Você está na página 1de 112

HUAWEI NetEngine40E Universal ServiceRouter

V600R006C00
Product Description

Issue 01

Date 2012-09-30

HUAWEI TECHNOLOGIES CO., LTD.


Copyright © Huawei Technologies Co., Ltd. 2012. All rights reserved.
No part of this document may be reproduced or transmitted in any form or by any means without prior
written consent of Huawei Technologies Co., Ltd.

Trademarks and Permissions

and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.
All other trademarks and trade names mentioned in this document are the property of their respective
holders.

Notice
The purchased products, services and features are stipulated by the contract made between Huawei and
the customer. All or part of the products, services and features described in this document may not be
within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements,
information, and recommendations in this document are provided "AS IS" without warranties, guarantees or
representations of any kind, either express or implied.
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute a warranty of any kind, express or implied.

Huawei Technologies Co., Ltd.


Address: Huawei Industrial Base
Bantian, Longgang
Shenzhen 518129
People's Republic of China
Website: http://www.huawei.com

Email: support@huawei.com

Huawei Proprietary and Confidential


Issue 01 (2012-09-30) i
Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description About This Document

About This Document

Purpose
This document describes the product positioning and features, product architecture, link
features, service features, application scenarios, operation and maintenance, and technical
specifications of the NE40E device.
This document provides an overall description of the NE40E device, which helps intended
readers get a general understanding of all the product features.

Intended Audience
This document is intended for:
l Network planning engineers
l Hardware installation engineers
l Commissioning engineers
l Data configuration engineers
l On-site maintenance engineers
l Network monitoring engineers
l System maintenance engineers

Symbol Conventions
The symbols that may be found in this document are defined as follows.

Symbol Description
Indicates a hazard with a high level of risk, which if not
avoided, will result in death or serious injury.

Indicates a hazard with a medium or low level of risk,


which if not avoided, could result in minor or moderate
injury.
Indicates a potentially hazardous situation, which if not
avoided, could result in equipment damage, data loss,
performance degradation, or unexpected results.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential ii


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description About This Document

Symbol Description
Indicates a tip that may help you solve a problem or save
time.

Provides additional information to emphasize or


supplement important points of the main text.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential iii


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description Contents

Contents

About This Document ................................................................................................................ ii


1 New Hardware and Features in the V600R006C00 .............................................................. 1
2 Product Positioning ................................................................................................................. 5
3 Product Architecture ................................................................................................................ 7
3.1 Physical Architecture .................................................................................................................................. 7
3.2 Logical Architecture ................................................................................................................................... 8
3.3 Software Architecture ................................................................................................................................. 9
3.4 Data Forwarding Process .......................................................................................................................... 11

4 Technical Specifications ....................................................................................................... 13


5 Boards ...................................................................................................................................... 17
5.1 FPIC ........................................................................................................................................................ 17
5.2 LPUS-20 .................................................................................................................................................. 23
5.3 LPUI-21-L ............................................................................................................................................... 23
5.4 LPUI-41 ................................................................................................................................................... 24
5.5 LPUS-41 .................................................................................................................................................. 24
5.6 LPUI-51 ................................................................................................................................................... 25
5.7 LPUS-51 .................................................................................................................................................. 26
5.8 LPUI-100 ................................................................................................................................................. 26
5.9 LPUS-100 ................................................................................................................................................ 27
5.10 LPUI-101 ............................................................................................................................................... 27
5.11 LPUS-101 .............................................................................................................................................. 27
5.12 SPU ....................................................................................................................................................... 28

6 Link Features .......................................................................................................................... 29


6.1 Ethernet Link Features .............................................................................................................................. 29
6.2 FR Link Features ...................................................................................................................................... 30
6.3 POS Link Features ................................................................................................................................... 30
6.4 CPOS Link Features ................................................................................................................................. 31
6.5 ATM Link Features ................................................................................................................................... 32
6.6 CE1/CT1/E3/CT3 Link Features ............................................................................................................... 33

7 Service Features ...................................................................................................................... 34

Issue 01 (2012-09-30) Huawei Proprietary and Confidential iv


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description Contents

7.1 Ethernet Features ...................................................................................................................................... 34


7.1.1 Layer 2 Ethernet Features ................................................................................................................ 34
7.1.2 Layer 3 Ethernet Features ................................................................................................................ 35
7.1.3 QinQ Features ................................................................................................................................. 35
7.1.4 Flexible Access to VPNs .................................................................................................................. 36
7.1.5 RRPP Link Features ........................................................................................................................ 36
7.1.6 RSTP/MSTP Features ...................................................................................................................... 37
7.1.7 BPDU Tunneling Features ............................................................................................................... 37
7.2 IP Features ............................................................................................................................................... 37
7.2.1 IPv4/IPv6 Dual Stack....................................................................................................................... 37
7.2.2 IPv4 Features................................................................................................................................... 37
7.2.3 IPv6 Features................................................................................................................................... 38
7.2.4 IPv4/IPv6 Transition Technology ..................................................................................................... 38
7.3 Routing Protocol ...................................................................................................................................... 39
7.3.1 Unicast Routing............................................................................................................................... 39
7.3.2 Multicast Routing ............................................................................................................................ 40
7.4 MPLS ...................................................................................................................................................... 42
7.5 VPN Features ........................................................................................................................................... 45
7.5.1 Tunnel Policy .................................................................................................................................. 45
7.5.2 VPN Tunnel .................................................................................................................................... 45
7.5.3 MPLS L2VPN ................................................................................................................................. 45
7.5.4 BGP/MPLS L3VPN ........................................................................................................................ 48
7.5.5 GRE ................................................................................................................................................ 48
7.5.6 IPSEC ............................................................................................................................................. 49
7.6 QoS.......................................................................................................................................................... 49
7.7 Load Balancing ........................................................................................................................................ 54
7.8 Traffic Statistics........................................................................................................................................ 55
7.9 User Access .............................................................................................................................................. 56
7.10 Value-Added Service .............................................................................................................................. 59
7.11 IP RAN Features..................................................................................................................................... 59
7.12 Network Reliability ................................................................................................................................ 60
7.13 Clock ..................................................................................................................................................... 67
7.14 CGN ...................................................................................................................................................... 69

8 Security Features .................................................................................................................... 71


9 Energy Conservation and Emission Reduction.................................................................. 77
10 Applicable Environment ..................................................................................................... 79
10.1 Application on an IP Bearer Network ...................................................................................................... 79
10.2 Application on an IPTV Bearer Network ................................................................................................. 81
10.3 Application on a Multi-Service IP MAN ................................................................................................. 82
10.4 Application on an IPv6 Backbone Network ............................................................................................. 83
10.5 IP RAN Solution .................................................................................................................................... 84

Issue 01 (2012-09-30) Huawei Proprietary and Confidential v


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description Contents

10.6 iVSE Solution ........................................................................................................................................ 86


10.7 Dual-Stack User Access and Transition Solutions .................................................................................... 89

11 Operation and Maintenance ............................................................................................... 91


11.1 System Configuration Modes .................................................................................................................. 91
11.2 System Management and Maintenance .................................................................................................... 92
11.3 Device Running Status Monitoring.......................................................................................................... 92
11.4 HGMP .................................................................................................................................................... 93
11.5 System Service and Status Tracking ........................................................................................................ 94
11.6 System Test and Diagnosis ...................................................................................................................... 94
11.7 NQA ...................................................................................................................................................... 94
11.8 In-Service Debugging ............................................................................................................................. 95
11.9 Upgrade Features .................................................................................................................................... 95
11.10 License ................................................................................................................................................. 96
11.11 Other Operation and Maintenance Features ........................................................................................... 96

12 NMS ....................................................................................................................................... 97
A Acronyms and Abbreviations.............................................................................................. 99

Issue 01 (2012-09-30) Huawei Proprietary and Confidential vi


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 1 New Hardware and Features in the V600R006C00

1 New Hardware and Features in the


V600R006C00

New Hardware and Feature Chapter


The following LPUF-101/LPUF-101-B and 5.1 FPIC
subboards are newly added:
l 24-Port 100/1000Base-X-SFP Flexible
Card A(P101-A)
l 5-Port 10GBase LAN/WAN-SFP+
Flexible Card A(P101-A)
l 1-Port 40GBase LAN-CFP Flexible
Card A(P101-A)
The following LPUI-101s are newly added: 5.10 LPUI-101
l 2-Port 40GBase LAN-CFP Integrated
Line Processing Unit (LPUI-101)
l 1-Port 100GBase-CFP Integrated Line
Processing Unit (LPUI-101)
l 10-Port 10GBase LAN/WAN-SFP+
Integrated Line Processing Unit
(LPUI-101)
l 2-Port 40GBase LAN-CFP Integrated
Line Processing Unit B(LPUI-101-B)
l 10-Port 10GBase LAN/WAN-SFP+
Integrated Line Processing Unit
B(LPUI-101-B)
The following LPUS-101s are newly added: 5.11 LPUS-101
l 2-Port 40GBase LAN-CFP Line
Processing Unit S(LPUS-101)
l 1-Port 100GBase-CFP Line Processing
Unit S(LPUS-101)
l 10-Port 10GBase LAN/WAN-SFP+
Line Processing Unit S(LPUS-101)

The following LPUF-51/LPUF-51-B with 5.1 FPIC

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 1


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 1 New Hardware and Features in the V600R006C00

New Hardware and Feature Chapter


two sub-slots and subboards are newly
added:
l 24-Port 100/1000Base-X-SFP Flexible
Card A(P51-A)
l 5-Port 10GBase LAN/WAN-SFP+
Flexible Card A (P51-A, 2 sub-slots)
l 2-Port 10GBase LAN/WAN-SFP+
Flexible Card A (P51-A)
The following LPUI-51s are newly added: 5.6 LPUI-51
l 5-Port 10GBase LAN/WAN-SFP+
Integrated Line Processing Unit
(LPUI-51)
l 4-Port 10GBase LAN/WAN-SFP+
Integrated Line Processing Unit
(LPUI-51)
l 48-Port 100/1000Base-X-SFP Integrated
Line Processing Unit (LPUI-51)
l 2-Port 10GBase LAN/WAN-SFP+ +
24-Port 100/1000Base-X-SFP Integrated
Line Processing Unit (LPUI-51)
l 5-Port 10GBase LAN/WAN-SFP+
Integrated Line Processing Unit
B(LPUI-51-B)
l 4-Port 10GBase LAN/WAN-SFP+
Integrated Line Processing Unit
B(LPUI-51-B)
l 48-Port 100/1000Base-X-SFP Integrated
Line Processing Unit B(LPUI-51-B)
l 2-Port 10GBase LAN/WAN-SFP+ +
24-Port 100/1000Base-X-SFP Integrated
Line Processing Unit B(LPUI-51-B)
l 5-Port 10GBase LAN/WAN-SFP+
Integrated Line Processing Unit
L(LPUI-51-L)
l 48-Port 100/1000Base-X-SFP Integrated
Line Processing Unit L(LPUI-51-L)
l 2-Port 10GBase LAN/WAN-SFP+ +
32-Port 100/1000Base-X-SFP Integrated
Line Processing Unit L(LPUI-51-L)
The following LPUS-51s are newly added: 5.7 LPUS-51
l 5-Port 10GBase LAN/WAN-SFP+ Line
Processing Unit S(LPUS-51)
l 4-Port 10GBase LAN/WAN-SFP+ Line
Processing Unit S(LPUS-51)
l 48-Port 100/1000Base-X-SFP Line
Processing Unit S(LPUS-51)

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 2


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 1 New Hardware and Features in the V600R006C00

New Hardware and Feature Chapter


l 2-Port 10GBase LAN/WAN-SFP+ +
24-Port 100/1000Base-X-SFP Line
Processing Unit S(LPUS-51)

The following LPUF-50s with four sub-slots 5.1 FPIC


and subboards are newly added:
l 8-Port OC-3c/STM-1c ATM-SFP
Flexible Card
l 2-Port 10GBase WAN/LAN-SFP+
Flexible Card A
l 4-Port Channelized OC-3c/STM-1c
POS-SFP Flexible Card
l 8-Port Channelized OC-3c/STM-1c
POS-SFP Flexible Card

The following LPUI-21-Ls are newly 5.3 LPUI-21-L


added:
l 24-Port 100/1000Base-X-SFP Integrated
Line Processing Unit L(LPUI-21-L)
l 1-Port 10GBase LAN/WAN-SFP+ +
16-Port 100/1000Base-X-SFP Integrated
Line Processing Unit L(LPUI-21-L)

The following SPUs and subboards are 5.12 SPU


newly added:
l Flexible Card Versatile Service Unit 160
(VSUF-160)
l Flexible Card Versatile Service Unit 80
(VSUF-80)
l Versatile Service Flexible Card (SP160)
l Versatile Service Flexible Card (SP80)
The following MPLS L2VPN features are 7.5.3 MPLS L2VPN
newly added:
l VPLS PW Redundancy
l VE interfaces support IPv6 when VPLS
access is deployed.

The following IP RAN features are newly 7.11 IP RAN Features


added:
l Y.1731 over PBB VPLS
l VE interfaces support TP OAM
l Dynamic PWs and MS-PWs support TP
OAM
The following features in terms of network 7.12 Network Reliability
reliability are newly added:
l VE interfaces support MC-PW APS
l HA Backup

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 3


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 1 New Hardware and Features in the V600R006C00

New Hardware and Feature Chapter


The following applicable environment is 10.7 Dual-Stack User Access and Transition
newly added: Solutions
l Dual-stack user access and transition
solutions

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 4


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 2 Product Positioning

2 Product Positioning

HUAWEI NetEngine40E Universal Service Router (hereinafter referred to as the NE40E) is a


high-end router. The NE40E is positioned as the edge or convergence router on the IP
backbone network.
Based on the powerful Versatile Routing Platform (VRP), the NE40E features the following:
l Rich services
l Large capacity
l High performance
l High availability
The NE40E can be classified into the NE40E-X16, NE40E-X8, NE40E-X3, and NE40E-8.

NE40E-X16 NE40E-X8 NE40E-X3(DC)

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 5


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 2 Product Positioning

NE40E-X3(AC) NE40E-8

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 6


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 3 Product Architecture

3 Product Architecture

About This Chapter


3.1 Physical Architecture
3.2 Logical Architecture
3.3 Software Architecture
3.4 Data Forwarding Process

3.1 Physical Architecture


The physical architecture includes the following systems:
l Power distribution system
l Functional host system
l Heat dissipation system
l Network management system
All systems except the network management system (NMS) are located in an integrated
cabinet. The power distribution system consists of power modules working in n+n backup
mode.
The following describes only the functional host system.
The functional host system comprises the system backplane,/Main Processing Units (MPUs),
Line Processing Units (LPUs), Switch and Fabric Units (SFUs). It is connected to the NMS
through NMS interfaces. The functional host system processes data as well as monitors and
manages the entire system, including the power distribution system and heat dissipation
system. Figure 3-1 shows the functional host system of the NE40E.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 7


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 3 Product Architecture

Figure 3-1 Functional host system


Backplane
Monitoring
Monitoring bus System
Monitoring unit bus Management monitoring unit
bus Management bus
Management switching unit
Management unit bus
(1) MPU
System
POS/ contorlling unit (Master)
Ethernet Physical Forwarding
unit Monitoring
interface unit Serial link bus System
group Management monitoring unit
bus Management bus
switching unit

(1) System MPU


Monitoring controlling unit (Slave)
Monitoring unit bus
Monitoring
Management bus Switching network
Management unit
bus Management monitoring unit
bus Switching network
control unit
POS/
Ethernet Physical Forwarding
unit Switching
interface unit Serial link network
group

SFU module
(1) The link connects to the managment bus switching unit of another MPU

3.2 Logical Architecture


The logical architecture of the NE40E consists of the following planes:
l Data plane
l Control and management plane
l Monitoring plane
Figure 3-2 shows the logical architecture.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 8


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 3 Product Architecture

Figure 3-2 Logical architecture

LPU MPU LPU

Monitoring Monitoring
unit unit
Monitoring
plane System
monitoring unit Monitoring
Monitoring unit
unit

Management Management
System
unit unit
Control and controlling unit
management
plane Management Management
Switching
unit unit
network
control unit

Forwarding Forwarding
unit unit
Data plane
Switching
network Forwarding
Forwarding
unit unit
LPU LPU

l The data plane is responsible for high speed processing and non-blocking switching of
data packets. It encapsulates or decapsulates packets, forwards IPv4/IPv6/MPLS packets,
performs QoS as well as scheduling and internal high-speed switching, and collects
statistics.
l The control and management plane completes all control and management functions for
the system and is the core of the entire system. Control and management units process
protocols and signals, and maintain, manage, report on, and control system status.
l The monitoring plane monitors the ambient environment to ensure secure and stable
operation of the system. It detects voltage levels, controls system power-on and-off,
monitors temperature, and controls fan modules. When a unit fails, the monitoring plane
isolates the faulty unit promptly so that other parts of the system can continue to run
normally.

3.3 Software Architecture


shows the software architecture of the NE40E

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 9


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 3 Product Architecture

Figure 3-3 Software architecture

Power FAN
Monitoring Monitoring

RPS RPS
SNMP
Master Slave

IPC

LPU
FSU FSU FSU
……
EFU EFU EFU

LPU LPU PIC

Software of the NE40E consists of the Routing Process System (RPS), power monitoring
system, fan monitoring system, Forwarding Support Unit (FSU), and Express Forwarding
Unit (EFU).
The RPS, which includes IPOS software, VRP software, and product-adaptation software, is
the control and management module that runs on the MPU. The RPS on the active MPU and
the one on the standby MPU back up each other. RPSs support IPv4/IPv6, MPLS, LDP, and
routing protocols, calculate routes, establish LSPs and multicast distribution trees, generate
unicast, multicast, and MPLS forwarding tables, and they deliver information concerning all
the preceding mentioned to the LPU.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 10


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 3 Product Architecture

3.4 Data Forwarding Process


Figure 3-4 Data forwarding process

PIC

Datagram Datagram

Processing on the incoming Processing on the outgoing


interface interface
Downstream traffic
Upstream traffic classification
classification

PFE IPv4 unicast Searching the Packet


IPv4 unicast
IPv4 multicast routing table to encapsulation
IPv4 multicast
MPLS forward packets and forwarding
MPLS
IPv6 in the
IPv6
MAC downstream

Congestion Queue
QoS in the management scheduling QoS in the
upstream Queue Congestion downstream
scheduling management
TM Multicast replication

Packet fragmentation Packet reassembly

Micro cell Micro cell


SFU

As shown in Figure 3-4, the Packet Forwarding Engine (PFE) adopts a Network Processor
(NP) or an Application Specific Integrated Circuit (ASIC) to implement high-speed packet
routing. External memory types include Static Random Access Memory (SRAM), Dynamic
Random Access Memory (DRAM), and Net Search Engine (NSE). The SRAM stores
forwarding entries; the DRAM stores packets; the NSE performs searching routing table.
Data forwarding processes can be divided into upstream and downstream processes based on
the direction of the data flow.
l Upstream process: The Physical Interface Card (PIC) encapsulates packets to frames and
then sends them to the PFE. On the PFE of the inbound interface, the system
decapsulates the frames and identifies the packet types. It then classifies traffic according
to the QoS configurations on the inbound interface. After traffic classification, the
system searches the Forwarding Information Base (FIB) for the outbound interfaces and
next hops of packets to be forwarded. To forward an IPv4 unicast packet, for instance,
the system searches the FIB for the outbound interface and next hop according to the
destination IP address of the packet. Finally, the system sends the packets containing
information about outbound interfaces and next hops to the traffic management (TM)
module.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 11


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 3 Product Architecture

l Downstream process: Information about packet types that have been identified in the
upstream process and about the outbound interfaces is encapsulated through the link
layer protocol and the packets are stored in corresponding queues for transmission. If an
IPv4 packet whose outbound interface is an Ethernet interface, the system needs to
obtain the MAC address of the next hop. Outgoing traffic is then classified according to
the QoS configurations on the outbound interfaces. Finally, the system encapsulates the
packets with new Layer 2 headers on the outbound interfaces and sends them to the PIC.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 12


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 4 Technical Specifications

4 Technical Specifications

Table 4-1 Technical specifications

Item NE40E-X16 NE40E-X8 NE40E-X3 NE40E-8


Dimensions (width x 442 mm x 442 mm x DC chassis: 442 mm x 669
depth x height) 650 mm x 650 mm x l 442 mm x mm x 886mm
1420 mm 620 mm 650 mm x ( 17.40 in. x
( 17.40 in. x ( 17.40 in. x 175 mm 26.34 in. x
25.59 in. x 25.59 in. x ( 17.40 in. 34.88 in. )
55.91 24.41 x 25.59
in. )(chassis in. )(chassis in. x 6.89
main body main body in. )(chass
dimensions) dimensions) is main
442 mm x 442 mm x body
770 mm x 770 mm x dimension
1420 mm 620 mm s)
( 17.40 in. x ( 17.40 in. x l 442 mm x
30.31 in. x 30.31 in. x 750 mm x
55.91 24.41 175 mm
in. )(chassis in. )(chassis (17.40 in.
dimensions dimensions x 29.53
including the including the in. x 6.89
chassis's chassis's front in. )(chass
front and rear and rear is
assembly and assembly and dimension
cable racks) cable racks) s
including
the
chassis's
front and
rear
assembly
and cable
racks)
AC chassis:
l AC
chassis:
442 mm x
650 mm x

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 13


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 4 Technical Specifications

Item NE40E-X16 NE40E-X8 NE40E-X3 NE40E-8


220 mm
( 17.40 in.
x 25.59
in. x 8.66
in. )(chass
is main
body
dimension
s)
l 442 mm x
750 mm x
220 mm
(17.40 in.
x 29.53
in. x 8.66
in. )(chass
is
dimension
s
including
the
chassis's
front and
rear
assembly
and cable
racks)

