Huawei Campus Switch includes S1700, S2300, S2700, S3300, S3700, S5300, S5700, S600-E, S6300, S6700, S7700, S7900, S9300, S9300X, S9700, S12700 Series. In this article, HongTelecom will introduce the Huawei S9700 series switches.
The S9700 series core routing switches (S9700 for short) are high-end switches designed for service integration in next-generation campus networks and data centers. Based on Huawei Versatile Routing Platform (VRP), the S9700 switches provide high-performance L2/L3 switching and integrate a range of services, such as MPLS VPN, hardware IPv6, desktop cloud, video conferencing, and wireless access. They also provide a variety of reliability technologies including in-service software upgrade, non-stop forwarding, hardware OAM/BFD, and ring network protection. These improve the network efficiency and maximize the normal operation time, thereby reducing the total cost of ownership (TCO).
The S9700 comes in the following models: S9703, S9706, and S9712. These models support a maximum of 3, 6, and 12 line processing units (LPUs), respectively.
S9700 Product Characteristics
Agile Switch for Agile Networks
- With the native AC capability, the S9700 series allows enterprises to build a wireless network without additional hardware AC devices. The T-bit AC capability avoids performance bottlenecks on independent AC devices and can help organizations better cope with challenges in the high-speed wireless era.
- The S9700 series' unified user management function authenticates both wired and wireless users, ensuring a consistent experience of wired and wireless users. The S9700 supports various authentication methods, including 802.1X, MAC address, and Portal authentication, and can manage users based on user groups, domains, and time ranges. These facilitate user and service management and enable a transformation from device-centered to user-centered management.
- Super Virtual Fabric (SVF) technology can virtualize fixed switches into line cards of an S9700 switch and virtualize APs into switch ports. With this technology, a physical network with core/aggregation switches, access switches, and APs can be virtualized into one logical switch, offering the simplest network management solution.
- Packet Conservation Algorithm for Internet (iPCA) technology can monitor network quality for any service flow at any network node, anytime, without extra costs. It can detect temporary service interruptions within 1 second and accurately identify faulty ports. This cutting-edge fault detection technology allows for fine granular management.
- The service chaining function can orchestrate value-added service capabilities, such as firewall, antivirus expert system (AVE), and application security gateway (ASG). Then these capabilities can be used by campus network entities (such as switches, routers, AC, AP, and terminals), regardless of physical locations. The service chaining function supports more flexible value-added service deployment and reduces equipment and maintenance costs.
- The S9700 series supports IEEE 1588v2 and Synchronous Ethernet (SyncE), meeting the high-precision synchronization requirements of network systems.
Innovative CSS Technology
The S9700 supports switch fabric clustering and service port clustering using cluster switching system (CSS) technology. CSS technology virtualizes two physical switches into one logical device that has higher reliability, switching efficiency, flexibility and is easier to manage.
- High reliability: Through hot backup of routes, all control plane and data plane information is backed up and forwarded continuously at Layer 3, which significantly improves device reliability and performance.
- Switching efficiency: Inter-chassis link aggregation can be used to eliminate single-point failures and prevent service interruption.
- Flexibility: Service ports can be used as CSS ports so that CSS members can be connected using optical fibers. This expands the distance between member switches substantially.
- Easy management: The CSS member switches are managed using one IP address, which simplifies device and topology management, improves the operation efficiency, and reduces maintenance costs.
All the key components of the S9700, including MPUs, power modules, and fans, use a redundant design to ensure stable network operation. In addition, the S9700 provides the following functions to enhance network reliability:
- The S9700 supports hardware-based BFD for protocols such as static routing, RIP, OSPF, BGP, ISIS, VRRP, PIM, and MPLS. Hardware-based BFD greatly improves network reliability.
- The S9700 supports hardware-based Ethernet OAM, including comprehensive EEE802.3ah, 802.1ag, and ITU-Y. 1731 implementations. Hardware-based Ethernet OAM can collect accurate network parameters, such as transmission latency and jitter, to help customers monitor network operating status in real time and to realize quick detection, location, and switching when a network fault occurs.
- The S9700 supports graceful restart to realize non-stop forwarding and supports non-stop routing, ensuring reliable and high-speed operation of the entire network.
