AR 28 - 09 System Description

System Description
Quidway AR 28-09 Router Table of Contents
Table of Contents
Chapter 1 Product Overview.................................................................................................... 1-1

1.1 Introduction................................................................................................................... 1-1
1.2 Interface Cards and Modules......................................................................................... 1-2
1.2.1 SIC ..................................................................................................................... 1-2
1.2.2 MIM .................................................................................................................... 1-3
Chapter 2 Product Features..................................................................................................... 2-1

2.1 Abundant Interfaces ...................................................................................................... 2-1
2.2 Rich Access Features ................................................................................................... 2-1
2.3 Powerful Forwarding/Service Processing Capacity ........................................................ 2-1
2.4 High Reliability .............................................................................................................. 2-2
2.5 Extraordinary Diff-Serv/QoS .......................................................................................... 2-2
2.6 MPLS VPN and Traditional VPN ................................................................................... 2-2
2.7 DCC.............................................................................................................................. 2-3
2.8 Broad Portfolio of Voice Services .................................................................................. 2-4
2.9 Sound Security Mechanism........................................................................................... 2-5
2.9.1 IPSec.................................................................................................................. 2-5
2.9.2 Encryption Card .................................................................................................. 2-6
2.9.3 Portal.................................................................................................................. 2-6
2.9.4 PKI/CA................................................................................................................ 2-6
2.9.5 SSHv1.5/v2.0...................................................................................................... 2-6
2.9.6 URPF ................................................................................................................. 2-6
2.10 Perfect Routing Policy and Abundant Routing Features............................................... 2-7
2.11 Integrated NMSs ......................................................................................................... 2-7
2.12 Globe-Oriented Design................................................................................................ 2-8
Chapter 3 Specifications and Functionality ............................................................................ 3-1

3.1 Physical Specifications.................................................................................................. 3-1
3.2 Attributes of Fixed Interfaces......................................................................................... 3-2
3.3 Software Functionality................................................................................................... 3-4
Chapter 4 Applications and Solutions .................................................................................... 4-1

4.1 Integrated Networking for Medium-Sized Enterprises .................................................... 4-1
4.2 Consolidated Terminal Solution for the Financial Industry.............................................. 4-2
4.3 Voice Solution............................................................................................................... 4-2
4.4 VPN Solution ................................................................................................................ 4-3
4.5 Broadband Access Solution .......................................................................................... 4-4
Chapter 5 Ordering Guide........................................................................................................ 5-1

5.1 Ordering Units............................................................................................................... 5-1
Huawei Technologies Proprietary
i
System Description
Quidway AR 28-09 Router Table of Contents
5.2 Ordering Interface Cards and Modules .......................................................................... 5-1

5.3 Ordering Electrical/Fiber-Optic Cables........................................................................... 5-7
5.3.1 Ordering Electrical Cables................................................................................... 5-7
5.3.2 Ordering Fiber-Optic Cables................................................................................ 5-9
ii
System Description
Quidway AR 28-09 Router Chapter 1 Product Overview
Chapter 1 Product Overview
1.1 Introduction
Quidway AR 28-09 Router is an edge access router independently developed by
Huawei Technologies. It adopts modular design and provides a wide range of optional
SICs (Smart Interface Cards) and MIMs (Multifunctional Interface Modules) in addition
to fixed Fast Ethernet interfaces (FEs), AUX ports, and synchronous/asynchronous
serial interfaces. Compared with competitive products, the AR 28-09 features higher
cost effectiveness and excellent expandability, and therefore can serve as an access
router in large branches or a core router in small to medium-sized enterprise networks.
The AR 28-09 adopts high-speed microprocessor PowerPCs. It operates on Huawei
network operating system platform VRP (Versatile Routing Platform) which makes
configuration an easy task. The router delivers:
l Abundant network security features
l Dumb terminal access
l SNA/DLSw
l Backup solutions based on the backup center technology
l VoIP
l IP multicast
l PPPoE
l Portfolio of rich QoS features
With all these features, the router can be networked with other Quidway Series Routers
and Ethernet switches to provide overall end-to-end network solutions for medium to
large-sized enterprises and industries from telecom, ISP, finance, revenue, public
security to railway transportation.
As software and hardware of the AR 28-09 are designed in compliance with
international standards, the router can interoperate with products of other vendors at all
layers. This protects user investment to the maximum degree.
The following two figures show the front view and rear view of AR 28-09:
Figure 1-1 Front view of the AR 28-09
1-1
System Description
Figure 1-2 Rear view of the AR 28-09
The AR 28-09 provides three fixed network interfaces: one 10/100 Mbps Ethernet
interface, one AUX port, and one synchronous/asynchronous serial interface. It also
provides one MIM slot and two SIC slots.
1.2 Interface Cards and Modules

The AR 28-09 is available with a wide range of SICs and MIMs, allowing for great
compatibility with other Quidway Series Routers. This protects existing user investment
to a maximum degree. The types of SICs and MIMs are described in the following
subsections.
1.2.1 SIC
I. Ethernet Interface Card
1-port 10Base-T/100Base-TX Ethernet interface card (SIC-1FEA)

1-port 10Base-T Ethernet interface card (SIC-1ETH)
II. WAN Interface Card
1-port multiprotocol synchronous/asynchronous serial interface card (SIC-1SA)

1-port enhanced high-speed synchronous/asynchronous serial interface card
(SIC-1SAE)
3-port asynchronous serial interface card (SIC-3AS)
1-port ISDN BRI S/T interface card (SIC-1BS)
2-port ISDN BRI S/T interface card (SIC-2BS)
1-port ISDN BRI U interface card (SIC-1BU)
2-port ISDN BRI U interface card (SIC-2BU)
1-port channelized E1/CE1/PRI compatible interface card (SIC-EPRI)
1-port fractional E1 interface card (SIC-1E1-F)
1-port channelized T1/CT1/PRI compatible interface card (SIC-TPRI)
1-port fractional T1 interface card (SIC-1T1-F)
1-port analog modem interface card (SIC-1AM)
1-2
System Description
2-port analog modem interface card (SIC-2AM)
III. Voice Interface Card
1-port voice subscriber circuit interface card (SIC-1FXS)

