background image

 

ZTE Confidential Proprietary 

2013 ZTE CORPORATION. All rights reserved 

3

 

 

 

ZXR10 5250 Product Description 

2.3 

POE Features 

ZXR10  5250  series  supports  full-port  POE  and  POE+  power  supply,  conforming  to 
802.3af  and  802.3at  standard.  It  is  also  compatible  with  PD  equipment  which  doesn

’t 

conform to 802.3af or 802.3at standard. The maximal power supply of POE is 15.4W and 
the maximal power supply of POE+ is 30W.   

The  port  supports  time-sharing  POE  power  supply  configuration.  It  can  automatically 
forcefully shut down POE power supply of the electrical interface during the period when 
power supply is unneeded. 

2.4 

Better video service experience 

ZXR10  5250  supports  MVR,  provides  various  rules  and  channel  combination,  and 
supports  multicast  QoS.  It  solves  traffic  engineering  management  problem  brought  by 
multiple  egress  duplication  of multicast  services,  optimizes  delay,  jitter  and  packet loss 
problem of video flow, and reduces join-in and offline delay of users

’ video services. At 

the same time, it supports multicast service access control, which guarantees security of 
multicast service access and users

’ high-quality video service experience. 

2.5 

Perfect security design 

The security design of ZXR10 5250 is based upon two aspects: one is to guarantee the 
normal operation of the device, the other is to ensure the security of the data.   

For self security design, some restrictions to peer-end broadcasting message, multicast 
message, unknown unicast message. Therefore, these messages will have less impact 
to CPU. For CPU, the device uses control plane security service to  classify and control 
the speed of the protocol messages that CPU needs to process. This mechanism makes 
sure  that  the  speed  of  the  delivered  the  message  for  the  protocol  stacking  is  within  a 
proper  range,  which  avoids  the  breakdown  of  CPU  caused  by  exceeding  messages. 
Besides common user name and password management, ZXR10 5250 supports multiple   
logins such as SSH to prevent the administrative users being spoofed. 

For user data security, besides PVLAN service, ZXR10 5250 also uses DHCP snooping 
plus IP source guard to make sure user

’s validity. For the messages which do not satisfy 

bounding table, they will be discarded.   

The device is also capable of DAI service.  So that  it  can effectively restrict  ARP-based 
DOS attack. The device not only can discard arp message  which  does not  accord  with 
the  condition,  but  also  can  restrict  the  number  of  arp  one  port  learns.  This  mechanism 
successfully  prevents  equipment  table  entity  from  being  occupied  maliciously,  which 
makes sure other people can use the resource normally.

 

Содержание ZXR10 5250-28TC

Страница 1: ...ZXR10 5250 Product Description ...

Страница 2: ......

Страница 3: ...g Not open to the Third Party V1 1 2012 12 05 Liusheng ZHUOMUNIAO modification 2013 ZTE Corporation All rights reserved ZTE CONFIDENTIAL This document contains proprietary information of ZTE and is not to be disclosed or used without the prior written permission of ZTE Due to update and improvement of ZTE products and technologies information in this document is subjected to change without notice ...

Страница 4: ...ctions 6 3 1 1 MAC address management 6 3 1 2 VLAN 7 3 1 3 STP features 8 3 1 4 Link aggregation 8 3 1 5 Basic Ethernet features 8 3 2 Value Added Service VAS 9 3 2 1 DHCP based batch upgrade 9 3 2 2 IPTV 9 3 2 3 ACL 10 3 2 4 SFLOW 10 3 2 5 RSPAN 11 3 2 6 Global counter 12 3 2 7 IP source guard 12 3 2 8 Dynamic ARP Inspection DAI 12 3 2 9 LLDP 13 3 2 10 UDLD 13 3 2 11 Voice vlan 13 3 2 12 802 1x a...

Страница 5: ... 4 3 2 MUX Sub system 21 4 3 3 L2 Sub system 22 4 3 4 NM and Maintenance Sub system 22 5 Technical Indexes and Specifications 23 5 1 Physical Indexes 23 5 2 Basic Specifications 23 6 Operation and Maintenance 26 6 1 NetNumen U31 Integrated NM Platform 26 6 1 1 NM Networking 26 6 1 2 NetNumen U31 NM System 27 7 Comprehensive Networking Applications 30 7 1 Community Access for Enterprise network 30 ...

