Professional Documents
Culture Documents
Version: 3.02.20
ZTE CORPORATION
No. 55, Hi-tech Road South, ShenZhen, P.R.China
Postcode: 518057
Tel: +86-755-26771900
Fax: +86-755-26770801
URL: http://support.zte.com.cn
E-mail: 800@zte.com.cn
LEGAL INFORMATION
Copyright © 2017 ZTE CORPORATION.
The contents of this document are protected by copyright laws and international treaties. Any reproduction or
distribution of this document or any portion of this document, in any form by any means, without the prior written
consent of ZTE CORPORATION is prohibited. Additionally, the contents of this document are protected by
contractual confidentiality obligations.
All company, brand and product names are trade or service marks, or registered trade or service marks, of ZTE
CORPORATION or of their respective owners.
This document is provided “as is”, and all express, implied, or statutory warranties, representations or conditions
are disclaimed, including without limitation any implied warranty of merchantability, fitness for a particular purpose,
title or non-infringement. ZTE CORPORATION and its licensors shall not be liable for damages resulting from the
use of or reliance on the information contained herein.
ZTE CORPORATION or its licensors may have current or pending intellectual property rights or applications
covering the subject matter of this document. Except as expressly provided in any written license between ZTE
CORPORATION and its licensee, the user of this document shall not acquire any license to the subject matter
herein.
ZTE CORPORATION reserves the right to upgrade or make technical change to this product without further notice.
Users may visit the ZTE technical support website http://support.zte.com.cn to inquire for related information.
The ultimate right to interpret this product resides in ZTE CORPORATION.
Revision History
II
Intended Audience
This manual is intended for network planning engineers.
Chapter 3, Technical Describes the basic specifications, interface specifications, and system
Specifications functions and features of the ZXR10 5960.
Chapter 4, Operation and Describes the management and maintenance of the NetNumen U31 uni-
Maintenance fied network management platform and the ZXR10 5960.
Conventions
This manual uses the following typographical conventions:
Italics Variables in commands. It may also refer to other related manuals and documents.
Bold Menus, menu options, function names, input fields, option button names, check boxes,
drop-down lists, dialog box names, window names, parameters, and commands.
Constant Text that you type, program codes, filenames, directory names, and function names.
width
[] Optional parameters.
{} Mandatory parameters.
II
1-1
l ZXR10 5960-72NL-H
l ZXR10 5960-64NL-H
For their overview, seeTable 1-1 .
Product Overview
ZXR10 5960-72DL-H
ZXR10 5960-64DL-H
ZXR10 5960-64DL/ZXR10
5960-64DL-L
ZXR10 5960-32DL/ZXR10
5960-32DL-L
ZXR10 5960-52DU-H
1-2
Product Overview
ZXR10 5960-32LC-H
ZXR10 5960-72NL-H
ZXR10 5960-64NL-H
1-3
1-4
material, in compliance with domestic and international RoHS standards and the
concept of "green earth, care nature".
l Reconstructable operating system architecture and ideal remote management tools,
which greatly improve installation, debugging, operation and maintenance efficiency,
increase the remote maintenance ratio, reduce OPEX, and lower attendance and
environment costs.
1-5
1-6
2.1 L2 Functions
2.1.1 Basic Ethernet Functions
MAC Address Management
The ZXR10 5960 provides the basic functions of maintenance MAC address learning and
synchronization, and implements the following management functions:
l MAC address binding
l MAC address filtering
l MAC address number restriction
l MAC address permanence
l MAC address multi-view display
Port Mirroring
The port mirroring function duplicates traffic from one port to another port, so that a network
administrator can analyze the traffic in real time when solving network problems. Port
mirroring provides a monitoring approach for the network administrator. For the ZXR10
5960, any port can be configured as a mirrored port. The supported mirroring types include:
l Mirroring between ports of different rates
l Many-to-one port mirroring
l One-to-many port mirroring
l Many-to-many port mirroring
l RSPAN, ERSPAN, and other remote port mirroring
l Stream-based mirroring
2-1
QinQ
QinQ allows multiple VLAN tags in an Ethernet frame. A subscriber's private network
VLAN tag is encapsulated into a public network VLAN tag, and then the double-tagged
frame goes through the backbone network, providing a simple 2-layer VPN tunnel for the
subscriber. The ZXR10 5960 implements static configuration for QinQ. QinQ involves two
VLAN types:
l Service VLAN (SVLAN)
l Customers VLAN (CVLAN)
The ZXR10 5960 supports traditional SVLAN configuration and VFP-based SVLAN
configuration. The latter can implement traffic-type-based tagging.
