ZXCTN 9004 Product Description

Operator Logo

Version Date Author Approved By Remarks

R0 2009-08-21 Wang Ning He Ping Not open to the Third Party

© 2010 ZTE Corporation. All rights reserved. ZTE CONFIDENTIAL: This document contains proprietary information of ZTE and is not to be disclosed or used without the prior written permission of ZTE. Due to update and improvement of ZTE products and technologies, information in this document is subjected to change without notice.

Content

TABLE OF CONTENTS

1 Overview ...... 1

2 Highlights ...... 3

3 Functions and Features ...... 5 3.1.1 Service processing capability ...... 5 3.1.2 Interface type and quantity ...... 6 3.2 Multi-service bearing capability...... 7 3.2.1 TDM emulation ...... 7 3.2.2 ATM Emulation ...... 7 3.2.3 Ethernet Service ...... 8 3.3 L2 functions...... 9 3.3.1 Basic Ethernet Features ...... 9 3.3.2 VLAN and Expanded VLAN Features ...... 11 3.3.3 LACP ...... 14 3.3.4 ACL ...... 14 3.3.5 STP ...... 15 3.3.6 L2 Multicast ...... 17 3.4 L3 Functions ...... 18 3.4.1 IPv4 ...... 18 3.4.2 L3 Multicast ...... 18 3.5 MPLS L2/L3 VPN ...... 20 3.6 QoS ...... 23 3.6.1 Basic QoS Features ...... 23 3.6.2 Ethernet QoS ...... 24 3.6.3 MPLS QoS ...... 24 3.6.4 H-QoS ...... 25 3.7 OAM ...... 26 3.7.1 MPLS OAM ...... 26 3.7.2 T-MPLS OAM ...... 26 3.7.3 Ethernet OAM ...... 27 3.7.4 OAM Mapping ...... 27 3.8 Synchronization ...... 27 3.8.1 Clock Synchronization and Protection ...... 27 3.9 Protection ...... 28 3.9.1 Equipment-level Protection ...... 28 3.9.2 Network-level Protection ...... 29 3.10 Security ...... 36 3.10.1 Equipment Security ...... 36 3.10.2 Network Security ...... 37

4 System Architecture ...... 41 4.1 System Hardware Architecture ...... 41 4.1.1 Overall Hardware Architecture...... 41 4.1.2 Working Principles for Hardware System ...... 44 4.2 Introduction to Hardware Modules ...... 45 4.2.1 Overview ...... 45 4.2.2 MSC ...... 46 4.2.3 Power Suply Module ...... 48 4.2.4 Line Processing Card (LPC) ...... 49 4.3 Software Architecture ...... 52 4.4 Software Platform ...... 53

ZXCTN 9004 Product Description

5 Technical Indexes and Specifications ...... 63 5.1 Physical Indexes ...... 63 5.2 Interface indexes ...... 63 5.3 System Performance Indexes...... 64 5.4 System Functions ...... 65 5.4.1 L2 Features ...... 65 5.4.2 L3 Features ...... 66 5.4.3 MPLS Features ...... 67 5.4.4 QoS Features ...... 68 5.4.5 Service Management ...... 68 5.4.6 Reliability...... 69 5.4.7 Clock Synchronization ...... 69 5.4.8 Tunnel Features ...... 70 5.4.9 Security Features ...... 70 5.4.10 Operation and Maintenance ...... 71

6 Operation and Maintenance ...... 73 6.1 Network Management Platform ...... 73 6.2 Maintenance and Management ...... 73 6.2.1 Monitoring and Maintenance ...... 73 6.2.2 Diagnosis and Debugging ...... 74 6.2.3 Software Upgrade ...... 74

7 Environment Indicators ...... 75 7.1 Power supply ...... 75 7.2 Storage ...... 75 7.2.1 Climate ...... 75 7.2.2 Water-proof ...... 75 7.2.3 Biological environment ...... 76 7.2.4 Air cleanliness ...... 76 7.3 Transportation ...... 77 7.3.1 Climate ...... 77 7.3.2 Water-proof requirements ...... 77 7.3.3 Biological environment ...... 78 7.3.4 Air cleanliness ...... 78 7.4 Operation ...... 78 7.4.1 Climate ...... 78 7.4.2 Biological environment ...... 79 7.4.3 Air cleanliness ...... 79 7.5 Electromagnetic Compatibility ...... 80 7.5.1 Criterion ...... 80 7.5.2 Anti-interference performance ...... 81 7.5.3 Interference features ...... 85 7.6 Environment protection indexes ...... 86

Abbreviations ...... 87

Content

FIGURES

Figure 1 TDMoE Service Emulation Traffic...... 7 Figure 2 VLAN Translation I ...... 13 Figure 3 VLAN Translation II ...... 14 Figure 4 SyncE Synchronization Mode ...... 28 Figure 5 Wrapping protection ...... 31 Figure 6 Steering protection ...... 32 Figure 7 TE FRR local link and node protection ...... 32 Figure 8 ZESS redundancy backup and load balancing ...... 34 Figure 9 ZXCTN 9004 chassis architecture ...... 41 Figure 10 ZXCTN 9004 subrack slot allocation ...... 42 Figure 11 ZXCTN 9004 hardware system architecture...... 45 Figure 12 ZXCTN 9004 main panel ...... 48 Figure 13 he Entire Software Architecture ...... 53

TABLES

Table 1 ZXCTN 9004 service processing capability ...... 5 Table 2 Maximum access capability of ZXCTN 9004 ...... 5 Table 3 Service interface of ZXCTN 9004 ...... 6 Table 4 ZXCTN 9004 accessorial interface type and port quantity ...... 6 Table 5 Network-level protections provided by ZXCTN 9004 ...... 29 Table 6 Available slots for boards of ZXCTN 9004 ...... 42 Table 7 ZXCTN 9004 board types and functions ...... 46 Table 8 ZXCTN 9004 main panel port types and quantity ...... 48 Table 9 Fixed Interface Line Processing Card ...... 50 Table 10 Sub-card ...... 51 Table 11 L2 Protocol standards ...... 54 Table 12 TCP/IP protocol standards ...... 55 Table 13 RIP protocol standards ...... 55 Table 14 OSPF protocol standards ...... 55 Table 15 BGP protocol standards ...... 56 Table 16 ISIS standards ...... 56 Table 17 VRRP standards ...... 57 Table 18 LDP standards ...... 57 Table 19 IPV6 standards ...... 57 Table 20 Multicast standards ...... 58 Table 21 MPLS standards ...... 58 Table 22 RSVP-TE standards ...... 58 Table 23 Differentiated Services standards ...... 58 Table 24 PPP standards ...... 58 Table 25 ATM standards ...... 59 Table 26 DHCP standards ...... 59

ZXCTN 9004 Product Description

Table 27 VPLS standards ...... 59 Table 28 PW standards ...... 59 Table 29 NM standards ...... 60 Table 30 Physical Indexes ...... 63 Table 31 Interface indexes ...... 63 Table 32 System performance indexes ...... 64 Table 33 L2 features ...... 65 Table 34 L3 features ...... 66 Table 35 MPLS features ...... 67 Table 36 QOS features ...... 68 Table 37 Service Management ...... 68 Table 38 Reliability ...... 69 Table 39 Clock Synchronization ...... 69 Table 40 Tunnel features ...... 70 Table 41 Security features ...... 70 Table 42 Operation and Maintenance ...... 71 Table 43 Input voltage fluctuation and power consumption ...... 75 Table 44 Climate requirements (storage environment) ...... 75 Table 45 Requirements of mechanical active material density (storage environment) ...... 76 Table 46 Requirements of chemical active material density (storage environment) ...... 76 Table 47 Climate (transportation environment) ...... 77 Table 48 Requirements of mechanical active material density (transportation environment) .... 78 Table 49 Requirements of chemical active material density (transportation environment) ...... 78 Table 50 Temperature and humidity requirements (operation environment) ...... 78 Table 51 Other climate requirements (operation environment) ...... 79 Table 52 Requirements of mechanical active material density (operation environment) ...... 79 Table 53 Requirements of chemical active material density (operation environment) ...... 80 Table 54 Description of principles used to distinguish test results ...... 80 Table 55 Electro-Static Discharge performance ...... 81 Table 56 Radiated Susceptibility performance ...... 81 Table 57 DC power supply port immunity performance ...... 82 Table 58 AC power supply port immunity performance ...... 82 Table 59 Signal cable and control cable port immunity performance ...... 82 Table 60 DC power supply lightning surge immunity performance ...... 82 Table 61 AC power supply lightning surge immunity performance ...... 83 Table 62 Outdoor signal cable surge immunity performance ...... 83 Table 63 Signal cable (more than 10m) surge immunity performance ...... 83 Table 64 Conducted Susceptibility performance ...... 83 Table 65 AC power supply port voltage dips and short interruptions immunity performance .... 84 Table 66 DC power supply port voltage dips and short interruptions immunity performance .... 84 Table 67 AC power supply port voltage ripple and flicker performance ...... 85 Table 68 DC/AC power supply port conducted emission performance ...... 85 Table 69 Ethernet/E1 signal port conducted emission performance ...... 85 Table 70 Radiation field intensity performance ...... 85

ZXCTN 9004 Product Description

1 Overview

ZXCTN series are new-generation IP transport platforms (IPTN) promoted by ZTE to keep with the development trend of IP telecommunication services. With packet as kernel, they implement multi-service bearing and provide customers with Mobile Backhaul and FMC end-to-end solution. They help customers to reduce CAPEX and OPEX, and assist carriers to realize smooth network evolvement.

ZXCTN 6100/6200/6300 mainly locates at access/aggregation layer. Designed with a full-packet kernel, integrated switching and modular design philosophy, it is highly integrated with small size.

ZXCTN 9004/9008 mainly locates at aggregation/core layer. Facing the complicated and uncertain service network bearing demands, it integrates the advantages of packet and transmission technologies.Adopting the system architecture with packet switching as kernel, it integrates various IP/MPLS services and standardized services. Integrating adaptive interfaces, synchronized clock and carrier-class OAM and protection for multi- service, it implements Ethernet, ATM, and TDM carrier-class service processing and transmission.

ZXCTN series products cover five models: ZXCTN 6100, ZXCTN 6200, ZXCTN 6300, ZXCTN 9004, and ZXCTN 9008.

With racks of 9U height, ZXCTN 9004 is positioned at aggregation layer. Adopting advanced distributed and modular architecture design, it supports large-capacity switching matrix.

Application scenarios for this series are shown as follows: Mobile Backhaul, large customer access, and VPN services.

ZXCTN 9004 Product Description

2 Highlights

• Integrated multi-service bearing platform satisfies full-service development demands.

Based on full-packet architecture, ZXCTN 9004 adopts PWE3 emulation which is compatible with TDM, ATM, and FR. It supports highly efficient MPLS/T-MPLS (MPLS-TP) tunnel technologies and L2/L3 VPN, completely meets full-service development demands and reduces network TCO.

ZXCTN 9004 also supports rich high-density interfaces including TDM E1/ATM E1/STM-1/STM-4/STM-16/STM-64/FE/GE/10GE. It supports flexible sub-card configuration.

• Leading timed processing capability satisfies highly precise synchronization demand.

Integrating technical advantages of G.8261 and 1588V2, ZTE proposes the leading “time synchronization Ethernet” solution. It effectively control packet transmission rate and reduces convergence time. Implementing precise time-stamp insert and extract based on hardware, it effectively improves time synchronization precision. ZXCTN 9004 supports boundary clock, flexible configuration of transparent transmission clock, outband 1PPS+TOD interface and inband Ethernet synchronized interface to satisfy the network demands in the long-term evolvement. Adopting SSM and BMC, it implements automatic protection and switching of clock and time link to guarantee reliable transmission of synchronization.

• Complete end-to-end QoS solution provides refined differentiated services.

ZXCTN 9004 provides end-to-end QoS management which can fully meet different requirements of different services on delay, jitter, and bandwidth. It supports Diff- Serv based QoS scheduling. It implements traffic classification and marking based on port, VLAN, 802.1p, DSCP/TOS, MAC, and IP address. It supports service traffic monitoring, queue scheduling, congestion control and traffic shaping. Implementing bandwidth control of user-level multi-service, it truly realizes service access SLA and provides guarantee for carriers’ refined operation.

• Powerful hierarchical OAM improves network availability

ZXCTN 9004 completely supports T-MPLS (MPLS-TP), MPLS and Ethernet OAM. Based on hardware hierarchical monitoring, it implements fast fault detection and location, performance monitoring, and end-to-end service management. It supports continuous OAM and OAM-on-demand to guarantee carrier-class service quality of service in packet transmission network. Based on various granularities such as physical port, logic link, tunnel, and pseudo-wire, hierarchical OAM makes more transparent network operation & maintenance and easier operation management.

• Multiple reliability mechanisms guarantee network security.

ZXCTN 9004 is equipped with complete equipment-level protection, network-level protection and network edge-level protection. Equipment-level protection provides

2 Highlights

1+1 hot backup for critical boards such as clock, power supply and MSC; supports components hot-swapping; and improves recovery capability and flexible failure processing capacity in disaster. Network-level protection supports multiple ways to provide hierarchical and segmental LSP and sub-net connection protection, connection-oriented ring protection and VRRP, ZESR etc. it provides multiple choices for complicated full-service application scenarios to guarantee 50ms fast switching. Network edge-level protection supports multiple protections of LAG and IMA with the reliability of carrier-class 99.999%.

ZXCTN 9004 is equipped with rich security features and anti-attack features. It supports wire-speed forwarding, packet detection and traffic differentiation capacity with tens of thousands ACL configuration. It supports CPU protection and protocol packet rate limit, routing authentication, DDoS attack detection, and hierarchical network management to completely prevent risks of network attack.

• Open technical platform supports high-speed development of service network.

ZXCTN 9004 adopts open technical platform which is compatible with traditional transmission and data network to support smooth evolvement solution of network. Inter-operation between it and traditional SDH/MSTP is supported. The software flexibly suits the development of multiple standards (T-MPLS(MPLS-TP), IP/MPLS, and Ethernet ring) and reduces technology selection risks. With its hardware adopting advanced distributed and modular system architecture and design philosophy, it reserves enough expanded bandwidth thus provides long-term support for network evolvement.

• Unified network management system simplifies operation and maintenance.

ZXCTN 9004 adopts ZTE unified network management platform NetNumen T3, together with SDH/MSTP, ASON, WDM, and OTN to implement integrated management. It supports static and dynamic configuration of service connection to implement end-to-end path creation and management. It provides powerful QoS, OAM management, realtime alarm and performance monitoring. Being easy to operate and maintain, its network element management and friendly interface conforms to the requirement of traditional transmission network, making the packet network the manageable and easy to maintain.

• Green product, green operation and maintenance

ZXCTN 9004 adopts APC automatic power consumption control, CAN bus for global intelligent monitoring and intelligent system for dynamic power consumption adjustment. It also supports fans with infinitely variable speed, port-based automatic power consumption adjustment, and realizes minimum energy consumption of each port. Together with its other advantages such as small size, light weight, and large capacity, ZXCTN 9004 can efficiently help carriers to save energy and allow simpler deployment environment.

ZXCTN 9004 Product Description

3 Functions and Features

3.1.1 Service processing capability

ZXCTN 9004 service processing capability includes switching capacity and service access capability.

3.1.1.1 Switching capability

ZXCTN 9004 supports packet-core service switching. Its service processing capability is shown in Table 1 .

Table 1 ZXCTN 9004 service processing capability

Description Attribute 9004 Backplane bandwidth 1.26Tbps Basic performance Switching capacity 800Gbps Packet forwarding rate 238Mpps

3.1.1.2 Maximum access capability

ZXCTN 9004 can have services accessed via various interfaces. ZXCTN 9004 service interface type and port quantity are shown in Table 2 .

Table 2 Maximum access capability of ZXCTN 9004

Board port Port density for Service (payload) Interface Interface type density the whole set type 10GE(Optical) 4 16 IP GE(Optical) 48 192 IP Ethernet GE(Electrical) 48 192 IP FE(Optical) 48 192 IP FE(Electrical) 48 192 IP Ch. STM-1 16 64 TDM

STM-N POS STM-64 2 8 IP POS STM-16 8 32 IP POS STM-4 16 64 IP

3 Functions and Features

Board port Port density for Service (payload) Interface Interface type density the whole set type

POS STM-1 16 64 IP

3.1.2 Interface type and quantity

ZXCTN 9004 supports multiple types of interfaces as shown inTable 3 .

Table 3 Service interface of ZXCTN 9004

Interface type Description Electrical interface: 10/100BASE-T RJ45 interface FE interface Optical interface: 100BASE-X SFP interface Electrical interface: 10/100/1000BASE-T RJ45 interface GE interface Optical interface: 100/1000BASE-X SFP interface 10GE interface Optical interface: 10GBASE XFP interface STM-1 optical interface: OC-3c POS interface STM-4 optical interface: OC-12c POS interface POS interface STM-16 optical interface: OC-48c POS interface STM-64 optical interface: OC-192c POS interface Channelized STM-1 optical interface: OC-3 CPOS Channelized POS optical interface interface Channelized STM-4 optical interface: OC-12 CPOS optical interface OC-3c ATM interface ATM interface OC-12c ATM interface E1/T1 interface E1/T1 interface

ZXCTN 9004 management and accessorial interfaces cover network management interface, clock interface and alarm interface as shown in Table 4 .

Table 4 ZXCTN 9004 accessorial interface type and port quantity

Interface type Description Quantity Console interface 1 Management AUX interface 1 interface MGT interface 1 Accessorial SD slot 1 interface USB interface 1 GPS clock GPS clock access 1 interface

ZXCTN 9004 Product Description

Interface type Description Quantity BITS clock BITS clock input and output 2 interface

3.2 Multi-service bearing capability

ZXCTN 9004 connects with PSTN, Frame Relay and ATM networks respectively by E1/T1 cables. PW tunnel is established between devices to implement transmission of services crossing MAN packet networks.

3.2.1 TDM emulation

TDMoE refers to circuit emulation on Ethernet which realizes the delivery of TDM service such as E1/T1, E3/DS3 or STM-1 on Ethernet. With the help of a “Tunnel” built on the Ethernet (as shown in Figure 1), TDM traffic slots which is changed into packets are transparently transferred via PW built by PWE3(Pseudo Wire Emulation Edge-to- Edge)technology to the destination. The traffic packets will be resumed to the original TDM traffic after it arrives at the destination. TDM equipment at both ends of the network does not care about its connecting networks.

TDM over Ethernet and MPLS network are a kind of transparent transmission to TDM service, so it is well compatible with traditional telecomm network. In other words, all the traditional protocols, signaling, data , voice and video service can use this new technology; in addition, without changing any existing network, carriers can make full use of the existing resource to implement tradition TDM service on Ethernet or MPLS network.

Currently, ZXCTN 9004 supports CESoPSN(Circuit Emulation Services over PSN)protocol to realize channelized (structured)-mode TDM service transmission. It also supports SAToP(Structure-Agnostic TDM over PSN)to implement non-channelized TDM service delivery.

