Page 1
S5700 Series Ethernet Switches
Product Description
Issue 18
Date 2016-11-09
HUAWEI TECHNOLOGIES CO., LTD.
Page 2
Copyright © Huawei Technologies Co., Ltd. 2016. All rights reserved.
No part of this document may be reproduced or transmitted in any form or by any means without prior written
consent of Huawei Technologies Co., Ltd.
Trademarks and Permissions
and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.
All other trademarks and trade names mentioned in this document are the property of their respective
holders.
Notice
The purchased products, services and features are stipulated by the contract made between Huawei and the
customer. All or part of the products, services and features described in this document may not be within the
purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information,
and recommendations in this document are provided "AS IS" without warranties, guarantees or
representations of any kind, either express or implied.
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute a warranty of any kind, express or implied.
Huawei Technologies Co., Ltd.
Address: Huawei Industrial Base
Bantian, Longgang
Shenzhen 518129
People's Republic of China
Website: http://e.huawei.com
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
i
Page 3
S5700 Series Ethernet Switches
Product Description
Intended Audience
This document describes the positioning, characteristics, architecture, link features, service
features, application scenarios, operation and maintenance functions, and technical
specifications of the switch.
This document helps you understand the characteristics and features of the switch.
This document is intended for:
About This Document
About This Document
Statement
l Network planning engineers
l Hardware installation engineers
l Commissioning engineers
l Data configuration engineers
l On-site maintenance engineers
l Network monitoring engineers
l System maintenance engineers
The device provides the mirroring function for network monitoring and fault management,
during which communication data may be collected. Huawei alone is unable to collect or save
the content of users' communications. It is suggested that you activate the functions based on
the applicable laws and regulations in terms of purpose and scope of usage. You are obligated
to take considerable measures to ensure that the content of users' communications is fully
protected when the content is being used and saved.
The device provides the NetStream function for network traffic statistics collection and
advertisement, during which data of users may be used. You are obligated to take considerable
measures, in compliance with the laws of the countries concerned and the user privacy
policies of your company, to ensure that the data of users is fully protected.
Disclaimer
This document is designed as a reference for you to configure your devices. Its contents,
including web pages, command line input and output, are based on laboratory conditions. It
provides instructions for general scenarios, but does not cover all use cases of all product
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
ii
Page 4
NOTE
S5700 Series Ethernet Switches
Product Description
models. The examples given may differ from your use case due to differences in software
versions, models, and configuration files. When configuring your device, alter the
configuration depending on your use case.
The specifications provided in this document are tested in lab environment (for example, the
tested device has been installed with a certain type of boards or only one protocol is run on
the device). Results may differ from the listed specifications when you attempt to obtain the
maximum values with multiple functions enabled on the device.
Symbol Conventions
The symbols that may be found in this document are defined as follows.
About This Document
Symbol
Description
Indicates an imminently hazardous situation
which, if not avoided, will result in death or
serious injury.
Indicates a potentially hazardous situation
which, if not avoided, could result in death
or serious injury.
Indicates a potentially hazardous situation
which, if not avoided, may result in minor
or moderate injury.
Indicates a potentially hazardous situation
which, if not avoided, could result in
equipment damage, data loss, performance
deterioration, or unanticipated results.
NOTICE is used to address practices not
related to personal injury.
Calls attention to important information,
best practices and tips.
NOTE is used to address information not
related to personal injury, equipment
damage, and environment deterioration.
Change History
Updates between document issues are cumulative. Therefore, the latest document version
contains all updates made to previous versions.
Changes in Issue 18 (2016-11-09)
The eighteenth commercial release has the following updates:
The documentation is modified according to updates in product features.
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
iii
Page 5
S5700 Series Ethernet Switches
Product Description
Changes in Issue 17 (2016-08-12)
The seventeenth commercial release has the following updates:
The S5720LI/S5720S-LI product description is added.
Changes in Issue 16 (2016-07-22)
The sixteenth commercial release has the following updates:
The documentation is modified according to updates in product features.
Changes in Issue 15 (2016-03-31)
The fifteenth commercial release has the following updates:
The documentation is modified according to updates in product features.
Changes in Issue 14 (2015-10-23)
The fourteenth commercial release has the following updates:
About This Document
The documentation is modified according to updates in product features.
Changes in Issue 13 (2015-07-31)
The thirteenth commercial release has the following updates:
The S5720SI/S5720S-SI product description is added.
Changes in Issue 12 (2015-07-17)
The twelfth commercial release has the following updates:
The content in chapter 3 Product Performance is optimized.
Changes in Issue 11 (2014-10-25)
The eleventh commercial release has the following updates:
The S5720EI product description is added.
Changes in Issue 10 (2014-08-25)
The tenth commercial release has the following updates:
The documentation is modified according to updates in product features.
Changes in Issue 09 (2014-07-20)
The ninth commercial release has the following updates:
The documentation is modified according to updates in product features.
Changes in Issue 08 (2014-05-25)
The eighth commercial release has the following updates:
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
iv
Page 6
S5700 Series Ethernet Switches
Product Description
The documentation is modified according to updates in product features.
Changes in Issue 07 (2014-04-30)
The seventh commercial release has the following updates:
The documentation is modified according to updates in product features.
Changes in Issue 06 (2014-03-20)
The sixth commercial release has the following updates:
The documentation is modified according to updates in product features.
Changes in Issue 05 (2014-03-12)
The fifth commercial release has the following updates:
The documentation is modified according to updates in product features.
Changes in Issue 04 (2013-11-06)
About This Document
The fourth commercial release has the following updates:
The documentation is modified according to updates in product features.
Changes in Issue 03 (2013-09-30)
The third commercial release has the following updates:
The documentation is modified according to updates in product features.
Changes in Issue 02 (2013-07-25)
The second commercial release has the following updates:
The documentation is modified according to updates in product features.
Changes in Issue 01 (2013-05-30)
Initial commercial release.
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
v
Page 7
S5700 Series Ethernet Switches
Product Description Contents
Contents
About This Document.....................................................................................................................ii
1 Product Overview..........................................................................................................................1
1.1 Product Positioning.........................................................................................................................................................2
1.2 Product Characteristics................................................................................................................................................... 2
2 Application Scenarios...................................................................................................................6
2.1 Application of the S5700 on a Large-scale Enterprise Campus Network......................................................................7
2.2 Application of the S5700 on a Small- or Medium-scale Enterprise Campus Network..................................................8
2.3 Application of the S5700 on a Small-scale Enterprise Campus Network......................................................................9
2.4 Application in Public Cloud........................................................................................................................................... 9
3 Product Performance...................................................................................................................11
3.1 Product Features Supported by V200R010C00............................................................................................................12
3.2 Product Features Supported by V200R009C00............................................................................................................23
3.3 Product Features Supported by V200R008C00............................................................................................................33
3.4 Product Features Supported by V200R007C00............................................................................................................44
3.5 Product Features Supported by V200R006C00............................................................................................................54
3.6 Product Features Supported by V200R005C00............................................................................................................63
3.7 Product Features Supported by V200R003C00............................................................................................................74
3.8 Performance Specifications.......................................................................................................................................... 84
4 Hardware Information................................................................................................................85
5 References..................................................................................................................................... 87
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
vi
Page 8
S5700 Series Ethernet Switches
Product Description
About This Chapter
1 Product Overview
1 Product Overview
1.1 Product Positioning
1.2 Product Characteristics
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
1
Page 9
S5700 Series Ethernet Switches
Product Description
1.1 Product Positioning
The S5700 series Ethernet switches (S5700 for short) are next-generation energy-saving
switches developed by Huawei to meet the demand for high-bandwidth access and Ethernet
multi-service aggregation. Based on cutting-edge hardware and Huawei Versatile Routing
Platform (VRP) software, the S5700 provides a large switching capacity, high reliability
(double power slots and hardware Ethernet OAM), and high-density GE ports to
accommodate 10 Gbit/s upstream transmissions. It also supports Energy Efficient Ethernet
(EEE) and iStack. The S5700 can be used in various enterprise network scenarios. For
example, it can function as an access or aggregation switch on a campus network, a gigabit
access switch in an Internet data center (IDC), or a desktop switch to provide 1000 Mbit/s
access for terminals.
The S5700 is available in a lite (LI) series, a standard (SI) series, an enhanced (EI) series, and
a hyper (HI) series.
1.2 Product Characteristics
1 Product Overview
Various Port Combinations
The S5700-EI, S5710-EI and S5720-EI support various extended subcards that provide highdensity GE/10GE uplink ports. The flexible port combinations meet bandwidth expansion
requirements, protecting customers' investment.
Intelligent Stack
The S5700 supports intelligent stack (iStack). This technology combines multiple switches
into a logical switch.
Member switches in a stack implement redundancy backup to improve device reliability and
use inter-device link aggregation to improve link reliability. iStack provides high network
scalability. You can increase ports, bandwidth, and processing capacity of a stack by simply
adding member switches to the stack. iStack also simplifies device configuration and
management. After a stack is set up, multiple physical switches are virtualized into one
logical device. You can log in to any member switch in the stack to manage all the member
switches in the stack.
The S5720-SI/S5720S-SI/S5720-EI/S5720-LI/S5720S-LI support stacking through electrical
ports.
Innovative AHM Energy Saving Technologies
The S5700-LI series (except S5700-52X-LI-48CS-AC, S5700-28P-LI-BAT and S5700-28PLI-24S-BAT) and S5720-LI/S5720S-LI series smart energy-saving switches reduce power
consumption without degrading system performance and user experience. The S5700-LI
series uses innovative energy-saving technologies including energy efficient Ethernet (EEE),
port power detection, dynamic CPU frequency adjustment, and device sleeping. These
technologies help reduce power consumption by adjusting power depending on the Up/Down
states of links, presence/absence of optical modules, shutdown and undo shutdown operations
on ports, and peak and off-peak hours. The S5700-LI series is the industry's first switch series
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
2
Page 10
S5700 Series Ethernet Switches
Product Description
that supports entire device sleeping, and it provides three energy saving modes to adapt to
different usage scenarios: standard mode, basic mode, and deep mode.
Comprehensive VPN Technologies
The S5700 supports the multi-VPN-instance CE (MCE) function, which allows users in
different VPNs to connect to the same switch and isolates users through multi-instance
routing. Users in multiple VPNs connect to a PE device through the same physical uplink port
on the switch, which reduces the investment on network deployment. The S5710-EI and
S5700-HI support Multiprotocol Label Switching (MPLS) QoS, MPLS traffic engineering
(TE), virtual leased line (VLL), virtual private LAN service (VPLS), and Layer 3 virtual
private network (L3VPN). They can provide high-quality private line access services for
enterprises and are cost-effective case-shaped MPLS switches.
Easy Operation and Maintenance
The S5700 supports EasyDeploy, USB-based deployment, batch remote upgrade and is a
plug-and-play product. These functions facilitate device deployment, upgrade, service
provisioning, and other management and maintenance operations, and also greatly reduce
costs of operation and maintenance. The S5700 can be managed and maintained using Simple
Network Management Protocol (SNMP) V1, V2c, and V3, command line interface (CLI),
web-based network management system, Telnet, or Secure Shell (SSH) V2.0. Additionally, it
supports remote network monitoring (RMON), multiple log hosts, port traffic statistics
collection, and network quality analysis that help in network consolidation and reconstruction.
1 Product Overview
The S5700 can use the GARP VLAN Registration Protocol (GVRP) to implement dynamic
distribution, registration, and propagation of VLAN attributes. GVRP reduces manual
configuration workload and ensures correct configuration. Besides, the S5700 supports the
MUX VLAN function, which involves a principal VLAN and multiple subordinate VLANs.
Subordinate VLANs are classified into group VLANs and separate VLANs. Ports in the
principal VLAN can communicate with ports in subordinate VLANs. Ports in a subordinate
group VLAN can communicate with each other, whereas ports in a subordinate separate
VLAN can communicate only with ports in the principal VLAN.
Excellent Network Traffic Analysis
The S5700 provides the NetStream function and can function as a NetStream data exporter. It
periodically collects data traffic statistics, encapsulates the statistics in standard V5, V8, or V9
packets, and sends the packets to the NetStream data collector according to NetStream
configuration. The collected statistics are then processed to dynamically generate reports,
analyze traffic attributes, and generate alarms on abnormal traffic. The NetStream function
helps you optimize network structure and adjust resource deployment in a timely manner.
The S5700 supports the sFlow function. It uses a method defined in the sFlow standard to
sample traffic passing through it and sends sampled traffic to the collector in real time. The
collected traffic statistics are used to generate statistical reports, helping enterprises maintain
their networks.
Flexible Ethernet Networking
In addition to traditional Spanning Tree Protocol (STP), Rapid Spanning Tree Protocol
(RSTP), and Multiple Spanning Tree Protocol (MSTP), the S5700 supports Huaweideveloped Smart Ethernet Protection (SEP) technology and the latest Ethernet Ring
Protection Switching (ERPS) standard. SEP is a ring protection protocol specific to the
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
3
Page 11
S5700 Series Ethernet Switches
Product Description
Ethernet link layer, and applies to various ring network topologies, such as open ring
topology, closed ring topology, and cascading ring topology. This protocol is reliable, easy to
maintain. ERPS is defined in ITU-T G.8032. It implements millisecond-level protection
switching based on traditional Ethernet MAC and bridging functions.