Installation Mounted in an N68E cabinet or a standard 19-inch cabinet

Weight (in full 267 kg 130 kg DC chassis: 147 kg ( 324.14


configuration) ( 588.74 lb ) ( 286.65 lb ) 41 kg ( 90.41 lb )
lb )
AC chassis:
51
kg( 112.46
lb )

Maximum power 6500 W 3300 W 1100 W 2200 W


Heat dissipation 21089 10707 3569 7137 BTU/hour
BTU/hour BTU/hour BTU/hour
MTBF(year) 36.38 36.23 37.35 21.82
MTTR(hour) 0.5 0.5 0.5 0.5
Reliability 0.999998431 0.999998424 0.999998472 0.999997384

Total number of slots 22 11 5 12


Number of service 16 8 3 8
slots

Forwarding capacity 3200 Mpps 1600 Mpps 300 Mpps 400 Mpps

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 14


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 4 Technical Specifications

Item NE40E-X16 NE40E-X8 NE40E-X3 NE40E-8


Switching capacity 12.58Tbit/s 7.08Tbit/s 1.08 Tbit/s 640 Gbit/s
(bidirectional (bidirectional (bidirectional (bidirectional)
) ) )

Backplane bandwidth 30 Tbit/s 15 Tbit/s 1.35 Tbit/s 2 Tbit/s

Interface capacity 3.2 Tbit/s 1.6 Tbit/s 240 Gbit/s 320 Gbit/s
(bidirectional) (bidirectional (bidirectional (bidirectional (bidirectional)
) ) )
SDRAM 2 GB (The 2 GB (The 2 GB 2 GB
capacity can capacity can
be extended be extended
to 4 GB.) to 4 GB.)
Flash 32 MB 32 MB 32 MB 32 MB

CF Card Two 2-GB Two 2-GB One 2-GB Two 512-MB


CF cards on CF cards on USB disk on CF cards on
each MPU each MPU each MPU each MPU
DC input Rated -48 V
voltage voltag
e

Maxim -38 V to -72 V


um
voltag
e range
AC input Rated 220 V
voltage voltag
e

Maxim 90 V to 275 90 V to 275 175 V to 275 175 V to 275


um V V V V
voltag (recommend) (recommend)
e range 175 V to 275 175 V to 275
V V

Ambient Long-t 0°C to 45°C ( 32°F to 113°F )


temperature erm
Short-t -5°C to 55°C ( 23°F to 131°F )
erm Remarks: Limit of the temperature change rate: 30°C
( 86 °F )/hour

Storage -40°C to 70°C (-40°F to 158°F )


temperature
Relative Long-t 5% RH to 85% RH, non-condensing
ambient erm
humidity
Short-t 5% RH to 95% RH, non-condensing
erm

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 15


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 4 Technical Specifications

Item NE40E-X16 NE40E-X8 NE40E-X3 NE40E-8


Relative 0% RH to 95% RH, non-condensing
storage
humidity

Elevation Lower than 3000 m ( 9842.4 ft )


limit for
long-term
work

Storage Lower than 5000 m ( 16404 ft )


elevation
limit

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 16


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 5 Boards

5 Boards

About This Chapter


5.1 FPIC
5.2 LPUS-20
5.3 LPUI-21-L
5.4 LPUI-41
5.5 LPUS-41
5.6 LPUI-51
5.7 LPUS-51
5.8 LPUI-100
5.9 LPUS-100
5.10 LPUI-101
5.11 LPUS-101
5.12 SPU

5.1 FPIC
LPUF-10 and Its FPICs
The LPUF-10 provides four sub-slots and supports a maximum of 10 Gbit/s bandwidth.
The LPUF-10 FPICs support hot swapping and automatic configuration restoration. The
LPUF-10 supports installation of different types of FPICs.

Table 5-1 Flexible plug-in cards supported by the LPUF-10

Name Remarks
Flexible Card Line Processing Motherboard

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 17


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 5 Boards

Name Remarks
Unit(LPUF-10,four slots)

1-Port OC-192c/STM-64c POS-XFP Occupies two sub-slots.


Flexible Card(Occupy two slots)

1-Port OC-48c/STM-16c POS-SFP Occupies one sub-slot.


Flexible Card
8-Port 100/1000Base-X-SFP Flexible Occupies one sub-slot.
Card

2-Port OC-12c/STM-4c ATM-SFP Occupies one sub-slot.


Flexible Card
4-Port OC-3c/STM-1c ATM-SFP Occupies one sub-slot.
Flexible Card
4-Port OC-3c/STM-1c ATM-SFP Occupies one sub-slot.
Flexible Card(P10)

2-Port OC-48c/STM-16c POS-SFP Occupies one sub-slot.


Flexible Card

4-Port OC-48c/STM-16c POS-SFP Occupies one sub-slot.


Flexible Card
4-Port OC-12c/STM-4c POS-SFP Occupies one sub-slot.
Flexible Card

8-Port OC-12c/STM-4c POS-SFP Occupies one sub-slot.


Flexible Card

4-Port OC-3c/STM-1c POS-SFP Occupies one sub-slot.


Flexible Card

8-Port OC-3c/STM-1c POS-SFP Occupies one sub-slot.


Flexible Card

2-Port Channelized OC-3c/STM-1c Occupies one sub-slot.


POS-SFP Flexible Card
4-Port Clear Channel E3/Channelized Occupies one sub-slot.
T3-SMB Flexible Card
24-Port Channelized E1/T1-DB100 Occupies one sub-slot.
Flexible Card

8-Port 100/1000Base-X-SFP Flexible Occupies one sub-slot and supports 1588v2.


Card A(P10-A,Supporting 1588v2)

LPUF-21 and Its FPICs


The LPUF-21 provides two sub-slots, and supports FPIC hot-swapping and a maximum of 20
Gbit/s bandwidth.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 18


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 5 Boards

Table 5-2 Flexible plug-in cards supported by the LPUF-21

Name Remarks
Flexible Card Line Processing Unit(LPUF-21,2 Motherboard
sub-slots) A (L3VPN, MVPN, IPv6 Enhanced) The LPUF-21-A supports all
software features provided by
the NE40E.
Flexible Card Line Processing Unit(LPUF-21,2 Motherboard
sub-slots) B The LPUF-21-B does not
support L3VPN, MVPN, or
IPv6. LPUF-21-B can be
upgraded with licenses to
support all functions of the
LPUF-21-A.

Flexible Card Line Processing Unit(LPUF-21,2 Motherboard


sub-slots) E
1-Port 10GBase WAN/LAN-XFP Flexible Card Occupies one sub-slot.
12-Port 100/1000Base-SFP Flexible Card Occupies one sub-slot.

12-Port 10/100/1000Base-RJ45 Flexible Card Occupies one sub-slot.

1-Port 10GBase WAN/LAN-XFP Flexible Card Occupies one sub-slot and


A(Supporting 1588v2) supports 1588v2.

12-Port 100/1000Base-SFP Flexible Card A(Supporting Occupies one sub-slot and


1588v2) supports 1588v2.

1-Port OC-192c/STM-64c POS-XFP Flexible Card Occupies one sub-slot.


40-Port 100/1000Base-SFP Flexible Card(Occupy two Occupies two sub-slots.
sub-slots)

40-Port 10/100/1000Base-RJ45 Flexible Card(Occupy Occupies two sub-slots.


two sub-slots)

4-Port 10GBase WAN/LAN-XFP Flexible Card(Occupy Occupies two sub-slots.


two sub-slots)
2-Port 10GBase LAN/WAN-XFP+20-Port Occupies two sub-slots.
100/1000Base-X-SFP Flexible Card(P20,Occupy two
sub-slots)
1-Port 10GBase LAN/WAN-XFP Flexible Card B Occupies one sub-slot.
(P20-B)
12-Port 100/1000Base-X-SFP Flexible Card B (P20-B) Occupies one sub-slot.
1-Port 10GBase LAN/WAN-XFP Flexible Card E Occupies one sub-slot.
(P20-E)
10-Port 1000Base-X-SFP Flexible Card E (P20-E) Occupies one sub-slot.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 19


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 5 Boards

LPUF-40 and Its FPICs


The LPUF-40 provides two sub-slots, and supports FPIC hot-swapping and a maximum of 40
Gbit/s bandwidth.
The LPUF-40 and its FPICs can be used only on the NE40E-X16, NE40E-X8, NE40E-X3
and NE80E.

Table 5-3 FPICs supported by the LPUF-40

Name Remarks
Flexible Card Line Processing Motherboard
Unit(LPUF-40,2 sub-slots) A (L3VPN, The LPUF-40-A supports all software
MVPN, IPv6 Enhanced) features provided by the NE40E.

Flexible Card Line Processing Motherboard


Unit(LPUF-40,2 sub-slots) B The LPUF-40-B does not support L3VPN,
MVPN, or IPv6, but can be upgraded with
licenses to support all functions of the
LPUF-40-A.
Flexible Card Line Processing Motherboard
Unit(LPUF-40,2 sub-slots) E

2-Port 10GBase LAN/WAN-XFP flexible Occupies one subcard slot.


card (P40)
20-Port 10/100/1000Base-RJ45 flexible Occupies one subcard slot.
card (P40)

2-Port 10GBase LAN/WAN-XFP Flexible Occupies one subcard slot.


Card B (P40-B)

20-Port 100/1000Base-X-SFP Flexible Card Occupies one subcard slot.


B (P40-B)

2-Port 10GBase LAN/WAN-XFP flexible Occupies one subcard slot.


card A (P40-A, supporting 1588v2)

20-Port 100/1000Base-X-SFP flexible card Occupies one subcard slot.


A (P40-A, supporting 1588v2)
20-Port 100/1000Base-X-SFP flexible card Occupies one subcard slot.
(P40)
4-Port 10GBase LAN/WAN-XFP Flexible Occupies one subcard slot.
Card(P40,Occupy one sub-slot)

20-Port 1000Base-X-SFP Flexible Card E Occupies one subcard slot.


(P40-E)
2-Port 10GBase LAN/WAN-XFP Flexible Occupies one subcard slot.
Card E (P40-E)
2-Port 10GBase LAN/WAN-XFP Flexible Occupies one subcard slot.
Card V (P40-V)

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 20


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 5 Boards

LPUF-50 and Its FPICs


The LPUF-50 provides four sub-slots, and supports FPIC hot-swapping and a maximum of 50
Gbit/s bandwidth.
The LPUF-50 and its FPICs can be used only on the NE40E-X16, NE40E-X8, NE40E-X3.

Table 5-4 Flexible plug-in cards supported by the LPUF-50

Name Remarks
Flexible Card Line Processing Motherboard
Unit(LPUF-50,four slots)

24-Port Channelized E1/T1-DB100 Flexible Occupies two sub-slots.


Card
8-Port OC-3c/STM-1c POS-SFP Flexible Occupies two sub-slots.
Card

4-Port OC-48c/STM-16c POS-SFP Flexible Occupies two sub-slots.


Card

2-Port OC-48c/STM-16c POS-SFP Flexible Occupies two sub-slots.


Card
2-Port Channelized OC-3c/STM-1c Occupies two sub-slots.
POS-SFP Flexible Card

8-Port OC-12c/STM-4c POS-SFP Flexible Occupies two sub-slots.


Card

8-Port 100/1000Base-X-SFP Flexible Card Occupies two sub-slots.


A(P10-A,Supporting 1588v2)

2-Port 10GBase WAN/LAN-SFP+ Flexible Occupies two sub-slots.


Card A (P50-A)
8-Port OC-3c/STM-1c ATM-SFP Flexible Occupies two sub-slots.
Card

4-Port Channelized OC-3c/STM-1c Occupies two sub-slots.


POS-SFP Flexible Card
8-Port Channelized OC-3c/STM-1c Occupies two sub-slots.
POS-SFP Flexible Card
1-Port OC-192c/STM-64c POS-XFP Occupies two sub-slots.
Flexible Card(Occupy two slots)

LPUF-51 and Its FPICs


The LPUF-51 provides two sub-slots, and supports FPIC hot-swapping and a maximum of 50
Gbit/s bandwidth.
The LPUF-51 and its FPICs can be used only on the NE40E-X16, NE40E-X8, NE40E-X3.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 21


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 5 Boards

Table 5-5 Flexible plug-in cards supported by the LPUF-51

Name Remarks
Flexible Card Line Processing Motherboard
Unit(LPUF-51,2 sub-slots)
Flexible Card Line Processing Motherboard
Unit(LPUF-51,2 sub-slots) B

24-Port 100/1000Base-X-SFP Flexible Card Occupies one sub-slot.


A(P51-A)

5-Port 10GBase LAN/WAN-SFP+ Flexible Occupies two sub-slots.


Card A(P51-A, Occupy two sub-slots)

2-Port 10GBase LAN/WAN-SFP+ Flexible Occupies one sub-slot.


Card A(P51-A)

LPUF-100 and Its FPICs


The LPUF-100 provides four subcard slots. The FPICs of the LPUF-100 support hot
swapping. The LPUF-100 supports a maximum of 100 Gbit/s bandwidth.
The LPUF-100 and its FPICs can be used only on the NE40E-X16 and NE40E-X8.

Table 5-6 FPICs supported by the LPUF-100

Name Remarks
Flexible Card Line Processing Motherboard
Unit(LPUF-100,4 sub-slots)

5-Port 10GBase LAN/WAN-XFP Flexible Occupies two subcard slots.


Card A(P100-A,Supporting 1588v2,Occupy
two sub-slots)
5-Port 10GBase LAN/WAN-SFP+ Flexible Occupies two subcard slots.
Card B(P100-B,Occupy two sub-slots)

24-Port 100/1000Base-X-SFP Flexible Occupies two subcard slots.


Card(P100,Occupy two sub-slots)
48-Port 100/1000Base-X-CSFP Flexible Occupies two subcard slots.
Card(P100,Occupy two sub-slots)

2-Port OC-192c/STM-64c POS-XFP Occupies one subcard slot.


Flexible Card(P100,Occupy one sub-slot)
1-Port OC-768c/STM-256c POS-2KM-LC Occupies two subcard slots.
Flexible Card(P100,Occupy two sub-slots)

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 22


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 5 Boards

LPUF-101 and Its FPICs


The LPUF-101 provides four sub-slots, and supports FPIC hot-swapping and a maximum of
100 Gbit/s bandwidth.
The LPUF-101 and its FPICs can be used only on the NE40E-X16, NE40E-X8 and
NE40E-X3.

Table 5-7 Flexible plug-in cards supported by the LPUF-101

Name Remarks
Flexible Card Line Processing Motherboard
Unit(LPUF-101)

Flexible Card Line Processing Motherboard


Unit(LPUF-101) B

24-Port 100/1000Base-X-SFP Flexible Card Occupies two sub-slots.


A(P101-A)

5-Port 10GBase LAN/WAN-SFP+ Flexible Occupies two sub-slots.


Card A(P101-A)

1-Port 40GBase LAN-CFP Flexible Card Occupies two sub-slots.


A(P101-A)

5.2 LPUS-20
Table 5-8 LPUS-20

Board Name Remarks


4-Port 10GBase LAN/WAN-XFP Line -
Processing Unit S(LPUS-20)

40-Port 100/1000Base-X-SFP Line -


Processing Unit S(LPUS-20)
40-Port 10/100/1000Base-RJ45 Line -
Processing Unit S(LPUS-20)

5.3 LPUI-21-L
Table 5-9 LPUI-21-L

Board Name Remarks


24-Port 100/1000Base-X-SFP Integrated -

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 23


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 5 Boards

Board Name Remarks


Line Processing Unit L(LPUI-21-L)

1-Port 10GBase LAN/WAN-SFP+ + -


16-Port 100/1000Base-X-SFP Integrated
Line Processing Unit L(LPUI-21-L)

5.4 LPUI-41
The LPUI-41 can be used only on the NE40E-X16, NE40E-X8, NE40E-X3 and NE80E.

Table 5-10 LPUI-41

Board Name Remarks


8-port 10GBase LAN/WAN-XFP Integrated -
Line Processing Unit (LPUI-41)

4-port 10GBase LAN/WAN-XFP Integrated -


Line Processing Unit (LPUI-41)

48-port 100/1000Base-X-SFP Integrated -


Line Processing Unit (LPUI-41)

2-port 10GBase LAN/WAN-XFP + 24-port -


100/1000Base-X-SFP Integrated Line
Processing Unit (LPUI-41)

4-port 10GBase LAN/WAN-XFP Integrated -


Line Processing Unit (LPUI-41, supporting
1588v2)
40-port 100/1000Base-X-SFP Integrated -
Line Processing Unit (LPUI-41, supporting
1588v2)

2-port 10GBase LAN/WAN-XFP + 20-port -


100/1000Base-X-SFP Integrated Line
Processing Unit (LPUI-41, supporting
1588v2)

5.5 LPUS-41
The LPUS-41 can be used only on the NE40E-X16, NE40E-X8, NE40E-X3 and NE80E.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 24


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 5 Boards

Table 5-11 LPUS-41

Board Name Remarks


8-Port 10GBase LAN/WAN-XFP Line -
Processing Unit S(LPUS-41)
4-Port 10GBase LAN/WAN-XFP Line -
Processing Unit S(LPUS-41)

48-Port 100/1000Base-X-SFP Line -


Processing Unit S(LPUS-41)

2-Port 10GBase LAN/WAN-XFP+24-Port -


100/1000Base-X-SFP Line Processing Unit
S(LPUS-41)

5.6 LPUI-51
The LPUI-51 can be used only on the NE40E-X16, NE40E-X8, NE40E-X3 .

Table 5-12 LPUI-51

Board Name Remarks


5-Port 10GBase LAN/WAN-SFP+ -
Integrated Line Processing Unit (LPUI-51)

4-Port 10GBase LAN/WAN-SFP+ -


Integrated Line Processing Unit (LPUI-51)

48-Port 100/1000Base-X-SFP Integrated -


Line Processing Unit (LPUI-51)
2-Port 10GBase LAN/WAN-SFP+ + -
24-Port 100/1000Base-X-SFP Integrated
Line Processing Unit (LPUI-51)

5-Port 10GBase LAN/WAN-SFP+ -


Integrated Line Processing Unit
B(LPUI-51-B)
4-Port 10GBase LAN/WAN-SFP+ -
Integrated Line Processing Unit
B(LPUI-51-B)

48-Port 100/1000Base-X-SFP Integrated -


Line Processing Unit B(LPUI-51-B)
2-Port 10GBase LAN/WAN-SFP+ + -
24-Port 100/1000Base-X-SFP Integrated
Line Processing Unit B(LPUI-51-B)
5-Port 10GBase LAN/WAN-SFP+ -
Integrated Line Processing Unit

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 25


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 5 Boards

Board Name Remarks


L(LPUI-51-L)

48-Port 100/1000Base-X-SFP Integrated -


Line Processing Unit L(LPUI-51-L)

2-Port 10GBase LAN/WAN-SFP+ + -


32-Port 100/1000Base-X-SFP Integrated
Line Processing Unit L(LPUI-51-L)

5.7 LPUS-51
The LPUS-51 can be used only on the NE40E-X16, NE40E-X8, NE40E-X3.

Table 5-13 LPUS-51

Board Name Remarks


5-Port 10GBase LAN/WAN-SFP+ Line -
Processing Unit S(LPUS-51)

4-Port 10GBase LAN/WAN-SFP+ Line -


Processing Unit S(LPUS-51)

48-Port 100/1000Base-X-SFP Line -


Processing Unit S(LPUS-51)

2-Port 10GBase LAN/WAN-SFP+ + -


24-Port 100/1000Base-X-SFP Line
Processing Unit S(LPUS-51)

5.8 LPUI-100
The LPUI-100 can be used only on the NE40E-X16 and NE40E-X8.

Table 5-14 LPUI-100

Board Name Remarks


1-Port 100GBase-CFP Integrated Line -
Processing Unit (LPUI-100)
10-port 10GBase LAN/WAN-XFP -
Integrated Line Processing Unit (LPUI-100,
supporting 1588v2)
16-port 10GBase LAN-SFP+ Integrated -
Line Processing Unit (LPUI-100)

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 26


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 5 Boards

5.9 LPUS-100
The LPUS-100 can be used only on the NE40E-X16 and NE40E-X8.

Table 5-15 LPUS-100

Board Name Remarks


10-Port 10GBase LAN/WAN-XFP Line -
Processing Unit S(LPUS-100)

16-Port 10GBase LAN-SFP+ Line -


Processing Unit S(LPUS-100)
1-Port 100GBase-CFP Line Processing Unit -
S (LPUS-100)

5.10 LPUI-101
The LPUI-101 can be used only on the NE40E-X16, NE40E-X8, NE40E-X3.

Table 5-16 LPUI-101

Board Name Remarks


2-Port 40GBase LAN-CFP Integrated Line -
Processing Unit (LPUI-101)

1-Port 100GBase-CFP Integrated Line -


Processing Unit (LPUI-101)

10-Port 10GBase LAN/WAN-SFP+ -


Integrated Line Processing Unit (LPUI-101)

2-Port 40GBase LAN-CFP Integrated Line -


Processing Unit B(LPUI-101-B)
10-Port 10GBase LAN/WAN-SFP+ -
Integrated Line Processing Unit
B(LPUI-101-B)

5.11 LPUS-101
The LPUS-101 can be used only on the NE40E-X16, NE40E-X8, NE40E-X3.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 27


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 5 Boards

Table 5-17 LPUS-101

Board Name Remarks


2-Port 40GBase LAN-CFP Line Processing -
Unit S(LPUS-101)
1-Port 100GBase-CFP Line Processing Unit -
S(LPUS-101)

10-Port 10GBase LAN/WAN-SFP+ Line -


Processing Unit S(LPUS-101)

5.12 SPU
Table 5-18 SPU

Board Name Remarks


Versatile Service Processing Unit C An SPUC implements the NetStream
function and processes tunnel services
related to GRE and NAT and multicast
VPNs

Flexible Card Versatile Service Unit 10 A VSUF-10 implements the FCC, RET and
(VSUF-10) MDI functions.

