HUAWEI NetEngine5000E is a large-capacity, high-performance router designed by Huawei according to the requirements of carrier-grade reliability.
Condition: NOB
RMA Warranty
Description
The operating system adopts the powerful Versatile Routing Platform (VRP), which has the characteristics of strong switching capacity, large port density and high reliability. It is mainly positioned as the super core node of the operator’s backbone network, the core node of the metropolitan area network, the egress node of the large IDC (Internet Data Center) and the core of the large enterprise network.
The multi-frame cluster router is mainly positioned as the super core node of the backbone network, supporting three-layer routing and MPLS forwarding. Among them, the central switching frame is used as the second-level switching module and routing engine module in the three-level switching system, and the line card frame is used as the first-level and third-level switching module and forwarding module.
Features
Powerful forwarding capability
The NE5000E series uses a hardware forwarding engine, which can implement full-duplex line-speed forwarding (including IPv4/IPv6/MPLS) on all interfaces and support ACL-based line-speed forwarding.
The NE5000E series implements line-speed multicast forwarding, and the hardware completes two-level replication: the switching network board is replicated to the interface board and the forwarding engine is replicated to the interface.
The interface board can support message buffering to avoid packet loss when instantaneous burst traffic occurs.
Perfect QoS mechanism
The NE5000E series has comprehensive QoS (Quality of Service) capabilities, including:
- Traffic classification based on rules, including Layer 2 rules, Layer 3 rules, and MPLS rules.
- Differentiated services: supports identifying traffic priorities and providing differentiated services based on DSCP, EXP, 802.1p, and IP priority.
- Traffic marking: Modify the DSCP, EXP, 802.1p, and IP priority of specific data flows according to predefined policies to increase or decrease the priority of data flows.
- Traffic policing can be used to regulate all traffic on a specified port or specific traffic on a specified port to limit traffic.
- Congestion avoidance: supports discarding packets in a queue through tail drop or WRED drop algorithm to prevent queue overflow.
- Congestion management provides PQ and WFQ queue scheduling algorithms, which can ensure scheduling fairness and ensure that high-priority services are served first, and can meet the scheduling needs of various business combinations.
The perfect QoS mechanism guarantees different delays, jitters, bandwidths and packet loss rates for different services, ensuring the development of carrier-class services such as VoIP (Voice over IP) and IPTV, and adapting to the development requirements of multi-service IP networks.
Careful safety design
The NE5000E series provides a variety of security measures to protect data for service providers and end users of the network. This includes a series of security features that can prevent denial of service attacks, illegal access, and overload of the control plane. The NE5000E series with a distributed design ensures a natural separation between the data plane and the control plane, providing industry-leading security performance.
Key safety features include:
- Supports three user authentication modes: local authentication, RADIUS server authentication, and HWTACACS server authentication, which can verify user identities and perform reasonable authorization.
- Supports hardware-based packet filtering and attack message sampling to achieve high performance and high scalability.
- Supports OSPF, IS-IS, RIP, BGP-4 and other upper-layer routing protocols, and provides multiple authentication methods such as plain text authentication and MD5 (Message Digest 5).
To ensure better security, it is recommended not to use the MD5 algorithm. Within the range of encryption algorithms supported by the protocol, it is recommended to use the HMAC-SHA256 algorithm.
- Supports access control lists (ACLs) based on forwarding and control planes.
- Supports Unicast Reverse Path Forwarding (URPF), which can check the validity of the source address of local packets and discard illegal packets.
- 支持GTSM(Generalized TTL Security Mechanism)。
- Supports BGP Flow Specification, and can clean device traffic through the ACL policy carried by BGP or the local policy matching the routing attributes learned by BGP.
Complete IPv4/IPv6 solution
The NE5000E series fully supports the dual-stack working mode of IPv4 (Internet Protocol version 4) and IPv6 (Internet Protocol version 6), providing complete IPv6 features and a solution for smooth migration from IPv4 networks to IPv6 networks.
- Supports multiple IPv6 over IPv4 tunnels.
- The routing table/forwarding table is large enough to not only meet the high resource consumption requirements of VPN PE (Virtual Private Network, Provider Edge) applications, but also meet the future business expansion.
- Supports IPv4/IPv6 and MPLS (Multi-Protocol Label Switching) distributed forwarding and has strong routing capabilities.
- Supports three cross-domain VPN scenarios: Option A, Option B, and Option C.
Intelligent Connection Based on SRv6
SRv6 is a new generation of minimalist protocol for the future. It naturally supports IPv6 and meets the access requirements of massive address space. SRv6+controller realizes cloud scheduling network, and services can be automatically activated in minutes after one jump into the cloud. SRv6 can identify applications and tenants, realize intelligent routing such as latency and bandwidth, and guarantee SLA. At the same time, SRv6 implements a unified protocol and simplifies configuration.