The S5700 supports Smart Link and Virtual Router Redundancy Protocol (VRRP), which
implement backup of uplinks. One S5700 switch can connect to multiple aggregation
switches through multiple links, significantly improving reliability of access devices. In
addition, the S5700 provides multiple connection fault detection mechanisms, including
Ethernet OAM (IEEE 802.3ah/802.1ag /ITU Y.1731) and Bidirectional Forwarding Detection
(BFD).
Diversified Security Control
The S5700 supports MAC address authentication and 802.1X authentication and implements
dynamic delivery of policies (VLAN, QoS, and ACL) to users.
The S5700 provides a series of mechanisms to defend against DoS attacks and user-targeted
attacks. DoS attacks are targeted at switches and include SYN flood, Land, Smurf, and ICMP
flood attacks. User-targeted attacks include bogus DHCP server attacks, IP/MAC address
spoofing, DHCP request flood, and change of the DHCP CHADDR value. The S5700 collects
and maintains information about access users, such as IP addresses, MAC addresses, IP
address leases, VLAN IDs, and access interfaces in a DHCP snooping binding table. In this
way, it can defend against DHCP attacks on the network. You can specify DHCP snooping
trusted and untrusted ports to ensure that users connect only to the authorized DHCP server.
1 Product Overview
The S5700 supports strict ARP learning. This feature prevents ARP spoofing attackers from
exhausting ARP entries so that users can connect to the Internet normally.
Mature IPv6 Technologies
The S5700 uses the mature, stable Versatile Routing Platform (VRP) and supports IPv4/IPv6
dual stacks, IPv6 routing protocols (RIPng, OSPFv3, BGP4+, and IS-IS for IPv6), and IPv6
over IPv4 tunnels including manual, 6-to-4, and Intra-Site Automatic Tunnel Addressing
Protocol (ISATAP) tunnels. With these IPv6 features, the S5700 can be deployed on a pure
IPv4 network, a pure IPv6 network, or a shared IPv4/IPv6 network, helping realize IPv4-toIPv6 transition.
Innovative Built-in Battery
The S5700-LI-BAT(S5700-28P-LI-BAT and S5700-28P-LI-24S-BAT) is the industry's first
switch model that supports internal lithium batteries as a backup power supply. It ensures
uninterrupted services in situations where power failures frequently occur at the access layer.
The S5700-LI-BAT has the following advantages:
l In the event of a mains power failure the battery can power the switch, so services will
not be interrupted.
l Compared with switches using external power supply units, the S5700-LI-BAT occupies
less space and is easier to install.
l Intelligent power management, long standby time.
l Battery LAN switches on the entire network can be managed centrally using a web
system, facilitating network operation and maintenance. As the battery lifetime is
predictable, you do not need to replace batteries periodically, reducing hardware costs.
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
4
Page 12
S5700 Series Ethernet Switches
Product Description
l The internal battery provides alarm and voltage/current protection functions as well as
overtemperature protection, enhancing reliability.
Ground-Free Design
The non-PoE models of S5720-LI/S5720S-LI adopt the ground-free design. Only the 220 V
power module needs to be grounded. This design facilitates switch deployment in the places
where grounding is difficult, such as corridor.
CSFP Providing High-Density Access and Increased Bandwidth
CSFP switches support downlink CSFP ports. Each downlink CSFP port equipped with a
CSFP GE optical module and one pair of fibers can provide 2 Gbit/s bandwidth
bidirectionally, which is two times the bandwidth of standard SFP optical modules. The 24
downlink CSFP ports can provide 48 Gbit/s bandwidth bidirectionally, implementing highdensity access (equal to access of 48 standard SFP ports) and saving the cost of deploying
fibers and adding optical modules.
Cloud-based Management
1 Product Overview
Huawei provides the Agile Cloud Network solution based on public cloud. Since
V200R010C00, the S5720SI/S5720S-SI can be managed by a cloud management platform as
a cloud box. In the Agile Cloud Network solution, the cloud box is plug-and-play. It
automatically connects to the cloud management platform and uses bidirectional certificate
authentication to ensure management channel security. The cloud box provides the
Netconf&YANG interface for the cloud management platform to deliver configurations
remotely. In addition, remote maintenance and fault diagnosis can be performed on the cloud
box through the cloud management platform.
Related Content
Support Community
l Introduction to Huawei Fixed Switches
Videos
l Huawei S5720HI Agile Switch Allows Services to Change On Demand
l Huawei Next-Generation Enhanced Gigabit Ethernet Switch S5720-EI
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
5
Page 13
S5700 Series Ethernet Switches
Product Description
About This Chapter
2 Application Scenarios
2 Application Scenarios
2.1 Application of the S5700 on a Large-scale Enterprise Campus Network
This section describes the application of the S5700 on a large-scale enterprise campus
network.
2.2 Application of the S5700 on a Small- or Medium-scale Enterprise Campus Network
This section describes the application of the S5700 on a small- or medium-scale enterprise
campus network.
2.3 Application of the S5700 on a Small-scale Enterprise Campus Network
This section describes the application of the S5700 on a small-scale enterprise campus
network.
2.4 Application in Public Cloud
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
6
Page 14
A gg reg ati
on La yer
A cc ess
Lay er
(S 57 00)
A pp lication
N M S
W eb
S er ve r
E -m ail
S er ve r
D NS
S er ve r
D M Z
O ffice b uilding E le ctric ity M an ufactu rin g En te rp rise
C SS link
A gg re ga tio n
switch
F ire w allC or e sw itch
A cc es s s w itc h
(S 57 00 )
R ou ter
W A N In ter net
B ra n ch
M obile
S ta ff
P artne r
S5700 Series Ethernet Switches
Product Description
2 Application Scenarios
2.1 Application of the S5700 on a Large-scale Enterprise Campus Network
This section describes the application of the S5700 on a large-scale enterprise campus
network.
As shown in Figure 2-1, the S5700 is deployed at the access layer of a campus network to
provide high performance, multi-service, and highly reliable enterprise network.
Figure 2-1 Position of the S5700 on a Large-scale enterprise campus network
The S5700 provides various terminal security management features, and supports functions
such as PoE, voice VLAN, and QoS. The S5700 can be used for desktop access and provides
GE access.
The S5700 provides various security features including ARP security, IP security, IP source
guard, and user access control policies such as NAC and ACLs, to control access of user
terminals.
The S5700 provides Easy-Operation and USB-based deployment, which facilitates
deployment and management.
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
7
Page 15
Web
Server
E-mail
Server
DNS
Server
DMZ
NMS
Aggregation
Layer
S5700
Access
Layer
Aggregation
switch
FirewallCore switch
Access switch
CSS/Stack link
Router
AP
Internet
S5700 Series Ethernet Switches
Product Description
2 Application Scenarios
2.2 Application of the S5700 on a Small- or Medium-scale Enterprise Campus Network
This section describes the application of the S5700 on a small- or medium-scale enterprise
campus network.
As shown in Figure 2-2, the S5700 is deployed at the aggregation layer of a campus network
to provide high performance, multi-service, and highly reliable enterprise network.
Figure 2-2 Position of the S5700 on a small- or medium-scale enterprise campus network
On an enterprise network or campus network shown in Figure 2-2, the S5700s connect to
access switches through 100M/1000M interfaces, provide high performance and large
switching capacity, and connect to core switches through 10GE optical interfaces. The
network provides 10 Gbit/s rate for the backbone layer and 100 Mbit/s access rate for
terminals, meeting requirements for high bandwidth and multi-service.
The S5700 provides SEP and RRPP to implement millisecond-level protection switchover.
S5700s form a stack system by using iStack technology to implement the distributed
forwarding structure and fast fault recovery. The stack system increases the number of user
interfaces and improves packet processing capability. The iStack-enabled S5700s can be
managed in a uniform manner to facilitate network management and maintenance.
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
8
Page 16
S 5 7 0 0
S ta ck
A cce s s
S w itc h
In te rn e t
S5700 Series Ethernet Switches
Product Description
2 Application Scenarios
2.3 Application of the S5700 on a Small-scale Enterprise Campus Network
This section describes the application of the S5700 on a small-scale enterprise campus
network.
As core switches of a small-scale enterprise network shown in Figure 2-3, the S5700s have
powerful aggregation and routing capabilities. S5700s use iStack to implement backup among
multiple devices and ensure high reliability. The S5700 provides various access control
policies to achieve centralized management and simplify configuration.
Figure 2-3 Position of the S5700 on a small-scale enterprise network
2.4 Application in Public Cloud
Agile Cloud Network is a suite of network solution based on Huawei public cloud. The
S5720SI/S5720S-SI can be located at the access layer of the agile cloud network as a cloud
box, as shown in Figure 2-4.
The cloud box is plug-and-play. It goes online after being powered on and connected with a
network cable, without complicated configurations. A cloud box can connect to the cloud
management platform and bidirectional certificate authentication is used to ensure
management channel security. The cloud box provides the Netconf&YANG interface for the
cloud management platform to deliver configurations remotely. In addition, remote
maintenance and fault diagnosis can be performed on the cloud box through the cloud
management platform.
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
9
Page 17
Local RADIUS
server
Cloud
box
Cloud management
platform
ISP
network
Tenant network
(branch)
Headquarters
FW
Traffic to the Internet
Cloud management
& cloud platform
authentication traffic
Traffic from branch
to headquarters
Internet
Data center
egress
CloudBased
WLAN
Planner
Cloud
management
platform
PKI
ESDP
SecCenter
Technical
support website
Cooperative
systems
Local RADIUS
authentication traffic
Cloud
box
V
P
N
t
u
n
n
e
l
VPN gateway
S5700 Series Ethernet Switches
Product Description
Figure 2-4 Application of S5720SI/S5720S-SI in public cloud
2 Application Scenarios
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
10
Copyright © Huawei Technologies Co., Ltd.
Page 18
S5700 Series Ethernet Switches
Product Description
About This Chapter
3.1 Product Features Supported by V200R010C00
3 Product Performance
3 Product Performance
3.2 Product Features Supported by V200R009C00
3.3 Product Features Supported by V200R008C00
3.4 Product Features Supported by V200R007C00
3.5 Product Features Supported by V200R006C00
3.6 Product Features Supported by V200R005C00
3.7 Product Features Supported by V200R003C00
3.8 Performance Specifications
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
11
Page 19
S5700 Series Ethernet Switches
Product Description
3 Product Performance
3.1 Product Features Supported by V200R010C00
Table 3-1 lists features supported by the S5700.
Table 3-1 Features supported by the S5700
Feature
Ethernet
features
Description Difference
Ethernet Operating modes of full-duplex,
half-duplex and auto-negotiation
Rates of an Ethernet interface: 10
Mbit/s, 100 Mbit/s, 1000 Mbit/s,
2500 Mbit/s, 10 Gbit/s, and autonegotiation
Flow control on interfaces None
Jumbo frames
Link aggregation
Load balancing among links of a
trunk
Transparent transmission of Layer
2 protocol packets
Device Link Detection Protocol
(DLDP)
Only the S5720HI and
S5720EI do not support
the operating mode of
half-duplex.
Only the S5720-14XPWH-SI-AC supports the
2500 Mbit/s Ethernet
interface.
Link Layer Discovery Protocol
(LLDP)
Link Layer Discovery ProtocolMedia Endpoint Discovery (LLDPMED)
Interface isolation
Broadcast storm control
VLAN Access modes of access, trunk,
hybrid, and QinQ
Default VLAN
VLAN assignment based on
interfaces, MAC addresses,
protocols, and IP subnets
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
None
12
Page 20
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
VLAN assignment based on the
following policies:
l MAC address + IP address
l MAC address + IP address +
interface number
l DHCP policies
Adding double VLAN tags to
packets based on interface
Super VLAN Only the S5700LI,
VLAN mapping None
Selective QinQ
MUX VLAN
Voice VLAN
Guest VLAN
GVRP Generic Attribute Registration
Protocol (GARP)
GARP VLAN Registration
Protocol (GVRP)
VCMP VCMP (VLAN centralized
management protocol)
None
S5700S-LI, S5720LI,
S5720S-LI, and S5710-XLI do not support this
function.
None
None
MAC Automatic learning and aging of
MAC addresses
Static, dynamic, and blackhole
MAC address entries
Packet filtering based on source
MAC addresses
Interface-based MAC learning
limiting
Sticky MAC address entries
MAC address flapping detection
Configuring MAC address learning
priorities for interfaces
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
None
Only the S5720EI and
S5720HI support this
function.
13
Page 21
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
MAC address spoofing defense Only the S5700LI,
S5700S-LI, S5720LI,
S5720S-LI, S5710-X-LI,
S5720SI, and S5720S-SI
support this function.
Port bridge None
ARP Static and dynamic ARP entries None
ARP in a VLAN
Aging of ARP entries
Proxy ARP The S5700LI, S5700S-LI,
S5720LI, S5720S-LI, and
S5710-X-LI do not
support inter-VLAN
proxy ARP.