Страница 6: ...5252 28TC 17 Figure 4 2 ZXR10 5252 52TC 17 Figure 4 3 ZXR10 5250 28SM 17 Figure 4 4 ZXR10 5250 52PM 17 Figure 4 6 Working principle of the system 18 Figure 4 7 Control principle 19 Figure 4 8 System framework diagram 21 Figure 4 9 L2 system structure 22 Figure 7 1 Desktop access for enterprise network 30 Figure 7 2 MAN access 31 TABLES Table 5 1 Physical indexes 23 Table 5 2 System specifications ...

Страница 7: ...s in energy saving user information security access control as well as management and maintenance 5250 when compared with similar products are outstanding for its powerful forwarding capability flexible ACL and rich monitoring manners It supports Ethernet OAM and voice vlan so that is can satisfy MAN and enterprise network access needs ZXR10 5250 include 4 models ZXR10 5250 28TC ZXR10 5250 52TC ZX...

Страница 8: ...er maximally The material used for the product conforms to Europe RoHS environment protection standard The environment pollution of the materials is reduced to the least We make certain contribution to protection of the whole environment 2 2 Easy deployment and easy management Automatic remote batch upgrade can upgrade the equipment of the same type at one time which avoids the hardship of the OAM...

Страница 9: ... ZXR10 5250 is based upon two aspects one is to guarantee the normal operation of the device the other is to ensure the security of the data For self security design some restrictions to peer end broadcasting message multicast message unknown unicast message Therefore these messages will have less impact to CPU For CPU the device uses control plane security service to classify and control the spee...

Страница 10: ...mple the message and send it to the designated server ZXR10 5250 support RSPAN service It is used for the extension of common mirroring So that all the messages on the monitored port will be completely sent to the remote receiver The device also supports intelligent statistic service Being different from the traditional accounting service which can only collect the number of the port or queue the ...

Страница 11: ...to provide great convenience for network maintenance staff to locate network failures ZXR10 5250 supports three OAM protocols 802 1ag 802 3ah and Y1731 2 11 Off power alarm When the power supply is off power the device sends alarm message to the designated server notifying the server that the device stops working because the power supply is off Power supply failure is the major failure of the acce...

Страница 12: ...city of a switch is limited When many users are available and MAC address table will reach the capacity limit the MAC address number of low priority user port will be restricted The restriction can prevent MAC address broadcast to drive MAC address table to overflow the network attack Port MAC address learning protection When abnormal MAC address learning of a port is checked out the switch will p...

Страница 13: ...VLAN label external label outside the existing VLAN label internal label The external label can shield the internal label QinQ without protocol support can implement simple L2VPN and is suitable for mini LAN taking L3 switch as the backbone Typical QinQ networking is as follows The port connecting user network is Customer port the port connecting SP network is Uplink port and SP network edge acces...

Страница 14: ... sending the packet via the port and recalculate and decide a port for packet transport according to load sharing policy After the faulty port restores the switch will recalculate and decide a port for packet transport again Link aggregation is an important technology to increase link bandwidth and support link transport resilience and redundancy ZXR10 5250 supports static Trunk and LACP link aggr...

Страница 15: ... via network cable Network cable has 4 twisted pairs 100M network cable uses twisted pair 1 2 and 3 6 and 1000M 1 2 3 6 4 5 and 7 8 The status of each twisted pair can be detected in line check Line statuses are as follows 1 Open Open circuit line 2 Short Short circuit line 3 Good Normal line 4 Broken Open circuit or short circuit line 5 Unknown Unknown or no result 6 Crosstalk Line coupling 7 Fai...

Страница 16: ...ss Record User s on demand authority can be controlled by binding rules and channels 3 2 3 ACL ZXR10 5250 supports egress and ingress ACL ZXR10 5250 offers the following four types of ACL Basic ACL Only match source IP address Extension ACL Match source IP address destination IP address IP protocol type TCP source port No TCP destination port No UDP source port No UDP destination port No ICMP type...

