You are on page 1of 78

Quidway S3300 Series Ethernet Switches

V100R003C00

Product Description

Issue

01

Date

2009-12-15

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Huawei Technologies Co., Ltd. provides customers with comprehensive technical support and service. For any
assistance, please contact our local office or company headquarters.

Huawei Technologies Co., Ltd.


Address:

Huawei Industrial Base


Bantian, Longgang
Shenzhen 518129
People's Republic of China

Website:

http://www.huawei.com

Email:

support@huawei.com

Copyright Huawei Technologies Co., Ltd. 2009. All rights reserved.


No part of this document may be reproduced or transmitted in any form or by any means without prior written
consent of Huawei Technologies Co., Ltd.

Trademarks and Permissions


and other Huawei trademarks are the property of Huawei Technologies Co., Ltd.
All other trademarks and trade names mentioned in this document are the property of their respective holders.

Notice
The purchased products, services and features are stipulated by the contract made between Huawei and the
customer. All or part of the products, services and features described in this document may not be within the
purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information,
and recommendations in this document are provided "AS IS" without warranties, guarantees or representations
of any kind, either express or implied.
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute the warranty of any kind, express or implied.

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Quidway S3300 Series Ethernet Switches


Product Description

Contents

Contents
About This Document.....................................................................................................................1
1 Product Overview.......................................................................................................................1-1
1.1 Introduction.....................................................................................................................................................1-2
1.2 Carrier-class Maintainability...........................................................................................................................1-2
1.3 Multi-Service Access......................................................................................................................................1-2
1.4 Flexible Networking Capability......................................................................................................................1-3
1.5 End-to-End QoS..............................................................................................................................................1-3
1.6 Rich Expansibility...........................................................................................................................................1-3
1.7 Powerful Security Measures............................................................................................................................1-4
1.8 Convenient Operation, Administration, and Maintenance..............................................................................1-4
1.9 Green Design...................................................................................................................................................1-5
1.10 Lightningproof Technologies........................................................................................................................1-5

2 System Architecture...................................................................................................................2-1
2.1 Hardware Structure ........................................................................................................................................2-2
2.2 Functional Modules.........................................................................................................................................2-5
2.2.1 Hardware Logical Structure ..................................................................................................................2-5
2.2.2 SCU .......................................................................................................................................................2-6
2.3 Software Architecture ....................................................................................................................................2-7

3 Link Features...............................................................................................................................3-1
3.1 Basic Ethernet Features ..................................................................................................................................3-2
3.1.1 Link Aggregation ..................................................................................................................................3-2
3.1.2 Flow Control on Interfaces ....................................................................................................................3-2
3.1.3 Suppression of Broadcast Storms ..........................................................................................................3-2
3.1.4 VLAN ....................................................................................................................................................3-3
3.2 Advanced Ethernet Features ...........................................................................................................................3-4
3.2.1 VLAN Mapping ....................................................................................................................................3-4
3.2.2 QinQ ......................................................................................................................................................3-4
3.2.3 Selective QinQ.......................................................................................................................................3-4
3.3 STP, RSTP, and MSTP...................................................................................................................................3-5
3.3.1 STP and RSTP .......................................................................................................................................3-5
3.3.2 MSTP.....................................................................................................................................................3-5
3.3.3 MSTP Protection ...................................................................................................................................3-5
Issue 01 (2009-12-15)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Contents

Quidway S3300 Series Ethernet Switches


Product Description
3.3.4 Partitioned STP and BPDU Tunnel........................................................................................................3-6

3.4 RRPP ..............................................................................................................................................................3-6


3.4.1 Networking Structure ............................................................................................................................3-7
3.4.2 Working Machanism .............................................................................................................................3-7
3.4.3 Multiple Topologies ..............................................................................................................................3-7
3.5 Smart Link.......................................................................................................................................................3-8
3.6 Interface Security............................................................................................................................................3-8
3.7 Loop Detection................................................................................................................................................3-9

4 Service Features..........................................................................................................................4-1
4.1 IPv4 Forwarding..............................................................................................................................................4-2
4.1.1 IPv4 Features..........................................................................................................................................4-2
4.1.2 Unicast Routing Features.......................................................................................................................4-2
4.1.3 Multicast Routing Features....................................................................................................................4-2
4.2 Multicast .........................................................................................................................................................4-3
4.2.1 IGMP Snooping .....................................................................................................................................4-3
4.2.2 Prompt Leave of Multicast Member Interfaces .....................................................................................4-3
4.2.3 Flow Control of Multicast Traffic .........................................................................................................4-4
4.2.4 Multicast Across VLANs ......................................................................................................................4-4
4.2.5 Controllable Multicast............................................................................................................................4-4
4.3 QoS..................................................................................................................................................................4-4
4.3.1 Traffic Classification .............................................................................................................................4-5
4.3.2 Access Control and Re-marking............................................................................................................4-5
4.3.3 Traffic Policing .....................................................................................................................................4-6
4.3.4 Congestion Management .......................................................................................................................4-6
4.3.5 Congestion Avoidance...........................................................................................................................4-6
4.3.6 Rate Limit on Interfaces.........................................................................................................................4-7
4.3.7 Aggregation CAR...................................................................................................................................4-7
4.4 Routing Protocols ...........................................................................................................................................4-7
4.5 High Availability.............................................................................................................................................4-7
4.5.1 MSTP Link Backup and Protection ......................................................................................................4-7
4.5.2 RRPP Fast Protection Switchover .........................................................................................................4-8
4.5.3 Smart Link Dual-Homing Protection.....................................................................................................4-8
4.6 Ethernet OAM ................................................................................................................................................4-8
4.7 LLDP...............................................................................................................................................................4-8
4.8 Cluster Management.......................................................................................................................................4-9
4.9 Stacking...........................................................................................................................................................4-9
4.10 PoE..............................................................................................................................................................4-10
4.11 IPv6.............................................................................................................................................................4-10
4.12 Security........................................................................................................................................................4-10
4.12.1 Device Security .................................................................................................................................4-10
4.12.2 Service Security .................................................................................................................................4-12
4.12.3 Security Authentication......................................................................................................................4-12
ii

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Quidway S3300 Series Ethernet Switches


Product Description

Contents

4.13 MAC Forced Forwarding............................................................................................................................4-13


4.14 DHCP..........................................................................................................................................................4-14

5 Maintenance and Network Management..............................................................................5-1


5.1 Maintenance and Management........................................................................................................................5-2
5.1.1 Configuration Modes..............................................................................................................................5-2
5.1.2 Monitoring and Maintenance.................................................................................................................5-2
5.1.3 Diagnosis and Debugging......................................................................................................................5-3
5.1.4 Software Upgrade and In-Service Patching...........................................................................................5-4
5.1.5 Hardware Abnormality Handling...........................................................................................................5-4
5.2 U2000 .............................................................................................................................................................5-4
5.2.1 Network Management Modes................................................................................................................5-4
5.2.2 U2000 Station.........................................................................................................................................5-5

6 Networking Applications.........................................................................................................6-1
6.1 Application in the MAN..................................................................................................................................6-2
6.2 Application in the NGN Bearer Network........................................................................................................6-2
6.3 Layered Ring Network -RRPP........................................................................................................................6-3
6.4 Application of VLAN Mapping......................................................................................................................6-4
6.5 Application of Selective QinQ .......................................................................................................................6-5
6.6 Application of IPTV........................................................................................................................................6-6
6.7 End-to-End QoS .............................................................................................................................................6-7
6.8 Application of Cluster Management...............................................................................................................6-8
6.9 Access of Partitioned STP...............................................................................................................................6-9

7 System Specifications................................................................................................................7-1
7.1 Technical Specifications.................................................................................................................................7-2
7.1.1 Physical Specifications of the S-switch ................................................................................................7-2
7.1.2 System Configuration.............................................................................................................................7-3
7.2 List of Software Features................................................................................................................................7-4

Issue 01 (2009-12-15)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

iii

Quidway S3300 Series Ethernet Switches


Product Description

Figures

Figures
Figure 2-1 Appearance of the S3328TP-SI/EI.....................................................................................................2-2
Figure 2-2 Appearance of the S3328TP-EI-24S..................................................................................................2-3
Figure 2-3 Appearance of the S3352P-EI-24S.....................................................................................................2-3
Figure 2-4 Appearance of the S3352P-EI-48S.....................................................................................................2-4
Figure 2-5 Appearance of the S3352P-SI/EI........................................................................................................2-4
Figure 2-6 Appearance of the S3328TP-PWR-EI................................................................................................2-4
Figure 2-7 Appearance of the S3352P-PWR-EI..................................................................................................2-5
Figure 2-8 Logical structure of functional modules of the S-switch....................................................................2-6
Figure 4-1 Connections of the access layer........................................................................................................4-13
Figure 6-1 S-switch application in the MAN.......................................................................................................6-2
Figure 6-2 S-switch application in the NGN........................................................................................................6-3
Figure 6-3 S-switch application in layered RRPP ring........................................................................................6-4
Figure 6-4 Application of the S-switch enabled with VLAN mapping................................................................6-5
Figure 6-5 S-switch application in selective QinQ..............................................................................................6-6
Figure 6-6 Application of the S-switch in IPTV services....................................................................................6-7
Figure 6-7 End-to-end QoS provided by the S-switch.........................................................................................6-8
Figure 6-8 Cluster management provided by the S-switch..................................................................................6-9
Figure 6-9 Access of partitioned STP supported by the S-switch......................................................................6-10

Issue 01 (2009-12-15)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Quidway S3300 Series Ethernet Switches


Product Description

Tables

Tables
Table 7-1 Physical specifications of the S-switch................................................................................................7-2
Table 7-2 System configuration of the S-switch..................................................................................................7-3
Table 7-3 List of features supported by the S-switch...........................................................................................7-4

Issue 01 (2009-12-15)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

vii

Quidway S3300 Series Ethernet Switches


Product Description

About This Document

About This Document


Purpose
This document describes the product over, system architecture, service features, maintenance
and network management system, networking applications, and system specifications of the Sswitch.

Related Versions
The following table lists the product version related to this document.
Product Name

Version

S3300

V100R003C00

Intended Audience
This document is intended for:
l

Policy planning engineers

Installation and commissioning engineers

NM configuration engineers

Technical support engineers

Organization
This document is organized as follows.

Issue 01 (2009-12-15)

Chapter

Description

1 Product Overview

Describes the technical features of the S-switch.

2 System Architecture

Describes the structure, hardware, and software of the Sswitch.

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Quidway S3300 Series Ethernet Switches


Product Description

About This Document

Chapter

Description

3 Link Features

Describes the link features of the S-switch.

4 Service Features

Describes the service features of the S-switch.

5 Maintenance and Network


Management

Describes the operation and maintenance of the S-switch.

6 Networking Applications

Describes the typical networking of the S-switch and the


deployment of the network.

7 System Specifications

Describes the technical specifications and software features


of the S-switch.

Conventions
Symbol Conventions
The symbols that may be found in this document are defined as follows.
Symbol

Description

DANGER

WARNING

CAUTION

Indicates a hazard with a high level of risk, which if


not avoided, will result in death or serious injury.
Indicates a hazard with a medium or low level of
risk, which if not avoided, could result in minor or
moderate injury.
Indicates a potentially hazardous situation, which if
not avoided, could result in equipment damage, data
loss, performance degradation, or unexpected
results.

TIP

Indicates a tip that may help you solve a problem or


save time.

NOTE

Provides additional information to emphasize or


supplement important points of the main text.

General Conventions
The general conventions that may be found in this document are defined as follows.

Convention

Description

Times New Roman

Normal paragraphs are in Times New Roman.

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Quidway S3300 Series Ethernet Switches


Product Description

About This Document

Convention

Description

Boldface

Names of files, directories, folders, and users are in boldface.


For example, log in as user root.

Italic

Book titles are in italics.

Courier New

Examples of information displayed on the screen are in Courier


New.

Command Conventions
The command conventions that may be found in this document are defined as follows.
Convention

Description

Boldface

The keywords of a command line are in boldface.

Italic

Command arguments are in italics.

[]

Items (keywords or arguments) in brackets [ ] are optional.

{ x | y | ... }

Optional items are grouped in braces and separated by


vertical bars. One item is selected.

[ x | y | ... ]

Optional items are grouped in brackets and separated by


vertical bars. One item is selected or no item is selected.

{ x | y | ... }*

Optional items are grouped in braces and separated by


vertical bars. A minimum of one item or a maximum of all
items can be selected.

[ x | y | ... ]*

Optional items are grouped in brackets and separated by


vertical bars. Several items or no item can be selected.

&<1-n>

The parameter before the & sign can be repeated 1 to n times.

A line starting with the # sign is comments.

GUI Conventions
The GUI conventions that may be found in this document are defined as follows.

Issue 01 (2009-12-15)

Convention

Description

Boldface

Buttons, menus, parameters, tabs, window, and dialog titles


are in boldface. For example, click OK.

>

Multi-level menus are in boldface and separated by the ">"


signs. For example, choose File > Create > Folder.

