Product Characteristics
The S9300&S9300E series switches are used to access, aggregate, and transmit services across a MAN. The switches provide line-rate Fast Ethernet (FE), Gigabit Ethernet (GE), 10GE, 40GE, and 100GE interfaces. They can be deployed in enterprise networks and data centers, providing high-density interfaces and extensive value-added services (VASs).
100GE interfaces are available in V200R008C00 and later versions.
The S9300&S9300E come in the following models: S9303, S9306, S9310, S9312 and S9303E, S9306E, and S9312E. The S9303/S9303E, S9306/S9306E, S9310, and S9312/S9312E support a maximum of 3, 6, 10, and 12 line processing units (LPUs), respectively.
Using Huawei's Versatile Routing Platform (VRP) operating system and hardware-based forwarding and non-blocking data switching technology, the S9300&S9300E series switches provide carrier-grade reliability, line-rate forwarding capability, Quality of Service (QoS), service processing capabilities, and scalability. The S9300 provides extensive value-added service features, including firewall, Network Address Translation (NAT), network traffic analysis, IPSec VPN, load balancing, and WLAN AC.
V200R003C00 and later versions do not provide the WLAN AC function.
V200R009C00 and later versions do not provide the firewall, Network Address Translation (NAT), network traffic analysis, IPSec VPN, or load balancing function.
The release in Russia does not provide IPSec VPN.
In addition, the S9300&S9300E series switches have versatile network access capabilities in Layer 2 switching and Ethernet over MultiProtocol Label Switching (EoMPLS) services, and support IP services, broadband access, triple play, IP leased line, and VPN services. S9300&S9300E series switches also work together with other S series switches as well as Huawei NE80E, NE40E, ME60, and MA5200G to set up hierarchical metro Ethernet networks.
Extensibility
Service extensibility: The SRU supports FSUA, which allows for future service development.
Power supply: For the S9300&S9300E, the maximum power of AC power supply modules is 2200 W, and the maximum power of DC power supply modules is 2400 W.
Three types of PoE power supply modules are available: 800 W, 2200 W AC, and 2200 W DC.
The S9310 and S9300E series switches do not support PoE function.
Powerful Forwarding Capabilities
On the S9300&S9300E, the hardware carries out two-level packet replication when forwarding multicast packets. That is, the SFU replicates multicast packets to the LPU, and the LPU's forwarding engine replicates the multicast packets to its interfaces.
Functions and Features
- The S9300&S9300E series switches provide the following Layer 2 service features:
VLAN
Generic Attribute Registration Protocol (GARP)/Generic VLAN Registration Protocol (GVRP)
Selective QinQ
RRPP
Smart Ethernet Protection (SEP)
Smart Link
ERPS (Ethernet Ring Protection Switching)
STP, RSTP, and MSTP
Link aggregation
DHCP snooping
IGMP snooping
IPv6 ND snooping
MLD snooping
Ethernet OAM
The S9300&S9300E series switches provide the following IP services:
IPv4 unicast routing protocols, including Routing Information Protocol (RIP), Open Shortest Path First (OSPFv2), Intermediate System-to-Intermediate System (IS-IS), Border Gateway Protocol (BGP), and Multiprotocol Border Gateway Protocol (MBGP)
IPv6 unicast routing protocols, including RIPng, OSPFv3, ISISv6, and BGP4+
Multicast routing protocols, including IGMP, MLD, Multicast Source Discovery Protocol (MSDP), multicast VPN, PIM-DM, and PIM-SM
VRRP
DHCP relay, DHCP server, and Option82
Distributed and integrated NetStream
Various IPv6 features
- IPv6 Neighbor Discovery (ND)
- Path MTU discovery
- TCP6, ping IPv6, tracert IPv6, socket IPv6, UDP6, and Raw IP6
- TFTP IPv6 client
- IPv6 policy-based routing
- DHCPv6 snooping and MLDv1/v2 snooping
- ND snooping
The S9300&S9300E series switches provide the following MPLS features:
MPLS forwarding
LDP
MPLS-TE
MPLS-OAM
The S9300&S9300E series switches provide the following VPN features:
VPLS
VLL
BGP/MPLS IP VPN
The S9300&S9300E series switches provide the following mobile features:
Stratum-3 clock
Ethernet clock synchronization
1588v2
The S9300&S9300E series switches provide rich value-added services:
Portal authentication, 802.1X authentication, and MAC address authentication (the S9300&S9300E series switches function as the network access device)
PoE
Service distribution
Firewall/NAT
Load balancing
IPSec VPN
Security Design
The S9300&S9300E series switches use a distributed structure, guaranteeing the separation between the data plane and the control plane. This provides users with industry-grade security performance.
The S9300&S9300E series switches provide the following security features:
Three user authentication modes: local authentication, Remote Authentication Dial in User Service (RADIUS) authentication, and Huawei Terminal Access Controller Access Control System (HWTACACS) authentication.
