h3c s5500-si system description - 群環科技 file/hpn a5500si... · h3c s5500-si system...
TRANSCRIPT
H3C S5500-SI System DescriptionISSUE 2.0
Date:
Hangzhou H3C Technologies Co., Ltd.
Impelling 1000M desktop connection demands
Development of IPV6 applications
New-generation full 1000M IPv4/IPv6 dual-stack
switch
Review
Understand S5500-SI configuration and hardware structure
Comprehend S5500-SI software features
Master typical S5500-SI applications
Grasp basic S5500-SI maintenance
ObjectivesUpon completion of this course, you will be able to:
Chapter 1 S5500-SI System Description
Chapter 2 S5500-SI Software Features
Chapter 3 Typical S5500-SI
Applications
Chapter 4 Basic S5500-SI Maintenance
Contents
www.h3c.com 5
References
H3C S5500-SI Installation Manual H3C S5500-SI Operation Manual H3C S5500-SI Command Manual H3C S5500-SI FAQ
www.h3c.com 6
S5500-SI System Description
System description——1000M weak L3 Ethernet switchHigh port densityFlexible extension slotSupport 10GE uplinkSupport PoESupport IPv6
Equipment positioningAt the access layer of enterprise networkAt the convergence layer of enterprise or
campus network
www.h3c.com 7
Product Positioning
Layer 2 Layer 3- Layer 3 Metro
10G
EG
EFE
H3C S9500
H3C S7500
H3C S5600H3C S5100-26C
H3C S5100-24PH3C S5600-PWR
Quidway S3552I
Quidway S3528
H3C S3600-EI-PWR
H3C S3600-EIH3C S3600-SI
H3C S5100-50C
H3C S5100-48P
Quidway S3000-EI
Quidway S3050C
H3C S3100-SI
Quidway S2000-EI
H3C S9500
H3C S7502M
S5500-SI H3C S5600
Quidway S5000
L3- + GE+ 10GE uplink +IPv4/IPv6
www.h3c.com 8
H3C Series Products ComparisonS5500-SI S5100-EI S5600 S5510
Quantity of GE ports 24/48 24/48 24/48 24
Quantity of 10GE ports 4 2 2 0
10GE port type XFP/CX4 XENPAK/CX4 XENPAK/XFP NA
IRF NA Support Support NA
PoE Support NA Support NA
MAC address 8K 16K 16K 12K
ARP table 2K 256 8K 4K
Routing table 512 16 16K 16K
RIP Support NA Support Support
OSPF NA NA Support Support
PIM NA NA Support Support
VRRP NA NA Support Support
IPv6 protocol stack Support NA NA Support
RIPng Support NA NA Support
OSFPv3 NA NA NA Support
Software platform ComwareV5 ComwareV3 ComwareV3 ComwareV5
www.h3c.com 9
Comparison with Competitors’ Products
H3C S5500-SI Cisco C3560 HP 2800 HP 3400cl
Fixed port 24 GE + 4 SFP(Combo)48 GE + 4 SFP(Combo)
24 GE + 4 SFP48 GE + 4 SFP
24 GE + 4 SFP(Combo)48 GE + 4 SFP(Combo)
24 GE + 4 SFP(Combo)48 GE + 4 SFP(Combo)
Extension port 4x10GE None None 2x10GE
Routing table 512 8k ? ?
