be
affirmed.
Generally speaking, UDLD makes interface Down in the following situations:
• In common mode, sends Hello neighbor joining message, and receives Echo
message which indicates the neighbor of the peer-end is not itself.
• In aggressive mode, sends Hello neighbor joining message, and receives Echo
message which indicates the neighbor of the peer-end is not itself.
• In aggressive mode, receives Hello neighbor joining message, and sends Echo
message; but no Echo message from the peer-end is received.
• In aggressive mode, all neighbors at the interface exceed the aging period, and no
Hello detection message is received.
When the interface is Down or other accidents occurs that leads to failure of the
interface, the device needs to send a flush message to notify the adjacent L2 device to
delete the information of it.
Initiate UDLD: if the Echo message received indicates that the neighbor of the peer-end
is not itself; it’s a false connection of interface. UDLD shut down the interface whatever
the mode is as shown in Figure 14 and 15.
D e v ic e A
PO RT PO RT
T X RX T X RX
T X RX T X RX
PO RT PO RT
D e v ic e B
Figure 14 False connection of interface

D e v ic e A
PO RT PORT PO RT
TX RX TX RX TX RX
TX RX TX RX TX RX
PO RT PORT PORT
D e vic e B
Figure 15 Interface down
Aging time is the protocol packet sending interval (15 seconds by default) ×3. Shut
down the interface if no packet is received within aging time if aggressive mode is
configured.
3.2.27 Stacking Service
ZXR10 5900E supports SES stacking service. Stacking is actually a management

domain composed by some Ethernet switches interconnecting with each other via
stacking port. This management domain consists of an active switch and several
standby switches. Usually daisy chain is used as shown in figure 16:
Figure 16 stacking framework
The switches connect with each other via stacking ports and special protocols are used
among devices to control topology discovery, calculation, election and route
maintenance.
Stacking benefits users in the following ways:
• Sound management. Stacking can realize unified management of multiple devices.

One link and one IP address enable sound management of the entire system. Also
it can reduce management costs;

• Superior extensibility. Stacking enables user’s on-demand purchase and smooth

extension of network capacity. As a result, in the course of network upgrading, it
can give user’s investment maximum protection;
• High redundant backup. High reliability with N+1 backup avoids single-point failure
and reduces service breakdown.
Compared with single cassette switch, the system can implement the following
characteristic services:
• Distributed management: for management, all devices have one unit. The
administrator can manage the device via WEB, telnet, console, and snmp. Different
equipment is similar to different slots of chassis.
• Distributed forwarding: message forwarding and search can be done locally. So,
when one equipment breaks down, other equipment can still work normally, which
makes the system more redundant.
• Distributed link aggregation: support cross-equipment link aggregation, so that link

backup and load sharing can be implemented among equipment.
3.2.28 VRRP
Normally the host in one broadcasting domain will be set with a default gateway working
as the next hop of routing packet. When this default gateway can not work normally, the
host in this broadcasting domain can not communicate with the hosts in other networks
any more. To avoid this sort of single-point failure, multiple router interfaces can be set
in one broadcasting domain and implement VRRP on these routers (Virtual Router
Redundancy Protocol).
VRRP put multiple router interfaces belonging to one broadcasting domain into one
group to form a virtual router. It also allocates an IP address to the virtual router as its
interface address. This interface address can either be one router interface address or
the third party’s address. This virtual address will take effect only when it is in the same
network segment as real interface address.
If router interface address is used, this router with this IP address will act as the master
router, and other routers work as the slave ones. If the third party’s address is used,
router with high priority will work as the master router; if two routers have the same
priority, the one with bigger real IP address will be the master router.
Set IP address of the virtual router on the host in this broadcasting domain as network
gateway. When the master router breaks down, the slave router with the highest priority
will replace it and cause none influence to the host. Only if all routers in this VRRP
group work in abnormal condition, the host in this domain can not communicate outside
any more.
We classify these routers into multiple groups and make them backup each other. And
different IP addresses are used by the host in the domain as network gateway to
realized balanced load.

3.2.29 Ethernet OAM
3.2.29.1 802.3ah
IEEE 802.3ah mainly implements link level management, taking monitoring and failure
processing of point-to-point Ethernet link in the network. Sometimes “last mile detection”
is just about this. Link layer OAM is mainly applied for point-to-point direct link detection.
Figure 17 Relationship of sub-layers of OAM in ISO/IEC OSI reference model
Figure 17 is the location of OAM in ISO/IEC OSI reference model. Above OAM is LLC
logic link control or other MAC client layer. Below OAM is MAC layer or optional MAC
control sub-layer. OAM layer is optional. OAM covers the following three functions:
• Remote discovery
• Remote loopback
• Link monitoring
DTE involved in OAM sub-layer supports active/passive mode. When OAM is enabled,
DTE that both modes support should choose active or passive.
Remote discovery
OAM provides a mechanism to check whether remote DTE has OAM sub-layers. If
discovery unsatisfied, OAM client learns that discovery is unsuccessful; and generates
discovery unsuccessful alarm. There may be two reasons for unsuccessful discovery:
one is that the peer-end doesn’t start OAM; the other is link connection failure. During
the process of remote discovery, label domain of OAMPDU message carries urgent link
event (including link failure, urgent failure and emergencies). But the particular failure
definition of link failure, urgent failure and emergencies are relevant to their
implementation. One way to learn about link failure via remote discovery is by OAMPDU
timeout; and the other way is to define some specific urgent link events to let client layer
to learn about link failure from OAMPDU.

DTE that configured with active mode launches the discovery process. Once the
discovery process is completed, when the counterpart entity connecting to remote OAM
is in active mode, active DTE is permitted to send any OAMPDU. DTE that configured
with passive mode doesn’t launch discovery process. It provides feedback of discovery
process launched by remote DTE.
Remote loopback
OAM provides optional data link layer frame-level loopback mode controlled by remote.
OAM remote loopback can be applied for failure location and link performance test.
When remote DTE is in OAM remote loopback mode, the statistic data of local and
remote DTE can be queried and compared at any moment. Query could be implemented
before, during, or after loopback is sent to remote DTE. Besides, OAM sub-layer
loopback frame can be analyzed to get additional information concerned link health (to
determine frame dropping caused by link failure).
If OAM client has sent loopback control OAMPDU, and when it waits the counterpart
DTE to indicate its responding message OAMPDU locating at OAM remote loopback,
whether OAM client implements OAM remote loopback command on peer-end device is
determined by the following process: a) if local DTE source address is larger than that of
the peer-end, enter OAM remote loopback based on peer-end command. b) If local DTE
source address is smaller than that of the peer-end, ignore OAM remote loopback
command of the peer-end and go on working as if nothing is received.
Link monitoring
OAMPDU。Link monitoring is a feature to make statistics of error symbols or error

frames received by physical layer within certain interval. Based on the implementation
there is a counter at driver all along making statistics of error frames, error symbols and
total frames received. The platform reads the information regularly and takes processing
based on these error symbols, error frames and total frames. Corresponding event
notice will be generated as per which kind of event occurred is detected.
There are four types of link events:
• Link error symbol period event. Count error symbols generated in particular period,
which is determined by the quantity of symbols received in certain period by the
physical layer.
• Error frame event. Count error frames generated in particular period, which
specifies certain interval.
• Error frame period event. Count error frames generated in particular period, which is
determined by the quantity of frames received.
• Error frame second accumulation event. Count error frame seconds in particular
period, which is determined by the time interval.

3.2.29.2 CFM
Connectivity Fault Management (CFM) can effectively check, separate virtual bridge
LAN and report its connection fault. It is mainly oriented to carrier’s network and also
effective to customer network (C-VLAN) as well.
Main basis of CFM that current switches support: IEEE 802.1ag implementation.
To manage and maintain the network, network administrator plans network service and
network layers by dividing the whole network into multiple Management Domains (MD).
A single domain is shown in Figure18.
The domain defines a series of ports at edge device and internal device. The gray points
at the edge device are service ports connecting to device outside the domain. They are
defined as Maintenance End Point (MEP). There are also some black ports (including
those at the device inside the domain) which are ports connecting devices inside the
domain. They are defined as Maintenance Intermediate Point (MIP). Domain
management is implemented by the defined MEP and MIP.
Figure 18 Maintenance Domain
As shown in Figure 19, a network can be divided into user domain, provider domain and
operator domain. Each domain is designated with a level from 0 to 7. The level for
domain determines the inclusion relations. Domain with higher level can contain domain
with lower level; not vice versa. Domains with the same level cannot contain each other.
Thus the domain with the largest coverage has the highest level. Domain inclusive
relations could be tangent (internally or externally) and inclusive, but not intersecting.
Connection Fault Management (CFM) can effectively check, separate virtual bridge LAN
and report its connection fault. It is mainly oriented to carrier’s network and also effective
to customer network (C-VLAN) as well.
• Configure multiple embedded Maintenance Domains (MD) via one bridge network
or a network containing a bridge network.