Ethernet
loop
protection
Multi-port ARP for connecting to
the NLB cluster server
Only the S5720EI and
S5720HI support this
function.
MSTP STP None
RSTP
MSTP
VBST
BPDU protection, root protection,
and loop protection
TC-BPDU attack defense
STP loop detection
Loopback
Loop detection on an interface
detection
SEP Smart Ethernet Protection (SEP)
Smart Link Smart Link
Smart Link multi-instance
Monitor Link
RRPP RRPP protective switchover
Single RRPP ring, tangent RRPP
ring, and intersecting RRPP ring
Hybrid networking of RRPP rings
and other ring networks
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
14
Page 22
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
ERPS G.8032 v1/v2 Only the S5700S-LI does
not support this function.
Single closed ring
Subring
IPv4/IPv6
forwardin
g
IPv4 and
unicast
routes
Static IPv4 routes None
VRF
DHCP client
DHCP server
DHCP relay
DHCP policy VLAN Only the S5700LI,
S5720LI, S5720S-LI, and
S5700S-LI do not support
this function.
URPF check Only the S5700LI,
S5700S-LI, S5720LI,
S5720S-LI, and S5710-XLI do not support this
function.
Routing policies None
RIPv1/RIPv2 None
OSPF Only the S5700LI,
S5700S-LI, and S5710-XLI do not support this
function.
BGP Only the S5700LI,
MBGP
IS-IS
PBR (redirection in a traffic policy) Only the S5700LI,
Multicast
IGMPv1/v2/v3 Only the S5700LI,
routing
features
PIM-DM
PIM-SM
MSDP
Multicast routing policies
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
S5700S-LI, S5720LI,
S5720S-LI, and S5710-XLI do not support this
function.
S5700S-LI, and S5710-XLI do not support this
function.
S5700S-LI, S5720LI,
S5720S-LI, and S5710-XLI do not support this
function.
15
Page 23
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
RPF
IPv6
features
IPv6 protocol stack None
ND and ND snooping
DHCPv6 snooping
RIPng None
DHCPv6 server Only the S5700LI,
S5700S-LI, and S5710-X-
DHCPv6 relay
LI do not support this
function.
OSPFv3 Only the S5700LI,
S5700S-LI, S5720LI,
S5720S-LI, and S5710-XLI do not support this
function.
BGP4+ & ISIS for IPv6 Only the S5700LI,
S5700S-LI, S5720LI,
VRRP6
MLDv1 and MLDv2
S5720S-LI, and S5710-XLI do not support this
function.
PIM-DM for IPv6
PIM-SM for IPv6
Layer 2
- IGMPv1/v2/v3 snooping None
multicast
features
Fast leave
IGMP Snooping proxy
MLD snooping
Interface-based multicast traffic
suppression
Inter-VLAN multicast replication
Controllable multicast
VPN - Multi-VPN-Instance CE (MCE) Only the S5720SI,
S5720S-SI, S5720HI, and
S5720EI support this
function.
GRE Only the S5720HI and
S5720EI support this
function.
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
16
Page 24
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
MPLS - MPLS QoS Only the S5720HI and
3 Product Performance
VLL Only the S5720HI and
S5720EI support this
PWE3
function.
VPLS
S5720EI support this
MPLS TE
function.
Device
reliability
BFD Basic BFD functions Only the S5700LI,
S5700S-LI, S5720LI,
BFD for static route/IS-IS/
OSPF/BGP
BFD for PIM
S5720S-LI, and S5710-XLI do not support this
function.
BFD for VRRP
Stacking Stack card supporting the stacking
function
Only some S5720EI
models (S5720-C-EI,
S5720-PC-EI,S5720-XEI, and S5720-P-EI)
support this function.
Service interface supporting the
stacking function
Only S5700LI, S5700SLI, S5720LI, S5720S-LI,
S5710-X-LI, some
S5720EI models (S5720C-EI,S5720-X-EI,S5720PC-EI) , S5720SI, and
S5720S-SI support this
function.
Others VRRP Only the S5700LI,
S5700S-LI, S5720LI,
S5720S-LI, and S5710-XLI do not support this
function.
Ethernet
OAM
EFM
OAM
(802.3ah)
Automatic discovery None
Link fault detection
Link fault troubleshooting
Remote loopback
CFM
Software-level CCM None
OAM
(802.1ag)
MAC ping
MAC trace
OAM
association
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
Association between 802.1ag and
802.1ah
Only the S5700LI,
S5700S-LI, S5720LI,
17
Page 25
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
QoS
features
Association between 802.1ah and
802.1ag
S5720S-LI, and S5710-XLI do not support this
function.
Y.1731 Delay and variation measurement None
Traffic
classifier
Traffic classification based on
ACLs
None
Traffic classification based on outer
802.1p priorities, outer VLAN IDs,
source MAC addresses, and
Ethernet types
Traffic classification based on inner
VLAN IDs
Only the S5700LI,
S5700S-LI, S5720LI,
S5720S-LI, and S5710-XLI do not support this
function.
Traffic classification based on inner
802.1p priorities
Only the S5700LI,
S5700S-LI, S5720LI,
S5720S-LI, and S5710-XLI do not support this
function.
Traffic
behavior
Traffic
policing
Traffic
shaping
Congestio
n
avoidance
Congestio
n
manageme
nt
Access control after traffic
None
classification
Traffic policing based on traffic
classification
Re-marking based on traffic
classification
Associating traffic classifiers with
traffic behaviors
Rate limit on inbound and
outbound interfaces
Traffic shaping on interfaces and
queues
Weighted Random Early Detection
(WRED)
Only the S5720EI, and
S5720HI supports this
function.
Tail drop None
Queue mapping None
Priority Queuing (PQ)
Deficit Round Robin (DRR)
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
18
Page 26
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
PQ+DRR
Weighted Round Robin (WRR) Only the S5720HI do not
support this function.
PQ+WRR
HQoS Hierarchical Quality of Service Only the S5720HI support
this function.
Configura
tion and
maintena
nce
Login and
configurati
on
manageme
nt
Command line configuration None
Error message and help information
in English
Login through console and Telnet
terminals
SSH1.5/SSH2
Send function and data
communication between terminal
users
Hierarchical user authority
management and commands
SNMP-based NMS management
(eSight)
Web page-based configuration and
management
EasyDeploy The S5700LI, S5700S-LI,
S5720LI, S5720S-LI,
S5710-X-LI, S5720SI,
and S5720S-SI only
support as a client.
SVF
File
File system None
system
Directory and file management
File upload and download through
FTP, TFTP, SFTP, SCP, and FTPS
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
l The S5720HI only
support as a parent.
l The S5720EI,
S5700LI, S5720LI,
S5720S-LI, S5700SLI, S5710-X-LI,
S5720SI and S5720SSI only support as an
AS.
19
Page 27
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Monitorin
g and
maintenan
ce
Hardware monitoring None
Reporting alarms on abnormal
device temperature
Second-time fault detection to
prevent detection errors caused by
instant interference
Version matching check
Dying gasp Only the S5700LI,
S5700S-LI, S5720LI, and
S5720HI support this
function.
Information center and unified
None
management over logs, alarms, and
debugging information
Electronic labels, and command
line query and backup
Virtual cable test (VCT)
User operation logs
Detailed debugging information for
network fault diagnosis
Network test tools such as
traceroute and ping commands
Port mirroring, flow mirroring, and
remote mirroring
Energy saving
Version
upgrade
Device software loading and online
software loading
BootROM online upgrade
In-service patching
Security AAA Local authentication and
authorization
RADIUS authentication,
authorization, and accounting
HWTACACS authentication,
authorization, and accounting
None
None
NAC 802.1x authentication None
MAC address authentication
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
20
Page 28
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Portal authentication
Hybrid authentication None
ARP
security
ARP packet rate limiting based on
source MAC addresses
Only the S5720EI and
S5720HI support this
function.
ARP packet rate limiting based on
None
source IP addresses, interfaces, and
VLANs, and global ARP packet
rate limiting
ARP anti-spoofing
Association between ARP and STP Only the S5700LI,
S5720LI, S5720S-LI,
ARP gateway anti-collision
S5710-X-LI and S5700S-
LI do not support this
function.
Dynamic ARP Inspection (DAI)
None
and Static ARP Inspection (SAI)
Egress ARP Inspection (EAI)
IP security ICMP attack defense None
IP source guard
Local
CPU attack defense
attack
defense
MFF MAC-Forced Forwarding (MFF)
DHCP
DHCP snooping
snooping
Option 82 function and dynamic
rate limiting for DHCP packets
Attack
defense
Defense against flood attacks
without IP payloads, attacks from
IGMP null payload packets, LAND
attacks, Smurf attacks, and attacks
from packets with invalid TCP flag
bits
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
21
Page 29
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Defense against attacks from many
fragments, attacks from many
packets with offsets, attacks from
repeated packet fragments, Tear
Drop attacks, Syndrop attacks,
NewTear attacks, Bonk attacks,
Nesta attacks Rose attacks, Fawx
attacks, Ping of Death attacks, and
Jolt attacks
Defense against TCP SYN flood
attacks, UDP flood attacks
(including Fraggle attacks and UDP
diagnosis port attacks), and ICMP
flood attacks
Network
managem
ent
- Ping and traceroute None
NQA
Network Time Protocol (NTP)
IPCA Only the S5720HI support
this function.
sFlow The S5720HI does not
support this function.
NetStream Only the S5720HI support
this function.
SNMP v1/v2c/v3 None
Standard MIB
HTTP
Hypertext Transfer Protocol Secure
(HTTPS)
Remote network monitoring
(RMON)
RMON2 Only theS5720EI and
WLAN - AP Management Specifications Only the S5720HI support
Radio Management Specifications
WLAN Service Management
Specifications
QoS
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
S5720HI support this
function.
this function.
22
Page 30
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
WLAN Security Specifications
WLAN user management
specifications
3 Product Performance
3.2 Product Features Supported by V200R009C00
Table 3-2 lists features supported by the S5700.
Table 3-2 Features supported by the S5700
Feature
Ethernet
features
Description Difference
Ethernet Operating modes of full-duplex,
half-duplex and auto-negotiation
Rates of an Ethernet interface: 10
Mbit/s, 100 Mbit/s, 1000 Mbit/s,
2500 Mbit/s, 10 Gbit/s, and autonegotiation
Flow control on interfaces None
Jumbo frames
Link aggregation
Load balancing among links of a
trunk
Transparent transmission of Layer
2 protocol packets
Device Link Detection Protocol
(DLDP)
Only the S5720HI and
S5720EI do not support
the operating mode of
half-duplex.
Only the S5720-14X-
PWH-SI-AC supports the
2500 Mbit/s Ethernet
interface.
Link Layer Discovery Protocol
(LLDP)
Link Layer Discovery ProtocolMedia Endpoint Discovery (LLDPMED)
Interface isolation
Broadcast storm control
VLAN Access modes of access, trunk,
hybrid, and QinQ
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
None
23
Page 31
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Default VLAN
VLAN assignment based on
interfaces, MAC addresses,
protocols, and IP subnets
VLAN assignment based on the
following policies:
l MAC address + IP address
l MAC address + IP address +
interface number
l DHCP policies
Adding double VLAN tags to
packets based on interface
Super VLAN Only the S5700LI,
VLAN mapping None
Selective QinQ
MUX VLAN
Voice VLAN
Guest VLAN
GVRP Generic Attribute Registration
Protocol (GARP)
GARP VLAN Registration
Protocol (GVRP)
VCMP VCMP (VLAN centralized
management protocol)
None
S5700S-LI, and S5710-X-
LI do not support this
function.
None
None
MAC Automatic learning and aging of
MAC addresses
Static, dynamic, and blackhole
MAC address entries
Packet filtering based on source
MAC addresses
Interface-based MAC learning
limiting
Sticky MAC address entries
MAC address flapping detection
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
None
24
Page 32
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Configuring MAC address learning
priorities for interfaces
Only the S5720EI and
S5720HI support this
function.
MAC address spoofing defense Only the S5700LI,
S5700S-LI, S5710-X-LI,
S5720SI, and S5720S-SI
support this function.
Port bridge None
ARP Static and dynamic ARP entries None
ARP in a VLAN
Aging of ARP entries
Proxy ARP The S5700LI, S5700S-LI,
and S5710-X-LI do not
support inter-VLAN
proxy ARP.
Multi-port ARP for connecting to
the NLB cluster server
Only the S5720EI and
S5720HI support this
function.
Ethernet
loop
protection
MSTP STP None
RSTP
MSTP
VBST
BPDU protection, root protection,
and loop protection
TC-BPDU attack defense
STP loop detection
Loopback
Loop detection on an interface
detection
SEP Smart Ethernet Protection (SEP)
Smart Link Smart Link
Smart Link multi-instance
Monitor Link
RRPP RRPP protective switchover
Single RRPP ring, tangent RRPP
ring, and intersecting RRPP ring
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
25
Page 33
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Hybrid networking of RRPP rings
and other ring networks
ERPS G.8032 v1/v2 Only the S5700S-LI does
not support this function.