Integrated Versatile Service Unit 20 A A VSUI-20-A implements the CGN and


(VSUI-20-A) IPSec functions.

Flexible Card Versatile Service Unit 80 It forwards data at 80 Gbit/s and can hold
(VSUF-80) one versatile service flexible card (SP80).
Flexible Card Versatile Service Unit 160 It forwards data at 160 Gbit/s and can hold
(VSUF-160) two versatile service flexible cards
(SP160s).

Versatile Service Flexible Card (SP80) -


Versatile Service Flexible Card (SP160) -

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 28


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 6 Link Features

6 Link Features

About This Chapter


6.1 Ethernet Link Features
6.2 FR Link Features
6.3 POS Link Features
6.4 CPOS Link Features
6.5 ATM Link Features
6.6 CE1/CT1/E3/CT3 Link Features

6.1 Ethernet Link Features


The NE40E provides the following features on Ethernet interfaces:
l Flow control and auto negotiation of rates
l Bundling of up to 16 physical Ethernet interfaces
The formed Eth-Trunk interface functions the same as a common Ethernet interface in
supporting services.
l Bundling of interfaces of different rates
l Binding of interfaces on different boards into one Eth-Trunk
l Eth-Trunk member interfaces in active/standby mode
l The NE40E can perform active/standby switchover automatically on Eth-Trunk member
interfaces when the link status of interfaces changes.
l Addition or deletion of member interfaces to or from an Eth-Trunk interface
The NE40E can sense the Up or Down status of member interfaces, thus dynamically
changing the bandwidth of the Eth-Trunk.
l Layer 2 and Layer 3 Eth-Trunk interfaces
l E-Trunk, that is, Eth-Trunk interface whose member interfaces reside on different
devices
l Association between Eth-Trunk links and BFD
l LACP defined in 802.3ad

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 29


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 6 Link Features

The Link Aggregation Control Protocol (LACP) maintains link status according to
interface status. LACP adjusts or disables link aggregation in the case of aggregation
changes.
l Virtual Ethernet interfaces
The NE40E supports virtual Ethernet (VE) interfaces. After an ATM Permanent Virtual
Circuit (PVC) is mapped to a manually-created VE interface, Ethernet frames can be
transmitted over the ATM Adaptation Layer (AAL5). This enables the VE interface to
provide Layer 2 switched services and Layer 3 IP services.
VE interfaces support IPv4 and IPv6 addresses and VRF dual-stack.
l Ethernet clock synchronization
l 1588v2 clock
l VLAN sub-interfaces
l Interface loopback, including local loopback and remote loopback

6.2 FR Link Features


The FR features supports the following function:
l Data Link Control Identifier (DLCI)
l PVC
l FR address mapping
l Local Management Interface (LMI)
l FR sub-interfaces
The NE40E supports sub-interfaces on 10G POS interfaces and inter-AS VPN Option A.
l FRF.8(Frame Relay/ATM PVC Service Interworking Implementation Agreement)
The FRF.8 can be classified into local FRF.8 and remote FRF.8.
The FRF.8 supports mapping between ATM QoS and FR QoS.

6.3 POS Link Features


The NE40E provides the following POS features:
l SDH/SONET encapsulation
l Point-to-Point Protocol (PPP) on POS interfaces
PPP supports the following protocols:
− Link Control Protocol (LCP)
− Internet Protocol Control Protocol (IPCP)
− Multi-Protocol Label Switching Control Protocol (MPLSCP)
− Password Authentication Protocol (PAP)
− Challenge Handshake Authentication Protocol (CHAP)
l High-level Data Link Control (HDLC) on POS interfaces
l FR on POS interfaces
l POS sub-interfaces

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 30


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 6 Link Features

POS sub-interfaces support point-to-point (P2P) .


l IP-Trunk
The NE40E supports the following IP bundling modes:
− Inter-board IP bundling
− Inter-chassis IP bundling
− IP bundling of channels of different rates
− Dynamic creating and removing of IP-Trunk interfaces
− Bundling of a physical channel into an IP-Trunk by using commands on physical
interfaces
l Interface loopback, including local loopback and remote loopback
l Configuration of the MTUs for IPv4, IPv6, and MPLS packets
POS interfaces support SDH alarms at the section layer, line layer, and path layer.
The troubleshooting procedure for POS interfaces is as follows:
l A POS interface prompts a fault and then notifies the control software on the board of the
fault.
l The control software of the board confirms the fault, updates the interface status, and
then notifies the MPU of the interface status.
l The MPU instructs the routing protocol to perform route convergence.
To ensure fast route convergence and network stability, the SPF timer and LSP timer need to
be configured on the POS interface to function together with route convergence.

6.4 CPOS Link Features


The NE40E provides the following CPOS features:
l Channelization
The channelization granularity of CPOS interfaces is as follows:
− A 155 Mbit/s CPOS interface can be channalized into 63 E1 channels, 84 T1 channels,
or N x 64 kbit/s channels.
− A 155 Mbit/s CPOS interface can be channelized into 3 E3/T3 channels.
The E1 interface channalized from a CPOS interface, in compliance with SAToP, can
transparently transmit unstructured TDM services through PWs on an MPLS network.
The E1 interface channalized from a CPOS interface, in compliance with CESoPSN, can
transparently transmit structured TDM services through PWs on an MPLS network.
l ML-PPP/PPP/HDLC/ATM/TDM/ATM IMA
The NE40E provides CPOS interfaces at 155 Mbit/s. At the link layer, CPOS interfaces
support the following protocols:
− PPP
− Frame Relay
− HDLC
− TDM
− ATM
− ATM IMA

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 31


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 6 Link Features

PPP on CPOS interfaces supports the following protocols:


− LCP
− IPCP
− MPLSCP
− MP
− PAP
− CHAP
l CRTP/ECRTP on 155 Mbit/s CPOS interfaces and 64 kbit/s, E1, T1, T3, and E3
interfaces channelized from a 155 Mbit/s CPOS interface
l Interface loopback, including local loopback and remote loopback

6.5 ATM Link Features


The NE40E provides the following ATM features:
l SDH/SONET encapsulation
ATM interfaces on the NE40E support SONET/SDH encapsulation and the
SONET/SDH overhead configuration and physical layer alarms.
l Permanent Virtual Path (PVP) or PVC
PVPs or PVCs can be created on ATM interfaces:
− VP/VC-based traffic shaping
− User-to-Network Interface (UNI) signaling
− Multiprotocol Encapsulation over ATM Adaptation Layer 5 in RFC 1483
− Classical IP and ARP over ATM in RFC 1577
− F4 or F5 End to End Loopback OAM
− AAL5
− Nonreal-time Variable Bit Rate (nrt_VBR)
− Unspecified Bit Rate (UBR)
− Real-time Variable Bit Rate (rt_VBR)
− Constant Bit Rate (CBR)
l IPoA
The NE40E supports the following modes in setting up the mapping between a PVC and
the IP address of the peer device:
− Static mapping
− Inverse Address Resolution Protocol (InARP)
l PPPoA/PPPoEoA access
l IPoEoA access
l ATM sub-interfaces
l ATM OAM
The NE40E supports F4 and F5 OAM. OAM functions in detecting the status of PVPs or
PVCs.
l 1483B

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 32


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 6 Link Features

1483B supported by the NE40E is applicable to IPoEoA. IPoEoA indicates that Ethernet
packets are carried over AAL5 and IP packets are carried over the Ethernet. This
implements Layer 2 forwarding of IPoEoA packets between the Ethernet and PVC. By
converging the ATM backbone network and the IP network, IPoEoA supports various
Ethernet and IP services.
l ATM cell relay
The NE40E supports PVC-based or PVP-based ATM cell relay and AAL5 SDU relay.
The NE40E supports the following ATM cell relay modes:
− Interface-based ATM cell relay
− 1-to-1 VCC cell relay
− N-to-1 VCC cell relay
− 1-to-1 VPC cell relay
− N-to-1 VPC cell relay
− ATM AAL5-SDU VCC transport
l Interface loopback, including local loopback and remote loopback
l Configuration of the MTUs for IPv4 and MPLS packets
l Line clocks
l Scrambling and descrambling of transmitted data
l Configuration of the shutdown and undo shutdown commands on ATM interfaces
l Configuration of the shutdown and undo shutdown commands on PVCs/PVPs
l Configuration of the shutdown and undo shutdown commands on sub-interfaces
l AAL5 SNAP encapsulation
l Cell relay and IWF on different sub-interfaces of the same ATM interface

6.6 CE1/CT1/E3/CT3 Link Features


The NE40E provides CE1/CT1/E3/CT3 interfaces.
Serial interfaces can be channelized from CE1/CT1/E3/CT3 interfaces. CE1/CT1/E3/CT3
interfaces and their serial interfaces support the following functions:
l PPP
l HDLC
l CRTP/ECRTP
l Interface loopback, including local loopback and remote loopback
l Configuration of the MTUs for IPv4 and MPLS packets
CE1/CT1 interfaces and their serial interfaces support the following link protocols:
l ATM
l TDM
l ATM IMA

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 33


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

7 Service Features

About This Chapter


7.1 Ethernet Features
7.2 IP Features
7.3 Routing Protocol
7.4 MPLS
7.5 VPN Features
7.6 QoS
7.7 Load Balancing
7.8 Traffic Statistics
7.9 User Access
7.10 Value-Added Service
7.11 IP RAN Features
7.12 Network Reliability
7.13 Clock
7.14 CGN

7.1 Ethernet Features


7.1.1 Layer 2 Ethernet Features
On the NE40E, Ethernet interfaces can work in switched mode at Layer 2 and support VLAN,
VPLS, and QoS services. Functioning as UNIs, Layer 2 Ethernet interfaces support MPLS
VPN services.
The NE40E provides the following Layer 2 Ethernet features:
l Default VLAN

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 34


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

l VLAN trunk
l VLANIF interfaces
l VLAN aggregation
l Inter-VLAN port isolation
l Ethernet sub-interfaces
l VLAN aggregated sub-interfaces
l Port number-based VLAN division
l VLAN mapping
l VLAN stacking
l MAC address limit
l Unknown unicast/multicast/broadcast suppression
l Spanning Tree Protocol (STP)/Rapid Spanning Tree Protocol (RSTP)
l Multiple Spanning Tree Protocol (MSTP)
l RRPP with switching time less than 50 ms

7.1.2 Layer 3 Ethernet Features


The NE40E provides the following Layer 3 Ethernet features:
l IPv4
l IPv6
l MPLS
l Multicast
l VLAN sub-interfaces
l QoS
l Ethernet sub-interfaces
l VLAN aggregation sub-interfaces

7.1.3 QinQ Features


The NE40E provides abundant QinQ features to satisfy different networking requirements.
The QinQ features are as follows:
l Identification of double VLAN tags (inner VLAN tag and outer VLAN tag)
l Change of the outer VLAN ID
l Removal of double VLAN tags and then addition of new double VLAN tags
l QinQ mapping for the outer VLAN tag
l QinQ interface supporting 802.1ag
l Change of the EtherType value and 802.1p priority in the outer VLAN tag; copy of the
802.1p priority in the inner VLAN tag to the outer VLAN tag of double-tagged packets
l Traffic classification based on the 802.1p priorities in the outer VLAN tags of packets
l Rate limit on interfaces based on the 802.1p priorities in both inner and outer VLAN tags
l Interface-based QinQ
Interface-based QinQ is applicable to the following scenarios:
− Access to a VPLS network to transparently transmit VLAN packets

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 35


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

− Access to an L2VPN or PWE3 to transparently transmit VLAN packets


l VLAN-based QinQ
l 802.1ag
l QinQ termination
l EType in the outer tag of QinQ packets used for interoperation with devices of other
vendors
l Multicast QinQ
l QinQ-based VLAN swapping
l VLAN stacking can be applied in the following scenarios:
− Access to VPLS
− Access to VLL or PWE3
l Translation sub-interface supporting 1to1, 1to2, 2to1, 2to2 VLAN tag translation
l Sub-interface for QinQ VLAN tag termination supporting VLAN tag swapping
l Sub-interface for dot1q VLAN tag termination, sub-interface for QinQ VLAN tag
termination, QinQ stacking sub-interface, and translation sub-interface supporting the
block action
l ACLs based on double VLAN tags and 802.1p precedence
l Sub-interfaces for QinQ VLAN tag termination accessing a VPLS network in
symmetrical mode supporting HQoS
l Sub-interface for QinQ VLAN tag termination and sub-interface for dot1q VLAN tag
termination supporting IPv6 routing protocols
l Sub-interface for QinQ VLAN tag termination and sub-interface for dot1q VLAN tag
termination supporting BFDv6
l Dynamic QinQ triggered by ND/DHCPv6 in IPv6 scenarios
l Sub-interface for QinQ VLAN tag termination and sub-interface for dot1q VLAN tag
termination supporting VRRPv6
l Sub-interface for QinQ VLAN tag termination IPv4 URPF
l Sub-interface for QinQ VLAN tag termination IPv6 URPF

7.1.4 Flexible Access to VPNs


In traditional access identification, user information or service information is identified
through a single tag or double tags. For example, the inner tag indicates user information
and the outer tag indicates service information. Different interfaces are configured with
different double tags to access different VPNs. In some scenarios, the access device does not
support QinQ or a single tag is used for multiple services. In this case, the access device may
add service access information to the 802.1p or DSCP field. Then, the NE40E connected to
the access device needs to use the 802.1p or DSCP value to identify access users. This helps
configure the accesses to different VPNs and set up different QoS scheduling policies.

7.1.5 RRPP Link Features


The Rapid Ring Protection Protocol (RRPP) supports the following functions:
l Polling mechanism
l Link status change notification
l Mechanism of checking the channel status of the sub-ring protocol packets on the major
ring

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 36


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

7.1.6 RSTP/MSTP Features


The NE40E supports the following:
l RSTP
l MSTP
MSTP provides BPDU protection to defend against such attacks. After the BPDU protection
is enabled, the switch shuts down the edge port that receives BPDUs. At the same time, the
switch informs the NMS of the situation. The edge port can be enabled by the network
administrator.
NE40E can restrict the sending of Layer 2 and Layer 3 protocol packets such as RSTP and
DHCP through CP-CAR. This avoids influencing device performance.

7.1.7 BPDU Tunneling Features


The NE40E supports BPDU tunneling in the following modes:
l Port-based BPDU tunneling
l VLAN-based BPDU tunneling
l QinQ-based BPDU tunneling
l VLL-based transparent transmission of BPDUs
l VPLS-based transparent transmission of BPDUs

7.2 IP Features
7.2.1 IPv4/IPv6 Dual Stack
The IPv4/IPv6 dual stack can be easily implemented and can smoothly interoperate with other
protocols. Figure 7-1 shows the structure of the IPv4/IPv6 dual stack.

Figure 7-1 IPv4/IPv6 dual stack

IPv4/IPv6 Application

TCP UDP

IPv4 IPv6

Link Layer

7.2.2 IPv4 Features


The NE40E supports the following IPv4 features:

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 37


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

l TCP/IP protocol suite, including ICMP, IP, TCP, UDP, socket (TCP/UDP/Raw IP), and
ARP
l Static DNS and specified DNS server
l FTP server/client and TFTP client
l DHCP relay agent and DHCP server
l Suppression of DHCP flooding
l Ping, tracert, and NQA
NQA can detect the status of ICMP, TCP, UDP, DHCP, FTP, HTTP, and SNMP services
and test the response time of the services. The system supports NQA in UDP jitter and
ICMP jitter tests by sending and receiving packets on LPUs. The minimum interval at
which packets are transmitted can be 10 ms. Each LPU supports up to 100 concurrent
jitter tests. The entire system supports up to 1000 concurrent jitter tests.
l IP policy-based routing (PBR) and flow-based next hop to which packets are forwarded
l IP PBR-based load balancing
l Load balancing in unequal cost multiple path (UCMP) mode
l Configuration of secondary IP addresses for all physical and logical interfaces
Each interface can be configured with a maximum of 255 secondary IP addresses with
31-bit masks.

7.2.3 IPv6 Features


The NE40E supports the following IPv6 features:
l IPv6 Neighbor Discovery (ND)
l Path MTU Discovery (PMTU)
l TCP6, ping IPv6, tracert IPv6, and socket IPv6
l Static IPv6 DNS and specified IPv6 DNS server
l TFTP IPv6 client
l IPv6 PBR
l Telnet and SSH

7.2.4 IPv4/IPv6 Transition Technology


The NE40E provides the following IPv4/IPv6 transition technologies:
l IPv6 over IPv4 tunnel
The NE40E adopts the following IPv6 over IPv4 tunnel modes:
− IPv6 manual tunnel
− IPv6 over IPv4 GRE tunnel
− IPv4 over IPv6 automatic tunnel
− 6 to 4 tunnel
l IPv4 over IPv6 tunnel
l 6PE and 6vPE
l IPv6 PPPoE over L2TPv2

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 38


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

7.3 Routing Protocol


7.3.1 Unicast Routing
The NE40E supports the following unicast routing features:
l IPv4 routing protocols, including RIP, OSPF, IS-IS, and BGP4
l IPv6 routing protocols, including Routing Information Protocol Next Generation (RIPng),
OSPFv3, IS-ISv6, and BGP4+
l Static routes that are manually configured by the administrator to simplify network
configurations and improve network performance
l Large-capacity routing table to effectively support the operation of a MAN.
l Selection of the optimal route through the perfect routing policy
l Import of routing information of other protocols
l Use of routing policies in advertising and receiving routes and filtering of routes through
route attributes
l Support for load balancing and configuring the maximum number of equal-cost routes
32-channel load balancing of IPv6 routes
l Password authentication and MD5 authentication to improve network security
l Restart of protocol processes through command lines
l RIP-1 (classful routing protocol) and RIP-2 (classless routing protocol)
l Advertisement of a default route from a RIP-enabled device to its peers and setting of the
metric of this route
l RIP-triggered updates
l Disabling a specified interface from sending or receiving OSPF or RIP packets
l Association between OSPF and BGP
l Association between OSPF and LDP
l Fast OSPF convergence, which can be implemented in the following manners:
− Adjusting the interval at which LSAs are sent
− Enabling OSPF GR
− Configuring BFD for OSPF
l OSPF I-SPF and IS-IS I-SPF (I-SPF re-calculates only the affected routes of a shortest
path tree (SPT) rather the entire SPT)
l OSPF PRC
l OSPF calculation of link costs based on the reference bandwidth
Link costs can be manually configured or automatically calculated by the system based
on the reference bandwidth by using the following formula:
Link cost = Reference bandwidth/Interface bandwidth
The integer of the calculated result is the link cost. If the calculated result is smaller than
1, the cost is 1. The link cost can be changed by changing the reference bandwidth. By
default, the reference bandwidth of the NE40E is 100 Mbit/s. The value can be changed
to one in the range of 1 to 2147483648 in Mbit/s by running commands.
l Two-level IS-IS in a routing domain
l Association between IS-IS and LDP

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 39


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

l IS-IS GR, OSPF GR and BGP GR, which ensure high reliability with Non-Stop
Forwarding (NSF)
l BGP indirect next hop and dynamic update peer-groups
l Policy-based route selection by BGP when there are multiple routes to the same
destination
l BGP route reflector (RR), which addresses the problem of high costs of full-mesh
requirement when there are many IBGP peers
l Sending of BGP Update packets that carry no private AS number
l IPv6 indirect next hop
l Route dampening, which suppresses unstable routes (unstable routes are neither added to
the BGP routing table nor advertised to other BGP peers)
l Routing protocol
l BGP fast convergence
The NE40E adopts a new route convergence mechanism and algorithm, which speeds up
convergence of BGP routes. The features are as follows:
− Indirect next hop
− On-demand route iteration
l BGP load balancing in multi-homing networking
l Non-Stop Routing (NSR)
The NE40E supports the following NSR modes:
− IS-IS NSR
− BGP NSR

7.3.2 Multicast Routing


The NE40E provides the following multicast features:
l Multicast protocols
Multicast protocols include the Internet Group Management Protocol (IGMP) ( IGMPv1,
IGMPv2 and IGMPv3), Protocol Independent Multicast-Dense Mode (PIM-DM),
Protocol Independent Multicast-Sparse Mode (PIM-SM), Multicast Source Discovery
Protocol (MSDP), and Multi-protocol Border Gateway Protocol (MBGP).
l Reverse Path Forwarding (RPF)
l PIM-SSM
l Anycast RP
l IPv6 multicast routing protocols
l IPv6 multicast routing protocols include PIM-IPv6-DM, PIM-IPv6-SM, and
PIM-IPv6-SSM.
l MLD
Multicast Listener Discovery (MLD) has the following versions:
− MLDv1 defined in RFC 2710
MLDv1 supports Any-Source Multicast (ASM) directly and supports Source-Specific
Multicast (SSM) together with SSM mapping.
− MLDv2 defined in RFC 3810
MLDv2 supports ASM and SSM directly.
l Multicast static routes

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 40


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

l Configuration of multicast protocols on physical interfaces such as Ethernet and POS


interfaces, and Trunk interfaces.
l Filtering of routes based on the routing policy when the multicast routing module
receives, imports, or advertises multicast routes and filtering and forwarding of multicast
packets based on the routing policy when IP multicast packets are forwarded
l Multicast VPN
The multicast domain (MD) scheme is used to implement integrated processing.
l Addition and deletion of dummy entries
l Query of PIM neighbors and number of control messages
l Filtering of PIM neighbors, control of the forwarding boundary, and control of the BSR
service and management boundary
l Filtering and suppression of PIM Register messages
l MSDP authentication
l IGMP packet rate limiting and IGMP proxy
l Prompt leave of IGMP and MLD group members and the use of group-policies to restrict
the setup of forwarding entries
l Configuration of ACLs, including source address-based packet filtering, control of
multicast group number, setup of multicast forwarding entries, and Switch-MDT
switching, to ensure multicast security
l Multicast group-based, multicast source-based, multicast source/group-based,
stable-preferred, and balance-preferred load splitting
l IGMP snooping
The NE40E supports IGMP snooping on Layer 2 interfaces, Layer 3 interfaces, QinQ
interfaces, STP topologies, RRPP rings, and VPLS PWs.
l Multicast flow control
The NE40E discards or broadcasts unknown multicast packets in the VLAN to which the
receiving interface belongs. Unknown multicast packets are packets that have no
corresponding forwarding entries in the multicast forwarding table.
In addition, the NE40E restricts the maximum percentage of multicast flows on Ethernet
interfaces to control multicast traffic.
l VSI-based IGMP CPCAR
l Distributed multicast
l Maximum delay of less than 4 ms for multicast fast join and fast leave
l Multicast VLAN
The NE40E supports multicast VLAN and VLAN-based 1+1 protection of multicast
traffic.
l Multicast over GRE
l Multicast VPN
For details, see section "7.5 VPN Features".
l Multicast CAC
The NE40E supports multicast Call Admission Control (CAC). When multicast CAC
rules are configured, the number of multicast groups and bandwidth are restricted for
IGMP snooping on interfaces or the entire system.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 41


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

7.4 MPLS
The NE40E supports MPLS features, and static and dynamic LSPs. Static LSPs require that
the administrator configure the Label Switch Routers (LSRs) along the LSPs and set up LSPs
manually. Dynamic LSPs are set up dynamically in accordance with the routing information
through the Label Distribution Protocol (LDP) and RSVP-TE.
The delay for MPLS packets can be controlled in the following aspects:
l In the case that there is no traffic congestion, the NE40E adopts a high-speed processor
to ensure line-rate forwarding and low delay.
l In the case of traffic congestion, the NE40E ensures preferential forwarding and low
delay for traffic with high priority through mechanisms such as QoS, HQoS, MPLS TE,
and DS-TE.
MPLS is supported on all interfaces of the NE40E.