• Configure a Maintenance Association (MA) identified by an individual MD in any

given bridge and a group of VLAN.
• Format of protocol, process and CFM protocol packet used to detect and separate
connection fault report.
• Capacity of Maintenance Point (MP) configuration and management in MA. MP is

used to generate corresponding CFM packets.
• Command MPs implements affirmed fault separation and inspect result.
Figure 19 Ethernet Maintenance Domain Inclusive Relations
Path Discovery: MEP discovers with LTM/LTR message by tracking a MEP to another
MEP, or the path went through between MIP.
Fault Detection: MEP checks the network connection by CCM message that sent and
received regularly. Connection failure and NonWill connection (connected by mistake).
Fault acknowledgement and isolation: it’s a kind of behavior of management. The

administrator acknowledges fault by LBM/LBR and implements certain isolation.
Fault notification: when there is connection fault in MEP direction, corresponding report
message will be sent to designated management system (such as NMS and TRAP).
Network status detection: Learn about network connection or network delay and jitter
by checking packets from MEP to MEP with time stamps or sending and receiving of
packets with counter.
MP is the smallest entity on management layer to implement functions, including MEP

and MIP. Comparatively, MEP implements more complicated functions than MIP does.
It’s also more complicated to manage configuration than MIP. It can be said that CFM
functions are implemented by MEP, which can send, receive and process any messages

mentioned above. While MIP can only process LTM and LBM message; and send LTR
and LBR message as well.
3.2.30 Multi-VRP CE
MVCE provides a kind of function similar to hierarchical PE, which transfer part of PE
functions to CE. But MVCE doesn’t need to support MPLS, thus it has low requirements
on access and aggregation equipment. The corresponding device should not be called
as hierarchical PE. The corresponding device to MVCE is still CE.
User data flows are terminated at CE, which avoids bad impact of broadcast traffic on
PE. Complete isolation of different service transmission is implemented at CE, which
solves traditional LAN security problem with low cost. User isolation and security
guarantee that need to be implemented by PE are currently implemented by CE, which
conforms to the development trend of marginalized network security and current
requirements of carrier on bearer network.
A comparison between MVCE and hierarchical PE:
• Interfaces between two layers are at least as much as VPN quantity;
• The upper layer PE needs to reconfigure VRF that is already configured on MVCE;
• Run a IGP/BGP counterpart or configure static routing for each VPN;
• Lower layer device doesn’t support MPLS.
MVCE requires the device to support VPN access with IP address overlapping. With the
development of technology, MVCE can be implemented on medium-end switch.
Configure multiple VRF on MVCE corresponding to multiple VPN sites. Each VFR needs
an uplink interface to connect to PE. Configure the same VRF at the corresponding
interface on PE.
Since MVCE doesn’t need to support MPLS, there are still ordinary data packets
between MVCE and PE instead of MPLS labels. Differently, there is a layer of MPLS
labels between hierarchical PE. Thus VPN traffic can only be differentiated by interface
on PE, which means PE shall has exactly the same VPN interfaces as much as the VPN
MVCE supports.(which is the same as ordinary PE supports L3 VPN configuration.)
A CE with MVCE features actually simulates multiple CE. Each virtual CE is separated
from each other and is able to be accessed to multiple VPN users. PE won’t perceive
whether it is multiple CE or one MVCE. Thus PE doesn’t need any expansion.
If dynamic routing protocol is run between MVCE and PE, the routing protocol needs to
support multiple instances. PE and MVCE exchange routing information via standard
EBGP, OSPF, RIP or static route.
Static route and RIP are both standard protocols. But each VRF runs different instances
without interference to each other. If static route is configured, it will be ok if it supports
VRF.

3.2.31 L2PT
In QinQ VPN mode, if VPN uses locating at different places want to initiate their L2
protocol for example, STP, LACP, ZDP, they need to use core network to transfer these
L2 protocol messages transparently, and these messages with preserved MAC address
for bridge can not process transparent transmission normally. L2PT (layer 2 protocol
transportation) solves this problem, so it is widely used to transfer user network L2
protocol message in QinQ VPN.
L2PT networking is as shown in figure 20:
• Edge Switches: It locating at the edge of operator network connects customer

network equipment.
• Layer 2 protocol transportation port: EOne port of Edge Switch. The encapsulation
of decapsulation L2 protocol message.
• Transportation PDU: Encapsulated protocol message, for example ZDP, STP and
LACP, etc.
Figure 20 L2PT Networking
On the port without initiated L2PT, L2 protocol messages （STP，ZDP，LACP）

instead of being forwarded is either discarded or sent up for protocol processing, which
will cause several blocked stp domains in customer network as per different locations,
so that the entire customer VPN can not run an integrated STP topology. L2PT transfer
BPDU message transparently in VPN, which helps customers to supply the gap.
The received L2 protocol messages will be encapsulated at the transportation port of

edge switch, then broadcast the encapsulated messages. Initiate remote transportation
switch port to encapsulate these messages.
The message encapsulation and decapsulation can be done by changing message MAC
address.
3.2.32 Dual-Port Loop Inspection
The failure network connection or configuration easily causes forwarding loop in L2

network, which makes the equipment keep sending broadcasting, multicast and

unknown unicast messages. It not only wastes network resource greatly, but also fails
the entire network sometimes. To inspect loops inL2 network on time and avoid serious
influence to the entire network, there must be a mechanism in the network to inspect
loops and inform user to check connection and configuration on time. Also this
mechanism should be able to shut down the failed port to eliminate loop. This is loop
inspection mechanism.
ZXR10 5900E sends loop inspection message from one port on a regular basis, and it
checks if messages return to the equipment on the other port to make sure if there’s
loop between the port sent message and the monitoring port, and if the port with loop is
clear. When loops are found in the network, ZXR10 5900E will shut down the port with
loops and send warnings (trap) to user.
3.2.33 IPFIX
IPFIX (IP Flow Information eXport) is a standard protocol issued by IETF for network
flow informaiton measurement. This protocol is mainly known for unified IP data flow
statistics and output standard. To ouput date completely, IPFIX default uses 7 key
domains to indicate each data flow: source IP address, destination IP address,
TCP/UDP source port, TCP/UDP destination port, type of L3 protocol, type-of-service
protocol byte and input logical interface. If all 7 key domains of different IP messages
match each other, these IP message will be considered as the same data flow. By
recording features of network flow for example traffic duration and average length of
message, the network administrator can understand the existing network operation, and
implement network optimization, security check and traffic billing according to this
information.
IPFIX –defined format is based upon Cisco Netflow Version 9 data output format, which
enables IP flow to be transferred from one exporter to collector. ZXR10 5900E can be
the exporter responsible for gathering and saving the special data flow crossing the
switch. It counts byte and packet for every received packet and save this statistical
information to memory for regular collection by Collector. ZXR10 5900E is able to record
2000 pieces of outgoing data and 2000 pieces of incoming data flow.
4 System Architecture
4.1 Product Appearance

The hardware system of ZXR10 5900E series Ethernet product consists of chassis,
control switching board, line interface card and power supply module.
4.1.1 Appearance of ZXR10 5900E Series Products
ZXR10 5900E totally have three models: ZXR10 5928E, ZXR10 5928E-FI and ZXR10
5952E. The chassis of ZXR10 5928E and ZXR10 5928E-FI is 1U(1U=44.45mm), and
the size is 43.6mm×442mm×220mm (H×W ×D). With 2U-height chassis, ZXR10
5952E has 6 subcards and 1 extension slot, which enables flexible configuraiton. The
size of ZXR10 5952E is 88.1mm × 442mm × 220mm (H × W × D). Using modular
swappable dual power supply, ZXR10 5900E is capable of flexible configuration and

changing, as well as more powerful reliability. All cables including power supply cable
and network cable are coming out in front of the chassis. It supports 3-line warning input
and 5-line control output. M button on the front panel can show port speed link status,
and duplex status. The extension slot which is easily to be pulled out or plug in can be
extended to 4GE electrical port or SFP port, or 4 10GE optical ports.Modular
components such as extension slots are configured with external handle, so that they
can be inserted and taken out conveniently. There is also a fixed lock at the bottom of
each slot, so after the installation, the slot will be fixed tightly by the lock.
Figure 21 The Appearance of ZXR10 5928E
Figure 22 Appearance of ZXR10 5928E-FI

