The S9700 series terabit routing switches are high-end switches designed for next-generation campus networks and data centers to implement service aggregation.
Based on the Huawei Versatile Routing Platform (VRP), the S9700 provide high L2/L3 switching capabilities and integrate diversified services such as MPLS VPN, hardware IPv6, desktop cloud, video conferencing, and wireless access. In addition, the S9700 also provide a variety of reliability technologies including non-stop forwarding, hardware OAM/BFD, and ring network protection. These technologies improve customers’ network operation efficiency, maximize the device running time, and reduce customers’ Total Cost of Ownership (TCO).
An S9700 switch can be upgraded to an agile switch when it is equipped with X2S/X2E/X2H/X1E cards, the line cards with Huawei’s first Ethernet Network Processor (ENP). Agile switches allow customers to innovate their networks.
The S9700 series is available in three models: S9703, S9706, and S9712.
Agile switch, enabling networks to be more agile for services
- The S9700 series’ native AC capabilities allow enterprises to build a wireless network without additional AC hardware. Each S9700 switch can manage up to 2,048 APs and 32,768 users. It is a core switch that provides T-bit AC capabilities, avoiding the performance bottleneck on independent AC devices. The native T-bit AC capabilities help organizations better cope with challenges in the high-speed wireless era.
- The S9700 series’ unified user management function authenticates both wired and wireless users, ensuring a consistent user experience no matter whether they are connected to the network through wired or wireless access devices. The unified user management function supports various authentication methods, including 802.1x, MAC address, and Portal authentication, and is capable of managing users based on user groups, domains, and time ranges. These functions control user and service management and enable the transformation from device-centered management to user-centered management.
- Packet Conservation Algorithm for Internet (iPCA) changes the traditional method that uses simulated traffic for fault location. iPCA technology monitors network quality for any service flow at any network node, at any time, and without extra costs. It can detect temporary service interruptions within one second and can identify faulty ports accurately. This cutting-edge fault detection technology turns “extensive management” into “finely-granular management.”
- Super Virtual Fabric 2.0 (SVF 2.0) technology can not only virtualize fixed-configuration switches into S9700 switch line cards but also can virtualize APs as switch ports. With this virtualization technology, a physical network with core/aggregation switches, access switches, and APs can be virtualized into a “super switch”, offering the simplest network management solution.
- The S9700 series’ Service Chain function can virtualize value-added service capabilities, such as next-generation firewall. Then these capabilities can be used by campus network entities (such as switches, routers, ACs, APs, and terminals), regardless of their physical locations. Service Chain provides a more flexible value-added service deployment solution, which reduces equipment investment and maintenance costs.
- The S9700 series supports IEEE 1588 v2 and Synchronous Ethernet (SyncE), meeting the high-precision synchronization requirements of network systems.
Innovative CSS technology
- The S9700 switches support switch fabric clustering and service port clustering through Cluster Switching System (CSS) technology. CSS technology virtualizes multiple physical switches into one logical device that has higher reliability, switching efficiency, and flexibility and is easier to manage.
- High reliability: Through hot-backup of routes, all control plane and data plane information is backed up and forwarded continuously at Layer 3, which significantly improves the reliability and performance of the device. Inter-chassis link aggregation can also be used to eliminate single-point failure and prevent service interruption.
- Flexibility: Service ports can be used as cluster ports so that cluster members can be connected through optical fibers. This expands the clustering distance substantially.
- Easy management: The member switches in a cluster are managed using the same IP address, which simplifies network device and topology management, improves operation efficiency, and reduces maintenance costs.
- All the key components of the S9700s (including MPUs, power supply units, and fans) use a redundant design, and all modules are hot-swappable to ensure stable network operation.
- The S9700s support hardware-based BFD for protocols such as static routing, RIP, OSPF, BGP, ISIS, VRRP, PIM, and MPLS. Hardware-based BFD greatly improves network reliability.
- The S9700s support High-speed Self Recovery (HSR) technology. Using Huawei’s ENP cards, the S9700 implements end-to-end IP MPLS transmission network protection switchover within 50 ms, improving network reliability.
