Security Level

:

SmartAX MA5600T Product Description
ISSUE 1.0
www.huawei.com

HUAWEI TECHNOLOGIES Co., Ltd.

Huawei Confidential

Contents
1. 2. 3.

GPON Product Architecture Overview Service Features Overview Network Application

Copyright © 2010 Huawei Technologies Co., Ltd. All rights reserved.

Page2

GPON Solutions
Internet Softswitch BTV/VoD Game

iManager N2000

IP/MPLS Core Network

MA5600T

Enterprise Residential

SOHO/SME Phone HSI IPTV Game Phone IP Centrex HSI VPN Video Conference

Video phone

HSI

Copyright © 2006 Huawei Technologies Co., Ltd. All rights reserved.

Page3

Huawei GPON Solution
OLT Curb

Building

Home

• OLT

• Middle Level DSLAM for GPON uplink

• xDSL+PO TS MDU

•Home Gateway

• LAN+PO TS MDU

• Low Capacity OLT • Outdoor Cabinet

• Home Gateway +POTS • Outdoor Home Gateway

All the GPON series products can be management by iManager N2000 unified NMS

Copyright © 2006 Huawei Technologies Co., Ltd. All rights reserved.

Page4

MA5606T 2 service slots Flexible utility for OLT or MDU MA5603T 6 service slots Compatible with MA5600T service cards MA5600T 16 service slots,4096 ont capacity GE/10GE uplink Flexible Network Application Copyright © 2006 Huawei Technologies Co. Page5 .OLT Products All levels of OLT adopt for different application.. Ltd. All rights reserved.

Page6 ..GPON OLT Overview The MA5600T is a gigabit-capable passive optical network (GPON) access product of Huawei. All rights reserved. The MA5600T provides rich network applications Fiber to the home (FTTH) Fiber to the building (FTTB) IP private line interconnection Time division multiplexing (TDM) private line interconnection Copyright © 2006 Huawei Technologies Co. Ltd.

5Gbit/s downstream 1. Huawei Confidential Page 7 .984. LTD.MA5600T Configuration Description P R T G P R T G G I C T F O P A X 2 C A Service Ports GPON 2.2 Indexes of the optical port comply with Class B+ 1:64 split ratio 20Km transmission reach G P B C G P B C G P B C G P B C G P B C G P B C G P B C G P B C S C U L S C U L G P B C G P B C G P B C T O P A E T H A T O P A T O P A Network Ports SCUL: Super control unit GPBC: 4-port GPON service processing unit TOPA: 16E1 uplink board GICF: 2GE optical port uplink unit GICG: 2GE electrical port uplink unit X1CA: 10GE optical port uplink unit X2CA: 2*10GE optical port uplink unit ETHA: 8*GE Ethernet service unit PRTG: power input unit 10GE/2*10GE GE optical/electrical port Maintenance Port FE RS-232 RS-485 System Capacity Supports 64 GPON ports Supports 4096 GPON users HUAWEI TECHNOLOGIES CO..25Gbit/s upstream Complies with the ITU-T G.

. perfectly guaranteed IPTV service L2/L3 packet forwarding rate: 595Mpps HUAWEI TECHNOLOGIES CO. LTD. Huawei Confidential Page 8 .MA5600T System Architecture 4*GE /4*10GE uplink 10GE Gigabit Ethernet Switching Fabric 10GE GPBC GPBC GPBC GPBC SCU •Fully line rate forwarding of GE port •10 GE bus between the GPON board and SCU GPBC Self-design GMAC 10GE Serdes Serdes … GPON Optical Module GPON Optical Module GPBC Line Card Full-GE non-blocking switching matrix: 400Gbps Non-blocking dual star bus backplane: 1Tbps 10GE bus bandwidth for each service slot.

38 Fax Relay) QoS 8 T-CONT queues Local Traffic Mgt. 802. G.5Gbps/1.. G. FoIP (T. SIP. G.1q/802.4 MGCP.25Gbps 3 or 2 wavelength on a single fiber System Configuration PON Interface 2 POTS ports (RJ-11) 4 10/100Base-T ports(RJ-45) Supports OMCI Protocols ITU-T G.984.984.2. 12V DC output . Queue Mgt.1p based Multicasting video supported Power Supply 100V to 240V AC input..984. (Physical Ports/L2 based Flow Classification. LTD. Scheduling) Tagging/Marking. 2A HUAWEI TECHNOLOGIES CO.984.GPON ONU HG850 Overview Network Interfaces GPON interface: 2. MoIP.3. Huawei Confidential Page 9 .1.

