Ethernet
Switches
Quidway S3900 Series
Intelligent and Resilient Switches
Overview
Quidway S3900 Series Ethernet
Switches are a new generation of premier multi-layer
switches that entirely fulfill the enterprise
customers' requirement of designing and implementing
a unified, highly resilient network. One of the
most important and innovative highlights of the
Quidway S3900 Series Ethernet Switches is the
IRF (Intelligent Resilient Framework) technology
which presents the highly efficient advantage
of stackable technology. IRF enables network managers
to build adaptable networks with high-reliability,
scalability and easy management. "Pay as
you go" is the slogan of the Quidway S3900
Series Ethernet Switches.
With flexible software options, the Standard
Software Image (SI) and the Enhanced Software
Image (EI) of the Quidway S3900 Series Switches
offer a cost-effective path for meeting current
and future service requirements from enterprises
and commercial businesses. The SI feature set
includes advanced quality of service (QoS), rate-limiting,
access control lists (ACLs), static and Routing
Information Protocol (RIP) routing, and basic
IRF function (distributed device management and
basic distributed redundant routing), QinQ (VLAN-VPN),
Protocol-Based VLAN and Voice VLAN, SSH V2 (Secure
Shell V2), MVR (Multicast VLAN Registration),
EAD (Endpoint Admission Defense), VCT (Virtual
Cable Test), DLDP (Device Link Detection Protocol)
and HGMP V2 (Huawei group management protocol
V2), GVRP (GARP VLAN Registration Protocol). In
addition to these features, the EI feature set
provides even richer enterprise-class features
such as advanced hardware-based IP unicast, Multicast
routing, and advanced IRF functionality (distributed
device management, distributed resilient routing
and distributed link aggregation), RSPAN (Remote
switched port analyzer), DHCP Server, OSPF (Open
Shortest Path First) and VRRP (Virtual Redundancy
Routing Protocol), HWTACACS, MSDP (Multicast Source
Discovery Protocol).
The Quidway S3900 Series Ethernet Switches include
the following models: S3928P-SI, S3928TP-SI, S3928P-EI,
S3928F-EI, S3928P-PWR-EI, S3952P-SI, S3952P-EI,
and S3952P-PWR-EI.

Features
Full wire-speed and Multi-layer switching
* The Quidway S3900 Series offers L2/L3 wire-speed
switching capability for all ports. The system
offers 4 GE ports to meet one piece of equipment's
requirement for multiple Gigabit uplinks and for
access to the Gigabit server, thereby greatly
increasing savings on equipment investment.
* The hardware supports L3 wire-speed switching,
and is able to identify and process the application
traffic flows from L2~L7.
* All ports have an independent data packet
filter, and distinguish different application
flows for different management and control.
IRF Technology
Intelligent Resilient Framework (IRF) is an innovative
resilient network technology that allows enterprise
customers to design and implement Fast Ethernet
core and aggregation that are adaptable, providing
exceptional reliability, scalability and easy
management. With IRF technology, the Quidway S3900
Series can be interconnected together to behave
as a single logical switching entity called a
Distributed Fabric. From management and configuration
perspectives, the Fabric appears as a single device.
While from a performance perspective, each switch
in the Distributed Fabric can make its own forwarding
decisions, both at Layer 2 and Layer 3 for traffic
that appears on its ports.
* The Quidway S3900 Series supports RMON on
IRF, and customers can collect RMON history and
statistics data of any units from any switch in
the fabric.
* The HGMP V2 on IRF function allows customers
to collect the information about the connection
relations of the devices in a network and candidate
devices, consequently maintaining and managing
the cluster topology.
* The Peer fabric port detection function can
decide whether a device can join an IRF fabric
or not.
* The IRF technology provides: DDM (Distributed
Device Management), DRR (Distributed Resilient
Routing) and DLA (Distributed Link Aggregation).
* Distributed Device Management (DDM)
Distributed Device Management is the control system
for IRF technology, responsible for distributing
management and control information across the
IRF Distributed Fabric. DDM allows the entire
IRF Distributed Fabric to be managed as a single
logical entity. Management tasks are all performed
across the Distributed Fabric, minimizing complexity
and administration overheads. In addition, the
management IP address is shared across all units
in the IRF Distributed Fabric, ensuring continuous
device management and monitoring, in the event
of an outage in one of the interconnected switches.
