Ship to USA and Canada ONLY

Huawei S5700-HI Advanced Gigabit Switches

The S5700-HI series (hereafter referred to as S5700-HI) are advanced gigabit Ethernet switches developed by Huawei, providing flexible gigabit access and 10G/40G uplink ports. Based on next-generation, high-performance hardware and Huawei Versatile Routing Platform (VRP), the S5700-HI provides excellent NetStream function, flexible Ethernet networking, comprehensive VPN tunneling technologies, diversified security mechanisms, mature IPv6 features, and are easy to manage and maintain. All these features make the S5700-HI the best choice as an access switch on large and medium-sized campus networks or data centers and aggregation switch on small campus networks.


Note: S5700-HI mentioned in this document refers to the whole S5700-HI series including S5710-HI, and descriptions about S5710-HI are unique features of S5710-HI.

Product Appearance

The following models are available in S5700-HI series:

Appearance Description

S5700-28C

S5700-28C-HI

  • 24 x 10/100/1,000 Base-T ports
  • Subcards supported: 4 x 1,000 Base-X SFP subcard, 2 x 10 GE SFP+ subcard, and 4 x 10 GE SFP+ subcard
  • Double swappable AC/DC power supplies
  • Forwarding performance: 96 Mpps
  • Switching capacity: 256 Gbit/s

S5700-HI-24S

S5700-28C-HI-24S

  • 24 x 100/1,000 Base-X ports
  • Subcards supported: 4 x 1000 Base-X SFP subcard, 2 x 10 GE SFP+ subcard, and 4 x 10 GE SFP+ subcard
  • Double swappable AC/DC power supplies
  • Forwarding performance: 96 Mpps
  • Switching capacity: 256 Gbit/s

S5710-108C-front

S5710-108C-PWR-HI (front)

S5710-108C-back

S5710-108C-PWR-HI (back)

  • 48 x 10/100/1,000 BASE-T ports and 8 x 10 GE SFP+ ports
  • Three slots on the front panel: support 16 x 1,000 Base-X SFP subcard and 16 x 10/100/1,000 Base-T subcard
  • One slot at the real panel: supports 4 x 40 GE QSFP+ subcard and 4 x 10 GE SFP+ subcard
  • Double swappable AC power supplies
  • Forwarding performance: 504 Mpps
  • Switching capacity: 1,024 Gbit/s

 

Product Characteristics

 

Various Combination of Ports

 

  • The S5710-HI has four subcard slots that can accommodate various extended subcards to provide high-density 10 GE/40 GE uplink ports. With its eight fixed 10 GE SFP+ ports, the S5710-HI can have different subcards installed to provide flexible combination of ports, including 48 x GE+ 8 x 10 GE, 96 x GE+ 8 x 10 GE, 96 x GE+ 12 x 10 GE, and 96 x GE+ 8 x 10 GE+ 4 x 40 GE. In addition, the S5710-HI provides both optical and electrical ports for flexible access and supports PoE+. The flexible port combinations meet different bandwidth upgrading requirements and protect customers' investment.

Comprehensive VPN technologies

  • The S5700-HI allows users in different VPNs to connect to the same switch and isolates users through multi-instance routing. The S5700-HI supports Multi-Protocol Label Switching (MPLS) QoS, MPLS Traffic Engineering (TE), Virtual Leased Line (VLL), Virtual Private LAN Service (VPLS), and Layer 3 Virtual Private Network (L3VPN). They can provide high-quality private line access services for enterprises and are cost-effective case-shaped MPLS switches.