Single closed ring
Subring
IPv4/IPv6
forwardin
g
IPv4 and
unicast
routes
Static IPv4 routes None
VRF
DHCP client
DHCP server
DHCP relay
DHCP policy VLAN Only the S5700LI and
S5700S-LI do not support
this function.
URPF check Only the S5700LI,
S5700S-LI, and S5710-X-
LI do not support this
function.
Routing policies None
RIPv1/RIPv2 None
OSPF Only the S5700LI,
S5700S-LI, and S5710-X-
LI do not support this
function.
BGP Only the S5700LI,
MBGP
IS-IS
PBR (redirection in a traffic policy) Only the S5700LI,
Multicast
IGMPv1/v2/v3 Only the S5700LI,
routing
features
PIM-DM
PIM-SM
MSDP
Multicast routing policies
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
S5700S-LI, and S5710-X-
LI do not support this
function.
S5700S-LI, and S5710-X-
LI do not support this
function.
S5700S-LI, and S5710-X-
LI do not support this
function.
26
Page 34
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
RPF
IPv6
features
IPv6 protocol stack None
ND and ND snooping
DHCPv6 snooping
RIPng None
DHCPv6 server Only the S5700LI,
S5700S-LI, and S5710-XDHCPv6 relay
LI do not support this
function.
OSPFv3 Only the S5700LI,
S5700S-LI, and S5710-X-
LI do not support this
function.
BGP4+ & ISIS for IPv6 Only the S5700LI,
S5700S-LI, and S5710-XVRRP6
MLDv1 and MLDv2
LI do not support this
function.
PIM-DM for IPv6
PIM-SM for IPv6
Layer 2
- IGMPv1/v2/v3 snooping None
multicast
features
Fast leave
IGMP Snooping proxy
MLD snooping
Interface-based multicast traffic
suppression
Inter-VLAN multicast replication
Controllable multicast
VPN - Multi-VPN-Instance CE (MCE) Only the S5720SI,
S5720S-SI, S5720HI, and
S5720EI support this
function.
GRE Only the S5720HI and
S5720EI support this
function.
VLL Only the S5720HI and
S5720EI support this
PWE3
function.
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
27
Page 35
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
MPLS - MPLS QoS Only the S5720HI and
VPLS
MPLS TE
3 Product Performance
S5720EI support this
function.
Device
reliability
BFD Basic BFD functions Only the S5700LI,
S5700S-LI, and S5710-X-
BFD for static route/IS-IS/
OSPF/BGP
LI do not support this
function.
BFD for PIM
BFD for VRRP
Stacking Stack card supporting the stacking
function
Only some S5720EI
models (S5720-C-EI,
S5720-PC-EI,S5720-XEI, and S5720-P-EI)
support this function.
Service interface supporting the
stacking function
Only S5700LI, S5700SLI, S5710-X-LI, some
S5720EI models (S5720C-EI,S5720-X-EI,S5720PC-EI) , S5720SI, and
S5720S-SI support this
function.
Others VRRP Only the S5700LI,
S5700S-LI, and S5710-XLI do not support this
function.
Ethernet
OAM
EFM
OAM
(802.3ah)
Automatic discovery None
Link fault detection
Link fault troubleshooting
Remote loopback
CFM
Software-level CCM None
OAM
(802.1ag)
MAC ping
MAC trace
OAM
association
Association between 802.1ag and
802.1ah
Association between 802.1ah and
802.1ag
Y.1731 Delay and variation measurement None
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
Only the S5700LI,
S5700S-LI, and S5710-XLI do not support this
function.
28
Page 36
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
QoS
features
Traffic
classifier
Traffic
behavior
Traffic classification based on
ACLs
Traffic classification based on outer
802.1p priorities, outer VLAN IDs,
source MAC addresses, and
Ethernet types
Traffic classification based on inner
VLAN IDs
Traffic classification based on inner
802.1p priorities
Access control after traffic
classification
Traffic policing based on traffic
classification
Re-marking based on traffic
classification
None
Only the S5700LI,
S5700S-LI, and S5710-XLI do not support this
function.
Only the S5700LI,
S5700S-LI, and S5710-XLI do not support this
function.
None
Traffic
policing
Traffic
shaping
Congestio
n
avoidance
Congestio
n
manageme
nt
Associating traffic classifiers with
traffic behaviors
Rate limit on inbound and
outbound interfaces
Traffic shaping on interfaces and
queues
Weighted Random Early Detection
(WRED)
Only the S5720EI, and
S5720HI supports this
function.
Tail drop None
Queue mapping None
Priority Queuing (PQ)
Deficit Round Robin (DRR)
PQ+DRR
Weighted Round Robin (WRR) Only the S5720HI do not
support this function.
PQ+WRR
HQoS Hierarchical Quality of Service Only the S5720HI support
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
this function.
29
Page 37
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Configura
tion and
maintena
nce
Login and
configurati
on
manageme
nt
Command line configuration None
Error message and help information
in English
Login through console and Telnet
terminals
SSH1.5/SSH2
Send function and data
communication between terminal
users
Hierarchical user authority
management and commands
SNMP-based NMS management
(eSight)
Web page-based configuration and
management
EasyDeploy The S5700LI, S5700S-LI,
S5710-X-LI, S5720SI,
and S5720S-SI only
support as a client.
File
system
Monitorin
g and
maintenan
ce
SVF
l The S5720HI only
support as a parent.
l The S5720EI,
S5700LI, S5700S-LI,
S5710-X-LI, S5720SI
and S5720S-SI only
support as an AS.
File system None
Directory and file management
File upload and download through
FTP, TFTP, SFTP, SCP, and FTPS
Hardware monitoring None
Reporting alarms on abnormal
device temperature
Second-time fault detection to
prevent detection errors caused by
instant interference
Version matching check
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
30
Page 38
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Dying gasp Only the S5700LI,
S5700S-LI, and S5720HI
support this function.
Version
upgrade
Information center and unified
management over logs, alarms, and
debugging information
Electronic labels, and command
line query and backup
Virtual cable test (VCT)
User operation logs
Detailed debugging information for
network fault diagnosis
Network test tools such as
traceroute and ping commands
Port mirroring, flow mirroring, and
remote mirroring
Energy saving
Device software loading and online
software loading
BootROM online upgrade
None
None
In-service patching
Security AAA Local authentication and
authorization
RADIUS authentication,
authorization, and accounting
HWTACACS authentication,
authorization, and accounting
NAC 802.1x authentication None
MAC address authentication
Portal authentication
Hybrid authentication None
ARP
security
ARP packet rate limiting based on
source MAC addresses
None
Only the S5720EI and
S5720HI support this
function.
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
31
Page 39
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
ARP packet rate limiting based on
None
source IP addresses, interfaces, and
VLANs, and global ARP packet
rate limiting
ARP anti-spoofing
Association between ARP and STP Only the S5700LI, S5710-
X-LI and S5700S-LI do
ARP gateway anti-collision
Dynamic ARP Inspection (DAI)
not support this function.
None
and Static ARP Inspection (SAI)
Egress ARP Inspection (EAI)
IP security ICMP attack defense None
IP source guard
Local
CPU attack defense
attack
defense
MFF MAC-Forced Forwarding (MFF)
DHCP
snooping
Attack
defense
DHCP snooping
Option 82 function and dynamic
rate limiting for DHCP packets
Defense against flood attacks
without IP payloads, attacks from
IGMP null payload packets, LAND
attacks, Smurf attacks, and attacks
from packets with invalid TCP flag
bits
Defense against attacks from many
fragments, attacks from many
packets with offsets, attacks from
repeated packet fragments, Tear
Drop attacks, Syndrop attacks,
NewTear attacks, Bonk attacks,
Nesta attacks Rose attacks, Fawx
attacks, Ping of Death attacks, and
Jolt attacks
Defense against TCP SYN flood
attacks, UDP flood attacks
(including Fraggle attacks and UDP
diagnosis port attacks), and ICMP
flood attacks
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
32
Page 40
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Network
managem
ent
- Ping and traceroute None
NQA
Network Time Protocol (NTP)
IPCA Only the S5720HI support
this function.
sFlow The S5720HI does not
support this function.
NetStream Only the S5720HI support
this function.
SNMP v1/v2c/v3 None
Standard MIB
HTTP
Hypertext Transfer Protocol Secure
(HTTPS)
Remote network monitoring
(RMON)
RMON2 Only theS5720EI and
S5720HI support this
function.
WLAN - AP Management Specifications Only the S5720HI support
Radio Management Specifications
WLAN Service Management
Specifications
QoS
WLAN Security Specifications
WLAN user management
specifications
this function.
3.3 Product Features Supported by V200R008C00
Table 3-3 lists features supported by the S5700.
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
33
Page 41
S5700 Series Ethernet Switches
Product Description
Table 3-3 Features supported by the S5700
Feature Description Difference
3 Product Performance
Ethernet
features
Ethernet Operating modes of full-duplex,
half-duplex and auto-negotiation
Rates of an Ethernet interface: 10
Mbit/s, 100 Mbit/s, 1000 Mbit/s, 10
Gbit/s, and auto-negotiation
Flow control on interfaces
Jumbo frames
Link aggregation
Load balancing among links of a
trunk
Transparent transmission of Layer
2 protocol packets
Device Link Detection Protocol
(DLDP)
Link Layer Discovery Protocol
(LLDP)
Only the S5720HI and
S5720EI do not support
the operating mode of
half-duplex.
None
Link Layer Discovery ProtocolMedia Endpoint Discovery (LLDPMED)
Interface isolation
Broadcast storm control
VLAN Access modes of access, trunk,
hybrid, and QinQ
Default VLAN
VLAN assignment based on
interfaces, MAC addresses,
protocols, and IP subnets
VLAN assignment based on the
following policies:
l MAC address + IP address
l MAC address + IP address +
interface number
l DHCP policies
Adding double VLAN tags to
packets based on interface
None
None
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
34
Page 42
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Super VLAN Only the S5700LI,
S5700S-LI, and S5710-X-
LI do not support this
function.
VLAN mapping None
Selective QinQ
MUX VLAN
Voice VLAN
Guest VLAN
GVRP Generic Attribute Registration
Protocol (GARP)
GARP VLAN Registration
Protocol (GVRP)
VCMP VCMP (VLAN centralized
management protocol)
MAC Automatic learning and aging of
MAC addresses
Static, dynamic, and blackhole
MAC address entries
Packet filtering based on source
MAC addresses
Interface-based MAC learning
limiting
Sticky MAC address entries
MAC address flapping detection
Configuring MAC address learning
priorities for interfaces
None
None
None
Only the S5720EI and
S5720HI support this
function.
MAC address spoofing defense Only the S5700LI,
Port bridge None
ARP Static and dynamic ARP entries None
ARP in a VLAN
Aging of ARP entries
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
S5700S-LI, S5710-X-LI,
S5720SI, and S5720S-SI
support this function.
35
Page 43
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Proxy ARP The S5700LI, S5700S-LI,
and S5710-X-LI do not
support inter-VLAN
proxy ARP.
Ethernet
loop
protection
Multi-port ARP for connecting to
the NLB cluster server
Only the S5720EI and
S5720HI support this
function.
MSTP STP None
RSTP
MSTP
VBST
BPDU protection, root protection,
and loop protection
TC-BPDU attack defense
STP loop detection
Loopback
Loop detection on an interface
detection
SEP Smart Ethernet Protection (SEP)
Smart Link Smart Link
Smart Link multi-instance
IPv4/IPv6
forwardin
g
Monitor Link
RRPP RRPP protective switchover
Single RRPP ring, tangent RRPP
ring, and intersecting RRPP ring
Hybrid networking of RRPP rings
and other ring networks
ERPS G.8032 v1/v2 Only the S5700S-LI does
not support this function.
Single closed ring
Subring
IPv4 and
Static IPv4 routes None
unicast
routes
VRF
DHCP client
DHCP server
DHCP relay
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
36
Page 44
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
DHCP policy VLAN Only the S5700LI and
S5700S-LI do not support
this function.
URPF check Only the S5700LI,
S5700S-LI, and S5710-X-
LI do not support this
function.
Routing policies Only the S5700LI,
S5700S-LI, and S5710-XRIPv1/RIPv2
OSPF
LI do not support this
function.
BGP Only the S5700LI,
S5700S-LI, and S5710-XMBGP
IS-IS
LI do not support this
function.
Multicast
routing
features
IPv6
features
PBR (redirection in a traffic policy) Only the S5700LI,
S5700S-LI, and S5710-X-
LI do not support this
function.
IGMPv1/v2/v3 Only the S5700LI,
S5700S-LI, and S5710-XPIM-DM
PIM-SM
LI do not support this
function.
MSDP
Multicast routing policies
RPF
IPv6 protocol stack None
ND and ND snooping
DHCPv6 snooping
RIPng Only the S5700LI,
S5700S-LI, and S5710-XDHCPv6 server
DHCPv6 relay
LI do not support this
function.
OSPFv3 Only the S5700LI,
BGP4+ & ISIS for IPv6 Only the S5700LI,
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
S5700S-LI, and S5710-X-
LI do not support this
function.
S5700S-LI, and S5710-X-
37
Page 45
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
VRRP6 LI do not support this
function.