2-port voice subscriber circuit interface card (SIC-2FXS)
1-port voice AT0 analog trunk interface card (SIC-1FXO)
2-port voice AT0 analog trunk interface card (SIC-2FXO)
1.2.2 MIM
I. Ethernet Interface Module
1-port 10/100Base-TX Fast Ethernet interface module (1FE)

1-port 100Base-FX Ethernet multi-mode fiber interface module (1MFX)
1-port 100Base-FX Ethernet single-mode fiber interface module (1SFX)
1-port 10Base-T/100Base-T/1000Base-TX Ethernet electrical interface module
(1GBE)
2-port 10Base-T/100Base-TX/1000Base-T Ethernet electrical interface module
(2GBE)
1-port 1000Base-SX/1000Base-LX Gigabit Ethernet fiber interface card (1GEF)
2-port 1000Base-SX/1000Base-LX Gigabit Ethernet fiber interface module (2GEF)
8-port 10/100 Mbps layer 2 switching interface module (8LS)
16-port 10/100 Mbps layer 2 switching interface module (16LS)
II. WAN interface module
2-port high-speed synchronous/asynchronous serial interface module (2SA)

2-port enhanced high-speed asynchronous serial interface module (2SAE)
8-port asynchronous serial interface module (8AS)
16-port asynchronous serial interface module (16AS)
8-port enhanced asynchronous serial interface module (8ASE)
16-port enhanced asynchronous serial interface module (16ASE)
6-port analog modem interface module (6AM)
12-port analog modem interface module (12AM)
2-port fast connect modem interface module (2FCM)
1-3
System Description

1-port channelized E1/PRI interface module (1E1)
1-port fractional E1 interface module (1E1-F)
1-port channelized T1/PRI interface module (1T1)
1-port fractional T1 interface module (1T1-F)
1-port channelized E3 interface module (1CE3)
1-port channelized T3 interface module (1CT3)
4-port ISDN BRI S/T interface module (using jumpers) (4BSE)
1-port 25 Mbps ATM interface module (1ATM-25M)
1-port ADSL over PSTN interface module (1ADSL)
2-port ADSL over PSTN interface module (2ADSL)
1-port ADSL over ISDN interface module (1ADSL-I)
2-ports ADSL over ISDN interface module (2ADSL-I)
1-port G.SHDSL interface module (1G.SHDSL)
1-port dual-pair G.SHDSL interface module (1SHL-4W)
1-port 34 Mbps ATM-E3 interface module (1AE3)
1-port 44 Mbps ATM-T3 interface module (1AT3)
4-port E1 ATM inverse multiplexing interface module (IMA-4E1)
8-port E1 ATM inverse multiplexing interface module (IMA-8E1)
4-port T1 ATM inverse multiplexing interface module (IMA-4T1)
1-4
System Description
8-port T1 ATM inverse multiplexing interface module (IMA-8T1)
III. Voice Interface Module
2-port voice subscriber circuit interface module (2FXS)

4-port voice subscriber circuit interface module (4FXS)
2-port voice AT0 analog trunk interface module (2FXO)
4-port voice AT0 analog trunk interface module (4FXO)
2-port voice E&M analog trunk interface module (2E&M)
4-port voice E&M analog trunk interface module (4E&M)
1-port E1 voice interface module (E1VI)
1-port T1 voice interface module (T1VI)
2-port ISDN BRI S/T voice interface module (2BSV)
IV. Encryption Module
Network data encryption module (NDEC)

High network data encryption (HNDE)
1-5
System Description
Quidway AR 28-09 Router Chapter 2 Product Features
Chapter 2 Product Features
2.1 Abundant Interfaces

The AR 28 series provides a wide range of physical interfaces, the most common of
which are synchronous/asynchronous serial interface, Ethernet interface, E1/T1
interface, E1-F/T1-F interface, E3/T3 interface, ISDN BRI/PRI interface, AM (Analog
Modem) interface, ATM interface, and voice interface.
l Ethernet interface: 10/100Base-TX, 100Base-FX, 1000Base-SX/LX
l FR interface: E1/T1, E1-F/T1-F, synchronous serial interface
l X.25 interface: E1/T1, E1-F/T1-F, synchronous serial interface
l ISDN interface: ISDN BRI S/T, ISDN PRI
l PSTN interface: asynchronous serial interface, E1/T1
l Terminal access port: asynchronous serial port, AM
l DDN network interface: synchronous/asynchronous serial interface, E1/T1,
E1-F/T1-F, E3/T3
l Voice interface: analog voice interface FXS/FXO and digital voice interface
E1VI/T1VI/BSV
l ATM interface: IMA interface, ATM 25M/155M, ATM E3/T3, ADSL, G.HSDSL
2.2 Rich Access Features

The AR 28 series is available with these access features: transparent bridge, PPP, MP,
PPPoE server/client, PPPoEoA, IPoA, IPoEoA, LAPB, X.25, X.25 switching, FR
(Frame Relay), FR switching, HDLC, SLIP, SDLC, ISDN, and ATM. These features
enable the AR 28 series to provide accesses to different types of networks.
2.3 Powerful Forwarding/Service Processing Capacity

IP packet forwarding rate is a key indicator for evaluating router performance. When a
router forwards a packet following the normal flow, it needs to look up the routing table
according to the network layer information of the packet to determine the best
forwarding path. And this process will be repeated for processing all the subsequent
packets. Quidway AR 28 Series Routers, however, implement the fast forwarding
mechanism by adopting the advanced fast route retrieving algorithm without
compromising the flexibility of service and protocol processing. Such approach
enormously improves the forwarding and service processing capability of the system.
For example, the forwarding rate can be as fast as 350 kpps. Besides supporting fast
forwarding on various fast links like Ethernet, synchronous PPP, FR, and HDLC links,
the AR 28 Series also implement fast forwarding combined with QoS and firewall
functions.
2-1
System Description
2.4 High Reliability

The backup center and VRRP technologies of Quidway AR 28 Series Routers provide
the backup scheme that can ensure the smooth data communications in the event that
some communications lines or devices fail to work and thereby commit to a robust and
reliable network. Backup center supports backup load sharing.
2.5 Extraordinary Diff-Serv/QoS