Flow speed limit Granularity 64kbps Granularity 8kps NA NA
Quantity of queues 8 4 4 4
L2 protocol LACP/GVRP/MSTP LACP/VTP/MSTP/PVST+ LACP/MSTP/GVRP/CDP LACP/MSTP/GVRP/LLDP
IPv4 routing protocol
RIP RIP/OSPF/BGP/IGRP/EIGRP NA RIP/OSPF
IPv6 routing protocol
RIPng RIPng/OSPFv3 NA NA
Equal cost route NA Support NA NA
Policy route NA Support NA NA
Multicast protocol IGMP Snooping/MLD Snooping
IGMP/PIM/MLD Snooping IGMPv3 IGMPv3
VRRP NA HSRP NA XRRP
SSHv2/Tacacs+ Support Support Support Support
sFlow NA NA Support Support
PoE Support Support NA NA
www.h3c.com 10
Product Models and Configuration H3C S5500-SI series models and configuration
H3C S5500-28C-SI 24 1000M electrical interfaces + 4 SFP ports (combo) + 2 extension
slots H3C S5500-52C-SI
48 1000M electrical interfaces +4 SFP ports (combo) + 2 extension slots H3C S5500-28C-PWR-SI
24 1000M electrical interfaces + PoE + 4 SFP ports (combo) + 2 extension slots
H3C S5500-52C-PWR-SI 48 1000M electrical interfaces + PoE + 4 SFP ports (combo) + 2
extension slots
www.h3c.com 11
Product Models and Configuration
Extension modules (hot swappable) LSPM1XP1P
1-port XFP 10GE Module, the XFP shall support LR/SR/ER/LRM
LSPM1XP2P 2-port XFP 10GE Module, the XFP shall support
LR/SR/ER/LRM LSPM1CX2P
2-port CX4 10GE Module CX4 cable
50cm/100cm/300cm (screw-screw) 300cm (screw-clip)
www.h3c.com 12
Panel LEDs
Power LED Display the equipment status: normal/POST error
RPS LED Display the current RPS input status
Mode LED Display the current mode keystroke status: speed/duplex/PoE
Module LED Display the current extension module status: normal/abnormal/not in position
7-Segment Display Display the current equipment status:
POST ID Cluster Status (Commander/Member/Candidate/Standalone) File download indication PoE utilization indication Fan/Temperature alarm indication
Port LED Display the current port status based on mode keystroke:
Speed: 1000M/10-100M/POST Fail Duplex: Full /Half Duplex/POST Fail PoE: Normal/Fault/POST Fail
www.h3c.com 13
Hardware Structure
S5500-28C-SI hardware structure
SwitchCPUPCI
10GE 10GE
24 GE
Module2 Module1Module2
Switch
CPUPCI
Switch
Module1
10GE 10GE
48 GE
S5500-52C-SI hardware structure
www.h3c.com 14
Hardware Structure Features
Hardware design features Super compact, highest 1000M port density
Dimensions: 440 mm X 43.6 mm X 300 mm (Non-PoE)/ 440 mm X 43.6 mm X 420 mm (PoE) The front panel offers 48 1000M electrical interfaces and 4 1000M SFP optical interfaces The rear panel offers maximum of 4 10GE ports
High performance design, speed experience All ports are at full wire speed, and switching capacity is 128 Gbps/176 Gbps 10GE interface
Flexible extensibility Multiple types of extension modules Cost-effective 10GE interface (CX4)
Comprehensive reliability design Provide RPS and AC/DC power supply Hot-swappable extension module Support monitoring alarm of environment temperature and fans Temperature-control fan Extension module without CPU
Chapter 1 S5500-SI System Description
Chapter 2 S5500-SI Software Features
Chapter 3 Typical S5500-SI
Applications
Chapter 4 Basic S5500-SI Maintenance
Contents
www.h3c.com 16
Software Features Overview
Software design features Built on the brand-new Comware5 platform, integrated with intelligences
and advantages 8-year VRP R&D Progressive 3Com technologies
Rich services Routing protocol: static route/RIP IPv6: RIPng Multicast capability: IGMP Snooping, MLD Snooping and MVR+ Radius-based user authentication: 802.1x and MAC authentication Voice VLAN PoE……
Considerate design, easy to use and secure Profile-based management (PoE profile) How-swappable extension module Password protection
Powerful maintenance, convenient fault diagnosis Self-contained LED and 7-segment display, reflects the current state of equipment in real
time
www.h3c.com 17
Port Features
Basic features Port Types: 1000Base-T, SFP, XFP, CX4 Speed/Duplex auto-negotiation Auto MDI/MDIX Broadcast storm control (BC, MC, UC)
Port aggregation Support 12 trunk groups Each group supports max to 8 GE ports or 2 10G ports Support LACP dynamic link aggregation
Port isolation Port isolation (Protected Port)
Other features PoE Combo ports
www.h3c.com 18
Port Features Precautions
Broadcast storm suppression In the port mode, the suppression percentage of the 64-byte broadcast/multicast/unknown unicast packet is
accurate. This is because that the chip supports broadcast suppression based on PPS only. In the case of percentage-based suppression, the system converts the percentage into PPS based on 64 bytes. Therefore the PPS mode is recommended.
Broadcast/Multicast/Unknown unicast suppression does not change the port’s instantaneous speed, but prohibits packet forwarding in a certain period to implement suppression.