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Quidway S3300 Series Ethernet Switches


Product Description

About This Document

Keyboard Operations
The keyboard operations that may be found in this document are defined as follows.
Format

Description

Key

Press the key. For example, press Enter and press Tab.

Key 1+Key 2

Press the keys concurrently. For example, pressing Ctrl+Alt


+A means the three keys should be pressed concurrently.

Key 1, Key 2

Press the keys in turn. For example, pressing Alt, A means


the two keys should be pressed in turn.

Mouse Operations
The mouse operations that may be found in this document are defined as follows.
Action

Description

Click

Select and release the primary mouse button without moving


the pointer.

Double-click

Press the primary mouse button twice continuously and


quickly without moving the pointer.

Drag

Press and hold the primary mouse button and move the
pointer to a certain position.

Update History
Updates between document issues are cumulative. Therefore, the latest document issue contains
all updates made in previous issues.

Updates in Issue 01 (2009-12-15)


Initial commercial release.

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Quidway S3300 Series Ethernet Switches


Product Description

1 Product Overview

Product Overview

About This Chapter


1.1 Introduction
1.2 Carrier-class Maintainability
1.3 Multi-Service Access
1.4 Flexible Networking Capability
1.5 End-to-End QoS
1.6 Rich Expansibility
1.7 Powerful Security Measures
1.8 Convenient Operation, Administration, and Maintenance
1.9 Green Design
1.10 Lightningproof Technologies

Issue 01 (2009-12-15)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

1-1

Quidway S3300 Series Ethernet Switches


Product Description

1 Product Overview

1.1 Introduction
With the popularization of IP networks and the trend of using triple play services, Metropolitan
Area Networks (MANs) bear more services and the quality of transmission is highly required.
To meet this requirement, Huawei develops the Quidway S-switch Series Ethernet Switches
(hereinafter referred to as the S-switch) that can access, converge, and transmit services.
By adopting the mature and economical mechanism of packet forwarding based on the IP kernel
technology, the S-switch can be deployed at the access and convergence layers of the MAN.
The S-switch can be used to set up various network topologies with high reliability. The Sswitch supports multi-service access, high expansibility, and high Quality of Service (QoS). The
S-switch also supports strong multicast replication capability and guarantees carrier-class
security.

1.2 Carrier-class Maintainability


The S-switch has the following carrier-class features:
l

The chassis adopts the front-access design, which facilitates routine operations and
maintenance.

The chassis is small in size, which effectively saves the space of the equipment room and
reduces the Capital Expenditure (CapEx). The device can be easily installed in a cabinet
of any type, which facilitates deployment.

The S-switch provides in-service patching for and upgrading of the system software. The Sswitch also supports the fast protection switching based on the Rapid Ring Protection Protocol
(RRPP). Thus, the S-switch can perform prompt protection switching of links and services, and
accomplishes carrier-class reliability.

1.3 Multi-Service Access


The S-switch can be deployed at the access layer of a MAN to access different services of lower
layer networks and to converge services to an upstream device. The services can be:
l

Next-Generation Network (NGN) voice services

IPTV services and Video-on-Demand (VOD) services

Broadband access services

By adopting the IP kernel technology, and the Application Specific Integrated Circuit (ASIC)
of high performance, the S-switch provides a large capacity for data switching to meet the
requirements for:
l

Short delay

Low jitter

High availability

In addition, the S-switch guarantees high bandwidth and provides multi-service access by:
l

1-2

Adopting the Ethernet networking techniques


Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Quidway S3300 Series Ethernet Switches


Product Description
l

Supporting multicast services

Providing a sound QoS mechanism

Supporting various protection switching technologies

1 Product Overview

The S2300 can access the following services from the following devices:
l

Access Media Gateway (AMG)

Digital Subscriber LAN Access Multiplexer (DSLAM)

LAN switch (LSW)

The S2300 can then converge services to service processing devices such as the Broadband
Remote Access Server (BRAS) or router through an upstream S9300 or other convergence
devices.

1.4 Flexible Networking Capability


The S-switch provides 10/100 Mbit/s Electrical Ethernet interfaces , 1000 Mbit/s Electrical
Ethernet interfaces and 100/1000 Mbit/s Optical Ethernet interfaces. The S-switch supports three
types of Ethernet ports that make the networking more flexible.
l

Access interfaces

Trunk interfaces

Hybrid interfaces

The S-switch provides Small Form-Factor Pluggable (SFP) optical modules for fiber
connections. You can choose one of the following optical modules according to the transmission
distance:
l

Multi-mode short-distance optical module (550 m)

Single-mode middle-range optical module (10 km)

For a ring Ethernet, the S-switch supports the Spanning Tree Protocol (STP) and the Rapid Ring
Protection Protocol (RRPP) to prevent loops and realize fast protection switching.

1.5 End-to-End QoS


The S-switch provides a complete QoS mechanism. It performs QoS by first classifying the
traffic from Layer 2 to Layer 4 defined in the Open System Interconnection (OSI) model.
The S-switch then provides differentiated services for different services by using the following
methods:
l

Access filtering

Traffic policing

Queue scheduling

1.6 Rich Expansibility


Based on Huawei Versatile Routing Platform (VRP), the S-switch provides high-speed
switching and rich service features by integrating network management technologies.
Issue 01 (2009-12-15)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

1-3

Quidway S3300 Series Ethernet Switches


Product Description

1 Product Overview
l

The QinQ and VLAN mapping technologies expand the scopes of VLANs.

The selective QinQ technique makes the S-switch select different paths for various services.

1.7 Powerful Security Measures


The S-switch provides security measures to protect the device and data transmission against
malicious attacks. The S-switch supports the following security features:
l

Packet filtering based on the MAC address

ACL rules

Mechanism of searching the forwarding table based on the VLAN ID and MAC address

Suppression of broadcast storms to defend a network against attacks

Based on the VRP, the S-switch provides the following protection methods for user login:
l

Provides password authentication for login users and supporting password encryption.

Provides hierarchical protection for commands by configuring the levels of login users and
commands.

Locks the configuration terminal through commands to prevent illegal use.

Provides confirmation and prompts for important commands that affect system
performance.

1.8 Convenient Operation, Administration, and


Maintenance
In addition to collecting traffic statistics based on interfaces and VLANs, the S-switch provides
fault detection and location techniques such as ping and traceroute in an IP network.
Cooperating with the network management system (NMS) such as Huawei U2000, the Sswitch can provide performance monitoring, alarms, and fast fault location.
Through the U2000, you can perform the following operations for the S-switch:
l

Device management

Interface management

VLAN management

Software upgrading management

Configuration file management

The U2000 also provides various customized configuration methods, including:


l

End-to-end configuration

Batch configuration

Configuration wizard

In addition, the U2000 provides default configuration templates for different management items.
The S-switch also supports the Huawei Group Management Protocol (HGMP). By using HGMP,
you can manage multiple Layer 2 switches through one S-switch.
1-4

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Quidway S3300 Series Ethernet Switches


Product Description

1 Product Overview

The S-switch also supports the Huawei Group Management Protocol (HGMP). By using HGMP,
you can manage multiple Layer 2 switches through one S-switch.

1.9 Green Design


The S-switch adopts the following energy-saving methods:
l

Natural heat dissipation is adopted on the deveices with 24 electrical interfaces to save the
power consumption of fans.

If no device connected to the service interface is detected, the chip enters the power-saving
mode to reduce power consumption.

Natural heat dissipation has the following advantages:


l

The reliability of the product is enhanced.

No noise pollution is produced.

The routine maintenance of fans is avoided, which saves the maintenance cost.

No extra power is consummated by fans, which enhances the power efficiency of the
system.

Board corrosion is effectively avoided through natural heat dissipation.

1.10 Lightningproof Technologies


The S-switch, adopting the Huawei's patented lightningproof technologies, can stand the tough
environments. In this manner, there is a small chance that the S-switch is damaged by the
lightning strike. The reliability of the S2300 is greatly improved, and the security coefficient is
thus upgraded by 30 times.

Issue 01 (2009-12-15)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

1-5

Quidway S3300 Series Ethernet Switches


Product Description

2 System Architecture

System Architecture

About This Chapter


2.1 Hardware Structure
2.2 Functional Modules
2.3 Software Architecture

Issue 01 (2009-12-15)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

2-1

Quidway S3300 Series Ethernet Switches


Product Description

2 System Architecture

2.1 Hardware Structure


Hardware components of the S-switch are centralized for management. System units and cables
of the S-switch are accessible from the front panel. The S-switch is a 1U high box device with
the following parts:
l

Box

Power module

Switch Control Unit (SCU)

The S-switch can be mounted in either the European Telecommunications Standards Institute
(ETSI) or the International Electrotechnical Commission (IEC) 297 cabinet.
At present, the S-switch has the following models:
l

S3328TP-SI/EI

S3328TP-EI-24S

S3352P-EI-24S

S3352P-EI-48S

S3352P-SI/EI

S3328TP-PWR-EI

S3352P-PWR-EI

Appearance of the S3328TP-SI/EI


Figure 2-1 shows the appearance of the S3328TP-SI/EI.
Figure 2-1 Appearance of the S3328TP-SI/EI
1

6 7

10

2-2

1: Grounding terminal

2: Power switch

3: Power interface

4: 10/100 Mbit/s Ethernet interface

5: Optical interface indicator

6: Power light

7: Run indicator

8: Console interface

9: Combo interface

10: Optical interface

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Quidway S3300 Series Ethernet Switches


Product Description

2 System Architecture

The chassis of the S3328TP-SI/EI is 1 U (1 U = 44.45 mm) high with the dimensions of 442.0
mm x 220.0 mm x 43.6 mm (width x depth x height).
The power module is on the left side of the S3328TP-SI/EI and the SCU is in the central part of
the chassis.
l

The S3328TP-SI/EI supports either an alternating current (AC) or a direct current (DC)
power module.

The SCU on the S3328TP-SI/EI provides one console interface, twenty-four 10/100 Mbit/
s Ethernet electrical interfaces, two 1000 Mbit/s Ethernet optical interfaces, and two combo
interfaces.

Appearance of the S3328TP-EI-24S


Figure 2-2 shows the appearance of the S3328TP-EI-24S.
Figure 2-2 Appearance of the S3328TP-EI-24S

The chassis of the S3328TP-EI-24S is 1 U (1 U = 44.45 mm) high with the dimensions of 442.0
mm x 220.0 mm x 43.6 mm (width x depth x height).
The power module is on the left side of the S3328TP-EI-24S and the SCU is in the central part
of the chassis.
l

The S3328TP-EI-24S supports either an AC or a DC power module.

The SCU on the S3328TP-EI-24S provides one console interface, twenty-four 100 Mbit/s
Ethernet optical interfaces, two 1000 Mbit/s Ethernet optical interfaces, and two combo
interfaces.

Appearance of the S3352P-EI-24S


Figure 2-3 shows the appearance of the S3352P-EI-24S.
Figure 2-3 Appearance of the S3352P-EI-24S

The chassis of the S3352P-EI-24S is 1 U (1 U = 44.45 mm) high with the dimensions of 442.0
mm x 420.0 mm x 43.6 mm (width x depth x height).
l

The S3352P-EI-24S supports either an AC or a DC power module.

The SCU on the S3352P-EI-24S provides one console interface, twenty-four 10/100 Mbit/
s Ethernet electrical interfaces, twenty-four 100 Mbit/s Ethernet optical interfaces, two

Issue 01 (2009-12-15)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

2-3

Quidway S3300 Series Ethernet Switches


Product Description

2 System Architecture

100/1000 Mbit/s Ethernet optical interfaces, and two 1000 Mbit/s Ethernet optical
interfaces.

Appearance of the S3352P-EI-48S


Figure 2-4 shows the appearance of the S3352P-EI-48S.
Figure 2-4 Appearance of the S3352P-EI-48S

The chassis of the S3352P-EI-48S is 1 U (1 U = 44.45 mm) high with the dimensions of 442.0
mm x 420.0 mm x 43.6 mm (width x depth x height).
l

The S3352P-EI-48S supports either an AC or a DC power module.

The SCU on the S3352P-EI-48S provides one console interface, forty-eight 100 Mbit/s
Ethernet optical interfaces, two 100/1000 Mbit/s Ethernet optical interfaces, and two 1000
Mbit/s Ethernet optical interfaces.

Appearance of the S3352P-SI/EI


Figure 2-5 shows the appearance of the S3352P-SI/EI.
Figure 2-5 Appearance of the S3352P-SI/EI

The chassis of the S3352P-SI/EI is 1 U (1 U = 44.45 mm) high with the dimensions of 442.0
mm x 220.0 mm x 43.6 mm (width x depth x height).
l

The S3352P-SI/EI supports either an AC or a DC power module.

The SCU on the S3352P-SI/EI provides one console interface, forty-eight 10/100 Mbit/s
Ethernet electrical interfaces, two 100/1000 Mbit/s Ethernet optical interfaces, and two
1000 Mbit/s Ethernet optical interfaces.