984.5Gbps/1. G. Queue Mgt. 802.984.984.2. G. Scheduling) Tagging/Marking.1p based Multicasting video supported Power Supply 100V to 240V AC input HUAWEI TECHNOLOGIES CO. (Physical Ports/L2 based Flow Classification.984. Huawei Confidential Page 10 .25Gbps 3 or 2 wavelength on a single fiber System Configuration PON Interface 4 E1 ports 4 10/100Base-T ports (RJ-45) 1 1000/100 Base-T port(RJ-45) 1 RF CATV port (75 ohm F coaxial) (optional) Supports OMCI Protocols ITU-T G. G. LTD.3.1q/802.4 QoS 8 T-CONT queues Local Traffic Mgt..1..GPON SBU OT925 Overview Network Interfaces GPON interface: 2.

248. All rights reserved. G.MDU——MA5620G/MA5626G Network Interfaces GPON interface: 2..4 H.984. G.1q/802. G. MoIP. Queue Mgt. SIP.984.5Gbps/1. Ltd.3. 802.1.38 Fax Relay) QoS 8 T-CONT queues Local Traffic Mgt. Scheduling) Tagging/Marking.984. (Physical Ports/L2 based Flow Classification.2. FoIP (T.1p based Multicasting video supported Copyright © 2006 Huawei Technologies Co. Page11 Appearance of the MA5626G .25Gbps 3 or 2 wavelength on a single fiber System Configuration PON Interface 24 10/100Base-T ports (RJ-45) 24 POTS ports) Appearance of the MA5620G Power: 100V to 240V AC input Protocols ITU-T G..984.

802.5Gbps/1.25Gbps 3 or 2 wavelength on a single fiber System Configuration PON Interface ADSL2+/VDSL2/SHDSL FE ports Temperature:-40℃ ~ 65℃ Power: 100V to 240V AC input.. All rights reserved.MDU——MA5606T Network Interfaces GPON interface: 2. Scheduling) Tagging/Marking.4 V to -57.6 V DC input QoS 8 T-CONT queues Local Traffic Mgt. Queue Mgt. Ltd.1q/802.1p based Multicasting video supported Copyright © 2006 Huawei Technologies Co. Page12 . 38. (Physical Ports/L2 based Flow Classification..

3. GPON Product Architecture Overview Service Features Overview Network Application Copyright © 2006 Huawei Technologies Co. Ltd.Contents 1. All rights reserved.. 2. Page13 .

GPON Product Architecture Overview Service Features Overview 1. Network Application Copyright © 2006 Huawei Technologies Co. Ltd.Contents 1. Service Features VLAN Features QoS and Security Introduction 2. 2. 3.. Page14 . 3. All rights reserved.

Features of MA5600T Triple Play Supports Triple-play service VoIP services with the highest priority IPTV service compatible with IGMP V2/V3 High bandwidth data service Multiple Gemports for Multiple services Security: User identifier: PPPOE+. LTD.. DHCP Option 60 Strict multicast control Guaranteed QoS : based on 802.1p traffic classification. supports modifying DSCP/TOS priority HUAWEI TECHNOLOGIES CO. DHCP Option 82 Service identifier: DHCP Relay. Huawei Confidential Page 15 .

Huawei Confidential Page 16 . Services go upstream through T-CONTs.GPON Service Mapping Process PC Data Flow GET IP by PPPOE Internet ONT T-CONT1 MA5600T BRAS IPTV Video Flow T-CONT2 GET IP by DHCP VLAN1 VoD Server IP Network Middle ware Data Video Voice VLAN2 VLAN3 SIP Phone Voice Flow GET IP by DHCP T-CONT3 DHCP Server Softswitch VoIP Services correspond to GEM ports and GEM ports correspond to T-CONTs. facilitating flexible VLAN switching.. OLT is able to sense services. LTD. HUAWEI TECHNOLOGIES CO. Services go upstream to the IP network through different VLANs.

Features of MA5600T——Multicast Powerful IPTV service capacity 8 multicast groups are supported for each user 1024 IGMP groups IGMP V2/V3 800 IGMP packets are processed per second Channel pre-view. Strict multicast control Controllable multicast to control users to access to multicast groups HUAWEI TECHNOLOGIES CO. Huawei Confidential Page 17 . each multicast VLAN can work in proxy or snooping mode Each multicast VLAN support difference program creation modes: static and dynamic. fast-leave Management: Management on programs and users based on Multicast VLAN 256 multicast VLAN supported.. LTD.