When broadcast/multicast/unknown unicast suppression and CAR are concurrently enabled on a port, the final wire speed is calculated with the following formula: CIR/wire speed * packets suppression pps.
Port aggregation The selected/unselected principles of V3/V5 static aggregation ports are different. When there are over
eight ports to be aggregated, products at the two ends may select different ports. IP unicast packet: load balancing based on source/destination IP and source port Non-IP unicast packet: load balancing based on source/destination MAC, VLAN and ethertype IPMC multicast: load balancing based on source/destination IP and incoming port index Other multicast/broadcast/unknown unicast packet: load balancing based on source/destination MAC and
incoming port index
www.h3c.com 19
Port Features——POE
PoE: 802.3af standard PD/Legacy
PD support (Cisco/Huawei)Max to 15.4Watt power per port24 Ports max power support
with AC inputFull port max power support
with DC input3 priorities support:
Critical/High/Low Power statistics:
Current/Average/Peak
CLI
DEVM
Driver
MCU
Others
UART
Switch
PSU
www.h3c.com 20
L2 Features
MAC address management8K MAC addresses /128 static MAC addressesMAC black holeMAC learnt limitation
VLAN 4094 802.1q VLANs GVRP Auto VLAN assignment via 802.1x Voice VLAN QinQ/Selective QinQ
Spanning TreeSTP/RSTP/MSTPBPDU guard/Root guard/Loop Guard/TC Protect
www.h3c.com 21
Selective QinQ S5500-SI serves as the PE:
In the uplink direction, the UNI port processes a received packet as follows: 1) Search the mapping table of inner VLANs and
outer VLANs configured by the user for S-VLAN based on incoming port number and C-TAG;
2) Search the MAC table for outgoing port based on S-VID and C-DA;
3) Learn MAC address based on S-VID and C-SA; 4) Insert S-TAG into the packet, and then send it out
through the outgoing port; 5) For the untagged or Pri-tagged packet, insert VID
(equal to PVID of port) TAG into the packet, and then send it out.
In the downlink direction, the UNI port processes a packet as follows: 1) Search the MAC table for outgoing port based on
S-VID and C-DA; 2) Learn MAC address based on S-VID and C-SA; 3) Strip off S-TAG, and then send the packet out
through the outgoing port.
www.h3c.com 22
L3 Features L3 interface
64 VLAN interfaces Secondary IP address (4 IP per VLAN)
ARP 2K ARP entries/ 64 static ARP entries ARP Proxy
Unicast routing protocol RIPv1/v2 512 routing table (including 64 static routes)
Multicast IGMPv1/v2/v3 Snooping 128 multicast groups MVR+ IGMP Fast Leave IGMP Filter IGMP Group Limit Drop known Source Deny
www.h3c.com 23
Multicast Precautions
IGMP SnoopingWhen IGMP Snooping is enabled in a VLAN, uplink
multicast data will flood the VLAN if no member joins in any multicast group. The solution is to enable unknown multicast discard in the VLAN.
Note: When unknown multicast discard or multicast port source discard is enabled in the VLAN, multicast packets (such as OSPF, RIP and NTP) will be discarded.
Multicast VLAN +Support multicast VLAN duplication, and port duplication
capability is 64. The whole system shares 1K entries, and supports duplication of maximum of 16 ports in full configuration in the case that every port joins in 128 groups.
