ZTE´s IPv6 Core Router ZXR10 T1200

By the end of 2004, there were 94 million cyber citizens in China, among which 4.28 million were broadband subscribers. With the increase of subscribers, the export bandwidth of China International Internet has reached up to 74 Gb/s, over 4 000 times of that in 1997 (18.64 Mb/s). IP services grow explosively in China and other countries all over the world[1,2]. Services over IP have expanded from data services to voice and video services. With the development of Next Generation Network (NGN) and 3G services, there will be higher requirements on the IP bearer network concerning the IP address capacity, network security, Quality of Service (QoS) and mobility. The IPv4, the basic protocol of the current Internet, has revealed the defects in such aspects as IP address resource, IP end-to-end connectivity, mobility and security. Therefore, it is necessary for IPv4-based network to evolve into the NGN.

    The IPv6 core router is critical to building of the next-generation Internet. It is technologically required to provide broad bandwidth, excellent performance, multiple services, high reliability and easy maintenance.

    The ZXR10 T1200 IPv4/IPv6 dual stack core router launched by ZTE supports IPv6 routing protocols such as RIPng, OSPFv3 IS-ISv6 and BGP4+, as well as transition technologies including Network Address Translation-Protocol Translation (NAT-PT), manual tunneling, 6to4, and IPv6 Provider Edge Router (6PE). In addition, IPv6 security technologies such as Access Control List (ACL) and Unicast Reverse Path Forwarding (uRPF) are supported, as well as IPv6 QoS and multicast. Its switching capacity reaches 640 Gb/s. Additionally, it has a forwarding rate of 400 Mb/s, and supports 10 Gb/s interface as well. These features enable ZXR10 T1200 to perfectly satisfy the requirements of building the next-generation Internet.

1 Architecture of ZXR10 T1200
A core router should have a forwarding capability that may meet the demands brought by the increase of network traffic, as well as system reliability that conforms to the carrier-class equipment standards. In addition, it should satisfy the carrier-class equipment requirements on the scalability of switching capacity, support for new technologies, smooth upgrading, QoS assurance, and reliable software architecture. The design of the ZXR10 T1200 embodies the principles mentioned above in all around.

1.1 Hardware Architecture
The ZXR10 T1200 utilizes a fully distributed multi-processor to process packets in parallel. It has an integrated crossbar switching fabric, and hardware architecture based on a passive high-speed serial backplane. The essential components are designed in redundancy. Besides, the smooth upgrade capability and easy maintenance of the system are taken into full consideration.

    As shown in Figure1, the ZXR10 T1200 consists of the line interface cards, network processing cards, switching fabric cards, main control processor, power, monitor and alarm system, and high-speed serial backplane. Switching fabric cards and main control processing cards are designed in 1:1 redundancy and the power module in N +1 redundancy. The data plane (forwarding plane) of each network processing and switching fabric card adopts high-speed serial lines (3.125 Gb/s) to implement packet switching. The main control card communicates with control planes of each physical processor and the switching fabric card through a gigabit switched Ethernet separated from the data plane.

    The ZXR10 T1200 integrates the IP routing, switching and broadband network technologies. In system design, it separates the routing engine from the forwarding engine, the distributed local forwarding table from the concentrated global routing table, and physical channels of data flow control from those of data flow forwarding. In addition, it separates routing calculation from operation and maintenance (physically implemented by different CPUs on the main control card). It utilizes high-speed hardware to implement distributed handling of route searching and forwarding of IP messages.

1.2 General Software Architecture
The system software of the ZXR10 T1200 uses the ZXROS distributed multi-processor, multi-task real-time operating system platform. The system software is distributed on each processor and main control card.
The general software architecture takes the hierarchical and modular structure, as shown in Figure 2. This architecture has several advantages:

• The system has good encapsulation and independence.
• A layer and a protocol module interact via a specified interface.
• Every layer can be used for other communication equipment as an independent subsystem.
• The system has good transparency, flexibility and scalability.
• Modules with different functions adopt independent processes, between which memory protection is available. Therefore, if any system process fails, it affects the local part only.
• The system supports module
  level upgrading.
  

    The general software consists of the following subsystems:

• Internal communication subsystem
• Operating system kennel
• Link layer protocol subsystem
• IP protocol subsystem
• Supporting protocol and socket subsystem
• Routing protocol subsystem
• Security subsystem
• VPN subsystem
• Tunnel subsystem
• IP address management subsystem
• Application subsystem
  

    IP protocol subsystems are distributed on every processor and main control card, while the functional subsystems above the IP layer are distributed only on main control cards.