MLDv1 and MLDv2
PIM-DM for IPv6
PIM-SM for IPv6
Layer 2
- IGMPv1/v2/v3 snooping None
multicast
features
Fast leave
IGMP Snooping Proxy
MLD snooping
Interface-based multicast traffic
suppression
Inter-VLAN multicast replication
Controllable multicast
VPN - Multi-VPN-Instance CE (MCE) Only the S5720SI,
S5720S-SI, and S5720EI
support this function.
Device
reliability
BFD Basic BFD functions Only the S5700LI,
S5700S-LI, and S5710-X-
BFD for static route/IS-IS/
OSPF/BGP
LI do not support this
function.
BFD for PIM
BFD for VRRP
Stacking Stack card supporting the stacking
function
Service interface supporting the
stacking function
Others VRRP Only the S5700LI,
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
Only some S5720EI
models (S5720-C-EI,
S5720-PC-EI,S5720-XEI, and S5720-P-EI)
support this function.
Only S5700LI, S5700SLI, S5710-X-LI, some
S5720EI models (S5720C-EI,S5720-X-EI,S5720PC-EI) , S5720SI, and
S5720S-SI support this
function.
S5700S-LI, and S5710-XLI do not support this
function.
38
Page 46
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Ethernet
OAM
QoS
features
EFM
Automatic discovery None
OAM
(802.3ah)
Link fault detection
Link fault troubleshooting
Remote loopback
CFM
Software-level CCM None
OAM
(802.1ag)
MAC ping
MAC trace
OAM
association
Association between 802.1ag and
802.1ah
Only the S5700LI,
S5700S-LI, and S5710-XLI do not support this
Association between 802.1ah and
function.
802.1ag
Y.1731 Delay and variation measurement None
Hardware-level delay and variation
None
measurement
Traffic
classifier
Traffic classification based on
ACLs
None
Traffic
behavior
Traffic classification based on outer
802.1p priorities, inner VLAN IDs,
outer VLAN IDs, source MAC
addresses, and Ethernet types
Traffic classification based on inner
VLAN IDs
Traffic classification based on inner
802.1p priorities
Access control after traffic
classification
Traffic policing based on traffic
classification
Re-marking based on traffic
classification
Associating traffic classifiers with
traffic behaviors
Only the S5700LI,
S5700S-LI, and S5710-XLI do not support this
function.
Only the S5700LI,
S5700S-LI, and S5710-XLI do not support this
function.
None
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
39
Page 47
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Traffic
policing
Traffic
shaping
Congestio
n
avoidance
Rate limit on inbound and
outbound interfaces
Traffic shaping on interfaces and
queues
Weighted Random Early Detection
(WRED)
Only the S5720EI, and
S5720HI supports this
function.
Tail drop None
Congestio
Queue mapping None
n
manageme
nt
Priority Queuing (PQ)
Deficit Round Robin (DRR)
PQ+DRR
Weighted Round Robin (WRR) Only the S5720HI do not
support this function.
PQ+WRR
HQoS Hierarchical Quality of Service Only the S5720HI support
this function.
Configura
tion and
maintena
nce
Login and
configurati
on
manageme
nt
Command line configuration None
Error message and help information
in English
Login through console and Telnet
terminals
SSH1.5/SSH2
Send function and data
communication between terminal
users
Hierarchical user authority
management and commands
SNMP-based NMS management
(eSight)
Web page-based configuration and
management
EasyDeploy The S5700LI, S5700S-LI,
S5710-X-LI, S5720SI,
and S5720S-SI only
support as a client.
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
40
Page 48
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
File
system
Monitorin
g and
maintenan
ce
SVF
l The S5720HI only
support as a parent.
l The S5720EI,
S5700LI, S5700S-LI,
S5710-X-LI, S5720SI
and S5720S-SI only
support as an AS.
File system None
Directory and file management
File upload and download through
FTP, TFTP, SFTP, SCP, and FTPS
Hardware monitoring None
Reporting alarms on abnormal
device temperature
Second-time fault detection to
prevent detection errors caused by
instant interference
Version matching check
Dying gasp Only the S5700LI,
S5700S-LI, and S5720HI
support this function.
Information center and unified
None
management over logs, alarms, and
debugging information
Electronic labels, and command
line query and backup
Virtual cable test (VCT)
User operation logs
Detailed debugging information for
network fault diagnosis
Network test tools such as
traceroute and ping commands
Port mirroring, flow mirroring, and
remote mirroring
Energy saving
Version
upgrade
Device software loading and online
software loading
BootROM online upgrade
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
None
41
Page 49
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
In-service patching
Security AAA Local authentication and
authorization
RADIUS authentication,
authorization, and accounting
HWTACACS authentication,
authorization, and accounting
NAC 802.1x authentication None
MAC address authentication
Portal authentication
Hybrid authentication None
ARP
security
ARP packet rate limiting based on
source MAC addresses
ARP packet rate limiting based on
source IP addresses, interfaces, and
VLANs, and global ARP packet
rate limiting
None
Only the S5720EI and
S5720HI support this
function.
None
ARP anti-spoofing
Association between ARP and STP Only the S5700LI, S5710-
X-LI and S5700S-LI do
ARP gateway anti-collision
Dynamic ARP Inspection (DAI)
not support this function.
None
and Static ARP Inspection (SAI)
Egress ARP Inspection (EAI)
IP security ICMP attack defense None
IP source guard
Local
CPU attack defense
attack
defense
MFF MAC-Forced Forwarding (MFF)
DHCP
DHCP snooping
snooping
Option 82 function and dynamic
rate limiting for DHCP packets
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
42
Page 50
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Network
managem
ent
Attack
defense
Defense against flood attacks
without IP payloads, attacks from
IGMP null payload packets, LAND
attacks, Smurf attacks, and attacks
from packets with invalid TCP flag
bits
Defense against attacks from many
fragments, attacks from many
packets with offsets, attacks from
repeated packet fragments, Tear
Drop attacks, Syndrop attacks,
NewTear attacks, Bonk attacks,
Nesta attacks Rose attacks, Fawx
attacks, Ping of Death attacks, and
Jolt attacks
Defense against TCP SYN flood
attacks, UDP flood attacks
(including Fraggle attacks and UDP
diagnosis port attacks), and ICMP
flood attacks
- Ping and traceroute None
NQA
Network Time Protocol (NTP)
IPCA Only the S5720HI support
this function.
sFlow The S5720HI does not
support this function.
NetStream Only the S5720HI support
this function.
SNMP v1/v2c/v3 None
Standard MIB
HTTP
Hypertext Transfer Protocol Secure
(HTTPS)
Remote network monitoring
(RMON)
RMON2 Only theS5720EI and
S5720HI support this
function.
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
43
Page 51
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
WLAN - AP Management Specifications Only the S5720HI support
Radio Management Specifications
WLAN Service Management
Specifications
QoS
WLAN Security Specifications
WLAN user management
specifications
3 Product Performance
this function.
3.4 Product Features Supported by V200R007C00
Table 3-4 lists features supported by the S5700.
Table 3-4 Features supported by the S5700
Feature
Ethernet
features
Ethernet Operating modes of full-duplex,
Description Difference
half-duplex and auto-negotiation
Rates of an Ethernet interface: 10
Mbit/s, 100 Mbit/s, 1000 Mbit/s, 10
Gbit/s, and auto-negotiation
Flow control on interfaces
Jumbo frames
Link aggregation
Load balancing among links of a
trunk
Transparent transmission of Layer
2 protocol packets
Device Link Detection Protocol
(DLDP)
Only the S5720HI and
S5720EI do not support
the operating mode of
half-duplex.
None
Link Layer Discovery Protocol
(LLDP)
Link Layer Discovery ProtocolMedia Endpoint Discovery (LLDPMED)
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
44
Page 52
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Interface isolation and forwarding
restriction
Broadcast storm suppression
VLAN Access modes of LNP, access,
trunk, hybrid, and QinQ
Default VLAN
VLAN assignment based on
interfaces, MAC addresses,
protocols, and IP subnets
VLAN assignment based on the
following policies:
l MAC address + IP address
l MAC address + IP address +
interface number
l DHCP policies
Adding double VLAN tags to
packets based on interface
Super VLAN Only the S5700LI and
VLAN mapping None
None
None
S5700S-LI do not support
this function.
Selective QinQ
MUX VLAN
Voice VLAN
Guest VLAN
GVRP Generic Attribute Registration
Protocol (GARP)
GARP VLAN Registration
Protocol (GVRP)
VCMP VCMP (VLAN centralized
management protocol)
MAC Automatic learning and aging of
MAC addresses
Static, dynamic, and blackhole
MAC address entries
Packet filtering based on source
MAC addresses
None
None
None
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
45
Page 53
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Interface-based MAC learning
limiting
Sticky MAC address entries
MAC address flapping detection
Ethernet
loop
protection
Configuring MAC address learning
priorities for interfaces
Only the S5720EI and
S5720HI support this
function.
MAC address spoofing defense Only the S5700LI and
S5700S-LI support this
function.
Port bridge None
ARP Static and dynamic ARP entries None
ARP in a VLAN
Aging of ARP entries
Proxy ARP Only the S5700LI and
S5700S-LI do not support
this function.
Multi-port ARP for connecting to
the NLB cluster server
Only the S5720EI and
S5720HI support this
function.
MSTP STP None
RSTP
MSTP
VBST
BPDU protection, root protection,
and loop protection
TC-BPDU attack defense
STP loop detection
Loopback
Loop detection on an interface
detection
SEP Smart Ethernet Protection (SEP)
Smart Link Smart Link
Smart Link multi-instance
Monitor Link
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
46
Page 54
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
RRPP RRPP protective switchover
Single RRPP ring, tangent RRPP
ring, and intersecting RRPP ring
Hybrid networking of RRPP rings
and other ring networks
ERPS G.8032 v1/v2 Only the S5700S-LI does
not support this function.
Single closed ring
Subring
IPv4/IPv6
forwardin
g
IPv4 and
unicast
routes
Static IPv4 routes None
VRF
DHCP client
DHCP server None
DHCP relay
DHCP policy VLAN Only the S5700LI and
S5700S-LI do not support
URPF check
this function.
Routing policies
RIPv1/RIPv2
OSPF Only the S5700LI and
S5700S-LI do not support
BGP
this function.
MBGP
IS-IS
PBR (redirection in a traffic policy)
Multicast
IGMPv1/v2/v3 Only the S5700LI and
routing
features
PIM-DM
PIM-SM
MSDP
Multicast routing policies
RPF
IPv6
IPv6 protocol stack None
features
ND and ND snooping
DHCPv6 snooping
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
S5700S-LI do not support
this function.
47
Page 55
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
RIPng Only the S5700LI and
S5700S-LI do not support
DHCPv6 server
this function.
DHCPv6 relay
OSPFv3 Only the S5700LI and
S5700S-LI do not support
BGP4+ & ISIS for IPv6
this function.
VRRP6
MLDv1 and MLDv2
PIM-DM for IPv6
PIM-SM for IPv6
Layer 2
- IGMPv1/v2/v3 snooping None
multicast
features
Fast leave
IGMP Snooping Proxy
MLD snooping
Interface-based multicast traffic
suppression
Inter-VLAN multicast replication
Controllable multicast
VPN MCE Multi-VPN-Instance CE (MCE) Only the S5700LI and
S5700S-LI do not support
this function.
Device
reliability
BFD Basic BFD functions Only the S5700LI and
S5700S-LI do not support
BFD for static route/IS-IS/
this function.
OSPF/BGP
BFD for PIM
BFD for VRRP
Stacking Stack card supporting the stacking
function
Service interface supporting the
stacking function
Others VRRP Only the S5700LI and
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
Only the S5720EI
supports this function.
Only some S5700LI
models support this
function.
S5700S-LI do not support
this function.
48
Page 56
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Ethernet
OAM
QoS
features
EFM
Automatic discovery None
OAM
(802.3ah)
Link fault detection
Link fault troubleshooting
Remote loopback
CFM
Software-level CCM None
OAM
(802.1ag)
MAC ping
MAC trace
OAM
association
Association between 802.1ag and
802.1ah
Only the S5700LI and
S5700S-LI do not support
this function.
Association between 802.1ah and
802.1ag
Y.1731 Delay and variation measurement None
Traffic
classifier
Traffic classification based on
ACLs
None
Traffic classification based on outer
802.1p priorities, inner VLAN IDs,
outer VLAN IDs, source MAC
addresses, and Ethernet types
Traffic
behavior
Traffic
policing
Traffic
shaping
Traffic classification based on inner
VLAN IDs
Traffic classification based on inner
802.1p priorities
Access control after traffic
classification
Traffic policing based on traffic
classification
Re-marking based on traffic
classification
Associating traffic classifiers with
traffic behaviors
Rate limit on inbound and
outbound interfaces
Traffic shaping on interfaces and
queues
Only the S5700LI and
S5700S-LI do not support
this function.
Only the S5700LI and
S5700S-LI do not support
this function.
None
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
49
Page 57
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Configura
tion and
maintena
nce
Congestio
n
avoidance
Weighted Random Early Detection
(WRED)
Only the S5720EI and
S5720HI support this
function.
