No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.

CX920 Switch Module V100R001 User Guide 09
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).


This topic describes the CX920 switch module (CX920) in terms of the functions, protocols, and ports.

The CX920 is the switching control unit that provides data switching for server blades and provides external service and management ports in a centralized manner. The 10GE and 40GE switching planes are physically isolated from each other and work independently. The 10GE switching plane connects to the LOMs of blades (Currently only the CH121H V3 server supports LOMs). The 40GE switching plane connects to mezzanine card 1 or 2 of blades.

The CX920 is installed in a rear slot of the E9000 chassis. They are usually installed in slots 2X and 3X. If they are installed in slots 1E and 4E, the 10GE switching plane is unavailable. Through the E9000 chassis midplane, the CX920 is connected to the compute nodes, storage nodes, and management modules to implement switching for internal data packets and management packets, providing high-speed data transmission for users.

Table 2-1 describes the functions of the CX920.

Table 2-1 Fabric switching plane function description



Ethernet features


  • Full-duplex and autonegotiation working modes
  • 10GE and 40GE (supported by Ethernet ports)
  • 10GE optical ports support passive cables.
  • 10GE optical ports support multi-mode and single-mode optical modules (GE or 10GE).
  • 10GE optical ports support SFP electrical modules.
  • Ports connected to compute nodes can be dynamically set to 40GE or 10GE.
  • 40GE optical ports on the panel support multi-mode optical cables, single-mode optical cables, and passive cables. Each 40GE optical port can be dynamically divided into four 10GE optical ports.
  • Port traffic control

10GE optical ports do not support traffic control negotiation.

  • Jumbo frames
  • Link aggregation
  • Load balancing among links of a trunk
  • Port isolation and forwarding restriction on ports
  • 40G port splitting
  • Protocol-based packet statistics on a port
  • Broadcast storm suppression
  • M-LAG


  • Multiple access modes: access, trunk, and hybrid
  • Port-based, MAC address-based, and IP subnet-based VLAN assignment
  • VLAN aggregation
  • Transparent transmission of protocol packets in a VLAN
  • Batch configuration of VLANs


  • Basic QinQ
  • Flexible QinQ

VLAN Mapping

  • 1 to 1 VLAN mapping
  • 2 to 1 VLAN mapping
  • 2 to 2 VLAN mapping


GARP VLAN Registration Protocol (GVRP)


  • Sticky MAC
  • Automatic MAC address learning and aging
  • Static, dynamic, and blackhole MAC address entries
  • Filtering based on source MAC addresses
  • Port-based MAC learning limiting

Link Layer Discovery Protocol (LLDP)


Ethernet loop protection

Multiple Spanning Tree Protocol (MSTP)

  • Spanning Tree Protocol (STP)
  • Rapid Spanning Tree Protocol (RSTP)
  • MSTP
  • VBST
  • Bridge protocol data unit (BPDU), root, and loop protection
  • Partitioned STP and layer-2 protocol transparent transmission


G.8032 v1 or v2

IP features

Address Resolution Protocol (ARP)

  • Static and dynamic ARP entries
  • ARP in a VLAN
  • ARP entry aging
  • Gratuitous ARP
  • Proxy ARP
  • ARP-Ping
  • ARP gateway anti-collision


  • IPv4/IPv6 dual-stack
  • Neighbor Discovery (ND)
  • IPv6 over IPv4 manual tunnel
  • IPv6 over IPv4 GRE tunnel
  • 6to4 tunnel

Dynamic Host Configuration Protocol (DHCP)

  • DHCP server
  • DHCP snooping
  • DHCP relay
  • DHCPv6 relay

IP forwarding

Unicast routing

  • IPv4 and IPv6 static routing
  • Routing Information Protocol Version 1/2 (RIP-1/RIP-2) and RIPng
  • OSPFv2 and OSPFv3
  • Intermediate System to Intermediate System (IS-IS)
  • Border Gateway Protocol Version 4 (BGP4) and BGP4+
  • Routing policies
  • Policy-based routing
  • Unicast Reverse Path Forwarding (URPF) check



Only the 40GE switching plane supports this feature.

  • LDP
  • MPLS QoS: Uniform, Pipe, and Short Pipe


  • Multi-VPN-Instance CE (MCE) and IPv6 MCE
  • GRE tunneling

Multicast routing

  • Internet Group Management Protocol Version 1/2/3 (IGMPv1/v2/v3)
  • Protocol Independent Multicast-Sparse Mode PIM-SM(IPv4) and PIM-SM (IPv6)
  • Protocol Independent Multicast Source-Specific Multicast (PIM-SSM) (IPv4) and PIM-SSM (IPv6)
  • MLDv1 and MLDv2
  • MLD SSM mapping
  • Multiprotocol BGP (MBGP)
  • Multicast Source Discovery Protocol (MSDP)
  • Multicast routing policies
  • Reverse Path Forwarding (RPF)
  • Bidirectional PIM (IPv4) and Bidirectional PIM (IPv6)

Device reliability

Bidirectional Forwarding Detection (BFD)

  • BFD (IPv4) and BFD (IPv6)
  • Association between BFD and Eth-Trunk ports
  • Association between BFD and OSPF
  • Association between BFD and OSPFv3
  • Association between BFD and IS-IS
  • Association between BFD and IS-IS IPv6
  • Association between BFD and BGP
  • Association between BFD and BGP4+
  • Association between BFD and PIM (IPv4)
  • Association between BFD and PIM (IPv6)
  • Association between BFD and IPv4 static routing
  • Association between BFD and IPv6 static routing
  • Association between BFD and VRRP
  • Association between BFD and VRRP6


