Scribd
Upload
39 views

MA5800 Product Documentation and Configuration

Uploaded by

elahi elahi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
39 views

MA5800 Product Documentation and Configuration

Uploaded by

elahi elahi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 748

MA5800

V100R020C00
MA5800 Product Documentation

Issue Date 2021-03-15

HUAWEI TECHNOLOGIES CO., LTD.


Copyright © Huawei Technologies Co., Ltd. 2024. All rights reserved.
No part of this document may be reproduced or transmitted in any form or by any means without prior written consent
of Huawei Technologies Co., Ltd.

Trademarks and Permissions

and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.
All other trademarks and trade names mentioned in this document are the property of their respective holders.

Notice
The purchased products, services and features are stipulated by the contract made between Huawei and the customer.
All or part of the products, services and features described in this document may not be within the purchase scope or
the usage scope. Unless otherwise specified in the contract, all statements, information, and recommendations in this
document are provided "AS IS" without warranties, guarantees or representations of any kind, either express or
implied.

The information in this document is subject to change without notice. Every effort has been made in the preparation of
this document to ensure accuracy of the contents, but all statements, information, and recommendations in this
document do not constitute a warranty of any kind, express or implied.

Huawei Technologies Co., Ltd.


Address: Huawei Industrial Base
Bantian, Longgang
Shenzhen 518129
People's Republic of China

Website: https://www.huawei.com

Email: [email protected]
MA5800 Product Documentation

Contents
Contents...........................................................................................................................................................................................1
1 Configuration .............................................................................................................................................................................32
Configuration............................................................................................................................................................................32
1.1 Basic Configurations ...............................................................................................................................................................33
Basic Configurations ................................................................................................................................................................33
1.1.1 Configuring Alarms ..............................................................................................................................................................33
Configuring Alarms ..................................................................................................................................................................33
Context ............................................................................................................................................................................33
Procedure ........................................................................................................................................................................34
Example ...........................................................................................................................................................................35
1.1.2 Adding Port Description......................................................................................................................................................36
Adding Port Description ..........................................................................................................................................................36
Prerequisites ...................................................................................................................................................................37
Procedure ........................................................................................................................................................................37
Example ...........................................................................................................................................................................37
1.1.3 Configuring the Attributes of an Upstream Ethernet Port ...............................................................................................37
Configuring the Attributes of an Upstream Ethernet Port ....................................................................................................37
Prerequisites ...................................................................................................................................................................37
Context ............................................................................................................................................................................38
Default Configuration .....................................................................................................................................................38
Procedure ........................................................................................................................................................................38
Example ...........................................................................................................................................................................40
1.2 FTTH Configuration ................................................................................................................................................................40
FTTH Configuration .................................................................................................................................................................40
1.2.1 Basic Concepts .....................................................................................................................................................................41
Basic Concepts..........................................................................................................................................................................41
FTTH Networking Using PON Upstream Transmission ..............................................................................................41
FTTH Networking Using P2P Upstream Transmission ...............................................................................................42
User Side .........................................................................................................................................................................42
Access Side ......................................................................................................................................................................42
Network Side ..................................................................................................................................................................43
1.2.2 Principle of FTTH Data Plan................................................................................................................................................43
Principle of FTTH Data Plan ....................................................................................................................................................43
1.2.2.1 Data Plan Principles for IP Addresses .............................................................................................................................44
Data Plan Principles for IP Addresses ....................................................................................................................................44
1.2.2.2 Principle of QoS Planning .................................................................................................................................................45
Principle of QoS Planning ........................................................................................................................................................45
Traffic Classification, Marking, and Scheduling Policy ................................................................................................45
Traffic Monitoring and DBA Policy................................................................................................................................45
1.2.2.3 Principles of Internet and Wi-Fi Access Services Data Planning...................................................................................47
Principles of Internet and Wi-Fi Access Services Data Planning ..........................................................................................47
1.2.2.4 Principle of Voice Service Data Plan ................................................................................................................................48

2024-09-17 1
MA5800 Product Documentation

Principle of Voice Service Data Plan .......................................................................................................................................48


VLAN and VLAN Translation Policy ..............................................................................................................................48
Voice Data Plan Based on H.248 or SIP .........................................................................................................................49
1.2.2.5 Principle of IPTV Service Data Plan .................................................................................................................................51
Principle of IPTV Service Data Plan ........................................................................................................................................51
1.2.2.6 Principle of Security Data Plan ........................................................................................................................................53
Principle of Security Data Plan................................................................................................................................................53
System Security ..............................................................................................................................................................53
User Security ...................................................................................................................................................................53
Service Security ..............................................................................................................................................................53
1.2.3 Bridging + Voice ONT Network Scenario (GPON/XG-PON/XGS-PON Networking) .......................................................54
Bridging + Voice ONT Network Scenario (GPON/XG-PON/XGS-PON Networking) ...........................................................54
1.2.3.1 Service Requirements and Application Scenario ...........................................................................................................55
Service Requirements and Application Scenario ...................................................................................................................55
Service Requirements ....................................................................................................................................................55
Application Scenario ......................................................................................................................................................56
1.2.3.2 Configuration Process ......................................................................................................................................................56
Configuration Process..............................................................................................................................................................56
1.2.3.3 Adding an ONT to an OLT.................................................................................................................................................58
Adding an ONT to an OLT ........................................................................................................................................................58
Data Plan .........................................................................................................................................................................58
Procedure ........................................................................................................................................................................59
1.2.3.4 Configuring the Internet Access Service .........................................................................................................................62
Configuring the Internet Access Service ................................................................................................................................62
Prerequisites ...................................................................................................................................................................62
Data Plan .........................................................................................................................................................................62
Procedure ........................................................................................................................................................................63
1.2.3.5 Configuring the H.248-based Voice Service (on a Web Page) .......................................................................................64
Configuring the H.248-based Voice Service (on a Web Page) ..............................................................................................64
Prerequisites ...................................................................................................................................................................64
Data Plan .........................................................................................................................................................................65
Procedure ........................................................................................................................................................................65
1.2.3.6 Configuring the H.248-based Voice Service (Through the CLI) ....................................................................................68
Configuring the H.248-based Voice Service (Through the CLI)............................................................................................68
Prerequisites ...................................................................................................................................................................68
Data Plan .........................................................................................................................................................................69
Procedure ........................................................................................................................................................................69
1.2.3.7 Configuring the SIP-based Voice Service (on a Web Page) ............................................................................................73
Configuring the SIP-based Voice Service (on a Web Page) ...................................................................................................73
Prerequisites ...................................................................................................................................................................73
Data Plan .........................................................................................................................................................................74
Procedure ........................................................................................................................................................................74
1.2.3.8 Configuring the SIP-based Voice Service (Through the CLI) .........................................................................................77
Configuring the SIP-based Voice Service (Through the CLI) ................................................................................................77

2024-09-17 2
MA5800 Product Documentation

Prerequisites ...................................................................................................................................................................78
Data Plan .........................................................................................................................................................................78
Procedure ........................................................................................................................................................................78
1.2.3.9 Configuring the BTV Service ............................................................................................................................................83
Configuring the BTV Service ...................................................................................................................................................83
Prerequisites ...................................................................................................................................................................83
Data Plan .........................................................................................................................................................................84
Procedure ........................................................................................................................................................................84
1.2.3.10 Configuring the VoD Service ..........................................................................................................................................87
Configuring the VoD Service ...................................................................................................................................................87
Prerequisites ...................................................................................................................................................................87
Data Plan .........................................................................................................................................................................87
Procedure ........................................................................................................................................................................87
1.2.3.11 Configuring Link Aggregation, Congestion Control, and Security Policies.................................................................88
Configuring Link Aggregation, Congestion Control, and Security Policies ..........................................................................88
Context ............................................................................................................................................................................89
Procedure ........................................................................................................................................................................89
1.2.3.12 Verifying Services ...........................................................................................................................................................92
Verifying Services ....................................................................................................................................................................92
Prerequisites ...................................................................................................................................................................92
Background .....................................................................................................................................................................92
Data plan .........................................................................................................................................................................93
Procedure ........................................................................................................................................................................93
1.2.4 Bridging ONT + HGW Network Scenario (GPON/XG-PON/XGS-PON Networking) .......................................................97
Bridging ONT + HGW Network Scenario (GPON/XG-PON/XGS-PON Networking) ............................................................97
1.2.4.1 Service Requirements and Application Scenario ...........................................................................................................98
Service Requirements and Application Scenario ...................................................................................................................98
Service Requirements ....................................................................................................................................................98
Application Scenario ......................................................................................................................................................99
1.2.4.2 Configuration Process ......................................................................................................................................................99
Configuration Process..............................................................................................................................................................99
1.2.4.3 Adding an ONT to an OLT...............................................................................................................................................100
Adding an ONT to an OLT ......................................................................................................................................................100
Data Plan .......................................................................................................................................................................100
Procedure ......................................................................................................................................................................101
1.2.4.4 Configuring the Internet Access Service .......................................................................................................................104
Configuring the Internet Access Service ..............................................................................................................................104
Prerequisites .................................................................................................................................................................104
Data Plan .......................................................................................................................................................................105
Procedure ......................................................................................................................................................................105
1.2.4.5 Configuring the Voice Service ........................................................................................................................................107
Configuring the Voice Service ...............................................................................................................................................107
Prerequisites .................................................................................................................................................................107
Data Plan .......................................................................................................................................................................107

2024-09-17 3
MA5800 Product Documentation

Procedure ......................................................................................................................................................................108
1.2.4.6 Configuring the BTV Service ..........................................................................................................................................110
Configuring the BTV Service .................................................................................................................................................110
Prerequisites .................................................................................................................................................................110
Data Plan .......................................................................................................................................................................111
Procedure ......................................................................................................................................................................111
1.2.4.7 Configuring the VoD Service ..........................................................................................................................................114
Configuring the VoD Service .................................................................................................................................................114
Prerequisites .................................................................................................................................................................114
Data Plan .......................................................................................................................................................................114
Procedure ......................................................................................................................................................................115
1.2.4.8 Configuring Link Aggregation, Congestion Control, and Security Policies .................................................................117
Configuring Link Aggregation, Congestion Control, and Security Policies ........................................................................117
Context ..........................................................................................................................................................................117
Procedure ......................................................................................................................................................................117
1.2.4.9 Verifying Services ...........................................................................................................................................................120
Verifying Services ..................................................................................................................................................................120
Prerequisites .................................................................................................................................................................121
Background ...................................................................................................................................................................121
Data plan .......................................................................................................................................................................121
Procedure ......................................................................................................................................................................122
1.2.5 Gateway ONT Network Scenario (GPON/XG-PON/XGS-PON Networking) ..................................................................126
Gateway ONT Network Scenario (GPON/XG-PON/XGS-PON Networking).......................................................................126
1.2.5.1 Service Requirements and Application Scenario .........................................................................................................127
Service Requirements and Application Scenario .................................................................................................................127
Service Requirements ..................................................................................................................................................127
Application Scenario ....................................................................................................................................................128
1.2.5.2 Configuration Process ....................................................................................................................................................128
Configuration Process............................................................................................................................................................128
1.2.5.3 Adding an ONT to an OLT...............................................................................................................................................130
Adding an ONT to an OLT ......................................................................................................................................................130
Data Plan .......................................................................................................................................................................130
Procedure ......................................................................................................................................................................131
1.2.5.4 Configuring the Internet Access Service (on a Web Page )..........................................................................................134
Configuring the Internet Access Service (on a Web Page ) .................................................................................................134
Prerequisites .................................................................................................................................................................134
Data Plan .......................................................................................................................................................................134
Procedure ......................................................................................................................................................................135
1.2.5.5 Configuring the Wi-Fi Access Service (on a Web Page) ...............................................................................................137
Configuring the Wi-Fi Access Service (on a Web Page) ......................................................................................................137
Prerequisites .................................................................................................................................................................137
Data Plan .......................................................................................................................................................................138
Procedure ......................................................................................................................................................................138
Result.............................................................................................................................................................................142

2024-09-17 4
MA5800 Product Documentation

1.2.5.6 Configuring the H.248-based Voice Service (on a Web Page) .....................................................................................143
Configuring the H.248-based Voice Service (on a Web Page) ............................................................................................143
Prerequisites .................................................................................................................................................................143
Context ..........................................................................................................................................................................143
Procedure ......................................................................................................................................................................144
1.2.5.7 Configuring the H.248-based Voice Service (Through the CLI) ..................................................................................147
Configuring the H.248-based Voice Service (Through the CLI)..........................................................................................147
Prerequisites .................................................................................................................................................................147
Context ..........................................................................................................................................................................147
Procedure ......................................................................................................................................................................148
1.2.5.8 Configuring the SIP-based Voice Service (on a Web Page ) .........................................................................................152
Configuring the SIP-based Voice Service (on a Web Page ) ................................................................................................152
Prerequisites .................................................................................................................................................................152
Data Plan .......................................................................................................................................................................153
Procedure ......................................................................................................................................................................153
1.2.5.9 Configuring the SIP-based Voice Service (Through the CLI) .......................................................................................157
Configuring the SIP-based Voice Service (Through the CLI) ..............................................................................................157
Prerequisites .................................................................................................................................................................157
Data Plan .......................................................................................................................................................................157
Procedure ......................................................................................................................................................................158
1.2.5.10 Configuring the BTV Service (on the Web Page) ........................................................................................................163
Configuring the BTV Service (on the Web Page) .................................................................................................................163
Prerequisites .................................................................................................................................................................163
Data Plan .......................................................................................................................................................................163
Procedure ......................................................................................................................................................................164
1.2.5.11 Configuring the VoD Service (on the Web Page) ........................................................................................................167
Configuring the VoD Service (on the Web Page) .................................................................................................................167
Prerequisites .................................................................................................................................................................167
Data Plan .......................................................................................................................................................................168
Procedure ......................................................................................................................................................................168
1.2.5.12 Configuring the CATV Service......................................................................................................................................170
Configuring the CATV Service ...............................................................................................................................................170
Prerequisites .................................................................................................................................................................170
Context ..........................................................................................................................................................................171
Procedure ......................................................................................................................................................................171
1.2.5.13 Configuring Any Port Any Service (on the Web Page) ...............................................................................................171
Configuring Any Port Any Service (on the Web Page) ........................................................................................................171
Prerequisites .................................................................................................................................................................171
Data Plan .......................................................................................................................................................................172
Procedure ......................................................................................................................................................................173
Result.............................................................................................................................................................................178
1.2.5.14 Configuring Link Aggregation, Congestion Control, and Security Policies...............................................................178
Configuring Link Aggregation, Congestion Control, and Security Policies ........................................................................178
Context ..........................................................................................................................................................................178

2024-09-17 5
MA5800 Product Documentation

Procedure ......................................................................................................................................................................178
1.2.5.15 Verifying Services .........................................................................................................................................................181
Verifying Services ..................................................................................................................................................................181
Prerequisites .................................................................................................................................................................182
Background ...................................................................................................................................................................182
Data plan .......................................................................................................................................................................182
Procedure ......................................................................................................................................................................183
1.2.6 Configuring Triple Play Service (GPON/XG-PON/XGS-PON Networking in Simplified Mode)....................................187
Configuring Triple Play Service (GPON/XG-PON/XGS-PON Networking in Simplified Mode) ........................................187
Service Requirements ..................................................................................................................................................187
Prerequisite ..................................................................................................................................................................187
Procedure ......................................................................................................................................................................188
Result.............................................................................................................................................................................193
1.2.7 Configuring Triple Play Service (GPON/XG-PON/XGS-PON Networking, Multicast and Internet Access in the Same S-
VLAN) ..........................................................................................................................................................................................193
Configuring Triple Play Service (GPON/XG-PON/XGS-PON Networking, Multicast and Internet Access in the Same S-
VLAN) ......................................................................................................................................................................................193
Service Requirements ..................................................................................................................................................193
Prerequisite ..................................................................................................................................................................194
Procedure ......................................................................................................................................................................194
Result.............................................................................................................................................................................205
1.2.8 Configuring FTTH Service (P2P Access) ..........................................................................................................................205
Configuring FTTH Service (P2P Access)...............................................................................................................................205
Service Requirements ..................................................................................................................................................205
Prerequisite ..................................................................................................................................................................206
Procedure ......................................................................................................................................................................207
Result.............................................................................................................................................................................210
1.3 FTTB and FTTC Configuration .............................................................................................................................................210
FTTB and FTTC Configuration ..............................................................................................................................................210
1.3.1 Basic Concept .....................................................................................................................................................................211
Basic Concept .........................................................................................................................................................................211
Integrated FTTB and FTTC Network Diagram ...........................................................................................................211
User Side .......................................................................................................................................................................212
Access Side ....................................................................................................................................................................212
Network Side ................................................................................................................................................................213
1.3.2 Principle of FTTB and FTTC Data Plan .............................................................................................................................213
Principle of FTTB and FTTC Data Plan .................................................................................................................................213
1.3.2.1 Principle of Device Management Data Plan ..................................................................................................................214
Principle of Device Management Data Plan .........................................................................................................................214
1.3.2.2 Principle of QoS Planning ...............................................................................................................................................215
Principle of QoS Planning ......................................................................................................................................................215
Traffic Classification, Marking, and Scheduling Policies............................................................................................215
Traffic Monitoring and DBA Policies ...........................................................................................................................215
1.3.2.3 Principle of Internet Access Service Data Plan .............................................................................................................217

2024-09-17 6
MA5800 Product Documentation

Principle of Internet Access Service Data Plan ....................................................................................................................217


Note ...............................................................................................................................................................................217
VLAN Planning and VLAN Translation Policy on PON Networks .............................................................................217
VLAN Planning and VLAN Translation Policy on Ethernet Cascading Networks ....................................................218
1.3.2.4 Principle of VoIP Service Data Plan ...............................................................................................................................219
Principle of VoIP Service Data Plan ......................................................................................................................................219
Note ...............................................................................................................................................................................219
VLAN Planning and VLAN Translation Policy on PON Networks .............................................................................219
VLAN Planning and VLAN Translation Policy on Ethernet Cascading Networks ....................................................220
VoIP data plan based on H.248 or SIP .........................................................................................................................220
1.3.2.5 Principle of IPTV Service Data Plan ...............................................................................................................................222
Principle of IPTV Service Data Plan ......................................................................................................................................222
Note ...............................................................................................................................................................................222
VLAN and VLAN translation policy .............................................................................................................................222
Data plan for multicast service ....................................................................................................................................225
1.3.2.6 Principle of Security Data Plan ......................................................................................................................................225
Principle of Security Data Plan..............................................................................................................................................225
System Security ............................................................................................................................................................226
User Security .................................................................................................................................................................226
Service Security ............................................................................................................................................................226
1.3.3 FTTB Networking (GPON&XG-PON&XGS-PON Networking, LAN Access, Without HGW) ..........................................227
FTTB Networking (GPON&XG-PON&XGS-PON Networking, LAN Access, Without HGW) ...............................................227
Context ..........................................................................................................................................................................227
1.3.3.1 Service Requirements and Application Scenarios........................................................................................................228
Service Requirements and Application Scenarios ...............................................................................................................228
Service Requirements ..................................................................................................................................................229
Application Scenarios ...................................................................................................................................................229
1.3.3.2 Configuration Procedure ................................................................................................................................................229
Configuration Procedure .......................................................................................................................................................229
1.3.3.3 Adding an ONU to an OLT ..............................................................................................................................................231
Adding an ONU to an OLT ......................................................................................................................................................231
Context ..........................................................................................................................................................................231
Data Plan .......................................................................................................................................................................231
Procedure ......................................................................................................................................................................232
Follow-up Procedure....................................................................................................................................................235
1.3.3.4 Configuring the Management Channel Between the OLT and the ONU .....................................................................235
Configuring the Management Channel Between the OLT and the ONU .............................................................................235
Data plan .......................................................................................................................................................................235
Procedure ......................................................................................................................................................................236
1.3.3.5 Configuring the Service Channel Between the OLT and the ONU ...............................................................................236
Configuring the Service Channel Between the OLT and the ONU ......................................................................................236
Context ..........................................................................................................................................................................236
Data plan .......................................................................................................................................................................237
Procedure ......................................................................................................................................................................237

2024-09-17 7
MA5800 Product Documentation

1.3.3.6 Configuring LAN Internet Access Service (on the ONU) ..............................................................................................238
Configuring LAN Internet Access Service (on the ONU) .....................................................................................................238
Data plan .......................................................................................................................................................................238
Procedure ......................................................................................................................................................................239
1.3.3.7 Configuring Link Aggregation, Congestion Control, and Security Policies .................................................................240
Configuring Link Aggregation, Congestion Control, and Security Policies ........................................................................240
Context ..........................................................................................................................................................................240
Procedure ......................................................................................................................................................................240
1.3.3.8 Verifying Services ...........................................................................................................................................................243
Verifying Services ..................................................................................................................................................................243
Prerequisites .................................................................................................................................................................243
Background Information..............................................................................................................................................243
Procedure ......................................................................................................................................................................244
1.3.4 FTTB/C Networking (GPON&XG-PON&XGS-PON Networking, xDSL Access, Without HGW) .....................................245
FTTB/C Networking (GPON&XG-PON&XGS-PON Networking, xDSL Access, Without HGW) .........................................245
Context ..........................................................................................................................................................................245
1.3.4.1 Service Requirements and Application Scenarios........................................................................................................246
Service Requirements and Application Scenarios ...............................................................................................................246
Service Requirements ..................................................................................................................................................246
Application Scenario ....................................................................................................................................................246
1.3.4.2 Configuration Procedure ................................................................................................................................................247
Configuration Procedure .......................................................................................................................................................247
1.3.4.3 Adding an ONU to an OLT ..............................................................................................................................................248
Adding an ONU to an OLT ......................................................................................................................................................248
Context ..........................................................................................................................................................................248
Data Plan .......................................................................................................................................................................249
Procedure ......................................................................................................................................................................250
Follow-up Procedure....................................................................................................................................................252
1.3.4.4 Configuring the Management Channel Between the OLT and the ONU .....................................................................253
Configuring the Management Channel Between the OLT and the ONU .............................................................................253
Data plan .......................................................................................................................................................................253
Procedure ......................................................................................................................................................................253
1.3.4.5 Configuring the Service Channel Between the OLT and the ONU ...............................................................................254
Configuring the Service Channel Between the OLT and the ONU ......................................................................................254
Context ..........................................................................................................................................................................254
Data plan .......................................................................................................................................................................254
Procedure ......................................................................................................................................................................255
1.3.4.6 Configuring the Internet Access Service (ADSL2+ Access, on the ONU) ....................................................................256
Configuring the Internet Access Service (ADSL2+ Access, on the ONU) ............................................................................256
Context ..........................................................................................................................................................................256
Data Plan .......................................................................................................................................................................257
Procedure ......................................................................................................................................................................257
1.3.4.7 Configuring SuperVector (on the ONU) ........................................................................................................................258
Configuring SuperVector (on the ONU) ................................................................................................................................258

2024-09-17 8
MA5800 Product Documentation

Data Plan .......................................................................................................................................................................258


Procedure ......................................................................................................................................................................259
1.3.4.8 Configuring Link Aggregation, Congestion Control, and Security Policies .................................................................260
Configuring Link Aggregation, Congestion Control, and Security Policies ........................................................................260
Context ..........................................................................................................................................................................260
Procedure ......................................................................................................................................................................260
1.3.4.9 Verifying Services ...........................................................................................................................................................264
Verifying Services ..................................................................................................................................................................264
Prerequisites .................................................................................................................................................................264
Background Information..............................................................................................................................................264
Procedure ......................................................................................................................................................................264
1.3.5 FTTB/C+HGW Networking (GPON&XG-PON&XGS-PON Networking, ONU Providing the VoIP Service) ..................265
FTTB/C+HGW Networking (GPON&XG-PON&XGS-PON Networking, ONU Providing the VoIP Service).......................265
Context ..........................................................................................................................................................................265
1.3.5.1 Service Requirements and Application Scenarios........................................................................................................267
Service Requirements and Application Scenarios ...............................................................................................................267
Service Requirements ..................................................................................................................................................267
Application Scenario ....................................................................................................................................................267
1.3.5.2 Configuration Procedure ................................................................................................................................................268
Configuration Procedure .......................................................................................................................................................268
1.3.5.3 Adding an ONU to an OLT ..............................................................................................................................................270
Adding an ONU to an OLT ......................................................................................................................................................270
Context ..........................................................................................................................................................................270
Data Plan .......................................................................................................................................................................271
Procedure ......................................................................................................................................................................271
Follow-up Procedure....................................................................................................................................................274
1.3.5.4 Configuring the Management Channel Between the OLT and the ONU .....................................................................274
Configuring the Management Channel Between the OLT and the ONU .............................................................................274
Data plan .......................................................................................................................................................................274
Procedure ......................................................................................................................................................................275
1.3.5.5 Configuring the Service Channel Between the OLT and the ONU ...............................................................................276
Configuring the Service Channel Between the OLT and the ONU ......................................................................................276
Prerequisites .................................................................................................................................................................276
Data Plan .......................................................................................................................................................................276
Procedure ......................................................................................................................................................................276
1.3.5.6 Configuring the Internet Access Service (LAN Access, on the ONU) ...........................................................................279
Configuring the Internet Access Service (LAN Access, on the ONU) ..................................................................................279
Data Plan .......................................................................................................................................................................279
Procedure ......................................................................................................................................................................279
1.3.5.7 Configuring H.248 Voice Service (on the ONU) ............................................................................................................280
Configuring H.248 Voice Service (on the ONU) ...................................................................................................................280
Prerequisites .................................................................................................................................................................280
Precautions ...................................................................................................................................................................280
Data plan .......................................................................................................................................................................281

2024-09-17 9
MA5800 Product Documentation

Procedure ......................................................................................................................................................................282
1.3.5.8 Configuring SIP Voice Service (on the ONU) .................................................................................................................284
Configuring SIP Voice Service (on the ONU) ........................................................................................................................284
Prerequisites .................................................................................................................................................................284
Precautions ...................................................................................................................................................................284
Data Plan .......................................................................................................................................................................284
Procedure ......................................................................................................................................................................285
1.3.5.9 Configuring the IPTV Service (on the ONU)..................................................................................................................287
Configuring the IPTV Service (on the ONU) .........................................................................................................................287
Data Plan .......................................................................................................................................................................287
Procedure ......................................................................................................................................................................288
1.3.5.10 Configuring Link Aggregation, Congestion Control, and Security Policies...............................................................290
Configuring Link Aggregation, Congestion Control, and Security Policies ........................................................................290
Context ..........................................................................................................................................................................290
Procedure ......................................................................................................................................................................290
1.3.5.11 Configuring the Internet Access Service (on the HGW).............................................................................................293
Configuring the Internet Access Service (on the HGW) ......................................................................................................293
Context ..........................................................................................................................................................................294
Procedure ......................................................................................................................................................................294
1.3.5.12 Configuring the IPTV Service (on the HGW) ..............................................................................................................295
Configuring the IPTV Service (on the HGW) ........................................................................................................................295
Context ..........................................................................................................................................................................295
Procedure ......................................................................................................................................................................295
1.3.5.13 Verifying Services .........................................................................................................................................................296
Verifying Services ..................................................................................................................................................................296
Prerequisites .................................................................................................................................................................296
Background Information..............................................................................................................................................296
Procedure ......................................................................................................................................................................296
1.3.6 FTTB/C+HGW Networking (GPON&XG-PON&XGS-PON Networking, HGW Providing the VoIP Service) .................298
FTTB/C+HGW Networking (GPON&XG-PON&XGS-PON Networking, HGW Providing the VoIP Service)......................298
Context ..........................................................................................................................................................................298
1.3.6.1 Service Requirements and Application Scenarios........................................................................................................300
Service Requirements and Application Scenarios ...............................................................................................................300
Service Requirements ..................................................................................................................................................300
Application Scenario ....................................................................................................................................................300
1.3.6.2 Configuration Procedure ................................................................................................................................................301
Configuration Procedure .......................................................................................................................................................301
1.3.6.3 Adding an ONU to an OLT ..............................................................................................................................................302
Adding an ONU to an OLT ......................................................................................................................................................302
Context ..........................................................................................................................................................................303
Data Plan .......................................................................................................................................................................303
Procedure ......................................................................................................................................................................304
Follow-up Procedure....................................................................................................................................................306
1.3.6.4 Configuring the Management Channel Between the OLT and the ONU .....................................................................307

2024-09-17 10
MA5800 Product Documentation

Configuring the Management Channel Between the OLT and the ONU .............................................................................307
Data plan .......................................................................................................................................................................307
Procedure ......................................................................................................................................................................307
1.3.6.5 Configuring the Service Channel Between the OLT and the ONU ...............................................................................308
Configuring the Service Channel Between the OLT and the ONU ......................................................................................308
Prerequisites .................................................................................................................................................................308
Data Plan .......................................................................................................................................................................308
Procedure ......................................................................................................................................................................309
1.3.6.6 Configuring the Internet Access Service (LAN Access, on the ONU) ...........................................................................312
Configuring the Internet Access Service (LAN Access, on the ONU) ..................................................................................312
Data Plan .......................................................................................................................................................................312
Procedure ......................................................................................................................................................................312
1.3.6.7 Configuring the Voice Service Channel (on the ONU) ..................................................................................................313
Configuring the Voice Service Channel (on the ONU) .........................................................................................................313
Data Plan .......................................................................................................................................................................313
Procedure ......................................................................................................................................................................313
1.3.6.8 Configuring the IPTV Service (on the ONU)..................................................................................................................314
Configuring the IPTV Service (on the ONU) .........................................................................................................................314
Data Plan .......................................................................................................................................................................314
Procedure ......................................................................................................................................................................315
1.3.6.9 Configuring Link Aggregation, Congestion Control, and Security Policies .................................................................317
Configuring Link Aggregation, Congestion Control, and Security Policies ........................................................................317
Context ..........................................................................................................................................................................317
Procedure ......................................................................................................................................................................317
1.3.6.10 Configuring the Internet Access Service (on the HGW).............................................................................................320
Configuring the Internet Access Service (on the HGW) ......................................................................................................320
Context ..........................................................................................................................................................................320
Procedure ......................................................................................................................................................................320
1.3.6.11 Configuring the IPTV Service (on the HGW) ..............................................................................................................321
Configuring the IPTV Service (on the HGW) ........................................................................................................................321
Context ..........................................................................................................................................................................321
Procedure ......................................................................................................................................................................321
1.3.6.12 Configuring the VoIP Service (on the HGW) ...............................................................................................................322
Configuring the VoIP Service (on the HGW) ........................................................................................................................322
Context ..........................................................................................................................................................................322
Procedure ......................................................................................................................................................................323
1.3.6.13 Verifying Services .........................................................................................................................................................324
Verifying Services ..................................................................................................................................................................324
Prerequisites .................................................................................................................................................................324
Context ..........................................................................................................................................................................324
Procedure ......................................................................................................................................................................324
1.4 FTTO Configuration (Large-sized Enterprise Access) .......................................................................................................325
FTTO Configuration (Large-sized Enterprise Access).........................................................................................................325
1.4.1 Overview of Enterprise Access Service ............................................................................................................................326

2024-09-17 11
MA5800 Product Documentation

Overview of Enterprise Access Service ................................................................................................................................326


Network Diagram of Enterprise Access Service .........................................................................................................326
User Side .......................................................................................................................................................................326
Access Side ....................................................................................................................................................................327
Network Side ................................................................................................................................................................327
1.4.2 Principle of Planning Data for Enterprise Access Service ..............................................................................................328
Principle of Planning Data for Enterprise Access Service ...................................................................................................328
1.4.2.1 Principle of Equipment Management Data Plan...........................................................................................................328
Principle of Equipment Management Data Plan ..................................................................................................................328
Management VLAN Planning .......................................................................................................................................329
IP Address Planning .....................................................................................................................................................329
1.4.2.2 Principle of VLAN Data Plan ..........................................................................................................................................329
Principle of VLAN Data Plan ..................................................................................................................................................329
VLAN and VLAN Translation Policy ............................................................................................................................329
1.4.2.3 Principle of QoS Data Plan .............................................................................................................................................331
Principle of QoS Data Plan .....................................................................................................................................................331
Layer 2 interoperation Between Different Enterprise Branches..............................................................................331
Enterprise DDN Private Line Access ...........................................................................................................................331
Enterprise PRA PBX Access .........................................................................................................................................332
Enterprise IP PBX Access .............................................................................................................................................332
Enterprise E1/T1 unified access .................................................................................................................................333
Enterprise E1/T1 unified access (OLT Cascading) ....................................................................................................333
1.4.2.4 Principle of Protocol Transparent Transmission Data Plan ........................................................................................333
Principle of Protocol Transparent Transmission Data Plan ...............................................................................................333
Configurations for Protocol Transparent Transmission ...........................................................................................333
1.4.2.5 Principle of Security Data Plan ......................................................................................................................................334
Principle of Security Data Plan..............................................................................................................................................334
System Security ............................................................................................................................................................334
User Security .................................................................................................................................................................335
1.4.2.6 Principle of Reliability Data Plan ...................................................................................................................................335
Principle of Reliability Data Plan ..........................................................................................................................................335
Equipment Reliability ..................................................................................................................................................335
Upstream Networking Protection ...............................................................................................................................335
Downstream Networking Protection ..........................................................................................................................336
1.4.3 Configuring Layer 2 Interoperation Service Between Enterprise Branches (GPON) ...................................................336
Configuring Layer 2 Interoperation Service Between Enterprise Branches (GPON) .......................................................336
1.4.3.1 Service Requirement and Application Scenario ...........................................................................................................337
Service Requirement and Application Scenario ..................................................................................................................337
Service Requirement ....................................................................................................................................................337
Application Scenario ....................................................................................................................................................338
1.4.3.2 Configuration Process ....................................................................................................................................................339
Configuration Process............................................................................................................................................................339
1.4.3.3 Adding ONUs to OLT .......................................................................................................................................................339
Adding ONUs to OLT ..............................................................................................................................................................339

2024-09-17 12
MA5800 Product Documentation

Context ..........................................................................................................................................................................339
Data Planning ................................................................................................................................................................340
Procedure ......................................................................................................................................................................340
Follow-up Procedure....................................................................................................................................................342
1.4.3.4 Configuring Management Service Ports on OLT and ONUs .........................................................................................343
Configuring Management Service Ports on OLT and ONUs ................................................................................................343
Data Plan .......................................................................................................................................................................343
Procedure ......................................................................................................................................................................343
1.4.3.5 Configuring Layer 2 Interoperation Service Ports on OLT ..........................................................................................344
Configuring Layer 2 Interoperation Service Ports on OLT .................................................................................................344
Prerequisites .................................................................................................................................................................344
Data Plan .......................................................................................................................................................................344
Procedure ......................................................................................................................................................................345
1.4.3.6 Configuring Ethernet Access Service Ports on ONUs ...................................................................................................346
Configuring Ethernet Access Service Ports on ONUs ..........................................................................................................346
Data Planning ................................................................................................................................................................346
Procedure ......................................................................................................................................................................346
1.4.3.7 Configuring Congestion Control and Security Policies ................................................................................................347
Configuring Congestion Control and Security Policies ........................................................................................................347
Context ..........................................................................................................................................................................347
Procedure ......................................................................................................................................................................347
1.4.3.8 Configuring E2E Reliability ............................................................................................................................................348
Configuring E2E Reliability ...................................................................................................................................................348
Context ..........................................................................................................................................................................349
Procedure ......................................................................................................................................................................349
1.4.3.9 Verifying Services ...........................................................................................................................................................352
Verifying Services ..................................................................................................................................................................352
Prerequisites .................................................................................................................................................................352
Procedure ......................................................................................................................................................................352
1.4.4 Configuring Enterprise DDN Private Line Access Service (GPON) ................................................................................355
Configuring Enterprise DDN Private Line Access Service (GPON) .....................................................................................355
1.4.4.1 Service Requirement and Application Scenario ...........................................................................................................356
Service Requirement and Application Scenario ..................................................................................................................356
Service Requirement ....................................................................................................................................................356
Application Scenario ....................................................................................................................................................356
1.4.4.2 Configuration Process ....................................................................................................................................................356
Configuration Process............................................................................................................................................................356
1.4.4.3 Adding ONUs to OLT .......................................................................................................................................................357
Adding ONUs to OLT ..............................................................................................................................................................357
Context ..........................................................................................................................................................................357
Data Plan .......................................................................................................................................................................357
Procedure ......................................................................................................................................................................358
Follow-up Procedure....................................................................................................................................................359
1.4.4.4 Configuring Management Service Ports on OLT and ONUs .........................................................................................359

2024-09-17 13
MA5800 Product Documentation

Configuring Management Service Ports on OLT and ONUs ................................................................................................359


