MA5606T Feature Description(V800R006C02_03)

SmartAX MA5606T Multi-service Access ModuleV800R006C02

Feature Description

Issue 03

Date 2010-01-28

HUAWEI TECHNOLOGIES CO., LTD.

Copyright © Huawei Technologies Co., Ltd. 2010. All rights reserved.No part of this document may be reproduced or transmitted in any form or by any means without prior writtenconsent of Huawei Technologies Co., Ltd. Trademarks and Permissions

and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.All other trademarks and trade names mentioned in this document are the property of their respective holders. NoticeThe purchased products, services and features are stipulated by the contract made between Huawei and thecustomer. All or part of the products, services and features described in this document may not be within thepurchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information,and recommendations in this document are provided "AS IS" without warranties, guarantees or representationsof any kind, either express or implied.

The information in this document is subject to change without notice. Every effort has been made in thepreparation of this document to ensure accuracy of the contents, but all statements, information, andrecommendations in this document do not constitute the warranty of any kind, express or implied.

Huawei Technologies Co., Ltd.Address: Huawei Industrial Base

Bantian, LonggangShenzhen 518129People's Republic of China

Website: http://www.huawei.com

Email: [email protected]

Issue 03 (2010-01-28) Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

i

http://www.huawei.com

mailto:[email protected]

About This Document

PurposeThis document describes the key features (including VDSL2, SHDSL, PPPoA, IPoA, VLAN,ACL, QoS, and security features) of the SmartAX MA5606T (hereinafter referred to as theMA5606T) in detail from the following aspects:

l Definition

l Purpose

l Specification

l Availability

l Principle

l Reference

This document also provides the glossary, acronyms and abbreviations, as well as referencesconcerning these features of the MA5606T.

After reading this document, you can learn about the definitions and purposes of the variousfeatures of the MA5606T, and also the support of these features by the MA5606T and thereferences on these features. In this way, you can know the feature list of the MA5606T andunderstand the implementation of these features on the MA5606T.

Related VersionsThe following table lists the product versions related to this document.

Product Name Version

MA5606T V800R006C02

N2000 BMS V200R012C03

SmartAX MA5606T Multi-service Access ModuleFeature Description About This Document


iii

Intended AudienceThe intended audience of this document is:

l Network planning engineers

l System maintenance engineers

l Configuration engineers

l NM administrators

OrganizationThis document consists of the following parts and is organized as follows.

Topic… Describes…

1 GPON UpstreamTransmission

GPON upstream transmission means transmission of datathrough the GPON interface which is the upstream interface.

2 VDSL2 Access VDSL2 supports a high bandwidth (symmetric rates of upto 100 Mbit/s). It addresses the requirement for shortdistance and high rate of the next generation FTTx accessscenarios.

3 ADSL2+ Access Asymmetrical digital subscriber loop (ADSL) is anasymmetric transmission technology that is used to transmitdata at high speed over the twisted pair. ADSL2+ is anextension of ADSL. The upstream rate of ADSL2+ reaches2.5 Mbit/s, and the downstream rate reaches 24 Mbit/s. Themaximum reach of ADSL2+ is 6.5 km.

4 SHDSL SHDSL is an xDSL access technology, just like ADSL andVDSL. SHDSL provides the symmetric upstream anddownstream rates.

5 DLM/DSM This topic describes the DLM/DSM feature in itsintroduction, principles, and reference.

6 PPPoA Access PPPoA access is an access mode in which users can transmitPPPoA packets to the PPPoE server based on Ethernet.

7 IPoA Access IPoA access is an access mode in which the payloads of IPpackets are converted into Ethernet frames for upstreamtransmission to the upper layer network, and thedownstream IPoE packets are converted into IPoA packetsand then forwarded to users.

8 P2P FE Optical Access Point-to-point (P2P) Ethernet optical access refers to theP2P FTTH access provided by the P2P Ethernet opticalaccess board and the ONT, which meets the requirementsfor the application of the next generation access deviceunder the integration of video, voice, and data services.

About This DocumentSmartAX MA5606T Multi-service Access Module

Feature Description

iv Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 03 (2010-01-28)


9 VLAN Virtual local area network (VLAN) is a technology used toform virtual workgroups by logically grouping the devicesof a LAN.

10 HWTACACS HWTACACS is a security protocol with enhancedfunctions based on TACACS (RFC1492). Similar to theRADIUS protocol, HWTACACS implements AAAfunctions for multiple subscribers by communicating withthe HWTACACS server in the client/server (C/S) mode.This topic provides the introduction, principles, andreference of the HWTACACS feature.

11 DNS Client The DNS client feature enables the user who logs in to thelocal device to communicate with other devices by using thedomain name.

12 TransparentTransmission of ProtocolPackets

Transparent transmission of protocol packets refers to thetransparent transmission of user private network packets inthe public network.

13 ACL The access control list (ACL) is used to filter the specificdata packets based on a series of matching rules containedin the ACL.

14 QoS QoS refers to quality of service. Settings of different QoSparameters, such as service availability, time delay, jitter,and loss rate, provide users with high quality services.

15 ANCP ANCP refers to the Access Node Control Protocol which isused to implement the functions such as topology discoveryand line configuration of user ports, and also Layer 2 ControlProtocol (L2C) OAM.

16 MSTP The Multiple Spanning Tree Protocol (MSTP) is compatiblewith STP and RSTP.

17 Multicast Multicast refers to the point-to-multipoint communicationin which the multicast source sends the information to acertain subset of all the network nodes.

18 Triple Play Triple play is a service provisioning mode in whichintegrated services can be provided to a user. Currently, theprevailing integrated services include the high-speedInternet access service, voice over IP (VoIP) service, andIPTV service.

19 Ethernet LinkAggregation

Ethernet link aggregation refers to aggregation of multipleEthernet ports together to form a port to provide higherbandwidth and link security.

20 System Security System security refers to prevention of attacks to the system.

21 User Security User security is a mechanism which guarantees the securityof operation users and access users.



v


22 Subtended NetworkConfiguration

A subtended network configuration is a configuration inwhich the MA5606T series devices are subtended in severaltiers through the FE/GE ports.

23 Ethernet OAM Operations, administration and maintenance (OAM) meansa tool for monitoring and diagnosing network faults.

24 VoIP The VoIP service is a solution in which the voicecompression technology is adopted and the voice service istransmitted over the IP network.

25 ISDN The integrated services digital network (ISDN) is aConsultative Committee of International Telegraph andTelephone (CCITT) standard, providing integratedtransmission of voice, video, and data. The ISDN enables asimultaneous transmission of voice, video and data on thedata channel.

26 Overload Control Overload occurs when the usage of the CPU and DSPresources increases and reaches a certain threshold in thecase that a large number of AG calls occur concurrently. Inthis case, calls cannot be processed normally. Overloadcontrol refers to the control over calls, which ensures thatthe calls from guaranteed subscribers and emergency callsubscriber are processed in time, improving the systemstability and usability.

A Acronyms andAbbreviations

The acronyms and abbreviations related to all the featuresof the MA5606T

Conventions

Symbol Conventions

The following symbols may be found in this document. They are defined as follows

Symbol Description

Indicates a hazard with a high level of risk which, if notavoided, will result in death or serious injury.

Indicates a hazard with a medium or low level of risk which,if not avoided, could result in minor or moderate injury.

Indicates a potentially hazardous situation that, if notavoided, could cause equipment damage, data loss, andperformance degradation, or unexpected results.


Feature Description

vi Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 03 (2010-01-28)

Symbol Description

Indicates a tip that may help you solve a problem or saveyour time.

Provides additional information to emphasize orsupplement important points of the main text.

General ConventionsConvention Description

Times New Roman Normal paragraphs are in Times New Roman.

Boldface Names of files, directories, folders, and users are inboldface. For example, log in as user root.

Italic Book titles are in italics.

Courier New Terminal display is in Courier New.

Command ConventionsConvention Description

Boldface The keywords of a command line are in boldface.

Italic Command arguments are in italics.

[ ] Items (keywords or arguments) in square brackets [ ] areoptional.

{ x | y | ... } Alternative items are grouped in braces and separated byvertical bars. One is selected.

[ x | y | ... ] Optional alternative items are grouped in square bracketsand separated by vertical bars. One or none is selected.

{ x | y | ... } * Alternative items are grouped in braces and separated byvertical bars. A minimum of one or a maximum of all canbe selected.

GUI ConventionsConvention Description

Boldface Buttons, menus, parameters, tabs, window, and dialog titlesare in boldface. For example, click OK.



vii

Convention Description

> Multi-level menus are in boldface and separated by the ">"signs. For example, choose File > Create > Folder.

Keyboard Operation

Format Description

Key Press the key. For example, press Enter and press Tab.

Key 1+Key 2 Press the keys concurrently. For example, pressing Ctrl+Alt+A means the three keys should be pressedconcurrently.

Key 1, Key 2 Press the keys in turn. For example, pressing Alt, A meansthe two keys should be pressed in turn.

Mouse Operation

Action Description

Click Select and release the primary mouse button without movingthe pointer.

Double-click Press the primary mouse button twice continuously andquickly without moving the pointer.

Drag Press and hold the primary mouse button and move thepointer to a certain position.

Update HistoryUpdates between document versions are cumulative. Therefore, the latest document versioncontains all updates made to previous versions.

Issue 03 (2010-01-28)

Based on issue 02 (2009-08-13), certain contents are optimized.

Issue 02 (2009-08-13)

Compared with Issue 01 (2009-06-25), this issue has the following new contents:

Delete: The command authorization in 10.2 Principle.


Feature Description

viii Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 03 (2010-01-28)

Issue 01 (2009-06-25)This is the first release of the MA5606T V800R006C02.



ix

Contents

About This Document...................................................................................................................iii

1 GPON Upstream Transmission...............................................................................................1-11.1 Introduction.....................................................................................................................................................1-21.2 Principle.......................................................................................................................................................... 1-21.3 Reference.........................................................................................................................................................1-3

2 VDSL2 Access.............................................................................................................................2-12.1 Introduction.....................................................................................................................................................2-22.2 Principle.......................................................................................................................................................... 2-32.3 Reference.........................................................................................................................................................2-5

3 ADSL2+ Access...........................................................................................................................3-13.1 Introduction.....................................................................................................................................................3-23.2 Principle.......................................................................................................................................................... 3-43.3 Reference.........................................................................................................................................................3-7

4 SHDSL..........................................................................................................................................4-14.1 ATM SHDSL Access......................................................................................................................................4-2

4.1.1 Introduction............................................................................................................................................4-24.1.2 Principle................................................................................................................................................. 4-34.1.3 Reference................................................................................................................................................4-5

4.2 EFM SHDSL Access.......................................................................................................................................4-54.2.1 Introduction............................................................................................................................................4-64.2.2 Principle................................................................................................................................................. 4-74.2.3 Reference................................................................................................................................................4-9

5 DLM/DSM...................................................................................................................................5-15.1 Introduction.....................................................................................................................................................5-25.2 Principle.......................................................................................................................................................... 5-45.3 Reference.........................................................................................................................................................5-5

6 PPPoA Access..............................................................................................................................6-16.1 Introduction.....................................................................................................................................................6-26.2 Principle.......................................................................................................................................................... 6-26.3 Reference.........................................................................................................................................................6-3

7 IPoA Access.................................................................................................................................7-1

SmartAX MA5606T Multi-service Access ModuleFeature Description Contents


xi

7.1 Introduction.....................................................................................................................................................7-27.2 Principle..........................................................................................................................................................7-27.3 Reference.........................................................................................................................................................7-3

8 P2P FE Optical Access...............................................................................................................8-18.1 Introduction.....................................................................................................................................................8-28.2 Principle..........................................................................................................................................................8-28.3 Reference.........................................................................................................................................................8-3

9 VLAN............................................................................................................................................9-19.1 Standard VLAN...............................................................................................................................................9-2

9.1.1 Introduction............................................................................................................................................9-29.1.2 Principle.................................................................................................................................................9-39.1.3 Reference................................................................................................................................................9-4

9.2 Smart VLAN...................................................................................................................................................9-49.2.1 Introduction............................................................................................................................................9-49.2.2 Principle.................................................................................................................................................9-59.2.3 Reference................................................................................................................................................9-5

9.3 MUX VLAN...................................................................................................................................................9-59.3.1 Introduction............................................................................................................................................9-69.3.2 Principle.................................................................................................................................................9-79.3.3 Reference................................................................................................................................................9-7

9.4 QinQ VLAN....................................................................................................................................................9-79.4.1 Introduction............................................................................................................................................9-79.4.2 Principle.................................................................................................................................................9-89.4.3 Reference................................................................................................................................................9-9

9.5 VLAN Stacking.............................................................................................................................................9-109.5.1 Introduction..........................................................................................................................................9-109.5.2 Principle...............................................................................................................................................9-119.5.3 Reference..............................................................................................................................................9-12

10 HWTACACS........................................................................................................................... 10-110.1 Introduction.................................................................................................................................................10-210.2 Principle......................................................................................................................................................10-310.3 Reference.....................................................................................................................................................10-4

11 DNS Client.............................................................................................................................. 11-111.1 Introduction.................................................................................................................................................11-211.2 Principle......................................................................................................................................................11-311.3 Reference.....................................................................................................................................................11-5

12 Transparent Transmission of Protocol Packets................................................................12-112.1 Introduction.................................................................................................................................................12-212.2 Principle......................................................................................................................................................12-2

13 ACL........................................................................................................................................... 13-1

ContentsSmartAX MA5606T Multi-service Access Module

Feature Description

xii Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 03 (2010-01-28)

13.1 Introduction.................................................................................................................................................13-213.2 Principle......................................................................................................................................................13-3

14 QoS............................................................................................................................................14-114.1 QoS Overview.............................................................................................................................................14-3

14.1.1 Introduction........................................................................................................................................14-314.1.2 Principle.............................................................................................................................................14-4

14.2 PQ................................................................................................................................................................14-414.2.1 Introduction........................................................................................................................................14-514.2.2 Principle.............................................................................................................................................14-5

14.3 WRR............................................................................................................................................................14-614.3.1 Introduction........................................................................................................................................14-614.3.2 Principle.............................................................................................................................................14-6

14.4 CoS Priority Re-marking.............................................................................................................................14-714.4.1 Introduction........................................................................................................................................14-714.4.2 Principle.............................................................................................................................................14-7

14.5 Flexible Mapping Between CoS Priorities and Scheduling Queues...........................................................14-814.5.1 Introduction........................................................................................................................................14-814.5.2 Principle.............................................................................................................................................14-8

14.6 trTCM..........................................................................................................................................................14-914.6.1 Introduction........................................................................................................................................14-914.6.2 Principle...........................................................................................................................................14-10

14.7 Rate Limitation Based on Port and CoS....................................................................................................14-1114.7.1 Introduction......................................................................................................................................14-1214.7.2 Principle...........................................................................................................................................14-12

15 ANCP........................................................................................................................................15-115.1 Introduction.................................................................................................................................................15-215.2 Principle......................................................................................................................................................15-215.3 Reference.....................................................................................................................................................15-5

16 MSTP........................................................................................................................................16-116.1 Introduction.................................................................................................................................................16-216.2 Principle......................................................................................................................................................16-316.3 Reference.....................................................................................................................................................16-7

17 Multicast..................................................................................................................................17-117.1 Overview.....................................................................................................................................................17-2

17.1.1 Introduction........................................................................................................................................17-217.1.2 Principle.............................................................................................................................................17-317.1.3 Reference............................................................................................................................................17-4

17.2 IGMP Snooping...........................................................................................................................................17-517.2.1 Introduction........................................................................................................................................17-517.2.2 Principle.............................................................................................................................................17-6

17.3 IGMP Proxy................................................................................................................................................17-6



xiii

17.3.1 Introduction........................................................................................................................................17-617.3.2 Principle............................................................................................................................................. 17-7

17.4 Multicast VLAN Management....................................................................................................................17-817.4.1 Introduction........................................................................................................................................17-817.4.2 Principle............................................................................................................................................. 17-9

17.5 Program Management...............................................................................................................................17-1017.5.1 Introduction......................................................................................................................................17-1017.5.2 Principle...........................................................................................................................................17-11

17.6 User Management.....................................................................................................................................17-1117.6.1 Introduction......................................................................................................................................17-1117.6.2 Principle...........................................................................................................................................17-12

18 Triple Play...............................................................................................................................18-118.1 Features of Triply Play................................................................................................................................18-2

18.1.1 Introduction........................................................................................................................................18-218.1.2 Principle............................................................................................................................................. 18-218.1.3 Reference............................................................................................................................................18-3

18.2 Single-PVC for Multiple Services...............................................................................................................18-318.2.1 Introduction........................................................................................................................................18-418.2.2 Principle............................................................................................................................................. 18-4

18.3 Multi-PVC for Multiple Services................................................................................................................18-618.3.1 Introduction........................................................................................................................................18-718.3.2 Principle............................................................................................................................................. 18-7

19 Ethernet Link Aggregation...................................................................................................19-119.1 Introduction.................................................................................................................................................19-219.2 Principle...................................................................................................................................................... 19-319.3 Reference.....................................................................................................................................................19-6

20 System Security......................................................................................................................20-120.1 Introduction to System Security..................................................................................................................20-2

20.1.1 Introduction........................................................................................................................................20-220.1.2 Principle............................................................................................................................................. 20-3

20.2 Anti-DoS Attack..........................................................................................................................................20-420.2.1 Introduction........................................................................................................................................20-420.2.2 Principle............................................................................................................................................. 20-5

20.3 MAC Address Filtering...............................................................................................................................20-520.3.1 Introduction........................................................................................................................................20-620.3.2 Principle............................................................................................................................................. 20-6

20.4 Firewall Black List......................................................................................................................................20-720.4.1 Introduction........................................................................................................................................20-720.4.2 Principle............................................................................................................................................. 20-7

20.5 Firewall........................................................................................................................................................20-820.5.1 Introduction........................................................................................................................................20-8


Feature Description

xiv Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 03 (2010-01-28)

20.5.2 Principle............................................................................................................................................. 20-9

21 User Security...........................................................................................................................21-121.1 PITP.............................................................................................................................................................21-3

21.1.1 Introduction........................................................................................................................................21-321.1.2 Principle.............................................................................................................................................21-421.1.3 Reference..........................................................................................................................................21-11

21.2 DHCP option82.........................................................................................................................................21-1121.2.1 Introduction......................................................................................................................................21-1121.2.2 Principle...........................................................................................................................................21-1221.2.3 Reference..........................................................................................................................................21-14

21.3 DHCP Sub-Option90.................................................................................................................................21-1421.3.1 Introduction......................................................................................................................................21-1421.3.2 Principles..........................................................................................................................................21-1521.3.3 Reference..........................................................................................................................................21-16

21.4 RAIO.........................................................................................................................................................21-1721.4.1 Introduction......................................................................................................................................21-1721.4.2 Principle...........................................................................................................................................21-1821.4.3 Reference..........................................................................................................................................21-24

21.5 IP Address Binding...................................................................................................................................21-2421.5.1 Introduction......................................................................................................................................21-2521.5.2 Principle...........................................................................................................................................21-25

21.6 MAC Address Binding..............................................................................................................................21-2521.6.1 Introduction......................................................................................................................................21-2621.6.2 Principle...........................................................................................................................................21-26

21.7 VMAC.......................................................................................................................................................21-2721.7.1 Introduction......................................................................................................................................21-2721.7.2 Principle...........................................................................................................................................21-28

21.8 SMAC........................................................................................................................................................21-3021.8.1 Introduction......................................................................................................................................21-3021.8.2 Principles..........................................................................................................................................21-3121.8.3 Reference..........................................................................................................................................21-33

21.9 Anti-MAC Spoofing..................................................................................................................................21-3321.9.1 Introduction......................................................................................................................................21-3321.9.2 Principle...........................................................................................................................................21-34

21.10 Anti-IP Spoofing.....................................................................................................................................21-3521.10.1 Introduction....................................................................................................................................21-3521.10.2 Principle.........................................................................................................................................21-36

22 Subtended Network Configuration....................................................................................22-122.1 Introduction.................................................................................................................................................22-222.2 Principle......................................................................................................................................................22-322.3 Reference.....................................................................................................................................................22-3



xv

23 Ethernet OAM.........................................................................................................................23-123.1 Ethernet CFM OAM....................................................................................................................................23-2


23.2 Ethernet EFM OAM....................................................................................................................................23-523.2.1 Introduction........................................................................................................................................23-623.2.2 Principle............................................................................................................................................. 23-623.2.3 Reference............................................................................................................................................23-8

24 VoIP..........................................................................................................................................24-124.1 Basic Features of VoIP................................................................................................................................24-2

24.1.1 Introduction........................................................................................................................................24-224.1.2 Reference............................................................................................................................................24-3

24.2 VoIP (H.248)...............................................................................................................................................24-324.2.1 Introduction........................................................................................................................................24-424.2.2 Principle............................................................................................................................................. 24-4

24.3 VoIP (MGCP)............................................................................................................................................. 24-524.3.1 Introduction........................................................................................................................................24-624.3.2 Principle............................................................................................................................................. 24-6

24.4 VoIP (SIP)...................................................................................................................................................24-724.4.1 Introduction........................................................................................................................................24-824.4.2 Principle............................................................................................................................................. 24-8

25 ISDN.........................................................................................................................................25-125.1 ISDN Feature Description...........................................................................................................................25-2


25.2 Basic Rate Adaptation (BRA).....................................................................................................................25-725.2.1 Introduction........................................................................................................................................25-725.2.2 Principle............................................................................................................................................. 25-8

25.3 Primary Rate Adaptation (PRA)................................................................................................................. 25-925.3.1 Introduction......................................................................................................................................25-1025.3.2 Principle...........................................................................................................................................25-10

26 Overload Control....................................................................................................................26-126.1 MG Overload Control................................................................................................................................. 26-2

26.1.1 Introduction........................................................................................................................................26-226.1.2 Principles............................................................................................................................................26-326.1.3 Reference............................................................................................................................................26-9

26.2 Upstream Bandwidth Overload Control......................................................................................................26-926.2.1 Introduction......................................................................................................................................26-1026.2.2 Principles..........................................................................................................................................26-10


Feature Description

xvi Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 03 (2010-01-28)

26.3 MGC Overload Control.............................................................................................................................26-1226.3.1 Introduction......................................................................................................................................26-1226.3.2 Principles..........................................................................................................................................26-13

26.4 Broadband Packets Overload Control.......................................................................................................26-1426.4.1 Introduction......................................................................................................................................26-1426.4.2 Principles..........................................................................................................................................26-15

A Acronyms and Abbreviations................................................................................................A-1



xvii

Figures

Figure 2-1 VDSL2 transmission architecture.......................................................................................................2-4Figure 3-1 ADSL transmission architecture.........................................................................................................3-4Figure 3-2 Tones and bandwidth for ADSL over POTS......................................................................................3-5Figure 3-3 Tones and bandwidth for ADSL over ISDN......................................................................................3-6Figure 3-4 Tones and bandwidth of ADSL2+......................................................................................................3-6Figure 4-1 Typical application model of SHDSL................................................................................................4-3Figure 4-2 Typical networking application of ATM SHDSL..............................................................................4-5Figure 4-3 Typical application model of SHDSL................................................................................................4-7Figure 4-4 Typical networking application of EFM SHDSL...............................................................................4-9Figure 5-1 Application network of the line optimization feature.........................................................................5-5Figure 6-1 Process of converting PPPoA packets into PPPoE packets................................................................6-3Figure 7-1 IPoA implementation process.............................................................................................................7-3Figure 8-1 Implementation of P2P FE optical access..........................................................................................8-3Figure 9-1 802.1Q-based VLAN frame...............................................................................................................9-3Figure 9-2 QinQ VLAN service process..............................................................................................................9-9Figure 9-3 VLAN stacking service process........................................................................................................9-11Figure 10-1 Process of the HWTACACS authentication of the user level upshift............................................10-3Figure 11-1 Dynamic DNS.................................................................................................................................11-2Figure 11-2 Dynamic DNS.................................................................................................................................11-4Figure 13-1 ACL based filtering........................................................................................................................13-4Figure 14-1 Schematic diagram of PQ...............................................................................................................14-5Figure 14-2 Principle of two token buckets.....................................................................................................14-11Figure 15-1 Process of the ANCP topology discovery and parameter configuration........................................15-3Figure 15-2 Process of modifying the line parameters during a subscriber service update...............................15-4Figure 15-3 Process of a remote connection test................................................................................................15-5Figure 16-1 Schematic drawing of designated bridge and designated port........................................................16-4Figure 17-1 Typical multicast application in a tree topology.............................................................................17-4Figure 18-1 Single-PVC for multiple services which are differentiated by IPoE/PPPoE..................................18-5Figure 18-2 Single-PVC for multiple services which are differentiated by VLAN IDs and 802.1p values......18-6Figure 18-3 Implementation principles of multi-PVC for multiple services..................................................... 18-7Figure 19-1 Manual link aggregation.................................................................................................................19-4Figure 19-2 Static link aggregation....................................................................................................................19-5Figure 20-1 System security application model of the MA5606T.....................................................................20-2

SmartAX MA5606T Multi-service Access ModuleFeature Description Figures


xix

Figure 21-1 PPPoE dialup process in PITP V mode..........................................................................................21-4Figure 21-2 VBAS packet format......................................................................................................................21-6Figure 21-3 PPPoE dialup process in PITP P mode...........................................................................................21-8Figure 21-4 Packet format in P mode.................................................................................................................21-9Figure 21-5 PPPoE payload field format...........................................................................................................21-9Figure 21-6 Vendor tag format.........................................................................................................................21-10Figure 21-7 DHCP process with DHCP option82 enabled..............................................................................21-12Figure 21-8 Format of a DHCP option82 field................................................................................................21-13Figure 21-9 Sub options of DHCP option82....................................................................................................21-13Figure 21-10 DHCP process when the DHCP Sub-Option90 is enabled.........................................................21-15Figure 21-11 Subitem format of the DHCP Sub-Option90..............................................................................21-16Figure 21-12 Format of a VMAC address........................................................................................................21-28Figure 21-13 VMAC address switching process..............................................................................................21-29Figure 21-14 PPPoA single-MAC service model............................................................................................21-31Figure 21-15 PPPoE Single-MAC Service Model...........................................................................................21-32Figure 23-1 Connectivity check.........................................................................................................................23-3Figure 23-2 Loopback detection.........................................................................................................................23-4Figure 23-3 LT...................................................................................................................................................23-5Figure 23-4 Networking of an Ethernet EFM OAM application.......................................................................23-6Figure 24-1 Principle of the VoIP feature based on the H.248 protocol............................................................24-4Figure 24-2 Principle of the VoIP feature based on the MGCP protocol..........................................................24-6Figure 24-3 Principles for implementing the VoIP feature based on the SIP protocol......................................24-9Figure 25-1 ISDN system structure....................................................................................................................25-3Figure 25-2 ISDN call control process-call setup 1...........................................................................................25-4Figure 25-3 ISDN call control process-call setup 2...........................................................................................25-5Figure 25-4 ISDN call control process-call disconnection.................................................................................25-6Figure 25-5 Principles of the ISDN BRA..........................................................................................................25-8Figure 26-1 Operating principles for implementing the MG overload control..................................................26-4Figure 26-2 Principles for processing the POWER-DIALER............................................................................26-6Figure 26-3 MG overload control process-Off-hook and on-hook of the PSTN subscriber..............................26-7Figure 26-4 MG overload control process-ISDN subscriber acting as a caller..................................................26-8Figure 26-5 MG overload control process-subscriber acting as a callee............................................................26-9Figure 26-6 Processing on user off-hook in the case of upstream bandwidth overload control......................26-11Figure 26-7 Processing on the callee in the case of upstream bandwidth overload control.............................26-12Figure 26-8 Operating principles of the MGC overload control......................................................................26-13

FiguresSmartAX MA5606T Multi-service Access Module

Feature Description

xx Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 03 (2010-01-28)

Tables

Table 3-1 Glossary of technical terms related to ADSL2+..................................................................................3-3Table 3-2 Acronyms and abbreviations related to ADSL2+................................................................................3-3Table 4-1 Acronyms and abbreviations of the ATM SHDSL access feature.......................................................4-3Table 4-2 TC-PAM encoding technology............................................................................................................4-4Table 4-3 Acronyms and abbreviations of the EFM SHDSL access feature.......................................................4-7Table 4-4 TC-PAM encoding technology............................................................................................................4-8Table 5-1 Glossary of the DLM/DSM feature......................................................................................................5-3Table 5-2 Acronyms and abbreviations of the DLM/DSM feature......................................................................5-3Table 9-1 Meanings and purposes of the fields in a 802.1Q tag..........................................................................9-3Table 10-1 Differences between HWTACACS and RADIUS...........................................................................10-3Table 13-1 ACL types........................................................................................................................................ 13-2Table 14-1 Mapping between the packet service priority and the queue...........................................................14-9Table 21-1 Fields of a VBAS packet..................................................................................................................21-6Table 21-2 Fields of a PPPoE packet...............................................................................................................21-10Table 21-3 Fields of a DHCP option82 packet.................................................................................................21-13Table 21-4 Details of each field in the DHCP Sut-Option90 packet................................................................21-16Table 21-5 CID formats in various access modes............................................................................................21-18Table 21-6 RAIO fields in service-port-userlabel mode..................................................................................21-19Table 21-7 RAIO fields in dslforum-default mode..........................................................................................21-20Table 21-8 User-defined keywords..................................................................................................................21-21Table 21-9 User-defined separators..................................................................................................................21-24Table 22-1 Glossary of technical terms related to a subtended network configuration..................................... 22-2Table 22-2 Acronyms and abbreviations related to a subtended network configuration...................................22-3Table 24-1 List of the VoIP services supported by the MA5606T.................................................................... 24-3Table 26-1 Glossary of the overload control feature..........................................................................................26-3Table 26-2 Acronyms and abbreviations of the overload control feature..........................................................26-3

SmartAX MA5606T Multi-service Access ModuleFeature Description Tables


xxi

1 GPON Upstream Transmission

About This Chapter

GPON upstream transmission means transmission of data through the GPON interface which isthe upstream interface.

1.1 IntroductionThis topic describes the definition, purpose, specification, and availability of GPON upstreamtransmission.

1.2 PrincipleThis topic describes the implementation principles of GPON upstream transmission.

1.3 ReferenceThis topic describes the reference documents of GPON upstream transmission.

SmartAX MA5606T Multi-service Access ModuleFeature Description 1 GPON Upstream Transmission


1-1

1.1 IntroductionThis topic describes the definition, purpose, specification, and availability of GPON upstreamtransmission.

Definition

As a box-type mini DSLAM, the MA5606T is used to provide digital subscriber line (DSL)broadband access to a small number of subscribers. To adapt to various networking modes, theMA5606T provides gigabit-capable passive optical network (GPON) upstream ports. In thisway, the MA5606T, together with the optical line terminal (OLT), plays an important role in aGPON network.

Purpose

The MA5606T supports GPON upstream ports. As a multi-dwelling unit (MDU), the MA5606Ttakes full advantage of the wide coverage, flexible networking, and low maintenance cost of theGPON network. The MA5606T, together with the OLT, provides high-bandwidth broadbandaccess for subscribers. Moreover, the MA5606T increases the number of subscribers of the OLT.

Specification

The MA5606T supports the following GPON upstream transmission specifications:

l CoS-based transmission container (T-CONT) queue mapping and scheduling

l Support of a GPON upstream port with a downstream rate of 2.488 Gbit/s and an upstreamrate of 1.244 Gbit/s.

l Support of eight T-CONTs with up to 32 GEM ports.

l Support of service configuration and management by the OLT to the MA5606T throughthe OMCI.

Availabilityl Hardware support

The GP1A board supports GPON upstream transmission.l License support

The feature of GPON upstream transmission is a basic feature of the MA5606T. Therefore,the corresponding service is provided without a license.

1.2 PrincipleThis topic describes the implementation principles of GPON upstream transmission.

The GPON upstream port of the MA5606T sends the Serial_Number_ONT PLOAM messagesto the OLT for registration. The OLT determines whether to register it according to the internalserial number database.

After the MA5606T registers with the OLT successfully, the OLT allocates T-CONTs to theMA5606T. The index of a T-CONT is an allocation ID (Alloc-ID) which ranges from 0 to 4095.

1 GPON Upstream TransmissionSmartAX MA5606T Multi-service Access Module

Feature Description

1-2 Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 03 (2010-01-28)

The MA5606T supports up to eight T-CONTs. The OLT allocates bandwidth and sets bandwidthparameters for these T-CONTs.

The upstream data packets from the switching fabric are mapped to the specified GEM portthrough the classifier, and then mapped to the T-CONT.

The rule for the classifier is VLAN plus 802.1p priority.

You can configure the mapping actions of various traffic through the CLI or the elementmanagement system (EMS).

1.3 ReferenceThis topic describes the reference documents of GPON upstream transmission.

The following lists the reference documents of GPON upstream transmission:l ITU-T G.984.2, Gigabit-capable Passive Optical Networks (GPON): Physical Media

Dependent (PMD) Layer Specificationl ITU-T G.984.3, Gigabit-capable Passive Optical Networks (GPON): Transmission

Convergence Layer Specification

SmartAX MA5606T Multi-service Access ModuleFeature Description 1 GPON Upstream Transmission


1-3

2 VDSL2 Access

About This Chapter

VDSL2 supports a high bandwidth (symmetric rates of up to 100 Mbit/s). It addresses therequirement for short distance and high rate of the next generation FTTx access scenarios.

2.1 IntroductionThis topic describes the definition, purpose, specification, and availability of VDSL2 access.

2.2 PrincipleThis topic describes the implementation principles of VDSL2 access.

2.3 ReferenceThis topic describes the reference documents of VDSL2 access.

SmartAX MA5606T Multi-service Access ModuleFeature Description 2 VDSL2 Access


2-1

2.1 IntroductionThis topic describes the definition, purpose, specification, and availability of VDSL2 access.

Definition

Very High Speed Digital Subscriber Line (VDSL) is a transmission technology that is used toprovide high-speed private line access over the twisted pair in the asymmetric or symmetricmode.

VDSL2 is an extension of VDSL.

Purpose

VDSL2 supports a high bandwidth (symmetric rates of up to 100 Mbit/s). VDSL2 providesmultiple spectrum profiles and encapsulation modes. It meets the requirement for short distanceand high rate of the next generation FTTx access scenarios.

Specifications

The MA5606T supports the following VDSL2 access specifications:

l Compliance with ITU-T Recommendation G.993.2

l A maximum reach distance of 3.5 km

l Compatibility with ADSL/ADSL2+

l Support of the VDSL2/ADSL2+ compatible board, VDSL2 over POTS board, and VDSL2over ISDN board to meet different service requirements

l Multiple spectrum profiles, including 8a, 8b, 8c, 8d, 12a, 12b, and 17a to meet differentapplication scenarios

l Power spectral density (PSD) control through UPBO/DPBO, RFI, PSD Mask, and ToneBlackout

l Two encapsulation modes (ATM and PTM)

l Working in the ADSL/ADSL2+ mode when connecting to ADSL/ADSL2+ terminals

l BandPlan998 and BandPlan997

l Support of 24-port or 48-port VDSL2 boards

l Automatic rate adjustment according to the line conditions during the initialization

l Configuration, modification, and query of the VDSL2 configuration parameters (such asline and channel mode)

l Reporting of alarm and maintenance information about the line and the channel

l VDSL2 terminal managementBased on the function, the VDSL2 modems can be maintained remotely through telnet, andthe software of the VDSL2 modems can be remotely upgraded in-service through TFTP.

l Configuration of the BITSWAP parameter.

l PPPoE+ sub option.

2 VDSL2 AccessSmartAX MA5606T Multi-service Access Module

Feature Description


Issue 03 (2010-01-28)

l Line template configuration change

Previously channel profile and line profile but now spectrum profile and service profileinstead are bound as a higher-level line template and then bound to a specific port.

l Configuration of the ANNEX M frequency band

l Power-saving of the xDSL line


– The VDSA (VDSL2 over POTS) board supports 8b and 17a, and is compatible with 8a,8c, 8d, 12a and 12b spectrum profiles.

– The 24-channel VDRD board supports 30a spectrum profile.

– The VDTF (VDSL2 over ISDN) board supports 8a, 8b, 8c, 8d, 12a, 12b, and 17aspectrum profiles.

– The VDMF (VDSL2 over POTS) board supports 8a, 8b, 8c, 8d, 12a, 12b, and 17aspectrum profiles.

– The VDNF (VDSL2 over ISDN) board supports 8b and 17a spectrum profiles.

– The modem must support the VDSL2 protocol.

l License support

The number of VDSL2 ports supported by the MA5606T is under license. Therefore, thelicense is required for accessing the corresponding service.

2.2 PrincipleThis topic describes the implementation principles of VDSL2 access.

VDSL2 Compatibility

VDSL2 complies with the ITU-T Recommendation G993.2.

The International Telecommunications Union (ITU) specifies that VDSL2 must use the discretemulti-tone (DMT) modulation method. VDSL2 is compatible with ADSL and ADSL2+.Because VDSL is not widely applied, VDSL2 is not compatible with VDSL.

VDSL2 System Architecture

The system architecture of VDSL2 is similar to that of ADSL. VDSL2 supports threeindependent application models:

l Pure data service model

l POTS and data service model

l ISDN and data service model

Figure 2-1 shows the VDSL2 transmission architecture.



2-3

Figure 2-1 VDSL2 transmission architecture

PMD

PMS

-TC

a

U

PMD

PMS

-TC

TPS

-

Use

r app

licat

ion

inte

rface

s

b

Application specific Application invariant Application specific

Unspecified Main body andAnnexes

Main body

8-kHzNTR

OAMinterface

gO

IO I

VME

VTU-R

OAMinterfaceM

PS-

VME

Use

r app

licat

ion

inte

rface

s

Unspecified

gR

PMD

PMS

-TC

U

PMD

PMS

-TC

TPS

-TC

#0

R

TPS

-TC

#1

MP

S-T

CN

TR-T

C

VME

gR

VTU-O

Main body andAnnexes

8-kHzNTR

TPS

-TP

S-T

C #

0TP

S-T

C #

1M

PS

-TC

NTR

-TC

I/F

I/F

I/F

I/F

A VDSL2 device consists of three parts:

l TPS-TC– TPS-TC is related with specific applications. It performs the mapping of the user

interface data and the control signals to and from the TPS-TC synchronization datainterface.

– TPS-TC sends and receives control messages through the payload channel of the PMS-TC layer.

– The PMS-TC function module provides a procedure for VDSL Transceiver Unit (VTU)management. The MPS-TC function module communicates with the higher levelfunction entity of the management plane. The management messages are exchangedbetween the MPS-TC function entities of the VTU through the VDSL payload channel.

l PMS-TC– PMS-TC multiplexes of the VDSL payload and the TPS-TC data traffic.

– The basic functions are: framing, frame synchronization, scrambling/descrambling,forward error correction (FEC), and error check.

– It provides a payload channel for delivering control messages of the TPS-TC, PMS-TCand PMD layers in addition to the messages from the management interface.

l PMD– The basic functions are: regular element generation and recovery, coding/decoding,

modulation/demodulation, echo cancellation, line equalization, and link start.– The PMD layer also sends and receives control messages through the payload channel

of the PMS-TC layer.

2 VDSL2 AccessSmartAX MA5606T Multi-service Access Module

Feature Description


Issue 03 (2010-01-28)

The VDSL2 board of the MA5606T provides these function modules as specified by G993.2.In addition, the MA5606T provides a VDSL2 management module in compliance with G997.1and TR090, thus supporting line management based on the line, channel and spectrum profileto address different requirements.

2.3 ReferenceThis topic describes the reference documents of VDSL2 access.

The following lists the reference documents of VDSL2 access:l ITU-T G.993.1: Very high speed digital subscriber line transceivers

l ITU-T G.993.2: Very high speed digital subscriber line 2



2-5

3 ADSL2+ Access

About This Chapter

Asymmetrical digital subscriber loop (ADSL) is an asymmetric transmission technology that isused to transmit data at high speed over the twisted pair. ADSL2+ is an extension of ADSL. Theupstream rate of ADSL2+ reaches 2.5 Mbit/s, and the downstream rate reaches 24 Mbit/s. Themaximum reach of ADSL2+ is 6.5 km.

3.1 IntroductionThis topic describes the definition, purpose, specification, glossary, and also acronyms andabbreviations related to ADSL2+ access.