Tail drop None
Congestio
Queue mapping None
n
manageme
nt
Priority Queuing (PQ)
Deficit Round Robin (DRR)
PQ+DRR
Weighted Round Robin (WRR) Only the S5720HI does
not support this function.
PQ+WRR
HQoS Hierarchical Quality of Service Only the S5720HI
supports this function.
Login and
Command line configuration None
configurati
on
manageme
nt
Error message and help information
in English
Login through console and Telnet
terminals
File
system
SSH1.5/SSH2
Send function and data
communication between terminal
users
Hierarchical user authority
management and commands
SNMP-based NMS management
(eSight)
Web page-based configuration and
management
EasyDeploy (client)
EasyDeploy (commander) Only the S5700LI and
S5700S-LI do not support
Easy deployment and maintenance
this function.
File system None
Directory and file management
File upload and download through
FTP, TFTP, SFTP, SCP, and FTPS
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
50
Page 58
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Monitorin
g and
maintenan
ce
Hardware monitoring None
Reporting alarms on abnormal
device temperature
Second-time fault detection to
prevent detection errors caused by
instant interference
Version matching check
Dying gasp Only the S5700LI, ,
S5700S-LI, and S5720EI
support this function.
Information center and unified
None
management over logs, alarms, and
debugging information
Electronic labels, and command
line query and backup
Virtual cable test (VCT)
User operation logs
Detailed debugging information for
network fault diagnosis
Network test tools such as
traceroute and ping commands
Port mirroring, flow mirroring, and
remote mirroring
Energy saving
Version
upgrade
Device software loading and online
software loading
BootROM online upgrade
Remote in-service upgrade
In-service patching
Security AAA Local authentication and
authorization
RADIUS authentication,
authorization, and accounting
HWTACACS authentication,
authorization, and accounting
None
None
NAC 802.1x authentication None
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
51
Page 59
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
MAC address authentication
Portal authentication
Hybrid authentication
ARP
security
ARP packet rate limiting based on
source MAC addresses
ARP packet rate limiting based on
Only the S5720EI
supports this function.
None
source IP addresses, interfaces, and
VLANs, and global ARP packet
rate limiting
ARP anti-spoofing
Association between ARP and STP Only the S5700LI and
S5700S-LI do not support
ARP gateway anti-collision
Dynamic ARP Inspection (DAI)
this function.
None
and Static ARP Inspection (SAI)
Egress ARP Inspection (EAI)
IP security ICMP attack defense None
IP source guard
Local
CPU attack defense
attack
defense
MFF MAC-Forced Forwarding (MFF)
DHCP
DHCP snooping
snooping
Option 82 function and dynamic
rate limiting for DHCP packets
Attack
defense
Defense against flood attacks
without IP payloads, attacks from
IGMP null payload packets, LAND
attacks, Smurf attacks, and attacks
from packets with invalid TCP flag
bits
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
52
Page 60
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Defense against attacks from many
fragments, attacks from many
packets with offsets, attacks from
repeated packet fragments, Tear
Drop attacks, Syndrop attacks,
NewTear attacks, Bonk attacks,
Nesta attacks Rose attacks, Fawx
attacks, Ping of Death attacks, and
Jolt attacks
Defense against TCP SYN flood
attacks, UDP flood attacks
(including Fraggle attacks and UDP
diagnosis port attacks), and ICMP
flood attacks
Network
managem
ent
- Ping and traceroute None
NQA
Network Time Protocol (NTP)
IPCA Only the S5720HI
supports this function.
sFlow The S5720HI does not
support this function.
NetStream Only the S5720HI support
this function.
SNMP v1/v2c/v3 None
Standard MIB
HTTP
Hypertext Transfer Protocol Secure
(HTTPS)
Remote network monitoring
(RMON)
RMON2 Only the S5720EI and
WLAN - AP Management Specifications Only the S5720HI
Radio Management Specifications
WLAN Service Management
Specifications
QoS
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
S5720HI supports this
function.
supports this function.
53
Page 61
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
WLAN Security Specifications
WLAN user management
specifications
3 Product Performance
3.5 Product Features Supported by V200R006C00
NOTE
Features marked with * are added in V200R006.
Table 3-5 lists features supported by the S5700.
Table 3-5 Features supported by the S5700
Feature
Ethernet
features
Description Difference
Ethernet Operating modes of full-duplex,
half-duplex and auto-negotiation
Rates of an Ethernet interface: 10
Mbit/s, 100 Mbit/s, 1000 Mbit/s, 10
Gbit/s, and auto-negotiation
Flow control on interfaces
Jumbo frames
Link aggregation
Load balancing among links of a
trunk
Transparent transmission of Layer
2 protocol packets
Device Link Detection Protocol
(DLDP)
Link Layer Discovery Protocol
(LLDP)
Only the S5720HI does
not support the operating
mode of half-duplex.
None
Link Layer Discovery ProtocolMedia Endpoint Discovery (LLDPMED)
Interface isolation and forwarding
restriction
Broadcast storm suppression
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
54
Page 62
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
VLAN Access modes of LNP, access,
trunk, hybrid, and QinQ
Default VLAN
VLAN assignment based on
interfaces, MAC addresses,
protocols, and IP subnets
VLAN assignment based on the
following policies:
l MAC address + IP address
l MAC address + IP address +
interface number
l DHCP policies
Adding double VLAN tags to
packets based on interface
Super VLAN Only the S5700LI and
VLAN mapping None
None
None
S5700S-LI do not support
this function.
Selective QinQ
MUX VLAN
Voice VLAN
Guest VLAN
GVRP Generic Attribute Registration
Protocol (GARP)
GARP VLAN Registration
Protocol (GVRP)
VCMP VCMP (VLAN centralized
management protocol)
MAC Automatic learning and aging of
MAC addresses
Static, dynamic, and blackhole
MAC address entries
Packet filtering based on source
MAC addresses
Interface-based MAC learning
limiting
None
None
None
Sticky MAC address entries
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
55
Page 63
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
MAC address flapping detection
Ethernet
loop
protection
Configuring MAC address learning
priorities for interfaces
Only the S5720HI
supports this function.
MAC address spoofing defense Only the S5700LI and
S5700S-LI support this
function.
Port bridge None
ARP Static and dynamic ARP entries None
ARP in a VLAN
Aging of ARP entries
Proxy ARP Only the S5700LI and
S5700S-LI do not support
this function.
Multi-port ARP for connecting to
the NLB cluster server
Only the S5720HI
supports this function.
MSTP STP None
RSTP
MSTP
VBST
BPDU protection, root protection,
and loop protection
TC-BPDU attack defense
STP loop detection
Loopback
Loop detection on an interface
detection
SEP Smart Ethernet Protection (SEP)
Smart Link Smart Link
Smart Link multi-instance
Monitor Link
RRPP RRPP protective switchover
Single RRPP ring, tangent RRPP
ring, and intersecting RRPP ring
Hybrid networking of RRPP rings
and other ring networks
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
56
Page 64
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
ERPS G.8032 v1/v2 Only the S5700S-LI does
not support this function.
Single closed ring
Subring
IPv4/IPv6
forwardin
g
IPv4 and
unicast
routes
Static IPv4 routes None
VRF
DHCP client
DHCP server None
DHCP relay
DHCP policy VLAN Only the S5700LI and
S5700S-LI do not support
URPF check
this function.
Routing policies
RIPv1/RIPv2
OSPF Only the S5700LI and
S5700S-LI do not support
BGP
this function.
MBGP
IS-IS
PBR (redirection in a traffic policy)
Multicast
routing
features
IPv6
features
IGMPv1/v2/v3 Only the S5700LI and
S5700S-LI do not support
PIM-DM
this function.
PIM-SM
MSDP
Multicast routing policies
RPF
IPv6 protocol stack None
ND and ND snooping
DHCPv6 snooping
RIPng Only the S5700LI and
S5700S-LI do not support
DHCPv6 server
this function.
DHCPv6 relay
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
57
Page 65
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
OSPFv3 Only the S5700LI and
S5700S-LI do not support
BGP4+ & ISIS for IPv6
this function.
VRRP6
MLDv1 and MLDv2
PIM-DM for IPv6
PIM-SM for IPv6
Layer 2
- IGMPv1/v2/v3 snooping None
multicast
features
Fast leave
IGMP Snooping Proxy
MLD snooping
Interface-based multicast traffic
suppression
Inter-VLAN multicast replication
Controllable multicast
VPN MCE Multi-VPN-Instance CE (MCE) Only the S5700LI and
S5700S-LI do not support
this function.
Device
reliability
BFD Basic BFD functions Only the S5700LI and
S5700S-LI do not support
BFD for static route/IS-IS/
this function.
OSPF/BGP
BFD for PIM
BFD for VRRP
Stacking Service interface supporting the
stacking function
Others VRRP Only the S5700LI and
Ethernet
OAM
EFM
OAM
(802.3ah)
Automatic discovery None
Link fault detection
Link fault troubleshooting
Remote loopback
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
Only some S5700LI
models support this
function.
S5700S-LI do not support
this function.
58
Page 66
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
QoS
features
CFM
Software-level CCM None
OAM
(802.1ag)
MAC ping
MAC trace
OAM
association
Association between 802.1ag and
802.1ah
Only the S5700LI and
S5700S-LI do not support
this function.
Association between 802.1ah and
802.1ag
Y.1731 Delay and variation measurement None
Traffic
classifier
Traffic classification based on
ACLs
None
Traffic classification based on outer
802.1p priorities, inner VLAN IDs,
outer VLAN IDs, source MAC
addresses, and Ethernet types
Traffic classification based on inner
VLAN IDs
Only the S5700LI and
S5700S-LI do not support
this function.
Traffic
behavior
Traffic
policing
Traffic
shaping
Congestio
n
avoidance
Traffic classification based on inner
802.1p priorities
Access control after traffic
classification
Traffic policing based on traffic
classification
Re-marking based on traffic
classification
Associating traffic classifiers with
traffic behaviors
Rate limit on inbound and
outbound interfaces
Traffic shaping on interfaces and
queues
Weighted Random Early Detection
(WRED)
Only the S5700LI and
S5700S-LI do not support
this function.
None
Only the S5700LI and
S5700S-LI do not support
this function.
Tail drop None
CongestionQueue mapping None
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
59
Page 67
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
managementPriority Queuing (PQ)
Deficit Round Robin (DRR)
PQ+DRR
Weighted Round Robin (WRR) Only the S5720HI does
not support this function.
PQ+WRR
Configura
tion and
maintena
nce
*
HQoS
Login and
configurati
on
manageme
nt
Hierarchical Quality of Service Only the S5720HI
supports this function.
Command line configuration None
Error message and help information
in English
Login through console and Telnet
terminals
SSH1.5/SSH2
Send function and data
communication between terminal
users
Hierarchical user authority
management and commands
SNMP-based NMS management
(eSight)
Web page-based configuration and
management
EasyDeploy (client)
EasyDeploy (commander) Only the S5700LI and
Easy deployment and maintenance
File
File system None
system
Directory and file management
File upload and download through
FTP, TFTP, SFTP, SCP, and FTPS
Monitorin
Hardware monitoring None
g and
maintenan
ce
Reporting alarms on abnormal
device temperature
Second-time fault detection to
prevent detection errors caused by
instant interference
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
S5700S-LI do not support
this function.
60
Page 68
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Version matching check
Dying gasp Only the S5700LI,
S5720HI, and S5700S-LI
support this function.
Version
upgrade
Information center and unified
management over logs, alarms, and
debugging information
Electronic labels, and command
line query and backup
Virtual cable test (VCT)
User operation logs
Detailed debugging information for
network fault diagnosis
Network test tools such as
traceroute and ping commands
Port mirroring, flow mirroring, and
remote mirroring
Energy saving
Device software loading and online
software loading
BootROM online upgrade
None
None
Remote in-service upgrade
In-service patching
Security AAA Local authentication and
authorization
RADIUS authentication,
authorization, and accounting
HWTACACS authentication,
authorization, and accounting
NAC 802.1x authentication None
MAC address authentication
Portal authentication
Hybrid authentication
None
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
61
Page 69
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
ARP
security
ARP packet rate limiting based on
source IP addresses, interfaces, and
None
VLANs, and global ARP packet
rate limiting
ARP anti-spoofing
Association between ARP and STP Only the S5700LI and
S5700S-LI do not support
ARP gateway anti-collision
Dynamic ARP Inspection (DAI)
this function.
None
and Static ARP Inspection (SAI)
Egress ARP Inspection (EAI)
IP security ICMP attack defense None
IP source guard
Local
CPU attack defense
attack
defense
MFF MAC-Forced Forwarding (MFF)
DHCP
snooping
Attack
defense
DHCP snooping
Option 82 function and dynamic
rate limiting for DHCP packets
Defense against flood attacks
without IP payloads, attacks from
IGMP null payload packets, LAND
attacks, Smurf attacks, and attacks
from packets with invalid TCP flag
bits
Defense against attacks from many
fragments, attacks from many
packets with offsets, attacks from
repeated packet fragments, Tear
Drop attacks, Syndrop attacks,
NewTear attacks, Bonk attacks,
Nesta attacks Rose attacks, Fawx
attacks, Ping of Death attacks, and
Jolt attacks
Defense against TCP SYN flood
attacks, UDP flood attacks
(including Fraggle attacks and UDP
diagnosis port attacks), and ICMP
flood attacks
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
62
Page 70
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Network
managem
ent
- Ping and traceroute None
NQA
Network Time Protocol (NTP)
IPCA
*
Only the S5720HI
supports this function.
sFlow The S5720HI does not
support this function.