www.h3c.com 24
IPv6 Features
L3 interface 64 VLAN interfaces
ND 1K ND entries (including 64 static ND entries)
Unicast routing RIPng 256 routing table (including 64 static routes)
Multicast MLDv1 Snooping/128 multicast groups Multicast VLAN
Management Telnet/SSH/SNMP/HTTP over IPv6 ping/Tracert for IPv6
www.h3c.com 25
Security Features HTTPs SSHv2
DES/3DES support User authentication
802.1x Centralized Mac authentication Local Database Radius Tacacs+
Packet Filtering L2L3/L4 Time-based 384 ACL entries per ASIC Port /VLAN based ACL
Others DoS protection Password Recovery DHCP Snooping Trust Port Mirroring/Traffic Mirroring Up to 4 Monitor Port
www.h3c.com 26
QoS Features
Egress Queue 8 queues Scheduler : SP, WRR, SP + WRR
Priority mapping/remarking 802.1p DSCP
Traffic classification L2(Link)/ L3/L4(Advanced) Time-based
Rate limiting Port Rate Limitation
Ingress/Egress 64Kbps granularity
Flow Rate Limitation Ingress only 64Kbps granularity
L4 port range check
www.h3c.com 27
Management Features
HGMP V2 Web management:
Support multiple browser: IE 5.5/IE 6/Netscape 7.1/Mozilla 1.4 Rich management function
Basic port management (enable/disable, speed, flow control, etc) Layer 2
— VLAN Configuration— Voice VLAN Configuration— Spanning Tree Configuration— Link Aggregation Configuration— IGMP Snooping— Port Mirroring
Management Configuration— Software Agent Upgrade— Network Login Configuration— User management (passwords, etc)— Device Configuration Save & Recovery— Administration: Initialize/Reboot/Save Configuration
www.h3c.com 28
Features under Development
Layer 2 UDLD VLAN Mapping RSPAN Flex Link Support 100M SFP Module
Network Security DHCP Snooping Option82 Dynamic ARP Inspection IP Source Guard Port Security
Multicast MLDv2 Snooping
Management Enhanced Clustering Support Enhanced Web Management
Chapter 1 S5500-SI System Description
Chapter 2 S5500-SI Software Features
Chapter 3 Typical S5500-SI
Applications
Chapter 4 Basic S5500-SI Maintenance
Contents
www.h3c.com 30
Typical Networking (Convergence Layer)
10 GE 10 GE
GE
CAMS NMS Server Farm
FirewallS9500/S7500 S9500/S7500
S5100 S5100
GE GE GE GES3600 S3600 S3600S3600
S5100 S5100
GE GE GE GES3600 S3600 S3600S3600
S5500-SI S5500-SI
GE GE GE GES3600 S3600 S3600S3600
www.h3c.com 31
Typical Networking (Access Layer)
S5500-SI S5500-SI
GE PoE GE GE PoE
10 GE 10 GE
GE
CAMS NMS Server Farm
FirewallS9500/S7500 S9500/S7500
S5500-SI S5500-SI
GE GE GE PoE GE
S5500-SI S5500-SI
GE PoE GE GE PoE
www.h3c.com 32
Typical Networking (IPv6)
IPv4 Network
IPv6 Enterprise Users IPv6 Users
WLAN
IPv6 Network
Dual-Stack Access
Dual-Stack Access
Mobile Network
IPv4 Access
IPv6 IDC Network Manager
IPv6 Mobile Terminal
IPv6 Island
IPv4 Internet
IPv6 Internet
IPv6 Over IPv4TunnelIPv6 Access
IPv6 Access
IPv4 User
IPv6 Link
6to4 Relay
S5500-SI
S5500-SI
S5500-SI
Chapter 1 S5500-SI System Description
Chapter 2 S5500-SI Software Features
Chapter 3 Typical S5500-SI
Applications
Chapter 4 Basic S5500-SI Maintenance
Contents
www.h3c.com 34
Common Fault Location——DIAG Mode
The S5500-SI integrates the diagnosis mode provided by the chip manufacturer, enables the user to view hardware entries in the chip in real time, and realizes the convenient on-line diagnosis function. The operation steps are as follows: Type diag in any view, and the system displays a prompt
whether to enter the diag mode. Type Y and password sdk to enter the diag mode.
Choose the chip number to view. Type the command to view the desired entry. The user can
type ? or help to display all the available commands.____________________________
| GFD_24 physical connection || || 27 26 25 24(4个10GE) || | | | | || ___ | __| __| __ |______ || | | || | chip-0 | || |___________________ | || | | | | | | || | | | .... | | | || 0 1 2 21 22 23(24GE) ||_____________________________ |
____________________________________________| GFD_48 physical connection || || 27 26 (4个10GE) 25 24 || | | | | || ____|____|____ ____|____|_____ || | 25 |___Hig___|26 | || | chip-0 24 |___Hig___|27 chip-1 | || |______________| |______________| || | | | | | | | | || | | .. | | | | .. | | || 0 1 22 23 (48GE) 0 1 22 23 ||___________________________________________ |
www.h3c.com 35
Common Fault Location——FIB
View ARP entry in the DIAG (l3 l3table show) View virtual interface entry in the DIAG (l3
intf show) View routing entry in the DIAG (l3 defip
show) View IPv6 host entry in the DIAG (l3 ip6host
show) View IPv6 routing entry in the DIAG (l3
ip6route show)
www.h3c.com 36
Common Fault Location——Sending/Receiving Packet
[H3C-hidecmd]_debugging drv ni packetrxcos Display packet info in drv receive from special cosrxdiag Display drv diag receive packet inforxdrop Display drv drop receive packet inforxdrv Display drv receive all packet inforxplat Display send to platform all packet inforxport Display packet info in drv receive from special portrxreason Display packet info in drv receive from special reasontxdiag Display inbound diag send all packet infotxdrop Display drv drop from platform send all packet infotxdrv Display drv send all packet infotxplat Display platform send all packet infotxplatport Display platform send all packet info using port sendtxplatvlan Display platform send all packet info using vlan sendtxsoftbc Display drv soft vlan flood packet info
<H3C>terminal debugging
www.h3c.com 37
Common Fault Location——QACL Realization
QACL realization – hardware resourcesThere are four TCAMs in the chip. Each TCAM contains
128 entries. TCAMs are numbered 0, 2, 4 and 6, and entries in each TCAM are numbered 0 to 127. Every entry corresponds to a rule of the user, and is numbered TCAM_id * 128 + entry_id.
