The Huawei S5700 series new function description

Huawei S5700 series switches are a new generation energy-efficient and high-performance switches launched by Huawei to meet large-bandwidth access and Ethernet multi-service aggregation. In this article, we will introduce the features and characteristics of Huawei S5700 series switches.

Product Characteristics

Mature IPv6 Technologies

The S5700 uses the mature, stable Versatile Routing Platform (VRP) and supports IPv4/IPv6 dual stacks, IPv6 routing protocols (RIPng, OSPFv3, BGP4+, and IS-IS for IPv6), and IPv6 over IPv4 tunnels including manual, 6-to-4, and Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) tunnels. With these IPv6 features, the S5700 can be deployed on a pure IPv4 network, a pure IPv6 network, or a shared IPv4/IPv6 network, helping realize IPv4-to-IPv6 transition. The S5700 uses the mature, stable Versatile Routing Platform (VRP) and supports IPv4/IPv6 dual stacks, IPv6 routing protocols (RIPng, OSPFv3, BGP4+, and IS-IS for IPv6), and IPv6 over IPv4 tunnels including manual, 6-to-4, and Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) tunnels. With these IPv6 features, the S5700 can be deployed on a pure IPv4 network, a pure IPv6 network, or a shared IPv4/IPv6 network, helping realize IPv4-to-IPv6 transition.

Various Combination of Ports

The S5700-EI and S5710-EI support various extended subcards that provide high-density GE/10GE uplink ports. The S5710-EI has four fixed 10GE SFP+ ports. With different extended subcards installed, the S5710-EI can provide different combination of ports, such as 64xGE+4x10GE, 48xGE+8×10GE, and 56xGE+6x10GE. The flexible port combinations meet bandwidth expansion requirements, protecting customers’ investment.

ES5D000G4S01?4-Port GE SFP Front Optical Interface Card

Intelligent Stack

The S5700 supports intelligent stack (iStack). This technology combines multiple switches into a logical switch. Member switches in a stack implement redundancy backup to improve device reliability and use inter-device link aggregation to improve link reliability. iStack provides high network scalability. You can increase ports, bandwidth, and processing capacity of a stack by simply adding member switches to the stack. iStack also simplifies device configuration and management. After a stack is set up, multiple physical switches are virtualized into one logical device. You can log in to any member switch in the stack to manage all the member switches in the stack.

Innovative AHM Energy Saving Technologies

The S5700-LI series smart energy-saving switches reduce power consumption without degrading system performance and user experience. The S5700-LI series uses innovative energy-saving technologies including energy efficient Ethernet (EEE), port power detection, dynamic CPU frequency adjustment, and device sleeping. These technologies help reduce power consumption by adjusting power depending on the Up/Down states of links, presence/absence of optical modules, shutdown and undo shutdown operations on ports, and peak and off-peak hours. The S5700-LI series is the industry’s first switch series that supports entire device sleeping, and it provides three energy saving modes to adapt to different usage scenarios: standard mode, basic mode, and deep mode.

Comprehensive VPN Technologies

The S5700 supports the multi-VPN-instance CE (MCE) function, which allows users in different VPNs to connect to the same switch and isolates users through multi-instance routing. Users in multiple VPNs connect to a PE device through the same physical uplink port on the switch, which reduces the investment on network deployment. The S5710-EI and S5700-HI support Multiprotocol Label Switching (MPLS) QoS, MPLS traffic engineering (TE), virtual leased line (VLL), virtual private LAN service (VPLS), and Layer 3 virtual private network (L3VPN). They can provide high-quality private line access services for enterprises and are cost-effective case-shaped MPLS switches.

Easy Operation and Maintenance

The S5700 supports auto-configuration, USB-based deployment, batch remote upgrade and is a plug-and-play product. These functions facilitate device deployment, upgrade, service provisioning, and other management and maintenance operations, and also greatly reduce costs of operation and maintenance. The S5700 can be managed and maintained using Simple Network Management Protocol (SNMP) V1, V2, and V3, command line interface (CLI), web-based network management system, Telnet, or Secure Shell (SSH) V2.0. Additionally, it supports remote network monitoring (RMON), multiple log hosts, port traffic statistics collection, and network quality analysis that help in network consolidation and reconstruction.

