HOME : CONTACT US
 

Ethernet Switches

Quidway S3500-EA Series Ethernet Switches

Overview


Quidway S3500-EA Series Ethernet Switches (the S3500-EA Series) are wire speed L3 multi protocols intelligent switches developed by Huawei Technologies. They are intelligent network management switches intended for a network environment where abundant features, high performance and dense port distribution are required.

The Quidway S3500-EA Series are designed to accommodate the convergence on Intranets and metropolitan area networks (MANs) and to meet the requirements at the access layer. Supporting IPv4/IPv6 double stack, they offer abundant service features and routing functionalities.

The S3500-EA Series Ethernet Switches include the following models: S3528P-EA, S3528F-EA, S3552P-EA and S3552F-EA.

Key Features and Benefits

Comprehensive Support to IPv6 - Protect customer's investment effectively

Based on IPv4/IPv6 double stack, the Quidway S3500-EA Series can support various IPv6 features comprehensively, which makes them adapt well to IPv4-only, IPv6-only and hybrid networks.

Abundant IPv6 routing protocols

Except Neighbor Discovery Protocol(NDP) and Path Maximum Transport Unit(PMTU), the Quidway S3500-EA Series also supports abundant IPv6 routing protocols, mainly including: BGP4+, IS-IS v6, OSPFv3 and RIPng.

IPv6 over IPv4 tunnel

The Quidway S3500-EA Series supports all main IPv6 tunnels, including: 6to4 tunnel, ISATAP tunnel, IPv4 compatible tunnel and manually configured tunnel.

IPv6 multicast

* IGMP Snooping
* IGMPv1/v2/v3
* PIM-DM/SM
* Multicast Source Discovery Protocol
* MLDv1 snooping

IPv6 ACL

The Quidway S3500-EA Series supports traffic classification based on source IPv6 address, destination IPv6 address, Layer 4 port, protocol type, and so on.

* Numeric basic IPv6 ACLs
Rules are defined based on Lay 3 source IPv6 address. The value range for basic IPv6 ACL numbers is 2000 to 2999.

* Numeric advanced IPv6 ACLs
Rules are defined based on L3 source IP address, destination IP address, source port, and destination port. The value range for numeric advanced IPv6 ACL numbers is 3000 to 3999.

VRRPv3

VRRP is a fault-tolerant protocol that can improve the reliability of the connection between a router and an external network by providing a backup mechanism.

VRRP ensures reliability by assigning the routers on a LAN segment to a standby group. In this group, there always exists a Master router to complete the task of virtual router. All other routers in the group serve as Backup to monitor the Master all the time. When the Master fails to work, the Backups will elect a new Master automatically to provide routing services for the hosts on the network segment.

IPv6 applications

The Quidway S3500-EA Series supports a range of IPv6 applications on IPv6 network, such as Ping IPv6, Tracert IPv6, IPv6 telnet and IPv6 TFTP.

Excellent Service Deployment and Guarantee Capability----Boost customer's network usability and security greatly

Strong Multicast Capabilities (supporting IPv4/IPv6 multicast)

Quidway S3500-EA Series supports abundant IPv4 and IPv6 multicast features, including:

* IGMPv3 Snooping
* IGMPv1/v2/v3
* PIM-DM/SM
* Multicast Source Discovery Protocol

Through these features, S3500-EA Series can greatly save customer's network bandwidth and enable customer to deploy a wide range of key network services.

VLAN VPN (QinQ, Selective QinQ)/VLAN Translation Functionalities

VLAN VPN enables VLAN Tags of private networks to be inserted in those of the public networks so that the packets can travel across carrier's network (public network) with double VLAN tag carried. VLAN VPN is also known as QinQ. When a packet of this type travels across the public network, only the outer VLAN Tag (that is, the public network VLAN Tag) is used and that of the private network remains intact.

Compared with MPLS-based L2 VPN, VLAN VPN has the following features:

* It provides simpler L2 VPN tunnels.
* It can be implemented through full-static configuration, without the need of a signaling protocol.

Selective QinQ is also known as VLAN-based QinQ. It determines whether or not an outer VLAN tag is inserted into a packet on the user side. It also determines the outer VLAN tag to be inserted into a packet by the VLAN tag the packet carries.

VLAN Translation, also known as VLAN mapping or VLAN switch, is mainly used in L2 networks. A switch with VLAN translation enabled can translate the VLAN IDs carried in the data packets it receives from private networks into those used in the carrier's network.