4.2 Hardware Architecture
4.2.1 Entire Hardware Architecture
ZXR10 5900E series products are designed in cassette style with centralized hardware
architecture. All service interfaces directly connect with switching fabric. Dual power
supply modules are swappable. With redundant design, ZXR10 5900E series products
have more secure reliability
ZXR10 5900E series products consist of 3 models: ZXR10 5928E, ZXR10 5928E-FI and
ZXR10 5952E. ZXR10 5928E supports 24 gigabit electrical interface and 1 extension
slot. ZXR10 5928E-FI supports 24 gigabit optical interface and 1 extension slot. ZXR10
5952E supports 4 subcards and 1 extension slot. The extension slot can be extended to
4 GE electrical or optical ports, or 4 10GE optical interfaces. The subcard of ZXR10
5952E support 8-port GE optical or electrical interfaces.The back plane does not have
slots or cable ports.
ZXR10 5900E supports swappable dual power supply modules. Its network cable and
power supply cable are coming out in the front of chassis. Two hardware warning ports
on the front panel provide 3-line warning input and 5-line control output information. The
input signal can receive external warning input signal, and the output signal can control
external equipment. M button provides multiple display modes for speed and duplex
status.
4.2.2 Hardware System Working Principle
ZXR10 5900E support L2 and complete L3 functions, with level 1 switching for
processing and forwarding 100M and 1000M packets. The system hardware working
principles are shown in Figure 24.
Figure 24 Hardware Block Diagram for the Hardware of ZXR 10 5900E

4.2.3 Introduction of Modules
ZXR10 5900E system contains one main control card and service expanded slots, which
can be divided into switch and control module, power supply module, and interface
module.
• Control Module
Control and switch module is the core part of ZXR10 5900E. It mainly implements two
functions of control module and switch module.
In ZXR10 5900E system, control and switch module is installed in cassette structure with
no independent panel. Its interfaces and signal indicators are on the front panel of the
system. Its block diagram is shown in Figure 25.
Figure 25 Diagram of main control card
• Control Module
The control module is composed of the main processor and some external application
chips. It provides external operation interfaces, for example, serial ports and Ethernet
ports, by which the system can process all kinds of applications. The main processor is a
high-performance CPU processor, which performs the following functions:
System NM protocol, for example, SNMP
Network protocols, for example, OSPF, RIP, and BGP-4
Providing the operation and management interfaces for line cards
Data operation and maintenance
• Switch Module

The switch module is designed with a dedicated Switch chip, which is integrated with
multiple Gigabit and Gigabit bi-directional interfaces, allowing it to process wire-speed
switching of multiple ports. The Switch chip provides the following functions:
− Store and forward switching
− Supporting 9KB jumbo frames
− Supporting priority queuing, where frames can be dropped selectively when the
CoS queue is in congestion
− Providing one management and control timer for each port
• Interface Module
ZXR10 5900E support 4-port gigabit Ethernet optical/electrical interface card, 4-port
10Ge Ethernet optical interface card, 8-port GE Ethernet optical/electrical interface card;
GE Ethernet interface card support optical/electrical adaptive interface. All optical
interfaces use swappable optical modules, so one line card can support multiple sorts of
transmission media and distance. This decreases the number of extra line card in
different situations, and helps operator to get maximum profit from minimum investment.
• Power Module
ZXR10 5900E supports AC power supply. It adopts hot-swappable cassette power

supply module and implements 1+1 hot backup of power supply, which improves the
reliability of the power supply system.
4.3 Software Architecture

ZXR10 5900E series products are multi-layer switches with L2 switching and L3 routing
capabilities and support for multiple functions, providing L2/3 wire speed switching and
routing and QoS assurance. The system software performs management, control, and
data forwarding. Its basic operations include system start, configuration management,
running of protocols, maintenance of tables, setting switch chips, and status control, as
well as software forwarding of some special packets. The system software must
implement the following functions:
• Implementing major L2 protocol functions, including 802.1D STP protocol, 802.1P

priority control, related functions of 802.1Q VLAN, and 802.3ad link aggregation
• Supporting Ipv4 protocol stacks and basic routing protocols
• Implementing multi-layer services such as ACL and DHCP
• Implementing some broadband access functions
• Implementing network management protocol SNMPv3 and Agent

• Allowing users to perform network management via the serial terminal, Telnet, or
SNMP Manager, including network configuration management, fault management,
performance management and security management.
• Smooth upgrade of the software version, and on-line upgrade of the active/standby
protocol processing cards and switching network cards.
• Network security function
Based on the system functions mentioned above, the system software could be divided
into five subsystems.
• Operation support subsystem, including software modules such as BSP, ROS, SSP,
and VxWorks kernel
• MUX subsystem, including the data distribution module, statistics and monitoring
module, and driving and encapsulation module. The data distribution module
distributes data packets to the driver and upper-layer software. The statistics and
monitoring module measures data, forwards information, and monitors the software
table.
• L2 subsystem, including processing STP protocol, LACP protocol, IGMP

SNOOPING protocol, MAC address management, VLAN management and L2 data
forwarding
• L3 subsystem, which implements basic protocols of TCP/IP, such as IP, ARP, ICMP,
TCP, and UDP, and application protocols such as FTP and Telnet, and implements
unicast and multicast routing protocols, performing L3 data forwarding.
NM and operation & maintenance subsystem, which implements the Agent function of
the SNMP network management, supports command line management, provides
operation & maintenance interfaces, and provides MIB information.
4.3.1 Operation Support Subsystem
The operation support subsystem drives and encapsulates the bottom-layer hardware,
providing support for other software systems on the upper layer. This subsystem
provides support for the running of the hardware, allocating resources for the hardware,
and provides the hardware-related interfaces for the upper-layer software. The operation
support subsystem relies on the RoS platform of the ZXR10, and it is composed of
system support, system control, version load control, BSP, and SSP. It can be further
divided into the operating system kernel, process scheduling, process communication,
timer management, and memory management modules. The functional block diagram
for the operation support subsystem is shown in Erro! A origem da referência não foi
encontrada.6.

Figure 26 Functional Block Diagram for the Operation Support Subsystem
4.3.2 MUX Subsystem
The MUX subsystem exchanges information with the driver and the upper-layer software,
and measures and monitors the software table of the switch chip. The MUX subsystem
mainly performs data distribution and measurement and monitoring. After the MUX layer
receives the data packets from the driving module, it forwards the packets by type
according to the ETHER TYPES fields in the MAC frames. The data distribution of the
MUX also includes the encapsulation of the data sending function of the driver, to
provide the modules on the upper layer with a new data sending function for invocation.
When the modules on the upper layer have data packets or protocol packets to send,
they can invoke the data sending function provided by the MUX. The measurement and
monitoring function measures the status of the driver layer, physical layer and MUX
layer, measures the packets received/sent, monitors the access to the register, and
performs the sniffer operations to the data packets, providing the OAM module with the
interface function.
4.3.3 L2 Subsystem
The L2 subsystem performs configuration management (management layer) on the data

link layer, protocol processing on L2 (control layer), and data forwarding (data layer or
service layer). The function modules are illustrated in the figure 27.

Figure 27 functional Block Diagram of the L2 Subsystem
4.3.4 L3 Subsystem
By software layer, the L3 subsystem consists of the service control layer and data-
forwarding layer. Where, the service control layer is composed of the TCP/IP and IP
forwarding support subsystem. The TCP/IP consists of the support protocols and routing
protocols. The support protocols are the basic protocols in the Ipv4 protocol suite,
providing services to the dynamic routing protocols, while acting as the entities of
network management and system monitoring. As the service provider for the upper-layer
application entities on the whole router system, support protocols consist of IP, ARP,
ICMP, IGMP, TCP, UDP and Telnet protocol entities. Routing protocols are used to
generate dynamic routes, and they consist of unicast routing protocols such as RIP,
OSPF, and BGP, and multicast routing protocols such as IGMP, PIM-SM, MSDP and
MBGP, and they provide related upper-layer protocols such as LDP, VRRP, and RSVP.
The IP forwarding and support subsystem is responsible for deletion and modification of
the forwarding table and the related strategies, and establishment and maintenance of
indexes, and data interaction between the CPU and switch chip. The IP data forwarding
layer inputs, forwards and outputs the data of the strategies, rules and routing tables
created by the switch chip according to the IP service control layer.