Data Plan .......................................................................................................................................................................360
Procedure ......................................................................................................................................................................360
1.4.4.5 Configuring TDM Connections .......................................................................................................................................361
Configuring TDM Connections ..............................................................................................................................................361
Context ..........................................................................................................................................................................361
Data Plan .......................................................................................................................................................................361
Procedure ......................................................................................................................................................................361
1.4.4.6 Configuring Clock Synchronization ...............................................................................................................................361
Configuring Clock Synchronization ......................................................................................................................................361
Prerequisites .................................................................................................................................................................361
Context ..........................................................................................................................................................................361
Procedure ......................................................................................................................................................................361
1.4.4.7 Verifying Services ...........................................................................................................................................................363
Verifying Services ..................................................................................................................................................................363
Prerequisites .................................................................................................................................................................363
Networking ...................................................................................................................................................................363
Procedure ......................................................................................................................................................................364
Follow-up Procedure....................................................................................................................................................364
1.4.5 Configuring Enterprise IP PBX Private Line Access Service (GPON) .............................................................................365
Configuring Enterprise IP PBX Private Line Access Service (GPON) .................................................................................365
1.4.5.1 Service Requirement and Application Scenario ...........................................................................................................366
Service Requirement and Application Scenario ..................................................................................................................366
Service Requirement ....................................................................................................................................................366
Application Scenario ....................................................................................................................................................366
1.4.5.2 Configuration Process ....................................................................................................................................................366
Configuration Process............................................................................................................................................................366
1.4.5.3 Adding ONUs to OLT .......................................................................................................................................................367
Adding ONUs to OLT ..............................................................................................................................................................367
Context ..........................................................................................................................................................................367
Data Planning ................................................................................................................................................................367
Procedure ......................................................................................................................................................................368
Follow-up Procedure....................................................................................................................................................369
1.4.5.4 Configuring Management Service Ports on OLT and ONUs .........................................................................................369
Configuring Management Service Ports on OLT and ONUs ................................................................................................369
Data Plan .......................................................................................................................................................................369
Procedure ......................................................................................................................................................................370
1.4.5.5 Configuring OLT QinQ Service Ports .............................................................................................................................370
Configuring OLT QinQ Service Ports.....................................................................................................................................370
Data Plan .......................................................................................................................................................................371
Procedure ......................................................................................................................................................................371
1.4.5.6 Configuring Ethernet Access Service Ports on ONUs ...................................................................................................372
Configuring Ethernet Access Service Ports on ONUs ..........................................................................................................372
Data Planning ................................................................................................................................................................372

2024-09-17 14
MA5800 Product Documentation

Procedure ......................................................................................................................................................................372
1.4.5.7 Configuring Congestion Control and Security Policies ................................................................................................373
Configuring Congestion Control and Security Policies ........................................................................................................373
Context ..........................................................................................................................................................................373
Procedure ......................................................................................................................................................................373
1.4.5.8 Configuring E2E Reliability ............................................................................................................................................375
Configuring E2E Reliability ...................................................................................................................................................375
Context ..........................................................................................................................................................................375
Procedure ......................................................................................................................................................................375
1.4.5.9 Verifying Services ...........................................................................................................................................................378
Verifying Services ..................................................................................................................................................................378
Prerequisites .................................................................................................................................................................378
Procedure ......................................................................................................................................................................378
1.4.6 Configuring Enterprise PRA PBX Private Line Access Service (GPON) .........................................................................379
Configuring Enterprise PRA PBX Private Line Access Service (GPON)..............................................................................379
1.4.6.1 Service Requirement and Application Scenario ...........................................................................................................380
Service Requirement and Application Scenario ..................................................................................................................380
Service Requirement ....................................................................................................................................................380
Application Scenario ....................................................................................................................................................380
1.4.6.2 Configuration Process ....................................................................................................................................................381
Configuration Process............................................................................................................................................................381
1.4.6.3 Adding ONUs to OLT .......................................................................................................................................................381
Adding ONUs to OLT ..............................................................................................................................................................381
Context ..........................................................................................................................................................................382
Data Planning ................................................................................................................................................................382
Procedure ......................................................................................................................................................................382
Follow-up Procedure....................................................................................................................................................383
1.4.6.4 Configuring Management Service Ports on OLT and ONUs .........................................................................................384
Configuring Management Service Ports on OLT and ONUs ................................................................................................384
Data Plan .......................................................................................................................................................................384
Procedure ......................................................................................................................................................................384
1.4.6.5 Configuring Service Ports for Voice Transparent Transmission.................................................................................385
Configuring Service Ports for Voice Transparent Transmission ........................................................................................385
Data Plan .......................................................................................................................................................................385
Procedure ......................................................................................................................................................................385
1.4.6.6 Configuring VoIP PRA Access ........................................................................................................................................386
Configuring VoIP PRA Access ................................................................................................................................................386
Prerequisites .................................................................................................................................................................386
Context ..........................................................................................................................................................................386
Data Plan .......................................................................................................................................................................386
Procedure ......................................................................................................................................................................387
1.4.6.7 Configuring Congestion Control and Security Policies ................................................................................................389
Configuring Congestion Control and Security Policies ........................................................................................................389
Context ..........................................................................................................................................................................389

2024-09-17 15
MA5800 Product Documentation

Procedure ......................................................................................................................................................................389
1.4.6.8 Configuring Network Protection ...................................................................................................................................390
Configuring Network Protection...........................................................................................................................................390
Context ..........................................................................................................................................................................391
Procedure ......................................................................................................................................................................391
1.4.6.9 Verifying Services ...........................................................................................................................................................394
Verifying Services ..................................................................................................................................................................394
Prerequisites .................................................................................................................................................................394
Procedure ......................................................................................................................................................................394
1.5 FTTO Configuration (SOHO and SME).................................................................................................................................395
FTTO Configuration (SOHO and SME) ..................................................................................................................................395
Context ..........................................................................................................................................................................395
1.5.1 Basic Concept .....................................................................................................................................................................396
Basic Concept .........................................................................................................................................................................396
Scenario .........................................................................................................................................................................396
User Side .......................................................................................................................................................................396
Access Side ....................................................................................................................................................................397
Network Side ................................................................................................................................................................397
1.5.2 Principles of Planning Data for FTTO Services (SOHO and SME) ..................................................................................398
Principles of Planning Data for FTTO Services (SOHO and SME) .......................................................................................398
1.5.2.1 Principles of Planing Device Management Data ...........................................................................................................398
Principles of Planing Device Management Data ..................................................................................................................398
Device Management Data Plan ....................................................................................................................................398
1.5.2.2 Principle of QoS Planning ...............................................................................................................................................399
Principle of QoS Planning ......................................................................................................................................................399
Traffic Classification, Marking, and Scheduling Policies............................................................................................399
Traffic Monitoring and DBA Policies ...........................................................................................................................400
1.5.2.3 Principle of Internet Access Service Data Plan .............................................................................................................401
Principle of Internet Access Service Data Plan ....................................................................................................................401
VLAN and VLAN Translation policy for Internet Access Service ..............................................................................401
VLAN and VLAN Translation policy for Wi-Fi Service ...............................................................................................402
1.5.2.4 Principles of Planning Voice Service Data ....................................................................................................................402
Principles of Planning Voice Service Data ............................................................................................................................402
VLAN and VLAN Translation Policy. ...........................................................................................................................402
VoIP Data Plan Based on H. 248 or SIP .......................................................................................................................403
1.5.2.5 Principle of IPTV Service Data Plan ...............................................................................................................................405
Principle of IPTV Service Data Plan ......................................................................................................................................405
VLAN and VLAN Translation Policy. ...........................................................................................................................405
1.5.2.6 Principle of Security Data Plan ......................................................................................................................................406
Principle of Security Data Plan..............................................................................................................................................406
System Security ............................................................................................................................................................407
User Security .................................................................................................................................................................407
Service Security ............................................................................................................................................................407
1.5.3 Bridging Networking(GPON) ............................................................................................................................................408

2024-09-17 16
MA5800 Product Documentation

Bridging Networking(GPON) ................................................................................................................................................408


1.5.3.1 Service Requirements and Usage Scenario ...................................................................................................................409
Service Requirements and Usage Scenario ..........................................................................................................................409
Service Requirements ..................................................................................................................................................409
Usage Scenario ..............................................................................................................................................................409
1.5.3.2 Configuration Procedure ................................................................................................................................................409
Configuration Procedure .......................................................................................................................................................409
1.5.3.3 Adding an ONU to an OLT ..............................................................................................................................................410
Adding an ONU to an OLT ......................................................................................................................................................410
Data Plan .......................................................................................................................................................................410
Procedure ......................................................................................................................................................................411
1.5.3.4 Configuring the Internet Access Service .......................................................................................................................414
Configuring the Internet Access Service ..............................................................................................................................414
Prerequisite ..................................................................................................................................................................414
Data Plan .......................................................................................................................................................................415
Procedure ......................................................................................................................................................................415
1.5.3.5 Configuring the BTV Service ..........................................................................................................................................416
Configuring the BTV Service .................................................................................................................................................416
Prerequisites .................................................................................................................................................................416
Data Plan .......................................................................................................................................................................416
Procedure ......................................................................................................................................................................417
1.5.3.6 Configuring the VoD Service ..........................................................................................................................................420
Configuring the VoD Service .................................................................................................................................................420
Prerequisites .................................................................................................................................................................420
Data Plan .......................................................................................................................................................................420
Procedure ......................................................................................................................................................................420
1.5.3.7 Configuring Link Aggregation, Congestion Control, and Security Policies .................................................................422
Configuring Link Aggregation, Congestion Control, and Security Policies ........................................................................422
Context ..........................................................................................................................................................................422
Procedure ......................................................................................................................................................................423
1.5.3.8 Verifying Services ...........................................................................................................................................................425
Verifying Services ..................................................................................................................................................................425
Prerequisites .................................................................................................................................................................426
Background ...................................................................................................................................................................426
Data plan .......................................................................................................................................................................426
Procedure ......................................................................................................................................................................426
1.5.4 Gateway Networking(GPON) ............................................................................................................................................429
Gateway Networking(GPON) ................................................................................................................................................429
Context ..........................................................................................................................................................................429
1.5.4.1 Service Requirements and Usage Scenario ...................................................................................................................431
Service Requirements and Usage Scenario ..........................................................................................................................431
Service Requirements ..................................................................................................................................................431
Usage Scenario ..............................................................................................................................................................431
1.5.4.2 Configuration Procedure ................................................................................................................................................432

2024-09-17 17
MA5800 Product Documentation

Configuration Procedure .......................................................................................................................................................432


1.5.4.3 Adding an ONU to an OLT ..............................................................................................................................................433
Adding an ONU to an OLT ......................................................................................................................................................433
Data Plan .......................................................................................................................................................................433
Procedure ......................................................................................................................................................................434
1.5.4.4 Configuring the Internet Access Service .......................................................................................................................437
Configuring the Internet Access Service ..............................................................................................................................437
Prerequisite ..................................................................................................................................................................437
Data Plan .......................................................................................................................................................................438
Procedure ......................................................................................................................................................................438
1.5.4.5 Configuring the Wi-Fi Service (Web Pages)..................................................................................................................441
Configuring the Wi-Fi Service (Web Pages) .........................................................................................................................441
Prerequisites .................................................................................................................................................................441
Data Plan .......................................................................................................................................................................441
Procedure ......................................................................................................................................................................442
Result.............................................................................................................................................................................445
1.5.4.6 Configuring Soft GRE Tunnel-based Wi-Fi Sharing (U2000) .......................................................................................446
Configuring Soft GRE Tunnel-based Wi-Fi Sharing (U2000) ..............................................................................................446
Prerequisites .................................................................................................................................................................446
Data Plan .......................................................................................................................................................................446
Procedure ......................................................................................................................................................................446
1.5.4.7 Configuring VLAN Tunnel-based Wi-Fi Sharing (U2000)............................................................................................451
Configuring VLAN Tunnel-based Wi-Fi Sharing (U2000) ...................................................................................................451
Data Plan .......................................................................................................................................................................451
Procedure ......................................................................................................................................................................452
1.5.4.8 Configuring the H.248-based Voice Service (on a Web Page) .....................................................................................456
Configuring the H.248-based Voice Service (on a Web Page) ............................................................................................456
Prerequisite ..................................................................................................................................................................456
Context ..........................................................................................................................................................................456
Procedure ......................................................................................................................................................................457
1.5.4.9 Configuring the H.248-based Voice Service (Through the CLI) ..................................................................................463
Configuring the H.248-based Voice Service (Through the CLI)..........................................................................................463
Prerequisite ..................................................................................................................................................................463
Context ..........................................................................................................................................................................463
Procedure ......................................................................................................................................................................464
1.5.4.10 Configuring the SIP-based Voice Service (on a Web Page) .......................................................................................468
Configuring the SIP-based Voice Service (on a Web Page) .................................................................................................468
Prerequisite ..................................................................................................................................................................468
Data Plan .......................................................................................................................................................................468
Procedure ......................................................................................................................................................................468
1.5.4.11 Configuring the SIP-based Voice Service (Through the CLI) .....................................................................................474
Configuring the SIP-based Voice Service (Through the CLI) ..............................................................................................474
Prerequisite ..................................................................................................................................................................474
Data Plan .......................................................................................................................................................................475

2024-09-17 18
MA5800 Product Documentation

Procedure ......................................................................................................................................................................475
1.5.4.12 Configuring the BTV Service ........................................................................................................................................480
Configuring the BTV Service .................................................................................................................................................480
Prerequisites .................................................................................................................................................................480
Data Plan .......................................................................................................................................................................480
Procedure ......................................................................................................................................................................480
1.5.4.13 Configuring the VoD Service ........................................................................................................................................483
Configuring the VoD Service .................................................................................................................................................483
Prerequisites .................................................................................................................................................................483
Data Plan .......................................................................................................................................................................483
Procedure ......................................................................................................................................................................483
1.5.4.14 Configuring L2TP Services ...........................................................................................................................................484
Configuring L2TP Services ....................................................................................................................................................484
Prerequisites .................................................................................................................................................................484
Context ..........................................................................................................................................................................485
Procedure ......................................................................................................................................................................485
1.5.4.15 Configuring Link Aggregation, Congestion Control, and Security Policies...............................................................488
Configuring Link Aggregation, Congestion Control, and Security Policies ........................................................................488
Context ..........................................................................................................................................................................488
Procedure ......................................................................................................................................................................488
1.5.4.16 Verifying Services .........................................................................................................................................................491
Verifying Services ..................................................................................................................................................................491
Prerequisites .................................................................................................................................................................491
Background ...................................................................................................................................................................491
Data plan .......................................................................................................................................................................492
Procedure ......................................................................................................................................................................492
1.5.5 Configuring Layer 2 Interoperation Service Between Enterprise Branches (GPON) ...................................................496
Configuring Layer 2 Interoperation Service Between Enterprise Branches (GPON) .......................................................496
1.5.5.1 Service Requirement and Application Scenario ...........................................................................................................497
Service Requirement and Application Scenario ..................................................................................................................497
Service Requirement ....................................................................................................................................................497
Application Scenario ....................................................................................................................................................497
1.5.5.2 Configuration Procedure ................................................................................................................................................498
Configuration Procedure .......................................................................................................................................................498
1.5.5.3 Adding ONUs to OLT .......................................................................................................................................................499
Adding ONUs to OLT ..............................................................................................................................................................499
Context ..........................................................................................................................................................................499
Data Planning ................................................................................................................................................................500
Procedure ......................................................................................................................................................................501
Follow-up Procedure....................................................................................................................................................503
1.5.5.4 Configuring Layer 2 Interoperation Service Ports on OLT ..........................................................................................503
Configuring Layer 2 Interoperation Service Ports on OLT .................................................................................................503
Prerequisites .................................................................................................................................................................503
Data Plan .......................................................................................................................................................................504

2024-09-17 19
MA5800 Product Documentation

Procedure ......................................................................................................................................................................504
1.5.5.5 Configuring Congestion Control and Security Policies ................................................................................................505
Configuring Congestion Control and Security Policies ........................................................................................................505
Context ..........................................................................................................................................................................505
Procedure ......................................................................................................................................................................505
1.5.5.6 Verifying Services ...........................................................................................................................................................506
Verifying Services ..................................................................................................................................................................506
Prerequisites .................................................................................................................................................................506
Procedure ......................................................................................................................................................................507
1.5.6 Configuring FTTO SOHO and SME Services (GE Optical Port) .......................................................................................509
Configuring FTTO SOHO and SME Services (GE Optical Port) ............................................................................................509
Usage Scenario ..............................................................................................................................................................509
Data Plan .......................................................................................................................................................................510
Procedure ......................................................................................................................................................................510
Result.............................................................................................................................................................................525
1.5.7 Configuring FTTO SOHO and SME Services (GE Electrical Port)....................................................................................526
Configuring FTTO SOHO and SME Services (GE Electrical Port) ........................................................................................526
Usage Scenario ..............................................................................................................................................................526
Data Plan .......................................................................................................................................................................526
Procedure ......................................................................................................................................................................527
Result.............................................................................................................................................................................539
1.6 FTTM Configuration (Base Station Access) ........................................................................................................................540
FTTM Configuration (Base Station Access)..........................................................................................................................540
1.6.1 Basic Concepts ...................................................................................................................................................................541
Basic Concepts........................................................................................................................................................................541
Network Diagram of Base Station Access Service ......................................................................................................541
User Side .......................................................................................................................................................................541
Network Side ................................................................................................................................................................542
1.6.2 Principle of Planning Data for Base Station Access Service............................................................................................542
Principle of Planning Data for Base Station Access Service ................................................................................................542
1.6.2.1 Principle of Equipment Management Data Plan...........................................................................................................543
Principle of Equipment Management Data Plan ..................................................................................................................543
Management VLAN Planning .......................................................................................................................................543
IP Address Planning .....................................................................................................................................................543
1.6.2.2 Principle of VLAN Data Plan ..........................................................................................................................................543
Principle of VLAN Data Plan ..................................................................................................................................................543
VLAN and VLAN Translation Policy ............................................................................................................................543
1.6.2.3 Principle of QoS Data Plan .............................................................................................................................................544
Principle of QoS Data Plan .....................................................................................................................................................544
E1 Base Station Access Service (in Native TDM Mode) / Symmetrical TDM PWE3 access for OLTs on both sides /
E1 access for the ONU and TDM PWE3 between the ONU and peer PE ...................................................................544
Ethernet Base Station Access Service (in QinQ VLAN Mode) / Small-cell base station access service ..................545
1.6.2.4 Principle of Clock Synchronization Data Plan ..............................................................................................................545
Principle of Clock Synchronization Data Plan ......................................................................................................................545

2024-09-17 20
MA5800 Product Documentation

Clock Synchronization Solution...................................................................................................................................546


Recommended Clock Synchronization Solutions for Different Base Station Access Scenarios..............................546
1.6.2.5 Principle of Security Data Plan ......................................................................................................................................547
Principle of Security Data Plan..............................................................................................................................................547
System Security ............................................................................................................................................................547
User Security .................................................................................................................................................................547
1.6.2.6 Principle of Reliability Data Plan ...................................................................................................................................548
Principle of Reliability Data Plan ..........................................................................................................................................548
Equipment Reliability ..................................................................................................................................................548
Upstream Networking Protection ...............................................................................................................................548
Downstream Networking Protection ..........................................................................................................................548
1.6.3 Configuring Base station access Clock Synchronization .................................................................................................549
Configuring Base station access Clock Synchronization .....................................................................................................549
1.6.3.1 Configuring BITS Clock Synchronization ......................................................................................................................550
Configuring BITS Clock Synchronization .............................................................................................................................550
Application Context ......................................................................................................................................................550
Prerequisite ..................................................................................................................................................................550
Data Plan .......................................................................................................................................................................550
Configuration Concept .................................................................................................................................................551
Procedure ......................................................................................................................................................................551
Result.............................................................................................................................................................................553
1.6.3.2 Configuring E1 Line Clock Synchronization .................................................................................................................553
Configuring E1 Line Clock Synchronization .........................................................................................................................553
Application Context ......................................................................................................................................................553
Prerequisite ..................................................................................................................................................................553
Data Plan .......................................................................................................................................................................554
Configuration Concept .................................................................................................................................................554
Procedure ......................................................................................................................................................................554
Result.............................................................................................................................................................................556
1.6.3.3 Configuring Ethernet Clock Synchronization ...............................................................................................................556
Configuring Ethernet Clock Synchronization.......................................................................................................................556
Application Context ......................................................................................................................................................556
Prerequisite ..................................................................................................................................................................556
Data Plan .......................................................................................................................................................................556
Configuration Concept .................................................................................................................................................557
Procedure ......................................................................................................................................................................557
Result.............................................................................................................................................................................559
1.6.3.4 Configuring "1PPS+ToD" Clock Synchronization .........................................................................................................559
Configuring "1PPS+ToD" Clock Synchronization ................................................................................................................559
Context ..........................................................................................................................................................................559
Application Context ......................................................................................................................................................559
Prerequisite ..................................................................................................................................................................560
Data Plan .......................................................................................................................................................................560
Configuration Concept .................................................................................................................................................560

2024-09-17 21
MA5800 Product Documentation

Procedure ......................................................................................................................................................................560
1.6.3.5 Configuring 1588v2 Clock Synchronization .................................................................................................................564
Configuring 1588v2 Clock Synchronization ........................................................................................................................564
Context ..........................................................................................................................................................................564
Application Context ......................................................................................................................................................564
Prerequisite ..................................................................................................................................................................564
Data Plan .......................................................................................................................................................................564
Configuration Concept .................................................................................................................................................565
Procedure ......................................................................................................................................................................565
Result.............................................................................................................................................................................569
1.6.4 Configuring E1 Base Station Access Service (in Native TDM Mode, GPON) ..................................................................569
Configuring E1 Base Station Access Service (in Native TDM Mode, GPON) ......................................................................569
1.6.4.1 Service Requirement and Application Scenario ...........................................................................................................570
Service Requirement and Application Scenario ..................................................................................................................570
Service Requirement ....................................................................................................................................................570
Application Scenario ....................................................................................................................................................570
1.6.4.2 Configuration Process ....................................................................................................................................................571
Configuration Process............................................................................................................................................................571
1.6.4.3 Adding ONUs to OLT .......................................................................................................................................................571
Adding ONUs to OLT ..............................................................................................................................................................571
Context ..........................................................................................................................................................................572
Data Plan .......................................................................................................................................................................572
Procedure ......................................................................................................................................................................572
Follow-up Procedure....................................................................................................................................................573
1.6.4.4 Configuring Management Service Ports on OLT and ONUs .........................................................................................574
Configuring Management Service Ports on OLT and ONUs ................................................................................................574
Data Plan .......................................................................................................................................................................574
Procedure ......................................................................................................................................................................574
1.6.4.5 Configuring TDM Connections .......................................................................................................................................575
Configuring TDM Connections ..............................................................................................................................................575
Prerequisites .................................................................................................................................................................575
Context ..........................................................................................................................................................................575
Data Plan .......................................................................................................................................................................575
Procedure ......................................................................................................................................................................575
1.6.4.6 Configuring Clock Synchronization ...............................................................................................................................575
Configuring Clock Synchronization ......................................................................................................................................575
Prerequisites .................................................................................................................................................................575
Context ..........................................................................................................................................................................576
Procedure ......................................................................................................................................................................576
1.6.4.7 Configuring Congestion Control and Security Policies ................................................................................................578
Configuring Congestion Control and Security Policies ........................................................................................................578
Context ..........................................................................................................................................................................578
Procedure ......................................................................................................................................................................578
1.6.4.8 Configuring Network Protection ...................................................................................................................................580

2024-09-17 22
MA5800 Product Documentation

Configuring Network Protection...........................................................................................................................................580


Context ..........................................................................................................................................................................580
Procedure ......................................................................................................................................................................580
1.6.4.9 Verifying Services ...........................................................................................................................................................581
Verifying Services ..................................................................................................................................................................581
Prerequisites .................................................................................................................................................................581
Networking ...................................................................................................................................................................581
Procedure ......................................................................................................................................................................581
Follow-up Procedure....................................................................................................................................................581
1.6.5 Configuring Ethernet Base Station Access Service (in QinQ VLAN Mode, GPON) ........................................................582
Configuring Ethernet Base Station Access Service (in QinQ VLAN Mode, GPON) .............................................................582
1.6.5.1 Service Requirements and Application Scenarios........................................................................................................583
Service Requirements and Application Scenarios ...............................................................................................................583
Service Requirements ..................................................................................................................................................583
Application Scenarios ...................................................................................................................................................584
1.6.5.2 Configuration Process ....................................................................................................................................................584
Configuration Process............................................................................................................................................................584
1.6.5.3 Adding ONUs to OLT .......................................................................................................................................................585
Adding ONUs to OLT ..............................................................................................................................................................585
Context ..........................................................................................................................................................................585
Data Planning ................................................................................................................................................................585
Procedure ......................................................................................................................................................................586
Follow-up Procedure....................................................................................................................................................587
1.6.5.4 Configuring Management Service Ports on OLT and ONUs .........................................................................................588
Configuring Management Service Ports on OLT and ONUs ................................................................................................588
Data Plan .......................................................................................................................................................................588
Procedure ......................................................................................................................................................................588
1.6.5.5 Configuring OLT QinQ VLANs and Service Ports ..........................................................................................................589
Configuring OLT QinQ VLANs and Service Ports .................................................................................................................589
Prerequisites .................................................................................................................................................................589
Context ..........................................................................................................................................................................589
Data Plan .......................................................................................................................................................................590
Procedure ......................................................................................................................................................................590
1.6.5.6 Configuring Ethernet Access Service Ports on ONUs ...................................................................................................591
Configuring Ethernet Access Service Ports on ONUs ..........................................................................................................591
Data Planning ................................................................................................................................................................591
Procedure ......................................................................................................................................................................592
1.6.5.7 Configuring Clock Synchronization ...............................................................................................................................592
Configuring Clock Synchronization ......................................................................................................................................592
Prerequisites .................................................................................................................................................................593
Context ..........................................................................................................................................................................593
Data Plan .......................................................................................................................................................................593
Procedure ......................................................................................................................................................................593
1.6.5.8 Configuring Congestion Control and Security Policies ................................................................................................594

2024-09-17 23
MA5800 Product Documentation

Configuring Congestion Control and Security Policies ........................................................................................................594


Context ..........................................................................................................................................................................594
Procedure ......................................................................................................................................................................595
1.6.5.9 Configuring Network Protection ...................................................................................................................................596
Configuring Network Protection...........................................................................................................................................596
Context ..........................................................................................................................................................................596
Procedure ......................................................................................................................................................................597
1.6.5.10 Verifying Services .........................................................................................................................................................600
Verifying Services ..................................................................................................................................................................600
Prerequisites .................................................................................................................................................................600
Procedure ......................................................................................................................................................................600
1.6.6 Configuring the Access Service of Ethernet Base Stations (Layer 3 GRE Mode, GPON) ...............................................600
Configuring the Access Service of Ethernet Base Stations (Layer 3 GRE Mode, GPON) ...................................................600
1.6.6.1 Service Requirements and Application Scenarios........................................................................................................601
Service Requirements and Application Scenarios ...............................................................................................................601
Service Requirements ..................................................................................................................................................601
Application Scenarios ...................................................................................................................................................601
1.6.6.2 Configuration Procedure ................................................................................................................................................602
Configuration Procedure .......................................................................................................................................................602
1.6.6.3 Adding an ONU to an OLT ..............................................................................................................................................602
Adding an ONU to an OLT ......................................................................................................................................................602
Context ..........................................................................................................................................................................603
Data Planning ................................................................................................................................................................603
Procedure ......................................................................................................................................................................603
Follow-up Procedure....................................................................................................................................................604
1.6.6.4 Configuring the VLAN and Service Flow .......................................................................................................................605
Configuring the VLAN and Service Flow ..............................................................................................................................605
Data Plan .......................................................................................................................................................................605
Procedure ......................................................................................................................................................................605
1.6.6.5 Configuring OSPF ............................................................................................................................................................606
Configuring OSPF ...................................................................................................................................................................606
Prerequisites .................................................................................................................................................................606
Data Planning ................................................................................................................................................................607
Procedure ......................................................................................................................................................................607
1.6.6.6 Configuring GRE Tunnels ...............................................................................................................................................608
Configuring GRE Tunnels ......................................................................................................................................................608
Prerequisites .................................................................................................................................................................608
Data Plan .......................................................................................................................................................................608
Procedure ......................................................................................................................................................................609
1.6.6.7 Configuring Network Protection ...................................................................................................................................610
Configuring Network Protection...........................................................................................................................................610
Context ..........................................................................................................................................................................610
Procedure ......................................................................................................................................................................610
1.6.6.8 Verifying Services ...........................................................................................................................................................611

2024-09-17 24
MA5800 Product Documentation

Verifying Services ..................................................................................................................................................................611


Prerequisites .................................................................................................................................................................611
Procedure ......................................................................................................................................................................611
1.6.7 Configuring the Access Service of Ethernet Base Stations (Layer 2 Non-GRE Mode, GPON) ......................................611
Configuring the Access Service of Ethernet Base Stations (Layer 2 Non-GRE Mode, GPON) ...........................................611
1.6.7.1 Service Requirements and Application Scenarios........................................................................................................612
Service Requirements and Application Scenarios ...............................................................................................................612
Service Requirements ..................................................................................................................................................612
Application Scenarios ...................................................................................................................................................612
1.6.7.2 Configuration Procedure ................................................................................................................................................613
Configuration Procedure .......................................................................................................................................................613
1.6.7.3 Adding an ONU to an OLT ..............................................................................................................................................613
Adding an ONU to an OLT ......................................................................................................................................................613
Context ..........................................................................................................................................................................613
Data Planning ................................................................................................................................................................613
Procedure ......................................................................................................................................................................614
Follow-up Procedure....................................................................................................................................................615
1.6.7.4 Configuring the VLAN and Service Flow .......................................................................................................................615
Configuring the VLAN and Service Flow ..............................................................................................................................615
Data Plan .......................................................................................................................................................................616
Procedure ......................................................................................................................................................................616
1.6.7.5 Configuring Network Protection ...................................................................................................................................617
Configuring Network Protection...........................................................................................................................................617
Context ..........................................................................................................................................................................617
Procedure ......................................................................................................................................................................617
1.6.7.6 Verifying Services ...........................................................................................................................................................618
Verifying Services ..................................................................................................................................................................618
Prerequisites .................................................................................................................................................................618
Procedure ......................................................................................................................................................................618
1.6.8 Configuring Symmetrical TDM PWE3 Access for OLTs on Both Sides (GPON).............................................................618
Configuring Symmetrical TDM PWE3 Access for OLTs on Both Sides (GPON) .................................................................618
1.6.8.1 Service Requirements and Application Scenario .........................................................................................................619
Service Requirements and Application Scenario .................................................................................................................619
Service Requirements ..................................................................................................................................................619
Application Scenario ....................................................................................................................................................619
1.6.8.2 Configuration Procedure ................................................................................................................................................620
Configuration Procedure .......................................................................................................................................................620
1.6.8.3 Adding ONUs to the OLT and Configuring the Management Service Port ..................................................................620
Adding ONUs to the OLT and Configuring the Management Service Port .........................................................................620
Context ..........................................................................................................................................................................621
Data Plan .......................................................................................................................................................................621
Procedure ......................................................................................................................................................................621
Follow-up Procedure....................................................................................................................................................623
1.6.8.4 Configuring the TDM Connection and TDM PW ...........................................................................................................624

2024-09-17 25
MA5800 Product Documentation

Configuring the TDM Connection and TDM PW ..................................................................................................................624


Prerequisites .................................................................................................................................................................624
Data Plan .......................................................................................................................................................................624
Procedure ......................................................................................................................................................................624
Follow-up Procedure....................................................................................................................................................626
1.6.8.5 Configuring Clock Synchronization ...............................................................................................................................626
Configuring Clock Synchronization ......................................................................................................................................626
Prerequisites .................................................................................................................................................................627
Data Plan .......................................................................................................................................................................627
Procedure ......................................................................................................................................................................627
1.6.8.6 Configuring Congestion Control and Security Policies ................................................................................................628
Configuring Congestion Control and Security Policies ........................................................................................................628
Context ..........................................................................................................................................................................628
Procedure ......................................................................................................................................................................628
1.6.8.7 Configuring Network Protection ...................................................................................................................................630
Configuring Network Protection...........................................................................................................................................630
Context ..........................................................................................................................................................................630
Procedure ......................................................................................................................................................................630
1.6.8.8 Verifying Services ...........................................................................................................................................................633
Verifying Services ..................................................................................................................................................................633
Prerequisites .................................................................................................................................................................633
Context ..........................................................................................................................................................................634
Procedure ......................................................................................................................................................................634
Follow-up Procedure....................................................................................................................................................634
1.6.9 Configuring E1 Access for the ONU and Creating TDM PWE3 Between the ONU and Peer PE (GPON) .....................635
Configuring E1 Access for the ONU and Creating TDM PWE3 Between the ONU and Peer PE (GPON) ..........................635
1.6.9.1 Service Requirements and Application Scenario .........................................................................................................636
Service Requirements and Application Scenario .................................................................................................................636
Service Requirements ..................................................................................................................................................636
Application Scenario ....................................................................................................................................................636
1.6.9.2 Service Requirement and Application Scenario ...........................................................................................................636
Service Requirement and Application Scenario ..................................................................................................................636
1.6.9.3 Adding ONUs to the OLT and Configuring the Management Service Port ..................................................................637
Adding ONUs to the OLT and Configuring the Management Service Port .........................................................................637
Context ..........................................................................................................................................................................637
Data Plan .......................................................................................................................................................................637
Procedure ......................................................................................................................................................................638
Follow-up Procedure....................................................................................................................................................640
1.6.9.4 Configuring the TDM VCL and CESoP Connection on the ONU ...................................................................................640
Configuring the TDM VCL and CESoP Connection on the ONU...........................................................................................640
Data Plan .......................................................................................................................................................................641
Procedure ......................................................................................................................................................................641
1.6.9.5 Configuring the Static LSP and PW on the CX600 ........................................................................................................642
Configuring the Static LSP and PW on the CX600................................................................................................................642

2024-09-17 26
MA5800 Product Documentation

Data Plan .......................................................................................................................................................................642


Procedure ......................................................................................................................................................................642
1.6.9.6 Configuring Clock Synchronization ...............................................................................................................................643
Configuring Clock Synchronization ......................................................................................................................................643
Prerequisites .................................................................................................................................................................643
Data Plan .......................................................................................................................................................................644
Procedure ......................................................................................................................................................................644
1.6.9.7 Verifying Services ...........................................................................................................................................................645
Verifying Services ..................................................................................................................................................................645
Prerequisites .................................................................................................................................................................645
Context ..........................................................................................................................................................................645
Procedure ......................................................................................................................................................................645
Follow-up Procedure....................................................................................................................................................646
1.6.10 Configuring Small-Cell Base Station Access Service (through GUI Pre-Deployment, GPON) ....................................647
Configuring Small-Cell Base Station Access Service (through GUI Pre-Deployment, GPON) ...........................................647
1.6.10.1 Service Requirements and Application Scenarios .....................................................................................................647
Service Requirements and Application Scenarios ...............................................................................................................647
Service Requirements ..................................................................................................................................................647
Application Scenarios ...................................................................................................................................................648
1.6.10.2 Configuration Procedure .............................................................................................................................................648
Configuration Procedure .......................................................................................................................................................648
1.6.10.3 Configuring the IP Address of the NMS Server and the IP Address Pool of the ONU (GPON Dock Scenario) .......648
Configuring the IP Address of the NMS Server and the IP Address Pool of the ONU (GPON Dock Scenario) .................648
Prerequisites .................................................................................................................................................................648
Data Plan .......................................................................................................................................................................649
Procedure ......................................................................................................................................................................649
1.6.10.4 Creating the Authentication-Free Policy and Associating It with the OLT (GPON Dock Scenario) ........................651
Creating the Authentication-Free Policy and Associating It with the OLT (GPON Dock Scenario) .................................651
Prerequisites .................................................................................................................................................................651
Context ..........................................................................................................................................................................651
Data Plan .......................................................................................................................................................................651
Procedure ......................................................................................................................................................................652
1.6.10.5 Configuring the Remote Software Commissioning Policy (GPON Dock Scenario) ..................................................654
Configuring the Remote Software Commissioning Policy (GPON Dock Scenario)............................................................654
Prerequisites .................................................................................................................................................................654
Context ..........................................................................................................................................................................654
Procedure ......................................................................................................................................................................654
1.6.10.6 Configuring the IP Address of the NMS Server (VDSL2 Dock Scenario) ..................................................................655
Configuring the IP Address of the NMS Server (VDSL2 Dock Scenario) ............................................................................655
Prerequisites .................................................................................................................................................................655
Context ..........................................................................................................................................................................655
Data Plan .......................................................................................................................................................................655
Procedure ......................................................................................................................................................................655
1.6.10.7 Creating the Authentication-Free Policy (VDSL2 Dock Scenario) ............................................................................656

