Huawei Quidway S3900 Series
Quidway S3900 serien är den nya generationen switchar med mål att till fullo uppfylla kraven för att skapa och implementera ett highly resilient nätverk.
En av de viktigaste innovationerna för Quidway S3900 är IRF (Intelligent Resilient Frameword) som ger ett övertag inom stackable technology. IRF låter nätverksadministratörer bygga anpassningsbara nätverk med hög pålitlighet, skalbarhet och som är lätta att underhålla.
Quidway S3900 Series Ethernet Switches are a new generation of premier multi-layer switches that entirely fulfill the enterprise customers’ requirement of designing and implementing a unified, highly resilient network. One of the most important and innovative highlights of the Quidway S3900 Series Ethernet Switches is the IRF (Intelligent Resilient Framework) technology which presents the highly efficient advantage of stackable technology. IRF enables network managers to build adaptable networks with high-reliability, scalability and easy management. ”Pay as you go” is the slogan of the Quidway S3900 Series Ethernet Switches.
With flexible software options, the Standard Software Image (SI) and the Enhanced Software Image (EI) of the Quidway S3900 Series Switches offer a cost-effective path for meeting current and future service requirements from enterprises and commercial businesses. The SI feature set includes advanced quality of service (QoS), rate-limiting, access control lists (ACLs), static and Routing Information Protocol (RIP) routing, and basic IRF function (distributed device management and basic distributed redundant routing), QinQ (VLAN-VPN), Protocol-Based VLAN and Voice VLAN, SSH V2 (Secure Shell V2), MVR (Multicast VLAN Registration), EAD (Endpoint Admission Defense), VCT (Virtual Cable Test), DLDP (Device Link Detection Protocol) and HGMP V2 (Huawei group management protocol V2), GVRP (GARP VLAN Registration Protocol). In addition to these features, the EI feature set provides even richer enterprise-class features such as advanced hardware-based IP unicast, Multicast routing, and advanced IRF functionality (distributed device management, distributed resilient routing and distributed link aggregation), RSPAN (Remote switched port analyzer), DHCP Server, OSPF (Open Shortest Path First) and VRRP (Virtual Redundancy Routing Protocol), HWTACACS, MSDP (Multicast Source Discovery Protocol).
The Quidway S3900 Series Ethernet Switches include the following models: S3928P-SI, S3928TP-SI, S3928P-EI, S3928F-EI, S3928P-PWR-EI, S3952P-SI, S3952P-EI, and S3952P-PWR-EI.
Full wire-speed and Multi-layer switching
The Quidway S3900 Series offers L2/L3 wire-speed switching capability for all ports. The system offers 4 GE ports to meet one piece of equipment’s requirement for multiple Gigabit uplinks and for access to the Gigabit server, thereby greatly increasing savings on equipment investment.
The hardware supports L3 wire-speed switching, and is able to identify and process the application traffic flows from L2~L7.
All ports have an independent data packet filter, and distinguish different application flows for different management and control.
IRF Technology
Intelligent Resilient Framework (IRF) is an innovative resilient network technology that allows enterprise customers to design and implement Fast Ethernet core and aggregation that are adaptable, providing exceptional reliability, scalability and easy management. With IRF technology, the Quidway S3900 Series can be interconnected together to behave as a single logical switching entity called a Distributed Fabric. From management and configuration perspectives, the Fabric appears as a single device. While from a performance perspective, each switch in the Distributed Fabric can make its own forwarding decisions, both at Layer 2 and Layer 3 for traffic that appears on its ports.
The Quidway S3900 Series supports RMON on IRF, and customers can collect RMON history and statistics data of any units from any switch in the fabric.
The HGMP V2 on IRF function allows customers to collect the information about the connection relations of the devices in a network and candidate devices, consequently maintaining and managing the cluster topology.
The Peer fabric port detection function can decide whether a device can join an IRF fabric or not.
The IRF technology provides: DDM (Distributed Device Management), DRR (Distributed Resilient Routing) and DLA (Distributed Link Aggregation).
Distributed Device Management (DDM) Distributed Device Management is the control system for IRF technology, responsible for distributing management and control information across the IRF Distributed Fabric. DDM allows the entire IRF Distributed Fabric to be managed as a single logical entity. Management tasks are all performed across the Distributed Fabric, minimizing complexity and administration overheads. In addition, the management IP address is shared across all units in the IRF Distributed Fabric, ensuring continuous device management and monitoring, in the event of an outage in one of the interconnected switches.