The S5700 can use the General VLAN Registration Protocol (GVRP) to implement dynamic distribution, registration, and propagation of VLAN attributes. GVRP reduces manual configuration workload and ensures correct configuration. Besides, the S5700 supports the MUX VLAN function, which involves a principal VLAN and multiple subordinate VLANs. Subordinate VLANs are classified into group VLANs and separate VLANs. Ports in the principal VLAN can communicate with ports in subordinate VLANs. Ports in a subordinate group VLAN can communicate with each other, whereas ports in a subordinate separate VLAN can communicate only with ports in the principal VLAN.

Excellent Network Traffic Analysis

The S5700 provides the NetStream function and can function as a NetStream data exporter. It periodically collects data traffic statistics, encapsulates the statistics in standard V5, V8, or V9 packets, and sends the packets to the NetStream data collector according to NetStream configuration. The collected statistics are then processed to dynamically generate reports, analyze traffic attributes, and generate alarms on abnormal traffic. The NetStream function helps you optimize network structure and adjust resource deployment in a timely manner.

The S5700 supports the sFlow function. It uses a method defined in the sFlow standard to sample traffic passing through it and sends sampled traffic to the collector in real time. The collected traffic statistics are used to generate statistical reports, helping enterprises maintain their networks.

Flexible Ethernet Networking

In addition to traditional Spanning Tree Protocol (STP), Rapid Spanning Tree Protocol (RSTP), and Multiple Spanning Tree Protocol (MSTP), the S5700 supports Huawei-developed Smart Ethernet Protection (SEP) technology and the latest Ethernet Ring Protection Switching (ERPS) standard. SEP is a ring protection protocol specific to the Ethernet link layer, and applies to various ring network topologies, such as open ring topology, closed ring topology, and cascading ring topology. This protocol is reliable, easy to maintain, and implements fast protection switching within 50ms. ERPS is defined in ITU-T G.8032. It implements millisecond-level protection switching based on traditional Ethernet MAC and bridging functions.

The S5700 supports Smart Link and Virtual Router Redundancy Protocol (VRRP), which implement backup of uplinks. One S5700 switch can connect to multiple aggregation switches through multiple links, significantly improving reliability of access devices. In addition, the S5700 provides multiple connection fault detection mechanisms, including Ethernet OAM (IEEE 802.3ah/802.1ag /ITU Y.1731) and Bidirectional Forwarding Detection (BFD). The S5700HI provides hardware-based 3.3ms Ethernet OAM and 10ms BFD.

Diversified Security Control

The S5700 supports MAC address authentication and 802.1X authentication and implements dynamic delivery of policies (VLAN, QoS, and ACL) to users.

The S5700 provides a series of mechanisms to defend against DoS attacks and user-targeted attacks. DoS attacks are targeted at switches and include SYN flood, Land, Smurf, and ICMP flood attacks. User-targeted attacks include bogus DHCP server attacks, IP/MAC address spoofing, DHCP request flood, and change of the DHCP CHADDR value. The S5700 collects and maintains information about access users, such as IP addresses, MAC addresses, IP address leases, VLAN IDs, and access interfaces in a DHCP snooping binding table. In this way, it can defend against DHCP attacks on the network. You can specify DHCP snooping trusted and untrusted ports to ensure that users connect only to the authorized DHCP server.

The S5700 supports strict ARP learning. This feature prevents ARP spoofing attackers from exhausting ARP entries so that users can connect to the Internet normally.

The S5700 is available in a lite (LI) series, a standard (SI) series, an enhanced (EI) series, and a hyper (HI) series.  Table 1 describes the differences among the four series.

Through the above article, we know that Huawei S5700 series switches characteristics, such as: Mature IPv6 Technologies, Various Combination of Ports, and Intelligent Stack and so on.

If you have any questions, please feel free to contact: supports@thunder-link.com.