Quidway AR 28 Series Routers are designed with and implement the QoS features for
carrying integrated services including the real-time services. Particularly, the AR 28
Series provide complete standard-based supports for Diff-Serv (Differentiated Service),
including traffic classification, traffic policing, traffic shaping, queue management, and
queue scheduling. Thereby, the AR 28 Series fully implement the six categories of PHB
and services, namely EF, AF1 through AF4, and BE defined in the standard. This
enables ISPs to provide differentiated QoS for different subscribers and the Internet to
really grow to be an integrated network concurrently carrying data, voice, and video
services.
Diff-Serv is implemented mainly through the technologies including CAR of traffic
policing, GTS of traffic shaping, PQ/ CQ/WFQ/CBQ of congestion management, and
WRED of congestion avoidance.
l Traffic classification means to identify the interesting object on the basis of some
matching rules. It is the premise of Diff-Serv implementation.
l Traffic policing means policing the specified flows entering the router. Whenever
the size of a flow exceeds the defined threshold, the restriction or penalty
measures will be taken for the purpose of protecting the interests and the network
resources of the service providers.
l Congestion management refers to the measures that must be taken to solve the
resource competition when congestion occurs to the network. One common
approach is to buffer the packets in the queue and sequence the packets for
forwarding with some scheduling algorithm.
l Congestion avoidance refers to avoiding the damage that excessive congestion
brings about to the network resources. Congestion avoidance monitors the use of
network resources, and actively discards the packets whenever congestion is
approaching to relieve network overload through traffic adjustment.
l Traffic shaping is a flow control measure actively adjusting the traffic output rate.
Its purpose is to make the traffic match the network resources available for the
downstream routers, so as to avoid unnecessary packet drop and congestion.
2.6 MPLS VPN and Traditional VPN

Quidway AR 28 Series Routers support both L2 tunneling and L3 tunneling.
2-2
System Description
At layer 2, the series implements L2TP (Layer 2 Tunneling Protocol) to help the user
deliver dial-up VPDN (Virtual Private Data Network) services and leased line VPN
services.
At layer 3, the series implements the GRE (Generic Routing Encapsulation) protocol.
Combined with the IPSec technology, it provides leased line VPN with a total network
security solution covering access control, connectionless integrity and data origin
authentication, anti-replay, encryption, and traffic classification services for
communicating parties.
The user may use the two tunneling protocols separately or in conjunction for better
services.
MPLS (Multiprotocol Label Switching) combines IP and ATM technologies. By
replacing the IP header with a short fixed length label to identify traffic and drive
forwarding, MPLS allows you to achieve a higher forwarding speed while retaining
support from IP routing and control protocols. Thus, the requirements that various
emerging applications put on networks can be satisfied.
In an MPLS network, labeled packets are transmitted along an LSP (Label Switched
Path) formed by a series of LSRs (Label Switching Routers). Since LSP is virtually a
tunnel across the public network, the MPLS implementation of VPN is inherently
advantageous. MPLS VPN interconnects far-flung branches of a private network
through LSPs to form a uniform network and supports the branches to multiplex IP
addresses and different VPNs to interoperate.
The AR 28 series can work as both Label Edge Routers (LERs) and LSRs. If a router is
at the edge of a label area, it works as LER to connect an MPLS area with a non-MPLS
area or another MPLS area, and to classify services, distribute labels, and
encapsulate/strip off multi-tier labels. Inside an MPLS area, the AR 46 series work as
LSRs to switch labeled packets.
l MPLS L2VPN offers MPLS network-based L2 VPN services. From the perspective
of users, an MPLS network is a two-layer switching network, through which L2
connectivity can be established between sites.
l BGP/MPLS VPN provides MPLS network-based L3 VPN services. The use of
MPLS allows easy IP-based VPN implementation and great VPN expandability
and management. In addition, VPNs constructed using MPLS make it possible to
implement value-added services. Multiple VPNs can be formed from a single
access point, each representing a distinctive service. This enables a network to
transmit different types of services in a flexible way.
2.7 DCC
Quidway AR 28 Series Routers provide the user with a perfect dial-up solution through
two dial-up modes, namely C-DCC (Circular dial-up Control Center) and RS-DCC
(Resource-Shared DCC). In some circumstances, routers establish connections for
2-3
System Description
communications only when they want to transmit information between them. Therefore,
the transmitted data are time-independent, bursty, and in a small amount. The
presence of DCC provides a flexible, cost-effective, and efficient solution for such
applications.
The implementation of RS-DCC can provide much complete functions. With it, the AR
28 Series can have multiple dial-up subscribers share a physical interface through the
configuration of dialer pool and place different calls for them as well.
In practice, DCC guarantees the trunk line communications through preparing a
backup line. In the event that the trunk line fails to provide normal communication
services due to the onset of line faults or any other causes, DCC can use the secondary
channel to keep the service going normally. In addition, the AR 28 Series can also
implement DCC callback including PPP callback, and ISDN caller ID callback.
2.8 Broad Portfolio of Voice Services

Quidway AR 28 Series Routers implement functions of voice gateways (GWs) in
compliance with ITU-T H.323. To ensure the voice transmission quality over IP
networks, the AR 28 series employs high-performance DSP (Digital Signal Processor)
chips and a high-compression ratio encoding/decoding algorithm. In addition, the mute
compression, comfortable noise, and jitter-free measures combined with the security,
QoS, and policy routing features offered by VRP also contribute to the improvement of
voice transmission quality. The AR 28 series supports two connection types, namely
fast and normal. With the tunneling technology, the AR 28 series can implement
out-of-band transmission of DTMF code, busy tone detection, and some other special
PBX services, such as Do-Not-Disturb, call forwarding on busy, and alert.
The abundant voice interfaces available on the AR 28 series can be directly connected
to a regular telephone/fax machine, or connected to a PBX via AT0 or E1/T1 trunk.
Thereby, the AR 28 series can not only offer high-density premium voice and fax
communications, but also can perfectly interoperate with the voice GWs of other
vendors, effectively protecting the investment of users. When E1 trunk is used for
connecting PBX, R2 signaling and DSS1 subscriber and Q.SIG signaling on the ISDN
PRI interface are supported. In addition, the one-stage and two-stage dialing services
and the concurrent transmission of voice and data on the PRI interfaces significantly
improve the router utilization and expand the supported services.
The AR 28 series can work as GK (Gateway Keeper) Clients. Through RAS signaling,
the AR 28 Series can maintain communications with the GK Server and hence enable
the server to provide the Quidway voice GW with access authorization, address
translation, bandwidth management, and voice GW management services. In addition,
flexibly networking with the Quidway A8010 Refiner voice GWs, the AR 28 series can
be used for the voice communications of the medium- to large-sized enterprises.
The adoption of IPHC (IP Header Compression) significantly decreases the bandwidth
required by voice channels by compressing the redundant information (like voice
2-4
System Description
packet header) transmitted over the low-speed PPP serial links. Hence, the network
resource utilization is improved.
Voice RADIUS is also fulfilled. Whenever a voice call is generated, the AR 28 series will
report the statistics of the call, such as communications duration, number of packets,
and number of bytes to the RADIUS Server for communications accounting.
2.9 Sound Security Mechanism