Appearance of the S3328TP-PWR-EI


Figure 2-6 shows the appearance of the S3328TP-PWR-EI.
Figure 2-6 Appearance of the S3328TP-PWR-EI

2-4

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Quidway S3300 Series Ethernet Switches


Product Description

2 System Architecture

The chassis of the S3328TP-PWR-EI is 1 U (1 U = 44.45 mm) high with the dimensions of 442.0
mm x 420.0 mm x 43.6 mm (width x depth x height).
l

The S3328TP-PWR-EI supports AC power supply.

The 24 downlink electrical interfaces on the S3328TP-PWR-EI support PoE power supply.
The maximum power of each interface is 15.4 W, complying with the IEEE 802.3af
standard.

The SCU on the S3328TP-PWR-EI provides one console interface, twenty-four 10/100
Mbit/s Ethernet electrical interfaces, two 1000 Mbit/s Ethernet optical interfaces, and two
Combo interfaces.

Appearance of the S3352P-PWR-EI


Figure 2-7 shows the appearance of the S3352P-PWR-EI.
Figure 2-7 Appearance of the S3352P-PWR-EI

The chassis of the S3352P-PWR-EI is 1 U (1 U = 44.45 mm) high with the dimensions of 442.0
mm x 420.0 mm x 43.6 mm (width x depth x height).
l

The S3352P-PWR-EI supports AC power supply.

The 48 downlink electrical interfaces on the S3352P-PWR-EI support PoE power supply.
The maximum power of each interface is 15.4 W, complying with the IEEE 802.3af
standard.

The SCU on the S3352P-PWR-EI provides one console interface,forty-eight 10/100 Mbit/
s Ethernet electrical interfaces, two 1000 Mbit/s Ethernet optical interfaces.

2.2 Functional Modules


2.2.1 Hardware Logical Structure
2.2.2 SCU

2.2.1 Hardware Logical Structure


Figure 2-8 shows the logical structure of hardware modules of the S-switch.

Issue 01 (2009-12-15)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

2-5

Quidway S3300 Series Ethernet Switches


Product Description

2 System Architecture

Figure 2-8 Logical structure of functional modules of the S-switch


SCU

Control
unit

Fiber/cable
Port
module

Switch
unit

Power
supply

Data bus

Control bus

The hardware modules of the S-switch consist of a SCU and a power module.
l

SCU: The SCU that is responsible for packet exchange and device management consists
of a control module, a switching module, and an interface module. The SCU provides
Ethernet interfaces for Ethernet services.

Power module: Either an AC or a DC power module is supported. The DC or AC power


module supplies power to the entire system, generates the working voltage, and adjusts the
sequence in which the working voltages are on and off.

2.2.2 SCU
The S-switch have one SCU fixed on it. The SCU consists of the control module, a switching
module, and an interface module.

Control Module
The control module performs the following functions:
l

Processes protocol packets, such as STP and RRPP.

Manages the system and monitors the system performance according to the users'
instructions, and provides a feedback of the running status of the device.

Switching Module
The switching module, also called the switching network, is responsible for the exchange of
packets, replication of multicast packets, QoS scheduling, and access control on the interface
module of the SCU.
The switching module uses a high-performance ASIC chip to forward packets at wire speed. In
addition, the switching module performs fast data switching at various priorities.
2-6

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Quidway S3300 Series Ethernet Switches


Product Description

2 System Architecture

Power Module
The S-switch supports the AC input and DC input. The DC input voltage ranges from -36 V DC
to -72 V DC. The AC input voltage ranges from 90 V AC to 264 V AC.

Interface Module
The interface module has multiple Ethernet interfaces for accessing Ethernet services.

2.3 Software Architecture


The S-switch runs on the latest VRP version 5 (VRPv5) to provide software features. VRPv5
consists of the following parts:
l

System service plane


It provides the following functions based on the operating system:

Task management

Memory management

Timer

Software loading and patching

This enhances the modular technology to facilitate system upgrade and customization.
l

General control plane


It is the core of the VRP data communication platform. It functions as the basis of security
and QoS, and provides the following functions:

Link management

IP protocol stack

Routing protocol processing

It is used to control the data forwarding plane and carry out various functions of the
device.

Data forwarding plane

It forwards data under the control of the general control plane to carry out data transmission.
VRPv5 supports data forwarding based on software and hardware.
l

Service control plane


It controls and manages the system based on users or interfaces. It implements the
authentication, authorization, and accounting for users through the DHCP Option 82 field.
It also implements authentication for access interfaces through IEEE 802.1x.

System management plane


It provides user interfaces and manages input/output ports. It is the basis of network
management and maintenance.

Issue 01 (2009-12-15)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

2-7

Quidway S3300 Series Ethernet Switches


Product Description

3 Link Features

Link Features

About This Chapter


3.1 Basic Ethernet Features
3.2 Advanced Ethernet Features
3.3 STP, RSTP, and MSTP
3.4 RRPP
3.5 Smart Link
3.6 Interface Security
3.7 Loop Detection

Issue 01 (2009-12-15)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

3-1

Quidway S3300 Series Ethernet Switches


Product Description

3 Link Features

3.1 Basic Ethernet Features


3.1.1 Link Aggregation
3.1.2 Flow Control on Interfaces
3.1.3 Suppression of Broadcast Storms
3.1.4 VLAN

3.1.1 Link Aggregation


Link aggregation, also referred to as interface aggregation, is the binding of multiple physical
Ethernet ports into a logical interface, for example, an Eth-Trunk.
After link aggregation, the traffic transmitted through the logical interface is automatically
balanced among the aggregated physical interfaces. This is called load balancing. When one of
the aggregated interfaces fails, the traffic is balanced among the remaining interfaces without
interruption. When the faulty interface recovers, the traffic is balanced among all interfaces
again.
The S-switch supports link aggregation among FE or GE interfaces. Load balancing on the Sswitch is based on the following information:
l

Source MAC address

Destination MAC address

Source MAC address plus destination MAC address

Source IP address

Destination IP address

Source IP address plus destination IP address

Link aggregation can easily increase the bandwidth and improve link reliability with a low cost,
without upgrading the hardware.

3.1.2 Flow Control on Interfaces


Flow control is a method to handle congestion on an interface. The S-switch performs flow
control on interfaces by using a hardware-based backpressure mechanism. In full duplex mode,
the S-switch supports the IEEE 802.3x flow control. In half duplex mode, it supports the
backpressure flow control.
When congestion occurs, the S-switch sends consecutive pause frames to the upstream device
to request it to stop sending data for a period of time. When the upstream device receives a pause
frame, it reduces the volume of traffic on its outbound interface. Flow control takes effect on all
the traffic on an interface.

3.1.3 Suppression of Broadcast Storms


Suppression of broadcast storms limits the volume of unknown unicast packets, multicast
packets, and broadcast packets to a reasonable range. This can reduce the impact of such packets
on network efficiency.
3-2

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Quidway S3300 Series Ethernet Switches


Product Description

3 Link Features

The S-switch implements this function based on interfaces. When an interface is enabled with
such function, it monitors the received unknown unicast packets, multicast packets, and
broadcast packets. Based on monitoring results, the S-switch determines whether the volume of
the packets exceeds the threshold. If yes, the S-switch discards the excessive packets to keep the
traffic within the limit. In this manner, the S-switch ensures the normal transmission of services.

3.1.4 VLAN
The Virtual Local Area Network (VLAN) is a type of technology used to divide LANs logically.
The VLAN technology conforms to IEEE 802.1Q.

VLAN Classification
A physical LAN can be divided into several VLANs, and several physical LANs can be grouped
into a same VLAN. The S-switchs in a same VLAN belong to the same broadcast domain and
can communicate with each other. Different VLANs are isolated from each other, so S-switchs
in different VLANs cannot communicate with each other.
The S-switch supports the following VLAN classification modes:
l

VLAN classification based on interfaces


VLAN members are defined based on interfaces. After a specified interface is added to a
specified VLAN, the interface can forward packets of the specified VLAN.

VLAN classification based on MAC addresses


VLAN members are defined based on source MAC addresses of packets. After a specified
packet is added to the tag of the VLAN, the packet is sent.

VLAN classification based on protocols


The S-switch allocates different VLAN IDs for packets according to the protocol or
protocol suite types to which the packets received on interfaces belong, and encapsulation
formats.

VLAN classification based on IP subnetworks


VLAN members are defined based on the source IP addresses and subnet masks of packets.
After receiving untagged packets, the S-switch determines the VLANs to which the packets
belong according to the source IP addresses of the packets before sending them to
corresponding VLANs.

VLAN Aggregation
To interconnect VLANs on the S-switch, you need to assign an IP address to each VLANIF
interface. If there is a large number of VLANs, many IP addresses are used. VLAN aggregation
can solve the problem that each VLAN interface uses an IP address.
An aggregated VLAN is also called a super VLAN. Multiple VLANs can be aggregated to a
super VLAN. The VLANs that form into a super VLAN are called sub VLANs.

Voice VLAN
A voice VLAN is dedicated to voice flows. After the interfaces connected to voice devices are
added to a voice VLAN, all voice flows are transmitted in the voice VLAN.
Using voice VLANs, you can effectively configure the Quality of Services (QoS) of voice flows
and increase the transmission priority of voice flows. In this way, the quality of voice services
can be guaranteed.
Issue 01 (2009-12-15)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

3-3

Quidway S3300 Series Ethernet Switches


Product Description

3 Link Features

3.2 Advanced Ethernet Features


3.2.1 VLAN Mapping
3.2.2 QinQ
3.2.3 Selective QinQ

3.2.1 VLAN Mapping


The S-switch provides the VLAN mapping mechanism. It replaces the VLAN tag of incoming
packets with another VLAN tag according to the preset mapping table of VLAN tags. In this
manner, services can be transmitted in different VLANs.
The S-switch supports one-to-one mapping of Customer-VLAN (C-VLAN) tags and ServiceVLAN (S-VLAN) tags.
NOTE

C-VLAN is the VLAN to which an interface on the user side belongs. It is used to identify a user or a
class of users.

S-VLAN is designated by an Internet Service Provider (ISP) on the network side. It is used to identify
a type of the service.

3.2.2 QinQ
QinQ enables the S-switch to automatically add another VLAN tag to a tagged VLAN frame.
The QinQ technology provides a tunnel based on the VLAN to implement communication
between networks at different locations and with different VLAN IDs.
The QinQ technology provides a Layer 2 VPN solution to transparently transmit user VLAN
frames over public networks. On the S-switch, the interfaces enabled with QinQ support double
VLAN tags. The interfaces append another tag with the same VLAN ID to the tagged incoming
frames. In this manner, the same outer tag indicates the same public network.
Usually, Internet Service Providers (ISPs) manage VLANs in the public network, and users
manage user VLANs. Therefore, VLAN tags of different user networks may be overlapped.
Through the QinQ function, however, packets from different user networks are added with the
same outer VLAN tag of the public network and VLAN tags of user networks are not used. In
this manner, the packets are transparently transmitted over the public network, effectively
separating user networks from a public network.
So far, the S-switch supports the basic QinQ and the selective QinQ. Based on ports, the basic
QinQ is realized on the FE port, Eth-trunk port or GE port. The VLAN to which the port belongs
determines the outer VLAN tag of the frame.

3.2.3 Selective QinQ


The S-switch supports the selective QinQ technique. On one hand, selective QinQ expands the
space of VLAN tags. On the other hand, it enables the S-switch to select outer VLAN tags
flexibly based on the user's VLAN tags of the received packets. In this case, various user services
can travel along different paths. This facilitates the service deployment.
3-4

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Quidway S3300 Series Ethernet Switches


Product Description

3 Link Features

For example, voice packets from different VLANs are labeled with the same outer tag so to
obtain the same QoS; common data services are labeled with different VLAN tag so to obtain
different QoS.
The selective QinQ feature can be applied to both the incoming frames and the outgoing frames.
This makes the networking more flexible. For the incoming frames, the S-switch adds an outer
tag of the public network based on the VLAN tag of the user network. For the outgoing frames,
the S-switch matches and strips the tag of the public network.

3.3 STP, RSTP, and MSTP


3.3.1 STP and RSTP
3.3.2 MSTP
3.3.3 MSTP Protection
3.3.4 Partitioned STP and BPDU Tunnel

3.3.1 STP and RSTP


STP and the Rapid Spanning Tree Protocol (RSTP), which are data link layer management
protocols, are applied to the LAN to prevent loops. STP blocks redundant links and prunes a
network into a loop-free network. RSTP is improved on the basis of STP. It speeds up network
convergence by providing fast transfer of the interface status.
STP and RSTP remove broadcast storms caused by loops, and provide backup links.

3.3.2 MSTP
The Multiple Spanning Tree Protocol (MSTP) is developed on the basis of STP and RSTP.
MSTP divides a network into multiple regions. Based on VLAN tags, each region has several
spanning trees that are independent of each other. As a result, the entire network is pruned into
a loop-free network. Broadcast storms are thus avoided on the network.
In MSTP, VLANs and spanning trees can be associated. Thus, the convergence speed is
improved and load balancing is guaranteed because frames are forwarded along different trees.
Compared with STP and RSTP, MSTP provides multiple backup links for load balancing
between VLANs.

