Igmp Snooping - Zte ZXR10 5900 Product Description

and offers a monitoring mechanism for network management personnel. For ZXR10
59/52 series, any port can be configured as a mirror port. Mirroring is also possible
between ports operating at different rates. It is also possible to mirror traffic from multiple
ports to one port, and mirroring can be enabled as multiple mirroring groups.
3.10

IGMP Snooping

The IGMP Snooping maintains the relationship between multicast address and VLAN by
listening to IGMP packets transmitted between the user and the router. It maps members
of a multicast group into a VLAN. After receiving multicast packets, it forwards them only
to VLAN members in that multicast group. IGMP Snooping and IGMP are similar in that
they are both used for managing and controlling multicast groups through IGMP
messages. However, they differ in that IGMP runs on the network layer, while IGMP
Snooping runs on the link layer. When the switch receives IGMP packets, IGMP
Snooping will help analyze the information contained in them, establish and maintain a
MAC multicast address table on L2.
When IGMP Snooping is enabled on the ZXR10 59/52, multicast packets will be
multicast on L2. When no IGMP Snooping is enabled, multicast packets will be
broadcast on L2.
3.11 802.1x
802.1x is a Client/Server-based access control and authentication protocol. It is a
service which authenticates user devices connected to the system ports and determines
whether to allow users to access the system through the ports, in order to prevent
unauthorized data transfer between users and services provided by the system. Initially
access control of 802.1x only allows EAPOL frames to pass through from the user ports.
Other data are not allowed to pass through the ports unless authentication has been
done.
802.1x classifies the access point for which the authenticator system connects to LAN
into two logical ports: Controlled port and uncontrolled port. Regardless of its
authentication status, an uncontrolled port can freely exchange PDUs with other
systems. A controlled port can exchange PDUs with other systems only when its status
is authenticated. PAE is an entity that runs and authenticates related algorithms and
protocols. The authenticator PAE responds to the requests from the supplicant PAE and
provides authentication information. The authenticator PAE communicates with the
supplicant PAE, and sends the information received from the supplicant PAE to the
authentication server, which will verify this information so as to determine whether to
allow the supplicant to access its services. The authenticator PAE relies on the
authentication result to determine the status of the controlled port should be authorized
or unauthorized. The authenticator PAE performs protocols exchange with the supplicant
PAE over an uncontrolled port by using EAPOL protocol, and communicates with the
RADIUS server by using EAPOR protocol.
The 802.1x module mainly implements the following features:
Supports authenticator features

Local authentication

ZTE Confidential Proprietary © 2010ZTE Corporation. All rights reserved.
ZXR10 5900 5200 Product Description
17