For important routing protocols (OSPF, IS-IS, RIP and BGP-4), multiple authentication
methods (such as simple text authentication and MD5) are available. Quidway AR 28
Series Routers provide both local authentication and RADIUS authentication, which
can authenticate the user ID as well as authorization for preventing illegal equipment
configuration.
ACL implemented by Quidway AR 28 Series Routers is a collection of rules permitting
or denying access based on source/destination IP address range (including host
address) or source/destination port. It is well suited for limiting the service access at
both the user and network sides. Assigning different LAN-accessing or WAN-accessing
authorities to different users can effectively protect crucial servers and system users,
restrict accessing beyond the network, prevent network attacks, and support real-time
update.
NAT of Quidway AR 28 Series Routers can implement translation and reversion of IP
packet addresses and ports. In addition, based on the user’s configuration, services
can be provided to external users through NAT. The implementation of NAT requires AR
28 Series Routers to have high capacity and performance to accommodate to the
position of the AR 28 Series on the network. Furthermore, NAT can limit concurrent
connections to a single user, and thus alleviate the negative impact caused by
malicious resources occupation without compromising the normal network
applications.
The NAT information can be output in the form of log for network problem isolation and
potential security threat targeting. NAT of the AR 28 Series also provides the ALG
(Application Layer Gateway) function to some special application layers in common
use, like FTP and ICMP.
In addition, Quidway AR 28 Series Routers provide a variety of statistics of traffic, traffic
sample, and NAT.
To guarantee the implementation of network security, Quidway AR 28 Series Routers
also deliver plenty of security mechanisms, which are described in the following
sections.
2.9.1 IPSec
The IP security (IPSec) protocol family is a series of protocols defined by IETF. It

provides high quality, interoperable, and cryptology-based security for IP data packets.
2-5
System Description
The two sides of communication perform encryption and data source authentication at
IP layer to implement confidentiality, integrity, authentication, and anti-replay of packets
in transmission.
2.9.2 Encryption Card
IPSec may use the ESP or AH protocol to process packets. For high security,
complicated encryption/decryption/authentication algorithms are often used. Since the
IPSec software on a router consumes a lot of CPU resources on encryption/decryption
algorithm operations, the overall performance may be degraded. To solve this problem,
you can insert an encryption card into a modularized router, on which IPSec operations
are processed by hardware. This can improve IPSec processing efficiency, as well as
overall performance of a router.
2.9.3 Portal
Portal is also called portal website. Portal authentication is also called web
authentication, which mainly falls into two categories: fast authentication and normal
authentication.
Portal works on this principle: Unauthenticated users can only access certain website
servers, and any access packets to any other servers on the Internet are redirected to a
portal server unconditionally for authentication.
2.9.4 PKI/CA
Public key infrastructure (PKI) is a system which uses public key technology and digital
certificate to protect system security and authenticates digital certificate users. It
provides a whole set of security mechanism by combining software/hardware systems
and security policies together.
2.9.5 SSHv1.5/v2.0
When routers are connected by remote users across insecure networks, secure shell
(SSH) can provide them authentication and security fencing off IP spoofing, plain-text
password interception, and other attacks. When serving as an SSH server, the router
may accept connections from multiple SSH clients.
2.9.6 URPF
Unicast reverse path forwarding (URPF) serves as a safeguard against source address
based network attacks.
2-6
System Description
2.10 Perfect Routing Policy and Abundant Routing Features

Routing policy comprises a set of rules, which fall into three categories that respectively
function on route distribution, receipt, and redistribution. Routing policy is often called
route filtering because defining a policy is somewhat equivalent to defining a set of
filters. These filters are applied before receiving, distributing a route or exchanging
route information between protocols.
Quidway AR 28 Series Routers mainly support routing policies including route map
definition, route redistribution and distribution definition, and the restriction rules like
route prefix, AS path, community attributes, and ACL. The application of routing policy
is of significant utilization value on enhancing the network manageability.
Quidway AR 28 Series Routers support not only static routes that require manual
configuration, but also unicast dynamic routing protocols such as RIP, OSPF, BGP,
IS-IS, as well as multicast dynamic routing protocols such as ICMP, MSDP, PIM-SM,
PIM-DM. They depend on VRP for centralized management of the static routes and the
routes discovered by dynamic routing protocols. In addition, the AR 28 Series offer
multiple routing policies, flexibly implementing the share of static routes and routes
discovered by other dynamic routing protocols.
2.11 Integrated NMSs

Quidway AR 28 Series Routers support the following network management systems
(NMSs):
I. iManager N2000
Quidway AR 28 Series Routers adopt modular Huawei NMS iManager N2000, and
support SNMP V1/V2c/V3 and the client/server architecture. The AR 28 Series can
separately operate in a UNIX (SUN or HP) or ORACLE/SYBASE environment.
iManager N2000 can manage and monitor all the data communication devices
developed by Huawei Technologies and the networks supporting MIBII devices, and
provide multilingual graphic user interfaces (GUIs). The AR 28 Series provide real-time
management of topology, faults, performance, configuration tools, and device log. The
NMS itself runs the functions of monitoring, security, and user management. QoS
management and VPN management and other service management are also
available.
II. iManager Quidview
Quidview supports multiple operating system platforms, such as Windows NT/2000,