RSP Z MA5600T VLAN Z Multicast Architecture is fully compliant to TR101. LTD. Huawei Confidential Page 18 . HUAWEI TECHNOLOGIES CO..Multicast Service from Multi-RSPs RSP X Multicast client of different RSP initiate IGMP session through different M-VLAN IGMP session packet over different M-VLANs and unicast GEM ports VLAN X GEM Port RSP X VLAN X IGMP Proxy IGMP Proxy IGMP Proxy RSP Y Bridging RSP Y VLAN Y VLAN Y IGMP Snooping RSP Z VLAN Z ONT multicast GEM port Independent IGMP Proxy process for different MVLAN (as RSPs).

Huawei Confidential Page 19 . GPBC boards completes program duplication on different ports.Powerful Multicast Functions OSS Multicast protocol: IGMP snooping + IGMP proxy 2-level multicast duplication Each program sends one copy to service units.. ONT filters multicast packets based on user authority Level 2 NMS IP Core Ch1 Ch2 Ch3 Ch4 Ch1 Ch2 Ch3 Ch4 Multicast Server MA5600T Level 1 Ch1 Ch2 Ch3 GPBC SCUL Ch3 Ch4 GPBC Multicast stream IGMP report Ch1 Ch2 Ch3 Ch4 Ch1 Ch2 Ch3 Ch2 Ch3 Ch3 Ch4 Ch4 IP group: 1~4 HUAWEI TECHNOLOGIES CO. LTD.

248/SIP compatible for FTTH/FTTB/FTTC Voice and Video compatible for FTTH/FTTB/FTTC Management: Unified management for iManager N2000 Zero Touch VoIP service provisioning for FTTH/FTTB/FTTC QoS High Priority and strict service classify QoS guarantee and strict DBA processing for voice HUAWEI TECHNOLOGIES CO.Features of MA5600T——VoIP Flexible VoIP Network Application MGCP/H.. Huawei Confidential Page 20 . LTD.

Page21 .Features of MA5600T——VoIP Soft-switch IP Core NE40E MA5600T Splitter HG850 MGCP/SIP MA5620G H..248/SIP Phone Video Phone Video Phone Phone Phone Copyright © 2006 Huawei Technologies Co.248/SIP MA5606T H. All rights reserved. Ltd.

Management: Unified management for iManager N2000 Zero Touch TDM service provisioning HUAWEI TECHNOLOGIES CO. This mode features simple encapsulation. small network cost.. LTD. In a GPON network deployment. the traditional TDM service can be delivered over the PSTN network through the Native TDM mode. TDM frames are directly encapsulated to GPON GEM frames in TDMoGEM mode. In Native TDM.Features of MA5600T——TDM Native TDM By using the standard 8 kHz (125μm) frames. the GPON GTC layer is synchronous in nature. and guaranteed link quality. Huawei Confidential Page 22 .

. All rights reserved. Page23 .Features of MA5600T——TDM Copyright © 2006 Huawei Technologies Co. Ltd.

. Network Application Copyright © 2010 Huawei Technologies Co. Service Features VLAN Features QoS and Security Introduction 2. 2. Page24 . 3. 3. Ltd. GPON Product Architecture Overview Service Features Overview 1. All rights reserved.Contents 1.

Page25 .. All rights reserved.Features of MA5600T—VLAN Service Virtual Local Area Network (VLAN) is a division of a local area network logically rather than physical arrangement of cables A VLAN makes it possible to divide a physical LAN into different broadcast domains logically.1Q specifies the VLAN implementation scheme VLAN 1 VLAN 2 VLAN 3 VLAN 2 VLAN 1 VLAN 3 Copyright © 2006 Huawei Technologies Co. IEEE 802. Ltd.

. distinguished according to VLANs.VLAN Types on the MA5600T The MA5600T provides three types of VLAN: Types VLAN Description Application Only contain Ethernet ports for subtending reducing the number of VLANs Standard Only contains standard port in the same Smart contains multiple upstream ports and multiple service ports. Theservice ports are isolated from occupied each other in terms of traffic. used when users are MUX but contains only one service port. Copyright © 2006 Huawei Technologies Co. Page26 . All rights reserved. Ltd. that contains one or more upstream ports. Any two MUX VLANs are isolated.

Standard VLANs A standard VLAN is the VLAN defined by the IEEE 802. Page27 . Ltd. but not the service ports Copyright © 2006 Huawei Technologies Co.. All rights reserved.1Q standard which has the following features: The ports in one VLAN are interconnected at layer 2 The ports in different VLANs are isolated at layer 2 Eth port Standard VLAN Eth port On the MA5600T the standard VLAN can contain only standard ports (FE or GE ports of the upstream card).

you can use the Smart VLAN to give access to more users than a MUX VLAN..Smart VLANs A Smart VLAN can contain standard ports and service ports The Smart VLAN is used to partition user groups Each user group is associated with one Smart VLAN. service port Upstream 3 X2CA GPBC service port VLAN 3 3 port service port 3 Tagged packets Copyright © 2006 Huawei Technologies Co. When the number of VLANs on a MA5600T is limited. Ltd. All rights reserved. Page28 .