3.3.3 MSTP Protection


BPDU Protection
The S-switch provides the Bridge Protocol Data Unit (BPDU) protection when MSTP is applied
on the network. When the BPDU protection is enabled, the S-switch shuts down the edge
interface that receives a protocol BPDU rather than turns the edge interface into a non-edge
interface. As a result, the spanning tree is not recalculated and route flapping is avoided.

Root Protection
The S-switch provides root protection when MSTP is applied to a network. The S-switch protects
the root switch by maintaining the role of designated interfaces as follows:
Issue 01 (2009-12-15)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

3-5

Quidway S3300 Series Ethernet Switches


Product Description

3 Link Features
l

If receiving protocol BPDUs with a higher priority, the interface enabled with root
protection turns to the listening state and stops forwarding frames.

If the interface does not receive protocol BPDUs with a higher priority for a long time, it
returns to the forwarding state. In this manner, route flapping is avoided.

Loop Protection
After loop protection is enabled on the S-switch, the root interface turns to the blocking state, if
the S-switch does not receive any protocol BPDUs from an upstream interface. If protocol
BPDUs are received, the blocked interface turns into the root interface and changes to the
forwarding state. If no protocol BPDU is received, the blocked interface remains in the blocking
state. This protects the S-switch against possible spanning-tree loops.

3.3.4 Partitioned STP and BPDU Tunnel


Partitioned STP
To improve the reliability of links on the MAN, the S-switch is dual-homed to the upstream
Ethernet. MSTP in run on the user network, MAN, and the upstream network together to prevent
loops. Traditionally, multiple spanning tree (MST) regions are not divided. In this case, the
convergence of the MSTP topology is slow. As a result, the forwarding capability is reduced.
The S-switch introduces the partitioned STP to divide the entire MSTP network into three
partitioned STP networks that correspond to the user network, MAN, and the upstream network.
Each partitioned STP network belongs to one VLAN. The BPDU tagged with a VLAN tag can
be forwarded only within the VLAN that the tag belongs to. The method of restricting the BPDU
transmission range is called the partitioned STP function, which prevents loops and speeds up
convergence.

BPDU Tunnel
On the partitioned STP network, the S-switch considers BPDUs that are attached with tags as
common Layer 2 data frames. Thus, the BPDUs are forwarded within the VLAN to which tags
belong without being processed as BPDUs by the MSTP module. With BPDU tunnel enabled,
devices on the MAN do not participate in calculating the topology of the partitioned STP. Thus,
the convergence speed is improved.
When the BPDU tunnel function is implemented, the S-switch at the edge of the MAN needs to
enable the MSTP snooping function. When the change of the topology in the partitioned STP
results in the switching of the forwarding link, the S-switch monitors topology changes and
notifies other devices on the network of the topology changes. Then the frames are forwarded
according to the new topology.

3.4 RRPP
The Rapid Ring Protection Protocol (RRPP) is a link layer protocol designed for Ethernet rings.
RRPP can prevent broadcast storm caused by data loops. Compared with STP, RRPP packet
forwarding is based on the hardware, and therefore the topology convergence of RRPP is much
faster than that of STP.
RRPP also supports link aggregation, which is suitable for ring networks that require large
bandwidth.
3-6

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Quidway S3300 Series Ethernet Switches


Product Description

3 Link Features

3.4.1 Networking Structure


3.4.2 Working Machanism
3.4.3 Multiple Topologies

3.4.1 Networking Structure


An RRPP domain consists of a group of S-switch with the same domain ID and control VLAN.
A domain consists of the following elements:
l

A physical RRPP ring applies to a ring-shaped Ethernet topology. An RRPP domain


consists of multiple rings connected with other. One of them is the primary ring and the
others are subrings.

An RRPP domain supports two control VLANs. The control VLAN of the primary ring is
used to transmit protocol packets on the primary ring. The control VLAN of the subring is
used to transmit protocol packets on the subring.

A control VLAN is used to transmit RRPP protocol packets; a data VLAN is used to
transmit data packets.

The master node initiates polling mechanism and makes decision of operation when the
topology changes.

The transit node monitors the connected RRPP link and notifies the master node of the link
change for decision.

3.4.2 Working Machanism


The master node has the primary port and secondary port on the ring. The primary port on the
master node periodically sends out the Hello message. If the secondary port of the master node
receives the Hello message, this indicates that the path is a closed ring, and the master node will
keep the secondary port blocked.
If the secondary port of the master node fails to receive the Hello message in a certain period,
this indicates the ring link is in fault, and the master node will unblock the secondary port.

3.4.3 Multiple Topologies


Single RRPP Ring
There is only one Ethernet ring in the network and only one RRPP domain is defined. In this
case, topology can change and response quickly to realize fast convergence of RRPP. In addition,
services of Layer 2 and layer 3 can fast switchover.

Tangent RRPP Rings


There are two or more Ethernet rings in the network topology and only one common node exits
between each pair of rings. In this case, one RRPP domain must be defined for each ring. Rings
belong to different RRPP domain.
This networking is suitable for large networks and peer networks that need to be managed in
different domains. When one ring is shut down or recovered, no other domain is affected. The
convergence of RRPP in the same domain functions the same as that of the single RRPP ring.
Issue 01 (2009-12-15)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

3-7

Quidway S3300 Series Ethernet Switches


Product Description

3 Link Features

Intersectant RRPP Rings


There are two or more Ethernet rings in the network topology and two common nodes exist
between each pair of rings. In this case, only one RRPP domain is defined in which one ring
must be defined as the primary ring and the rest as subrings.
Subring protocol messages are transmitted through the channel, across the primary ring, between
the edge ports of the subrings. The primary ring works as a node on the subring. This networking
is applied for dual-homing convergence and provides uplink backup.

Hybrid Networking of RRPP and Other Networks


When a RRPP ring is adjacent to an Ethernet ring with STP enabled, the network only supports
tangent rings of the RRPP ring and the Ethernet ring with STP enabled. The network does not
support the intersectant rings of the RRPP ring and the Ethernet ring with STP enabled to avoid
resource conflict.

3.5 Smart Link


Smart Link is a flexible link backup mechanism, which provides an effective and reliable solution
in the dual-homed networking. Compared with STP, Smart Link provides faster convergence.
Compared with RRPP, Smart Link is simpler to be configured on the dual-homed network.
On the dual-homed network, Smart Link implements fast protection switchover after the active
link is faulty. In normal situations, there is an active link and a standby link in the two upstream
links. Active indicates that the interface is forwarding packets; standby indicates that the
interface is blocked. When the active link is faulty, the Smart Link group quickly switches traffic
to the standby link.
Smart Link provides both manual and automatic link switchover. When a link is faulty, the Smart
Link group sends Flush packets to neighboring devices for updating their MAC tables and ARP
tables.
When multiple devices on different layers are connected for convergence, Monitor Link that is
used for interface association monitors upstream links. This improves the backup function of
Smart Link. When an upstream link is faulty, Monitor Link is triggered to disable the downstream
interface. When the faulty upstream link recovers, the downstream interface is re-enabled. This
switches traffic between different paths for transmission.

3.6 Interface Security


As a security mechanism to control network access, security protection on interfaces protects
the security of interfaces. It detects illegal packets and takes corresponding protection actions
by checking whether the source MAC addresses of received data frames are secure MAC
addresses.
Ethernet interfaces on the S-switch support the function of security protection on interfaces.
After the function of security protection on interfaces is enabled on an Ethernet interface, the
S-switch considers the following types of MAC addresses valid:

3-8

Static MAC addresses that are manually configured

Dynamic or static MAC addresses in a Dynamic Host Configuration Protocol (DHCP)


snooping binding table
Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Quidway S3300 Series Ethernet Switches


Product Description
l

3 Link Features

Dynamic MAC addresses learnt before the number of MAC addresses reaches the upper
limit

Source MAC addresses that do not fall into the preceding three types are considered invalid.
When an interface receives packets with invalid source MAC addresses, security protection takes
effect on the interface. Then, the traffic is discarded or alarms are generated.

3.7 Loop Detection


Loop detection avoids broadcast storms caused by loops. After detecting loops, the S-switch
takes the corresponding protection action to avoid broadcast storms and ensures traffic security
of other users.
Ethernet interfaces of the S-switch support loop detection. After loop detection is enabled on
Ethernet interfaces, the S-switch takes the corresponding protection action when loops occur on
interfaces:
l

Block (default action): Interfaces on which loops occur are isolated from all other interfaces,
that is, packets sent from interfaces on which loops occur are not received by other
interfaces. After three detection periods, interfaces are automatically removed from
isolation if no loop occurs.

Shutdown: Interfaces on which loops occur are shut down. You can restore the interfaces
in the command line mode on the S-switch.

Issue 01 (2009-12-15)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

3-9

Quidway S3300 Series Ethernet Switches


Product Description

4 Service Features

Service Features

About This Chapter


4.1 IPv4 Forwarding
4.2 Multicast
4.3 QoS
4.4 Routing Protocols
4.5 High Availability
4.6 Ethernet OAM
4.7 LLDP
4.8 Cluster Management
4.9 Stacking
4.10 PoE
4.11 IPv6
4.12 Security
4.13 MAC Forced Forwarding
4.14 DHCP

Issue 01 (2009-12-15)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

4-1

Quidway S3300 Series Ethernet Switches


Product Description

4 Service Features

4.1 IPv4 Forwarding


4.1.1 IPv4 Features
4.1.2 Unicast Routing Features
4.1.3 Multicast Routing Features

4.1.1 IPv4 Features


The S-switch supports the following IPv4 features:
l

TCP/IP protocol suite, including ICMP, IP, TCP, UDP, socket (TCP/UDP/Raw IP), and
ARP.

Static DNS and specifying a DNS server.

FTP server/client, TFTP client, and SSH.

Operations of ping, tracert, and Network Quality Analysis (NQA)NQA can detect whether
ICMP, TCP, UDP, DHCP, FTP, HyperText Transfer Protocol (HTTP), and Simple
Network Management Protocol (SNMP) services are available and test response time of
the services.

DHCP server, DHCP relay agent, DHCP client, and DHCP snooping.

Bidirectional Forwarding Detection (BFD) fast detection, BFD for OSPF, BFD for IS-IS,
BFD for BGP, and BFD for Protocol Independent Multicast (PIM).

4.1.2 Unicast Routing Features


The S-switch supports the following unicast routing features:
l

IPv4 unicast forwarding at line speed through ASICs

IPv4 routing protocols, including RIP v1/v2, OSPF, IS-IS, and BGP v4

Virtual Routing Forwarding (VRF)

Static routes that are manually configured by the administrator to simplify network
configurations and improve network performance

Selection of an optimal route through the perfect routing policy

4.1.3 Multicast Routing Features


The S-switch supports multicast, which saves network bandwidth and reduces network loads.
The S-switch also ensures QoS of multicast traffic and forwards multicast traffic at line speed.
The S-switch supports the following multicast routing features:

4-2

IPv4 multicast forwarding at line speed through ASICs.

Multicast protocols, including IGMP, PIM-DM, PIM-SM, MSDP, and MBGP.

Any-Source Multicast (ASM) and Source-Specific Multicast (SSM).

Anycast RP.

Multiple RPs can exist in a domain and they are configured as MSDP peers.
Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Quidway S3300 Series Ethernet Switches


Product Description

4 Service Features

A multicast source can register with the nearest RP, and the receiver can also choose the
nearest RP to join its shared tree. In this manner, load balancing is carried out among the
RPs.

When an RP fails, its previously registered source and receiver choose another nearest RP
instead. This implements the backup of RPs.

Multicast static routes.

Filtering of the routes with the routing policy when the multicast routing module receives,
imports, and distributes multicast routes.

Filtering and forwarding of the multicast packets according to the routing policy when IP
multicast packets are forwarded.

Addition and deletion of dummy entries.

PIM BFD.

RPF check.

4.2 Multicast
In the TCP/IP suite, IGMP manages IP multicast members. IGMP sets up and maintains the
multicast member relationship between IP hosts and adjacent multicast routers.
4.2.1 IGMP Snooping
4.2.2 Prompt Leave of Multicast Member Interfaces
4.2.3 Flow Control of Multicast Traffic
4.2.4 Multicast Across VLANs
4.2.5 Controllable Multicast

4.2.1 IGMP Snooping


Located between the host and a multicast router, the S-switch can maintain multicast member
relationships statically. In addition, the S-switch sets up the mapping between multicast groups,
VLAN IDs, and outbound interfaces, and dynamically generates a Layer 2 forwarding table for
multicast packets by detecting IGMP messages.
When receiving a multicast packet, the S-switch forwards the packet to only members in the
corresponding VLAN of the multicast group. It multicasts packets in VLANs according to the
Layer 2 forwarding table. This reduces the number of packets transmitted over the network to
save network bandwidth, and improves the security of packet transmission.