Figure 28 Functional Block Diagram of the L3 Subsystem
4.3.5 NM and Operation & Maintenance Subsystem
The foreground NM and Operation & Maintenance subsystem uses TCP/IP to implement
the agent of the SNMP NM, and meets the management requirements by using the
execution entities of the managed entities on the bottom layer. The background NM
communicates with the foreground NM via the network to manage the foreground
system. In this way, the management network is isolated from the transmission network.
4.4 ZXROS Platform

ZXROS is a multitask-based distributed real-time network operating system, providing
unified IP protocol supported by all devices from ZTE. ZXROS offers a mature and
steady architecture, and has been extensively used by lots of carriers. With
reinforcement and extension on the basis of the original platform, the existing platform in
terms of user’s service requirements give more consideration on user’s OPEX, CAPEX,
service scalability and implementation.
• Sound Encapsulation
− The configurations of all products are in the same style, which makes user
easy to operate and maintain.
• Powerful Monitoring Service
− Monitor process and memory abnormities.
− Monitor the working status of power supply module, fan, voltage, current, and
working temperature.
• Provide fast failure location to guarantee high reliability of the product version.
• Flexible Modular Components
− All service module based upon ZXROS can be added or uninstalled easily;
new services can be developed based upon the original architecture.

− Based upon user’s demands, provide flexible on-demand service and fast
respond to user’s requirements.
• With superior interoperation, it follows the following standard and protocols
Table 1 L2 Protocol Standard
L2 Protocol Standard
IEEE 802.1d Bridging IEEE802.1x Port Based Network Access
EEE 802.1s Multiple Spanning Tree IEEE 802.3ad Link Aggregation
IEEE 802.1w Rapid Spanning Tree IEEE 802.3ag Service Layer OAM
IEEE 802.1Q VLAN tagging IEEE 802.3ah Provider Backbone B
9216 bytes jumbo frame forward on IEEE 802.1ab LLDP(Link Layer Discovery
Ethernet and pos interface Protocol)
IEEE 802.1ad VLAN stacking, Select IGMP v1/v2 snooping/proxy
QinQ, VLAN translate
IEEE 802.3 10BaseT IEEE 802.3ae 10Gpbs Ethernet
IEEE802.3ah Ethernet OAM IEEE 802.3x Flow Control
IEEE 802.3 100BaseT IEEE 802.3z 1000BaseSX/LX
IEEE 802.3u 100BaseTx IEEE 802.3ae 10Gbps Ethernet
ESRP Ethernet smart Ring Protocol ZESS ZTE Ethernet smart switch
IEEE 802.1p VLAN Priority
Table 2 TCP/IP Protocol Standard
TCP Protocol Standard

RFC 768 UDP RFC 791 IP
RFC 792 ICMP RFC 793 TCP
RFC 826 ARP RFC 854 Telnet
RFC 951 BootP RFC 1350 TFTP
RFC 1519 CIDR RFC 1812 Requirements for IPv4 Routers
RFC 2328 TFTP Blocksize Option RFC 2347 TFTP option Extension
RFC2349TFTPTimeoutIntervaland RFC 2401 Security Architecture for
TransferSize option Internet Protocol
draft-ietf-bfd-mib-00.txt Bidirectional draft-ietf-bfd-base-02.txt Bidirectional
Forwarding Detection Management Forwarding Detection
Information Base
draft-ietf-bfd-v4v6-1hop-02.txt BFD IPv4
and IPv6(Single Hop)
Table 3 RIP Protocol Standard
RIP Protocol Standard

RIP Protocol Standard

RFC 1058 RIP Version1 RFC 2453 RIP Version2
RFC 2082 RIP-2 MD5 Authentication
Table 4 OSPF Protocol Standard
OSPF Protocol Standard

FC 1765 OSPF Database Overflow RFC 2328 OSPF Version 2
FC 2370 Opaque LSA Support RFC 2740 OSPF for IPv6(OSPFv3)
RFC 3101 OSPF NSSA Option RFC 3137 OSPF Stub Router
Advertisement
RFC 3623 Graceful OSPF Restart–GR
helper
Table 5 BGP Protocol Standard
BGP Protocol Standard

RFC 1597 BGP Default Route RFC 1772 Application of BGP in the
Advertisement Internet
RFC 1965 Confederations for BGP RFC 1997 BGP Attribute Communities
RFC 2385 Protection of BGP Sessions via RFC 2459 BGP Route-Flap Dampening
MD5
RFC 2547bis BGP/MPLS VPNs RFC 2796 BGP Route Reflection
draft-ietf-idr-rfc2796bis-02.txt draft-ietf-idr-rfc2858bis-09.txt
RFC 2918 Route Refresh Capabil-ity for RFC 3065 Confederations for BGP
BGP4
draft-ietf-idr-rfc3065bis-05.txt RFC 3592 Capabilities Advertise-ment with
BGP4
RFC 4271 BGP-4 (previously RFC 1771) RFC 4360 BGP Extended Communities
Attribute
RFC 4364 BGP/MPLS IP Virtual Private RFC 2547bis BGP/MPLS VPNs
Networks (VPNs)
RFC 4724 Graceful Restart Mechanism for RFC 4760 Multi-protocol Extensions for
BGP–GR helper BGP
RFC 4203 for Shared Risk Link Group
(SRLG) sub-TLV
Table 6 ISIS Standard
ISIS Standard
RFC 1142 OSI IS-IS Intra-domain Routing RFC 1195 Use of OSI IS-IS for routing in
Protocol (ISO 10589) TCP/IP&dual environments

ISIS Standard
RFC 2763 Dynamic Hostname Exchange RFC 2973 IS-IS Mesh Groups
for IS-IS
RFC 3373 Three-Way Handshake for RFC 2966 Domain-wide Prefix Distribution
Intermediate System to Inter-mediate with Two-Level IS-IS
System (IS-IS) Point-to-Point Adjacencies
RFC 3567 Intermediate System to Cryptographic Authentication
Intermediate System(IS-IS)
RFC 3719 recommendations for RFC 3784 Intermediate System to
Interoperable Networks using IS-IS Intermediate
System(IS-IS) Extensions for Traffic RFC 3787 Recommendations for
Engineering (TE) Interoperable IP Networks
RFC 3847 Restart Signaling for IS-IS–GR RFC 4205 for Shared Risk Link Group
helper (SRLG) TLV
draft-ietf-isis-igp-p2p-over-lan-05.txt
Table 7 VRRP Standard
VRRP Standard
RFC 2787 Definitions of Managed Objects RFC 3768 Virtual Router Redundancy
for the Virtual Router Redundancy Protocol Protocol
Table 8 LDP Standard
LDP Standard
RFC 3036 LDP Specification draft-jork-ldp-igp-sync-03
RFC 3037 LDP Applicability RFC 3478 Graceful Restart Mechanism for
LDP–GR helper
Table 9 IPV6 Standard
IPV6 Standard
RFC 1981 Path MTU Discovery for IPv6 RFC 2375 IPv6 Multicast Address
Assignments
RFC 2460 Internet Protocol Version RFC 2461 Neighbor Discovery for IPv6
6(IPv6) Specification
RFC 2462 IPv6 Stateless Address Auto RFC 2463 Internet Control Message
configuration Protocol(ICMPv6) for the Internet Protocol
Version 6 Specification
RFC 2464 Transmission of IPv6 Packets RFC 2529 Transmission of IPv6 over IPv4
over Ethernet Networks Domains without Explicit Tunnels
RFC 2545 Use of BGP-4 Multi-protocol RFC 2710 Multicast Listener Discovery
Extension for IPv6 Inter-Domain Routing (MLD) for IPv6
RFC 2740 OSPF for IPv6 RFC 3306 Unicast-Prefix-based IPv6
Multicast Addresses

IPV6 Standard
RFC 3315 Dynamic Host Configu-ration RFC 3587 IPv6 Global Unicast Address
Protocol for IPv6 Format
RFC 3590 SourceAddress Selection for RFC 3810 Multicast Listener Discovery
the Multicast Listener Discovery (MLD) Version 2 (MLDv2) for IPv6
Protocol
RFC 4007 IPv6 Scoped Address RFC 4193 Unique Local IPv6 Unicast
Architecture Addresses
RFC 4291 IPv6 Addressing Architecture RFC 4659 BGP-MPLS IP Virtual Private
Network(VPN) Extension for IPv6 VPN
RFC 5072 IP Version 6 over PPP
Table 10 Multicast Standard
Multicast Standard
RFC 1112 Host Extensions for IP RFC 2236 Internet Group Man-agement
Multicasting(Snooping) Protocol
RFC 2362 Protocol Independent Multicast- RFC 3376Internet Group Management
Sparse Mode(PIM-SM) Protocol Version3
RFC 3446 Anycast Rendevous Point(RP) RFC 3618 Multicast Source Discovery
mechanism using Protocol Independent Protocol (MSDP)
Multicast(PIM) and Multicast Source
Discovery Protocol(MSDP)
RFC 4601 Protocol Independent Multicast- RFC 4604 Using IGMPv3 and MLDv2
Sparse Mode(PIM-SM) forSource-Specific Multicast
RFC 4607 Source-Specific Multicast for IP RFC 4608 Source-Specific Protocol
Independent Multicast in 232/8
RFC 4610 Anycast-RP Using Protocol draft-ietf-pim-sm-bsr-06.txt
Independent Multicast(PIM)
draft-rosen-vpn-mcast-08.txt draft-ietf-mboned-msdp-mib-01.txt
Table 11 Differentiated Services Standard
Differentiated Services Standard
RFC 2474 Definition of the DS Field the RFC 2598 An Expedited Forwarding PHB
IPv4 and IPv6 Headers(Rev)
RFC 2597 Assured Forwarding PHB RFC 3140 Per-Hop Behavior Identification
Group (rev3260) Codes