  • Virtual Router Redundancy Protocol (VRRP) and VRRP6
  • DLDP
  • Smart Link
  • Smart Channel
  • EFM (802.3ah)

Layer 2 multicasting feature

Layer 2 multicasting

  • IGMP snooping
  • IGMP Proxy
  • User fast leave mechanism
  • Multicast traffic control
  • Multicast VLAN

QoS features

Traffic classification

  • Traffic classification based on the combination of the L2 protocol header, IP quintuple information, outbound port, and 802.1p priority
  • Traffic classification based on the C-VID and C-PRI of QinQ packets
  • Matching internal packet information encapsulated in a GRE tunnel
  • Matching internal packet information encapsulated in a TRILL tunnel
  • Matching internal packet information encapsulated in an MPLS or VXLAN tunnel (supported by the 40GE switching plane)

Traffic behavior

  • Access control after traffic classification
  • Traffic policing based on traffic classification
  • Re-marking based on the results of traffic classification
  • Class-based packet queuing
  • Association between traffic classification and traffic behavior

Priority mapping


Only the 40GE switching plane supports this feature.

  • Mapping from 802.1p priorities to PHBs and colors
  • Mapping from PHBs and colors to 802.1p priorities
  • Mapping from DSCP to PHBs and colors
  • Mapping from PHBs and colors to DSCP
  • Mapping from EXP priorities to PHBs and colors

Queue scheduling

  • Priority queuing (PQ) scheduling
  • Deficit round robin (DRR) scheduling
  • PQ+DRR scheduling
  • Weighted round robin (WRR) scheduling
  • PQ+WRR scheduling

Congestion avoidance

  • Tail-drop algorithm (supported by the 10GE switching plane)
  • Weighted Random Early Detection (WRED) drop algorithm

Outbound port rate limiting

Outbound port rate limiting

ACL-based simplified traffic policies

  • ACL-based packet filtering
  • ACL-based redirection
  • ACL-based traffic statistics


Many-to-one virtualization

  • Intelligent Stack (iStack)
  • iStack split and merge
  • iStack dual-active detection
  • iStack version and configuration synchronization

Data center features


  • IGMP over TRILL
  • TRILL active-active multi-homing
  • Association between TRILL and MSTP (supported by the 10GE switching plane)
  • TRILL gateway (supported by the 10GE switching plane)


  • Data Center Bridging Exchange Protocol (DCBX)
  • Priority-based Flow Control (PFC)
  • Enhanced Transmission Selection (ETS)


FIP Snooping Bridge (FSB)

  • FCF
  • NPV
  • FSB


  • Manual VXLAN tunnel configuration
  • Dynamic VXLAN tunnel configuration through EVPN BGP

Virtualization awareness


Only the 10GE switching plane supports this feature.

  • Virtualization awareness
  • Automatic deployment of policies
  • Automatic migration of policies
  • NLB cluster association
  • Association between one multicast MAC address and multiple outbound ports

Server cluster


Only the 40GE switching plane supports this feature.

NLB cluster association

  • NLB cluster association
  • Association between one multicast MAC address and multiple outbound ports

VEPA forwarding

Virtual Ethernet Port Aggregator (VEPA)-based traffic forwarding

Configuration and maintenance

Terminal services

  • Command line configuration
  • Prompt and help information in English
  • Terminal services such as Console and Telnet
  • Information sending between terminal users

File systems

  • File systems, file directories, and file management
  • Uploading and downloading files through File Transfer Protocol (FTP), Trivial File Transfer Protocol (TFTP), and Secure File Transfer Protocol (SFTP)

Debugging and maintenance

  • Unified management of logs, alarms, and commissioning information
  • Electronic labels
  • User operation logs
  • Detailed debugging information for network fault diagnosis
  • Network testing tools such as Tracert and Ping
  • Port mirroring and traffic mirroring

Version upgrading

  • Device software loading and online software loading
  • Online upgrade through the basic input/output system (BIOS) menu
  • Online patching

To ensure service security, upgrade the switch module software version regularly.

Security and management

System Security

  • Command line-based hierarchical protection to prevent unauthorized access to switching modules
  • Secure Shell (SSH)
  • RADIUS (IPv4) and RADIUS (IPv6) user login authentication
  • HWTACACS (IPv4) and HWTACACS (IPv6) user login authentication
  • Access control list (ACL) filtering
  • Dynamic ARP inspection (DAI)
  • DHCP packet filtering (with the Option 82 field)
  • Prevention of control packet attacks
  • Attack defense
    • Defense against flood attacks without IP payloads, attacks from IGMP null payload packets, LAND attacks, Smurf attacks, and attacks from packets with invalid TCP flag bits
    • Defense against attacks from many fragments, attacks from many packets with offsets, attacks from repeated packet fragments, Tear Drop attacks, Syndrop attacks, NewTear attacks, Bonk attacks, Nesta attacks, Rose attacks, Fawx attacks, Ping of Death attacks, and Jolt attacks
    • Defense against TCP SYN flood attacks, UDP flood attacks (including Fraggle attacks and UDP diagnosis port attacks), and ICMP flood attacks
  • Logs about attacking MAC addresses
  • URPF
  • 802.1x authentication

Network management

  • ICMP-based Ping and Tracert
  • Simple Network Management Protocol Version 1/2c/3 (SNMPv1/v2c/v3)
  • Standard Management Information Base (MIB)
  • Remote Network Monitoring (RMON)
  • NETCONF interfaces
  • Network Quality Analysis (NQA)
Updated: 2019-12-04

Document ID: EDOC1000170901

Views: 24825

Downloads: 179

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Previous Next