4.2.2 Prompt Leave of Multicast Member Interfaces


When a multicast member leaves a group, the host is triggered to send an IGMP Leave message.
When an interface on the S-switch is connected to only one host, the S-switch directly deletes
the corresponding multicast forwarding entry of the interface when receiving the IGMP Leave
message. After that, the S-switch does not forward IGMP Query messages to the interface. This
saves the bandwidth and system resources, and implements fast switching of services.

Issue 01 (2009-12-15)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

4-3

Quidway S3300 Series Ethernet Switches


Product Description

4 Service Features

4.2.3 Flow Control of Multicast Traffic


Unknown multicast packets refer to those packets for which no forwarding entry is found in the
multicast forwarding table. When receiving unknown multicast packets, the S-switch can discard
them or broadcast them in the VLAN to which the receive interface belongs.
To control multicast traffic, the S-switch also supports the limit to the maximum percentage of
multicast traffic at Ethernet interfaces.

4.2.4 Multicast Across VLANs


The function of multicast across VLANs means converging the multicast packets using ISP
VLAN and coping these multicast packets to different user VLANs.
The S-switch forwards multicast packets through the multicast VLAN, and copies the packets
based on the multicast entries. Then, the S-switch sends these packets to the VLANs of different
users. The multicast across VLANs enables the S-switch to send unicast packets and multicast
packets in different VLANs. This helps managing and controlling the multicast traffic and to
save the bandwidth resource.

4.2.5 Controllable Multicast


No multicast protocol provides user authentication. Thus, a user can join a multicast group and
leave the group at random. The multicast source does not know when a user joins or leaves a
multicast group, so the number of users receiving multicast traffic on a network in a certain
period is unknown. Therefore, the carrier cannot bill the users.
The controllable multicast technology is introduced to solve these problems. Users have to pass
authentication before receiving multicast traffic. Furthermore, only authorized multicast traffic
can be received by users. Users who pass authentication are allowed to preview unauthorized
multicast traffic and can receive multicast traffic in specified periods in a day. Statically
configured multicast traffic is not controlled by controllable multicast.

4.3 QoS
The S-switch provides the class-based QoS mechanism, and supports the mapping of the 802.1p
priority. The QoS supported by the S-switch guarantees end-to-end delay, jitter, and bandwidth.
The S-switch supports classification of traffic based on specific rules. After traffic classification,
the S-switch can then perform the following behaviors for the traffic:
l

Re-marking

Traffic policing

Congestion management

Congestion avoidance

Rate limit at the interface

In this manner, the S-switch can provide high-quality network services for added-value services
such as NGN, IPTV, and broadband access.
4.3.1 Traffic Classification
4.3.2 Access Control and Re-marking
4-4

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Quidway S3300 Series Ethernet Switches


Product Description

4 Service Features

4.3.3 Traffic Policing


4.3.4 Congestion Management
4.3.5 Congestion Avoidance
4.3.6 Rate Limit on Interfaces
4.3.7 Aggregation CAR

4.3.1 Traffic Classification


Traffic classification is used to identify packets that match a certain rule by comparing the
headers of packets with certain rules.
For example:
l

Identify the 802.1p priority of the Operating Support System (OSS) packets and NMS
packets as 7

Identify the 802.1p priority of VoIP packets as 6

Identify the 802.1p priority of BTV and VOD packets as 5 or 4

Identify VPN users as 3, 2, or 1 based on their significance

Identify the 802.1p priority of the internet access service as 0

This implements the classification of packets based on the 802.1p priority.


The S-switch adopts a hardware classifier and thus guarantees wire-speed transmission of
services on interfaces. The S-switch supports traffic classification based on the following:
l

Source MAC addresses

Destination MAC addresses

VLAN tags

ToS or DSCP field

Quintuple information, namely, protocol type, source IP address, destination IP address,


source TCP/UDP port number, and destination TCP/UDP port number

The S-switch also supports traffic classification for Layer 2 to Layer 4 information of the OSI
model based on the customized rule string. ISPs can define the traffic classification rules as
required.

4.3.2 Access Control and Re-marking


After traffic classification, the S-switch controls the access of packets first. That is, the Sswitch allows or denies the forwarding of the packets. Then, the S-switch re-marks the following
fields in the packets:
l

802.1p priority, that is, PRI field in a VLAN tag

DSCP field

Precedence field of IP packets

VLAN ID

Destination MAC addresses of packets

Issue 01 (2009-12-15)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

4-5

Quidway S3300 Series Ethernet Switches


Product Description

4 Service Features

4.3.3 Traffic Policing


The S-switch uses the token bucket algorithm to perform the Committed Access Rate (CAR)
mechanism to police and control incoming traffic.
The S-switch controls the rate of traffic by adjusting the rate of putting tokens. Each token equals
a forwarding rate of 64 kbit/s. The S-switch punishes the excessive traffic to limit the incoming
traffic within a reasonable range and to protect network resources and the interests of the ISP.

4.3.4 Congestion Management


The S-switch manages traffic congestion by using queue scheduling mechanisms. There are
eight queues on each outbound interface of the S-switch. After traffic classification, packets
enter the corresponding queues based on their precedence fields.
The S-switch provides the following queue scheduling methods:
l

Priority Queuing (PQ) scheduling


In this mode, the S-switch schedules queues strictly based on the priorities of queues. PQ
guarantees that services demanding a short delay are scheduled first.

DRR scheduling
The S-switch cyclically schedules packets in queues based on priorities of queues and the
maximum length of packets that interfaces of the S-switch allows packets to pass through.
If the current queue has no packets, the S-switch skips over the current queue and schedules
packets in the next queue.

PQ + DRR scheduling
The S-switch divides the eight queues on each interface into two groups. The S-switch
schedules one group of queues in PQ and the other group of queues in DRR. The
combination of PQ scheduling and DRR scheduling can be used to highlight their
advantages.

Weight Round Robin (WRR) scheduling


In this mode, the S-switch schedules queues cyclically based on the weights of queues. If
no packets wait in the current queue, the S-switch skips over it and schedules packets in
the next queue. WRR guarantees the network bandwidth for services with a low priority.

PQ + WRR scheduling
The S-switch divides the eight queues on each interface into two groups. The S-switch
schedules one group of queues in PQ scheduling mode and the other group of queues in
WRR scheduling mode. The combination of PQ scheduling and WRR scheduling can be
used to highlight their advantages.

4.3.5 Congestion Avoidance


Congestion avoidance is a flow control technique used to relieve overload in the network by
adjusting the network traffic. By means of watching the used network resources, such as queues
and memory buffers, the S-switch automatically discards packets when congestion occurs or
tends to aggravate.
The S-switch adopts the Simple Random Early Detection (SRED) technique to carry out
congestion avoidance. After traffic classification, the S-switch can marks packets with one of
two drop precedence. Packets with low request for QoS are marked with high drop precedence,
and other packets are regarded as normal packets.
4-6

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Quidway S3300 Series Ethernet Switches


Product Description

4 Service Features

Based on the queue depth and the configured threshold for the traffic, the S-switch can then
discard packets to adjust the rate of the outgoing traffic from its ports.

4.3.6 Rate Limit on Interfaces


Rate limit on interfaces is used to adjust the rate of traffic on an interface, which avoids traffic
burst and reduces packet loss ratio. The S-switch uses the token bucket and a buffer to limit the
traffic rate on interfaces, implementing traffic shaping. The S-switch buffers the packets that
exceed the interface rate and then sends them at leisure later. In this manner, the transmission
rate is smoothed.

4.3.7 Aggregation CAR


The aggregation CAR technology uses the same CAR to police service flows on multiple
interfaces. That is, the service flows on these interfaces must be in the range set by the
aggregation CAR. The aggregation CAR technology can also police traffic in a VLAN. After
traffic classification, the volume of traffic in the VLAN is controlled, and the packets that exceed
the traffic limit are discarded.

4.4 Routing Protocols


The S-switch supports rich unicast routing features:
l

Static routes: simplifies network configuration and improves network performance. Static
routes are manually configured by the ISP.

IPv4 routing protocols:

Open Shortest Path First (OSPFv2)

Intermediate System-to-Intermediate System (IS-IS)

Border Gateway Protocol (BGP-4)

Routing Information Protocol(RIP)

Routing policy: selects the best route.

4.5 High Availability


4.5.1 MSTP Link Backup and Protection
4.5.2 RRPP Fast Protection Switchover
4.5.3 Smart Link Dual-Homing Protection

4.5.1 MSTP Link Backup and Protection


The S-switch supports the MSTP technique, which removes broadcast storms in the network
and provides redundant links for data transmission.
The S-switch offers the root protection function. To protect the role of the root port, the role of
specific ports can be set to remain unchanged when they receive higher-priority BPDU. This
can protect the network topology from changing by mistake.
Issue 01 (2009-12-15)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

4-7

Quidway S3300 Series Ethernet Switches


Product Description

4 Service Features

The S-switch also offers the loop protection function. When the root port cannot receive BPDU
from the uplink device, the root port enters the blocking state and stops forwarding packets. At
the same time, no new root port will be elected. This prevents the network from link loops.

4.5.2 RRPP Fast Protection Switchover


An RRPP ring is set up on the FE, Eth-trunk or GE port to saves the investment greatly. The
RRPP ring can be applied to the network enabled with dual-homed protection. The RRPP ring
can also be deployed between CE and UPE, or UPE and NPE.
An RRPP ring is composed of a master node and multiple transit nodes. The master node sends
out periodic message from the primary port to detect the link state. If the link fails, the master
node can enable the secondary port to realize self-healing.
If one node in the ring fails, the RRPP can enable the standby link as soon as possible and the
link among nodes can recover quickly.

4.5.3 Smart Link Dual-Homing Protection


The S-switch is dual-homed to upstream devices through the Smart Link technology.
Downstream links of the S-switch form Monitor Link. The layer-by-layer connection of
convergence implements association between Smart Link and Monitor Link. When no upstream
links exist, the S-switch disables the downstream interface and switches traffic between different
paths for transmission through the interface association mechanism.

4.6 Ethernet OAM


Conforming to IEEE 802.3ah and IEEE 802.1ag, the S-switch supports the point-to-point
Ethernet fault management. IEEE 802.3ah can be used to detect faults in the first mile of the
direct link on the user side of the Ethernet. At present, the S-switch supports automatic neighbor
discovery, link fault monitoring, remote fault notification, and remote loopback configuration
defined in IEEE 802.3ah. IEEE 802.1ag fulfills end-to-end Ethernet OAM.
The main functions of Ethernet OAM are as follows:
l

Fault management
The S-switch can detect the network connectivity by sending a detection packet at scheduled
time or through manual triggering.

Performance management
Performance management is used to measure the packet loss ratio, delay, and jitter during
the transmission of packets. It also collects statistics on various types of traffic. It is
performed at the user access points. By using performance management tools, an ISP can
monitor the network running status and locate faults through a Network Management
System (NMS). The ISP checks whether the forwarding capacity of the network complies
with the Service Level Agreement (SLA) signed with users.

Ethernet OAM improves network management and maintenance capabilities on Ethernet and
guarantees a stable network.

4.7 LLDP
The S-switch supports LLDP that conforms to IEEE 802.1ab.LLDP is a link layer protocol used
for interconnected devices to obtain the collection information of each other.
4-8

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Quidway S3300 Series Ethernet Switches


Product Description

4 Service Features

Using LLDP, the local NMS can acquire the link layer information of all devices in the local
network and the details about the network topology. This expands the scope of network
management.
Interfaces with LLDP enabled on the S-switch regularly notify the neighbors of local interface
statuses. If interface states change, interfaces on the S-switch notify neighboring devices directly
connected to the S-switch of state updates. Neighboring devices store states of the S-switch in
the standard SNMP management information base (MIB). The NMS can obtain the link layer
information of the network in the MIB to calculate the topology of the entire network.

4.8 Cluster Management


The Huawei Group Management Protocol (HGMP) is a proprietary protocol developed by
Huawei. It is used to manage multiple devices with one S-switch. In HGMP, the Neighbor
Discovery Protocol (NDP) is used to collect information about neighbors directly connected to
the S-switch. The information collected includes the device model, software version, hardware
version, connection interface, and member number. Network Topology Discovery Protocol
(NTDP) packets are used to collect topology information.
As defined in HGMP, a cluster, that is, a management domain, consists of an administrator
switch and multiple member switches. The S-switch can serve as an administrator switch or a
member switch.
l

Member switch
It is managed by the administrator switch. Member switches are usually Layer 2 switches
and do not need public IP addresses. When serving as a member switch, the S-switch is
managed by a high-end device.

Administrator switch
It serves as the proxy of an external network management station or as a server to manage
member switches in the cluster. It needs a public IP address and can allocate private IP
addresses to member switches in the cluster.

In applications, the S-switch usually serves as the administrator switch to mange a great number
of member switches in the residential network. It is used to:
l

Automatically discover new remote devices and add them to the cluster.

