No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

S9300 and S9300E Series Switches Product Description

This document describes the positioning, characteristics, architecture, link features, service features, application scenarios, operation and maintenance functions, and technical specifications of the switch.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Product Characteristics

Product Characteristics

The S9300&S9300E series switches are used to access, aggregate, and transmit services across a MAN. The switches provide line-rate Fast Ethernet (FE), Gigabit Ethernet (GE), 10GE, 40GE, and 100GE interfaces. They can be deployed in enterprise networks and data centers, providing high-density interfaces and extensive value-added services (VASs).

NOTE:

100GE interfaces are available in V200R008C00 and later versions.

The S9300&S9300E come in the following models: S9303, S9306, S9310, S9312 and S9303E, S9306E, and S9312E. The S9303/S9303E, S9306/S9306E, S9310, and S9312/S9312E support a maximum of 3, 6, 10, and 12 line processing units (LPUs), respectively.

Using Huawei's Versatile Routing Platform (VRP) operating system and hardware-based forwarding and non-blocking data switching technology, the S9300&S9300E series switches provide carrier-grade reliability, line-rate forwarding capability, Quality of Service (QoS), service processing capabilities, and scalability. The S9300 provides extensive value-added service features, including firewall, Network Address Translation (NAT), network traffic analysis, IPSec VPN, load balancing, and WLAN AC.

NOTE:

The release in Russia does not provide IPSec VPN.

V200R003C00 and later versions do not provide the WLAN AC function.

V200R009C00 and later versions do not provide the firewall, Network Address Translation (NAT), network traffic analysis, IPSec VPN, or load balancing function.

In addition, the S9300&S9300E series switches have versatile network access capabilities in Layer 2 switching and Ethernet over MultiProtocol Label Switching (EoMPLS) services, and support IP services, broadband access, triple play, IP leased line, and VPN services. S9300&S9300E series switches also work together with other S series switches as well as Huawei NE80E, NE40E, ME60, and MA5200G to set up hierarchical metro Ethernet networks.

Extensibility

System extensibility includes:
  • Service extensibility: The SRU supports FSUA, which allows for future service development.

  • Power supply: For the S9300&S9300E, the maximum power of AC power supply modules is 2200 W, and the maximum power of DC power supply modules is 2400 W.

    Three types of PoE power supply modules are available: 800 W, 2200 W AC, and 2200 W DC.

    NOTE:

    The S9310 and S9300E series switches do not support PoE function.

Powerful Forwarding Capabilities

On the S9300&S9300E, the hardware carries out two-level packet replication when forwarding multicast packets. That is, the SFU replicates multicast packets to the LPU, and the LPU's forwarding engine replicates the multicast packets to its interfaces.

Functions and Features

  • The S9300&S9300E series switches provide the following Layer 2 service features:
    • VLAN

    • Generic Attribute Registration Protocol (GARP)/Generic VLAN Registration Protocol (GVRP)

    • Selective QinQ

    • RRPP

    • Smart Ethernet Protection (SEP)

    • Smart Link

    • ERPS (Ethernet Ring Protection Switching)

    • STP, RSTP, and MSTP

    • Link aggregation

    • DHCP snooping

    • IGMP snooping

    • IPv6 ND snooping

    • MLD snooping

    • Ethernet OAM

  • The S9300&S9300E series switches provide the following IP services:

    • IPv4 unicast routing protocols, including Routing Information Protocol (RIP), Open Shortest Path First (OSPFv2), Intermediate System-to-Intermediate System (IS-IS), Border Gateway Protocol (BGP), and Multiprotocol Border Gateway Protocol (MBGP)

    • IPv6 unicast routing protocols, including RIPng, OSPFv3, ISISv6, and BGP4+

    • Multicast routing protocols, including IGMP, MLD, Multicast Source Discovery Protocol (MSDP), multicast VPN, PIM-DM, and PIM-SM

    • VRRP

    • DHCP relay, DHCP server, and Option82

    • Distributed and integrated NetStream

    • Various IPv6 features

      • IPv6 Neighbor Discovery (ND)
      • Path MTU discovery
      • TCP6, ping IPv6, tracert IPv6, socket IPv6, UDP6, and Raw IP6
      • TFTP IPv6 client
      • IPv6 policy-based routing
      • DHCPv6 snooping and MLDv1/v2 snooping
      • ND snooping
  • The S9300&S9300E series switches provide the following MPLS features:

    • MPLS forwarding

    • LDP

    • MPLS-TE

    • MPLS-OAM

  • The S9300&S9300E series switches provide the following VPN features:

    • VPLS

    • VLL

    • BGP/MPLS IP VPN

  • The S9300&S9300E series switches provide the following mobile features:

    • Stratum-3 clock

    • Ethernet clock synchronization

    • 1588v2

  • The S9300&S9300E series switches provide rich value-added services:

    • Portal authentication, 802.1X authentication, and MAC address authentication (the S9300&S9300E series switches function as the network access device)

    • PoE

    • Service distribution

  • Firewall/NAT

  • Load balancing

  • IPSec VPN

Security Design

The S9300&S9300E series switches use a distributed structure, guaranteeing the separation between the data plane and the control plane. This provides users with industry-grade security performance.

The S9300&S9300E series switches provide the following security features:

  • Three user authentication modes: local authentication, Remote Authentication Dial in User Service (RADIUS) authentication, and Huawei Terminal Access Controller Access Control System (HWTACACS) authentication.