Table 12 PPP Standard
PPP Standard
RFC 1332 PPP IPCP RFC 1377 PPP OSINLCP

RFC 1662 PPP in HDLC-like Framing RFC 1638/2878 PPP BCP
RFC 1661 PPP RFC 1989 PPP Link Quality Monitoring
RFC 1990 The PPP Multilink Protocol(MP) RFC 2516 A Method for Transmitting PPP
Over Ethernet
RFC 2615 PPP over SONET/SDH
Table 13 DHCP Standard
DHCP Standard
RFC 2131 DynamicHost-Configuration RFC 3046DHCP Relay Agent Information

Protocol(REV) Option(Option 82)
Table 14 Network Management Standard
Network Management Standard
ITU-T M.3000, Overview of TMN ITU-T M.3010, PrincIPles for a

recommendations Telecommunications management network
ITU-T M.3016, TMN security overview ITU-T M.3020, TMN Interface Specification
Methodology
ITU-T M.3100 Generic Network ITU-T M.3101, Managed Object
Information Model Conformance Statements for the Generic
Network Information Model
ITU-T M.3200, TMN management services ITU-T M.3300, TMN F interface
and telecommunications managed areas: requirements
overview
ITU-T M.3400, TMN Management Function ITU-T Temporary Document 69 (IP
Experts): Revised draft document on IP
access network architecture
ITU-T X.701-X.709, Systems Management ITU-T X.710-X.719, Management
framework and architecture Communication Service and Protocol
ITU-T X.720-X.729, Structure of ITU-T X.730-X.799, Management functions
Management Information
RFC1157, Simple Network Management RFC1213, Management Information Base
Protocol for Network Management of TCP/IP based
internets: MIB-II
RFC1901, Introduction to Community- RFC1902, Structure of Management
based SNMPv2 Information for Version 2 of the Simple
Network Management Protocol (SNMPv2)
RFC1903, Textual Conventions for Version RFC1905, Protocol Operations for Version
2 of the Simple Network Management 2 of the Simple Network Management

Protocol (SNMPv2) Protocol (SNMPv2)

RFC2037, Entity MIB using SMIv2 RFC2233, The Interface Group MIB using
SMIv2
RFC1558, A String Representation of RFC1558, A String Representation of
LDAP Search Filters LDAP Search Filters
RFC1777, Lightweight Directory Access RFC1778, The String Representation of
Protocol Standard Attribute Syntaxes
RFC1959, An LDAP URL Format RFC2251, Lightweight Directory Access
Protocol (v3)
RFC1493, Definitions of Managed Objects GB901, A Service management Business
for Bridges Process Model
GB910，Telecom Operations Map GB909，Generic Requirements for
Telecommunications Management Building
Blocks
RFC1757, Remote Network Monitoring GB908，Network Management Detailed
Management Information Base Operations Map
RFC1757, Remote Network Monitoring GB914，System Integration Map
Management Information Base
GB917, SLA Management Handbook V1.5 NMF038, Bandwidth Management
Ensemble V1.0
TMF508, Connection and Service TMF801, Plug and Play Service Fulfillment
Management Information Model Business Phase 2 Validation Specification V1.0
Agreement
TMF605, Connection and Service NMF037, Sub-System Alarm Surveillance
Management Information Model Ensemble V1.0
TMF053, NGOSS Architecture Technology TMF053A, NGOSS Architecture
Neutral Specification V1.5 Technology Neutral Specification V1.5
TMF053B, NGOSS Architecture TMF821, IP VPN Management Interface
Technology Neutral Specification V1.5 Implementation Specification V1.5
TMF816, B2B Managed Service for DSL Interworking Between CORBA and TMN
Interface Implementation Specification System Specification V1.0
V1.5
YD/T 852-1996 General design principle of YD/T 871-1996 General information model
TMN of TMN
YD/T XXXX-2001 General technical YD/T XXXX-2001 IP Network technical
specification of broadband MAN specification-network performance
parameter and availability
YD/T XXXX-2000 IP 体 Network technical YDN 075-1998 China public multimedia
specification –network in general communications network management
specification
YDN 075-1998 China public multimedia RFC 1215 A Convention for Defin-ing
communications network management Traps for use with the SNMP
standard
RFC 1657 BGP4-MIB RFC 1724 RIPv2-MIB
RFC 1850 OSPF-MIB RFC 1907 SNMPv2-MIB

RFC 2096 IP-FORWARD-MIB RFC 2011 IP-MIB

RFC 2012 TCP-MIB RFC 2013 UDP-MIB
RFC 2138 RADIUS RFC 2206 RSVP-MIB
RFC 2452 IPv6 Management Information RFC 2454 IPv6 Management Information
Base for the Transmission Control Protocol Base for the User Datagram Protocol
RFC 2987 VRRP-MIB RFC 3014 NOTIFICATION-LOGMIB
RFC 3019 IP Version 6 Manage- RFC 3164 Syslog
mentInformation Base for The Multicast
Listener Discovery Protocol
draft-ietf-disman-alarm-mib-04.txt draft-ietf-ospf-mib-update-04.txt
draft-ietf-isis-wg-mib-05.txt draft-ietf-mpls-lsr-mib-06.txt
draft-ietf-mpls-te-mib-04.txt draft-ietf-mpls-ldp-mib-07.txt

5 Technical Parameters and Specifications
5.1 Physical Parameters
Table 15 Physical parameters
Physical Parameter 5928E/5928E-FI 5952E
Size(H×W×D) 43.6mm×442mm× 88.1mm×442mm×220mm

220mm
Weight (Full Configuration, <4.5kg <20kg
including two power supply
modules and subcards)
Power Consumption < 30W <168W(full load optical
interface)； <
159W (full load electrical
interface)
Working Temperature -5℃～45℃
Storage Temperature -40℃～70℃
Anti-Seismic Design Anti-8 magnitude earthquake design
Reliability MTBF：>100,000 hours, MTTR：<30 minutes
5.2 Basic Performance Indices
Table 16 Basic performance indices
Basic Performance
5928E/5928E-FI 5952E
Indices
Swathing
240G 320G
capacity
Packet
forwarding 95M 131M
capability
MAC
L2
address 32K
Features
table
VLAN
4K
number

L2
multicast 1K
table
Routing
12K network segment route/4k host route
table
L3
L3 multicast 4K
Features table
IPv6
routing 6K network segment route/2k host route
table
Label
3
stacking
MPLS LDP FRR
switchover 50ms-200ms
time
Ingress
ACL rule 512
number
Egress
ACL rule 4k
number
CAR
64 kbit/s
granularity
QoS
COS 8 queues per port
queue
number
Cos 48
Queue for
CPU
HQoS
2 layers
level
VRF 2K
VPLS
MPLS instance 2K
L2VPN number
Extension
64
LDP
MD 8
LMEP 256
Ethernet RMEP 2K
OAM
CC
delivery 3.3ms/10ms/100ms/1s/10s
frequency

5.3 System Software Attributes
5.3.1 L2 Attributes
Table 17 L2 Attributs
Item Description
Support VLAN based upon port, protocol, subnet and
MAC address
VLAN
Support VLAN translation （N:1）
Support PVLAN
Support QinQ-based forwarding
Support common QinQ and port-based outer layer
label
QinQ
Support Selective QinQ and traffic-based outer label
Support Selective QinQ inner priority mapping
Support TPID modification
Support MAC address learning, aging and fixing
MAC Support static MAC address setting
Support MAC address attack protection
Support dynamic LACP
LACP Support traffic-based load sharing
Support aggregation crossing line cards
Support broadcasting packet suppression
Support multicast packet suppression
Storm
Support unknown packet suppression
L2 Features Suppression
Support unknown unicast/multicast discarding
Support unknown unicast/multicast broadcasting
Support static ARP configuration
ARP Support dynamic ARP learning
Support dynamic ARP table item aging
Support STP, RSTP, MSTP
STP
Support SPT based upon port and entity
Support incoming port mirroring, outgoing mirroring,
N:1 mirroring, traffic mirroring, CPU mirroring, RSPAN
Port
Support port loop inspection
Support port traffic control service
Support IGMP Snooping/proxy
Support IGMP rate limit, IGMP rate filter, IGMP rate
shaping
L2 Multicast
Support MLD snooping
Support PIM snooping
Support cross-VLAN multicast replication
Support IEEE 802.1ag
Ethernet OAM
Support IEEE 802.3ah