Flexible ethernet networking

  • In addition to traditional Spanning Tree Protocol (STP), Rapid Spanning Tree Protocol (RSTP), and Multiple Spanning Tree Protocol (MSTP), the S5700-HI supports Huawei-developed Smart Ethernet Protection (SEP) technology and the latest Ethernet Ring Protection Switching (ERPS) standard. SEP is a ring protection protocol specific to the Ethernet link layer, and applies to various ring network topologies, such as open ring topology, closed ring topology, and cascading ring topology. This protocol is reliable, easy to maintain, and implements fast protection switching within 50 ms. ERPS is defined in ITU-T G.8032. It implements millisecond-level protection switching based on traditional Ethernet MAC and bridging functions.        
  • The S5700-HI supports Smart Link and Virtual Router Redundancy Protocol (VRRP), which implement backup of uplinks. One S5700-HI switch can connect to multiple aggregation switches through multiple links, significantly improving reliability of access devices. In addition, the S5700-HI provides multiple connection fault detection mechanisms, including Ethernet OAM (IEEE 802.3ah/802.1ag/ITU Y.1731) and Bi-directional Forwarding Detection (BFD). The S5700-HI (except S5710-HI) provides hardware-based 3.3 ms Ethernet OAM detection cycle and 10 ms BFD detection cycle.

Diversified security control

  • The S5700-HI supports 802.1x authentication, MAC address authentication, and combined authentication on a per port basis, as well as Portal authentication on a per VLANIF interface basis and implements dynamic delivery of policies (VLAN, QoS, and ACL) to users.
  • The S5700-HI provides a series of mechanisms to defend against DoS attacks and user-targeted attacks. DoS attacks are targeted at switches and include SYN flood, Land, Smurf, and ICMP flood attacks. User-targeted attacks include bogus DHCP server attacks, IP/MAC address spoofing, DHCP request flood, and change of the DHCP CHADDR value. You can specify DHCP snooping trusted and untrusted ports to ensure that users connect only to the authorized DHCP server.
  • The S5700-HI supports strict ARP learning. This feature prevents ARP spoofing attackers from exhausting ARP entries so that users can connect to the Internet normally.

Easy-Operation

  • The S5700 supports Easy-Operation, a solution that provides auto configuration, plug-and-play, USB-based deployment, and batch remote upgrade. The Easy-Operation solution facilitates device deployment, upgrade, service provisioning, and other management and maintenance operations, and also greatly reduces costs of operation and maintenance.
  • The S5700 can be managed and maintained using Simple Network Management Protocol (SNMP) V1, V2, and V3, Command Line Interface (CLI), web-based network management system, or Secure Shell (SSH) V2.0. Additionally, it supports remote network monitoring (RMON), multiple log hosts, port traffic statistics collection, and network quality analysis that help in network consolidation and reconstruction.
  • The S5700-HI can use the GARP VLAN Registration Protocol (GVRP) to implement dynamic distribution, registration, and propagation of VLAN attributes. GVRP reduces manual configuration workload and ensures correct configuration. Besides, the S5700-HI supports the MUX VLAN function, which involves a principal VLAN and multiple subordinate VLANs. Subordinate VLANs are classified into group VLANs and separate VLANs. Ports in the principal VLAN can communicate with ports in subordinate VLANs. Ports in a subordinate group VLAN can communicate with each other, whereas ports in a subordinate separate VLAN can communicate only with ports in the principal VLAN.
  • EasyDeploy: The Commander collects information about the topology of the client connecting to the Commander and saves client startup information based on the topology. The client can be replaced without configuration. Configuration and scripts can be delivered to the client in batches. In addition, the configuration delivery result can be queried.
  • The Commander can collect and display power consumption on the entire network.

Mature IPv6 technologies

  • The S5700-HI uses the mature, stable Versatile Routing Platform (VRP) and supports IPv4/IPv6 dual stacks, IPv6 routing protocols (RIPng, OSPFv3, BGP4+, and IS-IS for IPv6), and IPv6 over IPv4 tunnels including manual, 6-to-4, and Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) tunnels. With these IPv6 features, the S5700-HI can be deployed on a pure IPv4 network, a pure IPv6 network, or a shared IPv4/IPv6 network, helping realize IPv4-to-IPv6 transition.