PVLAN
All the servers are in the same subnet and can communicate only with their own gateway.
This is called private VLAN (PVLAN).
A PVLAN effectively guarantees data communication security for an access network by
connecting all subscribers to a default gateway and isolating them from each other. Ports
2-2
in the same VLAN cannot communicate with each. Subscribers in the same VLAN are not
affected by broadcast packets.
A PVLAN does not need protocol packet support, and can be implemented on the ZXR10
5960 by static configuration.
VLAN Translation
VLAN translation is an extended VLAN function. If a switch port is enabled with VLAN
translation, it is required that incoming data packets received on this port must be tagged
packets. VLAN translation uses "port number + vid in the tagged packet" as an index to
look up the VLAN table to obtain a new vid. Then, the packet is switched in the new VLAN.
Thus, VLAN-to-VLAN translation is implemented.
VLAN translation is implemented on the ZXR10 5960 by static configuration.
Super VLAN
VLAN aggregation divides VLANs into super VLANs and sub VLANs. Multiple VLANs
(called sub VLANs) are aggregated into one super VLAN, and all use the IP subnet and
default gateway IP address of the super VLAN.
Static Aggregation
Static port trunking allows multiple physical ports to be manually added to a trunk group
to obtain a logical port.
When configuring link aggregation on the ZXR10 5960, comply with the following
principles, which are also applicable to LACP:
l Up to 128 trunk groups can be configured, each of which contains up to 8 member
ports.
l A member port can be in access, trunk, or hybrid mode, and all the member ports
must be in the same mode.
LACP
The Link Aggregation Control Protocol (LACP) complies with the IEEE 802.3ad standard.
The LACP allows multiple physical ports to be aggregated into a trunk group to obtain a
2-3
logical port called smartgroup. The LACP automatically performs aggregation to achieve
the maximum bandwidth.
The ZXR10 5960 supports smartgroup configuration. Load sharing can be implemented
by the following means, which are also applicable to static aggregation:
l By source MAC address, VLAN, Ethertype, and incoming port
l By destination MAC address, VLAN, Ethertype, and incoming port
l By source and destination MAC addresses, VLAN, Ethertype, and incoming port
l By source IP address and source TCP or UDP port number
l By destination IP address and destination TCP or UDP port number
l By source and destination IP addresses and source and destination TCP or UDP port
numbers
MC-LAG
Besides machine frame link aggregation, the ZXR10 5960 also supports Multi-Chassis
Link Aggregation Group (MC-LAG) .
2.1.4 L2 Multicast
The ZXR10 5960 can implement layer-2 multicast and dynamically maintain a multicast
group that users dynamically join and leave.
IGMP Snooping
Based on the layer-2 multicast technology, the ZXR10 5960 supports the IGMP snooping
technology to effectively manage multicast group members, suppress multicast flooding in
a layer-2 network, and prevent unauthorized users from receiving multicast traffic.
If IGMP snooping is enabled on the ZXR10 5960, multicast packets are multicast to specific
ports on layer 2. If IGMP snooping is not enabled, multicast packets are broadcast to
all ports on layer 2. The ZXR10 5960 also supports MLDv1/v2-based MLD snooping to
implement smooth IPv4-to-IPv6 evolution.
IGMP Proxy
The ZXR10 5960 also supports the IGMP proxy function. Unlike IGMP snooping, which
obtains multicast information by listening to IGMP traffic, the IGMP proxy mechanism
blocks and processes the IGMP requests from terminal users, and forwards them to an
upper-layer router.
2.2 L3 Functions
IPv4 Routing Protocols
RIP
2-4
The Routing Information Protocol (RIP) is a distance-vector routing protocol based on the
local network. The RIP uses UDP packets to exchange RIP routing information. A protocol
packet to be transported is encapsulated into a UDP packet. The routing information in a
RIP packet contains the number of hops in a path from the source to a destination. Each
hop determines the route to the destination by the hop count. RFC has a limit on the hop
count. The maximum hop count is 15. Therefore, the RIP is applied to internal gateways
in small-size autonomous systems.