5.3.2 L3 Attributes
Table 18 L3 Attributes
Item Description
Support IPv4 unicast static route
Support RIPv1/v2, OSPFv2, IS-IS, BGP-4
Support policy route
Support MVRF
Support URPF
Support ECMP
L3 Features Support IPv6 static route
IPv6 unicast Support RIPng, OSPFv3, IS-ISv6, BGP4+
route Support 6to4 tunnel and 6in4 tunnel
Support ISTAP
Support static multicast
L3 Multicast Support IGMPv1/v2/v3
Support PIM-SM, PIM-SSM, PIM-DM, MSDP, MBGP
5.3.3 MPLS
Table 19 mpls
Feature Description
Basic Features Support LDP
MPLS Support LDP-mode L2 VPN

MPLS L2 VPN Support H-VPLS (LSP access)
Support CE dual-homing protection
5.3.4 QoS
Table 20 QoS
Feature Description
Support traffic classification based upon physical port
Traffic
QoS Support traffic classification based upon physical
Classification
interface and ACL
Support remark of 802.1p priority, IP Precedence, IP
Message DSCP, IP TOS, and MPLS EXP
Remark
Support dual-label mapping

Support incoming port CAR

Traffic Support traffic-based CAR
Policing Support ingress/egress traffic policing
Support traffic remarking after traffic policing
Congestion Support traffic-based bandwidth control
Control Support RED and WRED
Support 8 priority queues at least. Each queue
Queue supports minimum/maximum bandwidth management
Scheduling
Support WRR, SP, and WFQ scheduling
Support outgoing port-based traffic shaping
Traffic Shaping
Support outgoing queue-based traffic shaping
Hierarchical
Support ingress/egress H-QoS, support tier-2
QoS
Traffic
Support ACL-based traffic classification
H-QoS Classification
Traffic Shaping Support traffic shaping based upon queues per layer
Queue
Support SP, WRR, and WFQ
Scheduling
5.3.5 Service Management
Table 21 Service Management
Item Description
Support IEEE 802.1X
Service Support AAA authentication
Management Support DHCP Server, DHCP Relay, DHCP Snooping
Support DHCP OPTION 82
5.3.6 Reliability
Table 22 reliability
Item Description
Support non-stop upgrade
Support VBRP protocol, support multiple backups configuration,
support backup priority setting, support VRRP switching
Reliability authentication, support priority replacement mode
Support ZESR(ESRP+) Ethernet ring protection
Support ZESS dual-homing protection
Support ECMP

5.3.7 Security
Table 23 security
Item Description
Support anti-DOS attack service
Support anti-BPDU attack service
Support CPU protection
Support anti-ARP attack service
MAC addresses flood protection. Restrict port MAC
address number
Support IPv4 uRPF
Support hierarchical command protection
Attack Support abnormal message and wrong message
prevention protection
Support anti-IP fragment
Support anti-LAND attack service
Security Support anti-SMURF attack service
Features Support SYN FLOOD attack service
Support anti-PING FLOOD attack service
Support anti-Teardrop attack service
Support anti-Ping of Death attack
Support anti-fake IP address attack
Support the imitation and disablement of protocol
CPU security priority processing
protection Support protocol packet protection service
Support the filtering the messages going up to CPU
Support data log monitoring
Senior security Support broadcasting suppression
features Support control/signaling MD5 encryption and
certification
5.3.8 Operation and Maintenance
Table 24 Operation and maintenance
Item Description

Support command line service

Support hierarchical management authorities
Support password aging and confirmation
Support console management
Support user access service management
Support remote access in SSH, TELNET, WEB, SNMP,
and SSL modes
Support warnings in multiple ways(audio, light alarming
Operation and platform)
Operation maintenance
Support ZXNM01 unified network platform
and Support CLI hierarchical network management
Maintenance
Support user access control service
Service
Support recovery of configuration storage
Support operation log record
Support alarm log management
Support basic MIB service
Support traffic statistical service
Cluster
ZGMP, LLDP/ZTP/ZGMP
management
Support Ethernet OAM
OAM
Support OAM tool (MAC Ping, MAC trace route,etc.)
6 Analysis of Product TCO
6.1 Analysis of CAPEX

• Dimensional size conforming to European standards, depth less than 220mm,
compact structure saves space cost
Corridor or campus switches are usually deployed at places nearby users, which brings
about the cost of storage rent. It’s obvious that the lower the cost is, the better it will be.
The rent depends on the space occupied. Thus the ultimate result is requirements of
device size. The dimensional size for ZXR10 5900E completely conforms to European
standards
• Reducing equipment consumption and implementing green environment protection
ZXR10 5900E adopts no fan silent design. With the advantages of small size, low weight,
and large capacity, ZXR10 5900E can help carriers to effectively save resource and
lower the requirements of environment.
6.2 Analysis of OPEX

• Modular dual power supply

Modular power supply can be flexibly configured and changed. Dual power supply
provides higher reliability for carrier-class equipment.
• All cable line out from front panel
For better operation and maintenance. Net cable, power cable and power switch are all
on the front panel, which provide great convenience to after-sale maintenance people.
They can implement everything with cabinet open. In this way work efficiency is
improved.
• M button
On most existing switches, LED indicator of network interface on the panel can only
indicate two status of rate and link (active). Other information can be obtained only via
command line or network management. But in practice there is a status most usually
used: duplex status of port, which cannot be obtained in a direct way. M button solves
this problem by providing an option to switch the display.
There is no change for indicators in hardware except M button and two status indicators
are added. M button status indicator indicates whether the speed indicator on panel port
indicates speed or duplex status. The existing two LED indicators are applied for each
port. Among them link (active) indicator remains the same by indicating link (active)
status. The original speed indicator is used to indicate rate duplex status. Which kind of
status it indicates is decided by M button indicator. Only one M button indicator is light
up at one time. Switching is controlled by M button by implementing switching upon
pressing.
• Expanded slot for power supply is easy to install and disassemble
The modular components such as expanded slot for power supply are configured with
external push-pull handle for easy push-in and pull-out. There is a fastener at the bottom
of each slot. The fastener will fasten the slot when it is installed to prevent slip.
• Training
ZTE MAN network service platform is equipped with a complete set of consistent
powerful network element management system (EMS). Network Management System
(NMS) can quickly deploy new equipment and service to reduce training time and
reduce cost.
7 Networking Application
7.1 SVLAN( Flexible QinQ)

SVLAN of ZXR10 5900E implements the function of providing SPVLAN label based on
traffic. That is to say, it provides users with corresponding SPVLAN label on one
Customer port based on their needs according to different CVLAN label carried by
packets.

By SVLAN, users can implement mapping from QoS of CVLAN label to SPVLAN, to
implement one VLAN per user and sole identification for user, start QinQ on user access
aggregation switch ZXR10 5900E. In this way inner layer and outer layer VLAN are
combined to represent a user. Outer layer VLAN is selected based on inner layer VLAN
or ACL traffic.
7.2 IPTV
Figure 29 IPTV networking application
As one of the key technologies of ZTE IPTV system architecture, controllable multicast is
mainly implemented at broadband access network side. The device implementing
multicast control policy (BRAS, DSLAM or switch) is called multicast controlling point. As
the terminating point of user multicast IGMP request, multicast controlling point decides
whether to duplicate multicast traffic to user port based on corresponding IGMP request
and control policy. The nearer multicast controlling point gets to the user, the more
network bandwidth can be saved. As a key device implementing multicast control policy,
multicast control point needs to support the following features: IGMP V1/V2, IGMP
Snooping, IGMP Filter, IGMP Proxy, IGMP Fastleave, MVR（Multicast Vlan Register）,
SGR（Static Group Register）, UGAC（User Group Access Control）, and UGAR
（User Group Access Record）. User demanding authorities are controlled by rules and
channel binding.
• As shown in Figure 29, multicast controlling point is configured on aggregation

device ZXR10 5900E. It can establish multicast forwarding table items based on
IGMP packets to implement user access control configuration so as to implement
preview, play control of the channel and to implement IPTV demands of the users.

