No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade
CX710 Switch Module V100R001 User Guide 12

This document describes the CX710 40GE converged switch module of the E9000 server in terms of its features, installation, removal, and configuration.

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Functions

Functions

This topic describes the CX710 switch module (CX710) in terms of the functions, protocols, and ports.

The CX710 is the switching control unit that provides data switching for server blades and provides external service and management ports in a centralized manner.

The CX710 is installed in a rear slot of the E9000 chassis. Through the E9000 chassis midplane, the CX710 is connected to the compute nodes and management modules to implement switching for internal data packets and management packets, providing high-speed data transmission for users.

Table 2-1 40GE converged switching plane function description

Function

Description

Ethernet features

Ethernet

  • Operating modes of full-duplex and auto-negotiation
  • Ethernet ports support: 10GE, 40GE.
NOTE:
  • Ports connecting to compute nodes support dynamic configuration of 40GE/10GE.
  • 40GE optical ports on the panel support multi-mode optical cables, single-mode optical cables, and passive cables. Each 40GE optical port can be divided into four 10GE optical ports.
  • Port traffic control
  • Jumbo frames
  • Link aggregation
  • Load balancing among links within a trunk
  • Interface isolation and forwarding restrictions
  • 40G port splitting (Versions earlier than 6.03 support dynamic splitting. Version 6.03 and later do not support dynamic splitting. Splitting takes effect only after board restart.)
  • Protocol-based packet statistics on a port (supported by version 6.03 and later)
  • Broadcast storm suppression

Virtual Local Area Network (VLAN)

  • Access modes of access, trunk, and hybrid
  • VLAN assignment: port-based, MAC address-based, IP subnet-based VLAN assignment
  • VLAN aggregation
  • Multiplex VLAN (MUX VLAN)
  • Transparent Transmission of Protocol Packets in a VLAN
  • Batch VLAN configuration (supported by version 6.03 and later)

802.1Q in 802.1Q (QinQ)

  • Basic QinQ
  • Selective QinQ

GARP VLAN Registration Protocol (GVRP) (supported by version 6.03 and later)

  • Support for GVRP

VLAN Mapping

  • 1 to 1 VLAN mapping
  • 2 to 1 VLAN mapping
  • 2 to 2 VLAN mapping

Media Access Control (MAC)

  • Secure MAC addresses
  • Automatic learning and aging of MAC addresses
  • Static, dynamic, and blackhole MAC address entries
  • Packet filtering based on source MAC addresses
  • Interface-based MAC learning limits

Link Layer Discovery Protocol (LLDP)

Support for LLDP

Ethernet loop protection

Multiple Spanning Tree Protocol (MSTP)

  • Spanning Tree Protocol (STP)
  • Rapid Spanning Tree Protocol (RSTP)
  • MSTP
  • VLAN-based Spanning Tree (VBST) (supported by version 6.03 and later)
  • Bridge protocol data unit (BPDU) protection, root protection, and loop protection
  • Partitioned STP and Layer 2 protocol transparent transmission

Ethernet Ring Protection Switching (ERPS) (supported by version 6.03 and later)

  • G.8032v1 and G.8032v2

IP features

Address Resolution Protocol (ARP)

  • Static and dynamic ARP entries
  • ARP in a VLAN
  • Aging of ARP entries
  • ARP and Reverse Address Resolution Protocol (RARP)
  • ARP proxy
  • Auto-detection
  • ARP-Ping (supported by version 6.03 and later)
  • ARP gateway anti-collision (supported by version 6.03 and later)

IPv6

  • IPv4/IPv6 dual-stack
  • Neighbor Discovery (ND)
  • IPv6 over IPv4 Manual Tunnel
  • IPv6 over IPv4 Generic Routing Encapsulation (GRE) Tunnel
  • 6to4 Tunnel

Dynamic Host Configuration Protocol (DHCP)

  • DHCP server
  • DHCP snooping
  • DHCP relay
  • DHCPv6 Relay

IP forwarding

Unicast routing features

  • IPv4/IPv6 static routing
  • Routing Information Protocol version 1 (RIP-1), RIP-2, and RIP next generation (RIPng)
  • Open Shortest Path First (OSPF), including OSPFv2 and OSPFv3
  • Intermediate System to Intermediate System (IS-IS)
  • Border Gateway Protocol 4.0 (BGP4) and Border Gateway Protocol for IPv6 (BGP4+)
  • Routing protocol
  • Policy-based routing
  • Unicast Reverse Path Forwarding (URPF) check