Figure 1 TDMoE Service Emulation Traffic

3.2.2 ATM Emulation

ZXCTN 9004 obtains IMA E1 signal via different UNI ports. It extracts ATM cells from signal, encapsulates cells into pseudo-wire packets, puts their mapping to tunnel, and sends them to destination network element via PTN network. At the receiving site, ATM cells are resumed from the received pseudo-wire packets. ATM frames are reassembled and sent to the user’s port so as to complete ATM service emulation.

3 Functions and Features

3.2.3 Ethernet Service

As carrier-class Ethernet aggregation equipment, ZXCTN 9004 supports MPLS-TP by which it can flexibly implement multiple connections such as E-LINE, E-LAN and E- TREE; realize secure flexible deployment of multiple network branches; and provides corresponding traffic monitoring, QoS, OAM and protection based on specific situation.

ZXCTN 9004 supports 16K E-LAN/E-LINE service with its capacity and performance being able to be expanded in the future possibly so as to improve the efficiency of network infrastructure deployment.

In carriers’ Ethernet, data is transmitted based on El-LINE, E-LAN and E-TREE attributes by defining EVCs Ethernet virtual connection via point-to-point and point-to- multipoint.

3.2.3.1 E-Line Service

E-Line not only provides similar frame relay and ATM lease line service, but also displays better cost saving and usability. E-Line provides EPL (Ethernet Private Line) and EVPL (Ethernet Virtual Private Line). EPL has two service access points and delivers user Ethernet MAC frames via point-to-point transparent transmission. Each EPL service is carried by private tunnel. Different EPL services don’t share NNI port, pseudo-wire, tunnel or link bandwidth. Thus EPL service has exactly the same bandwidth guarantee and security performance with SDH. Since it adopts point-to-point delivery, it has no need for L2 switching or MAC address learning.

The essential difference between EVPL and EPL lies in the fact that different users need to share link bandwidth. Therefore, VLAN ID or other mechanisms are necessary here to distinguish data from different users. To provide different QoS for different users, corresponding QoS must be adopted. EVPL is also point-to-point service.

ZXCTN 9004 supports the following point-to-point services. Point-to-point service can easily provide major VPWS (Virtual Private Wire Service) of VPN, supports user connection by multiple technologies in the existing network to keep the connection features between network providers and users. Services are transmitted in IP backbone network of network provider after they are encapsulated.

3.2.3.2 E-LAN Service

E-LAN provides EPLAN (Ethernet Private LAN) and EVPLAN (Ethernet Virtual Private LAN). EPLAN is point-to-multipoint Ethernet service. Users don’t need to share link bandwidth so that bandwidth and user isolation is strictly guaranteed. There’s no need to adopt other QoS or security mechanisms. With multiple nodes, data needs to be forwarded based on MAC address with MAC address learning and L2 switching capability.

From the perspective of user, EVPLAN makes carriers’ network looks like a LAN. The essential difference from a LAN is that EVPLAN users need to share link bandwidth. EVPLAN has particular bandwidth, protection and availability attributes, and MAC address learning and data forwarding capacity as well.

ZXCTN 9004 supports VPLS (Virtual Private LAN Service), by which it can establish multiple sites to connect VPN in a single bridging domain in IP/MPLS network managed

ZXCTN 9004 Product Description

by carriers. It supports automatic topology discovery to automatically maintain VPN site information and provide easy MPLS L2 VPN solution.

ZXCTN 9004 also supports hierarchical VPLS solution, which divides all connections in the whole network into different levels. Devices in different levels are connected via QinQ or LSP, so that resource consumption of the network and the equipment is reduced.

3.2.3.3 E-Tree Service

E-Tree provides EPTREE (Ethernet Private Tree) and EVPTREE (Ethernet Virtual Private Tree) access. It’s mainly applied in point-to-multipoint topology such as video-on- demand, Internet access and triple-play.

EPTREE is point-to-multipoint service. Service is connected between two or more points. In the topology multiple point-to-point connections are aggregated to an Ethernet physical interface of a central node. The central node is a root node and the others are leaf nodes. Leaf nodes can only communicate with root node. They cannot communicate with each other. Services of each EPTREE user are carried by a private leaf node. Different users don’t need to share link bandwidth. To provide different QoS to different users, corresponding QoS mechanism has to be adopted. Since services are transmitted in a point-to-point way, L2 switching and MAC address learning capability are unnecessary.

The essential difference from EPTREE lies in the fact that EVPTREE users need to share port bandwidth of leaf nodes. Thus VLAN ID or other mechanisms are necessary to distinguish data from different users. To provide different QoS to different users, corresponding QoS mechanism has to be adopted. EVPTREE is also point-to-multipoint service.

3.3 L2 functions

3.3.1 Basic Ethernet Features

3.3.1.1 Broadcast Storm Suppression

When unknown unicast, multicast and broadcast packets in the network reach to a particular quantity, network latency, congestion or even failure may occur. That is the terrible disaster caused by broadcast storm. Broadcast storm suppression service implemented in the network becomes an effective way to solve this issue.

ZXCTN 9004 supports fine planning of broadcast storm and provides bandwidth proportion and specific bandwidth control mode. It suppresses broadcast storm by setting threshold of broadcast traffic under port. If unknown unicast, multicast and broadcast traffic overtops the pre-set threshold, the overtopped traffic is discarded to control the unknown unicast, multicast and broadcast packets in a normal range; so as to guarantee the normal operation of the services in the whole network.

3 Functions and Features

3.3.1.2 Port Traffic Control

If the speed of the traffic forwarded via a port of the network device overtops the packet speed limits of this port, congestions may occur at this port. Due to inadequate storage space, some packets will be discarded, and the same packets will be sent repeatedly because network equipment goes timeout, which causes vicious circles and terrible wastes of network bandwidth.

In simplex mode, ZXCTN 9004 supports reverse traffic control. In duplex mode, ZXCTN 9004 conforms to IEEE802.3x protocol. When the reception buffer is full, the port will send a “Pause” packet. The remote sender pauses or stops packet sending when it receives “Pause” packet.

3.3.1.3 Line Diagnosis

ZXCTN 9004 supports line diagnosis. By inspecting the status of each twisted pair cable, it confirms the states of the lines. If the lines work well, it will output the length of them. If the lines break down, it will output the location of the failed lines and reckon out whether there’s physical failure immediately. This actually gives great convenience to network management and maintenance.

3.3.1.4 Port Mirroring

Port mirroring service of ZXCTN 9004 actually replicates the traffic from one or multiple ports (port is mirrored) to a specific port (port for monitoring) so that monitoring port can get these traffic and the professional network analyzer or program linking to the monitoring port can easily give network traffic analysis and failure diagnosis. ZXCTN 9004 supports 64-port incoming traffic mirroring and 12-port outgoing traffic mirroring at most. It also supports cross service board port mirroring to put incoming and outgoing data at different ports of service boards to the same port, which effectively reduces mirroring monitoring ports.

3.3.1.5 MAC Security

Currently, a security mechanism to work against MAC address attack is an important issue to solve. This kind of attack not only damages network security, but also dramatically reduces forwarding performance of the equipment. To avoid such MAC attack, ZXCTN 9004 introduces the following MAC address management technologies:

• MAC address binding: Bind the specific MAC address to the port of switch and stop dynamic MAC address learning. This method fixes user’s physical location and protects important MAC address. By the way, MAC address and IP address can be bound to switch port;

• MAC address filtering: The switch will discard the packet when its destination or source MAC address matching with a given MAC address to filter out some illegal users.

• MAC address restrictions: Restrict the number of MAC address of some port or VLANs. So MAC number of some ports or VLANs can be controlled, which

ZXCTN 9004 Product Description

effectively avoids resource exhaustion after encountering DoS attack and prevents attack against MAC address table.

• MAC address fixation: To a stable network, freezing MAC address of some important physical ports, such as uplink port can prevent network failure brought about by key MAC address spoofing;

• MAC address learning protection: When the switch find the MAC address learning of a port is aberrant, it will protect MAC address learning of this port for a period of time. Once the port is in protection mode, it will not implement new MAC address learning continuously; when protection is due, the port will start MAC address learning again.

3.3.2 VLAN and Expanded VLAN Features

ZXCTN 9004 is capable of basic switching functions of both L2 and L3. The traffic forwarding implemented in data link layer supports IEEE802.1Q standard and realizes the classification of virtual work groups.

ZXCTN 9004 supports port-based VLAN division and provides various types of interface based on whether the packets sent and received at the interface are encapsulated with VLAN Tag. ZXCTN 9004 provides Access interface to connect user host, provides Trunk interface to connect other ZXCTN equipment, and provides Hybrid interface to connect user host, other ZXCTN equipment or Ethernet switch. ZXCTN 9004 devices connected by Trunk interfaces form VLAN Trunk connections, which can carry data flows of multiple VLANs, so as to implement VLAN interconnection in the whole MAN.

In 802.1Q protocol, VLAN ID identifies with 12 bits. This restricts VLANs within 4096 and restricts application scale. To expand VLAN ID address space and improve security, ZXCTN 9004 expands VLAN based on IEEE802.Q. It supports QinQ, PVLAN and VLAN translation.

3.3.2.1 QinQ

QinQ, also called VLAN stacking, encapsulates users’ private network VLAN tag into public network VLAN tag. It makes users’ data packet be delivered in carriers’ MAN backbone network with two layers of tags. Backbone equipment transmits packets based on public network tag and private network tag or inner layer tag is concealed. Double tag encapsulation greatly expands VALN space in MAN.

ZXCTN 9004 supports two types of QinQ encapsulation: port-based QinQ and flexible QinQ (also named SVLAN). Port-based QinQ tags a designated outer layer tag to all messages coming in a port. As for flexible QinQ, outer layer tag can be flexibly added based on the port accessing packets, inner layer VLAN ID, or five-tuple.

Flexible QinQ can choose different transport paths for different private network, realizing service differentiation and making the service deployment much easier. For example:

• Traffic differentiation based upon different VLAN ID sections: when one user’s different services use different VLAN IDs, the traffic can be differentiated according to different VALN ID sections, for example, the VLAN ID range for PC network

3 Functions and Features

surfing is 101~200, for IPTV is 201~300 and for large customer is 301~400, after receiving user information, user-oriented device according to different VLAN ID ranges gives different outer VLANs, i.e. IPTV is tagged with outer label 300 and large customer with outer label 500.

• Traffic differentiation based upon VLAN ID+Priority in the message: Different services have different priorities. When different services of one user use the same VLAN ID, they can be differentiated via different priorities of the services, and then tagged with different outer labels.

• Implement QinQ encapsulation based on destination IP: when one PC consists of both Internet service and voice service, different services have different destination IP. So ACL can be used to distinguish destination IP and tag different outer labels.

• Implement QinQ encapsulation based on ETYPE: when one user has both PPPoE Internet service and IPoE IPTV service, it can differentiate traffic according to ETYPE. The protocol number of IPoE is 0x0800 and PPPoE protocol number is 0x8863/8864, so that Internet service and IPTV service can be tagged with different outer labels.

In addition, for ETPYE value of QinQ message, ZXCTN 9004 defaults 0x8100. It also supports port-based QinQ ETYPE value configuration to guarantee interconnection between devices from different vendors.

ZXCTN 9004 supports both VLAN-based L3 interface and QinQ-based L3 interface, implementing QinQ termination of protocol message and enhancing service scalability.

3.3.2.2 PVLAN

The classification of VLAN enables the isolation of user service data on data link layer. Although it makes the visit of network safer it will cause a great waste of VLAN resource if exclusive VLAN is distributed to each subscriber.

ZXCTN 9004 series supports PVLAN service. It brings in different types of port in one VLAN: Isolate Port connecting subscriber and Promiscuous Port uplinking router or public server. The traffic can be forwarded from the isolate port to the promiscuous port, but bidirectional communication between these two ports can not work. In this way, different ports of the same VLAN are isolated, and user can only communicate with his default network gateway or public server, which gives more security guarantee to the network. Also, for L2 user isolation, instead of one VLAN ID per subscriber, only one VLAN ID is required for all. So by saving the precious VLAN ID resource, PVLAN service on one hand keeps the network secure, on the other hand it makes the network extensible.

3.3.2.3 VLAN Translation

In PUPSPV (Per User, Per Service, Per VLAN) network deployment, acting as the aggregation device in the network, ZXCTN 9004 should distinguish its downlinking users in order to realize traffic aggregation and delivery. In VLAN-based Ethernet architecture, dual labels can be a solution where inner label is used to identify service, and outer label

ZXCTN 9004 Product Description

is used to mark user. Basically, this method will bring in more traffic because another label should be added before traffic goes uplink, and the upper network devices need to terminate those messages with dual labels. To keep the existing message label stacking, and to enable the aggregation equipment to identify the downlinking users, ZXCTN 9004 introduces VLAN translation service. After initiating 1:1 VLAN translation, ZXCTN 9004 allows the lower edge Ethernet switches accessing from different edges to use overlapping VLAN ID, and VLAN translation service of ZXCTN 9004 can change the overlapping VLAN ID to different VLAN IDs, and send them out from uplink ports, so that as Figure 2 shows, users can be isolated by ZXCTN 9004 and the configuration of edge access switches can be easier. Also, ZXCTN 9004 is capable of implementing VLAN aggregation as per service, i.e. the same services sent by different users’ multiple VLANs adopt the same VLAN in delivery, which is called N:1 VLAN translation.

Figure 2 VLAN Translation I

VLAN Translation ZXCTN 9000

S1 S2

vlan1vlan2vlan3 vlan1 vlan2 vlan3

In addition, ZXCTN 9004 also supports 1:2 and 2:2 VLAN translation to help different carriers to configure cross-domain VPN users’ private VLAN ID independently. As Figure 3 shows, two stations of VPN1 user should be interconnected over two carriers SP1 and SP2. The private VLAN IDs distributed by SP1 and SP2 to two stations are 10 and 30 respectively. When VLAN10 user message accesses SP1 network, it will be tagged with another layer of label numbered 100 that SP1 distributes to VPN1 to form a 2-layer label VLAN, which is called 1:2 translation. In doing so, traffic can be delivered in SP1 network, and goes to SP2 network via device B and C. The label SP2 distributes to VPN1 is numbered 200, so the outer label of VPN1 should be changed from 100 to 200. At the same time, to interconnect with the VLAN30 station of VPN1, the inner label 10 will be changed to 30. In other word, two layers of label are changed on device C, which is called 2:2 VLAN translation.

3 Functions and Features

Figure 3 VLAN Translation II

SP1 SP2

A vlan 10/100 B vlan 10/100CD vlan 30/200

ZXCTN 9000 ZXCTN 9000 ZXCTN 9000 ZXCTN 9000

vlan 10 vlan 30

VPN 1 VPN 1

With no need of support from protocol message, VLAN translation can be realized on ZXCTN 9004 simply by static configuration. ZXCTN 9004 can support 1024 pieces of VLAN translation.

3.3.3 LACP

ZXCTN 9004 supports link aggregation to bind a group of physical interfaces. So logically it seems links are bound together to enhance bandwidth and reliability. It allows bandwidth of the peer physical links between switches or between the switch and the server getting multiple times bigger. In conclusion, link aggregation is really a very important technology in enlarging link bandwidth, creating link transport elasticity and redundancy. At the same time, link protection mechanism also provides sound protection. When some links in a group of the aggregated link break down, the communications can be switched over to normal links swiftly, which ensures the consistency of the service transmission. When the failures are healed, the traffic will be reallocated to make sure the traffic load sharing among all aggregated ports.

ZXCTN 9004 not only supports static link aggregation manual load sharing, but also implements IEEE 802.3ad-defined LACP. It supports FE, GE, 10G port link aggregation, load balancing based upon MAC, VLAN and IP. Also it supports cross-card link aggregation.

3.3.4 ACL

ACL (Access Control List): As a series of rules for traffic matching and processing, it is generated by network device for traffic filtering and differentiation. ACL can identify and control traffics in the network. After identifying the particular object, it will process the traffic according to the preset policy (allow or forbidden traffic passing).

The initiation of ACL over port can filter streams. One piece of ACL contains one or more than one rules for particular sorts of stream. ACL can be bound to both the incoming and outgoing streams to discard or forwarding the traffics after comparing them to ACL rules.

According to the ACL rules made for packet matching, the traffic differentiation can also be used in other necessary occasions, i.e. make rules for traffic differentiation in QoS and policy routing.

ZXCTN 9004 Product Description

ZXCTN 9004 provides the flowing types of ACL:

• Basic ACL: only match source IP address

• Extended ACL: match source IP address, destination IP address, IP protocol type, TCP source port number, TCP destination port number, UDP source port number, UDP destination port number, ICMP type, ICMP Code, DSCP (DiffServ Code Point), ToS, and Precedence.

• L2 ACL: match source MAC address, destination MAC address, source VLAN ID, L2 Ethernet protocol type, and 802.1 precedence.

• Hybrid ACL: match source MAC address, destination MAC address, source VLAN ID, source IP address, destination IP address, TCP source port number, TCP destination port number, UDP source port number, and UDP destination port number.

In addition, ACL rules can be made by referring to time section as well to fit the flexible implementation of ACL service.

3.3.5 STP

3.3.5.1 STP

STP(Spanning Tree Protocol), a L2 management protocol, follows IEEE 802.1d standard. By selectively blocking network redundant links, STP generates spanning trees to eliminate network L2 loop. At the same time it provides the network with redundant links.

3.3.5.2 RSTP

RSTP (Rapid Spanning Tree Protocol) is the upgraded version of STP, following IEEE 802.1w standard. RSTP provides fast port switchover mechanism, which shortens the network convergence time.

But RSTP also has some weaknesses:

• There is only one spanning tree in the entire switching network, so the convergence is still slow when the network is big. And network topology change also has great impact.

• IEEE 802.1q standard protocol connects switches. In the case of symmetry connection (The interconnecting interfaces of switches have the same Trunk VLAN), single spanning tree will not affect the traffic processing between switches. But in the condition of asymmetry situation, the connecting port of the switch will be blocked by RSTP protocol, which will stop the interoperation and cause huge waste in bandwidth.

3 Functions and Features

3.3.5.3 MSTP

MSTP (Multiple-instance Spanning Tree Protocol) is developed on the basis of STP/RSTP, following IEEE 802.1s standard. MSTP splits switching network into multiple areas, and implements multiple spanning tree instances in each area. VLAN is mapped to spanning tree instance in M:1 mode (bind multiple VLANs to one instance), which enables each VALN to be shaped to one tree-mode network to get rid of loop.

The advantages of MSTP are:

• The spanning tree in single VLAN features fast convergence;

• As MSTP builds spanning tree by VLAN, it will not block the interconnecting interfaces between switches, therefore, the traffic load is shared;

• M:1 translation reduces the consumption of switch resources;

• MSTP is compatible with STP/RSTP, which makes network deployment easier.

3.3.5.4 Protocol Protection Mechanisms

As STP does not have authentication mechanism, it can not implement authentication and limitation to new switches and its BPUD message. It may easily cause topology oscillation, and damages the network. If network attacks take advantage of this weakness, the service capability of this network will become poor.