* Distributed Resilient Routing (DRR)
Distributed Resilient Routing, provided by Enhanced
Image, is an advanced routing implementation that
allows multiple interconnected switches in an
IRF Distributed Fabric to behave as a single active
routing entity. Unlike resilient Layer 3 implementations
such as VRRP and HSRP, DRR intelligently distributes
the routing load across all switches in the Distributed
Fabric to optimize routing performance and make
full use of bandwidth capacity.
* Distributed Link Aggregation (DLA)
Distributed Link Aggregation, provided by Enhanced
Image, allows networks and IRF Distributed Fabrics
to be coordinated with switches at the network
edge. With the ability to multi-home across different
units in the IRF Distributed Fabric, the availability
of the entire network is dramatically increased.
Traffic is forwarded across all links in the Aggregated
Link to the fabric to optimize the use of available
capacity. DLA guarantees high levels of resiliency
since failure in one of the members of the Aggregated
Link results in automatic redistribution of traffic
across the remaining links.
Excellent PoE (Power over Ethernet) Supply
Function
The Quidway S3900 Series Switches support PoE
function for the LAN switching infrastructure,
which provides power over a copper Ethernet cable
to an endpoint (Powered Device).
* The Quidway S3900 series provides up to 48
simultaneous full-powered PoE ports at 15.4W for
maximum powered-device support, such as IP telephony
and wireless LAN deployments. As PSE (Power Sourcing
Equipment) devices, all Quidway S3900 series Switches
are 802.3af compliant PoE switches.
* With PoE and Voice VLAN technology, these
innovative switches can provide the perfect solution
for a converged voice and data network.
* The Quidway S3900 series supports PoE Profile,
which means PoE policy configurations applicable
to different user groups are stored in the corresponding
PoE Profiles. When users connect a PD device to
the port that currently has PoE Profile stored,
the switch will automatically apply the PoE configuration
defined in the corresponding port's PoE Profile
to the PD device.
High Reliability
* The Quidway S3900 series supports STP/RSTP
and multi-VLAN based on MSTP, greatly improving
redundant back-up for links and fault tolerance
capability, so the network can run with high-level
of stability.
* The Series supports the optional RPS (Redundant
Power Supply, provided by Enhanced Image), thus
improving the fault tolerance capability and normal
network operation duration.
* The Quidway S3900 series supports VRRP (provided
by Enhanced Image), and can build a VRRP back-up
group with other L3 switches. It can build a redundant
route topological structure when a fault occurs
to guarantee communication continuity and reliability,
maintaining network stability.
* The Quidway S3900 series supports VRRP backup
group port tracking function. With the function
enabled, customers can specify to track the link
state of the master's uplink port and decrease
the priority of the switch when the port fails.
This in turn triggers the new master to be determined
in the backup group.
* The Quidway S3900 series supports ECMP (Equal
Cost Multi-path Protocol, provided by Enhanced
Image) routing, which can be used for load balance
and routing redundancy.
Abundant QoS Policies
* The Quidway S3900 Series supports L2~L4 complex
flow classification based on source MAC address/destination
MAC address/source IP address/destination IP address/ports/protocols.
* The Quidway S3900 Series supports flexible
queue scheduling algorithms, which can be set
on the basis of port and queue at the same time.
They support Strict Priority (SP), Weighted Round
Robin(WRR), Weighted Fair Queuing (WFQ), SP+WRR,
and SP+WFQ; 8 priority queues and 2 drop precedence;
WRED congestion avoidance algorithm and port traffic
shaping.
* The Quidway S3900 Series supports Committed
Access Rate (CAR) and limits the traffic speed
in the 64Kbit/s granularity.
* The The Quidway S3900 Series supports RSPAN
(Remote switched port analyzer), breaking through
the limitation that the mirrored port and the
mirroring port have to be located in the same
switch, and making it possible for the mirrored
and mirroring ports to be located across several
devices in the network, greatly enhancing the
way the network administrators manage the switch.
* The Quidway S3900 Series supports the Synchronization
Feature of Queue Scheduling for Aggregation Ports.
This feature provides the synchronization function
of queue scheduling on each individual port of
the aggregation port group.
* The Quidway S3900 Series supports Delivery
of ACL by RADIUS, and this function requires corporation
of devices and the CAMS server. Users need to
first define the ACL which is of numeric type,
and then deliver the ACL to the hardware of the
devices in the CAMS server through the configuration
of external groups.
* The Quidway S3900 Series can configure the
Priority for Protocol Packets, and each protocol
packet has its own priority. Customers can modify
the priority of the protocol packet with the help
of relevant QoS commands.