Страница 17: ...ackets to sFlow agent equipment for processing sFlow Collector is the network equipment sFlow uses to manage monitor collect and analyze It stores and analyzes network packets from sFlow Agents and gives equipment traffic and service analysis reports and tables 3 2 5 RSPAN Remote Switched Port Analyzer RSPAN i e remote port mirroring without asking the mirrored port and the mirroring port on the s...

Страница 18: ...tatus which may be for a specific traffic of each user so as to offer more data for network structure planning 3 2 7 IP source guard IP source guard is a policy control technology Based upon dynamic DHCP snooping table entry or manual static table entry it is mainly responsible for checking if IP MAC the same as DHCP snooping table entry or manual static table entry If they are not the same the me...

Страница 19: ... device access is detected no matter what the default priority for the voice data flow is ZXR10 5250 transfers the legal voice data to the specified voice VLAN and distributes a high priority to it so as to guarantee the voice packet is forwarded with priority 3 2 12 802 1x authentication DOT1X IEEE 802 1x is the port based network access control protocol It optimizes authentication means and auth...

Страница 20: ...ocol makes some progresses It makes sure if the ring works smoothly Also it confirms there s only one logic smooth path between two nodes The port status can be changed between block and forward status according to the situation of the ring through break break through which enables fast switchover of the logical path ZESR supports multiple such as network topologies as tangent ring and intersectan...

Страница 21: ...It supports identification and processing of option82 Many different actions of forwarding dropping or substitution can be adopted for packets carrying option82 3 2 16 TACACS Besides common radius authentication ZXR10 5250 also supports TACACS authentication of administrative user TACACS seems similar to radius in usage It is also an authentication method with client plus server The device works a...

Страница 22: ...k of the port to avoid the influence on the whole network of the loopback Port loopback check can work only with the support of a single node without the same protocol run in the whole network ZXR10 5250 supports single port and multi port loopback check 3 2 19 MButton ZXR10 5250 switch can provide the MButton function without increasing user cost The function makes use of existing port indicators...

Страница 23: ...fabric unit line interface unit and power supply unit The size of the chassis goes in line with European standard Figure 4 1 ZXR10 5252 28TC Figure 4 2 ZXR10 5252 52TC Figure 4 3 ZXR10 5250 28SM Figure 4 4 ZXR10 5250 52PM 4 2 Hardware Architecture 4 2 1 Overall Hardware Architecture ZXR10 5250 is a cassette product that adopts centralized hardware architecture design All service interfaces are dir...

Страница 24: ... control module power supply module and interface module based on the responsibilities they assume 4 2 3 1 Control Card Control card is the core component of ZXR10 5250 It mainly implements two functions of control module and switch module In ZXR10 5250 system control switch card is installed in the cassette structure with no independent panel Its related interface and indicator are on the front p...

Страница 25: ...plications by the system The main processor adopts high performance CPU processor to implement the following tasks System network management protocol such as SNMP Network protocol such as STP Provides operation and management interfaces for each line card Takes data operation and maintenance 4 2 3 3 Switch Module Switch module adopts the private Switch chip with multiple GE bi directional interfac...

Страница 26: ... configuration management failure management performance management and security management System software can be divided into the following four sub systems based on the above system function requirements Operation support sub system It includes software modules of BSP ROS SSP MUX sub system It includes data distributing module statistics monitoring module and drive encapsulating module Data dis...

Страница 27: ...s statistics and monitoring of software table of switching chip The main functions of MUX sub system are data forwarding and statistics monitoring MUX layer receives data packets from drive module and distributes data packets based on ETHER TYPES field in MAC frame MUX data forwarding also takes charge of encapsulating data forwarding function of the drive It provides new data forwarding function ...

Страница 28: ...g data layer or service layer Figure 4 8 L2 system structure 4 3 4 NM and Maintenance Sub system Foreground network management and operation maintenance sub system use TCP IP to work as SNMP network management agent They use the executive body of managed entity in lower layer to implement management By network communication background and foreground network management take management of foreground...