2024-09-17 27
MA5800 Product Documentation

Creating the Authentication-Free Policy (VDSL2 Dock Scenario) ......................................................................................656


Prerequisites .................................................................................................................................................................656
Context ..........................................................................................................................................................................656
Data Plan .......................................................................................................................................................................657
Procedure ......................................................................................................................................................................657
1.6.10.8 Configuring the Remote Software Commissioning Policy (VDSL2 Dock Scenario) .................................................659
Configuring the Remote Software Commissioning Policy (VDSL2 Dock Scenario) ..........................................................659
Prerequisites .................................................................................................................................................................659
Context ..........................................................................................................................................................................659
Procedure ......................................................................................................................................................................659
Example .........................................................................................................................................................................660
1.6.10.9 Configuring the VDSL2 Bonding Group on the DSLAM (VDSL2 Dock Scenario) .....................................................660
Configuring the VDSL2 Bonding Group on the DSLAM (VDSL2 Dock Scenario) ...............................................................660
Prerequisites .................................................................................................................................................................660
Data Plan .......................................................................................................................................................................660
Procedure ......................................................................................................................................................................661
Follow-up Procedure....................................................................................................................................................661
1.6.10.10 Adding the P2P Pre-Deployment Policy (VDSL2 Dock Scenario) ...........................................................................661
Adding the P2P Pre-Deployment Policy (VDSL2 Dock Scenario) .......................................................................................661
Data Plan .......................................................................................................................................................................661
Procedure ......................................................................................................................................................................662
Result.............................................................................................................................................................................662
1.6.10.11 Configuring Clock Synchronization...........................................................................................................................663
Configuring Clock Synchronization ......................................................................................................................................663
Prerequisites .................................................................................................................................................................663
Context ..........................................................................................................................................................................663
Data Plan .......................................................................................................................................................................663
Procedure ......................................................................................................................................................................663
1.6.10.12 Verifying Services .......................................................................................................................................................665
Verifying Services ..................................................................................................................................................................665
Prerequisites .................................................................................................................................................................665
Procedure ......................................................................................................................................................................665
1.7 IPv6 Configuration................................................................................................................................................................665
IPv6 Configuration .................................................................................................................................................................665
1.7.1 IPv6 Networking ................................................................................................................................................................666
IPv6 Networking ....................................................................................................................................................................666
1.7.2 Configuration Difference Between IPv6 and IPv4 ...........................................................................................................667
Configuration Difference Between IPv6 and IPv4 ...............................................................................................................667
1.7.2.1 Configuration Differences Between IPv6 and IPv4 on the OLT ..................................................................................668
Configuration Differences Between IPv6 and IPv4 on the OLT ..........................................................................................668
Configuration Difference in Each Scenario .................................................................................................................668
ACL.................................................................................................................................................................................668
Security Feature ...........................................................................................................................................................669
IPTV Multicast Service .................................................................................................................................................670

2024-09-17 28
MA5800 Product Documentation

1.7.2.2 Configuration Differences Between IPv6 and IPv4 on the ONU..................................................................................672


Configuration Differences Between IPv6 and IPv4 on the ONU .........................................................................................672
Configuration Difference in Each Scenario .................................................................................................................672
ACL.................................................................................................................................................................................672
Security .........................................................................................................................................................................673
IPTV Multicast Service .................................................................................................................................................674
1.7.2.3 Configuration Difference Between IPv6 and IPv4 on the ONT....................................................................................676
Configuration Difference Between IPv6 and IPv4 on the ONT ...........................................................................................676
Configuring the IPv6 WAN Port on the Gateway ONT ...............................................................................................676
Configuring the IPv6 Address of the LAN Side on the Gateway ONT .......................................................................677
Configuring the Static IPv6 Route on the Gateway ONT ............................................................................................677
1.7.3 Configuring IPv6 Services in the FTTB/C (No HGWs) Scenario .....................................................................................677
Configuring IPv6 Services in the FTTB/C (No HGWs) Scenario .........................................................................................677
1.7.3.1 Application Scenarios .....................................................................................................................................................678
Application Scenarios ............................................................................................................................................................678
1.7.3.2 Data Planning ..................................................................................................................................................................678
Data Planning .........................................................................................................................................................................678
Security Planning ..........................................................................................................................................................678
Device Management Data Planning.............................................................................................................................679
QoS Planning .................................................................................................................................................................679
Internet Service Planning ............................................................................................................................................680
Voice Service Data Planning ........................................................................................................................................680
1.7.3.3 Configuration Procedure ................................................................................................................................................680
Configuration Procedure .......................................................................................................................................................680
FTTB (No HGW, LAN Access) Configuration Procedure ............................................................................................680
FTTB/C (No HGW, xDSL Access) Configuration Procedure ......................................................................................681
1.7.3.4 Configuration Example ...................................................................................................................................................682
Configuration Example ..........................................................................................................................................................682
Key Messages for Configuration ..................................................................................................................................682
Data plan on the OLT side ............................................................................................................................................682
Data plan of the ONU side ............................................................................................................................................684
Procedure ......................................................................................................................................................................686
1.7.4 Configuring IPv6 Services in the FTTB+HGW Scenario ..................................................................................................690
Configuring IPv6 Services in the FTTB+HGW Scenario ......................................................................................................690
1.7.4.1 Application Scenario.......................................................................................................................................................690
Application Scenario ..............................................................................................................................................................690
FTTB+HGW Application Scenario ...............................................................................................................................690
1.7.4.2 Data Planning ..................................................................................................................................................................691
Data Planning .........................................................................................................................................................................691
Security Planning ..........................................................................................................................................................691
Device Management Data Planning.............................................................................................................................692
QoS Planning .................................................................................................................................................................693
Internet Service Planning ............................................................................................................................................693
Voice Service Data Planning ........................................................................................................................................693

2024-09-17 29
MA5800 Product Documentation

IPTV Service Data Planning .........................................................................................................................................694


1.7.4.3 Configuration Procedure ................................................................................................................................................694
Configuration Procedure .......................................................................................................................................................694
FTTB+HGW (ONU Provides the Voice Service) Configuration Procedure ...............................................................694
FTTB+HGW (HGW provides the voice service) Configuration Procedure ...............................................................695
1.7.4.4 Configuration Example ...................................................................................................................................................696
Configuration Example ..........................................................................................................................................................696
Key Messages for Configuration ..................................................................................................................................696
Data plan on the OLT side ............................................................................................................................................697
Data plan of the ONU side ............................................................................................................................................699
Procedure ......................................................................................................................................................................701
1.7.5 Configuring IPv6 Services in the FTTH (Bridging ONT) Scenario ..................................................................................707
Configuring IPv6 Services in the FTTH (Bridging ONT) Scenario ......................................................................................707
1.7.5.1 Application Scenarios .....................................................................................................................................................707
Application Scenarios ............................................................................................................................................................707
FTTH (Bridging ONT) Application Scenario ...............................................................................................................707
1.7.5.2 Data Planning ..................................................................................................................................................................708
Data Planning .........................................................................................................................................................................708
Security Planning ..........................................................................................................................................................708
Device Management Data Planning.............................................................................................................................709
QoS Planning .................................................................................................................................................................709
Internet Service Planning ............................................................................................................................................710
Voice Service Data Planning ........................................................................................................................................710
IPTV Service Data Planning .........................................................................................................................................710
1.7.5.3 Configuration Procedure ................................................................................................................................................710
Configuration Procedure .......................................................................................................................................................710
FTTH (Bridging ONT) Configuration Procedure ........................................................................................................710
1.7.5.4 Configuration Example ...................................................................................................................................................711
Configuration Example ..........................................................................................................................................................711
Key Messages for Configuration ..................................................................................................................................711
Data plan on the OLT side ............................................................................................................................................712
Procedure ......................................................................................................................................................................714
1.7.6 Configuring IPv6 Services in the FTTH (Gateway ONT) Scenario..................................................................................726
Configuring IPv6 Services in the FTTH (Gateway ONT) Scenario ......................................................................................726
1.7.6.1 Application Scenarios .....................................................................................................................................................726
Application Scenarios ............................................................................................................................................................726
FTTH (Gateway ONT) Application Scenarios .............................................................................................................726
1.7.6.2 Data Plan .........................................................................................................................................................................727
Data Plan .................................................................................................................................................................................727
Security Planning ..........................................................................................................................................................727
Device Management Data Planning.............................................................................................................................728
QoS Planning .................................................................................................................................................................729
Internet Service Planning ............................................................................................................................................729
Voice Service Data Planning ........................................................................................................................................729

2024-09-17 30
MA5800 Product Documentation

IPTV Service Data Planning .........................................................................................................................................729


1.7.6.3 Configuration Procedure ................................................................................................................................................730
Configuration Procedure .......................................................................................................................................................730
FTTH (Gateway ONT) Configuration Procedure ........................................................................................................730
1.7.6.4 Configuration Example ...................................................................................................................................................730
Configuration Example ..........................................................................................................................................................730
Key Messages for Configuration ..................................................................................................................................731
Data plan on the OLT side ............................................................................................................................................731
Procedure ......................................................................................................................................................................734

2024-09-17 31
MA5800 Product Documentation

1 Configuration
Configuration

To help customers better understand and complete the configurations, the Configure Guide focuses on services and
provides examples for configuring common services, typical services and FTTx networking. Among which,

 Regarding configurations of common services, this document provides the detailed service-specific
configuration scheme, clearly describes configurations of functions related to the services, and furthermore
provides examples of configuring the related functions.

 Regarding configurations of typical services, this document provides detailed information about the data and
procedures to help customers complete the configurations step by step based on different application
scenarios.

 Regarding configurations of "OLT+ONU" networking, this document provides end to end configurations for
different major scenarios and applications.

The procedures and data in the configuration examples are designed for easy understanding and reading, which cannot be used
as templates. Before the service configuration, the configurations must be designed according to the actual system settings and
service requirements.

Basic Configurations

Basic configurations mainly include certain common configurations, public configurations, and pre-configurations in
service configurations. There is no obvious logical relation between basic configurations. You can perform basic
configurations according to actual requirements.

FTTH Configuration

This section describes the configurations of Internet access, voice, broadband TV (BTV), and VoD services in fiber to the
home (FTTH) networking scenarios.

FTTB and FTTC Configuration

The FTTB and FTTC solution configuration guide describes how to configure typical FTTB/C services (such as high-speed
Internet access, multicast, and VoIP) on the OLT and the ONU step by step through examples.

FTTO Configuration (Large-sized Enterprise Access)

Large-sized enterprises generally adopt private line access service. Compared with individual services, this service
features various access methods, large number of access users, high security requirement, and cross-region deployment.

FTTO Configuration (SOHO and SME)

This chapter describes the configurations of the following services for small office and home office (SOHO) users and
small- and medium-sized enterprises (SMEs) in fiber to the office (FTTO) scenarios: services of Internet access through
cables, services of Internet access through wireless fidelity (Wi-Fi), VoIP services, fax services, point of sale (POS)
sdadianhua services, multicast services, and private line services.

2024-09-17 32
MA5800 Product Documentation

FTTM Configuration (Base Station Access)

On an FTTM (base station access) network, 2G or 3G/4G base stations are connected to ONUs that serve as cell backhaul
units (CBUs) in multiple modes. Then the ONUs transmit 2G or 3G services to OLTs and then to the upper-layer network.
After being transmitted over the upper-layer network, the services access the basic station controller (BSC) or radio
network controller (RNC). In this manner, 2G or 3G/4G services are carried on the base station access network.

IPv6 Configuration

1.1 Basic Configurations


Basic Configurations

Basic configurations mainly include certain common configurations, public configurations, and pre-configurations
in service configurations. There is no obvious logical relation between basic configurations. You can perform basic
configurations according to actual requirements.
Configuring Alarms

Alarm management includes the following functions: alarm record, and alarm setting, . These functions help you to
maintain the device and ensure that the device works efficiently.

Adding Port Description

After the description of a physical port on the board is added, the description facilitates information query in system
maintenance.

Configuring the Attributes of an Upstream Ethernet Port

This topic describes how to configure the attributes of a specified Ethernet port so that the system communicates with the
upstream device in the normal state.

1.1.1 Configuring Alarms


Configuring Alarms

Alarm management includes the following functions: alarm record, and alarm setting, . These functions help you to
maintain the device and ensure that the device works efficiently.

Context

An alarm refers to the notification of the system after a fault is detected. After an alarm is generated, the system
broadcasts the alarm to the terminals, mainly including the NMS and command line interface (CLI) terminals.
Alarms are classified into fault alarm and recovery alarm. After a fault alarm is generated at a certain time, the fault
alarm lasts till the fault is rectified to clear the alarm.
You can modify the alarm settings according to your requirements. The settings are alarm severity, alarm output
mode through the CLI.

2024-09-17 33
MA5800 Product Documentation

When managing alarms on the GUI through the NMS, you can set filtering criteria to mask unimportant alarms and
events. Such filtering function facilitates the focus of the important alarms and eliminates the load of the NMS.

Procedure

 Clear alarms.
You can run the alarm active clear command to clear the alarms that are not recovered in the system.

 When an active alarm lasts a long time, you can run this command to clear the alarm.

 Before clearing an alarm, you can run the display alarm active command to query the currently active
alarms.

 Configure alarm level.


Run the alarm alarmlevel command to configure the alarm level.

 Alarm levels are critical, major, minor, and warning.

 Parameter default indicates restoring the alarm level to the default setting.

 You can run the display alarm list command to query the alarm level.

 The system specifies the default (also recommended) alarm level for each alarm. Use the default alarm
level unless otherwise required.

 Configure alarm jitter-proof.


Run the alarm jitter-proof command to configure the alarm jitter-proof function and the jitter-proof period.

 To prevent a fault alarm and its recovery alarm from being displayed frequently, you can enable the
alarm jitter-proof function to filter alarms in the system.

 After the alarm jitter-proof function is enabled, the alarm in the system is not reported to the NMS
immediately but is reported to the NMS after an alarm jitter-proof period.

 If an alarm is recovered in an alarm jitter-proof period, the alarm is not reported to the NMS.

 You can run the display alarm jitter-proof command to check whether the alarm jitter-proof function is
enabled and whether the alarm jitter-proof period is set.

 By default, the alarm jitter-proof function is disabled. You can determine whether to enable the function
according to the running of the device.

 Set or shield the output of alarms.


Run the (undo) alarm output command to set or shield the output of alarms to the CLI terminal.

 Setting the output mode of alarms does not affect the generating of alarms. The alarms generated by the
system are still recorded. You can run the display alarm history command to query the alarms that are
shielded.

 When the new output mode of an alarm conflicts with the previous mode, the new output mode takes
effect.

2024-09-17 34
MA5800 Product Documentation

 The output mode of the recovery alarm is the same as the output mode of the fault alarm. When the
output mode of the fault alarm is set, the system automatically synchronizes the output mode of its
recovery alarm. The reverse is also applicable.

 Filter alarms reporting to NMS.


Run the trap filter alarm condition command to filter alarms that the device reports to the NMS through
traps.
The filtering criteria can be alarm ID, alarm severity, alarm type, subrack ID, subrack ID/slot ID, subrack
ID/slot ID/port ID, VLAN interface, and NE.
To reduce alarms and avoid alarm storms, the system does not send alarms of some ONTs to the NMS. To
query the filtering criteria of alarms and events in the system, run the display trap filter command.

 Query alarm configuration.


Run the display alarm configuration command to query the alarm configuration according to the alarm ID.
The alarm configuration that you can query includes the alarm ID, alarm name, alarm class, alarm type, alarm
level, default alarm level, number of parameters, CLI output flag, conversion flag, and detailed alarm
description.

 (Optional) Configure alarm policy for ONT.


In FTTH scenarios, you can configure the ONT alarm policy profile to configure alarms for different service
policies.

1. Create an ONT alarm policy profile.


Run the ont-alarm-policy command to create an ONT alarm policy profile.
The system supports a maximum number of 16 alarm policy profiles. The default alarm policy profile is
profile 0.
It is recommended that you configure different alarm policies for VIP and common users.
2. Configure attributes of the ONT alarm policy profile.
Run the alarm filter command to configure the control function of each alarm of the profile.
Run the commit command to save the configuration.
Run the display ont-alarm-policy command to query attributes of the ONT alarm policy profile.
3. Bind the ONT to the ONT alarm policy profile.
Run the ont alarm-policy command to bind the ONT to the ONT alarm policy profile so that the PON
board can control whether to send the ONT alarm information.
During ONT adding or confirmation, the system binds the ONT to the default ONT alarm policy profile
0.

Example

Assume the following configurations: The output of all alarms at level warning is shielded to the CLI terminal, the
alarm jitter-proof function is enabled, the alarm jitter-proof period is set to 15s, the level of alarms with IDs
0x0a310021 and 0x2e314021 are modified to critical, do as follows:

huawei(config)#undo alarm output alarmlevel warning


huawei(config)#alarm jitter-proof on

2024-09-17 35
MA5800 Product Documentation

huawei(config)#alarm jitter-proof 15
huawei(config)#alarm alarmlevel 0x0a310021 critical
huawei(config)#alarm alarmlevel 0x2e314021 critical

To create ONT alarm policy profile 10, filter the following alarms, and bind this profile to GPON ONT 1 connected
to port 0/2/0, do as follows:

 0x2e112003 (The signal degrade of ONTi (SDi) occurs)

 0x2e112004 (The signal fail of ONTi (SFi) occurs)

 0x2e112006 (The loss of frame of ONTi (LOFi) occurs)

 0x2e313015 (The hardware of the ONT is faulty)

 0x2e313016 (The ONT switches to the standby battery)

 0x2e313017 (The standby battery of the ONT is lost)

 0x2e313018 (The standby battery of the ONT cannot be charged)

 0x2e313019 (The voltage of the standby battery of the ONT is too low)

 0x2e31301a (The shell of the ONT is opened)

 0x2e313024 (The loss of signals occurs on the Ethernet port of the ONT)

 0x2e313025 (No signal is received in the video UNI of the ONT)

 0x2e31302a (The T1 port loss of signal (LOS) occurs at the ONT)

huawei(config)#ont-alarm-policy policy-id 10
huawei(config-ont-alarm-policy-10)#alarm filter 0x2e112003
huawei(config-ont-alarm-policy-10)#alarm filter 0x2e112004
huawei(config-ont-alarm-policy-10)#alarm filter 0x2e112006
huawei(config-ont-alarm-policy-10)#alarm filter 0x2e313015
huawei(config-ont-alarm-policy-10)#alarm filter 0x2e313016
huawei(config-ont-alarm-policy-10)#alarm filter 0x2e313017
huawei(config-ont-alarm-policy-10)#alarm filter 0x2e313018
huawei(config-ont-alarm-policy-10)#alarm filter 0x2e313019
huawei(config-ont-alarm-policy-10)#alarm filter 0x2e31301a
huawei(config-ont-alarm-policy-10)#alarm filter 0x2e313024
huawei(config-ont-alarm-policy-10)#alarm filter 0x2e313025
huawei(config-ont-alarm-policy-10)#alarm filter 0x2e31302a
huawei(config-ont-alarm-policy-10)#commit
huawei(config-ont-alarm-policy-10)#quit
huawei(config)#interface gpon 0/2
huawei(config-if-gpon-0/1)#ont alarm-policy 0 1 policy-id 10

1.1.2 Adding Port Description


Adding Port Description

2024-09-17 36
MA5800 Product Documentation

After the description of a physical port on the board is added, the description facilitates information query in
system maintenance.

Prerequisites
A board must be added to the system.

Procedure

1. In the global config mode, run the port desc command to add port description.
Port description is a character string, used to identify a port on a board in a slot of a subrack.

2. Run the display port desc command to query port description.

Example

Plan the format of user port description as "community ID-building ID-floor ID/subrack ID-slot ID-port ID".
"Community ID-building ID-floor ID" indicates the physical location where the user terminal is deployed, and
subrack ID-slot ID-port ID" indicates the physical port on the local device that is connected to the user terminal.
This plan can present the user terminal location and the connection between the user terminal and the device,
which facilitates query in maintenance. Assume that the user terminal that is connected to port 0/1/0 of the
MA5800 is deployed in floor 1, building 01 of community A. To add port description according to the plan, do as
follows:

huawei(config)#port desc 0/1/0 description A-01-01/0-1-0


huawei(config)#display port desc 0/1/0
{ <cr>||<K> }:

Command:
display port desc 0/1/0
------------------------------------------------------------
F/ S/ P IMA Group Port Description
------------------------------------------------------------
0/ 1/ 0 - A-01-01/0-1-0
------------------------------------------------------------

1.1.3 Configuring the Attributes of an Upstream Ethernet Port


Configuring the Attributes of an Upstream Ethernet Port

This topic describes how to configure the attributes of a specified Ethernet port so that the system communicates
with the upstream device in the normal state.

Prerequisites
The upstream interface board must be in position and must work in the normal state.

2024-09-17 37
MA5800 Product Documentation

Context

The MA5800 should be interconnected with the upstream device through the Ethernet port. Therefore, pay
attention to the consistency of port attributes.

Default Configuration

Table 1 lists the default settings of the attributes of an Ethernet port.


Table 1 Default settings of the attributes of an Ethernet port

Parameter Auto- Port rate Duplex Network Flow


negotiation mode cable control
mode of the adaptation
port mode

Default Enabled GE optical port: 1000 Mbit/s Full- Not supported Disabled
Setting duplex,
(Optical Port) 10GE optical port: 10000 Mbit/s read only
NOTE:

By default, the device uses 10GE for upstream


transmission. You can set the upstream port by
running speed command. To avoid
communication failures, the rate of the
upstream port must be the same as that of the
port on the interconnected device.

Procedure

 Configure the physical attributes of an Ethernet port.

1. (Optional) Set the auto-negotiation mode of the Ethernet port.


Run the auto-neg command to set the auto-negotiation mode of the Ethernet port. You can enable or
disable the auto-negotiation mode:

 After the auto-negotiation mode is enabled, the port automatically negotiates with the peer port
for the rate and working mode of the Ethernet port.

 After the auto-negotiation mode is disabled, the rate and working mode of the port are in the
forced mode (adopt default values or are set through command lines).

The mode (auto-negotiation mode or forced mode) of the OLT port must be consistent with that of the
interworking port. Otherwise, the communication fails.

2. (Optional) Set the rate of the Ethernet port.


Run the speed command to set the rate of the Ethernet port. After the port rate is set successfully, the
port works at the set rate. Pay attention to the following points:

 Make sure that the rate of the Ethernet port is the same as that of the interconnected port on the
peer device. This prevents communication failure.

2024-09-17 38
MA5800 Product Documentation

 The auto-negotiation mode should be disabled.

3. (Optional) Set the duplex mode of the Ethernet port.


Run the duplex command to set the duplex mode of the Ethernet port. The duplex mode of an Ethernet
port can be full-duplex, half-duplex, or auto negotiation. Pay attention to the following points:

 Make sure that the ports of two interconnected devices work in the same duplex modes. This
prevents communication failure.

 The auto-negotiation mode should be disabled.

 The duplex mode of optical ports does not support configuration.

4. (Optional) Configure the network cable adaptation mode of the Ethernet port.
Run the mdi command to configure the network cable adaptation mode of the Ethernet port to match
the actual network cable. The network adaptation modes are as follows:

 normal: Specifies the adaptation mode of the network cable as straight-through cable. In this
case, the network cable connecting to the Ethernet port must be a straight-through cable.

 across: Specifies the adaptation mode of the network cable as crossover cable. In this case, the
network cable connecting to the Ethernet port must be a crossover cable.

 auto: Specifies the adaptation mode of the network cable as auto-sensing. The network cable can
be a straight-through cable or crossover cable.

Pay attention to the following points:

 The Ethernet optical port does not support the network cable adaptation mode.

 If the Ethernet electrical port works in forced mode (auto-negotiation mode disabled), the
network cable type of the port cannot be configured to auto.

 Configure flow control on the Ethernet port.


Run the flow-control command to enable flow control on the Ethernet port. When the flow of an Ethernet
port is heavy, run this command to control the flow to prevent network congestion, which may cause the loss
of data packets. Flow control should be supported on both the local and peer devices. Pay attention to the
following points:

 If the peer device does not support flow control, generally, enable flow control on the local device.

 If the peer device supports flow control, generally, disable flow control on the local device.

By default, flow control is disabled.

 Mirror the Ethernet port.


Run the mirror port command to mirror the Ethernet port. When the system is faulty, copy the traffic of a
certain port to the other port and output the traffic for traffic observation, network fault diagnosis, and data
analysis.

Based on industry experience, the mirroring feature may involve obtaining personal data of users and the content of
users' communications (the product does not save, parse, or process such information) for the purpose of safeguarding

2024-09-17 39
MA5800 Product Documentation

network operation and protecting services. Huawei alone is unable to collect or save the personal data of users and the
content of users' communications. It is suggested that you activate the interception-related functions based on the
applicable laws and regulations in terms of purpose and scope of usage. You are obligated to take considerable measures
to ensure that the personal data of users and the content of users' communications are fully protected when the personal
data and the content are being used and saved.

Example
Ethernet port 0/9/0 is an optical port. The attribute is as follows: The port rate is 10000 Mbit/s in duplex mode,
with supporting flow control, not supporting auto-negotiation function. Do as follows:

huawei(config)#interface mpu 0/9


huawei(config-if-mpu-0/9)#auto-neg 0 disable
huawei(config-if-mpu-0/9)#speed 0 10000
huawei(config-if-mpu-0/9)#duplex 0 full
huawei(config-if-mpu-0/9)#flow-control 0
huawei(config-if-mpu-0/9)#display port state 0
{ <cr>||<K> }:
Command:
display port state 0
Optics module status is normal
The port is active
Native VLAN ID is 1000
Ethernet port is online
Ethernet port is full duplex
Ethernet port rate is 10000M
Ethernet port supports flow control
Ethernet port does not support jumbo frame
Ethernet port MTU is 2052 bytes
Ethernet port network-role is uplink
Ethernet port loopback is no loop
Ethernet port tx-auto-off is disable
Ethernet port tx state is on
The ID of 15min-alarm profile for the port is invalid
The ID of 15min-warning profile for the port is invalid
The ID of 24hour-alarm profile for the port is invalid
The ID of 24hour-warning profile for the port is invalid
Ethernet port link flapping is disable
Note: For any port, setting MDI to auto-negotiation is invalid, For a 1000 M
Electrical port in the full-duplex mode, setting MDI to any value is
invalid

1.2 FTTH Configuration


FTTH Configuration

2024-09-17 40
MA5800 Product Documentation

This section describes the configurations of Internet access, voice, broadband TV (BTV), and VoD services in fiber
to the home (FTTH) networking scenarios.
Basic Concepts

This section describes basic concepts related to the fiber to the home (FTTH) solution from the user side to the network
side on FTTH networking using PON and P2P upstream transmission, respectively.

Principle of FTTH Data Plan

Bridging + Voice ONT Network Scenario (GPON/XG-PON/XGS-PON Networking)

This topic describes how to configure Internet access service, voice service, BTV service and VoD service when bridging +
voice ONTs are used to build an FTTH network.

Bridging ONT + HGW Network Scenario (GPON/XG-PON/XGS-PON Networking)

This topic describes how to configure Internet access service, voice service, BTV service and VoD service when bridging
ONTs + HGWs are used to build an FTTH network.

Gateway ONT Network Scenario (GPON/XG-PON/XGS-PON Networking)

This topic describes how to configure Internet access service, voice service, BTV service and VoD service when gateway
ONT are used to build an FTTH network.

Configuring Triple Play Service (GPON/XG-PON/XGS-PON Networking in Simplified Mode)

The GPON service configuration in simplified mode is implemented by creating an end-to-end (E2E) service port between
an OLT and an ONT. This topic describes how to achieve the GPON service configuration in simplified mode by configuring
the Internet access service, voice service, and multicast service in the FTTH scenario.

Configuring Triple Play Service (GPON/XG-PON/XGS-PON Networking, Multicast and Internet Access in the
Same S-VLAN)

During FTTH configuration, there is a scenario which requires the same S-VLAN be used for the multicast and Internet
access services. This topic describes how to make configurations in this scenario.

Configuring FTTH Service (P2P Access)

Users connected to the OLT through an ONT, and are therefore provided with the Internet, VoIP, and IPTV service through
a same port.

1.2.1 Basic Concepts


Basic Concepts

This section describes basic concepts related to the fiber to the home (FTTH) solution from the user side to the
network side on FTTH networking using PON and P2P upstream transmission, respectively.

FTTH Networking Using PON Upstream Transmission

2024-09-17 41
MA5800 Product Documentation

FTTH Networking Using P2P Upstream Transmission

User Side

Concept Description

Home gateway A gateway device positioned for small office and home office (SOHO) users. It provides multiple service
(HGW or HG) ports, such as POTS and LAN, wireless local area network (WLAN), or xDSL ports. The HGW supports
routing and remote management and diagnosis.

VoD A technology that enables users to order any program in a VoD program library. During program
playing, users can perform operations, such as pause, fast forward, fast rewind, and program locating.

Multicast Is also called broadband TV (BTV), which is similar to traditional cable TV (CATV) or satellite TV. User
experience in watching a multicast program is the same as that in watching a traditional TV program.
Unlike the traditional TV, the IPTV system encodes audio signals and sends them to user terminals
through an IP network.

Access Side

Concept Description

PON A network that uses the point-to-multipoint (P2MP) network architecture. A PON network consists of
an optical line terminal (OLT), an optical distribution network (ODN), and optical network units
(ONUs). It uses optical fibers to transmit data, supports more users with less optical fibers, and
provides high access rates.

2024-09-17 42
MA5800 Product Documentation

Concept Description

ODN A network that consists of optical fibers and passive optical components, such as one or more optical
dividers. The ODN network provides highly reliable optical paths to connect ONUs to an OLT.

OLT An aggregation device located at a central office (CO), which terminates PON protocols.

Optical A user terminal that provides various ports for users. In PON networking, the PON board of an OLT
network communicates with an ONT through the intermediate ODN network. In point-to-point (P2P)
terminal networking, an OLT communicates with an ONT through a P2P Ethernet optical access board.
(ONT)

Split ratio A ratio used for dividing a downstream optical signal into sub-signals in the PON system. A greater split
ratio will result in high optical power for signal transmission over the same physical distance.

Fiber to the A type of network that provides high bandwidths for home users. In PON networking, an OLT connects
home (FTTH) to ONTs through an ODN network and the ONTs connect to home users. In P2P networking, an OLT
connects to ONTs and the ONTs connect to home users. The OLT provides voice, Internet access, and
IPTV services for home users.

Network Side

Concept Description

User-facing A supplier routing device that connects to the router of a customer edge (CE), which is an OLT in
provider edge (U- this document. The U-PE supports routing and Multiprotocol Label Switching (MPLS) encapsulation.
PE) If a U-PE connects to multiple CEs, the U-PE supports basic bridging functions. In this case, the U-PE
forwards data frames, which reduces the load of switching provider edges (S-PEs).

Aggregation An aggregation router, which provides aggregation and route forwarding functions for access
provider edge devices. Compared with U-PEs, PE-AGGs provide fewer ports and higher performance and switching
(PE-AGG) rates.

NGN or IP A type of network that centers around softswitches and uses an open and standardized architecture.
multimedia It provides voice, video, and data services.
subsystem (IMS) A type of system that uses Session Initiation Protocol (SIP) signaling as its call control signaling. It
provides voice, data, and multimedia services.
NOTE:

In this document, the NGN or IMS is the softswitch that supports H.248 or SIP.

IPTV head end A contents preparation platform in the IPTV system. It receives signals, converts media formats, and
manages media materials.

1.2.2 Principle of FTTH Data Plan


Principle of FTTH Data Plan

Data Plan Principles for IP Addresses

This section describes how to obtain an IP address in various scenarios.

Principle of QoS Planning

The QoS planning is an E2E planning, and it can be divided into following policies: traffic classification, marking, and
scheduling policy; and traffic monitoring and DBA policy.

2024-09-17 43
MA5800 Product Documentation

Principles of Internet and Wi-Fi Access Services Data Planning

This topic describes the principles of data planning for Internet and Wi-Fi access services and will focus on the VLAN
planning and VLAN translation policy planning in different network scenarios.

Principle of Voice Service Data Plan

The voice service plan mainly includes the plan of the VLAN and VLAN translation policy in different network scenarios,
and the plan of voice protocol.

Principle of IPTV Service Data Plan

The IPTV service data plan mainly includes the plan of VLAN and VLAN translation policy in different network scenario,
and the plan of IPTV service.

Principle of Security Data Plan

The security plan involves system security plan, user security plan, and service security plan. Security policy ensures
service security from different aspects.

1.2.2.1 Data Plan Principles for IP Addresses


Data Plan Principles for IP Addresses

This section describes how to obtain an IP address in various scenarios.


Terminal Type Service Recommended Solution

Bridging+Voice Internet A PC obtains an IP address through PPPoE dialup. The ONT transparently transmits the
ONT access packets.

VoIP The ONT functions as a DHCP client and obtains an IP address from the DHCP server, or
the NMS issues a static IP address to the ONT using the configuration file. Voice signaling
and media streams at multiple POTS ports share one IP address. Media streams are
distinguished by port.

IPTV The set top box (STB) obtains an IP address from the DHCP server for ordering programs.
The ONT transparently transmits the packets.

Bridging Internet The HGW functions as a PPPoE client and obtains an IP address through PPPoE dialup. At
ONT+HGW access the same time, the HGW functions as a DHCP server and allocates IP addresses to PCs
through the network cable and wireless fidelity (Wi-Fi) access. The ONT transparently
transmits the packets.

VoIP The HGW functions as a DHCP client and obtains an IP address from the DHCP server, or
the application control server (ACS) issues a static IP address to the HGW using TR069.
Voice signaling and media streams at multiple POTS ports share one IP address. Media
streams are distinguished by port. The ONT transparently transmits the packets.

IPTV The HGW is configured with a bridging WAN port. The STB obtains an IP address from the
DHCP server. The HGW transparently transmits packets. The ONT also transparently
transmits the packets.

Gateway ONT Internet The HGW functions as a PPPoE client and obtains an IP address through PPPoE dialup. The
access ONT functions as a DHCP server and allocates IP addresses to PCs through the network
cable.

2024-09-17 44
MA5800 Product Documentation

Terminal Type Service Recommended Solution

Wi-Fi Layer 3 bridge Wi-Fi access service: A mobile equipment (ME) searches the SSID. After the
access ME is authenticated, the DHCP server assigns this ME the IP address by IPoE.
Layer 3 route Wi-Fi access service: An ME searches the SSID. After the ME is authenticated,
the DHCP address pool of an ONT assigns this ME the IP address and then PPPoE dialup is
automatically performed on the ONT.

VoIP The ONT functions as a DHCP client and obtains an IP address from the DHCP server, or
the NMS issues a static IP address to the ONT using the configuration file. Voice signaling
and media streams at multiple POTS ports share one IP address. Media streams are
distinguished by port.

IPTV The ONT functions as a DHCP client and obtains an IP address from the DHCP server. At
the same time, the ONT functions as a DHCP server and allocates IP addresses to STBs.

1.2.2.2 Principle of QoS Planning


Principle of QoS Planning

The QoS planning is an E2E planning, and it can be divided into following policies: traffic classification, marking,
and scheduling policy; and traffic monitoring and DBA policy.

Traffic Classification, Marking, and Scheduling Policy

Service Type 802.1p Queue OLT Queue ID ONT Queue ID


Priority Scheduling (8 Queues)
Method When Eight Queues When Four Queues
Are Supported Are Supported

Management 6 PQ 6 6 3
service

VoIP service 5 PQ 5 5 2

IPTV service 4 PQ 4 4 2

Wi-Fi access 1 PQ 1 1 1
service

Internet access 0 PQ 0 0 0
service

The greater the priority value, the higher the priority. The service priorities in this table are the recommended values. The
service priorities are arranged according to an operator's actual plan.

Traffic Monitoring and DBA Policy

Items Management Internet access service Wi-Fi access service VoIP IPTV
service service service

GEM port 11 [Remark 1] 14 15 12 13

2024-09-17 45
MA5800 Product Documentation

Items Management Internet access service Wi-Fi access service VoIP IPTV
service service service

TCONT Select a DBA type based on service types. For example, select Type1 for the management service,
Type4 for the Internet access service, and Type2 for the VoIP and IPTV services.

DBA type Type 3 (DBA profile: assured bandwidth + maximum bandwidth. Users are allowed to preempt the
bandwidth on condition that the users' assured bandwidth is guaranteed. However, the total
bandwidth cannot exceed the maximum bandwidth.)