3.2 PrincipleThis topic describes the operating principles of ADSL2+ access.

3.3 ReferenceThis topic describes the reference documents of ADSL2+ access.

SmartAX MA5606T Multi-service Access ModuleFeature Description 3 ADSL2+ Access


3-1

3.1 IntroductionThis topic describes the definition, purpose, specification, glossary, and also acronyms andabbreviations related to ADSL2+ access.

Definition

Asymmetrical digital subscriber loop (ADSL) is an asymmetric transmission technology that isused to transmit data at high speed over the twisted pair.

ADSL2+ is an extension of ADSL. The upstream rate of ADSL2+ reaches 2.5 Mbit/s, and thedownstream rate reaches 24 Mbit/s. The maximum reach of ADSL2+ is 6.5 km.

Purpose

The ADSL technology adopts asymmetric transmission to provide high-speed dada accessservice.

Specification

The MA5606T supports the following specifications:

l Compatibility with ADSL and ADSL2

l A maximum upstream rate of 2.5 Mbit/s

l A maximum downstream rate of 24 Mbit/s

l A maximum reach of 6.5 km

l Support of ADSL2+ board and POTS access

l Transmission mode (Annex A, Annex B, Annex L, Annex M and Annex J)

l Fast bit switchover

l Power management

l Power cut back function on the CO and the CPE

l Automatic rate adjustment according to the line conditions during the initialization

l Pilot floating

l Pilot selection based on channel coditions

l Support of tone transmit power control based on CO-MIB (spectrum shaping Tssi)

l Dynamic seamless rate auto-sensing to improve the adaptability for line parameters

l Single ended loop test (SELT)

l Configuration, modification and query of the ADSL configuration parameters (such as lineand spectrum)

l Report of alarm and maintenance information on the line and channel

l Support of 32 ports and 64 ports ADSL2+ boards


3 ADSL2+ AccessSmartAX MA5606T Multi-service Access Module

Feature Description


Issue 03 (2010-01-28)

Availabilityl Hardware Support

– The ADIF/ADLF, ADPD/ADQD boards support this feature.

– The modem must support the ADSL/ADSL2+ protocols.

l License Support

The number of ADSL2+ ports supported by the MA5606T is under license. Therefore, thelicense is required for accessing the corresponding service.

Glossary

Table 3-1lists the glossary of technical terms related to ADSL2+ access.

Table 3-1 Glossary of technical terms related to ADSL2+

Glossary Definition

SELT The single ended loop test includes:l Line type

l Line length

l Terminal type

l Local noise

l Bridge tap

Tone It is the sub-carrier. For example, when the bandwidth of 1MHz is divided into 256 sub-carriers, each carrier is called asa tone.

Acronyms and Abbreviations

Table 3-2lists the acronyms and abbreviations related to ADSL2+ access.

Table 3-2 Acronyms and abbreviations related to ADSL2+

Acronym Full Expansion

ADSL Asymmetrical Digital Subscriber Loop

POTS Plain Old Telephone Service

ISDN Integrated Services Digital Network

CO Central Office

CPE Customer Premise Equipment

DMT Discrete Multi-Tone



3-3

3.2 PrincipleThis topic describes the operating principles of ADSL2+ access.

ADSL System ArchitectureBased on provided functions, the ADSL transceiver is divided into:l TPS-TC (convergence sub layer related to transmission protocol)l PMS-TC (convergence sub layer related to physical medium)l PDM (sub layer related to physical medium)l MPS-TC (convergence sub layer related to management protocol for BMS interface)Each sub layer is encapsulated and defined with the information between sub layers to performintercommunication among different manufactures. Figure 3-1 shows the ADSL transmissionarchitecture.

Figure 3-1 ADSL transmission architecture

l TPS-TC– TPS-TC is related to specific application. It performs the mapping of the user interface

data and the control signals to and from the TPS-TC synchronization data interface.– TPS-TC sends and receives control signals through the payload channel of the PMS-

TC layer.– The MPS-TC function module provides a procedure for ADSL transceiver unit (ATU)

management. The MPS-TC function module communicates with the higher level


Feature Description


Issue 03 (2010-01-28)

function entity of the management plane. The management messages are exchangedbetween the MPS-TC function entities of the ATU through the ADSL payload channel.

l PMS-TC– PMS-TC multiplexes of the ADSL payload and the TPS-TC data traffic.

– The basic functions are: framing, frame synchronization, scrambling/descrambling,forward error correction (FEC), and error check.

– It provides a payload channel for delivering control messages of the TPS-TC, PMS-TCand PMD layers in addition to the messages from the management interface.

l PMD– The basic functions are: regular element generation and recovery, coding/decoding,

modulation/demodulation, echo cancellation, line equalization, and link start.– The PMD layer also sends and receives control messages through the payload channel

of the PMS-TC

ADSL PrinciplesADSL provides a total bandwidth of 1.104 MHz. By using DMT, ADSL splits the bandwidthinto 256 tones (0-255). Since ADSL over POTS is different from ADSL over ISDN, the divisionof the 256 tones is different.

Figure 3-2 shows the tones and bandwidth for ADSL over POTS.

Figure 3-2 Tones and bandwidth for ADSL over POTS

138kHz 1104 kHz

DownstreamUpstreamPOTS

4kHz

6 32 2550

26kHz

l The 0-5 are reserved to transmit the 4 kHz analog voice signals.

l The 6-31 are used to transmit uplink data over the bandwidth of 26-138 kHz.

l The 32-255 are used to transmit downlink data over the bandwidth of 138-1104 kHz.

Figure 3-3 shows the tones and bandwidth for ADSL over ISDN.



3-5

Figure 3-3 Tones and bandwidth for ADSL over ISDN

138kHz 1104kHz

DownstreamUpstreamISDN

120kHz

6432 2550

276kHz

l Tones 0-31 are reserved to transmit the 120 kHz ISDN signals.

l Tones 32-63 are used to transmit uplink data over the bandwidth of 138-276 kHz.

l Tones 64-255 are used to transmit downstream data over the bandwidth of 276-1104 kHz.

NOTE

Each tone occupies a bandwidth of 4.3125 KHz for transmission.

When an ADSL terminal unit (ATU) uses echo cancellation, the ADSL signals can be transmitted in theoverlapped mode, which means to extend the downstream bandwidth to the uplink bandwidth so that theuplink and downstream ADSL signals can share transmission channels.

Each ADSL tone can transmit datagram of 1-15 bits. The actual capacity of each tone dependson the real-time transmission performance such as the attenuation, delay and noise.

ADSL2+ Principles

ADSL2+ extends the bandwidth of ADSL to 2.208 MHz and uses DMT to split the bandwidthinto 512 tones (0-511). Figure 3-4 shows the tones and bandwidth of ADSL2+.

Figure 3-4 Tones and bandwidth of ADSL2+


Feature Description


Issue 03 (2010-01-28)

When the data transmission mode is Annes A, Annex B, or Annex L, the tones are allocated asfollows:l Tones 0-5 are reserved to transmit the 4 kHz analog voice signals.l – Annex A/Annex L: Sub-carriers 6-31 are used to transmit the upstream data at the

frequency of 26-138 kHz.– Annex B: Sub-carriers 6-31 are used to transmit the upstream data at the frequency of

120-276 kHz.l Tones 32-511 are used to transmit downstream data over the bandwidth of 138-2208 kHz.

When the data transmission mode is Annes M, the tones are allocated as follows:l Tones 0-5 are reserved to transmit the 4 kHz analog voice signals.

l Sub-carriers 6-63 are used to transmit the upstream data at the frequency of 26 kHz-f1,where f1 ranges from 138 kHZ through 276 kHZ.

l Tones 64-511 are used to transmit downstream data over the bandwidth of 256-2208 kHz.

ADSL2+ extends bandwidth and improves the transmission efficiency by enhancingmodulation, reducing overhead and optimizing frame structure.

3.3 ReferenceThis topic describes the reference documents of ADSL2+ access.

The following lists the reference documents of ADSL2+ access;

l G992.1 Asymmetric digital subscriber line (ADSL) transceivers

l G992.3 Asymmetric digital subscriber line transceivers 2 (ADSL2)

l G992.5 Asymmetric Digital Subscriber Line (ADSL) transceivers - Extended bandwidthADSL2 (ADSL2plus)



3-7

4 SHDSL

About This Chapter

SHDSL is an xDSL access technology, just like ADSL and VDSL. SHDSL provides thesymmetric upstream and downstream rates.

4.1 ATM SHDSL AccessThis topic describes the definition, purpose, specification and limitations of ATM SHDSL accessfeature. It also provides the glossary and the acronyms and abbreviations related to the ATMSHDSL access feature.

4.2 EFM SHDSL AccessThis topic describes the definition, purpose, specification and limitations of EFM SHDSL accessfeature. It also provides the glossary and the acronyms and abbreviations related to the EFMSHDSL access feature.

SmartAX MA5606T Multi-service Access ModuleFeature Description 4 SHDSL


4-1

4.1 ATM SHDSL AccessThis topic describes the definition, purpose, specification and limitations of ATM SHDSL accessfeature. It also provides the glossary and the acronyms and abbreviations related to the ATMSHDSL access feature.

4.1.1 IntroductionThis topic describes the definition, purpose, specification, limitation, glossary, and alsoacronyms and abbreviations of the ATM SHDSL access feature.

4.1.2 PrincipleThis topic describes the operating principles of the ATM SHDSL access feature.

4.1.3 ReferenceThis topic describes the reference documents of the ATM SHDSL access feature.

4.1.1 IntroductionThis topic describes the definition, purpose, specification, limitation, glossary, and alsoacronyms and abbreviations of the ATM SHDSL access feature.

DefinitionSHDSL is an xDSL access technology, just like ADSL and VDSL. SHDSL provides thesymmetric upstream and downstream rates.

The symmetric upstream and downstream rates of ATM SHDSL determine that bi-directionalrates of the supported service must be basically the same. In addition, ATM SHDSL features alonger transmission distance. Hence, ATM SHDSL can be widely used.

PurposeATM SHDSL provides symmetric broadband access services for subscribers to meet therequirement for high downstream rate from SOHO subscribers. ATM SHDSL applications aresimilar to ADSL applications and the ATM SHDSL and ADSL applications are mutuallycomplementary.

Specificationl Single-pair, two-pair SHDSL Line rate in the single-pair mode ranges from 192 kbit/s to

2312 kbit/s, and line rate in the two-pair mode doubles the line rate in the single-pair modeThe rate adjustment granularity is 16 kbit/s.

l The SHLB board supports the single-pair and two-pair modes.

l Network timing reference (NTR) clock

l Automatic rate adjustment according to the line conditions during initialization

l Reporting of the alarms and maintenance information of lines

l PPPoE+ sub option

l Dynamic adjustment of the specifications of the SHDSL line profile and alarm profile


4 SHDSLSmartAX MA5606T Multi-service Access Module

Feature Description


Issue 03 (2010-01-28)

AvailabilityHardware Support

None

License Support

The port rate measurement function supported by the MA5606T is under license. Therefore, thecorresponding service is also under license.

GlossaryNone


Table 4-1 Acronyms and abbreviations of the ATM SHDSL access feature

Acronym/Abbreviation Full Name

SHDSL Single-line high speed digital subscriber line

HDSL High-speed digital subscriber line

TC-PAM Trellis coded pulse amplitude modulation

ATM Asynchronous transfer mode

4.1.2 PrincipleThis topic describes the operating principles of the ATM SHDSL access feature.

Typical Application ModelThe SHDSL operating principles are based on the G.991.2(2001) standard.

Figure 4-1 Typical application model of SHDSL

UserTerminal

UserTerminal

Optional

..

.

STU-R

S/T

S/T SRU

U-R

DLL

U-C

DLL

Optional

U-R U-RU-C

. . . DLL

U-C

STU-C

VCO

Netw ork

T1541150-00(114701)

One SHDSL system consists of an STU-C, an STU-R, and a subscriber terminal. Multiplerepeaters can be added to the line between the STU-C and the STU-R.



4-3

l The STU-C provides service ports at the central office.

l The STU-R provides subscriber ports for connecting to multiple subscriber terminals.

l The SHDSL repeater unit (SRU) refers to the repeater. In ultra-long distance transmission,it recovers signals and re-transmits signals to increase the transmission distance.

The MA5606T does not support repeaters.

Terminal ModelThe SHDSL terminal model consists of the following parts:

l PDM module– The PDM module implements functions such as: Regular code element generation and

recovery, coding/decoding, modulation/demodulation, echo control, linearequalization, and link start

– SHDSL mainly uses the trellis coded pulse amplitude modulation (TC-PAM)technology.

l PMS-TC moduleThe PMS-TC module implements functions such as: framing, frame synchronizationscrambling, and descrambling

l TPS-TC moduleThe TPS-TC module implements functions such as: mapping and encapsulation of dataframes, multiplexing and demultiplexing, timing alignment of multiple subscriber datachannels

l I/F interface of the device at the central office– It mainly provides the ATM port.

– The ATM port is used for transmitting ATM cells over the ATM network, or accordingto the carried packets, transmitting Ethernet packets encapsulated by the SAR moduleor E1/V3.5 signals over the Ethernet network.

l I/F interface of the device on the subscriber sideIt corresponds to the I/F interface of the device at the central office. In general, the I/Finterface is used for providing Ethernet ports or E1/V.35 ports.

When the MA5606T uses the SHLB board, the TC-PAM encoding technology is shown as thefollowing table.

Table 4-2 TC-PAM encoding technology

CompliantStandards

Describes...

SHDSL R = n´64 + (i)´8, 3 ≤ n ≤ 36 and 0 ≤ i ≤ 7 (192 kbit/s to 2312 kbit/s)

When the MA5606T uses the SHLB board, the TC-PAM encoding technology is shown as thefollowing table.

The SHLB board of the MA5606T is based on ATM. The board provides the Ethernet port (forbroadband access) or E1/V.35 port (for private line access) for connecting subscriber terminals.


Feature Description


Issue 03 (2010-01-28)

In the upstream direction, the board is connected to the metropolitan area network (MAN)through the upstream board.

Typical Networking ApplicationThe following figure shows the typical networking application of ATM SHDSL.

Figure 4-2 Typical networking application of ATM SHDSL

PM

IPM

SDLB

ATM SHDSL ATM SHDSL

FE/GE 0/8

MA5606T

I

PC_A PC_B

IPTV server

ModemModem

4.1.3 ReferenceThis topic describes the reference documents of the ATM SHDSL access feature.

The following lists the reference documents of this feature:

l ITU-T Recommendation G.991.2 (2001), Single-pair high-speed digital subscriber line(SHDSL) transceivers

4.2 EFM SHDSL AccessThis topic describes the definition, purpose, specification and limitations of EFM SHDSL accessfeature. It also provides the glossary and the acronyms and abbreviations related to the EFMSHDSL access feature.

4.2.1 IntroductionThis topic describes the definition, purpose, specification, limitation, glossary, and alsoacronyms and abbreviations of the Ethernet in the first mile (EFM) SHDSL access feature.



4-5

4.2.2 PrincipleThis topic describes the operating principles of the EFM SHDSL access feature.

4.2.3 ReferenceThis topic describes the reference documents of the EFM SHDSL access feature.

4.2.1 IntroductionThis topic describes the definition, purpose, specification, limitation, glossary, and alsoacronyms and abbreviations of the Ethernet in the first mile (EFM) SHDSL access feature.

Definition

SHDSL is an xDSL access technology, just like ADSL and VDSL. SHDSL provides thesymmetric upstream and downstream rates.

EFM SHDSL integrates the advantages of the SHDSL technology and the ADSL technology.That is, EFM SHDSL can provide traditional voice service and high rate Internet access serviceover common twisted pairs to meet the requirements for high definition TV service and VoDservice from subscribers, which suit the last mile access for broadband to the campus.

Purpose

The utilization ratio of the EFM access service is high when the activation rates of the ATM andEFM access services are the same. Hence, if the subscriber terminal supports ATM and EFMSHDSL access services simultaneously, the EFM SHDSL access service is preferred.

Specificationl A maximum transmission distance of 6 km

l Network timing reference (NTR) clock

l Ethernet access service

l Automatic rate adjustment according to the line conditions during initialization

l Reporting the alarms and maintenance information of lines

l Four modes of binding EFM ports: single-pair (one port), two-pair (two ports), three-pair(three ports), and four-pair (four ports)

l Line rate ranging from 192 kbit/s to 5696 kbit/s in the single-pair mode

l The line rate of the bound two, three, or four EFM ports is double, triple, or quadruple theline rate of a single port. Each port in an EFM binding group can be activated or deactivatedindependently. Hence, in a specific application, the line rate of the binding group variesaccording to the number of the activated ports in the group.


Glossary

None


Feature Description


Issue 03 (2010-01-28)

Acronym and Abbreviations

Table 4-3 Acronyms and abbreviations of the EFM SHDSL access feature

Acronym andAbbreviations

Full Name

EFM Ethernet in the first mile



4.2.2 PrincipleThis topic describes the operating principles of the EFM SHDSL access feature.

Typical Application Model

The SHDSL operating principles are based on the G.991.2 (2001) standard.

Figure 4-3 Typical application model of SHDSL

UserTerminal

UserTerminal

Optional

..

.

STU-R

S/T

S/T SRU

U-R

DLL

U-C

DLL

Optional

U-R U-RU-C

. . . DLL

U-C

STU-C

VCO

Netw ork

T1541150-00(114701)

One SHDSL system consists of an STU-C, an STU-R, and a subscriber terminal. Multiplerepeaters can be added to the line between the STU-C and the STU-R.

l The STU-C provides service ports at the central office.

l The STU-R provides subscriber ports for connecting to multiple subscriber terminals.

l The SHDSL repeater unit (SRU) refers to the repeater. In ultra-distance transmission, itrecovers signals and re-transmits signals to increase the transmission distance.

The MA5606T does not support repeaters.

Terminal Model

The SHDSL terminal model consists of the following parts:

l PDM module



4-7

– The PDM module implements functions such as: Regular code element generation andrecovery, coding/decoding, modulation/demodulation, echo control, linearequalization, and link start

– SHDSL mainly uses the trellis coded pulse amplitude modulation (TC-PAM)technology.

l PMS-TC moduleThe PMS-TC module implements functions such as: framing, frame synchronizationscrambling, and descrambling

l TPS-TC moduleThe TPS-TC module implements functions such as: mapping and encapsulation of dataframes, multiplexing and demultiplexing, timing alignment of multiple subscriber datachannels

l I/F interface of the device at the central office– Providing ATM ports or circuit interfaces

– The ATM port is used for transmitting ATM cells over the ATM network, or accordingto the carried packets, transmitting Ethernet packets encapsulated by the SAR moduleor E1/V3.5 signals over the Ethernet network or E1 links.

– The circuit interface is used for transmitting E1 or V.35 signals directly through thetime division multiplexing (TDM) network.

l I/F interface of the device on the subscriber sideIt corresponds to the I/F interface of the device at the central office. In general, the I/Finterface is used for providing Ethernet ports (for delivering ATM cells processed by theSAR module) or E1/V.35 ports.

Table 4-4 TC-PAM encoding technology

CompliantStandards

Describes...

SHDSL R = n´64 + (i)´8, 3 ≤ n ≤ 89 and 0 ≤ i ≤ 7 (192 kbit/s to 5696 kbit/s)

Typical Networking ApplicationThe following figure shows the typical networking application of EFM SHDSL.


Feature Description


Issue 03 (2010-01-28)

Figure 4-4 Typical networking application of EFM SHDSL

CU

SCU

SHLB

ATM SHDSL EFM SHDSL

FE/GE 0/7

MA5606T

S

PC_A PC_B

IPTV

ModemModem

LAN Switch

4.2.3 ReferenceThis topic describes the reference documents of the EFM SHDSL access feature.


l ITU-T Recommendation G.991.2 (2001), Single-pair high-speed digital subscriber line(SHDSL) transceivers



4-9

5 DLM/DSM

About This Chapter

This topic describes the DLM/DSM feature in its introduction, principles, and reference.

5.1 IntroductionThis topic provides the definition, purpose, specifications, limitations, glossary, and acronymsand abbreviations of the DLM/DSM feature.

5.2 PrincipleThis topic describes the working principles of the DLM/DSM feature.

5.3 ReferenceThis topic provides the reference documents of the DLM/DSM feature.

SmartAX MA5606T Multi-service Access ModuleFeature Description 5 DLM/DSM


5-1

5.1 IntroductionThis topic provides the definition, purpose, specifications, limitations, glossary, and acronymsand abbreviations of the DLM/DSM feature.

Definition

Line optimization refers to improving the line quality and performance by adjusting lineparameters. It is one solution to dynamic line optimization, and is mainly implemented throughthe N2510.

The N2510 provides line test and protection for carriers' copper cables, featuring the following:

l Ensuring line services and fault location during operation

l Providing superior line management solutions to customers

l Meeting the requirement of line analysis and management

l Reducing the OPEX

Purpose

Line optimization aims at implementing dynamic management of lines, including the followingfunctions:l Collecting the line information

l Locating the line fault

l Managing the optimization profile

Specifications

The MA5606T supports the following specifications of the DLM/DSM feature.

l Collecting of the DLM/DSM optimization information of a specified board and query ofthe collecting status of the DLM/DSM optimization information of a specified board or allboards

l Displaying the parameters of the xDSL port, including the Hlog(i) of each sub-carrier, Qln(i) of each sub-carrier, TxPSD(i) of each sub-carrier, SNR(i) of each sub-carrier, SNRM(i)of each sub-carrier, gi of each sub-carrier, bi of each sub-carrier, coding gain, and actualsize of Reed-Solomon codeword (NFEC)

l 1000 optimization profiles you can add, modify, delete, and query an optimization profile.The parameters in the optimization profile are classified for configuration. The parametersconfigured in an optimization profile are as follows:– Line transmission mode

– Upstream/downstream bit swap parameters

– SNR margin, including upstream/downstream target SNR margin, upstream/downstream minimum SNR margin, and upstream/downstream maximum SNR margin

– Upstream/downstream interleave delay

– Upstream/downstream INP

5 DLM/DSMSmartAX MA5606T Multi-service Access Module

Feature Description


Issue 03 (2010-01-28)

– Power management parameters, including whether the transition to the idle state isallowed, whether the transition to the low power state is allowed, the shortest time fora line to be in the full-power state, the minimum time between entry into the L2 lowpower state and the first L2 low power trim request and between two consecutive L2power trim requests, each transmit power reduction in the L2 power state, and themaximum aggregate transmit power reduction that is allowed in the L2 power state

– Upstream/downstream sub-carrier blackout parameters

– Mode-related parameters, including transmission mode, maximum upstream/downstream aggregate nominal transmit power, upstream/downstream PSD mask, andmaximum upstream/downstream aggregate nominal transmit power

l Bind of an optimization profile to a port and unbinding of an optimization profile from aport

l Query of the optimization profile bound to a port

Limitation

When configuring an optimization profile, make sure that the parameters meet the followingconditions:

l For the upstream SNR: maximum SNR margin ≥ target SNR margin ≥ minimum SNRmargin

l For the power status parameter: each transmit power reduction in the L2 power state ≤maximum aggregate transmit power reduction that is allowed in the L2 power state

Glossary

Table 5-1 Glossary of the DLM/DSM feature

Glossary Description

Noise margin The SNR margin refers to the space that is reserved when thesystem allocates bits. When decrease of the SNR caused bythe environment change does not exceed the SNR margin, theBER can be guaranteed to be less than 10-7.

Interleaved delay Interleave causes delay. Interleave delay is composed of twoparts: FEC coding time and interleave time.


Table 5-2 Acronyms and abbreviations of the DLM/DSM feature


DLM Dynamic line management

DSM Dynamic spectrum management

SNR Signal noise ratio



5-3


NFEC Actual size of reed-solomon codeword

INP Impulse noise protection


The VDSA, VDTF, VDNF and VDMF boards support the DLM/DSM feature.l License Support

The DLM/DSM feature is an optional feature of the MA5606T, and the correspondingservice is under license. The following resources are under license:– VDSL port

– AnnexM resources

– INP+ resources

– Resources bound to the optimization profile

5.2 PrincipleThis topic describes the working principles of the DLM/DSM feature.

Compatibility of Line OptimizationThe DLM/DSM feature supports optimization for the lines in the VDSL access mode.

Line Optimization System ArchitectureThe line optimization system architecture is based on VDSL and N2510; however, it is anindependent application model.l The optimization profile is a model similar to the VDSL profile.

l The N2510 is a model similar to the BMS platform.

l Line optimization is mainly implemented on the N2510.

l The MA5606Tmainly collects the optimization information, and configures parametersaccording to the new optimization line.

5 DLM/DSMSmartAX MA5606T Multi-service Access Module

Feature Description


Issue 03 (2010-01-28)

Figure 5-1 Application network of the line optimization feature

xml xml

N2000BMS

N2510

VDSL2

DSLAMOLT

OSS

DSLAM

USER

USER

xml

5.3 ReferenceThis topic provides the reference documents of the DLM/DSM feature.

The following lists the reference documents of this feature:l Description of MA5600 V800R062 xDSL Feature Software Requirements and

Specificationsl Details About VDSL2 Parameters



5-5

6 PPPoA Access

About This Chapter

PPPoA access is an access mode in which users can transmit PPPoA packets to the PPPoE serverbased on Ethernet.

6.1 IntroductionThis topic describes the definition, purpose, specification, and availability of PPPoA access.

6.2 PrincipleThis topic describes the implementation principles of PPPoA access.

6.3 ReferenceThis topic describes the reference documents of PPPoA access.

SmartAX MA5606T Multi-service Access ModuleFeature Description 6 PPPoA Access


6-1

6.1 IntroductionThis topic describes the definition, purpose, specification, and availability of PPPoA access.

Definition

Point-to-Point Protocol over ATM Adaptation Layer 5 (PPPoA) access is an access mode inwhich users can transmit PPPoA packets to the PPPoE server, that is, the upper layer broadbandremote access server (BRAS) based on Ethernet.

The access device needs to handle the PPPoA packets from users and the PPPoE packets of thePPPoE server to realize the interworking function (IWF) between PPPoA packets and PPPoEpackets.

Purpose

PPPoA access is used to realize the IWF between PPPoA and PPPoE for the transition from theATM network to the IP network.

Specification

The MA5606T supports the following PPPoA specifications:

l PPP LLC and PPP VC-MUX encapsulation modes, and auto-sensing of the two modes

l PPP MRU≥1492 bytes

l Up to 128 PPPoA users


All the ATM service boards support PPPoA access.l License support

The conversion from PPPoA to PPPoE is an optional feature of the MA5606T. Therefore,the license is required for accessing the corresponding service.

6.2 PrincipleThis topic describes the implementation principles of PPPoA access.

Figure 6-1 shows the process of converting PPPoA packets into PPPoE packets.

6 PPPoA AccessSmartAX MA5606T Multi-service Access Module

Feature Description


Issue 03 (2010-01-28)

Figure 6-1 Process of converting PPPoA packets into PPPoE packets

State=disconnected

LCP Config-Req

State=connected

LCP Config-Ack

PPP packet

PPP packet

.

.

.

State=disconnected

PPPoE PADI

PPPoE PADO

PPPoE PADR

PPPoE (LCP Config-Req)

PPPoE PADS

PPPoE (LCP Config-Ack)

PPPoE (PPP packet)

PPPoE (PPP packet)

.

.

.

PPPoE PADT

RG BRASAccessNode

PPPoEDiscovery stage

PPPoESession stage

PPP sessionterminates

The PPPoA implementation process is as follows:

1. After receiving an LCP Config-Req from a PPPoA user, the MA5606T saves it in its buffer,and initiates a PPPoE session. In this session, the PADI packet is broadcast, and the sourceMAC address of the packet is that allocated by the MA5606T to the PPPoA user.

2. The BRAS sends the PADO packet to the MA5606T.3. The MA5606T obtains the MAC address of the BRAS, and sends the PADR packet to the

BRAS.4. The BRAS sends the PADS packet to the MA5606T.5. After obtaining the session ID, the MA5606T sends the saved LCP Config-Req to the BRAS

to enter into the PPPoE session stage.6. The user sends PPP data packets to the MA5606T. Then, the MA5606T encapsulates the

data packets into PPPoE packets according to the MAC address of the BRAS and the MACaddress allocated by the MA5606T to the user, and sends the packets to the BRAS. For thedownstream packets, the process is on the contrary.

7. The BRAS sends the PADT packet or the PPPoA user sends the LCP Configure Terminatepacket to terminate the session.

6.3 ReferenceThis topic describes the reference documents of PPPoA access.

SmartAX MA5606T Multi-service Access ModuleFeature Description 6 PPPoA Access


6-3

The following lists the reference documents of PPPoA access:

l IETF RFC2364: PPP Over AAL5

l IETF RFC2516: A Method for Transmitting PPP Over Ethernet (PPPoE)

l DSL Forum TR-101: Migration to Ethernet-Based DSL Aggregation

6 PPPoA AccessSmartAX MA5606T Multi-service Access Module

Feature Description


Issue 03 (2010-01-28)

7 IPoA Access

About This Chapter

IPoA access is an access mode in which the payloads of IP packets are converted into Ethernetframes for upstream transmission to the upper layer network, and the downstream IPoE packetsare converted into IPoA packets and then forwarded to users.

7.1 IntroductionThis topic describes the definition, purpose, specification, and availability of IPoA access.

7.2 PrincipleThis topic describes the implementation principles of IPoA access.

7.3 ReferenceThis topic describes the reference documents of IPoA access.

SmartAX MA5606T Multi-service Access ModuleFeature Description 7 IPoA Access


7-1

7.1 IntroductionThis topic describes the definition, purpose, specification, and availability of IPoA access.

Definition

IPoA access is an access mode in which:

l The IPoA packets are analyzed and the payloads of IP packets are converted into Ethernetframes for upstream transmission to the upper layer network.

l The downstream IPoE packets are converted into IPoA packets and then forwarded to users.

Purpose

IPoA access is usually used for leased line access for the transition from the ATM network tothe IP network.

Specification

The MA5606T supports the following IPoA specifications:

l Compliance with RFC2684 to support IPoA static users

l Compliance with RFC1577 to support IPoA dynamic users

l Up to 128 IPoA users

l Up to 512 different user gateways

l Automatic discovery of the LLC-IP encapsulation mode

l L2 and L3 IPoA applications


– All the ATM service boards support IPoA access.

– The modem must support RFC2684 or RFC1577.

l License supportThe conversion from IPoA to IPoE is an optional feature of the MA5606T. Therefore, thelicense is required for accessing the corresponding service.

7.2 PrincipleThis topic describes the implementation principles of IPoA access.

L2 IPoA

In this scenario, the MA5606T works in L2 routing mode. The IP address of the default usergateway is the IP address of the upper layer router. The MA5606T converts IPoA packets intoIPoE packets without the L3 routing function.

7 IPoA AccessSmartAX MA5606T Multi-service Access Module

Feature Description


Issue 03 (2010-01-28)

The user gateways of IPoA must be configured by the administrator, and multiple IPoA userscan use the same gateway.

L3 IPoA

In this scenario, the MA5606T works in L3 routing mode. The IP address of the default usergateway is the IP address of the L3 interface of the MA5606T. The MA5606T converts IPoApackets into IPoE packets, and forwards them according to the destination IP addresses.

The user gateways of IPoA must be configured by the administrator, and multiple IPoA userscan use the same gateway.

Static/Dynamic IPoA Users

If the modem supports only ATM Adaptation Layer 5 (AAL5) frames encapsulated in VC-IPmode, the MA5606T cannot obtain the IP address of the modem. In this case, the administratorof the MA5606T shall configure the source IP address of the static user.

If dynamic IPoA user terminals comply with RFC1577, the MA5606T can obtain the IP addressof the WAN interface in the modem through the ATM ARP packets.

Process

The MA5606T allocates a source MAC address for each IPoA user, and obtains the MAC addressof the user gateway through the ARP protocol. These two MAC addresses are the source anddestination MAC addresses of Ethernet frames for conversion between ATM packets andEthernet frames.

Figure 7-1 shows the IPoA implementation process.

Figure 7-1 IPoA implementation process

PC Modem MA5606T L2/L3

IP

AAL5 MAC

ADSL ETH

IP

MAC MAC

ETH ETH

IP

MAC AAL5

ETH ADSL

MAC

ETH

IP

7.3 ReferenceThis topic describes the reference documents of IPoA access.

The following lists the reference documents of IPoA access:

l RFC2684: Multiprotocol Encapsulation over ATM Adaptation Layer 5

SmartAX MA5606T Multi-service Access ModuleFeature Description 7 IPoA Access


7-3

l RFC1577: Classical IP and ARP over ATM

7 IPoA AccessSmartAX MA5606T Multi-service Access Module

Feature Description


Issue 03 (2010-01-28)

8 P2P FE Optical Access

About This Chapter

Point-to-point (P2P) Ethernet optical access refers to the P2P FTTH access provided by the P2PEthernet optical access board and the ONT, which meets the requirements for the application ofthe next generation access device under the integration of video, voice, and data services.

8.1 IntroductionThis topic describes the definition, purpose, specification, limitation, and availability of P2P FEoptical access.

8.2 PrincipleThis topic describes the implementation principles of P2P FE optical access.

8.3 ReferenceThis topic describes the reference documents of P2P FE optical access.

SmartAX MA5606T Multi-service Access ModuleFeature Description 8 P2P FE Optical Access


8-1

8.1 IntroductionThis topic describes the definition, purpose, specification, limitation, and availability of P2P FEoptical access.

Definition

Point-to-point (P2P) FE optical access means the point-to-point FTTH access provided by theMA5606T based on the combination between its P2P FE optical access board and the ONTs.

Purpose

P2P FE optical access solution provides P2P FTTH access services. It is especially suitable forthe residential neighborhoods with fiber to the home, and can provide the bandwidth of 100Mbit/s to satisfy the users' requirements for the next generation access equipment whichintegrates video, voice, and data services.

Specification

The MA5606T supports the following P2P FE optical access specifications:

l Every OPFA board supports up to 16 100 Mbit/s FE optical ports.

l A service shelf can be configured with up to OPFA boards, providing up to FE optical ports.

l Every port supports up to eight traffic streams.

l Support the function of synchronizing Ethernet packets.

Limitation

A GE optical port cannot be used for P2P FE optical access.


The OPFA board and the FE ONTs need to support the feature of P2P FE optical access.

l License support

The feature of P2P FE optical access is the basic feature of the MA5606T. Therefore, nolicense is required for accessing the corresponding service.

8.2 PrincipleThis topic describes the implementation principles of P2P FE optical access.

Figure 8-1 shows the implementation of the P2P FE optical access.

8 P2P FE Optical AccessSmartAX MA5606T Multi-service Access Module

Feature Description


Issue 03 (2010-01-28)

Figure 8-1 Implementation of P2P FE optical access

PCPhone

IPTV

P2P ONT

STB

OPFA OPFA

MCU

MA5606T

FE

......

The upstream packets sent from the user end are processed as follows:

1. After modulation on the ONT, the upstream packets are sent to the OPFA board of theMA5606T through a fiber.

2. The OPFA board processes the upstream packets according to the user's configuration, andthen sends the processed packets to the control board of the MA5606T through thebackplane bus.

3. After receiving the packets, the control board forwards the packets to the upper layernetwork through the upstream port.

The downstream packets sent from the network end are processed as follows:

1. After the downstream packets from the upper layer network reach the control board of theMA5606T through the upstream port.

2. The control board forwards the packets to the OPFA interface board through the backplanebus according to the learning results during the upstream forwarding.

3. The OPFA board processes the downstream packets, and sends the processed packets tothe user end.

8.3 ReferenceThis topic describes the reference documents of P2P FE optical access.

For the standards compliance of the feature of P2P FE optical access, see "StandardsCompliance" in the MA5606T Product Description.

SmartAX MA5606T Multi-service Access ModuleFeature Description 8 P2P FE Optical Access


8-3

9 VLAN

About This Chapter

Virtual local area network (VLAN) is a technology used to form virtual workgroups by logicallygrouping the devices of a LAN.

9.1 Standard VLANA standard VLAN is a kind of VLAN which contains multiple interconnected standard Ethernetports. Logically, all the ports in a standard VLAN are equal. This topic provides introduction tothis feature and describes the principles and reference documents of this feature.

9.2 Smart VLANA smart VLAN is a VLAN that contains multiple upstream ports and multiple service ports. Theservice ports are isolated from each other in terms of traffic. A smart VLAN can servemultiplePOTS users, thus saving VLAN resources. This topic provides introduction to thisfeature and describes the principles and reference documents of this feature.

9.3 MUX VLANA MUX VLAN is a VLAN that contains one or more upstream ports, but contains only oneservice port. Any two MUX VLANs are isolated. One-to-one mapping can be set up between aMUX VLAN and an access user. Hence, a MUX VLAN can uniquely identify an access user.The MUX VLAN is used when users are distinguished according to VLANs. This topic providesintroduction to this feature and describes the principles and reference documents of this feature.

9.4 QinQ VLANQinQ, that is, 802.1Q in 802.1Q, is a visualized name for the tunnel protocol encapsulated basedon IEEE 802.1Q. For a VLAN packet that has the QinQ attribute, it contains two VLAN tags:inner VLAN tag from the private network and outer VLAN tag from the MA5606T. Throughthe outer VLAN tag, a layer 2 (L2) VPN tunnel can be set up to transparently transmit servicedata from private networks to public networks. This topic provides introduction to this featureand describes the principles and reference documents of this feature.

9.5 VLAN StackingVLAN stacking is a stacking based on the IEEE 802.1 Q tag. The VLAN stacking feature canbe used to improve the reuse of the network-side VLAN (outer VLAN) and used for thewholesale service. This topic provides introduction to this feature and describes the principlesand reference documents of this feature.

SmartAX MA5606T Multi-service Access ModuleFeature Description 9 VLAN


9-1

9.1 Standard VLANA standard VLAN is a kind of VLAN which contains multiple interconnected standard Ethernetports. Logically, all the ports in a standard VLAN are equal. This topic provides introduction tothis feature and describes the principles and reference documents of this feature.

9.1.1 IntroductionThis topic provides information about the standard VLAN feature, including its definition,purpose, and specification.

9.1.2 PrincipleThis topic describes the implementation principle of the standard VLAN feature.

9.1.3 ReferenceThis topic describes the reference documents of the standard VLAN feature.

9.1.1 IntroductionThis topic provides information about the standard VLAN feature, including its definition,purpose, and specification.

Definition

Virtual local area network (VLAN) is a technology used to form virtual workgroups by logicallygrouping the devices of a LAN. The IEEE issued draft IEEE 802.1Q in 1999, aiming atstandardizing VLAN implementations.

A standard VLAN is a kind of VLAN which contains multiple interconnected standard Ethernetports. Logically, all the ports in a standard VLAN are equal.

Purpose

All the Ethernet ports in a standard VLAN can communicate with each other. An Ethernet portin a standard VLAN is isolated from an Ethernet port in another standard VLAN.

The standard VLAN is primarily used for subtending. The MA5606T supports the Ethernetsubtending networking. Several access devices in different tiers can be subtended through theGE/FE ports, which can extend the network coverage and satisfy the requirements for largeaccess capacity.

Specification

The MA5606T supports up to 4K standard VLANs.

Limitation

For the MA5606T, a standard VLAN can include only the standard Ethernet ports provided bythe boards in the GIU slots.

9 VLANSmartAX MA5606T Multi-service Access Module

Feature Description


Issue 03 (2010-01-28)


No additional hardware is required for supporting the standard VLAN feature.l License support

The standard VLAN feature is the basic feature of the MA5606T. Therefore, no license isrequired for accessing the corresponding service.

9.1.2 PrincipleThis topic describes the implementation principle of the standard VLAN feature.

The standard VLAN can be planned according to the following parameters:

l Port

l MAC address

l Protocol type

l IP address mapping

l Multicast

l Policy

Unless otherwise stated, the VLAN described herein is based on ports, which is a common wayfor planning VLANs in the telecom industry.

The standard VLAN strictly complies with the IEEE 802.1Q standard. In the IEEE 802.1Qstandard, the format of an Ethernet frame is modified by adding the 4-byte 802.1Q tag betweenthe source MAC address field and the protocol type field. See Figure 9-1 for details.

Figure 9-1 802.1Q-based VLAN frame

DestinationAddress

SourceAddress

802.1Q Tag

Type PRI/CFI/VID

Length/Type Data FCS

(CRC-32)

6 bytes 6 bytes 4 bytes 2 bytes 46 bytes~1517 bytes 4 bytes

A 802.1Q tag contains four bytes. Table 9-1 shows their meanings and purposes.