To keep a stable L2 switching network topology, ZXCTN 9004 uses BPDU, Root and Loop Protection mechanisms.

• BPDU protection

BPDU protection of ZXCTN 9004 enhances the management of the network at the edge of spanning tree domain, which keeps the network stable. As soon as the port initiating BPDU protection receives BPDU protocol packet, it will be set to “down” status, which prevents network topology oscillation. The edge port of the switch directly interconnecting with PC is recommended to use BPDU protection.

• Root protection

Root protection of ZXCTN 9004 is designed to prevent other switches from replacing the root switch. Root protection service is normally configured over a designated port. If the port with root protection service receives BPDU message with higher priority than the one of the root switch, this port will turn into Root protection status. At this moment, this BPDU message can not be forwarded via this port, which will directly consolidate the state of the original root switch, and avoid network topology oscillation.

• Loop Protection

When the root port and the designated port of the switch with a blocking port in the redundant link do not receive BPDU due to overtime error, blocking port will wrongly

ZXCTN 9004 Product Description

turn to forwarding status and loop may occur. ZXCTN 9004 loop protection mechanism is designed to avoid the above situation.

Loop protection provides extra protection for the network. When root port doesn’t receive BPDU message from upstream, if Blocking port receives BPDU message, it will become root port and enter forwarding status. If Blocking port doesn’t receive BPDU message, loop protection will take effect. The corresponding port will keep Blocking status to avoid the generation of loop.

3.3.6 L2 Multicast

In network operation, when multicast message is forwarded by the router, it will be delivered to multicast user by Ethernet switch. The traditional switch broadcasts the message, which not only wastes a lot of network bandwidth, but also arouses broadcasting storm and affects normal services. So L2 multicast should be implemented on the switch as soon as possible to maintain multicast group dynamically according to multicast user add-in and leave-off information.

For L2 multicast technology, ZXCTN 9004 supports IGMP Snooping technology, realizing the efficient management of multicast group member, and the suppression of multicast flood in L2 network to prevent network multicast traffic being received by unauthorized users.

IGMP Snooping is L2 multicast control standard protocol. It manages and controls multicast group, maintains the corresponding relationship between multicast address and VLAN table by inspecting and analyzing the IGMP message used for communication between the host and L3 multicast.

After initiating IGMP Snooping services, ZXCTN 9004 will make different processing according to different IGMP or MLD message it senses:

When receiving IGMP common group query message, the switch will forward the message from all its VLAN ports except the port used for receiving message. Besides, it will reset the aging timer of the receiving port, or add the receiving message to router port list and initiate its aging timer;

When receiving message on IGMP member relationship, the switch will forward it via all router ports in VLAN. The multicast group address that the host will join in will be resolved from this message. By the way, it will reset the aging timer of the receiving port, or add it to the egress port list as a dynamic member port and initiate its aging timer;

When the switch receives IGMP leave-off message from a dynamic member port, it will find out if the corresponding forwarding table entry of the leaving multicast group exists, and check if this receiving port is in the egress port list of the corresponding forwarding table entry of this multicast group or not. Then the message will be discarded or forwarded according to the port status.

3 Functions and Features

3.4 L3 Functions

3.4.1 IPv4

In the scenario of implementing ZXCTN 9004, users should be capable of both L2 switching and L3 route forwarding function. At the same time, popular technology MPLS L2/L3 VPN also requires unicast routing protocol to build LSP (Label Switched Path). In addition, the remote management of device also needs L3 route service.

ZXCTN 9004 fully supports multiple unicast routing protocols and route-based wire- speed forwarding.

3.4.1.1 IPv4 Route

ZXCTN 9004 supports the following IPv4 unicast route features:

• Support static route. It is configured manually by the administrator to simplify network configuration and enhance network performance. Static route is suitable for small/medium network or simple network configuration, e.g. Configure the route to the service end of network management system.

• Support IPv4-based dynamic routing protocols, e.g. RIPv1/v2, OSPFv2, IS-ISv4 and BGP4. It is adaptive to the change of network topology automatically. Besides, it updates route and builds LSP dynamically. Dynamic route is easy for maintenance, suitable for complicated large network topology such as metro backbone network.

• Support policy routing, enabling data packets to be forwarded according to user- specified policy. Policy routing somehow realizes traffic engineering to a certain extent, making traffics of different service quality or different types of data (e.g. voice and FTP) take different paths.

• Support complete routing policy. It is capable of controlling the generation, distribution and selection of flexible route. Especially when two networks interconnect each other, the edge device should be configured with routing policy to control the delivery and reception of route.

3.4.2 L3 Multicast

IP over all carrier-class services is the trend of future network development. Due to the fast development of new services in IP network, all sorts of video service based upon IP technology are booming in the market, for example, BTV, video conference, remote teaching, online games, network broadcasting, coordinate calculation, and mobile TV. All the traffics of these video services feature point-to-point and one-way reception. Via multicast technology, point-to-multipoint highly-efficient data delivery in IP network which saves a lot of network bandwidth and reduces network load comes true.

ZXCTN 9004 Product Description

3.4.2.1 Multicast Model

According to receiver’s different processing of multicast source, multicast can be classified into two models.

• ASM (Any Source Multicast) model: In ASM model, any sender can work as multicast source and deliver multicast information to a multicast group, then the receiver joins in the multicast group tagged with this multicast group address to get the multicast information sent to this multicast group. In ASM model, the receiver can not learn about the location of the multicast source in advance, but it can join in or leave the multicast group at any time.

• SSM (Source Specific Multicast) model: SSM model provides users with a kind of transmission service at the multicast source designated by the client. In practice, users may be only interested in the multicast information from some multicast sources, and reject information from other sources. SSM model builds shortest path tree between multicast source and multicast data receiver so that it is highly efficient.

3.4.2.2 L3 Multicast Protocol

L3 multicast protocol consists of multicast group management protocol and multicast routing protocol.

• Multicast Group Management Protocol

Multicast group management protocol is implemented between the host and the L3 devices, for building information of the relationships between the group members in the direct-connecting network segment on L3 devices, which shows the multicast group members linking to different ports. Currently, the main multicast group management protocols is IGMP(Internet Group Management Protocol)

− IGMP is the internet group management protocol in IPv4 network. Currently, IGMPv2 and IGMPv3 are the main versions in real implementation. IGMPv3 is upgraded with a new service which enables the member to receive or reject messages from some designated multicast sources so as to support SSM model.

• Multicast Routing Protocol

Multicast routing protocol contains intra-domain and inter-domain multicast routing protocols. Implemented among L3 multicast devices, multicast routing protocol is used to build and maintain multicast route. It forwards multicast packet correctly and swiftly.

As to ASM model, multicast routing protocol contains intra-domain and inter-domain multicast routing protocols:

− Intra multicast route is used to discover multicast source and build multicast shared tree in AS. So that multicast information can be delivered to receivers. PIM(Protocol Independent Multicast) is an intra-domain multicast routing protocol currently popular in the industry. It consists of DM (Dense Mode) and

3 Functions and Features

SM(Sparse Mode)modes: PIM-DM is suitable for the environment with few senders but lots of receivers and sustaining heavy multicast traffic; PIM-SM is suitable for the multicast group where there are few receiver and interim multicast traffic.

− Inter-domain multicast route is used to realize the delivery of multicast information among AS. Currently the main-stream solutions are MSDP(Multicast Source Discovery Protocol)and MBGP(Multicast BGP). MSDP enables RP of PIM-SM domain to share active source information; and MP- BGP delivers multicast route crossing AS.

As to SSM model, there are no intra-domain or inter-domain categories. As receiver knows the specific location of the multicast source beforehand, it can realize the delivery of multicast information via the tunnel built based upon PIM-SSM protocol. At the same time, SSM model also needs the support of IGMPv3 protocol.

Compared with traditional PIM-SM network, SSM network shows outstanding merits. There is no aggregation node, shared tree, or source registration or MSDP which is used to inspect multicast source in other PIM domain in the network. The notified multicast source in the network not only enhances the efficiency, but also simplifies address distribution. As a result, SSM network is now more and more widely used for real-time data transport and multimedia conference.

ZXCTN 9004 supports ASM and SSM multicast models at the same time. It supports all sorts of L3 multicast protocols including Internet Group Management Protocol IGMPv2/v3, intra-domain multicast routing protocol PIM-DM and PIM-SM, inter-domain multicast routing protocol MSDP and MBGP, and PIM-SSM protocol designed specially for SSM model.

3.5 MPLS L2/L3 VPN

VPN builds private communications network via public network resource. It enables the enterprises to connect its offices in different locations with customers dynamically via the public network resource with sound security and resource sharing mechanisms.

For both carrier and enterprise, VPN is very beneficial, so it has become the base of new telecommunication service. Compared with traditional VPN technology, MPLS VPN is capable of distributing bottom layer label automatically, and provides more cost- effective and faster services. At the same time, MPLS VPN can take full advantage of MPLS technology such as MPLS traffic engineering and MPLS service quality guarantee to provide customers with differentiated services with different qualities, which also easily assures the quality of the backbone network service belonging to different carriers. Meanwhile, MPLS VPN also offers customers new services that traditional VPN based upon routing technology can not provide, e.g. VPN address space multiplexing, etc. For VPN customer, carrier’s MPLS network can give customers security mechanisms and networking capability they ask for. Carrier is responsible for the construction, management and maintenance of VPN bottom layer connection, which greatly simplifies traditional VPN solution and reduces enterprise’s costs and investments in staff and equipments.

ZXCTN 9004 Product Description

3.5.1.1 MPLS L3 VPN

MPLS L3 VPN is a route-based VPN solution, providing customers with IP L3 VPN service. ZXCTN 9004 can work as carrier’s PE device (network boundary device), realizing independent management of different VPN access users, distinguishing different VPN users’ routing information and network topology, solving the problems like the overlapping of pure IP L3 VPN address and the multi-homing issue of one VPN.

At the same time, due to MPLS technology, MPLS L3 VPN provides faster network transport.It has complete QoS services, offering more qualified network service.

3.5.1.2 MPLS L2 VPN

MPLS-based L2 VPN solution inherits the advantages of traditional L2 VPN solution. It does not implement any route switching between equipment, and provides totally independent carrier network and VPN user network. With customer network built upon cascading network model, carrier network in the view of customer only provides customers with L2 network functions. The transparent L2 transport mechanism of MPLS L2 VPN simplifies carrier’s network architecture and configuration management, and supports customers’ multiple services. Besides, in addition to traditional IP service, carriers also provide customers with IPv4, IPv6, IPX, DECNet, OSI, SNA services, plus some traditional emulation based upon circuit service, for example TDM, and ATM.

ZXCTN 9004 supports MPLS L2 VPN with the following two connection modes:

• Point-to-Point Connection

Point-to-Point connection gives convenience to carriers by providing VPN private services. This connection enables the consistent connection between the users who support multiple technologies in the existing network and the carriers. As a result, services can be transferred after being encapsulated in carrier’s IP backbone network.

• Point-to-Multipoint Connection

For large customer’s VPN demands, due to a large number of user stations and access points, carrier should provide point-to-multipoint VPN service. ZXCTN 9004 supports VPLS (Virtual Private LAN Service), to build multi-station VPN in single bridging domain of IP/MPLS network, supporting automatic topology discovery, VPN node information maintenance and providing convenient MPLS L2 VPN solution.

3.5.1.3 H-VPLS

VPLS simplifies the deployment and related operation and maintenance of large customer VPN. But in real operation it has some problems in extension: for large-scale network, VPLS in order to avoid loop needs to build full connection among stations, which pushes N2 problem to the frontline (i.e. N2 connections should be built for N nodes). This problem may consume too many resources in providing VPN service, and reduce network performance greatly.

ZXCTN 9004 supports hierarchical VPLS solution, which gives a better solution to the above issue.

3 Functions and Features

H-VPLS(Hierarchy of VPLS)splits the entire network into different tiers. Devices of different tiers connect with each other via QinQ or LSP to reduce the consumption of the network and device caused by full connection.

H-VPLS can implement:

• Decreasing the number of PW, reducing PE processing demands, solving problems of large-scale deployment of VPLS;

• Supporting QinQ and LSP access mode, configuring clear network layer, reducing network complicity.

3.5.1.4 Deployment of Cross-Domain VPN

Most MPLS VPNs in carrier network are deployed in the same AS. However, the services in operation such as carrier’s internal voice service, enterprise customer’s VPN private line service often cross multiple AS. To conquer cross-domain problem, VPN information delivery and VPN tunnel construction becomes the key issue. Carriers can take different solutions according to different network situations.

ZXCTN 9004 providesVRF to VRF mode VPN cross-domain solutions:

• VRF to VRF Mode

VPN in VRF to VRF mode makes extra use of boundary to process VPN route information. It needs to process every VPN independently. So it is suitable for the initial stage of VPN service. VPN in VRF to VRF mode reduces network change, and provides less VPN services.

3.5.1.5 MPLS TE

Traditional OSPF route may result in imbalanced network traffic. Even if congestion happens to one path, the traffic will not be switched over to other paths. Nevertheless, due to the dramatical development of network scale and service, customer nowadays has more and more requirements for service quality, which completely exposes the problems of OSPF.

ZXCTN 9004 supports MPLS TE technology, providing carriers with precise operation tool. It avoids network congestion and makes full use of the existing broadband resource:

• MPLS TE provides IP packet forwarding capability in the way except IGP shortest path forwarding. By reasonable network resource plan, this method can avoid network congestion results from imbalanced network traffic.

• MPLS TE provides bandwidth guarantee for traffic. For key flows, bandwidth reservation, priority setting, and bandwidth take-up mechanisms are introduced to make sure that transport traffic will not be discarded due to inadequate link bandwidth;

ZXCTN 9004 Product Description

• At the same time, MPLS TE also provides guarantee for reliable transport: when the link or transport node breaks down, MPLS TE FRR and MPLS TE tunnel backup technology can implement fast link switchover, which reduces impact on traffics.

MPLS TE provides rich methods to improve network performance. It avoids network congestion, optimizes network performance and supports network failure resume at the same time. The fast inspection of network failure is the base of network failure recovery and network reliability. ZXCTN 9004 supports MPLS OAM, offering fast failure inspection mechanism.

3.6 QoS

Due to the booming development of multiple services (data, voice, and video), plus the increasing requirements for bearer network to provide different users and services with differentiated services, network should be able to distinguish different services and makes sure the service quality according to user’s SLA. Besides it should ensure QoS guarantee in all sorts of implementation model, provide end-to-end service, enable the network to sense services, implement service precise operation and finally improve user service experience.

3.6.1 Basic QoS Features

ZXCTN 9004 becomes user’s primary choice with its simple deployment, high flexibility and scalability. ZXCTN 9004 supports the following Diffserv QoS features:

3.6.1.1 Traffic classification and mark

According to service classification policies including destination MAC, source MAC, VLAN ID, 802.1P, ToS/DSCP and IP five-tuple (protocol type, destination IP, source IP, TCP/UDP port number), service messages are classified into different priorities. Then they are marked by CoS of Ethernet message ToS or DSCP of IP head so that classification-based traffic scheduling, congestion management and traffic shaping can be implemented to provide QoS for different service types. Besides, ZXCTN 9004 adopts ACL to implement 128-bit traffic classification to enhance the flexibility of traffic classification for the carrier.

3.6.1.2 Traffic Policing

Token Bucket algorithm restricts the traffic and abruptness within a reasonable range. It monitors and punishes the exceeding parts by discarding messages, coloring messages or resetting the priority of the messages in order to protect network resource and carrier’s benefits. ZXCTN 9004 supports srTCM and trTCM coloring algorithm. It also supports Color-Blind and Color-Aware coloring modes. ZXCTN 9004 supports port- based and traffic-based coloring, which can both be applied at ingress and egress.

3 Functions and Features

3.6.1.3 Traffic Shaping

Traffic Shaping buffers and sends egressing traffic at an even speed to make the traffic rate meet the processing capability of the downstream equipment. ZXCTN 9004 supports port-based and queue-based traffic shaping.

3.6.1.4 Queue Scheduling

Queue scheduling processes congestion at network nodes by a series of scheduling algorithms. By scheduling, packets with higher priorities are firstly forwarded and packets with lower priorities can also get fair chances to get transferred. ZXCTN 9004 support PQ (Priority Queuing), Weighted Fair Queuing (WFQ), and PQ+WFQ.

3.6.1.5 Congestion Avoidance

Indeed network device has limited buffer capability. So when transition congestion occurs, simply discarding messages may result in “TCP global synchronization”. ZXCTN 9004 adopts RED/WRED to avoid congestion and improve network quality. ZXCTN 9004 WRED can sense services including IP priority, DSCP and MPLS EXP. It can set different early dropping policy for packets with different priorities so as to provide differentiated dropping feature for different services.

3.6.2 Ethernet QoS

Due to the increasing development of Metro Ethernet, there are more and more Ethernet services which need differentiated services. According to the priority of VLAN frame, ZXCTN 9004 can implement service scheduling and congestion management; and map the priority of IP message to the VLAN priority of Ethernet message to accomplish integrated service scheduling. In QinQ mode, ZXCTN 9004 is capable of mapping inner user’s VLAN priority to outer carrier’s VLAN priority automatically, or modifying outer VLAN’s priority according to user’s services to build a tunnel with integrated and manageable services from user service to carrier service.

3.6.3 MPLS QoS

ZXCTN 9004 supports MPLS QoS based upon DiffServe model. MPLS QoS implements mapping between priorities of MPLS, IP, and Ethernet packets. It distinguishes different service streams in terms of EXP values to realize differentiated services and guarantees the quality of voice and video services. ZXCTN 9004 supports three types of standard carrier MPLS QoS service channels:

• Uniform Tunnel

• Pipe Tunnel

• Short Pipe Tunnel

Based on Diff-Serv model, MPLS QoS is equipped with good scalability. It implements end-to-end QoS by channels. However, when congestion occurs, delay and packet dropping cannot be avoided so that the quality of services which are sensitive to delay

ZXCTN 9004 Product Description

and packet dropping is influenced. MPLS-TE can prevent services inside tunnel from being impacted by congestion outside tunnel. But its bandwidth management and MPLS-TE tunnel can not implement scheduling based on service types. For example, if EF, AF and BE services are beared in one MPLS-TE tunnel, EF and AF services will definitely be seriously affected.

ZXCTN 9004 combine MPLS-TE and Diff-Serv to equip IP/MPLS core network with service identifying capability. It also establishes tunnel based on this to guarantee bandwidth for services with higher priorities. ZXCTN 9004 supports MPLS VPN internal QoS scheduling, implements Diff-Serv scheduling inside VPN, and guarantees prior forwarding of key VPN services.

ZXCTN 9004 supports PW distinguishing based on user service and mapping service PW to MPLS tunnel; so as to realize service-based end-to-end QoS. It enables simple deployment and manageable bandwidth planning, providing guarantee for differentiated management and services for multi-service operation.