TCAM 6
TCAM 4
TCAM 0
TCAM 2
Entry_id 127
Entry_id 0
Number:6*128+127=895Number:
4*128+0=512
www.h3c.com 38
Common Fault Location——QACL Realization
QACL realization - priorityWhen viewing a rule, the user can see its global number,
work out TCAM_id and entry_id based on the number, and then figure out its position in the chip.
Priority relations among rules are as follows: In different TCAMs, the larger TCAM_id is, the higher
priority is; while the smaller entry_id is, the higher priority is. TCAM0 is reserved by the system, and unavailable for
users.
LOW PRIORITYHIGH PRIORITY
TCAM6
TCAM 4
TCAM 0
TCAM 2
HIGH PRIORITY
RULE
TCAM
www.h3c.com 39
Common Fault Location——QACL Query
Query QoS Policy delivered on the port: [H3C-GigabitEthernet1/0/1]display qos policy interface[H3C-GigabitEthernet1/0/1]dis qos p intInterface: GigabitEthernet1/0/1Direction: InboundPolicy: testClassifier: testOperator: ANDRule(s) : If-match source-mac 0000-0000-0001Behavior: testCommitted Access Rate:CIR 64 (kbps), CBS 500 (byte)Red Action: discard
www.h3c.com 40
Common Fault Location——QACL Query
Query QACL rules configured by the user: [H3C-hidecmd] _dis drv qacl user-rule policy-name
policy-name[H3C-hidecmd] _dis drv qacl user-rule policy-name testport based policypolicy-name testentry detail infoentry_id: 768valid_sta 1ip_ver IPv4class_name testbehavior_name testacl_num 0sub_item: 0if_time_range: 0
Rule number in the hardware: Indicates that this rule is located at TCAM6 and
entry_id is 0
Classifier and behavior name configured by the user
www.h3c.com 41
Common Fault Location——QACL Query
IPv4 rule contentdst_mac: 0-0-0-0-0-0dst_mac_mask: 0-0-0-0-0-0src_mac: 0-0-0-0-0-1src_mac_mask: ff-ff-ff-ff-ff-ffouter_vid: 0outer_vid_mask: 0inner_vid: 0inner_vid_mask: 0ether_type: 0ether_type_mask: 0src_ip: 0src_ip_mask: 0dst_ip: 0dst_ip_mask: 0ip_protocol: 0ip_protocol_mask: 0………………………………………………(omitted contents)
Match source MAC 0-0-1
www.h3c.com 42
Common Fault Location——QACL Query
action content……………………………………(omitted contents)drop: Action not be setmirror: Action not be setmtp_modid: 0mtp_port: 0change_dmac_vlan: Action not be setnew_dmac_vlan: 0car: MeterConfig car_cir: 64car_cbs: 4rp_drop: RpDroprp_change_dscp: Action not be setrp_newdscp: 0count: Action not be setcounter_mode: 0
Enable rate limit
The speed limit is 64 Kbps
Token bucket depth is 4Kbype
Out-profile discard
www.h3c.com 43
Questions
Any Question?
www.h3c.com 44
Summary
The H3C S5500-SI uses the Comware V5 platform software, and inherits all features of the V5 platform.New software/hardware features
Voice VLAN PoE IPv6 Selective QinQ
Brand-new QACL design TCAM Policy/Classifier/Behavior
Hangzhou H3C Technologies Co., Ltd.www.h3c.com