2 Key Technologies of the IPv6 Core Router

2.1 Flexible, Reliable and High Performance Hardware Architecture
The IPv6 core router is the core node equipment of the next-generation Internet. Its hardware architecture should completely satisfy the requirements of high reliability, high forwarding performance and scalability. In addition, it should provide powerful support for QoS, multicast and security.

    In the aspect of reliability, the ZXR10 T1200 adopts the design of reliable modeling, distribution and pre-design. Engineering weighting assignment enables the reliability distribution for each hardware unit, and establishes a reliable model based on exponential distribution series-wound architecture. Based on modeling, the most important parts of the system designed in redundancy are of low failure probability, hence ensuring the ZXR10 T1200 to meet carrier-class equipment standards.

    In the aspect of performance, the routing engine uses high-performance CPUs to support routing calculation and update of large-capacity routing table entries. It supports up to 2 M channels that may satisfy the current and future requirements on ultra-large routing table entries. The forwarding engine uses a large-capacity switching network to support hardware duplication for multicast, multi-priority mediating and scheduling in packet switching. Besides, the switching network supports multi-rack cascade expansion by upgrading, thus developing into a routing system product. Distributed network-processing cards use the high-performance Field-Programmable Gate Array (FPGA), together with network processors to handle forwarding packets at concurrent streamline. It can not only handle wire-speed processing for IPv4/v6 packets at the 10 Gb/s interface, but also flexibly support the service processing.

2.2 ZXROS Software Platform Based on  Embedded Real-time Multi-task Kennel
The ZXROS integrates the complete IPv4/v6 stack protocol software, multi-service software and network management software.

    The ZXROS kennel mainly implements process scheduling, memory management, clock management, interruption management and distributed message communication, and thus provides the other parts of the ZXROS with basic system service independent of the hardware platform. The ZXROS kennel features:

    (1) High Reliability
    It can meet requirements of long time stable running.

    (2) Real Time
    The low delay and preemptible scheduling mechanism ensures time requirements of protocol operation, service application and synchronous data among multiple processors.

    (3) Self-healing
    It detects, processes and records system abnormality. It can timely perform necessary fault recovery and equipment switching in abnormal cases.

    (4) Maintainability
    It can trace and record the utilization and invoking status of kernel resources and system services.

    (5) Simplicity
    It provides only necessary system services to the applications, and shields unnecessary system services.

    (6) Encapsulation
    It can shield hardware characteristics to make the hardware independent of the application layer. It also facilitates the relocation of protocol stacks and applications among various software/hardware platforms. Moreover, it supports X86, Pay-Per-Click (PPC), ARM and many other hardware platforms.

    The IPv4/IPv6 protocol stack software is designed in a hierarchical and modular structure. The structure makes the ZXROS developable and scalable. Interfaces among modules and protocols of the ZXROS are standard internal interfaces. Meanwhile, the special bedding is added between the IP layer and the hardware drive layer through encapsulating the ZXROS kennel primitive. This provides logic-independent shielding of the protocol layer and hardware, offers on-port management for the upper layer protocols. In addition, device-independent application function interfaces for data sending and receiving eliminates the dependence of the ZXROS upper layer software on devices.

    In addition, protocol modules of the IPv4/IPv6 protocol stack reside in different ZXROS system processes, and memory protection is available between protocol processes. Abnormality in a certain protocol process does not affect the normal running of others. The kennel can control the status of the protocol processes to support the in-service module-level upgrading of the software.

    With features of complete protocol functions, user interface uniformity, good portability, scalability, high reliability and expandability, the ZXROS can meet with the rigorous requirements of the NGN.

2.3 Effective IPv6 Forwarding Mechanism
Featuring high-speed forwarding, the IPv6 core router can process IPv4/IPv6 packets with a single port rate of up to10 Gb/s.

    From IPv4 to IPv6, the IP address is extended from 48 bits to 128 bits. Theoretically, the IPv6 basic header is fixed as 40 bytes in length and the header checks and fields are cancelled. This can reduce the overhead used by a router for data forwarding and helps improve the efficiency of a router in processing headers. However, in nature, the rout searching of IPv6 is still the same as that of IPv4, that is, it takes the principle of the longest match to select the premium path and allows import of extra packet filtering in the process of router forwarding. Due to expansion of the rout searching key and the memory occupation of a single routing table entry, the core router has to solve a problem. That is, how to implement the origination and quick search of the forwarding table of the large capacity IPv4/IPv6 according to the hardware features in practice.