SUN Solaris, HP UX, and IBM AIX. Hence, it can suit users at different levels and
networks of different sizes, and be used to manage Quidway Series Routers and Net
Engine Series Routers, LAN Switches, and some multimedia devices of Huawei
Technologies. Quidview Series NMS is an efficient, easy-to-use network management
2-7
System Description
tool. Leveraging the MIB (Management Information Base) of the device itself, Quidview
supports browsing the device configuration information, monitoring the device
operation, and implementing other essential network management functions. In
addition, it can be integrated with other NMSs, such as HP OpenView, IBM NetView,
WhatsUpGold, SNMPc, or iManager N2000, to provide a uniform network management
solution, fulfilling complete network management from device level to network level.
Thus, it can help users decrease the product cost while maintaining the diversified
functions. Quidview also includes the tool components EasyConfig, NSC&NDA and
Traffic View.
Quidway AR 28 Series Routers are available with multiple maintenance methods,
including local maintenance, remote maintenance, and centralized maintenance. In
addition, the AR 28 Series provide complete alarm, test, diagnosis, track, and log
functions, which facilitate the routine system maintenance and management.
2.12 Globe-Oriented Design

Compliant with UL, CE, and FCC, Quidway AR 28 Series Routers fully conform to the
security certification requirements of Europe and North America.
2-8
System Description
Quidway AR 28-09 Router Chapter 3 Specifications and Functionality
Chapter 3 Specifications and Functionality
3.1 Physical Specifications

Table 3-1 AR 28-09 physical specifications
Item Description
1 console port
1 AUX port
Fixed interface
1 synchronous/asynchronous serial interface
1 x 10/100 Mbps Ethernet interface
1 MIM slot
Slot
2 SIC slots
Processor MPC8241 200 MHz

Boot ROM 512 KB
SDRAM 128 MB
Flash 32 MB
Weight 2.5 kg (5.5 lb)
Dimensions (H x W x D) 79.4 x 376.2 x 287.9 mm (3.1 x 14.8 x 11.3 in)
Rated voltage: 100 VAC to 240 VAC; 50/60 Hz
Input Maximum tolerance: 90 VAC to 264 VAC; 47/63 Hz
Power Input current: 1 A to 0.5 A
supply
Output voltage: 12 VDC
Output
Output current: 4 A
System power
50 W
consumption
Operating temperature 0°C to 40°C (32°F to 104°F)

Storage temperature –40°C to 70°C (–40°F to 158°F)
Relative humidity
5% to 90%
(non-condensing)
3-1
System Description
Item Description
FCC Part 15 (CFR 47) Class B

VCCI Class B
CISPR 22 Class B
EN 55022 Class B
AS/NZS CISPR 22 Class B
ETSI EN 300 386 V1.3.2
EN 50024
ICES-003
IEC 61000-4-2
EMC
IEC 61000-4-3
IEC 61000-4-4
IEC 61000-4-5
IEC 61000-4-6
IEC 61000-4-8
IEC 61000-4-11
IEC 61000-3-2
IEC 61000-3-3
ITU-T Recommendation K.20
3.2 Attributes of Fixed Interfaces

I. Console port
Table 3-2 Console port attributes
Attribute Description
Connector RJ-45
Interface standard EIA/TIA-232
Baud rate 9600 bps
Command line interface
Connecting to the character terminal
Supported services Connecting to the serial interface of the local PC
and running the terminal emulation program on
the PC
3-2
System Description
II. AUX port
Table 3-3 AUX port attributes
Connector RJ-45
Interface standard EIA/TIA-232
Baud rate 300 bps to 115.2 kbps
Modem dial-up
Supported service Providing the console port function in case a
console port failure
III. Synchronous/asynchronous serial interface
Table 3-4 Synchronous/asynchronous serial interface attributes
Description
Attribute
Synchronous mode Asynchronous mode
Connector DB-50
Interface standard V.24 V.35
and operating EIA/TIA-232
mode DTE/DCE DTE/DCE
Minimum baud rate 1200 bps 1200 bps 300 bps
Maximum baud
64 kbps 2.048 Mbps 115.2 kbps
rate
X.25 Modem dial-up

Supported services
Frame relay Backup
IV. Ethernet interface
Table 3-5 Ethernet interface attributes
Connector RJ-45
Interface type MDI
10/100 Mbps autosensing
Operating mode
Full/half duplex
3-3
System Description
3.3 Software Functionality

Table 3-6 Software functionality
ARP (proxy ARP, gratuitous ARP, authorized ARP)

Ethernet_II
LAN
Ethernet_SNAP
protocols
VLAN
Transparent bridge (STP)
SLIP
PPP, MP
PPPoE client, PPPoE server
PPP/MP over FR
FR, MFR
Network FR fragment, FR compression, FR over IP
interconnec FRoI
tivity
FRTS
WAN ATM (IPoA, IPoEoA, PPPoA, PPPoEoA)
protocols DCC, dynamic routing standby
HDLC
LAPB
X.25, X.25 over TCP, X.25 to TCP
X.25 PAD, X.25 hunt group, X.25 CUG
DLSw (v1.0/2.0)
ISDN, ISDN network side
ISDN Q.SIG
Modem
Fast forwarding (unicast/multicast)
TCP
Network UDP
IP services
protocols IP option
IP unnumbered
Policy routing (unicast/multicast)
SNA/DLSw (LLC2/SDLC/QLLC)
DLSw (v2.0)
Non-IP
DLSw Ethernet redundancy
services
IPX
SOT
3-4
System Description
Ping, traceroute
DHCP server
DHCP relay
DHCP/BOOTP client, DHCP accounting
DNS client
DNS static
DNS proxy
IP DDNS
applications HWPing
IP accounting
UDP helper
NTP
Telnet
TFTP client
FTP client
FTP server
Static routing management
Dynamic routing protocols
l RIP-1/RIP-2
l OSPF
l BGP
l IS-IS
IP routing Multicast routing protocols