- The S9700s support hardware-based Ethernet OAM, including comprehensive IEEE 802.3ah, 802.1ag, and ITU-Y.1731 implementations. Hardware-based Ethernet OAM can collect accurate network parameters, such as transmission latency and jitter, to help customers monitor network operating status in real time and to realize quick detection, location, and switching when a network fault occurs.
- The S9700 supports graceful restart to realize non-stop forwarding and supports non-stop routing, ensuring reliable and high-speed operation of the entire network.
Powerful service processing capability
- The S9700s’ multi-service routing and switching platform meets requirements for service transmission at the access layer, aggregation layer, and core layer of enterprise networks. The S9700 provides wireless access, voice, video, and data services, helping enterprises build an integrated full service network with high availability and low latency.
- The S9700s support distributed Layer 2/Layer 3 MPLS VPN functions, MPLS, VPLS, HVPLS, and VLL. These functions allow enterprise users to connect to the enterprise network through VPNs.
- The S9700s support many Layer 2/Layer 3 multicast protocols such as PIM SM, PIM DM, PIM SSM, MLD, and IGMP snooping, to support multi-terminal high-definition video surveillance and video conferencing services.
- The software platform provides various routing protocols and supports large routing tables for both SME networks and large-scale multi-national company networks. Moreover, it supports IPv6, allowing an enterprise network to smoothly migrate to IPv6.
Powerful network traffic analysis
- The S9700 switches support Netstream and V5/V8/V9 packet formats. The Netstream feature supports aggregation traffic template, real-time traffic collection, dynamic report generation and traffic attribute analysis, and traffic exception report. The S9700s send traffic statistics logs to master and backup servers to avoid data loss. The S9700s can realize real-time network monitoring and the traffic analysis of the entire network. They also provide applications and analysis including fault pre-detection, effective fault rectification, fast problem handling, and security monitoring, to help customers optimize network structure and adjust service deployment.
Comprehensive security measures
- The S9700s support MAC security (MACSec) that enables hop-by-hop secure data transmission. Therefore, the S9700s can be applied to scenarios that pose high requirements on data confidentiality, such as government and finance sectors.
- NGFW is a next-generation firewall card that can be installed on an S9700. In addition to the traditional defense functions such as firewall, identity authentication, and Anti-DDoS, the NGFW supports IPS, anti-spam, web security, and application control functions.
- The S9700s provide comprehensive NAC solutions for enterprise networks. They support MAC address authentication, portal authentication, 802.1x authentication, and DHCP snooping-triggered authentication. These authentication methods ensure security of various access modes such as dumb terminal access, mobile access, and centralized IP address allocation.
- The S9700s are the industry leader in integrated security solutions. It uses a 2-level CPU protection mechanism, and protects the CPU by separating the data plane and control plane. Additionally, the S9700s defend against DoS attacks and unauthorized access, and prevents control plane overloading.
Comprehensive IPv6 solution
- The S9700s software and hardware platforms support IPv6 and the S9700s have been granted an IPv6 Network Access License and the IPv6 Ready Logo Phase 2 Certification from the Ministry of Industry and Information Technology.
- The S9700 series supports various IPv6 unicast routing protocols (such as IPv6 static routing, RIPng, OSPFv3, IS-ISv6, and BGP4+) and multicast features (such as MLDv1/v2, MLD snooping, PIM-SM/DMv6, and PIM-SSMv6), which provides customers with comprehensive IPv4/IPv6 solutions.
- The S9700 switches support various IPv4-to-IPv6 technologies: IPv6 manual tunnels, 6-to-4 tunnel, ISATAP tunnel, GRE tunnel, and IPv4-compatible automatic tunnels. These technologies ensure smooth transition from an IPv4 network to an IPv6 network.
Innovative energy conservation
- The S9700s use a rotating ventilation channel to improve heat dissipation efficiency. In addition, they use a variable current chip to dynamically adjust the power according to traffic. Ports can go into a sleeping state when there is no traffic to reduce power consumption.
- The S9700 series uses intelligent fan-speed adjustment technology. The fan module monitors and controls the temperature in each zone, and adjusts the fan speed of each zone individually. This technology extends the service life of each fan and reduces power consumption.