DBA bandwidth Configure the DBA bandwidth according to the user's bandwidth package.
planning The assured bandwidth is the maximum bandwidth required by management packets, VoIP, and
IPTV upstream packets. The maximum bandwidth is larger than or equal to the maximum
bandwidth that users apply.

Rate limit on OLT No rate limit Configure rate limit by a Configure rate limit by a No rate No rate
downstream traffic profile as required. traffic profile as required. limit limit
[Remark 2] [Remark 2]

Rate limit on ONU No rate restriction


upstream port

Rate limit on ONU No rate restriction


downstream port

Remark 1: GEM port value depends on the planning of the service provider, but in principle, use different GEM
ports for different services.

Remark 2: Table 1 shows the reference service bandwidth of each service for each user.
Table 1 Reference service bandwidth of each service for each user

Service Type Upstream Downstream Bandwidth Description


Bandwidth Bandwidth

Internet access Determined Determined based Available bandwidth of Internet access service or Wi-Fi access
service/Wi-Fi based on the on the service service = Committed bandwidth of the service tariff package -
access service service tariff tariff package. VoIP bandwidth - IPTV bandwidth
package.

VoIP service 200 kbit/s 200 kbit/s The upstream bandwidth and the downstream bandwidth of
VoIP service are symmetrical. The actual bandwidth is related
to the coding format. This bandwidth is calculated for two
POTS ports.

IPTV service N/A 2.5 Mbit/s per IPTV service mainly occupies the downstream bandwidth. The
(standard channel actual bandwidth depends on the coding format, the picture in
definition picture information, 10% bandwidth burst traffic, and the
program) number of programs that can be concurrently watched by one
user (in the case of multiple STBs). The upstream bandwidth is
IPTV service N/A 9.7 Mbit/s per mainly used for transmitting IGMP packets, which requires
(high definition channel little bandwidth. Therefore, the bandwidth occupied by IGMP
program) packets can be neglected.

 The rate restriction on the BRAS or SR is recommended. OLTs and ONTs do not restrict the rate for service streams.
 If BRAS does not support rate restriction, OLTs can restrict the rate for service streams through the traffic profile.
 Different service packets on the ONT are distinguished by different VLAN IDs. The service packets are mapped to GEM
ports based on VLAN IDs so that different service packets are transmitted to different GEM ports. Each GEM port (each
service) corresponds to a T-CONT or all GEM ports share a T-CONT.

2024-09-17 46
MA5800 Product Documentation

 The sum of the assured bandwidth of all ONTs connected to a PON port and the fixed bandwidth of OMCI management
channel is less than the GPON upstream bandwidth. Some bandwidth must be reserved for the future service expansion.

1.2.2.3 Principles of Internet and Wi-Fi Access Services Data


Planning
Principles of Internet and Wi-Fi Access Services Data Planning

This topic describes the principles of data planning for Internet and Wi-Fi access services and will focus on the
VLAN planning and VLAN translation policy planning in different network scenarios.
Table 1 Planning of VLANs and VLAN translation policies for Internet access service

Application VLAN Plan VLAN Translation Policy


Scenario

Bridging+Voice Double-tagged ONT: ONTs configure the VLAN and add the same C-VLAN tag to packets. All
ONT VLAN ONTs are in the same C-VLAN.
OLT: The OLT performs VLAN translation: C<->S+C'. The C'-VLAN of every ONT
differs from each other.

Bridging ONT + Double-tagged ONT: The upstream packets sent from the HGW carry user-VLANs and the ONT
HGW VLAN transparently transmits them.
OLT: The OLT translates the U-VLAN to S-VLAN+C-VLAN.

Gateway ONT Double-tagged ONT: ONTs configure the VLAN and add the same C-VLAN tag to packets. All
VLAN ONTs are in the same C-VLAN.
OLT: The OLT performs VLAN translation: C<->S+C'. The C'-VLAN of every ONT
differs from each other.

Table 2 Planning of VLANs and VLAN translation policies for Wi-Fi access service

Application VLAN Plan VLAN Translation Policy


Scenario

Gateway ONT Single-tagged ONT: ONTs configure the VLAN and add the same C-VLAN tag to packets. All
VLAN ONTs are in the same C-VLAN.
OLT: The OLT performs VLAN translation: C<->S.

Note:

 User VLAN: VLAN carried by packets going upstream from user-side devices (such as a home gateway), U-
VLAN for short.

 C-VLAN: VLAN added based on the ONT/ONU port. For details, see the description of the Double-tagged VLAN
S+C.

 Double-tagged VLAN S+C: C indicates the inner VLAN (C-VLAN) and S indicates the outer VLAN (S-VLAN).

 Double-tagged VLAN S+C': C' indicates the translated inner VLAN (C'-VLAN) and S indicates the outer VLAN
(S-VLAN).

 Single-tagged S-VLAN: Single-tagged VLAN marked or translated by the OLT. It is generally used in a single-
tagged VLAN translation scenario.

 C<->S+C': Bidirectional VLAN translation: translates the C-VLAN and then adds an S-VLAN.

 C<->S+C: Bidirectional VLAN translation: maintains the C-VLAN and adds an S-VLAN.

2024-09-17 47
MA5800 Product Documentation

 To ensure traceability of users and finer-grained QoS control and management of users and services, plan per user per
service per VLAN (PUPSPV) for the Internet access service. Considering OLT capacity and VLAN scalability, use dual
VLANs (S-VLAN+C-VLAN) on the OLT to differentiate users for the Internet access service.
 The outer VLAN (S-VLAN), which identifies services and physical location, can be allocated based on the OLT, PON board,
or PON port. The inner VLAN (C-VLAN) identifies users. C-VLANs must be unique in one S-VLAN.
 It is recommended that you use stacking VLANs as S-VLANs so that security features, such as PPPoE+/option82, and anti-
MAC attacks and anti-MAC spoofing, can be easily deployed.
 The 802.1q in 802.1q (QinQ) VLAN is used in the enterprise private line scenario, such as transparent LAN service (TLS),
in which the device transparently transmits packets. It is not recommended that you use QinQ VLANs as S-VLANs for the
triple play services of residential users.

1.2.2.4 Principle of Voice Service Data Plan


Principle of Voice Service Data Plan

The voice service plan mainly includes the plan of the VLAN and VLAN translation policy in different network
scenarios, and the plan of voice protocol.

VLAN and VLAN Translation Policy

Application VLAN Plan VLAN Translation Policy


Scenario

Bridging+voice Single-tagged VLAN ONT: VLANs are configured for the ONTs on the same network in a unified
ONT (recommended) manner, and the ONTs have the same C-VLAN. The ONT adds a C-VLAN tag to
packets.
OLT: transparently transmits the VLAN.

Double-tagged VLAN ONT: VLANs are configured for the ONTs on the same network in a unified
manner, and the ONTs have the same C-VLAN. The ONT adds a C-VLAN tag to
packets.
OLT: adds an S-VLAN tag to the packets (C-VLAN <-> S-VLAN+C-VLAN).

Double-tagged VLAN ONT: VLANs are configured for the ONTs on the same network in a unified
manner, and the ONTs have different C-VLANs. The ONT adds a C-VLAN tag to
packets.
OLT: adds an S-VLAN tag to the packets (C-VLAN <-> S-VLAN+C-VLAN).

Bridging Single-tagged VLAN ONT: Packets that are sent upstream by the HGW are tagged with a user VLAN.
ONT+HGW (recommended) The ONT transparently transmits the user VLAN.
OLT: translates the VLAN tag (user VLAN <-> S-VLAN).

Single-tagged VLAN ONT: Packets that are sent upstream by the HGW are tagged with a user VLAN.
The ONT translates the user VLAN (user VLAN <-> S-VLAN). All the ONTs
connected to the same OLT have the same voice service S-VLAN; ONTs
connected to different OLTs may have different voice service S-VLANs.
OLT: transparently transmits the VLAN.

Double-tagged VLAN ONT: Packets that are sent upstream by the HGW are tagged with a user VLAN.
The ONT transparently transmits the user VLAN.
OLT: translates the VLAN tag (user VLAN <-> S-VLAN+C-VLAN).

Double-tagged VLAN ONT: Packets that are sent upstream by the HGW are tagged with a user VLAN.
The ONT translates the user VLAN (user VLAN <-> C-VLAN). The C-VLAN is an

2024-09-17 48
MA5800 Product Documentation

Application VLAN Plan VLAN Translation Policy


Scenario

inner VLAN tag that differentiates users.


OLT: adds an S-VLAN tag to the packets (C-VLAN <-> S-VLAN+C-VLAN).

Gateway ONT Single-tagged VLAN ONT: VLANs are configured for the ONTs on the same network in a unified
(recommended) manner, and the ONTs have the same C-VLAN. The ONT adds a C-VLAN tag to
packets.
OLT: translates the VLAN tag (C-VLAN <-> S-VLAN).

Single-tagged VLAN ONT: VLANs are configured for the ONTs on the same network in a unified
manner, and the ONTs have the same C-VLAN. The ONT adds a C-VLAN tag to
packets.
OLT: transparently transmits the VLAN.

Double-tagged VLAN ONT: VLANs are configured for the ONTs on the same network in a unified
manner, and the ONTs have the same C-VLAN. The ONT adds a C-VLAN tag to
packets.
OLT: translates the VLAN tag (C-VLAN <-> S-VLAN+C-VLAN').

Note:

 User VLAN: VLAN carried by packets going upstream from user-side devices (such as a home gateway), U-
VLAN for short.

 C-VLAN: VLAN added based on the ONT/ONU port. For details, see the description of the Double-tagged VLAN
S+C.

 Double-tagged VLAN S+C: C indicates the inner VLAN (C-VLAN) and S indicates the outer VLAN (S-VLAN).

 Double-tagged VLAN S+C': C' indicates the translated inner VLAN (C'-VLAN) and S indicates the outer VLAN
(S-VLAN).

 Single-tagged S-VLAN: Single-tagged VLAN marked or translated by the OLT. It is generally used in a single-
tagged VLAN translation scenario.

 C<->S+C': Bidirectional VLAN translation: translates the C-VLAN and then adds an S-VLAN.

 C<->S+C: Bidirectional VLAN translation: maintains the C-VLAN and adds an S-VLAN.

 The voice service is a closed service operated by carriers. The single-tagged S-VLAN is the mainstream application and is
recommended.
 When the planned VLAN is single-tagged VLAN, the S-VLANs can be allocated based on the OLT device, PON board or PON
port. The S-VLANs identify services and physical locations. It is recommended that you set different voice VLANs for the
OLTs connected to one voice SR to avoid an excessively large broadcast domain of the SR and convergence switch.
 When the planned VLAN is S-VLAN+C-VLAN (that is, double-tagged VLAN), the outer S-VLANs can be allocated based on
the OLT device, PON board or PON port. The S-+VLANs identify services and physical locations. It is recommended to
allocate S-VLANs based on PON board or PON port. The inner C-VLAN is used to identify services (a fixed value) or users.

Voice Data Plan Based on H.248 or SIP

Item Description

2024-09-17 49
MA5800 Product Documentation

Item Description

MG interface/SIP Media and Media and Upstream VLANs of the voice service
interface data signaling signaling
NOTE: parameters upstream
VLANs
must be consistent
with the data on
Media and Upstream ports of the voice service
the MGC/IMS core
signaling
network devices.
upstream port

Media IP Supports separating media from signaling.


addresses and
signaling IP
addresses

Default The next hop IP address from an ONU/HGW to an MGC/IMS.


gateway IP
address.

MG interface/SIP interface ID N/A

Signaling port ID Choose the transmission mode according to the requirement


of the MGC/IMS side.

IP address of active MGC If the dual homing is not configured, only one MGC parameter
(H.248)/IP address of active needs to be configured. If the dual homing is configured, the
IMS device (SIP) IP address and port ID of the standby MGC need to be
configured.
Port ID of active MGC
(H248)/port ID of active IMS
device (SIP)

Coding Choose the coding method according to the requirement on


the MGC/IMS side. Generally, the text coding method is
adopted.

Transmission mode Choose the transmission mode according to the requirement


on the MGC/IMS side. Generally, the UDP transmission mode
is adopted.

Home domain (SIP) N/A

Profile index N/A

The version of H248 protocol V1, V2 or V3 (by default). The interface may fail to be
that MG starts to negotiate registered because some softswitches do not support V3.

Voice user Phone number For H248 protocol: The phone numbers allocated by the MGC
configuration data need to be determined, and the paging numbers for users'
emergency standalone need to be planned if the emergency
standalone function is provided.
For SIP protocol: The phone number that the IMS core
network device allocates to the user must be configured.

Terminal ID (H248) If the TID template with which the POTS user is bound does
not support terminal layering, this parameter needs to be
configured.

User priority According to the service requirements, user priorities must


be specified. The user priorities include the following:

2024-09-17 50
MA5800 Product Documentation

Item Description

cat1: government1 (category 1 government users)


cat2: government2 (category 2 government users)
cat3: common (common users)

User type According to the service requirements, user type needs to be


specified. The user type includes the following:
DEL: direct exchange lines (default)
ECPBX: earth calling PBX
LCPBX: loop calling PBX
PayPhone: pay phone

Common parameter system parameter The system parameters including the overseas version flag
and message waiting indication (MWI) mode need to be
configured according to the local standard to ensure that the
response of the user terminal complies with the local
standard.

Overseas parameters The attributes such as the upper and lower thresholds of the
flash-hooking duration need to be configured according to
the local standards to ensure that the response of the user
terminal complies with the local standards.

POTS port attributes If the POTS port needs to support the polarity reversal
accounting, the POTS port needs to be configured to support
the polarity reversal pulse. Other attributes need not be
modified if there is no special requirement.

Ringing current attributes When the attributes of ring current are changed, ring volume
is changed accordingly. Generally, no adjustment is required
for the ringing tone volume. You need to modify the
parameters of the ringing current attributes according to the
local standard only when the default ringing current
attributes do not comply with the local standard.

1.2.2.5 Principle of IPTV Service Data Plan


Principle of IPTV Service Data Plan

The IPTV service data plan mainly includes the plan of VLAN and VLAN translation policy in different network
scenario, and the plan of IPTV service.
IPTV services include multicast service and video on demand (VoD) service. These two services are relevant but
independent in VLAN planning.
Application Service VLAN Plan VLAN Translation Policy
Scenario Type

Bridging+Voice Multicast Single- ONTs replicate multicast packets based on user ports and multicast
ONT service tagged VLAN VLANs (M-VLANs) are removed downstream.
The OLT replicates multicast packets based on PON ports with M-
VLAN unchanged.

VoD Single- ONTs add S-VLAN tags to iTV service packets.


tagged VLAN The OLT transparently transmits packets with S-VLANs.

2024-09-17 51
MA5800 Product Documentation

Application Service VLAN Plan VLAN Translation Policy


Scenario Type

Double- All ONTs add the same C-VLAN tag to packets.


tagged VLAN The OLT implements VLAN translation: C->S+C'.

Bridging ONT + Multicast Single- ONTs transparently transmit upstream packets with M-VLANs sent
HGW service tagged VLAN from HGW. Multicast packets are replicated downstream with M-VLAN
unchanged.
The OLT replicates multicast packets based on PON ports with M-
VLAN unchanged.

Single- ONTs translate the upstream VLANs sent from HGW to M-VLANs.
tagged VLAN The OLT replicates multicast packets based on PON ports with M-
VLAN unchanged.

VoD Single- ONTs transparently transmit the upstream U-VLANs sent from HGW.
tagged VLAN The OLT implements VLAN translation: U->S.

Double- ONTs transparently transmit the upstream U-VLANs sent from HGW.
tagged VLAN The OLT implements VLAN translation: U->S+C.

Gateway ONT Multicast Single- ONTs replicate packets based on user ports and M-VLANs are removed
service tagged VLAN in downstream direction.
The OLT replicates multicast packets based on PON ports with M-
VLAN unchanged.

VoD Single- ONTs add C-VLAN tags to packets. Untagged VLANs are translated to
tagged VLAN C-VLANs.
The OLT implements VLAN translation: C -> S.

Note:

 User VLAN: VLAN carried by packets going upstream from user-side devices (such as a home gateway), U-
VLAN for short.

 C-VLAN: VLAN added based on the ONT/ONU port. For details, see the description of the Double-tagged VLAN
S+C.

 Double-tagged VLAN S+C: C indicates the inner VLAN (C-VLAN) and S indicates the outer VLAN (S-VLAN).

 Double-tagged VLAN S+C': C' indicates the translated inner VLAN (C'-VLAN) and S indicates the outer VLAN
(S-VLAN).

 Single-tagged S-VLAN: Single-tagged VLAN marked or translated by the OLT. It is generally used in a single-
tagged VLAN translation scenario.

 C<->S+C': Bidirectional VLAN translation: translates the C-VLAN and then adds an S-VLAN.

 C<->S+C: Bidirectional VLAN translation: maintains the C-VLAN and adds an S-VLAN.

 IPTV service is a closed service self-operated by carriers, and single-tagged S-VLAN is recommended.
 The same S-VLAN or different S-VLANs can be used as the M-VLAN and VoD VLAN. It is recommended that you use
different S-VLANs as M-VLAN and VoD VLAN so that the upper-level device easily differentiates between the BTV service
and VoD service.

2024-09-17 52
MA5800 Product Documentation

 S-VLANs of VoD service can identify services and physical locations based on an entire network or an OLT. It is
recommended that you set different VoIP VLANs for the OLTs connected to one VoIP SR to avoid an excessively large
broadcast domain of the VoIP SR and convergence switch.

1.2.2.6 Principle of Security Data Plan


Principle of Security Data Plan

The security plan involves system security plan, user security plan, and service security plan. Security policy
ensures service security from different aspects.

The device provides complete security measures, but not all security measures need to be deployed. Only the security measures
that meet the following requirements need to be deployed:

 The security measures can be used on the live network.


 The security measures are easy to deploy.
 The security measures are effective.

System Security

Security Solution Description and Usage Suggestion


Vulnerability

DoS attack Enable the anti-DoS- After the anti-DoS-attack function is enabled, control packets are monitored
attack function for and those exceeding the number threshold are discarded.
OLT. Use this solution for new site deployment.

IP attack Enable the anti-IP- After the anti-IP-attack function is enabled, a device discards the IP packets
attack function for received from the user side whose destination IP address is the IP address of
OLT. the device, and therefore the system is protected.
Use this solution for new site deployment.

User Security

Security Solution Description and Usage Suggestion


Vulnerability

MAC spoofing Enable the anti- After anti-MAC-duplicate is enabled, the system records the first MAC address
MAC-duplicate learned from the port and binds the MAC address to the port and VLAN. If receiving
function for OLT. packets sent from the host that has the same MAC address with the port, the system
discards the packets directly. In this case, it can prevent users from forging MAC
addresses to perform malicious attacks.
Use this solution for new site deployment.

MAC attack Enable the anti- After anti-MAC spoofing is enabled, the system can prevent users from forging MAC
MAC spoofing addresses to perform malicious attacks.
function for OLT. Use this solution for new site deployment.

IP spoofing Enable the anti- After anti-IP spoofing is enabled, the system can prevent users from forging IP
IP spoofing addresses to perform malicious attacks.
function for OLT. Use this solution for new site deployment.

Service Security

2024-09-17 53
MA5800 Product Documentation

Security Vulnerability Solution Description and Usage Suggestion

Unauthorized broadband DHCP option 82 is enabled on OLT, In the DHCP option 82 mode, user's physical location is
access of small and the BRAS implements user added to the option 82 field carried in the DHCP
enterprises (IPoE) authentication based on the RAIO request packet initiated by a user. The physical
information. location, used for user authentication on the upper-
layer authentication server, can help implement the
following functions:
The DHCP relay forwards DHCP response packets to
devices with specified CID and RID.
Prevents DHCP address exhaustion.
Achieves static allocation of DHCP addresses.
Implements anti-IP spoofing.
Implements anti-user ID spoofing.
Implements anti-MAC spoofing.
Use this solution for the DHCP Internet access service.

Broadband access of PPPoE+ (PITP) is enabled on OLT, The BRAS responds to request packets of users with
residential users (PPPoE), and the BRAS implements user specified CID and RID. In this way, the following
user account authentication based on binding of functions are implemented:
theft/borrowing the RAIO information to the user
account. Prevents IP address exhaustion.
Implements anti-IP spoofing.
Implements anti-user ID spoofing.
Implements anti-MAC spoofing.
Use this solution for the PPPoE Internet access service.

1.2.3 Bridging + Voice ONT Network Scenario (GPON/XG-


PON/XGS-PON Networking)
Bridging + Voice ONT Network Scenario (GPON/XG-PON/XGS-PON Networking)

This topic describes how to configure Internet access service, voice service, BTV service and VoD service when
bridging + voice ONTs are used to build an FTTH network.

The FTTH GPON and 10G GPON access have the same configuration procedure. ONT web pages for configuring
them have differences; however, they have the same configuration parameters. The following uses GPON ONT
configuration as an example. For differences on web pages, see the related ONT manuals.

Service Requirements and Application Scenario

Configuration Process

Adding an ONT to an OLT

Services can be configured for an ONT only after the ONT is successfully added to an OLT.

Configuring the Internet Access Service

The OLT is connected to the remote ONT through a GPON port to provide users with high-speed Internet access services.

Configuring the H.248-based Voice Service (on a Web Page)

2024-09-17 54
MA5800 Product Documentation

The OLT is connected to the remote ONT through a GPON port to provide users with the IP-based high-quality and low-
cost VoIP service.

Configuring the H.248-based Voice Service (Through the CLI)

The OLT manages ONTs and applies VoIP configurations to the ONT using the OMCI protocol. This topic describes how to
configure the H.248-based voice service.

Configuring the SIP-based Voice Service (on a Web Page)

The OLT is connected to the remote ONT through a GPON port to provide users with the SIP-based high-quality and low-
cost VoIP service.

Configuring the SIP-based Voice Service (Through the CLI)

The OLT manages ONTs and applies VoIP configurations to the ONT using the OMCI protocol. This topic describes how to
configure the SIP-based voice service.

Configuring the BTV Service

The OLT is connected to the remote bridging ONT through a GPON port to provide users with the multicast service.

Configuring the VoD Service

The OLT is connected to the remote bridging ONT through a GPON port to provide users with the VoD service.

Configuring Link Aggregation, Congestion Control, and Security Policies

The global configuration of link aggregation and queue scheduling based on priorities ensures service reliability. The
global configuration of security policies ensures service security.

Verifying Services

The ONTs are installed in users' houses which are far away from the central equipment room. ONTs provide remote
service verification methods including PPPoE dialup emulation, call emulation, and multicast emulation to facilitate
configuration and commissioning engineers to verify services remotely after service configuration.

1.2.3.1 Service Requirements and Application Scenario


Service Requirements and Application Scenario

Service Requirements

Optical fibers are connected to users' home and triple play services are required. The following provides detailed
service requirements:

 Internet access of multiple PCs in a home is supported.

 Access of multiple telephones in a home is supported.

2024-09-17 55
MA5800 Product Documentation

 IPTV programs can be previewed and watched using STBs.

 Service expansibility is supported and different services do not affect each other.

 Proper service security is ensured.

 Internet access services are protected against unauthorized access, user account theft or borrowing,
MAC/IP spoofing, and malicious attacks.

 Voice and IPTV services are protected against MAC/IP spoofing, malicious attack, and traffic flooding
attacks.

 Service faults are easy to locate and services are easy to maintain.

Application Scenario

As shown in Figure 1, the ONT integrating an integrated access device (IAD) provides Internet, VoIP, and IPTV
services to users.

The bridging+voice ONT provides Layer 2 data (Internet and IPTV services) and VoIP services. This scenario
provides transparent transmission channels and requires simple service configuration, so this scenario applies to
Layer 2 networking.

 For Internet services, a PC directly performs dial-up. Then, the upper-layer broadband remote access server
(BRAS) device authenticates and accesses the PC. The PC can also access the Internet using the Dynamic Host
Configuration Protocol (DHCP) or static IP address.

 For VoIP services, the ONT with a built-in voice module encapsulates voice service packets, and the OLT
transmits them to the upstream next generation network (NGN) or IP multimedia subsystem (IMS).

 For IPTV services, the set top box (STB) obtains an IP address from the DHCP server for ordering programs.
The ONT transparently transmits the packets.

Figure 1 Bridging+Voice ONT

1.2.3.2 Configuration Process


Configuration Process

2024-09-17 56
MA5800 Product Documentation

Figure 1 shows the configuration roadmap in fiber to the home (FTTH) networking using a bridging+voice optical
network terminal (ONT).

Figure 1 Configuration roadmap in FTTH networking using a bridging+voice ONT

The following table describes the configuration steps.


Item Step Description

Optical line Adding an ONT to an OLT Services can be configured for an ONT only after the ONT is
terminal successfully added to an OLT.
(OLT)

OLT Configuring the Internet Access None


Service

OLT Configure Configuring the H.248- NOTE:


ONT the VoIP based Voice Service (on The H.248 and Session Initiation Protocol (SIP) protocols are
NMS service. a Web Page or the mutually exclusive for the VoIP service. Either of them is
NMS) configured at a time.
The voice service can be configured through command line
Configuring the H.248-
interface (CLI) on an OLT, web page, or NMS. Select a
based Voice Service
configuration mode based on site requirements.
(Through the CLI)
OLT CLI: This mode can be used for site deployment or the NMS
Configuring the SIP- has not been deployed.
based Voice Service (on Web page: This mode can be used to configure voice parameters
a Web Page or the after the service channel has been configured through the OLT
NMS) CLI. It can be used for site deployment.
NMS: This mode can be used to configure voice parameters after
Configuring the SIP- the service channel has been configured through the OLT CLI. It
based Voice Service
can be used for service provisioning in batches.
(Through the CLI)

2024-09-17 57
MA5800 Product Documentation

Item Step Description

OLT Configure Configuring the BTV IPTV services include the BTV and VoD services that are different
the IPTV Service in configuration procedures and need to be configured
service. separately.
Configuring the VoD
Service

OLT Configuring Link Aggregation, The global configuration of link aggregation and queue
Congestion Control, and Security scheduling based on priorities ensures service reliability. The
Policies global configuration of security policies ensures service security.

OLT Verifying Services The OLT provides remote verification methods including ONT
PPPoE/DHCP dialup emulation and call emulation for
configuration and commissioning engineers to verify services
remotely after service configuration, avoiding a second on-site
operation.

1.2.3.3 Adding an ONT to an OLT


Adding an ONT to an OLT

Services can be configured for an ONT only after the ONT is successfully added to an OLT.

Data Plan

Item Data

DBA profile Profile name: ftth_dba_mngt


Profile type: Type1
Fixed bandwidth: 1 Mbit/s
Profile name: ftth_dba_hsi
Profile type: Type4
Maximum bandwidth: 32 Mbit/s
Profile name: ftth_dba_voip
Profile type: Type2
Assured bandwidth: 1 Mbit/s
Profile name: ftth_dba_iptv
Profile type: Type2
Assured bandwidth: 1 Mbit/s

ONT line profile Profile name: ftth


T-CONT ID for management services: 4
T-CONT ID for voice services: 5
T-CONT ID for video services: 6
T-CONT ID for Internet access services: 7
GEM port ID for management services: 11
GEM port ID for voice services: 12
GEM port ID for video services: 13
GEM port ID for Internet access services: 14

ONT service profile Profile name: ftth

2024-09-17 58
MA5800 Product Documentation

Item Data

ONT port capability set: adaptive

Network topology data PON port: 0/1/0


ONT IDs: 1 and 2

Procedure

1. Configure GPON ONT profiles.

GPON ONT profiles include the DBA profile, line profile, service profile, and alarm profile.

 DBA profile: A DBA profile describes the GPON traffic parameters. A T-CONT is bound to a DBA profile
for dynamic bandwidth allocation, improving upstream bandwidth utilization.

 Line profile: A line profile describes the binding between the T-CONT and the DBA profile, the QoS
mode of the traffic stream, and the mapping between the GEM port and the ONT-side service.

 Service profile: A service profile provides the service configuration channel for the ONT that is
managed by using optical network terminal management and control interface (OMCI).

 Alarm profile: An alarm profile contains a series of alarm thresholds to measure and monitor the
performance of activated ONT lines. When a statistical value reaches the threshold, the host is notified
and an alarm is reported to the log host and the NMS.

a. Configure a DBA profile.


Run the display dba-profile command to query the existing DBA profiles in the system. If the
existing DBA profiles in the system cannot meet the requirements, run the dba-profile add
command to add a DBA profile.

huawei(config)#dba-profile add profile-name ftth_dba_mngt type1 fix 1024


huawei(config)#dba-profile add profile-name ftth_dba_voip type2 assure 1024
huawei(config)#dba-profile add profile-name ftth_dba_iptv type2 assure 1024
huawei(config)#dba-profile add profile-name ftth_dba_hsi type4 max 32768

Select a DBA profile of the proper bandwidth type and configure proper bandwidth according to the service
types and total user count of the ONT. Note that the sum of the fixed bandwidth and the assured bandwidth
must not be greater than the total bandwidth of the PON port.

b. Configure an ONT line profile.


Create a GPON ONT line profile, named ftth, and bind it to the DBA profile.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#tcont 4 dba-profile-name ftth_dba_mngt
huawei(config-gpon-lineprofile-1)#tcont 5 dba-profile-name ftth_dba_voip
huawei(config-gpon-lineprofile-1)#tcont 6 dba-profile-name ftth_dba_iptv
huawei(config-gpon-lineprofile-1)#tcont 7 dba-profile-name ftth_dba_hsi

Create different GEM ports according to different service types, in which

2024-09-17 59
MA5800 Product Documentation

 GEM port 11 is used to carry management services.

 GEM port 12 is used to carry voice services.

 GEM port 13 is used to carry video services.

 GEM port 14 is used to carry Internet access services.

huawei(config-gpon-lineprofile-1)#gem add 11 eth tcont 4


huawei(config-gpon-lineprofile-1)#gem add 12 eth tcont 5
huawei(config-gpon-lineprofile-1)#gem add 13 eth tcont 6
huawei(config-gpon-lineprofile-1)#gem add 14 eth tcont 7

1. To change the default QoS mode, run the qos-mode command to set the QoS mode to gem-car or flow-
car, and run the gem add command to set the index of the traffic profile bound to the GEM port.
2. When the QoS mode is priority-queue (PQ), the default queue priority is 0; when the QoS mode is flow-
car or gem-car, traffic profile 6 is bound to the GEM port by default (no rate limitation).

After the configurations are complete, run the commit command to apply the parameters settings.

huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

c. Configure an ONT service profile.


Create a GPON ONT service profile, named ftth. Configure the capability set of the ETH port and POTS
port to adaptive. Then the system automatically adapts to the ONT according to the actual capability
of the online ONT.

huawei(config)#ont-srvprofile gpon profile-name ftth


huawei(config-gpon-srvprofile-1)#ont-port eth adaptive pots adaptive

After the configurations are complete, run the commit command to apply the parameters setting.

huawei(config-gpon-srvprofile-1)#commit
huawei(config-gpon-srvprofile-1)#quit

d. (Optional) Add an alarm profile.

 The default GPON alarm profile 1 is used. The alarm thresholds for the default alarm profile are
0, which indicates that no alarm is generated.

 In this example, the default alarm profile is used, and therefore the configuration of the alarm
profile is not required.

 Run the gpon alarm-profile add command to configure a GPON alarm profile, which is used for
monitoring the performance of an activated ONT line.

2. Add an ONT.
The procedures for configuring GPON, XG-PON, and XGS-PON services are the same. The difference lies in
this step. Here, the GPON service is used as an example. When configuring XG-PON and XGS-PON services,
you need to configure the ONT network-side interface type parameter (ont-type) in the ont add and ont

2024-09-17 60
MA5800 Product Documentation

confirm commands. Select a value based on the actual ONT capability or service data plan, for example,
10g/2.5g.
Connect two ONTs to GPON port 0/1/0. Set the ONT IDs to 1 and 2, SNs to 3230313126595540 and
6877687714852901, passwords to 0100000001 and 0100000002, discovery mode for password
authentication to once-on, and management mode to OMCI. Bind the two ONTs to ONT line profile ftth and
ONT service profile ftth.
There are two methods of adding an ONT: add an ONT offline and confirm an automatically discovered ONT.

 Add ONTs offline.


If the password of an ONT is known, run the ont add command to add an ONT offline.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont add 0 1 password-auth 0100000001 once-on no-aging omci ont-lineprofile-
name

ftth ont-srvprofile-name ftth

huawei(config-if-gpon-0/1)#ont add 0 2 password-auth 0100000002 once-on no-aging omci ont-lineprofile-


name

ftth ont-srvprofile-name ftth

 Confirm automatically discovered ONTs.


If the password or SN of an ONT is unknown, run the port portid ont-auto-find command in GPON
mode to enable the ONT auto-discovery function of the GPON port. Then, run the ont confirm
command to confirm the ONT.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#port 0 ont-auto-find enable
huawei(config-if-gpon-0/1)#display ont autofind 0
//After this command is executed, the information about all automatically discovered ONTs connected to the GPON
port through optical splitters is displayed.

huawei(config-if-gpon-0/1)#ont confirm 0 ontid 1 sn-auth 3230313126595540 omci ont-lineprofile-name

ftth ont-srvprofile-name ftth

huawei(config-if-gpon-0/1)#ont confirm 0 ontid 2 sn-auth 6877687714852901 omci ont-lineprofile-name

ftth ont-srvprofile-name ftth

If multiple ONTs of the same type bound to the same line profile or service profile are connected to the same port,
you can bulk add ONTs by bulk confirming automatically discovered ONTs to make configuration easier and more
efficient. To do so, the preceding command can be modified as follows:

huawei(config-if-gpon-0/1)#ont confirm 0 all sn-auth omci ont-lineprofile-name ftth


ont-srvprofile-name ftth

 (Optional) Bind the alarm profile to the ONT.


The default profile 1 is used in this example.

huawei(config-if-gpon-0/1)#ont alarm-profile 0 1 profile-id 1

2024-09-17 61
MA5800 Product Documentation

huawei(config-if-gpon-0/1)#ont alarm-profile 0 2 profile-id 1

3. Check ONT status.


After an ONT is added, run the display ont info command to query the current status of the ONT. Ensure
that Config flag of the ONT is active, Run State is online, Config state is normal, and Match state is
match.

huawei(config-if-gpon-0/1)#display ont info 0 1


---------------------------------------------------------------------
F/S/P : 0/1/0
ONT-ID :1
Control flag : active //Indicates that the ONT is activated.
Run state : online //Indicates that the ONT goes online successfully.
Config state : normal //Indicates that the configuration state of the ONT is normal.
Match state : match //Indicates that the capability profile bound to the ONT is consistent with the actual capability
of the ONT.
...//The rest of the response information is omitted.

When Config state is failed, Run state is offline, or Match state is mismatch:

 If Control flag is deactivated, run the ont activate command in GPON mode to activate the ONT.

 If Run state is offline, a physical line may be broken or the optical module may be damaged. Check the
line and the optical module.

 If Config state is failed, the configured ONT capability exceeds the actual ONT capability. In this case,
run the display ont failed-configuration command in the diagnose mode to check the failed
configuration item and the failure cause. Then, rectify the fault accordingly.

1.2.3.4 Configuring the Internet Access Service


Configuring the Internet Access Service

The OLT is connected to the remote ONT through a GPON port to provide users with high-speed Internet access
services.

Prerequisites

 The OLT is connected to the BRAS.

 Related configurations are performed on the BRAS according to the authentication and accounting
requirements for dialup users. For details about the configuration, see the BRAS configuration guide.

 The ONT has been added to the OLT. For details, see Adding an ONT to an OLT .

 The VLAN of the LAN switch port connected to the OLT is consistent with the upstream VLAN of the OLT.

Data Plan

Item Data

2024-09-17 62
MA5800 Product Documentation

Item Data

ONT line profile Profile name: ftth


GEM port ID for Internet access services: 14

Network topology Upstream port: 0/9/0


data PON port: 0/1/0
ONT IDs: 1 and 2
ID of the port on the ONT that is connected to the PC: 1

VLAN Plan Double-tagged VLAN:


S-VLAN ID: 100
S-VLAN type: smart
S-VLAN attribute: stacking
CVLAN ID: 1001
C'-VLAN ID: 1010-1011
VLAN Translation Policy:
ONT: ONTs configure the VLAN and add the same C-VLAN tag to packets. All ONTs are in the
same C-VLAN.
OLT: The OLT performs VLAN translation: C<->S+C'. The C'-VLAN of every ONT differs from each
other.

Procedure
 Configure the OLT.