7.3 ZESR
Figure 30 ZESR networking application
Based on EAPS principle of RFC3619 protocol, ZESR（ZTE Ethernet Switch Ring）is

further improved. It checks whether the loop is connected to make sure that there is only
one logically connected path between any two points on the ring. It re-set port status
(block or forward) based on loop changes (connected-blocked; blocked-connected) to
make logic path switch quickly.
• In Figure 31, to enhance the network reliability, ZESR is deployed in the middle of
access/aggregation layer. When a device on the ring fails, forwarding will not be
impacted. The secondary port will be unblocked to implement reverse data
forwarding. At the same time MAC table item is notified to get updated to guarantee
non-interrupted services.
7.4 ZESS
Protecting the uplink links of access/aggregation layer device is a problem that users
keep focusing on. Traditional technologies can only implement dual uplink links
protection of a single device with single point error on uplinking deivce. To meet the
practical networking needs, ZTE develops more advanced ZESS.
The application of ZXR10 5900E in ZESS is shown in Figure 32:

Figure 31 ZESS networking application
ZXR10 5900E suppors ZESS uplink link protection. It can implement single device dual
uplink networking such as ZESS domain4 and ZESS domain5. It can implement square
connection of two devices and the upper layer NPE such as ZESS domain1. It can also
implement crossing connection of two devices and upper layer NPE such as ZESS
domain2 and ZESS domain3.
ZXR10 5900E ZESS supports main/standby and load sharing mode. In main/standby
mode, the standby link doesn’t carry traiif in normal situation. In load balancing mode,
two uplink links can carry part of traffic respectively so as to implement load balancing.
8 Integrated Networking Applications
8.1 MAN Access Layer Solution

As L3 intelligent Ethernet switch, ZXR10 5900E series switches are suitable for the
access layer of MAN working as the communicate switch. In this way, 5900E series
switches connect with users in the access layer, providing rich bandwidth and access
management services. The specific application is as shown in figure 32.

Backbone Layer
Internet
Core Layer
Network and Service

Management
Aggregation Layer
Access
5900E ZXR10 5900E
Layer
ZXR10 5900E DSLAM
Figure 32 MAN Application
8.2 Enterprise Network Solution

Community network requires large capacity, high port density and high bandwidth. 10G-
based ZXR10 5900E series switches are very suitable for community network. They
connect users with the aggregation/access layers, offering various bandwidth and
access management services. The specific application is as shown in figure 33.
Backbone Layer
Internet
Core Layer
Network and
Service Management
Aggregation Layer
5900E 5900E
Access
Layer
DSLAM
Figure 33 Enterprise Network Application

9 Operation and Maintenance
9.1 NetNumen N31 Unified Network Management

Platform
Due to the development of IP network, there are more and more services implemented
by IP network. At the same time, the network ranges larger, and configures harder, plus
user’s higher expectation, the network management becomes more and more difficult.
Only manual management and passive inspection can not meet the requirements of
running the entire system.
Now the maintenance engineer is focusing on how to deploy service swiftly, how to keep
steady network operation, how to predict the operating quality of the network and how to
locate the failure as soon as it happens. Therefore, the active network monitoring,
automatic network failure inspection and recovery, and sound network operation are
urgently required to guarantee maximum network profit.
ZTE giving positive response to the call of the times develops NetNumen N31 unified
network management system. It is an integrated network management system
composed by router, switch and CE, responsible for network element management,
network management and service management. It supports multiple sorts of database,
has graphic interface in different languages for convenient operation. Besides, this
system also provides flexible northbound interface, supporting powerful interconnecting
integration.
9.1.1 Network Management Networking Mode
Between NetNumen N31 NMS and ZXR10 5900E series equipment, inband
management and outband management networking modes can be used.
Inband Management
Inband Management, i.e. instead of requiring an extra DCN, network management

information and service data are delivered in the same channel. NetNumen N31 only has
to connect with its nearby network equipments, and then together with configured SNMP,
it can arrange management.
The advantage of inband management is that flexible networking does not ask for extra
investment. But the network management information takes up service bandwidth, so it
may seriously affect service quality.
Outband Management
Outband management, i.e. the network management information is delivered in service

data independent from service data, so extra DCN is needed. NetNumen N31 network

management system is connected with the outband management interface of ZXR10

5900E, so that network management information and service information can be
delivered independently.
By using outband management, the breakup of the service channel will not prevent the
network management station to do equipment management, so that the transport of
network information becomes more reliable. But the independent network is limited by
the geographic reasons and requires extra investment.
9.1.2 NetNumen N31 Network Management System
NetNumen N31 network management system is an integrated management system

designed by ZTE for its router, switch and CE. It covers network element management,
network management and service management. NetNumen N31 network management
system provides the following services.
• Failure management makes sure steady network operation
In the maintenance of network management, the administrator urgently needs to know

the network operating status to make sure steady network operation. The failure
management of NetNumen N31 is responsible for receiving real-time equipment warning
and network events from all NE, so that it can give audible and visible information to
maintenance staffs; after being comfirmed by maintenance staffs, the collected warning
report will be saved for future statistics and search. Failure management is the most
important and commly used method in user’s network operating maintenance. Via failure
management, user can arrange information search, real-time monitoring, failure filtering,
failure location, failure confirmation, failure deletion, and failure analysis for
ZXR105900E series device. Besides, NetNumen N31 system also provides voice prompt,
graphic warning display, and informs user the failure by sending Email and messages via
warning system, Email system, SMS system, which simplifies user’s daily maintenance.
• Performance management enables complete understanding of network services
The traffic direction, traffic load and network load are the key issues in network
management. The performance management module of NetNumen N31 is mainly
responsible for the performance monitoring and analysis of data entwork and its
equipments. The performance data collected by network element will generate
performance report after a certain processing, so that maintenance and management
departments can get information to guide network engineering, plan, network scheduling
and improve network operating quality. Via performance management, user can
implement load, traffic direction and interface load collection, get timely service quality
report and give prompt evaluations and adjustment on entire network resource
configuration.
• Resource management makes reasonable use of network resource

The resource management realizes the management of physical resource and logical
resource, so it is an inevitable basic system in carrier’s service progress. Also it is the
critical precondition for realizing automatic service intiation and automatic service
guarantee. Via resource management, user via the resource management sytem not
only can get information of the management of the equipment, module, interface and link
in the network, but also can know the operating status of the logical resources, such as,
VLAN resource, L2/L3 VPN resource, and MAC addresses.
• View management makes network operation clear and easy
View management provides unified network topology and multi-view management, which
enables the user to be aware of the network topology and equipment operating running
status in the entire network. At the same time, it provides maintenance interfaces for
network and equipment. User utilizes view management to know the operating status
and warning status of the equipment. And also, it supports fast navigation to other
management systems.
• Configuration management enables fast service deployment
The configuration management implements the configuration of ZXR10 5900E series,

including equipment management, interface management, VLAN management, L2
attribute management, MPLS management, routing protocol management, QoS
management, software upgrade management, and configuration file management; Also
it supports many customer-friendly configuration modes, such as end-to-end
configuration, in-batch configuration, guiding configuration. Besides, it offers default
configuration models to corresponding management.
• Security management protects network from hacking
The security management is mainly responsible for user’s legal network operation. It
implements the management of user, user group and role. By arranging correct
relationships between user, user group and role, it provides administrators with security
control mechanism. Via login Authentication, it prevents illegal users from accessing the
system. By authorized operation, it offers security mechanism to administrator’s secure
operation.
• Northbound interface gives conveniences to integration
Due to the fast development of telecom industry, one carrier nowadays should manage
multiple different network element equipment or professional network management
system. The drawbacks for instance no interaction among different professional network
management systems, complicated management content, and multiple operating
interfaces become more and more obvious. To enhance the integrated network
management level and effect of telecom enterprise, one network management station
can be used to implement all sorts of management and control to the interconnected
networks, so that, the integrated entire network management comes true.

The integrated network management connects with professional network management

via interface. So the professional network management should provide standard open
northbound interface to the integrated network management system, so that, it can
integrate with the integrated network management system rapidly and reliably.
NetNumen N31 supports many types of northbound interface, e.g. CORBA, SNMP, TL1
and FTP.
9.2 Maintenance and Management
9.2.1 Multiple Configuration Modes
ZXR10 5900E series equipment provides multiple equipment login and management
configuration modes, which enables user to choose the optimal way to configuring its
connections. It makes the equipment maintenance easier.
Multiple configuration and management modes:
• Serial interface connection configuration: Serial interface connection configuration

uses VT100 terminal mode. It can use super terminal tool provided by Windows
operating system to complete the configuration; for the bare metal or connectionless
equipment, this method is the only choice;
• Telnet connection configuration: 1. Via the IP address of the management Ethernet

interface telnet （10/100Base-TX）on telnet main control board to configure switch;
2. Configure IP address over VLAN interface and set user name and password. Via
the IP address of telnet VLAN interface, it implements switch configuration; when
user requires remote login, and is able to communicating with equipment, this
connection configuration mode can be used;
• SSH（Secure Shell） protocol connection configuration: Initiate SSH service on

ZXR10 5900E series equipment, connect the VLAN interface IP address or
management Ethernet port IP address via SSH client software to implement more
secure switch configuration. When users require remote login with high demands for
security, this connection configuration can be chosen;
• SNMP connection configuration: The background network server acts as SNMP

server, the front equipment ZXR10 5900E series equipment works as SNMP Client.
The background and front equipment share one MIB to manage the configuration of
ZXR10 5900E series equipment via network management software; This
connection configuration mode enables the user to implement effective
management configuration via network management software.