3.6.4 H-QoS

As there are more and more users and services in the network, both user and carrier hope that user and user service can be differentiated to make sure refined operation of user service, get better user service experience and achieve better service quality and profits. By hierarchical scheduling and integrated configuration, H-QoS can provide precise service quality for highly qualified service and user to reduce the costs in accessing network devices. Besides, it decreases TCO, enhances entire network service quality and finally brings customers with differentiated competitiveness.

Via hierarchical mode, H-QoS realizes precise scheduling, providing customers with more reliable service support for their multiple services. H-QoS hierarchy covers service layer, user layer, user group layer, virtual port layer, and port layer. Hierarchical QoS of ZXCTN 9004 has the following features:

• Support 5-tier hierarchical QoS scheduling to satisfy practical network deployment demands.

• Support a large number of queues. Queue is mainly used to indicate different services of different users. At the same time, some messages are buffered to avoid congestion and implement traffic shaping.

• Every scheduling node should support multiple scheduling algorithms, including SP, WFQ, and SP+WRR. So that it can provide different service features according to different scheduling policies.

• Support complete traffic policing and traffic control. To show SLA-based traffic control and the traffic control of devices in different layers, it supports multiple traffic policing algorithms including CIR, EIR and PIR configuration.

• Support congestion avoidance. To make sure that all services can work correctly, it supports RED and WRED congestion avoidance algorithms, enabling the messages to be discarded according to their priorities. As a result, service quality can be improved in the network.

3 Functions and Features

• Support traffic statistics of service scheduling in hierarchical QoS, realize visual management of traffic model, and enable network management to know better about the network.

The hierarchical QoS of ZXCTN 9004 satisfies service deployment in various scenarios of Ethernet,L2VPN, L3VPN, and MPLS TE. Organically combined with these scenarios, it provides powerful and refined scheduling capability.

3.7 OAM

Multi-service bearing OAM mainly covers failure management (failure detection, location and notification) and performance management. For failure management, it needs to support Connection Check (CC), LoopBack (LB), Lock (LCK), Alarm Indication Signal (AIS), Remote Defect Indication (RDI) and Test (TST). For performance management, it supports Loss Monitoring (LM), Delay Monitoring (DM) and Delay Monitoring for Variety (DMV). PPB-TE OAM is an Ethernet OAM mechanism based on IEEE802.1ag Connection Failure Management (CFM) or Y.1731. T-MPPLS OAM is based on G.8114, which is extremely similar to OAM message of Y.1731. The difference lies in the fact that T-MPLS OAM supports hierarchy: TMP/TMC/TMS (optional). The standard establishing organization is discussing about MPLS-TP OAM. It has modified OAM packet format, and introduced ACH to realize compatibility with PW VCCV. PW CC may be implemented by VCCV-BFD. At the same time OAM functions such as AC, AIS, APS are introduced.

3.7.1 MPLS OAM

MPLS provides OAM (Operation, Administration and Maintenance) mechanism which is totally independent from any L3 or L2 protocol. It implements the following functions on MPLS data plane:

• Confirming LSP connection;

• Measuring network utilization and performance;

• Implementing projection switchover quickly when defect or failure occurs to the link so as to provide corresponding services based on SLA (Service Level Agreement) signed with the subscribers.

Defects originate from inside MPLS layer can be effectively detected, confirmed, and located by MPLS OAM mechanism. The defects will be reported and be correspondingly processed. Protection switchover trigger mechanism can be provided in case of failure.

3.7.2 T-MPLS OAM

G.8114 defines detailed and powerful T-MPLS OAM mechanism, enabling transporting entity in each layer of the network to implement failure detection, failure location, performance monitoring, and to get the integrity and channel situation of message sending and receiving at the layer, no matter the entity is user, service provider or carrier. T-MPLS OAM is implemented by transferring a series of perfectly-defined OAM frames, which can be classified into active OAM and OAM-on-demand. The former covers

ZXCTN 9004 Product Description

connectivity detection, connection detection, signal quality (delay, packet dropping, jitter) and alarm notification etc. The latter may cover error isolation, and signal parameter measuring etc.

3.7.3 Ethernet OAM

ZXCTN 9004 supports the following Ethernet OAM functions conforming to IEEE 802.1ag and ITU-T Y.1731:

• It uses hardware to support ETH-CC (Ethernet Connection Check)

• Its control plane supports ETH-LB (Ethernet LoopBack) and ETH-LT (Ethernet Link Trace).

• It supports performance monitoring of Ethernet private line service. It implements monitoring of packet dropping ratio, delay and jitter by private hardware, conforming to ITU- T Y.1731.

ZXCTN 9004 supports the following OAM mechanism in link layer:

It supports Ethernet link OAM conforming to IEEE 802.3ah. Each Ethernet port supports link discovery, link status monitoring and remote loopback.

3.7.4 OAM Mapping

Implement dual-homing accessing to PE and the network between PE is MPLS network. To realize end-to-end link failure detection, configure MPLS OAM or BFD on MPLS LSP between PE; and configure Ethernet OAM between PE. When core network-side MPLS OAM/BFD detects a failure, Ethernet OAM mechanism is notified by PE device to switch the traffic to the backup path.

3.8 Synchronization

3.8.1 Clock Synchronization and Protection

Synchronous Ethernet(SyncE)uses Ethernet link stream to resume frequency. A highly precise frequency is used by ZXCTN 9004 to transfer data on Ethernet, and then this frequency will be resumed and extracted at the receiving end. SyncE technology can realize synchronized end-to-end data sending and receiving in Ethernet physical layer, with the synchronization mode shown in Figure 4. Synchronized Ethernet has the synchronized frequency but not the synchronized phase. Besides, it asks all the devices in the bearer network to support the feature of synchronized Ethernet.

3 Functions and Features

Figure 4 SyncE Synchronization Mode

In a ring, if the working clock route fails, source clock can be traced from other directions by related network element of alarm or SSM; so as to realize clock route protection.

3.9 Protection

3.9.1 Equipment-level Protection

ZXCTN 9004 focuses on carrier-class reliability design by providing redundancy backup to key system components. It supports hot-swappable components, and improves disaster recovery capacity and flexible failure processing capability. It guarantees complete maintainability.

3.9.1.1 Main Control Unit Protection

ZXCTN 9004 is equipped with two main control cards. When main control software or hardware fails or main/standby switchover instruction is received, main/standby board is switched to achieve protection.

3.9.1.2 Switching Unit Protection

ZXCTN 9004 implements redundancy by switching unit on main control card.

3.9.1.3 Power Supply Protection

ZXCTN 9004 adopts hot backup design for power supply and at the same time provides two power supply ways: 48V DC and 220V AC. DC power supply adopts 1+1 mode, supplied by two groups of 48V DC. AC power supply adopts 1+1 backup mode, which improves the reliability of power supply system.

ZXCTN 9004 Product Description

3.9.1.4 Fan Protection

ZXCTN 9004 has fan module configured to improve heat-cooling system and enhance the reliability of the system.

3.9.1.5 Environment Monitoring Unit Protection

ZXCTN 9004 adopts 1+1 backup CAN bus to implement environment monitoring. It can control board hardware logic loading, power supply, environment monitoring, temperature/voltage/current monitoring and protection, and infinite speed adjustment for fan. It implements hot-swapping control, board archive information management, reset control, and start selection control. It realizes test and online upgrade of each unit from remote or close.

3.9.2 Network-level Protection

ZXCTN 9004 provides various network-level protections at the same time as shown in Table 5 .

Table 5 Network-level protections provided by ZXCTN 9004

Protection Protect object Protection type Protection method time PW protection Linear protection 1:1 PW protection < 50ms 1+1 Tunnel protection < 50ms 1:1 Tunnel protection < 50ms Linear protection MPLS/T- 1+1 SNC protection < 50ms MPLS/MPLS- 1:1 SNC protection < 50ms TP Tunnel Wrapping protection < 50ms protection Connection-oriented ring protection Steering protection < 50ms TE FRR (Fast Re-Route) Mesh protection < 50ms protection SSTP (Simple STP) 15-18s protection STP RSTP (Rapid STP) < 250ms (Spanning Tree protection Protocol) protection MSTP (Multi STP) < 250ms protection Ethernet link Ethernet ring ZESR protection < 50ms protection protection Ethernet linear ZESS protection < 50ms protection Intra-board Ethernet port LAG (Link LAG group protection; Aggregation) < 200ms protection Inter-board Ethernet port LAG group protection;

3 Functions and Features

Protection Protect object Protection type Protection method time Enhanced Main/standby redundancy VRRP L3 route protection < 50ms protection protection

3.9.2.1 Tunnel 1+1 and 1:1 Protection

Tunnel 1+1 protection adopts service dual-sent-one-received. When active channel fails, service receiving end selects the protection channel to receive service and realizes service switchover.

In 1+1 structure, protection channel is private for each active channel. They are bridged at source end in protection domain. 1+1 path protection switchover is single-direction. In other words, only the impacted connection direction can be switched to protection path. To avoid single-point failure, active channel and protection channel should take separated routes.

Tunnel 1:1 protection adopts service single-sent-single-received. Expanded APS protocol is transferred via protection channel, transferring protocol status and switching status to each other. Devices on two ends implement service switchover based on protocol status and switching status.

In 1:1 structure, protection channel is private for each active channel. The protected services are transferred by active or protection channels. 1:1 path protection switch is bidirectional. In other words, the impacted and unimpacted connection directions are both switched to the protection path. To avoid single-point failure, active channel and protection channel should take separated routes.

3.9.2.2 1+1 SNC Protection and 1:1 SNC Protection

SNC protection is used to protect a carrier network or internal connection part of multiple carrier networks. There are two independent subnet connections in the protected domain acting as active and protection transfer entity for normal service signal.

In 1+1 SNC protection mode, local information-based switchover protection is implemented by destination end in the protected domain. Service signal is sent to both active channel and protection channel at the same time by source end in the protected domain. The protection switch is single-directional. In other words, only the impacted connection direction can be switched to protection path. To avoid single-point failure, active channel and protection channel should take separated routes.

In 1:1 protection mode, based on local information and APS protocol information from the other end or remote end, the protection switch is implemented by both source end and destination end in the protected domain. The switch is bi-directional. In other words, the impacted and unimpacted connection directions are both switched to the protection path. To avoid single-point failure, active channel and protection channel should take separated routes.

ZXCTN 9004 Product Description

3.9.2.3 Connection-oriented Ring Protection

Ring protection can save fiber and other related network resource and satisfy strict protection time requirement of the delivery network to complete switch protection within 50ms. ZXCTN 9004 supports Wrapping and Steering ring protection.

• Wrapping protection

When network node detects a network failure, the failure-side neighbor node sends switchover request to its neighbor nodes by APS protocol. When a certain node detects a failure or receives a switchover request, the common services forwarded to the failed node will be switched to another direction (far away from the failed node). When network fails or APS protocol request disappears, the services will be returned to its original path. The protection principle is shown in Figure 5.

Figure 5 Wrapping protection

Connection Q

Node A Node B Node C

Ring bandwidth in each direction is shared between working and protection T -MPLS signals

Node F Node E Node D

Connection Q a) Normal state

T-MPLS packet wrapping Connection Q

Node A Node B Node C

Pass through

Node F Node E Node D

Connection Q b) Failed state

Bandwidth guaranteed for working traffic Bandwidth available for protection traffic Note : Bandwidth for unprotected traffic is not presented here

• Steering protection

When network node detects a network failure, it sends switchover request to all nodes on the ring by APS protocol. Each source node of point-to-point connection implements switchover. All MPLS/T-MPLS/MPLS-TP connection impacted by network failure is switched from active direction to protection direction. When network fails or APS protocol request disappears, all impacted services resume to the original path. Its protection principle is shown in Figure 6.

3 Functions and Features

Figure 6 Steering protection

Connection Q

Node A Node B Node C

Node F Node E Node D

Connection Q a) Normal state

T-MPLS packet steering Connection Q

Node A Node B Node C

Node F Node E Node D

Connection Q b) Failed state

Bandwidth guaranteed for working traffic Bandwidth available for protection traffic Note : Bandwidth for unprotected traffic is not presented here

3.9.2.4 TE FRR Protection

TE Fast Reroute is a feature of MPLS TE with the characteristic of fast local protection. It is usually deployed in the networks asking for high reliability. When certain link or node on the protected LSP fails, traffic will be quickly switched to the backup link. FRR is a temporary protection measure. When the protected link resumes or new LSP is created, traffic will be switched back to the original LSP or new LSP.

Figure 7 TE FRR local link and node protection

Backup LSP1

Main LSP PE1 PE2 1 2

Bac kup LSP2

ZXCTN 9004 Product Description

TE FRR that ZXCTN 9004 supports conforms to RFC 4090 standard. At the same time ZXCTN 9004 supports local link protection and node protection. It also supports Detour (1:1) and Bypass protection.

3.9.2.5 ZESR Protection (ZTE Patent)

ZESR (ZTE Ethernet Smart Ring) is Ethernet ring technology based on ITU-T G.8023 protocol, providing ring topology to guarantee L2 highly efficient and highly reliable solution. Any link or node failure can be quickly recovered within 50ms. Its working principle is shown as follows:

One of the nodes on the ring works as main node. One of its ports is main port and the other is standby port. In normal situation main port is in active state and the standby is in blocked state to guarantee loop elimination on L2.

ZXCTN 9004 supports ZESR with the following features:

• Various topology structures: ZESR supports single ring, multiple ring network topology. It supports intersecting rings and tangent rings.

• Load balancing: ZESR supports load balancing of services in multiple domains, making full use of link bandwidth.

• Fast switch: the adjacent nodes on the ring send detecting frames to each other so that they can detect link single pass, interruption, and node failure. ZESR can complete switching and switching back within 50ms which meets carrier-class switchover requirement.

• Scalability: It supports link LAG binding. ZESR device and non-ZESR device on the ring can take on-line join in and leave off in a dynamical way without impacting other working equipment. In addition, ZESR has no limit for ZESR device quantities on the ring.

• Good compatibility: ZESR can carry various L3 VRRP, OSPF, and BGP protocols, which can co-exist with L2 protocols such as STP and RSTP.

3.9.2.6 ZESS Protection (ZTE Patent)

ZESS (ZTE Ethernet Smart Switching) is a kind of “intelligent switching” technology realized by ZTE. It provides dual-uplinking with highly efficient and reliable link backup and switching solution with the switching time between main and standby link within 50ms. Its working principle is shown as follows:

When ZESS is started, it’s necessary to define control VLAN, the protected service VLAN and two uplinking ports, among which one is main port and the other is standby. In normal situation, main port is in ACTIVE status and the standby is in blocked status. When main port fails (caused by physical failure or OAM connection failure or single pass), ZESS will block the port automatically and switch the standby status to active status.

3 Functions and Features

ZESS not only can implement 50ms fast switch but also can realize service load balancing at the same time. As shown in Figure 8, ZESS main port and standby port protect different service VLANs respectively to balance the services to dual backup upper layer devices. When standby port doesn’t protect any services, all VLANs are blocked to work as backup links.

Figure 8 ZESS redundancy backup and load balancing

ZXCTN 9004 supports ZESS with the following features:

• Load balancing: ZESS supports service load balancing in multiple domains, making full use of link bandwidth.

• Fast switch: ZESS can complete switching and switching back within 50ms which meets carrier-class switchover requirement.

• Supporting LACP: supporting LACP binding of uplink

• Good compatibility: It not only can support ZESS compatible device to act as dual- homing access device, but also can get accessed to non-compatible device such as common BRAS.

3.9.2.7 MSTP Protection

STP (Spanning Tree Protocol) is a kind of L2 management protocol conforming to IEEE 802.1d regulation. By blocking network redundant links selectively, STP generates forwarding tree to eliminate network L2 loops.

ZXCTN 9004 Product Description

RSTP(Rapid Spanning Tree Protocol)is the extension of STP conforming to IEEE 802.1w regulation. RSTP provides fast status transfer mechanism, which greatly reduces network convergence time.

Adopting STP and RSTP, it can not only eliminate broadcasting storm brought about by network loop but also provide redundancy backup links for data forwarding.

MSTP(Multiple-instance Spanning Tree Protocol)is developed based on STP/RSTP conforming to IEEE 802.1s regulation. MSTP divides the switching network into multiple areas and run multiple spanning tree instances in each single area.

MSTP can make each VLAN to forward packets along different spanning tree paths. In this way fast convergence can be completed, and load balancing based on VLAN can be realized.

ZXCTN 9004 offers RSTP/MSTP network a convergence time less than 250ms by optimized algorithm design, which dramatically improves its convergence performance.

3.9.2.8 Ethernet LAG Protection

Link Aggregation binds a group of physical Ethernet interface with the same rate to work as a logic interface (link aggregation group) so as to increase bandwidth and provide link protection. ZXCTN 9004 supports LAG protection at Ethernet port.

Ethernet LAG protection can implement port load balancing and non-load balancing. There’s no main or standby link. The system can realize inter-board LAG protection and intra-board LAG protection. When any link fails, service packets will be distributed to other links.

3.9.2.9 Enhanced VRRP Protection

Traditional VRRP is a kind of route redundancy backup protocol. Two routers in a network constitute a VRRP backup group. One plays the main role and the other is backup. They display a unified virtual MAC address and virtual IP address to outside and are transparent to outside. In normal situation, data is processed and transmitted by main device. VRRP can implement backup of other unavailable interfaces on router by monitoring the status of the designated interface. That is to say, when the interface under monitoring gets down, the priority for the router processing this interface will descend to a lower value automatically so that the priority for another router in this backup group is higher than it. In this way another router with the higher priority will become Master.

Enhanced VRRP protection technology is based on traditional VRRP protocol but it greatly improves VRRP protocol status switching speed. It uses BFD fast link status detection feature and binds VRRP with BFD. The router in backup status decides whether to implement VRRP status switching by monitoring status of designated interface or BFD Session based on BFD status, which guarantees 50ms fast failure switch.

BFD for VRRP technology dramatically expand VRRP application scale. When main and standby VRRP devices are not connected, or connected but with other switches involved, fast backup protection can also be achieved. Communication between main and backup devices is checked by multi-hop BFD.

3 Functions and Features

3.10 Security

ZXCTN 9004 not only provides equipment-level security, but also provides security guarantee mechanism for service network.

3.10.1 Equipment Security

3.10.1.1 AAA Identity Authentication

ZXCTN 9004 supports complete AAA (Authentication, Authorization and Accounting) mechanism. It can not only work together with command line hierarchical protection mechanism to authenticate and authorize log-in users, but also verify validity of network management user. Based on AAA mechanism, ZXCTN 9004 can effectively prevent illegal user login.

The device provides complete AAA authentication and authorization function for different user access authentication policy. Based on different access authentication demands, user can configure different access authentication policies and implement different user authentication and authorization in a selective way.

AAA supports the following three user authentication methods:

• Local account authentication

• RADIUS (Remote Authentication Dial-In User Service) authentication

• TACACS+ (Terminal Access Controller Access Control System) authentication

AAA supports the following four authorization methods:

• Direct trust authorization: direct authorization with absolute trust in user without account.

• Local account authorization: authorize user based on locally configured user account.

• TACACS+ authorization: TACACS+ can split authentication and authorization. TACACS+ server implements user authorization.