1. Configure a traffic profile.


Run the display traffic table ip command to query the existing traffic profiles in the system. If the
traffic profiles existing in the system do not meet the requirements, you need to run the traffic table ip
command to add a traffic profile.
Set the profile ID to ftth_hsi, the CIR to 4 Mbit/s, and the priority to 0. In addition, configure the
scheduling mode so that packets are scheduled according to their priorities.

huawei(config)#traffic table ip name ftth_hsi cir 4096 priority 0 priority-policy local-setting

2. Configure the mapping between a GEM port and a VLAN.


The service flow of C-VLAN 1001 is mapped to GEM port 14 in the ONT line profile.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#gem mapping 14 0 vlan 1001
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

3. Configure the VLAN of the Ethernet port on the ONT.


If the ONT is connected to the PC through Ethernet port 1, add Ethernet port 1 to VLAN 1001 in the
ONT service profile.

huawei(config)#ont-srvprofile gpon profile-name ftth


huawei(config-gpon-srvprofile-1)#port vlan eth 1 1001

2024-09-17 63
MA5800 Product Documentation

huawei(config-gpon-srvprofile-1)#commit
huawei(config-gpon-srvprofile-1)#quit

4. Configure the native VLAN of the ONT port.


Set the native VLAN ID of Ethernet port 1 to 1001.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont port native-vlan 0 1 eth 1 vlan 1001
huawei(config-if-gpon-0/1)#ont port native-vlan 0 2 eth 1 vlan 1001
huawei(config-if-gpon-0/1)#quit

5. Create an Internet access service VLAN and add an upstream port to it.
Add upstream port 0/9/0 to VLAN 100.

huawei(config)#vlan 100 smart


huawei(config)#vlan attrib 100 stacking
huawei(config)#port vlan 100 0/9 0

6. Create service flows.


Set the service VLAN to 100, GEM port ID to 14, and user VLAN to 1001. Use traffic profile ftth_hsi.

huawei(config)#service-port vlan 100 gpon 0/1/0 ont 1 gemport 14 multi-service

user-vlan 1001 tag-transform translate-and-add inner-vlan 1010 inbound traffic-table name


ftth_hsi outbound traffic-table name ftth_hsi

huawei(config)#service-port vlan 100 gpon 0/1/0 ont 2 gemport 14 multi-service

user-vlan 1001 tag-transform translate-and-add inner-vlan 1011 inbound traffic-table name


ftth_hsi outbound traffic-table name ftth_hsi

7. Save the configurations.

huawei(config)#save

 The ONT does not need to be configured.

1.2.3.5 Configuring the H.248-based Voice Service (on a Web


Page)
Configuring the H.248-based Voice Service (on a Web Page)

The OLT is connected to the remote ONT through a GPON port to provide users with the IP-based high-quality and
low-cost VoIP service.

Prerequisites

 The interface data and POTS user configuration data corresponding to the MG interface have been configured
on the MGC.

 The OLT has been connected to the MGC. The OLT can ping the IP address of the MGC server successfully.

 The ONT has been added to the OLT. For details, see Adding an ONT to an OLT .

2024-09-17 64
MA5800 Product Documentation

 Different voice services require different ONT software versions. Before the configuration, ensure that the
current ONT software version supports H.248. For details, see relevant ONT manuals.

 The Web page and NMS window for configuring ONT varies with ONT versions, but the parameter
configuration is the same. For details, see relevant ONT manuals.

Data Plan

Item Data

ONT line Profile name: ftth


profile GEM port ID: 12

VLAN plan Single VLAN tag:


VLAN ID: 300
VLAN type: smart
VLAN attribute: common
CVLAN=SVLAN
VLAN translation policy:
ONT: VLANs are configured for the ONTs on the same network in a unified manner, and the ONTs have
the same C-VLAN. The ONT adds a C-VLAN tag to packets.
OLT: transparently transmits the VLAN.

Voice IP address of the MGC server: 10.10.100.10/24


parameter Port ID of the MGC server: 2944
MG Domain: 0100000001 or 0100000002

Procedure

 Configure the OLT.

1. Configure a traffic profile.


Run the display traffic table ip command to query the existing traffic profiles in the system. If the
existing traffic profiles in the system do not meet the requirements, run the traffic table ip command
to add a traffic profile.
Set the profile name to ftth_voip and do not limit the upstream and downstream rates. Set the priority
to 5 and packets are scheduled according to the priority carried.

huawei(config)#traffic table ip name ftth_voip cir off priority 5 priority-policy

local-setting

2. Configure the mapping relationship between a GEM port and a VLAN.


The service flow of user VLAN 300 is mapped to GEM port 12 in the ONT line profile.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#gem mapping 12 2 vlan 300
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

2024-09-17 65
MA5800 Product Documentation

3. Create a service VLAN and add an upstream port to it.


Add upstream port 0/9/0 to VLAN 300.

huawei(config)#vlan 300 smart


huawei(config)#port vlan 300 0/9 0

4. Create service flows.


Set the service VLAN to 300, GEM port ID to 12, and user VLAN to 300, and use traffic profile ftth_voip.

huawei(config)#service-port vlan 300 gpon 0/1/0 ont 1 gemport 12 multi-service

user-vlan 300 inbound traffic-table name ftth_voip outbound traffic-table name ftth_voip

huawei(config)#service-port vlan 300 gpon 0/1/0 ont 2 gemport 12 multi-service

user-vlan 300 inbound traffic-table name ftth_voip outbound traffic-table name ftth_voip

5. Enable the ARP proxy function.


Voice media streams for different users of the same SVLAN fail to interchange because the service ports
of the smart VLAN are isolated from each other. Therefore, the ARP proxy function needs to be enabled
on the OLT.

huawei(config)#arp proxy enable


huawei(config)#interface vlanif 300
huawei(config-if-vlanif300)#arp proxy enable
huawei(config-if-vlanif300)#quit

6. Save the configurations.

huawei(config)#save

 Configure the ONT on the Web page.

1. Log in to the Web configuration page.

a. Configure the IP address of the PC network adapter to be in the same network segment with the
IP address of the local maintenance Ethernet port on the ONT.

b. Open the Web browser, and enter the IP address (https with high priority is recommended) of
the local maintenance Ethernet port on the ONT. In the login window that is displayed, enter the
user name and password of the administrator. After the password is authenticated, the web
configuration window is displayed.

To enhance system security, change the password to a password that meets security requirements after
the first successful login. It is recommended that you change the password periodically.

2. Configure the voice protocol.

2024-09-17 66
MA5800 Product Documentation

The default voice protocol is SIP. Therefore, change the voice protocol first.

3. Configure parameters for the voice WAN interface.

4. Configure parameters for the H.248-based voice interface.

2024-09-17 67
MA5800 Product Documentation

 The parameters of the H.248-based voice interface must be consistent with the corresponding configuration
on the media gateway controller (MGC).
 If dual-homing is configured, Address of the Standby MGC must be configured.
 MID Format can be set to Domain Name, IP, or Device Name. If MID Format is set to Domain Name or
Device Name, the setting must be consistent with the corresponding configuration on the MGC.
 MG Domain is ONT's domain name registered with the MGC. It is globally unique. MG Domain in this
example is ONT's password.
 If Media Port is empty, the parameter value is the same as Signaling Port. The media streams are not
isolated from signaling streams. If the upper-layer network requires isolation of media streams from
signaling streams, create different traffic streams for the media streams and signaling streams on the OLT,
create different WAN ports on the ONT, and bind the created WAN ports to Media Port and Signaling Port.
When the packet is forwarded from two WAN ports, the configured VLAN is carried by default.
 When the ONT is interconnected with a third-party softswitch, check RTP TID Prefix, Start Number of
RTP TID, and Width of RTP TID Number.

5. Check the registration status of the voice user.

1.2.3.6 Configuring the H.248-based Voice Service (Through


the CLI)
Configuring the H.248-based Voice Service (Through the CLI)

The OLT manages ONTs and applies VoIP configurations to the ONT using the OMCI protocol. This topic describes
how to configure the H.248-based voice service.

Prerequisites
 The interface data and POTS user configuration data corresponding to the MG interface have been configured
on the MGC.

 The OLT has been connected to the MGC. The OLT can ping the IP address of the MGC server successfully.

 The ONT has been added to the OLT. For details, see Adding an ONT to an OLT .

 Different voice services require different ONT software versions. Before the configuration, ensure that the
current ONT software version supports H.248. For details, see relevant ONT manuals.

 The Web page and NMS window for configuring ONT varies with ONT versions, but the parameter
configuration is the same. For details, see relevant ONT manuals.

2024-09-17 68
MA5800 Product Documentation

Data Plan

Item Data

ONT line Profile name: ftth


profile GEM port ID: 12

VLAN plan Single VLAN tag:


VLAN ID: 300
VLAN type: smart
VLAN attribute: common
CVLAN=SVLAN
VLAN translation policy:
ONT: VLANs are configured for the ONTs on the same network in a unified manner, and the ONTs have
the same C-VLAN. The ONT adds a C-VLAN tag to packets.
OLT: transparently transmits the VLAN.

Voice IP address of the MGC server: 10.10.100.10/24


parameter Port ID of the MGC server: 2944
MG Domain: 0100000001 or 0100000002

Procedure

1. Configure a traffic profile.


Run the display traffic table ip command to query the existing traffic profiles in the system. If the existing
traffic profiles in the system do not meet the requirements, run the traffic table ip command to add a traffic
profile.

2. Configure the mapping relationship between a GEM port and a VLAN.


The service flow of user VLAN 300 is mapped to GEM port 12 in the ONT line profile.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#gem mapping 12 2 vlan 300
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

3. Create a service VLAN and add an upstream port to it.


Add upstream port 0/9/0 to VLAN 300.

huawei(config)#vlan 300 smart


huawei(config)#port vlan 300 0/9 0

4. Create service flows.


Set the service VLAN to 300, GEM port ID to 12, and user VLAN to 300, and use traffic profile ftth_voip.

huawei(config)#service-port vlan 300 gpon 0/1/0 ont 1 gemport 12 multi-service

user-vlan 300 inbound traffic-table name ftth_voip outbound traffic-table name ftth_voip

huawei(config)#service-port vlan 300 gpon 0/1/0 ont 2 gemport 12 multi-service

user-vlan 300 inbound traffic-table name ftth_voip outbound traffic-table name ftth_voip

2024-09-17 69
MA5800 Product Documentation

5. Enable the ARP proxy function.


Voice media streams for different users of the same SVLAN fail to interchange because the service ports of
the smart VLAN are isolated from each other. Therefore, the ARP proxy function needs to be enabled on the
OLT.

huawei(config)#arp proxy enable


huawei(config)#interface vlanif 300
huawei(config-if-vlanif300)#arp proxy enable
huawei(config-if-vlanif300)#quit

6. Configure ONT voice profiles.


ONT voice service configurations include the VoIP service provisioning mode, ONT voice profiles, voice
users, and voice-related parameters.

ONT voice profiles include the common MG interface attribute profile, POTS port profile, MGC profile, and
voice signal profile.

 Common MG interface attribute profile: saves common attributes of an ONT voice interface, including
the fax mode, fax/modem negotiation mode, and priority of the coding and decoding mode.

 POTS port profile: saves physical attributes of a POTS port on an ONT, including the impedance, Tx
gain, Rx gain, and signaling type of a POTS port.

 MGC profile: saves the IP address or domain name of an MGC, protocol port ID of the MGC transport
layer to which the MG interface belongs, and DSCP priority of media packets.

 Voice signal profile: saves the ONT signal tone and ringing tone.

Currently, the common MG interface attribute profile, POTS port profile, and MGC profile can be applied to
an H.248 interface, and the voice signal profile can be bound to an H.248 interface.
For profiles that can be applied to an H.248 interface, if parameters in those profiles are changed, those
profiles must be reapplied to the H.248 interface so that the changed parameters can take effect. For profiles
that can be bound to an H.248 interface, if parameters in those profiles are changed, those profiles do not
need to be rebound to the H.248 interface and the changed parameters can take effect.

a. Configure the VoIP service provisioning mode.


Run the ont voip config-method command to configure the VoIP service provisioning mode. Run the
display ont info command to query the mode of issuing VoIP services.
In this example, the mode is default, that is, the VoIP service provisioning mode is depended on the
actual service provisioning mode on the ONT. Run this command to select a proper mode if the
system supports multiple voice service provisioning modes. The service provisioning modes can be
OMCI, FTP, and TR069.

FTP has security risks. The OMCI and TR069 service provisioning modes are recommended.

b. Configure and apply an MG interface public attribute profile.


In this example, the default profile 1 is used.

2024-09-17 70
MA5800 Product Documentation

i. Configure an MG interface public attribute profile.


Run the display ont-mg-attribute-profile command to query the existing profile in the
system. If the existing profile in the system does not meet the requirements, run the ont-mg-
attribute-profile add command to add a profile.

ii. Apply a common MG interface attribute profile.


Run the ont-if-h248 bat-apply command to apply profiles in batches to H.248 interfaces and
run the if-h248 attribute command to apply a profile to an H.248 interface or configure
customized parameters on an H.248 interface. If you run these two commands to apply profiles
in batches or configure customized parameters repeatedly, the last configurations take effect.

c. Configure and apply a POTS port profile.


In this example, the default profile 1 is used.

i. Configure a POTS port profile.


Run the display ont-pots-profile command to query the existing profile in the system. If the
existing profile in the system does not meet the requirements, run the ont-pots-profile add
command to add a profile.

ii. Apply a POTS port profile.


Run the ont-pstnport electric bat-apply command to apply POTS port profiles in batches and
run the pstnport electric command to apply a POTS port profile to an H.248 interface or
configure customized parameters on an H.248 interface. If you run these two commands to
apply profiles in batches or configure customized parameters repeatedly, the last
configurations take effect.

d. Configure the voice WAN port of the ONT.


For ONT 1 and ONT 2, configure the IP address obtaining mode to DHCP, set the management VLAN
to VLAN 300, and use default values for other parameters.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont ipconfig 0 1 dhcp vlan 300
huawei(config-if-gpon-0/1)#ont ipconfig 0 2 dhcp vlan 300

e. Configure and apply an MGC profile.

i. Configure and apply an MGC profile.


Run the display ont-mgc-profile command to query the existing profile in the system. If the
existing profile in the system does not meet the requirements, run the ont-mgc-profile add
command to add a profile.

Create MGC profile 2, set the IP address of the MGC to 10.10.100.10, and use default values for
other parameters.

huawei(config)#ont-mgc-profile add profile-id 2 primary-mgc 10.10.100.10

ii. Add an H.248 interface and apply an MGC profile to the interface.

For ONT 1 and ONT 2, set the MG ID to 1, apply MGC profile 2 to ONT 1 and ONT 2, and use
default values for other parameters.

2024-09-17 71
MA5800 Product Documentation

huawei(config-if-gpon-0/1)#if-h248 add 0 1 1 mgc-profile profile-id 2


huawei(config-if-gpon-0/1)#if-h248 add 0 2 1 mgc-profile profile-id 2

f. Add POTS users.


For ONT 1 and ONT 2, create a POTS user, set the MG ID to 1 (identical to the MG ID of the H.248
interface), and set the physical terminal port ID to A0 and A1.

huawei(config-if-gpon-0/1)#mgpstnuser add 0 1 1 mgid 1 terminalid A0


huawei(config-if-gpon-0/1)#mgpstnuser add 0 2 1 mgid 1 terminalid A1

Run the display mgpstnuser attribute command to check whether the configuration of the POTS
user is properly set.

huawei(config-if-gpon-0/1)#display mgpstnuser attribute 0 1 1


------------------------------------------------------------------------------
F/S/P : 0/1/0
ONT ID :1
Port ID :1

MG ID :1
Terminal ID : A0
...//The rest of the response information is omitted.

huawei(config-if-gpon-0/1)#display mgpstnuser attribute 0 2 1


------------------------------------------------------------------------------
F/S/P : 0/1/0
ONT ID :2
Port ID :1

MG ID :1
Terminal ID : A1
...//The rest of the response information is omitted.

g. Configure and bind the voice signal profile.


In this example, the default profile 1 is used.

i. Configure the voice signal profile.


Run the display ont-voipsignal-profile command to query the existing profiles in the system.
If the existing profile in the system does not meet the requirement, run the ont-voipsignal-
profile command to add a profile.

ii. Configure the ONT signal tone.


Run the display ont-tone command to query the existing configuration in the system. If the
existing configuration in the system does not meet the requirement, run the ont-tone add
command to add signal tone parameters. The ONT signal tone will not be configured
independently in this example.

2024-09-17 72
MA5800 Product Documentation

iii. Configure ONT ringing parameters.


Run the display ont-ring command to query the existing configuration in the system. If the
existing configuration in the system does not meet the requirement, run the ont-ring add
command to add ringing parameters. The ONT ringing parameter will not be configured
independently in this example.

iv. Run the commit command to save parameters of the voice signal profile to the database.

v. Bind the voice signal profile.


Run the ont-voipsignal bat-bind command to bind voice signal profiles in batches or run the
voipsignal command to bind a voice signal profile to an ONT. If you run these two commands
to bind profiles in batches or bind a voice signal profile to an ONT repeatedly, the last
configurations take effect.

h. (Optional) Configure the H.248 user codec.


Run the mgpstnuser codec command to configure the H.248 user codec. The H.248 user codec will
not be configured independently in this example.
i. (Optional) Configure the global VoIP media attributes of the ONT.
Run the ont-voip-media attribute command to configure the global VoIP media attributes of the
ONT. Before configuration, ensure that the configured media attributes are supported by the
corresponding ONT. Otherwise, the ONT configuration will fail. The global VoIP media attributes of
the ONT will not be configured independently in this example.

7. Save the configurations.

huawei(config)#save

1.2.3.7 Configuring the SIP-based Voice Service (on a Web


Page)
Configuring the SIP-based Voice Service (on a Web Page)

The OLT is connected to the remote ONT through a GPON port to provide users with the SIP-based high-quality
and low-cost VoIP service.

Prerequisites

 The SIP interface data and POTS user configuration data corresponding to the MG interface have been
configured on the SIP server.

 The connection between the OLT and the SIP server is set up. The OLT can ping the IP address of the SIP
server successfully.

 The ONT has been added to the OLT. For details, see Adding an ONT to an OLT .

 Different voice services require different ONT software versions. Before the configuration, ensure that the
current ONT software version supports SIP. For details, see relevant ONT manuals.

 The Web page and NMS window for configuring ONT varies with ONT versions, but the parameter
configuration is the same. For details, see relevant ONT manuals.

2024-09-17 73
MA5800 Product Documentation

Data Plan

Item Data

ONT line Profile name: ftth


profile GEM port ID: 12

VLAN plan Single VLAN tag:


VLAN ID: 300
VLAN type: smart
VLAN attribute: common
CVLAN=SVLAN
VLAN translation policy:
ONT: VLANs are configured for the ONTs on the same network in a unified manner, and the ONTs have
the same C-VLAN. The ONT adds a C-VLAN tag to packets.
OLT: transparently transmits the VLAN.

Voice IP address of the SIP server: 10.10.100.10/24


parameter Port ID of the SIP server: 5060
Home domain name: example.com
User phone number 1: 12345610
User phone number 2: 12345620

Procedure

 Configure the OLT.

1. Configure a traffic profile.


Run the display traffic table ip command to query the existing traffic profiles in the system. If the
existing traffic profiles in the system do not meet the requirements, run the traffic table ip command
to add a traffic profile.
Set the profile name to ftth_voip and do not limit the upstream and downstream rates. Set the priority
to 5 and packets are scheduled according to the priority carried.

huawei(config)#traffic table ip name ftth_voip cir off priority 5 priority-policy

local-setting

2. Configure the mapping relationship between a GEM port and a VLAN.


The service flow of user VLAN 300 is mapped to GEM port 12 in the ONT line profile.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#gem mapping 12 2 vlan 300
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

3. Create a service VLAN and add an upstream port to it.


Add upstream port 0/9/0 to VLAN 300.

huawei(config)#vlan 300 smart

2024-09-17 74
MA5800 Product Documentation

huawei(config)#port vlan 300 0/9 0

4. Create service flows.


Set the service VLAN to 300, GEM port ID to 12, and user VLAN to 300, and use traffic profile ftth_voip.

huawei(config)#service-port vlan 300 gpon 0/1/0 ont 1 gemport 12 multi-service

user-vlan 300 inbound traffic-table name ftth_voip outbound traffic-table name ftth_voip

huawei(config)#service-port vlan 300 gpon 0/1/0 ont 2 gemport 12 multi-service

user-vlan 300 inbound traffic-table name ftth_voip outbound traffic-table name ftth_voip

5. Enable the ARP proxy function.


Voice media streams for different users of the same SVLAN fail to interchange because the service ports
of the smart VLAN are isolated from each other. Therefore, the ARP proxy function needs to be enabled
on the OLT.

huawei(config)#arp proxy enable


huawei(config)#interface vlanif 300
huawei(config-if-vlanif300)#arp proxy enable
huawei(config-if-vlanif300)#quit

6. Save the configurations.

huawei(config)#save

 Configure the ONT on the Web page.

1. Log in to the Web configuration page.

a. Configure the IP address of the PC network adapter to be in the same network segment with the
IP address of the local maintenance Ethernet port on the ONT.

b. Open the Web browser, and enter the IP address (https with high priority is recommended) of
the local maintenance Ethernet port on the ONT. In the login window that is displayed, enter the
user name and password of the administrator. After the password is authenticated, the web
configuration window is displayed.

To enhance system security, change the password to a password that meets security requirements after
the first successful login. It is recommended that you change the password periodically.

2. Optional: Configure the voice protocol.

The default voice protocol is SIP. If the protocol is not changed, skip this step.

2024-09-17 75
MA5800 Product Documentation

3. Configure parameters for the voice WAN interface.

4. Configure parameters for the SIP-based voice interface.

 The parameters of the SIP-based voice interface must be consistent with the corresponding configuration
on the softswitch.
 If dual-homing is configured, Address of the Standby Proxy Server must be configured.
 If Signaling Port is empty, the parameter value is the same as Media Port. If the upper-layer network
requires isolation of media streams from signaling streams, create different traffic streams for the media
streams and signaling streams on the OLT, create different WAN ports on the ONT, and bind the created
WAN ports to Media Port and Signaling Port. When the packet is forwarded from two WAN ports, the
configured VLAN is carried by default.
 If Associated POTS Port is 1, port TEL1 on the ONT is bound. If Associated POTS Port is 2, port TEL2 on
the ONT is bound.

2024-09-17 76
MA5800 Product Documentation

5. Check the registration status of the voice user.

1.2.3.8 Configuring the SIP-based Voice Service (Through the


CLI)
Configuring the SIP-based Voice Service (Through the CLI)

The OLT manages ONTs and applies VoIP configurations to the ONT using the OMCI protocol. This topic describes
how to configure the SIP-based voice service.

2024-09-17 77
MA5800 Product Documentation

Prerequisites
 The SIP interface data and POTS user configuration data corresponding to the MG interface have been
configured on the SIP server.

 The connection between the OLT and the SIP server is set up. The OLT can ping the IP address of the SIP
server successfully.

 The ONT has been added to the OLT. For details, see Adding an ONT to an OLT .

 Different voice services require different ONT software versions. Before the configuration, ensure that the
current ONT software version supports SIP. For details, see relevant ONT manuals.

 The Web page and NMS window for configuring ONT varies with ONT versions, but the parameter
configuration is the same. For details, see relevant ONT manuals.

Data Plan

Item Data

ONT line Profile name: ftth


profile GEM port ID: 12

VLAN plan Single VLAN tag:


VLAN ID: 300
VLAN type: smart
VLAN attribute: common
CVLAN=SVLAN
VLAN translation policy:
ONT: VLANs are configured for the ONTs on the same network in a unified manner, and the ONTs have
the same C-VLAN. The ONT adds a C-VLAN tag to packets.
OLT: transparently transmits the VLAN.

Voice IP address of the SIP server: 10.10.100.10/24


parameter Port ID of the SIP server: 5060
Home domain name: example.com
User phone number 1: 12345610
User phone number 2: 12345620

Procedure

1. Configure a traffic profile.


Run the display traffic table ip command to query the existing traffic profiles in the system. If the existing
traffic profiles in the system do not meet the requirements, run the traffic table ip command to add a traffic
profile.
Set the profile name to ftth_voip and do not limit the upstream and downstream rates. Set the priority to 5
and packets are scheduled according to the priority carried.

huawei(config)#traffic table ip name ftth_voip cir off priority 5 priority-policy

2024-09-17 78
MA5800 Product Documentation

local-setting

2. Configure the mapping relationship between a GEM port and a VLAN.


The service flow of user VLAN 300 is mapped to GEM port 12 in the ONT line profile.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#gem mapping 12 2 vlan 300
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

3. Create a service VLAN and add an upstream port to it.


Add upstream port 0/9/0 to VLAN 300.

huawei(config)#vlan 300 smart


huawei(config)#port vlan 300 0/9 0

4. Create service flows.


Set the service VLAN to 300, GEM port ID to 12, and user VLAN to 300, and use traffic profile ftth_voip.

huawei(config)#service-port vlan 300 gpon 0/1/0 ont 1 gemport 12 multi-service

user-vlan 300 inbound traffic-table name ftth_voip outbound traffic-table name ftth_voip

huawei(config)#service-port vlan 300 gpon 0/1/0 ont 2 gemport 12 multi-service

user-vlan 300 inbound traffic-table name ftth_voip outbound traffic-table name ftth_voip

5. Enable the ARP proxy function.


Voice media streams for different users of the same SVLAN fail to interchange because the service ports of
the smart VLAN are isolated from each other. Therefore, the ARP proxy function needs to be enabled on the
OLT.

huawei(config)#arp proxy enable


huawei(config)#interface vlanif 300
huawei(config-if-vlanif300)#arp proxy enable
huawei(config-if-vlanif300)#quit

6. Configure ONT voice profiles.


ONT voice service configurations include the VoIP service provisioning mode, ONT voice profiles, voice
users, and voice-related parameters.

ONT voice profiles include the common MG interface attribute profile, POTS port profile, SIP service profile,
SIP agent profile, digitmap profile, and voice signal profile.

 Common MG interface attribute profile: saves common attributes of an ONT voice interface, including
the fax mode, fax/modem negotiation mode, and priority of the coding and decoding mode.

 POTS port profile: saves physical attributes of a POTS port on an ONT, including the impedance, Tx
gain, Rx gain, and signaling type of a POTS port.

 SIP service data profile: saves the data information about the ONT voice service, including the rights of
call waiting (CW), three-way calling (3WC), call transfer (CT), and call hold (CH).

 SIP agent profile: saves the SIP agent information about an ONT, including the IP address and domain
name of the SIP agent server and attributes of media packets and signaling packets.

2024-09-17 79
MA5800 Product Documentation

 Digitmap profile: saves the digitmap information about an ONT, including the timeout time of the
digitmap timer and the digitmap format.

 Voice signal profile: saves the ONT signal tone and ringing tone.

Currently, the common MG interface attribute profile, POTS port profile, SIP service profile, and SIP agent
profile can be applied to an SIP interface, and the digitmap profile and voice signal profile can be bound to
an SIP interface.
For profiles that can be applied to an SIP interface, if parameters in those profiles are changed, those profiles
must be reapplied to the SIP interface so that the changed parameters can take effect. For profiles that can
be bound to an SIP interface, if parameters in those profiles are changed, those profiles do not need to be
rebound to the SIP interface and the changed parameters can take effect.

a. Configure the VoIP service provisioning mode.


Run the ont voip config-method command to configure the VoIP service provisioning mode. Run the
display ont info command to query the mode of issuing VoIP services.
In this example, the mode is default, that is, the VoIP service provisioning mode is depended on the
actual service provisioning mode on the ONT. Run this command to select a proper mode if the
system supports multiple voice service provisioning modes. The service provisioning modes can be
OMCI, FTP, and TR069.

FTP has security risks. The OMCI and TR069 service provisioning modes are recommended.

b. Configure and apply an MG interface public attribute profile.


In this example, the default profile 1 is used.

i. Configure an MG interface public attribute profile.


Run the display ont-mg-attribute-profile command to query the existing profile in the
system. If the existing profile in the system does not meet the requirements, run the ont-mg-
attribute-profile add command to add a profile.

ii. Apply a common MG interface attribute profile.


Run the ont-if-sip bat-apply command to apply profiles in batches to SIP interfaces and run
the if-sip attribute command to apply a profile to an SIP interface or configure customized
parameters on an SIP interface. If you run these two commands to apply profiles in batches or
configure customized parameters repeatedly, the last configurations take effect.

c. Configure and apply a POTS port profile.


In this example, the default profile 1 is used.

i. Configure a POTS port profile.


Run the display ont-pots-profile command to query the existing profile in the system. If the
existing profile in the system does not meet the requirements, run the ont-pots-profile add
command to add a profile.

ii. Apply a POTS port profile.

2024-09-17 80
MA5800 Product Documentation

Run the ont-pstnport electric bat-apply command to apply POTS port profiles in batches and
run the pstnport electric command to apply a POTS port profile to an SIP interface or
configure customized parameters on an SIP interface. If you run these two commands to apply
profiles in batches or configure customized parameters repeatedly, the last configurations take
effect.

d. Configure the voice WAN port of the ONT.


For ONT 1 and ONT 2, configure the IP address obtaining mode to DHCP, set the management VLAN
to VLAN 300, and use default values for other parameters.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont ipconfig 0 1 dhcp vlan 300
huawei(config-if-gpon-0/1)#ont ipconfig 0 2 dhcp vlan 300

e. Configure and apply an SIP agent profile.

i. Configure an SIP agent profile.


Run the display ont-sipagent-profile command to query the existing profile in the system. If
the existing profile in the system does not meet the requirements, run the ont-sipagent-
profile add command to add a profile.

Create SIP agent profile 2, set the IP address of the SIP server to 10.10.100.10, and use default
values for other parameters.

huawei(config)#ont-sipagent-profile add profile-id 2 proxy-server 10.10.100.10

ii. Add an SIP interface and apply an SIP agent profile to the interface.

For ONT 1 and ONT 2, set the MG ID to 1, apply SIP agent profile 2 to ONT 1 and ONT 2, and use
default values for other parameters.

huawei(config-if-gpon-0/1)#if-sip add 0 1 1 sipagent-profile profile-id 2


huawei(config-if-gpon-0/1)#if-sip add 0 2 1 sipagent-profile profile-id 2

f. Add POTS users.


For ONT 1 and ONT 2, set the MG ID to 1 (identical to the MG ID of the added SIP interface), create
two POTS users named user11 and user2, set passwords to user1 and user2, set their phone numbers
to 12345610 and 12345620 and use default values for other parameters.

huawei(config-if-gpon-0/1)#sippstnuser add 0 1 1 mgid 1 username user1 telno 12345610


huawei(config-if-gpon-0/1)#sippstnuser add 0 2 1 mgid 1 username user2 telno 12345620

Run the display sippstnuser attribute command to check whether the configuration of the POTS
user is properly set.

huawei(config-if-gpon-0/1)#display sippstnuser attribute 0 1 1


------------------------------------------------------------------------------
F/S/P : 0/1/0
ONT ID :1
Port ID :1

2024-09-17 81
MA5800 Product Documentation

MG ID :1
Telephone NO. : 12345610
User name : user1
Password : user1
...//The rest of the response information is omitted.

huawei(config-if-gpon-0/1)#display sippstnuser attribute 0 2 1


------------------------------------------------------------------------------
F/S/P : 0/1/0
ONT ID :2
Port ID :1

MG ID :1
Telephone NO. : 12345620
User name : user2
Password : user2
...//The rest of the response information is omitted.

g. Configure and apply an SIP service profile.


In this example, the default profile 1 is used.

i. Configure an SIP service profile.


Run the display ont-siprightflag-profile command to query the existing profile in the system.
If the existing profile in the system does not meet the requirements, run the ont-siprightflag-
profile add command to add a profile.

ii. Apply an SIP service profile.


Run the ont-sippstnuser bat-apply from command to apply profiles in batches to SIP
interfaces and run the sippstnuser rightflag command to apply a profile to a SIP interface or
configure customized parameters on a SIP interface. If you run these two commands to apply
profiles in batches or configure customized parameters repeatedly, the last configurations take
effect.

h. Configure and bind a digitmap profile.


In this example, the default profile 1 is used.

i. Configure a digitmap profile.


Run the display ont-digitmap-profile command to query the existing profile in the system. If
the existing profile in the system does not meet the requirements, run the ont-digitmap-
profile add command to add a profile.

ii. Bind a digitmap profile.


Run the ont-sippstnuser bat-bind from command to apply profiles in batches to SIP
interfaces, or run the sippstnuser digitmap command to bind a profile to an SIP interface. If
you use these two commands to bind the profile to SIP ports repeatedly, the last configurations
take effect.

2024-09-17 82
MA5800 Product Documentation

i. Configure and bind the voice signal profile.


In this example, the default profile 1 is used.

i. Configure the voice signal profile.


Run the display ont-voipsignal-profile command to query the existing profiles in the system.
If the existing profile in the system does not meet the requirement, run the ont-voipsignal-
profile command to add a profile.

ii. Configure the ONT signal tone.


Run the display ont-tone command to query the existing configuration in the system. If the
existing configuration in the system does not meet the requirement, run the ont-tone add
command to add signal tone parameters. The ONT signal tone will not be configured
independently in this example.

iii. Configure ONT ringing parameters.


Run the display ont-ring command to query the existing configuration in the system. If the
existing configuration in the system does not meet the requirement, run the ont-ring add
command to add ringing parameters. The ONT ringing parameter will not be configured
independently in this example.

iv. Run the commit command to save parameters of the voice signal profile to the database.

v. Bind the voice signal profile.


Run the ont-voipsignal bat-bind command to bind voice signal profiles in batches or run the
voipsignal command to bind a voice signal profile to an ONT. If you run these two commands
to bind profiles in batches or bind a voice signal profile to an ONT repeatedly, the last
configurations take effect.

j. (Optional) Configure the SIP user codec.


Run the sippstnuser codec command to configure the SIP user codec. The SIP user codec will not be
configured independently in this example.
k. (Optional) Configure the global VoIP media attributes of the ONT.
Run the ont-voip-media attribute command to configure the global VoIP media attributes of the
ONT. Before configuration, ensure that the configured media attributes are supported by the
corresponding ONT. Otherwise, the ONT configuration will fail. The global VoIP media attributes of
the ONT will not be configured independently in this example.

7. Save the configurations.

huawei(config)#save

1.2.3.9 Configuring the BTV Service


Configuring the BTV Service

The OLT is connected to the remote bridging ONT through a GPON port to provide users with the multicast service.

Prerequisites

2024-09-17 83
MA5800 Product Documentation

 The OLT is connected to the BRAS and the multicast source.

 The VLAN of the LAN switch port connected to the OLT is the same as the upstream VLAN of the OLT.

 The ONT has been added to the OLT. For details, see Adding an ONT to an OLT .

Data Plan

Table 1 Data plan

Item Data

ONT line profile Profile name: ftth


GEM port ID: 13

Traffic profile ID: 8


802.1p priority: 4
CIR: off (unlimited)
Priority-based scheduling policy: local-setting

VLAN Plan Single VLAN tag:


SVLAN ID: 1000
MVLAN ID: 1000
VLAN type: smart
VLAN attribute: common
VLAN translation policy:
ONT: duplicates packets based on user ports and multicast VLANs (MVLANs) are stripped off
downstream.
OLT: duplicates multicast packets based on PON ports with MVLAN unchanged.

Multicast service Multicast protocol: IGMP proxy


data Multicast version: IGMPv2
Multicast program: dynamic obtaining mode

Procedure

 Configure the OLT.

1. Configure a traffic profile.


Set the profile name to ftth_iptv. Set the CIR to off (unlimited), priority to 4, and priority-based
scheduling policy to local-setting (that is, queues are scheduled based on the priority specified in the
profile).