Basic MPLS Functions


The NE40E supports the following MPLS functions:
l Basic MPLS functions, service forwarding, and LDP
MPLS distributes labels, sets up LSPs, and transfers parameters used for setting up LSPs.
l A maximum of four MPLS labels
l LDP
− Downstream Unsolicited (DU) and Downstream on Demand (DoD) label
advertisement modes
− Independent and ordered label distribution control modes
− Liberal and conservative label retention modes
− Loop detection mechanism by using the maximum number of hops and path vector
− Basic discovery mechanism and extended discovery mechanism of LDP sessions
l MPLS ping and tracert and detection of the availability of an LSP through the exchange
of MPLS Echo Request packets and MPLS Echo Reply packets
l LSP bandwidth alarm function and LSP-based traffic statistics function that is used to
calculate bandwidth usage
l Packet-by-packet load balancing of MPLS packets
l Configuration of 32-channel or 64-channel load balancing (on the ingress and transit
nodes) that is controlled by the PAF file, with 64-channel load balancing applicable to IP
forwarding, IP packet forwarding over LDP LSPs (including L3VPN), and packet
forwarding on P nodes
l Management functions such as the LSP loop detection mechanism
l MPLS QoS, mapping from the ToS field in IP packets to the EXP field in MPLS packets,
and MPLS uniform, pipe, and short pipe modes
l Static configuration of LSPs and label forwarding based on traffic classification
l MPLS trap function
l Modification of MPLS MTUs
l MPLS LDP over GRE
l Association between LDP and IGP, which shortens traffic loss to the minimum through
the synchronization between the LDP status and IGP status in case of network faults

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 42


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

l NE40E functioning as a Label Edge Router (LER) or an LSR


An LER is an edge device on an MPLS network that connects the MPLS network to
other networks. The LER classifies services, distributes labels, encapsulates or removes
multi-layer labels. When functioning as an egress, the NE40E supports PHP. That is, the
NE40E allocates an explicit null label or an implicit null label to the penultimate hop.
An LSR is a core router on an MPLS network. The LSR switches and distributes labels.
l Establishment of LSPs between NE40Es of different IS-IS levels and between the
NE40E and non-Huawei devices through LDP
l MPLS supported by the NE40E complies with the following standards:
− RFC 3031
− RFC 3032
− RFC 3034
− RFC 3035
− RFC 3036
− RFC 3037
The NE40E supports CR-LDP and RSVP-TE and can interoperate with non-Huawei
devices through CR-LDP or RSVP-TE.

MPLS TE
The MPLS TE technology combines the MPLS technology with traffic engineering. It can
reserve resources by setting up LSP tunnels for a specified path in an attempt to avoid
network congestion and balance network traffic.
In the case of resource scarcity, MPLS TE allows the preemption of bandwidth resources of
LSPs with low priorities. This meets the demands of important services or the LSPs with large
bandwidth. When an LSP fails or a node is congested, MPLS TE can ensure smooth network
communication through the backup path and the fast reroute (FRR) function. Through
automatic re-optimization and bandwidth adjustment, MPLS TE improves the self-adaptation
capability of tunnels and properly allocates network resources.
The process of updating the network topology through the TEDB is as follows: When a link
goes Down, the CSPF failed link timer is enabled. If the IGP route is deleted or the link is
changed within the timeout period of the CSPF failed link timer, CSPF deletes the timer and
then updates the TEDB. If the IGP route is not deleted or the link is not changed after the
timeout period of the CSPF failed link timer expires, the link is considered Up.
MPLS TE provides the following functions:
l Processing of static LSPs
MPLS can create and delete static LSPs, which require bandwidth but are manually
configured.
l Processing of Constrained Route-Label Switched Path (CR-LSP) of various types and
route calculation through the CSPF algorithm
CR-LSPs are classified into the following types:
l RSVP-TE
RSVP authentication complies with RFC 3097.
l Auto routing
Auto routing works in either of the following modes:

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 43


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

− IGP shortcut: An LSP is not advertised to neighboring routers. Therefore, other


routers cannot use the LSP.
− Forwarding adjacency: An LSP is advertised to neighboring routers. Therefore, other
routers can use the LSP.
l Fast reroute (FRR)
The switchover through FRR is within 50 ms, which minimizes the data loss when
network faults occur.
l Auto FRR
Auto FRR is an extension to MPLS TE FRR. You can create a bypass tunnel that meets
the requirement on the LSP by configuring the attributes of the bypass tunnel, global
auto FRR, and auto FRR on the interface of the primary tunnel. With the change of the
primary tunnel, the previous bypass tunnel is deleted automatically. Then, a new bypass
tunnel that meets the requirement is set up.
l Backup CR-LSP
The NE40E supports the following backup modes:
− Hot backup
A backup CR-LSP is established immediately after the primary CR-LSP is
established. When the primary CR-LSP fails, MPLS TE switches traffic immediately
to the backup CR-LSP.
− Ordinary backup
A backup CR-LSP is set up when the primary CR-LSP fails.
l LDP over TE
In existing networks, not all devices support MPLS TE. It is possible that only the
devices at the network core support TE and the devices at the network edge use LDP.
The application of LDP over TE is therefore put forward. With LDP over TE, the TE
tunnel is considered as a hop of the entire LDP LSP. Through forwarding adjacency, one
MPLE TE tunnel can be considered as a virtual link and advertised to an IGP network.
l Make-before-break
Make-before-break is a technology for ensuring highly reliable CR-LSP switchover. The
original path is not deleted until a new path has been created. Before a new CR-LSP is
created, the original CR-LSP is not deleted. After a new CR-LSP has been created, the
traffic is switched to the new CR-LSP first, and then the original CR-LSP is deleted. This
ensures non-stop traffic forwarding.
l DS-TE
DS-TE implemented on the NE40E supports the Non-IETF mode and the IETF mode.
− The Non-IETF (non-standard) mode supports two CTs (CT0 and CT1), eight
priorities (0-7), and two bandwidth constraint models (RDM and MAM).
The CT here refers to the class type of a corresponding service flow. The priority here
refers to the LSP preemption priority.
− The IETF (standard) mode supports eight CTs (CT0 through CT7), eight priorities
(0-7), and three bandwidth constraint models (RDM, MAM, and Extended).
DS-TE supports TE FRR, hot standby, protection switchover, and CT-based traffic
statistics collection.

MPLS OAM
MPLS OAM functions are as follows:

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 44


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

l MPLS OAM detection


MPLS OAM sends CV/FFD and BDI packets along an LSP to be detected and its reverse
LSP to detect its connectivity.
l OAM auto protocol
l Protection switching

7.5 VPN Features


7.5.1 Tunnel Policy
Tunnel policies are used to select tunnels according to destination IP addresses. Tunnels are
selected according to tunnel policies as required. If no tunnel policy is created, the tunnel
management module searches for a tunnel according to the default tunnel policy.
The NE40E supports the following tunnel policies:
l Tunnel policy in select-sequence mode
In this mode, you need to specify the sequence in which the tunnel types are selected and
the number of tunnels carrying out load balancing. If a tunnel listed earlier is Up, it is
selected regardless of whether other services have selected it. The tunnels listed later are
not selected except in case of load balancing or when the preceding tunnels are all Down.
l VPN tunnel binding
VPN tunnel binding means that the peer end of the VPN on the PE of the VPN backbone
network is associated with a certain MPLS TE tunnel. The data from the VPN to the peer
PE is transmitted through the dedicated TE tunnel. The bound TE tunnel carries only
specified VPN services. This ensures QoS of the specified VPN services.

7.5.2 VPN Tunnel


The NE40E supports the following types of VPN tunnels:
l LSPs
l GRE tunnels
l TE tunnels
l L2TPv2 tunnels

7.5.3 MPLS L2VPN


The NE40E provides L2VPN services over an MPLS network where the ISP can provide
L2VPNs over different media.

VLL
The NE40E supports the following VLL functions:
l Martini VLL
The Martini mode supports double labels. The inner label adopts extended LDP for
signaling in compliance with RFC 4096.
The type of VC FEC is 128. VC encapsulation types include 0x0004 Ethernet Tagged
Mode, 0x0005 Ethernet, and 0x000B IP Layer2 Transport.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 45


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

l Kompella VLL
VC encapsulation types of Kompella VLL include ATM-1to1-VCC, ATM-1to1-VPC,
ATM-AAL5-SDU, ATM-nto1-VCC, ATM-nto1-VPC, ATM-trans-cell, FR, Ethernet,
HDLC, PPP, VLAN, and IP-interworking.
Kompella VLL supports the local inter-board switching of packets in 802.1Q mode.
Kompella VLL supports inter-AS VPN.
l CCC VLL
CCC VLL supports the local inter-board switching of packets in 802.1Q mode
l SVC VLL
l VLL heterogeneous interworking
VLL heterogeneous IP-interworking is used when the link types of CEs on both ends of
an L2VPN link are different. In MPLS L2VPN heterogeneous IP-interworking, after
receiving a frame from a CE, a PE decapsulates the link-layer packet and transmits the IP
packet across an MPLS network. The IP packet is transparently transmitted to the peer
PE. The peer PE re-encapsulates IP packet according to its link layer protocol and
transmits the packet to the connected CE. The link-layer control packet sent by the CE is
processed by the PE and is not transmitted through the MPLS network. All non-IP
packets such as MPLS and IPX packets are discarded.
l Transparent transmission of certain types of link layer protocol packets
Interfaces can be configured to transparently transmit certain types of link layer protocol
packets, such as BPDUs, STP packets, LLDP packets, UDLD packets, CDP packets, and
HGMP packets.
l Inter-AS VLL
− SVC VLL, Martini VLL, and Kompella VLL can implement inter-AS L2VPN Option
A (VRF-to-VRF).
− Option B requires the switching of both inner and outer labels on the ASBR, and is
therefore not suitable for the VLL.
− Option C is the best solution.
l VLL over TE ECMP

VPLS
In a VPLS network, PEs can be all connected to each other and enabled with split horizon to
prevent Layer 2 loops.
The implementations of VPLS control plane through BGP and LDP are called Kompella
VPLS and Martini VPLS respectively.
l Kompella VPLS
Kompella VPLS has good scalability. With Kompella VPLS, BGP is adopted for
signaling, and VPN targets are configured to implement automatic discovery of VPLS
members. Therefore, the addition or deletion of PEs requires few additional operations.
l Martini VPLS
Martini VPLS has poor scalability. With Martini VPLS, LDP is adopted for signaling,
and the peers of a PE need to be manually specified. PEs in a VPLS network are all
connected to each other. Therefore, adding a new PE requires configurations on all the
other associated PEs to be modified.A pseudo wire (PW) is actually a point-to-point link.
This means that using LDP to create, maintain, and delete the PW is more effective.
The NE40E supports the following VPLS functions:

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 46


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

l Access to the VPLS network in QinQ mode


l HVPLS
l IGMP snooping for VPLS
l One MAC address space for each VSI
l VPLS learns MAC addresses in the following modes:
− Unqualified mode: In this mode, a VSI can contain multiple VLANs sharing a MAC
address space and a broadcast domain. When learning MAC addresses, VPLS also
needs to learn VLAN IDs.
− Qualified mode: In this mode, a VSI has only one VLAN, which has an independent
MAC address space and a broadcast domain. When learning MAC addresses, VPLS
does not need to learn VLAN IDs.
l VPLS/HVPLS equal-cost load balancing
l Fast switching of multicast traffic
l mVPLS
l STP over PW
l STP over VPLS
l Transparent transmission of certain types of link layer protocol packets
Interfaces can be configured to transparently transmit certain types of link layer protocol
packets, such as BPDUs, STP packets, LLDP packets, UDLD packets, CDP packets, and
HGMP packets.
l Ethernet loop detection
l PBB over VPLS
l PBB VPLS interworking
The NE40E supports MP2MP PBB over VPLS to implement intercommunication
between VPLS and PBB networks.
l VPLS PW Redundancy
l VE interfaces support IPv6 when VPLS access is deployed

PWE3
The NE40E supports the following PWE3 functions:
l Virtual Circuit Connectivity Verification PING (VCCV-PING)
The NE40E supports the manual LDP PW connectivity detection on the UPE, including
the connectivity of static PWs, dynamic PWs, SS-PWs, and MS-PWs.
VCCV Ping over a static MS-PW
l PW template
The NE40E supports the binding between a PW and a PW template, and the reset of
PWs.
The NE40E supports heterogeneous interworking.
Currently, the NE40E supports the transparent transmission of the following packets
through PWE3: ATM AAL5 SDU VCC transport, Ethernet, HDLC, ATM n-to-one VCC
cell transport, IP Layer 2 transport, and ATM one-to-one VCC cell mode.
l ATM cell relay
l PW redundancy
l ATM IWF

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 47


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

ATM IWF runs on an L2VPN in CCC local connection mode or an L2VPN in PW mode.
l The NE40E supports the circuit emulation service (CES) by using Pseudo-Wire
Emulation Edge to Edge (PWE3).
The CES is classified into the Structure-aware TDM Circuit Emulation Service over
Packet Switched Network (CESoPSN) and Structure-Agnostic TDM over Packet (SAToP)
service.

7.5.4 BGP/MPLS L3VPN


The NE40E supports MPLS/BGP L3VPN, providing an end-to-end VPN solution for carriers.
Carriers can provide VPN services for users as a new value-added service. The NE40E
supports the following BGP/MPLS L3VPN functions:
l Access of a CE to an L3VPN through Layer 3 interfaces such as Ethernet, POS, and
VLANIF interfaces
l Static routes, BGP, RIP, OSPF, or IS-IS running between a CE and a PE
l Carrier's carrier
l Inter-AS VPN
The NE40E supports the following inter-AS VPN solutions described in RFC 2547bis:
− VPN instance to VPN instance, also called Inter-Provider Backbones Option A
In Option A, sub-interfaces connecting the Autonomous System Boundary Routers
(ASBRs) manage VPN routes.
− EBGP redistribution of labeled VPN-IPv4 routes, also called Inter-Provider
Backbones Option B
In Option B, ASBRs advertise labeled VPN-IPv4 routes to each other through
MP-EBGP.
− Multihop EBGP redistribution of labeled VPN-IPv4 routes, also called Inter-Provider
Backbones Option C
In Option C, PEs advertise labeled VPN-IPv4 routes to each other through Multihop
MP-EBGP.
l Multicast VPN
l IPv6 VPN
The NE40E supports the following IPv6 VPN networking solutions:
− Intranet VPN
− Extranet VPN
− Hub&Spoke
− Inter-AS or multi-AS backbones VPN
− Carriers' carrier
l HoVPN
l Resource reservation VPN (RRVPN)
l Multi-role host

7.5.5 GRE
Generic Routing Encapsulation (GRE) is applicable to the following:

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 48


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

l Transmission of data of a multi-protocol local network through a single-protocol


backbone networkEnlargement of the operation scope of the network with a limited
number of hops
l Connection of discontinuous subnets to establish a VPN
l Access of a CE to an MPLS VPN through a GRE tunnel
When applying a GRE tunnel, ensure that the NE40E is installed with a GRE license file and
an SPUC, and the service mode of the SPUC is set to tunnel. GRE tunnels are independent of
physical interfaces.

7.5.6 IPSEC
The NE40E supports the following functions:
l 1:1 dual-system hot backup
l Transport mode and tunnel mode
l IKEv1 and IKEv2
l GRE over IPsec
l NAT Traversal
l VPN IPSec
l Packet fragmentation and reassembly
l Keepalive and DPD for peer detection
l Dynamic remote IPSec access
l IPSec PKI (Public Key Infrastructure)
l Pre-share-key
l CMPv2
CMPv2 manages certificates online and reduces the workload of those who manage and
maintain certificates.

7.6 QoS
On the NE40E, you can collect traffic statistics on the packets on which QoS is performed and
view the statistics result through corresponding display commands.
The NE40E supports the following QoS functions:

Diff-Serv Model
Multiple service flows can be aggregated into a Behavior Aggregate (BA) and then processed
based on the same Per-Hop Behavior (PHB). This simplifies the processing and storage of
services.
On the Diff-Serv core network, packet-specific QoS is provided. Therefore, signaling
processing is not required.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 49


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

Simple Traffic Classification


Currently, the NE40E supports simple traffic classification not only on physical interfaces and
sub-interfaces but also on logical interfaces such as member interfaces of VLANIF and trunk
interfaces.

Complex Traffic Classification


The NE40E performs complex traffic classification based on the following information:
l Layer 2 and Layer 3 information of packets
l Source MAC address, destination MAC address, link layer protocol number, and 802.1p
value (of tagged packets) in the Ethernet frame header; IP precedence, DSCP, or ToS
value, source IP address prefix, destination IP address prefix, protocol number,
fragmentation flag, TCP SYN flag, TCP/UDP source port number or port range, and
TCP/UDP destination port number or port rang of IPv4 packets
l Information carried in IPv6 packets
l In addition to physical interfaces, traffic classification can be performed on logical
interfaces, including sub-interfaces and trunk interfaces.

Traffic Policing
CAR is mainly used for rate limit. In the implementation of CAR, a token bucket is used to
measure the data flows that pass through the interfaces on a router so that only the packets
assigned with tokens can go through the router in the specified time period. In this manner,
the rates of both incoming and outgoing traffic are controlled. In addition, the rate of certain
types of data flows can be controlled based on the information such as the IP address, port
number, and priority. Rate limit is not performed on the data flows that do not meet the
specified conditions, and such data flows are forwarded at the original interface rate.
CAR is mainly implemented at the edge of a network to ensure that core devices on the
network process data properly. The NE40E supports CAR for both incoming and outgoing
traffic.

Queue Scheduling
The NE40E supports FIFO, PQ, and WFQ for queue scheduling on interfaces.
The NE40E maps packets of different priorities to different queues and adopts Round Robin
(RR) on each interface for queue scheduling.
Priority Queues (PQs) are classified into four types: top PQs, middle PQs, normal PQs, and
bottom PQs. They are ordered in descending order of priorities. When packets leave queues,
PQ allows the packets in the top PQ to go first. Packets in the top PQ are sent as long as there
are packets in this PQ. The NE40E sends packets in the middle PQ only when all packets in
the top PQ are sent. Similarly, the NE40E sends packets in the normal PQ only when all
packets in the middle PQ are sent; the NE40E sends packets in the bottom PQ only when all
packets in the normal PQ are sent. As a result, the packets in the PQ of a higher priority are
always sent preferentially, which ensures that packets of key services are processed
preferentially when the network is congested. Packets of common services are processed
when the network is idle. In this manner, the quality of key services is guaranteed, and the
network resources are fully utilized.
Weight Fair Queuing (hereinafter referred to as WFQ) is a complex queuing process, which
ensures that the services with the same priority are fairly treated and the services with

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 50


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

different priorities are weighted. The number of WFQ queues can be pre-set and is allowed to
range from 16 to 4096. WFQ weights services based on their requirements for the bandwidth
and delay. The weights are determined by the IP precedence in the IP packet headers. With
WFQ, the NE40E implements dynamic traffic classification based on quintuples or ToS
values. The packets with the same quintuple (source IP address, destination IP address, source
port number, destination port number, and protocol number) or ToS value belong to the same
flow. Packets in one flow are placed in one queue through the Hash algorithm. When flows
enter queues, WFQ automatically places different flows into different queues based on the
Hash algorithm. When flows leave queues, WFQ allocates bandwidths to flows on the
outbound interface based on different IP precedence of the flows. The smaller the precedence
value of a flow, the smaller the bandwidth of the flow. In this manner, services of the same
precedence are treated fairly; services of different precedence are treated based on their
weights.