    The solution of ZXR10 T1200 is the hardware tree. With this method, rout prefixes are saved in the hardware tree table of the ZXR10 T1200 network-processing card. The maximum capacity of the hardware tree reaches 256 M bytes, and up to 2 M IPv6 table entries can be supported. If there are 2 M entries, the time needed for one search is less than eight internal clock ticks. That is, the search amount is about 30 M per second, which can satisfy the
route-searching requirement of 10 Gb/s interfaces.

2.4 IPv4-to-IPv6 Transition Technology
At present, numbers of transition technologies are supporting (such as dual stack, tunnel and translation) the coexistence of IPv4 and IPv6, as well as the evolution.

    Dual stack means that an IPv6 router realizes both IPv4 and IPv6 protocols simultaneously, and IPv4 and IPv6 can be used in a hybrid environment. The router processes IPv4 and IPv6 packets separately by searching the corresponding IPv4 and IPv6 forwarding tables. By this way, IPv4 applications go through the IPv4 network system, while IPv6 applications go through the IPv6 network system. Dual stack is a basic function that an IPv6 router must support because the tunnel transition technology to be mentioned later always requires the device to run in dual stack mode. The ZXR10 T1200 supports IPv4/IPv6 functions in all around on the control plane and forwarding plane, and thus has a complete dual stack capability.

    The IPv6 tunnel is to encapsulate IPv6 protocol packets into another protocol (IPv4 or MPLS) to implement the interconnection between IPv6 islands and the IPv4 backbone network. Of course, with the development of IPv6, it may appear that IPv4 islands are interconnected with the IPv6 backbone network through tunnels.

    To realize the ZXROS software platform, the tunnel mechanism is realized through general interfaces. That is, a tunnel is simulated to be a virtual interface and bound to an actual physical interface in actual application. Its interface attribute is similar to that of a normal interface. This approach is relatively flexible and can realize different modes of tunnels in one form. The ZXROS software platform supports such technologies as manual tunnel, 6to4, and 4in6. In addition, it realizes the 6PE tunnel technology. In this case, IPv6 acts as a private network of Client Edge (CE) routers and Label Switching Path (LSP) tunnels for IPv6 are created in the MPLS backbone network.

    NAT-PT is also an important transition technology. It adapts well to intercommunication between the pure IPv4 nodes and pure IPv6 nodes. With a dedicated NAT-PT service-processing card added into the system, the ZXR10 T1200 implements high-performance NAT-PT processing. All the packets received from a common line card, if NAT-PT conversion is required, are sent to the NAT-PT board uniformly for processing via the switching network. Every NAT-PT service-processing card  supports up to 256 K NAT-PT mapping items and a NAT-PT processing capability of 2.5 Gb/s. The advantages of this mode are as follows:

    (1) The realization of NAT-PT services has almost no impact on the original packet processing flow of each line card.

    (2) It reduces the design difficulty of dynamic synchronism and aging required by the distribution of the NAT mapping tables of the NAT-PT modules due to distributed processing.

    (3) This architecture also supports the NAT-PT board extended to multi-load sharing, realizes the NAT-PT processing ability of super large capacity, hence meets the demands in scalability of the continuous development of the network.

3 Conclusions
The IPv6 core router is the most important infrastructure equipment for building of the next-generation Internet. The equipment shall meet requirements of high bandwidth, high performance, multiple services, high reliability, easy maintenance and scalability. The successful launch of the ZXR10 T1200 IPv6 core router indicates that ZTE is capable of developing and offering core equipment for next generation Internet construction.

References
[1] Jiang Lintao, Opportunities and Challenges of IPv6[J]. ZTE Communications, 2004,10(4): 8-12.
[2] China Internet Data Center, Statistic Report of China Internet Development Status[Z].
[3] Wu Meijuan, Yue Jian, Study on Key Technologies for Hardware Abstract Layer of High Performance Router[DB/OL]. http://www.c114.net.
[4] Zhou Xun, IPv6—Core of Next generation Internet[M]. Electronic Industry Publishing House, Beijing, 2003.
[5] IETF RFC2460 Internet Protocol, Version 6 (IPv6) Specification [S].
[6] IETF RFC2766 Network Address Translation—Protocol Translation (NAT-PT)[S].

Manuscript received: 2005-06-18