Excellent network traffic analysis

  • The S5700-HI provides the NetStream function and can function as a NetStream data exporter. It periodically collects data traffic statistics, encapsulates the statistics in standard V5, V8, or V9 packets, and sends the packets to the NetStream data collector according to NetStream configuration. The collected statistics are then processed to dynamically generate reports, analyze traffic attributes, and generate alarms on abnormal traffic. The NetStream function helps you optimize network structure and adjust resource deployment in a timely manner.
  • The S5700-HI supports the sFlow function. It uses a method defined in the sFlow standard to sample traffic passing through it and sends sampled traffic to the collector in real time. The collected traffic statistics are used to generate statistical reports, helping enterprises maintain their networks.

 

Product Specification

Item S5700-28C-HI S5700-28C-HI-24S S5710-108C-PWR-HI
Fixed Ports 24 x 10/100/1,000 Base-T 24 x 100/1,000 Base-X 48 x 10/100/1,000 BASE-T, 8 x 10 GE SFP+
Extended Slots

1 extended slot: Optional subcard

1: 2 x 10 GE SFP+ Optional subcard

2: 4 x 10 GE SFP+ Optional subcard

3: 4 x 1,000 BASE-X

3 front extended slots:

Optional subcard 1: 16 x 10/100/1,000 BASE-T

Optional subcard 2: 16 x 1,000 BASE-X 1 rear extended slot:

Optional subcard 1: 4 x 10 GE SFP+ (no GE auto adaption)

Optional subcard 2: 4 x 40 GE QSFP+

MAC Address Table

IEEE 802.1d compliance

32K MAC address entries

MAC address learning and aging

Static, dynamic, and blackhole MAC address entries

Packet filtering based on source MAC addresses

IEEE 802.1d compliance

456K MAC address entries

MAC address learning and aging

Static, dynamic, and blackhole MAC address entries

Packet filtering based on source MAC addresses

VLAN

4K VLANs

Guest VLAN and voice VLAN

GVRP

MUX VLAN

VLAN assignment based on MAC addresses, protocols, IP subnets, policies, and ports

1:1 and N:1 VLAN Mapping

Reliability

RRPP ring topology and RRPP multi-instance

Smart Link tree topology and Smart Link multi-instance, providing the millisecond-level protection switchover

SEP

ERPS (G.8032)

BFD for OSPF, BFD for IS-IS, BFD for VRRP, and BFD for PIM

STP (IEEE 802.1d), RSTP (IEEE 802.1w), and MSTP (IEEE 802.1s)

BPDU protection, root protection, and loop protection

MPLS Features

MPLS L3VPN

MPLS L2VPN (VPWS/VPLS)

MPLS-TE

MPLS QoS

IP Routing Static routing, RIPv1/v2, OSPF, IS-IS, BGP, and ECMP
IPv6 Features

Neighbor Discovery (ND)

Path MTU (PMTU)

IPv6 ping, IPv6 tracert

6to4 tunnel, ISATAP tunnel, and manually configured tunnel

ACLs based on the source IPv6 address, destination IPv6 address, Layer 4 ports, or protocol type

IPv6 Static routing, RIPng, OSPFv3, IS-ISv6, BGP4+, and ECMP

Multicast

IGMP v1/v2/v3 snooping and IGMP fast leave MLD v1/v2 snooping

Multicast forwarding in a VLAN and multicast replication between VLANs

Multicast load balancing among member ports of a trunk

Controllable multicast

Port-based multicast traffic statistics

IGMPv1/v2/v3, MLDv1/v2, PIM-SM, PIM-DM, PIM-SSM, and MSDP

QoS/ACL

Rate limiting on packets sent and received by an interface

Packet redirection

Port-based traffic policing and two-rate three-color CAR

Eight queues on each port WRR, DRR, PQ, WRR + PQ, and DRR + PQ queue scheduling algorithms