On the basis of strong VLAN features, on one hand, Quidway S3500-EA Series is more cost-saving and cost-effective for customer, since based on Quidway S3500-EA Series powerful VLAN features, customer can design and divide their network at random according to their current and future needs without purchasing more network devices. On the other hand, Quidway S3500-EA Series provides customer with great flexibility to deploy various key network applications based on VLAN, such as internet access and Video on Demand, and excellent network expandability for further growth.

Diverse QoS/ACL Functionalities

Quidway S3500-EA Series supports powerful ACL features, including:

* Numeric basic ACLs
Rules are defined based on L3 source IP address only. The value range for numeric basic ACL numbers is 2000 to 2999.

* Numeric advanced ACLs
Rules are defined based on L3 source IP address, destination IP address, source port, and destination port. The value range for numeric advanced ACL numbers is 3000 to 3999.

* Numeric L2 ACLs
Rules are defined based on protocol type, 802.1p priority, source MAC address, and destination MAC address. The value range for numeric L2 ACL numbers is 4000 to 4999.

* Numeric user-defined ACLs
A user-defined ACL performs a match on any byte of the first 80 bytes in a L2 data packet and then the packet is processed accordingly. The value range for numeric user-defined ACL numbers is 5000 to 5999.

Quidway S3500-EA Series supports the following two types of ACL flow templates:

* User-defined flow templates, which are used to in combination to implement user-defined ACLs.
* Default flow templates, which contain basic fields except user-defined ACLs.

Through these ACLs, Quidway S3500-EA Series can screen a wide range of invalid and vicious accesses to protected customer's network and greatly enhancing customer's networks security.

Quidway S3500-EA Series Ethernet Switches support diverse QoS features, including:

* Flow-based traffic rate limit
By issuing the corresponding command, Customer can configure a flow-based traffic rate limit that limits the mean rate, peak rate, burst size, maximum burst size, priority of traffic not exceeding the threshold, and the priority of excessive traffic of a specific flow. This prevents a data flow from occupying all system bandwidth, thus avoiding data flow congestion.

* Flow-based priority tag
This feature enables the switch to automatically set IP priority, differentiated services code point (DSCP) priority, 802.1P priority, and discard priority for the data based on the type of flow entering the port, so that a specific type of data is processed in preference to others.

* Flow-based packet VLAN ID change
Customer can configure the switch to change the VLAN ID of the specified type of incoming data packets, so as to implement VLAN-based packet redirection.

* Flow-based redirection of packets to another port or IP next hop
This feature enables the switch to redirect incoming packets to another port or IP next hop based on the flow type of these packets. The S3500 series supports packet redirection to IPv4 next hop and IPv6 next hop.

* Flow-based traffic statistics
The switch can implement the traffic statistics feature on a port to take statistics of the specified type of incoming/outgoing flows that exceed or do not exceed the traffic limit.

* Flow-based traffic mirroring
Customer can configure the switch to mirror the specified type of traffic to another port so that Customer can monitor and manage the data on the network by using a traffic monitoring tool.

* Port-based queue scheduling
Queue scheduling addresses the resource contention when the switch forwards multiple packets. There are three queue scheduling algorithms: Strict Priority (SP) and Weighted Round Robin (WRR). Algorithms forward the packets in the egress queues in their own principles.

* Port mirroring and RSPAN
Port mirroring is used to copy the data on the monitored port to the specified monitoring port for data analysis and monitoring.
Remote switched port analyzer (RSPAN) implements remote port mirroring. It allows the mirrored port and the mirroring port to be configured on different switches.

* Port-based and queue-based traffic shaping
Traffic shaping is used to control traffic output rate so that packets are output at an even rate.

* Port-based congestion avoidance
When congestion occurs, the switch releases queue resources by dropping packets, while avoiding putting packets in high-delay queues, thereby eliminating the congestion.

High Security and Reliability -Guarantee customer's network security and stability highly

Quidway S3500-EA Series provides overall measures to meet customer's requirements for security, mainly including:

* Hierarchical management and password protection of users: S3500-EA Series divides command lines into four levels: visitor, monitor, operator, and administrator, in ascending order, which ensure that different users get only their designated privileges.

* IEEE 802.1X compliant access user authentication enables the network access server (NAS) on a LAN authenticate and control the connected customer premises equipment (CPE) at the port level. In implementing 802.1X, the S3500-EA Series not only supports the port-based access authentication, but also extends and optimizes it by:

a) Allowing a physical port to be connected to several terminals
b) Supporting access control (namely, user authentication) based on MAC address in addition to port
c) Binding the MAC address and IP address of an authenticated user host to a VLAN

This greatly enhances the security, operability and manageability of the system.