l IGMP
l PIM-DM
l PIM-SM
l MBGP
l MSDP
Routing policy
LDP
LSPM
MPLS MPLS L3VPN (MPLS)
MPLS L2VPN
VPN instance
3-5
System Description
Local authentication
AAA RADIUS
HWTACACS
ASPF
Firewall
ACL
IKE
IPSec
Data security
Encryption card
Network Portal
security
L2TP
NAT/NAPT
PKI/CA
Other RSA
security SSHv1.5/2.0
technologies URPF
DVPN
GRE
EAD
VRRP
Backup center
Reliability Dual PSUs, OIR of PSUs and fan modules, and hot swappable
interface cards (available on the AR46 series only)
Auto detect
CAR
Traffic policing
LR
Congestion
FIFO, PQ, CQ, WFQ, CBQ, RTPQ
management
Congestion
WRED
avoidance
Traffic
GTS
QoS shaping
FR QoS
MPLS QoS
MP QoS/LFI
Other QoS
PPP/MPoFR QoS
technologies
cRTP/IPHC
ATM QoS
Sub-interface QoS
3-6
System Description
Reverse Telnet
Terminal RSH
services Rlogin client
POS access
FXS
FXO
Interface Analog E&M
E1VI/T1VI
BSV
R2
DSSI
Signaling
Q.SIG
Digital E&M
H.225
H.323
H.245
GK client GK client
SIP SIP
G.711A law
Voice G.711U law
G.723R53
G.723R63
G.726R16
Codec
G.726R24
G.726R32
G.726R40
G.729a
G.729R8
RTP/cRTP
Media
IPHC
process
Voice backup
Fax Fax
Voice RADIUS
Others
VoFR
3-7
System Description
SNMPv1/v2c/v3
MIB
Network
SYSLOG
management
BIMS
RMON II
Command line management
Local File system management
management Auto config
Maintainabi
Dual image
lity
Console port login
AUX port login
TTY port login
User access Telnet (VTY) login
management SSH login
FTP login
X.25 PAD login
XModem
For VRP features in the above table, refer to VRP3.4 System Description.
3-8
System Description
Quidway AR 28-09 Router Chapter 4 Applications and Solutions
Chapter 4 Applications and Solutions
4.1 Integrated Networking for Medium-Sized Enterprises

AR 28-09 Routers are placed at branches of an enterprise to connect branch intranets
to the headquarters network and to provide dial-up service for SOHO and mobile
personnel.
Figure 4-1 Integrated networking for a medium-sized enterprise
l At the corporate headquarters, an AR 28-40/28-80 uses WAN ports to connect

branches through DDN/FR/X.25 or SDH networks and, for backup, uses
interfaces such as PRI and AM/AS to connect the branches through PSTN/ISDN.
l At each branch, an AR 28-09 uses a WAN port to connect to the headquarters
through DDN/FR/X.25 or SDH network and, for backup, uses interfaces such as
BRI and AM/AS to connect to the headquarters through PSTN/ISDN.
l Switchover between primary and secondary lines is performed automatically by
routers. (Approaches to backup include dial-up backup and route backup.)
l The AR 28-09 at each branch can use interfaces such as AM/AS to provide dial-up
service for SOHO and mobile personnel.
4-1
System Description
4.2 Consolidated Terminal Solution for the Financial Industry

The AR 28-09 is available with the dumb terminal access service and SNA function,
allowing SNA networks to communicate across TCP/IP networks. This is rather
important for the financial industry. It enables the industry to provide emerging IP-based
services without replacing existing infrastructure and to achieve smooth migration to an
IP system.
Figure 4-2 Consolidated terminal solution for the financial industry
l At the data center of the bank, the AR 28-40/28-80 is used to connect with the
dependent business halls through the master DDN lines and standby PSTN/ISDN
lines.
l At each business hall of the bank, the AR 28-09 is used to connect the dump
terminals through asynchronous serial ports and to connect the ATM and/or SNA
clients through synchronous serial ports.
l In the supermarket, the AR 28-09 is used to connect point of sale (PoS) machines
with the network center of the bank through PSTN, thus implementing the
value-added services.
4.3 Voice Solution

At the headquarters, an AR 28-40/28-80 serves as the voice gateway to implement the
VoIP function over the E1 line. At each branch, an AR 28-09 connects the PBX or
telephones to implement the transform of the voice signals between the legacy circuit
4-2
System Description
switching network and the IP network, providing enterprises with voice solution of high
quality and low cost.
Figure 4-3 Voice solution
l At the network center, an AR 28-40/28-80 connects to the PBX through an E1 line,

and implements the VoIP function on the E1 interface.
l The network center connects with the branches through the IP network,
implementing the transmission of voice signals over the IP network.
l At each branch, an AR 28-09 can directly connect with telephones and/or fax
machines through the FXS ports of the voice interface card/module. It can also
connect PBXs through FXO/E&M trunk port, implementing VoIP voice service.
4.4 VPN Solution

An AR 28-40/28-80 at the corporate headquarters connects with the AR 28-09 located
at the branches or partners through the Internet to form a private network. The security
of the VPN is ensured by technologies such as IPSec and IKE integrated in VRP.
4-3
System Description
Figure 4-4 VPN solution
l At a branch of the company, an AR 28-09 is used to build a VPN tunnel to access

the headquarters by means of Access Intranet.
l On the partner side, the AR 28-09 is used to extend the Intranet to the external
network by means of Extranet VPN, thus implementing the safety and private
communications among different enterprises through the public network.
l The NDEC (Network Data Encrypt Card) for the AR 28-09 can greatly improve the
processing velocity of the IPSec encryption algorithm, satisfying the requirements
of services with large traffic, for example, multimedia service.
4.5 Broadband Access Solution

Quidway AR 28-09 Router can provide up to three 10/100M Ethernet ports. You may
use one or two Ethernet ports to connect the internal networks, while using one
Ethernet pot for access to the Internet through the 10/100M broadband method. This
solution can meet the increasing bandwidth demands of companies, enterprises, and
government agencies.
4-4
System Description
Figure 4-5 Broadband access solution
l Quidway AR 28-09 Router connects to the MAN through a 10/100M Ethernet port,
implementing the broadband access of LAN.
l The AR 28-09 connects with the server clusters through a 10/100M Ethernet port
and connects with the internal LAN through another.
4-5
System Description
Quidway AR 28-09 Router Chapter 5 Ordering Guide
Chapter 5 Ordering Guide
The AR 28-09 was independently developed by Huawei Technologies for enterprises.