MUX VLANs A MUX VLAN is a VLAN that can contain multiple standard ports but only one service port There is a one to one mapping relationship between the VLAN ID and the access user The MUX VLAN is used to isolate and identify access users One VLAN ID corresponds with one access connection Service port VLAN 3 Upstream 3 X2CA Service port GPBC VLAN 5 5 port Service port VLAN 7 7 Tagged packets Copyright © 2006 Huawei Technologies Co.. Ltd. Page29 . All rights reserved.

.Features of MA5600T—VLAN Service IP ISP1 SP VLAN1 C VLAN2 VLAN3VLAN2 VLAN3VLAN2 IP ISP2 SP VLAN2C VLAN2 MA5600T VLAN2 VLAN3VLAN1 MA5600T SP VLAN1 C VLAN1 SP VLAN2C VLAN1 MA5600T VLAN2 VLAN1 Branch office Salesman1 Accountant1 Headquarter Accountant2 Salesman2 Enterprise1 Enterprise2 QinQ VLAN . QinQ service can set up a simple L2 VLAN channel between intranets to complete data switching. Huawei Confidential Page 30 . Public network VLAN tag completes forwarding packets on the public network. Stacking VLAN-Wholesale Service Inner VLAN tags identify users Outer VLAN tags identify ISPs OLT adds two layers of VLAN tags and then users can connects to the specified ISP network directly.L2 VPN channel Inner VLAN tags identify private network VLANs Outer VLAN tags identify public network VLANs OLT completes adding an outer public network VLAN. MA5600T forwards data from enterprise1 to ISP1 network and data from enterprise2 to ISP2 network. HUAWEI TECHNOLOGIES CO. LTD.

3. Ltd.. All rights reserved. 2. 3. GPON Product Architecture Overview Service Features Overview 1. Service Features VLAN Features QoS and Security Introduction 2. Page31 . Network Application Copyright © 2010 Huawei Technologies Co.Contents 1.

QoS Procedure in GPON OLT/ONT Classifier GEM Port Shaper/CAR Queue Scheduler SP/WRR Egress from ONT Scheduler (SP/WRR) Queue 802. LTD. Huawei Confidential ) ( Ingress to ONT ONT ONU T-CONT PON GEM Port Splitter GEM Port OLT PON GEM Port Page 32 .1P Shaper/CAR Classifier HUAWEI TECHNOLOGIES CO..1P Classifier Ingress to OLT Classifier CAR Queue 802.1P Scheduler Egress from OLT Scheduler (SP/WRR) Queue 802.

1P Combinatio 3TCONT VLAN GEM PORT 802.. Huawei Confidential Page 33 .1P Combination IAD n C A STB GEM Port R ONU PON#N VoIP traffic flow Video traffic flow Internet traffic flow PC HUAWEI TECHNOLOGIES CO.GPON Flow Control Processing Car Virtual UNI IAD VLAN 1 VLAN 2 1TCONT 3VLAN OFA5920 flow Queues Scheduling(SP+WRR) C A GEM Port C A R PON#0 ONU Car Queues scheduling TOS/DSCP VoIP VPN VLAN 101 VLAN 102 VLAN 103 BRAS VoIP Video Video VPN Internet Internet STB VLAN 3 R TOS/DSCP VLAN PC PHY PORT 802. LTD.

DBA What is DBA? DBA. All rights reserved. Page34 . Users can enjoy higher-bandwidth services. Ltd. Dynamic Bandwidth Assignment DBA is a scheme facilitating dynamic bandwidth assignment within the interval of ns and us. especially those requiring comparatively greater change in terms of the bandwidth. More users can be added on a PON port.. Copyright © 2006 Huawei Technologies Co. Why DBA? It enhances the uplink bandwidth utilization of PON ports.

LTD.3ad) for load sharing (1:1 future) MSTP for link protection Main control unit backup (1+1) DC power redundancy (1+1) HUAWEI TECHNOLOGIES CO.High Availability Solution 1+1 main control board hot backup Main Frame PR TG PR TG X2CA DC Power redundancy (1+1) G P O N G P O N S C U L S C U L ETH ETH • 1+1 uplink redundancy • 1:1 load sharing • Link protection with MSTP Ring • L3 routing with OSPF and RIP 2 Link switchover is independent of main control board ‘s redundancy X2CA ETH ETH Link aggregation (comply with 802. Huawei Confidential Page 35 ..