Страница 29: ... Not support Not support Not support support Power supply Support AC and DC input support RPS AC 100V 240V 50Hz 60Hz RPS 12V DC Support AC and DC input support RPS AC 100V 240V 50Hz 60Hz DC 48V 60V RPS 12V DC Support two modular power Support AC and DC input AC 100V 240V 50Hz 60Hz DC 48V 60V Support two modular AC power Support AC input AC 100V 240V 50Hz 60Hz Maximal consumption 27W 53W 39W Max po...

Страница 30: ...e 42Mpps 78Mpps 42Mpps 132Mpps Port switching capacity 56Gbps 104Gbps 56Gbps 176Gbps MAC Support MAC address learning aging and conversion from dynamic to static Support static MAC address setting Support MAC address attack protection Support 16K address table items VLAN 4k for the whole set Support port based VLAN Support VLAN translation 1 1 N 1 Support PVLAN QinQ Support QinQ based forwarding S...

Страница 31: ...t frame protocol and CoS information Support traffic based label priority and packet re orientation Anti lightenin g Anti lightening capability at all service ports 6KV Security features Support DHCP snooping and DHCP relay Support 802 1x and maximal user limit at single port Support dynamic ARP detection DAI Support IP Source Guard Support MAC address filtering Support local or remote authenticat...

Страница 32: ...nagement system NetNumen U31 is an centralized network management system integrating multiple products of router and switch It integrates network element management network management and service management in one supporting multiple databases It has graphic interface of many languages providing direct and easy operation Offering flexible northbound interface it supports powerful interconnection i...

Страница 33: ...ff in an audible and visual way The maintenance staff confirms and deals with the event They save the collected alarm reports in the base for various statistic and query Failure management is the most important and most usual management measure in network operation and maintenance With failure management users can implement query realtime monitoring failure filtering failure location failure confi...

Страница 34: ... upgrade management and configuration file management It supports multiple humanistic configuration including end to end configuration batch configuration guide configuration It also provides corresponding default configuration templates for different management Security management guarantees network security Security management guarantees valid use of the system by the user Security management im...

Страница 35: ...professional network is connected via interface Professional network management needs to provide comprehensive network management system with standard open northbound interface to perform quick and reliable integration with comprehensive network management NetNumen U31 supports multiple northbound interfaces such as CORBA SNMP TL1 XMLand FTP ...

Страница 36: ...cations 7 1 Community Access for Enterprise network Figure 7 1 Desktop access for enterprise network It provides GE access to desktop and GE comb uplink port Working with 802 1x authentication IP source guard DAI security port and conversion from dynamic MAC to static it can satisfy most of the requirements of enterprise network access ...

Страница 37: ... 2 MAN access MAN access can adopt ordinary tree type and ZESR plus PVLAN Working with DHCP snooping and ip source guard it provides users with high security guarantee At the same time ZXR10 5250 can use QinQ or SVLAN to further distinguish users and services and to provide rich control information for service planning of the whole network ...

Страница 38: ...C Network Processing Card for BRAS BSFC Switch Fabric Card for BRAS BTSR Back plane for Terabit Switch Router BUPC Ultra Protocol processor control card for BRAS CHAP Challenge Handshake Authentication Protocol CIDR Classless Inter Domain Routing COS Class of Service CRC Cyclic Redundancy Check abbreviation English full name CSN Cryptographic Sequence Number DDN Digit Data Network DNS Domain Name ...

Страница 39: ... Protocol Label Switch MTU Maximum Transmission Unit NIC Network Information Center NLRI Network Layer Reachable Information NMS Network Management System OID Object ID OSI Open Systems Interconnection OSPF Open Shortest Path First PAP Passwork Authentication Protocol PCB Process Control Block POS Packet over SDH PPP Point to Point Protocol PRT Process Registry Table QOS Quality of Service RFC Req...

Страница 40: ...Confidential Proprietary TELNET Telecommunication Network Protocol TTL Time To Live UDP User Datagram Protocol VLSM Variable Length Subnet Mask VPLS Virtual Private Lan Service VPN Virtual Private Network VPWS Virtual Private Wire Service WAN Wide Area Network WWW World Wide Web ...

Отзывы: