1.2.7
Powerful VLAN function
With powerful VLAN function, TES70 series devices enhance the manageability and security of the
network, and realize service isolation and user isolation. TES70 series devices support the following
VLAN functions.
Support port-based VLAN.
−
Support 4 K VLANs based on IEEE 802.1q.
−
Support QinQ VLAN (also named Double VLAN). The outer layer Service-VLAN can be
−
set based on source MAC address, destination MAC address, Ethernet type, VLAN ID,
CoS, source IP address, destination IP address, ToS, protocol type, source port number,
destination port number and so on. Support CoS copy, and the CoS of the inner
Customer-VLAN can be copied to the outer service-VLAN.
Support VLAN conversion function, can convert Customer-VLAN and CoS based on
−
source MAC address, destination MAC address, Ethernet type, VLAN ID, CoS, source IP
address, destination IP address, ToS, protocol type, source port number, destination
port number and so on.
1.2.8
Safety and reliability design
TES70 series devices considers system reliability index in system, hardware and software design,
which fully guarantees the normal operation of the device and the safety and reliability of user
services.
System design
◼
Support reporting the ONT's MAC address to the EMS, and authenticating ONT's
−
legitimacy based on ONT's MAC address.
Support 80 QoS/ACL rules.
−
Support packet filtering function, provide illegal frame filtering based on source MAC
−
address, destination MAC address, source IP address, destination IP address, port
number, Ethernet type, protocol type, VLAN, and VLAN range to restrict illegal users
from accessing the internet.
Support limiting the number of users connected to each ONT port.
−
Support limiting the number of multicast groups each ONT port joins.
−
Support port binding function to ensure the legitimacy of access users.
−
Support broadcast storm suppression function.
−
Support DHCP Option82 and ISP can customize user access identification.
−
It can prevent DoS attacks and improve the anti-attack performance of the system.
−
To ensure the operation security of the EMS, both the graphical EMS and the
−
command line can provide several user levels with different operation permissions.
5
Document version: V1.0