Table 9-1 Meanings and purposes of the fields in a 802.1Q tag

Field Length Value Meaning and Purpose

Type 2 bytes 0x8100 indicates a framewith the 802.1Q tag.

It indicates the frame type.Such a frame will be discarded by adevice that does not support 802.1Q.

PRI 3 bits Range: 0-7. It indicates the priority of a frame andapplies to QoS.



9-3

Field Length Value Meaning and Purpose

CFI 1 bit - It is a canonical format indicator. Itindicates whether the format of a MACaddress is typical or not, and applies toa token ring network and a FiberDistribution Data Interface (FDDI).

VID 12 bits - It is the VLAN ID and indicates theVLAN to which a frame belongs.

9.1.3 ReferenceThis topic describes the reference documents of the standard VLAN feature.

The following lists the reference documents of the standard VLAN feature:l IEEE 802.1q: IEEE standards for Local and metropolitan area networks-Virtual Bridged

Local Area Networks

9.2 Smart VLANA smart VLAN is a VLAN that contains multiple upstream ports and multiple service ports. Theservice ports are isolated from each other in terms of traffic. A smart VLAN can servemultiplePOTS users, thus saving VLAN resources. This topic provides introduction to thisfeature and describes the principles and reference documents of this feature.

9.2.1 IntroductionThis topic provides information about the smart VLAN feature, including its definition, purpose,and specification.

9.2.2 PrincipleThis topic describes the implementation principles of the smart VLAN feature.

9.2.3 ReferenceThis topic describes the reference documents of the smart VLAN feature.

9.2.1 IntroductionThis topic provides information about the smart VLAN feature, including its definition, purpose,and specification.

Definition

A smart VLAN is a VLAN that contains multiple upstream ports and multiple service ports.These service ports are isolated from each other.

PurposeA smart VLAN can serve multiple xDSL users, thus saving the VLAN resources in the system.


Feature Description


Issue 03 (2010-01-28)

Specification

The MA5606T supports up to 4K smart VLANs. There is no limit to the number of the upstreamports and that of the service ports in each smart VLAN.

Limitation

The basic limitations of the smart VLAN feature are as follows:l If a VLAN contains an L3 interface, to delete the VLAN, you need to delete the interface

first.l If a VLAN contains a service port, to delete the VLAN, you need to delete the service port

first.


No additional hardware is required for supporting the smart VLAN feature.l License support

The smart VLAN feature is the basic feature of the MA5606T. Therefore, no license isrequired for accessing the corresponding service.

9.2.2 PrincipleThis topic describes the implementation principles of the smart VLAN feature.

In addition to all the features of a standard VLAN, a smart VLAN has the following features:

l There are two port types in the smart VLAN, upstream ports and service ports, which arenot treated equally.– The service ports are isolated from each other in terms of traffic.

– The upstream ports can interconnect with each other.

– The service port and the upstream port can interconnect with each other.

l The broadcast domain of the upstream port of the smart VLAN covers all the ports of theVLAN. The broadcast domain of the service port, however, contains only the upstreamport. In contrast, the broadcast domain of each port of the standard VLAN covers all theports in the VLAN.

9.2.3 ReferenceThis topic describes the reference documents of the smart VLAN feature.

The following lists the reference documents of the smart VLAN feature:l IEEE 802.1q: IEEE standards for Local and metropolitan area networks-Virtual Bridged

Local Area Networks.

9.3 MUX VLANA MUX VLAN is a VLAN that contains one or more upstream ports, but contains only oneservice port. Any two MUX VLANs are isolated. One-to-one mapping can be set up between aMUX VLAN and an access user. Hence, a MUX VLAN can uniquely identify an access user.



9-5

The MUX VLAN is used when users are distinguished according to VLANs. This topic providesintroduction to this feature and describes the principles and reference documents of this feature.

9.3.1 IntroductionThis topic describes the definition, purpose, specification, limitation, and availability of MUXVLAN.

9.3.2 PrincipleThis topic describes the implementation principles of the MUX VLAN feature.

9.3.3 ReferenceThis topic describes the reference documents of the MUX VLAN feature.

9.3.1 IntroductionThis topic describes the definition, purpose, specification, limitation, and availability of MUXVLAN.

Definition

A MUX VLAN is a VLAN that contains one or more upstream ports, but contains only oneservice port.

The traffic streams of any two MUX VLANs are isolated.

Purpose

One-to-one mapping can be set up between a MUX VLAN and an access user. Hence, a MUXVLAN can uniquely identify an access user. The MUX VLAN is used when users aredistinguished according to VLANs.

Specification

The MA5606T supports up to 4K MUX VLANs.

Limitation

The basic limitation of the smart VLAN feature are as follows:

l If a VLAN contains an L3 interface, to delete the VLAN, you must delete the interfacefirst.

l If a VLAN contains a service port, to delete the VLAN, you must delete the port first.


No additional hardware is required for supporting the MUX VLAN feature.

l License supportThe MUX VLAN feature is the basic feature of the MA5606T. Therefore, no license isrequired for accessing the corresponding service.


Feature Description


Issue 03 (2010-01-28)

9.3.2 PrincipleThis topic describes the implementation principles of the MUX VLAN feature.

One MUX VLAN corresponds to one service port. Therefore, MUX VLANs can be used todifferentiate the users.

9.3.3 ReferenceThis topic describes the reference documents of the MUX VLAN feature.

The following lists the reference documents of the MUX VLAN feature:l IEEE 802.1q: IEEE standards for Local and metropolitan area networks-Virtual Bridged


9.4 QinQ VLANQinQ, that is, 802.1Q in 802.1Q, is a visualized name for the tunnel protocol encapsulated basedon IEEE 802.1Q. For a VLAN packet that has the QinQ attribute, it contains two VLAN tags:inner VLAN tag from the private network and outer VLAN tag from the MA5606T. Throughthe outer VLAN tag, a layer 2 (L2) VPN tunnel can be set up to transparently transmit servicedata from private networks to public networks. This topic provides introduction to this featureand describes the principles and reference documents of this feature.

9.4.1 IntroductionThis topic describes the definition, purpose, specification, limitation, and availability of QinQVLAN.

9.4.2 PrincipleThis topic describes the implementation principles of the QinQ VLAN feature.

9.4.3 ReferenceThis topic describes the reference documents of the QinQ VLAN feature.

9.4.1 IntroductionThis topic describes the definition, purpose, specification, limitation, and availability of QinQVLAN.

Definition

QinQ, that is, 802.1Q in 802.1Q, is a visualized name for the tunnel protocol encapsulated basedon IEEE 802.1Q. For a VLAN packet that has the QinQ attribute, it contains two VLAN tags:inner VLAN tag from the private network and outer VLAN tag from the MA5606T.

Through the outer VLAN tag, an L2 VPN tunnel can be set up to transparently transmit servicedata from private networks to public networks.

Purpose

The core of QinQ is to encapsulate the VLAN tag of the private network packet to the VLANtag of the public network. The packet carrying two VLAN tags in the form of IEEE 802.1Q isforwarded to the user, after passing the operator's backbone network.



9-7

In a word, the QinQ VLAN provides the users with a simple L2 VPN leased line service, whichextends the coverage of the private network to some extent.

The leased line service herein refers to the private network service which is transparentlytransmitted to the peer network end, for example, the Intranet service.

Specificationl The MA5606T supports up to 4K QinQ VLANs.

l The MA5606T supports smart QinQ and Mux QinQ.

Limitation

The attribute of the following VLANs cannot be QinQ:l Super VLAN

l Sub VLAN

l A VLAN containing an L3 interface

l Default VLAN in the system

l Standard Vlan


No additional hardware is required for supporting the QinQ VLAN feature.l License support

The QinQ VLAN feature is the basic feature of the MA5606T. Therefore, no license isrequired for accessing the corresponding service.

9.4.2 PrincipleThis topic describes the implementation principles of the QinQ VLAN feature.

Figure 9-2 shows the QinQ VLAN service process of the MA5606T.


Feature Description


Issue 03 (2010-01-28)

Figure 9-2 QinQ VLAN service process

User 1 User 3

L2

Modem

MA5606T

L2/L3

User 4 User 2

L2

Modem

MA5606T

L2/L3

VLAN 1VLAN 2

VLAN 2VLAN 3

VLAN 3 VLAN 1

VLAN 2

By QinQ VLAN, the MA5606T implements the user interconnection of the same private network(VLAN 1 or VLAN 2) in different areas. The following describes the service packet processing.

1. The user PC sends an untagged packet to the upstream direction.2. The L2 LAN switch adds the VLAN tag (VLAN 1 or VLAN 2) of the private network to

the packet, and then sends the packet to the MA5606T.3. The MA5606T adds the VLAN tag (VLAN 3) of the public network to the packet, and then

sends the packet to the upper layer network.4. The upper layer network device transmits the packet based on the VLAN tag (VLAN 3) of

the public network.5. Upon receiving the packet, the peer end MA5606T extracts the VLAN tag (VLAN 3) of

the public network, and then sends the packet to the LAN switch at the same end.6. The LAN switch identifies and extracts the VLAN tag (VLAN 1 or VLAN 2) of the private

network, and then sends the untagged packet to the user in the VLAN of the private network.

In this way, users 1 and 2 in VLAN 2 can interconnect with each other, or users 3 and 4 in VLAN1 can interconnect with each other.

9.4.3 ReferenceThis topic describes the reference documents of the QinQ VLAN feature.

The following lists the reference documents of the QinQ VLAN feature:l IEEE 802.1q: IEEE standards for Local and metropolitan area networks-Virtual Bridged

Local Area Networks.l IEEE P802.1ad: Virtual Bridged Local Area Networks— Amendment 4: Provider Bridges



9-9

9.5 VLAN StackingVLAN stacking is a stacking based on the IEEE 802.1 Q tag. The VLAN stacking feature canbe used to improve the reuse of the network-side VLAN (outer VLAN) and used for thewholesale service. This topic provides introduction to this feature and describes the principlesand reference documents of this feature.

9.5.1 IntroductionThis topic describes the definition, purpose, specification, limitation, and availability of VLANstacking.

9.5.2 PrincipleThis topic describes the implementation principles of the VLAN stacking feature.

9.5.3 ReferenceThis topic describes the reference documents of the VLAN stacking feature.

9.5.1 IntroductionThis topic describes the definition, purpose, specification, limitation, and availability of VLANstacking.

Definition

VLAN stacking is a stacking based on the IEEE 802.1 Q tag.

The purpose of the VLAN stacking is to add two VLAN tags in the form of IEEE 802.1Q tountagged user packets or to convert tagged user packets into the packets with two VLAN tagsin the form of IEEE 802.1Q. The packet carrying two VLAN tags is forwarded to the broadbandremote access server (BRAS) for authentication, after passing the operator's backbone network.Alternatively, when the packet is forwarded to the BRAS, the outer VLAN tag is extracted, andthe inner VLAN tag is used to identify the user.

Purpose

For a VLAN packet that has the stacking attribute, it contains two VLAN tags: inner VLAN tagand outer VLAN tag allocated by the MA5606T.

The VLAN stacking feature can be used to improve the reuse of the network-side VLAN (outerVLAN) and used for the wholesale service.

l The reuse of VLANs is improved by two VLAN tags.

l The outer VLAN tag is used to identify to which Internet Service Provider (ISP) the userbelongs, and the inner VLAN tag is used to identify the user. In this way, different userscan get access to their own ISPs.

The wholesale service refers to a service in which users can be connected to their own ISPs inbatches according to the specified rules when there are multiple ISPs in the L2 MAN.

Specificationl Up to 4K stacking VLANs


Feature Description


Issue 03 (2010-01-28)

l S+C forwarding and VLAN+MAC forwarding based on the VLAN

l Disabling the MAC address learning function based on the VLAN

Limitation

The attribute of the following VLANs cannot be VLAN stacking:

l Super VLAN

l Sub VLAN

l A VLAN contains an L3 interface

l Default VLAN in the system

l Standard Vlan


No additional hardware is required for supporting the VLAN stacking feature.l License support

The VLAN stacking feature is an optional feature of the MA5606T. Therefore, the licenseis required for accessing the corresponding service.

9.5.2 PrincipleThis topic describes the implementation principles of the VLAN stacking feature.

If the VLAN stacking is used to increase the VLAN quantity or to identify users, the BRAS isrequired.

If the VLAN stacking is used to provide the multi-ISP wholesale service, the upper layer networkshall work in L2 mode to forward user packets based on VLAN and MAC address directly.

Figure 9-3 shows the VLAN stacking service process of the MA5606T.

Figure 9-3 VLAN stacking service process

ISP1

L2/L3

MA5606T

Enterprise A

ModemModem

ISP2

SP VLAN 1 C VLAN 2 SP VLAN 2 C VLAN 2

Enterprise B

MAN

SP VLAN 1 C VLAN 1 SP VLAN 2 C VLAN 1



9-11

NOTE

l SP VLAN: Service Provider VLAN

l C VLAN: Customer VLAN

By different VLAN stacking, the MA5606T connects the users of enterprise A to ISP1, and theusers of enterprise B to ISP2. The following describes the service process.

1. The user sends the untagged packets to the upstream direction. The packets reach theMA5606T after passing through the Modem.

2. The MA5606T adds two VLAN tags to the untagged packets.

NOTE

The users of different ISPs correspond to different outer SP VLANs.

l SP VLAN 1 is encapsulated as the outer VLAN to all user packets of enterprise A, and theCustomer VLAN is encapsulated as the inner VLAN.

l SP VLAN 2 is encapsulated as the outer VLAN to all user packets of enterprise B, and theCustomer VLAN is encapsulated as the inner VLAN.

3. The Metropolitan Area Network (MAN) device forwards the user packets to different ISPsbased on the SP VLAN.

4. Upon receiving the user packets, the ISP1 and ISP2 devices extract the SP VLAN, anddifferentiate users based on their inner VLAN tags.

9.5.3 ReferenceThis topic describes the reference documents of the VLAN stacking feature.

The following lists the reference documents of the VLAN stacking feature:l IEEE 802.1q: IEEE standards for Local and metropolitan area networks-Virtual Bridged



Feature Description


Issue 03 (2010-01-28)

10 HWTACACS

About This Chapter

HWTACACS is a security protocol with enhanced functions based on TACACS (RFC1492).Similar to the RADIUS protocol, HWTACACS implements AAA functions for multiplesubscribers by communicating with the HWTACACS server in the client/server (C/S) mode.This topic provides the introduction, principles, and reference of the HWTACACS feature.

10.1 IntroductionThis topic provides the definition, purpose, specifications, limitation, and availability of theHWTACACS feature.

10.2 PrincipleThis topic describes the working principles of the HWTACACS feature.

10.3 ReferenceThis topic provides the reference documents of the HWTACACS feature.

SmartAX MA5606T Multi-service Access ModuleFeature Description 10 HWTACACS


10-1

10.1 IntroductionThis topic provides the definition, purpose, specifications, limitation, and availability of theHWTACACS feature.

Definition

HWTACACS is a security protocol with enhanced functions based on TACACS (RFC1492).Similar to the RADIUS protocol, HWTACACS implements AAA functions for multiplesubscribers by communicating with the HWTACACS server in the client/server (C/S) mode.

Purpose

HWTACACS is used for the authentication, authorization, and accounting of the 802.1x accesssubscribers and administrators.

Specifications

The MA5606T supports the following HWTACACS specifications:

l Authentication, authorization, and accounting through HWTACACS for login users

l Encrypted communication through HWTACACS

l Configuring the source address of the HWTACACS packet sent from the device

l Delay recovery for the active HWTACACS server

l Configuring the response timeout time for the HWTACACS server

l Configuring the subscriber traffic unit that is reported to the HWTACACS server

l Configuring whether to carry the domain name in the subscriber name reported to theHWTACACS server

l Collecting the statistics of the HWTACACS packets

l Querying the configuration of the HWTACACS server

l Re-transmitting the stop-accounting packet to prevent the accounting errors caused by theloss of the stop-accounting packet

Limitation

None


No additional hardware is required for supporting this feature.

l License Support

The HWTACACS feature is a basic feature of the MA5606T. Therefore, no license isrequired for accessing the corresponding service.

10 HWTACACSSmartAX MA5606T Multi-service Access Module

Feature Description


Issue 03 (2010-01-28)

10.2 PrincipleThis topic describes the working principles of the HWTACACS feature.

Authenticating the User Level Upshift

The HWTACACS message flow is similar to the RADIUS message flow. The difference is that,in the HWTACACS message flow, the server returns the authentication response rather than theuser right after the user passes authentication. The user right is returned only when theauthorization process is completed.

HWTACACS features more reliable transmission and encryption than RADIUS and is moresuitable for security control. Table 10-1 shows the major differences between HWTACACSand RADIUS.

Table 10-1 Differences between HWTACACS and RADIUS

HWTACACS RADIUS

Uses TCP to realize more reliable networktransmission.

Uses UDP.

Encrypts the entire body of the packetexcept the standard HWTACACS header.

Encrypts only the password field of theauthentication packet.

Separates authorization fromauthentication.

Performs authentication and authorizationtogether.

Suitable for security control. Suitable for accounting.

HWTACACS supports the authentication of the user level upshift. After logging in to the routerthrough telnet or SSH, a user can run the super command to upshift or downshift the user levelin the user mode. Then, the router authenticates the user password.

Figure 10-1 shows the process of the HWTACACS authentication of the user level upshift.

Figure 10-1 Process of the HWTACACS authentication of the user level upshift

Telnet/SSH

Super Authen ACK

Super Authen REQ-

HWTACACS Server

RouterUser

SmartAX MA5606T Multi-service Access ModuleFeature Description 10 HWTACACS


10-3

NOTE

l When the router authenticates the user level upshift, the user passwords at different levels can bedifferent.

l When the router authenticates the user level upshift through HWTACACS, the user passwords atdifferent levels are the same.

The router sends the user password to the HWTACACS server for authentication. If theauthentication is successful, the user level can be upshifted. Otherwise, the user level cannot beupshifted. The modification of the privilege user level takes effect on only this login.

If the router does not receive the authentication result of user level upshift from the HWTACACSserver within the preset timeout time, the authentication times out and the user level cannot beupshifted.

10.3 ReferenceThis topic provides the reference documents of the HWTACACS feature.

The following lists the reference documents of this feature:l RFC1492

l RFC2865

10 HWTACACSSmartAX MA5606T Multi-service Access Module

Feature Description


Issue 03 (2010-01-28)

11 DNS Client

About This Chapter

The DNS client feature enables the user who logs in to the local device to communicate withother devices by using the domain name.

11.1 IntroductionThis topic provides the definition, purpose, specifications, limitation, and availability of the DNSclient feature.

11.2 PrincipleThis topic describes the working principles of the DNS client feature.

11.3 ReferenceThis topic provides the reference documents of the DNS client feature.

SmartAX MA5606T Multi-service Access ModuleFeature Description 11 DNS Client


11-1

11.1 IntroductionThis topic provides the definition, purpose, specifications, limitation, and availability of the DNSclient feature.

Definition

TCP/IP not only provides IP addresses to identify devices, but also specifies a special namingmechanism for hosts which is in the form of character strings. This is the domain name system(DNS). DNS adopts a hierarchical naming method to specify a meaningful name for each deviceon the network, and sets a DNS server on the network to establish mappings between domainnames and IP addresses. In this way, you can use the meaningful and easy-to-remember domainnames other than complex IP addresses.

The domain name resolution can be dynamic resolution or static resolution. In the case ofdynamic resolution, a special DNS server is required for receiving the domain name resolutionrequests from subscribers. The server first resolves a domain name within the local database. Ifthe domain name does not belong to this domain, the server returns the resolution result to theclient by using the recursive resolution or iterative resolution method. The resolution result maybe an IP address or the message "the domain name does not exist", which will be returned to theclient. An address resolver on the DNS client is used to enable the user program to access theDNS server.

Figure 11-1 shows the relations between the user program, resolver, DNS server, and the cacheon the resolver. The resolver and the cache are integrated to form the DNS client, which receivesthe DNS queries from the user program and responds to the queries. In general, the user program,cache, and resolver are on the same host while the DNS server is on a different one.

Figure 11-1 Dynamic DNS

Local host

Request

Response

Save Read DNS

Server

Request

Response

User program Resolver

Cache DNS Client

Purpose

On the MA5606T, the DNS client is mainly used for resolving the IP address of the call serverfor the VoIP feature.

11 DNS ClientSmartAX MA5606T Multi-service Access Module

Feature Description


Issue 03 (2010-01-28)

Specifications

The MA5606T supports the following DNS client specifications:

l The DNS client in the synchronous or asynchronous mode

l Configuring and querying the DNS server through the CLI

l Cache function (up to 50 caches)

Limitation

None


No additional hardware is required for supporting this feature.l License Support

The DNS client feature is a basic feature of the MA5606T. Therefore, no license is requiredfor accessing the corresponding service.

11.2 PrincipleThis topic describes the working principles of the DNS client feature.

DNS is a mechanism that uses a special DNS server for dynamically resolving the domain name.The DNS server provides mappings from domain names to IP addresses and receives the domainname resolution requests from DNS clients.

DNS Server

A device that is specially used for running the domain name resolution server program is calleda DNS server. The root DNS server contains the information about the root and top-level domain.

DNS requires each DNS server to know the IP address of at least one root DNS server. The DNSclient must also know how to contact at least one DNS server.

Domain Name Conversion

When receiving the query request from the DNS client, the DNS server first checks whether therequested domain name belongs to the sub-domain that the server is authorized to manage.l If the domain name belongs to the sub-domain, the DNS server queries the database and

converts the domain name into an IP address and then sends the conversion result to theDNS client.

l If the domain name does not belong to the sub-domain, the DNS server performs the nextoperation according to the resolution method specified by the client in the query packet.The resolution method can be recursive resolution or iterative resolution.– Recursive resolution: The DNS server contacts the server that can resolve the domain

name, and returns the query result, namely, the IP address corresponding to this domainname, to the client.



11-3

– Iterative resolution: If the DNS server cannot provide the resolution result, it indicatesthe next DNS server for the client to contact in the response packet sent to the client.Then, the client sends a query request to the specified DNS server.

DNS Working ProcessFigure 11-2 shows the DNS working process.

Figure 11-2 Dynamic DNS

Local host

Request

Response

Save Read DNS

Server

Request

Response

User program Resolver

Cache DNS Client

The dynamic DNS working process is as follows:

1. The user program sends a request to the DNS client.2. After the DNS client receives the request, it queries the local database or cache. If the target

mapping entry is not found, the client sends a query packet to the DNS server.3. After receiving the response packet from the DNS server, the DNS client analyzes the

response packet and determines the next operation according to the response packet.

CacheIf the resolver sends every resolution request with a non-local domain name to the root DNSserver, it will result in a large query overhead. To reduce the overhead of the queries for non-local domain names, the DNS server uses a cache. Every mapping between a dynamicallyresolved domain name and the IP address is saved in the dynamic domain name cache of thememory. Then, when the same domain name is queried next time, it can be directly read fromthe cache rather than being requested from the root DNS server. Each DNS server maintains arecord of recently-used domain names in the local cache, and at the same time caches the IPaddress of the corresponding server from which the domain name mapping is obtained.

When the mappings between domain names and IP addresses change, the information in thecache is no longer correct. To ensure the correctness of the information in the cache, the DNSserver specifies a TTL value in the DNS response packet. The TTL value represents the validtime for the binding between the resolved domain name and the IP address. The mapping betweenthe domain name and the IP address saved in the cache of the client ages after a period of timeand is deleted, thus guaranteeing that the latest information can be obtained from the DNS server.The DNS servers installed with different operating systems have corresponding values of agingtime. The client obtains the aging time from the DNS protocol packets.

11 DNS ClientSmartAX MA5606T Multi-service Access Module

Feature Description


Issue 03 (2010-01-28)

The host also has a cache, which is used for maintaining the bindings between the recently-useddomain names and IP addresses. The host uses the DNS server for query only when the hostcannot find the domain name to be resolved in the cache.

DNS SuffixThe dynamic DNS supports the domain name suffix list. With this function, you can preset somedomain name suffixes. Then, in the domain name resolution, you only need to enter partial fieldsof domain names, and the system automatically adds different suffixes to the domain names forresolution. For example, to query domain name huawei.com, you can configure com in the suffixlist, and then enter huawei. Then, the system automatically connects the entered domain nameto the suffix to form domain name huawei.com for performing a query.

When the domain name suffix is used, the following situations may occur:

l If the domain name that you enter does not contains a ., for example, huawei, the systemconsiders this as a host name and adds the suffix to it for performing a query. If all thequeries for domain names fail, the system finally uses the domain name that you first enteredfor performing a query.

l If the domain name that you enter contains ., for example, www.huawei, the system directlyuses this domain name for performing a query. If the query fails, the system adds the suffixesone by one and then performs the query.

l If the domain name that you enter ends with ., for example, huawei.com., the system firstremoves the ending . from the domain name and uses the remaining part for performing aquery. If the query fails, the system tries matching the domain name with the domain namelist and then performs the query.

11.3 ReferenceThis topic provides the reference documents of the DNS client feature.

The following lists the reference documents of this feature:l RFC1034: Domain Names - Concepts and Facilities

l RFC1035: Domain Names - Implementation and Specification



11-5

12 Transparent Transmission of ProtocolPackets

About This Chapter

Transparent transmission of protocol packets refers to the transparent transmission of userprivate network packets in the public network.

12.1 IntroductionThis topic provides the definition, purpose, specifications, limitation, and availability of thefeature of transparent transmission of protocol packets.

12.2 PrincipleThis topic describes the working principles of the feature of transparent transmission of protocolpackets.

SmartAX MA5606T Multi-service Access ModuleFeature Description 12 Transparent Transmission of Protocol Packets


12-1

12.1 IntroductionThis topic provides the definition, purpose, specifications, limitation, and availability of thefeature of transparent transmission of protocol packets.

DefinitionTransparent transmission of protocol packets refers to the transparent transmission of userprivate network packets in the public network.

PurposeThis feature is used to implement the transparent transmission of user private network packetsin the public network. For example, the BPDU packets of a VIP user's private network can betransparently transmitted in the public network through the QinQ function.

SpecificationsThe MA5606T supports the following transparent transmission specifications:

l Transparent transmission of the VTP-CDP and RIP packets in a specified VLAN

l Transparent transmission of the BPDU packets in a specified VLAN

LimitationNone


The xDSL, and GPON boards support this feature.l License Support

The feature of transparent transmission of protocol packets is a basic feature of theMA5606T. Therefore, no license is required for accessing the corresponding service.

12.2 PrincipleThis topic describes the working principles of the feature of transparent transmission of protocolpackets.

The transparent transmission feature supports the following two service models:l Transparent transmission of the BPDU packets in a specified VLAN

l Transparent transmission of the VTP-CDP and RIP packets in a specified VLAN

Transparent Transmission of BPDU PacketsThe 802.1ad solution is adopted for transparent transmission of BPDU packets. The range ofthe destination MAC address of the BPDUs in the user network (private network) is from 0180-

12 Transparent Transmission of Protocol PacketsSmartAX MA5606T Multi-service Access Module

Feature Description


Issue 03 (2010-01-28)

c200-0000 through 0180-c200-002f. In the case of MSTP, the destination MAC address of theBPDUs in the carrier network (public network) is 0180-c200-0008.

Transparent Transmission of RIP Packetsl The function of transparent transmission of RIP packets for a VLAN is used to determine

whether the RIP packets are transparently transmitted or are transmitted to the L3 RIPprotocol for processing.

l The unicast, multicast, and broadcast RIP packets can be transmitted transparently.

l The transparent transmission of RIP packets for a VLAN and the L3 RIP protocolprocessing are mutually exclusive. That is, when the transparent transmission of RIPpackets for a VLAN is enabled, the L3 RIP protocol processing is invalid.

Transparent Transmission of VTP-CDP PacketsThe function of transparent transmission of VTP-CDP packets for a VLAN is used to determinewhether the VTP-CDP packets are transparently transmitted or are transmitted to the protocolfor processing.

SmartAX MA5606T Multi-service Access ModuleFeature Description 12 Transparent Transmission of Protocol Packets


12-3

13 ACL

About This Chapter

The access control list (ACL) is used to filter the specific data packets based on a series ofmatching rules contained in the ACL.

13.1 IntroductionThis topic describes the definition, purpose, specification, limitation, and availability of ACL.

13.2 PrincipleThis topic describes the implementation principles of the ACL feature.

SmartAX MA5606T Multi-service Access ModuleFeature Description 13 ACL


13-1

13.1 IntroductionThis topic describes the definition, purpose, specification, limitation, and availability of ACL.

Definition

The access control list (ACL) is used to filter the specific data packets based on a series ofmatching rules contained in the ACL, and therefore identify the filtering objects. After thefiltering objects are identified, the corresponding data packets are permitted to pass or discardedbased on the preset rules.

Purpose

The packet filtering based on ACLs is the prerequisite for carrying out quality of service (QoS).ACL together with QoS improves the system security.

Specification

The MA5606T supports the following ACL specifications:

l ACLs are numbered from 2000 to 5999, and up to 4000 ACLs can be defined. Each ACLcan have 64 rules. Table 13-1 describes the four types of ACLs.

l Issuing 1024 ACL rules by the system software, with a maximum number of 128 user-defined ACL rules and a maximum number of 896 non-user-defined ACL rules

l The user can configure matching of the first 80 bytes in the packet based on the rules.Multiple fields can be configured at the same time.

l Up to 64(MCUA) ACLs can be activated and validated for the MA5606T.

Table 13-1 ACL types

ACL Type Number Range Feature

Standard ACL 2000-2999 It allows definition of the rule according to L3 sourceIP address and fragment.The rules of a standard ACL are defined only accordingto the L3 source IP address for analyzing and processingdata packets.

13 ACLSmartAX MA5606T Multi-service Access Module

Feature Description


Issue 03 (2010-01-28)

ACL Type Number Range Feature

AdvancedACL

3000-3999 Compared with standard ACL, advanced ACL allowsmore accurate, rich and flexible definition of the ruleaccording to:l Source address

l Destination address

l IP bearer protocol type (including the followingtypes of packets: GRE, ICMP, IP, IP in IP, TCP, andUDP)

l TCP source port

l TCP destination port

l ICMP protocol type

l ICMP code

L2 ACL 4000-4999 It allows definition of the rule according to L2information such as:l Source MAC address

l Source VLAN ID

l L2 protocol type

l Destination MAC address

l QoS

CustomizedACL

5000-5999 It allows definition of the rule according to any 32 bytesof the first 80 bytes in an L2 frame.

Limitation

In the case that the ACL rules do not conflict with each other, the ACL rules activated earlierhave lower priorities, while the ACL ruls activated later have higher priorities.


No additional hardware is required for supporting the ACL feature.

l License support

The ACL feature is an optional feature of the MA5606T. Therefore, the license is requiredfor accessing the corresponding service.

13.2 PrincipleThis topic describes the implementation principles of the ACL feature.

The system matches and processes the input packets according to the ACLs.

SmartAX MA5606T Multi-service Access ModuleFeature Description 13 ACL


13-3

l If the packets match the ACLs, they are forwarded for further processing, such as:– Packet filtering

The system determines whether to discard the packets depending on whether the packetsmatch with the ACLs.

– Priority taggingThe system tags priority on the packets that match the ACLs. The tags include the TOS,DSCP and 802.1p tags.

– Traffic limitingThe system limits the rate of the packets that match the ACLs.

– Port rate limitingThe system limits the rate for the packet transmission on an Ethernet port.

– Traffic statisticsThe system collects statistics on the packets that match the ACLs.

– Packet redirectionThe system redirects the packets that match the ACLs to another port (that is, the originaldestination port no longer receives or forwards the packets).

– Packet mirroringThe system mirrors the packets that match the ACLs to another port (that is, the packetsare duplicated to another port).

Eventually, the packets are forwarded and generated.l The MA5606T discards or forwards the packets that do not match with the ACLs.

Figure 13-1 shows the process of ACL based filtering.

Figure 13-1 ACL based filtering

Discard

Matching? Implementactions

Match thepackets with

the ACL

Discardedpackets

Output packetstream

Input packetstream

YesNo

Packet filtering Priority tagging

Port rate limiting…

Traffic limiting

13 ACLSmartAX MA5606T Multi-service Access Module

Feature Description


Issue 03 (2010-01-28)

14 QoS

About This Chapter

QoS refers to quality of service. Settings of different QoS parameters, such as service availability,time delay, jitter, and loss rate, provide users with high quality services.

14.1 QoS OverviewQoS refers to quality of service. Settings of different QoS parameters, such as service availability,time delay, jitter, and loss rate, provide users with high quality services. This topic providesintroduction to this feature and describes the principles and reference documents of this feature.

14.2 PQBy PQ, each queue is given with a different priority. During the scheduling, the packets in thehighest-priority queue are served first. This topic provides introduction to this feature anddescribes the principles of this feature.

14.3 WRRBy WRR, each queue is assigned with a weighted value, representing the number of packetsserviced in one cycle queue. One packet is sent in one scheduling. WRR guarantees that thebandwidth used by different queues is consistent with the preset ratio. This topic providesintroduction to this feature and describes the principles of this feature.

14.4 CoS Priority Re-markingCoS priority re-marking means re-marking the CoS priorities (802.1p field) of the packets. Thistopic provides introduction to this feature and describes the principles of this feature.

14.5 Flexible Mapping Between CoS Priorities and Scheduling QueuesFlexible mapping between CoS priorities and scheduling queues indicates that the MA5606Tsupports flexible configuration of mappings between priorities and queues. Based on this feature,you can specify the packets of a certain priority to a specified queue. This topic providesintroduction to this feature and describes the principles of this feature.

14.6 trTCMA Two Rate Three Color Marker (trTCM) is a marker defined by RFC2698. The trTCM can beused as a component in a Diffserv traffic conditioner, and meters an IP packet stream and marksits packets. This topic provides introduction to this feature and describes the principles of thisfeature.

14.7 Rate Limitation Based on Port and CoS

SmartAX MA5606T Multi-service Access ModuleFeature Description 14 QoS


14-1

To manage the bandwidth for the service, you can configure the rate limitation based on portand CoS. This topic provides introduction to this feature and describes the principles of thisfeature.

14 QoSSmartAX MA5606T Multi-service Access Module

Feature Description


Issue 03 (2010-01-28)

14.1 QoS OverviewQoS refers to quality of service. Settings of different QoS parameters, such as service availability,time delay, jitter, and loss rate, provide users with high quality services. This topic providesintroduction to this feature and describes the principles and reference documents of this feature.

14.1.1 IntroductionThis topic describes the definition, purpose, specification, and availability of QoS.

14.1.2 PrincipleThis topic describes the implementation principles of the QoS feature.

14.1.1 IntroductionThis topic describes the definition, purpose, specification, and availability of QoS.

Definition

QoS refers to quality of service. Settings of different QoS parameters, such as service availability,time delay, jitter, and loss rate, guarantee the end-to-end quality of services.

Purpose

QoS aims at utilizing the limited network resources by providing differentiated qualities fordifferent services.

Specification

The MA5606T supports the following QoS specifications:

l Flexible queue mapping

l Two rate three color marker (trTCM) to adapt different traffic profiles

l 802.1p re-marking

l Rate limitation to both upstream and downstream traffic streams based on the port + CoSmode to implement the committed access rate (CAR) function

l Up to eight queues (corresponding to eight service streams) for each port

l The queue scheduling methods such as:– Strict Priority Queuing (PQ)

– Weighted Round Robin (WRR)

– PQ+WRR

l Configuring the inner VLAN priority during configuration of an IP traffic profileOnly priorities 0-7 are supported.

l Cancellation of the option for setting the inner VLAN priority as the queuing trustfulpriorityOnly local and tag-setting are supported.

l Configuring the source of the outer VLAN priority



14-3

l The option for copying the inner tag priority

l VLAN switching and priority re-configuration based on the VLAN of the ETH port on theONT

l Configuring the mapping between the ONT 802.1p priority and the queue

l Configuring the ONT queue scheduling mode and the WRR weights


No additional hardware is required for supporting the QoS feature.l License support

The QoS feature is the basic feature of the MA5606T. Therefore, the corresponding serviceis provided with no license.

14.1.2 PrincipleThis topic describes the implementation principles of the QoS feature.

The QoS can be implemented through the following strategies:

l Flexible configuration of the packet priority based on the flow:– Trusting user 802.1p. (If the user packet does not have the 802.1p tag, 3 is selected)

– Trusting user ToS. (If the user packet does not have the ToS tag, 3 is selected)

– Trusting the default flow priority.

l CAR rate limiting based on the flow:trTCM (RFC2698) is adopted. The color is marked on the DEI bit of the Ethernet priorityfield. 0 indicates green. 1 indicates yellow. Red packets are all discarded. Two modes aresupported globally: color-blind and color-aware. trTCM supports Ethernet profiles definedin MEF10. You can obtain different traffic profiles by modifying the associated parameters.

l Modification of the 802.1p of the output packets based on the flow:– Trusting user 802.1p. (If the user packet does not have the 802.1p tag, 3 is selected)

– Trusting user ToS. (If the user packet does not have the ToS tag, 3 is selected)

– Trusting the default flow priority.

l Queue schedulingIn case of network congestion, multiple packets compete for the network resources. In thiscase, queue scheduling is used to solve the problem.

14.2 PQBy PQ, each queue is given with a different priority. During the scheduling, the packets in thehighest-priority queue are served first. This topic provides introduction to this feature anddescribes the principles of this feature.

14.2.1 IntroductionThis topic describes the definition, purpose, and specification of PQ.

14.2.2 PrincipleThis topic describes the implementation principles of the PQ feature.


Feature Description


Issue 03 (2010-01-28)

14.2.1 IntroductionThis topic describes the definition, purpose, and specification of PQ.

Definition

By PQ, each queue is given with a different priority. During the scheduling, the packets in thehighest-priority non-empty queue are served first, and then the packets in the next lower-priorityqueue are served. PQ handles the packets of different queues by strictly following the order fromhigher priorities to lower priorities. The packets in the queue of the lower priority are sent onlywhen a queue of the higher priority becomes empty.

PurposePQ solves the problem that multiple service streams contend for the resources during networkcongestion.

SpecificationEach port supports up to eight priority queues. For some earlier versions (H808ANLF/ANIF/ANLE or H802SHLB), each port supports only four priority queues.

14.2.2 PrincipleThis topic describes the implementation principles of the PQ feature.

PQ aims at giving a strict priority to the important traffic. The important traffic is givenpreferential and fast treatment in case of network congestions.

In PQ, the packets are placed in queues of different priorities. The traffic with a higher prioritygets preference over that of a lower priority. Therefore, packets in queues of a higher priorityare sent first. When a queue of a higher priority is empty, the packets in the queue of a lowerpriority are sent then.

Figure 14-1 shows the schematic diagram of PQ.

Figure 14-1 Schematic diagram of PQ

High

Medium

Normal

Low

Classifying

Queue scheduling

Packets leaving the port

Queue

Packets entering the port

Based on PQ, the packets for the important services can be put into the queues of higher priorities,while the packets for the less important services can be put into the queues of lower priorities.This guarantees that the packets for the important services are served earlier than those for theless important services (such as E-mail service). The packets for the less important services aresent using idle intervals during which no packets for the important services are processed.



14-5

A disadvantage of PQ is that, during network congestion, the packets in the queues of lowerpriorities might be discarded if packets exist in the queues of higher priorities for a long periodof time.

14.3 WRRBy WRR, each queue is assigned with a weighted value, representing the number of packetsserviced in one cycle queue. One packet is sent in one scheduling. WRR guarantees that thebandwidth used by different queues is consistent with the preset ratio. This topic providesintroduction to this feature and describes the principles of this feature.

14.3.1 IntroductionThis topic describes the definition, purpose, and specification of WRR.

14.3.2 PrincipleThis topic describes the implementation principles of the WRR feature.

14.3.1 IntroductionThis topic describes the definition, purpose, and specification of WRR.

Definition

By WRR, each queue is assigned with a weighted value, representing the number of packetsserviced in one cycle queue. One packet is sent in one scheduling. WRR guarantees that thebandwidth used by different queues is consistent with the preset ratio.

Purpose

WRR solves the problem that multiple service streams contend for the resources during networkcongestion.