Collect and maintain the network topology information of the member switches in the
cluster.

Provide member switches in the cluster by means of centralized and batch configuration
or upgrade.

HGMP greatly saves IP address resources by managing devices in a cluster.

4.9 Stacking
The power cables or high-speed upstream interfaces of the switches at the same physical location
can be stacked to form a device group of high reliability. This technology is called stacking. For
the S-switch, stacking is implemented through stacking interfaces. Through stacking, the
management and maintenance of switches can be centralized to reduce the maintenance cost of
the customer. To implement staking, it is required that the stacking switches be of the same
product model.
A stacking member plays one of the following roles:
Issue 01 (2009-12-15)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

4-9

Quidway S3300 Series Ethernet Switches


Product Description

4 Service Features
l

Master switch
The master switch functions as the agent for the external Network Management Station
(NMS) or the member switches of the cluster. The master switch must be configured with
the IP address of the public network to manage the other switches.

Backup switch
The backup switch functions as a backup for the master switch. When the master switch is
faulty, the backup switch becomes the new master switch and takes over the tasks of the
original master switch.

Member switch
The member switch functions as a pure service switch and passively receives the
management of the master switch.

4.10 PoE
PoE is short for Power over Ethernet. The switches that support PoE can directly supply power
for terminals through Ethernet cables. Thus, the early-stage investment cost of the customer is
reduced.
For example, you can adopt switches to supply power for Access Points (APs) when deploying
a Wireless Fidelity (WiFi) network. The solution is convenient and the cost is low.

4.11 IPv6
The IPv6-related functions supported by the S-switch protect the customer investment with the
maximum probability. The functions also prevent repeated investment of the customer in devices
during the network upgrade.
The S-switch supports the following IPv6 functions:
l

IPv6 protocol stack

Unicast routing protocol: RIPng and OSPFv3

4.12 Security
In addition to security guarantee for itself, the S-switch also ensures security for transmission
services.
4.12.1 Device Security
4.12.2 Service Security
4.12.3 Security Authentication

4.12.1 Device Security


Hierarchical Command Lines
For security reasons, the S-switch authenticates users who log in to the device through Ethernet
interfaces in Telnet mode. Users can log in to the device to configure and maintain it only after
they pass the authentication.
4-10

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Quidway S3300 Series Ethernet Switches


Product Description

4 Service Features

Hierarchical protection is applied for command lines. The command lines are divided into the
following levels in an ascending order:
l

Visit level

Monitoring level

Configuration level

Management level

Similarly, login users are also classified into four levels, corresponding to the four levels of
command lines. After logging in to the S-switch, users can run only the commands with the same
or lower level than the user level. This mechanism effectively controls the authority of login
users.
The S-switch supports the extension of command levels and user levels, which can be mapped
from 4 levels to 16 levels. This level mapping implements fine management on the user levels.

Remote Login Through SSH


The S-switch supports Secure Shell (SSH). On a network without security guarantee, SSH
provides powerful guarantee of security and authentication for login users and can defend against
illegal attacks.

Encryption Authentication in SNMP


The S-switch supports encryption authentication in SNMP. It authenticates the validity of the
management from a network management station, by checking the IP address of the station.

Authentication, Authorization, and Accounting


The S-switch supports Authentication, Authorization and Accounting (AAA). It can authenticate
and authorize login users together with hierarchical command line protection. In addition, it can
authorize the validity of an NMS administrator. The S-switch can defend against login of illegal
users based on AAA.
The authentication mode can be local, RADIUS, or HWTACAS.

CPU Channel Protection


The S-switch can filter the packets delivered to the Central Process Unit (CPU) based on protocol
number, port number, and combination of VLAN IDs and port numbers. This can protect the
CPU channels against Denial of Service (DoS) attacks.

Limit of MAC Address Learning at Interfaces


The S-switch supports the setting of the maximum number of MAC addresses learnt by an
interface. This can defend against attacks of source MAC addresses and thus prevents the MAC
table resources of the S-switch from being exhausted.

Issue 01 (2009-12-15)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

4-11

Quidway S3300 Series Ethernet Switches


Product Description

4 Service Features

4.12.2 Service Security


Division of VLANs
The S-switch supports the division of a LAN into multiple VLANs. Devices in different VLANs
cannot communicate with each other. This effectively isolates broadcast domains and improves
the security of services.

Blackhole MAC Address Entries


The S-switch supports blackhole MAC address entries. When receiving a packet, the S-switch
compares the source and destination MAC addresses of the packet with its MAC address entries.
If the MAC addresses of the packet are the same as those of a blackhole entry, the packet is
discarded.
When detecting that packets with a specific MAC address are prone to attacks, the administrator
can set a blackhole MAC address entry to filter the packets with that MAC address. This can
defend against attacks with the MAC address.

Searching for MAC Address Entries Based on the Combination of the VLAN ID
and MAC Address
To improve security of interfaces, the S-switch can search for MAC address entries based on
the combination of the VLAN ID and MAC address. Static MAC entries can be set in a MAC
address table to map specific MAC addresses to interfaces. In this case, the S-switch defends
against attacks of forged MAC addresses.

Port Isolation
Port isolation is used to deny the forwarding of Layer 2 packets between interfaces on the same
S-switch. The S-switch supports unidirectional and bidirectional port isolation. Using port
isolation, the S-switch can:
l

Prevent access between interfaces.

Offers security guarantee to residential networks.

Helps construct low-cost intelligent community networks.

Limits unnecessary broadcasting of packets and thus increases the network throughput.

Packet Filtering
Packet filtering is used to filter out illegal or unwanted packets.
The S-switch filters packets based on user-defined rules. For example, it filters packets by
checking the MAC address, IP address, port number and VLAN ID of the packets. Packet
filtering neither checks the status of sessions nor analyzes the data.
By filtering packets, the S-switch can effectively control the packets passing the device.

4.12.3 Security Authentication


802.1x is a port-based network access control protocol. "Port-based network access control"
indicates that access devices connected to the interface of the access device in the LAN are
4-12

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Quidway S3300 Series Ethernet Switches


Product Description

4 Service Features

authenticated and controlled. If user devices connected to the interface can pass authentication,
they can access resources in the LAN; if not, they cannot access resources in the LAN.
MAC address authentication is an authentication method that controls the network access
authority of a user based on the interface and MAC address. Thus, you need not install any client
authentication software. After detecting the MAC address of a user for the first time, the device
starts authenticating the user. During the authentication, the user does not need to enter the
username or password manually.

4.13 MAC Forced Forwarding


The main purpose of the access layer is to provide network connection between the hosts at the
user side and the access routers (ARs) at the carrier side, especially reliable connection with the
Internet and other IP networks.
The access layer can be divided into the user network and convergence network. The user
network is connected to the access node (AN) through a subscriber line, which is a physical line
and usually called "the first mile."
The subscriber line is then connected to the convergence network through the AN. In this manner,
the AN acts as the border between the subscriber line and the convergence network. User traffic
is centralized and converged on the convergence network, which is usually called "the second
mile." See Figure 4-1.
Figure 4-1 Connections of the access layer

A carrier's requirements for the access layer are as follows:


l

Issue 01 (2009-12-15)

Traffic on various networks and user hosts is forwarded at Layer 3 rather than switched at
Layer 2 through ARs. This enables the carrier to filter, schedule, and bill user traffic through
the ARs.
Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.

4-13

Quidway S3300 Series Ethernet Switches


Product Description

4 Service Features
l

The efficiency of address assignment needs to be improved to save IPv4 addresses. The
effectiveness of address assignment needs to be improved if an address is assigned from a
large address pool rather than a small and independent network segment to the host.

To implement user isolation at the access layer and meet the preceding requirements of the
carrier, MAC Forced Forwarding (MFF) is introduced.
MFF is a security protocol and ensures that user hosts accessing the device with the same media
are isolated. When MFF is run, its security program applies to any shared access media, bringing
no extra problems to these networks.
In addition to Layer 2 isolation, the AN that runs MFF discards any upstream broadcast packets
except for DHCP messages and ARP request messages. The AN discards DHCP response
messages received through the subscriber line and limits the rate of DHCP broadcast messages.
The AN that runs MFF must track the IPv4 addresses allocated to the subscriber line. This is to
obtain information about the discarded upstream packets that carry spoofing IPv4 addresses.

4.14 DHCP
DHCP Snooping
The S-switch can be deployed between the DHCP server and the DHCP client and is responsible
for monitoring interacted DHCP messages of the DHCP server and the DHCP client. The Sswitch creates a binding table containing IP addresses, MAC addresses and port according to
the monitoring result to suppress invalid packets. The S-switch can append or remove the
Option82 field for DHCP messages.
l

After receiving a Request message from the DHCP client, the S-switch appends the
Option82 field to the Request message. The DHCP server performs the IP address
assignment policy by identifying the Option82 field.

The DHCP server appends the Option82 field to a Response message. The S-switch0
analyzes the Option82 field, determines a forwarding interface, removes the Option82 field,
and then forwards the message to a user.

Circuit IDs of users are recorded in the Option82 field. This can effectively prevent attackers
from tempering with DHCP messages.

DHCP Client and DHCP Server


DHCP functions in client/server mode. The DHCP server offers configuration information to
the DHCP client on request.
A DHCP server assigns IP addresses to clients through the address pool. When a client sends a
DHCP request to the server, the DHCP server selects a proper address pool based on a certain
algorithm. The server selects an unassigned IP address from the pool, and sends the client the
IP address along with other related parameters, such as the DNS server address and lease period.
To dynamically allocate IP addresses to clients, you need to first configure the address pool
range on the DHCP server. At present, an address pool can be configured with only one address
range. The address range is set through the mask.

DHCP relay
The DHCP client and DHCP server send broadcast packets when IP addresses are dynamically
allocated to them. Therefore, DHCP can be applied only when the DHCP client and DHCP server
4-14

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Quidway S3300 Series Ethernet Switches


Product Description

4 Service Features

are in the same subnet. It is uneconomical to deploy a DHCP server in each network segment
to dynamically configure the host.
DHCP relay is introduced to solve this problem. Through DHCP relay, a DHCP client in a subnet
can communicate with the DHCP server in another subnet and finally obtains an IP address. In
this manner, DHCP clients in multiple subnets can use one DHCP server. This saves cost and
facilitates centralized management.

Issue 01 (2009-12-15)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

4-15

Quidway S3300 Series Ethernet Switches


Product Description

5 Maintenance and Network Management

Maintenance and Network Management

About This Chapter


5.1 Maintenance and Management
5.2 U2000

Issue 01 (2009-12-15)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

5-1

5 Maintenance and Network Management

Quidway S3300 Series Ethernet Switches


Product Description

5.1 Maintenance and Management


5.1.1 Configuration Modes
5.1.2 Monitoring and Maintenance
5.1.3 Diagnosis and Debugging
5.1.4 Software Upgrade and In-Service Patching
5.1.5 Hardware Abnormality Handling

5.1.1 Configuration Modes


Multiple Maintenance Modes
The S-switch supports the following configuration modes:
l

Through the CLI


Users can configure and manage the S-switch by logging in to the device from a terminator
through the Console port or in Telnet mode through a VLANIF interface.

Through an NMS
You can configure and manage the S-switch according to SNMP through an NMS.

Through HGMP
You can log in to the S-switch to manage Layer 2 switches and other S-switch in the same
cluster based on HGMP.

Login Modes
The S-switch offers a Console port. Users can log on to the Console port of the S-switch through
the RS-232 serial port of a terminal device to perform local configuration.
In addition, you can log in to service interfaces of the S-switch through Telnet from other devices.
To satisfy different security demands, the S-switch provides the following measures to
authenticate login users:
l

Non-authentication

Local authentication

AAA authentication

5.1.2 Monitoring and Maintenance


Hardware Monitoring
The S-switch provides the following functions for hardware monitoring:

5-2

Provides the hardware with second-time fault detection to avoid errors made from instant
interference during the detection.

Automatically checks the version matching when the system is running.


Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Quidway S3300 Series Ethernet Switches


Product Description

5 Maintenance and Network Management

Device Management and Maintenance


The S-switch provides the following management and maintenance functions:
l

Provides command lines with flexible online help and operation interface in two languages:
Chinese and English.

Provides hierarchical command lines and management of user authorities.

Supports the information center to provide the uniform management of logs, traps, and
debugging information, and redirects information as required.

Provides the electronic label function. You can check the basic information about the SCU
and optical modules through CLI, and copy the information to an external server through
FTP.

Supports the display of the system status and version, status of each module, temperature,
usage of CPU, and memory.

5.1.3 Diagnosis and Debugging


Ping and TraceRoute
On traditional IP networks, the S-switch provides the following tools to check the connectivity:
l

Ping

TraceRoute

These tools are used to test network connectivity and record transmission paths of packets to
assist fault analysis.

Debugging
The S-switch provides various debugging commands for each software feature. Each debugging
command supports multiple parameters and can be flexibly controlled. The debugging
commands can display the process, packets received and transmitted, and error check of a feature.