  • Hardware-based packet filtering and sampling, which guarantees high performance and high scalability

  • Multiple authentication methods including plain text authentication and Message Digest 5 (MD5) for upper-layer routing protocols such as OSPF, IS-IS, RIP, and BGP-4

  • ACL on forwarding plane and control plane

  • Anti-attack features: The blacklist and CAR functions of the S9300&S9300E limit which packets can be sent to the CPU.

  • Port security

  • URPF

  • DHCP snooping and DHCP snooping over VPLS

  • MAC limit and MAC Forced Forwarding (MFF)

  • IP source trail, ARP attack defense, ICMP attack defense, and broadcast traffic suppression

  • Blacklist and attack trace: The S9300&S9300E series switches filter out blacklisted user traffic and display attackers' physical interfaces and VLAN IDs.

  • Whitelist: The S9300&S9300E series switches use a user whitelist to provide a high-priority channel for protocol packets transmitted to the CPU.

Carrier-Class Reliability

Using a single monitoring unit, the S9300&S9300E series switches manage and maintain the entire system. The monitoring unit manages, monitors, and maintains the cards, fans, and power modules.

The S9300&S9300E series switches comply with Electro Magnetic Compatibility (EMC) standards, and its modular design implements electromagnetic shield between cards.

The S9300&S9300E series switches meet carrier-class and high-end device reliability requirements. The S9300&S9300E series switches provide the following reliability features.

Table 2-1  Carrier-class reliability features

Item

Description

System protection

The cards, power modules, and fans are hot swappable.

The monitoring unit is totally independent from the service system.

The system can operate normally for 96 hours after a single fan fails.

The MPUs work in 1+1 backup mode.

The S9300&S9300E series switches support AC/DC power supply modules. For details about power supply configuration of the S9300&S9300E, see S9300 and S9300E Series Switches Hardware Description - Chassis.

Key components such as the clocks and management buses work in backup mode.

Protection against system abnormalities

The system can restart automatically and recover data when abnormalities occur.

The system resets cards when abnormalities occur and resumes the cards' work.

The system automatically restores interface configurations.

The system provides protection against over-current and over-voltage for power modules and interfaces.

The system provides protection against mis-insertion of cards.

Power alarm monitoring

The system provides alarm prompt, alarm indication, running status query, and alarm status query.

Voltage and environment temperature monitoring

Reliability design

The system uses distributed hardware-based forwarding.

The control channel is independent from the service channel, ensuring a non-blocking control channel.

The system provides system and card fault detection, alarm indicators, and an NMS.

Upgrade

The system supports in-service patching.

The system supports version rollback.

The system supports online BootROM upgrade.

The system supports error checking and correcting (ECC) random access memory (RAM).

Fault tolerance

Data backup

The system supports hot backup of data between active and standby units. When the active unit fails, the standby unit automatically takes over data transmission duties to prevent data loss.

Synchronization configuration

The system supports synchronization between MPUs and LPUs.

The system can automatically select and boot applications.

The system supports automatic BootROM upgrade and restoration.

The system can back up configuration files to a remote FTP server.

The system provides abnormality monitoring for the system software, automatic restoration, and log recording.

Operation security

The system provides password protection for system operations.

The system provides hierarchical command protection using configuration of user login and command levels.

The system can lock the terminal using the command line to prevent illegal use.

The system provides operation and confirmation prompts for some commands that may affect system performance.

Operations and maintenance center

The system uses Huawei's generic integrated NMS platform.

Easy Maintenance

The S9300&S9300E series switches provide the following maintenance features:

  • The S9300&S9300E series switches support Ethernet OAM, providing point-to-point Ethernet fault management within the first mile of the directly connected user side Ethernet link. The S9300&S9300E series switches support automatic neighbor discovery, link fault monitoring, remote fault notification, and remote loopback configuration as defined in IEEE 802.3ah, and continuity check (CC) fault detection, MAC Ping, and MAC Trace as defined in IEEE 802.1ag. The S9300&S9300E series switches also support Y.1731 delay and jitter measurements.

  • The S9300&S9300E series switches support MPLS OAM, providing fault detection techniques such as Ping and TraceRoute on MPLS networks.

  • The S9300&S9300E series switches support 802.1ag, 802.3ah, BFD session status association, and end-to-end OAM.

  • The S9300&S9300E series switches support traffic statistics based on physical interfaces, VLAN IDs, MPLS LSPs, and ACLs.

  • The S9300&S9300E series switches support U2000, which provides the following functions:
    • Device management
    • Interface management
    • VLAN management
    • Multicast management
    • MPLS management
    • VPN management
    • Software upgrading management
    • Configuration file management
  • The S9300&S9300E series switches support different configuration methods such as end-to-end configuration, batch configuration, and configuration wizard. At the same time, they provide corresponding default configuration templates.

  • The S9300&S9300E series switches support remote maintenance through Telnet.

  • The S9300&S9300E series switches support hot patch, upgrading only the features that need to be optimized, so services are not interrupted when a patch is being installed.

  • The S9300&S9300E series switches support version rollback. If a system software upgrade or patch fails, the S9300&S9300E series switches can return to earlier version.

Translation
Download
Updated: 2019-05-16

Document ID: EDOC1000027369

Views: 12517

Downloads: 528

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next