Specification

Each port supports up to eight priority queues. For some earlier versions (H808ANLF/ANIF/ANLE or H802SHLB), each port supports only four priority queues.

14.3.2 PrincipleThis topic describes the implementation principles of the WRR feature.

WRR scheduling ensures that certain services for each queue by polling scheduling amongdifferent queues.

Assume that each port has four priority queues. By WRR each queue is assigned with a weightedvalue among w3, w2, w1 and w0 in descending order. The weighted value indicates the ratio ofresources that one queue can get.

Use a 100 Mbit/s port as an example. Assign the weighted value of its WRR algorithm to 36,30, 18 and 16 (corresponding to w3, w2, w1 and w0 respectively). This guarantees the minimumbandwidth of 14 Mbit/s to the queue of the lowest priority. In this way, the packets in the queueof the lowest priority can be served.


Feature Description


Issue 03 (2010-01-28)

Assume that each port has eight priority queues. By WRR each queue is assigned with a weightedvalue among w7, w6, w5, w4, w3, w2, w1 and w0 in descending order. The weighted valueindicates the ratio of resources that one queue can get.

Use a 100 Mbit/s port as an example. Assign the weighted value of its WRR algorithm to 13,10, 8, 15, 16, 14, 13 and 11 (corresponding to w7, w6, w5, w4, w3, w2, w1 and w0 respectively).This guarantees the minimum bandwidth of 11 Mbit/s to the queue of the lowest priority. In thisway, the packets in the queue of the lowest priority can be served.

The advantages of the WRR algorithm are as follows:

l The undeserving long-time waiting that might occur in the PQ algorithm can be avoidedby using the WRR algorithm.

l Time allocated to each WRR queue is not fixed. When no traffic is available in one queue,the bandwidth resource is switched to the next queue immediately. Therefore, thebandwidth resource is efficiently used.

14.4 CoS Priority Re-markingCoS priority re-marking means re-marking the CoS priorities (802.1p field) of the packets. Thistopic provides introduction to this feature and describes the principles of this feature.

14.4.1 IntroductionThis topic describes the definition, purpose, and specification of CoS priority re-marking.

14.4.2 PrincipleThis topic describes the implementation principles of the CoS priority re-marking.

14.4.1 IntroductionThis topic describes the definition, purpose, and specification of CoS priority re-marking.

DefinitionCoS priority re-marking means re-marking the CoS priorities (802.1p field) of the packets.

PurposeThe CoS priority re-marking feature is used to differentiate the priorities of multiple services,and thus provide different QoS for different services. For example, a higher priority can bemarked for the voice service. In this way, the delay of the voice service is reduced.

SpecificationThe MA5606T supports the following CoS priority re-marking specifications:

l CoS priority re-marking based on service traffic

l Three re-marking modes: specified priority, trusting user CoS, trusting user IP precedence

14.4.2 PrincipleThis topic describes the implementation principles of the CoS priority re-marking.



14-7

Broadband Access ServiceBased on the actual service requirements, the upstream service traffic streams of users areclassified and each traffic stream carries one service. The following three CoS priority re-marking modes are supported for each service traffic stream:

l Specified priority (0-7, 0 indicates the lowest priority and 7 indicates the highest priority).Fill it in the 802.1p field of an upstream packet.

l Trusting user CoS priority. Copy it to the 802.1p field of an upstream packet.

l Trusting user IP precedence. Copy it to the 802.1p field of an upstream packet.

14.5 Flexible Mapping Between CoS Priorities andScheduling Queues

Flexible mapping between CoS priorities and scheduling queues indicates that the MA5606Tsupports flexible configuration of mappings between priorities and queues. Based on this feature,you can specify the packets of a certain priority to a specified queue. This topic providesintroduction to this feature and describes the principles of this feature.

14.5.1 IntroductionThis topic describes the definition and purpose of flexible mapping between CoS priorities andscheduling queues.

14.5.2 PrincipleThis topic describes the implementation principles of the flexible mapping between CoSpriorities and scheduling queues.

14.5.1 IntroductionThis topic describes the definition and purpose of flexible mapping between CoS priorities andscheduling queues.

DefinitionFlexible mapping between CoS priorities and scheduling queues indicates that the access devicesupports flexible configuration of mappings between priorities and queues. Based on this feature,you can specify the packets of a certain priority to a specified queue.

PurposeThis feature satisfies the specific requirements of the carries for service management. Forexample, if priorities 4 and 5 are for the voice service, then you can map priorities 4 and 5 toqueue 6 to guarantee that the voice service can be scheduled with priority.

14.5.2 PrincipleThis topic describes the implementation principles of the flexible mapping between CoSpriorities and scheduling queues.

When scheduling the ingress Ethernet packets, use a certain priority to determine the ingressqueue. The priority is called the packet service priority. In general, the priority is the prioritycarried in the packet (such as the 802.1p field).


Feature Description


Issue 03 (2010-01-28)

By default, the relationship between the packet service priority and the ingress queue is fixed.That is, the packets with priority 7 enter queue 7 (of the highest priority), the packets with priority6 enter queue 6, and the rest may be deduced by analogy.

In actual networking, the configurations different from the earlier mentioned default setting maybe required. For example, priorities 1, 2, 3, 4, and 5 are used, in which priorities 1 and 2 are forthe data service, priority 3 is for the video service, and priorities 4 and 5 are for the voice service;and the configured queues are 0, 2, 4, and 6.

Table 14-1 shows the mappings between the configured priorities and queues.

Table 14-1 Mapping between the packet service priority and the queue

Packet Service Priority Queue Priority

Default Configuration in aCertain Application

7 7 -

6 6 -

5 5 6

4 4 6

3 3 4

2 2 2

1 1 0

0 0 -

14.6 trTCMA Two Rate Three Color Marker (trTCM) is a marker defined by RFC2698. The trTCM can beused as a component in a Diffserv traffic conditioner, and meters an IP packet stream and marksits packets. This topic provides introduction to this feature and describes the principles of thisfeature.

14.6.1 IntroductionThis topic describes the definition, purpose, specification, and limitation of trTCM.

14.6.2 PrincipleThis topic describes the implementation principles of the trTCM feature.

14.6.1 IntroductionThis topic describes the definition, purpose, specification, and limitation of trTCM.



14-9

DefinitionA Two Rate Three Color Marker (trTCM) is a marker defined by RFC2698. The trTCM can beused as a component in a Diffserv traffic conditioner, and meters an IP packet stream and marksits packets.

The MA5606T supports the trTCM to meter an Ethernet frame stream and marks its frames.

PurposeThe trTCM can be used for traffic policing and marking for the purpose of more effectivebandwidth management. Based on the static bandwidth, the trTCM can guarantee the basicbandwidth, namely, committed information rate (CIR) for users. When the network is idle, thetrTCM allows users to obtain extra bandwidth, namely, peak information rate (PIR). In this way,the trTCM improves the utilization ratio of the network resources.

SpecificationThe MA5606T supports the following trTCM specifications:

l A packet is marked green if it does not exceed the CIR. Such a packet is allowed to pass.

l A packet is marked red if it exceeds the PIR. Such a packet is discarded.

l A packet is marked yellow if it exceeds the CIR but does not exceed the PIR. Such a packetis discarded in case of network congestion.

LimitationBecause the MA5606T implements the QoS technology at the Ethernet layer, the MA5606Tdoes not support marking of IP packet headers, but supports marking of Ethernet frame headers.

14.6.2 PrincipleThis topic describes the implementation principles of the trTCM feature.

RFC2698 trTCM implements the two rate three color marker by using two token buckets. Therelated parameters are as follows:

l CIR: Committed Information Rate, in Kbps.

l CBS: Committed Burst Size, in Kbps.

l PIR: Peak Information Rate, in bytes/s (required to be equal to or exceed the CIR).

l PBS: Peak Burst Size, in bytes.

l CM: Color Mode, in either Color-Blind or Color-Aware, which indicates whether toidentify the colors of the incoming packets.

Figure 14-2 shows the principle of two token buckets.


Feature Description


Issue 03 (2010-01-28)

Figure 14-2 Principle of two token buckets

CIR

PIR

Token Bucket C

Token Bucket P

CBS

PBS

Initially, there are two independent token buckets, P and C. The maximum size of the tokenbucket P is PBS and the maximum size of the token bucket C is CBS. The token buckets P andC are initially (at time 0) full, that is, the token count Tp(0) = PBS and the token count Tc(0) =CBS.

Thereafter, the token count Tp is incremented by one PIR times per second up to PBS and thetoken count Tc is incremented by one CIR times per second up to CBS.

The following uses Tp(t) and Tc(t) to represent the number of tokens in token buckets P and Crespectively at time 0.

l In the Color-Blind mode, when a packet of size B bytes arrives at time t, the followinghappens:– If Tp(t)-B < 0, the packet is red, else;– If Tc(t)-B < 0, the packet is yellow and Tp is decremented by B, else;– The packet is green and both Tp and Tc are decremented by B.

l In the Color-Aware mode, when a packet of size B bytes arrives at time t, the followinghappens:– If the packet has been precolored as red or if Tp(t)-B < 0, the packet is red, else;– If the packet has been precolored as yellow or if Tc(t)-B < 0, the packet is yellow and

Tp is decremented by B, else;– The packet is green and both Tp and Tc are decremented by B.

14.7 Rate Limitation Based on Port and CoSTo manage the bandwidth for the service, you can configure the rate limitation based on portand CoS. This topic provides introduction to this feature and describes the principles of thisfeature.

14.7.1 Introduction



14-11

This topic describes the definition, purpose, and limitation of rate limitation based on port andCoS.

14.7.2 PrincipleThis topic describes the implementation principles of rate limitation based on port and CoS.

14.7.1 IntroductionThis topic describes the definition, purpose, and limitation of rate limitation based on port andCoS.

DefinitionWhen the CoS priority is used to indicate the class of service, to manage the bandwidth of theservices, you can configure the rate limitation parameters based on port and CoS, including theCIR, CBS, PIR, PBS, and meter and mark the packets based on the trTCM.

PurposeThe purpose of this feature is to manage the bandwidth of the service identified by the CoSpriority.

LimitationThe system supports rate limitation only at the board level. That is, the rates of all the ports ina service board are limited in the same way.

14.7.2 PrincipleThis topic describes the implementation principles of rate limitation based on port and CoS.

When rate limitation based on port and CoS priorities is configured on the MA5606T, the packetspassing through each port is classified into eight traffic streams according to the CoS priorities(0-7). Based on these traffic streams, the packets are metered and marked in trTCM modeaccording to the configured parameters.

By default, the rate of any traffic stream for which no rate limitation parameter is configured isunlimited.


Feature Description


Issue 03 (2010-01-28)

15 ANCP

About This Chapter

ANCP refers to the Access Node Control Protocol which is used to implement the functionssuch as topology discovery and line configuration of user ports, and also Layer 2 Control Protocol(L2C) OAM.

15.1 IntroductionThis topic describes the definition, purpose, specification, limitation, and availability of ANCP.

15.2 PrincipleThis topic describes the implementation principles of ANCP.

15.3 ReferenceThis topic describes the reference documents of ANCP.

SmartAX MA5606T Multi-service Access ModuleFeature Description 15 ANCP


15-1

15.1 IntroductionThis topic describes the definition, purpose, specification, limitation, and availability of ANCP.

DefinitionANCP refers to the Access Node Control Protocol. An access device exchanges messages witha BRAS through ANCP to implement the functions such as topology discovery, lineconfiguration of user ports, and also L2C OAM.

PurposeApplying ANCP reduces the operating expenditures (OPEX) of carriers.

SpecificationThe MA5606T supports the following ANCP specifications:

l Topology discovery

l Line configuration

l OAM

l A partition (partition 0)

l two ANCP sessions

l Reporting of traps which indicate the change of the ANCP session status

l Selecting the ID of the start ANCP port through the CLI

l Reporting the topology information about one physical port only once

LimitationNone


No additional hardware is required for supporting the ANCP feature.l License support

The ANCP feature is the basic feature of the MA5606T. Therefore, no license is requiredfor accessing the corresponding service.

15.2 PrincipleThis topic describes the implementation principles of ANCP.

The ANCP feature complies with GSMP V3 (RFC3292) and is implemented based on "draft-wadhwa-gsmp-l2control-configuration-01."

The ANCP feature is applied in the following three scenarios:

15 ANCPSmartAX MA5606T Multi-service Access Module

Feature Description


Issue 03 (2010-01-28)

l Topology discovery and parameter configuration

l Subscriber service update

l Remote connection test

Line Topology Discovery and Parameter Configuration

TR101/TR059 initiates hierarchical QoS (HQoS), a queue scheduling mechanism of lines toprevent congestion of the access network. This mechanism requires that the BRAS is capableof sensing the change of the topology and line parameters of the access network.

Figure 15-1 shows the process of the ANCP topology discovery and parameter configuration.

Figure 15-1 Process of the ANCP topology discovery and parameter configuration

BRAS

RADIUS server

Homegateway

MA5606T

Phone

PC

TV

STB1-ANCP session

established

2-Access-line discoverycapability advertised

3-HG turned on,synchronized with

MSAN

4-Port up message5-Access loop

parametersstored

6-Set shapingrate, adjust

shaping mode7-Subscriber logs in

(PPPoE/DHCP session)

8-Sync rate toRADIUS in

access-request

9-Business logic

10-ServiceVSAs

VoD server

Softswitch

The process of the ANCP topology discovery and parameter configuration is as follows:

1. The MA5606T and the BRAS establish an ANCP session. For the session establishment,refer to GSMP V3 in "15.3 Reference."

2. The MA5606T and the BRAS negotiate their ANCP capability by exchanging the ANCPcapability messages.

3. After the home gateway of a subscriber starts up, the MA5606T senses that the subscriberline is activated. The home gateway and the MA5606T then synchronize the DSL lineparameters.

4. After synchronizing the line parameters, the MA5606T reports to the BRAS the user portUP event that carries the line parameters of the MA5606T. For the format of the parameters,refer to ANCP in "15.3 Reference."

5. After receiving the port UP event, the BRAS records the Access-loop-id and the topologyand parameter information of the subscriber.

6. The BRAS adjusts QoS policies based on the reported line parameters.



15-3

7. After the subscriber gets online, the PPPoE or DHCP session has been established. TheBRAS performs the Access-loop-id matching and QoS processing based on the PPPoEIntermediate Agent or DHCP option82 message.

8. During the subscriber authentication for getting online, if finding the line parametersreported by ANCP, the BRAS shall report these line parameters to the RADIUS serverwhen exchanging messages with the RADIUS server.

9. The RADIUS server exchanges the reported line parameters with the background OSS tocomplete the business logic processing, and delivers the subscriber QoS policies (such asusing a new line profile) based on the subscriber information.

10. If the BRAS and the RADIUS server do not exchange messages, the BRAS directly deliversthe subscriber QoS policies (such as using a new line profile) based on the locallyconfigured policies and the parameters obtained by ANCP.

Subscriber Service Update

When a subscriber orders a service on a self-service website, the network update can beimplemented automatically without manual intervention. This reduces the OPEX of carriers.

Figure 15-2 shows the process of modifying the line parameters during a subscriber serviceupdate.

Figure 15-2 Process of modifying the line parameters during a subscriber service update

VoD serverBRAS

RADIUS server

Homegateway MA5606T

Phone

PC

TVSTB

Softswitch

1-Subscriber logs in(PPPoE/DHCP session)

3-Business logic

5-Line configurationmessage

Portalserver

Policyserver

infoX SSS

2-Serviceon demand 4-Change of

authorization

The process of modifying the line parameters during a subscriber service update is as follows:

1. An ANCP session is established between the MA5606T and the BRAS, and a subscriberaccesses the BRAS.

2. The subscriber orders the required service on the portal server.


Feature Description


Issue 03 (2010-01-28)

3. The portal server and the policy server deliver the name of the required profile through theCOPS protocol, or the RADIUS server delivers the name of the required profile throughthe RADIUS protocol.

4. The BRAS delivers the received profile name to the MA5606T through ANCP.5. The MA5606T uses the new profile to activate the user port to implement the ordered

service.

Remote Connection TestThe MA5606T can execute a remote connection test through ANCP.

Figure 15-3 shows the process of a remote connection test.

Figure 15-3 Process of a remote connection test

VoD serverBRAS

RADIUS server

Homegateway

MA5606T

PhonePCTV

STB

Softswitch

1-ANCP sessionestablished

2-ANCP capabilityadvertised

4-Send OAM F5 eteloopback cell

3-L2c OAM message

6-Echo l2c OAMmessage

5-Echo OAM F5 eteloopback cell

The process of a remote connection test is as follows:

1. An ANCP session is established between the MA5606T and the BRAS. For the sessionestablishment, refer to GSMP V3 in "15.3 Reference."

2. The MA5606T and the BRAS negotiate their ANCP capability by exchanging the ANCPcapability messages.

3. The BRAS triggers a loopback test on a subscriber line through the command line interface(CLI) or the BMS, and then sends the OAM message to the MA5606T.

4. The MA5606T constructs ATM OAM F5 loopback cells (ete loopback cells), and thensends them to the home gateway to run a loopback test on the DSL line.

5. The home gateway responds to the loopback test of the MA5606T.6. The MA5606T sends the loopback test result to the BRAS.

15.3 ReferenceThis topic describes the reference documents of ANCP.

The following lists the reference documents of ANCP:



15-5

l IETF RFC3292: General Switch Management Protocol (GSMP) V3

l IETF DRAFT: draft-wadhwa-gsmp-l2control-configuration-01.txt


Feature Description


Issue 03 (2010-01-28)

16 MSTP

About This Chapter

The Multiple Spanning Tree Protocol (MSTP) is compatible with STP and RSTP.

16.1 IntroductionThis topic describes the definition, purpose, specification, limitation, and availability of MSTP.

16.2 PrincipleThis topic describes the implementation principles of MSTP.

16.3 ReferenceThis topic describes the reference documents of MSTP.

SmartAX MA5606T Multi-service Access ModuleFeature Description 16 MSTP


16-1

16.1 IntroductionThis topic describes the definition, purpose, specification, limitation, and availability of MSTP.

Definition

The Spanning Tree Protocol (STP) applies to a loop network to realize path redundancy throughcertain algorithms. STP also prunes a loop network into a loop-free tree network. This helps toavoid proliferation and infinite loop of packets in the loop network.

The Rapid Spanning Tree Protocol (RSTP) is an improvement on STP. The rapidness of RSTPrelies on the greatly shortened delay for the designated port and the root port to turn into theforwarding state in a certain condition. For details, see "Principles of RSTP" in "16.2Principle." This helps to shorten the time for stabilizing the network topology.

The Multiple Spanning Tree Protocol (MSTP) is compatible with STP and RSTP.

Purpose

Although STP can prune a loop network into a loop-free network, it fails to transit fast. Even aport in a point-to-point link or an edge port has to wait double Forward Delay time before it canturn into the forwarding state.

RSTP features fast convergence; however, like STP, RSTP still has the following defects:

l All the bridges in a local area network (LAN) share a same spanning tree, and fail to blockredundant links by VLAN.

l The packets of all the VLANs are forwarded along the same spanning tree. Therefore, loadsharing of data traffic cannot be implemented between VLANs.

MSTP can remedy the defects of STP and RSTP. It not only realizes fast convergence, but alsoenables traffic of different VLANs to be forwarded along their respective paths. This helps toprovide a better load sharing mechanism for redundant links.

MSTP sets VLAN mapping tables (relation tables between VLANs and spanning trees) toassociate VLANs and spanning trees. MSTP divides a switching network into multiple regions.Each region contains multiple spanning trees, and each spanning tree is independent from anyother one.

MSTP prunes a loop network to a loop-free tree network to avoid proliferation and infinite loopof packets in the loop network. It also provides multiple redundant paths for data forwarding torealize load sharing of VLAN data during forwarding.

Specification

The MA5606T supports the following MSTP specifications:

l Compliance with IEEE std 802.1s

l Bridge Protocol Data Unit (BPDU) protection

l Root protection

16 MSTPSmartAX MA5606T Multi-service Access Module

Feature Description


Issue 03 (2010-01-28)

l Loop protection

l ring check

Limitation

Due to difference in protocols, RSTP and MSTP shall comply with the following limitationswhen cooperating to realize fast transition:

l The bridge running MSTP works as the upstream device.

l The bridge running RSTP works as the downstream device.

Otherwise, when the network topology changes, fast transition of a port cannot be realized.


The control board supports the MSTP feature.l License support

The MSTP feature is the basic feature of the MA5606T. Therefore, no license is requiredfor accessing the corresponding service.

16.2 PrincipleThis topic describes the implementation principles of MSTP.

Principles of STP

STP determines the topology of a network by transmitting a certain special message(configuration message as defined in IEEE 802.1D) between bridges. A configuration messagecontains sufficient information to enable the bridge to complete the calculation of the spanningtree.

The following defines the designated port and the designated bridge:

l For a bridge (such as bridge A), the designated bridge is a bridge that is directly connectedto bridge A and forwards data packets to bridge A. The designated port is the port in thedesignated bridge through which the data packets are forwarded to bridge A.

l For a LAN, the designated bridge is a bridge that forwards data packets to the LAN. Thedesignated port is the port in the designated bridge through which the data packets areforwarded to the LAN.

Figure 16-1 shows a schematic drawing of the designated bridge and the designated port.



16-3

Figure 16-1 Schematic drawing of designated bridge and designated port

Switch A Priority: 0

Switch BPriority: 1

CP2BP2

CP1BP1

AP1

Priority: 2Switch C

AP2

As shown in Figure 16-1:

l AP1, AP2, BP1, BP2, CP1, and CP2 are ports in Switch A, Switch B, and Switch Crespectively.

l Switch A forwards data to Switch B through port AP1, and then the designated bridge ofSwitch B is Switch A, and the designated port is port AP1 in Switch A.

l Switch B and Switch C are connected to the LAN. If Switch B forwards data packets to theLAN, the designated bridge of the LAN is Switch B, and the designated port is port BP2in Switch B.

In STP, the configuration message is forwarded as follows:

1. In network initialization, all the bridges work as the root bridge of the spanning tree.

2. The designated port of a bridge takes the hello time as the interval for sending itsconfiguration messages. If the port that receives the configuration message is a root port,the bridge increases the message age contained in the configuration message by degreesand enables the timer to time the configuration message.

3. If a path fails, the root port on this path receives new configuration messages no longer,and the old configuration messages are discarded due to timeout. This results inrecalculation of the spanning tree. A new path then is created to replace the faulty path andrecover the network connectivity.

The new configuration message upon the recalculation, however, will not immediately spreadthroughout the entire network. In this case, the old root port and designated port that fail todiscover the topology change will forward their data along the old paths. If the selected root portand designated port forwards data immediately, a temporary loop may be created.

Therefore, STP adopts a state transition mechanism. That is, the root port and the designatedport have to experience a transition state before they can re-forward data. The transition stateturns into the forwarding state upon Forward Delay. This delay guarantees that the newconfiguration message has spread throughout the entire network.


Feature Description


Issue 03 (2010-01-28)

Defects of STPl In case of topology change or link failure, a port has to wait double Forward Delay time

before it can turn from the blocking state to the forwarding state. Therefore, in case oftopology change, double Forward Delay time (at least scores of seconds) is required torestore the network connectivity.

l The entire bridged LAN uses a single spanning tree instance. Therefore, when the networkis large, a longer convergence time may be required or the topology changes frequently.

Principles of RSTP

RSTP is an improvement on STP. The rapidness of RSTP relies on the greatly shortened delayfor the designated port and the root port to turn into the forwarding state in a certain condition.This helps to shorten the time for stabilizing the network topology.

In comparison with STP, RSTP improves in the following aspects:

l First improvement:– The alternate port and backup port are set for rapid switching of the root port and

designated port.– When the root port fails, the alternate port quickly switches to the new root port and

turns into the forwarding state without delay.– When the designated port fails, the backup port quickly switches to the new designated

port and turns into the forwarding state without delay.l Second improvement:

– In a point-to-point link connected with two switching ports, a designated port turns intothe forwarding state without delay after one handshake with the downstream bridge.

– In a shared link connected with at least three bridges, the downstream bridge does notrespond to the handshake request sent from the upstream designated port, and thedesignated port has to wait double Forward Delay time before it turns into theforwarding state.

l Third improvement:– A port that is directly connected to a terminal and is not connected to any other bridge

is defined as an edge port. The edge port can directly turn into the forwarding statewithout delay.

– Because a bridge does not know whether a port is directly connected to a terminal, theedge port must be configured manually.

The bridges that adopt RSTP are compatible with the bridges which adopt STP. The bridges thatadopt RSTP can identify both STP and RSTP packets and apply them to calculation of thespanning tree.

Defects of RSTP

Although RSTP features fast convergence, like STP, RSTP still has the following defects:

All the bridges in a LAN share a same spanning tree, and thus the packets of all the VLANscannot be forwarded equally. Furthermore, the packets of some VLANs cannot be forwarded.

Principles of MSTP



16-5

MSTP can remedy the defects of STP and RSTP. It not only realizes fast convergence, but alsoenables traffic of different VLANs to be forwarded along their respective paths. This helps toprovide a better load sharing mechanism for redundant links.

MSTP sets VLAN mapping tables (relation tables between VLANs and spanning trees) toassociate VLANs and spanning trees. MSTP divides a switching network into multiple regions.Each region contains multiple spanning trees, and each spanning tree is independent of any otherone.

Multiple spanning trees can run on each bridge to forward the packets of different VLANs.

MSTP divides the entire L2 network into multiple spanning tree (MST) regions. These regionsand the other bridges and LANs are connected into a single common spanning tree (CST).Multiple spanning trees are created in a region through calculation. Each spanning tree is definedas a multiple spanning tree instance (MSTI). MSTI 0 is defined as an internal spanning tree(IST). MSTP connects all bridges and LANs with a single common and internal spanning tree(CIST) which consists of the CST and the IST.

Like RSTP, MSTP calculates the spanning tree according to the configuration message. Theconfiguration message, however, contains the message of MSTP on the bridge.

l Calculation of CIST– Select a bridge with the highest priority within the entire network as the CIST root by

comparing the configuration messages.– In each MST region, MSTP creates an IST through calculation. Meanwhile, MSTP

regards each MST region as a single bridge, and then creates a CST between regions.– The CST and the IST forms the CIST that connects all the bridges in a bridge network.

Select a bridge with the highest priority within the entire network as the CIST root bycomparing the configuration messages. In each MST region, MSTP creates an IST throughcalculation. Meanwhile, MSTP regards each MST region as a single bridge, and then createsCST between regions.

l Calculation of MSTIIn an MST region, MSTP creates different MSTIs for different VLANs according to themapping relation between the VLANs and the spanning tree instances. Each spanning treeis calculated independently. The process is similar to that in which the RSTP calculates thespanning tree.

Implementation of MSTP on the MA5606T

MSTP is compatible with STP and RSTP. The bridges that adopt MSTP can identify both STPand RSTP packets and apply them to calculation of the spanning tree.

Besides the basic functions of MSTP, the MA5606T provides some special functions, such as:

l BPDU protection

For an access device, the access port is generally connected to a terminal (such as a PC) orfile server. In this case, the access port is set to an edge port for the purpose of fast transition.When receiving a configuration message (BPDU), the edge port switches to a non-edgeport automatically, the spanning tree is re-calculated and the topology changes accordingly.In normal conditions, an edge port cannot receive STP configuration messages. If the bridgeis maliciously attacked by forged configuration messages, the network will be attacked.The BPDU protection function can prevent such network attacks.


Feature Description


Issue 03 (2010-01-28)

After the BPDU protection function is enabled on the MA5606T, if an edge port receivesa configuration message, the system shuts down the edge port, and notifies the networkmanagement system of the related information. Only network administrators can enablethe port that is shut down.

It is recommended that you enable the BPDU protection function on the MA5606T whichis configured with an edge port.

l Root protection

Because of wrong configurations by the maintenance personnel or malicious networkattacks, a legal root bridge in the network may receive a configuration message with ahigher priority. In this case, this root bridge may become a non-root bridge and the topologychanges accordingly. Such illegal change results in transfer of traffic in high-speed linksto low-speed links, thus causing network congestion.

The root protection function is a solution to this problem.

When the root protection function is enabled for a port, the port is always a designated port.If the port receives a configuration message with a higher priority, and is to become a non-designated port, the port will turn into the listening state and will not forward packets (thatis, the link connected to the port is disconnected). If the port does not receive a configurationmessage of a much higher priority within a certain long period of time, the port will turninto the normal state.

l Loop protection

A bridge maintains the states of the root port and other blocked ports by continuouslyreceiving BPDUs from the upstream bridge.

In case of link congestion or failure, these ports fail to receive BPDUs from the upstreambridge. For this reason, the bridge will re-select its root bridge. The previous root bridgeswitches to the designated port, and the blocked ports turn to the forwarding state. As aresult, loops are created in the switching network.

The loop protection function is a solution to this problem.

After receiving the BPDUs (excluding the TCN packets) again, a port under loop protectionnormally processes the packets, selects the role, and resets the forwarding state of the port.The port is not always in the blocked state.

When the loop protection function is enabled, if the root port switches to a non-root port,it will turn into the discarding state, and the blocked ports will remain in the discardingstate. Therefore, no packets are forwarded, and no loop is created in the network.

NOTE

The three protection functions conflict with each other.

16.3 ReferenceThis topic describes the reference documents of MSTP.

The following lists the reference documents of MSTP:

l IEEE Std 802.1d, 1998 Edition, Spanning Tree Protocol

l IEEE Std 802.1w-2001, Rapid Spanning Tree Protocol

l IEEE Std 802.1s-2002, Multiple Spanning Tree Protocol



16-7

17 Multicast

About This Chapter

Multicast refers to the point-to-multipoint communication in which the multicast source sendsthe information to a certain subset of all the network nodes.

17.1 OverviewMulticast refers to the point-to-multipoint communication in which the multicast source sendsthe information to a certain subset of all the network nodes. This topic provides introduction tothis feature and describes the principles and reference documents of this feature.

17.2 IGMP SnoopingIGMP snooping is a type of multicast control mechanism that works in the data link layer. It isused to manage and control multicast. This topic provides introduction to this feature anddescribes the principles of this feature.

17.3 IGMP ProxyIGMP proxy is a function by which in a tree topology, the MA5606T works as an IGMP proxyto forward the multicast protocol packets, but does not establish routes for multicast forwarding.This topic provides introduction to this feature and describes the principles of this feature.

17.4 Multicast VLAN ManagementMulticast VLAN defines certain important contents of controllable multicast, such as multicastprograms and users. This topic provides introduction to this feature and describes the principlesof this feature.

17.5 Program ManagementProgram management indicates the management of program attributes, including the programbandwidth and preview parameters. This topic provides introduction to this feature and describesthe principles of this feature.

17.6 User ManagementUser management indicates the configuration of valid multicast users, authentication of the userswhen they log in, and CAC bandwidth checks. This topic provides introduction to this featureand describes the principles of this feature.

SmartAX MA5606T Multi-service Access ModuleFeature Description 17 Multicast


17-1

17.1 OverviewMulticast refers to the point-to-multipoint communication in which the multicast source sendsthe information to a certain subset of all the network nodes. This topic provides introduction tothis feature and describes the principles and reference documents of this feature.

17.1.1 IntroductionThis topic describes the definition, purpose, specification, and availability of multicast.

17.1.2 PrincipleThis topic describes the implementation principles of multicast.

17.1.3 ReferenceThis topic describes the reference documents of multicast.

17.1.1 IntroductionThis topic describes the definition, purpose, specification, and availability of multicast.

Definition

Multicast refers to the point-to-multipoint communication in which the multicast source sendsthe information to a certain subset of all the network nodes.

Controllable multicast allows an access device to determine if a user has the authority to watchprograms by identifying the user request packets. In this way, the access device controls andforwards the multicast services.

Purpose

The MA5606T provides the IPTV service by adopting the multicast technology.

By adopting controllable multicast, the access device manages and controls multicast users. Thishelps to satisfy carriers' requirements for video services provisioning, and to enable the multicastservices to be operable and manageable.

The core of the multicast technology is duplication of the packets at the place nearest to thereceiver, thus lowering the multicast traffic on the network.

Specification

The MA5606T supports the following multicast specifications:

l IGMP V2/V3

l IGMP proxy

l IGMP snooping

l PIM-SSM forwarding

l Tree network

l MSTP ring network

17 MulticastSmartAX MA5606T Multi-service Access Module

Feature Description


Issue 03 (2010-01-28)

l Controllable multicast, including multicast VLAN management, program management,and user management

l Re-configuring the VLAN of the upstream IGMP packets based on the ONT

l Transparent snooping for the distributed multicast


No additional hardware is required for supporting the multicast feature.l License support

– The number of the multicast users supported by the MA5606T is under license.Therefore, the license is required for accessing the corresponding service.

– The number of the multicast programs that can be ordered by the users of theMA5606T is under license. Therefore, the license is required for accessing thecorresponding service.

– The MA5606T supports the license to control the number of multicast users or thenumber of multicast programs at a time.

17.1.2 PrincipleThis topic describes the implementation principles of multicast.

Figure 17-1 shows a typical multicast application in a tree topology.



17-3

Figure 17-1 Typical multicast application in a tree topology

Enabled withIGMP proxy

Enabled with IGMPV2/V3

IPTV Server 1 IPTV Server 2

MA5606T

Supporting SSM forwarding andrunning IGMP proxy/snooping or

multicast routing protocol

Enabled with IGMP proxy/snoopingForwarding based on VLAN +

multicast MAC supported

STB

Dataservice

VoIPservice

IPTV videoservice

Home Gateway

STB

Dataservice

VoIPservice

IPTV videoservice

Home Gateway

Layer 2 forwarding is adopted for the multicast application on the access equipment. TheMA5606T forwards the multicast traffic based on VLAN + multicast MAC.

In a ring network, the device enabled with RSTP/MSTP realizes path redundancy using certainalgorithms, and dynamically prunes the ring network into a loop-free tree network.

17.1.3 ReferenceThis topic describes the reference documents of multicast.

The following lists the reference documents of multicast:l TR101: Technical Report DSL Forum TR-101 Migration to Ethernet-Based DSL

Aggregation April 2006l RFC 1112: Deering, S., "Host Extensions for IP Multicasting", STD 5, RFC 1112, August

1989l RFC-2236: Fenner, W., "Internet Group Management Protocol, Version 2", RFC 2236,

November 1997l RFC 3376: B. Cain., "Internet Group Management Protocol, Version 3 ", RFC

3376,October 2002


Feature Description


Issue 03 (2010-01-28)

17.2 IGMP SnoopingIGMP snooping is a type of multicast control mechanism that works in the data link layer. It isused to manage and control multicast. This topic provides introduction to this feature anddescribes the principles of this feature.

17.2.1 IntroductionThis topic describes the definition, purpose, specification, and limitation of IGMP snooping.

17.2.2 PrincipleThis topic describes the implementation principles of IGMP snooping.

17.2.1 IntroductionThis topic describes the definition, purpose, specification, and limitation of IGMP snooping.

Definition

IGMP snooping is a type of multicast control mechanism that works in the data link layer. It isused to manage and control multicast groups and effectively restrains the spread of multicastdata in the L2 network.

Purpose

The MA5606T supports IGMP snooping feature to realize the multicast management in the L2network, thus effectively restraining the spread of the multicast data in L2.

Specification

The MA5606T supports the following IGMP snooping specifications:

l IGMP V2/V3 snoopingIGMP V3 supports only the packets in Include mode according to TR101.

l IGMP snooping over IPoE

l IGMP snooping over PPPoE

l A querier that supports the general query and group-specific query mechanism

l SSM forwarding

l Tree and ring networks

l Snooping report proxy

l Snooping leave proxy

Limitation

The MA5606T has the following IGMP snooping limitations:

l To guarantee the transmission quality of the programs ordered by the users, and to preventunknown multicast programs from occupying the user line bandwidth, MA5606T shall



17-5

suppress the unknown multicast at the network end. By default, the unknown multicast issuppressed.

l To satisfy the multicast leased line requirements, set the user port so that it allows theunknown multicast traffic to pass.

17.2.2 PrincipleThis topic describes the implementation principles of IGMP snooping.l Process for a multicast user to get online and offline

In IGMP snooping mode, the MA5606T switches the packets for joining and leaving amulticast group to the upstream VLAN, and then forwards the packets to the multicastrouter.In IGMP snooping mode, the MA5606T acts as a querier. Upon receiving the query packetsfrom the multicast router, the MA5606T sends a query packet to the user. If there is noresponse within the specified duration, the MA5606T deletes the local multicast forwardingentry. Consequently, the multicast router deletes the forwarding entry from its owndatabase.Upon receiving a user' s leave packet, the upper layer router sends a group-specific querypacket to the user. If there is no response from the user within a specified duration, therouter deletes the user from the multicast group.

l Snooping report proxy and leave proxyWhen a user gets online and sends a request packet for joining a program, the MA5606Tswitches the packet to multicast VLAN and then forwards it to the multicast router. Thesubsequent request packets from the user for joining the program are not forwarded to themulticast router.When the user gets offline, the MA5606T forwards only the last leave packet to themulticast router to tell it not to forward the related multicast traffic any longer.If report proxy is enabled, the MA5606T responds to the query of the multicast router.

l IGMP snooping over PPPoEIf a PPPoE user needs to be authenticated by the BRAS and needs to receive multicasttraffic, the MA5606T must support IGMP snooping over PPPoE, which complies with thedefinition of IGMP ECHO in TR101. The MA5606T forwards a PPPoE-encapsulatedIGMP packet to the BRAS, and also generates an IPoE IGMP packet and forwards thepacket to the multicast router.

17.3 IGMP ProxyIGMP proxy is a function by which in a tree topology, the MA5606T works as an IGMP proxyto forward the multicast protocol packets, but does not establish routes for multicast forwarding.This topic provides introduction to this feature and describes the principles of this feature.

17.3.1 IntroductionThis topic describes the definition, purpose, and specification of IGMP proxy.

17.3.2 PrincipleThis topic describes the implementation principles of IGMP proxy.

17.3.1 IntroductionThis topic describes the definition, purpose, and specification of IGMP proxy.


Feature Description


Issue 03 (2010-01-28)

Definition

IGMP proxy is a function by which in a tree topology, the MA5606T works as an IGMP proxyto forward the multicast protocol packets, but does not establish routes for multicast forwarding.

l For the multicast hosts, the access device serves as a multicast router to collect and maintainthe membership in the multicast group by:– Receiving the join and leave packets from the hosts connecting with the downstream

port– Checking regularly whether there is a member belonging to some multicast group on

the downstream portl For the multicast router, the access device serves as a multicast host. It informs the multicast

router that it wants to join or leave a certain specific multicast group by sending the join orleave packets.

Purpose

IGMP proxy enables the L2 device to support multicast service. In addition, it helps to decreasethe packets for joining and leaving a multicast group, thus lowering the multicast traffic at thenetwork side.

Specification

The MA5606T supports the following IGMP proxy specifications:

l IGMP V2/V3 proxyIGMP V3 supports the packets in Include or Exclude modes according to TR101.

l A querier that supports the general query and group-specific query mechanism

l The features of responding to the query of an upper layer router

l IGMP host for sending a packet to the upper layer multicast router for joining and leavinga multicast group

l SSM forwarding

l Tree and ring networks

17.3.2 PrincipleThis topic describes the implementation principles of IGMP proxy.

The IGMP proxy implementation is as follows:

1. When an IGMP user intends to order a video program, the user must send an IGMP requestto the IGMP proxy for joining the multicast group corresponding to the program.

2. Upon receiving the request, the MA5606T forwards the request packet to the multicastrouter for applying for multicast traffic if the user is the first one to watch the program. Ifthe multicast traffic is being delivered, the MA5606T forwards the traffic directly to theuser.

3. The MA5606T sends group-general query packets to all online IGMP users at regularintervals. If it fails to receive any response from a user within a certain period, it considersthat the user has left the multicast group, and deletes the user from the multicast group. If



17-7

the user is the last one in the group, the MA5606T sends leave packets to the multicastrouter.

4. Meanwhile, when receiving a general query from the multicast router, the MA5606Treports the current multicast state to the router.

17.4 Multicast VLAN ManagementMulticast VLAN defines certain important contents of controllable multicast, such as multicastprograms and users. This topic provides introduction to this feature and describes the principlesof this feature.

17.4.1 IntroductionThis topic describes the definition, purpose, specification, and limitation of multicast VLANmanagement.