Carrier-grade high reliability and manageability
The NE5000E series chassis is designed based on carrier-grade design and supports hot swapping of boards. It can be installed in N68E cabinets and 19-inch standard cabinets.
At the same time, the NE5000E series also provides a powerful monitoring system. The main control module enables management and maintenance of the entire system. The main control module can manage, monitor and maintain the single board, fan and power distribution module.
The NE5000E series fully meets the EMC (Electro Magnetic Compatibility) requirements. The system adopts a module-level design to achieve EMC isolation between boards.
The NE5000E series fully meets the high reliability requirements of telecom-class high-end products. In terms of system design and implementation, the NE5000E series provides the design and mechanism shown in the table to ensure high reliability.
| project | describe | |
|---|---|---|
| System protection mechanism | Central switching frame centrally manages all devices in the system (multi-frame cluster system) | |
| The central switching frame supports debugging and diagnosis functions for line card frames (multi-frame cluster system) | ||
| Boards, power modules and fans support hot swapping | ||
| The main processing unit (MPU) in each frame adopts 1:1 redundancy backup | ||
| Redundant backup of key components such as power supply, fan, clock, management bus, etc. | ||
| Abnormal protection |
|
|
| The power supply and interface parts have over-current and over-voltage protection | ||
| Provides protection against mis-insertion of boards to avoid malfunctions caused by inserting them into the wrong slots | ||
| Alarm monitoring |
|
|
| Reliability Design | The control channel is separated from the business channel to ensure smooth operation of the control channel | |
| It has complete system and board fault detection, indicator lights and network management alarm functions | ||
| Reliability design of inter-frame management channels in multi-frame cluster systems: prioritize handshake signals between two frames; handshake signal protocol reports have confirmation and retransmission mechanisms; provide overload detection function for inter-frame control channels; provide control channel abnormality alarm reporting functions, etc. | ||
| Upgraded high reliability |
|
|
| Fault-tolerant design | Data backup | Data hot backup is realized between the main and backup units. When the main unit fails, it can automatically switch to the backup unit without causing data or information loss. |
| Support automatic upgrade and automatic recovery of BOOTROM program | ||
| Supports backing up configuration files to a remote FTP (File Transfer Protocol) server | ||
| Supports automatic selection and running of the correct configuration file | ||
| Provides system software abnormality monitoring function, capable of automatically recovering and saving corresponding records | ||
| Operational safety | Provide password protection for system operations | |
| Supports hierarchical protection of commands by configuring user levels and command levels | ||
| Supports locking the currently configured terminal through commands to prevent illegal use of the terminal | ||
| Providing prompts for improper operations, such as: prompting the user whether to continue the operation for important commands that affect system performance. The execution of the operation requires further confirmation from the user. | ||
| Operation and Maintenance Center | Adopting the universal integrated network management platform independently developed by Huawei | |
Flexible VS functions
VS (Virtual System) is an important feature of the new generation of IP bearer equipment, which plays a positive role in the unified operation of services and reducing CAPEX/OPEX. Using VS technology, a large physical router PS (Physical System) can be divided into multiple separate small VSs to improve asset allocation.
- Reduce operational CAPEX and OPEX.
- Promote network flattening.
- Multi-service network.Different services in the network are deployed on different VSs to form a multi-service network.Form a logical business network, isolate various businesses, and improve security and reliability.
- New business verification.By dividing VS on the existing network, new services such as IPv6 and video services can be verified.Business isolation has no impact on existing network applications.
Complete L2VPN solution
MPLS L2VPN: It is to transparently transmit the user’s Layer 2 data on the MPLS network. From the user’s perspective, this MPLS network is a Layer 2 switching network, through which Layer 2 connections can be established between different sites. MPLS L2VPN includes VPLS and VPWS.
VPWS (Virtual Private Wire Service): refers to a Layer 2 service bearer technology that simulates the basic behaviors and characteristics of Ethernet, SONET (Synchronous Optical Network)/SDH (Synchronous Digital Hierarchy) and other services as realistically as possible in a packet switching network (PSN). It is a point-to-point L2VPN service provided in a public network. VPWS can make the connection between two sites as effective as a direct line connection, but it cannot directly perform multi-point exchange at the service provider.
VPLS connects multiple Ethernet LAN segments through a packet switching network (PSN) to make them work like a single LAN. VPLS is also called Transparent LAN Service (TLS) or Virtual Private Switched Network Service (Virtual Private Switched Network Service). Different from the point-to-point services of ordinary L2VPN, using VPLS technology, service providers can provide users with Ethernet-based multi-point services through the MPLS backbone network.
Flexible configuration rollback function
Configuration rollback is an important configuration management function for network equipment operation and maintenance, and plays an important role in maintaining existing network equipment. Configuration rollback can reduce the user operation error rate and improve the user’s efficiency in maintaining equipment configuration.
Dylan (verified owner) –
Very fast delivery.