Multi-Service Switching Platform
The S9700 uses a multi-service routing and switching platform and can provide wireless, voice, video, and data services, helping to build a highly available, low-latency, and multi-service network.
- Distributed L2/L3 MPLS VPN functions: The S9700 supports Multiprotocol Label Switching (MPLS), virtual private LAN service (VPLS), hierarchical VPLS (HVPLS), and virtual leased line (VLL), providing secure access for enterprise VPN users.
- L2/L3 multicast protocols: The S9700 supports Protocol Independent Multicast Sparse Mode (PIM SM), PIM Dense Mode (DM), Multicast Listener Discovery (MLD), and Internet Group Management Protocol (IGMP) snooping. These multicast protocols ensure high-quality HD video surveillance and video conferencing services.
- Multiple routing protocols: The S9700 can provide routes for enterprises of almost any size. In addition, its IPv6 capability enables a seamless migration to IPv6.
Powerful Network Traffic Analysis
The S9700 supports NetStream and V5/V8/V9 packet formats. NetStream supports aggregation traffic templates, real-time traffic sampling, dynamic report generation, traffic attribute analysis, and traffic alarms. Traffic statistics logs are sent to both master and backup servers to prevent data loss. This function helps to monitor operating status and traffic model on the entire network. It also provides fault prediction, effective fault recovery, fast problem handling, as well as security monitoring, to help you optimize network structure and adjust service deployments.
Excellent Security Design
- The S9700 supports MAC security (MACSec) that enables hop-by-hop secure data transmission. Therefore, the S9700 can be applied to scenarios that pose high requirements on data confidentiality, such as government and finance sectors.
- NGFW is a next-generation firewall card that can be installed on an S9700. In addition to the traditional defense functions such as firewall, identity authentication, and Anti-DDoS, the NGFW supports IPS, antispam, web security, and application control functions.
- The S9700 provides comprehensive NAC solutions for enterprise networks. It supports MAC address authentication, portal authentication, 802.1x authentication, and DHCP snooping-triggered authentication. These authentication methods ensure security of various access modes such as dumb terminal access, mobile access, and centralized IP address allocation.
- The S9700 is the industry leader in integrated security solutions. It uses a 2-level CPU protection mechanism, and protects the CPU by separating the data plane and control plane. Additionally, the S9700 defends against DoS attacks and unauthorized access, and prevents control plane overloading.
High-Performance IPv6 Service Support
Both the S9700 hardware platform and software platform support IPv6, and the S9700 has received the IPv6 Ready Phase 2 (Gold) designation. The S9700 enables seamless migration to IPv6 with the following features:
- IPv6 unicast routing protocols, including static routing, RIPng, OSPFv3, IS-ISv6, and BGP4+
- IPv6 multicast protocols, including MLD v1/v2, MLD snooping, and PIM-SM/DMv6
- IPv4-to-IPv6 technologies that ensure seamless migration from IPv4 to IPv6, including IPv6 manual tunnel, 6-to-4 tunnel, Intra-site Automatic Tunnel Addressing Protocol (ISATAP) tunnel, Generic Routing Encapsulation (GRE) tunnel, and IPv4-compatible automatic tunnel
Innovative Energy Saving Design
The S9700 uses a left-to-back airflow design to improve heat dissipation efficiency. In addition, it uses a variable-current chip to dynamically adjust the power depending on traffic, reducing the chassis power consumption by 11%. Energy-saving technologies of the S9700 include:
- Port sleeping: Idle ports enter the sleeping state to reduce power consumption.
- Intelligent fan-speed adjustment: Fans are grouped into multiple zones and the fan speed in each zone is adjusted independently based on service loads. This technology lowers power consumption, reduces noises, and extends the service life of the fans.
- Energy Efficient Ethernet (IEEE 802.3az): Transceivers on line cards can quickly transition to the lower power idle state to reduce power consumption when no traffic is being transmitted.
As a world leading Huawei networking products supplier, Hong Telecom Equipment Service LTD(HongTelecom) keeps regular stock of Huawei router and switch and all cards at very good price, also HongTelecom ship to worldwide with very fast delivery.
For related articles, visit the HongTelecom Blog and HongTelecom WordPress.
For real pictures of related product, visit the HongTelecom Gallery.
To buy related product, visit the HongTelecom Online Shop.