17.4.2 PrincipleThis topic describes the implementation principles of multicast VLAN management.

17.4.1 IntroductionThis topic describes the definition, purpose, specification, and limitation of multicast VLANmanagement.

Definition

Multicast VLAN defines some important contents of controllable multicast, such as multicastprograms and users.

Purpose

By leasing multicast VLANs to ISPs, customers can manage the ISPs.

Specification

The MA5606T supports the following multicast VLAN management specifications:

l The system supports up to 32 multicast VLANs.

l Each multicast VLAN can work in proxy or snooping mode.

l Each multicast VLAN can select IGMP V2 or IGMP V3.

l Each multicast VLAN supports up to 4K users.

l Each multicast VLAN support difference program creation modes: static and dynamic.

l The multicast upstream port can be specified for each multicast VLAN.

Limitation

Because the system permits transparent transmission of unknown multicast packets, and themulticast address of unknown multicast may overlap with the address of the controllableprogram, make sure that the user VLAN does not overlap with the multicast VLAN. Otherwise,unknown multicast packets are forwarded based on the multicast forwarding table.


Feature Description


Issue 03 (2010-01-28)

17.4.2 PrincipleThis topic describes the implementation principles of multicast VLAN management.

Working Mode

The multicast VLAN is mainly used to support networking of different ISPs. The working modeof the multicast VLAN can be IGMP proxy or IGMP snooping.

In IGMP V3, the join packets can carry the programs which belong to different VLANs.

l If the VLAN works in IGMP proxy mode, the original packets of users are segmented andsent from the corresponding multicast VLANs.

l If the VLAN works in IGMP snooping mode, make sure that multiple records in a reportpacket do not match multicast VLANs in different snooping modes. Otherwise, theforwarding of packets causes flooding of IGMP packets. The system processes the firstrecord in the IGMP packet or discards the packet.

IGMP Version

The IGMP version is configured for each VLAN. This guarantees compatibility of differentversions. The IGMP version of a multicast VLAN can be IGMP V2 or IGMP V3. By default, itis IGMP V3.

l IGMP V3 is compatible with IGMP V2/V1, and IGMP V2 is compatible with IGMP V1,Forward compatibility, however, is not supported.

– Based on the existing service applications, the MA5606T supports access of IGMP V3terminals, and processes IGMP V2 packets, but does not support IGMP V1.

– For the IGMP V3 terminals, the IGMP V2 query packets are sent manually to enablethese terminals to work in IGMP V2 mode.

l IGMP V2: Only IGMPv2 is supported.

Program Creation Mode

The MA5606T supports the following two program creation modes:

l Static programs

– For a multicast group which the users join through the IGMP requests, the programtable is searched based on the address of the multicast group and the source IP address(for IGMP V3 only).

– In the case of matching, the multicast forwarding is permitted from the multicast VLANto the user port, and the upstream IGMP packets are also forwarded through the multicastVLAN.

l Dynamic programs

– Based on the join requests, the multicast addresses are obtained to dynamically generateprograms.

– The dynamically generated programs do not provide the user-side and network-sideCAC bandwidth control, preview, and pre-join functions.



17-9

Multicast UsersAccording to the description in TR101, a multicast user can order the programs of a multicastVLAN only when the user is a member of the multicast VLAN.

17.5 Program ManagementProgram management indicates the management of program attributes, including the programbandwidth and preview parameters. This topic provides introduction to this feature and describesthe principles of this feature.

17.5.1 IntroductionThis topic describes the definition, purpose, specification, and limitation of programmanagement.

17.5.2 PrincipleThis topic describes the implementation principles of program management.

17.5.1 IntroductionThis topic describes the definition, purpose, specification, and limitation of programmanagement.

Definition

Program management indicates the management of program attributes, including the programbandwidth and preview parameters.

Purpose

Program management is to set the attributes of a program.

Specification

The MA5606T supports the following program management specifications:

l Setting the preview parameters

l Up to 4K static programs

l The system supports up to 2K programs, and each multicast VLAN supports up to 4Kprograms.

l Prejoin of a static program

l Setting the priority of a static program

l Setting the bandwidth of a static program

l Hierarchical multicast program management, that is, the bandwidth and the number ofconcurrently available programs for the multicast users vary with their authorities.

Limitation

To preview a program, a multicast user must have the right to preview the program.


Feature Description


Issue 03 (2010-01-28)

17.5.2 PrincipleThis topic describes the implementation principles of program management.

Preview

The program preview is to control the times, duration, and interval for a user to watch a program.This allows the user to have basic knowledge about the program, but does not have the right towatch the complete program.

A user with the preview authority can preview the program only for a fixed duration. When theduration expires, the user gets offline. After the preview interval, the user can preview theprogram again. The number of previews available for a user in a day cannot exceed the presetnumber of previews.

Prejoin

The program prejoin feature enables the MA5606T to send request packets to the multicast routerfor joining a multicast group if there is no online user. This helps in delivering the multicasttraffic to the MA5606T in advance, thus shortening the wait time for a user to order a program.

Priority

When forwarding multicast traffic, the MA5606T schedules the traffic on the user port accordingto the specified priority. This guarantees the quality of the program.

Bandwidth

Both the connection admission control (CAC) at the user side and that at the network side arebased on the total bandwidth occupied by the online programs of a user or an upstream port. Thebandwidth determines whether a new program can be played. If the bandwidth occupied by theonline programs and that of a new program exceeds the specified CAC, the user cannot play thenew program.

17.6 User ManagementUser management indicates the configuration of valid multicast users, authentication of the userswhen they log in, and CAC bandwidth checks. This topic provides introduction to this featureand describes the principles of this feature.

17.6.1 IntroductionThis topic describes the definition, purpose, and specification of user management.

17.6.2 PrincipleThis topic describes the implementation principles of user management.

17.6.1 IntroductionThis topic describes the definition, purpose, and specification of user management.



17-11

Definition

User management indicates the configuration of valid multicast users, authentication of the userswhen they log in, and CAC bandwidth checks.

Purpose

User management pertains to controlling and preventing illegal users from watching controlledprograms.

Specification

The MA5606T supports the following user management specifications:

l Each physical port on the xDSL service board supports eight multicast user.

l The IGMP bearer channel and the multicast service bearer channel of a multicast user canbe defined separately.

l Up to 2K authority profiles can be configured.

l The program authority can be any one of watch, preview, forbidden and idle.

l A multicast user can be bound with up to 512 authority profiles.

l CAC at the user side is supported.

l The fast leave feature is supported.

l A multicast user can watch up to 32 programs concurrently.

17.6.2 PrincipleThis topic describes the implementation principles of user management.

Multicast CAC

Multicast CAC means control of a user's ordering a program based on the bandwidth of asubscriber line. When ordering a multicast program, a user knows the program bandwidth fromthe MA5606T. The MA5606T checks whether the user bandwidth is sufficient for playing a newprogram. If yes, the user can order the program. If no, the user fails to order the program.

Fast Leave

Fast leave indicates that the MA5606T deletes a user from a multicast group without any queryif it receives the IGMP leave packet.

IGMP Bearer Channel

The IGMP bearer channel involves the following parameters:

l xDSL, VPI, VCI, including ADSL, SHDSL, VDSL2 (ATM mode)

l user-encap, including PPPoE and IPoE

l user-VLAN

l user-802.1p


Feature Description


Issue 03 (2010-01-28)

Video Bearer Channel

By default, the IGMP bearer channel and the video bearer channel are the same. For flexibility,you can specify a video bearer channel and an IGMP bearer channel.

If you do not specify the video bearer channel, the IGMP bearer channel also serves as the videobearer channel.

The video bearer channel involves the following parameters:

l xDSL, VPI, VCI, including ADSL, SHDSL, VDSL2 (ATM mode)

l user-encap, including PPPoE and IPoE

l user-VLAN

l user-802.1p

Program Authority

The program authority is defined in an authority profile. You can control the authorities bybinding a user with different authority profiles.

The program authority can be forbidden, preview, watch, and idle in a descending order. Thesystem administrator is authorized to configure the authority.



17-13

18 Triple Play

About This Chapter

Triple play is a service provisioning mode in which integrated services can be provided to a user.Currently, the prevailing integrated services include the high-speed Internet access service, voiceover IP (VoIP) service, and IPTV service.

18.1 Features of Triply PlayTriple play is a service provisioning mode in which integrated services can be provided to a user.Currently, the prevailing integrated services include the high-speed Internet access service, voiceover IP (VoIP) service, and IPTV service. This topic provides introduction to this feature anddescribes the principles and reference documents of this feature.

18.2 Single-PVC for Multiple ServicesSingle-PVC for multiple services is a triple play mode in which a single PVC is adopted forcarrying multiple services from the MA5606T to each DSL user terminal. This topic providesintroduction to this feature and describes the principles of this feature.

18.3 Multi-PVC for Multiple ServicesMulti-PVC for multiple services is a triple play mode in which multiple PVCs are adopted forcarrying multiple services from the MA5606T to each DSL user terminal. This topic providesintroduction to this feature and describes the principles of this feature.

SmartAX MA5606T Multi-service Access ModuleFeature Description 18 Triple Play


18-1

18.1 Features of Triply PlayTriple play is a service provisioning mode in which integrated services can be provided to a user.Currently, the prevailing integrated services include the high-speed Internet access service, voiceover IP (VoIP) service, and IPTV service. This topic provides introduction to this feature anddescribes the principles and reference documents of this feature.

18.1.1 IntroductionThis topic describes the definition, purpose, specification, and availability of triple play.

18.1.2 PrincipleThis topic describes the implementation principles of triple play.

18.1.3 ReferenceThis topic describes the reference documents of triple play.

18.1.1 IntroductionThis topic describes the definition, purpose, specification, and availability of triple play.

Definition

Triple play is a service provisioning mode in which integrated services can be provided to a user.Currently, the prevailing integrated services include the high-speed Internet access service, voiceover IP (VoIP) service, and IPTV service.

Purpose

The early broadband access provides only the high-speed Internet access service. As the Internetis rapidly developing, it can offer much richer services, such as video (IPTV) services. Thedevelopment of multiple access modes such as ADSL2+ and VDSL2 access, and theimprovement of broadband access also lay a solid foundation for provisioning the video service.

Specification

The MA5606T supports the following triple play modes:l Single-PVC for multiple services

l Multi-PVC for multiple services


No additional hardware is required for supporting the triple play feature.l License support

The triple play feature is the basic feature of the MA5606T. Therefore, no license is requiredfor accessing the corresponding service.

18.1.2 PrincipleThis topic describes the implementation principles of triple play.

18 Triple PlaySmartAX MA5606T Multi-service Access Module

Feature Description


Issue 03 (2010-01-28)

The main concern of triple play is how to handle different priorities of different services in auser port, and to reduce the mutual effect to the lowest level.

l VoIP service

Because the bandwidth and delay of the VoIP service are low, the priority of the VoIPservice is the highest among the triple play services.

NOTE

High delay causes echo that affects the voice quality.

l IPTV service

Because the bandwidth occupied by the IPTV service is relatively high, and the bit errorratio/packet loss ratio is relatively low, the priority of the IPTV service is lower than thatof the VoIP service, but is higher than that of the Internet access service.

NOTE

A high bit error ratio or packet loss ratio causes loss to video frames, thus affecting the programquality.

l High-speed Internet access

Because common Internet access services, such as web browsing, require neither a strongreal-time performance nor a low packet loss ratio, the priority of the high-speed Internetaccess service is the lowest among the triple play services.

NOTE

For the Internet access service, the retransmission mechanism is usually available to guaranteetransmission reliability. Therefore, the Internet access service does not require a low packet loss ratiolike the IPTV service.

To manage the three services in a port conveniently, the MA5606T supports three VLANs foran upstream interface, one for the VoIP service, one for the IPTV service, and another for thehigh-speed Internet access service.

NOTEWhen the services are differentiated by Ethernet type (IPoE/PPPoE), the service data goes upstream throughonly two different VLANs.

18.1.3 ReferenceThis topic describes the reference documents of triple play.

For standards and recommendations, see the section, "Standards Compliance" in theMA5606T Product Description.

18.2 Single-PVC for Multiple ServicesSingle-PVC for multiple services is a triple play mode in which a single PVC is adopted forcarrying multiple services from the MA5606T to each DSL user terminal. This topic providesintroduction to this feature and describes the principles of this feature.

18.2.1 IntroductionThis topic describes the definition, purpose, specification, and limitation of single-PVC formultiple services.

18.2.2 Principle



18-3

This topic describes the implementation principles of single-PVC for multiple services.

18.2.1 IntroductionThis topic describes the definition, purpose, specification, and limitation of single-PVC formultiple services.

Definition

Single-PVC for multiple services is a triple play mode in which a single PVC is adopted forcarrying multiple services from the access device to each DSL user terminal.

PurposeIn the case of single-PVC for multiple services, the DSL user terminal can be easily maintainedbecause only one PVC is created, and the DSL user terminal does not have to support the bindingbetween the PVC and the Ethernet port.

SpecificationThe MA5606T supports the following specifications of single-PVC for multiple services:

l Services can be differentiated by Ethernet encapsulation mode (IPoE/PPPoE).

l Services can be differentiated by VLAN IDs carried in the packets from the DSL userterminal.

l Services can be differentiated by 802.1p values carried in the packets from the DSL userterminal.

l Services can be differentiated by 802.1p values of Ethernet frames + VLAN ID.

l Services can be differentiated by Ethernet encapsulation type (IPoE/PPPoE) + VLAN ID.

l Each DSL user port supports up to eight different services.

LimitationAt a time, one DSL port supports only one mode in which multiple services are differentiated.

18.2.2 PrincipleThis topic describes the implementation principles of single-PVC for multiple services.

The Internet access service, VoIP and IPTV services are carried by a single PVC to the user.That is, each xDSL port is configured with only one PVC. At the network end, three VLANsare created for the upstream interface to carry different types of services.

l Figure 18-1 shows the implementation principles of single-PVC for multiple services ifthese services are differentiated by IPoE/PPPoE.


Feature Description


Issue 03 (2010-01-28)

Figure 18-1 Single-PVC for multiple services which are differentiated by IPoE/PPPoE

ADSL

PPPoE

ADSL0

ADSLNPPPoE

1PVC

1PVC

VideoVLAN

VoIPVLAN

GE/FE

VoIP trafficVideo trafficInternet traffic

MA5606T

Homegateway

LANSwitch BRAS

DHCP

DHCP

DHCP

DHCP

Router

InternetVLAN

PC

STB

Phone

PC

STB

Phone

VoIPVPN

VideoVPN

Router

Homegateway

– The home gateway is used for the DSL user terminal to integrate the three types of

services over a single PVC.– In general, the PC for the high-speed Internet access adopts PPPoE. The set top box

(STB) for the IPTV service and the Phone for the VoIP service adopt IPoE. The homegateway integrates the three types of services and sends the integrated services over asingle PVC to the MA5606T.

– According to the Ethernet encapsulation mode of the packets received, the MA5606Tdivides the service traffic in the single PVC to two different types of service traffic. Oneis the PPPoE service traffic and the other is the IPoE service traffic. Each type of servicetraffic goes to the upstream direction over a different VLAN.

– For an MA5606T, all the PPPoE service traffic goes to the upstream direction over aVLAN, and all the IPoE service traffic goes to the upstream direction over anotherVLAN.

l Figure 18-2 shows the implementation principles of single-PVC for multiple services ifthese services are differentiated by VLAN ID and 802.1p value carried in the packets fromthe DSL user terminal.



18-5

Figure 18-2 Single-PVC for multiple services which are differentiated by VLAN IDs and802.1p values

ADSL

PPPoE

ADSL0

ADSLNPPPoE

1PVC

1PVC

VideoVLAN

VoIPVLAN

GE/FE


MA5606THome

gateway

LANSwitch

BRAS

DHCP

DHCP

DHCP

DHCP

Router

InternetVLAN

PC

STB

Phone

PC

STB

Phone

VoIPVPN

VideoVPN

Router

Homegateway

– The home gateway adopts for the DSL user terminal to provide three Ethernet ports to

connect to the Phone for the VoIP service, the STB for the IPTV service, and the PCfor the high-speed Internet access. Each port is bound with a VLAN ID and a 802.1pvalue (That is, the data flow from the port is labeled with this VLAN ID and 802.1pvalue.) Then, the home gateway encapsulates the data flow into ATM cells, and sendsthem over a single PVC to the MA5606T for processing.

– The MA5606T decapsulates the ATM cells into the data flow, and divides the data flowinto three data flows according to the VLAN IDs and the 802.1p values carried in thedata flow. Then, the MA5606T maps the three services to three different upstreamVLANs according to the VLAN IDs and the 802.1p values.

– To differentiate services by VLAN IDs and the 802.1p values, make sure that the threeVLANs from the DSL user terminal (home gateway) of each MA5606T are different.

18.3 Multi-PVC for Multiple ServicesMulti-PVC for multiple services is a triple play mode in which multiple PVCs are adopted forcarrying multiple services from the MA5606T to each DSL user terminal. This topic providesintroduction to this feature and describes the principles of this feature.

18.3.1 IntroductionThis topic describes the definition, purpose, and specification of multi-PVC for multipleservices.

18.3.2 PrincipleThis topic describes the implementation principles of multi-PVC for multiple services.


Feature Description


Issue 03 (2010-01-28)

18.3.1 IntroductionThis topic describes the definition, purpose, and specification of multi-PVC for multipleservices.

Definition

Multi-PVC for multiple services is a triple play mode in which multiple PVCs are adopted forcarrying multiple services from the access device to each DSL user terminal.

PurposeThis triple play mode is compatible with the existing operations, administration and maintenance(OAM) system.

SpecificationThe MA5606T supports the following specifications of multi-PVC for multiple services:

l Each xDSL port supports up to eight PVCs.

l Each service board supports up to 512 PVCs.

18.3.2 PrincipleThis topic describes the implementation principles of multi-PVC for multiple services.

The Internet access services, VoIP and IPTV services are carried by different PVCs to the user.That is, each xDSL port is configured with at least three PVCs. At the network end, three VLANsare created for the upstream interface to carry different types of services.

Figure 18-3 shows the implementation principles of multi-PVC for multiple services.

Figure 18-3 Implementation principles of multi-PVC for multiple services

ADSL

PC

STB

Phone

DHCP/PPPoE

DHCP/PPPoE

PPPoE

ADSL0

ADSLN

DHCP/PPPoE

DHCP/PPPoE

PPPoE

3PVC

3PVC

GE


VideoVLAN

VoIPVLAN

InternetVLAN

MA5606TLAN

SwitchBRAS

PC

STB

Phone

VoIPVPN

VideoVPN

Router

Router

Homegateway

Homegateway



18-7

l The home gateway must be adopted for the DSL user terminal to provide three Ethernet

ports to connect to the Ephone for the VoIP service, the STB for the IPTV service, and thePC for the high-speed Internet access.

l Each Ethernet port is bound with a PVC (That is, the data flow from the port is labeled withthe VPI/VCI of this PVC). Then, the home gateway sends the data flow from this port tothe MA5606T over the PVC for processing.

l After receiving the packets from the PVC, the MA5606T converts them into the data flow,labels the data flow with a certain service VLAN, and then sends the labeled data flow tothe upper layer device.


Feature Description


Issue 03 (2010-01-28)

19 Ethernet Link Aggregation

About This Chapter

Ethernet link aggregation refers to aggregation of multiple Ethernet ports together to form a portto provide higher bandwidth and link security.

19.1 IntroductionThis topic describes the definition, purpose, specification, limitation, and availability of Ethernetlink aggregation.

19.2 PrincipleThis topic describes the implementation principles of the Ethernet link aggregation feature.

19.3 ReferenceThis topic describes the reference documents of Ethernet link aggregation.

SmartAX MA5606T Multi-service Access ModuleFeature Description 19 Ethernet Link Aggregation


19-1

19.1 IntroductionThis topic describes the definition, purpose, specification, limitation, and availability of Ethernetlink aggregation.

Definition

Ethernet link aggregation refers to aggregation of multiple Ethernet ports together to form a portto provide higher bandwidth and link security.

The Link Aggregation Control Protocol (LACP) based on IEEE802.3ad is a protocol forrealizing link aggregation. Using LACP, the Ethernet ports of different devices can beautomatically aggregated without interventions from the user, and the link layer failure of theports can be detected to implement link aggregation control.

IEEE 802.3ad is a standard related to Ethernet link aggregation. According to the configurationmodes, link aggregation is classified into the following types:

l Manual link aggregation

l Static link aggregation

l Dynamic link aggregation

Purpose

In manual link aggregation mode, because LACP is not used, the devices at both ends of a linkdo not thoroughly negotiate the aggregation with each other. In this case, they fail to control theaggregation accurately and effectively. In fact, they determine whether an aggregation isperformed according to the states (down and up) of the physical ports.

For example, if a user mistakenly connects a link to two ports on different devices, or two portsin the same device which cannot be aggregated, the system cannot detect this action. In addition,manual link aggregation works only in load sharing mode, and the applications of the manuallink aggregation are restricted.

Dynamic link aggregation features automatic link aggregation without manual intervention,which adds the plug-and-play function to a device. In actual applications, however, thisaggregation mode is too flexible to help users use this mode conveniently. For example, becausethe link aggregation group is created by a device dynamically, the LAG ID may change if thedevice restarts. As a result, the managing of devices becomes difficult.

Static link aggregation has the advantages of both manual link aggregation and dynamic linkaggregation. Therefore, this mode has the following features:

l Easy use and management

l Accurate and effective link control

The LAG and its member ports are manually managed. That is, a user controls the creation anddeletion of a LAG, as well as member ports' entry into or exit from the LAG. The device neitherautomatically performs these tasks nor modifies the configuration data of the user.

However, in a static LAG, the member ports may be in two states: selected and standby. Aselected port is an operating port which carries traffic. On the contrary, a standby port carriesno traffic. Therefore, not all the member ports in the static LAG work at the same time, and the

19 Ethernet Link AggregationSmartAX MA5606T Multi-service Access Module

Feature Description


Issue 03 (2010-01-28)

selected and standby states vary with the device operation and the change of externalenvironment. Therefore, static dynamic aggregation can be either load sharing aggregation ornon-load sharing aggregation.

The features as described herein are related to implementation of static link aggregation throughLACP.

Specification

The MA5606T supports the following link aggregation specifications:

l Up to 4 LAGs and up to eight physical ports in a LAG

l System priority: 0-65535

l Port priority: 0-32767

l Short period: 1-10 seconds (1 second by default)

l Long period: 20-40 seconds (30 seconds by default)

l The period of the time when the upstream port or subtending port is disabled fromtransmitting signals can be set. This improves the LACP switching performance.

Limitation

The Ethernet link aggregation of the MA5606T has the following limitations:

l Only the ports of the same type (including port type, operating mode, and rate) can beaggregated together to form a LAG.

l Dynamic link aggregation is not supported.


The control board (MCUA) of the MA5606T supports Ethernet link aggregation.

l License support

The Ethernet link aggregation feature is the basic feature of the MA5606T. Therefore, nolicense is required for accessing the corresponding service.MA5606T

19.2 PrincipleThis topic describes the implementation principles of the Ethernet link aggregation feature.

Principles for Implementing Manual Link Aggregation

This topic describes how to activate, modify, and deactivate manual link aggregation.

Figure 19-1 shows manual link aggregation involving two ports in the control board.



19-3

Figure 19-1 Manual link aggregation

Aggregation

MA5606T

Switch

MPW MCU

Two upstream ports of the MA5606T are aggregated together to form a LAG. The peer switchadds the two ports connected to the two aggregated ports into the LAG.

If the two ports of the MA5606T are in the normal state, the traffic between the MA5606T andthe switch is shared by the two links according to the source MAC address or the combinationof the source MAC address and the destination MAC address.

However, if a port of the MA5606T fails or the corresponding link fails, the control board of theMA5606T will not distribute traffic to the faulty port.

Principles for Implementing Static Link Aggregation

Static link aggregation adopts LACP which shall run between the devices. In this mode, a usermust configure a LAG, such as creating or deleting the LAG as well as member ports' entry intoor exit from the LAG.

In static link aggregation mode, LACP performs the following functions:

l Check and maintain the states (selected and standby) of the aggregation ports.

l Exchange the information on the states of the aggregation ports with the other connecteddevices.

LACP adopts LACP Data Units (LACPDUs) to exchange the aggregation information betweenthe devices so that the devices can reach an agreement on the aggregation.

Figure 19-2 shows static link aggregation between the MA5606T and the switch through LACP.


Feature Description


Issue 03 (2010-01-28)

Figure 19-2 Static link aggregation

Aggregation

MA5606T

Switch

MPW MCU

LACP

If a member port in the LAG is in the selected state, the traffic is distributed to this port. If theport is in the standby state, the traffic is not distributed to this port.

The selected and standby states are the states of the aggregation ports maintained at LACPprotocol layer, not the physical states of the ports. If the physical states of the ports change, thestates of the ports at the LACP protocol layer also change. For example, if an aggregation portfails, the state of the port at the LACP protocol layer will changes to the standby state.

Not only the state change of the physical port, but also the exchange of LACPDUs can result ina change in the state of the port at the LACP protocol layer. For example, when a port receivesa LACPDU from the peer end, its state may change.

Therefore, LACP can improve the link aggregation security by checking:

l The change in the states of the physical portsl Board failurel Port forwarding failurel The change in the states of the aggregation port at the peer end

LACP also supports such mechanisms as system priority, port priority, and short or long period.

l System priority

In LACP, the system priority is used for controlling the master/slave relation of theconnected devices. The slave device must select the selected port according to theselection result of the master device. Otherwise, the two devices cannot communicatewith each other.

l Port priority

Port priority is used for selecting the master port and the slave port.l Timeout

To guarantee the LACP check sensitivity, IEEE 802.3ad defines two timeouts: shorttimeout and long timeout. The two timeout values can be adjusted. A device cannot use



19-5

the short timeout to exchange information with the peer device unless the peer devicenotifies the device of using the short timeout. Otherwise, the device always uses thelong timeout to exchange and transmit information.The MA5606T supports the following timeout values:

– Short period: 1-10 seconds

– Long period: 20-40 seconds

19.3 ReferenceThis topic describes the reference documents of Ethernet link aggregation.

The following lists the reference documents of Ethernet link aggregation:

l IEEE 802.3ad Link Aggregation


Feature Description


Issue 03 (2010-01-28)

20 System Security

About This Chapter

System security refers to prevention of attacks to the system.

20.1 Introduction to System SecuritySystem security refer to prevention of attacks to the system. This topic provides introduction tothis feature and describes the principles and reference documents of this feature.

20.2 Anti-DoS AttackAnti-DoS attack means defensive measures taken by the MA5606T to control and limit thenumber of control packets from a user. This topic provides introduction to this feature anddescribes the principles and reference documents of this feature.

20.3 MAC Address FilteringMAC address filtering is a system security mechanism by which the MA5606T checks the sourceor destination MAC address of user packets. The source or destination MAC address cannot beeither the well-known MAC address or the MAC address of network equipment. This topicprovides introduction to this feature and describes the principles of this feature.

20.4 Firewall Black ListA firewall black list is an IP address list. The system filters the service packets whose source IPaddress is in the firewall black list. This enhances system security and network security. Thistopic provides introduction to this feature and describes the principles of this feature.

20.5 FirewallThe firewall feature enables the MA5606T to filter data packets based on an ACL rule. Thisprevents unauthorized users from accessing the MA5606T. This topic provides introduction tothis feature and describes the principles of this feature.

SmartAX MA5606T Multi-service Access ModuleFeature Description 20 System Security


20-1

20.1 Introduction to System SecuritySystem security refer to prevention of attacks to the system. This topic provides introduction tothis feature and describes the principles and reference documents of this feature.

20.1.1 IntroductionThis topic describes the definition, purpose, specification, and availability of system security.

20.1.2 PrincipleThe topic describes the operating principles of system security.

20.1.1 IntroductionThis topic describes the definition, purpose, specification, and availability of system security.

DefinitionThe MA5606T supports security settings to prevent attacks initiated by the network to theMA5606T itself and users in the network. The MA5606T supports the following securityfeatures:l Anti-Denial of Service (DoS) attack

l Anti-ICMP/IP attack

l Source route filtering

l MAC address filtering

l Firewall black list

l Firewall

l Configuration of acceptable/refused address segments

PurposeFigure 20-1 shows the system security application model of the MA5606T.

Figure 20-1 System security application model of the MA5606T

Broadband user

MA5606T Network device

Remote user

RG

Carrier's network

20 System SecuritySmartAX MA5606T Multi-service Access Module

Feature Description


Issue 03 (2010-01-28)

On an access network, the attacks might include the following modes:l A local user initiates attacks on the system.

l A local user initiates attacks on the network equipment.

l A remote user initiates attacks on local users.

l A remote user initiates attacks on the system.

This topic describes how the MA5606T protects itself from attacks initiated by a broadbanduser. Some features (such as the firewall feature) of the MA5606T can also prevent a remoteuser from attacking the system.

In addition, the MA5606T protects the network equipment from attacks. This helps guaranteethe security of the carrier's network.

Specification

The MA5606T supports the following system security specifications:l Anti-DoS attack





l Firewall



No additional hardware is required for supporting the system security feature.l License support

The system security feature is the basic feature of the MA5606T. Therefore, no license isrequired for accessing the corresponding service.

20.1.2 PrincipleThe topic describes the operating principles of system security.

l Anti-DoS attack

The MA5606T detects and controls the number of packets sent from a user to the CPUof the main control board. This avoids attacks on the CPU caused by an excessivelylarge number of packets.


The MA5606T identifies and discards the ICMP/IP packets with their destination IPaddresses the same as the IP address of the MA5606T.


The MA5606T identifies and discards the IP packets with specified source route options.



20-3


The MA5606T identifies and discards the packets with the specified source MAC/DMAC (Destination MAC) addresses.


The MA5606T filters the service packets with the source IP addresses in the firewallblack list.

l Firewall

The MA5606T filters data packets based on the ACL rule. This prevents unauthorizedusers from accessing the MA5606T.


The MA5606T checks if the IP address of a login user is in the acceptable addresssegments. This prevents users of unauthorized address segments from accessing theMA5606T.

20.2 Anti-DoS AttackAnti-DoS attack means defensive measures taken by the MA5606T to control and limit thenumber of control packets from a user. This topic provides introduction to this feature anddescribes the principles and reference documents of this feature.

20.2.1 IntroductionThis topic describes the definition, purpose, specification, and limitation of anti-DoS attack.

20.2.2 PrincipleThis topic describes the implementation principles of the anti-DoS attack feature.

20.2.1 IntroductionThis topic describes the definition, purpose, specification, and limitation of anti-DoS attack.

Definition

Anti-DoS attack means defensive measures taken by the MA5606T to control and limit thenumber of control packets from a user.

A DoS attack occurs when users send an excessively large number of control packets purposelyto the system to overload it.

PurposeA DoS attack:l Endangers the normal operation of the access system

l Prevents the system from receiving normal service requests from the legal users.

l Suspends the system

To protect the MA5606T, you can enable the MA5606T to limit the number of control packetsfrom a user. In this way, the MA5606T discards excessive control packets.


Feature Description


Issue 03 (2010-01-28)

For a user initiating DoS attacks, the MA5606T adds the user to the DoS attack black list andstops receiving control packets from the user.

For a user in the black list, the administrator can force the user to get offline.

SpecificationThe MA5606T supports the following anti-DoS attack specifications:

l Anti-DoS attacks in the form of various control packets such as:– PPPoE discovery packets– DHCP packets– ARP packets– ICMP packets– IGMP packets– PPP LCP packets– BPDU packets

l Up to 256 users in a DoS attack black list of DoS attack

l Report of an alarm when a DoS attack occurs or when it ends

LimitationFor the OPFA board, the MA5606T detects if a DoS attack occurs by checking the physical port.

20.2.2 PrincipleThis topic describes the implementation principles of the anti-DoS attack feature.

The MA5606T prevents DoS attacks in the following ways:l The MA5606T maintains a black list of DoS attackers. For the users in the DoS attack black

list, the administrator can force the user to get offline by deactivating the correspondingport or by other methods.

l With the anti-DoS attack switch enabled, the MA5606T detects if a DoS attack occurs andends in this way:– The MA5606T detects the packets from a user port to the control module. If the number

of packets exceeds the average number of control packets for normal services, theMA5606T confirms that a DoS attack occurs.

– When a DoS attack occurs from a user port, the MA5606T adds the port to the DoSattack black list, and discards the protocol packets from the port.

– When the MA5606T detects that the user stops DoS attacks, the MA5606T deletes theport from the DoS attack black list, and allows transmission of the packets to the controlmodule.

20.3 MAC Address FilteringMAC address filtering is a system security mechanism by which the MA5606T checks the sourceor destination MAC address of user packets. The source or destination MAC address cannot beeither the well-known MAC address or the MAC address of network equipment. This topicprovides introduction to this feature and describes the principles of this feature.



20-5

20.3.1 IntroductionThis topic describes the definition, purpose, specification, limitation, and availability of MACaddress filtering.

20.3.2 PrincipleThis topic describes the implementation principles of the MAC address filtering feature.

20.3.1 IntroductionThis topic describes the definition, purpose, specification, limitation, and availability of MACaddress filtering.

Definition

MAC address filtering is a system security mechanism by which the MA5606T checks the sourceor destination MAC address of user packets. The source or destination MAC address cannot beeither the well-known MAC address or the MAC address of network equipment.

Purpose

MAC address filtering is used to specify the source or destination MAC addresses not allowedfor user packets. This is to prevent users from forging the MAC address of network equipmentto attack the carrier's network.

Specification

The MA5606T supports filtering of four addresses or MAC address segments.

Limitation

The MAC address filtering and anti-MAC spoofing feature can be enabled at the same time. Ifboth are enabled, the feature of MAC address filtering has a higher priority.


No additional hardware is required for supporting the MAC address filtering feature.

l License supportThe MAC address filtering feature is the basic feature of the MA5606T. Therefore, nolicense is required for accessing the corresponding service.

20.3.2 PrincipleThis topic describes the implementation principles of the MAC address filtering feature.

The principle for implementing the MAC address filtering feature is as follows:

l To prevent a user from forging a MAC address of the network equipment, set the MACaddress as the one to be filtered.


Feature Description


Issue 03 (2010-01-28)

l When the user packets travel in the upstream direction, the MA5606T checks their sourceMAC address. If the source MAC address is the same as the MAC address configured atthe network end, the MA5606T discards these user packets.

20.4 Firewall Black ListA firewall black list is an IP address list. The system filters the service packets whose source IPaddress is in the firewall black list. This enhances system security and network security. Thistopic provides introduction to this feature and describes the principles of this feature.

20.4.1 IntroductionThis topic describes the definition, purpose, specification, and limitation of the firewall blacklist.

20.4.2 PrincipleThis topic describes the implementation principles of the firewall black list feature.

20.4.1 IntroductionThis topic describes the definition, purpose, specification, and limitation of the firewall blacklist.

DefinitionA firewall black list is an IP address list. The system filters the service packets whose source IPaddress is in the firewall black list. This enhances system security and network security.

PurposeFirewall black list is used to specify malicious users for preventing attacks on the MA5606T.

SpecificationThe MA5606T supports the following firewall black list specifications:

l Up to 2000 IP addresses can be manually configured in the firewall black list.

l When configuring the firewall black list, you can specify the aging time of an IP address.The duration is in the range of 1-1000 minutes. If the aging time is not specified, the IPaddress does not age.

LimitationAn ACL rule is applicable when the firewall black list feature is enabled. In this case, the ACLrule has a higher priority.

20.4.2 PrincipleThis topic describes the implementation principles of the firewall black list feature.

The principle for implementing the firewall black list feature is as follows:l For the packets with the source IP address specified in the firewall black list, the

MA5606T discards the packets.



20-7

l For the packets that match a specified ACL rule, if the rule allows the packets to passthrough, the MA5606T transmits the packets upstream even if the IP address is in thefirewall black list. If the rule forbids the packets to pass through, the MA5606T discardsthe packets.

20.5 FirewallThe firewall feature enables the MA5606T to filter data packets based on an ACL rule. Thisprevents unauthorized users from accessing the MA5606T. This topic provides introduction tothis feature and describes the principles of this feature.

20.5.1 IntroductionThis topic describes the definition, purpose, specification, and limitation of firewall.

20.5.2 PrincipleThis topic describes the implementation principles of the firewall feature.

20.5.1 IntroductionThis topic describes the definition, purpose, specification, and limitation of firewall.

Definition

The firewall feature enables the MA5606T to filter data packets based on an ACL rule. Thisprevents unauthorized users from accessing the MA5606T.

Purpose

An unauthorized users might access an MA5606T through its maintenance network port(outband) or service channel (inband) to configure the MA5606T illegally. This affects theoperation of the MA5606T and the carrier's network.

By setting the firewall, only authorized users can maintain the MA5606T through itsmaintenance network port (outband) or service channel (inband).

Specification

The MA5606T supports the following firewall specifications:l The firewall feature can be enabled on the maintenance network port and every VLAN

interface.l ACL rules used for filtering ingress and egress data packets can be configured respectively.

Limitation

The MA5606T firewall has the following limitations:

l The firewall feature enables the MA5606T to filter data packets based on ACL rules,provided that the rules exist. If the rules do not exist, the MA5606T transmits or discardsthe packets according to the default rule.

l The ACL rules applying to the firewall must be a basic ACL rule or an advance ACL rule.


Feature Description


Issue 03 (2010-01-28)

20.5.2 PrincipleThis topic describes the implementation principles of the firewall feature.

The principle for implementing the firewall feature is as follows:

1. If the firewall feature is enabled, when a user logs in to the MA5606T through itsmaintenance network port or a service channel, the MA5606T judges whether the user isallowed to access the system according to the configured ACL rules. If the user packets donot match the ACL rules, the MA5606T discards the packets.

2. An ACL rule specifies a group of IP addresses, protocol types, or ports allowed or forbiddento access the system.



20-9

21 User Security

About This Chapter

User security is a mechanism which guarantees the security of operation users and access users.

21.1 PITPThe Policy Information Transfer Protocol (PITP) is a protocol for transferring the policyinformation between the access equipment and the BRAS in an L2 P2P communication mode.PITP is used to transfer the information on a user's access location. This topic providesintroduction to this feature and describes the principles and reference documents of this feature.

21.2 DHCP option82DHCP option82 is similar to PPPoE+ as a user security mechanism. The information on a user'saccess location is added into the DHCP request packets initiated by a user for user authentication.This topic provides introduction to this feature and describes the principles and referencedocuments of this feature.

21.3 DHCP Sub-Option90DHCP Sub-Option90 cooperates with DHCP Option82. You can enable DHCP sub-Option90only when DHCP Option82 is enabled. This topic provides introduction to this feature anddescribes the availability, principle, implementation, and reference of this feature.

21.4 RAIOIn the case that PTIP and DHCP option82 are enabled, RAIO refers to the information on a user'saccess location provided by the MA5606T in the VBAS response packet, PPPoE discoverypacket and DHCP option82 packet for the BRAS to authenticate a user. This topic providesintroduction to this feature and describes the principles and reference documents of this feature.

21.5 IP Address BindingIP address binding indicates the binding between an IP address and a service port. TheMA5606T allows only the upstream packets with the source address the same as the one boundto pass through. This topic provides introduction to this feature and describes the principles andreference documents of this feature.

21.6 MAC Address BindingMAC address binding indicates the binding between a MAC address and a service port. Thus,only the packets with the specified MAC address can be transmitted over the network. This topicprovides introduction to this feature and describes the principles and reference documents ofthis feature.

SmartAX MA5606T Multi-service Access ModuleFeature Description 21 User Security


21-1

21.7 VMACVirtual MAC (VMAC) is the source MAC address allocated by the access device. In transmissionof the user packets, the access device replaces the source MAC address of the user packets withthe VMAC address. This topic provides introduction to this feature and describes the principlesand reference documents of this feature.

21.8 SMACThe SMAC feature, also known as the PPPoE single-MAC, is one of the security featuressupported by the MA5606T. This topic provides the definition, principles, and reference of theSMAC feature.

21.9 Anti-MAC SpoofingAnti-MAC spoofing attack means the system takes measures to prevent a user from attackingthe system using a forged MAC address. This topic provides introduction to this feature anddescribes the principles and reference documents of this feature.

21.10 Anti-IP SpoofingAnti-IP spoofing attack is a user security mechanism in which the system takes measures toprevent a user from attacking the system using a forged IP address. This topic providesintroduction to this feature and describes the principles and reference documents of this feature.