• Authorize user after RADIUS authentication succeeds: RADIUS authentication and authorization cannot be split.

3.10.1.2 Command Line Hierarchical Protection

ZXCTN 9004 supports login of operation user via Ethernet interface by Telnet and via AUX interface by Modem dialing. Considering security, the device needs to verify the log-in users. Only the users pass verification can successfully login and implement various configuration and maintenance operations.

ZXCTN 9004 Product Description

ZXCTN 9004 protects command lines for operation and maintenance in a hierarchical way. Command lines are divided into four levels: visit, monitor, configure, and manage. The login users are also divided into four levels which correspond to command lines respectively. Users of different levels can only use the commands equal to or lower than their own levels after they log into ZXCTN 9004, which effectively control the authorities of the login users.

ZXCTN 9004 supports command level and user level extension (level mapping). Mapping level 4 to level 16 realizes refined management of user level.

3.10.1.3 Protocol Security Verification

Considering different protocol security verification requirements, ZXCTN 9004 implements complete protocol security verification for SSH, PPP, routing protocol, and SNMP protocol.

SSH protocol security verification:

• Supporting MD5 based ciphertext authentication

• Supporting SHA1 based ciphertext authentication

PPP access security verification:

• Supporting PAP based verification

• Supporting CHAP based verification

Routing protocol security verification:

• RIP v2, OSPF, and IS-IS support plain text authentication

• RIP v2, OSPF, IS-IS, and BGP support MD5 based ciphertext authentication

• RIPng, OSPFv3, and BGP-4 supports MD5 based ciphertext IPSec AH authentication

• RIPng, OSPFv3, and BGP-4 supports SHA1 based ciphertext IPSec AH authentication

SNMP security verification:supporting SNMPv3 encryption and authentication

3.10.2 Network Security

3.10.2.1 Separating Network by VPN

ZXCTN 9004 supports VLAN and various extension technologies such as PVLAN and QinQ to implement isolation of interfaces, realizes effective shield of customer network

3 Functions and Features

and carrier network to ensure security for customer service network. At the same time unnecessary broadcasting is effectively controlled, which increases network throughput.

Besides, IP VPN built based on IP/MPLS MPLS-TP can fully satisfy the basic needs of service isolation, which can at the same time provide satisfactory service quality with good scalability and manageability.

3.10.2.2 Anti-Ethernet VLAN/MAC spoofing and attack

ZXCTN 9004 adopts “VLAN+MAC” table check to filter illegal packets so as to improve network security. Network administrator add static table item in MAC address table to record the corresponding relationship between particular MAC address and interface. It prevents MAC address spoofing attack by binding MAC with interface.

ZXCTN 9004 supports illegal MAC filtering. When maintenance personnel finds packets from of certain MAC address is aggressive, he can manually configure it as illegal MAC on the device. When the device receives some packets, it compares source MAC address or destination address of these packets with the items in illegal MAC table. If they are identical with those in illegal MAC table, they will be discarded without any notification to the source.

Besides, ZXCTN 9004 applies ACL at port. It realizes automatic filtering of illegal data packet by analyzing VLAN, IP address, port number and protocol number to shield network attack in time.

3.10.2.3 Anti-DDoS attack

With network environment becoming more and more complicated, as the core component to process various complicated protocol data packets, the control layer of ZXCTN 9004 is easy to suffer from network layer storm attack such as PING DDOS and TCP DDOS etc. To avoid the impact of these attacks on device, ZXCTN 9004 realizes refined traffic control mechanism of traffic coming into control layer.

• Split the upwards CPU traffic into multiple priority queues and guarantee important protocol packets such as BGP and OSPF and user-customized data packets are given higher priority to be sent upwards and processed.

• Support rate limit (CAR) of upwards traffic at ingress port.

• Support rate limit of user-customized packets based on source address, protocol type, TCP/UDP port number, and physical ingress interface number.

• Support configuring protocol packet delivery CPU rate based on particular rule and delivery CPU priority limit.

• Support logic port based abnormal delivery check. Test the rate of packet receiving at all logic ports. When upwards traffic at a logic port is found to reach the threshold set by user, close packet receiving at the port, make proper delay, and continue to receive packets. In this way powerful attack against the port can be avoided and normal services at the port will not be impacted.

ZXCTN 9004 Product Description

ZXCTN 9004 effectively guarantees that the important data packets can be delivered upwards in time and at the same time it can effectively prevent attacks of abnormal packets by various measures such as setting data packet priorities and making difference to them, using multiple queues transmitting technology, configuring port delivery policy, and limiting delivery traffic rate, etc.

3.10.2.4 Unicast Reverse Path Forwarding(uRPF)

ZXCTN 9004 supports uRPF (unicast Reverse Path Forwarding) to prevent source address spoofing based network attack. There is a kind of source address spoofing method among common DoS attacks: the attacker spoofs a source address (which is usually a legal network address) to access the attacked device so as to prevent it from providing normal services. uRPF can effectively avoid this kind of attacks. ZXCTN 9004 supports the following uRPF features:

• Supporting Strict RPF check;

• Supporting loose RPF check

• Supporting loose RPF check of ignored default route

• Supporting ACL check

• Supporting IPv4 and v6 uRPF

3.10.2.5 Other anti-attack measures

ZXCTN 9004 also supports the following detection and anti-attack measures:

• Source Address spoofing

• LAND

• SYN Flood (TCP SYN)

• Smurf

• Ping Flood (ICMP Echo)

• Teardrop

• Ping of Death

ZXCTN 9004 Product Description

4 System Architecture

4.1 System Hardware Architecture

4.1.1 Overall Hardware Architecture

ZXCTN 9004 adopts large-capacity chassis. The hardware system is composed of rack, backplane, fan slot, power supply module, management switching card (MSC), and all sorts of line processing card(LPC). Then width of the entire device goes in line with the industry standard, so it can be installed in IEC297 standard cabinet or ETSI standard cabinet.

4.1.1.1 Chassis Architecture

Description of chassis architecture and slot: the chassis of ZXCTN 9004 is 9U(1U=44.45mm), and the size of the equipment is 482.6mm*572.6mm*399.3mm(W*D*H). As shown in Figure 9, ZXCTN 9004 has LPC board area, MSC board area, power supply area and fan area.

Figure 9 ZXCTN 9004 chassis architecture

482.6mm

1 2 2 3 399.3mm 3 2 2

4 4 572.6mm

The functions for each area are shown as follows:

• Fan slot

• LPC board area: for LPC processing and interface card

• Management switching card(MSC)area

4 System Architecture

• Power supply module

4.1.1.2 Slot Allocation

ZXCTN 9004 subrack boards include 4 LPC service line card slots, 2 main control clock board slots, 2 power supply slots and 2 fan slots. The fan slot is on the left side of the chassis, the entire chassis uses right-to-left ventilation cooling system. The cabling racks are installed at both sides of service interface card to simplify cabling.

Slots location for ZXCTN 9004 is shown in Figure 10.

Figure 10 ZXCTN 9004 subrack slot allocation

4.1.1.3 Available slots for boards

Available slots for boards of ZXCTN 9004 are shown in Table 6 :

Each LPC slot of ZXCTN 9004 supports 1 fixed interface service line card or 1 multi- service master card+multiple flexible sub-cards.

Table 6 Available slots for boards of ZXCTN 9004

Specification Description of board Slot Remark 24-port 1000M P90S1-24GE-RJ Ethernet electrical LPC interface line board 24-port 1000M P90S1-24GE-SFP Ethernet optical LPC interface line board 48-port 1000M P90S1-48GE-RJ Ethernet electrical LPC interface line board 48-port 1000M P90S1-48GE-SFP Ethernet optical LPC interface line board

ZXCTN 9004 Product Description

Specification Description of board Slot Remark P90S1- 24-port 1000M optical 24GE2XGE- + 2-port 10G Ethernet LPC SFPXFP interface line board 2-port 10G Ethernet P90S1-2XGE- optical interface line LPC XFP board 4-port 10G Ethernet P90S1-4XGE- optical interface line LPC XFP board 2 1/2 slots, work with P90S1-LPCA Line processing card A LPC 1/2 subcard SFP module, 1/2 sub- 1-port OC-192c POS P90S1- card, and line P901P192-XFP interface card LPCA processing card A need to be configured SFP module, 1/2 sub- 8-port OC-12c/OC-3c P90S1- card, and line P90-8P12/3-SFP configurable POS LPCA processing card A need interface card to be configured 8-port 1000M Ethernet SFP module, 1/2 sub- optical interface + 4- P90-8GE4COC3- P90S1- card, and line port channelized STM- SFP LPCA processing card A need 1/OC-3 interface multi- to be configured service subcard 8-port 1000M Ethernet SFP module, 1/2 sub- optical + 1-port OC- P90- P90S1- card, and line 12c or 4-port OC-3c 8GE1CP12/3-SFP LPCA processing card A need configurable CPOS to be configured interface card 8-port 1000M Ethernet SFP module, 1/2 sub- optical interface + 4- P90S1- card, and line P90-8GE4A3-SFP port OC-3c ATM LPCA processing card A need interface subcard to be configured 9004 MSC (with clock P9004-MSCS MSC Supporting BITS interface) Supporting input and 9004 MSC (with clock P9004-MSCT MSC output of BITS, TOD, and time interface) and 1PPS 4-service slot chassis, 9004 subrack P9004-CHS ----- backplane, and fan components module Supporting 1:1 redundancy; P9004-MSC 9004 MSC MSC redundancy configuration is recommended Power 9004 adopts 1+1 PM-AC2U 2U AC power supply supply redundancy

4 System Architecture

Specification Description of board Slot Remark Supporting 1+1 redundancy; Power PM-DC2UB 2U DC power supply redundancy supply configuration is recommended

4.1.2 Working Principles for Hardware System

Adopting rack design, the entire hardware architecture of ZXCTN 9004 is composed of backplane, MSC, SC, LIC, IPMS (intelligent platform management subsystem), power supply module, and fan module. With switching unit and main control unit as the core, it connects all service cards and switching units by large-capacity high-speed serial bus.

ZXCTN 9004 MSC is the core element of the system, implementing protocol and signaling processing, data switching, system monitoring, maintenance and management. MSC contains main control unit and switching unit. Main control unit adopts 1:1 redundancy and switching unit adopts 1+1 redundancy. Service line card takes direct processing of packets, delivers packets to the specific port of destination service line card based on the processing result.

Intelligent Platform Management Subsystem (IPMS) takes charge of accessorial management of system hardware platform, and provides power-on control of large- consumption board, environment monitoring, system disaster tolerance and accessorial communication. It can work independently from the main system. It can restart and reset independently without any impact to the main system.

Overall hardware architecture of the product is shown in Figure 11:

ZXCTN 9004 Product Description

Figure 11 ZXCTN 9004 hardware system architecture

ZXCTN 9004 system adopts a distributed switching architecture. Data packets get processed by physical layer chip before they get into network processor, where they experience frame resolution, traffic classification, and queue management and then get forwarded. System-level traffic management is provided and sent to destination port via switching fabric matrix.

4.2 Introduction to Hardware Modules

4.2.1 Overview

ZXCTN 9004 boards cover processing board, MSC, and power supply controlling board. ZXCTN 9004 board types and functions are shown in Table 7 :

4 System Architecture

Table 7 ZXCTN 9004 board types and functions

Board types Board name Main function P90S1-24GE-RJ P90S1-48GE-RJ P90S1-24GE-SFP P90S1-48GE-SFP P90S1-2XGE-XFP P90S1-4XGE-XFP P90S1-24GE2XGE-SFPXFP P90S2-2XGE-XFP P90S2-4XGE-XFP Providing Ethernet interface P90S2-24GE-RJ Ethernet board P90S2-24GE-SFP interface P90S2-48GE-RJ P90S2-48GE-SFP P90S2-24GE2XGE-SFPXFP Processing P90S2-2XGET-XFP board P90S2-4XGET-XFP P90S2-24GET-RJ P90S2-24GET-SFP P90S2-48GET-RJ Occupying a slot, working Line processing card A P90S1- with flexible Multi-service LPCA subcard, master board P90S2-LPC24/ P90S2-LPC48 available for multiple flexible sub-cards P90-1P192-XFP P90-8P12/3-SFP Providing SDH Flexible subcard P90-8GE1CP12/3-SFP or Ethernet P90-8GE4COC3-SFP interface P90-8GE4A3-SFP Providing MSC P9004-MSC control function Providing Power supply controlling board PM-AC2U,PM-DC2UB power supply

Note: 90S2 version and part of sub-cards are in the planning in roadmap; so they can be applied in the next version.

4.2.2 MSC

This section sheds light on version, functions & features, principle and panels of MSC.

1 Functions & features

ZXCTN 9004 Product Description

MSC is composed of control and management unit, switching fabric unit, clock unit and environment monitoring unit, taking care of the management of system clock source, control plane, system maintenance plane, and environment monitoring plane.

• Control and Management Unit

The core unit of the entire system is mainly responsible for:

− Processing all sorts of protocol and signaling to realize the control and announcement of the system status. The independent forwarding plane and control plane, independent routing protocol control plane and configuration operation management plane, are used to enhance the reliability of protocol control plane and the manageability of the equipment.

− Taking charge of the inter-board outband communication of the entire system. The local switching module inbuilt on the board provides modules with non- stop inter-board outband communication to realize the inter-board control, maintenance and information exchange correctly. The isolation of inter-board communication service and data service guarantees the absolute reliability of the system inter-board information.

− The configuration and maintenance management of the system status. It takes charge of the configuration and upgrade of system data, providing system operation log. Outwardly, it offers serial port, RJ45 interface and AUX interface to implement local and remote management and maintenance of the device. It provides SD card and USB interface for mass data storage.

• Clock Unit

It provides all LPC with highly accurate and reliable SDH (Synchronous Digital Hierarchy) interface clock signal. It can offer 2-port 2MHz synchronous clock signal to downstream devices, or receive 2MHz or 2Mbit/s external clock reference. The synchronous clock unit provides system switching fabric with highly reliable synchronized clock, and guarantees the clocks of the switch and module synchronized. It supports the extract of clock source from inner clock, outer clock, STM-N and Ethernet.

• Environment Monitoring Unit

CAN bus is used to implement 1+1 environment monitoring. It can control the logical load of module hardware, power supply module, environment monitoring, temperature/current/voltage monitoring and protection, and infinite fan speed adjustment; it also implements hot-swappable control, module archive file management, reset control, and initiation selection control; JTAG test/load realizes the test and online upgrade of all the modules form far-end or close-end.

The environment monitoring unit has independent power supply system which is isolated from all service systems of the equipment, so even when MSC or SC totally fails, it still can work normally providing real-time information. It improves the operation and management quality of carrier-class device.

• Switching Fabric Unit

4 System Architecture

It takes charge of the inter-board message switchover, QoS scheduling and access control. 2 switching modules inbuilt on MSC realize 1+1 load sharing and redundancy backup.

2 Panels

ZXCTN 9004 main panel is shown in Figure 12 with description of each part in Table 8 :

Figure 12 ZXCTN 9004 main panel

Table 8 ZXCTN 9004 main panel port types and quantity

Interface type Description Quantity Alarm interface 1 Management Console interface interface AUX interface 1 MGT interface 1 Accessorial SD slot 1 interface USB interface 1 GPS clock GPS clock access 1 interface BITS clock BITS clock input and output 1 interface

4.2.3 Power Suply Module

ZXCTN 9004 supports redundant power supply module, supporting -48V DC and 220V/240V AC power supply modes. All power supply modules are hot-swappable, which enables high reliability of the device.

ZXCTN 9004 supports customized power on demand, and environment protection design. Users can increase or reduce power supply modules based on their service demands so as to save energy.

4.2.3.1 DC Power Supply Module

This section introduces the functions and principles of DC power supply module (PM- DC2UB).

ZXCTN 9004 Product Description

• Functions

DC power supply board of 2U height provides all ZXCTN 9004 boards with DC power necessary for operation.

DC power supply module is equipped with complete protection functions including output over-current protection, output over-voltage protection, short-circuit protection, alarm and anti-lightning with high availability.

• Protection

Supporting 1+1 redundancy protection and redundancy configuration is recommended.

4.2.3.2 AC Power Supply Module

This section introduces the functions and principles of AC power supply module (PM- AC2U).

• Functions

AC power supply board of 2U height provides all ZXCTN 9004 boards with AC power necessary for operation, with AC power supply accessed from external.

AC power supply module is equipped with complete protection functions including output over-current protection, output over-voltage protection, short-circuit protection, alarm and anti-lightning with high availability.

• Protection

Supporting 2+1 redundancy protection and redundancy configuration is recommended.

4.2.4 Line Processing Card (LPC)

This section sheds light on the version, classification and panels of Line Processing Card (LPC).

• Functions

ZXCTN 9004 provides rich line processing cards, i.e. CES E1, IMA E1, ATM STM- 1 and FE/GE/10GE for customer side, channelized STM-1 interface for accessing IMA and CES services, POS/CPOS, GE/10GE and ML-PPP E1 of all speed at network side, and channelized STM-1 interface for accessing ML-PPP. According to network and service demands, configuration can be done flexibly.

ZXCTN 9004 line processing cards are general to those of ZXCTN 9008.

• Classification

4 System Architecture

ZXCTN 9004 mainly provides two types of LPCs: fixed interface line processing card and multi-service master-card + sub-card.

The line processing card uses flexible physical automatic adaptation and general slots. Fixed interface line processing card or multi-service master-card and sub-card can be chosen on any service slot. Besides, any sub-slot can be configured with E1, POS, ATM, and Ethernet service card.

4.2.4.1 Fixed Interface Line Processing Card

The fixed interface line processing card of ZXCTN 9004 is basically high-density Ethernet interface card. It provides 10Base-T/100Base-TX/1000Base-T electrical interface line processing card, 100Base-FX/1000Base-X-SFP optical interface line processing card, and 10G Ethernet optical interface line processing card. For specific information please refer to Table 9 :

Table 9 Fixed Interface Line Processing Card

Fixed Interface Line No. Board model Description Processing Card type 24-port 1000M Ethernet 1 P90S1-24GE-RJ electrical interface LPC 48-port 1000M Ethernet 2 P90S1-48GE-RJ electrical interface LPC 24-port Gigabit Ethernet optical 3 P90S1-24GE-SFP interface LPC 48-port Gigabit Ethernet optical 4 P90S1-48GE-SFP interface LPC 2-port 10G Ethernet optical 5 P90S1-2XGE-XFP interface LPC 4-port 10G Ethernet optical 6 P90S1-4XGE-XFP interface LPC P90S1- 24 -port G Ethernet optical 7 24GE2XGE- interface + 2-port 10G Ethernet SFPXFP optical interface LPC 24 -port Gigabit Ethernet Supporting 1588V2 8 P90S2-24GET-RJ electrical interface LPC and SyncE 48-port Gigabit Ethernet Supporting 1588V2 9 P90S2-48GET-RJ electrical interface LPC and SyncE P90S2-24GET- 24 -port Gigabit Ethernet optical Supporting 1588V2 10 SFP interface LPC and SyncE P90S2-48GET- 48-port Gigabit Ethernet optical Supporting 1588V2 11 SFP interface LPC and SyncE P90S2-2XGET- 2-port 10G Ethernet optical Supporting 1588V2 12 XFP interface LPC and SyncE P90S2-4XGET- 4-port 10G Ethernet optical Supporting 1588V2 13 XFP interface LPC and SyncE

ZXCTN 9004 Product Description

Fixed Interface Line No. Board model Description Processing Card type P90S2- 24 -port Gigabit Ethernet optical Supporting 1588V2 14 24GE2XGET- interface + 2-port 10G Ethernet and SyncE SFPXFP optical interface LPC 24 -port Gigabit Ethernet optical P90S2- Supporting 1588V2 15 24GE24GET- interface + 24-port Gigabit and SyncE SFPRJ Ethernet electrical interface LPC

Note: 90S2 version and part of sub-cards are in the planning in roadmap; so they can be applied in the next version.