NetStream Only the S5720HI support
this function.
SNMP v1/v2c/v3 None
Standard MIB
HTTP
Hypertext Transfer Protocol Secure
(HTTPS)
Remote network monitoring
(RMON)
RMON2 Only the S5720HI
supports this function.
*
WLAN
- AP Management Specifications Only the S5720HI
supports this function.
Radio Management Specifications
WLAN Service Management
Specifications
QoS
WLAN Security Specifications
WLAN user management
specifications
3.6 Product Features Supported by V200R005C00
NOTE
Features marked with * are added in V200R005.
Table 3-6 lists features supported by the S5700.
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
63
Page 71
S5700 Series Ethernet Switches
Product Description
Table 3-6 Features supported by the S5700
Feature Description Difference
3 Product Performance
Ethernet
features
Ethernet Operating modes of full-duplex,
half-duplex and auto-negotiation
Rates of an Ethernet interface: 10
Mbit/s, 100 Mbit/s, 1000 Mbit/s, 10
Gbit/s, and auto-negotiation
Flow control on interfaces
Jumbo frames
Link aggregation
Load balancing among links of a
trunk
Transparent transmission of Layer
2 protocol packets
Device Link Detection Protocol
(DLDP)
Link Layer Discovery Protocol
(LLDP)
Link Layer Discovery Protocol-
Media Endpoint Discovery (LLDP-
MED)
None
Interface isolation and forwarding
restriction
Broadcast storm suppression
VLAN Access modes of LNP, access,
trunk, hybrid, and QinQ
Default VLAN
VLAN assignment based on
interfaces, MAC addresses,
protocols, and IP subnets
VLAN assignment based on the
following policies:
l MAC address + IP address
l MAC address + IP address +
interface number
l DHCP policies
Adding double VLAN tags to
packets based on interface
None
Only the S5700SI and
S5700EI do not support
this function.
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
64
Page 72
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Super VLAN Only the S5700LI and
S5700S-LI do not support
this function.
VLAN mapping None
Selective QinQ
MUX VLAN
Voice VLAN
Guest VLAN
GVRP Generic Attribute Registration
Protocol (GARP)
GARP VLAN Registration
Protocol (GVRP)
*
VCMP
VCMP (VLAN centralized
management protocol)
MAC Automatic learning and aging of
MAC addresses
Static, dynamic, and blackhole
MAC address entries
Packet filtering based on source
MAC addresses
Interface-based MAC learning
limiting
Sticky MAC address entries
MAC address flapping detection
Configuring MAC address learning
priorities for interfaces
None
None
None
Only the S5710EI,
S5700HI, and S5710HI
support this function.
MAC address spoofing defense Only the S5700LI,
Port bridge None
ARP Static and dynamic ARP entries None
ARP in a VLAN
Aging of ARP entries
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
S5700S-LI, S5700SI, and
S5700EI support this
function.
65
Page 73
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Proxy ARP Only the S5700LI and
S5700S-LI do not support
this function.
Ethernet
loop
protection
Multi-port ARP for connecting to
the NLB cluster server
Only the S5710EI,
S5700HI, and_S5710HI
support this function.
MSTP STP None
RSTP
MSTP
*
VBST
BPDU protection, root protection,
and loop protection
TC-BPDU attack defense
STP loop detection
Loopback
Loop detection on an interface
detection
SEP Smart Ethernet Protection (SEP)
Smart Link Smart Link
Smart Link multi-instance
IPv4/IPv6
forwardin
g
Monitor Link
RRPP RRPP protective switchover
Single RRPP ring, tangent RRPP
ring, and intersecting RRPP ring
Hybrid networking of RRPP rings
and other ring networks
ERPS G.8032 v1/v2 Only the S5700S-LI does
not support this function.
Single closed ring
Subring
IPv4 and
Static IPv4 routes None
unicast
routes
VRF
DHCP client
DHCP server
DHCP relay
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
66
Page 74
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
DHCP policy VLAN Only the S5700LI and
S5700S-LI do not support
URPF check
this function.
Routing policies
RIPv1/RIPv2
OSPF Only the S5700LI,
S5700S-LI, and S5700SI
BGP
MBGP
do not support this
function.
IS-IS
PBR (redirection in a traffic policy)
Multicast
routing
features
IPv6
features
IGMPv1/v2/v3 Only the S5700LI,
S5700S-LI, and S5700SI
PIM-DM
PIM-SM
do not support this
function.
MSDP
Multicast routing policies
RPF
IPv6 protocol stack None
ND and ND snooping
DHCPv6 snooping
RIPng Only the S5700LI and
S5700S-LI do not support
DHCPv6 server
this function.
DHCPv6 relay
OSPFv3 Only the S5700LI,
S5700S-LI, and S5700SI
BGP4+ & ISIS for IPv6
VRRP6
do not support this
function.
MLDv1 and MLDv2
PIM-DM for IPv6
PIM-SM for IPv6
Layer 2
- IGMPv1/v2/v3 snooping None
multicast
features
Fast leave
IGMP Snooping Proxy
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
67
Page 75
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
MLD snooping
Interface-based multicast traffic
suppression
Inter-VLAN multicast replication
Controllable multicast
MPLS &
VPN
Basic
MPLS
functions
LDP Only the S5710EI,
S5700HI, and S5710HI
Double MPLS labels
support this function.
Mapping from DSCP to EXP
priorities in MPLS packets
Mapping from 802.1p priorities to
EXP priorities in MPLS packets
MPLS TE MPLS TE tunnel
MPLS TE protection group
VPN Multi-VPN-Instance CE (MCE) Only the S5700LI,
S5700S-LI, and S5700SI
do not support this
function.
VLL in SVC, Martini, CCC, and
Kompella modes
Only the S5710EI,
S5700HI, and S5710HI
support this function.
VLL FRR
VPLS
MPLS L3VPN
Device
BFD Basic BFD functions Only the S5700LI,
reliability
BFD for static route/IS-IS/
OSPF/BGP
BFD for PIM
BFD for VRRP
Stacking Stack card supporting the stacking
function
Service interface supporting the
stacking function
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
S5700S-LI, and S5700SI
do not support this
function.
Only some S5700SI
models and S5700EI
support this function.
Only some S5700LI
models, S5710EI, and
S5700HI support this
function.
68
Page 76
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Others VRRP Only the S5700LI,
S5700S-LI, and S5700SI
do not support this
function.
Ethernet
OAM
EFM
Automatic discovery None
OAM
(802.3ah)
Link fault detection
Link fault troubleshooting
Remote loopback
CFM
Software-level CCM None
OAM
(802.1ag)
MAC ping
MAC trace
Hardware-level CCM Only the S5700HI
supports this function.
OAM
association
Association between 802.1ag and
802.1ah
Only the S5700LI and
S5700S-LI do not support
this function.
Association between 802.1ah and
802.1ag
Y.1731 Delay and variation measurement None
Hardware-level delay and variation
measurement
Only the S5700HI
supports this function.
QoS
features
Traffic
classifier
Traffic
behavior
Traffic classification based on
ACLs
Traffic classification based on outer
802.1p priorities, inner VLAN IDs,
outer VLAN IDs, source MAC
addresses, and Ethernet types
Traffic classification based on inner
VLAN IDs
Traffic classification based on inner
802.1p priorities
Access control after traffic
classification
Traffic policing based on traffic
classification
None
Only the S5700LI,
S5700S-LI, and S5700SI
do not support this
function.
Only the S5700LI,
S5700S-LI, and S5700SI
do not support this
function.
None
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
69
Page 77
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Re-marking based on traffic
classification
Associating traffic classifiers with
traffic behaviors
Traffic
policing
Traffic
shaping
Congestio
n
avoidance
Congestio
n
manageme
nt
Rate limit on inbound and
outbound interfaces
Traffic shaping on interfaces and
queues
Simple Random Early Detection
(SRED)
Weighted Random Early Detection
(WRED)
Only the S5700EI
supports this function.
Only the S5710EI,
S5700HI, and S5710HI
support this function.
Tail drop None
Queue mapping None
Priority Queuing (PQ)
Deficit Round Robin (DRR)
PQ+DRR
Weighted Round Robin (WRR)
PQ+WRR
Configura
tion and
maintena
nce
Login and
configurati
on
manageme
nt
Command line configuration None
Error message and help information
in English
Login through console and Telnet
terminals
SSH1.5/SSH2
Send function and data
communication between terminal
users
Hierarchical user authority
management and commands
SNMP-based NMS management
(eSight)
Web page-based configuration and
management
EasyDeploy (client)
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
70
Page 78
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
EasyDeploy (commander) Only the S5700LI and
S5700S-LI do not support
Easy deployment and maintenance
this function.
File
system
Monitorin
g and
maintenan
ce
File system None
Directory and file management
File upload and download through
FTP, TFTP, SFTP, SCP, and FTPS
Hardware monitoring None
Reporting alarms on abnormal
device temperature
Second-time fault detection to
prevent detection errors caused by
instant interference
Version matching check
Dying gasp Only the S5700LI (except
S5700-52X-LI-48CS-AC,
S5700-28P-LI-BAT,
S5700-28P-LI-24S-BAT),
S5700S-LI, S5700HI, and
S5710HIsupport this
function.
Version
upgrade
Information center and unified
management over logs, alarms, and
debugging information
Electronic labels, and command
line query and backup
Virtual cable test (VCT)
User operation logs
Detailed debugging information for
network fault diagnosis
Network test tools such as
traceroute and ping commands
Port mirroring, flow mirroring, and
remote mirroring
Energy saving
Device software loading and online
software loading
BootROM online upgrade
None
None
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
71
Page 79
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Remote in-service upgrade
In-service patching
Security AAA Local authentication and
authorization
RADIUS authentication,
authorization, and accounting
HWTACACS authentication,
authorization, and accounting
NAC 802.1x authentication None
MAC address authentication
Portal authentication
Hybrid authentication
ARP
security
ARP packet rate limiting based on
source MAC addresses
ARP packet rate limiting based on
source IP addresses, interfaces, and
VLANs, and global ARP packet
rate limiting
None
Only the S5710EI,
S5700HI, and S5710HI
support this function.
None
ARP anti-spoofing
Association between ARP and STP Only the S5700LI and
S5700S-LI do not support
ARP gateway anti-collision
Dynamic ARP Inspection (DAI)
this function.
None
and Static ARP Inspection (SAI)
Egress ARP Inspection (EAI)
IP security ICMP attack defense None
IP source guard
Local
CPU attack defense
attack
defense
MFF MAC-Forced Forwarding (MFF)
DHCP
DHCP snooping
snooping
Option 82 function and dynamic
rate limiting for DHCP packets
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
72
Page 80
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Network
managem
ent
Attack
defense
Defense against flood attacks
without IP payloads, attacks from
IGMP null payload packets, LAND
attacks, Smurf attacks, and attacks
from packets with invalid TCP flag
bits
Defense against attacks from many
fragments, attacks from many
packets with offsets, attacks from
repeated packet fragments, Tear
Drop attacks, Syndrop attacks,
NewTear attacks, Bonk attacks,
Nesta attacks Rose attacks, Fawx
attacks, Ping of Death attacks, and
Jolt attacks
Defense against TCP SYN flood
attacks, UDP flood attacks
(including Fraggle attacks and UDP
diagnosis port attacks), and ICMP
flood attacks
- Ping and traceroute None
NQA
Network Time Protocol (NTP)
sFlow The S5700SI does not
support this function.
NetStream Only the S5710EI,
S5700HI, and S5710HI
support this function.
SNMP v1/v2c/v3 None
Standard MIB
HTTP
Hypertext Transfer Protocol Secure
(HTTPS)
Remote network monitoring
(RMON)
RMON2
*
Only the S5710EI,
S5700HI, and S5710HI
support this function.
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
73
Page 81
S5700 Series Ethernet Switches
Product Description
3 Product Performance
3.7 Product Features Supported by V200R003C00
Table 3-7 lists features supported by the S5700.