9.2.2 Monitoring, Controlling and Maintenance
ZXR10 5900E series is capable of multiple ways of equipment policing, management

and maintenance, which enables the equipment to process all sorts of abnormity
correctly, and provide users with all types of parameter in the course of equipment
operation.
• Equipment Monitoring, Controlling:
• There are indicators on power supply module, fan, MSC and all LICs. They show
the operating status of these components;
• The MSC switchover and hot swappable records are kept for future reference;
• When the fan, power supply or temperature goes wrong, the voice warning and
software warning will be generated;
• The system inspects the suitability of software versions during operation

automatically;
• The system operation automatically monitors the module temperature, and provides
temperature control warning and software warning;
• The system monitors the operating status of the software, when abnormity happens,
the LIC will be restarted and MSC switchover will be implemented as well.
• Equipment management and maintenance:
• The command line provides flexible online help;
• Provide hierarchical user authority management and hierarchical commands;
• Support information center, provide unified management of log, alarm and

scheduling information;
• Via CLI, user can check the basic information of all MSC, LIC, and optical modules;
• Provide multiple sorts of information query, including version, component status,

temperature, CPU and memory availability.
9.2.3 Diagnosis and Debugging

ZXR10 5900E series provides multiple sorts of diagnosis and debugging methods,
enabling user to have multiple ways to adjust equipment and get more debugging
information.

• Ping and TraceRoute: by inspecting whether or not the network connection is

reachable and recording the transport path online, maintenance staffs can get link
information for further analysis of failure locating;
• Debugging: rich debug commands are provided for each software feature. Every
debug command supports multiple debugging parameters, so it can be controlled
flexibly. Via debug command, specific information of the progress, packet
processing and error inspection of the service in the course of operation can be
displayed;
• Mirroring image service: it supports interface-based mirroring image, via which the
incoming, outgoing or bidirectional packets are replicated to the observed interface.
9.2.4 Software Upgrad
ZXR10 5900E provides software upgrade modes in both normal and abnormal
conditions.
• Upgrade when the system is abnormal: Provide software upgrade when the
equipment can not be initiated normally. Via modifying boot initation mode, load
new software version from the management Ethernet interface to complete initiation
upgrade;
• Upgrade when the system is normal: Provide local or remote FTP online upgrade
when the equipment is in normal condition.
9.2.5 File System Management
• File system introduction
− In ZXR10 5900E series equipment, the main storage device on MSC is FLASH,
in which software version file and configuration file are saved. So both software
upgrade and configuration storage will have some implementations on FLASH.
FLASH consists of three categories: IMG, CFG and DATA.
− IMG: This category is used to save software version file. Software version file
with the extension name of “.zar” is a particular compressed file. The version
upgrade actually is the change of the software version file in this category.
− CFG: This category is used to save configuration file whose name is

“startrun.dat”;
− DATA: This category is used to save abnormal information of the equipment.

The file name format is “YYYY-MM-DD HH-mm-SS.zte” .
• File system operation

− File backup and recovery: By using FTP/TFTP, the backup of software version
file, configuration file and log of ZXR10 5900E series equipment can be save to
the background server. Or the backup file can be restored from the background
server;
− File import and export: support the import/export of the file, after that,
FTP/TFTP will replicate the file to the background host. The warning file and
configuration file can be imported and exported for upgrade;

10 Abbreviation
Table 25 Abbrebiation
Abbreviation Full Name

EDGE Enhanced Data rates for GSM Evolution
WCDMA Wideband Code Division Multiple Access
CN Core Network
GERAN GSM Edge Radio Access Network
UTRAN UMTS Terrestrial Radio Access Network
MS/UE Mobile Station/User Equipment
BSC Base Station Controller
RNC Radio Network Controller
BTS Base Transceiver Station
CDMA2000 Code Division Multiple Access 2000

WiMAX Worldwide Interoperability for Microwave Access
eEDGE Enhanced EDGE

HSPA+ High Speed Packet Access Plus
GE Gigabit Ethernet
SDH Synchronous Digital Hierarchy

CAPEX CAPital Expenditure
OPEX OPeration Expenditure

RF Radio Frequency
LTE Long Term Evolution
CPRI Common Public Radio Interface
BBU Base Band processing Unit
RRU Remote Radio Unit
FP Frame Protocol
ATM Asynchronous Transfer Mode

DTX Discontinuous transmission

Manual ZTE ZXR10-5900-serie PDF

Uploaded by

Copyright:

Available Formats

Manual ZTE ZXR10-5900-serie PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Manual ZTE ZXR10-5900-serie PDF

Uploaded by

Copyright:

Available Formats

ZXR10 5900E

ZXR10 5900E Product Description

Version Data Author Approved By Remarks

© 2009 ZTE Corporation. All rights reserved.

ZTE Confidential Proprietary © 2009 ZTE Corporation. All rights reserved. I

2 Equipment Highlights ................................................................................................ 2

ZTE Confidential Proprietary © 2009 ZTE Corporation. All rights reserved. II

3.2.30 Multi-VRP CE............................................................................................................. 39

4 System Architecture ................................................................................................ 41

5 Technical Parameters and Specifications ............................................................. 57

6 Analysis of Product TCO ......................................................................................... 63

7 Networking Application ........................................................................................... 64

8 Integrated Networking Applications....................................................................... 67

9 Operation and Maintenance .................................................................................... 69

9.2.5 File System Management .......................................................................................... 74

Figure 1 The Front Panel of ZXR10 5928E ................................................................................ 1

ZTE Confidential Proprietary © 2009 ZTE Corporation. All rights reserved. IV

Table 1 L2 Protocol Standard ................................................................................................... 50

ZTE Confidential Proprietary © 2009 ZTE Corporation. All rights reserved. V

Figure 1 The Front Panel of ZXR10 5928E

Figure 2 The Front Panel of ZXR10 5928E-FI

Figure 3 The Front Panel of ZXR10 5952E

ZTE Confidential Proprietary © 2009 ZTE Corporation. All rights reserved. 1

2.1 Superior Performance and Capacity

2.2 Enhanced Video Service Experience

2.3 Rich Service Platforms

It supports enhanced Ethernet features such as SVLAN/ZESR (ESRP+/ZESS). Together

2.4 Carrier-Class High Reliability

ZTE Confidential Proprietary © 2009 ZTE Corporation. All rights reserved. 2

2.5 Excellent Operation and Maintenance Design

ZTE Confidential Proprietary © 2009 ZTE Corporation. All rights reserved. 3

2.6 Energy Saving and Environment Protection

3.1 Basic Services

3.1.1 MAC Address Management

ZXR10 5900E series realizes the following MAC services:

• MAC Address Fixation

• Port Binding MAC Address

ZTE Confidential Proprietary © 2009 ZTE Corporation. All rights reserved. 4

• Restrict the Number of Port MAC Address

• Port MAC Address Learning Protection

The Filtering of Port Unknown MAC Address

• MAC Address Filtering

ZTE Confidential Proprietary © 2009 ZTE Corporation. All rights reserved. 5

Protocol-based VLAN is flexible, so it is suitable for L3 or network with rich protocols.

Subnet VLAN is implemented in L2 VLAN, realizing data frame forwarding. Subnet

− The planning and management of so many VLAN and IP subnets make

PVLAN（Private VLAN） aims at solving these problems.

ZTE Confidential Proprietary © 2009 ZTE Corporation. All rights reserved. 6

Specific networking application based upon QinQ technology is as shown in figure 4.

ZTE Confidential Proprietary © 2009 ZTE Corporation. All rights reserved. 7

Figure 4 Specific QinQ Networking Application

ZTE Confidential Proprietary © 2009 ZTE Corporation. All rights reserved. 8

Being able to implement coexistence of VLAN transparent transmission and QinQ

SVALN has two major applications in the network:

STP (Spanning Tree Protocol）is built particularly to eliminate network broadcasting

ZTE Confidential Proprietary © 2009 ZTE Corporation. All rights reserved. 9

3.1.5 Link Aggregation

• Totally 32 Trunk groups should be configured. Each Trunk group consist of 8

• Support cross-interface board aggregation. Member port can be distributed on any