On the ZXR10 5960, the RIP has the following main functions:
l Sends and receives RIP packets according to the protocol, checks the correctness of
the packets, and performs certain identity verifications.
l Supports RIPV1/V2, plain text and MD5 authentication, and route redistribution.
l Uses split horizon and trigger update mechanisms to prevent routing loops and
shorten route convergence time.
l Supports protocol debugging.
OSPF
The Open Shortest Path First (OSPF) is an Interior Gateway Protocol (IGP) developed by
the IETF. The OSPF uses a link state routing and Shortest Path First (SPF) algorithms. The
OSPF is loop-free, which is of great significance for mesh networks or LANs connected
through multiple bridges. Each OSPF router maintains an identical database describing
the Autonomous System (AS)'s topology. The database is composed of each router's
partial state information, such as the router's available interfaces, neighbors, connected
networks, and external routing information of the AS.
On the ZXR10 5960, the OSPF has the following main functions:
l Employs a hierarchical network topology that is applicable to large interconnection
networks.
l Uses the dynamic routing algorithm Dijkstra to automatically and quickly trace network
topology changes.
l Supports display and configuration commands from the primary console,
SNMP-related command, display, and MIB variables.
l Supports routing protocol packet authentication, including simple password
authentication and MD5 authentication, to prevent routing protocol packets from
being illegally modified.
l Uses retransmission and confirmation mechanisms to guarantee the reliability of
link-state synchronization.
l Supports a variety of distance metric solutions, such as physical distance, delay, and
throughput.
l Supports stub area and NSSA functions
l Supports Area Border Routers (ABRs) and Autonomous System Border Routers
(ASBRs).
l Supports classless routing and route aggregation.
l Controls route re-distribution and filtering by a route map.
IS-IS
2-5
IPv6 Routing
The ZXR10 5960 supports the following IPv6 unicast routing features:
l Supports IPv6 neighbor discovery protocols to discover routers and prefixes, resolve
addresses, determine next-hops, redirect routes, and detect unreachable neighbors
and duplicate addresses, bringing more flexibility to node mobility.
2-6
l Supports the IPv6 MTU discovery protocol to dynamically identify the maximum
transmission unit (MTU) and ensure that the size of each packet sent by a node does
not exceed the MTU value.
l Supports IPv6 static routing.
l Supports the IPv6-based dynamic routing protocols RIPng, OSPFv3, ISISv6, and
BGP4+.
L3 Multicast
The ZXR10 5960 supports the IGMPv2, IGMPv3, and MLDv1/v2 protocols, as well as
IPv4/v6-based PIM-DM and PIM-SM protocols, providing a complete set of multicast
solutions.
Controllable Multicast
The ZXR10 5960 supports a complete set of controllable multicast features. It implements
accurate control on multicast users by the functions of IGMP V1/V2/V3, IGMP Snooping,
IGMP Proxy, IGMP Fastleave, multicast VLAN, Channel Access Control (CAC) , and Call
Detail Record (CDR),
The ZXR10 5960 also provides the following customized controllable multicast
management functions to allow you to directly manage IPTV channels and subscribers:
l Channel access control
l Channel management
l Package management
l Preview configuration
l Preview template management
l CDR recording
l Uniform network management through MIB
The ZXR10 5960 provides these controllable multicast functions to allow the network
operator to accurately control their multicast services, perform overall subscriber
management, and flexibly deploy IPTV services.
2-7
MCE
The Multi-VRF CE (MCE) technology extends CE capabilities to support VRF functions.
Devices providing the MCE function are called MCE devices. The ZXR10 5960 supports
MCE configuration.
2.3 QoS
Basic QoS
As the IP network is evolving, more and more new services demand that the IP network
provide predictable as well as reliable transmission. Users demand that their network can
provide stable and high-performance services in any place and at any time.
Traffic engineering is intended for optimizing network performance. It can map traffic to
actual physical channels and meanwhile automatically optimize network resources to fulfill
the serviceability required by particular application. It is a network engineering technology
that allows both macro regulation and micro control.