- The S9700 switches support IEEE 802.3az Energy Efficient Ethernet, provide a low-power idle mode for the PHY line card, and switch to a lower power state during low link utilization.
|Switching Capacity||2.88 Tbit/s; 5.76 Tbit/s||6.72 Tbit/s; 14.72 Tbit/s||8.64 Tbit/s; 18.56 Tbit/s|
|Packet Forwarding Rates||2,160 Mpps||2,880 Mpps/5,040 Mpps||3,840 Mpps/6,480 Mpps|
|Wireless Network Management||Native AC|
|AP access control, AP region management, and AP profile management|
|Radio profile management, uniform static configuration, and centralized dynamic management|
|Basic WLAN services, QoS, security, and user management|
|User Management||Unified user management|
|802.1x, MAC address, and Portal authentication|
|Traffic- and time-based accounting|
|User authorization based on user groups, domains, and time ranges|
|iPCA Quality Awareness||Marking real service packets to obtain real-time count of dropped packets and packet loss ratio|
|Counting number of dropped packets and packet loss ratio on devices and L2/L3 networks|
|SVF Virtualization||Virtualizing Access Switches (ASs) and APs into one logical device to simplify management and maintenance|
|Two layers of ASs allowed in an SVF system|
|Third-party devices allowed between SVF parent and clients|
|VLAN||Access, trunk, and hybrid interfaces supported|
|QinQ and selective QinQ|
|MAC address-based VLAN assignment|
|MAC Address||Automatic learning and aging of MAC addresses|
|Static, dynamic, and blackhole MAC address entries|
|Packet filtering based on source MAC addresses|
|MAC address limiting based on ports and VLANs|
|STP/ERPS||STP (IEEE 802.1d), RSTP (IEEE 802.1w), and MSTP (IEEE 802.1s)|
|BPDU protection, root protection, and loop protection|
|IP Routing||IPv4 routing protocols, such as RIP, OSPF, BGP, and IS-IS|
|IPv6 dynamic routing protocols, such as RIPng, OSPFv3, ISISv6, and BGP4+|
|Multicast||IGMP v1/v2/v3, IGMP v1/v2/v3 snooping|
|PIM-SM, PIM-DM, PIM-SSM|
|Multicast traffic control|
|Multicast protocol packet suppression|
|Supports MPLS VPN/VLL/VPLS|
|Reliability||LACP and E-Trunk|
|VRRP and BFD for VRRP|
|BFD for BGP/IS-IS/OSPF/static route|
|NSR, NSF, and GR for BGP/IS-IS/OSPF/LDP|
|TE FRR and IP FRR|
|Ethernet OAM (IEEE 802.3ah and 802.1ag) (hardware-based)|
|QoS||Traffic classification based on Layer 2 headers, Layer 3 protocols, Layer 4 protocols, and 802.1p priority|
|Actions of ACL, CAR, re-mark, and schedule|
|Queue scheduling algorithms, such as SP, WRR, DRR, SP + WRR, and SP + DRR|
|Congestion avoidance mechanisms, such as WRED and tail drop|
|Network Synchronization||Ethernet synchronization|
|Configuration and Maintenance||Console, Telnet, and SSH login|
|Network management protocols, such as SNMP v1/v2/v3|
|File uploading and downloading using FTP and TFTP|
|BootROM upgrade and remote upgrade|
|User operation logs|
|Security and Management||802.1x authentication and portal authentication|
|RADIUS and HWTACACS authentication for login users|
|Command line authority control based on user levels, preventing unauthorized users from using commands|
|Defense against DoS attacks, TCP SYN Flood attacks, UDP Flood attacks, broadcast storms, and heavy traffic attacks|
|1K CPU queues|
|Ping and traceroute functions based on ICMP packets|
|Supports remote network monitoring|
|Interoperability||Interoperable with VBST (compatible with PVST/PVST+/RPVST)|
|Interoperable with LNP (similar to DTP)|
|Interoperable with VCMP (similar to VTP)|
|Energy Saving||Supports IEEE 802.3az: Energy Efficient Ethernet (EEE)|
|Dimensions (H x W x D)||175 mm x 442 mm x 489 mm, 4U||441.7 mm x 442 mm x 489 mm, 10U||663.95 mm x 442 mm x 489 mm, 15U|
|Chassis Weight (empty)||11 kg||29 kg||37 kg|
|Operating Voltage||DC: –40V to –72V
AC: 90V to 290V
|Equipment Power Supply Capability||2,200W||4,400W||6,600W|
*: The S9700s support the NGFW and IPS cards. For more specification information, see the brochures of the cards.