Congestion Avoidance
Congestion avoidance is a traffic control mechanism used to avoid network overload by
adjusting network traffic. With this mechanism, the NE40E can monitor the usage of network
resources (such as queues and buffers in the memory) and discard packets when the network
congestion intensifies.
Random Early Detection (RED) or Weighted Random Early Detection (WRED) algorithms
are frequently used in congestion avoidance.
The RED algorithm sets the upper and lower limits for each queue and specifies the following
rules:
l When the length of a queue is below the lower limit, no packet is discarded.
l When the length of a queue exceeds the upper limit, all the incoming packets are
discarded.
l When the length of a queue is between the lower and upper limits, the incoming packets
are discarded randomly. A random number is set for each received packet, and the
random number is compared with the drop probability of the current queue. The packet
is discarded when the random number is larger than the drop probability. The longer the
queue, the higher the drop probability. The drop probability, however, has an upper limit.
Unlike RED, the random number in WRED is based on the IP precedence of IP packets.
WRED keeps a lower drop probability for the packets that have a higher IP precedence.
RED and WRED employ the random packet drop policy to avoid global TCP synchronization.
The NE40E adopts WRED to implement congestion avoidance.
The NE40E supports congestion avoidance in both inbound and outbound directions of an
interface. The WRED template is applied in the outbound direction; the default scheduling
policy in the system is applied in the inbound direction. In addition, WRED can be applied to
the Multicast Tunnel interface (MTI) that is bound to the distributed multicast VPN on the
NE40E.
The NE40E supports congestion avoidance based on services. The NE40E reserves on each
interface eight service queues, that is, BE, AF1, AF2, AF3, AF4, EF, CS6, and CS7. The
NE40E colors packets with red, yellow, and green to identify the priorities of packets and
discard certain packets.

HQoS
The NE40E supports the following HQoS functions:

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 51


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

l Provides five levels of scheduling modes to ensure diverse services.


l Sets parameters such as the maximum queue length, WRED, low delay, SP/WRR, CBS,
PBS, and statistics function for each queue.
l Sets parameters such as the CIR, PIR, number of queues, and algorithm for scheduling
queues for each user.
l Provides the traffic statistics function. Users can learn the bandwidth usage of services
and properly distribute the bandwidth by analyzing traffic.
l Supports HQoS in the VPLS, L3VPN, VLL, and TE scenarios.
l Supports interface-based, VLAN-based, user-based, and service-based HQoS.

QPPB
QPPB is the abbreviation of QoS Policy Propagation Through the Border Gateway Protocol.
The receiver of BGP routes performs the following operations:
l Sets QoS parameters such as IP precedence and traffic behavior for a BGP route based
on the attributes of the route.
l Classifies traffic according to QoS parameters and sets the QoS policy for the classified
traffic.
l Forwards packets according to the locally configured QoS policies to propagate QoS
policies through BGP.
The receiver of BGP routes can set QoS parameters (IP precedence and associated traffic
behavior) based on the following attributes:
l ACL
l AS path list in routing information
l Community attribute list in routing information
l Metrics in routing information
l IP prefix list

QoS for Ethernet


l Layer 2 simple traffic classification
The NE40E performs simple traffic classification according to the 802.1p field in VLAN
packets. On the ingress PE, the 802.1p priority in a Layer 2 packet is mapped to the
precedence defined by the upper layer protocol, such as the IP DSCP value or the MPLS
EXP value. In this manner, Diff-Serv is implemented for the packets on the backbone
network. On the egress PE, the precedence of the upper layer protocol is mapped back to
the 802.1p priority.
l QinQ simple traffic classification
In the QinQ implementation, the 802.1p values in both inner and outer VLAN tags need
to be detected. The NE40E can detect the 802.1p value by the following means:
− Ignores the 802.1p value in the inner VLAN tag and sets a new 802.1p value in the
outer VLAN tag.
− Automatically converts the 802.1p value in the inner VLAN tag into the 802.1p value
in the outer VLAN tag.
− Sets a new 802.1p value in the outer VLAN tag according to the 802.1p value in the
inner VLAN tag.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 52


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

Based on the preceding methods and the mapping of the inner VLAN tag to the outer
VLAN tag, QinQ supports 802.1p re-marking in the following modes:
− Specifying a given value.
− Adopting the 802.1p value in the inner VLAN tag.
− Mapping the 802.1p value in the inner VLAN tag to the 802.1p value in the outer
VLAN tag. The 802.1p values in multiple inner VLAN tags of different packets can
be mapped to the 802.1p value in one outer VLAN tag; whereas the 802.1p value in
one inner VLAN tag cannot be mapped to the 802.1p values in multiple outer VLAN
tags of different packets.

ATM QoS
The NE40E supports the following ATM QoS functions:
l ATM simple traffic classification
With ATM simple traffic classification enabled on an interface, a PVC, or a PVP, the CoS
and CLP value of incoming traffic can be mapped to the internal priority of a router; the
internal priority can be mapped back to the CoS and CLP value on the interface where
the traffic is forwarded. In this manner, various QoS services are implemented on
different ATM networks.
ATM simple traffic classification supports ATM cell relay, 1483R, and 1483B. The
1483R protocol is used to encapsulate IP packets into IPoA packets. The 1483B protocol
is used to encapsulate Ethernet frames into IPoEoA packets.
l ATM forced traffic classification
Although ATM cells carry precedence information, it is very difficult to implement
services such as IPoA, ATM cell relay, and IWF simple traffic classification based on
such precedence information. Alternatively, forced traffic classification can be adopted.
That is, you can run a command to configure forced traffic classification on the inbound
interface to set the precedence and color for the traffic of a specific PVC, an interface
(including the main interface and the sub-interface), or a PVP. Then, the traffic is
forwarded to the outbound interface carrying the specified precedence and color.
Forced traffic classification is supported on ATM physical interfaces, ATM
sub-interfaces, and ATM PVCs and ATM PVPs.

MPLS HQoS
MPLS QoS is a complete L2VPN/L3VPN QoS solution. It resorts to various QoS techniques
to meet the diversified and delicate QoS demands of VPN users. MPLS QoS provides relative
QoS on the MPLS Diff-Serv network and end-to-end QoS on the MPLE TE network. In
actual applications, the following QoS policies are supported.
l QPPB applied to an L3VPN
l MPLS Diff-Serv applied to an L2VPN/L3VPN
l MPLS TE applied to an L2VPN/L3VPN
l MPLS DS-TE applied to an L2VPN/L3VPN
l VPN-based QoS applied to the network side of an L2VPN/L3VPN

Last-mile QoS
Last-mile QoS is also known as link-level QoS. Last-mile QoS indicates that QoS is
implemented on the distance between a user and a DSLAM, where the NE40E adjusts the

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 53


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

downstream traffic based on the link layer protocol running between the user and the DSLAM.
In QoS shaping, the NE40E deducts extra link costs such as ATM cell headers and Ethernet
frame headers. In this manner, QoS shaping is more accurate and network congestion can be
prevented when DSLAM traffic volume is beyond the actual capability of the link.
The NE40E supports the configuration of last-mile QoS, QoS scheduling of ATM cells and
Ethernet frames, and smallest packet compensation.

7.7 Load Balancing


In a scenario where there are multiple equal-cost routes to the same destination, the NE40E
can balance traffic among these routes. The NE40E provides equal-cost load balancing and
unequal-cost load balancing, which can be selected as required. In equal-cost load balancing
mode, traffic is evenly load-balanced among different routes. In unequal-cost load balancing
mode, traffic is load-balanced among different routes based on the proportion of bandwidth of
each interface.

Equal-Cost Load Balancing


The NE40E can implement equal-cost load balancing on the traffic transmitted through the
member links of an IP-Trunk or an Eth-Trunk. When there are multiple equal-cost routes to
the same destination, the NE40E can evenly balance traffic among these routes.
Load balancing can be implemented in either session-by-session or packet-by-packet mode.
By default, the session-by-session load balancing mode is adopted.

Unequal-Cost Load Balancing


The NE40E supports the following unequal-cost load balancing modes:
l Load balancing based on routes
When the costs of different direct routes are the same, you can configure a weight for
each route for load balancing.
l Load balancing based on interfaces
For an IP-Trunk or an Eth-Trunk, you can configure a weight for each member link for
load balancing.
l Load balancing based on link bandwidth for IGP
In this mode, unequal-cost session-by-session load balancing is performed on the
outbound interfaces of paths carrying out load balancing. The proportion of traffic
transmitted along each path is approximate to or equal to the proportion of bandwidth of
each link. This mode fully considers the link bandwidth. In this manner, the case that
links with low bandwidth are overloaded whereas links with high bandwidth are idle
does not exist.
The NE40E can balance traffic between physical interfaces or between physical interfaces and
logical interfaces. In addition, the NE40E can detect the changes of logical interface
bandwidth due to manual configuration of new member links or the status changes of member
links. When the bandwidth of a logical interface changes, traffic is automatically
load-balanced based on the new bandwidth proportion.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 54


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

7.8 Traffic Statistics


The NE40E collects the statistics on access services for various users with multiple statistic
functions. The traffic statistics functions are as follows:
The traffic statistics functions are as follows:
l Helps carriers analyze the traffic model of the network.
l Provides reference data for carriers to deploy and maintain Diff-Serv TE.
l Supports traffic-based accounting for non-monthly rental users.

URPF Traffic Statistics


The NE40E collects statistics on the forwarded traffic based on URPF and the traffic
discarded during the URPF check.

ACL Traffic Statistics


The NE40E supports the ACL traffic statistics function. When the created ACLs are applied to
QoS and PBR, the NE40E can collect statistics based on ACLs after the ACL traffic statistics
function is enabled. The NE40E also provides commands to query the number of matched
packets and bytes.

CAR Traffic Statistics


The NE40E provides diverse QoS functions such as traffic classification, traffic policing
(CAR), and queue scheduling. For these specific functions, the NE40E provides the following
QoS traffic statistics functions:
l In traffic classification, the system can collect statistics on the traffic that matches rules
and fails to match rules.
l The traffic statistics function for traffic policing is implemented in the following
manners:
− Collects the statistics on the total traffic that matches the CAR rule.
− Collects the statistics on the traffic that is permitted or discarded by the CAR rule.
− Supports the interface-based traffic statistics.
− Supports interface-based CAR traffic statistics when the same traffic policy is applied
to different interfaces.

HQoS Traffic Statistics


The NE40E can collect the following HQoS traffic statistics:
l Statistics on the number of forwarding packets, bytes, and discarded packets of a user
queue which includes eight flow queues of different priorities
l Statistics on the number of forwarded packets, bytes, and discarded packets of a user
group queue
l Statistics on the number of forwarded packets, bytes, and discarded packets of eight
queues of different priorities on an interface

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 55


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

Interface-Based Traffic Statistics


Traffic statistics can be collected on all interfaces, including physical interfaces,
sub-interfaces, loopback interfaces, null interfaces, logical channel interfaces, and virtual
Ethernet interfaces.
Statistics on IPv4 and IPv6 packets, including unicast packets, multicast packets, and
broadcast packets, can also be collected.
Statistics on all protocol packets that are supported can be collected, such as MPLS packets,
ARP packets, IGP packets, BGP packets, PIM packets, and DHCP packets.
The NE40E uses the 64-bit register to store the interface-based traffic statistics. For example,
the register can store the traffic statistics on a 10G interface for 58.5 years.

VPN Traffic Statistics


On a VPLS network, the NE40E, functioning as a PE, can collect statistics on incoming and
outgoing traffic of L2VPN users that are connected to the NE40E.
On an L3VPN, the NE40E, functioning as a PE, can collect statistics on incoming and
outgoing traffic of various types of access users. The access users include:
l Users that access the network through interfaces including logical interfaces
l Multi-role hosts
l Users that access the network through the VPLS/VLL
l When MPLS HQoS services are configured, the NE40E, functioning as an ingress PE,
can collect statistics on the traffic that is sent by the network side.

Traffic Statistics on TE Tunnels


The NE40E, functioning as a PE on an MPLS TE network, can collect statistics on incoming
and outgoing traffic of a tunnel. When a VPN is statically bound to a TE tunnel, the NE40E
can collect statistics on traffic of each RRVPN over the TE tunnel and the total traffic over the
TE tunnel.
Statistics can be collected on traffic of each CT on a DS-TE tunnel.

7.9 User Access


IPv4-Based IPoX User Access
The NE40E supports the following IPv4-based IPoX user access functions:
l IP over Ethernet over VLAN (IPoEoVLAN) and IP over Ethernet over QinQ (IPoEoQ)
l IP over Ethernet over ATM (IPoEoA)
l ARP trigger, IP trigger, and DHCP trigger, which indicate the modes for triggering user
access by sending ARP packets, IP packets, and DHCP packets respectively
l Web authentication, fast authentication, bind authentication, and 802.1x authentication
l Default domain and roaming domain
l Typical options such as Option 60 and Option 82
l Static users

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 56


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

l IPv4 address allocation


l Captive portal

IPv6-Based IPoX User Access


The NE40E supports the following IPv6-based IPoX user access functions:
l IPv6 over Ethernet over VLAN (IPv6oEoVLAN), and IPv6oEoQ
l IPv6oEoA and dual-stack
l ND trigger online and DHCPv6 trigger online
l Web authentication, fast authentication, binding authentication, and 802.1X
authentication
l Default domain and roam domain
l Typical option code, such as Option18 and Option37
l IPv6 address, stateless prefix, and PD prefix allocation

IPv4-Based PPPoX User Access


The NE40E supports the following IPv4-based PPPoX user access functions:
l PPP over Ethernet (PPPoE), PPP over Ethernet over VLAN (PPPoEoV), and PPP over
Ethernet over QinQ (PPPoEoQ)
l PPP over ATM (PPPoA) and PPP over Ethernet over ATM (PPPoEoA)
l Default domain and roaming domain
l IPv4 address allocation
l PPPoE+

IPv6-Based PPPoX User Access


The NE40E supports the following IPv6-based PPPoX user access functions:
l PPPv6oE, PPPv6oEoV, and PPPv6oEoQ
l PPPv6oEoAand dual-stack; PPPv6oEoA and dual-stack
l Default domain and roaming domain
l IPv6 stateless prefix and PD prefix allocation
l PPPv6oE+

AAA
The NE40E supports the following Authentication, Authorization, and Accounting (AAA)
functions:
l Flexible AAA schemes
Authentication schemes include non-authentication, local authentication, remote
authentication, and any combination of these modes.
Authorization schemes include HWTACACS authorization, authorization through
authentication, local authorization, and online authorization.
Accounting schemes include non-accounting, remote accounting through Remote
Authentication Dial In User Service (RADIUS)/RADIUS+ or Terminal Access

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 57


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

Controller Access Control System (TACACS), pre-paid accounting, flexible IPv4/IPv6


dual-stack accounting.
l Domain management
l IPv4&IPv6 user management
l Local billing

RADIUS
The NE40E supports flexible RADIUS/RADIUS+ authentication, authorization, and
accounting.

Address Management
The NE40E supports the following address management functions:
l IPv4 address pool management through the DHCP server, DHCP relay agent, and DHCP
proxy
l IPv6 prefix pool management through the local prefix, delegation prefix, and proxy
prefix
l IPv6 address pool management through the DHCPv6 server and DHCPv6 relay agent

Downstream Device Management


The NE40E supports the following downstream device management functions:
l Access Node Control Protocol (ANCP)
l Dynamic topology discovery
l Line parameters update
l Policy of line parameters applied by the RADIUS server
l OAM for detecting the link between the NE40E and a DSLAM and notifying the
DSLAM of the link status
l ANCP proxy

Reliability
The NE40E supports the following reliability functions:
l User access through a trunk interface whose member interfaces reside on the same LPU
l User access through dual systems that back up each other

User Security
The NE40E supports the following user security functions:
l IP-based or IP+MAC-based bogus user access
l MAC address-based CAR

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 58


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

7.10 Value-Added Service


iVSE
The NE40E supports the following iVSE functions:
l Fast channel change (FCC) and retransmission (RET) of BTV programs on L3/L3VPN
networks
l Video Quality of Experience (VQE), including Media Delivery Index (MDI) and V-MOS
2.0
l Distributed quality monitoring of BTV and VOD programs on L3/L3VPN/L2VPN
networks
l Integrated quality monitoring of BTV and VOD programs on L3 networks
l Interconnection with other Huawei devices in providing IPTV services
l Simple Object Access Protocol (SOAP)
l Entitlement Control Message Protocol (ECMP)
l Dynamic Inspection Protocol (DIP)
l Processing FCC requests scheduled by the Request Routing Server (RRS)
l Selective transmission of video data through FCC

VAS
The NE40E supports the following value-added service (VAS) functions:
l Bandwidth On Demand (BOD) for enterprises
l Common Open Policy Service (COPS)
l RADIUS Change of Authorization (COA)
l Bandwidth modification for access users through a COPS server that can be an RM9000
l Report of accounting information on access users to a COPS server that can be an
RM9000
l Customized services of access users being valid in a specific time period

7.11 IP RAN Features


PNP

The plug-and-play function only can be configured on the X3 models of the NE40E.

Plug-and-Play (PNP) enables new devices to be automatically identified by the NMS and be
commissioned remotely by using the NMS.
On an IP RAN network deployed with a large number of devices, the device deployment costs,
especially the costs of on-site software commissioning, are high. This greatly harms the
growth of profits. To address this issue, Huawei puts forward the PNP solution.
The PNP feature effectively reduces the on-site software commissioning time, frees engineers
from working in bad outdoor environments, and greatly speeds up the project process and
improves project quality.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 59


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

Y.1731
Y.1731 supports the following functions:
l Single-ended frame loss statistics collection, two-ended frame loss statistics collection,
one-way frame delay, two-way frame delay and one-way jitter
l Y.1731 over PBB VPLS

MPLS TP OAM
MPLS TP OAM supports the following functions:
l Basic connectivity detection
l LoopBack (LB)
l Link Trace (LT)
l Remote Defect Indication (RDI)
l AIS
l Single-ended frame loss statistics collection and two-ended frame loss statistics
collection
l One-way frame delay and two-way frame delay
l VE interfaces support TP OAM
l Dynamic PWs and MS-PWs support TP OAM

7.12 Network Reliability


NSR
NE40Esupports the following techniques of Non-Stop Routing (NSR).
l NSR OSPF
l NSR LDP
l NSR RSVP-TE
l NSR PIM
l NSR PPP
l NSR ARP
l NSR LACP
l NSR for L2VPN
l NSR for L3VPN
l ISIS/ISIS6 NSR
l BGP/BGP4+ NSR
l Multicast (PIM/MSDP) NSR
l NSR for IPv6

APS
The NE40E supports the following Automatic Protection Switching (APS) functions:

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 60


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

l 1+1 unidirectional mode, 1+1 bidirectional and 1:1 bidirectional mode


l Manual switching of APS groups
l Forcible switching of APS groups
l Locking of traffic on the working link of an APS group
l Interface-based APS
l Intra-LPU or inter-LPU APS
l Inter-device APS, that is, Enhanced APS (E-APS)
l Addition of the working and protect interfaces of an APS group to a trunk so that all
services are configured on the trunk
l VE interfaces support MC-PW APS

FRR
The NE40E provides multiple fast reroute (FRR) features. You can deploy FRR as required to
improve network reliability.
l IP FRR
FRR switching can be complete in 50 ms. In this manner, the data loss caused by
network failures is minimized to a great extend.
FRR supported by the NE40E enables the system to monitor and save the status of LPUs
and interfaces in real time and to check the status of interfaces during packet forwarding.
When faults occur on an interface, the system can rapidly switch the traffic to another
pre-set route, thus reducing time between failures and the packet loss ratio.
l LDP FRR
LDP FRR switching can be complete in 50 ms.
l Hybrid FRR
Hybrid FRR is a combination of IP FRR and VPN FRR of IP routes and VPN routes in a
same VPN instance.
On a bearer network where a CE is dual-homed to two PEs, IP FRR is deployed between
the CE and each PE. If there are multiple voice VPNs and the two PEs are connected
through a POS link, you cannot bind sub-interfaces to different VPN instances to provide
a backup link for the traffic, because the NE40E does not support POS sub-interfaces.
In this case, a BGP VPNv4 peer relationship can be set up between the two PEs.
Therefore, the backup path, in the form of a private route, is exchanged between the two
PEs. The VPNv4 route then functions as a backup of the IP routes between the CE and
each PE. This implements FRR and switches traffic within 50 ms.
l TE FRR
TE FRR is an MPLS TE technology used to protect local networks. Only the interfaces
with a transmission rate of over 100 Mbit/s support TE FRR. TE FRR switching can be
complete within 50 ms. It can minimize data loss when network failures occur.
TE FRR protects traffic only temporarily. When the protected LSP becomes normal or a
new LSP is established, traffic is switched back to the original protected LSP or the
newly established LSP.
When a link or a node on the LSP fails, traffic is switched to the protection link and the
ingress node of the LSP attempts to establish a new LSP, if an LSP is configured with TE
FRR.
With different protected objects, TE FRR is classified into the following types:
− Link protection

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 61


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

− Node protection
l Auto FRR
Auto FRR is an extension of MPLS TE FRR. It automatically creates a bypass tunnel
that meets the requirements for the LSP through the configuration of the attributes of the
bypass tunnel, global auto FRR attributes, and interface-based auto FRR attributes on the
interface of the primary tunnel. When the primary tunnel changes to another path, the
previous bypass tunnel is automatically deleted. Then, a bypass tunnel that meets the
requirements is set up.
l VLL FRR
VLL FRR switching can be complete in 50 ms.
l VPN FRR
VPN FRR switching can be complete in 50 ms.