* The Quidway S3900 Series supports configuring
the control policy over Telnet, configuring the
source IP, destination IP, and source MAC to control
over. Also specifying whether the control action
is permitting or denying access.
Flexible Security Control Policies
* Based on the longest match routing policy,
the Quidway S3900 Series forwards packets one
by one ensuring equal forwarding performance.
This function can guard the network against the
attack by Code Red and Worm Blaster, thereby guaranteeing
equipment security.
* The Quidway S3900 Series supports 802.1x authentication
to identify users who attempt to access the network.
With the 802.1x client version checking function
enabled on a switch, the switch checks the version
and validity of the 802.1x client running on supplicant
systems to prevent those using earlier versions
of 802.1x client or illegal clients from logging
in.
* The Quidway S3900 Series supports 802.1x PEAP.
With PEAP employed, a security channel is created
which is encrypted and is protected using (TLS)
to ensure integrity. And authentication is carried
out through a new type of EAP (extensible authentication
protocol) negotiation between supplicant systems
and authentication servers.
* The Quidway S3900 Series supports 802.1x-trusted
MAC address. Trusted MAC address here refers to
the MAC address of a supplicant system that passes
802.1x authentication and MAC address-based authentication.
In this case, the MAC address becomes a trusted
Mac address. The 802.1x trusted MAC Address synchronization
function propagates the trusted MAC addresses
in IRF (intelligent resilient framework) if the
corresponding supplicant systems pass the authentication
performed by IRF-enabled switches.
* The Quidway S3900 Series supports Centralized
MAC address authentication, it controls accesses
to a network through ports and MAC addresses.
This kind of authentication requires no client
software. When operating in centralized MAC address
authentication mode, a switch begins to authenticate
the user if it detects a new user MAC address.
Further more, the Quidway S3900 Series can Perform
802.1x authentication and MAC address-based authentication
simultaneously.
* The Quidway S3900 Series supports The Guest
VLAN function, this function enables supplicant
systems that are not authenticated to access specific
resources and thus perform the corresponding operations,
such as obtaining 802.1x client, upgrading client,
or obtaining other upgrading programs.
* The Quidway S3900 Series can also prevent
unauthorized access to the network by binding
any combination of MAC, IP and PORT.
* Secure Shell V2 (SSH V2) offers security information
protection and powerful authentication function
to safeguard the Ethernet switch from attacks
such as IP address spoofing and plain text cipher
interception.
Diversified System Configuration and
Management Modes
* The Quidway S3900 Series supports Simple Network
Management Protocol (SNMP) v1/v2/v3 and RMON (Remote
Monitoring) v1, 1/2/3/9 groups of MIBs. They can
be managed by a general network management platform
such as OpenView, and Quidway network management
system.
* The Quidway S3900 Series supports Command
Line Interface (CLI), Web based network management,
modem dial-up and TELNET which make the equipment
management more convenient.
* The Quidway S3900 Series supports HGMP V2
cluster management. After enabling HGMP V2, the
network administrator can manage several member
switches through one command switch and only the
command switch need a public network IP address.
This can add up to large public IP address savings
and also manages the network more efficiently.
* The Quidway S3900 Series supports SNMP Agent
logging, which means the network management operation
logging function can be performed remotely by
administrators through SNMP.
Abundant System Maintenance and Debugging
Methods
* The Quidway S3900 Series supports System log,
Hierarchical alarm management and alarm filtering,
detailed alarm/debug information output, Ping
and Tracer. It also support remote maintenance
via Telnet Modems and SSH.
* The Quidway S3900 Series supports NQA which
is a new network diagnostic tool used to test
the performance of protocols operating on network
and is an enhanced alternative to the ping command.
* The Quidway S3900 Series supports DLDP (Device
Link Detection Protocol). DLDP can detect the
link status of the optical fiber cable or copper
twisted pair. If DLDP finds a unidirectional link,
it disables the related port automatically or
informs users to disable it manually depending
on specific configuration, to avoid potential
network problems.
* The Quidway S3900 Series supports Loopback
detection on ports. After users enable loopback
detection for Ethernet ports, the switch will
monitor whether the ports have loopback on a regular
basis; if the switch detects loopback for a particular
port, then it will put that port under control.
* The Quidway S3900 Series supports VCT (Virtual
Cable Test) which is convenient for troubleshooting.
Customers can start the virtual cable test (VCT)
to make the system test the cable connected to
the current electrical Ethernet port. The test
items include: whether short or open circuit exists
in the Rx/Tx direction of the cable, and what
is the length of the cable in normal status or
the length from the port to the fault point of
the cable.
|