4.2.4.2 Multi-service Master-card + Sub-card

Multi-service master card and sub-card covers all service interface types. They are designed to improve networking flexibility, to reduce network construction costs and to meet the demands of different types of users and networks.

ZXCTN 9004 provides 2-slot and 4-slot multi-service master cards, which can work with various different sub-cards. It enhances network flexibility and reduces network complicity greatly, so that carrier’s construction and maintenance costs go down at the same time. For specific information please refer to Table 10 :

Table 10 Sub-card

No. Board model Subcard type Description 1-port OC-192c POS 1 P90-1P192-XFP 1/2 sub-card interface Flexible Card 8-port OC-12c/OC-3c 2 P90-8P12/3-SFP configurable POS interface 1/2 sub-card sub-card 8-port GE optical interface + P90-8GE4COC3- 4-port channelized STM- 3 1/2 sub-card SFP 1/OC-3 CPOS interface sub- card 8-port GE optical interface + P90-8GE1CP12/3- 1-port OC-12/OC-3 4 1/2 sub-card SFP configurable CPOS interface sub-card 8-port GE optcial interface + 5 P90-8GE4A3-SFP 4-port OC-3c ATM interface 1/2 sub-card sub-card 1/4 sub-card, supporting 1588V2, 4-port GE electrical interface 6 P90-4GET-RJ with the latter 4 sub-card interfaces supporting SyncE

4 System Architecture

No. Board model Subcard type Description 1/4 sub-card, supporting 1588V2, 4-port GE optical interface 7 P90-4GET-SFP with the latter 4 sub-card interfaces supporting SyncE 1/4 sub-card, supporting 1588V2, 8-port GE electrical interface 8 P90-8GET-RJ with the latter 4 sub-card interfaces supporting SyncE 1/4 sub-card, supporting 1588V2, 8-port GE optical interface 9 P90-8GET-SFP with the latter 4 sub-card interfaces supporting SyncE 24-port E1/T1 interface 10 P90-24E1-DB50 1/4 sub-card multi-service sub-card 4-port OC-3c ATM/POS 1/4 sub-card, 11 P90-4OC3-SFP interface multi-service sub- supporting ATM and card POS 4-port channelized STM- 1/4 sub-card, 12 P90-4COC3-SFP 1/OC-3 CPOS interface multi- supporting TDM and service sub-card channelized POS 1/2 sub-card, 1-port 10G Ethernet optical 13 P90-1XGET-SFP supporting 1588V2 interface sub-card and SyncE 1/2 sub-card, 2-port 10G Ethernet optical 14 P90-2XGET-SFP supporting 1588V2 interface sub-card and SyncE

4.3 Software Architecture

With the help of ZXROS(Router Operation System)platform, ZXCTN 9004 supports multiple services and performances required by Metro Ethernet switch. The entire software architecture is shown in Figure 13:

ZXCTN 9004 Product Description

Figure 13 he Entire Software Architecture

• Hardware & Drive: Provide drives for the software of MSC, LIC, backplane, fan and power supply module;

• Operation System Support Platform: As the core of ZXCTN 9004 software system, it provides real-time operation system. Downstream, it is responsible for the entire hardware system of the routing switch, and upstream it offers a unified operating platform for all application programs of the entire software system. It features high reliability, real-time service, self-healing, maintainability, and encapsulation.

• System Management: provide file management, equipment management (power supply module, and fan, etc.), monitoring maintenance and diagnosis debugging to make sure the reliable equipment operation.

• System Service: Provide command line CLI, remote login (telnet and SSH), SNMP (Simple Network Management Protocol) and alarm log. Rich system services gives conveniences to device operation and maintenance

• Functions & Services: Provide multiple Ethernet-based services, including VLAN, MAC, ZESR, L2/L3 multicast, cluster management, L3 route and tunnel, IPTV, ATM emulation, TDM emulation, T-MPLS, L2 VPN (VPWS and VPLS), L3 VPN(IP VPN), ACL and QoS services

4.4 Software Platform

ZXROS is a multitask-based completely distributed real-time network operating system, providing unified IP protocol support for all devices from ZTE. ZXROS offers a mature and steady architecture, and has been extensively used by lots of carriers. Improved on the basis of the original ZXROS, the style of existing ROS is enhanced and expanded. Based on users’ requirements, it considers more about operation and maintenance cost,

4 System Architecture

service scalability and application demands. The detailed features are described as follows:

• Excellent encapsulation

− Support multiple operating systems and the smooth upgrade of the operating system.

− Adopt unified product configuration style and give conveniences to user operation and maintenance.

• Powerful Monitoring Function

− Monitor process and memory abnormities.

− Monitor the working status of power supply module, fan speed/failure, voltage, current, and working temperature.

− Provide fast failure location to guarantee high reliability of the product version.

• Flexible Modular Components

− All service module based upon ZXROS can be added or uninstalled easily; new services can be developed based upon the original architecture.

− Based upon user’s demands, provide flexible on-demand service and fast respond to user’s requirements.

• The Extension of Carrier-Class Ethernet New Services Based Upon Unified Platform

− Support MPLS-TP. Flexibly implement E-LINE, E-LAN, E-TREE multiple connection modes. Realize the safe and flexible deployment of hierarchical network.

− Support L2/L3 VPN, H-VPLS, meet the requirements of hierarchical services, support VPN multicast service and realize fast VPN deployment via unified network management system. Besides, it also quickly deploys multicast services, for example, video and IPTV services.

− Support IEEE 1588V2 and synchronized Ethernet clock mode, meet the strict requirements of Mobile Backhaul for the latency and jitter of voice service.

• With superior inter-operation, it goes in line with the following protocols and standard:

Table 11 L2 Protocol standards

L2 protocol standards IEEE 802.1d Bridging IEEE802.1x Port Based Network Access EEE 802.1s Multiple Spanning Tree IEEE 802.3ad Link Aggregation

ZXCTN 9004 Product Description

L2 protocol standards IEEE 802.1w Rapid Spanning Tree IEEE 802.3ag Service Layer OAM IEEE 802.1Q VLAN tagging IEEE 802.3ah Provider Backbone B 9216 bytes jumbo frame forward on IEEE 802.1ab LLDP(Link Layer Ethernet and pos interface Discovery Protocol) IEEE 802.1ad VLAN stacking, Select IGMP v1/v2 snooping/proxy QinQ, VLAN translate IEEE 802.3 10BaseT IEEE 802.3ae 10Gpbs Ethernet IEEE802.3ah Ethernet OAM IEEE 802.3x Flow Control IEEE 802.3 100BaseT IEEE 802.3z 1000BaseSX/LX IEEE 802.3u 100BaseTx IEEE 802.3ae 10Gbps Ethernet ESRP Ethernet smart Ring Protocol ZESS ZTE Ethernet smart switch IEEE 802.1p VLAN Priority

Table 12 TCP/IP protocol standards

TCP protocol standards RFC 768 UDP RFC 791 IP RFC 792 ICMP RFC 793 TCP RFC 826 ARP RFC 854 Telnet RFC 951 BootP RFC 1350 TFTP RFC 1812 Requirements for IPv4 RFC 1519 CIDR Routers RFC 2328 TFTP Blocksize Option RFC 2347 TFTP option Extension RFC2349TFTPTimeoutIntervaland RFC 2401 Security Architecture for TransferSize option Internet Protocol draft-ietf-bfd-mib-00.txt Bidirectional draft-ietf-bfd-base-02.txt Bidirectional Forwarding Detection Management Forwarding Detection Information Base draft-ietf-bfd-v4v6-1hop-02.txt BFD IPv4

and IPv6(Single Hop)

Table 13 RIP protocol standards

RIP protocol standards RFC 1058 RIP Version1 RFC 2453 RIP Version2 RFC 2082 RIP-2 MD5 Authentication

Table 14 OSPF protocol standards

OSPF protocol standards FC 1765 OSPF Database Overflow RFC 2328 OSPF Version 2 FC 2370 Opaque LSA Support RFC 2740 OSPF for IPv6(OSPFv3)

4 System Architecture

OSPF protocol standards RFC 3137 OSPF Stub Router RFC 3101 OSPF NSSA Option Advertisement RFC 3623 Graceful OSPF Restart–GR

helper

Table 15 BGP protocol standards

BGP protocol standards RFC 1397 BGP Default Route RFC 1772 Application of BGP in the Advertisement Internet RFC 1965 Confederations for BGP RFC 1997 BGP Attribute Communities RFC 2385 Protection of BGP Sessions RFC 2439 BGP Route-Flap Dampening via MD5 RFC 2547bis BGP/MPLS VPNs RFC 2796 BGP Route Reflection draft-ietf-idr-rfc2796bis-02.txt draft-ietf-idr-rfc2858bis-09.txt RFC 2918 Route Refresh Capability for RFC 3065 Confederations for BGP BGP4 RFC 3392 Capabilities Advertisement draft-ietf-idr-rfc3065bis-05.txt with BGP4 RFC 4360 BGP Extended Communities RFC 4271 BGP-4 (previously RFC 1771) Attribute RFC 4364 BGP/MPLS IP Virtual Private RFC 2547bis BGP/MPLS VPNs Networks (VPNs) RFC 4724 Graceful Restart Mechanism RFC 4760 Multi-protocol Extensions for for BGP–GR helper BGP RFC 4203 for Shared Risk Link Group

(SRLG) sub-TLV

Table 16 ISIS standards

ISIS standards RFC 1142 OSI IS-IS Intra-domain RFC 1195 Use of OSI IS-IS for routing Routing Protocol (ISO 10589) in TCP/IP & dual environments RFC 2763 Dynamic Hostname Exchange RFC 2973 IS-IS Mesh Groups for IS-IS RFC 3373 Three-Way Handshake for Intermediate System to Inter-mediate RFC 2966 Domain-wide Prefix System (IS-IS) Point-to-Point Distribution with Two-Level IS-IS Adjacencies RFC 3567 Intermediate System to Cryptographic Authentication Intermediate System(IS-IS) RFC 3719 recommendations for RFC 3784 Intermediate System to Interoperable Networks using IS-IS Intermediate System(IS-IS) Extensions for Traffic RFC 3787 Recommendations for Engineering (TE) Interoperable IP Networks

ZXCTN 9004 Product Description

ISIS standards RFC 3847 Restart Signaling for IS-IS– RFC 4205 for Shared Risk Link Group GR helper (SRLG) TLV draft-ietf-isis-igp-p2p-over-lan-05.txt

Table 17 VRRP standards

VRRP standards RFC 2787 Definitions of Managed RFC 3768 Virtual Router Redundancy Objects for the Virtual Router Protocol Redundancy Protocol

Table 18 LDP standards

LDP standards RFC 3036 LDP Specification draft-jork-ldp-igp-sync-03 RFC 3478 Graceful Restart Mechanism RFC 3037 LDP Applicability for LDP–GR helper

Table 19 IPV6 standards

IPV6 standards RFC 2375 IPv6 Multicast Address RFC 1981 Path MTU Discovery for IPv6 Assignments RFC 2460 Internet Protocol Version RFC 2461 Neighbor Discovery for IPv6 6(IPv6) Specification RFC 2463 Internet Control Message RFC 2462 IPv6 Stateless Address Auto Protocol(ICMPv6) for the Internet configuration Protocol Version 6 Specification RFC 2464 Transmission of IPv6 Packets RFC 2529 Transmission of IPv6 over over Ethernet Networks IPv4 Domains without Explicit Tunnels RFC 2545 Use of BGP-4 Multi-protocol RFC 2710 Multicast Listener Discovery Extension for IPv6 Inter-Domain Routing (MLD) for IPv6 RFC 3306 Unicast-Prefix-based IPv6 RFC 2740 OSPF for IPv6 Multicast Addresses RFC 3315 Dynamic Host Configuration RFC 3587 IPv6 Global Unicast Address Protocol for IPv6 Format RFC 3590 SourceAddress Selection for RFC 3810 Multicast Listener Discovery the Multicast Listener Discovery (MLD) Version 2 (MLDv2) for IPv6 Protocol RFC 4007 IPv6 Scoped Address RFC 4193 Unique Local IPv6 Unicast Architecture Addresses RFC 4659 BGP-MPLS IP Virtual Private RFC 4291 IPv6 Addressing Architecture Network(VPN) Extension for IPv6 VPN RFC 5072 IP Version 6 over PPP

4 System Architecture

Table 20 Multicast standards

Multicast standards RFC 1112 Host Extensions for IP RFC 2236 Internet Group Man-agement Multicasting(Snooping) Protocol RFC 2362 Protocol Independent RFC 3376Internet Group Management Multicast-Sparse Mode(PIM-SM) Protocol Version3 RFC 3446 Anycast Rendevous Point(RP) mechanism using Protocol Independent RFC 3618 Multicast Source Discovery Multicast(PIM) and Multicast Source Protocol (MSDP) Discovery Protocol(MSDP) RFC 4601 Protocol Independent RFC 4604 Using IGMPv3 and MLDv2 for Multicast-Sparse Mode(PIM-SM) Source-Specific Multicast RFC 4607 Source-Specific Multicast for RFC 4608 Source-Specific Protocol IP Independent Multicast in 232/8 RFC 4610 Anycast-RP Using Protocol draft-ietf-pim-sm-bsr-06.txt Independent Multicast(PIM) draft-rosen-vpn-mcast-08.txt draft-ietf-mboned-msdp-mib-01.txt

Table 21 MPLS standards

MPLS standards RFC 3031 MPLS Architecture RFC 3032 MPLS Label Stack RFC 4182 Removing a Restriction on the RFC 4379 Detecting Multi-Protocol Label use of MPLS Explicit NULL Switched (MPLS) Data Plane Failures

Table 22 RSVP-TE standards

RSVP-TE standards RFC 2430 A Provider Architecture RFC 3209 Extensions to RSVP for DiffServ & TE Tunnels RFC 2747 RSVP Cryptographic RFC 3097 RSVP Cryptographic Authentication Authentication RFC 2702 Requirements for Traffic RFC 4090 Fast reroute Extensions to Engineering over MPLS RSVP-TE for LSP Tunnels

Table 23 Differentiated Services standards

Differentiated Services standards RFC 2474 Definition of the DS Field the RFC 2598 An Expedited Forwarding IPv4 and IPv6 Headers(Rev) PHB RFC 2597 Assured Forwarding PHB RFC 3140 Per-Hop Behavior Group (rev3260) Identification Codes

Table 24 PPP standards

PPP standards

ZXCTN 9004 Product Description

PPP standards RFC 1332 PPP IPCP RFC 1377 PPP OSINLCP RFC 1662 PPP in HDLC-like Framing RFC 1638/2878 PPP BCP RFC 1661 PPP RFC 1989 PPP Link Quality Monitoring RFC 1990 The PPP Multilink RFC 2516 A Method for Transmitting Protocol(MP) PPP Over Ethernet RFC 2615 PPP over SONET/SDH

Table 25 ATM standards

ATM standards RFC 2514 Definitions of Textual RFC 2515 Definition of Managed Objects Conventions and OBJECT_IDENTI-TIES for ATM Management for ATM Management ITU-T Recommendation I.610– B-ISDN ITU-T Recommendation I.432.1–BISDN Operation and Maintenance Principles user-network interface–Physical layer and Functions version 11/95 specification: General characteristics GR-1248-CORE-Generic Requirements AF-TM-0121.000 Traffic Management for Operations of ATM Network Specification Version 4.1 Elements(NEs),Issue 3 RFC 1626 Default IP MTU for use over RFC2684 Multiprotocol Encapsulation ATM AAL5 over ATM Adaptation Layer 5 GR-1113-CORE-Asynchronous Transfer Mode (ATM) and ATM Adaptation AF-ILMI-0065.000 Integrated Local Layer(AAL) Protocols Generic Management Interface(ILMI) Version4.0 equirements,Issue1 AF-TM-0150.00 Addendum to Traffic Management v4.1 optional minimum desired cell rate indication for UBR

Table 26 DHCP standards

DHCP standards RFC 2131 DynamicHost-Configuration RFC 3046DHCP Relay Agent Information Protocol(REV) Option(Option 82)

Table 27 VPLS standards

VPLS standards RFC 4762 Virtual Private LAN Services Using LDP(previously draft-ietf-l2vpn- draft-ietf-l2vpn-vpls-mcast-reqts-04.txt vpls-ldp-08.txt)

Table 28 PW standards

PW standards

4 System Architecture

PW standards RFC 4385 Pseudo Wire Emulation Edge- RFC 3985 Pseudo Wire Emulation Edge- to-Edge(PWE3) Control Word for Use to-Edge(PWE3) over an MPLS PSN RFC 3916 Requirements for PWE3 RFC 4446 IANA Allocations for PWE3 RFC 4448 Encapsulation Methods for RFC 4447 Pseudo-wire Setup and Transport of Ethernet over MPLS Maintenance Using LDP(draft-ietf-pwe3- Networks(draft-ietf-pwe3-ethernet-encap- control-protocol-17.txt) 11.txt) RFC 4619 Encapsulation Methods for RFC 4717 Encapsulation Methods for Transport of Frame Relay over MPLS Transport ATM over MPLS Networks Networks(draft-ietf-pwe3-frame-relay- (draft-ietf-pwe3-atm-encap-10.txt) 07.txt) RFC 4816 PWE3 ATM Transparent Cell RFC 5085,Pseudowire Virtual Circuit Transport Service(draft-ietf-pwe3-cell- Connectivity Verification (VCCV):A transport-04.txt) Control Channel for Pseudo-wires draft-ietf-l2vpn-vpws-iw-oam-02.txt draft-ietf-pwe3-oam-msg-map-05-txt draft-ietf-l2vpn-arp-mediation-04.txt draft-ietf-pwe3-ms-pw-arch-02.txt draft-hart-pwe3-segmented-pw-vccv- draft-ietf-pwe3-segme nted-pw-05.txt 02.txt draft-muley-dutta-pwe3-redundancy-bit- draft-muley-pwe3-redundancy-02.txt 02.txt MFA Forum 9.0.0 The Use of Virtual MFA Forum 12.0.0 Multiservice trunks for ATM/MPLS Control Plane Interworking–Ethernet over MPLS Interworking MFA Forum 13.0.0–Fault Management MFA Forum 16.0.0–Multiservice for Multiservice Interworking v1.0 Interworking–IP over MPLS