Run the display traffic table ip command to query the existing traffic profiles in the system. If the existing traffic
profiles in the system do not meet the requirements, run the traffic table ip command to add a traffic profile.

huawei(config)#traffic table ip name ftth_iptv cir off priority 4 priority-policy local-setting

2. Configure the mapping relationship between a GEM port and a VLAN.

2024-09-17 84
MA5800 Product Documentation

The service flow of user VLAN 1000 is mapped to GEM port 13 in the ONT line profile.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#gem mapping 13 4 vlan 1000
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

3. Configure the VLAN of the Ethernet port on the ONT and the multicast forwarding mode.
If the ONT is connected to the STB through Ethernet port 2, add Ethernet port 2 to VLAN 1000.
Configure the multicast forwarding mode is untagged.

huawei(config)#ont-srvprofile gpon profile-name ftth


huawei(config-gpon-srvprofile-1)#port vlan eth 2 1000
huawei(config-gpon-srvprofile-1)#multicast-forward untag
huawei(config-gpon-srvprofile-1)#commit
huawei(config-gpon-srvprofile-1)#quit

4. Configure the native VLAN of the ONT port.


If the ONT is connected to the STB through Ethernet port 2, the native VLAN ID is 1000.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont port native-vlan 0 1 eth 2 vlan 1000
huawei(config-if-gpon-0/1)#ont port native-vlan 0 2 eth 2 vlan 1000
huawei(config-if-gpon-0/1)#quit

5. Create a service VLAN and add an upstream port to it.


Add upstream port 0/9/0 to VLAN 1000.

huawei(config)#vlan 1000 smart


huawei(config)#port vlan 1000 0/9 0

6. Create service flows.


Set the service VLAN to 1000, GEM port ID to 13, and user VLAN to 1000, and use traffic profile
ftth_iptv.

huawei(config)#service-port 1 vlan 1000 gpon 0/1/0 ont 1 gemport 13 multi-service

user-vlan 1000 inbound traffic-table name ftth_iptv outbound traffic-table name ftth_iptv

huawei(config)#service-port 2 vlan 1000 gpon 0/1/0 ont 2 gemport 13 multi-service

user-vlan 1000 inbound traffic-table name ftth_iptv outbound traffic-table name ftth_iptv

7. Create an MVLAN and configure the IGMP version.


Set the IGMP version for the MVLAN to IGMPv2.

huawei(config)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp version v2
This operation will delete all IPv4 programs with source IP addresses in the
current multicast VLAN
Are you sure to change current IGMP version? (y/n)[n]:y
Command is being executed. Please wait...
Command has been executed successfully

2024-09-17 85
MA5800 Product Documentation

8. Configure a program library.

Set the mode for obtaining multicast programs to dynamic.

You can set the mode for obtaining multicast programs to dynamic only when the IGMP mode is off.

huawei(config-mvlan1000)#igmp mode off


Are you sure to close IGMP? (y/n)[n]:y
Command is being executed. Please wait...
Command has been executed successfully

huawei(config-mvlan1000)#igmp match mode disable


Command has been executed successfully

(Optional) Set the address range for the dynamic programs. If you need to limit the address range of
dynamic programs, perform this operation. For example, set the address range of dynamic programs to
224.1.1.1-224.1.1.100.

huawei(config-mvlan1000)#igmp match group ip 224.1.1.1 to-ip 224.1.1.100

9. Set the IGMP mode.


Select the IGMP proxy mode.

huawei(config-mvlan1000)#igmp mode proxy


Are you sure to change IGMP mode? (y/n)[n]:y
Command is being executed. Please wait...
Command has been executed successfully

10. (Optional) Configure the IGMP upstream port.


In this example, the IGMP upstream port uses default value default.
Run the display igmp config global command to query the IGMP upstream port mode. If this mode
does not meet the requirement, run the igmp uplink-port-mode command to configure it.
11. Configure multicast users.
Add service ports 1 and 2 as multicast users.

huawei(config-mvlan1000)#btv
huawei(config-btv)#igmp user add service-port 1
huawei(config-btv)#igmp user add service-port 2
huawei(config-btv)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp multicast-vlan member service-port 1
huawei(config-mvlan1000)#igmp multicast-vlan member service-port 2
huawei(config-mvlan1000)#quit

12. Save the configurations.

huawei(config)#save

 The ONT does not need to be configured.

2024-09-17 86
MA5800 Product Documentation

1.2.3.10 Configuring the VoD Service


Configuring the VoD Service

The OLT is connected to the remote bridging ONT through a GPON port to provide users with the VoD service.

Prerequisites

 The OLT is connected to the BRAS and the program source.

 The VLAN of the LAN switch port connected to the OLT is the same as the upstream VLAN of the OLT.

 The ONT has been added to the OLT. For details, see Adding an ONT to an OLT .

Data Plan

Item Data

ONT line profile Profile name: ftth


GEM port ID: 13

Traffic profile ID: 8


802.1p priority: 4
CIR: off (unlimited)
Priority-based scheduling policy: local-setting

VLAN Plan Single VLAN tag:


SVLAN ID: 1000
VLAN type: smart
VLAN attribute: common
CVLAN=SVLAN
VLAN translation policy:
ONT: adds CVLAN tags to iTV service packets.
OLT: transparently transmits packets with SVLANs.

Procedure

1. Configure the OLT.

a. Configure a traffic profile.


Set the profile name to ftth_iptv. Set the CIR to off (unlimited), priority to 4, and priority-based
scheduling policy to local-setting (that is, queues are scheduled based on the priority specified in the
profile).

Run the display traffic table ip command to query the existing traffic profiles in the system. If the existing
traffic profiles in the system do not meet the requirements, run the traffic table ip command to add a traffic
profile.

2024-09-17 87
MA5800 Product Documentation

huawei(config)#traffic table ip name ftth_iptv cir off priority 4 priority-policy local-setting

b. Configure the mapping relationship between a GEM port and a VLAN.


The service flow of user VLAN 1000 is mapped to GEM port 13 in the ONT line profile.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#gem mapping 13 4 vlan 1000
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

c. Configure the VLAN of the Ethernet port on the ONT.


If the ONT is connected to the STB through Ethernet port 2, add Ethernet port 2 to VLAN 1000.

huawei(config)#ont-srvprofile gpon profile-name ftth


huawei(config-gpon-srvprofile-1)#port vlan eth 2 1000
huawei(config-gpon-srvprofile-1)#commit
huawei(config-gpon-srvprofile-1)#quit

d. Configure the native VLAN of the ONT port.


If the ONT is connected to the STB through Ethernet port 2, the native VLAN ID is 1000.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont port native-vlan 0 1 eth 2 vlan 1000
huawei(config-if-gpon-0/1)#ont port native-vlan 0 2 eth 2 vlan 1000
huawei(config-if-gpon-0/1)#quit

e. Create a service VLAN and add an upstream port to it.


Add upstream port 0/9/0 to VLAN 1000.

huawei(config)#vlan 1000 smart


huawei(config)#port vlan 1000 0/9 0

f. Create service flows.


Set the service VLAN to 1000, GEM port ID to 13, and VLAN translation mode to transparent
transmission, and use traffic profile ftth_iptv.

huawei(config)#service-port vlan 1000 gpon 0/1/0 ont 1 gemport 13 inbound traffic-table name ftth_iptv

outbound traffic-table name ftth_iptv tag-transform transparent

huawei(config)#service-port vlan 1000 gpon 0/1/0 ont 2 gemport 13 inbound traffic-table name ftth_iptv

outbound traffic-table name ftth_iptv tag-transform transparent

g. Save the configurations.

huawei(config)#save

2. The ONT does not need to be configured.

1.2.3.11 Configuring Link Aggregation, Congestion Control,


and Security Policies
Configuring Link Aggregation, Congestion Control, and Security Policies

2024-09-17 88
MA5800 Product Documentation

The global configuration of link aggregation and queue scheduling based on priorities ensures service reliability.
The global configuration of security policies ensures service security.

Context
Link aggregation provides a higher bandwidth and uplink reliability for optical line terminals (OLTs) by
aggregating multiple uplink Ethernet ports to one link aggregation group (LAG).
Congestion control places the packets to be sent from a port into multiple queues that are marked with different
priorities. Then, the packets are sent based on queue priorities.

Security policies ensure system, user, and service security.

Enable a service security function based on the service type. For details, see Principle of Security Data Plan .

Procedure

 Configure link aggregation.


The following configurations are used as an example to configure link aggregation:

 Uplink ports 0/9/0 and 0/9/1 are added to a LAG.

 The two ports send packets upstream based on the packets' source MAC addresses.

 The LAG works in Link Aggregation Control Protocol (LACP) static aggregation mode.

huawei(config)#link-aggregation 0/9 0-1 ingress workmode lacp-static

 Configure queue scheduling.


According to quality of service (QoS) planning principles, all packets are scheduled in strict priority (SP) mode
and mapped to queues according to the packets' priorities. For details about QoS planning principles, see
Principle of QoS Planning .

huawei(config)#queue-scheduler strict-priority
huawei(config)#cos-queue-map cos0 0 cos4 4 cos5 5 cos6 6

 Configure system security.

 Enable deny of service (DoS) anti-attack on the OLT.

1. Run the security anti-dos enable command to globally enable DoS anti-attack.

2. Run the security anti-dos control-packet policy command to configure a protocol packet
processing policy that will be used when a DoS attack occurs.

3. Run the security anti-dos control-packet rate command to configure the threshold for the rate
of sending protocol packets to the CPU.

 Enable IP address anti-attack on the OLT.


Run the security anti-ipattack enable command to enable IP address anti-attack.

2024-09-17 89
MA5800 Product Documentation

 Configure user security.

 Enable MAC address anti-flapping on the OLT.


Run the security anti-macduplicate enable command to enable MAC address anti-flapping.

 Enable MAC address anti-spoofing on the OLT.

1. In global config mode, run the security anti-macspoofing enable command to globally enable
MAC address anti-spoofing.

2. Enable MAC address anti-spoofing at VLAN level in global config mode or service profile mode:

a. In global config mode, run the security anti-macspoofing vlan command to enable MAC
address anti-spoofing.

b. In global config mode, run the vlan service-profile command to create a VLAN service
profile.

c. Perform the following operations to enable MAC address anti-spoofing in VLAN service
profile mode:

i. Run the security anti-macspoofing enable command to enable MAC address anti-
spoofing at VLAN level.

ii. Run the commit command to make the profile configuration take effect.

iii. Run the quit command to quit the VLAN service profile mode.

iv. Run the vlan bind service-profile command to bind the created VLAN service
profile to a VLAN.

3. (Optional) Run the security anti-macspoofing max-mac-count command to set the maximum
number of MAC addresses that can be bound to a service flow.

4. (Optional) Run the security anti-macspoofing exclude command to configure the types of
packets for which MAC address anti-spoofing does not take effect, such as Internet Group
Management Protocol (IGMP) packets.

 Enable IP address anti-spoofing on the OLT.

IP address anti-spoofing can be enabled or disabled at three levels: global, VLAN, and service port levels.
This function takes effect only after it is enabled at the three levels. Among the three levels, IP address
anti-spoofing is disabled only at the global level by default.

1. In global config mode, run the security anti-ipspoofing enable command to enable IP address
anti-spoofing at the global level.

2. In VLAN service profile mode, run the security anti-ipspoofing enable command to enable IP
address anti-spoofing at the VLAN level.

3. Run the security anti-ipspoofing service-port serviceport-id enable command to enable IP


address anti-spoofing at the service port level.

 Configure service security.

2024-09-17 90
MA5800 Product Documentation

 Enable Dynamic Host Configuration Protocol (DHCP) Option 82 on the OLT. This configuration is
recommended for the DHCP-based Internet access service.

1. Enable DHCP Option 82 on the OLT.


DHCP Option 82 can be enabled or disabled at four levels: global, port, VLAN, and service port
levels. This function takes effect only after it is enabled at the four levels. Among the four levels,
DHCP Option 82 is disabled only at the global level by default.

 The global level: In global config mode, run the dhcp option82 command to enable DHCP
Option 82 at the global level.
When you run this command, select the enable, forward, or rebuild parameter based on
site requirements. The three parameters can all enable DHCP Option 82 but provide different
packet processing policies on the OLT. For details, see the dhcp option82 command.

 The port level: In global config mode, run the dhcp option82 port or dhcp option82 board
command to enable DHCP Option 82 at the port level.

 The VLAN level:

a. In global config mode, run the vlan service-profile command to create a VLAN
service profile.

b. Run the dhcp option82 enable command to enable DHCP Option 82 at the VLAN
level.

c. Run the commit command to make the profile configuration take effect.

d. Run the quit command to quit the VLAN service profile mode.

e. Run the vlan bind service-profile command to bind the created VLAN service profile
to a VLAN.

 The service port level: In global config mode, run the dhcp option82 service-port command
to enable DHCP Option 82 at the service port level.

2. On the OLT, run the dhcp-option82 permit-forwarding service-port command with the enable
parameter selected, to allow ONT DHCP packets to carry Option 82 information.

 Enable Policy Information Transfer Protocol (PITP) on the OLT. This configuration is recommended for
the PPPoE-based Internet access service.

1. Enable PITP on the OLT.


PITP can be enabled or disabled at four levels: global, port, VLAN, and service port levels. This
function takes effect only after it is enabled at the four levels. Among the four levels, PITP is
disabled only at the global level by default.

 The global level: In global config mode, run the pitp enable pmode, pitp forward pmode, or
pitp rebuild pmode command to enable PITP at the global level.
In the preceding commands, the enable, forward, and rebuild parameters can all enable
PITP but provide different packet processing policies on the OLT. Select one of them based
on site requirements. For details, see the pitp command.

2024-09-17 91
MA5800 Product Documentation

 The port level: In global config mode, run the pitp port or pitp board command to enable
PITP at the port level.

 The VLAN level:

a. In global config mode, run the vlan service-profile command to create a VLAN
service profile.

b. Run the pitp enable command to enable PITP at the VLAN level.

c. Run the commit command to make the profile configuration take effect.

d. Run the quit command to quit the VLAN service profile mode.

e. Run the vlan bind service-profile command to bind the created VLAN service profile
to a VLAN.

 The service port level: In global config mode, run the pitp service-port command to enable
PITP at the service port level.

2. On the OLT, run the pitp permit-forwarding service-port command with the enable parameter
selected, to allow ONT PPPoE packets to carry a vendor tag.

1.2.3.12 Verifying Services


Verifying Services

The ONTs are installed in users' houses which are far away from the central equipment room. ONTs provide
remote service verification methods including PPPoE dialup emulation, call emulation, and multicast emulation to
facilitate configuration and commissioning engineers to verify services remotely after service configuration.

Prerequisites
ONTs and upper-layer devices have been connected properly. The BRAS and MGC/IMS have been configured.

Background

Remote Service Function Description


Verification
Method

PPPoE dialup An ONT simulates a PPPoE user terminal software PPPoE dialup emulation requires a service
emulation to perform dialup and interact with the BRAS to flow which does not belong to a QinQ VLAN.
verify the connectivity between the ONT and BRAS.
A user name, password, and authentication
mode must be configured on the BRAS for the
PPPoE dialup emulation.
An ONT supports a maximum of a PPPoE
dialup emulation.

Call Emulation An ONT simulates a voice user to make a call to An ONT can simulate a caller or callee to
check whether the voice service data is correctly communicate with a phone in a call. In this
configured. You can also use the call emulation case, only a functional phone is required in the
function to locate a fault when the voice service is central office where the acceptance personnel

2024-09-17 92
MA5800 Product Documentation

Remote Service Function Description


Verification
Method

faulty. is.
An ONT supports a maximum of a call
emulation.

Multicast This function enables you to simulate a multicast Multicast services configured in the dynamic
emulation user going online and lead the program stream to an controllable multicast mode do not support
ONT. You can check whether the multicast service is this function.
normal by checking the real-time traffic of the
multicast program.

Data plan

Item Data Remarks

PPPoE dialup PPPoE user name: The user name, password, and authentication mode for the emulation test
emulation test@device must be configured on the BRAS. The entered user name, password, and
parameters Password: test1234 authentication mode must be consistent with those configured on the
BRAS.

Call emulation ONT POTS ID: 1 The default values are used. You can run the display pots emulational
parameters configuration command to check the parameter values.

Multicast Multicast service flow -


emulation ID: 1
parameters MVLAN: 1000
IP address of the
multicast program:
224.1.1.10

Procedure

 Verify the Internet access service using PPPoE dialup emulation.

1. In the xPON board mode, run the pppoe simulate start command to start a PPPoE dialup emulation
test. The following test uses GPON as an example:

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#pppoe simulate start
{ portid<U><0,7> }:0
{ ontid<U><0,127> }:1
{ eth<K>|untagged<K>|vlanid<U><0,4095> }:eth
{ ont-portid<U><1,8> }:4
{ untagged<K>|vlanid<U><0,4095> }:100
{ priority<U><0,7>|user-name<K> }:user-name
{ username<S><Length 1-64> }:test@device
{ user-password<K> }:user-password
{ password<S><Length 1-64> }:test1234

2024-09-17 93
MA5800 Product Documentation

{ authentication-mode<K> }:authentication-mode
{ protocol<E><chap,pap> }:chap

Command:
pppoe simulate start 0 1 eth 4 100 user-name test@device user-password
test authentication-mode chap

huawei(config-if-gpon-0/1)#
----------------------------------
ONT PPPoE Test Result
----------------------------------
F/S/P : 0/1/0
ONT-ID :1
ONT ETH Port ID :4
ONT Vlan ID : 100
Vlan Priority :-
Emluator result : Success
Session ID : 18814
User IP : 192.168.100.101
Gateway IP : 192.168.100.1
----------------------------------

 Troubleshooting methods for the Internet access service

1. Check whether configurations are complete on the OLT.

 Run the display ont info command to query the ONT status to check whether the ONT is
registered successfully.

 Run the display service-port command to check whether the Internet access service flow is
configured and whether the inner VLAN ID of the service flow is consistent with that in the data
plan.

 If a native VLAN is configured for the Ethernet port on the ONT, run the display ont port
attribute command in the xPON board mode to check whether the native VLAN is correct.

2. Check the upstream and downstream ports by checking the MAC address learning status.

a. Run the display mac-address vlan command to check the MAC address learning status of the
Internet service VLAN.

 If the upstream port does not learn a MAC address, check the network connections between
the upstream port and upper-layer devices and check the configurations of upper-layer
devices.

 If the downstream port does not learn a MAC address, check whether the ONT is activated,
whether the PC is connected to the right port on the ONT, and whether the PC is working
properly.

2024-09-17 94
MA5800 Product Documentation

b. Run the display ont-learned-mac command to check whether the ONT connecting to the PON
port learned any MAC addresses.
If not, check whether the ONT properly connects to the PC or home gateway (HGW).

 Verify the voice service using call emulation.

1. Run the ont emulational call command to configure a call emulation test.

huawei(config)#test
huawei(config-test)#ont emulational call caller-port 0/1/0 1 1 telno 12345620
{ <cr>|caller-stop-time<K> }:

Command:
ont emulational call caller-port 0/1/0 1 1 telno 12345620

2. The ONT outputs the call emulation result after the test is complete.

huawei(config-test)#
----------------------------------------------------------------
F/S/P : 0/1/0
ONT-ID :0
ONT-POTSID :1
Test type : caller emulational call test
Detected number : 12345620
Reported number : 12345620
Current status : test end
Test Result : success
----------------------------------------------------------------

 Troubleshooting methods for the voice service.

1. Check whether configurations are complete on the OLT.

 Run the display ont info command to query the ONT status to check whether the ONT is
registered successfully.

 Run the display service-port command to check whether the voice service flow is configured and
whether the inner VLAN ID of the service flow is consistent with that in the data plan.

2. Check the upstream and downstream ports by checking the MAC address learning status.

Run the display mac-address vlan command to check the MAC address learning status of the voice
service VLAN.

 If the upstream port does not learn a MAC address, check the network connections between the
upstream port and upper-layer devices and check the configurations of upper-layer devices.

 If the downstream port does not learn a MAC address, check whether the ONT is activated and
whether physical links are normal.

2024-09-17 95
MA5800 Product Documentation

 If both the upstream and downstream ports can learn the MAC address, record the MAC address
of the ONT and log in to the service router (SR) to check whether an IP address is allocated to the
MAC address.

3. Check the registration status of the voice service.

 You can run the display ont port state command on the OLT to query the call connection status
on the POTS port. If Call State is RegisterFail or Connecting for a long time, check whether the
voice configuration on the MGC/SIP server is consistent with that on the ONT.

 If the ONT uses the H.248 protocol, you can run the display ont mg status command on the OLT
to query the registration status of the MG interface that connects to the ONT. If MG Status is
UnRegistered or Registering for a long time, check whether the voice configuration on the
MGC/SIP server is consistent with that on the ONT.

 You can query the registration status of the voice service on the ONT web page. If the query result
shows that the registration fails or the voice service is in the registering state for a long time,
check whether the voice configuration on the MGC/SIP server is consistent with that on the ONT.

 Verify the multicast service using multicast emulation.

1. Run the igmp static-join command to simulate a multicast user to order a multicast program.

huawei(config)#btv
huawei(config-btv)#igmp static-join service-port 1 ip 224.1.1.10 vlan 1000

If the multicast program is obtained dynamically, igmp static-join can be executed successfully only when the
range for obtaining the dynamic program is set.

2. Run the display igmp user command to query the status of the multicast user.

huawei(config-btv)#display igmp user service-port 1


User : 0/1/0/1
State : online
Authentication : no-auth
Quick leave : MAC-based
IGMP flow ID :1
Video flow ID :1
Log switch : enable
Bind profiles :-
IGMP version : IGMP v3
Current version : IGMP v3
Current IGMP IPv6 version : IGMP IPv6 v2
Available programs :8
Global leave : disable
User max bandwidth : no-limit
Used bandwidth(kbps) :0

2024-09-17 96
MA5800 Product Documentation

Used bandwidth
to max bandwidth(%) :-
Total video bandwidth :-
Mcast video bandwidth :-
Active program list
---------------------------------------------------------------------------
Program name VLAN IP/MAC State Start time
---------------------------------------------------------------------------
PROGRAM-5 1000 224.1.1.10 watching 2011-10-29
16:33:41+08:00
---------------------------------------------------------------------------
Total: 1

3. Run the display multicast flow-statistic command to query the real-time traffic of the multicast
program.

huawei(config-btv)#display multicast flow-statistic vlan 1000 ip 224.1.1.10


{ <cr>|sourceip<K> }:

Command:
display multicast flow-statistic vlan 1000 ip 224.1.1.10
Command is being executed. Please wait...
Multicast flow statistic result: 8736(kbps)

1.2.4 Bridging ONT + HGW Network Scenario (GPON/XG-


PON/XGS-PON Networking)
Bridging ONT + HGW Network Scenario (GPON/XG-PON/XGS-PON Networking)

This topic describes how to configure Internet access service, voice service, BTV service and VoD service when
bridging ONTs + HGWs are used to build an FTTH network.

The FTTH GPON and 10G GPON access have the same configuration procedure. ONT web pages for configuring
them have differences; however, they have the same configuration parameters. The following uses GPON ONT
configuration as an example. For differences on web pages, see the related ONT manuals.

Service Requirements and Application Scenario

Configuration Process

Adding an ONT to an OLT

Services can be configured for an ONT only after the ONT is successfully added to an OLT.

Configuring the Internet Access Service

The OLT is connected to the remote ONT through a GPON port to provide users with high-speed Internet access services.

2024-09-17 97
MA5800 Product Documentation

Configuring the Voice Service

The OLT is connected to the remote ONT through a GPON port to provide users with the IP-based high-quality and low-
cost VoIP service.

Configuring the BTV Service

The OLT is connected to the remote bridging ONT through a GPON port to provide users with the multicast service.

Configuring the VoD Service

The OLT is connected to the remote bridging ONT through a GPON port to provide users with the VoD service.

Configuring Link Aggregation, Congestion Control, and Security Policies

The global configuration of link aggregation and queue scheduling based on priorities ensures service reliability. The
global configuration of security policies ensures service security.

Verifying Services

The ONTs are installed in users' houses which are far away from the central equipment room. ONTs provide remote
service verification methods including PPPoE dialup emulation, call emulation, and multicast emulation to facilitate
configuration and commissioning engineers to verify services remotely after service configuration.

1.2.4.1 Service Requirements and Application Scenario


Service Requirements and Application Scenario

Service Requirements

Optical fibers are connected to user homes and triple play services are required. The following provides detailed
service requirements:

 Internet access of multiple PCs in a home is supported.

 Access of multiple telephones in a home is supported.

 IPTV programs can be previewed and watched using STBs.

 Service extension is supported and different services do not affect each other.

 Proper service security is ensured.

 Internet access services are protected against unauthorized access, user account theft or borrowing,
MAC/IP spoofing, and malicious attacks.

 Voice and IPTV services are protected against MAC/IP spoofing, malicious attack, and traffic flooding
attacks.

 Service faults are easy to locate and services are easy to maintain.

2024-09-17 98
MA5800 Product Documentation

Application Scenario

As shown in Figure 1, the HGW integrating an IAD provides Internet, voice over Internet Protocol (VoIP), and
Internet Protocol television (IPTV) services to users.
Services are mainly implemented on the HGW, and the bridging ONT works with the OLT to provide Layer 2
channels.

Figure 1 Bridging ONT + HGW

1.2.4.2 Configuration Process


Configuration Process

Figure 1 shows the configuration roadmap in fiber to the home (FTTH) networking using a bridging optical
network terminal (ONT)+home gateway (HGW).

Figure 1 Configuration roadmap in FTTH networking using a bridging ONT+HGW

The following table describes the configuration steps.


Item Step Description

2024-09-17 99
MA5800 Product Documentation

Item Step Description

Optical line Adding an ONT to an OLT Services can be configured for an ONT only after the ONT is
terminal successfully added to an OLT.
(OLT)

OLT Configuring the Internet Access An ONT provides only Layer 2 service channels, which do not require
HGW Service configuration. An HGW is equipped with an integrated access device
(IAD) provides the Internet access, VoIP, and IPTV services for users.
Configuring the Voice Service
IPTV services include the BTV and VoD services that are different in
Configure the Configuring the configuration procedures and need to be configured separately.
IPTV service. BTV Service

Configuring the
VoD Service

OLT Configuring Link Aggregation, The global configuration of link aggregation and queue scheduling
Congestion Control, and Security based on priorities ensures service reliability. The global
Policies configuration of security policies ensures service security.

OLT Verifying Services The OLT provides remote verification methods including ONT
PPPoE/DHCP dialup emulation and call emulation for configuration
and commissioning engineers to verify services remotely after
service configuration, avoiding a second on-site operation.

1.2.4.3 Adding an ONT to an OLT


Adding an ONT to an OLT

Services can be configured for an ONT only after the ONT is successfully added to an OLT.

Data Plan

Item Data

DBA profile Profile name: ftth_dba_mngt


Profile type: Type1
Fixed bandwidth: 1 Mbit/s
Profile name: ftth_dba_hsi
Profile type: Type4
Maximum bandwidth: 32 Mbit/s
Profile name: ftth_dba_voip
Profile type: Type2
Assured bandwidth: 1 Mbit/s
Profile name: ftth_dba_iptv
Profile type: Type2
Assured bandwidth: 1 Mbit/s

ONT line profile Profile name: ftth


T-CONT ID for management services: 4
T-CONT ID for voice services: 5
T-CONT ID for video services: 6

2024-09-17 100
MA5800 Product Documentation

Item Data

T-CONT ID for Internet access services: 7


GEM port ID for management services: 11
GEM port ID for voice services: 12
GEM port ID for video services: 13
GEM port ID for Internet access services: 14

ONT service profile Profile name: ftth


ONT port capability set: adaptive

Network topology data PON port: 0/1/0


ONT IDs: 1 and 2

Procedure

1. Configure GPON ONT profiles.

GPON ONT profiles include the DBA profile, line profile, service profile, and alarm profile.

 DBA profile: A DBA profile describes the GPON traffic parameters. A T-CONT is bound to a DBA profile
for dynamic bandwidth allocation, improving upstream bandwidth utilization.

 Line profile: A line profile describes the binding between the T-CONT and the DBA profile, the QoS
mode of the traffic stream, and the mapping between the GEM port and the ONT-side service.

 Service profile: A service profile provides the service configuration channel for the ONT that is
managed by using optical network terminal management and control interface (OMCI).

 Alarm profile: An alarm profile contains a series of alarm thresholds to measure and monitor the
performance of activated ONT lines. When a statistical value reaches the threshold, the host is notified
and an alarm is reported to the log host and the NMS.

a. Configure a DBA profile.


Run the display dba-profile command to query the existing DBA profiles in the system. If the
existing DBA profiles in the system cannot meet the requirements, run the dba-profile add
command to add a DBA profile.

huawei(config)#dba-profile add profile-name ftth_dba_mngt type1 fix 1024


huawei(config)#dba-profile add profile-name ftth_dba_voip type2 assure 1024
huawei(config)#dba-profile add profile-name ftth_dba_iptv type2 assure 1024
huawei(config)#dba-profile add profile-name ftth_dba_hsi type4 max 32768

Select a DBA profile of the proper bandwidth type and configure proper bandwidth according to the service
types and total user count of the ONT. Note that the sum of the fixed bandwidth and the assured bandwidth
must not be greater than the total bandwidth of the PON port.

b. Configure an ONT line profile.


Create a GPON ONT line profile, named ftth, and bind it to the DBA profile.

huawei(config)#ont-lineprofile gpon profile-name ftth

2024-09-17 101
MA5800 Product Documentation

huawei(config-gpon-lineprofile-1)#tcont 4 dba-profile-name ftth_dba_mngt


huawei(config-gpon-lineprofile-1)#tcont 5 dba-profile-name ftth_dba_voip
huawei(config-gpon-lineprofile-1)#tcont 6 dba-profile-name ftth_dba_iptv
huawei(config-gpon-lineprofile-1)#tcont 7 dba-profile-name ftth_dba_hsi

Create different GEM ports according to different service types, in which

 GEM port 11 is used to carry management services.

 GEM port 12 is used to carry voice services.

 GEM port 13 is used to carry video services.

 GEM port 14 is used to carry Internet access services.

huawei(config-gpon-lineprofile-1)#gem add 11 eth tcont 4


huawei(config-gpon-lineprofile-1)#gem add 12 eth tcont 5
huawei(config-gpon-lineprofile-1)#gem add 13 eth tcont 6
huawei(config-gpon-lineprofile-1)#gem add 14 eth tcont 7

1. To change the default QoS mode, run the qos-mode command to set the QoS mode to gem-car or flow-
car, and run the gem add command to set the index of the traffic profile bound to the GEM port.
2. When the QoS mode is priority-queue (PQ), the default queue priority is 0; when the QoS mode is flow-
car or gem-car, traffic profile 6 is bound to the GEM port by default (no rate limitation).

After the configurations are complete, run the commit command to apply the parameters settings.

huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

c. Configure an ONT service profile.


Create a GPON ONT service profile, named ftth. Configure the capability set of the ETH port and POTS
port to adaptive. Then the system automatically adapts to the ONT according to the actual capability
of the online ONT.

huawei(config)#ont-srvprofile gpon profile-name ftth


huawei(config-gpon-srvprofile-1)#ont-port eth adaptive pots adaptive

After the configurations are complete, run the commit command to apply the parameters setting.

huawei(config-gpon-srvprofile-1)#commit
huawei(config-gpon-srvprofile-1)#quit

d. (Optional) Add an alarm profile.

 The default GPON alarm profile 1 is used. The alarm thresholds for the default alarm profile are
0, which indicates that no alarm is generated.

 In this example, the default alarm profile is used, and therefore the configuration of the alarm
profile is not required.

2024-09-17 102
MA5800 Product Documentation

 Run the gpon alarm-profile add command to configure a GPON alarm profile, which is used for
monitoring the performance of an activated ONT line.

2. Add an ONT.
The procedures for configuring GPON, XG-PON, and XGS-PON services are the same. The difference lies in
this step. Here, the GPON service is used as an example. When configuring XG-PON and XGS-PON services,
you need to configure the ONT network-side interface type parameter (ont-type) in the ont add and ont
confirm commands. Select a value based on the actual ONT capability or service data plan, for example,
10g/2.5g.
Connect two ONTs to GPON port 0/1/0. Set the ONT IDs to 1 and 2, SNs to 3230313126595540 and
6877687714852901, passwords to 0100000001 and 0100000002, discovery mode for password
authentication to once-on, and management mode to OMCI. Bind the two ONTs to ONT line profile ftth and
ONT service profile ftth.
There are two methods of adding an ONT: add an ONT offline and confirm an automatically discovered ONT.

 Add ONTs offline.


If the password of an ONT is known, run the ont add command to add an ONT offline.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont add 0 1 password-auth 0100000001 once-on no-aging omci ont-lineprofile-
name

ftth ont-srvprofile-name ftth

huawei(config-if-gpon-0/1)#ont add 0 2 password-auth 0100000002 once-on no-aging omci ont-lineprofile-


name

ftth ont-srvprofile-name ftth

 Confirm automatically discovered ONTs.


If the password or SN of an ONT is unknown, run the port portid ont-auto-find command in GPON
mode to enable the ONT auto-discovery function of the GPON port. Then, run the ont confirm
command to confirm the ONT.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#port 0 ont-auto-find enable
huawei(config-if-gpon-0/1)#display ont autofind 0
//After this command is executed, the information about all automatically discovered ONTs connected to the GPON
port through optical splitters is displayed.

huawei(config-if-gpon-0/1)#ont confirm 0 ontid 1 sn-auth 3230313126595540 omci ont-lineprofile-name

ftth ont-srvprofile-name ftth

huawei(config-if-gpon-0/1)#ont confirm 0 ontid 2 sn-auth 6877687714852901 omci ont-lineprofile-name

ftth ont-srvprofile-name ftth

If multiple ONTs of the same type bound to the same line profile or service profile are connected to the same port,
you can bulk add ONTs by bulk confirming automatically discovered ONTs to make configuration easier and more
efficient. To do so, the preceding command can be modified as follows:

2024-09-17 103
MA5800 Product Documentation

huawei(config-if-gpon-0/1)#ont confirm 0 all sn-auth omci ont-lineprofile-name ftth


ont-srvprofile-name ftth

 (Optional) Bind the alarm profile to the ONT.


The default profile 1 is used in this example.

huawei(config-if-gpon-0/1)#ont alarm-profile 0 1 profile-id 1


huawei(config-if-gpon-0/1)#ont alarm-profile 0 2 profile-id 1

3. Check ONT status.


After an ONT is added, run the display ont info command to query the current status of the ONT. Ensure
that Config flag of the ONT is active, Run State is online, Config state is normal, and Match state is
match.

huawei(config-if-gpon-0/1)#display ont info 0 1


---------------------------------------------------------------------
F/S/P : 0/1/0
ONT-ID :1
Control flag : active //Indicates that the ONT is activated.
Run state : online //Indicates that the ONT goes online successfully.
Config state : normal //Indicates that the configuration state of the ONT is normal.
Match state : match //Indicates that the capability profile bound to the ONT is consistent with the actual capability
of the ONT.
...//The rest of the response information is omitted.

When Config state is failed, Run state is offline, or Match state is mismatch:

 If Control flag is deactivated, run the ont activate command in GPON mode to activate the ONT.

 If Run state is offline, a physical line may be broken or the optical module may be damaged. Check the
line and the optical module.

 If Config state is failed, the configured ONT capability exceeds the actual ONT capability. In this case,
run the display ont failed-configuration command in the diagnose mode to check the failed
configuration item and the failure cause. Then, rectify the fault accordingly.

1.2.4.4 Configuring the Internet Access Service


Configuring the Internet Access Service

The OLT is connected to the remote ONT through a GPON port to provide users with high-speed Internet access
services.

Prerequisites

 The OLT is connected to the BRAS.

 Related configurations are performed on the BRAS according to the authentication and accounting
requirements for dialup users. For details about the configuration, see the BRAS configuration guide.

 The ONT has been added to the OLT. For details, see Adding an ONT to an OLT .

2024-09-17 104
MA5800 Product Documentation

 The VLAN of the LAN switch port connected to the OLT is consistent with the upstream VLAN of the OLT.

 Residential users generally access the Internet in Point-to-Point Protocol over Ethernet (PPPoE) dial-up
mode. PPPoE dial-up can be performed on personal computers (PCs) or HGWs.

 The configuration processes on HGWs of different models or in different appearances are similar. This topic
describes how to configure the Internet access service on an HG239 that is connected to an ONT upstream
through a LAN.

Data Plan

Item Data

ONT line profile Profile name: ftth


GEM port ID for Internet access service: 14

Network topology Upstream port: 0/9/0


data PON port: 0/1/0
ONT IDs: 1 and 2
ID of the port on the HGW that is connected to the PC: 1

VLAN Plan Double-tagged VLAN:


S-VLAN ID: 100
S-VLAN type: smart
S-VLAN attribute: stacking
C-VLAN ID: 1001-1002
U-VLAN ID: 45
VLAN translation policy:
ONT: The upstream packets sent from the HGW carry user-VLANs and the ONT transparently
transmits them.
OLT: The OLT translates the U-VLAN to S-VLAN+C-VLAN.

Procedure

 Configure the OLT.

1. Configure a traffic profile.


Run the display traffic table ip command to query the existing traffic profiles in the system. If the
traffic profiles existing in the system do not meet the requirements, you need to run the traffic table ip
command to add a traffic profile.
Set the profile ID to ftth_hsi, the CIR to 4 Mbit/s, and the priority to 0. In addition, configure the
scheduling mode so that packets are scheduled according to their priorities.

huawei(config)#traffic table ip name ftth_hsi cir 4096 priority 0 priority-policy local-setting

2. Configure the mapping between a GEM port and a VLAN.

The service flow of user-side VLAN 45 is mapped to GEM port 14 in the ONT line profile.