At present the key to traffic engineering is load balancing and network recovery. IP traffic
engineering is to effectively implement the integration of the conventional best-effort IP
service and the QoS.
To fulfill the above objectives, the ZXR10 5960 provides the following functions:
Traffic Classification
Traffic means the packets sent through switches. Traffic classification is to classify the
packets according to particular characteristics. To achieve this purpose, you can use an
ACL, especially an extended ACL.
Packets can be classified by various ACL filtering options, such as source/destination IP
address, source/destination MAC address, IP protocol type, TCP source/destination port
number, UDP source/destination port number, DSCP, ToS, IP Precedence, VLAN ID, and
802.1p priority.
Traffic Policing
Traffic policing restricts the bandwidth for a specific service to reduce the impacts on other
services. Actions taken when the traffic exceeds a limit include:
The ZXR10 5960 implements the Single Rate Three Color Marker (RFC2697) and (Two
Rate Three Color Marker) (RFC4115) functions. Both algorithms support Color-Blind mode
and Color-Aware mode.
Traffic Shaping
2-8
Traffic shaping controls the rate of outputted packets, so that all the packets are sent out
in an even rate. Through traffic shaping, packet rates can match downstream devices, so
that congestion and packet dropping can be avoided.
The ZXR10 5960 supports traffic shaping at two levels, namely, VLAN-based traffic
shaping and port-based traffic shaping. Thus, the system can implement multi-level traffic
control and ensure hierarchical QoS and management.
Congestion Avoidance
The ZXR10 5960 uses the RED/WRED method to avoid congestion and improve network
quality.
The ZXR10 5960 WRED can perceive services, including the IP precedence, DSCP,
and can set different early drop policies for the packets of different priorities, so that
differentiated drop features are provided to different services.
Queue Scheduling
Each physical port of the ZXR10 5960 supports eight output queues (numbered from 0 to
7), which are called CoS queues. According to the CoS corresponding to the 802.1p tag
in a packet, the ZXR10 5960 performs output queue operations on the ingress. In case of
network congestion, multiple packets compete for resources. This problem can be solved
by queue scheduling.
The ZXR10 5960 supports three queue scheduling methods. The eight output queues on
a port can use different scheduling methods.
l Strict priority (SP)
l Weighted round robin (WRR)
l Dynamic weighted round robin (DWRR)
The 802.1p tag contains packet priority information. If the packet entering a port does not
carry a 802.1p tag, a switch allocates a default 802.1p value to the packet.
Priority Tag
A priority tag re-assigns a set of service parameters to the particular traffic described in an
ACL. The following types of operations can be performed:
l Modifying the CoS queue of a packet and the 802.1p value
l Modifying the CoS queue of a packet, but keeping the 802.1p value unchanged
l Modifying the DSCP value of a packet
l Modifying the drop priority of a packet
Ethernet OAM
At present, the ZXR10 5960 supports the following Ethernet OAM standards:
l IEEE 802.3ah (Operations, Administration, and Maintenance-OAM)
l IEEE 802.1ag (Connectivity Fault Management-CFM)
The ZXR10 5960 supports Ethernet OAM functions that support the above mentioned
standards. The functions include Ethernet continuity test (ETH-CC), Ethernet loopback
(ETH-LB), Ethernet link tracing (ETH-LT), remote fault indication, and remote loopback.
2-9
The ZXR10 5960 satisfies carrier-class reliability requirements, and provides a whole set
of system monitoring approaches to reduce customers' maintenance costs and improve
equipment stability and reliability.
In terms of hardware, the ZXR10 5960 monitors ambient temperature, fan status, power
status. In terms of software, the ZXR10 5960 actively collects the information about
ambient temperature, fan status, power status. If a fault occurs or an index exceeds
its alarm threshold, the system raises an alarm and reports the fault. Alarm and fault
information can be periodically stored and uploaded to a specified server.
The ZXR10 5960 supports the BFD of static routes, OSPF and other dynamic routes,
and VRRP to implement fast convergence. The ZXR10 5960 supports combining BFD
and FRR technologies to provide a fast fault detection mechanism and implement fast
rerouting.
OAM Detection
OAM provides rich detection methods (mainly the Ethernet OAM technology) for identifying
network faults. Through OAM packet detection, the system can detect the link status, node
status, and tunnel connectivity, and trigger protective switching when finding a fault.