Table 29 NM standards

NM standards ITU-T M.3010, PrincIPles for a ITU-T M.3000, Overview of TMN Telecommunications management recommendations network ITU-T M.3020, TMN Interface ITU-T M.3016, TMN security overview Specification Methodology ITU-T M.3101, Managed Object ITU-T M.3100 Generic Network Conformance Statements for the Generic Information Model Network Information Model ITU-T M.3200, TMN management ITU-T M.3300, TMN F interface services and telecommunications requirements managed areas: overview ITU-T Temporary Document 69 (IP ITU-T M.3400, TMN Management Experts): Revised draft document on IP Function access network architecture ITU-T X.701-X.709, Systems ITU-T X.710-X.719, Management Management framework and architecture Communication Service and Protocol

ZXCTN 9004 Product Description

NM standards ITU-T X.720-X.729, Structure of ITU-T X.730-X.799, Management Management Information functions RFC1213, Management Information RFC1157, Simple Network Management Base for Network Management of Protocol TCP/IP based internets: MIB-II RFC1902, Structure of Management RFC1901, Introduction to Community- Information for Version 2 of the Simple based SNMPv2 Network Management Protocol (SNMPv2) RFC1903, Textual Conventions for RFC1905, Protocol Operations for Version 2 of the Simple Network Version 2 of the Simple Network Management Protocol (SNMPv2) Management Protocol (SNMPv2) RFC2233, The Interface Group MIB RFC2037, Entity MIB using SMIv2 using SMIv2 RFC1558, A String Representation of RFC1558, A String Representation of LDAP Search Filters LDAP Search Filters RFC1777, Lightweight Directory Access RFC1778, The String Representation of Protocol Standard Attribute Syntaxes RFC2251, Lightweight Directory Access RFC1959, An LDAP URL Format Protocol (v3) RFC1493, Definitions of Managed GB901, A Service management Business Objects for Bridges Process Model GB909,Generic Requirements for GB910,Telecom Operations Map Telecommunications Management Building Blocks RFC1757, Remote Network Monitoring GB908,Network Management Detailed Management Information Base Operations Map RFC1757, Remote Network Monitoring GB914,System Integration Map Management Information Base GB917, SLA Management Handbook NMF038, Bandwidth Management V1.5 Ensemble V1.0 TMF508, Connection and Service TMF801, Plug and Play Service Management Information Model Fulfillment Phase 2 Validation Business Agreement Specification V1.0 TMF605, Connection and Service NMF037, Sub-System Alarm Management Information Model Surveillance Ensemble V1.0 TMF053, NGOSS Architecture TMF053A, NGOSS Architecture Technology Neutral Specification V1.5 Technology Neutral Specification V1.5 TMF053B, NGOSS Architecture TMF821, IP VPN Management Interface Technology Neutral Specification V1.5 Implementation Specification V1.5 TMF816, B2B Managed Service for DSL Interworking Between CORBA and TMN Interface Implementation Specification System Specification V1.0 V1.5 YD/T 871-1996 Telecom Management YD/T 852-1996 Telecom Management Network (TMN) general information Network (TMN) overall design principle model

4 System Architecture

NM standards YD/T XXXX-2001 IP network technical YD/T XXXX-2001 broadband MAN requirements – network performance overall technical requirements index and availability YDN 075-1998 China Public Multi-media YD/T XXXX-2000 IP network technical Communication Network Management requirements – overall Regulations YDN 075-1998 China Public Multi- RFC 1215 A Convention for Defining media Communication Network Traps for use with the SNMP Management Regulations RFC 1657 BGP4-MIB RFC 1724 RIPv2-MIB RFC 1850 OSPF-MIB RFC 1907 SNMPv2-MIB RFC 2096 IP-FORWARD-MIB RFC 2011 IP-MIB RFC 2012 TCP-MIB RFC 2013 UDP-MIB RFC 2138 RADIUS RFC 2206 RSVP-MIB RFC 2452 IPv6 Management Information RFC 2454 IPv6 Management Information Base for the Transmission Control Base for the User Datagram Protocol Protocol RFC 2987 VRRP-MIB RFC 3014 NOTIFICATION-LOGMIB RFC 3019 IP Version 6 Management Information Base for The Multicast RFC 3164 Syslog Listener Discovery Protocol draft-ietf-disman-alarm-mib-04.txt draft-ietf-ospf-mib-update-04.txt draft-ietf-isis-wg-mib-05.txt draft-ietf-mpls-lsr-mib-06.txt draft-ietf-mpls-te-mib-04.txt draft-ietf-mpls-ldp-mib-07.txt

ZXCTN 9004 Product Description

5 Technical Indexes and Specifications

5.1 Physical Indexes

Table 30 Physical Indexes

Description Attributes 9004 Dimensions (W×H×D) 482.6mm*399.3mm*572.6mm Physical Weight <45kg Parameters Service slots 4/8/16

5.2 Interface indexes

Table 31 Interface indexes

Port type Description RJ45 connector, Category 5 non-shielded UTP, with 10/100/1000BASE- maximal transmission distance of 100m TX Half duplex / full duplex, MDI/MDIX LC connector, multi-mode fiber, 850nm wavelength, with maximal transmission distance of 500m SX(SFP-M500) Transmission power range: -9.5dBm~-4dBm, receiving sensitivity: <-18dBm LC connector, single-mode fiber, 1310nm wavelength, with maximal transmission distance of 10km LX(SFP-S10K) Transmission power range: -9.5dBm~-3dBm, receiving sensitivity: <-20dBm LC connector, single-mode fiber, 1310nm wavelength, with maximal transmission distance of 40km LH(SFP-S40K) Transmission power range: -4dBm~0dBm, receiving sensitivity: <-22dBm LC connector, single-mode fiber, 1550nm wavelength, with maximal transmission distance of 80km LH(SFP-S80K) Transmission power range: 0dBm~5dBm, receiving sensitivity: <-22dBm LC connector, single-mode fiber, 1550nm wavelength, with maximal transmission distance of 120km LH(SFP-S120K) Transmission power range: 5dBm~9dBm, receiving sensitivity: <-24dBm

5 Technical Indexes and Specifications

Port type Description

SX(XFP-M300) LC connector, multi-mode fiber, 850nm wavelength, with maximal transmission distance of 300m LC connector, single-mode fiber, 1310nm wavelength, with LR(XFP-S10K) maximal transmission distance of 10km LC connector, single-mode fiber, 1550nm wavelength, with LH(XFP-S40K) maximal transmission distance of 40km LC connector, multi-mode fiber, 155M/1310nm wavelength, with maximal transmission distance of 2km FX(SFP-M2K) Transmission power range: -19dBm~-14dBm, receiving sensitivity: <-30dBm LC connector, single-mode fiber, 155M/1310nm wavelength, with maximal transmission distance of 15km FX(SFP-S15K) Transmission power range: -14dBm~-8dBm, receiving sensitivity: 31dBm LC connector, single-mode fiber, 155M/1310nm wavelength, with maximal transmission distance of 40km FX(SFP-S40K) Transmission power range: -4dBm~0dBm, receiving sensitivity: <-37dBm

5.3 System Performance Indexes

Table 32 System performance indexes

Description Attributes 9004 MAC Address 1M Table L2 features VLAN number 4K L2 multicast table 2K IPv4 routing table 512K L3 features L3 multicast table 4K IPv6 routing table 128K Label stacking 4 LSP number 64K LDP session MPLS 64K nubmer MPLS FRR 50ms switchover time Stream classification 16K/slot QoS rules number ACL rule number 16K/slot

ZXCTN 9004 Product Description

Description Attributes 9004 CAR granularity 64 kbit/s Queue number 256K ACL table 64K HQoS level 5 layers VRF 4K VPLS VSI 16K number VPN VLL item number 16K VPLS PW 16K number VC 32K MD 16 MA 512 Ethernet OAM MEP 16K CC transmission 3.3ms/10ms/100ms/1s/10s frequency

5.4 System Functions

5.4.1 L2 Features

Table 33 L2 features

Attributes Description Support VLAN based upon port, protocol, subnet, and MAC address VLAN Support VLAN translation (1:1, 1:2, N:1, 2:2) Support PVLAN Support QinQ-based forwarding Support ordinary QinQ, tag outer label based on port QinQ Support Selective QinQ, tag outer label based on L2 features traffic Support Selective QinQ inner priority mapping Support TPID change Support MAC address learning, aging and fixing Support static MAC address configuration MAC Support anti-attack service to protect MAC address Support SVL address learning

5 Technical Indexes and Specifications

Attributes Description Support dynamic LACP LACP Support traffic-based load balancing Support inter-line card aggregation Support broadcast packet suppression Support multicast packet suppression Support unknown packet suppression Storm suppression Support unknown unicast/multicast packet dropping Support unknown unicast/multicast broadcasting Support unknown unicast/multicast at designated forwarding port Support ARP configuration ARP Support dynamic ARP learning Support dynamic aging of ARP table aging Support STP, RSTP, and MSTP STP Support STP(Spanning Tree Protocol) based upon port and instance close Support incoming port mirroring image, outgoing port mirroring image, N:1 mirroring image, traffic Port mirroring image, and CPU mirroring image Support port loop Inspection Support port traffic control Support IGMP Snooping/proxy Support IGMP rate limit, IGMP rate filter, IGMP rate shaping L2 multicast Support IGMP fast fault switchover Support PIM snooping Support IGMP port redundancy, multicast load balancing Support IEEE 802.1ag Ethernet OAM Support IEEE 802.3ah Support ITU-T Y.1731

5.4.2 L3 Features

Table 34 L3 features

Attributes Description

Support IPv4 unicast static route Support RIPv1/v2, OSPFv2, IS-IS, BGP-4 Support policy routing IPv4 Unicast L2 features Support MVRF Route Support fast IGP Support URPF Support ECMP

ZXCTN 9004 Product Description

Attributes Description Support static multicast Support IGMPv1/v2/v3 L3 Multicast Support PIM-SM, PIM-SSM, PIM-DM, MSDP, MBGP Support master/slave switchover without packet loss

5.4.3 MPLS Features

Table 35 MPLS features

Attributes Description Support LDP Support CR-LDP Basic features Support RSVP/RSVP-TE Support BGP Support LDP/BGP-mode L2 VPN Support H-VPLS (Qinq access, LSP access) Support L2 VPN multicast MPLS L2 VPN Support L2 VPN load sharing Support Vrf to Vrf mode/single hop M-EBGP mode/multi-hop M-EBGP mode inter-domain L2 VPN deployment Support CE dual homing protection Support VPN FRR Support VPN multicast MPLS MPLS L3 VPN Support L3 VPN load sharing features Support Vrf to Vrf mode/single hop M-EBGP mode/multi-hop M-EBGP mode inter-domain L3 VPN deployment Support static LSP building Support display path building LSP tunnel Support LSP tunnel priority/tunnel occupation/tunnel backup MPLS TE Support MPLS TE FRR Support MPLS L2VPN /MPLS L3VPN Over TE Support IGP SHORTCUT Support LDP over TE Support CV/FFD interconnectivity test Support 1+1/1:1 protection mode MPLS OAM Support MPLS Ping Support MPLS Trace Route

5 Technical Indexes and Specifications

5.4.4 QoS Features

Table 36 QOS features

Attributes Description Support physical port-based traffic classification Traffic Classification Support traffic classification based on physical port and ACL Support 802.1p priority, IP Precedence, IP DSCP, IP Message TOS remarking Remarking Support dual-layer label mapping Support incoming port CAR Traffic Support traffic-based CAR QoS Monitoring Support incoming/outgoing traffic monitoring features Support remarking after traffic monitoring Support traffic-based bandwidth control Congestion Support RED and WRED Control Support CAC Support minimum 8 priority queues. Each queue Queue supports min/max bandwidth management. Scheduling Support WRR, SP, SP+WRR, and WFQ scheduling Traffic Support outgoing port-based shaping Shaping Support outgoing queue-based shaping Hierarchical Support ingress/egress H-QoS, support over 5 tiers QoS Traffic Support ACL-based traffic classification Classification H-QoS Traffic Support queue shaping based on each queue Shaping Queue Support SP, WRR, WFQ, CIR, EIR, CBS, and EBS. Scheduling

5.4.5 Service Management

Table 37 Service Management

Attribute Description Support IEEE 802.1X (EAP, PEAP) Service Support 802.1X Relay Management Support AAA authentification Support DHCP Server, DHCP Relay, DHCP Snooping

ZXCTN 9004 Product Description

5.4.6 Reliability

Table 38 Reliability

Description Attributes 9004 MTBF >400000 hours MTTR <30 minutes Reliability >=99.999% Hot- All boards support hot-swapping. Interface sub- swapping module doesn’t support hot-swapping Equipment Reliability Switching redundanc 1+1 redundancy y backup Power supply Power supply redundancy backup (AC 1+1; DC 1+1) redundanc y backup Support MPLS-TP, MPLS-TE tunnel end-to-end path protection Support MPLS-TE FRR Support BFD for Static Routing , LDP, OSPF, ISIS, BGP, RIP, VRRP, LSP, FRR, PIM DR Support Graceful Restart Support NSF/NSR non-stop forwarding in the case of master/slave switchover Support non-stop upgrade Support VRRP protocol, multi-backup configuration, Network Reliability backup priority, VRRP switching Authentification, priority replacing mode. Support E1 interface N:1 protection Support STM-N interface APS1+1 protection Support VPLS ring protection Support ZESR (ESRP+) Ethernet Ring protection Support ZESS dual homing protection Support ECMP Support the binding of physical links of single rack and multiple racks

5.4.7 Clock Synchronization

Table 39 Clock Synchronization

Attributes Description

5 Technical Indexes and Specifications

Attributes Description Support port-based clock recovery Support entire clock distribution Synchronized Ethernet Support clock extract (cable, external 2Mbit/HZ clock, GPS clock) Support SSM processing function Clock Support protocol-based clock recovery Synchronization Support clock transparent transmission IEEE 1588 Support accurate time synchronization Support multiple sessions Support BCM algorithm Pulse Phase Support 1Hz pulse per second interface Synchronization

5.4.8 Tunnel Features

Table 40 Tunnel features

Attributes Description PWE3 Circuit Support PWE3 circuit simulation of E1, STM-1 and PWE3 Simulation ETHERNET FE/GE interfaces. features TDM Circuit Support self-adaptive clock recovery Time Slot Support differential clock

MPLS Tunnel Support static MPLS tunnel

Static Tunnel Support T-MPLS tunnel Service Support 1+1 and 1:1 linear protection T-MPLS Support 1+1 and 1:1 SNC linear protection Tunnel Support steering/swapping ring protection Support APS switchover

5.4.9 Security Features

Table 41 Security features

Attributes Description

ZXCTN 9004 Product Description

Attributes Description Support anti-DOS attack Support anti-BPDU attack Support CPU protection Support anti-ARP attack Support IPv4 uRPF Support hierarchical command protection Support protection of deformity message and failed message Support anti-IP fragment Attack Support anti-LAND attack Prevention Support anti-SMURF attack Support anti-SYN FLOOD attack Support anti-PING FLOOD attack Security Support anti-Teardrop attack features Support anti-Ping of Death attack Support RFC2267 net interface filtering Support one-way session control Support Packet header logging Support anti-source IP address spoofing attack Support the initiation and disablement of protocol priority processing CPU Security Support protocol packet protection Protection Support filtering the delivered CPU message by check matching fields. Support data log monitoring Advanced Support automatic broadcasting storm suppression Security Features Support control/signaling MD5 encryption and authentification

5.4.10 Operation and Maintenance

Table 42 Operation and Maintenance

Attributes Description

5 Technical Indexes and Specifications

Attributes Description Support command line Support hierarchical and differentiated management classification authority Support code aging and confirmation. Support console management Support user access service management Support remote access in SSH, TELNET, WEB, SNMP, SSL ways Support different types of alarm (voice and light Operation and alarm platform) Maintenance Support ZXNM01 integrated network management Support CLI hierarchical network management Support user access control list Operation and Support the recovery of configuration storage Maintenance Support record of operation log Support management of alarm log Support basic MIB Support traffic statistical Support MPLS VPN Debug Cluster ZGMP, LLDP/ZTP/ZGMP Management Support Ethernet OAM Support MPLS OAM Support MPLS-TP OAM OAM Support T-MPLS OAM Support OAM tool (LSP Ping, LSP trace route, and VPLS MAC Ping, etc.)

ZXCTN 9004 Product Description

6 Operation and Maintenance

6.1 Network Management Platform

Adopting ZTE unified network management NetNumen T3, ZXCTN 9004 implements integrated management together with SDH/MSTP, ASON, WDM, and OTN. Please refer to related network management software technical specification for NetNumen T3 technical specifications.

6.2 Maintenance and Management

6.2.1 Monitoring and Maintenance

ZXCTN 9004 is capable of multiple ways of equipment monitoring, management and maintenance, which enables the equipment to process all sorts of abnormity accordingly, and provide users with all types of parameters during the course of equipment operation.

6.2.1.1 Equipment Monitoring

• There are indicators on power supply module, fan, MSC and all LICs. They show the operating status of these components;

• The MSC switchover and hot-swapping records are kept for future user reference;

• When the fan, power supply or temperature goes wrong, the voice alarm and software alarm will be generated;

• The system inspects the suitability of software versions during operation automatically;

• The system operation automatically monitors the module temperature, and provides temperature control alarm and software alarm;

• The system monitors the operating status of the software, when abnormity happens, the LIC will be restarted and MSC switchover will be implemented;

6.2.1.2 Equipment management and maintenance

• The command line provides flexible online help;

• Provide hierarchical user authority management and hierarchical commands;

6 Operation and Maintenance

• Support information center, provide unified management of log, alarm and debugging information;

• Via CLI command, user can check the basic information of all MSC, LIC, and optical modules;

• Provide multiple sorts of information query, including version, component status, environment temperature, CPU and memory utilization;

6.2.2 Diagnosis and Debugging

ZXCTN 9004 provides multiple sorts of diagnosis and debugging methods, enabling user to have multiple ways to adjust equipment and get more debugging information.

• Ping and TraceRoute: by inspecting whether or not the network connection is reachable and recording the transport path online, for further reference of failure locating;

• Debugging: rich debug commands are provided for each software feature. Every debug command supports multiple debugging parameters, so it can be controlled flexibly. Via debug command, specific information of the progress, packet processing and error inspection of the service in the course of operation can be displayed;

• Mirroring image service: it supports interface-based mirroring image, via which the incoming, outgoing or bidirectional packets are duplicated to the observed interface;

6.2.3 Software Upgrade

ZXCTN 9004 provides software upgrade modes in both normal and abnormal conditions.