21 User SecuritySmartAX MA5606T Multi-service Access Module

Feature Description


Issue 03 (2010-01-28)

21.1 PITPThe Policy Information Transfer Protocol (PITP) is a protocol for transferring the policyinformation between the access equipment and the BRAS in an L2 P2P communication mode.PITP is used to transfer the information on a user's access location. This topic providesintroduction to this feature and describes the principles and reference documents of this feature.

21.1.1 IntroductionThis topic describes the definition, purpose, specification, limitation, and availability of PITP.

21.1.2 PrincipleThis topic describes the implementation principles of the PITP feature.

21.1.3 ReferenceThis topic describes the reference documents of PITP.

21.1.1 IntroductionThis topic describes the definition, purpose, specification, limitation, and availability of PITP.

Definition

The Policy Information Transfer Protocol (PITP) is a protocol for transferring the policyinformation between the access equipment and the BRAS in an L2 P2P communication mode.PITP is used to transfer the information on a user's access location. PITP, namely, Relay AgentInformation Option (RAIO), involves:l PPPoE+ mode (P mode for short)

In this mode, the MA5606T adds a user's port information to the PPPoE Discovery packetfor the BRAS to authenticate the user.

l Virtual Broadband Access Server (VBAS) mode (V mode for short)In this mode, the BRAS initiates the query of a user's port information from theMA5606T.

PurposeFor the MA5606T, PITP provides the upper layer authentication server (such as BRAS) withthe information about the ports of users. After the BRAS obtains the port information, itauthenticates the binding of the user account with the access port to avoid theft and roaming ofuser accounts.

Specification

PITP supports two modes: P mode (PPPoE+) and V mode (VBAS).

PITP takes effect only when it is enabled in all the following levels:l Global level

l Port level

l Service port level



21-3

LimitationThe MA5606T PITP has the following limitations:

l Only one PITP mode can be enabled at a time.

l The V mode protocol type cannot be the standard Ethernet protocol type.

l The V mode Ethernet protocol type cannot be configured in PITP V mode. To modify thedefault VBAS protocol type, disable V mode first.


No additional hardware is required for supporting the PITP feature.l License support

The PITP feature is the basic feature of the MA5606T. Therefore, no license is requiredfor accessing the corresponding service.

21.1.2 PrincipleThis topic describes the implementation principles of the PITP feature.

Implementation of V Mode

Figure 21-1 shows the PPPoE dialup process in PITP V mode.

Figure 21-1 PPPoE dialup process in PITP V mode

User MA5606T BRAS RADIUS Server

1 PADI

2 PADO

3 PADR

4 PADS

6 VBAS response packet

5 VBAS request packet

Session

7 LCP negotiation

8 Authenticationpacket 9 Request packet

with user portinformation

10 Accessaccepted packet

11 Authenticationpass packet

12 Data transmission

Discovery


Feature Description


Issue 03 (2010-01-28)

After the PITP V mode is enabled, the PPPoE dialup process is as follows: (The words in bluein the above figure also describe this process.)

1. After the PPPoE discovery stage, the BRAS sends VBAS request packets to theMA5606T for the physical location of the user.

2. After receiving the request packets, the MA5606T searches the user's access locationinformation (shelf/slot/port number) according to the MAC address and VLAN informationcontained in the request packets.

3. If finding the information, the MA5606T adds it to the VBAS response packets and thensends the packets to the BRAS. If not, the MA5606T does not respond.

VBAS Packet Format

Figure 21-2 shows the format of a VBAS packet.



21-5

Figure 21-2 VBAS packet format

# 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

# + - +- +- +- +- +- +- +- +- +-+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+- +- +- +- +- +

# | Version | Reserve |

# + - +- +- +- +- +- +- +- +- +-+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+- +- +- +- +- +

# | Trans Info Type | Oper Type | Oper Result |

# + - +- +- +- +- +- +- +- +- +-+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+- +- +- +- +- +

# | Session ID |

# + - +- +- +- +- +- +- +- +- +-+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+- +- +- +- +- +

# | Addr Len | Info Len | IF Type |

# + - +- +- +- +- +- +- +- +- +-+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+- +- +- +- +- +

# | Src Addr |

# + - +- +- +- +- +- +- +- +- +-+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+- +- +- +- +- +

# | Src Addr | Src Vlan |

# + - +- +- +- +- +- +- +- +- +-+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+- +- +- +- +- +

# | Src Port | Dst Addr |

# + - +- +- +- +- +- +- +- +- +-+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+- +- +- +- +- +

# | Dst Addr |

# + - +- +- +- +- +- +- +- +- +-+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+- +- +- +- +- +

# | Dst Vlan | Dst Port |

# + - +- +- +- +- +- +- +- +- +-+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+- +- +- +- +- +

# | User Info Len | ~~~

# + - +- +- +- +- +- +- +- +- +-+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+ -+- +- +- +- +- +

The Ethernet protocol type of a VBAS packet is configurable. By default, it is 0x8200. Table21-1 lists the meaning of each field in a VBAS packet.

Table 21-1 Fields of a VBAS packet

Field Meaning

Version One byte. It is 1 for both request and response packets.

Reserve Three bytes.


Feature Description


Issue 03 (2010-01-28)

Field Meaning

Trans Info Type Two bytes. It is 1 for both request and response packets. Itindicates the type of physical port information. This field willbe extended with other information later.

Oper Type One byte. It is:l 1 for a request packet.

l 2 for a response packet.

Oper Result One byte. It is:l 0 for a request packet.

l 0 for a successful response packet.

l 1 if a packet cannot be identified.

l 2 if a destination VLAN does not exist.

l 3 if a destination MAC address does not exist.

For simplifying process, the MA5606T does not send anyresponse packet if the port information of a user cannot befound.

Session ID Four bytes. This field is filled by the BRAS and it must beconsistent in a request packet and in the associated responsepacket.

Addr Len Length of the hardware address. 1 byte. It is 6 for both requestand response packets.

Info Len One byte. It is 4 for both request and response packets.

IF Type Interface type with two bytes. It is:l 0 for a request packet.

l 15 for an Ethernet port and 16 for an xDSL port in a responsepacket.

Src Addr Four bytes. It is:l The MAC address of the BRAS for a request packet.

l The MAC address of the queried user for a response packet.

Src Vlan Two bytes. It is:l The VLAN ID contained in the PPPoE discovery packet for

a request packet. If no VLAN ID is available, this field isfully filled with Fs.

l The F/S/P value of 4/4/8 bits for a response packet. TheMA5606T fills the information of the 16 bits in this fieldand does not truncate the last 12 bits. The BRAS uses onlythe last 12 bits.

Src Port Two bytes. This field is not used.



21-7

Field Meaning

Dst Addr Six bytes. It is:l The MAC address of the queried user for a request packet.

l The MAC address of the BRAS for a response packet.

Dst Vlan Two bytes. This field is the same as the source VLAN ID in arequest packet.

Dst Port Two bytes. This field is not used.

User Info Len One byte. It is:l Invalid for a request packet.

l The length of the character string of the user portinformation for a response packet. The length is changeable,and the character string concerns the information on a user'saccess location, namely, the RAIO information.

The format varies with different modes. For details, see thesection "21.4 RAIO."

Implementation of P Mode

Figure 21-3 shows the PPPoE dialup process in PITP P mode.

Figure 21-3 PPPoE dialup process in PITP P mode

MA5606T BRAS RADIUS Server

1 PADI

PADO+Tag

3 PADR

PADS+Tag

PADI+Tag

2 PADO

PADR+Tag

4 PADS

User

Session

5 LCP negotiation

6 Authenticationpacket 7 Request packet

with user portinformation

10 Accessaccepted packet9 Authentication

pass packet

10 Data transmission

Discovery


Feature Description


Issue 03 (2010-01-28)

In PITP P mode, the MA5606T adds the information on a user's access location into PPPoEdiscovery packets for user authentication at the upper layer server.

The difference of PPPoE dialup between the case that P mode is enabled and that P mode isdisabled lies in (The words in blue in the above figure also describe this process.):l At the PPPoE discovery stage, the PPPoE packets sent between the MA5606T and the

BRAS contain the information on a user's access location. The MA5606T receives thePPPoE packets from a user and adds the access location information into the packets. Afterthat, it forwards the packets to the BRAS. Upon receiving the PPPoE packets containingthe access location information from the BRAS, the MA5606T extracts the informationand then forwards the packets to the user.

NOTE

Note that the packets from the BRAS do not necessarily contain the information on a user's accesslocation.

l If the PPPoE user needs to be authenticated on the RADIUS server, the BRAS extracts theaccess location information from the PPPoE packets from the MA5606T and then adds theinformation into the authentication request packets for authentication.

Packet Format in P Mode

Figure 21-4 shows the format of a packet in P mode.

Figure 21-4 Packet format in P mode

0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

+ -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

| VER | TYPE | CODE | SESSION_ID |

+ -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

| LENGTH | PAYLOAD ~

+ -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Figure 21-5 shows the format of a PPPoE payload field.

Figure 21-5 PPPoE payload field format

0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

+ -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-

| TAG_TYPE | TAG_LENGTH |

+ -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-

| TAG_VALUE ... ~

+ -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-



21-9

Table 21-2 lists the meaning of each field in a PPPoE packet.

Table 21-2 Fields of a PPPoE packet

Field Meaning

VER It is 1.

TYPE It is 1.

CODE This field indicates the packet type at the PPPoE discoverystage. The correlation between this field and the packet typeis as follows:l PADI: 0x09

l PADO: 0x07

l PADR: 0x19

l PADS: 0x65

l PADT: 0xa7

SESSION_ID The session ID is obtained through the negotiation betweenthe user and the BRAS.

LENGTH The length of the PPPoE load.

PAYLOAD This field is represented in a format of type-length-value.Figure 21-5 shows the format of this field.

Figure 21-6 shows the format of the vendor tag (PPPoE+ tag) specified by the forum.

Figure 21-6 Vendor tag format

+ ---- ---------- + -------------- + -------------- + -------------- +

| 0x0105 (Vendor- Specific) | TAG_LENGTH |

+ -------------- + -------------- + -------------- + -------------- +

| 0x00000DE9 (3561 decimal, i.e.“ ADSL Forum ” IANA entry) |

+ -------------- + -------------- + -------------- + -------------- +

| 0x01 | length | Agent Circuit ID value... |

+ -------------- + -------------- + -------------- + -------------- +

| Agent Circuit ID value (con ’ t) |

+ -------------- + -------- ------ + -------------- + -------------- +

| 0x02 | length | Agent Remote ID value... |

+ -------------- + -------------- + -------------- + -------------- +

| Agent Remote ID value (con ’ t) |

+ -------------- + -------------- +-- ------------ + -------------- +


Feature Description


Issue 03 (2010-01-28)

The MA5606T supports the vendor tags in different formats. For details, see the section "21.4RAIO."

21.1.3 ReferenceThis topic describes the reference documents of PITP.

The following lists the reference documents of PITP:

l RFC2516, "PPP Over Ethernet"

21.2 DHCP option82DHCP option82 is similar to PPPoE+ as a user security mechanism. The information on a user'saccess location is added into the DHCP request packets initiated by a user for user authentication.This topic provides introduction to this feature and describes the principles and referencedocuments of this feature.

21.2.1 IntroductionThis topic describes the definition, purpose, specification, and availability of DHCP option82.

21.2.2 PrincipleThis topic describes the implementation principles of the DHCP option82 feature.

21.2.3 ReferenceThis topic describes the reference documents of DHCP option82.

21.2.1 IntroductionThis topic describes the definition, purpose, specification, and availability of DHCP option82.

Definition

DHCP option82 is similar to PPPoE+ as a user security mechanism. The information on a user'saccess location is added into the DHCP request packets initiated by a user for user authentication.

Purpose

DHCP option82 enables the DHCP request packets to carry the information on a user's accesslocation for user authentication.

Specification

DHCP option82 takes effect only when it is enabled at all the following levels:

l Global level

l Port level

l Service port level



21-11


No additional hardware is required for supporting the DHCP Option82 feature.l License support

The DHCP Option82 feature is an optional feature of the MA5606T. Therefore, the licenseis required for accessing the corresponding service.

21.2.2 PrincipleThis topic describes the implementation principles of the DHCP option82 feature.

PrincipleFigure 21-7 shows the DHCP process when DHCP option82 is enabled.

Figure 21-7 DHCP process with DHCP option82 enabled

User MA5606T

Discovery

Offer

Release

Data transmission

DHCP Relay Agent/DHCP Server

Discovery+Option82

Offer(+Option82)

Request

ACK

Request+Option82

ACK(+Option82)

The principle of DHCP option82 is similar to that of PPPoE+. The difference lies in that whena user requests for configuration, the MA5606T adds the information on the user's access locationinto the DHCP request packets from the user for authentication at the upper layer.

DHCP option82 Packet Format

For DHCP option82, you need to concern only about the option field in a DHCP packet, whichis detailed in this topic.

This field length is changeable. This field contains the following initial configurations forterminals and network configurations:l IP features


Feature Description


Issue 03 (2010-01-28)

l Domain name

l Specific information for identifying a terminal

l IP address of the default gateway

l IP address of the default gateway

l IP address of the WINS server

l A user's valid lease term for an IP address

Figure 21-8 shows the format of a DHCP option82 field.

Figure 21-8 Format of a DHCP option82 field

Code Len Agent Information Field

+ ------ + ------ + ------ + ------ + ------ +| 82 | N | i1 | i2 | i3 | i4 | | iN |

+ ------ + ------ + --- --- + ------ + ------ +

Table 21-3 lists the meanings of each field in a DHCP option82 packet.

Table 21-3 Fields of a DHCP option82 packet

Field Meaning

Code One byte. This field is in the CLV format, used to uniquelyidentify the following information.

Len 1 byte. This field indicates the length of the followinginformation.

Agent Information Field This field indicates the information in bytes. The length isspecified by the length field.

option82 contains multiple sub options, which are contained in the value filed of option82.

Figure 21-9 shows the format of each sub option.

Figure 21-9 Sub options of DHCP option82

SubOpt Len Sub- option Value

+ ------ + ------ + ------ + ------ + ------ + ------

| s1 | s2 | s3 | s4 | | sN |

+ ------ + ------ + ------ + ------ + ------ + ------

1 N

The two major sub options of option82 are:l Circuit ID (CID)



21-13

This sub option is used to identify the local circuit identifier of DHCP proxy for receivingDHCP packets from a user. This field might contain router interface No. and ATM PVCNo. The identifier is 1.

l Remote ID (RID)

This sub option is used to identify the remote host of a circuit. This field might contain theATM address of a remote incoming and the modem ID. The identifier is 2.

The MA5606T supports option82 in different formats. For details, see the section "21.4RAIO."

21.2.3 ReferenceThis topic describes the reference documents of DHCP option82.

The following lists the reference documents of DHCP option82:

l RFC1531, "Dynamic Host Configuration Protocol"

l RFC3046, "DHCP Relay Agent Information Option"

21.3 DHCP Sub-Option90DHCP Sub-Option90 cooperates with DHCP Option82. You can enable DHCP sub-Option90only when DHCP Option82 is enabled. This topic provides introduction to this feature anddescribes the availability, principle, implementation, and reference of this feature.

21.3.1 IntroductionThis topic describes the definition, purpose, specification, limitations, glossary, and alsoacronyms and abbreviations related to the DHCP Sub-Option90 feature.

21.3.2 PrinciplesThis topic describes the operating principles of the DHCP Sub-Option90.

21.3.3 ReferenceThis topic describes the reference documents of the DHCP sub-option90 feature.

21.3.1 IntroductionThis topic describes the definition, purpose, specification, limitations, glossary, and alsoacronyms and abbreviations related to the DHCP Sub-Option90 feature.

Definition

DHCP Sub-Option90 cooperates with DHCP Option82. You can enable DHCP sub-Option90only when DHCP Option82 is enabled. Fill the DHCP request packet initialized by the user withthe port mode, single-PVC multi-VLAN type, and user encapsulation type, to cooperate userauthentication of the upper layer server.

Purpose

In the DHCP request packet, carry the service port mode, single-PVC multi-VLAN type anduser encapsulation type.


Feature Description


Issue 03 (2010-01-28)

SpecificationsDHCP Sub-Option90 is a global switch. The system adds the Sub-Option90 information to theupstream DHCP packet only when DHCP Option82 and DHCP Sub-Option90 are enabled.

GlossaryNone

Acronyms and AbbreviationsNone

21.3.2 PrinciplesThis topic describes the operating principles of the DHCP Sub-Option90.

Basic PrinciplesFigure 21-10 shows the DHCP process when the DHCP Sub-Option90 is enabled.

Figure 21-10 DHCP process when the DHCP Sub-Option90 is enabled

User MA5606T

Discovery

Offer

Release

Data transmission

DHCP relay agent/DHCP server

Discovery + Option90

Offer (+Option90)

Request

ACK

Request + Option90

ACK (+Option90)

The DHCP Sub-Option90 is valid only when the DHCP Option82 is enabled. When the userapplies the DHCP Sub-Option90 configuration, the Sub-Option90 information is added in theDHCP packet that is sent from the user side to the upper layer server for authentication. Otherconfiguration process is the same as common DHCP process.

DHCP Sub-Option90 Packet FormatThe option (variable length) field includes the port mode, single-PVC multi-VLAN mode, anduser encryption mode.

Figure 21-11 shows the subitem format of the DHCP Sub-Option90.



21-15

Figure 21-11 Subitem format of the DHCP Sub-Option90

+ --------------------+ -----------------+ ----------------+ ----------------+ ---------------------+

+ -------------------+ ----------------- + ----------------+ ----------------+ ---------------------+

|Sub-option type| Length | Data link | Encaps 1 | Encaps 2 |

| 0x90 | 0x03 | 1 byte | 1 byte | 1 byte |

Table 21-4 shows the details of each field in the DHCP Sut-Option90 packet.

Table 21-4 Details of each field in the DHCP Sut-Option90 packet

Field Description

DataLink It indicates that the port mode is ATM or Ethernet. When theport type is ATM, this field is 0. When the port type is Ethernet,this field is 1.

Encaps1 It indicates whether the packet is single-PVC multi-VLAN.When the packet is encapsulated with VLAN TAG, this fieldis 1. When the packet is not encapsulated, and is UNTAG, thisfield is 0.

Encaps2 It indicates the encapsulation type of the user. When theencapsulation fails, this field is 0. When the encapsulation typeis LLC-PPPOA, this field is 1. When the encapsulation type isVC-PPPOA, this field is 2. When the encapsulation type isLLC-IPOA, this field is 3. When the encapsulation type is VC-IPOA, this field is 4. When the encapsulation type is LLC-Bridge, and the FCS check is enabled, this field is 5. When theencapsulation type is LLC-Bridge, and the FCS check is notenabled, this field is 6. When the encapsulation type is VC-Bridge, and the FCS check is enabled, this field is 7. When theencapsulation type is VC-Bridge, and the FCS check is notenabled, this field is 8.

NOTE

The MA5606T does not support FCS check.

21.3.3 ReferenceThis topic describes the reference documents of the DHCP sub-option90 feature.


l RFC1531, "Dynamic Host Configuration Protocol"

l RFC3046, "DHCP Relay Agent Information Option"


Feature Description


Issue 03 (2010-01-28)

21.4 RAIOIn the case that PTIP and DHCP option82 are enabled, RAIO refers to the information on a user'saccess location provided by the MA5606T in the VBAS response packet, PPPoE discoverypacket and DHCP option82 packet for the BRAS to authenticate a user. This topic providesintroduction to this feature and describes the principles and reference documents of this feature.

21.4.1 IntroductionThis topic describes the definition, purpose, specification, and availability of RAIO.

21.4.2 PrincipleThis topic describes the implementation principles of the RAIO feature.

21.4.3 ReferenceThis topic describes the reference documents of RAIO.

21.4.1 IntroductionThis topic describes the definition, purpose, specification, and availability of RAIO.

Definition

In the case that PTIP and DHCP option82 are enabled, RAIO refers to the information on a user'saccess location provided by the MA5606T in the VBAS response packet, PPPoE discoverypacket and DHCP option82 packet for the BRAS to authenticate a user.

Purpose

RAIO indicates the access location of a user, which is provided by the MA5606T to the BRAS,and based on which the BRAS authenticates the user.

Specification

RAIO contains the PITP tag and DHCP option82 tag. Because RAIO has not standardized yet,the formats required by different carriers vary. Hence, multiple RAIO modes are provided tomeet different carriers' needs.

The RAIO modes are:l common

l xdsl-port-rate

l cbtel

l ti

l neuf

l port-userlabel

l service-port-userlabel

l dslforum-default

l brt



21-17

l user-defined

l ft


No additional hardware is required for supporting the RAIO feature.l License support

The RAIO feature is the basic feature of the MA5606T. Therefore, no license is requiredfor accessing the corresponding service.

21.4.2 PrincipleThis topic describes the implementation principles of the RAIO feature.

The following describes the RAIO modes, and the fields of each mode.

Common

l CID: In general, this field is used to identify the attributes of a device (global information).The format varies with the access mode. Table 21-5 shows the CID formats in variousaccess modes.

Table 21-5 CID formats in various access modes

Access Mode CID Format

ATM port Device name atm shelf No./slot No./sub slot No./port No.:vpi.vci

VDSL/LAN access Device name eth shelf No./Slot No./Sub Slot No./Port No.:User's VLAN ID

xPON Device name xpon shelf No./Slot No./Sub Slot No./PortNo.: gemport.ontid.vlanid

– If the device name field is the default name MA5606T, the MAC address of theMA5606T is entered in this field. The format is 00E0FC000001 in upper case.

– If the device name is not MA5606T, the actual name of the device is used to fill thedevice name field.

l RID: In general, this field is used to identify the access information of a user (localinformation). The format can be customized. For the MA5606T, this field is null, whichmeans the RID sub option contains only the Code and Len fields.

The following is an example of RAIO field in common mode:l CID --------> 00E0FC112233 atm 0/12/0/49:0.35

l RID --------> NULL

xDSL Port Rate


Feature Description


Issue 03 (2010-01-28)

In this mode, this field for upstream/downstream ADSL activation rate is added at the end ofthe CID default format. Currently, only the ADSL2+ board supports this mode.

The RAIO field in this mode is as follows:

"AccessNodeIdentifier {atm|eth} frame/slot/subslot/port[:vpi.vci|vlan]%Up:xxxkbpsDowm:xxxkbps"l %: Information identifier, which indicates the information after is the activation rate.

l XXX: Indicates the ADSL activation rate in the unit of kbps.

l Up: Indicates the upstream activation rate.

l Down: Indicates the downstream activation rate.

The following is an example of RAIO field in xDSL port rate mode:l CID ----> 00E0FC112233 atm 0/12/0/49:0.35%Up:1020kbps Down:24540kbps

l RID ----> NULL

Port-userlabel

In this mode, the CID field carries a customized description of a user's access location, besidesthe description contained in common mode. The RID field also needs to carry the customizeddescription (Label), the length of which is up to 32 bytes.

The following is an example of RAIO field in port-userlabel mode:l CID ----> 00E0FC112233 atm 0/12/0/49:0.35 075528978944

l RID ----> 075528978944

Service-port-userlabel

The CID field supports ATM/ETH/xPON access. The RID field carries the information on auser's flow.

Table 21-6 lists the RAIO fields in service-port-userlabel mode.

Table 21-6 RAIO fields in service-port-userlabel mode

Field Access Mode CID Format

CID ATM <Access-Node-Identifier> atm slot/port:vpi.vci

ETH VLAN-based multi-service: <Access-Node-Identifier> ethslot/port:flowparaOthers: <Access-Node-Identifier> eth slot/port:vlanid

XPON VLAN-based multi-service: <Access-Node-Identifier>xpon frame/slot/0/port:gemport.ontid.flowpara

Others: <Access-Node-Identifier> xpon frame/slot/0/port:gemport.ontid.vlanid

RID - description-of-flow-label (flow information)



21-19

Dslforum-default

It is the default mode specified by the DSL forum. CID supports ATM/ETH/xPON access. TheRID field is null.

Table 21-7 lists the RAIO fields in dslforum-default mode.

Table 21-7 RAIO fields in dslforum-default mode

Field Access Mode Format

CID ATM <Access-Node-Identifier> atm slot/port:vpi.vci

ETH VLAN-based multi-service: <Access-Node-Identifier> ethslot/port:flowparaOthers: <Access-Node-Identifier> eth slot/port:vlanid

XPON VLAN-based multi-service: <Access-Node-Identifier>xpon frame/slot/0/port:gemport.ontid.flowparaOthers: <Access-Node-Identifier> xpon frame/slot/0/port:gemport.ontid.vlanid

User-defined

This mode allows a user to specify the format of the CID/RID string. The following describesthe syntax of user-defined mode.l Only the resolution of keyword sets and separator sets that have been defined in the

MA5606T is supported. The keyword sets involve the minimum sets of keywords definedby TR-101 and the IAS extended keyword sets. For details, see Table 21-8.

l Maximum width

The maximum number of columns occupied by the pertaining data of a keyword. Notethat the maximum width defined in the MA5606T is greater than that specified by therecommendations. This is because certain manufacturers require more width. The nameof an access node, namely ANID, has a maximum width of 50 bytes, which is limitedby the maximum length of the system name.

l Configurable width

The maximum number of columns occupied by the pertaining data of a keyword canbe configured. This applies to the case that the number of columns occupied does notreach the configured width and 0 is added in front of the keyword. The syntax is keyword0m. m indicates the number of columns occupied. For example, slot03 indicates thisfield length of keyword slot is 3. If the length does not reach 3, add 0. In this way, ifthe slot number is 2, it is represented by 002 in a packet.Note that m must be lower than the maximum width. If the number of columns occupiedby the data is greater than m, output the actual number of columns.


Feature Description


Issue 03 (2010-01-28)

Table 21-8 User-defined keywords

Keyword Description Configurable Width* MaximumWidth**

ANID Name of the access node No 63

ATM ATM access No 3

ETH ETH access No 3

XPON XPON access No 4

Chassis Chassis No. of the accessnode

Yes 4

Rack Rack No. of the access node Yes 4

Frame Shelf No. Yes 4

Slot Slot No. Yes 4

Subslot Sub slot No. Yes 4

Port Port No. Yes 4

VPI The applicable access modeis ATM. This VPI is the VPIof a user.

Yes 4

VCI The applicable access modeis ATM. The VCI is the VCIof a user.

Yes 5

VLANID It indicates the VLAN ID atthe user side if the servicecarried by the service port isdifferentiated by such aVLAN ID. In other cases, itindicates the VLAN ID at thenetwork side.

Yes 4

Gemport The applicable access modeis GPON. It indicates the userport No.

Yes 4

OntID The applicable access modeis GPON. It indicates theONT ID.

Yes 4

OnuID The applicable access modeis GPON. It indicates theONU ID.

Yes 4



21-21


Priority For the L2 PPPoE and DCHPoption82., it is the priority ofa traffic profile configured ona service port connected tothe user. For PPPoA-to-PPPoE, the priority is always6. For L3 DHCP option82,the priority is always 2.

Yes 4

Plabel Label of a user port. No 32

SPlabel Label of a service port. No 63

Bslot BRAS slot No. Yes 4

Bsubslot BRAS sub slot No. Yes 4

Bporttype BRAS access mode Yes 4

XPI The attribute of a VLAN atthe network side is stacking.XPI indicates the VLAN IDat the network side.

Yes 4

The attribute of a VLAN atthe network side is notstacking.XPI is always 4096.

XCI The attribute of a VLAN atthe network side is stacking.The label of a service port.

Yes 5

The attribute of a VLAN atthe network side is notstacking.The VLAN ID at the networkside.

AXPI AtmVPI

Yes 4

eth and xponVLAN ID at the network side

AXCI AtmVCI

Yes 5


Feature Description


Issue 03 (2010-01-28)


eth and xponThe attribute of a VLAN atthe network side is stacking.If the services borne on theservice port are differentiatedby VLAN ID at the user side,AXCI indicates the VLANID at the user side. If not,AXCI indicates the label ofthe service port.The attribute of a VLAN atthe network side is notstacking. If the servicesborne on the service port aredifferentiated by VLAN IDat the user side, AXCIindicates the VLAN ID at theuser side. If not, AXCI isalways 4096.

UpRate Upstream activation rate ofan xDSL line. The unit iskbps.

Yes 6

DnRate Downstream activation rateof an xDSL line. The unit iskbps.

Yes 6

0002 Fixed port value required byNeuf

No 4

GE Fixed access mode requiredby Neuf.

No 2

l If a user defines the RAIO format based on the CID, the format string must contain thename of the access node, namely, the ANID.

l The keyword of interface type is used to identify the type of different interfaces.

l The format string is not allowed to contain the keywords applicable to different types ofinterfaces. For example, the string cannot contain keywords VPI or Gemport concurrently,or Eth or VCI concurrently.

l If the interface type is not specified, the pertaining CID/RID field of the interface is null.

l The separators indicate the pertaining symbols when a user input the RAIO string. Thesymbols are added to the CID/RID field. Table 21-9 shows the RAIO separators definedin the MA5606T.



21-23

Table 21-9 User-defined separators

Separator Symbol

Space Space " "

. Period "."

: Colon ":"

/ Forward slash "/"

- Hyphen "-"

% per cent "%"

l Other rules

– A string of 1-127 characters; lower case.

– The CID string must contain the ANID.

– The ANID must be in front of the keyword of interface type.

– All separators in front of the keyword ANID contained in the CID string, and the RAIOseparators (if any) of the system name represented by ANID, and the one separator afterANID serve as the basis for downstream packets to identify ANID.

The following is an example of the RAIO field in user-defined mode.

Assume that:l System name: DSLAM01

l Slot No.: 3

l Port No.: 15

l VPI: 0

l VCI: 35

l Priority: 6

The user-defined CID string is: anid atm slot/port:vpi.vci%priority

The final string is: dslam01 atm 3/15:0.35%6

21.4.3 ReferenceThis topic describes the reference documents of RAIO.

The following lists the reference documents of RAIO:l RFC3046, "DHCP Relay Agent Information Option"

l DSL Forum, TR-101, "Migration to Ethernet-Based DSL Aggregation"

21.5 IP Address BindingIP address binding indicates the binding between an IP address and a service port. TheMA5606T allows only the upstream packets with the source address the same as the one bound


Feature Description


Issue 03 (2010-01-28)

to pass through. This topic provides introduction to this feature and describes the principles andreference documents of this feature.

21.5.1 IntroductionThis topic describes the definition, purpose, specification, and availability of IP address binding.

21.5.2 PrincipleThis topic describes the implementation principles of the IP address binding feature.

21.5.1 IntroductionThis topic describes the definition, purpose, specification, and availability of IP address binding.

Definition

IP address binding indicates the binding between an IP address and a service port. TheMA5606T allows only the upstream packets with the source address the same as the one boundto pass through.

PurposeThe IP address binding feature guarantees the authentication security and carriers' profits.

SpecificationThe MA5606T supports the following IP address binding specifications:

Static binding. The system supports binding of up to 1024 traffic streams. Each traffic streamcan be bound with 1-8 IP addresses.


No additional hardware is required for supporting the IP address binding feature.l License support

The IP address binding feature is the basic feature of the MA5606T. Therefore, no licenseis required for accessing the corresponding service.

21.5.2 PrincipleThis topic describes the implementation principles of the IP address binding feature.

After a service port is bound with an IP address, the service forwarding module checks the sourceIP address of user packets. If the address is not the same as that bound with the port, theMA5606T discards the packets. Otherwise, the MA5606T allows the packets to pass through.

21.6 MAC Address BindingMAC address binding indicates the binding between a MAC address and a service port. Thus,only the packets with the specified MAC address can be transmitted over the network. This topicprovides introduction to this feature and describes the principles and reference documents ofthis feature.



21-25

21.6.1 IntroductionThis topic describes the definition, purpose, specification, and availability of MAC addressbinding.

21.6.2 PrincipleThis topic describes the implementation principles of the MAC address binding feature.

21.6.1 IntroductionThis topic describes the definition, purpose, specification, and availability of MAC addressbinding.

Definition

MAC address binding indicates the binding between a MAC address and a service port. Thus,only the packets with the specified MAC address can be transmitted over the network.

Purpose

The MAC address binding feature can effectively avoid illegal access.

Specification

The MA5606T supports the following MAC address binding specifications:

Static binding. The system supports binding of up to 1024 static MAC addresses. The numberof MAC addresses that can be bound with a traffic stream is not limited.


No additional hardware is required for supporting the MAC address binding feature.

l License support

The MAC address binding feature is the basic feature of the MA5606T. Therefore, nolicense is required for accessing the corresponding service.

21.6.2 PrincipleThis topic describes the implementation principles of the MAC address binding feature.

To realize the binding between a MAC address and a service port, do as follows:

l Set the maximum number of MAC addresses that can be learned by a service port to 0.

l Set the static MAC address of the service port.

In this way, the service forwarding module does not learn the MAC address of the user packets.In addition, if the MAC address is not the same as any of the static MAC address configured forthe service port, the MA5606T discards the packets.

Hence, only the packets with the specified MAC address can pass through the service port.


Feature Description


Issue 03 (2010-01-28)

21.7 VMACVirtual MAC (VMAC) is the source MAC address allocated by the access device. In transmissionof the user packets, the access device replaces the source MAC address of the user packets withthe VMAC address. This topic provides introduction to this feature and describes the principlesand reference documents of this feature.

21.7.1 IntroductionThis topic describes the definition, purpose, specification, limitation, and availability of VMAC.

21.7.2 PrincipleThis topic describes the implementation principles of the VMAC feature.

21.7.1 IntroductionThis topic describes the definition, purpose, specification, limitation, and availability of VMAC.

Definition

VMAC is the source MAC address allocated by the access device. In transmissions of the userpackets, the access device replaces the source MAC address of the user packets with the VMACaddress. In the upstream direction, the user source MAC address is replaced with the VMACaddress for transmissions in the network. In the downstream direction, the VMAC address isreplaced with the user source MAC address.

1:1 VMAC is a mechanism in which a user source MAC address is replaced with a VMACaddress allocated by the device.

VMAC is used to prevent user source MAC address spoofing, network-side BRAS MAC addressspoofing, and user source MAC address conflict.

Purpose

To protect the system and the carrier's network, VMAC can be enabled for the PPPoE and DHCPaccess users. On the MA5606T, the user-side MAC address is replaced with a VMAC addressin the MAC address pool. In this way, the unreliable MAC addresses cannot access the carrier'snetwork, and the user-side MAC address conflict can be avoided.

In addition, a VMAC address can carry the information on a user port to identify the user port.

Specification

The system allocates up to 32 VMAC addresses for each physical port.

Limitation

Except that the DSLAM ID must be configured, other information related to the format of aVMAC address is automatically generated. Figure 21-12 shows the format of a VMAC address.



21-27

Figure 21-12 Format of a VMAC address

1 0

Reserve DSLAM ID

Slot ID Port ID

1 1 0

MACDSLAM ID

First bits Last bits

First bits Last bits


All the broadband access service boards support the VMAC feature.l License support

The VMAC feature is an optional feature of the MA5606T. Therefore, the license isrequired for accessing the corresponding service.

21.7.2 PrincipleThis topic describes the implementation principles of the VMAC feature.

In a current IP access network based on the L2 Ethernet forwarding, because the MA5606T ismainly based on the L2 forwarding, unreliable user-side MAC address results in MAC addressspoofing, which affects the normal provisioning of the user service.

To solve this problem, the MA5606T provides the VMAC function to prevent MAC addressspoofing and to support the query of the information on the user port and the lines.

VMAC Address Switching ProcessIn the MA5606T system, the VMAC feature is implemented as follows:l For the upstream Ethernet frames, the MA5606T replaces source MAC U with generated

MAC X.l For the downstream Ethernet frames, the MA5606T restores destination MAC X to user

MAC U.

NOTE

l MAC U: source MAC address in the user packet.

l MAC X: VMAC address allocated by the MA5606T.

l MAC B: destination MAC address in the user packet.

The specific VMAC address switching process is as shown in Figure 21-13.


Feature Description


Issue 03 (2010-01-28)

Figure 21-13 VMAC address switching process

U--->XU<---X

MA5606T

SA=MAC B

MAC BDA=

MAC XRemainderof Frame

SA=MAC X

DA=MAC B

Remainderof Frame

SA=MAC B

DA=MAC U

Remainderof Frame

SA=MAC U

DA=MAC B

Remainderof Frame

User

SA: Source MAC AddressDA: Destination MAC Address

User sideNetwork side

1. The mapping relation is established between MAC U and MAC X. The service board learnsthe source MAC address of the upstream packets, and then selects MAC X from the 32VMAC addresses allocated to the port to replace the source MAC address in the upstreampackets, and establishes the mapping relation between MAC U and MAC X.

2. The service board learns the user-side source MAC address.3. MAC X ages periodically. In case of aging, the relation between MAC U and MAC X is

cancelled.4. The MA5606T learns source MAC X of the upstream packets.5. The MA5606T forwards the packets based on VLAN+DMAC of the downstream streams,

where DMAC is MAC X. If a DMAC address is a broadcast MAC address, the packets arebroadcast within the VLAN.

6. The service board forwards the packets based on VLAN+DMAC, where DMAC is MACX. When the packets are forwarded to the user port, MAC X is replaced with MAC U. Ifa DMAC address is a broadcast MAC address, the packets are broadcast within the VLAN.

Rules for VMAC Address AllocationIn the MA5606T system, the format of a VMAC address is as shown in Figure 21-12. the policyfor allocating VMAC addresses is as follows:

l In the format of a VMAC address, the information with fixed values represents theunchangeable information of the VMAC address. For example, a vendor ID is a unique IDfor a certain equipment vendor.

l The DSLAM ID must be configured through the command line interface (CLI).

l The MA5606T automatically allocates the slot ID and port ID based on the actual slot/portID of a physical port.

l The MA5606T allocates MAC indexes for users with different source MAC addresses. Theindexes increase from 1 to 32 by degrees.

l Reserve refers to reserved information.

Locating the Actual User Information Through VMACIn the MA5606T system, if the VMAC function is successfully enabled, the system obtains thephysical information about the user port status and the line status based on the VMAC address.This helps to locate the actual user information.

Based on the VMAC address, the mapping relation between the user-side MAC address and theVMAC address can be obtained by:



21-29

l The physical location of the user port (shelf/slot/port number)

l The referenced PVC (VPI/VCI) of the user

l The service port of the user

21.8 SMACThe SMAC feature, also known as the PPPoE single-MAC, is one of the security featuressupported by the MA5606T. This topic provides the definition, principles, and reference of theSMAC feature.

21.8.1 IntroductionThis topic provides the definition, purpose, specifications, limitation, and availability of theSMAC feature.

21.8.2 PrinciplesThis topic describes the working principles of the SMAC feature.

21.8.3 ReferenceThis topic provides the reference documents of the SMAC feature.

21.8.1 IntroductionThis topic provides the definition, purpose, specifications, limitation, and availability of theSMAC feature.

DefinitionThe SMAC feature, also known as the PPPoE single-MAC, is one of the security featuressupported by the MA5606T.

PurposeTo reduce the number of MAC addresses at the convergence layer, thus lowering therequirements for the MAC address entries of the convergence-network devices, you can enablethe SMAC function. SMAC can prevent insecure actions, such as the forwarding of theconvergence network caused by forged MAC addresses of subscribers.

SpecificationsThe MA5606T supports the following SMAC specifications:

l Globally setting and querying the single-MAC allocation mode of the PPPoE subscriber

l Globally setting and querying the single-MAC allocation mode of the PPPoA subscriber

l Creating and deleting the entry of the PPPoE single-MAC online subscriber

l Setting and querying the MAC address of the board

l Querying and clearing the statistics of the PPPoE single-MAC subscriber packets

l Setting and querying the number of single-MAC sessions for an xDSL port

l Setting and querying the number of single-MAC sessions for a GPON traffic stream

l Co-existence of PPPoE single-MAC, PPPoA single-MAC, and PPPoE+


Feature Description


Issue 03 (2010-01-28)

Limitationl PPPoE single-MAC and anti MAC spoofing are mutually exclusive. If they are enabled at

the same time, PPPoE single-MAC takes precedence over anti MAC spoofing.l If you change the MAC address allocation mode when there are online PPPoE subscribers,

the subscribers will get offline.


The xDSL, OPFA, and GPON service boards support this feature.The ETHA/ETHB board does not support this feature.

l License SupportSMAC is a basic feature of the MA5606T. Therefore, no license is required for accessingthe corresponding service.