You may order units, interface modules, and cables as needed.
5.1 Ordering Units

The AR 28-09 could be DC-powered only.
The following table provides the router unit and its accessories ordering list.
Table 5-1 AR 28-09 ordering list
Item Quantity Remarks
Unit (DC-powered) 1 Required

128 M SDRAM 1 Required
Power cable 1 Required

PGND wire 1 Required
Console cable 1 Required
Optional
AUX cable 1
Available from the external cable kit
Optional
Ethernet cable 1/2
Available from the external cable kit
Synchronous/
asynchronous serial
1 Optional
interface cable
(DB-50)
& Note:
l “Required” items are provided as part of ordered units. You do not need to order
them separately.
l “Optional” items are provided only when ordered.
5.2 Ordering Interface Cards and Modules

The SICs and MIMs available on the AR 28-09 could be ordered and delivered
independent of units.
5-1
System Description
While ordering interface cards and modules, you need to select cables from the
external cable kit as shown in Table 5-2 if multiple cable options are available. When
doing that, you need to consider line properties and number of interfaces.
Table 5-2 SICs and MIMs available on the AR 28-09
Interface
card and Cable Remarks
module
1FE Ethernet cable The cable is required.

The cable is optional and available
1MFX Multi-mode fiber-optic cable from the external fiber-optic cable
kit.
1SFX Single-mode fiber-optic cable from the external fiber-optic cable
kit.
1GBE Ethernet cable The cable is required.

2GBE Ethernet cable The cable is required.
from the external fiber-optic cable
1GEF Fiber-optic cable
kit according to the type of the SFP
module.
from the external fiber-optic cable
2GEF Fiber-optic cable
kit according to the type of the SFP
module.
8LS Ethernet cable
from the external cable kit.

16LS Ethernet cable
Synchronous/asynchronous The cable is optional and available

2SA
serial interface cable (DB-50) from the external cable kit.
2SAE
serial interface cable (DB-28) from the external cable kit
4SAE
8SAE
8AS 8AS cable
16AS 16AS cable
AUX cable or dumb terminal The cable is optional and available
8ASE
cable from the external cable kit.
5-2
System Description
Interface
module
AUX cable or dumb terminal The cable is optional and available

16ASE
cable from the external cable kit.
Telephone cable with ferrite
6AM Telephone cable is required.
core
12AM Telephone cable is required.
core
2FCM Telephone cable is required.
core
core
core
Both cable and connector are
T1 100-ohm twisted pair and
1T1 optional and available from the
network connector
external cable kit.
network connector
external cable kit.

network interface connector
external cable kit.

8T1 8T1 conversion cable

1T1-F optional and available from the
external cable kit.
external cable kit.

external cable kit.
8T1-F 8T1 conversion cable
E1 75-ohm coaxial cable,
coaxial connector Both cable and connector are
1E1 optional and available from the
E1 120-ohm twisted pair, external cable kit.
5-3
System Description
Interface
module

2E1 optional and available from the

4E1 E1 120-ohm twisted pair, optional and available from the
network interface connector external cable kit.
4E1 transit cable
8E1 8E1 conversion cable
1E1-F optional and available from the
2E1-F optional and available from the

4E1-F E1 120-ohm twisted pair, optional and available from the
network interface connector external cable kit.
4E1 transit cable

8E1-F 8E1 conversion cable
E3/T3 cable (75-ohm coaxial The cable is optional and available
1CE3
cable) from the external cable kit.
1CT3

4BSE ISDN S/T cable
1ADSL Telephone cable The cable is required.
2ADSL Telephone cable The cable is required.
1ADSL-I Telephone cable The cable is required.
2ADSL-I Telephone cable The cable is required.
1G.SHDSL Telephone cable The cable is required.
5-4
System Description
Interface
module
1SHL-4W Telephone cable The cable is required.

IMA-4T1 4TI conversion cable
IMA-8T1 8TI conversion cable
IMA-4E1 4EI conversion cable

IMA-8E1 4EI conversion cable
1ATM-25M 25M ATM cable The cable is required.
1AE3

1AT3

2FXS The cable is required.
core
4FXS The cable is required.
core
2FXO The cable is required.
core

4FXO The cable is required.
core
The user needs to make the cable

2E&M —
on site as needed.
The user needs to make the cable
4E&M —
on site as needed.
E1 120-ohm twisted pair, The cable, connector, and adapter
E1VI network connector, and are all optional and available from
75–120-ohm adapter the external cable kit.
T1VI cable, network interface
T1V1 optional and available from the
connector
external cable kit.
2BSV Crossover ISDN S/T cable The cable is required
NDEC — —
HNDE — —
SIC-1FEA Ethernet cable The cable is required.

SIC-1ETH Ethernet cable The cable is required.
5-5
System Description
Interface
module

SIC-1SA
SIC-1SAE
SIC-3AS AUX cable
SIC-1BS The cable is required.
core
SIC-2BS The cable is required.
core
SIC-1BU The cable is required.
core
SIC-2BU The cable is required.
core

SIC-EPRI E1 120-ohm twisted pair optional and available from the
cable, network interface external cable kit.
connector
SIC-1E1-F optional and available from the
T1 100-ohm twisted pair

SIC-TPRI The cable is required.
cable
SIC-1T1-F T1 100-ohm twisted pair The cable is required.
SIC-1AM The cable is required.
core

SIC-2AM The cable is required.
core
SIC-1FXS The cable is required.
core
SIC-2FXS The cable is required.
core
SIC-1FXO The cable is required.
core
SIC-2FXO The cable is required.
core
5-6
System Description
& Note:
l “Required” items are provided as part of ordered units. You do not need to order
them separately.
l “Optional” items are provided only when ordered.
l “External cable kit/external fiber-optic cable kit” is a collection of cables/fiber-optic
cables which could be delivered on demand and independent of units.
5.3 Ordering Electrical/Fiber-Optic Cables