WRED

Re-marking of the 802.1p priority and DSCP priority

Packet filtering at Layer 2 to Layer 4, filtering out invalid frames based on the source MAC address, destination MAC address, source IP address, destination IP address, TCP/UDP port number, protocol type, and VLAN ID

Rate limiting in each queue and traffic shaping on ports

Security

User privilege management and password protection

DoS attack defense, ARP attack defense, and ICMP attack defense

Binding of the IP address, MAC address, interface, and VLAN

Port isolation, port security, and sticky MAC

Blackhole MAC address entries

Limit on the number of learned MAC addresses

802.1x authentication and limit on the number of users on an interface

AAA authentication, RADIUS authentication, HWTACACS+ authentication, and NAC

SSH v2.0

Hypertext Transfer Protocol Secure (HTTPS)

CPU defense

Blacklist and whitelist

OAM

Hardware OAM:

EFM OAM

CFM OAM

Y.1731 performance test (hardware-level delay and jitter detection)

Software OAM:

EFM OAM

CFM OAM

Y.1731 performance test

Management and Maintenance

iStack

MAC Forced Forwarding (MFF)

Virtual cable test

SNMP v1/v2c/v3

RMON

Web-based NMS

System logs and alarms of different levels

802.3az EEE

sFlow

NetStream

Dying gasp

Operating Environment

Operating temperature: 0℃ to 50℃

Relative humidity: 5% to 95% (non-condensing)

Input Voltage

AC:

Rated voltage range: 100V to 240V AC, 50/60 Hz Maximum voltage range: 90V to 264V AC, 50/60 Hz

DC:

Rated voltage range: –48V to –60V, DC Maximum voltage range: –36V to –72V, DC

Dimensions (W x D x H)

442 mm x 220 mm x 43.6 mm

442 mm x 470 mm x 87.2 mm
Power Consumption

< 76W

< 80W

< 1,680W

(Device: 240W, PoE: 1440W)

The product information may contain the product functions provided in future. For the actual product specifications, contact Huawei local sales office.


Deployment Scenarios

On medium-sized enterprise networks

    The S5710-HI can function as a core switch on a medium-sized enterprise network. With four extended slots, the S5710-HI can have various subcards installed to provide more interfaces and bandwidth for fast increasing services.

    S5700-Hi-deployment2

On large-sized enterprise networks

    The S5700-HI can function as an access device on a large-sized enterprise network or an aggregation device on a small-sized or medium-sized campus network. It supports link aggregation and dual-homing to improve network reliability.

    S5700-Hi-depoyment2

In data centers

    The S5700-HI can be used in a data center. It connects to gigabit servers and aggregates traffic from the servers to uplink devices through trunk links. If multiple servers are available, an S5700 stack can be used to facilitate network maintenance and improve network reliability.

S5700-Hi-deployment

 

 

Ordering Information

Product Description
S5700-28C-HI-24S (24 x Gig SFP, with 1 interface slot)
S5700-28C-HI (24 x Ethernet 10/100/1,000 ports, with 1 interface slot)
S5710-108C-PWR-HI (48 x Ethernet 10/100/1,000 ports,8 x 10 Gig SFP+, PoE+, with 4 interface slots)
2 x 10 Gig SFP+ interface card (used in S5700-HI series)
4 x 10 Gig SFP+ interface card (used in S5700-HI series)
4 x Gig SFP interface card (used in S5700-HI series)
16 x Gig SFP Interface Card (used in S5710-HI series)
16 x Ethernet 10/100/1,000 ports Interface Card (used in S5710-HI series)
4 x 40 Gig QSFP+ Interface Card (used in S5710-HI series)
4 x 10 Gig SFP+ Interface Card (used in S5710-HI series)
170W DC Power Module (used in S5700-HI series)
170W AC Power Module (used in S5700-HI series)
350W AC Power Module (used in S5710-HI series)
1,150W AC PoE Power Module