21.8.2 PrinciplesThis topic describes the working principles of the SMAC feature.

The SMAC feature is a security solution put forth by Huawei.

The SMAC system architecture supports the following two independent application models:l PPPoA single-MAC service modell PPPoE single-MAC service model

PPPoA Single-MAC Service ModelFigure 21-14 shows the PPPoA single-MAC service model.

Figure 21-14 PPPoA single-MAC service model

PPPoA terminal IP DSLAM

LCP negotiationPPPoE PADI

PPPoE PADO

Terminal and BRAS set up PPP link through the PPPoE tunnel.

BRAS

PPPoE PADR

PPPoE PADSSession ID setup

ATM PVC

AAL5/1483B

Data

PPP

Ethernet

PPPoE

Data

PPP

PPP LCP over PPPoE

IP DSLAM caches LCP packetand assigns a MAC address for

the PPPoA connection fromthe pre-configured

MAC pool.

IP DSLAM sends cachedLCP packet throughthe PPPoE tunnel.



21-31

The process of the PPPoA single-MAC service is as follows:

1. After you set the MAC address allocation mode to the single-MAC mode, the PPPoAsessions of all the boards globally adopt the MAC address of the board as the source MACaddress.

2. After receiving the LCP Config-Req packet from a PPPoA subscriber, the MA5606Tbuffers the packet and initiates a PPPoE session. In this session, the PADI packet isbroadcast, and its source MAC address is the MAC address allocated to the PPPoAsubscriber by the MA5606T.

3. The BRAS sends the PADO packet to the MA5606T.4. The MA5606T obtains the MAC address of the BRAS and sends the PADR packet to the

BRAS.5. The BRAS sends the PADS packet to the MA5606T.6. After obtaining the session ID, the MA5606T sends the buffered LCP Config-Req packet

to the BRAS and enters the PPPoE session stage.7. The subscriber sends a PPP packet. Then, the MA5606T encapsulates the packet into a

PPPoE packet according to the MAC address of the BRAS and the MAC address allocatedto the subscriber by the MA5606T, and sends the packet to the BRAS. In the case ofdownstream packets, the MA5606T performs a reverse processing.

8. The BRAS sends the PADT packet, or the PPPoA subscriber sends the LCP ConfigureTerminate packet to terminate the session.

PPPoE Single-MAC Service ModelFigure 21-15 shows the PPPoE single-MAC service model.

Figure 21-15 PPPoE Single-MAC Service Model

IP DSLAM BRAS

PPPoE PADI + Relay-session-ID

PPPoE PADO + Relay-session-ID

PPPoE PADR + Relay-session-ID

PPPoE PADS + Relay-session-ID

Session ID setup

PPP LCP over PPPoE

PPPoE terminal

MAC1

MAC1

MAC2

……MAC2

MAC address ofthe line card

PPPoE PADI

PPPoE PADO

PPPoE PADR

PPPoE PADS

IP DSLAM recovers the DMAC to the UMAC and sends it to

the subscriber terminalIP DSLAM replaces the UMAC withthe VMAC and adds the subscriberinformation to the Relay-Session-ID

field of the packets

At the PPPoE session stage,on the DSLAM the downstream

taffic is forwarded by session ID.

……


Feature Description


Issue 03 (2010-01-28)

The process of the PPPoE single-MAC service is as follows:

1. After you set the MAC address allocation mode to the single-MAC mode, the PPPoEsessions of all the boards globally adopt the MAC address of the board as the source MACaddress.

2. At the PPPoE discovery stage, the PPPoE packets exchanged between the MA5606T andthe BRAS contain the Relay-Session-ID of the subscriber. After receiving a PPPoE packetfrom the subscriber, the MA5606T replaces the source MAC address of the packet withthe single-MAC address of the board, inserts the Relay-Session-ID of the subscriber intothe packet, and then forwards the packet to the BRAS. The Relay-Session-ID is mainly theindex of the subscriber on the host.

3. After receiving the PPPoE packet containing the Relay-Session-ID of the subscriber fromthe BRAS, the MA5606T analyzes the Relay-Session-ID, replaces the source MAC addressof the PPPoE packet with the MAC address of the PPPoE subscriber, and then forwardsthe packet to the subscriber.

4. When the PPPoE discovery stage is terminated, the MA5606T generates the SMAChardware forwarding entry. In the follow-up operations, the MA5606T forwards the servicedata according to the Session-ID of each PPPoE session.

5. At the PPPoE discovery stage, if the subscriber packet carries the subscriber Relay-Session-ID, the PPPoE response packet sent by the BRAS needs to carry the subscriber Relay-Session-ID.

21.8.3 ReferenceThis topic provides the reference documents of the SMAC feature.

The following lists the reference documents of this feature:l IETF RFC2364: PPP Over AAL5

l IETF RFC2516: A Method for Transmitting PPP Over Ethernet (PPPoE)

l DSL Froum TR-101: Migration to Ethernet-Based DSL Aggregation

21.9 Anti-MAC SpoofingAnti-MAC spoofing attack means the system takes measures to prevent a user from attackingthe system using a forged MAC address. This topic provides introduction to this feature anddescribes the principles and reference documents of this feature.

21.9.1 IntroductionThis topic describes the definition, purpose, specification, and availability of anti-MACspoofing.

21.9.2 PrincipleThis topic describes the implementation principles of the anti-MAC spoofing feature.

21.9.1 IntroductionThis topic describes the definition, purpose, specification, and availability of anti-MACspoofing.



21-33

Definition

MAC spoofing attack means that a user forges a valid MAC address to attack a system.

If the forged MAC address is the MAC address of a valid user, the attack affects services of theuser.

If the forged MAC address is the MAC address of a system, or a large number of forged packetsof different MAC addresses are sent to the system, the attack might affect the system operation.The system might even get down due to the attack.

Anti-MAC spoofing attack means the system takes measures to prevent a user from attackingthe system using a forged MAC address.

PurposeTo guarantee the system security and carriers' network security, the MA5606T prevents the MACspoofing attack in the following ways:l For PPPoE and DHCP access users, the MA5606T disables the dynamic MAC address

learning feature, and allows only the packets of trusty MAC addresses to pass through aport. This avoids a large number of packets of suspect MAC addresses from enteringcarriers' networks.

l The MA5606T can detect and forbid a malicious user to forge the MAC address of an onlinevalid user. This guarantees that the services provisioned to all the valid users are notaffected.

SpecificationThe MA5606T supports the following anti-MAC spoofing specifications:

Dynamic binding. The system supports binding of up to 8K dynamic MAC addresses:

l The system can be bound with up to 8K traffic streams.

l Each traffic stream can be bound with up to eight MAC addresses.

l If each traffic stream is bound with eight MAC addresses, then the system can be boundwith up to 1024 traffic streams.

l Disable the MAC address learning function.


All the broadband access service boards support the anti-MAC spoofing feature.l License support

The anti-MAC spoofing feature is the basic feature of the MA5606T. Therefore, no licenseis required for accessing the corresponding service.

21.9.2 PrincipleThis topic describes the implementation principles of the anti-MAC spoofing feature.

Anti-MAC Spoofing (PPPoE Users)For a PPPoE user, the MA5606T realizes the anti-MAC address spoofing in this way:


Feature Description


Issue 03 (2010-01-28)

1. With the anti-MAC spoofing switch enabled, the MA5606T binds the user account withthe user's MAC address according the PPPoE packets received.

2. The MA5606T discards the data packets sent before the binding.3. If the source MAC address contained in the data packets is the same as the one bound, the

MA5606T transmits the packets in the upstream direction, or else the MA5606T discardsthe packets.

4. When the user gets offline, the MA5606T cancel the binding between the user account andthe MAC address.

Anti-MAC Spoofing (DHCP Users)For a DHCP user, the MA5606T realizes the anti-MAC address spoofing in this way:

1. With the anti-MAC spoofing switch enabled, the MA5606T binds the user account withthe user's MAC address according the DHCP packets received.

2. The MA5606T discards the data packets sent before the binding.3. If the source MAC address contained in the data packets is the same as the one bound, the


4. When the user gets offline, the MA5606T cancel the binding between the user account andthe MAC address.

21.10 Anti-IP SpoofingAnti-IP spoofing attack is a user security mechanism in which the system takes measures toprevent a user from attacking the system using a forged IP address. This topic providesintroduction to this feature and describes the principles and reference documents of this feature.

21.10.1 IntroductionThis topic describes the definition, purpose, specification, limitation, and availability of anti-IPspoofing.

21.10.2 PrincipleThis topic describes the implementation principles of the anti-IP spoofing feature.

21.10.1 IntroductionThis topic describes the definition, purpose, specification, limitation, and availability of anti-IPspoofing.

Definition

IP spoofing attack means that a user forges a valid IP address to attack a system.

Anti-IP spoofing attack means the system takes measures to prevent a user from attacking thesystem using a forged IP address.

PurposeTo guarantee the system security and carriers' network security, the MA5606T needs to preventthe IP spoofing attack.



21-35

For DHCP access users, the MA5606T enables the feature of anti-IP spoofing, and allows onlythe packets of trusty IP addresses allocated by the DHCP server to pass through a port. Thisavoids the packets of forged or suspect IP addresses from entering carriers' networks.

Specification

The MA5606T supports the following anti-IP spoofing specifications:

Dynamic binding.

l The system supports binding of up to 8K dynamic IP addresses.

l The system can be bound with up to 8K traffic streams.

l Each traffic stream can be bound with up to eight IP addresses.

l If each traffic stream is bound with eight IP addresses, then the system can be bound withup to 1024 traffic streams.

Limitation

Do not manually configure the binding between the user account and the IP address for a DHCPuser. The anti-IP spoofing feature allows the MA5606T to control the packets from the user.

For a user with a static IP address, the static IP address needs to be bound manually. In this way,the MA5606T can control the IP address over the network.


No additional hardware is required for supporting the anti-IP spoofing feature.l License support

The anti-IP spoofing feature is the basic feature of the MA5606T. Therefore, no license isrequired for accessing the corresponding service.

21.10.2 PrincipleThis topic describes the implementation principles of the anti-IP spoofing feature.

The MA5606T realizes the anti-IP address spoofing in the following way:

1. With the anti-IP spoofing switch enabled, the MA5606T binds the user account with theuser's IP address according the DHCP packets received to generate the IP binding list.

2. The MA5606T discards the data packets sent before the binding.3. If the source IP address contained in the data packets is the same as the one bound, the


4. The system filters the IP packets based on the IP binding list. Meanwhile, the system filtersthe user ARP packets.l If the IP packets with a certain source IP address are allowed to pass, the ARP packets

with the same source IP address are also allowed to pass.l If the IP packets with a certain source IP address cannot pass, neither can the ARP

packets with the same source IP address pass.


Feature Description


Issue 03 (2010-01-28)

5. When the user gets offline, the MA5606T cancel the binding between the user account andthe IP address.



21-37

22 Subtended Network Configuration

About This Chapter

A subtended network configuration is a configuration in which the MA5606T series devices aresubtended in several tiers through the FE/GE ports.

22.1 IntroductionThis topic describes the definition, purpose, specification, limitations, glossary, and alsoacronyms and abbreviations related to a subtended network configuration.

22.2 PrincipleThis topic describes the operating principles of a subtended network configuration.

22.3 ReferenceThis topic describes the reference documents of a subtended network configuration.

SmartAX MA5606T Multi-service Access ModuleFeature Description 22 Subtended Network Configuration


22-1

22.1 IntroductionThis topic describes the definition, purpose, specification, limitations, glossary, and alsoacronyms and abbreviations related to a subtended network configuration.

Definition

A subtended network configuration is a configuration in which the MA5606T series devices aresubtended in several tiers through the FE/GE ports.

Purpose

Subtended network configurations make the networking of the MA5606Ts more flexible, thussaving the upstream optical fiber resources of the access point. The remote subtended networkconfigurations save the convergence equipment resource, simplify the networking, and facilitiesthe service configuration.

Specification

The MA5606T supports the following subtending specifications:

l The subtending ports of the MA5606T are provided by the MCUC board.

l Each MCUC board provides GE/FE/GPON optical port as the upstream ports or subtendingports.

l It is recommended that up to seven nodes can be included in an RSTP/MSTP subtendednetwork.

Glossary

Table 22-1 lists the glossary of technical terms related to a subtended network configuration.

Table 22-1 Glossary of technical terms related to a subtended network configuration

Glossary Definition

Local subtended network configuration Subtending of multiple shelves in a cabinet,or subtending of multiple shelves in differentlocal cabinets.

Remote subtended network configuration Subtending of remote shelves or otherDSLAM devices through fibers.


Table 22-2 lists the acronyms and abbreviations related to a subtended network configuration.

22 Subtended Network ConfigurationSmartAX MA5606T Multi-service Access Module

Feature Description


Issue 03 (2010-01-28)

Table 22-2 Acronyms and abbreviations related to a subtended network configuration

Acronym Full Expansion

RSTP Rapid Spanning Tree Protocol

MSTP Multiple Spanning Tree Protocol

22.2 PrincipleThis topic describes the operating principles of a subtended network configuration.

22.3 ReferenceThis topic describes the reference documents of a subtended network configuration.

The following lists the reference documents of a subtended network configuration:

l IEEE 802.1w Rapid Spanning Tree

SmartAX MA5606T Multi-service Access ModuleFeature Description 22 Subtended Network Configuration


22-3

23 Ethernet OAM

About This Chapter

Operations, administration and maintenance (OAM) means a tool for monitoring and diagnosingnetwork faults.

23.1 Ethernet CFM OAMEthernet CFM OAM provides an end-to-end fault detection solution to monitor, diagnose, andtroubleshoot the Ethernet. This topic provides introduction to this feature and describes theprinciples and reference documents of this feature.

23.2 Ethernet EFM OAMEthernet EFM OAM provides a mechanism for monitoring links. It is a mechanism at the datalinklayer, as a complement of the higher layer applications. This topic provides introduction to thisfeature and describes the principles and reference documents of this feature.

SmartAX MA5606T Multi-service Access ModuleFeature Description 23 Ethernet OAM


23-1

23.1 Ethernet CFM OAMEthernet CFM OAM provides an end-to-end fault detection solution to monitor, diagnose, andtroubleshoot the Ethernet. This topic provides introduction to this feature and describes theprinciples and reference documents of this feature.

23.1.1 IntroductionThis topic describes the definition, purpose, specification, limitation, and availability of EthernetCFM OAM.

23.1.2 PrincipleThis topic describes the implementation principles of Ethernet CFM OAM.

23.1.3 ReferenceThis topic describes the reference documents of Ethernet CFM OAM.

23.1.1 IntroductionThis topic describes the definition, purpose, specification, limitation, and availability of EthernetCFM OAM.

Definition

In a broad sense, operations, OAM means a tool for monitoring and diagnosing network faults.Ethernet OAM is defined as Connectivity Fault Management in IEEE 802.1ag to provide anend-to-end fault detection and diagnosis solution.

Purpose

Ethernet is a widely used local area network technology because of its rich bandwidth, low cost,convenience for plug-and-play, and support of multipoint operations.

As the Ethernet technology is gradually developing from carriers' networks to metropolitan areanetworks (MANs) and wide area networks (WANs), the network management and maintenanceare increasingly important. Currently, however, Ethernet has no carrier-class managementcapability, and thus fails to detect the L2 network faults.

Ethernet OAM provides an end-to-end fault detection solution to monitor, diagnose, andtroubleshoot the Ethernet.

Specification

The MA5606T supports the following Ethernet OAM specifications:

l Up to three maintenance domains (MDs)

l Up to 48 maintenance associations (MAs)

l Up to 48 MAs in an MD

l Support of a maintenance end point (MEP) and up to six remote maintenance end points(RMEPs) by each MA

l LB and CC functions for a user-side CVLAN

23 Ethernet OAMSmartAX MA5606T Multi-service Access Module

Feature Description


Issue 03 (2010-01-28)

l Transparent transmission of ETH OAM CFM packets from the user side to the networkside

Limitation

The MA5606T Ethernet OAM has the following limitations:

l If 48 MAs are configured in MD 0, no MA can be configured in MD 1 or MD 2.

l MEPs can be configured only on the upstream ports and the ports in the Ethernet subtendingboard.

l The system supports neither maintenance association intermediate points (MIPs) norinternal ports.


The control board (MCUA) supports the Ethernet CFM OAM feature.l License support

The Ethernet CFM OAM feature is an optional feature of the MA5606T. Therefore, thelicense is required for accessing the corresponding service.

23.1.2 PrincipleThis topic describes the implementation principles of Ethernet CFM OAM.

NOTEThe MEP refers to the port in the MA5606T herein unless otherwise specified.

Ethernet CFM

Ethernet CFM includes connectivity check, loopback detection, and linktrace (LT).

Figure 23-1 shows the connectivity check.

Figure 23-1 Connectivity check

MA5606T-1 MA5606T-2SwitchSwitch

Link 1 Link 2 Link 3 Link 4

Connectivity check message

To connect two MA5606Ts, configure the two MA5606Ts in the same MA (MA 0) of the sameMD (MD 0), and configure MA5606T-1 (MEP ID: 300) and MA5606T-2 (MEP ID: 5606) astwo MEPs. After Ethernet OAM is enabled, all MEPs initiatively send connectivity checkmessages at intervals and receive the connectivity check messages from other MEPs.



23-3

Connectivity Check

The network connectivity is monitored through the connectivity check messages transmitted atintervals to a multicast domain. The process is as follows:

l Each MEP (such as MA5606T-1) initiatively sends connectivity check messages atintervals. A connectivity check message contains the configuration information ofMA5606T-1.

l Each MEP (such as MA5606T-2) can receive connectivity check messages without sendingthe response messages. When MA5606T-2 receives the messages from any other MEP, itchecks the information contained in the messages.

l If an MEP fails to receive any messages or receives undesired messages within a certainperiod of time, it indicates that the network fails.

As shown in Figure 23-1, if link 1 fails, MEP 5606 will fail to receive any connectivity checkmessage from MEP 300 within a certain period of time. In this case, MEP 5606 reports a messageloss alarm. In this way, the users of MA5606T-2 can know the connectivity with other networks(such as the network in which MA5606T-1 is located).

Loopback Detection Messages and Responses

A loop message is sent from an MEP to a specified MIP or MEP to help locate the fault. TheMIP or MEP ahead of the fault location can respond to the loopback message, but the MIP orMEP after the fault location fails to respond to the loopback message. In this way, the fault islocated accurately.

Figure 23-2 shows the loopback detection.

Figure 23-2 Loopback detection

MEP 300 MIP-0

Loopback detection message

MIP-1 MEP 5606

Loopback detection response

As shown in Figure 23-2:

1. MEP 300 sends a loopback detection message to MEP 5606.2. After MEP 5606 receives the detection message, it sends a response message to MEP 300.

LT Messages and Responses

An LT message is used for checking the MIP path between two MEPs. All the MIPs in a linkrespond to the MEP that initiates an LT message, and forward the LT message until the messagereaches the destination MIP/MEP.


Feature Description


Issue 03 (2010-01-28)

If the destination point is an MEP, each MIP in an MA responds to the source MEP. Throughthe received response, the source MEP knows the MAC addresses and locations of all the MIPsas well as the link where the fault has occurred.

Figure 23-3 shows the LT.

Figure 23-3 LT

MEP 300MIP-0 MIP-2 MEP 5606

MIP-1

LT messageLT response

1. MEP 300 sends an LT message to MEP 5606.2. After receiving the message, an MIP between MEP 300 and MEP 5606 sends a response

to MEP 300 and forwards the message.3. After receiving the message, MEP 5606 does not forward it, but sends a response directly

to MEP 300.

23.1.3 ReferenceThis topic describes the reference documents of Ethernet CFM OAM.

The following lists the reference documents of Ethernet CFM OAM:l IEEE P802.1ag/D6.0, Connectivity Fault Management

23.2 Ethernet EFM OAMEthernet EFM OAM provides a mechanism for monitoring links. It is a mechanism at the datalinklayer, as a complement of the higher layer applications. This topic provides introduction to thisfeature and describes the principles and reference documents of this feature.

23.2.1 IntroductionThis topic describes the definition, purpose, specification, and availability of Ethernet EFMOAM.

23.2.2 PrincipleThis topic describes the implementation principles of the Ethernet EFM OAM feature.

23.2.3 ReferenceThis topic describes the reference documents of Ethernet EFM OAM.



23-5

23.2.1 IntroductionThis topic describes the definition, purpose, specification, and availability of Ethernet EFMOAM.

DefinitionOAM provides the capability for the network administrators to monitor the network healthconditions and to locate the faulty links and the faults.

Ethernet of First Mile (EFM) OAM is defined in IEEE 802.3ah Clause 57 by the IEEE EFMWorkgroup. It is an important part of Ethernet OAM. Ethernet EFM OAM provides a mechanismfor monitoring links, such as remote defect indication (RDI) and remote loopback control. It isa mechanism at the datalink layer, as a complement of the higher layer applications.

PurposeThe MA5606T supports EFM OAM to obtain the alarm information such as RDI from theEthernet terminals and supports the exchange of the OAM Packet Data Units (OAMPDUs) toobtain the information about the terminal device vendors.

SpecificationThe MA5606T supports the following Ethernet EFM OAM specifications:

l The MA5606T supports transmission, reception, and processing of InformationOAMPDUs to perform the OAM discovery and obtain the information about the terminaldevice vendors.

l The MA5606T supports resolution of the received Event Notification OAMPDUs.l The MA5606T supports remote loopback and the multiplexer state machine.l The MA5606T supports transparent transmission of 802.3ah OAMPDUs from the user side

to the network side when the BPDU transparent transmission function is enabled.


The OPFA, VDSA/VDTF, VDRD, VDMF and VDNF supports the Ethernet EFM OAMfeature.

l License supportThe Ethernet EFM OAM feature is an optional feature of the MA5606T. Therefore, thelicense is required for accessing the corresponding service.

23.2.2 PrincipleThis topic describes the implementation principles of the Ethernet EFM OAM feature.

Figure 23-4 shows the networking of an Ethernet EFM OAM application.

Figure 23-4 Networking of an Ethernet EFM OAM application

ONUOLT

Ethernet OAM packet

Ethernet link


Feature Description


Issue 03 (2010-01-28)

Similar to the LACP packets, the EFM OAM packets are exchanged between two neighboringentities on a link, and are not forwarded out of the link.

Main Functions of EFM OAM

The main functions of EFM OAM are as follows:

l RDI: If an Ethernet link between an ONU and an OLT supports the unidirectionaltransmission (that is, when one direction is faulty, the other direction still can transmit data),the end that receives the fault can transmit special OAMPDUs to notify the remote end ofthe local fault.

l Remote loopback: The local end enables the remote end to change to the loopback state bytransmitting special OAMPDUs. After the remote end changes to the loopback state, thepackets from the local end to the remote end are looped back intactly, except OAMPDUs.

l Link detection: Some special events are defined. For example, if the number of erroredframes received within a certain period exceeds the threshold, the remote end is notified ofthe information by the special OAMPDUs.

OAMPDUs

In addition to the RDI, remote loopback, and link detection functions, EFM OAM is also adiscovery mechanism, namely, an extended mechanism to the higher layer applications. Theearlier mentioned functions are implemented by the exchange of the following types ofOAMPDUs between two neighboring entities on an Ethernet link.

l Information OAMPDUs: They are used to transmit the OAM status information to theremote end, including the OAM capability, Multiplexer and Parser status of the local end,and whether the local end meets the OAM status requirement of the remote end. The OAMcapability herein refers to:

– Whether the unidirectional transmission is supported because this capability directlydetermines whether RDI is supported.

– Whether the response to the variable request is supported. That is, whether the query ofthe local end information is supported.

– Whether remote loopback is supported. That is, whether the local end changes to theloopback state based on the setting on the remote end.

– Whether the link resolution event is supported. That is, whether the link events fromthe remote end can be processed.

Information PDUs also include the Organizationally Unique Identifier (OUI) field, and theVendor Specific Information field, through which the vendor information of the remoteend is obtained.

l Event Notification OAMPDUs: They are used to notify the remote end of specific events,such as how many errored frames are received in a certain period and what is the thresholdof the errored frames.

l Variable Request OAMPDUs: They are used to query one or more MIB variables to theremote end, such as the number of correctly received or transmitted frames.

l Variable Response OAMPDUs: They are used to return one or more MIB variables to theremote end after the Variable Request OAMPDUs are received.



23-7

l Loopback Control OAMPDUs: They are used to control the loopback state of the remoteend. When the remote end is in the loopback state, the data frames received by the remoteend are looped back to the local end, except OAMPDUs.

23.2.3 ReferenceThis topic describes the reference documents of Ethernet EFM OAM.

The following lists the reference documents of Ethernet EFM OAM:l IEEE 802.3ah: Operations, Administration, and Maintenance (OAM)


Feature Description


Issue 03 (2010-01-28)

24 VoIP

About This Chapter

The VoIP service is a solution in which the voice compression technology is adopted and thevoice service is transmitted over the IP network.

24.1 Basic Features of VoIPThe VoIP service is a solution in which the voice compression technology is adopted and thevoice service is transmitted over the IP network. This topic provides introduction to this featureand describes the principles and reference documents of this feature.

24.2 VoIP (H.248)The VoIP can be implemented based on the H.248 protocol. This topic provides introduction tothis feature and describes the principles and reference documents of this feature.

24.3 VoIP (MGCP)The VoIP can be implemented based on the MGCP protocol. This topic provides introductionto this feature and describes the principles and reference documents of this feature.

24.4 VoIP (SIP)The VoIP can be implemented based on the SIP protocol. This topic provides introduction tothis feature and describes the principles and reference documents of this feature.

SmartAX MA5606T Multi-service Access ModuleFeature Description 24 VoIP


24-1

24.1 Basic Features of VoIPThe VoIP service is a solution in which the voice compression technology is adopted and thevoice service is transmitted over the IP network. This topic provides introduction to this featureand describes the principles and reference documents of this feature.

24.1.1 IntroductionThis topic describes the definition, purpose, specification, and availability of VoIP.

24.1.2 ReferenceThis topic describes the reference documents of VoIP.

24.1.1 IntroductionThis topic describes the definition, purpose, specification, and availability of VoIP.

Definition

The voice over IP (VoIP) service is a solution in which the voice compression technology isadopted and the voice service is transmitted over the IP network.

Currently, there are three VoIP modes:

l PC to PC

The target users are teenagers.

l PC to phone

The target users are middle-aged and young people (such as international students) whoare sensitive to the communication prices.

l Phone to phone

The target users are traditional POTS users. The voice service is provided by the carrierthrough the NGN softswitch network.

The description herein is based on the VoIP service in phone to phone mode.

Purpose

The voice service that is processed by the voice compression technology and transmitted overthe IP network can save the bandwidth resource and reduce the costs.

Specification

The MA5606T supports the following VoIP specifications:

l Up to 128 VoIP users

l The H.248/MGCP/SIP protocols

l GE cell bus and distributed DSP structure

– The DSP resource is distributed to the subscriber boards, and sufficient DSP resourceis allocated to their respective users.

24 VoIPSmartAX MA5606T Multi-service Access Module

Feature Description


Issue 03 (2010-01-28)

– The fault of the DSP resources on a subscriber board does not affect users on otherboards.

l Table 24-1 lists the supported services.

Table 24-1 List of the VoIP services supported by the MA5606T

Type Service

Basic services Voice service, fax service, and modem service

Supplementary services Three-party service, call waiting, call transfer, messagewaiting indication, calling party identification display, andcalling party identification limitation

Intelligent services 800 service and card service


The VoIP forwarding logic subboard (FLBA) is required for supporting the VoIP feature.l License support

The ACL feature is an optional feature of the MA5606T. Therefore, the license is requiredfor accessing the corresponding service.

24.1.2 ReferenceThis topic describes the reference documents of VoIP.

The following lists the reference documents of VoIP:l ITU-T.H.248 Annex M2: Media Gateway resource congestion handling package

l ITU-T.H.248 Annex M4: H.248 packages for H.323 and H.324 interworking

l RFC3435: Media Gateway Control Protocol (MGCP) Version 1_0

l RFC3660: Basic Media Gateway Control Protocol (MGCP) Packages

l RFC3661: Media Gateway Control Protocol (MGCP) Return Code Usage

l IETF RFC 3261: Session Initiation Protocol

l TISNPAN TS 183 043: TISPAN NGN IMS-based PSTN/ISDN Emulation Call ControlProtocols Stage 3

24.2 VoIP (H.248)The VoIP can be implemented based on the H.248 protocol. This topic provides introduction tothis feature and describes the principles and reference documents of this feature.

24.2.1 IntroductionThis topic describes the definition, purpose, and specification of VoIP based on the H.248protocol.

24.2.2 PrincipleThis topic describes the implementation principles of VoIP based on the H.248 protocol.



24-3

24.2.1 IntroductionThis topic describes the definition, purpose, and specification of VoIP based on the H.248protocol.

DefinitionH.248 is a gateway control protocol. The media gateway controller (MGC, namely, thesoftswitch) controls the media gateways (MGs) through the H.248 protocol so that various mediacan communicate with each other. The ITU-T issued the first standard H.248: Version 1 of theH.248 protocol in June, 2006.

H.248-based VoIP feature refers to the interconnection inside the IP network through H.248,which provides the VoIP service.

Compared with the Media Gateway Control Protocol (MGCP), the H.248 protocol has thefollowing advantages:

l The H.248 protocol supports more types of access technologies.l The H.248 protocol overcomes the description shortcomings of the MGCP protocol, and

supports the larger-scale network applications. Moreover, the H.248 protocol is moreflexible because the protocol can be easily expanded.

l The MGCP messages are borne on only the User Datagram Protocol (UDP), but the H.248messages can be borne by various protocols, such as UDP, TCP, and the Simple ControlTransmission Protocol (SCTP).

24.2.2 PrincipleThis topic describes the implementation principles of VoIP based on the H.248 protocol.

Figure 24-1 shows the principle of the VoIP feature based on the H.248 protocol.

Figure 24-1 Principle of the VoIP feature based on the H.248 protocol

Softswitch (MGC)

MA5606T-0 MA5606T-1

A 0 A 1

H.248 H.248

CallRTP StreamContext


Feature Description


Issue 03 (2010-01-28)

The basic process of call establishment and call release is as follows:

1. MA5606T-0 detects that user A0 picks up the telephone, and then reports the off-hookevent to the softswitch through the Notify command.

2. After receiving the off-hook event, the softswitch sends the digitmap to MA5606T-0,requires MA5606T-0 to play the dial tone for user A0, and then detects the numberreceiving.

3. When user A0 dials a number, MA5606T-0 receives the number according to the digitmapdelivered by the softswitch, and reports the matching results to the softswitch.

4. The softswitch sends the Add command to MA5606T-0 for creating the context and addingthe termination and RTP termination of user A0 into the context.

5. After creating the context, MA5606T-0 responds to the softswitch. The session descriptionin the response provides the information on the grouping requirement from the peer end,such as the IP address or the UDP port number.

6. The softswitch sends the Add command to MA5606T-1 for creating the context and addingthe termination and RTP termination of user A1 into the context, and then delivers the IPaddress or UDP port number of user A0 to user A1.

7. After creating the context, MA5606T-1 responds to the softswitch. The session descriptionin the response provides the information on the grouping requirement from the peer end,such as the IP address or the UDP port number.

8. MA5606T-1 detects that user A1 picks up the telephone, and then reports the off-hookevent to the softswitch. The softswitch runs the Modify command to stop the ring-backtone of user A0 and the ringing tone of user A1.

9. The softswitch runs the Modify command to deliver the session description ofMA5606T-1 to user A0, and then users A0 and A1 can communicate with each other.

10. MA5606T-0 detects that user A0 puts down the telephone, and then reports the on-hookevent to the softswitch through the Notify command.

11. The softswitch sends the Modify command to MA5606T-0 and MA5606T-1 respectivelyto modify the RTP as "receive only."

12. The softswitch sends the Modify command to MA5606T-1 to require the busy tone for userA1, and detects the on-hook event.

13. The softswitch sends the Subtract command to MA5606T-0, releasing the resources appliedfor user A0's call.

14. MA5606T-1 detects that user A1 puts down the telephone, and then reports the on-hookevent to the softswitch through the Notify command.

15. The softswitch sends the Subtract command to MA5606T-1, releasing the resources appliedfor user A1's call.

16. The call between users A0 and A1 ends, and all the resources are released.

24.3 VoIP (MGCP)The VoIP can be implemented based on the MGCP protocol. This topic provides introductionto this feature and describes the principles and reference documents of this feature.

24.3.1 IntroductionThis topic describes the definition, purpose, and specification of VoIP based on the MGCPprotocol.



24-5

24.3.2 PrincipleThis topic describes the implementation principles of VoIP based on the MGCP protocol.

24.3.1 IntroductionThis topic describes the definition, purpose, and specification of VoIP based on the MGCPprotocol.

Definition

The MGCP protocol formulated by the IETF defines a call control structure in which call controland service bearing are separated. The call control function is independent of the gateway, andis processed by the MGC.

Therefore, essentially the MGCP protocol is a master/slave protocol. That is, the MG establishesvarious service connections under control of the MGC.

24.3.2 PrincipleThis topic describes the implementation principles of VoIP based on the MGCP protocol.

Figure 24-2 shows the principle of the VoIP feature based on the MGCP protocol.

Figure 24-2 Principle of the VoIP feature based on the MGCP protocol

Softswitch (MGC)

MA5606T-0 MA5606T-1

EP0 EP1

MGCP

CallRTP StreamContext

MGCP

The basic process of call establishment and call release is as follows:

1. MA5606T-0 detects that user EP0 picks up the telephone, and then reports the off-hookevent to the softswitch through the Notify command.


Feature Description


Issue 03 (2010-01-28)

2. After receiving the off-hook event, the softswitch sends the digitmap to MA5606T-0,requires MA5606T-0 to play the dial tone for user EP0, and then detects the numberreceiving.

3. When user EP0 dials a number, MA5606T-0 receives the number according to the digitmapdelivered by the softswitch, and reports the matching results to the softswitch.

4. The softswitch sends the CRCX command to the MA5606T-0 for establishing a connectionon the EP0 port.

5. MA5606T-0 distributes source for the connection, and responds to the softswitch. Thesession description in the response provides the information on the grouping requirementfrom the peer end, such as the IP address or the UDP port number.

6. The softswitch sends the CRCX command to the MA5606T-1 for establishing a connectionon the EP1 port.

7. MA5606T-1 distributes source for the connection, and responds to the softswitch. Thesession description in the response provides the information on the grouping requirementfrom the peer end, such as the IP address or the UDP port number.

8. MA5606T-1 detects that user EP1 picks up the telephone, and then sends the Notifymessage to the softswitch. The softswitch runs the MDCX command to stop the ring-backtone of user EP0 and the ringing of user EP1.

9. The softswitch runs the MDCX command to deliver the session description ofMA5606T-1 to user EP0, and then users EP0 and EP1 can communicate with each other.

10. MA5606T-0 detects that user EP0 puts down the telephone, and then reports the on-hookevent to the softswitch through the NTFY command.

11. The softswitch sends the MDCX command to MA5606T-0 and MA5606T-1 respectivelyto modify the RTP as "receive only."

12. The softswitch sends the MDCX command to MA5606T-1 to require the busy tone for userEP1, and detects the on-hook event.

13. The softswitch sends the DCLX command to the MA5606T-0, releasing the resourcesapplied for user EP0's call.

14. MA5606T-0 detects that user EP1 puts downs the telephone, and then reports the on-offevent to the softswitch through the Notify command.

15. The softswitch sends the DCLX command to MA5606T-1, releasing the resources appliedfor user EP1's call.

16. The call between users EP0 and EP1 ends and all the resources are released.

24.4 VoIP (SIP)The VoIP can be implemented based on the SIP protocol. This topic provides introduction tothis feature and describes the principles and reference documents of this feature.

24.4.1 IntroductionThis topic describes the definition, purpose, and specification of VoIP that is implemented basedon the SIP protocol.

24.4.2 PrincipleThis topic describes the implementation principles of VoIP based on the SIP protocol.



24-7

24.4.1 IntroductionThis topic describes the definition, purpose, and specification of VoIP that is implemented basedon the SIP protocol.

Definition

The IP multimedia core network subsystem (IMS) is a subsystem that is proposed in the 3rdGeneration Partnership Project (3GPP) Release 5 to support the IP multimedia service. The IMSincludes all the core network elements that provide the audio, video, text, and instant messagingservices, and has been developed to a subsystem independent of any specific access network.

SIP is a control-layer protocol of the IMS and also one of the framework protocols stipulatedby the IETF for the multimedia communication system. SIP is an application-layer protocol forcreating, modifying, and terminating multimedia sessions. Used with other IETF protocols suchas Real-time Transport Protocol (RTP), Real-time Transport Control Protocol (RTCP), SDP,Real-Time Streaming Protocol (RTSP), DNS and SCTP/TCP, SIP is used to complete sessionestablishment and media negotiation.

VoIP based on the SIP protocol is a solution in which the PSTN network and the IP network areinterconnected through the SIP protocol based on the IMS architecture to implement the VoIPservice.

NOTE

The PSTN herein refers to the PSTN service that is implemented based on the SIP protocol in an IMSarchitecture and whose media bearer network is the IP packet switched network.

24.4.2 PrincipleThis topic describes the implementation principles of VoIP based on the SIP protocol.

In an IMS architecture, the MA5606T works as a voice over IP gateway (VGW). In thedownstream direction, the MA5606T connects to the VoIP user terminals. In the upstreamdirection, the MA5606T connects to the IMS network through the Gm interface based on theSIP protocol. Working with the IMS core network, the MA5606T provides the VoIP services,including:

l Basic voice service

l Three-way calling

l Call waiting

l Caller identification display

l Message indicator service

l Malicious communication identification (MCID)

l Call transfer

l Conference call

Figure 24-3 illustrates the principles for implementing the VoIP feature based on the SIPprotocol.


Feature Description


Issue 03 (2010-01-28)

Figure 24-3 Principles for implementing the VoIP feature based on the SIP protocol

MA5606T-0 MA5606T- 1

A 0 A 1

SIP SIP

CallRTP Stream

Basic Voice Service

The basic voice service herein refers to the basic call connection function provided by the IMScore network, including intra-office calls, local calls, domestic calls, international calls, andtransit calls.

The process of establishing and releasing a basic call is as follows:

1. MA5606T-0 detects that user A0 picks up the telephone, and then plays the dial tone foruser A0.

2. User A0 dials a telephone number, meanwhile MA5606T-0 stops playing the dial tone andreceives the number based on the local number list.

3. After receiving the number, MA5606T-0 reports the called number to the IMS core networkthrough an Invite message. The Invite message contains the session description whichprovides the information required for the peer end to send packets to MA5606T-0, includingthe IP address/UDP port number and the codec format.

4. The IMS core network finds MA5606T-1 to which the called party belongs based on thecalled number and then forwards the Invite message.

5. MA5606T-1 finds called party A1 based on the related information in the Invite message,and then delivers the ringing command. Meanwhile, user A1 hears the ringing tone andMA5606T-1 sends a 180 Ringing message to the IMS core network.

6. The IMS core network forwards the 180 Ringing message to MA5606T-0, and thenMA5606T-0 sends the ringback tone to calling party A0.

7. MA5606T-1 detects that user A1 picks up the telephone, and then sends a 200 OK messageto the IMS core network. The 200 OK message contains the session description whichprovides the information required for the peer end to send packets to MA5606T-1, includingthe IP address/UDP port number and the codec format.

8. The IMS core network forwards the 200 OK message to MA5606T-0 to establish a session.



24-9

9. MA5606T-1 detects that user A1 puts down the telephone, and releases the resources forthe session established for user A1, and then reports a BYE message to the IMS corenetwork.

10. The IMS core network forwards the BYE message to MA5606T-0.11. MA5606T-0 sends a response to the IMS core network and plays the busy tone for user

A0.12. User A0 puts down the telephone, and MA5606T-0 releases the resources for the session

established for user A0.13. The session between users A0 and A1 ends, and all the resources are released.

Three-Way CallingThree-way calling is a service in which when you are talking on phone with the second partyand if you want to add the third party for talking, you can dial the telephone number of the thirdparty for three-party talking or separately talking with the third party without interrupting thetalking with the second party.