Table 3-7 Features supported by the S5700
Feature
Ethernet
features
Description Difference
Ethernet Operating modes of full-duplex,
half-duplex and auto-negotiation
Rates of an Ethernet interface: 10
Mbit/s, 100 Mbit/s, 1000 Mbit/s, 10
Gbit/s, and auto-negotiation
Flow control on interfaces
Jumbo frames
Link aggregation
Load balancing among links of a
trunk
Transparent transmission of Layer
2 protocol packets
Device Link Detection Protocol
(DLDP)
Link Layer Discovery Protocol
(LLDP)
None
Link Layer Discovery Protocol-
Media Endpoint Discovery (LLDP-
MED)
Interface isolation and forwarding
restriction
Broadcast storm suppression
VLAN Access modes of access, trunk,
hybrid, and QinQ
Default VLAN
VLAN assignment based on
interfaces, MAC addresses,
protocols, and IP subnets
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
None
74
Page 82
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
VLAN assignment based on the
following policies:
l MAC address + IP address
l MAC address + IP address +
interface number
l DHCP policies
Adding double VLAN tags to
packets based on interface
Super VLAN Only the S5700LI and
VLAN mapping None
Selective QinQ
MUX VLAN
Voice VLAN
Guest VLAN
GVRP Generic Attribute Registration
Protocol (GARP)
GARP VLAN Registration
Protocol (GVRP)
MAC Automatic learning and aging of
MAC addresses
Only the S5700SI and
S5700EI do not support
this function.
S5700S-LI do not support
this function.
None
None
Static, dynamic, and blackhole
MAC address entries
Packet filtering based on source
MAC addresses
Interface-based MAC learning
limiting
Sticky MAC address entries
MAC address flapping detection
Configuring MAC address learning
priorities for interfaces
MAC address spoofing defense Only the S5700LI,
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
Only the S5710EI,
S5700HI, and S5710HI
support this function.
S5700S-LI, S5700SI, and
S5700EI support this
function.
75
Page 83
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Port bridge None
ARP Static and dynamic ARP entries None
ARP in a VLAN
Aging of ARP entries
Proxy ARP Only the S5700LI and
S5700S-LI do not support
this function.
Ethernet
loop
protection
Multi-port ARP for connecting to
the NLB cluster server
Only the S5710EI,
S5700HI, and_S5710HI
support this function.
MSTP STP None
RSTP
MSTP
BPDU protection, root protection,
and loop protection
TC-BPDU attack defense
STP loop detection
Loopback
Loop detection on an interface
detection
SEP Smart Ethernet Protection (SEP)
Smart Link Smart Link
Smart Link multi-instance
Monitor Link
RRPP RRPP protective switchover
Single RRPP ring, tangent RRPP
ring, and intersecting RRPP ring
Hybrid networking of RRPP rings
and other ring networks
ERPS G.8032 v1/v2 Only the S5700S-LI does
Single closed ring
Subring
IPv4/IPv6
forwardin
g
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
IPv4 and
Static IPv4 routes None
unicast
routes
Copyright © Huawei Technologies Co., Ltd.
VRF
not support this function.
76
Page 84
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
DHCP client
DHCP server
DHCP relay
DHCP policy VLAN Only the S5700LI and
S5700S-LI do not support
URPF check
this function.
Routing policies
RIPv1/RIPv2
OSPF Only the S5700LI,
S5700S-LI, and S5700SI
BGP
MBGP
do not support this
function.
IS-IS
Multicast
routing
features
IPv6
features
PBR (redirection in a traffic policy)
IGMPv1/v2/v3 Only the S5700LI,
S5700S-LI, and S5700SI
PIM-DM
PIM-SM
do not support this
function.
MSDP
Multicast routing policies
RPF
IPv6 protocol stack None
ND and ND snooping
DHCPv6 snooping
RIPng Only the S5700LI and
S5700S-LI do not support
DHCPv6 server
this function.
DHCPv6 relay
OSPFv3 Only the S5700LI,
S5700S-LI, and S5700SI
BGP4+ & ISIS for IPv6
VRRP6
do not support this
function.
MLDv1 and MLDv2
PIM-DM for IPv6
PIM-SM for IPv6
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
77
Page 85
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Layer 2
multicast
features
MPLS &
VPN
- IGMPv1/v2/v3 snooping None
Fast leave
IGMP Snooping Proxy
MLD snooping
Interface-based multicast traffic
suppression
Inter-VLAN multicast replication
Controllable multicast
Basic
MPLS
functions
LDP Only the S5710EI,
S5700HI, and S5710HI
Double MPLS labels
support this function.
Mapping from DSCP to EXP
priorities in MPLS packets
Mapping from 802.1p priorities to
EXP priorities in MPLS packets
MPLS TE MPLS TE tunnel
Device
reliability
MPLS TE protection group
VPN Multi-VPN-Instance CE (MCE) Only the S5700LI,
S5700S-LI, and S5700SI
do not support this
function.
VLL in SVC, Martini, CCC, and
Kompella modes
Only the S5710EI,
S5700HI, and S5710HI
support this function.
VLL FRR
VPLS
MPLS L3VPN
BFD Basic BFD functions Only the S5700LI,
S5700S-LI, and S5700SI
BFD for static route/IS-IS/
OSPF/BGP
do not support this
function.
BFD for PIM
BFD for VRRP
Stacking Stack card supporting the stacking
function
Only some S5700SI
models and S5700EI
support this function.
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
78
Page 86
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Ethernet
OAM
Service interface supporting the
stacking function
Only some S5700LI
models, S5710EI, and
S5700HI support this
function.
Others VRRP Only the S5700LI,
S5700S-LI, and S5700SI
do not support this
function.
EFM
Automatic discovery None
OAM
(802.3ah)
Link fault detection
Link fault troubleshooting
Remote loopback
CFM
Software-level CCM None
OAM
(802.1ag)
MAC ping
MAC trace
Hardware-level CCM Only the S5700HI
supports this function.
QoS
features
OAM
association
Association between 802.1ag and
802.1ah
Only the S5700LI and
S5700S-LI do not support
this function.
Association between 802.1ah and
802.1ag
Y.1731 Delay and variation measurement None
Traffic
classifier
Hardware-level delay and variation
measurement
Traffic classification based on
ACLs
Only the S5700HI
supports this function.
None
Traffic classification based on outer
802.1p priorities, inner VLAN IDs,
outer VLAN IDs, source MAC
addresses, and Ethernet types
Traffic classification based on inner
VLAN IDs
Only the S5700LI,
S5700S-LI, and S5700SI
do not support this
function.
Traffic classification based on inner
802.1p priorities
Only the S5700LI,
S5700S-LI, and S5700SI
do not support this
function.
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
79
Page 87
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Traffic
behavior
Traffic
policing
Traffic
shaping
Congestio
n
avoidance
Access control after traffic
None
classification
Traffic policing based on traffic
classification
Re-marking based on traffic
classification
Associating traffic classifiers with
traffic behaviors
Rate limit on inbound and
outbound interfaces
Traffic shaping on interfaces and
queues
Simple Random Early Detection
(SRED)
Weighted Random Early Detection
(WRED)
Only the S5700EI
supports this function.
Only the S5710EI,
S5700HI, and S5710HI
support this function.
Tail drop None
Configura
tion and
maintena
nce
Congestio
n
manageme
nt
Login and
configurati
on
manageme
nt
Queue mapping None
Priority Queuing (PQ)
Deficit Round Robin (DRR)
PQ+DRR
Weighted Round Robin (WRR)
PQ+WRR
Command line configuration None
Error message and help information
in English
Login through console and Telnet
terminals
SSH1.5/SSH2
Send function and data
communication between terminal
users
Hierarchical user authority
management and commands
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
80
Page 88
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
SNMP-based NMS management
(eSight)
Web page-based configuration and
management
EasyDeploy (client)
EasyDeploy (commander) Only the S5700LI and
S5700S-LI do not support
Easy deployment and maintenance
this function.
File
system
Monitorin
g and
maintenan
ce
File system None
Directory and file management
File upload and download through
FTP, TFTP, SFTP, SCP, and FTPS
Hardware monitoring None
Reporting alarms on abnormal
device temperature
Second-time fault detection to
prevent detection errors caused by
instant interference
Version matching check
Dying gasp Only the S5700LI ,
S5700S-LI, S5700HI, and
S5710HIsupport this
function.
Information center and unified
None
management over logs, alarms, and
debugging information
Electronic labels, and command
line query and backup
Virtual cable test (VCT)
User operation logs
Detailed debugging information for
network fault diagnosis
Network test tools such as
traceroute and ping commands
Port mirroring, flow mirroring, and
remote mirroring
Energy saving
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
81
Page 89
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Version
upgrade
Device software loading and online
software loading
BootROM online upgrade
Remote in-service upgrade
In-service patching
Security AAA Local authentication and
authorization
RADIUS authentication,
authorization, and accounting
HWTACACS authentication,
authorization, and accounting
NAC 802.1x authentication None
MAC address authentication
Portal authentication Only the S5700LI and
Hybrid authentication Only the S5700LI,
None
None
S5700S-LI do not support
this function.
S5700S-LI, and S5700SI
do not support this
function.
ARP
security
ARP packet rate limiting based on
source MAC addresses
Only the S5710EI,
S5700HI, and S5710HI
support this function.
ARP packet rate limiting based on
None
source IP addresses, interfaces, and
VLANs, and global ARP packet
rate limiting
ARP anti-spoofing
Association between ARP and STP Only the S5700LI and
S5700S-LI do not support
ARP gateway anti-collision
Dynamic ARP Inspection (DAI)
this function.
None
and Static ARP Inspection (SAI)
Egress ARP Inspection (EAI)
IP security ICMP attack defense None
IP source guard
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
82
Page 90
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
3 Product Performance
Local
CPU attack defense
attack
defense
MFF MAC-Forced Forwarding (MFF)
DHCP
DHCP snooping
snooping
Option 82 function and dynamic
rate limiting for DHCP packets
Attack
defense
Defense against flood attacks
without IP payloads, attacks from
IGMP null payload packets, LAND
attacks, Smurf attacks, and attacks
from packets with invalid TCP flag
bits
Defense against attacks from many
fragments, attacks from many
packets with offsets, attacks from
repeated packet fragments, Tear
Drop attacks, Syndrop attacks,
NewTear attacks, Bonk attacks,
Nesta attacks Rose attacks, Fawx
attacks, Ping of Death attacks, and
Jolt attacks
Network
managem
ent
Defense against TCP SYN flood
attacks, UDP flood attacks
(including Fraggle attacks and UDP
diagnosis port attacks), and ICMP
flood attacks
- Ping and traceroute None
NQA
Network Time Protocol (NTP)
sFlow The S5700SI does not
support this function.
NetStream Only the S5710EI,
S5700HI, and S5710HI
support this function.
SNMP v1/v2c/v3 None
Standard MIB
HTTP
Hypertext Transfer Protocol Secure
(HTTPS)
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
83
Page 91
S5700 Series Ethernet Switches
Product Description
Feature Description Difference
Remote network monitoring
(RMON)
3.8 Performance Specifications
For the product specifications, log in to Huawei official website to download the product
brochure or product feature list for channel (if your account is unauthorized, contact Huawei
local office).
3 Product Performance
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
84
Page 92
Data Bus
Control Bus
SCU
Interface
Module
Power Supply
Control Module
Fan
Switch Module
S5700 Series Ethernet Switches
Product Description
For the version mappings, appearance and structure, port description, indicator description,
power supply configuration, heat dissipation, and specifications of S5700, see the S5700
Hardware Description - Chassis.
Figure 4-1 shows the logical structure of hardware modules of the switch.
4 Hardware Information
4 Hardware Information
Hardware modules of the S5700 refer to the interface card, SCU (Switch Control Unit), power
supply, and fan.
Figure 4-1 Logical structure of hardware modules
SCU
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
The SCU is fixed on the S5700. Each S5700 has one SCU.
The SCU is responsible for packet switching and device management. It integrates multiple
functional modules, namely, the main control module, switching module, and interface
module.
Main Control Module
Copyright © Huawei Technologies Co., Ltd.
85
Page 93
S5700 Series Ethernet Switches
Product Description
The main control module implements the following functions:
l Processing protocols
l Functioning as an agent of the user to manage the system and monitor the system
performance according to instructions of the user, and report the running status of the
device to the user
l Monitoring and maintaining the interface module and switching module on the SCU
Switching Module
The switching module, also called the switching fabric, is responsible for packet exchange,
multicast replication, QoS scheduling, and access control on the interface module of the SCU.
The switching module adopts high performance chips to implement line-speed forwarding and
fast switching of data with different priorities.
Interface Module
The interface module provides Ethernet interfaces for accessing Ethernet services.
Power Supply
4 Hardware Information
For details about S5700-LI-BAT power supply configuration, see S5700 Hardware
Description - Battery Modules.
For details about power supply configurations on other S5700s, see S5700 Hardware
Description - Power Modules.
Cards
The S5700 supports service and stack cards. Service cards allow flexible networking and
provide cost-effective and customized solutions. Stack cards connect multiple switches into
one logical switch, which implements on-demand expansion, reduces investments, simplifies
management, and improves network reliability.
For details about cards supported by the S5700, see S5700 Hardware Description - Cards.
Fan Modules
For details about fan modules on different models, see Heat Dissipation in S5700 Hardware
Description - Chassis.
Pluggable Modules for Interfaces
For specifications of various pluggable Modules for Interfaces, see "Pluggable Modules for
Interfaces" in the S5700 Hardware Description.
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
86
Page 94
S5700 Series Ethernet Switches
Product Description
Log in to Huawei official website, and search for Standard and Protocol Compliance List
to obtain the document.
5 References
5 References
Issue 18 (2016-11-09) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
87
Loading...