Distributed Resilient Routing (DRR) Distributed Resilient Routing, provided by Enhanced Image, is an advanced routing implementation that allows multiple interconnected switches in an IRF Distributed Fabric to behave as a single active routing entity. Unlike resilient Layer 3 implementations such as VRRP and HSRP, DRR intelligently distributes the routing load across all switches in the Distributed Fabric to optimize routing performance and make full use of bandwidth capacity.
Distributed Link Aggregation (DLA) Distributed Link Aggregation, provided by Enhanced Image, allows networks and IRF Distributed Fabrics to be coordinated with switches at the network edge. With the ability to multi-home across different units in the IRF Distributed Fabric, the availability of the entire network is dramatically increased. Traffic is forwarded across all links in the Aggregated Link to the fabric to optimize the use of available capacity. DLA guarantees high levels of resiliency since failure in one of the members of the Aggregated Link results in automatic redistribution of traffic across the remaining links.
Excellent PoE (Power over Ethernet) Supply Function
The Quidway S3900 Series Switches support PoE function for the LAN switching infrastructure, which provides power over a copper Ethernet cable to an endpoint (Powered Device).
The Quidway S3900 series provides up to 48 simultaneous full-powered PoE ports at 15.4W for maximum powered-device support, such as IP telephony and wireless LAN deployments. As PSE (Power Sourcing Equipment) devices, all Quidway S3900 series Switches are 802.3af compliant PoE switches.
With PoE and Voice VLAN technology, these innovative switches can provide the perfect solution for a converged voice and data network.
The Quidway S3900 series supports PoE Profile, which means PoE policy configurations applicable to different user groups are stored in the corresponding PoE Profiles. When users connect a PD device to the port that currently has PoE Profile stored, the switch will automatically apply the PoE configuration defined in the corresponding port’s PoE Profile to the PD device.
High Reliability
The Quidway S3900 series supports STP/RSTP and multi-VLAN based on MSTP, greatly improving redundant back-up for links and fault tolerance capability, so the network can run with high-level of stability.
The Series supports the optional RPS (Redundant Power Supply, provided by Enhanced Image), thus improving the fault tolerance capability and normal network operation duration.
The Quidway S3900 series supports VRRP (provided by Enhanced Image), and can build a VRRP back-up group with other L3 switches. It can build a redundant route topological structure when a fault occurs to guarantee communication continuity and reliability, maintaining network stability.
The Quidway S3900 series supports VRRP backup group port tracking function. With the function enabled, customers can specify to track the link state of the master’s uplink port and decrease the priority of the switch when the port fails. This in turn triggers the new master to be determined in the backup group.
The Quidway S3900 series supports ECMP (Equal Cost Multi-path Protocol, provided by Enhanced Image) routing, which can be used for load balance and routing redundancy.
Abundant QoS Policies
The Quidway S3900 Series supports L2~L4 complex flow classification based on source MAC address/destination MAC address/source IP address/destination IP address/ports/protocols.
The Quidway S3900 Series supports flexible queue scheduling algorithms, which can be set on the basis of port and queue at the same time. They support Strict Priority (SP), Weighted Round Robin(WRR), Weighted Fair Queuing (WFQ), SP+WRR, and SP+WFQ; 8 priority queues and 2 drop precedence; WRED congestion avoidance algorithm and port traffic shaping.
The Quidway S3900 Series supports Committed Access Rate (CAR) and limits the traffic speed in the 64Kbit/s granularity.
The The Quidway S3900 Series supports RSPAN (Remote switched port analyzer), breaking through the limitation that the mirrored port and the mirroring port have to be located in the same switch, and making it possible for the mirrored and mirroring ports to be located across several devices in the network, greatly enhancing the way the network administrators manage the switch.
The Quidway S3900 Series supports the Synchronization Feature of Queue Scheduling for Aggregation Ports. This feature provides the synchronization function of queue scheduling on each individual port of the aggregation port group.
The Quidway S3900 Series supports Delivery of ACL by RADIUS, and this function requires corporation of devices and the CAMS server. Users need to first define the ACL which is of numeric type, and then deliver the ACL to the hardware of the devices in the CAMS server through the configuration of external groups.
The Quidway S3900 Series can configure the Priority for Protocol Packets, and each protocol packet has its own priority. Customers can modify the priority of the protocol packet with the help of relevant QoS commands.