Call WaitingCall waiting is a service in which if a calling party places a call to a called party which is otherwiseengaged, and the called party has the call waiting feature enabled, the called party is able tosuspend the current telephone call and switch to the new incoming call, and can then negotiatewith the new or current calling party an appropriate time to ring back if the message is important,or to quickly handle a separate incoming call.

Caller Identification DisplayCaller identification display is a service in which the VGW such as the MA5606T sends thecalling number to the called party and the calling number is displayed on the telephone orequivalent terminal of the called party.

Message Indicator ServiceThe message indicator service is a service offered to notify a user of reading new messages. Thatis, when the voice mailbox of the user has a new message, the LED on the terminal is illuminatedin voltage ascending or FSK mode, indicating that a message comes.

MCIDMCID is a service offered to the called party who can apply to the telephone exchange foridentifying the telephone number of the calling party in case of a malicious call, and then thetelephone exchange can identify the telephone number of the calling party who initiates themalicious call through certain operations.

Call TransferCall transfer is a service offered to the called party who can transfer a coming call to a temporaryuser by hooking so that the calling party can communicate with a new called party.

Conference CallConference call is a service offered by the VGW such as the MA5606T for communicationamong three or more parties. The conference call can be a common reference call, a tandem


Feature Description


Issue 03 (2010-01-28)

conference call, or a convenor-authorized conference call. Currently, the MA5606T supportsonly the common reference call.



24-11

25 ISDN

About This Chapter

The integrated services digital network (ISDN) is a Consultative Committee of InternationalTelegraph and Telephone (CCITT) standard, providing integrated transmission of voice, video,and data. The ISDN enables a simultaneous transmission of voice, video and data on the datachannel.

25.1 ISDN Feature DescriptionThis topic describes the basic feature and the operating principles of the ISDN.

25.2 Basic Rate Adaptation (BRA)This topic describes the basic feature and the operating principles of the BRA.

25.3 Primary Rate Adaptation (PRA)This topic describes the basic feature and the operating principles of the PRA.

SmartAX MA5606T Multi-service Access ModuleFeature Description 25 ISDN


25-1

25.1 ISDN Feature DescriptionThis topic describes the basic feature and the operating principles of the ISDN.

25.1.1 IntroductionThis topic describes the definition, purpose, specification, limitation, and availability of ISDN.

25.1.2 PrincipleThis topic describes the implementation principles of the ISDN feature.

25.1.3 ReferenceThis topic describes the reference documents of the ISDN.

25.1.1 IntroductionThis topic describes the definition, purpose, specification, limitation, and availability of ISDN.

Definition

The integrated services digital network (ISDN) is a Consultative Committee of InternationalTelegraph and Telephone (CCITT) standard, providing integrated transmission of voice, video,and data. The ISDN enables a simultaneous transmission of voice, video and data on the datachannel.

The ISDN supports the joint switchover of H.248 and IUA and the overload control of ISDNemergency call.

The ISDN supports two types of services:

l Basic rate interface (BRI): provides the rate of 144 kbit/s, provided by two B channels andone D channel. The rate of the B channel is 64 kbit/s, and that of the D channel is 16 kbit/s.

l Primary rate interface (PRI): provides the rates of 2.048 Mbit/s, provided by 30 B channelsand one D channel. The rates of both the B channel and the D channel are 64 kbit/s.

The B channel is used to bear services, and the D channel is used to bear the call control signalingand maintenance management signaling.

Purpose

The MA5606T supports the ISDN access to provide the integrated services of voice, video, anddata for users.

Specification

The MA5606T supports the following ISDN specifications:

l Up to 64 ISDN BRA users

l Up to 4 ISDN PRA users

l Flexible terminal ID configuration

25 ISDNSmartAX MA5606T Multi-service Access Module

Feature Description


Issue 03 (2010-01-28)

LimitationCurrently, only the ISDN service based on the H.248 protocol is supported.


The DSRD and DSRE boards support the ISDN BRA feature.The EDTB supports the ISDN PRA feature.

l License supportThe number of the ISDN ports supported by the MA5606T is under license. Therefore, thelicense is required for accessing the corresponding service.

25.1.2 PrincipleThis topic describes the implementation principles of the ISDN feature.

ISDN System StructureFigure 25-1 shows the ISDN system structure.

Figure 25-1 ISDN system structure

Softswitch (MGC)

MG

PBXNT1

TA

ISDN Phone

PSTN Phone

PSTN Phone

E1

PRA userBRA user

Peer device

Mediastream

H.248 signaling traffic

H.248 signaling traffic



25-3

The ISDN users include the BRA users and the PRA users.l The BRA users can connect the ISDN telephone with the NT1 directly, or connect the

common telephone through the TA. On the MG side, the BRA users access the networkthrough the BRA port. NT1 and the MG are connected by a POTS line.

l The PRA users access the network through the E1 port with the PBX. The PBX and thegateway are connected by an E1 cable.

ISDN Call Control Process-Call SetupThe ISDN uses the Q.931 protocol to control the call. An L2 link, which complies with the Q.921 protocol, is set up between the gateway and the NT1/PBX to carry Q.931 messages. Set upan IUA link to bear the Q.931 messages between the gateway and softswitch.

Figure 25-2 and Figure 25-3 show the process for controlling the setup of an ISDN call. Figure25-2 shows steps 1-8, and Figure 25-3 shows steps 9-16.

Figure 25-4 shows the control process of the ISDN call disconnection.

Figure 25-2 ISDN call control process-call setup 1

SETUP

SETUP ACKSG{cg/dt}

IMFOMATION

SG{}

IMFOMATION

CALL PROCEEDINGADD

ADD ACK ADD

ADD ACK

TE1 MG1 MGC MG2 TE2

NOTE

In the figure, the blue line is the H.248 signaling, and the red line is the Q.931 signaling.


Feature Description


Issue 03 (2010-01-28)

Figure 25-3 ISDN call control process-call setup 2

MODALERTING

SG{cg/rt}

SG{}

CONNECT ACK

CONNECT

SETUP

ALERTINGALERTING

CONNECT

MODRELEASE

RELEASE COMPLETE

CONNECT ACK

In conversation

TE1 MG1 MGC MG2 TE2 TE3

NOTE


In the primitive Q.931, the gateway is not involved in the call control. The call control gatewayonly separates the terminal Q.931 primitive from the Q.921 packets, encapsulates the Q.931primitive to the IUA information packet, and then sends the packets to the softswitch.

The DSP channel resources that the gateway manage are distributed and released according tothe H.248 signaling or the MGCP signaling delivered by the softswitch in the call process.

The call setup process is as follows:

1. The host hooks off and initiates a call setup.2. The softswitch responds with a SETUP_ACK message, and requests more call information,

such as the called number.3. The softswitch delivers the dial tone through the modify command. In the ISDN, the

digitmap is not included.4. The calling party dials, and the number is carried by the primitive IMFORMATION to the

softswitch.5. After receiving a number, the softswitch stops the signal tone through the modify

command.6. The softswitch responds with a CALL PROCEEDING message, which indicates that the

call is being set up.7. The softswitch enables the calling party and the called party to distribute the context through

the add command, and the RTP mode is switched to the Rx-Tx mode.8. When the called party responds to the add command, the softswitch modifies the Routing

Table Protocol (RTP) remote attribute on the calling party side through the modifycommand.

9. The softswitch delivers the SETUP request to the called party for setting up a call



25-5

10. After receiving the call, the called party starts ringing and sends ALERTING. If theALERTING reaches the calling party, the call is connected.

11. The softswitch delivers the ringing tone to the calling party through the modify command.12. The called party hooks off and sends CONNECT. If the CONNECT reaches, the call is

connected.13. The calling party responds CONNECT_ACK.14. The softswitch stops the ringing tone through the modify command.15. The softswitch modifies the RTP remote attribute on the calling party through the

modify command.16. The call setup ends.

ISDN Call Control Process-Call Disconnection

Figure 25-4 ISDN call control process-call disconnection

RELEASE

SG{cg/rt}SUB

DISCONNECT

SUB ACK

RELEASE COMPLETE

DISCONNECT

RELEASE COMPLETE RELEASE

SUB

SUB ACK

DISCONNECT

TE1 MG1 MGC MG2 TE2

NOTE


The call disconnection process is as follows:

1. One party hooks on, and sends DISCONNECT to the MGC.2. The softswitch sends DISCONNECT to the other party, and sends RELEASE to the party

who hooks on.3. The softswitch delivers the sub command to delete the context to the party who hooks on.4. The softswitch delivers the busy tone to the party who does not hook on through the

modify command.5. The party who hooks on finishes the call disconnection, and sends

RELEASE_COMPLETE to the softswitch.6. After receiving the disconnection, the other party sends RELEASE to the softswitch.


Feature Description


Issue 03 (2010-01-28)

7. The softswitch sends RELEASE_COMPLETE to the other party.8. The other party hooks on, and sends DISCONNECT to the softswitch.9. The softswitch delivers the sub command to delete the context to the party who hooks on

subsequently.10. The call disconnection is complete.

25.1.3 ReferenceThis topic describes the reference documents of the ISDN.

The following lists the reference documents of the ISDN:l ITU-T Q.920 ISDN user-network interface data link layer General aspects

l ITU-T Q.921 ISDN user-network interface - Data link layer specification

l ITU-T Q.930 Digital Subscriber Signalling System No.1 (DSS 1) -ISDN User-NetworkInterface Layer 3 - General Aspects

l ITU-T Q.931 ISDN user-network interface layer 3 specification for basic call control

l ITU-T Q.932 Digital Subscriber Signalling System No. 1 - Generic procedures for thecontrol of ISDN supplementary services

l ITU-T H.248 Media gateway overload control package

25.2 Basic Rate Adaptation (BRA)This topic describes the basic feature and the operating principles of the BRA.

25.2.1 IntroductionThis topic describes the definition, purpose, and specification of BRA.

25.2.2 PrincipleThis topic describes the implementation principles of the ISDN BRA feature.

25.2.1 IntroductionThis topic describes the definition, purpose, and specification of BRA.

DefinitionBRA refers that the ISDN users access the MG through the BRI by the H.248 protocol.

PurposeThe BRA provides the BRA access, performs multimedia communication (voice, video, anddata) from point to point or from point to multipoint.

SpecificationThe MA5606T supports the following BRA services:

l One port connects up to eight terminals. Only two ports, however, can be usedsimultaneously.



25-7

l Up to 64 ISDN BRA users are supported.

25.2.2 PrincipleThis topic describes the implementation principles of the ISDN BRA feature.

Figure 25-5 shows the principles of the ISDN BRA.

Figure 25-5 Principles of the ISDN BRA

ISDN Phone

Softswitch (MGC)

Peer device

NT1NT1

MG

Media streamIUA call control signaling traffic

H.248 media control signaling traffic

User AccessEntering the AN from the MG side, the BRA user call from the deactivated state experiencesfour stages: activation, TEI application, layer 2 link setup, and layer 3 call control. If the portterminal is activated, or the TEI is distributed, or the link is set up, skip to next stage.

Call Control

According to the signaling round-trip control, the call signaling on the MG is sent to thesoftswitch through the IUA (as the red line in the figure). The softswitch delivers the mediacontrol information through the H.248 protocol, and controls the resources on the MG (as theblue line in the figure), such as the B channel, context (H.248), and terminal.


Feature Description


Issue 03 (2010-01-28)

Create an IUA service environment on the MG and MGC sides. Bear the Q.931 signaling on theDSL board to the SCTP link, pack the signaling through the IUA protocol stack, and then sendthe packet to the MGC. Switch the Q.931 signaling on the MGC side. The MGC sends the Q.931 signaling to the peer end through the SCTP link to perform ISDN signaling call.

Working ModeThe BRA working modes include point to multipoint (P2MP) and point to point (P2P).l Under the P2MP mode, one NT1 can connect to multiple terminals. Multiple layer 2 links

can be created at the same time, and up to two users can call simultaneously. If no callservice exists, the system can deactivate automatically to save the power.

l Under the P2P mode, one NT1 can connect to one terminal only. The layer 2 link is alwaysset up to ensure the service bearing at any moment. No matter the call service exists, thelink is activated.

Terminal Power Supply ModeThe BRA power supply is to provide power for the terminal. Two terminal power supply modesare provided:l Local power supply: The terminal applies battery or connects to the power supply.

l NT1 power supply: The terminal accepts the NT1 power supply only. The NT1 powersupply falls into two types:– Local power supply: The NT1 connects to the local power supply.

– Gateway power supply: Configure the remote power supply attribute of the BRA porton the gateway.

Terminal Identifier DistributionUnder the P2MP mode, if the physical line of the BRA user is activated, one BRA port canconnect multiple terminals. A terminal equipment identifier (TEI) is needed to identify theterminal.

The TEI can be specified by the terminal, or distributed on the network side.l The TEI that the terminal specifies ranges 0-63.

l The TEI on the network side is distributed by the subscriber board, ranging 64-126.

l The 127, as a multicast TEI, is used when the BRA user is called (all the users under thesame port share the same telephone number). When the destination terminal is unknown,the connections to all the terminals are initiated.

l Under the P2P mode, the terminal TER is 0.

25.3 Primary Rate Adaptation (PRA)This topic describes the basic feature and the operating principles of the PRA.

25.3.1 IntroductionThis topic describes the definition, purpose, and specification of PRA.

25.3.2 PrincipleThis topic describes the implementation principles of the ISDN PRA feature.



25-9

25.3.1 IntroductionThis topic describes the definition, purpose, and specification of PRA.

DefinitionThe PRA refers to that the ISDN users access the MG through the PRI by using the H.248protocol.

PurposeThe PRA user access is supported on the MG. The central offices can access the PRA usersthrough the mini-switch PBX. For the internal users, they can communicate with each other. Forthe external users, they can communicate with the PSTN users.

SpecificationThe MA5606T supports the following PRA services:

l Timeslot 0 is used for frame synchronization, and timeslot 16 is used for signalingtransmission as the D channel. Other timeslots are used for service data transmission as theB channel.

l Up to 4 ISDN PRA users are supported.

25.3.2 PrincipleThis topic describes the implementation principles of the ISDN PRA feature.

The PRA call process is the same as the BRA call process. For the BRA call process, refer to25.2.2 Principle.

After one PRA user is configured, 32 timeslots with the rate of 64 kbit/s are provided. In which,timeslots 1-15 , 17-31 are for the B channel, timeslot 16 is for the D channel, and timeslot 0 isfor the frame synchronization.

For a PRA user, the TEI of the layer 2 link is 0.

For a PRA user, the working mode and power supply mode are not involved. The terminal ispowered by the PBX.


Feature Description


Issue 03 (2010-01-28)

26 Overload Control

About This Chapter

Overload occurs when the usage of the CPU and DSP resources increases and reaches a certainthreshold in the case that a large number of AG calls occur concurrently. In this case, calls cannotbe processed normally. Overload control refers to the control over calls, which ensures that thecalls from guaranteed subscribers and emergency call subscriber are processed in time,improving the system stability and usability.

26.1 MG Overload ControlThis topic describes the basic feature and working principles of the MG overload control.

26.2 Upstream Bandwidth Overload ControlThis topic describes the basic feature and working principles of the upstream bandwidth overloadcontrol.

26.3 MGC Overload ControlThis topic describes the basic feature and working principles of the MGG overload control.

26.4 Broadband Packets Overload ControlThis topic describes the feature of broadband packets overload control in its introduction,principles, and reference.

SmartAX MA5606T Multi-service Access ModuleFeature Description 26 Overload Control


26-1

26.1 MG Overload ControlThis topic describes the basic feature and working principles of the MG overload control.

26.1.1 IntroductionThis topic describes the definition, purpose, and specifications of the MG overload controlfeature.

26.1.2 PrinciplesThis topic describes the working principles of the MG overload control feature.

26.1.3 ReferenceThis topic provides the reference documents of the MG overload feature.

26.1.1 IntroductionThis topic describes the definition, purpose, and specifications of the MG overload controlfeature.

Definition

MG overload control is a method used by the MA5606T to detect overload and process newcalls according to a certain algorithm or rule to ensure normal running of the device when someabnormalities cause the call proceeding capability to decline or the proceeding delay to increase.

Purpose

Overload control is used for the following purposes:

l Preventing device overload

l Ensuring the call proceeding quality

l Improving user satisfaction as much as possible

l Ensuring normal running of the device when being overloaded and obtaining the maximumcall processing capability of the device at the same time

Specifications

The MG overload control (H.248) is supported.

l The MG overload control is classified into the following:

– Restriction-level overload: When such overload occurs, the calls with high priority areguaranteed.

– Block-level overload: When such overload occurs, the calls at all levels are rejected.

l Minimum CPU utilization corresponding to the restriction-level overload (unit: %): 30-99

l Minimum CPU utilization corresponding to the block-level overload (unit: %): 31-100

l Maximum occupancy rate of the common-level call channel (unit: %): 1-100

l Maximum occupancy rate of the next highest level call channel (unit: %): 1-100

26 Overload ControlSmartAX MA5606T Multi-service Access Module

Feature Description


Issue 03 (2010-01-28)

Glossary

Table 26-1 Glossary of the overload control feature

Term Description

Leaky bucket algorithm There is a water leak valve at the bottom of the leaky bucketwith a certain capacity. The water that flows from the valve iscalled leak rate. When water flows out, the leaky bucketcasually receives uncertain quantities of water that is pouredinto it. To prevent the liquid in the leaky bucket fromexceeding the capacity of the leaky bucket and over flowing,control the newly poured water according to the leak rate.Based on the preceding leaky bucket model, the leaky bucketalgorithm adjusts the leak rate of the system and control thenew calls entering the system to avoid abnormalities(overflow) in the case of large volume of traffic.


Table 26-2 Acronyms and abbreviations of the overload control feature


MG Media gateway

26.1.2 PrinciplesThis topic describes the working principles of the MG overload control feature.

CallerFigure 26-1 shows the overload control process when the subscriber acts as a caller.



26-3

Figure 26-1 Operating principles for implementing the MG overload control

Y

N

N

N

N

？N

Y

N

Y

Whether does the MGreach the restriction-

level overload?

Whether a commonsubscriber port?

Common call

Return OK

Whether is anemergency call

allowed?

Y

The local plays the dialing toneand receives the number.

Emergency call digitmapmatching

Whether does theemergency call

digitmap match?

Save the subscriber dialing number inthe bffer, and clear the information

about digitmap matching

Report the subscriber off-hookinformation saved in the buffer, and wait

for the MGC to deliver digitmap

？

Whether is overloadnot eliminated or

port not preferred?

Y

Whether does theMG reach the block-

level overload?

The subscriber picks upthe phone.

Return OK

The local plays the busy tone tothe subscriber. Return Failed

Return Failed

Y

The MA5606T adopts the port priority and call priority as the decision criteria of the overloadcontrol. The process of the MG overload control is as follows:

1. The user picks up the phone and then the MG checks whether the overload is block-leveloverload. If yes, the MG directly rejects the call. If not, the MG proceeds with step 2.

2. The MG checks whether the overload is restriction-level overload. If not, the MG proceedswith step 8. If yes, the MG proceeds with step 3.

3. The MG checks whether the user is a common user. If not, the MG proceeds with step 8.If yes, the MG proceeds with step 4.


Feature Description


Issue 03 (2010-01-28)

4. The MG check whether the emergency call is allowed. If yes, the MG plays the dialingtone and receives the phone number, and then proceeds with step 5.

5. The MG checks whether the received phone number matches the emergency call digitmap.If yes, the MG proceeds with step 6. If not, the MG proceeds with step 7.

6. The MG reports the user off-hook information saved in the buffer to the MGC and waitsfor the MGC to deliver the digitmap and then the MG can run the normal process.

7. The MG checks whether the overload is cleared. If not, the MG plays the busy tone to theuser and rejects the call. If yes, the MG proceeds with step 6.

8. The MG enters the normal process of calls.

CalleeThe overload control process when the subscriber acts as the callee is the same as that when thesubscriber acts as the caller, except that after the peer call enters the MG, the MA5606T adoptsonly the call priority as the decision criterion for overload control.

POWER-DIALER ProcessingThe MG overload control adopts the leaky bucket algorithm. The system processing capabilityis supposed to be the leak rate of a leaky bucket and new calls be the water poured into the leakybucket. The water in the leaky bucket flows out when time goes by. If during a period too muchwater is poured into the leaky bucket, causing the water level to exceed the limit of the leakybucket, the system takes measures to reject certain new calls and to maintain the water level ofthe leaky bucket under the security level.

In the case of detection and rejection of the user that frequently and quickly picks up and hangsup the phone, Figure 26-2 shows the principles for processing the POWER-DIALER.



26-5

Figure 26-2 Principles for processing the POWER-DIALER

Subscriber hooks off thephone

Port inthe POWER-DIALER

state?

Yes

No

No

Messagecount exceeds the

threshold?

Message passes

Detectiontime exceeds the

threshold?

During detectiontime, average messages(offhook) exceed the set

value?

Yes

Yes

No

Port turns into POWER-DIALER state

Alarm generated andrecovery timer started

Message discarded andstart/end time refreshed

Yes

Message count plus 1, andmessage discarded

Message count plus 1

No

Detectiontime exceeds the

threshold?

NoMessage passes

Yes

Detection timeexceeds thethreshold?

Yes

No

Message count is setto 1, message passesand start/end time is

refreshed

The overload control process is as follows:

1. The initialization port of the system is not in the POWER-DIALER state.2. The subscriber port reports the hookff or flash pressing message. If the port is already in

the POWER-DIALER state, the message is discarded directly. In the case of an on-hookmessage, the message and the corresponding off-hook message are cleared together.

3. If the port is not in the POWER-DIALER state, statistics measurement is required andwhether the threshold is reached need to be determined.

4. If the port enters the POWER-DIALER state, an alarm is reported, recording the currentstate; the message is not reported, and the status recovery timer is started.

5. If the port does not enter the POWER-DIALER state, the message passes and the statisticsmessage is refreshed.

Off-Hook and On-Hook of the PSTN SubscriberFigure 26-3 shows the overload control process in the case of off-hook and on-hook of the PSTNsubscriber.


Feature Description


Issue 03 (2010-01-28)

Figure 26-3 MG overload control process-Off-hook and on-hook of the PSTN subscriber

Message from PSTN portreceived

Offhook/Onhook/Hooking/Pulse

dialing message?

No

Yes

No

Check message type

Checkthe pending state

Onhookmessage

In OFF-HOOK orON-OFF-HOOKqueue

Offhookmessage

Cleared withthe peermessage

Passed

Hooking message

In offhook state?

Is VAG overloaded?Yes

No

The message passes ifnot in the pending queue;otherwise, it is discarded.

InPOWER

-DIALER

state?

YesDiscarded

No

If it is in the ON-HOOKqueue, enter the ON-OFF-HOOK queue;otherwise, enter theOFF- HOOK queue.

In the case of the ON HOOKqueue, respectively checkwhether the offhook and

onhook messages can passOtherwise, check whetherthe offhook message can

pass.

In ON-HOOK queue

Error messagereturned

Checkwhether it can

pass

Not inthependingqueue

Pulse dialing

Discarded

Yes

In offhook queue?

No

Yes

Passed

The overload control process is as follows:

1. In the case of the messages reported by the subscriber port: The system filters the messagesby message type. Then, the system checks whether the subscriber port is in the POWER-DIALER state. After the port passes the judgment, the system checks whether the port needto enter the Pending state.

2. In the case of the off-hook messages, if the port is already overloaded, the port is added tothe Pending queue to which the port belongs. If the port is not in the Pending state, thesystem determines whether the port passes judgment by using the leaky bucket algorithm.

3. In the case of the on-hook messages, the system pairs one message with another forelimination according the Pending state. After that, the system uses the leaky bucketalgorithm for judgment and the overload control functional module checks the currentoverload state of the system to determine whether the current message is allowed to beprocessed.

4. In the case of the flash-hooking messages, the system checks whether the port is in the off-hook state and whether the off-hook message is in the Pending queue. Only the flash-



26-7

hooking messages that are not in the Pending queue are allowed to pass when the port isin the off-hook state.

5. The messages that are generated in the pulse dialing mode are allowed to pass only whenthe port is not in the Pending queue.

ISDN Subscriber Acting as a Caller

Figure 26-4 shows the overload control process in the case of off-hook and on-hook of the ISDNsubscriber acting as a caller.

Figure 26-4 MG overload control process-ISDN subscriber acting as a caller

Message fromthe ISDNport received

Offhook/Onhookstate of the port

recorded?

Yes

No

No

ISDN port inthe Idle state?

Othermessages

Yes No

In the filter state?Check themessage type

Offhookmessage

Released message

Offhook message?

Yes

Restart the30stimer

Yes

Is it thereleased

message?

Yes

No

Previous offhookmessage rejected?

No

YesReject themessage

The messagepasses

No

Record port state (initialstate:Idle)

In offhook state?Yes

PassNo

The messagepasses

The message passesand set the setupretransmit flag to

false. Clear the port stateand stop the 30s

timer

Pass theleaky bucket?

No

Yes

Set the message state tofilter and start the 10s

timer. The entry is deletedif the start fails.

The message passes,and the port state is

cleared.

Start the 30s timer.entry is deleted if the

start fails.

Compared with the PSTN caller control process, the ISDN caller control process is morecomplicated. This is mainly caused by status judgment. The brief control process is as follows:


Feature Description


Issue 03 (2010-01-28)

1. The messages reported by the ISDN port are processed according to the port status and thereported messages. If the message is the first SETUP message of the port, the messageenters the leaky bucket to determine whether it can pass or not. If the message passes thejudgment, the port message status is recorded as Idle; if the message does not pass thejudgment, the port message status is recorded as Filter.

2. The following messages of the port are judged according to the port status. If the port is inthe Idle state, the messages are allowed to pass and the port message status changesaccording to the message type. If the port is in the Filter state, the messages are not allowedto pass and the port message status changes according to the message type.

Subscriber Acting as a Callee

Figure 26-5 shows the overload control process in the case of off-hook and on-hook of thesubscriber acting as a callee.

Figure 26-5 MG overload control process-subscriber acting as a callee

Network-side message isreceived

YesCan

incoming calls passthrough the leaky

bucket?

The message is rejected

Yes

No

The message passes

The message passes

No

Is the softswitchsupport H248.11?

26.1.3 ReferenceThis topic provides the reference documents of the MG overload feature.

The following lists the reference documents of this feature:l ITU-T.H.248.11 Infrastructure of audiovisual services - Communication procedures

26.2 Upstream Bandwidth Overload ControlThis topic describes the basic feature and working principles of the upstream bandwidth overloadcontrol.

26.2.1 Introduction



26-9

This topic describes the definition, purpose, and specifications of the feature of upstreambandwidth overload control.

26.2.2 PrinciplesThis topic describes the working principles of the feature of upstream bandwidth overloadcontrol.

26.2.1 IntroductionThis topic describes the definition, purpose, and specifications of the feature of upstreambandwidth overload control.

DefinitionWhen the bandwidth traffic on the access side of the MG reaches or exceeds the limit and affectsthe service, calls are restricted by using the bandwidth traffic on the MG side, and the bandwidthoccupied by the current call in the system is calculated to control the call traffic of the MG.

PurposeUpstream bandwidth overload control aims at ensuring the maximum satisfaction of the calluser, and the normal call voice quality.

SpecificationsThe MA5606T supports the following specifications for upstream bandwidth overload control:

l Range of the maximum upstream bandwidth (unit: 100 kbit/s): 2-1000

l Range of the bandwidth reserved for the emergency call (unit: 100 kbit/s): 1-999

26.2.2 PrinciplesThis topic describes the working principles of the feature of upstream bandwidth overloadcontrol.

Calls are divided into two categories when the MG uses the upstream bandwidth for callrestriction:l Category 1: Common calls from the common port subscribers

l Category 2: Calls from the uncommon port subscribers or emergency calls from thecommon port subscribers

When supporting upstream bandwidth overload control, the MG reserves certain bandwidth forthe calls from category 2 subscribers. When the call bandwidth reaches the restriction level, theMG rejects the calls from category 1 subscribers and allows calls from category 2 subscribers.

Figure 26-6 shows the processing on user off-hook in the case of upstream bandwidth overloadcontrol.


Feature Description


Issue 03 (2010-01-28)

Figure 26-6 Processing on user off-hook in the case of upstream bandwidth overload control

User hooks off the phone

Bandwidthcall restriction

enabled?

Insufficientbandwidth?

Uncommon port?

Reservedbandwidth issufficient?

Set the call tagas urgent call

Normal connection

Return OK

Urgent digitmapis configured?

Reservedbandwidth issufficient?

Process for urgent calloffhook

Deliver the busytone to the user

Return Failed

Yes

No

Yes

Yes

Yes

Yes

Yes

No

No

No

No

No

Figure 26-7 shows the processing on the callee in the case of upstream bandwidth overloadcontrol.



26-11

Figure 26-7 Processing on the callee in the case of upstream bandwidth overload control

Enter the process for calleduser

Bandwidth callrestriction enabled?

Insufficientbandwidth?

The callis with high priority or

urgent?

Normal connection

Return OK

Report the insufficientresources error to MGC

Yes

No

Yes

Yes

No

No

26.3 MGC Overload ControlThis topic describes the basic feature and working principles of the MGG overload control.

26.3.1 IntroductionThis topic describes the definition, purpose, and specifications of the MGC overload controlfeature.

26.3.2 PrinciplesThis topic describes the working principles of the MGC overload control feature.

26.3.1 IntroductionThis topic describes the definition, purpose, and specifications of the MGC overload controlfeature.

DefinitionMGC overload refers to the overload generated when the call volume of each area increasesinstantly, or in some abnormal cases, when the MGC processing loading is too heavy. In thiscase, normal calls may even be affected.


Feature Description


Issue 03 (2010-01-28)

PurposeThe MGC overload control aims at preventing the MGC overload, or when the MGC isoverloaded, helping the MGC to restrict its call volume and handle the overload.

SpecificationsBy default, the MA5606T supports this feature. You can enable or disable this feature throughthe CLI.

26.3.2 PrinciplesThis topic describes the working principles of the MGC overload control feature.

Operating Principles of the MGC Overload ControlFigure 26-8 shows the working principles of the MGC overload control.

Figure 26-8 Operating principles of the MGC overload control

MGC

MG 1 MG 2 MG N

The MGC controls each MG through signaling and each MG reports the received call to theMGC for processing. In this case, even if the call volume increase is small for each MG, the callvolume increase may be very large for the MGC, causing the MGC overload.

To prevent the MGC from entering the overload state, the MG's cooperation is required forrestricting the call volume. The MG supports the etsi-nr packet of the MGC to cooperate withthe MGC to restrict the call volume.

When supporting the MGC to restrict user calls, the MG processes the calls according to theuser priority. In the MA5606T, users are divided into three categories (CAT3: common user;CAT2: next highest priority user; CAT3: highest priority user).

If the MA5606T receives the user off-hook message after the MGC overload control is enabledon the MG, based on the user priority and the call pass rate delivered by the MGC, theMA5606T uses the leaky bucket algorithm to determine whether to allow the current call or not.The MG will record the statistics related to the leaky bucket.

Introduction to the etsi_nr PacketThe etsi_nr packet has two attributes. One is notrat that is the maximum number of reported off-hooks in one second, which is controlled by the MG. The other is OffHookNot, which indicates



26-13

whether to report off-hook as well when the MG directly reports the phone number that matchesthe emergency call digitmap. The etsi_nr packet is processed as follows:

l The MG resolves the etsi_nr packet delivered from the MGC. If the etsi_nr packet is notdelivered to the Root node, the MG replies to the softswitch that the H.248 syntax isincorrect.

l The MG processes the two attributes of the etsi_nr packet as follows:– If the softswitch does not issue the packet, the default value of interface notrat is -1.0,

and that of OffHookNot is Required.– If there is the notrat attribute and the attribute value is the correct floating point number,

the packet is processed based on the attribute value as follows:

– If notrat ≥ 0.0, the MG determines based on the leaky bucket algorithm whether toreport the off-hook of the caller to the MGC.

– If notrat < 0.0, the MG uses the static leaky rate that is configured through the CLI.

– If there is the notrat attribute but the attribute value is not the correct floating pointnumber, the H.248 syntax error is returned.

– If there is the OffHookNot attribute, the MG based on the OffHookNot attribute valuesets whether to report the off-hook message saved in the buffer for the emergency callof common users to the MGC.

26.4 Broadband Packets Overload ControlThis topic describes the feature of broadband packets overload control in its introduction,principles, and reference.

26.4.1 IntroductionThis topic provides the definition, purpose, specifications, limitations, glossary, and acronymsand abbreviations of the feature of broadband packets overload control.

26.4.2 PrinciplesThis topic describes the working principles of the feature of broadband packets overload control.

26.4.1 IntroductionThis topic provides the definition, purpose, specifications, limitations, glossary, and acronymsand abbreviations of the feature of broadband packets overload control.

Definition

When a large number of service packets are processed concurrently, the utilization ratio ofsystem resources increases sharply. When the service quantity exceeds the maximum bearingcapability of the system, overload occurs. In this case, without control, the service processingcapability of the system may be below the capability of the idle system, or, even worse, the entiresystem is down. Therefore, the system must have a mechanism for checking whether the systemis overloaded. If it is overloaded, the system discards certain tasks according to rules to reducethe system payload and to ensure that certain services in the system run in the normal state.

There are many methods for overload control. Broadband packets overload control is one ofthem. When the system CPU usage exceeds the threshold, the system discards certain packetsaccording to preset rules.


Feature Description


Issue 03 (2010-01-28)

PurposeThe MA5606T supports broadband and narrowband services concurrently. When the systemtraffic is heavy, the voice service needs to be guaranteed first to ensure the connection of theongoing conversation. Provided that the voice service is guaranteed, the packets of the broadbandservice are processed according to the priority.

Specificationsl The leaky bucket thresholds such as the CPU usage can be set to 30-99. By default, the

first-level threshold is 80 and the second-level threshold is 90.l The leaky bucket adjustment factor can be set to 1-1000. By default, it is 20.

l Each of the eight WRR weights is configurable from 1 to 100.

l For eight WRR queues, the mapping between the 802.1p priority and queue ID isconfigurable.


Nonel License Support

The feature of broadband packets overload control is a basic feature of the MA5606T.Therefore, the corresponding service is provided with no license.

26.4.2 PrinciplesThis topic describes the working principles of the feature of broadband packets overload control.

Packet Processing According to the Queue PriorityVoice packets and management packets have the highest priority. As for other types of packets,queues are created respectively according to the 802.1p priority (0-7), and the packets arescheduled by using the WRR algorithm. You can set the weights for eight queues according toactual requirements. When the system is busy, packets are scheduled to the leaky bucketaccording to the WRR algorithm.

Leaky Bucket Algorithm1. Packets enter the leaky bucket after being processed by the WRR algorithm. Then, the leaky

bucket algorithm helps to determine the packets that are actually processed by the system.2. The function of each leaky bucket parameter is follows:

l Leaky bucket threshold (N): indicates the default system capacity, ranging from 1 to2000. By default, it is 1000, in the unit of number of packets.

l Target control threshold of CPU usage (T1): indicates the upper limit for the systemCPU usage, ranging from 30% to 100%. By default, it is 80%. Its corresponding waterlevel is N1 = N x T1.

l Second-level control threshold of CPU usage (T2): indicates the threshold of the systemresources that are allowed to allocated to each type of service when the current waterlevel of the system exceeds N1, ranging from 30% to 100%. By default, it is 90%. T2≥T1, and the corresponding water level is N2 = N x T2.



26-15

l Current leak rate of the leaky bucket (L): The current leak rate is dynamically adjustedaccording to the CPU usage, ranging from 1 to 2000. By default, it is 800, in the unitof PPS.

l Adjustment factor (S): namely, the adjustment step. The smaller the step, the faster theleak rate is upshifted or downshifted, and the larger the jitter of the leaky bucket. Onthe contrary, the larger the step, the slower the adjustment speed, and the smaller thejitter. The adjustment step ranges from 1 to 1000. By default, it is 20.


Feature Description


Issue 03 (2010-01-28)

A Acronyms and Abbreviations

A

ABR Area Border Router

AC Attachment Circuit

ACL Access Control List

ANCP Access Node Control Protocol

ARP Address Resolution Protocol

AS Autonomous System

ASBR Autonomous System Boundary Router

B

BPDU Bridge Protocol Data Unit

BRAS Broadband Remote Access Server

C

CAC Connection Admission Control

CAR Committed Access Rate

CBR Constant Bit Rate

CBS Committed Burst Size

CC Continuity Check Message

CE Customer Edge

CFM Connectivity Fault Management

CIR Committed Information Rate

CLI Command Line Interface

SmartAX MA5606T Multi-service Access ModuleFeature Description A Acronyms and Abbreviations


A-1

CM Color Mode

CoS Class of Service

CST Common Spanning Tree

CIST Common and Internal Spanning Tree

CSPF Constraint Shortest Path First

D

DHCP Dynamic Host Configuration Protocol

DHCP Relay Dynamic Host Configuration Protocol Relay

DHCP option82 DHCP relay agent option 82

DMT Discrete Multi-Tone

DoS Denial of Service attack

DSLAM Digital Subscriber Line Access Multiplexer

E

EFM Ethernet of First Mile

F

FTTB Fiber To The Building

FTTH Fiber To The Home

FTTx Fiber To The x

FTP File Transfer Protocol

G

GEM GPON Encapsulation Mode

GPON Gigabit-capable Passive Optical Network

GSMP General Switch Management Protocol

H


HQoS Hierarchical QoS

I

ICMP Internet Control Message Protocol

IGMP Internet Group Management Protocol

A Acronyms and AbbreviationsSmartAX MA5606T Multi-service Access Module

Feature Description

A-2 Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 03 (2010-01-28)

IP Internet Protocol

IPoA Internet Protocol Over ATM

IPoE IP over Ethernet

IST Internal Spanning Tree

IWF Interworking Function

L

LB Loopback

LT Linktrace

M

MIB Management Information Base

MSTP Multiple Spanning Tree Protocol

MSTR Multiple Spanning Tree Regions

MSTI Multiple Spanning Tree Instance

N

NTP Network Time Protocol

NRT-VBR Non-Real Time Variable Bit Rate

O

OAM Operations Administration and Maintenance

OAMPDU OAM Packet Data Unit

ODN Optical Distribution Network

OLT Optical Line Terminal

OMCI Optical Network Termination Management and Control Interface

ONU Optical Network Unit

ONT Optical Network Terminal

OPEX Operating Expenditures

OSPF Open Shortest Path First

OSS Operation Support System

P

P2P Point To Point

PBS Peak Burst Size



A-3

PIR Peak Information Rate

PMD Physical Media Dependent

PMS-TC Physical Media Specific Transmission Convergence

PON Passive Optical Network

PSTN Public Switched Telephone Network

PVC Permanent Virtual Channel

PQ Priority Queuing

PTM Packet Transfer Mode

PBO Power Back Off

PITP Policy Information Transfer Protocol

PPPoA Point to Point Protocol over ATM Adaptation Layer 5

PPPoE Point-to-Point Protocol over Ethernet

PVP Permanent Virtual Path

Q

QinQ 802.1Q in 802.1Q

QoS Quality of Service

R

RAIO Relay Agent Information Option

RDI Remote Default Indication

RFI Radio Frequency Interference

RIP Routing Information Protocol

RSTP Rapid Spanning Tree Protocol

RT-VBR Real Time Variable Bit Rate

S

SFTP Secure File Transfer Protocol

SNMP Simple Network Management Protocol

SSH Secure Shell

STP Spanning Tree Protocol


SHDSL.bis Single-line high speed digital subscriber line.bis

A Acronyms and AbbreviationsSmartAX MA5606T Multi-service Access Module

Feature Description

A-4 Huawei Proprietary and ConfidentialCopyright © Huawei Technologies Co., Ltd.

Issue 03 (2010-01-28)

SPF Shortest Path First

SSM Specific Source Multicast

T

T-CONT Transmission Containers

TC-PAM Trellis Coded Pulse Amplitude Modulation

TDM Time Division Multiple

TDMA Time Division Multiple Access

TDMoGEM TDM over GEM

TFTP Trivial File Transfer Protocol

TLV Type, Length, Value

ToS Type of Service

trTCM Two Rate Three Color Marker

U

UBR Unspecified Bit Rate

V

VBAS Virtual Broadband Access Server

VLAN Virtual LAN

W

WRR Weighted Round Robin

X

xDSL x Digital Subscriber Line



A-5

Documents

MA5606T Feature Description(V800R006C02_03)