2024-09-17 105
MA5800 Product Documentation

Here, the user-side VLAN is the VLAN carried by packets sent from HGW to ONT, namely, U-VLAN.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#gem mapping 14 0 vlan 45
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

3. Configure the VLAN of the Ethernet port on the ONT.


Add Ethernet port 1 to VLAN 45 in the ONT service profile.

huawei(config)#ont-srvprofile gpon profile-name ftth


huawei(config-gpon-srvprofile-1)#port vlan eth 1 45
huawei(config-gpon-srvprofile-1)#commit

4. Create an Internet access service VLAN and add an upstream port to it.
Add upstream port 0/9/0 to VLAN 100.

huawei(config)#vlan 100 smart


huawei(config)#vlan attrib 100 stacking
huawei(config)#port vlan 100 0/9 0

5. Create Internet access service flows.


Set S-VLAN ID to 100 and GEM port ID to 14. Use traffic profile ftth_hsi.

huawei(config)#service-port vlan 100 gpon 0/1/0 ont 1 gemport 14 multi-service user-vlan 45 tag-transform
translate-and-add

inner-vlan 1001 inbound traffic-table name ftth_hsi outbound traffic-table name ftth_hsi

huawei(config)#service-port vlan 100 gpon 0/1/0 ont 2 gemport 14 multi-service user-vlan 45 tag-transform
translate-and-add

inner-vlan 1002 inbound traffic-table name ftth_hsi outbound traffic-table name ftth_hsi

6. Save the configurations.

huawei(config)#save

 Configure the HGW.

1. Log in to the web configuration window.

a. Enter the default IP address in the address bar of the browser, and then press Enter.

b. In the login window, enter the user name and password (the default value is provided by ISP) of
the administrator and click OK.

To enhance system security, change the password to a password that meets security requirements after the first
successful login. It is recommended that you change the password periodically.

2024-09-17 106
MA5800 Product Documentation

2. Set parameters for the Internet access service.

a. Choose Internet access service configuration from the navigation tree.

b. Set parameters for the Internet access service.


Parameter Value

Bearing service Internet

VLAN enabling Enabled: VLAN tags are added to upstream packets.


(Set this parameter when the HGW uses the NOTE:
LAN or VDSL2 for upstream transmission)
When Internet access service flows are created on the OLT, if the value of
uservlan is untagged, set this parameter to Disabled; otherwise, set it to
Enabled.

VLANID[1-4094] The internet VLAN ID on the HGW. In this example, set this parameter to
(Set this parameter when the HGW uses the 45.
LAN or VDSL2 for upstream transmission)

VPI/VCI Set the VPI/VCI to be the same as that configured on the devices at the
(Set this parameter when the HGW uses central office. In this example, set this parameter to 0/35.
ADSL2+ for upstream transmission)

Mode PPPoE

c. Submit the configuration.

1.2.4.5 Configuring the Voice Service


Configuring the Voice Service

The OLT is connected to the remote ONT through a GPON port to provide users with the IP-based high-quality and
low-cost VoIP service.

Prerequisites

 The SIP interface data and POTS user configuration data corresponding to the MG interface have been
configured on the SIP server.

 The connection between the OLT and the SIP server is set up. The OLT can ping the IP address of the SIP
server successfully.

 The ONT has been added to the OLT. For details, see Adding an ONT to an OLT .

 HGWs have different models and appearance and therefore, their configuration processes are not the same.
This topic describes how to configure the voice service on an HGW. The actual configuration varies depending
on different HGWs.

 The built-in integrated access device (IAD) of the HGW uses SIP as the voice protocol.

Data Plan

Item Data

2024-09-17 107
MA5800 Product Documentation

Item Data

ONT line Profile name: ftth


profile GEM port ID: 12

VLAN plan Single VLAN tag:


VLAN ID: 300
VLAN type: smart
VLAN attribute: common
UVLAN ID: 47
VLAN translation policy:
ONT: Packets that are sent upstream by the HGW are tagged with a user VLAN. The ONT transparently
transmits the user VLAN.
OLT: translates the VLAN tag (user VLAN <-> S-VLAN).

Voice IP address of the SIP server: 10.10.100.10/24


parameter Port ID of the SIP server: 5060
User phone number: 12345610

Procedure
 Configure the OLT.

1. Configure a traffic profile.


Run the display traffic table ip command to query the existing traffic profiles in the system. If the
existing traffic profiles in the system do not meet the requirements, run the traffic table ip command
to add a traffic profile.
Set the profile name to ftth_voip and do not limit the upstream and downstream rates. Set the priority
to 5 and packets are scheduled according to the priority carried.

huawei(config)#traffic table ip name ftth_voip cir off priority 5 priority-policy

local-setting

2. Configure the mapping relationship between a GEM port and a VLAN.

The service flow of user VLAN 47 is mapped to GEM port 12 in the ONT line profile.

The user VLAN is the VLAN in the packets sent from the HGW to the ONT, that is, the UVLAN.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#gem mapping 12 2 vlan 47
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

3. Configure the VLAN of the Ethernet port on the ONT.


If the ONT is connected to the HGW through Ethernet port 1, add Ethernet port 1 to VLAN 47 in the
ONT service profile.

2024-09-17 108
MA5800 Product Documentation

huawei(config)#ont-srvprofile gpon profile-name ftth


huawei(config-gpon-srvprofile-1)#port vlan eth 1 47
huawei(config-gpon-srvprofile-1)#commit
huawei(config-gpon-srvprofile-1)#quit

4. Create a service VLAN and add an upstream port to it.


Add upstream port 0/9/0 to VLAN 300.

huawei(config)#vlan 300 smart


huawei(config)#port vlan 300 0/9 0

5. Create service flows.


Set the service VLAN to 300, GEM port ID to 12, and user VLAN to 47, and use traffic profile ftth_voip.

huawei(config)#service-port vlan 300 gpon 0/1/0 ont 1 gemport 12 multi-service

user-vlan 47 inbound traffic-table name ftth_voip outbound traffic-table name ftth_voip

huawei(config)#service-port vlan 300 gpon 0/1/0 ont 2 gemport 12 multi-service

user-vlan 47 inbound traffic-table name ftth_voip outbound traffic-table name ftth_voip

6. Enable the ARP proxy function.


Voice media streams for different users of the same SVLAN fail to interchange because the service ports
of the smart VLAN are isolated from each other. Therefore, the ARP proxy function needs to be enabled
on the OLT.

huawei(config)#arp proxy enable


huawei(config)#interface vlanif 300
huawei(config-if-vlanif300)#arp proxy enable
huawei(config-if-vlanif300)#quit

7. Save the configurations.

huawei(config)#save

 Configure the HGW.

1. Log in to the web configuration window.

a. Enter the default IP address in the address bar of the browser, and then press Enter.

b. In the login window, enter the user name and password (the default value is provided by ISP) of
the administrator and click OK.

To enhance system security, change the password to a password that meets security requirements after the first
successful login. It is recommended that you change the password periodically.

2. Set parameters of the voice service.

a. Choose the voice service configuration from the navigation tree.

b. Set parameters of the voice service.

2024-09-17 109
MA5800 Product Documentation

Parameter Value

Bearing service VoIP

Enabling status Enabled

VLAN enabling Enabled: VLAN tags are added to upstream packets.


(Set this parameter when the HGW uses the NOTE:
LAN or VDSL2 for upstream transmission)
When voice service flows are created on the OLT, if the value of
uservlan is untagged, set this parameter to Disabled; otherwise, set it
to Enabled.

VLANID[1-4094] The voice VLAN ID on the HGW. In this example, set this parameter to
(Set this parameter when the HGW uses the 47.
LAN or VDSL2 for upstream transmission)

VPI/VCI Set the VPI/VCI to be the same as that configured on the devices at the
(Set this parameter when the HGW uses central office. In this example, set this parameter to 0/35.
ADSL2+ for upstream transmission)

802.1p Enabled

Mode Route: Route mode

DHCP Enabled

c. Choose the voice telephone number configuration from the navigation tree. Set the parameters
as follows:
Parameter Value

Address Preferred IP address of the proxy server: 10.10.100.10

Port ID Preferred signaling port ID of the proxy server: 5060

Enabled Enabled

User number To use the VoIP account, you can set the account to the user telephone number. In this example, set the
user telephone number to 12345610.

User -
password

d. Submit the configuration.

1.2.4.6 Configuring the BTV Service


Configuring the BTV Service

The OLT is connected to the remote bridging ONT through a GPON port to provide users with the multicast service.

Prerequisites

 The OLT is connected to the BRAS and the multicast source.

 The VLAN of the LAN switch port connected to the OLT is the same as the upstream VLAN of the OLT.

 The ONT has been added to the OLT. For details, see Adding an ONT to an OLT .

2024-09-17 110
MA5800 Product Documentation

 HGWs have different models and appearance and therefore, their configuration processes are not the same.
This topic describes how to configure the Internet access service on an HGW generally. The actual
configuration varies depending on different HGWs.

Data Plan

Item Data

ONT line profile Profile name: ftth


GEM port ID: 13

Traffic profile ID: 8


802.1p priority: 4
CIR: off (unlimited)
Priority-based scheduling policy: local-setting

VLAN Plan Single VLAN tag:


SVLAN ID: 1000
HGW VLAN: 43
MVLAN ID: 1000
VLAN type: smart
VLAN attribute: common
VLAN translation policy:
ONT: translates the upstream VLAN of the HGW to an MVLAN.
OLT: duplicates multicast packets based on PON ports with MVLAN unchanged.

Multicast service data Multicast protocol: IGMP proxy


Multicast version: IGMPv2
Multicast program: dynamic obtaining mode

Procedure

 Configure the OLT.

1. Configure a traffic profile.


Set the profile name to ftth_iptv. Set the CIR to off (unlimited), priority to 4, and priority-based
scheduling policy to local-setting (that is, queues are scheduled based on the priority specified in the
profile).

Run the display traffic table ip command to query the existing traffic profiles in the system. If the existing traffic
profiles in the system do not meet the requirements, run the traffic table ip command to add a traffic profile.

huawei(config)#traffic table ip name ftth_iptv cir off priority 4 priority-policy local-setting

2. Configure the mapping relationship between a GEM port and a VLAN.


If the ONT is connected to the HGW through Ethernet port 2, map the service flow of Ethernet port 2 to
GEM port 13 in the ONT line profile.

2024-09-17 111
MA5800 Product Documentation

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#gem mapping 13 2 vlan 1000
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

3. Configure a VLAN translation policy for the Ethernet port on the ONT.
If the ONT is connected to the HGW through Ethernet port 2, VLAN 43 of the HGW is translated to
VLAN 1000 and the MVLAN of the ONT is translated to VLAN 1000.

huawei(config)#ont-srvprofile gpon profile-name ftth


huawei(config-gpon-srvprofile-1)#port vlan eth 2 translation 1000 user-vlan 43
huawei(config-gpon-srvprofile-1)#multicast-forward tag translation 43
huawei(config-gpon-srvprofile-1)#commit
huawei(config-gpon-srvprofile-1)#quit

4. Create a service VLAN and add an upstream port to it.


Add upstream port 0/9/0 to VLAN 1000.

huawei(config)#vlan 1000 smart


huawei(config)#port vlan 1000 0/9 0

5. Create service flows.


Set the service VLAN to 1000, GEM port ID to 13, and user VLAN to 1000, and use traffic profile
ftth_iptv.

huawei(config)#service-port 1 vlan 1000 gpon 0/1/0 ont 1 gemport 13 multi-service

user-vlan 1000 inbound traffic-table name ftth_iptv outbound traffic-table name ftth_iptv

huawei(config)#service-port 2 vlan 1000 gpon 0/1/0 ont 2 gemport 13 multi-service

user-vlan 1000 inbound traffic-table name ftth_iptv outbound traffic-table name ftth_iptv

6. Create an MVLAN and configure the IGMP version.


Set the IGMP version for the MVLAN to IGMPv2.

huawei(config)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp version v2
This operation will delete all IPv4 programs with source IP addresses in the
current multicast VLAN
Are you sure to change current IGMP version? (y/n)[n]:y
Command is being executed. Please wait...
Command has been executed successfully

7. Configure a program library.

Set the mode for obtaining multicast programs to dynamic.

You can set the mode for obtaining multicast programs to dynamic only when the IGMP mode is off.

huawei(config-mvlan1000)#igmp mode off

2024-09-17 112
MA5800 Product Documentation

Are you sure to close IGMP? (y/n)[n]:y


Command is being executed. Please wait...
Command has been executed successfully

huawei(config-mvlan1000)#igmp match mode disable


Command has been executed successfully

(Optional) Set the address range for the dynamic programs. If you need to limit the address range of
dynamic programs, perform this operation. For example, set the address range of dynamic programs to
224.1.1.1-224.1.1.100.

huawei(config-mvlan1000)#igmp match group ip 224.1.1.1 to-ip 224.1.1.100

8. Set the IGMP mode.


Select the IGMP proxy mode.

huawei(config-mvlan1000)#igmp mode proxy


Are you sure to change IGMP mode? (y/n)[n]:y
Command is being executed. Please wait...
Command has been executed successfully

9. (Optional) Configure the IGMP upstream port.


In this example, the IGMP upstream port uses default value default.
Run the display igmp config global command to query the IGMP upstream port mode. If this mode
does not meet the requirement, run the igmp uplink-port-mode command to configure it.
10. Configure multicast users.
Add service ports 1 and 2 as multicast users.

huawei(config-mvlan1000)#btv
huawei(config-btv)#igmp user add service-port 1
huawei(config-btv)#igmp user add service-port 2
huawei(config-btv)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp multicast-vlan member service-port 1
huawei(config-mvlan1000)#igmp multicast-vlan member service-port 2
huawei(config-mvlan1000)#quit

11. Save the configurations.

huawei(config)#save

 Configure the HGW.

1. Log in to the web configuration window.

a. Enter the default IP address in the address bar of the browser, and then press Enter.

b. In the login window, enter the user name and password (the default value is provided by ISP) of
the administrator and click OK.

2024-09-17 113
MA5800 Product Documentation

To enhance system security, change the password to a password that meets security requirements after the first
successful login. It is recommended that you change the password periodically.

2. Set parameters for the BTV service.

a. Choose BTV service configuration from the navigation tree.

b. Set parameters for the BTV service.


Parameter Value

Bearing service OTHER: It is used for the BTV service.

VLAN enabling Enabled: VLAN tags are added to upstream packets.


(Set this parameter when the HGW uses the NOTE:
LAN or VDSL2 for upstream transmission)
When BTV service flows are configured on the OLT, if the value of
uservlan is untagged, set this parameter to Disabled; otherwise, set it
to Enabled.

VLANID[1-4094] The BTV VLAN ID on the HGW. In this example, set this parameter to
(Set this parameter when the HGW uses the 43.
LAN or VDSL2 for upstream transmission)

VPI/VCI Set the VPI/VCI to be the same as that configured on the devices at the
(Set this parameter when the HGW uses central office. In this example, set this parameter to 0/35.
ADSL2+ for upstream transmission)

Binding item LAN3 (Example: LAN3 interface serves as the BTV interface)

Mode Bridge

DHCP transparent transmission Enabled

c. Submit the configuration.

1.2.4.7 Configuring the VoD Service


Configuring the VoD Service

The OLT is connected to the remote bridging ONT through a GPON port to provide users with the VoD service.

Prerequisites

 The OLT is connected to the BRAS and the program source.

 The VLAN of the LAN switch port connected to the OLT is the same as the upstream VLAN of the OLT.

 The ONT has been added to the OLT. For details, see Adding an ONT to an OLT .

 HGWs have different models and appearance and therefore, their configuration processes are not the same.
This topic describes how to configure the Internet access service on an HGW generally. The actual
configuration varies depending on different HGWs.

Data Plan

2024-09-17 114
MA5800 Product Documentation

Item Data

ONT line profile Profile name: ftth


T-CONT ID: 4
GEM port ID: 13

Traffic profile ID: 8


802.1p priority: 4
CIR: off (unlimited)
Priority-based scheduling policy: local-setting

VLAN Plan Single VLAN tag:


SVLAN ID: 1000
VLAN type: smart
VLAN attribute: common
UVLAN (upstream VLAN of the HGW): 41
CVLAN=UVLAN
VLAN translation policy:
ONT: transparently transmits the UVLAN of the HGW.
OLT: implements VLAN translation: U<->S.

Procedure

1. Configure the OLT.

a. Configure a traffic profile.


Set the profile name to ftth_iptv. Set the CIR to off (unlimited), priority to 4, and priority-based
scheduling policy to local-setting (that is, queues are scheduled based on the priority specified in the
profile).

Run the display traffic table ip command to query the existing traffic profiles in the system. If the existing
traffic profiles in the system do not meet the requirements, run the traffic table ip command to add a traffic
profile.

huawei(config)#traffic table ip name ftth_iptv cir off priority 4 priority-policy local-setting

b. Configure the mapping relationship between a GEM port and a VLAN.


The service flow of user VLAN 41 is mapped to GEM port 13 in the ONT line profile.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#gem mapping 13 4 vlan 41
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

c. Configure the VLAN of the Ethernet port on the ONT.


If the ONT is connected to the HGW through Ethernet port 2, add Ethernet port 2 to VLAN 41.

huawei(config)#ont-srvprofile gpon profile-name ftth

2024-09-17 115
MA5800 Product Documentation

huawei(config-gpon-srvprofile-1)#port vlan eth 2 41


huawei(config-gpon-srvprofile-1)#commit
huawei(config-gpon-srvprofile-1)#quit

d. Create a service VLAN and add an upstream port to it.


Add upstream port 0/9/0 to VLAN 1000.

huawei(config)#vlan 1000 smart


huawei(config)#port vlan 1000 0/9 0

e. Create service flows.


Set the service VLAN to 1000, GEM port ID to 13, and user VLAN to 41, and use traffic profile ftth_iptv.

huawei(config)#service-port vlan 1000 gpon 0/1/0 ont 1 gemport 13 multi-service user-vlan 41 inbound
traffic-table name ftth_iptv

outbound traffic-table name ftth_iptv

huawei(config)#service-port vlan 1000 gpon 0/1/0 ont 2 gemport 13 multi-service user-vlan 41 inbound
traffic-table name ftth_iptv

outbound traffic-table name ftth_iptv

f. Save the configurations.

huawei(config)#save

2. Configure the HGW.

a. Log in to the web configuration window.

i. Enter the default IP address in the address bar of the browser, and then press Enter.

ii. In the login window, enter the user name and password (the default value is provided by ISP)
of the administrator and click OK.

To enhance system security, change the password to a password that meets security requirements after the
first successful login. It is recommended that you change the password periodically.

b. Set parameters for the VoD service.

i. Choose VoD service configuration from the navigation tree.

ii. Set parameters for the VoD service.


Parameter Value

Bearing service OTHER: It is used for the VoD service.

VLAN enabling Enabled: VLAN tags are added to upstream packets.


(Set this parameter when the HGW uses the NOTE:
LAN or VDSL2 for upstream transmission)
When VoD service flows are configured on the OLT, if the value of
uservlan is untagged, set this parameter to Disabled; otherwise, set it
to Enabled.

2024-09-17 116
MA5800 Product Documentation

Parameter Value

VLANID[1-4094] The VoD VLAN ID on the HGW. In this example, set this parameter to 41.
(Set this parameter when the HGW uses the
LAN or VDSL2 for upstream transmission)

VPI/VCI Set the VPI/VCI to be the same as that configured on the devices at the
(Set this parameter when the HGW uses central office. In this example, set this parameter to 0/35.
ADSL2+ for upstream transmission)

Binding item LAN4 (Example: LAN4 interface serves as the VoD interface)

Mode Bridge

DHCP transparent transmission Enabled

iii. Submit the configuration.

1.2.4.8 Configuring Link Aggregation, Congestion Control, and


Security Policies
Configuring Link Aggregation, Congestion Control, and Security Policies

The global configuration of link aggregation and queue scheduling based on priorities ensures service reliability.
The global configuration of security policies ensures service security.

Context

Link aggregation provides a higher bandwidth and uplink reliability for optical line terminals (OLTs) by
aggregating multiple uplink Ethernet ports to one link aggregation group (LAG).
Congestion control places the packets to be sent from a port into multiple queues that are marked with different
priorities. Then, the packets are sent based on queue priorities.

Security policies ensure system, user, and service security.

Enable a service security function based on the service type. For details, see Principle of Security Data Plan .

Procedure

 Configure link aggregation.


The following configurations are used as an example to configure link aggregation:

 Uplink ports 0/9/0 and 0/9/1 are added to a LAG.

 The two ports send packets upstream based on the packets' source MAC addresses.

 The LAG works in Link Aggregation Control Protocol (LACP) static aggregation mode.

huawei(config)#link-aggregation 0/9 0-1 ingress workmode lacp-static

 Configure queue scheduling.

2024-09-17 117
MA5800 Product Documentation

According to quality of service (QoS) planning principles, all packets are scheduled in strict priority (SP) mode
and mapped to queues according to the packets' priorities. For details about QoS planning principles, see
Principle of QoS Planning .

huawei(config)#queue-scheduler strict-priority
huawei(config)#cos-queue-map cos0 0 cos4 4 cos5 5 cos6 6

 Configure system security.

 Enable deny of service (DoS) anti-attack on the OLT.

1. Run the security anti-dos enable command to globally enable DoS anti-attack.

2. Run the security anti-dos control-packet policy command to configure a protocol packet
processing policy that will be used when a DoS attack occurs.

3. Run the security anti-dos control-packet rate command to configure the threshold for the rate
of sending protocol packets to the CPU.

 Enable IP address anti-attack on the OLT.


Run the security anti-ipattack enable command to enable IP address anti-attack.

 Configure user security.

 Enable MAC address anti-flapping on the OLT.


Run the security anti-macduplicate enable command to enable MAC address anti-flapping.

 Enable MAC address anti-spoofing on the OLT.

1. In global config mode, run the security anti-macspoofing enable command to globally enable
MAC address anti-spoofing.

2. Enable MAC address anti-spoofing at VLAN level in global config mode or service profile mode:

a. In global config mode, run the security anti-macspoofing vlan command to enable MAC
address anti-spoofing.

b. In global config mode, run the vlan service-profile command to create a VLAN service
profile.

c. Perform the following operations to enable MAC address anti-spoofing in VLAN service
profile mode:

i. Run the security anti-macspoofing enable command to enable MAC address anti-
spoofing at VLAN level.

ii. Run the commit command to make the profile configuration take effect.

iii. Run the quit command to quit the VLAN service profile mode.

iv. Run the vlan bind service-profile command to bind the created VLAN service
profile to a VLAN.

2024-09-17 118
MA5800 Product Documentation

3. (Optional) Run the security anti-macspoofing max-mac-count command to set the maximum
number of MAC addresses that can be bound to a service flow.

4. (Optional) Run the security anti-macspoofing exclude command to configure the types of
packets for which MAC address anti-spoofing does not take effect, such as Internet Group
Management Protocol (IGMP) packets.

 Enable IP address anti-spoofing on the OLT.

IP address anti-spoofing can be enabled or disabled at three levels: global, VLAN, and service port levels.
This function takes effect only after it is enabled at the three levels. Among the three levels, IP address
anti-spoofing is disabled only at the global level by default.

1. In global config mode, run the security anti-ipspoofing enable command to enable IP address
anti-spoofing at the global level.

2. In VLAN service profile mode, run the security anti-ipspoofing enable command to enable IP
address anti-spoofing at the VLAN level.

3. Run the security anti-ipspoofing service-port serviceport-id enable command to enable IP


address anti-spoofing at the service port level.

 Configure service security.

 Enable Dynamic Host Configuration Protocol (DHCP) Option 82 on the OLT. This configuration is
recommended for the DHCP-based Internet access service.

1. Enable DHCP Option 82 on the OLT.


DHCP Option 82 can be enabled or disabled at four levels: global, port, VLAN, and service port
levels. This function takes effect only after it is enabled at the four levels. Among the four levels,
DHCP Option 82 is disabled only at the global level by default.

 The global level: In global config mode, run the dhcp option82 command to enable DHCP
Option 82 at the global level.
When you run this command, select the enable, forward, or rebuild parameter based on
site requirements. The three parameters can all enable DHCP Option 82 but provide different
packet processing policies on the OLT. For details, see the dhcp option82 command.

 The port level: In global config mode, run the dhcp option82 port or dhcp option82 board
command to enable DHCP Option 82 at the port level.

 The VLAN level:

a. In global config mode, run the vlan service-profile command to create a VLAN
service profile.

b. Run the dhcp option82 enable command to enable DHCP Option 82 at the VLAN
level.

c. Run the commit command to make the profile configuration take effect.

d. Run the quit command to quit the VLAN service profile mode.

2024-09-17 119
MA5800 Product Documentation

e. Run the vlan bind service-profile command to bind the created VLAN service profile
to a VLAN.

 The service port level: In global config mode, run the dhcp option82 service-port command
to enable DHCP Option 82 at the service port level.

2. On the OLT, run the dhcp-option82 permit-forwarding service-port command with the enable
parameter selected, to allow ONT DHCP packets to carry Option 82 information.

 Enable Policy Information Transfer Protocol (PITP) on the OLT. This configuration is recommended for
the PPPoE-based Internet access service.

1. Enable PITP on the OLT.


PITP can be enabled or disabled at four levels: global, port, VLAN, and service port levels. This
function takes effect only after it is enabled at the four levels. Among the four levels, PITP is
disabled only at the global level by default.

 The global level: In global config mode, run the pitp enable pmode, pitp forward pmode, or
pitp rebuild pmode command to enable PITP at the global level.
In the preceding commands, the enable, forward, and rebuild parameters can all enable
PITP but provide different packet processing policies on the OLT. Select one of them based
on site requirements. For details, see the pitp command.

 The port level: In global config mode, run the pitp port or pitp board command to enable
PITP at the port level.

 The VLAN level:

a. In global config mode, run the vlan service-profile command to create a VLAN
service profile.

b. Run the pitp enable command to enable PITP at the VLAN level.

c. Run the commit command to make the profile configuration take effect.

d. Run the quit command to quit the VLAN service profile mode.

e. Run the vlan bind service-profile command to bind the created VLAN service profile
to a VLAN.

 The service port level: In global config mode, run the pitp service-port command to enable
PITP at the service port level.

2. On the OLT, run the pitp permit-forwarding service-port command with the enable parameter
selected, to allow ONT PPPoE packets to carry a vendor tag.

1.2.4.9 Verifying Services


Verifying Services

2024-09-17 120
MA5800 Product Documentation

The ONTs are installed in users' houses which are far away from the central equipment room. ONTs provide
remote service verification methods including PPPoE dialup emulation, call emulation, and multicast emulation to
facilitate configuration and commissioning engineers to verify services remotely after service configuration.

Prerequisites
ONTs and upper-layer devices have been connected properly. The BRAS and MGC/IMS have been configured.

Background

Remote Service Function Description


Verification
Method

PPPoE dialup An ONT simulates a PPPoE user terminal software PPPoE dialup emulation requires a service
emulation to perform dialup and interact with the BRAS to flow which does not belong to a QinQ VLAN.
verify the connectivity between the ONT and BRAS.
A user name, password, and authentication
mode must be configured on the BRAS for the
PPPoE dialup emulation.
An ONT supports a maximum of a PPPoE
dialup emulation.

Call Emulation An ONT simulates a voice user to make a call to An ONT can simulate a caller or callee to
check whether the voice service data is correctly communicate with a phone in a call. In this
configured. You can also use the call emulation case, only a functional phone is required in the
function to locate a fault when the voice service is central office where the acceptance personnel
faulty. is.
An ONT supports a maximum of a call
emulation.

Multicast This function enables you to simulate a multicast Multicast services configured in the dynamic
emulation user going online and lead the program stream to an controllable multicast mode do not support
ONT. You can check whether the multicast service is this function.
normal by checking the real-time traffic of the
multicast program.

Data plan

Item Data Remarks

PPPoE dialup PPPoE user name: The user name, password, and authentication mode for the emulation test
emulation test@device must be configured on the BRAS. The entered user name, password, and
parameters Password: test1234 authentication mode must be consistent with those configured on the
BRAS.

Call emulation ONT POTS ID: 1 The default values are used. You can run the display pots emulational
parameters configuration command to check the parameter values.

Multicast Multicast service flow -


emulation ID: 1
parameters MVLAN: 1000
IP address of the
multicast program:

2024-09-17 121
MA5800 Product Documentation

Item Data Remarks

224.1.1.10

Procedure

 Verify the Internet access service using PPPoE dialup emulation.

1. In the xPON board mode, run the pppoe simulate start command to start a PPPoE dialup emulation
test. The following test uses GPON as an example:

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#pppoe simulate start
{ portid<U><0,7> }:0
{ ontid<U><0,127> }:1
{ eth<K>|untagged<K>|vlanid<U><0,4095> }:eth
{ ont-portid<U><1,8> }:4
{ untagged<K>|vlanid<U><0,4095> }:100
{ priority<U><0,7>|user-name<K> }:user-name
{ username<S><Length 1-64> }:test@device
{ user-password<K> }:user-password
{ password<S><Length 1-64> }:test1234
{ authentication-mode<K> }:authentication-mode
{ protocol<E><chap,pap> }:chap

Command:
pppoe simulate start 0 1 eth 4 100 user-name test@device user-password
test authentication-mode chap

huawei(config-if-gpon-0/1)#
----------------------------------
ONT PPPoE Test Result
----------------------------------
F/S/P : 0/1/0
ONT-ID :1
ONT ETH Port ID :4
ONT Vlan ID : 100
Vlan Priority :-
Emluator result : Success
Session ID : 18814
User IP : 192.168.100.101
Gateway IP : 192.168.100.1
----------------------------------

2024-09-17 122
MA5800 Product Documentation

 Troubleshooting methods for the Internet access service

1. Check whether configurations are complete on the OLT.

 Run the display ont info command to query the ONT status to check whether the ONT is
registered successfully.

 Run the display service-port command to check whether the Internet access service flow is
configured and whether the inner VLAN ID of the service flow is consistent with that in the data
plan.

 If a native VLAN is configured for the Ethernet port on the ONT, run the display ont port
attribute command in the xPON board mode to check whether the native VLAN is correct.

2. Check the upstream and downstream ports by checking the MAC address learning status.

a. Run the display mac-address vlan command to check the MAC address learning status of the
Internet service VLAN.

 If the upstream port does not learn a MAC address, check the network connections between
the upstream port and upper-layer devices and check the configurations of upper-layer
devices.

 If the downstream port does not learn a MAC address, check whether the ONT is activated,
whether the PC is connected to the right port on the ONT, and whether the PC is working
properly.

b. Run the display ont-learned-mac command to check whether the ONT connecting to the PON
port learned any MAC addresses.
If not, check whether the ONT properly connects to the PC or home gateway (HGW).

 Verify the voice service using call emulation.

1. Run the ont emulational call command to configure a call emulation test.

huawei(config)#test
huawei(config-test)#ont emulational call caller-port 0/1/0 1 1 telno 12345620
{ <cr>|caller-stop-time<K> }:

Command:
ont emulational call caller-port 0/1/0 1 1 telno 12345620

2. The ONT outputs the call emulation result after the test is complete.

huawei(config-test)#
----------------------------------------------------------------
F/S/P : 0/1/0
ONT-ID :0
ONT-POTSID :1
Test type : caller emulational call test
Detected number : 12345620

2024-09-17 123
MA5800 Product Documentation

Reported number : 12345620


Current status : test end
Test Result : success
----------------------------------------------------------------

 Troubleshooting methods for the voice service.

1. Check whether configurations are complete on the OLT.

 Run the display ont info command to query the ONT status to check whether the ONT is
registered successfully.

 Run the display service-port command to check whether the voice service flow is configured and
whether the inner VLAN ID of the service flow is consistent with that in the data plan.

2. Check the upstream and downstream ports by checking the MAC address learning status.

Run the display mac-address vlan command to check the MAC address learning status of the voice
service VLAN.

 If the upstream port does not learn a MAC address, check the network connections between the
upstream port and upper-layer devices and check the configurations of upper-layer devices.

 If the downstream port does not learn a MAC address, check whether the ONT is activated and
whether physical links are normal.

 If both the upstream and downstream ports can learn the MAC address, record the MAC address
of the ONT and log in to the service router (SR) to check whether an IP address is allocated to the
MAC address.

3. Check the registration status of the voice service.

 You can run the display ont port state command on the OLT to query the call connection status
on the POTS port. If Call State is RegisterFail or Connecting for a long time, check whether the
voice configuration on the MGC/SIP server is consistent with that on the ONT.

 If the ONT uses the H.248 protocol, you can run the display ont mg status command on the OLT
to query the registration status of the MG interface that connects to the ONT. If MG Status is
UnRegistered or Registering for a long time, check whether the voice configuration on the
MGC/SIP server is consistent with that on the ONT.

 You can query the registration status of the voice service on the ONT web page. If the query result
shows that the registration fails or the voice service is in the registering state for a long time,
check whether the voice configuration on the MGC/SIP server is consistent with that on the ONT.

 Verify the multicast service using multicast emulation.

1. Run the igmp static-join command to simulate a multicast user to order a multicast program.

huawei(config)#btv
huawei(config-btv)#igmp static-join service-port 1 ip 224.1.1.10 vlan 1000

2024-09-17 124
MA5800 Product Documentation

If the multicast program is obtained dynamically, igmp static-join can be executed successfully only when the
range for obtaining the dynamic program is set.

2. Run the display igmp user command to query the status of the multicast user.

huawei(config-btv)#display igmp user service-port 1


User : 0/1/0/1
State : online
Authentication : no-auth
Quick leave : MAC-based
IGMP flow ID :1
Video flow ID :1
Log switch : enable
Bind profiles :-
IGMP version : IGMP v3
Current version : IGMP v3
Current IGMP IPv6 version : IGMP IPv6 v2
Available programs :8
Global leave : disable
User max bandwidth : no-limit
Used bandwidth(kbps) :0
Used bandwidth
to max bandwidth(%) :-
Total video bandwidth :-
Mcast video bandwidth :-
Active program list
---------------------------------------------------------------------------
Program name VLAN IP/MAC State Start time
---------------------------------------------------------------------------
PROGRAM-5 1000 224.1.1.10 watching 2011-10-29
16:33:41+08:00
---------------------------------------------------------------------------
Total: 1

3. Run the display multicast flow-statistic command to query the real-time traffic of the multicast
program.

huawei(config-btv)#display multicast flow-statistic vlan 1000 ip 224.1.1.10


{ <cr>|sourceip<K> }:

Command:
display multicast flow-statistic vlan 1000 ip 224.1.1.10
Command is being executed. Please wait...
Multicast flow statistic result: 8736(kbps)

2024-09-17 125
MA5800 Product Documentation

1.2.5 Gateway ONT Network Scenario (GPON/XG-PON/XGS-


PON Networking)
Gateway ONT Network Scenario (GPON/XG-PON/XGS-PON Networking)

This topic describes how to configure Internet access service, voice service, BTV service and VoD service when
gateway ONT are used to build an FTTH network.

The FTTH GPON and 10G GPON access have the same configuration procedure. ONT web pages for configuring
them have differences; however, they have the same configuration parameters. The following uses GPON ONT
configuration as an example. For differences on web pages, see the related ONT manuals.

Service Requirements and Application Scenario

Configuration Process

Adding an ONT to an OLT

Services can be configured for an ONT only after the ONT is successfully added to an OLT.

Configuring the Internet Access Service (on a Web Page )

The OLT is connected to the remote ONT through a GPON port to provide users with high-speed Internet access services.

Configuring the Wi-Fi Access Service (on a Web Page)

The OLT is connected to the remote ONT through a GPON port to provide users with high-speed Internet Wi-Fi services.

Configuring the H.248-based Voice Service (on a Web Page)

The OLT is connected to the remote ONT through a GPON port to provide users with the IP-based high-quality and low-
cost VoIP service.

Configuring the H.248-based Voice Service (Through the CLI)

The OLT manages ONTs and applies VoIP configurations to the ONT using the OMCI protocol. This topic describes how to
configure the H.248-based voice service.

Configuring the SIP-based Voice Service (on a Web Page )

The OLT is connected to the remote ONT through a GPON port to provide users with the IP-based high-quality and low-
cost VoIP service.

Configuring the SIP-based Voice Service (Through the CLI)

The OLT manages ONTs and applies VoIP configurations to the ONT using the OMCI protocol. This topic describes how to
configure the SIP-based voice service.

Configuring the BTV Service (on the Web Page)

The OLT is connected to the remote gateway ONT through a GPON port to provide users with the bridge WAN multicast
service.

2024-09-17 126
MA5800 Product Documentation

Configuring the VoD Service (on the Web Page)

The OLT is connected to the remote gateway ONT through a GPON port to provide users with the VoD service.

Configuring the CATV Service

The OLT is connected to the remote ONT through a GPON port to provide users with the CATV service.

Configuring Any Port Any Service (on the Web Page)

The OLT can connect a remote ONT through the GPON interface. This topic describes how to configure the function of any
port any service.