S9700 basic configuration
LE2BN66ED000 N66E DC Assembly Rack (Eight 60A Outputs, maximum 2,200W per output, 600 mm x 600 mm x 2,200 mm)
LE0BN66EAC N66E AC Assembly Rack (Eight 10A Outputs, maximum 1,600W per output, 600 mm x 600 mm x 2,200 mm)
LE2BN66EA000 N66E AC Assembly Rack (Four 16A Outputs, maximum 2,500W per output, 600 mm x 600 mm x 2,200 mm)
EH1BS9703E00 S9703 assembly chassis
EH1BS9706E00 S9706 assembly chassis
EH1BS9712E00 S9712 assembly chassis
EH1M00FBX000 Wide Voltage 74 Fan Box
Monitoring Unit (Sustain FCC)
EH1D200CMU00 Centralized monitoring unit
EH1D2MCUAC00 S9703 MCUA-clock (Sustain FCC)
EH1D2SRUDC00 S9706/S9712 SRUD-clock
EH1D2SRUC000 S9706/S9712, Main Control Unit C, Option clock
EH1D2VS08000 8-port 10G Cluster Switching System Service Unit (SFP+)
LE0D00CKMA00 Clock Pinch Board-1588Service Processing Unit (Sustain FCC)
ET1D2FW00S00 NGFW Module A, with HW General Security Platform Software
ET1D2FW00S01 NGFW Module B, with HW General Security Platform Software
ET1D2FW00S02 NGFW Module C, with HW General Security Platform Software
ET1D2IPS0S00 IPS Module A, with HW General Security Platform Software
ACU2 WLAN ACU2 Access Controller Unit (128 AP Control Resource Included)
Power Supply Unit
W2PSA0800 800W AC Power Module (black)
IN6W18L10A AC Power Distribution Unit (Eight 800W Outputs, including power cable)
PAC-2200WF 2,200W AC Power Module
IM1W24APD AC Power Distribution Unit (Four 2,200W Outputs, including power cable)
W2PSD2200 2,200W DC Power Module (black)
EH1M00PDBS01 DC Power Distribution Unit (Eight 2,200W Outputs, including power cable)
ES0SMS279700 S9700 Basic SW, V200R007
ES0SMS289700 S9700 Basic SW, V200R008
EH1SMS299700 S9700 Basic SW, V200R009
EH1SMS2A9700 S9700 Basic SW, V200R010
EH1SMS2B9700 S9700 Basic SW, V200R011
EH1SMPLS0000 MPLS Function License
EH1SNQA00000 NQA Function License
EH1SIPV60000 IPv6 Function License
EH1SSVFF0000 SVF Function License (applicable only to the S9700 series)
EH1SFIB128K0 X-series LPU FIB Resource License-128K
EH1SFIB512K0 X-series LPU FIB Resource License-512K
EH1SWL512AP0 WLAN Access Controller AP Resource License-512AP (with the X-series LPU used)
EH1SWL128AP0 WLAN Access Controller AP Resource License-128AP (with the X-series LPU used)
EH1SWL64AP00 WLAN Access Controller AP Resource License-64AP (with the X-series LPU used)
EH1SWL16AP00 WLAN Access Controller AP Resource License-16AP (with the X-series LPU used)
L-ACU2-128AP ACU2 Wireless Access Controller AP Resource License (128 AP)
L-ACU2-256AP ACU2 Wireless Access Controller AP Resource License (256 AP)
L-ACU2-384AP ACU2 Wireless Access Controller AP Resource License (384 AP)
EH1IV2RAC0E0 S9700 Series Switches V200R010C00 Product Documentation
ES1IV2RBC0E0 S9700 Series Switches V200R011C10 Product Documentation
As a world leading Huawei networking products supplier, Hong Telecom Equipment Service LTD(HongTelecom) keeps regular stock of Huawei S5300/ S2300/ S9300/ S1700/ S2700/ S5700/S6720/ S7700/ S9700/ S12700 all cards at very good price, also Hong Telecom Equipment Service LTD ship to worldwide with very fast delivery.