• Upgrade when the system is abnormal: Provide software version upgrade when the equipment can not be initiated normally. Via modifying boot imitation mode, load new software version from the management Ethernet interface to complete imitation upgrade;

• Upgrade when the system is normal: Provide local or remote FTP online upgrade when the equipment is in normal condition;

ZXCTN 9004 Product Description

7 Environment Indicators

7.1 Power supply

ZXCTN 9004 supports AC 110V/220V and DC -48V power supply. The input voltage fluctuation and power consumption are shown in Table 43 :

Table 43 Input voltage fluctuation and power consumption

Description Attributes 9004 Power supply (AC) (110~220V) +/-10%,50Hz Power supply (DC) -48V +/-20% Power supply Maximum power supply for the whole set with full <1500W configuration

7.2 Storage

7.2.1 Climate

Climate requirements for equipment storage are shown in Table 44 :

Table 44 Climate requirements (storage environment)

Indicator Value Altitude 4000 m Air pressure 70 kPa ~ 106kPa Temperature -40 ℃ ~ +70 ℃ Temperature change rate 1 ℃/min Relative humidity 5% ~ 100% Solar radiation 1120 W/s2 Thermal radiation 600 W/s 2 Wind speed 20 m/s

7.2.2 Water-proof

• On-site equipment is usually required to be stored indoor.

7 Environment Indicators

• Make sure there is no water on ground and there will be no water leaking to the equipment packaging case.

• Avoid the places where may be water leaking such as automatic fire-fighting equipment and air-conditioner.

• The following four terms should be met at the same time if the equipment has to be deployed outdoor:

− Packaging case is sound.

− There is necessary facility to keep off the rain from the packaging case.

− There is no water at the place where packaging case is put. There is no water penetrating into the packaging case.

− Away from direct sunlight.

7.2.3 Biological environment

• Avoid microbe propagation such as epiphyte and mildew.

• Avoid rodent animals such as rats.

7.2.4 Air cleanliness

• No explosive, electric, magnetic or caustic dust.

• Mechanical active material density shall conform to the requirements in Table 45 :

Table 45 Requirements of mechanical active material density (storage environment)

Mechanical active material Content Suspended dust 5.00 mg/m 3 Falling down dust 20.0 mg/m 2h Sand 300 mg/m 3

• Chemical active material density shall conform to the requirements in Table 46 :

Table 46 Requirements of chemical active material density (storage environment)

Chemical active material Contect(mg/m 3)

Sulfur dioxide (SO 2) 0.30

Sulfureted hydrogen (H 2S) 0.10

Nitrogen dioxide (NO 2) 0.50

ZXCTN 9004 Product Description

Chemical active material Contect(mg/m 3)

Ammonia (NH 3) 1.00

Chlorine (Cl 2) 0.10 Hydrochloric acid (HCl) 0.10 Hydrofluoric acid (HF) 0.01

Ozone (O 3) 0.05

7.3 Transportation

7.3.1 Climate

The requirements of climate during equipment transportation are shown in Table 47 :

Table 47 Climate (transportation environment)

Indictor Value Altitude 4000 m Air pressure 70 kPa ~ 106kPa Temperature -40 ℃ ~ +70 ℃ Temperature change rate 1 ℃/min Comparative humidity 5% ~ 100% Solar radiation 1120 W/s 2 Thermal radiation 600 W/s 2 Wind speed 20 m/s

7.3.2 Water-proof requirements

• On-site equipment is usually required to be stored indoor.

• Make sure there is no water on ground and there will be no water leaking to the equipment packaging case.

• The following three terms should be met at the same time if the equipment has to be deployed outdoor:

− Packaging case is sound.

− The transportation vehicle shall be equipped with necessary rain-proof facility to keep off rain from the packaging case.

− There is no water inside the transportation vehicle.

7 Environment Indicators

7.3.3 Biological environment

• Avoid microbe propagation such as epiphyte and mildew.

• Avoid rodent animals such as rats.

7.3.4 Air cleanliness

• No explosive, electric, magnetic or caustic dust.

• Mechanical active material density shall conform to the requirements in Table 48 :

Table 48 Requirements of mechanical active material density (transportation environment)

Mechanical active material Content Suspended dust No requirement Falling down dust 3.0 mg/m 2h Sand 100 mg/m 3

• Chemical active material density shall conform to the requirements in Table 49 :

Table 49 Requirements of chemical active material density (transportation environment)

Chemical active material Content(mg/m 3)

Sulfur dioxide (SO 2) 0.30

Sulfureted hydrogen (H 2S) 0.10

Nitrogen dioxide (NO 2) 0.50

Ammonia (NH 3) 1.00

Chlorine (Cl 2) 0.10 Hydrochloric acid (HCl) 0.10 Hydrofluoric acid (HF) 0.01

Ozone (O 3) 0.05

7.4 Operation

7.4.1 Climate

The requirements of environment temperature and comparative humidity for equipment operation are shown in Table 50 . Other climate requirements are shown in Table 51 :

Table 50 Temperature and humidity requirements (operation environment)

Item Range

ZXCTN 9004 Product Description

Item Range long-term operation 0 ℃~+45 ℃ Environment temperature short-term operation -5 ℃~+50 ℃ long-term operation 10%~90% Comparative humidity short-term operation 5%~95%

Note: Measurement of temperature and humidity is implemented 1.5m above the ground and 0.4m in front of the equipment. Short-term operation indicates not more than 96 hours continuous work and not more than 15 days a year.

Table 51 Other climate requirements (operation environment)

Item Range Altitude 4000 m Air pressure 70 kPa ~ 106kPa Temperature change rate 30 ℃/h Solar radiation 700 W/s 2 Thermal radiation 600 W/s 2 Wind speed 5m/s

7.4.2 Biological environment

• Avoid microbe propagation such as epiphyte and mildew.

• Avoid rodent animals such as rats.

7.4.3 Air cleanliness

• No explosive, electric, magnetic or caustic dust.

• Mechanical active material density shall conform to the requirements in Table 52 :

Table 52 Requirements of mechanical active material density (operation environment)

Mechanical active material Content Dust particles 3×105 particles / m 3 Suspended dust 5.00 mg/m 3 Falling down dust 20.0 mg/m 2h Sand 300 mg/m 3

• Chemical active material density shall conform to the requirements in Table 53 :

7 Environment Indicators

Table 53 Requirements of chemical active material density (operation environment)

Chemical active material Content(mg/m 3)

Sulfur dioxide (SO 2) 0.30

Sulfureted hydrogen (H 2S) 0.10

Nitrogen dioxide (NO 2) 0.50

Nitrogen dioxide (NO 2) 3.00

Chlorine (Cl 2) 0.10 Hydrochloric acid (HCl) 0.10 Hydrofluoric acid (HF) 0.01

Ozone (O 3) 0.05

Nitrogen oxide (NO X) 0.50

7.5 Electromagnetic Compatibility

Electromagnetic compatibility covers anti-interference and interference features.

7.5.1 Criterion

Four principles used to distinguish test results are decided before an introduction to electromagnetic compatibility is made.

Table 54 Description of principles used to distinguish test results

Principles used to distinguish test Description results Digital signal port: during the process of test, the equipment works well. When every interference ends, error count shall not be more than the permitted maximum error count for normal operation (the maximum error count for this equipment Performance A is 0). Simulated audio signal port: keep connected during the whole test process. The noise signal received from the tested equipment (EUT) measured with over 600 resistance shall not be more than -40dBm. Digital signal port: temporary performance drop is caused by interference in the test. But equipment performance can get back to normal automatically upon interference revocation. There is no frame queue or synchronization loss during every Performance B interference. Electromagnetic impact shall not cause alarm. Simulated audio signal port: keep connected during the whole test process. Surge test permits connection interrupts. The tested equipment (EUT) shall get back to normal automatically when interference ends.

ZXCTN 9004 Product Description

Principles used to distinguish test Description results Temporary performance drop is caused by interference in the test. But equipment performance can get back to normal Performance C automatically or by manual reset upon interference revocation. The equipment can pass the test without damage or generating other interference (such as software damage or incorrect operation on failure protection equipment). In addition, it shall operate within stipulated limits when transient Performance R electromagnetic phenomenon ends. The interference that the equipment suffers may cause action of fuse or other stipulated equipment. Fuse can be replaced and the equipment can be reset before normal operation restores.

7.5.2 Anti-interference performance

7.5.2.1 Electro-Static Discharge(ESD)

Electro-Static Discharge performance is shown in Table 55 :

Table 55 Electro-Static Discharge performance

Contact discharge Air discharge Criterion 6 kV 8 kV Performance B 8 kV 15 kV Performance R

Note: conforming to IEC61000-4-2 and GB/T 17626.2-1998 standards.

7.5.2.2 Radiated Susceptibility(RS)

Radiated Susceptibility performance is shown in Table 56 :

Table 56 Radiated Susceptibility performance

Test frequency 80 MHz ~2 GHz Electric field strength Amplitude modulation Criterion 10 V/m 80%AM(1 kHz) Performance A

Note: conforming to IEC61000-4-3 and GB/T 17626.3-1998 standards.

7.5.2.3 Electrical Fast Transient burst immunity(EFT)

• DC power supply port immunity (direct coupling) performance is shown in Table 57 :

7 Environment Indicators

Table 57 DC power supply port immunity performance

Repetition Generator wave Voltage Criterion frequency 5 ns/50 ns ±1 kV 5 kHz Performance B

Note: conforming to IEC61000-4-4 and GB/T 17626.4-1998 standards.

• AC power supply port immunity (direct coupling) performance is shown in Table 58 :

Table 58 AC power supply port immunity performance

Repetition Generator wave Test Voltage Criterion frequency 5 ns/50 ns ±2 kV 5 kHz Performance B

Note: conforming to IEC61000-4-4 and GB/T 17626.4-1998 standards.

• Signal cable and control cable port immunity (using capacity coupling clamp) performance is shown in Table 59 :

Table 59 Signal cable and control cable port immunity performance

Repetition Generator wave Test Voltage Criterion frequency 5 ns/50 ns ±1 kV 5 kHz Performance B

Note: conforming to IEC61000-4-4 and GB/T 17626.4-1998 standards.

7.5.2.4 Lightning surge immunity

• DC power supply lightning surge immunity performance is shown in Table 60 :

Table 60 DC power supply lightning surge immunity performance

Generator wave:1.2 µs/50 µs(8 µs/20 µs) Internal Test mode Test Voltage Criterion resistance Cable to cable 2 Ω ±1 kV Performance B Cable to ground 12 Ω ±2 kV Performance B

Note: conforming to IEC61000-4-5 and GB/T 17626.5-1998 standards.

• AC power supply lightning surge immunity performance is shown in Table 61 :

ZXCTN 9004 Product Description

Table 61 AC power supply lightning surge immunity performance

Test mode Internal Test mode Test Voltage Criterion resistance Cable to cable 2 Ω ±4 kV Performance B Cable to ground 12 Ω ±6 kV Performance B

Note: conforming to IEC61000-4-5 and GB/T 17626.5-1998 standards.

• Outdoor signal cable surge immunity performance is shown in Table 62 :

Table 62 Outdoor signal cable surge immunity performance

Generator wave:10 µs/700 µs Internal Test mode Test Voltage Criterion resistance Cable to ground 40 Ω ±2 kV Performance B

• Signal cable (more than 10m) surge immunity performance is shown in Table 63 :

Table 63 Signal cable (more than 10m) surge immunity performance

Generator wave:1.2 µs/50 µs(8 µs/20 µs) Internal Test mode Test Voltage Criterion resistance Cable to ground 42 Ω ±1 kV Performance B

7.5.2.5 Conducted Susceptibility (CS)

Conducted Susceptibility performance is shown in Table 64 :

Table 64 Conducted Susceptibility performance

Test frequency:0.15 MHz~80 MHz Test strength Amplitude Modulation Criterion 3 V 80%AM(1 kHz) Performance A

Note: conforming to IEC61000-4-6 and GB/T 17626.6-1998 standards.

7.5.2.6 Voltage Dips and short interruptions immunity

AC power supply port voltage dips and short interruptions immunity performance is shown in Table 65 :

7 Environment Indicators

Table 65 AC power supply port voltage dips and short interruptions immunity performance

Voltage drop rate Duration(ms) Criterion >95% 50 Performance B 30% 500 Performance C >95% 5000 Performance C

Note: only for AC power supply, conforming to IEC61000-4-11 and GB/T 17626.11-1999 standards.

DC power supply port voltage dips and short interruptions immunity performance is shown in Table 66 :

Table 66 DC power supply port voltage dips and short interruptions immunity performance

Voltage Duration(ms Conditions Indicator Criterion change rate ) attached Performance 0.01 - B 70% Performance 1 - C Voltage sag Performance 0.01 - B 40% Performance 1 - C High Performance 0.001 impedance B (testing 0 generator Performance 5 exports C Short voltage impedance) interruption High Performance 0.001 impedance B (testing 0 generator Performance 5 exports C impedance) Performance 0.1 - A 80% Performance 10 - A Voltage change Performance 0.1 - A 120% Performance 10 - A

Note: only for DC power supply, conforming to IEC61000-4-11 and GB/T 17626.11-1999 standards.

ZXCTN 9004 Product Description

7.5.2.7 Voltage ripple and flicker immunity

AC power supply port voltage ripple and flicker performance is shown in Table 67 :

Table 67 AC power supply port voltage ripple and flicker performance

Voltage drop rate Duration(ms) Criterion 95% 10 Performance B 30% 500 Performance C 95% 5000 Performance C

7.5.3 Interference features

Interference features include Conducted Emission and Radiated Emission, which conforms to CISPR 22 and GB 9254 ClassA standards.

7.5.3.1 Conducted Emission

DC/AC power supply port conducted emission performance is shown in Table 68 :

Table 68 DC/AC power supply port conducted emission performance

Voltage limit(dB µV) Test frequency(MHz) Quasi-Peak Value Average 0.15~0.50 79 66 0.50~30.00 73 60

Ethernet/E1 signal port conducted emission performance is shown in Table 69 :

Table 69 Ethernet/E1 signal port conducted emission performance

Voltage limit(dB µV) Test frequency(MHz) Quasi-Peak Value Average 0.15~0.50 97~87 84~74 0.50~30.00 87 74

7.5.3.2 Radiated Emission

Radiation field intensity performance is shown in Table 70 :

Table 70 Radiation field intensity performance

Quasi-Peak Value limit(dB µV/m) Test frequency(MHz) Testing distance 10 m Testing distance 3 m

7 Environment Indicators

Quasi-Peak Value limit(dB µV/m) Test frequency(MHz) Testing distance 10 m Testing distance 3 m 30~230 40 50 230~1000 47 57

7.6 Environment protection indexes

ZXCTN 9004 adopts APC automatic power control, CAN bus whole-course whole-set intelligent monitoring, and power consumption intelligent dynamic adjusting system. It supports adjustable fan with infinite variable speed, port-level automatic power consumption adjustment to realize the highest energy-saving performance per port in the industry. By reducing power consumption and heat emission to reduce discharge of carbon dioxide, ZXCTN 9004 meets Europe Environment Protection RoHS standards. With environment protection measures adopted during the whole manufacturing process, all raw materials and elements of ZXCTN 9004 is recyclable to realize green environment.

ZXCTN 9004 Product Description

Abbreviations Abbreviations Full form in English ACL Access Control List AG Access Gateway APC Automatic Power Control APS Automatic Protect Switch ASIC Application Specific Integrated Circuit ARPU Average Revenue Per User ATCA Advanced Telecom Computing Architecture ATM Asynchronous Transfer Mode BCB Backbone Core Bridge BEB Backbone Edge Bridge, BFD Bidirectional Forwarding Detection BGP Border Gateway Protocol B-MAC Backbone MAC BPDU Bridge PDU CAC Connection Access Control CAM Content-addressable Memory CAN Controller-area Network CAPEX Capital Expenditures CDN Content Distribution Network CDR Call Detail Record CE Carrier Ethernet CESoPSN Circuit Emulation Services over PSN CMS Center Media Server CV Connectivity Verification DoS Denial of Service DPI Deep Packet Inspection DVMRP Distance vector Multicast Routing Protocol EAPS Ethernet Automatic Protection Switching ECMP Equal Cost of Multi-path E-LAN Ethernet LAN E-LINE Ethernet LINE EMS Edge Media Server ESRP Ethernet standby Routing Protocol E-TREE Ethernet TREE FDDI Fiber Distributed Digital Interface FFD Fast Failure Detection

Abbreviation

Abbreviations Full form in English FRR Fast Reroute GFP General Format Protocol GPS Global Position System GR Graceful restart HDLC High Level Data Link Control H-VPLS Hierarchical Virtual Private Lan Servie IAD Integrated Access Device ICMP Internet Control Message Protocol IGMP Internet Group Management Protocol IMA Inverse Multiplexing for ATM IPMS Intelligent Platform Message sub-system IPMC Intelligent Platform Message control IPOE IP over Ethernet IPS Intrusion Detection Systems IPMB Intelligent Platform Message Bus ISIS Intermediate System-Intermediate System LACP Link Aggregation Control Protocol LIC Line Interface Card LPC Line Process Card LSP Label Switch Path MCE Multi-instance Customer Edge MPLS Multi-Protocol Label Swtiching MSG Media Service Gateway MSTP Multiple Spanning Tree Protocol MTU Maximum Transmission Unit MVR Multicast VLAN Registration NE Network Element NGN Next Generation Network

OAM Operations Administration and Maintenance OPEX Operation Expense OSPF Open Shortest Path First PIM Protocol Independent Multicast PIM-DM Protocol Independent Multicast-Dense Mode PIM-SM Protocol Independent Multicast-Sparse Mode PIM-SSM Protocol Independent Multicast-Source Specific Multicast PMD Physical Medium Dependent POS Packet over SDH PPP Point to Point Protocol

ZXCTN 9004 Product Description

Abbreviations Full form in English PPPOE PPP over Ethernet PRV Preview PSN Packet Switch Network PUPSPV Per User Per Service Per VLAN PVLAN Private VLAN PW Pseudo-wire PWE3 PW Emulation End to End RED Random Early Detection RIP Routing Information Protocol RNC Radio Network Controller ROS Routing Operation System RP Rendezvous Point RPR Resilient Packet Ring RSTP Rapid Spanning Tree Protocol SAToP Structure-Agnostic TDM over PSN SDH Synchronous Digital Hierarchy SLA Service Level Agreement SMS Service Management System SNMP Simple Network Management Protocol SSM Source Specific Multicast STP Spanning Tree Protocol SyncE Synchronization Ethernet SVLAN Select VLAN TCO Total Cost of Ownership TCP Transport Control Protocol TDM Time Division Multiplex and Multiplexer TL1 Transaction Language 1 TM Traffic Manager UDP User Datagram Protocol URPF Unicast Reverse Path Forwarding VLL Virtual Leased Line VOIP Voice over IP VPLS Virtual Private LAN Service VPN Virtual Private Network VPWS Virtual Private Wire Service VRF Virtual Routing and Forwarding VRRP Virtual Router Redundancy Protocol WRED Weighted Random Early Detection WFQ Weighted Fair Queuing

Abbreviation

Abbreviations Full form in English ZESR ZTE Ethernet Smart Ring ZESS ZTE Ethernet Smart Switching ZGMP ZTE Group Management Protocol ZGMS ZTE General Multicast System ZTP ZTE Topology Discovery Protocol