Black Box Function


The S-switch provides the black box function to record information on the feature modules,
tasks, and events. The final records of the process status and tracks of functions calling can be
used to locate faults rapidly after a fault occurs.

Mirroring
The S-switch supports port mirroring and flow mirroring.
l

Interface mirroring
Incoming traffic, outgoing traffic, or both incoming and outgoing traffic on an observed
port is completely copied to the observing interface.

Flow mirroring
Observed flows are completely copied to the observing interface.

By connecting a monitoring host to an observing interface on the S-switch, you can observe the
packets that pass through the S-switch in a real-time and convenient manner. The mirroring
function provides a basis for traffic detection, fault allocation, and data analysis.
Issue 01 (2009-12-15)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

5-3

5 Maintenance and Network Management

Quidway S3300 Series Ethernet Switches


Product Description

5.1.4 Software Upgrade and In-Service Patching


Software Upgrade
The S-switch can detect the integrity and validity of the system software before the upgrade and
provides various methods of upgrading the software:
l

Local upgrade
When the S-switch is booted, the software can be loaded and upgraded through the
BootROM menu.

Remote in-service upgrade


When the S-switch runs properly, the software can be uploaded through FTP or TFTP. The
new software is run when the S-switch is restarted. This implements the seamless software
upgrade remotely.

In-Service Patching
The S-switch supports in-service patching to protect services from being affected when a patch
is installed. The patch can be rolled back to the previous versions and device information before
and after in-service patching is recorded.

5.1.5 Hardware Abnormality Handling


The S-switch supports automatic and manual intervention when a hardware abnormality occurs,
for example, a chip on a board fails. In this manner, the maintenance personnel can locate a
hardware abnormality and swiftly handle it to avoid service interruption.

5.2 U2000
The S-switch adopts the Huawei U2000 as the centralized network management system. The
U2000 supports multi-language graphic user interface (GUI) that is convenient for operation.
The U2000 provides northbound interfaces for connecting the third-party NMS and can be
integrated with other NMSs.
5.2.1 Network Management Modes
5.2.2 U2000 Station

5.2.1 Network Management Modes


The U2000 can manage S-switchs in two modes: in-band and out-band management.

In-band Management
In this mode, no additional communication channel is needed between the S-switch and the
U2000. The network management information is transmitted over service channels of the Sswitch. To enable in-band management, you only need to connect the U2000 to the nearest
network devices and then configure the SNMP parameters used for management.
The in-band mode has the following advantages:
l

5-4

Flexible networking
Huawei Proprietary and Confidential
Copyright Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Quidway S3300 Series Ethernet Switches


Product Description
l

Less dependency on the location

Better channel security

5 Maintenance and Network Management

The in-band mode has the following disadvantages:


l

The in-band management occupies the service bandwidth of the S-switch.

The NM station is unable to manage devices from the remote if the service channel fails.

Out-band Management
If an independent network is set up between the S-switch and the U2000, you can choose the
out-band management mode. The information channel for out-band management is independent
of the service channels of the S-switch.
The out-band mode has the advantage that even if the service channel fails, the U2000 can still
manage the devices. The limitation of this mode, however, is that the independent networking
is much limited by locations.

5.2.2 U2000 Station


The U2000 provides the following functions.

Resource Management
The U2000 provides resource management to facilitate users to manage the resources in the
network such as devices, interfaces, and links. Through resource management, users can query
and manage the S-switch. In addition, users can query and locate the abnormal resources.

View Management
Topology management provides a unified topology view for all devices in the network to help
users know their networks directly and conveniently. The U2000 provides many powerful
functions to manage the topology. Users can browse information through the system topology
view, protocol topology view and user-defined view. The U2000 also provides user friendly
interfaces for operation and maintenance of networks and devices.
The protocol topology views include the HGMP view and Ethernet view, which cover the
topology of various networking modes and network hierarchies of the S-switch. These views
support automatic discovery of the network topology and reflect the change of the network
topology and device status.

Configuration Management
Configuration management is used to configure the S-switch, including management of the
device, interfaces, VLAN, Layer 2 features, software upgrading, and configuration files.
The U2000 supports end-to-end configuration, batch configuration, and wizard configuration.
In addition, the U2000 provides default configuration templates for the corresponding
management.

Fault Management
Fault management is an important and popular management method for maintaining networks.
Through the GUI, the U2000 provides the following functions for fault management:
Issue 01 (2009-12-15)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

5-5

5 Maintenance and Network Management

Quidway S3300 Series Ethernet Switches


Product Description

Supports queries about the running status and fault detection of the S-switch.

Supports the real-time monitoring, fault filtering, fault location, fault verification, and fault
analysis of devices.

Makes faults visible by providing sound prompt and graphic display for faults.

The U2000 can be connected to an alarm box, which facilitates routine maintenance.

Performance Management
The U2000 can collect data and monitor the device performance, and analyze the collected data.
It provides rich reports and graphic display about the device performance. It collects statistics
on device load and access data. Based on this statistics, users can know QoS in the network,
evaluate and adjust network resources in time.
The U2000 manages the device performance focused on resource management and displays
interface in iWeb mode.

Security Management
Security management of the U2000 provides multiple measures to authorize user operations and
to ensure system security, including:
l

NMS uniform authentication

Minimum authority of different operations

In addition, the U2000 provides detailed logs, query and analysis of user operations.
Security management supports the following:

5-6

User management

Access control

User group management

Operation management

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Quidway S3300 Series Ethernet Switches


Product Description

6 Networking Applications

Networking Applications

About This Chapter


6.1 Application in the MAN
6.2 Application in the NGN Bearer Network
6.3 Layered Ring Network -RRPP
6.4 Application of VLAN Mapping
6.5 Application of Selective QinQ
6.6 Application of IPTV
6.7 End-to-End QoS
6.8 Application of Cluster Management
6.9 Access of Partitioned STP

Issue 01 (2009-12-15)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

6-1

Quidway S3300 Series Ethernet Switches


Product Description

6 Networking Applications

6.1 Application in the MAN


The S-switch is mainly deployed at the access layer of the MAN. Figure 6-1 shows the
networking diagram.
Figure 6-1 S-switch application in the MAN
Router

Corelayer

IP/MPLS
Core

BRAS

BRAS

S9300

Convergence
access layer

RRPP

S9300

S3300

Access
layer

LSW

DSLAM

RRPP

WiMax
AMG

wireless
access

S3300

Intranet
SOHO

S3300

Intranet

Residental Commerical Residental


area
center
area

In the MAN, the S-switch provide the following access functions:


l

The S-switch directly connects user devices. The services of users are converged to the
S9300 through the S-switch.

The S-switch connects Layer 2 switches (LSW) or Digital Subscriber Line Access
Multiplexer (DSLAM), and converges the access services from LSWs or DSLAMs to the
core layer.

The S-switch connects the Access Media Gateway (AMG) and converges the access
services from the AMG to the core layer.

The S-switchs form an RRPP ring to improve the availability of services through the fast
protection switching provided by RRPP. The S-switch also supports Ethernet OAM to
improve fault management and maintenance on links.

The S-switch provides VLAN mapping, QoS, selective QinQ, replication of multicast
packets across VLANs, and various security measures used to defend against attacks.

6.2 Application in the NGN Bearer Network


Figure 6-2 shows the application of the S-switch in the NGN bearer network.
6-2

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Quidway S3300 Series Ethernet Switches


Product Description

6 Networking Applications

Figure 6-2 S-switch application in the NGN


RM

SoftX

APP server

Router

PSTN
TMG

BRAS

IP/MPLS
Core
BRAS

S9300
RRPP

S9300

S3300

S3300

DSLAM
LSW

AMG
WiMax
wireless
access

Home
gateway
WiFi
SOHO

BTV VoWLAN PDA

SOHO
Residential
Game
Area
Box

Phone
bar

In the NGN bearer network, the S9300 acts as the convergence device for the AMG to converge
the voice or video services from the AMGs to the core network.
l

The S-switch converges the broadband access services and NGN access services to the
RRPP Ring.

The S9300 is connected to two uplink BRASs. The dual-homed connection improves the
reliability of the service.

6.3 Layered Ring Network -RRPP


The S-switch can be applied in the layered RRPP ring. The networking for the layer RRPP ring
is shown in Figure 6-3.

Issue 01 (2009-12-15)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

6-3

Quidway S3300 Series Ethernet Switches


Product Description

6 Networking Applications

Figure 6-3 S-switch application in layered RRPP ring


Router
IP/MPLS
Core

BRAS

BRAS

S9300

S9300
S9300

S3300
RRPP
RRPP

RRPP

RRPP

S3300

S9300
S9300
RRPP

S3300
RRPP
SOHO

Intranet

S3300
S3300
Intranet
Residential Commerical
Area
Center

In the MAN Ethernet connected by GE ports, the S9300 acts as the PE-AGG device and the Sswitch acts as the UPE device. The MAN Ethernet applies the dual RRPP networking structure.
One is the convergence layer and the other access layer. The dual RRPP rings can either be
tangent or intersectant.
l

The convergence layer is located between the PE-AGG devices; the access layer is located
between PE-AGG and UPE devices.

If RRPP ring in the access layer and that in the convergence layer are tangent, different
RRPP domains are defined.

If RRPP ring in the access layer and that in the convergence layer are intersectant, only one
RRPP domain is defined. RRPP ring in the convergence layer is the primary ring; RRPP
ring in the access layer in the subring.

6.4 Application of VLAN Mapping


The S-switch provides the VLAN mapping function. Figure 6-4 shows the networking where
VLAN mapping is used.

6-4

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Quidway S3300 Series Ethernet Switches


Product Description

6 Networking Applications

Figure 6-4 Application of the S-switch enabled with VLAN mapping


Video
Server

TMG
PSTN

I n t e rn e t

Router
Access
Convergence
network
V50 V350 V850

BRAS

ISP network
VLAN1-1000

BRAS

S3300

User network

VLAN101-500
VLAN401-600
VLAN401-700

LSW
V450

AMG

DSLAM
V450

V450

Intranet
SOHO
VLAN101-500

Residential Area
VLAN401-600

VLAN401-700

Enterprises manage their VLAN tags. The VLAN tags of different enterprises can overlap. The
ISP manages only VLAN tags of the MAN.
As the convergence device connecting the customer network to the ISP network, the S-switch
maps VLAN tags between the customer network and the ISP network. In this manner, services
in different VLANs can be transmitted and services can be flexibly deployed.
For upstream services transmitted from the customer network to the ISP network, the Sswitch replaces the C-VLAN tag with the S-VLAN tag. For example, the S-switch:
l

Replaces VLAN 450 of SOHO with VLAN 850 of the ISP network.

Replaces VLAN 450 of the residential area with VLAN 50 of the ISP network.

Replaces VLAN 450 of the enterprise network with VLAN 350 of the ISP network.

For downstream services, the S-switch replaces the S-VLAN tag with the C-VLAN tag.

6.5 Application of Selective QinQ


The S-switch provides the selective QinQ function. The networking of selective QinQ is shown
in Figure 6-5.

Issue 01 (2009-12-15)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

6-5

Quidway S3300 Series Ethernet Switches


Product Description

6 Networking Applications

Figure 6-5 S-switch application in selective QinQ


Video
Server

TMG

I n t e rn et

PSTN
Router
BRAS

BRAS

ISP network
VLAN1-1000

V30 V450

V10 V100

V30 V650

S3300

V30 V850

V10 V600
V10 V800

User network
VLAN1-1000

LSW

V100

V450

VLAN1-500

DSLAM
V600

V650

VLAN500-700

LSW
V800

V850

VLAN700-1000

QinQ extends greatly the VLAN tag space. Offering the selective QinQ function, the S-switch
can converge services and choose different paths for various services.
The three enterprise networks shown in Figure 6-5 all need to transmit data, voice and video
services. The S-switch can append an external ISP VLAN tag to the packets of each kind of
access services. For example:
l

Add an external ISP VLAN tag VLAN10 for data services of VLAN100, VLAN600 and
VLAN800 from the customer networks.

Add an external ISP VLAN tag VLAN30 for video services of VLAN450, VLAN650 and
VLAN850 from the customer networks.

6.6 Application of IPTV


Figure 6-6 shows the application of the S-switch in IPTV services.

6-6

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Quidway S3300 Series Ethernet Switches


Product Description

6 Networking Applications

Figure 6-6 Application of the S-switch in IPTV services


Video
Server

NSM

IP/MPLS
Core

Access
Convergence
Network

S9300

S3300

S9300

RRPP
DSLAM
S3300

DSLAM
STB

DSLAM
STB
STB

BTV

BTV
BTV

Video stream

As shown in Figure 6-6, the S-switch, which serves as a UPE, supports IGMP snooping. It can
serve as the replication and control point for multicast services at the access layer of the MAN
to meet the demand for large-capacity multicast services. The DSLAM provides the IGMP proxy
function to control users' multicasting authority based on the authority of users configured by
the NSM.
To ensure high quality in transmitting broadband television (BTV) services, the RRPP ring
composed of the S-switch and the S9300 provides the following functions:
l

The RRPP ring supports fast protection switching, which ensures the availability of BTV
services.