* AAA and RADIUS authentication

* HWTacacs+: primarily implements AAA for multiple types of users in the server/client mode. It can be used to authenticate, authorize, and account PPP and VPDN access users and login users.

Besides, HWTacacs implements more reliable transmission and encryption than RADIUS and therefore is more suitable for security control.

* MAC-based centralized authentication maintains a table of user MAC addresses. Upon detecting a new user (by examining the source MAC address of the packets), the switch enabled with this function carries the MAC address as the username and password for authenticating the new user. If a match is found, the MAC address is added to the corresponding port. This means the user is authenticated. If no match is found, the packet is discarded and user authentication fails.

* Port isolation means isolation of the ports of a switch so that packets cannot be forwarded between a port and another port (or another group of ports). This prevents visiting between the ports, secures user network, and allows a low-cost intelligent community network to be built while effectively controlling unnecessary broadcasting and increasing the network throughput.


* IP + MAC + port binding
Customer can configure IPv4 addresses, MAC addresses, and port binding on the S3500 series. If the IP address or MAC address bound to a port is changed, no packet with that MAC address or IP address can be forwarded through the port.

* VRPP: VRRP is a fault-tolerant protocol that can improve the reliability of the connection between a router and an external network. VRRP ensures reliability by assigning the routers on a LAN segment to a standby group. In this group, there always exists a Master router to complete the task of virtual router. All other routers in the group serve as Backup to monitor the Master all the time. When the Master fails to work, the Backups will elect a new Master automatically to provide routing services for the hosts on the network segment.

S3500-EA Series supports both VRPP v2 and v3, which are based on IPv4 and IPv6 respectively.

* Two power supply modules: allows for power load balancing and redundant backup.

100M Downlink Access and 1,000M Uplink Access and Hardware Forwarding----Improve customer's network performance greatly

The Quidway S3500-EA Series provides 100 M downlink access up to 52 and 1,000 Mbps uplink access up to 4, which guarantee sufficient access bandwidth and service quality of bandwidth-intensive and time-sensitive network applications.

In addition, Quidway S3500-EA Series also supports hardware forwarding, which breaks through the bottle-neck of performance and thus greatly improving customer's network performance.

Superior Manageability and Maintainability----Reduce customer deployment and maintenance cost sharply

The Quidway S3500-EA Series provides various simple and effective methods to facilitate customer to manage and maintain network.

* Supporting SNMP: Simple Network Management Protocol (SNMP) is currently the most widely used network management protocol. It adopts a polling mechanism and offers an underlying function set, which is suitable for a networking environment requiring a small size, high speed, and low cost.

* Supporting RMON: RMON is implemented on the basis of the SNMP architecture and compatible with the current SNMP framework, requiring no modification to the protocol. RMON enables SNMP to monitor remote network devices more effective and actively. This provides a means of high-efficient monitoring of subnet operation. Additionally, RMON can also reduce the traffic between the network management station and agents, thereby allowing for simple and yet powerful management of large-scale internets.

* Supporting HGMPv2:
HGMPv2 has the following advantages:

a) It simplifies configuration and management.
b) It enables topology discovery and display, which facilitates network monitoring and debugging.
c) It allows customer to upgrade software and configure parameters on multiple switches at the same time.
d) It does not depend on network topology or distance.
e) It saves IP address.

* Supporting Virtual Cable Test (VCT): With this way, Customer can conveniently test whether a cable is short circuited or open and test the length of faulty portion of the cable, so as to locate the network fault.

* Supporting Secure Shell (SSH): SSH offers security protection and powerful authentication function to safeguard the router from attacks such as IP address spoofing and plain text cipher interception when a user logs in to a router from an insecure network.

In addition, S3500-EA Series also supports Network Time Protocol (NTP), Debug Information Output, Ping and Tracert Command, NQA. These ways provide powerful support to customer to administrate and monitor network, as well to facilitate customer to diagnose network fault quickly and conveniently.

 
 
 
People
Technologies
Experiences
Client success
NE Routers
AR Routers
Multi-service Control Gateway
Ethernet Switches

  Ethernet Switches
@ 2019, Slan Technologies. All Rights Reserved. Terms & Conditions | Privacy Statement | Sitemap