. LTD.1x Access Authentication • Per VLAN per Service to isolate different services • ACL control to filter undesired traffics • IGMP Snooping & Proxy • Controllable multicast Billing System PORTAL App Server IN IP core network Access Security Boundary OLT OLT System Security • Anti-DOS attack • Anti ICMP/ARP attack • Source Route Filtering • MAC Address Filtering • Firewall Black List GPON Security • ONT authorization by SN+Key • AES-128 encryption for downstream data ONT ONT HUAWEI TECHNOLOGIES CO.Trusted Security Design Service Security User Security: • PITP/DHCP option82 • IP Address/MAC Address Binding • Anti-MAC Spoofing • Anti-IP Spoofing • 802. Huawei Confidential Page 36 .

Huawei Confidential Page 37 .1x Access Authentication • Per VLAN per Service to isolate different services • ACL control to filter undesired traffics • IGMP Snooping & Proxy • Controllable multicast Billing System PORTAL App Server IN IP core network Access Security Boundary OLT OLT System Security • Anti-DOS attack • Anti ICMP/ARP attack • Source Route Filtering • MAC Address Filtering • Firewall Black List GPON Security • ONT authorization by SN+Key • AES-128 encryption for downstream data ONT ONT HUAWEI TECHNOLOGIES CO..Trusted Security Design Service Security User Security: • PITP/DHCP option82 • IP Address/MAC Address Binding • Anti-MAC Spoofing • Anti-IP Spoofing • 802. LTD.

OSPF protocols 10K routing items 64K IP address items IP address binding HUAWEI TECHNOLOGIES CO. option 60/82 Static routing. RIP. Powerful L3 feature L3 line rate forwarding DHCP Relay.. LTD.1Q VLANs Smart-VLAN. Huawei Confidential Page 38 .MA5600T L2/L3 Feature Powerful L2 feature L2 line rate forwarding 4K 802. QinQ and VLAN Stacking Supports up to 16K MAC address items Port based MAC address restriction and binding GE port trunk function MSTP protocol PPPoE We hear you.

Provides integrated service management Supports inband and outband management Remote Client 3rd NMS/OSS SNMP/TL1/CORBA/. iManager N2000 BMS Out-band Management In-band Management SNMP IP CORE DCN L2/L3 O CI M MA5600T …. easing monitoring. MA5600T HUAWEI TECHNOLOGIES CO. Huawei Confidential Page 39 .BMS Network Management Manages all devices in a unified manner Provides unified management interface.. LTD... configuration and maintenance of the whole network for users.

3.. 2. Page40 . All rights reserved. Ltd. GPON Product Architecture Overview Service Features Overview Network Application Copyright © 2010 Huawei Technologies Co.Contents 1.

. All rights reserved. Ltd. . FTTH FTTC FE POTS RF FE POTS RF xDSL OLT FTTB FE GE E1 Copyright © 2006 Huawei Technologies Co. . Page41 . . . . . .Huawei FTTx Full-Service Solution Centre Office FTTH FE POTS RF ODN . .

Ltd. Page42 ..FTTH Network Application Internet NMS IPTV Server Soft-switch IP Core NE40E MA5600T STB HG850 STB HG850 TV PC Phone TV PC Phone Copyright © 2008 Huawei Technologies Co. All rights reserved.

All rights reserved. Page43 .FTTB Network Application Internet NMS IPTV Server Soft-switch IP Core NE40E MA5600T Splitter MA5626G MA5620G STB PC PC PC PC PC Phone PC Video Phone TV Copyright © 2006 Huawei Technologies Co. Ltd..

FTTC Network Application Internet NMS IPTV Server Soft-switch IP Core NE40E MA5600T Splitter MA5606T MA5606T Phone ADSL2+/VDSL2/SHDSL PC TV Copyright © 2006 Huawei Technologies Co. Ltd. All rights reserved.. Page44 .

Ltd.. Page45 .Questions Please describe the network application for FTTH ? Please calculate the maximum capacity of ONT for one MA5600T set ? Copyright © 2006 Huawei Technologies Co. All rights reserved.

Ltd. native TDM can deliver E1 service into PSTN network. Copyright © 2006 Huawei Technologies Co. For FTTB. VoIP.Summary In this presentation . IPTV service.. Page46 . All rights reserved. Huawei GPON solution provide powerful HSI.we discuss about Huawei GPON FTTx series products and network solution For FTTH.

Thank You www.huawei.com .