You can select optional power cables, electrical cables, and fiber-optic cables from the
external cable kit, external fiber-optic cable kit, and external power cable kit (for
AC-powered unit orders outside China) for the AR 28-09.
5.3.1 Ordering Electrical Cables
Select cables appropriate to the interface cards and modules you selected. For more
information, refer to Quidway AR 28 Series Routers Installation Manual.
Table 5-3 External cable kit
Ethernet cable Optional —
Currently, two types of synchronous/asynchronous

serial cable are available:
l Synchronous/asynchronous serial cables with
DB-50 connectors for connecting to the router. At
present, V.24 DTE/DCE, V.35 DTE/DCE, X.21
DTE/DCE, RS449 DTE/DCE, and RS530 DTE
Synchronous/ cables are available.
asynchronous l Synchronous/asynchronous serial cable with
Optional
serial interface DB-28 connectors for connecting to the router,
cable especially to enhanced modules of
2SAE/4SAE/8SAE. At present, V.24 DTE/DCE,
V.35 DTE/DCE, X.21 DTE/DCE, RS449
DTE/DCE, and RS530 DTE/DCE cables are
available.
The above two types of cables are not
interchangeable.
5-7
System Description
The following types of cables and connectors are

available:
l E1 75-ohm coaxial cable available with multiple
lengths.
l Coaxial connector for cable extension in case the
E1 cable Optional length of E1 75-ohm coaxial cable is not long
enough.
l E1 120-ohm twisted pair cable with multiple
lengths.
l Network interface connector for cable extension in
case the length of E1 120-ohm twisted pair cable
is not long enough.
T1 cable Optional —
4E1 Depending on impedance, two cable types are

conversion Optional available: 75-ohm 4E1 conversion cable and
cable 120-ohm 4E1 conversion cable.
Coaxial
Optional For extending E1 75-ohm coaxial cables
connector
Network
For extending E1 120-ohm twisted pairs and T1/T1VI
interface Optional
cables
connector
Depending on network-end connector, three types of

cable are available: 16AS (DB-200<->DB-25/DB-9),
8AS cable Optional
16AS (DB-200<->RJ-45 telecom), and 16AS
(DB-200<->RJ-45 bank).
Depending on network-end connector, three types of

cable are available: 16AS (DB-200<->DB-25/DB-9),
16AS cable Optional
16AS (DB-200<->RJ-45 telecom), and 16AS
(DB-200<->RJ-45 bank).
8SAE/16ASE
Used when connecting the 8SAE/16ASE module to
dumb terminal Optional
bank dumb terminals.
cable
AUX cable Optional —
E3/T3 cable Optional —
75-ohm
8E1/4E1
Optional —
conversion
cable
120-ohm
8E1/4E1
Optional —
conversion
cable
8T1/4T1
conversion Optional —
cable
5-8
System Description
5.3.2 Ordering Fiber-Optic Cables
The external fiber-optic cable kit for the AR 28-09 provides both single-mode and
multi-mode fiber-optic cables.
Table 5-4 External fiber-optic cable kit
Single-mode For modules with single-mode fiber-optic interfaces,

fiber-optic Optional available with different lengths and LC-type or
cable SC-type connectors
Multi-mode For modules with multi-mode fiber-optic interfaces,
fiber-optic Optional available with different lengths and LC-type or
cable SC-type connectors
5-9

AR 28 - 09 System Description

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

AR 28 - 09 System Description

Încărcat de

Drepturi de autor:

Formate disponibile

System Description

Quidway AR 28-09 Router Table of Contents

Chapter 1 Product Overview.................................................................................................... 1-1

Chapter 2 Product Features..................................................................................................... 2-1

Chapter 3 Specifications and Functionality ............................................................................ 3-1

Chapter 4 Applications and Solutions .................................................................................... 4-1

Chapter 5 Ordering Guide........................................................................................................ 5-1

Huawei Technologies Proprietary

5.2 Ordering Interface Cards and Modules .......................................................................... 5-1

Huawei Technologies Proprietary

Chapter 1 Product Overview

Figure 1-1 Front view of the AR 28-09

Huawei Technologies Proprietary

Figure 1-2 Rear view of the AR 28-09

1.2 Interface Cards and Modules

I. Ethernet Interface Card

1-port 10Base-T/100Base-TX Ethernet interface card (SIC-1FEA)

II. WAN Interface Card

1-port multiprotocol synchronous/asynchronous serial interface card (SIC-1SA)

Huawei Technologies Proprietary

2-port analog modem interface card (SIC-2AM)

III. Voice Interface Card

1-port voice subscriber circuit interface card (SIC-1FXS)

I. Ethernet Interface Module

1-port 10/100Base-TX Fast Ethernet interface module (1FE)

II. WAN interface module

2-port high-speed synchronous/asynchronous serial interface module (2SA)

Huawei Technologies Proprietary

6-port fast connect modem interface module (6FCM)

Huawei Technologies Proprietary

8-port T1 ATM inverse multiplexing interface module (IMA-8T1)

III. Voice Interface Module

2-port voice subscriber circuit interface module (2FXS)

IV. Encryption Module

Network data encryption module (NDEC)

Huawei Technologies Proprietary

Chapter 2 Product Features

2.1 Abundant Interfaces

2.2 Rich Access Features

2.3 Powerful Forwarding/Service Processing Capacity

Huawei Technologies Proprietary

2.4 High Reliability

2.5 Extraordinary Diff-Serv/QoS

2.6 MPLS VPN and Traditional VPN

Huawei Technologies Proprietary

Huawei Technologies Proprietary

2.8 Broad Portfolio of Voice Services

Huawei Technologies Proprietary

2.9 Sound Security Mechanism

The IP security (IPSec) protocol family is a series of protocols defined by IETF. It

Huawei Technologies Proprietary

2.9.2 Encryption Card

Huawei Technologies Proprietary

2.10 Perfect Routing Policy and Abundant Routing Features

2.11 Integrated NMSs

II. iManager Quidview

Quidview supports multiple operating system platforms, such as Windows NT/2000,

Huawei Technologies Proprietary

2.12 Globe-Oriented Design

Huawei Technologies Proprietary

Chapter 3 Specifications and Functionality

3.1 Physical Specifications

Processor MPC8241 200 MHz