Backup of Key Parts


The NE40E-X16 supports backup of key modules.
l The NE40E-X16 has two MPUs that work in 1:1 backup mode.
l The NE40E-X16 has four SFUs that work in 3+1 backup mode. When one SFU becomes
faulty, the other three are responsible for data switching on the device. Traffic switching
on SFUs does not cause LPUs to be reset, or trigger the re-calculation of routes.
l The NE40E-X16 has eight PEMs on the back, working in 4+4 backup mode.
l NE40E-X16 has four fan modules. Each fan module contains a fan. The NE40E-X16 has
two heat dissipation areas. Each heat dissipation area has two fan modules working in
1+1 backup mode. If one of the fan modules becomes faulty and the ambient temperature
is below 40°C, the system can still work properly in a short period.
The NE40E-X8 supports backup of key modules.
l The NE40E-X8 has two SRUs that work in 1:1 backup mode.
l The NE40E-X8 has three SFUs working in 2+1 backup mode. Two of the SFUs are
integrated on two SRUs. When one SFU becomes faulty, the other two are responsible
for data switching on the device. Traffic switching on SFUs does not cause LPUs to be
reset, or trigger the re-calculation of routes.
l The NE40E-X8 has four PEMs on the back, working in 2+2 backup mode.
l NE40E-X8 has two fan modules. Each fan module contains a fan. The fan modules work
in 1+1 backup mode. When one module becomes faulty and the ambient temperature is
below 40°C, the system can still work properly in a short period.
The NE40E-X3 has two MPUs that work in 1:1 backup mode.
The NE40E can be equipped with one MPU/SRU or two MPUs/SRUs. The MPUs support hot
backup. If the device is configured with two MPUs/SRUs, the master MPU/SRU works and
the slave MPU/SRU is in the standby state. The management network interface on the slave
MPU/SRU cannot be accessed by users, and the console and AUX interfaces cannot be
configured with any command. The slave MPU/SRU exchanges information (including
heartbeat messages and backup data) with only the master MPU/SRU.
The system supports two types of master/slave switchover of MPUs/SRUs: failover and
switchover. The failover is triggered by serious faults in the master MPU/SRU or the reset of
the master MPU/SRU. The switchover is triggered by commands that are run on the console
interface. You can also forbid the master/slave switchover of the MPUs/SRUs by using
commands on the console interface. The system generates alarms, records the faults in the log

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 62


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

file, and reports the alarms to the NMS. The cause of the master/slave switchover and the
associated operations are recorded in the system diagnosis information base for users to
analyze.
The system provides two clock boards in master/slave backup mode. If the system detects that
the master clock board becomes faulty or is reset through a command, the system
automatically performs the master/slave switchover of clock boards. The master/slave
switchover of clock boards does not result in phase offsets or interrupt services.
The master/slave switchover time of each key part is less than 100 us.

High Reliability of LPUs


The NE40E supports backup of key service interfaces of the same type through protocols.
l Supports VRRP on Ethernet interfaces. With extended VRRP, two interfaces located on a
same NE40E or two NE40Es can back up each other. This ensures high reliability of the
interfaces.
l Supports backup of Eth-Trunk member interfaces, or backup of Eth-Trunk or IP-Trunk
member interfaces and non-member interfaces.
l Supports the bundling of interfaces on different LPUs into a trunk.
You can access different LPUs through double links and bundle interfaces on different
LPUs into a trunk to ensure high reliability of services.
Inter-LPU bundling is implemented by high-performance hardware engines, thus
ensuring load balancing of packets among different links.
The Hash algorithm based on the combination of the source and destination IP addresses
load-balances traffic evenly on links.
Seamless switchover is implemented in the case of a link failure so that services are
forwarded without interruption.
Through extended protocols, the NE40E backs up key service interfaces. In this manner, core
routers can monitor and back up the running status of interfaces when they carry LAN, MAN,
or WAN services. Therefore, the routing table is not affected when the status of the backup
interface needs to be changed and services recover rapidly.

Transmission Alarm Suppression


Transmission alarm suppression can efficiently filter and suppress alarm signals. This
prevents interfaces from frequently flapping. In addition, transmission alarm customization
enables the control over the impact brought by alarms on the interface status.
Transmission alarm customization and suppression implement the following functions:
l Customizes alarms. This can specify the alarms that can cause the change of the interface
status.
l Suppresses alarms. This can filter out the burr and prevent the network from frequently
flapping.

Inter-Device Backup
In the scenario where a PPPoE user accesses the BRAS, you can configure a response delay
after which the access interface responds to the request packet, based on information about the
access interface and even or odd MAC address or Option 82 information of the user. By

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 63


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

setting different response delays on different NE40Es, you can perform load balancing and
backup for PPPoE users. This is a simple and effective warm backup solution.
Inter-device backup can be performed in either of the following modes:
l Hot backup
Hot backup means that backup information takes effect immediately after the device
receives it. That is, traffic of the local device can be switched immediately when the
master/slave switchover is performed. The traffic convergence time of the entire network
depends on the previously described detection technologies and the traffic switching
technologies that will be described later.
l Warm backup
Warm backup means that backup information does not take effect after the device
receives it. Instead, it is stored in the backup module and takes effect after the
master/slave switchover is performed. The NE40E supports switching of traffic of 500
users per second. Therefore, when there are a large number of users, traffic is interrupted
or even users are logged out.
The backup solution varies with the requirement of the specific user.
l To help improve user experiences, it is recommended that hot backup be adopted to
shorten the duration of service interruption during master/slave switchover.
l To help cut investments and reduce the amount of backup information, it is
recommended that warm backup be adopted.

Dual-System Hot Backup


The NE40E supports the following dual-system hot backup functions:
l 1+1 or 1:1 hot backup of IPoE unicast traffic
l 1+1 or 1:1 hot backup of PPPoE unicast traffic
l 1:1 hot backup of L2TP LAC IPv4 access network
l 1+1 or 1:1 hot backup of ARP traffic

HA Backup
NE40E supports the following HA (High Availability) backup functions:
l 1+1 or 1:1 intra-chassis warm backup of CGN service
l 1+1 or 1:1 intra-chassis hot backup of CGN service
l 1+1 or 1:1 inter-chassis warm backup of CGN service
l 1+1 or 1:1 inter-chassis hot backup of CGN service

Ethernet OAM Fault Management


Ethernet OAM fault management includes the following functions:
l Ethernet in the First Mile OAM (EFM OAM)
Conforming to IEEE 802.3ah, the NE40E supports point-to-point Ethernet fault
management to detect faults in the last mile of the direct link on the user side of the
Ethernet. Currently, the NE40E supports OAM discovery, link monitoring, remote fault
notification, and remote loopback, as defined in IEEE 802.3ah.
l Connectivity Fault Management OAM (CFM OAM)

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 64


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

The following describes end-to-end Ethernet fault management in two aspects.


− Hierarchical MD
Each MD has a level that ranges from 0 to 7. The greater the value, the higher the
level. The 802.1ag packets from a low-level MD are discarded when entering a
high-level MD. The 802.1ag packets from a high-level MD can be transmitted
through a low-level MD.
− End-to-end fault detection and location
The NE40E realizes end-to-end Ethernet fault management by conforming to IEEE
802.1ag or not.
The NE40E supports MAC ping and MAC trace by transmitting Loop Back (LB) and
Link Trace (LT) messages defined in IEEE 802.1ag to locate faults.
Fault detection and location not conforming to IEEE 802.1ag include general MAC
ping and general MAC trace.

Ethernet OAM Performance Management


Conforming to ITU-T Y.1731, the NE40E supports Ethernet OAM performance management
by inserting the timestamp into 802.1ag LB messages to measure the delay, jitter, and packet
loss ratio when the messages are transmitted. In this manner, the NE40E can detect the
end-to-end performance of traffic in a specified time period and on a specified network
segment. The NE40E can measure performance parameters at scheduled time and output
report containing the network management information.
By using performance management tools, the ISP can monitor the network status in real time
through the NMS. The ISP then check whether the forwarding capacity of the network
complies with the Service Level Agreement (SLA) signed with users and locate faults. The
ISP does not need to carry out detection on the user side, which greatly decreases maintenance
costs.

VRRP
VRRP dynamically associates the virtual router with a physical router that carries services.
When the physical router fails, another router is elected to take over services. Failover is
transparent to users and thus the internal network and the external network can communicate
without interruption.
The NE40E supports the following VRRP functions:
l mVRRP
l VGMP
l E-VRRP
l VRRP For IPv6

GR
Graceful Restart (GR) is a key technology in implementing HA. It is designed based on NSF.
GR switchover and subsequent restart can be performed by the administrator or triggered by
faults. GR neither deletes the routing information from the routing table or the FIB nor resets
the board during the switchover when faults occur. This prevents the service interruption of
the entire system.
The NE40E supports system-level GR and protocol-level GR. Protocol-based GR includes:

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 65


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

l BGP GR
l OSPF GR
l IS-IS GR
l MPLS LDP GR
l Martini VLL GR
l Martini VPLS GR
l L3VPN GR
l RSVP GR
l PIM GR

BFD
BFD is a detection mechanism used uniformly in an entire network. It is used to rapidly detect
and monitor the connectivity of links or IP routes in a network.
BFD sends detection packets at both ends of a bidirectional link to check the link status in
both directions. The defect detection is implemented at the millisecond level. The NE40E
supports single-hop BFD and multi-hop BFD.
BFD of the NE40E supports the following applications.
l BFD for VRRP
The system uses BFD to detect and monitor the connectivity of links or IP routes in a
network. The rapid VRRP switchover is thus triggered.
l BFD for FRR
− BFD for LDP FRR.
− LDP FRR switchover is triggered after BFD detects faults on protected interfaces.
− BFD for IP FRR and BFD for VPN FRR.
− IP FRR and VPN FRR are triggered after BFD detects faults and reports fault
information to the upper layer applications.
l BFD for static routes
l BFD for IS-IS
The NE40E supports detection on the IS-IS adjacency by using the BFD session that is
configured statically.
BFD detects the fault of the link between the adjacent IS-IS nodes and rapidly reports the
fault to IS-IS. Thus fast convergence of IS-IS routes is performed.
l BFD for OSPF/BGP
The NE40E supports OSPF and BGP in dynamically setting up and deleting the BFD
session.
l BFD for PIM
BFD detection on IP-Trunks and Eth-Trunks
On the NE40E, BFD can detect a trunk and the member links of the trunk independently.
That is, it can detect the connectivity of the trunk and that of an important member link
of the trunk.
l BFD for LSP
BFD for LSP performs fast fault detection of the LSP, the TE tunnel, and the PW. In this
manner, BFD for LSP implements fast switchover of MPLS services such as VPN FRR,
TE FRR, and VLL FRR.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 66


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

l BFD for Dot1q sub-interface


l BFD for mVSI
l Multi-hop BFD
l BFD For IPv6
BFD for OSPFv3, BFD for ISISv6, BFD for BGP4+, and BFDv6 for default IPv6
l BFD for VPLS PW
l BFD for VPLS/VLL PW
l VPLS over LDP FRR/FW unicast

7.13 Clock
The NE40E supports the following clock features:
l CES ACR
l CES DCR
l Ethernet clock synchronization
l The Ethernet interfaces on the LPUF-10 and LPUF-21 of theNE40E provide Ethernet
clock synchronization so that the clock quality and stratum of the network can be
guaranteed.
l 1588v2
The 1588v2 feature:
− Supports the input and output of the externally synchronized time.
− Supports 10M/100M/1000M/10G Ethernet interfaces and auto sensing of
10M/100M/1000M Ethernet interfaces.
− Supports Eth-Trunk.
− Supports OC, BC, E2ETC, P2PTC, E2ETCOC, P2PTCOC and TCandBC.
− Allows the NE40E to function as a GrandMaster.
− Supports slave-only when functioning as an OC.
− Supports the dynamic BMC algorithm.
− Supports two delay measurement methods: Delay and PDelay
− Supports one-step mode and two-step mode in which 1588v2 packets that are used by
1588v2 devices to perform time synchronization are timestamped..
− Supports multicast MAC encapsulation (the VLAN and 802.1p priority are
configurable).
− Supports multicast UDP encapsulation (the source IP address, VLAN, and DSCP
priority are configurable).
− Supports unicast MAC encapsulation (the destination MAC, VLAN, and 802.1p
priority are configurable).
− Supports unicast UDP encapsulation (the source IP address, destination IP address,
destination MAC, VLAN, and DSCP priority are configurable).
− Uses the clock recovered through the Precision Time Protocol (PTP) as the clock
source and supports the algorithm for dynamic clock source selection (based on the
priority and clock stratum).
− Implements clock recovery that complies with G.813.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 67


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

− Implements frequency recovery that meets the requirements of the SDH equipment
clock (SEC) in G.823.
l 1588 ACR
− Supports frequency synchronization only.
− Supports the change of selected clock sources.
− Supports unicast UDP encapsulation (and the DSCP field).
− Complies with Recommendation G.8261 in terms of service modeling and
networking and performs clock recovery with accuracy that is prescribed by G.823.
− Supports 1588v2 header overlapping without affecting forwarding capabilities.
− Supports switchover between master and slave MPUs/SRUs without affecting
services.
− Supports hot swapping of LPUs and sub-cards.
− Supports 1588 ACR server.
Supports the two-way frequency restoration mode.
l Supports clock synchronization.
The NE40E supports clock synchronization on CPOS interfaces, E1 interface, and WAN
interfaces to ensure high clock quality and stratum on the network.
l Network Time Protocol (NTP) clock
The NE40E supports the following working modes of NTP:
− Server/client mode
− Peer mode
− Broadcast mode
− Multicast mode
The NE40E supports two NTP security mechanisms:
− Access authority
The NE40E provides four levels of access control. After receiving an NTP access
request packet, the NE40E matches it from the lowest access control level to the
highest access control level. The first successfully matched access control level takes
effect. The matching order is as follows:
peer: indicates the minimum access control. The remote end can send a time request
and a control query to the local end. The local clock can also be synchronized with
the clock of the remote server.
server: indicates that the remote end can send a time request and a control query to
the local end. The local clock, however, is not synchronized with the clock of the
remote server.
synchronization: indicates that the remote end can only send a time request to the
local end.
query: indicates the maximum access control. The remote end can only send a control
query to the local end.
l Authentication
When configuring NTP authentication, note the following rules:
The NTP authentication must be configured on both the client and the server; otherwise,
the authentication does not take effect. If NTP authentication is enabled, keys must be
configured and declared reliable.
The server and the client must be configured with the same key.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 68


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

l Internal clock
The NE40E provides an internal clock and can extract clock information from LPUs.
The clock precision reaches 4.6 ppm, that is, 0.00002s.
l Extended SSM
The NE40E supports the following functions:
− Sending and receiving of SSM information carrying Clock IDs
− Clock ID configuration for a clock source
− Clock source selection based on extended SSM

7.14 CGN
The following describes the CGN features supported by the NE40E:
l NAT444
− Distributed deployment
− Integrated deployment
− re-allocation or dynamic allocation of ports
− VPN NAT
− NAT ALG (FTP/ICMP/PPTP/RTSP/SIP)
− Port forwarding (Port forwarding rules are delivered to the BRAS by the RADIUS
server when users get online or by the OSS after users get online to create mappings
between public network addresses, private network addresses, and ports.)
− NAT server
− Web users authentication
l DS-Lite
− Distributed deployment
− Integrated deployment
− Pre-allocation or dynamic allocation of ports
− NAT ALG (FTP/ICMP/PPTP/RTSP/SIP)
− Port forwarding
− Port number limited
− Session number limited
l L2-Aware NAT
L2-Aware NAT on the NE40E is implemented based on user access information, private
network address, public network address to which the private network address maps, and
port. IP overlapping is allowed in L2-Aware NAT. L2-Aware NAT supports the following
functions:
− IP address overlapping among CPEs
− Semi-Dynamic port allocation
Perform the following configurations on the NE40E:
1. Number of ports to be allocated to each user for the first time
2. Number of ports that can be assigned every time after the first port allocation
3. Number of times ports can be assigned after the first port allocation

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 69


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 7 Service Features

When a user gets online for the first time, the system allocates ports to the user from
the ports available to be allocated for the first time. If the ports are unavailable, the
system allocates ports based on the number of ports that can be assigned every time
after the first port allocation. The number of times ports can be assigned after the first
port allocation is controlled. If the ports to be allocated after the first allocation are
not used, they are reclaimed for other users.
In Semi-Dynamic mode, if user's port range changes, the public network address and
port number segment can be carried in real-time accounting packets to be sent to a
RADIUS server.
− The capacity of a NAT address pool can be extended online.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 70


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 8 Security Features

8 Security Features

Security Authentication
The NE40E supports the following security authentication functions:
l AAA
l PAP and CHAP in PPP
l Plain text authentication and MD5 encrypted text authentication supported by routing
protocols that include RIPv2, OSPF, IS-IS, and BGP
l MD5 encrypted text authentication supported by LDP and RSVP
l SNMPv3 encryption and authentication

URPF
The NE40E supports URPF for IPv4/IPv6 traffic.

MAC Address Limit


The NE40E supports the following MAC address limit functions:
l Limit on the number of MAC addresses that can be learned
l Limit on the speed of MAC address learning
l Limit on interface-based MAC address learning
l Limit on PW-based MAC address learning
l Limit on VLAN+interface-based MAC address learning
l Limit on interface+VSI-based MAC address learning
l Limit on QinQ-based MAC address learning
MAC entries in a MAC address table are classified into three types:
l Dynamic entries
Dynamic entries are learnt by interfaces and stored in hardware of LPUs. Dynamic
entries age. Dynamic entries will be lost in the case of the system reset, LPU hot swap,
or LPU reset.
l Static entries

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 71


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 8 Security Features

Static entries are configured by users and delivered to LPUs. Static entries do not age.
After static entries are configured and saved, they are not lost in the case of the system
reset, LPU hot swap, or LPU reset.
l Blackhole entries
Blackhole entries are used to filter out the data frames that contain specific destination
MAC addresses. Blackhole entries are configured by users and delivered to LPUs.
Blackhole entries do not age. After blackhole entries are configured and saved, they will
not be lost in the case of the system reset, LPU hot swap, or LPU reset.

MAC Entry Deletion


The NE40E provides the following MAC entry deletion functions:
l Interface+VSI-based MAC entry deletion
l Interface+VLAN-based MAC entry deletion
l Trunk-based MAC entry deletion
l Outbound QinQ interface-based MAC entry deletion

Unknown Traffic Limit


With the unknown traffic limit, the NE40E implements the following operations on a VPLS or
Layer 2 network:
l Manages user traffic.
Boards that are not LPUI-41s or LPUF-100s manage only the traffic of VSI and VLAN
users.
l Allocates bandwidth to users.
In this manner, the network bandwidth is reasonably used and the network security is
guaranteed.

IGMP Snooping
The NE40E supports IGMP snooping on Layer 2 interfaces, Layer 3 interfaces, QinQ
interfaces, STP topologies, RRPP rings, and VPLS PWs.

DHCP Snooping
DHCP snooping is mainly used to prevent DHCP Denial of Service (DoS) attacks, bogus
DHCP server attacks, ARP middleman attacks, and IP/MAC spoofing attacks when DHCP is
enabled on the NE40E.
The working mode of DHCP snooping varies with the attack type, as shown in Table 8-1.

Table 8-1 Attack types and DHCP snooping working modes

Attack Type DHCP Snooping Anti-Attack Working


Mode
DHCP exhaustion attack MAC address limit

Bogus DHCP server attack Trusted/untrusted


Middleman attack and IP/MAC spoofing DHCP snooping binding table

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 72


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 8 Security Features

Attack Type DHCP Snooping Anti-Attack Working


Mode
attack

DoS attack by changing the value of the Check on the CHADDR field in DHCP
Client Hardware Address (CHADDR) packets
field

Local Attack Defense


The NE40E provides a uniform local attack defense module to manage and maintain the
attack defense policies of the whole system, thus offering an all-around attack defense
solution that is operable and maintainable to users.
The NE40E supports the following attack defense functions:
l Whitelist
A whitelist refers to a group of valid users or users with high priorities. By configuring
the whitelist, you can enable the system to protect existing services or user services with
high priorities.
l Blacklist
A blacklist refers to a group of invalid users. You can define a blacklist through ACLs.
The users confirmed as attackers are added to the blacklist. Then, packets that match the
blacklist are discarded or sent to the CPU with a lower priority.
l CPU Total CAR
Central Processing-Committed Access Rate (CP-CAR) is used to set the rate of sending
the classified packets to the CPU. You can set the average rate, the committed burst size
(CBS), and the priority for each type of packets.
l User-defined flow
User-defined flows refer to that a user defines the ACL rule to defend against attacks.
l Active link protection (ALP)
The NE40E protects the TCP-based application-layer data such as session data with the
whitelist function.
l Uniform configuration of CAR parameters
The NE40E provides the following methods of configuring CAR parameters:
− Same CAR parameters configured on different LPUs
− Same configuration interface for users
− Configuration of protocol-specific CAR parameters, making the user interface more
friendly
l Smallest packet compensation
The NE40E can efficiently defend the network against the attacks of small packets with
the smallest packet compensation function. After receiving packets, the system checks
the lengths of packets before sending them to the CPU.
− If the packet length is smaller than the preset minimum packet length, the system
calculates the sending rate with the pre-set minimum length.
− If the packet length is greater than the pre-set minimum packet length, the system
calculates the sending rate with the actual packet length.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 73


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 8 Security Features

l Association between the application layer and lower layers


Application layer association is implemented by associating the enabled and disabled
status of control protocols and the status of the forwarding engine on the lower layer.
l Local URPF
If the route is a local route, the packets must pass URPF check before being sent to the
CPU.
l Management and service plane protection
The function is to control protocol packets again at the control layer. Through three-level
policies (interface-level, board-based, and global), management and control plane
protection can flexibly specify the type of protocol packet that can be transmitted an
interface of a device.
l Defense against TCP/IP packet attacks
The NE40E provides defense measures against attacks by sending the following types of
packets on TCP/IP networks:
− Malformed packets
Null IGMP packets, packets with invalid TCP flag bits, LAND attack packets, IP
packets whose payloads are null, and smurf attack packets.
− Fragmented packets
Packets with a huge number of fragments or packets that have a large offset value,
repetitive fragmented packets, tear Drop, syndrop, nesta, fawx, bonk, NewTear, Rose,
ping of death, and Jolt attacks
− TCP SYN packet rate limited
− UDP flood attack defense
l Attack source tracing
When the NE40E is attacked, it obtains and stores suspicious packets, and then displays
the packets in a certain form through command lines or offline tools. This helps locate
the attack source easily.
When attacks occur, the system automatically removes the data encapsulated at upper
layers of the transmission layer and then caches the packets in memory. When there are a
certain number of packets in the cache, for example, 20000 packets on each LPU, the
earliest cached packets are overridden when more packets are cached.