The Quidway S3900 Series supports configuring the control policy over Telnet, configuring the source IP, destination IP, and source MAC to control over. Also specifying whether the control action is permitting or denying access.
Flexible Security Control Policies
Based on the longest match routing policy, the Quidway S3900 Series forwards packets one by one ensuring equal forwarding performance. This function can guard the network against the attack by Code Red and Worm Blaster, thereby guaranteeing equipment security.
The Quidway S3900 Series supports 802.1x authentication to identify users who attempt to access the network. With the 802.1x client version checking function enabled on a switch, the switch checks the version and validity of the 802.1x client running on supplicant systems to prevent those using earlier versions of 802.1x client or illegal clients from logging in.
The Quidway S3900 Series supports 802.1x PEAP. With PEAP employed, a security channel is created which is encrypted and is protected using (TLS) to ensure integrity. And authentication is carried out through a new type of EAP (extensible authentication protocol) negotiation between supplicant systems and authentication servers.
The Quidway S3900 Series supports 802.1x-trusted MAC address. Trusted MAC address here refers to the MAC address of a supplicant system that passes 802.1x authentication and MAC address-based authentication. In this case, the MAC address becomes a trusted Mac address. The 802.1x trusted MAC Address synchronization function propagates the trusted MAC addresses in IRF (intelligent resilient framework) if the corresponding supplicant systems pass the authentication performed by IRF-enabled switches.
The Quidway S3900 Series supports Centralized MAC address authentication, it controls accesses to a network through ports and MAC addresses. This kind of authentication requires no client software. When operating in centralized MAC address authentication mode, a switch begins to authenticate the user if it detects a new user MAC address. Further more, the Quidway S3900 Series can Perform 802.1x authentication and MAC address-based authentication simultaneously.
The Quidway S3900 Series supports The Guest VLAN function, this function enables supplicant systems that are not authenticated to access specific resources and thus perform the corresponding operations, such as obtaining 802.1x client, upgrading client, or obtaining other upgrading programs.
The Quidway S3900 Series can also prevent unauthorized access to the network by binding any combination of MAC, IP and PORT.
Secure Shell V2 (SSH V2) offers security information protection and powerful authentication function to safeguard the Ethernet switch from attacks such as IP address spoofing and plain text cipher interception.
Diversified System Configuration and Management Modes
The Quidway S3900 Series supports Simple Network Management Protocol (SNMP) v1/v2/v3 and RMON (Remote Monitoring) v1, 1/2/3/9 groups of MIBs. They can be managed by a general network management platform such as OpenView, and Quidview network management system.
The Quidway S3900 Series supports Command Line Interface (CLI), Web based network management, modem dial-up and TELNET which make the equipment management more convenient.
The Quidway S3900 Series supports HGMP V2 cluster management. After enabling HGMP V2, the network administrator can manage several member switches through one command switch and only the command switch need a public network IP address. This can add up to large public IP address savings and also manages the network more efficiently.
The Quidway S3900 Series supports SNMP Agent logging, which means the network management operation logging function can be performed remotely by administrators through SNMP.
Abundant System Maintenance and Debugging Methods
The Quidway S3900 Series supports System log, Hierarchical alarm management and alarm filtering, detailed alarm/debug information output, Ping and Tracer. It also support remote maintenance via Telnet Modems and SSH.
The Quidway S3900 Series supports HWping which is a new network diagnostic tool used to test the performance of protocols operating on network and is an enhanced alternative to the ping command.
The Quidway S3900 Series supports DLDP (Device Link Detection Protocol). DLDP can detect the link status of the optical fiber cable or copper twisted pair. If DLDP finds a unidirectional link, it disables the related port automatically or informs users to disable it manually depending on specific configuration, to avoid potential network problems.
The Quidway S3900 Series supports Loopback detection on ports. After users enable loopback detection for Ethernet ports, the switch will monitor whether the ports have loopback on a regular basis; if the switch detects loopback for a particular port, then it will put that port under control.
The Quidway S3900 Series supports VCT (Virtual Cable Test) which is convenient for troubleshooting. Customers can start the virtual cable test (VCT) to make the system test the cable connected to the current electrical Ethernet port. The test items include: whether short or open circuit exists in the Rx/Tx direction of the cable, and what is the length of the cable in normal status or the length from the port to the fault point of the cable.