Multiprotocol Label Switching (MPLS) features (supported by version 6.03 and later)

  • Label Distribution Protocol (LDP)
  • MPLS QoS: Uniform, Pipe, and Short Pipe

Virtual Private Network (VPN) features

  • Multi-VPN-Instance CE (MCE) and IPv6 MCE
  • GRE Tunnel

Multicast routing features

  • Internet Group Management Protocol version 1/2/3 (IGMPv1/v2/v3)
  • Protocol Independent Multicast - Sparse Mode (PIM-SM) for IPv4 and IPv6
  • Protocol Independent Multicast Source-Specific Multicast (PIM-SSM) for IPv4 and IPv6
  • Multicast Listener Discovery version 1 and 2 (MLDv1 and MLDv2)
  • MLD Source-Specific Multicast (SSM) Mapping
  • Multiprotocol BGP (MBGP)
  • Multicast Source Discovery Protocol (MSDP)
  • Multicast routing policies
  • Reverse Path Forwarding (RPF)
  • Bidirectional PIM (IPv4) and Bidirectional PIM (IPv6)

Device reliability

Bidirectional Forwarding Detection (BFD)

  • BFD (IPv4) and BFD (IPv6)
  • Association between BFD and Eth-Trunk
  • Association between BFD and OSPF
  • Association between BFD and OSPFv3
  • Association between BFD and IS-IS
  • Association between BFD and IS-IS IPv6
  • Association between BFD and BGP
  • Association between BFD and BGP4+
  • Association between BFD and PIM (IPv4)
  • Association between BFD and PIM (IPv6)
  • Association between BFD and static routing (IPv4)
  • Association between BFD and static routing (IPv6)
  • Association between BFD and Virtual Router Redundancy Protocol (VRRP)
  • Association between BFD and VRRP6

Others

  • Virtual Router Redundancy Protocol (VRRP) and VRRP6
  • Device Link Detection Protocol (DLDP)
  • Smart Link
  • Smart Channel
  • Ethernet in the First Mile (EFM), defined in 802.3ah

Layer 2 multicast features

Layer 2 multicast features

  • IGMP snooping
  • IGMP proxy
  • Fast leave
  • Multicast traffic control
  • Multicast VLAN

Quality of Service (QoS) features

Traffic classification

  • Traffic classification based on combination of the L2 protocol header, IP 5-tuple, outbound interface, and 802.1p priority
  • Traffic classification based on the C-VID and C-PRI of QinQ packets
  • Matching internal packet information encapsulated in a GRE tunnel (supported by version 6.03 and later)
  • Matching internal packet information encapsulated in a TRILL tunnel (supported by version 6.03 and later)
  • Matching internal packet information encapsulated in an MPLS or Virtual Extensible LAN (VXLAN) tunnel (supported by version 6.03 and later)

Traffic behavior

  • Access control after traffic classification
  • Traffic policing based on traffic classifiers
  • Re-marking based on the traffic classification result
  • Class-based packet queuing
  • Association between traffic classifiers and traffic behavior (actions)

Priority mapping (supported by version 6.03 and later)

  • Mappings from 802.1p priorities to PHBs and colors
  • Mappings from PHBs and colors to 802.1p priorities
  • Mappings from DSCP priorities to PHBs and colors
  • Mappings from PHBs and colors to DSCP priorities
  • Mappings from MPLS EXP priorities to PHBs and colors

Queue scheduling

  • Priority queuing (PQ) scheduling
  • Deficit round robin (DRR) scheduling
  • PQ+DRR scheduling
  • Weighted round robin (WRR) scheduling
  • PQ+WRR scheduling

Congestion avoidance

Weighted Random Early Detection (WRED)

Rate limiting on outbound interfaces

Rate limiting on outbound interfaces

ACL-based simplified traffic policy (supported by version 6.03 and later)

  • ACL-based packet filtering
  • ACL-based redirection
  • ACL-based traffic statistics

Virtualization

Many-to-one virtualization

  • Intelligent Stack (iStack)
  • Stack split and merge
  • Dual-active detection
  • Version and configuration synchronization