GTSM
On the current network, attackers forge valid packets to attack routers, which overloads the
routers and consumes limited resources such as the CPU on the MPU. For example, an
attacker forges BGP protocol packets and continuously sends them to a router. After the LPU
of the router receives the packets, it finds that the packets are destined to itself and then sends
the packets directly to the BGP processing module on the MPU without checking the validity
of the packets. As a result, the system is abnormally busy processing these forged valid
packets and the CPU usage is high.
To guard against the preceding attacks, the NE40E provides the Generalized TTL Security
Mechanism (GTSM). The GTSM protects services above the IP layer by checking whether
the TTL value in the IP header is within a specified range. In actual applications, the GTSM is
mainly used to protect the TCP/IP-based control plane such as the routing protocol against
attacks of the CPU-utilization type such as CPU overload.
The NE40E supports BGP GTSM, BGP+ GTSM, OSPF GTSM, and LDP GTSM.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 74


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 8 Security Features

ARP Attack Defense


The NE40E supports the following ARP attack defense functions:
l Interface-based ARP entry restriction
l Timestamp suppression based on the destination IP address and source IP address of an
ARP packet
l The destination address check for the ARP packet
The system checks whether the destination IP address of the ARP packet received on the
interface is correct. If the destination IP address is correct, the packet is sent to the CPU;
otherwise, the packet is discarded.
l ARP bidirectional isolation
l Filtration of invalid ARP packets
The NE40E filters out the following types of ARP packets:
− Invalid ARP packets
Invalid ARP packets include ARP request packets with the destination MAC
addresses being unicast addresses, ARP request packets with the source MAC
addresses being non-unicast addresses, and ARP reply packets with the destination
MAC addresses being non-unicast addresses.
− Gratuitous ARP packets
− ARP request packets with valid MAC addresses
You can use commands to filter out one or more previously mentioned invalid packets.
l Dynamic CAR for ARP packets

Local Mirroring
In local mirroring, an LPU can be configured with a physical observing port, multiple logical
observing ports, and multiple mirrored ports.
Local mirroring can be inter-LPU mirroring, which means that the observing port and
mirrored port reside on different LPUs. Inbound and outbound traffic mirroring is supported
in inter-board port mirroring
Mirroring between different types of interfaces is supported.

Netstream
NetStream provides the following functions:
l Accounting
l Network planning and analysis
l Network monitoring
l Application monitoring and analysis
l Abnormal traffic detection
NetStream involves three devices: the NetStream Data Exporter (NDE), the NetStream
Collector (NSC), and the NetStream Data Analyzer (NDA).
The NE40E functions as an NDE to sample packets and aggregate and output flows.
NetStream on the NE40E is classified into distributed NetStream and integrated NetStream
based on where to collect packets and process flows.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 75


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 8 Security Features

l Distributed NetStream
Certain LPUs can sample packets and aggregate and output flows by themselves.
l Integrated NetStream
Certain LPUs do not process flows. They only sample packets and send the sampled
packets to the NetStream SPU for integrated flow aggregation and output.Integrated
NetStream supports load balancing among multiple NetStream boards.
The NE40E supports the following functions in terms of sampling:
l Sampling on the inbound and outbound interfaces
l Certain LPUs support sampling on only inbound interfaces.
l Interface-based sampling and traffic-classification-based sampling
l Sampling of the IPv4 unicast/multicast packets, fragmented packets, MPLS packets,
MPLS L3VPN packets, and L2VPN VLL packets
l Regular packet sampling, random packet sampling, sampling at regular time, and
sampling at random time
l Sampling on various types of physical and logical interfaces such as POS interfaces,
Ethernet interfaces, VLAN sub-interfaces, serial/MP/FR PVC/FR MP interfaces
channelized from CPOS interfaces, ATM interfaces, FR interfaces, trunk interfaces,
VLANIF interfaces, and GRE interfaces
The NE40E provides the following functions in terms of aggregation and output:
l IPv4 packets can be aggregated based on the AS number, AS-ToS, protocol-port,
protocol-port-ToS, source-prefix, source-prefix-ToS, destination-prefix,
destination-prefix-ToS, prefix, prefix-ToS, VLAN-ID, index-tos, BGP-nhp-tos,
source-index-tos.
l MPLS packets can be aggregated based on Layer 3 labels.
l The generated statistics can be output in v5, v8, or v9 format with 16-bit or 32-bit AS
numbers, which can be set through commands. When packets are output in the v9 format,
both the 16-bit and 32-bit interface indexes are supported, and can be set through
commands as required.
l Each type of aggregated flows can be output to two NMS servers if configured.
NE40E supports NetStream IPv4 and NetStream IPv6.

SSHv2
The NE40E supports the STelnet client and server and the SFTP client and server. Both
support SSH 1.5 and SSH 2.0.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 76


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 9 Energy Conservation and Emission Reduction

9 Energy Conservation and Emission


Reduction

Regulation Compliance
The NE40E complies with the following energy conservation and emission reduction
regulations:
l Directive 2002/95/EC on the Restriction of the Use of certain Hazardous Substances in
Electrical and Electronic Equipment (RoHS)
l Regulation (EC) No 1907/2006 concerning the Registration, Evaluation, Authorization
and Restriction of Chemicals (REACH)
l Directive 2002/96/EC on waste electrical and electronic equipment (WEEE)
l ATIS-0600015.03.2009 Energy Efficiency for Telecommunications Equipment:
Methodology for Measurement and Reporting for Router and Ethernet Switch Products
l Directive 2009/125/EC establishing a framework for the setting of ecodesign
requirements for energy-related products (recast)

Energy Consumption Management


The NE40E provides the following power consumption management functions:
l Power supply management
l Device- and board-based power consumption query
l Configuration and query of the energy conservation mode

Power Consumption Reduction Designs


The NE40E has the following power consumption reduction designs:
l Allows fan modules to automatically adjust the fan speed based on environment
temperature.
l Allows users to run commands to power off boards, except the active main control
board.
l Allows users to run commands to power off unused subboards and interfaces on service
boards.
l Supports dynamic energy conservation for unused modules.
l Supports dynamic energy conservation based on service loads.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 77


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 9 Energy Conservation and Emission Reduction

Energy Conservation Suggestions


The energy conservation suggestions for the NE40E are as follows:
l Separate hot and cold air ducts in equipment rooms, place the air intake vent of the
NE40E besides the cold air duct, and prevent hot air from entering the air intake vent.
l Select the best suited AC power modules to prevent high power loss due to AC power
light load that means the load ratio is less than 30%.
l Clean the dust-proof nets regularly and keep the air intake vents unblocked to reduce
power consumption and noise.
l Cover unused slots with filler panels and cap unused interfaces with rubber plugs to
ensure efficient heat dissipation.
l Power off unused boards and interfaces.
l Set the NE40E to energy conservation mode.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 78


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 10 Applicable Environment

10 Applicable Environment

About This Chapter


10.1 Application on an IP Bearer Network
10.2 Application on an IPTV Bearer Network
10.3 Application on a Multi-Service IP MAN
10.4 Application on an IPv6 Backbone Network
10.5 IP RAN Solution
10.6 iVSE Solution
10.7 Dual-Stack User Access and Transition Solutions

10.1 Application on an IP Bearer Network


Figure 10-1 shows the application on an IP bearer network.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 79


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 10 Applicable Environment

Figure 10-1 Application on an IP bearer network

Core layer

Convergence layer

Access layer

CR
NE5000E

BR
NE80E SoftX3000

AR
NE40E

SoftX3000
UMG8900

CR:Core Router BR(ER): Edge Router AR: Access Router

Directed at the condition of the existing bearer network and oriented at the NGN bearer
network and the 3G services, it is necessary for carriers to set up a core bearer network to
carry NGN multi-services. In the new market competition environment, with the development
of new services and technologies, the newly built bearer network will become the
next-generation multi-service bearer platform that supports voice, data, and video
transmission. Specifically, the newly built bearer network will carry NGN, video conference,
video phone, streaming media, enterprise interconnection, and 3G services. It will bring about
the milestone of network transformation and network convergence for carriers.
In this solution, the NE5000E acts as the core router to forward data at a high speed and
ensure high reliability; the NE80E/40E acts as the convergence router to converge NGN voice,
signaling, NMS, and customer services.
This application has the following characteristics:
l The core layer uses double planes. The NE5000Es are fully meshed.
l The NE80E is dual-homed to the NE5000Es.
l Two devices are deployed at an important node to back up each other.
l MPLS VPN is uniformly planned, which implements user isolation and service isolation.
l VPN FRR is deployed on all PEs.
l High reliability technologies such as TE FRR, GR, BFD for VRRP, and IGP fast
convergence are used on the network.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 80


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 10 Applicable Environment

10.2 Application on an IPTV Bearer Network


Figure 10-2 Application on an IPTV bearer network

CS NMS

DiffServ, multicast fast Dynamic IP+MAC+VLAN


convergence, Anycast RP Core bearer binding, strict URPF,
provides reliability network ensuring access security

BAS
ES
NE80E
/NE40E
QinQ, 4K x 4K VLANs,
isolated unicast services, Convergence Selective QinQ, dedicated
secure access switch multicast VLAN,avoiding
replication on the gateway
Multicast replication on
Multicast switch,
the edge, ensuring high
saving reconstruction
efficiency and
expense
controllable multicast
DSLAM Multicast switch

End switch

Home Home
gateway gateway

TV PC TV PC

This application has the following characteristics:


l The IPTV bearer network and the original MAN access network share the same platform.
The IPTV bearer network is thus integrated in the entire network structure of carriers.
l At the core layer, the high-end router NE80E/40E is used to build an MPLS VPN and
construct the logical plane for various services. In addition, the NE80E/40E forwards
data at a high speed and provides high-performance QoS.
l The BRAS at the service control layer is deployed as follows:
− In the early phase of the development of IPTV services, normal services and IPTV
services access the same BRAS and traffic streams are distributed. In this manner,
little change is performed on the entire network and new services are deployed
promptly.
− With the deployment of large-scale services, dedicated IPTV BRASs are required.
Broadband access services access the original BRAS; IPTV services access the
dedicated IPTV BRAS. In this manner, IPTV services and other services are free

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 81


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 10 Applicable Environment

from interacting on each other; the requirements of high-volume traffic of IPTV


services are satisfied. In addition, the powerful control capability of the BRAS
ensures the secure access of IPTV services. IPTV services and other services are
distributed on the convergence-layer devices.

10.3 Application on a Multi-Service IP MAN


Figure 10-3 Application on a multi-service IP MAN

Backbone Internet
network backbone IP bearer
network network

IP MAN Egress router

MAN core
ASBR-PE
network

BRAS USR

Service control layer

Access
IP broadband access network network Customer and NGN access
network

Broadband Customer
NGN service
access service

As shown in Figure 10-3, an IP MAN is classified into the core layer, service control layer,
and access layer.
The NE40E is usually deployed as the core node on IP backbone networks, IP MANs, and
large-scale IP networks. In this application, the NE80E is deployed on the egress of an IP
MAN core network.
The NE40E is usually deployed as the core or convergence node on IP MANs. In this
application, theNE40E is deployed as the convergence node on an IP MAN core network.
The core layer is responsible for high-performance and large-capacity data forwarding. It
requires a simple network structure and secure and reliable transmission of multiple services.
Huawei enables IP/MPLS at the core layer and allows a physical network to implement
multiple logical service bearer planes through the MPLS VPN technology. To ensure network
security and reliability, Huawei adopts many reliability techniques at the core layer, such as
high reliability of devices and networks, and inter-AS high reliability. Huawei provides

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 82


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 10 Applicable Environment

core-layer devices of large capacities, high-density interfaces, and high forwarding


performance, answering the requirements of the core layer.
The NE40E provides the following features that can answer the demands of the core layer of
the MAN:
l The NE40E has a powerful switching capacity. The interface capacity of a single system
reaches 640 Gbit/s. The NE40E provides 10-Gbit/s interfaces at line speed and
high-density GE interfaces. This meets the requirements for large-capacity and
high-performance forwarding on the core network.
l The NE40E provides powerful routing capabilities and various routing protocols. The
NE40E supports IP/MPLS and provides multiple VPN solutions such as BGP/MPLS
L3VPN and MPLS L2VPN. In this manner, multiple services are carried over the logical
bearer plane of the core network. Service isolation and security are thus implemented.
l The NE40E supports inter-AS VPN Option A/B/C. This guarantees the reliable running
of inter-AS services.
l The NE40E provides carrier-class reliability, such as redundancy of key modules and
in-service patching. In addition, the NE40E provides various FRR techniques, such as IP
FRR, LDP FRR, and TE FRR.

10.4 Application on an IPv6 Backbone Network


Figure 10-4 Application on an IPv6 backbone network
PE

PE PE
NE80E NE80E
IPv6 Internet

IPv6/IPv4 NE80E

NE5000E/80E
IPv6 Core 5000E/80E

PE PE
NE5000E/80E
NE80E/40E NE80E/40E IPv4 Internet
IPv6
IPv6 EDGE

L3 Switch L3 Switch

MA 5200 L2 Switch

SOHO IPv6 SOHO IPv6

The IPv6 application on a backbone network does not affect the original IPv4 services such as
IPv4 forwarding and MPLS VPN. The application needs to solve the following problems:

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 83


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 10 Applicable Environment

l Interconnection between IPv6 islands


l Interworking between IPv6 and IPv4 networks
To address the preceding problems, The NE40E applies IPv6 key technologies in the
following combinations:
l All the routers on the backbone network support the IPv4/IPv6 dual stack. In this case,
IPv4 services are forwarded over IPv4, whereas IPv6 services are forwarded over IPv6.
Both problems can be solved.
l The interconnection between IPv6 islands can be implemented through L3 tunnels by
applying manually configured tunnels or 6to4 tunnels. The core router needs to support
only IPv4 forwarding and does not need to be upgraded.
l The interconnection between IPv6 islands can be implemented through MPLS L2
tunnels by applying MPLS L2VPN techniques such as VPLS and CCC. The core router
needs to support only MPLS forwarding. The interworking between IPv6 and IPv4
networks can be implemented by configuring NAT-PT on gateways.

10.5 IP RAN Solution


Access Solutions
Services of the 2G RAN network, mainly a small number of voice services, are transmitted
over TDM links. Usually one to three E1 interfaces on a BTS are connected to a BSC. Some
mobile carriers do not have fixed network infrastructure, and have to lease E1 lines of
fixed-line networks, which costs a lot. Services between the BTSs and BSCs in the same city
can be transparently transmitted over TDM links in a Metro Ethernet (ME) network.
For a 2G RAN network, a Packet Switching Network (PSN) is constructed through NE40Es
between the BTSs and a BSC. The NE40E is connected to the BTSs in the downstream
through n x E1 links, and to the BSC in the upstream through n x E1 links or 155-Mbit/s
links.
Mobile providers worldwide have been constructing the Radio Access Network (RAN)
continuously. The 2G RAN network is based on TDM/SDH, and thus it has a lower utilization
of bandwidth, is hard to expand, and is inflexible to configure. Therefore, IP RAN is a trend.
UMTS R99/R4 defines ATM as the protocol used during the transmission of the services
between the Node B and RNC, with E1 IMA interfaces connecting the two ends. Figure 10-5
shows the networking diagram.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 84


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 10 Applicable Environment

Figure 10-5 2G/3G RAN solution

E1
TD
M*
N Router
Router
E1 TDM E1 TDM*N

BSC
MPLS over SDH/ME

N *E1(ATM IMA) N *E1(ATM IMA)

Router Router RNC


Node B A)
IM
TM
1(A
*E Transparent transmission
N
of ATM cells through PWE3

Node B Transparent transmission


of TDM services

Deploying devices on a Metro Ethernet-based MPLS network can solve the problem of
bandwidth multiplexing. Node B is connected to the NE40E that supports E1 IMA interfaces.
After the NE40E terminates IMA, the high-speed ATM cell flow is transparently transmitted
through ATM PWE3 to the NE40E at the RNC side. Then, the NE40E at the RNC side divides
the high-speed ATM cell flow into n x E1 links, and sends multiple channels of low-speed
cells to the RNC. For the Node B and RNC, the NE40E and MPLS network are transparent.
That is, multiple E1 interfaces on the Node B and RNC are directly connected through the
TDM link.

1588v2 Clock Solution


As shown in Figure 10-6, the bearer network synchronizes its time through the GPS or
external time sources, and then provides the clock or time externally; the nodes support
multicast MAC encapsulation.
The nodes in the bearer network can trace a BITS clock. All the nodes on the network serve as
boundary clocks (BCs), and all the BCs support the peer delay mechanism to be adapted to
fast switchover of links. The nodes that do not support IEEE 1588 can be configured to
support GPS if these nodes are connected through POS or ATM links. BCs send clock signals
to the Node B that support IEEE 1588 through multicast MAC addresses. The Node B that
does not support IEEE 1588 synchronizes frequency through Ethernet clock synchronization
or through WAN interfaces.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 85


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 10 Applicable Environment

Figure 10-6 1588v2 clock solution

GPS GPS

POS
BC BC

1588v2 1588v2
GE GE

BC BC

FE E1 E1 FE

1588v2 1588v2

Node B Node B Node B Node B


with 1588v2 without 1588v2 without 1588v2 with 1588v2

10.6 iVSE Solution


In traditional IPTV solutions of the NE40E, some video problems, such as slow switchover of
channels, mosaic, static frames, and dark screen, persist. These problems affect user
experience greatly. In addition, operators lack effective means of monitoring the quality of
video services.
By applying the iVSE function, the NE40E can provide fast switchover of video services,
retransmission of lost video packets, and monitoring of video quality.
When the user switches channels, the STB sends a fast switchover request to the
iVSE-capable NE40E. Then, the NE40E fast pushes channel data to the STB and reports new
channels. The STB sends the IGMP adding request to the DSLAM or multicast switch. Finally,
the DSLAM or multicast switch pushes multicast data of new channels to the STB.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 86


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 10 Applicable Environment

Figure 10-7 iVSE solution

Middlewar
AAA server Policy server
e

IP/MPLS Core
NE40E

IP/MPLS Edge
soft switch
NE40E NE40E
VoIP
VoD server
gateway

Metro
Network PSTN

L3

DSLAM DSLAM

IAD IAD

After detecting packet loss according to received channel data, the STB sends the
retransmission request to the NE40E. Then, the NE40E searches the cached channel data for
the packets to be retransmitted and retransmits these packets to the STB.
The iVSE-capable NE40E can monitor video quality by calculating the quality data of video
from the source and then drawing a conclusion on video quality on the NE40E. The result
contains the quality of video flows on the NE40E.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 87


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 10 Applicable Environment

Figure 10-8 iVSE solution

Access Ethernet Aggregation Edge Core Application

Distribution In te rn et
node
BRAS Internet

DSLAM
CMTS Aggregafion
P/PE
Node
P/PE SoftX
VoD ES
Distribution P/PE
node

AccSwitch PE VoD CS

As the aggregation node and distribution node, the NE40E accesses the IPTV service and
forwards IPTV packets on Layer 3. In this scenario, after iVSE is applied to the aggregation
node and distribution node, fast switchover of videos, retransmission of lost video packets,
and monitoring of video quality can be provided.
l When the user switches channels, the STB sends a fast switchover request to the
iVSE-capable NE40E. Then, the NE40E fast pushes channel data to the STB and reports
new channels. The STB sends the IGMP adding request to the DSLAM or multicast
switch. Finally, the DSLAM or multicast switch pushes multicast data of new channels
to the STB.
l After detecting packet loss according to received channel data, the STB sends the
retransmission request to the NE40E. Then, the NE40E searches the cached channel data
for the packets to be retransmitted and retransmits these packets to the STB.
l In addition, the iVSE-capable NE40E can monitor video quality by calculating the
quality data of program flows from the source and then drawing a conclusion on video
quality on the NE40E.
As the aggregation node and distribution node, the NE40E accesses the IPTV service and then
transparently transmits IPTV packets to the BRAS or integrated PEs through VPLS. In this
scenario, after monitoring of video quality is applied to the aggregation nodes and distribution
nodes separately, end-to-end monitoring of video quality can be provided.
l When monitoring of video quality is deployed on a distribution node, the IPTV flows are
monitored and calculated before they enter the VPLS tunnel. The calculated result shows
the quality of the IPTV flows on the distribution node.
l When monitoring of video quality is deployed on an aggregation node, the IPTV flows
are monitored and calculated after they leave the VPLS tunnel. The calculated result
shows the quality of the IPTV flows on the aggregation node.
l When monitoring of video quality is deployed on both distribution nodes and
aggregation nodes, you can deploy monitoring of video quality on the ingress and egress
of VPLS tunnels, that is, distribution nodes and aggregation nodes, to check video
quality on each segment. By checking video quality on each segment, you can locate the
causes of poor video quality.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 88


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 10 Applicable Environment

10.7 Dual-Stack User Access and Transition Solutions


As the number of Internet users keeps increasing, and mobile broadband and the Internet of
Things rapidly develop, IPv4 address shortage has become an increasingly serious problem.
IPv6 provides enough addresses to allow the Internet to continue to expand, solving the
problem of IPv4 address shortage. Currently, a huge amount of IPv4 services has been
transmitted on the Internet, and therefore carriers still need to use IPv4 on the network. A
reasonable approach is to gradually introduce IPv6 without affecting existing IPv4 services
and build a pure IPv6 Internet with the growing popularity of IPv6. In this situation, transition
from IPv4 to IPv6 is required. During the transition, the following solutions are available:
l In the first phase, IPv4 and IPv6 users use NAT64, DNS, and AAA technologies to
access IPv4 services over IPv4 networks.
l In the second phase, IPv4, IPv6, and dual-stack users access IPv6 services over
dual-stack networks.
l In the third phase, IPv4, IPv6, and dual-stack users use CGN transition technologies
(NAT444 and DS-Lite) to access IPv6 services over IPv6 networks.
The HUAWEI NetEngine80E/40E can provide dual-stack access and CGN transition
technology.