Hardware-based packet filtering and sampling, which guarantees high performance and high scalability
Multiple authentication methods for upper-layer routing protocols such as OSPF, IS-IS, RIP, and BGP-4
ACL on forwarding plane and control plane
Anti-attack features: The blacklist and CAR functions of the S9300&S9300E limit which packets can be sent to the CPU.
Port security
URPF
DHCP snooping and DHCP snooping over VPLS
MAC limit and MAC Forced Forwarding (MFF)
IP source trail, ARP attack defense, ICMP attack defense, and broadcast traffic suppression
Blacklist and attack trace: The S9300&S9300E series switches filter out blacklisted user traffic and display attackers' physical interfaces and VLAN IDs.
Whitelist: The S9300&S9300E series switches use a user whitelist to provide a high-priority channel for protocol packets transmitted to the CPU.
Carrier-Class Reliability
Using a single monitoring unit, the S9300&S9300E series switches manage and maintain the entire system. The monitoring unit manages, monitors, and maintains the cards, fans, and power modules.
The S9300&S9300E series switches comply with Electro Magnetic Compatibility (EMC) standards, and its modular design implements electromagnetic shield between cards.
The S9300&S9300E series switches meet carrier-class and high-end device reliability requirements. The S9300&S9300E series switches provide the following reliability features.
Item |
Description |
|
|---|---|---|
System protection |
The cards, power modules, and fans are hot swappable. |
|
The monitoring unit is totally independent from the service system. |
||
The system can operate normally for 96 hours after a single fan fails. |
||
The MPUs work in 1+1 backup mode. |
||
The S9300&S9300E series switches support AC/DC power supply modules. For details about power supply configuration of the S9300&S9300E, see Hardware Description - Chassis. |
||
Key components such as the clocks and management buses work in backup mode. |
||
Protection against system abnormalities |
The system can restart automatically and recover data when abnormalities occur. |
|
The system resets cards when abnormalities occur and resumes the cards' work. |
||
The system automatically restores interface configurations. |
||
The system provides protection against over-current and over-voltage for power modules and interfaces. |
||
The system provides protection against mis-insertion of cards. |
||
Power alarm monitoring |
The system provides alarm prompt, alarm indication, running status query, and alarm status query. |
|
Voltage and environment temperature monitoring |
||
Reliability design |
The system uses distributed hardware-based forwarding. |
|
The control channel is independent from the service channel, ensuring a non-blocking control channel. |
||
The system provides system and card fault detection, alarm indicators, and an NMS. |
||
Upgrade |
The system supports in-service patching. |
|
The system supports version rollback. |
||
The system supports online BootROM upgrade. |
||
The system supports error checking and correcting (ECC) random access memory (RAM). |
||
Fault tolerance |
Data backup |
The system supports hot backup of data between active and standby units. When the active unit fails, the standby unit automatically takes over data transmission duties to prevent data loss. |
Synchronization configuration |
The system supports synchronization between MPUs and LPUs. |
|
The system can automatically select and boot applications. |
||
The system supports automatic BootROM upgrade and restoration. |
||
The system can back up configuration files to a remote FTP server. |
||
The system provides abnormality monitoring for the system software, automatic restoration, and log recording. |
||
Operation security |
The system provides password protection for system operations. |
|
The system provides hierarchical command protection using configuration of user login and command levels. |
||
The system can lock the terminal using the command line to prevent illegal use. |
||
The system provides operation and confirmation prompts for some commands that may affect system performance. |
||
Operations and maintenance center |
The system uses Huawei's generic integrated NMS platform. |
|
Easy Maintenance
The S9300&S9300E series switches provide the following maintenance features:
The S9300&S9300E series switches support Ethernet OAM, providing point-to-point Ethernet fault management within the first mile of the directly connected user side Ethernet link. The S9300&S9300E series switches support automatic neighbor discovery, link fault monitoring, remote fault notification, and remote loopback configuration as defined in IEEE 802.3ah, and continuity check (CC) fault detection, MAC Ping, and MAC Trace as defined in IEEE 802.1ag. The S9300&S9300E series switches also support Y.1731 delay and jitter measurements.
The S9300&S9300E series switches support MPLS OAM, providing fault detection techniques such as Ping and TraceRoute on MPLS networks.
The S9300&S9300E series switches support 802.1ag, 802.3ah, BFD session status association, and end-to-end OAM.
The S9300&S9300E series switches support traffic statistics based on physical interfaces, VLAN IDs, MPLS LSPs, and ACLs.
- The S9300&S9300E series switches support U2000, which provides the following functions (Since V200R019C10, the switches cannot work with U2000.):
- Device management
- Interface management
- VLAN management
- Multicast management
- MPLS management
- VPN management
- Software upgrading management
- Configuration file management
The S9300&S9300E series switches support different configuration methods such as end-to-end configuration, batch configuration, and configuration wizard. At the same time, they provide corresponding default configuration templates.
The S9300&S9300E series switches support remote maintenance through Telnet.
The S9300&S9300E series switches support hot patch, upgrading only the features that need to be optimized, so services are not interrupted when a patch is being installed.
The S9300&S9300E series switches support version rollback. If a system software upgrade or patch fails, the S9300&S9300E series switches can return to earlier version.