SQA
The ZXR10 5960 supports ICMP-echo, ICMP-jitter, DNS, FTP, HTTP, UDP-jitter, SNMP
and TCP detection.
2-10
FRR Protection
Supporting IP FRR
The switching speed of IP Fast ReRoute (IP-FRR) reaches 50 ms, which can minimize
data loss upon network failures. The IP FRR function computes backup routes in advance.
If an active route fails, the IP FRR function does not re-compute routes, but switch traffic
to a backup route. When the active route is restored to normal, the traffic is switched back
to the active route.
The ZXR10 5960 supports static routing, OSPF, IS-IS, and RIP fast rerouting. Thus traffic
can be quickly switched in one direction, which satisfies the switching time requirement of
services.
Device Authentication
AAA
The ZXR10 5960 support Authentication, Authorization and Accounting (AAA). It can
not only authenticate and authorize a subscriber by with the assistance of hierarchical
command line protection, but also verify the validity of network management users in
2-11
network management. By using the AAA mechanism, the ZXR10 5960 can effectively
prevent illegal subscribers from logging in.
For different subscriber access authentication policies, the device provides perfect AAA
authentication and authorization functions. According to different access authentication
requirements, you can configure different access authentication policies to perform
authentication and authorization on subscribers selectively.
The AAA supports three subscriber authentication modes:
l Local account verification
l Remote Authentication Dial-In User Service (RADIUS) verification
l Terminal Access Controller Access Control System (TACACS+) verification
The AAA supports four authorization modes:
l Direct authorization: Subscribers are trusted and directly authorized.
l Local account authorization: Authorizes subscribers according to the locally
configured accounts.
l TACACS+ authorization: TACACS+ can separate authorization from authentication.
The TACACS+ server performs subscriber authorization.
l Authorization after successful RADIUS authentication: The RADIUS protocol does
not allow the separation of authentication and authorization.
SSH
The Secure Shell (SSH), drafted by the IETF, is a security protocol established on the
application and transport layers. The SSH is a reliable protocol that provides security
particularly for remote login sessions and other network services. The SSH protocol can
effectively prevent information leakage during remote management. Through the SSH
protocol, data can be encrypted before transmission, and thus intermediary attacks can
be avoided.
The SSH supports two authentication modes:
l Password-based security verification
l Key-based security verification
The ZXR10 5960 supports SSHv2 security verification.
Hierarchical Commands
The ZXR10 5960 implements authority-based hierarchical command management. Up
to 16 command authority levels are supported. Different login subscribers are bound
to different authority levels. The lower the level, the less commands the subscriber is
allowed to use. The administrator, who has the highest authority level, can set different
authority levels for commands, and thus customized command authority configuration is
implemented.
Access Security
802.1x
The ZXR10 5960's 802.1X module performs the following functions:
2-12
IP source guard
By establishing the binding relations between a port and a VLAN, MAC address, or IP
address, an IP source guard checks the packet source and allows traffic satisfying specific
conditions to pass, and thus packet security control is implemented. The IP source guard
establishes a binding table in either of the following forms:
l Static binding
l Dynamic binding
The ZXR10 5960 supports IPv4-based and IPv6-based IP Source Guard function.
DAI
Dynamic ARP Inspection (DAI) sends ARP packets up to a CPU for processing. After
determining that the ARP packet is legal or not, the CPU forwards or drops it.
Network Security
The ZXR10 5960 implements network-based security protection, and every module has the
security checking function. In the ZXR10 5960, network security functions are as follows:
l Prevents subscriber ARP snooping.
l Supports MAC address flood protection, which restricts the number of MAC
addresses.
l Sets broadcast packet thresholds on a port.
l Filters layer 2, 3 and 4 ACLs together.
l Filters routes.
l Forbids ICMP redirection to prevent an attacker from sending fake ICMP packets.
l Prevents CPU attacks, provides protocol packet protection, distributes different
hardware CPU queues to protocol packets, sets priorities, limit rates, performs QoS
such as WRED, and protects CPU.
2-13
l Prevents DoS attacks by hardware queues, and supports preventing land | null-scan
| ping-of-death | smurf | sys-fin | syn-port-less-1024 | xma-scan | ping-flood | syn-flood
attacks (for ping-flood | syn-flood, rate limiting is supported).
l Prevents IPv4 URPF source address spoofing.
l Supports automatic broadcast storm suppression.
l Supports control/signaling MD5 authentication.
l Supports DHCP snooping.
l Supports DHCP snooping-based IP Source guard and DAI.
l Supports IPv6 ND security.
DDoS Attack Prevention
As the network environment becomes more and more complicated, switches are facing the
demand for higher attack prevention capabilities. There are many methods and policies
for DDoS attack prevention. CPU protection is one of the major methods.
The ZXR10 5960's DDoS attack prevention supports most L2 and L3 protocols. L2
protocols mainly include some STP and MSTP packets, as well as layer 2 ring network
packets of switches. L3 protocols mainly includes the IPv4 and IPv6 protocols.
l IPv4 protocols: OSPF, PIM, IGMP, VRRP, ICMP, ARPREPLY, ARPREQUEST,
GROUP MNG, VBASE, VRRP ARP, DHCP, RIP, BGP, Telnet, LDP_TCP, LDP_UDP,
TTL, BPDU, SNMP, MSDP, and RADIUS.
l IPv6 protocols: MLD, ND, ICMP6, BGP4+, RIPNG, OSPFv3, LDPTCP6, LDPUDP6,
Telnet6, and PIM6.
The ZXR10 5960 expands hierarchical CPU protection based on regular CPU protection.
Hierarchical CPU protection includes hardware, software, and protocol stack protection.
The ZXR10 5960 also prevents DDoS attacks by limiting MAC address learning, limiting
the port flow rate, and multi-layer ACL filtering.
uRPF
The ZXR10 5960 supports strict, loose, and loose-ingoring-default-route Unicast Reverse
Path Forwarding (uRPF).
l Strict uRPF means that a packet is dropped if the egress found according to the source
address does not exactly match the ingress, or is handled properly otherwise.
l Loose uRPF means that the packet is handled normally if a route is found according
to the source address and the default route's egress is consistent with the ingress, or
is dropped otherwise.
l Loose-ingoring-default-route uRPF means that the packet is handled normally if a
route is found according to the source address and it is not the default route, or is
dropped otherwise.
ND Security
The ZXR10 5960 supports the configuration of trusted switch ports, trusted switch
addresses, and ND learning quantity limit. It supports ND snooping-based ND packet
filtering by configuring a static binding relation between a port and a VLAN, IP address, or
2-14
MAC address. It can also detect ND packets based on DHCPv6 snooping entries, allow
legal packets to pass, so that network risks are minimized.
2-15
2-16
Table 3-1 Basic Features and Physical Specifications of the Device (1)
Description
Table 3-2 Basic Features and Physical Specifications of the Device (2)
Description
Attribute ZXR10 5960- ZXR10 5960- ZXR10 5960- ZXR10 5960-
52DU-H 32LC-H 72NL-H 64NL-H
3-1
Description
Attribute ZXR10 5960- ZXR10 5960- ZXR10 5960- ZXR10 5960-
52DU-H 32LC-H 72NL-H 64NL-H
Pa-
Weight (full ≤9.0 kg
rame-
configuration)
ters
Po- AC power supplies: 100 V–127 V/240 V, 50 Hz–60 Hz, and 240 V high voltage DC input.
wer DC power supplies: -38 V–72 V
Sup-
ply
Attribute Description
3-2
Attribute Description
l L3 features
For the L3 features of the ZXR10 5960, refer to Table 3-4.
Attribute Description
l Multicast features
3-3
Attribute Description
l QoS features
For the QoS features of the ZXR10 5960, refer to Table 3-6.
Attribute Description
3-4
Attribute Description
l Security features
For the security features of the ZXR10 5960, refer to Table 3-8.
Attribute Description
l O&M features
For the O&M features of the ZXR10 5960, refer to ZXR10 5960Table 3-9.
3-5
Attribute Description
Cluster LLDP/ZTP/ZDP.
manage-
ment
3-6
Networking Mode
Between the NetNumen U31 and the ZXR10 5960, in-band or out-band management can
be implemented.
l In-band management
In-band management is flexible and does not need extra investment. However,
network management information occupies the service bandwidth, and thus service
quality may be affected.
l Out-band management
Out-band management means that network management information is separately
transferred in a network management network and an extra DCN network is needed.
The NetNumen U31 system is connected to the out-band management port of the
4-1
ZXR10 5960, and thus network management information and service information are
separately transferred.
Out-band management allows network management information to be transferred
more reliably, even if the service channel is interrupted. However, to build a separate
network management network is restricted by region and needs extra investment.
NetNumen U31
The NetNumen™ U31 (BN) is a unified management platform for all bearer network
devices of ZTE. It implements integrated management of transmission, wavelength
division, PTN, and IP devices (routers and switches). The U31 is located on the network
element management layer or subnet management layer, and is a new-generation
network management system. It provides powerful functions for managing the network
element layer and network layer.
The NetNumen™ U31 (BN) uses distributed, multi-process, and modular design to
manage all-series bearer network devices. The U31 provides configuration, fault,
performance, maintenance, path, security, system, and report management functions.
It guarantees device stability, and implements management and control on network
elements and regional networks.
The system uses various network management technologies, and is designed and
developed based on the TMN concept of ITU-T and industry-leading experience in
network management software development. It provides powerful management functions
and flexible networking capability. The U31 system provides the following functions for
the ZXR10 5960:
l Fault management: Guarantees stable network operation.
l Performance management: Helps users to fully understand the network service
status.
l Resource management: Helps users to use network resources properly.
l View management: Presents network operation status clearly.
l Configuration management: Helps users to deploy services quickly.
l Security management: Guarantees network security.
l Northbound interface: Helpful for integration.
Serial connection configuration uses the VT100 terminal method, and the
hyperterminal tool provided by the Windows operating system can be used for
4-2
l The device and power modules have indicators, which show the operational status of
devices.
l The hot swapping events of power modules and fan modules are recorded for users
to review.
l Alarm prompts are generated when the fans, power supplies, or temperature is
abnormal.
l Environment temperature is automatically monitored during system operation, and
temperature control and message alarm functions are provided.
l Software operation is monitored by the system, and alarms are printed or devices are
automatically reset and restarted when a fault affects device operation.
Management and Maintenance
4-3
Software Upgrade
The ZXR10 5960 provides software upgrade in normal and abnormal situations.
l Version upgrade when the system is abnormal: If a device cannot be started properly,
to upgrade the software version, a user can modify the BOOT mode and download
the latest version through the management Ethernet port.
l Version upgrade when the system is normal: If a device is normal, the software version
can be locally upgraded or remotely upgraded through the FTP.
In the ZXR10 5960, software version files and configuration files are stored in a flash
memory. During software upgrade, configuration storage need flash operations.
4-4
l Version upgrade when the system is abnormal: If a device cannot be started properly,
to upgrade the software version, the user can modify the BOOT mode and download
the latest version through the management Ethernet port.
l Version upgrade when the system operates properly: If a device operates properly,
the software version can be locally upgraded or remotely upgraded through FTP.
File System Operations
l File backup and recovery: The software version files, configuration files, and log files
on the ZXR10 5960 can be backed up to a back-end server through the FTP/TFTP,
or the backup files can be recovered from the server.
l File import and export: Files can be copied to a back-end host through the FTP/TFTP.
By exporting/importing the files, users can obtain alarm files and modify configuration
files.
4-5
4-6
Ethernet Standards
For the Ethernet standards that the ZXR10 5960 complies with, refer to Table A-1.
A-1
IP Standards
For the IP standards that the ZXR10 5960 complies with, refer to Table A-2.
A-2
UDP Standards
For the UDP standards that the ZXR10 5960 complies with, refer to Table A-3.
TCP Standards
For the TCP standards that the ZXR10 5960 complies with, refer to Table A-4.
ICMP Standards
For the ICMP standards that the ZXR10 5960 complies with, refer to Table A-5.
SOCKET Standards
For the SOCKET standards that the ZXR10 5960 complies with, refer to Table A-6.
A-3
Tunneling Standards
For the tunneling standards that the ZXR10 5960 complies with, refer to Table A-7.
SSH Standards
For the SSH standards that the ZXR10 5960 complies with, refer to Table A-8.
A-4
RFC 4432 RSA Key Exchange for the Secure Shell (SSH)
Transport Layer Protocol
RFC 4716 The Secure Shell (SSH) Public Key File Format
SFTP Standards
For the SFTP standards that the ZXR10 5960 complies with, refer to Table A-9.
RIP Standards
For the RIP standards that the ZXR10 5960 complies with, refer to Table A-10.
OSPF Standards
For the OSPF standards that the ZXR10 5960 complies with, refer to Table A-11.
A-5
A-6
BGP Standards
For the BGP standards that the ZXR10 5960 complies with, refer to Table A-12.
A-7
A-8
IS-IS Standards
For the IS-IS standards that the ZXR10 5960 complies with, refer to Table A-13.
RFC 1195 Use of OSI Is-Is for Routing in TCP/IP and Dual
nvironments
A-9
Multicast Standards
For the multicast standards that the ZXR10 5960 complies with, refer to Table A-14.
A-10
MPLS Standards
For the MPLS standards that the ZXR10 5960 complies with, refer to Table A-15.
A-11
A-12
LDP Standards
For the LDP standards that the ZXR10 5960 complies with, refer to Table A-16.
RSVP-TE Standards
For the RSVP-TE standards that the ZXR10 5960 complies with, refer to Table A-17.
A-13
VPLS Standards
For the VPLS standards that the ZXR10 5960 complies with, refer to Table A-18.
NTP Standards
For the NTP standards that the ZXR10 5960 complies with, refer to Table A-19.
IPV6 Standards
For the IPV6 standards that the ZXR10 5960 complies with, refer to Table A-20.
A-14
A-15
IPSec Standards
For the IPSec standards that the ZXR10 5960 complies with, refer to Table A-21.
RFC 2410 The NULL Encryption Algorithm and Its Use With
IPsec
RADIUS Standards
For the RADIUS standards that the ZXR10 5960 complies with, refer to Table A-22.
A-16
TACACS+ Standards
For the TACACS+ standards that the ZXR10 5960 complies with, refer to Table A-23.
VRRP Standards
For the VRRP standards that the ZXR10 5960 complies with, refer to Table A-25.
A-17
DHCP Standards
For the DHCP standards that the ZXR10 5960 complies with, refer to Table A-26.
BFD Standards
For the BFD standards that the ZXR10 5960 complies with, refer to Table A-27.
A-18
TU-T Temporary Document 69 (IP Experts) Revised draft document on IP access network
architecture
RFC 1215 A Convention for Defin-ing Traps for use with the
SNMP
A-19
A-20
A-21
FTP/TFTP Standards
For the FTP/TFTP standards that the ZXR10 5960 complies with, refer to Table A-29.
A-22
II
DHCP
- Dynamic Host Configuration Protocol
DWRR
- Deficit Weighted Round Robin
FRR
- Fast Reroute
ICMP
- Internet Control Message Protocol
IGMP
- Internet Group Management Protocol
IPTV
- Internet Protocol Television
IS-IS
- Intermediate System-to-Intermediate System
LACP
- Link Aggregation Control Protocol
MAC
- Media Access Control
III
MLD
- Multicast Listener Discovery
MSDP
- Multicast Source Discovery Protocol
OAM
- Operation, Administration and Maintenance
OPEX
- Operating Expenditure
OSPF
- Open Shortest Path First
PIM
- Protocol Independent Multicast
PVLAN
- Private Virtual Local Area Network
QoS
- Quality of Service
RADIUS
- Remote Authentication Dial In User Service
RED
- Random Early Detection
RIP
- Routing Information Protocol
RIPng
- Routing Information Protocol next generation
SNMP
- Simple Network Management Protocol
SP
- Strict Priority
SSH
- Secure Shell
SVLAN
- Service Virtual Local Area Network
TACACS+
- Terminal Access Controller Access-Control System Plus
TTL
- Time To Live
VLAN
- Virtual Local Area Network
IV
VRF
- Virtual Route Forwarding
VRRP
- Virtual Router Redundancy Protocol
WRED
- Weighted Random Early Detection
WRR
- Weighted Round Robin
ZESR
- ZTE Ethernet Switch Ring
ZESS
- ZTE Ethernet Smart Switch