CGN Transition Technology: Centralized Deployment

Figure 10-9 Application scenario of centralized deployment

PC1 AAA Server


Access
Network
CPE
PC2
BRAS
Internet

PC1 Access CR(CGN)


Network

CPE BRAS operation server


PC2

In centralized deployment mode, a CGN device is deployed on an aggregation node (CR) to


provide the CGN function, which brings no or small changes to existing access nodes
(BRASs). Centralized deployment applies to the networks on which a small amount of
services are transmitted on CRs or a small number of BRASs are connected to CRs.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 89


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 10 Applicable Environment

CGN Transition Technology: Distributed Deployment

Figure 10-10 Application scenario of distributed deployment

PC1 AAA Server


Access
Network
CPE
PC2 BRAS(CGN)
Internet

PC1 Access CR
Network

CPE BRAS(CGN)
operation server
PC2

In distributed deployment mode, CGN cards are installed on access nodes (BRASs) to provide
the CGN function, which brings no changes to existing aggregation nodes (CRs). Distributed
deployment applies to the networks on which a large amount of services are transmitted on
CRs, a large number of BRASs are connected to CRs, or a large number of devices need to be
deployed or upgraded.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 90


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 11 Operation and Maintenance

11 Operation and Maintenance

About This Chapter


11.1 System Configuration Modes
11.2 System Management and Maintenance
11.3 Device Running Status Monitoring
11.4 HGMP
11.5 System Service and Status Tracking
11.6 System Test and Diagnosis
11.7 NQA
11.8 In-Service Debugging
11.9 Upgrade Features
11.10 License
11.11 Other Operation and Maintenance Features

11.1 System Configuration Modes


The NE40E supports two configuration modes: command line configuration and NMS
configuration.
You can configure the NE40E by using command lines through the following:
l Console port
l Auxiliary (AUX) port
l Telnet
As a command interface, the console port can send command lines to the control plane.
As a debugging interface, the console port can receive debugging information from the
control plane and data plane, and deliver debugging commands and control commands.
The NMS configuration supports the configuring NE40E through the SNMP-based NMS.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 91


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 11 Operation and Maintenance

11.2 System Management and Maintenance


The NE40E provides powerful system management and maintenance functions:
l Board detection, hot swap detection, Watchdog, board resetting, RUN indicator, system
debugging, fan and power supply control, master/slave switchover control, and version
inquiry
l Local and remote software upgrade/data upload, and functions such as version rollback,
backup, saving, and clearing of version information
l Supports inband and outband NMS interfaces.
l Hierarchical user authority management, operation log management, command line
online help, and commands comments.
l Three user authentication modes: local authentication, RADIUS authentication, and
HWTACACS authentication, which authenticate and authorize users through command
lines and SNMP.
l Multi-user operation
l Query on Layer 2 or Layer 3 interfaces
l Hierarchical management, alarm classification, and alarm filtering
l Interface and optical modules support the shutdown and undo shutdown commands

11.3 Device Running Status Monitoring


NE40E provides complete equipment status monitoring function through the information
center.
Syslog is a sub-function of the information center. Syslog is transported over UDP and it
outputs log information to the log host through port 514.
The information center receives and processes the following types of information:
l Log information
l Debugging information
l Trap information
According to information severity or urgency, the information is classified into eight severity
levels. The lower the level, the higher the severity. The following table shows the detailed
information.

Lev Seve Description


el rity
0 Emer A fatal exception occurs on the device. The system is unable to function
gency properly and must be restarted. For example, the device is restarted due to
program exceptions or memory usage errors are detected.
1 Alert A serious exception occurs on the device, which requires immediate
actions. For example, the memory usage of the device reaches the upper
threshold.

2 Critic A critical exception occurs on the device, which needs to be handled and
al analyzed. For example, the memory usage exceeds the alarm threshold; the
temperature exceeds the alarm threshold; and Bidirectional Forwarding

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 92


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 11 Operation and Maintenance

Lev Seve Description


el rity
Detection (BFD) detects that a device is unreachable or detects error
messages generated by the local device.
3 Error Improper operation is performed or abnormal process occurs on the device,
which does not affect subsequent services but requires attention and cause
analysis. For example, users enter incorrect commands or passwords; error
protocol packets are received by other devices.

4 Warn An abnormality that may cause the device to malfunction occurs on the
ing device, which requires attention. For example, a routing process is disabled
by the user; BFD detects packet loss; and error protocol packets are
detected.

5 Notic A key operation is performed to keep the device running normally. For
e example, the user runs the shutdown command on the interface, a neighbor
is discovered, and the protocol state machine changes status.
6 Infor A routine operation is performed. For example, the user runs a display
matio command.
nal

7 Debu A routine operation is performed, which requires no action.


gging

The information center supports 10 channels, of which channels 0 through 5 each have a
default channel name. By default, the six channels correspond to six directions in which
information is output. The log information on the CF card is output to log files through
Channel 9 by default. This means that a total of seven default output directions are supported.
When multiple log hosts are configured, you can configure log information to be output to
different log hosts through one channel or multiple channels. For example, you can configure
some log information to be output to a log host through Channel 2 (loghost), and some log
information to a log host through Channel 6. In addition, you can change the name of Channel
6 to implement the desired channel management.
The NE40E stores all alarms in a log file, and provides the CF card to store the log file. How
long the alarms can be stored depends on the number of the alarms. Generally, the alarms can
be stored for months.

11.4 HGMP
The NE40E supports the Huawei Group Management Protocol (HGMP). HGMP is a cluster
management protocol developed by Huawei.
HGMP is used to group Layer 2 devices that are connected to the NE40E into a unified
management domain, that is, a cluster. HGMP supports automatic collection of network
topologies and provides integrated maintenance and management channels. In this manner, a
cluster uses only one IP address for external communications, simplifying device management
and saving IP addresses.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 93


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 11 Operation and Maintenance

11.5 System Service and Status Tracking


The NE40E provides the following functions for tracking system services and status:
l Monitors the change of the state machine of routing protocols.
l Monitors the change of the state machine of MPLS LDP.
l Monitors the change of the state machine of a VPN.
l Monitors the types of protocol packets sent by the forwarding engine to the control plane
and displays detailed information about packets by enabling debugging.
l Detects and counts the statistics on malformed packets.
l Supports HGMP.
l Displays a notification when the processing of abnormality starts.
l Collects the statistics on the resources used by each feature.

11.6 System Test and Diagnosis


The NE40E supports the debugging of running services, including online recording of key
events, packet processing, packet parsing, and status switching of services at specified time,
which serves as powerful support for device commissioning and networking. Debugging can
be enabled or disabled through the console interface for specific service (a specific routing
protocol) or specific interface (information about a routing protocol on a specific interface).
The NE40E provides the system-based trace function to detect and diagnose running software,
online recording of important events such as task switchover and interruption, queue reading
and writing, and system abnormality. If the system is restarted after a fault occurs, the NE40E
can read trace information that functions as a reference for fault location. Trace can be
enabled and disabled through commands on the console interface.
In addition, the NE40E supports real-time query about CPU usage of the MPU and LPU.
Debugging and trace information provided by the NE40E is classified into different levels.
Sensitive information with different levels can be output to different destinations as
configured. For example, information can be output to the console interface, Syslog server, or
SNMP agent to trigger traps.

11.7 NQA
The NE40E supports Network Quality Analysis (NQA).NQA measures the performance of
different protocols running on the network. In that case, carriers can collect the operation
index of networks in real time, such as:
l Total delay of the HTTP
l Delay in TCP connection
l Delay in DNS resolution
l File transmission speed
l Delay in FTP connection
l DNS resolution error rate.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 94


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 11 Operation and Maintenance

Taking control of these indexes, carriers can provide network services of different levels
and charge differently. NQA is also an effective tool for diagnosing and locating a
network fault.
NQA supports the following functions:
l PWE3 traceroute
l Multicast ping
l Multicast traceroute
l Traceroute function through DISMAN-TRACEROUTE-MIB
l Ping/UDP/TCP/SNMP functions through DISMAN-PING-MIB
l CE-ping (ping the host from a VPLS PW)
l VPLS MAC ping and VPLS MAC trace
l VPLS MAC purge and VPLS MAC populate
l LSP ping, LSP tracerout, and MPLS jitter
l Verification of DNS functions through DISMAN-NSLOOKUP-MIB
l NMS management over all NQA functions through NQA-MIB
l Transmission of consecutive 3000 simulated voice packets in one test
l Minimum transmission intervals at 10 ms
l NQA for multiple next hops in packet redirection

11.8 In-Service Debugging


The NE40E provides port mirroring to map specific traffic to a certain monitoring interface.
In this case, in-service debugging can be performed for the advanced maintenance engineers
to debug and analyze the operation status of the network.

11.9 Upgrade Features


In-Service Upgrade
The NE40E supports in-service software upgrade. At the same time, the NE40E provides
online patching for the system software. You can upgrade only the features that need to be
improved.

One-Command System Upgrade


The upgrade process of the NE40E is optimized. You can use one command to complete the
upgrading. Thus, you can save time. During the upgrading process, the progress is displayed.
After the upgrading is complete, you can view the results.

Software Version Rollback


During the upgrading process, if the system fails to start by using the new system software,
the system software in the last successful startup is adopted.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 95


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 11 Operation and Maintenance

The rollback function provided by the NE40E prevents the services from being affected by
the failure in system upgrade.

11.10 License
With the variation of the NE40E software functions and higher ratio of software cost
occupying the overall cost, the current service mode cannot satisfy the development
requirements of customers and carriers.
l Common users need to reduce the purchase cost.
l Upgrade and expansion users need to effectively control the capacity and functions.
To satisfy the requirements of different users, the NE40E needs to implement the flexible
authorization to service modules.
For the authorization control of service modules, the NE40E provides the License
authorization management platform . Through the License authorization mode:
l Common users can purchase service modules as required and reduce the purchase cost.
l Upgrade and expansion users can expand the capacity, and support and maintain the
functions by applying for a new License.

11.11 Other Operation and Maintenance Features


The NE40E supports the following configuration features in addition to the preceding
features:
l Provides hierarchical commands to prevent unauthorized users from logging in to a
device.
l Users can type in a question mark "?" to obtain online help.
l Provides detailed debugging information to diagnose network faults.
l Provides DosKey-like functions to run a history command.
l Provides command line descriptors for partial match of keywords not conflicting with
keywords of other command lines. For example, you can enter "disp" for the display
command.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 96


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 12 NMS

12 NMS

SNMP
The NE40E supports device operation and management by the network management station
through SNMP.
The NE40E supports SNMPv1, SNMPv2c, and SNMPv3.
l SNMPv1
SNMPv1 supports community name-based and MIB view-based access control.
l SNMPv2c
SNMPv2c supports community name-based and MIB view-based access control.
l SNMPv3
SNMPv3 inherits the basic functions of SNMPv2c, defines a management frame, and
introduces a User-based Security Model (USM) to provide a more secure access control
mechanism for users.
SNMPv3 supports user groups, user group-based access control, user-based access
control, and authentication and encryption mechanisms.

NMS
The NE40E adopts Huawei iManager U2000 network management system. The U2000
improves its management capability, scalability, and usability to construct a unified and
customer-oriented next-generation NMS.
l Unified and Abundant NBIs
Unified NBIs enable the U2000 to manage transport equipment, access equipment, IP
equipment.
Abundant NBIs (XML, CORBA, SNMP, TLI, TEXT, and Customer OSS Test) address
the needs for OSS integration.
l Unified Network Management
The U2000 manages transport equipment, access equipment, IP equipment in a unified
manner.
In addition, the U2000 manages end-to-end (E2E) services. The services include MSTP,
WDM, Microwave, PTN, ATN, CX, Router, and Switch services.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 97


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description 12 NMS

The U2000 is also capable of managing third-party equipment by obtaining equipment


information directly through IP and SNMP protocols. Third-party equipment
management includes:
− Topology management: Third-party NEs can be added to the U2000 and then
displayed in the topology view. The system also supports manually creating links and
automatically discovering IP links for these third-party NEs.
− Resource management: Users can view manufacturer information, IP addresses, and
interfaces of third-party NEs.
− Alarm management: Users can manage alarms in compliance with the IETF RFC
standards for third-party NEs.
− Performance management: Users can perform routine and real-time performance
statistics collection for interfaces on third-party NEs.
− Report management: The U2000 provides traffic reports for interfaces on third-party
NEs.
l Multiple Operating Systems
The U2000 was developed based on Huawei's integrated management application
platform (iMAP). The U2000 supports Sun workstations, PC servers, Sybase databases,
SQL Server databases, Solaris, Windows, and SUSE Linux operating systems (OSs).
l Leading Scalable NMS Architecture
By adopting the mature and widely-used client/server (C/S) architecture, the U2000
supports distributed and hierarchical database systems, service processing systems, and
client application systems. Modularized architecture is scalable so that the U2000 meets
the management requirements of complex and large-scale networks
l Visualized Management
− Service supervision
− Visualized trails
− Service deployment
− Object relationship
− Network-wide clock

LLDP
The Link Layer Discovery Protocol (LLDP) is a Layer 2 protocol defined in IEEE 802.1ab.
LLDP specifies that the status information is stored on all interfaces and the device can send
its status to the neighbor stations. The interfaces can also send information about changes in
the status to the neighbor stations as required. The neighbor stations then store the received
information in the standard SNMP MIB. The NMS can search for Layer 2 information in the
MIB. As specified in the IEEE 802.1ab standard, the NMS can also discover unreasonable
Layer 2 configurations based on information provided by LLDP.
When LLDP runs on the devices, the NMS can obtain Layer 2 information about all the
devices to which it connects and detailed network topology information. This is helpful to the
rapid expansion of the network and acquirement of detailed network topologies and changes.
LLDP also helps discover unreasonable configurations on networks and reports the
configurations to the NMS. This removes incorrect configurations in time.

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 98


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description A Acronyms and Abbreviations

A Acronyms and Abbreviations

A
AAA Authentication, Authorization and Accounting
AAL5 ATM Adaptation Layer 5
AC Access Controller
ACL Access Control List
AF Assured Forwarding
ANSI American National Standard Institute
AP Access Point
ARP Address Resolution Protocol
ASBR Autonomous System Boundary Router
ASIC Application Specific Integrated Circuit
ATM Asynchronous Transfer Mode
AUX Auxiliary (port)

B
BE Best-Effort
BGP Border Gateway Protocol
BGP4 BGP Version 4
BoD Bandwidth on Demand

C
CAR Committed Access Rate
CBR Constant Bit Rate
CE Customer Edge

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 99


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description A Acronyms and Abbreviations

CHAP Challenge Handshake Authentication Protocol


COPS Common Open Policy Service
CoS Class of Service
CPU Center Processing Unit
CR-LDP Constrained Route - Label Distribution Protocol

D
DAA Destination Address Accounting
DC Direct Current
DHCP Dynamic Host Configuration Protocol
DNS Domain Name Server
DS Differentiated Services

E
EACL Enhanced Access Control List
EF Expedited Forwarding
EMC EElectroMagnetic Compatibility

F
FCC Fast Channel Change
FE Fast Ethernet
FEC Forwarding Equivalence Class
FIB Forward Information Base
FIFO First In First Out
FR Frame Relay
FTP File Transfer Protocol

G
GE Gigabit Ethernet
GRE Generic Routing Encapsulation
GTS Generic Traffic Shaping

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 100


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description A Acronyms and Abbreviations

HA High availablity
HDLC High level Data Link Control
HTTP Hyper Text Transport Protocol

I
iVSE Integrated Value-added Service Engine
ICMP Internet Control Message Protocol
IDC Internet Data Center
IEEE Institute of Electrical and Electronics Engineers
IETF Internet Engineering Task Force
IGMP Internet Group Management Protocol
IGP Interior Gateway Protocol
IP Internet Protocol
IPoA IP Over ATM
IPTN IP Telephony Network
IPTV Internet Protocol Television
IPv4 IP version 4
IPv6 IP version 6
IPX Internet Packet Exchange
IS-IS Intermedia System-Intermedia System;
ISP Interim inter-switch Signaling Protocol
ITU International Telecommunication Union - Telecommunication
Standardization Sector

L
L2TP Layer 2 Tunneling Protocol
LAN Local Area Network
LCD Liquid Crystal Display
LCP Link Control Protocol
LDP Label Distribution Protocol
LER Label switching Edge Router
LPU Line Processing Unit
LSP Label Switched Path

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 101


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description A Acronyms and Abbreviations

LSR Label Switch Router


M
MAC Media Access Control
MBGP Multiprotocol Border Gateway Protocol
MD5 Message Digest 5
MIB Management Information Base
MP Multilink PPP
MPLS Multi-protocol Label Switch;
MSDP Multicast Source Discovery Protocol
MSTP Multiple Spanning Tree Protocol
MTBF Mean Time Between Failures
MTTR Mean Time To Repair
MTU Maximum Transmission Unit

N
NAT Network Address Translation
NLS Network Layer Signaling
NP Network Processor
NTP Network Time Protocol
NVRAM Non-Volatile Random Access Memory

O
OSPF Open Shortest Path First

P
PAP Password Authentication Protocol
PBB Provider Backbone Bridge
PE Provider Edge
PFE Packet Forwarding Engine
PIC Parallel Interference Cancellation
PIM-DM Protocol Independent Multicast-Dense Mode
PIM-SM Protocol Independent Multicast-Sparse Mode
POP Point Of Presence

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 102


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description A Acronyms and Abbreviations

POS Packet Over SDH/SONET


PPP Point-to-Point Protocol
PQ Priority Queue
PT Protocol Transfer
PVC Permanent Virtual Channel

Q
QoE Quality of Experience
QoS Quality of Service

R
RADIUS Remote Authentication Dial in User Service
RAM Random-Access Memory
RED Random Early Detection
RFC Requirement for Comments
RH Relative Humidity
RIP Routing Information Protocol
RMON Remote Monitoring
ROM Read Only Memory
RP Rendezvous Point
RSVP Resource Reservation Protocol
RSVP-TE RSVP-Traffic Engineering

S
SAP Service Advertising Protocol
SCSR Self-Contained Standing Routing
SDH Synchronous Digital Hierarchy
SDRAM Synchronous Dynamic Random Access Memory
SFU Switch Fabric Unit
SLA Service Level Agreement
SNAP SubNet Attachment Point
SNMP Simple Network Management Protocol
SONET Synchronous Optical Network

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 103


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description A Acronyms and Abbreviations

SP Strict Priority
SPI4 SDH Physical Interface
SSH Secure Shell
STM-16 SDH Transport Module -16
SVC Switching Virtual Connection

T
TCP Transfer Control Protocol
TE Traffic Engineering
TFTP Trivial File Transfer Protocol
TM Traffic Manager
ToS Type of Service
TP Topology and Protection packet

U
UBR Unspecified Bit Rate
UDP User Datagram Protocol
UNI User Network Interface
UTP Unshielded Twisted Pair

V
VBR-NRT Non-Real Time Variable Bit Rate
VBR-RT Real Time Variable Bit Rate
VC Virtual Circuit
VCI Virtual Channel Identifier
VDC Variable Dispersion Compensator
VLAN Virtual Local Area Network
VLL Virtual Leased Line
VPI Virtual Path Identifier
VPLS Virtual Private LAN Service
VPN Virtual Private Network
VRP Versatile Routing Platform
VRRP Virtual Router Redundancy Protocol

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 104


Copyright © Huawei Technologies Co., Ltd.
HUAWEI NetEngine40E Universal ServiceRouter
Product Description A Acronyms and Abbreviations

W
WAN Wide Area Network
WFQ Weighted Fair Queuing
WRED Weighted Random Early Detection
WRR Weighted Round Robin

Issue 01 (2012-09-30) Huawei Proprietary and Confidential 105


Copyright © Huawei Technologies Co., Ltd.

Você também pode gostar