Data center features

Transparent Interconnection of Lots of Links (TRILL)

  • TRILL features
  • TRILL Non-Stop Routing (NSR)
  • TRILL Equal-Cost Multi-Path (ECMP)
  • IGMP over TRILL
  • TRILL multi-homing active-active

Data Center Bridging (DCB)

  • Data Center Bridging Exchange Protocol (DCBX)
  • Priority-based Flow Control (PFC)
  • Enhanced Transmission Selection (ETS)

Fibre Channel over Ethernet (FCoE)

  • FCoE Initialization Protocol Snooping Bridge (FSB)
  • FCoE Forwarder (FCF) (supported by version 6.03 and later)
  • N Port Virtualization (NPV) (supported by version 6.03 and later)

VXLAN (supported by version 6.03 and later)

  • Manual configuration of VXLAN tunnels
  • Dynamic configuration of VXLAN tunnels through Ethernet VPN (EVPN) BGP.

Network Load Balancing (NLB) server cluster

Network Load Balancing (NLB) server cluster

  • Association between virtual IP addresses of NLBs and multicast MAC addresses
  • Association between one multicast MAC address and multiple outbound interfaces

Forwarding mode based on Virtual Ethernet Port Aggregator (VEPA)

Forwarding mode based on VEPA

Configuration and maintenance

Terminal service

  • Configuration using command lines
  • Error messages and online help in English and Chinese
  • Login through console and Telnet terminals
  • Send function and data communications between terminal users

File system

  • Directory and file management
  • File upload and download using File Transfer Protocol (FTP), Trivial File Transfer Protocol (TFTP) and Secure File Transfer Protocol (SFTP)

Debugging and maintenance

  • Unified management of logs, alarms, and debugging information
  • Electronic labels
  • User operation logs
  • Detailed debugging information for network fault diagnosis
  • Network test tools such as tracert and ping commands
  • Port mirroring and traffic mirroring

Version upgrade

  • Device software loading and in-service software loading
  • In-service upgrade using the basic input/output system (BIOS) menu
  • In-service patching
NOTE:

To ensure secure service application, periodically upgrade the switch module software version.

Security and management

System security

  • Hierarchical command-line protection based on user levels, preventing unauthorized users from using commands to access switch modules
  • Secure Shell (SSH)
  • Remote Authentication Dial-In User Service (RADIUS) authentication over IPv4 or IPv6 for login users
  • Huawei Terminal Access Controller Access Control System (HWTACACS) authentication over IPv4 or IPv6 for login users
  • Access control list (ACL) filtering
  • Dynamic ARP inspection (DAI)
  • DHCP packet filtering (appending the Option 82 field)
  • Defense against control packet attacks
  • Attack defense
    • Defense against attacks of source address spoofing, LAND, SYN flood (TCP SYN), smurf, ping flood (Internet Control Message Protocol Echo), teardrop, and ping of death
    • Defense against flood attacks where IP packets carry no payloads, malformed IGMP packet attacks, and TCP flag attacks (supported by version 6.03 and later)
    • Defense against excess-fragment attacks, huge-offset attacks, repeated fragmented packet attacks, SYNdrop attacks, NewTear attacks, Bonk attacks, Nesta attacks, Rose attacks, Fawx attacks, and Jolt attacks (supported by version 6.03 and later)
    • Defense against UDP flood attacks, including fraggle attacks and UDP diagnosis port attacks (supported by version 6.03 and later)
  • Logs about attacking MAC addresses
  • Unicast reverse path forwarding (URPF) (supported by version 6.03 and later)
  • 802.1X authentication (supported by version 6.03 and later)

Network management

  • Internet Control Message Protocol (ICMP)-based ping and tracert
  • Simple Network Management Protocol version 1/2c/3 (SNMPv1/v2c/v3)
  • Standard management information base (MIB)
  • Remote network monitoring (RMON)
  • NetStream, with output statistics packets in the V5, V8, or V9 format
  • sFlow
  • Network quality analysis (NQA)
  • NETCONF interfaces (supported by version 6.03 and later)
Translation
Download
Updated: 2019-12-04

Document ID: EDOC1000069172

Views: 31817

Downloads: 463

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Share
Previous Next