Only one copy of multicast packets need be transmitted in the RRPP ring, which saves
bandwidth.

In addition, the S-switch supports prompt join or leave of interfaces to implement fast switching
of services.

6.7 End-to-End QoS


Figure 6-7 shows the networking diagram for the end-to-end QoS provided by the .

Issue 01 (2009-12-15)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

6-7

Quidway S3300 Series Ethernet Switches


Product Description

6 Networking Applications

Figure 6-7 End-to-end QoS provided by the S-switch

IP/MPLS
Core

Core layer

BRAS

Convergence
access layer

S9300
S9300

RRPP
S3300

S3300

RRPP

S3300
DSLAM
AMG

LSW

S3300

STB

Intranet
SOHO

BTV

Phone
Bar

upstream
downstream

As shown in Figure 6-7, the S-switch acts as a UPE. The S9300 acts as a UPE or a PE-AGG.
The S-switch guarantees access services from LSWs or DSLAMs with end-to-end QoS, as the
sequence numbers shown in Figure 6-7:
l

At the ingress of the access convergence layer, the S-switch classifies data, voice, and video
services. The S-switch then polices traffic and re-marks the precedence of packets.

RRPP stations including cross-ring stations schedule queues. At the RRPP copy station,
the S-switch restores the RRPP priority to the 802.1p priority.

At the egress of the access convergence layer, the S-switch performs queue scheduling and
rate limit at interfaces.

By mapping 802.1p priorities to different packets, the S-switch ensures end-to-end QoS for
packets.

6.8 Application of Cluster Management


Figure 6-8 shows the networking of the cluster management function provided by the Sswitch.

6-8

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Quidway S3300 Series Ethernet Switches


Product Description

6 Networking Applications

Figure 6-8 Cluster management provided by the S-switch


NSM
IP/MPLS
Core
S9300
S3300
S3300

STP/RRPP

AMG

S9300

Phone
bar

DSLAM
SOHO

Commercial
center

Intranet

Residential
area
Building
corridor

Residential
area

Building
corridor

A large number of Layer 2 switches are usually deployed on an enterprise intranet, in a residential
area or in a building corridor. Upgrading or configuring these separated Layer 2 switches is
inconvenient. To manage these Layer 2 switches in a centralized manner, network administrators
must group them into HGMP domains based on the network topology.
HGMP allows the Layer 2 switches to be divided into many HGMP clusters to achieve
centralized management. The S-switch collects and maintains the information of the Layer 2
switches in the HGMP clusters, and manages them.
Cluster management effectively saves IP addresses, reduces operation expenditure, and
facilitates rapid deployment of Layer 2 switches.

6.9 Access of Partitioned STP


Figure 6-9 shows how the S-switch accesses the partitioned STP.

Issue 01 (2009-12-15)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

6-9

Quidway S3300 Series Ethernet Switches


Product Description

6 Networking Applications

Figure 6-9 Access of partitioned STP supported by the S-switch


Residential
area A
S3300-A

S9300-A

Access
convergence
network

S9300-D

S3300-D

IP/MPLS
Core

S3300-C

Intranet D

S3300-B
Intranet C

S9300-C

S9300-B

Residential
area B

As shown in Figure 6-9, intranets C and D, residential areas A and B are all connected to a
MAN. The S-switch acts as a UPE to access intranets and residential areas. The S-switch is then
connected to the upstream S9300 through double links, which improves the link reliability.
l

The S-switch is connected to the MAN in dual-homing mode. The S-switch and the two
S9300s at the edge of the MAN form a partitioned STP domain. For example, the network
formed by S-switch-A, S9300-A, and S9300-C is a partitioned STP domain.

S-switch-C and S-switch-D at the egress of intranets and S9300-C and S9300-D at the edge
of the MAN all belong to VLAN 10. In VLAN 10, BPDUs of intranets C and D are
transmitted transparently.

S-switch-A and S-switch-B at the egress of the two residential areas and S9300-A and
S9300-B at the edge of the MAN all belong to VLAN 20. In VLAN 20, BPDUs of residential
areas A and B are transmitted transparently.

All the S9300s in the MAN support BPDU tunnel and MSTP snooping.

Through the partitioned STP technology, users in the same customer network but at different
locations can transmit BPDUs in tunnels across the provider network. In this manner, the
spanning tree can be computed in the partitioned customer network. The customer network and
the provider network have their own spanning trees, which are independent of each other.

6-10

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Quidway S3300 Series Ethernet Switches


Product Description

7 System Specifications

System Specifications

About This Chapter


7.1 Technical Specifications
7.2 List of Software Features

Issue 01 (2009-12-15)

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

7-1

Quidway S3300 Series Ethernet Switches


Product Description

7 System Specifications

7.1 Technical Specifications


7.1.1 Physical Specifications of the S-switch
7.1.2 System Configuration

7.1.1 Physical Specifications of the S-switch


Table 7-1 Physical specifications of the S-switch
Item

Specification

Dimensions (width x depth x


height)

S3328TP-EI/SI:442.0mm220.0mm43.6mm

S3328TP-EI-24S:442.0mm220.0mm43.6mm

S3352P-EI/SI:442.0mm220.0mm43.6mm

S3352P-EI-24S:442.0mm420.0mm43.6mm

S3352P-EI-48S:442.0mm420.0mm43.6mm

S3328TP-PWR-EI:442.0mm420.0mm43.6mm

S3352P-PWR-EI:442.0mm420.0mm43.6mm

S3328TP-SI/EI:20W

S3328TP-EI-24S:52W

S3352P-SI/EI:38W

S3352P-EI-24S:65W

S3352P-EI-48S:90W

S3328TP-PWR-EI:448W(Dissipated power:
78W,PoE:370W)

S3352P-PWR-EI:880W(Dissipated power:
140W,PoE:740W)

Maximum power (configured to


the full capacity)

Full configuration

6.5kg

Empty
configuration

5kg

DC input
voltage

Rated voltage

48V DC to60V DC

Maximum
voltage range

36V DC to72V DC

AC input
voltage

Rated voltage

100V AC to 240V AC

Maximum
voltage range

90V AC to 264V AC

Temperature

Long-term
operation

0C to 50C

Weight

7-2

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Quidway S3300 Series Ethernet Switches


Product Description

7 System Specifications

Item

Specification
Short-term
operation

5C to 55C

Storage

40C to 70C

Relative humidity

10% RH to 90% RH

Altitude for
installation

Long-term
operation

0 m to 2000 m

Storage

0 m to 2000 m

7.1.2 System Configuration


Table 7-2 System configuration of the S-switch
Item

Specification of the S-switch

Processor

S3328: Dominant frequency 266MHz


S3352: Dominant frequency 200MHz

Switching capacity

Issue 01 (2009-12-15)

S3328:12.8Gbit/s

S3352:17.6Gbit/s

Packet forwarding
capacity

S3328:9.6Mpps

S3352:13.1Mpps

DDR memory

128MB

Flash memory

16MB

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

7-3

Quidway S3300 Series Ethernet Switches


Product Description

7 System Specifications

7.2 List of Software Features


Table 7-3 List of features supported by the S-switch
Feature
Ethernet

Description
Ethernet

VLAN

MAC

ARP

Smartlink

LLDP

7-4

Supports operating modes of full-duplex, half-duplex, and


auto-negotiation.

Supports the 10-Mbit/s, 100-Mbit/s, 1000-Mbit/s, and autonegotiation rate of Ethernet interfaces.

Supports flow control on interfaces.

Supports Jumbo packets.

Supports link aggregation.

Supports load balancing on links in a trunk.

Supports port isolation and forwarding restriction on


interfaces.

Supports the suppression of broadcast storms.

Supports access modes of access, trunk, hybrid, and QinQ.

Supports the configuration of default VLANs.

Supports VLAN mapping.

Supports selective QinQ.

Supports Voice VLAN.

Supports the automatic learning and aging of MAC


addresses.

Supports static, dynamic, and blackhole MAC entries.

Supports the filtering of packets based on their source MAC


addresses.

Supports the limit of MAC address learning on interfaces.

Supports static and dynamic ARP entries.

Supports ARP applied to a VLAN.

Supports the aging of ARP entries.

Supports Smartlink.

Supports Smartlink multi-instance.

Supports Monitorlink.

Supports LLDP

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Quidway S3300 Series Ethernet Switches


Product Description

Feature
Protection
against
Ethernet
loops

Description
MSTP

RRPP

IPv4
forwardin
g

IPv4 features

Unicast
routing
features

Multicast
routing
features

Device
reliability

Issue 01 (2009-12-15)

7 System Specifications

BFD

Supports STP.

Supports RSTP.

Supports MSTP.

Supports BPDU protection, root protection, and loop


protection.

Supports partitioned STP and BPDU tunnel.

Supports RRPP protection switchover.

Supports single RRPP ring, tangent RRPP rings and


intersectant RRPP rings.

Supports hybrid networking of RRPP and other networks.

Supports ARP/RARP.

Supports ARP proxy.

Supports auto-detection.

Static routes

RIP-1/RIP-2

OSPF

BGP

IS-IS

Routing policies and policy routes

uRPF check

VRF

Supports DHCP Client/Server/Relay

Supports DHCP snooping

IGMPv1/v2/v3

PIM-DM

PIM-SM

PIM-SSM

MBGP

MSDP

Multicast routing policy

RPF

Basic functions of BFD

BFD FOR OSPF

BFD FOR IS-IS

BFD FOR BGP

BFD FOR PIM

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

7-5

Quidway S3300 Series Ethernet Switches


Product Description

7 System Specifications

Feature

Layer 2
multicast
features

Eth OAM

QoS
features

Description
Others

VRRP

Layer 2
multicast
features

Supports IGMP snooping.

Supports the prompt leave mechanism for users.

Supports flow control of multicast traffic.

Supports the replication of multicast packets across VLANs.

Supports controllable multicast.

Automatic neighbor discovery

Link fault monitoring

Remote fault notification

Remote loopback configuration

Supports traffic classification based on the combination of


Layer 2 protocol header, IP quintuple, outbound interface,
and 802.1p priority.

Supports classification based on the C-VID and C-PRI of


QinQ packets.

Performs access control for packets after traffic


classification.

Supports traffic classification based on CAR.

Re-marks packets based on the results of traffic classification.

Sends packets to specified scheduling queues after traffic


classification.

Supports the combined application of traffic classification


and traffic behavior.

Supports PQ scheduling.

Supports DRR scheduling.

Supports PQ + DRR scheduling.

Supports WRR scheduling.

Supports PQ + WRR scheduling.

Congestion
avoidance
and rate limit

Supports SRED.

Rate limit on
outbound
interfaces

Supports the rate limit on outbound interfaces.

EFM OAM

Traffic
classification

Traffic
behavior

Queue
scheduling

7-6

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)

Quidway S3300 Series Ethernet Switches


Product Description

Feature
Configura
tion and
maintenan
ce

Description
Terminal
services

File system

Debugging
and
maintenance

Software
upgrade

Security
and
managem
ent

System
security

Network
Management

Issue 01 (2009-12-15)

7 System Specifications

Supports configurations through CLI.

Supports prompt and online help in English and Chinese.

Supports terminal services through the console interface or


Telnet.

Provides the send function for terminal users to communicate


with each other.

Supports file systems.

Supports directories and file management.

Supports the downloading and uploading of files through FTP


and TFTP.

Provides unified management on logs, traps, and debugging


messages.

Provides the electronic label function.

Supports the log recording of user operations.

Provides detailed debugging information to diagnose


network faults.

Provides network test tools such as tracert and ping


commands.

Provides interface mirroring and traffic mirroring.

Supports the in-service loading of the VRP.

Supports the in-service upgrade of BootROM.

Supports in-service patching.

Provides command line-based hierarchical protection to


prevent against unauthorized users from accessing the device.

Supports SSH v2.0.

Supports RADIUS and HWTACACS authentication for user


logins.

Supports the filtering of packets through ACL rules.

Supports the filtering of DHCP packets by appending Option


82.

Supports the prevention of attacks by sending control


packets.

Supports defences against attacks of source address spoofing,


LAND, SYN flood (TCP SYN), Smurf, ping flood (ICMP
Echo), Teardrop, and Ping of Death.

Supports the ping and traceroute functions of ICMP.

Supports SNMPv1/v2c/v3.

Supports standard MIBs.

Supports RMON.

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

7-7

Quidway S3300 Series Ethernet Switches


Product Description

7 System Specifications

Feature

Description
Cluster
management

7-8

Supports HGMPv2.

Supports the S-switch to be an administrator switch.

Supports the S-switch to be a member switch.

Supports automatic addition of member switches.

Supports private IP addresses of member switches.

Supports the login of member switches through Telnet.

Huawei Proprietary and Confidential


Copyright Huawei Technologies Co., Ltd.

Issue 01 (2009-12-15)