Configuring Link Aggregation, Congestion Control, and Security Policies

The global configuration of link aggregation and queue scheduling based on priorities ensures service reliability. The
global configuration of security policies ensures service security.

Verifying Services

The ONTs are installed in users' houses which are far away from the central equipment room. ONTs provide remote
service verification methods including PPPoE dialup emulation, call emulation, and multicast emulation to facilitate
configuration and commissioning engineers to verify services remotely after service configuration.

1.2.5.1 Service Requirements and Application Scenario


Service Requirements and Application Scenario

Service Requirements

Optical fibers are connected to users' home and triple play services are required. The following provides detailed
service requirements:

 Internet access of multiple PCs in a home is supported.

 Access of multiple telephones in a home is supported.

 IPTV programs can be previewed and watched using STBs.

 Service expansibility is supported and different services do not affect each other.

 Service security is ensured.

 Internet and Wi-Fi access services are protected against unauthorized access, user account theft or
borrowing, MAC/IP spoofing, and malicious attack.

 Voice and IPTV services are protected against MAC/IP spoofing, malicious attack, and traffic flooding
attack.

 Service faults are easy to locate and services are easy to maintain.

2024-09-17 127
MA5800 Product Documentation

Application Scenario

As shown in Figure 1, the ONT integrating an IAD provides Internet, Wi-Fi, VoIP, and IPTV services to users.
The HGW ONT facilitates interconnection of home devices by providing Layer 3 services, such as Point-to-Point
Protocol over Ethernet (PPPoE)/DHCP dialup, network address translation (NAT), and Internet Group
Management Protocol (IGMP) snooping. This scenario provides fine-grained management channels and service
control, and mainly applies to Layer 3 networking.

Figure 1 HGW ONT

1.2.5.2 Configuration Process


Configuration Process

Figure 1 shows the configuration roadmap in fiber to the home (FTTH) networking using a gateway optical
network terminal (ONT).

Figure 1 Configuration roadmap in FTTH networking using a gateway ONT

2024-09-17 128
MA5800 Product Documentation

The following table describes the configuration steps.


Item Step Description

Optical line Adding an ONT to an OLT Services can be configured for an ONT only after the ONT is
terminal successfully added to an OLT.
(OLT)

OLT Configuring the Internet Access None


ONT Service (on a Web Page or the NMS)
NMS
Configuring the Wi-Fi Access Service None
(on a Web Page)

Configure Configuring the H.248- NOTE:


the VoIP based Voice Service (on The H.248 and Session Initiation Protocol (SIP) protocols are
service. a Web Page or the mutually exclusive for the VoIP service. Either of them is
NMS) configured at a time.
The voice service can be configured through command line
Configuring the H.248-
interface (CLI) on an OLT, web page, or NMS. Select a
based Voice Service
configuration mode based on site requirements.
(Through the CLI)
OLT CLI: This mode can be used for site deployment or the NMS
Configuring the SIP- has not been deployed.
based Voice Service (on Web page: This mode can be used to configure voice parameters
a Web Page or the after the service channel has been configured through the OLT
NMS) CLI. It can be used for site deployment.
NMS: This mode can be used to configure voice parameters after
Configuring the SIP- the service channel has been configured through the OLT CLI. It
based Voice Service
can be used for service provisioning in batches.
(Through the CLI)

Configure Configuring the BTV IPTV services include the BTV and VoD services that are different
the IPTV Service (on the Web in configuration procedures and need to be configured
service. Page) separately.

2024-09-17 129
MA5800 Product Documentation

Item Step Description

Configuring the VoD


Service (on the Web
Page)

OLT Configuring Link Aggregation, The global configuration of link aggregation and queue
Congestion Control, and Security scheduling based on priorities ensures service reliability. The
Policies global configuration of security policies ensures service security.

OLT Verifying Services The OLT provides remote verification methods including ONT
PPPoE/DHCP dialup emulation and call emulation for
configuration and commissioning engineers to verify services
remotely after service configuration, avoiding a second on-site
operation.

1.2.5.3 Adding an ONT to an OLT


Adding an ONT to an OLT

Services can be configured for an ONT only after the ONT is successfully added to an OLT.

Data Plan

Item Data

DBA profile Profile name: ftth_dba_mngt


Profile type: Type1
Fixed bandwidth: 1 Mbit/s
Profile name: ftth_dba_hsi
Profile type: Type4
Maximum bandwidth: 32 Mbit/s
Profile name: ftth_dba_voip
Profile type: Type2
Assured bandwidth: 1 Mbit/s
Profile name: ftth_dba_iptv
Profile type: Type2
Assured bandwidth: 1 Mbit/s

ONT line profile Profile name: ftth


T-CONT ID for management services: 4
T-CONT ID for voice services: 5
T-CONT ID for video services: 6
T-CONT ID for Internet access services: 7
GEM port ID for management services: 11
GEM port ID for voice services: 12
GEM port ID for video services: 13
GEM port ID for Internet access services: 14

ONT service profile Profile name: ftth


ONT port capability set: adaptive

2024-09-17 130
MA5800 Product Documentation

Item Data

Network topology data PON port: 0/1/0


ONT IDs: 1 and 2

Procedure
1. Configure GPON ONT profiles.

GPON ONT profiles include the DBA profile, line profile, service profile, and alarm profile.

 DBA profile: A DBA profile describes the GPON traffic parameters. A T-CONT is bound to a DBA profile
for dynamic bandwidth allocation, improving upstream bandwidth utilization.

 Line profile: A line profile describes the binding between the T-CONT and the DBA profile, the QoS
mode of the traffic stream, and the mapping between the GEM port and the ONT-side service.

 Service profile: A service profile provides the service configuration channel for the ONT that is
managed by using optical network terminal management and control interface (OMCI).

 Alarm profile: An alarm profile contains a series of alarm thresholds to measure and monitor the
performance of activated ONT lines. When a statistical value reaches the threshold, the host is notified
and an alarm is reported to the log host and the NMS.

a. Configure a DBA profile.


Run the display dba-profile command to query the existing DBA profiles in the system. If the
existing DBA profiles in the system cannot meet the requirements, run the dba-profile add
command to add a DBA profile.

huawei(config)#dba-profile add profile-name ftth_dba_mngt type1 fix 1024


huawei(config)#dba-profile add profile-name ftth_dba_voip type2 assure 1024
huawei(config)#dba-profile add profile-name ftth_dba_iptv type2 assure 1024
huawei(config)#dba-profile add profile-name ftth_dba_hsi type4 max 32768

Select a DBA profile of the proper bandwidth type and configure proper bandwidth according to the service
types and total user count of the ONT. Note that the sum of the fixed bandwidth and the assured bandwidth
must not be greater than the total bandwidth of the PON port.

b. Configure an ONT line profile.


Create a GPON ONT line profile, named ftth, and bind it to the DBA profile.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#tcont 4 dba-profile-name ftth_dba_mngt
huawei(config-gpon-lineprofile-1)#tcont 5 dba-profile-name ftth_dba_voip
huawei(config-gpon-lineprofile-1)#tcont 6 dba-profile-name ftth_dba_iptv
huawei(config-gpon-lineprofile-1)#tcont 7 dba-profile-name ftth_dba_hsi

Create different GEM ports according to different service types, in which

 GEM port 11 is used to carry management services.

2024-09-17 131
MA5800 Product Documentation

 GEM port 12 is used to carry voice services.

 GEM port 13 is used to carry video services.

 GEM port 14 is used to carry Internet access services.

huawei(config-gpon-lineprofile-1)#gem add 11 eth tcont 4


huawei(config-gpon-lineprofile-1)#gem add 12 eth tcont 5
huawei(config-gpon-lineprofile-1)#gem add 13 eth tcont 6
huawei(config-gpon-lineprofile-1)#gem add 14 eth tcont 7

1. To change the default QoS mode, run the qos-mode command to set the QoS mode to gem-car or flow-
car, and run the gem add command to set the index of the traffic profile bound to the GEM port.
2. When the QoS mode is priority-queue (PQ), the default queue priority is 0; when the QoS mode is flow-
car or gem-car, traffic profile 6 is bound to the GEM port by default (no rate limitation).

After the configurations are complete, run the commit command to apply the parameters settings.

huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

c. Configure an ONT service profile.


Create a GPON ONT service profile, named ftth. Configure the capability set of the ETH port, POTS
port and CATV POTS to adaptive. Then the system automatically adapts to the ONT according to the
actual capability of the online ONT.

huawei(config)#ont-srvprofile gpon profile-name ftth


huawei(config-gpon-srvprofile-1)#ont-port eth adaptive pots adaptive catv adaptive

After the configurations are complete, run the commit command to apply the parameters setting.

huawei(config-gpon-srvprofile-1)#commit
huawei(config-gpon-srvprofile-1)#quit

d. (Optional) Add an alarm profile.

 The default GPON alarm profile 1 is used. The alarm thresholds for the default alarm profile are
0, which indicates that no alarm is generated.

 In this example, the default alarm profile is used, and therefore the configuration of the alarm
profile is not required.

 Run the gpon alarm-profile add command to configure a GPON alarm profile, which is used for
monitoring the performance of an activated ONT line.

2. Add an ONT.
The procedures for configuring GPON, XG-PON, and XGS-PON services are the same. The difference lies in
this step. Here, the GPON service is used as an example. When configuring XG-PON and XGS-PON services,
you need to configure the ONT network-side interface type parameter (ont-type) in the ont add and ont
confirm commands. Select a value based on the actual ONT capability or service data plan, for example,
10g/2.5g.

2024-09-17 132
MA5800 Product Documentation

Connect two ONTs to GPON port 0/1/0. Set the ONT IDs to 1 and 2, SNs to 3230313126595540 and
6877687714852901, passwords to 0100000001 and 0100000002, discovery mode for password
authentication to once-on, and management mode to OMCI. Bind the two ONTs to ONT line profile ftth and
ONT service profile ftth.
There are two methods of adding an ONT: add an ONT offline and confirm an automatically discovered ONT.

 Add ONTs offline.


If the password of an ONT is known, run the ont add command to add an ONT offline.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont add 0 1 password-auth 0100000001 once-on no-aging omci ont-lineprofile-
name

ftth ont-srvprofile-name ftth

huawei(config-if-gpon-0/1)#ont add 0 2 password-auth 0100000002 once-on no-aging omci ont-lineprofile-


name

ftth ont-srvprofile-name ftth

 Confirm automatically discovered ONTs.


If the password or SN of an ONT is unknown, run the port portid ont-auto-find command in GPON
mode to enable the ONT auto-discovery function of the GPON port. Then, run the ont confirm
command to confirm the ONT.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#port 0 ont-auto-find enable
huawei(config-if-gpon-0/1)#display ont autofind 0
//After this command is executed, the information about all automatically discovered ONTs connected to the GPON
port through optical splitters is displayed.

huawei(config-if-gpon-0/1)#ont confirm 0 ontid 1 sn-auth 3230313126595540 omci ont-lineprofile-name

ftth ont-srvprofile-name ftth

huawei(config-if-gpon-0/1)#ont confirm 0 ontid 2 sn-auth 6877687714852901 omci ont-lineprofile-name

ftth ont-srvprofile-name ftth

If multiple ONTs of the same type bound to the same line profile or service profile are connected to the same port,
you can bulk add ONTs by bulk confirming automatically discovered ONTs to make configuration easier and more
efficient. To do so, the preceding command can be modified as follows:

huawei(config-if-gpon-0/1)#ont confirm 0 all sn-auth omci ont-lineprofile-name ftth


ont-srvprofile-name ftth

 (Optional) Bind the alarm profile to the ONT.


The default profile 1 is used in this example.

huawei(config-if-gpon-0/1)#ont alarm-profile 0 1 profile-id 1


huawei(config-if-gpon-0/1)#ont alarm-profile 0 2 profile-id 1

3. Check ONT status.

2024-09-17 133
MA5800 Product Documentation

After an ONT is added, run the display ont info command to query the current status of the ONT. Ensure
that Config flag of the ONT is active, Run State is online, Config state is normal, and Match state is
match.

huawei(config-if-gpon-0/1)#display ont info 0 1


---------------------------------------------------------------------
F/S/P : 0/1/0
ONT-ID :1
Control flag : active //Indicates that the ONT is activated.
Run state : online //Indicates that the ONT goes online successfully.
Config state : normal //Indicates that the configuration state of the ONT is normal.
Match state : match //Indicates that the capability profile bound to the ONT is consistent with the actual capability
of the ONT.
...//The rest of the response information is omitted.

When Config state is failed, Run state is offline, or Match state is mismatch:

 If Control flag is deactivated, run the ont active command in GPON mode to activate the ONT.

 If Run state is offline, a physical line may be broken or the optical module may be damaged. Check the
line and the optical module.

 If Config state is failed, the configured ONT capability exceeds the actual ONT capability. In this case,
run the display ont failed-configuration command in the diagnose mode to check the failed
configuration item and the failure cause. Then, rectify the fault accordingly.

1.2.5.4 Configuring the Internet Access Service (on a Web Page


)
Configuring the Internet Access Service (on a Web Page )

The OLT is connected to the remote ONT through a GPON port to provide users with high-speed Internet access
services.

Prerequisites

 The OLT is connected to the BRAS.

 Related configurations are performed on the BRAS according to the authentication and accounting
requirements for dialup users. For details about the configuration, see the BRAS configuration guide.

 The ONT has been added to the OLT. For details, see Adding an ONT to an OLT .

 The VLAN of the LAN switch port connected to the OLT is the same as the upstream VLAN of the OLT.

 The Web page and NMS window for configuring ONT varies with ONT versions, but the parameter
configuration is the same. For details, see relevant ONT manuals.

Data Plan

2024-09-17 134
MA5800 Product Documentation

Item Data

ONT line Profile name: ftth


profile GEM port ID: 14

VLAN Plan Double-tagged VLAN:


S-VLAN ID: 100
S-VLAN type: smart
S-VLAN attribute: stacking
CVLAN ID: 1001
C'-VLAN ID: 1010-1011
VLAN translation policy:
ONT: ONTs configure the VLAN and add the same C-VLAN tag to packets. All ONTs are in the same C-
VLAN.
OLT: The OLT performs VLAN translation: C<->S+C'. The C'-VLAN of every ONT differs from each other.

Procedure

 Configure the OLT.

1. Configure a traffic profile.


Run the display traffic table ip command to query the existing traffic profiles in the system. If the
traffic profiles existing in the system do not meet the requirements, you need to run the traffic table ip
command to add a traffic profile.
Set the profile ID to ftth_hsi, the CIR to 4 Mbit/s, and the priority to 0. In addition, configure the
scheduling mode so that packets are scheduled according to their priorities.

huawei(config)#traffic table ip name ftth_hsi cir 4096 priority 0 priority-policy local-setting

2. Configure the mapping relationship between a GEM port and a VLAN.


The service flow of user VLAN 1001 is mapped to GEM port 14 in the ONT line profile.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#gem mapping 14 0 vlan 1001
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

3. Create a service VLAN and add an upstream port to it.


Add upstream port 0/9/0 to VLAN 100.

huawei(config)#vlan 100 smart


huawei(config)#vlan attrib 100 stacking
huawei(config)#port vlan 100 0/9 0

4. Create service flows.


Set the service VLAN to 100, GEM port ID to 14, and user VLAN to 1001, and use traffic profile ftth_hsi.

huawei(config)#service-port vlan 100 gpon 0/1/0 ont 1 gemport 14 multi-service

user-vlan 1001 tag-transform translate-and-add

2024-09-17 135
MA5800 Product Documentation

inner-vlan 1010 inbound traffic-table name ftth_hsi outbound traffic-table name ftth_hsi

huawei(config)#service-port vlan 100 gpon 0/1/0 ont 2 gemport 14 multi-service

user-vlan 1001 tag-transform translate-and-add


inner-vlan 1011 inbound traffic-table name ftth_hsi outbound traffic-table name ftth_hsi

5. Save the configurations.

huawei(config)#save

 Configure the ONT on the Web page.

1. Log in to the Web configuration page.

a. Configure the IP address of the PC network adapter to be in the same network segment with the
IP address of the local maintenance Ethernet port on the ONT.

b. Open the Web browser, and enter the IP address (https with high priority is recommended) of
the local maintenance Ethernet port on the ONT. In the login window that is displayed, enter the
user name and password of the administrator. After the password is authenticated, the web
configuration window is displayed.

To enhance system security, change the password to a password that meets security requirements after
the first successful login. It is recommended that you change the password periodically.

2. Configure the working mode of a LAN port.


The LAN port bound to the WAN port must work in the Layer 3 mode. Therefore, set the working mode
to Layer 3 for the LAN port connected to the PC.

3. Configure parameters of a WAN port.

2024-09-17 136
MA5800 Product Documentation

4. Check the ONT connection status.

1.2.5.5 Configuring the Wi-Fi Access Service (on a Web Page)


Configuring the Wi-Fi Access Service (on a Web Page)

The OLT is connected to the remote ONT through a GPON port to provide users with high-speed Internet Wi-Fi
services.

Prerequisites

 The OLT is connected to the BRAS.

2024-09-17 137
MA5800 Product Documentation

 Related configurations are performed on the BRAS according to the authentication and accounting
requirements for dialup users. For details about the configuration, see the BRAS configuration guide.

 The ONT has been added to the OLT. For details, see Adding an ONT to an OLT .

 The VLAN of the LAN switch port connected to the OLT is the same as the upstream VLAN of the OLT.

 The Web page for configuring ONT varies with ONT versions, but the parameter configuration is the same. For
details, see relevant ONT manuals.

Data Plan

Item Data

ONT line Profile name: ftth


profile GEM port ID: 14

VLAN Plan Double-tagged VLAN:


S-VLAN ID: 100
S-VLAN type: smart
S-VLAN attribute: stacking
CVLAN ID: 1001
C'-VLAN ID: 1010-1011
VLAN translation policy:
ONT: ONTs configure the VLAN and add the same C-VLAN tag to packets. All ONTs are in the same C-
VLAN.
OLT: The OLT performs VLAN translation: C<->S+C'. The C'-VLAN of every ONT differs from each other.

Procedure

 Configure the OLT.

1. Configure a traffic profile.


Run the display traffic table ip command to query the existing traffic profiles in the system. If the
traffic profiles existing in the system do not meet the requirements, you need to run the traffic table ip
command to add a traffic profile.
Set the profile ID to ftth_hsi, the CIR to 4 Mbit/s, and the priority to 0. In addition, configure the
scheduling mode so that packets are scheduled according to their priorities.

huawei(config)#traffic table ip name ftth_hsi cir 4096 priority 0 priority-policy local-setting

2. Configure the mapping relationship between a GEM port and a VLAN.


The service flow of user VLAN 1001 is mapped to GEM port 14 in the ONT line profile.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#gem mapping 14 0 vlan 1001
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

2024-09-17 138
MA5800 Product Documentation

3. Create a service VLAN and add an upstream port to it.


Add upstream port 0/9/0 to VLAN 100.

huawei(config)#vlan 100 smart


huawei(config)#vlan attrib 100 stacking
huawei(config)#port vlan 100 0/9 0

4. Create service flows.


Set the service VLAN to 100, GEM port ID to 14, and user VLAN to 1001, and use traffic profile ftth_hsi.

huawei(config)#service-port vlan 100 gpon 0/1/0 ont 1 gemport 14 multi-service

user-vlan 1001 tag-transform translate-and-add


inner-vlan 1010 inbound traffic-table name ftth_hsi outbound traffic-table name ftth_hsi

huawei(config)#service-port vlan 100 gpon 0/1/0 ont 2 gemport 14 multi-service

user-vlan 1001 tag-transform translate-and-add


inner-vlan 1011 inbound traffic-table name ftth_hsi outbound traffic-table name ftth_hsi

5. Save the configurations.

huawei(config)#save

 Configure the ONT on the Web page.


Layer 3 bridge Wi-Fi service

1. Log in to the Web configuration page.

a. Configure the IP address of the PC network adapter to be in the same network segment with the
IP address of the local maintenance Ethernet port on the ONT.

b. Open the Web browser, and enter the IP address (https with high priority is recommended) of
the local maintenance Ethernet port on the ONT. In the login window that is displayed, enter the
user name and password of the administrator. After the password is authenticated, the web
configuration window is displayed.

To enhance system security, change the password to a password that meets security requirements after
the first successful login. It is recommended that you change the password periodically.

2. Configure the Wi-Fi parameters.

2024-09-17 139
MA5800 Product Documentation

3. Configure the parameters of the Layer 3 bridge WAN port.

When you use Wi-Fi access service in the IPoE mode, you need to enable the DHCP relay function.

4. Check the ONT connection status.


In the navigation tree, choose Status > WAN Information. In the right pane, Connection Status is
Connected.

2024-09-17 140
MA5800 Product Documentation

Layer 3 route Wi-Fi service

1. Log in to the Web configuration page.

a. Configure the IP address of the PC network adapter to be in the same network segment with the
IP address of the local maintenance Ethernet port on the ONT.

b. Open the Web browser, and enter the IP address (https with high priority is recommended) of
the local maintenance Ethernet port on the ONT. In the login window that is displayed, enter the
user name and password of the administrator. After the password is authenticated, the web
configuration window is displayed.

2. Configure the Wi-Fi parameters.

3. Configure the parameters of the Layer 3 route WAN port.

2024-09-17 141
MA5800 Product Documentation

4. Check the ONT connection status.


In the navigation tree, choose Status > WAN Information. In the right pane, Connection Status is
Connected and the obtained IP address is displayed at IP Address.

Result

 Layer 3 bridge Wi-Fi service: SSID radio signals can be searched on the Wi-Fi terminal. After the user enter
the authentication key and pass the authentication, the user can access the Internet.

 Layer 3 route Wi-Fi service: SSID radio signals can be searched on the Wi-Fi terminal. After the user enter the
authentication key and pass the authentication, the Wi-Fi terminal can obtain the IP address allocated by the
DHCP IP address pool on the ONT. After the PPPoE dialup is successfully performed on the ONT, the user can
access the Internet.

2024-09-17 142
MA5800 Product Documentation

The security mode and encryption configured on a Wi-Fi terminal must be the same as those of an ONT. If you cannot find the
following encryption modes: TKIP&AES, and AES. The reason may lie in an old Wi-Fi driver version. If so, replace the old
version with a new one.

1.2.5.6 Configuring the H.248-based Voice Service (on a Web


Page)
Configuring the H.248-based Voice Service (on a Web Page)

The OLT is connected to the remote ONT through a GPON port to provide users with the IP-based high-quality and
low-cost VoIP service.

Prerequisites

 The interface data and POTS user configuration data corresponding to the MG interface have been configured
on the MGC.

 The OLT has been connected to the MGC. The OLT can ping the IP address of the MGC server successfully.

 The ONT has been added to the OLT. For details, see Adding an ONT to an OLT .

 Different voice services require different ONT software versions. Before the configuration, ensure that the
current ONT software version supports H.248. For details, see relevant ONT manuals.

 The Web page and NMS window for configuring ONT varies with ONT versions, but the parameter
configuration is the same. For details, see relevant ONT manuals.

Context

Table 1 Data Plan

Item Data

ONT line Profile name: ftth


profile GEM port ID: 12

VLAN Plan Single VLAN tag:


SVLAN ID: 200
SVLAN type: smart
SVLAN attribute: common
CVLAN ID: 300
VLAN translation policy:
ONT: VLANs are configured for the ONTs on the same network in a unified manner, and the ONTs have
the same C-VLAN. The ONT adds a C-VLAN tag to packets.
OLT: translates the VLAN tag (C-VLAN <-> S-VLAN).

Voice IP address of the MGC server: 10.10.100.10/24


parameter Port ID of the MGC server: 2944

2024-09-17 143
MA5800 Product Documentation

Table 1 Data Plan

Item Data

MG Domain: 0100000001 or 0100000002

Procedure

 Configure the OLT.

1. Configure a traffic profile.


Run the display traffic table ip command to query the existing traffic profiles in the system. If the
existing traffic profiles in the system do not meet the requirements, run the traffic table ip command
to add a traffic profile.
Set the profile name to ftth_voip and do not limit the upstream and downstream rates. Set the priority
to 5 and packets are scheduled according to the priority carried.

huawei(config)#traffic table ip name ftth_voip cir off priority 5 priority-policy

local-setting

2. Configure the mapping relationship between a GEM port and a VLAN.


The service flow of user VLAN 300 is mapped to GEM port 12 in the ONT line profile.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#gem mapping 12 2 vlan 300
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

3. Create a service VLAN and add an upstream port to it.


Add upstream port 0/9/0 to VLAN 200.

huawei(config)#vlan 200 smart


huawei(config)#port vlan 200 0/9 0

4. Create service flows.


Set the service VLAN to 200, GEM port ID to 12, and user VLAN to 300. Use traffic profile ftth_voip.

huawei(config)#service-port vlan 200 gpon 0/1/0 ont 1 gemport 12 multi-service

user-vlan 300 inbound traffic-table name ftth_voip outbound traffic-table name ftth_voip

huawei(config)#service-port vlan 200 gpon 0/1/0 ont 2 gemport 12 multi-service

user-vlan 300 inbound traffic-table name ftth_voip outbound traffic-table name ftth_voip

5. Enable the ARP proxy function.


Voice media streams for different users of the same SVLAN fail to interchange because the service ports
of the smart VLAN are isolated from each other. Therefore, the ARP proxy function needs to be enabled
on the OLT.

huawei(config)#arp proxy enable


huawei(config)#interface vlanif 200
huawei(config-if-vlanif200)#arp proxy enable

2024-09-17 144
MA5800 Product Documentation

huawei(config-if-vlanif200)#quit

6. Save the configurations.

huawei(config)#save

 Configure the ONT on the Web page.

1. Log in to the Web configuration page.

a. Configure the IP address of the PC network adapter to be in the same network segment with the
IP address of the local maintenance Ethernet port on the ONT.

b. Open the Web browser, and enter the IP address (https with high priority is recommended) of
the local maintenance Ethernet port on the ONT. In the login window that is displayed, enter the
user name and password of the administrator. After the password is authenticated, the web
configuration window is displayed.

To enhance system security, change the password to a password that meets security requirements after
the first successful login. It is recommended that you change the password periodically.

2. Configure the voice protocol.

The default voice protocol is SIP. Therefore, change the voice protocol first.

3. Configure parameters for the voice WAN interface.

2024-09-17 145
MA5800 Product Documentation

4. Configure parameters for the H.248-based voice interface.

 The parameters of the H.248-based voice interface must be consistent with the corresponding configuration
on the media gateway controller (MGC).
 If dual-homing is configured, Address of the Standby MGC must be configured.

2024-09-17 146
MA5800 Product Documentation

 MID Format can be set to Domain Name, IP, or Device Name. If MID Format is set to Domain Name or
Device Name, the setting must be consistent with the corresponding configuration on the MGC.
 MG Domain is ONT's domain name registered with the MGC. It is globally unique. MG Domain in this
example is ONT's password.
 If Media Port is empty, the parameter value is the same as Signaling Port. The media streams are not
isolated from signaling streams. If the upper-layer network requires isolation of media streams from
signaling streams, create different traffic streams for the media streams and signaling streams on the OLT,
create different WAN ports on the ONT, and bind the created WAN ports to Media Port and Signaling Port.
When the packet is forwarded from two WAN ports, the configured VLAN is carried by default.
 When the ONT is interconnected with a third-party softswitch, check RTP TID Prefix, Start Number of
RTP TID, and Width of RTP TID Number.

5. Check the registration status of the voice user.

1.2.5.7 Configuring the H.248-based Voice Service (Through


the CLI)
Configuring the H.248-based Voice Service (Through the CLI)

The OLT manages ONTs and applies VoIP configurations to the ONT using the OMCI protocol. This topic describes
how to configure the H.248-based voice service.

Prerequisites

 The interface data and POTS user configuration data corresponding to the MG interface have been configured
on the MGC.

 The OLT has been connected to the MGC. The OLT can ping the IP address of the MGC server successfully.

 The ONT has been added to the OLT. For details, see Adding an ONT to an OLT .

 Different voice services require different ONT software versions. Before the configuration, ensure that the
current ONT software version supports H.248. For details, see relevant ONT manuals.

 The Web page and NMS window for configuring ONT varies with ONT versions, but the parameter
configuration is the same. For details, see relevant ONT manuals.

Context

Table 1 Data Plan

Item Data

2024-09-17 147
MA5800 Product Documentation

Table 1 Data Plan

Item Data

ONT line Profile name: ftth


profile GEM port ID: 12

VLAN Plan Single VLAN tag:


SVLAN ID: 200
SVLAN type: smart
SVLAN attribute: common
CVLAN ID: 300
VLAN translation policy:
ONT: VLANs are configured for the ONTs on the same network in a unified manner, and the ONTs have
the same C-VLAN. The ONT adds a C-VLAN tag to packets.
OLT: translates the VLAN tag (C-VLAN <-> S-VLAN).

Voice IP address of the MGC server: 10.10.100.10/24


parameter Port ID of the MGC server: 2944
MG Domain: 0100000001 or 0100000002

Procedure
1. Configure a traffic profile.
Run the display traffic table ip command to query the existing traffic profiles in the system. If the existing
traffic profiles in the system do not meet the requirements, run the traffic table ip command to add a traffic
profile.

2. Configure the mapping relationship between a GEM port and a VLAN.


The service flow of user VLAN 300 is mapped to GEM port 12 in the ONT line profile.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#gem mapping 12 2 vlan 300
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

3. Create a service VLAN and add an upstream port to it.


Add upstream port 0/9/0 to VLAN 200.

huawei(config)#vlan 200 smart


huawei(config)#port vlan 200 0/9 0

4. Create service flows.


Set the service VLAN to 200, GEM port ID to 12, and user VLAN to 300. Use traffic profile ftth_voip.

huawei(config)#service-port vlan 200 gpon 0/1/0 ont 1 gemport 12 multi-service

user-vlan 300 inbound traffic-table name ftth_voip outbound traffic-table name ftth_voip

huawei(config)#service-port vlan 200 gpon 0/1/0 ont 2 gemport 12 multi-service

user-vlan 300 inbound traffic-table name ftth_voip outbound traffic-table name ftth_voip

2024-09-17 148
MA5800 Product Documentation

5. Enable the ARP proxy function.


Voice media streams for different users of the same SVLAN fail to interchange because the service ports of
the smart VLAN are isolated from each other. Therefore, the ARP proxy function needs to be enabled on the
OLT.

huawei(config)#arp proxy enable


huawei(config)#interface vlanif 200
huawei(config-if-vlanif200)#arp proxy enable
huawei(config-if-vlanif200)#quit

6. Configure ONT voice profiles.


ONT voice service configurations include the VoIP service provisioning mode, ONT voice profiles, voice
users, and voice-related parameters.

ONT voice profiles include the common MG interface attribute profile, POTS port profile, MGC profile, and
voice signal profile.

 Common MG interface attribute profile: saves common attributes of an ONT voice interface, including
the fax mode, fax/modem negotiation mode, and priority of the coding and decoding mode.

 POTS port profile: saves physical attributes of a POTS port on an ONT, including the impedance, Tx
gain, Rx gain, and signaling type of a POTS port.

 MGC profile: saves the IP address or domain name of an MGC, protocol port ID of the MGC transport
layer to which the MG interface belongs, and DSCP priority of media packets.

 Voice signal profile: saves the ONT signal tone and ringing tone.

Currently, the common MG interface attribute profile, POTS port profile, and MGC profile can be applied to
an H.248 interface, and the voice signal profile can be bound to an H.248 interface.
For profiles that can be applied to an H.248 interface, if parameters in those profiles are changed, those
profiles must be reapplied to the H.248 interface so that the changed parameters can take effect. For profiles
that can be bound to an H.248 interface, if parameters in those profiles are changed, those profiles do not
need to be rebound to the H.248 interface and the changed parameters can take effect.

a. Configure the VoIP service provisioning mode.


Run the ont voip config-method command to configure the VoIP service provisioning mode. Run the
display ont info command to query the mode of issuing VoIP services.
In this example, the mode is default, that is, the VoIP service provisioning mode is depended on the
actual service provisioning mode on the ONT. Run this command to select a proper mode if the
system supports multiple voice service provisioning modes. The service provisioning modes can be
OMCI, FTP, and TR069.

FTP has security risks. The OMCI and TR069 service provisioning modes are recommended.

b. Configure and apply an MG interface public attribute profile.


In this example, the default profile 1 is used.

2024-09-17 149
MA5800 Product Documentation

i. Configure an MG interface public attribute profile.


Run the display ont-mg-attribute-profile command to query the existing profile in the
system. If the existing profile in the system does not meet the requirements, run the ont-mg-
attribute-profile add command to add a profile.

ii. Apply a common MG interface attribute profile.


Run the ont-if-h248 bat-apply command to apply profiles in batches to H.248 interfaces and
run the if-h248 attribute command to apply a profile to an H.248 interface or configure
customized parameters on an H.248 interface. If you run these two commands to apply profiles
in batches or configure customized parameters repeatedly, the last configurations take effect.

c. Configure and apply a POTS port profile.


In this example, the default profile 1 is used.

i. Configure a POTS port profile.


Run the display ont-pots-profile command to query the existing profile in the system. If the
existing profile in the system does not meet the requirements, run the ont-pots-profile add
command to add a profile.

ii. Apply a POTS port profile.


Run the ont-pstnport electric bat-apply command to apply POTS port profiles in batches and
run the pstnport electric command to apply a POTS port profile to an H.248 interface or
configure customized parameters on an H.248 interface. If you run these two commands to
apply profiles in batches or configure customized parameters repeatedly, the last
configurations take effect.

d. Configure the voice WAN port of the ONT.


For ONT 1 and ONT 2, configure the IP address obtaining mode to DHCP, set the management VLAN
to VLAN 300, and use default values for other parameters.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont ipconfig 0 1 dhcp vlan 300
huawei(config-if-gpon-0/1)#ont ipconfig 0 2 dhcp vlan 300

e. Configure and apply an MGC profile.

i. Configure and apply an MGC profile.


Run the display ont-mgc-profile command to query the existing profile in the system. If the
existing profile in the system does not meet the requirements, run the ont-mgc-profile add
command to add a profile.

Create MGC profile 2, set the IP address of the MGC to 10.10.100.10, and use default values for
other parameters.

huawei(config)#ont-mgc-profile add profile-id 2 primary-mgc 10.10.100.10

ii. Add an H.248 interface and apply an MGC profile to the interface.

For ONT 1 and ONT 2, set the MG ID to 1, apply MGC profile 2 to ONT 1 and ONT 2, and use
default values for other parameters.

2024-09-17 150
MA5800 Product Documentation

huawei(config-if-gpon-0/1)#if-h248 add 0 1 1 mgc-profile profile-id 2


huawei(config-if-gpon-0/1)#if-h248 add 0 2 1 mgc-profile profile-id 2

f. Add POTS users.


For ONT 1 and ONT 2, create a POTS user, set the MG ID to 1 (identical to the MG ID of the H.248
interface), and set the physical terminal port ID to A0 and A1.

huawei(config-if-gpon-0/1)#mgpstnuser add 0 1 1 mgid 1 terminalid A0


huawei(config-if-gpon-0/1)#mgpstnuser add 0 2 1 mgid 1 terminalid A1

Run the display mgpstnuser attribute command to check whether the configuration of the POTS
user is properly set.

huawei(config-if-gpon-0/1)#display mgpstnuser attribute 0 1 1


------------------------------------------------------------------------------
F/S/P : 0/1/0
ONT ID :1
Port ID :1

MG ID :1
Terminal ID : A0
...//The rest of the response information is omitted.

huawei(config-if-gpon-0/1)#display mgpstnuser attribute 0 2 1


------------------------------------------------------------------------------
F/S/P : 0/1/0
ONT ID :2
Port ID :1

MG ID :1
Terminal ID : A1
...//The rest of the response information is omitted.

g. Configure and bind the voice signal profile.


In this example, the default profile 1 is used.

i. Configure the voice signal profile.


Run the display ont-voipsignal-profile command to query the existing profiles in the system.
If the existing profile in the system does not meet the requirement, run the ont-voipsignal-
profile command to add a profile.

ii. Configure the ONT signal tone.


Run the display ont-tone command to query the existing configuration in the system. If the
existing configuration in the system does not meet the requirement, run the ont-tone add
command to add signal tone parameters. The ONT signal tone will not be configured
independently in this example.

2024-09-17 151
MA5800 Product Documentation

iii. Configure ONT ringing parameters.


Run the display ont-ring command to query the existing configuration in the system. If the
existing configuration in the system does not meet the requirement, run the ont-ring add
command to add ringing parameters. The ONT ringing parameter will not be configured
independently in this example.

iv. Run the commit command to save parameters of the voice signal profile to the database.

v. Bind the voice signal profile.


Run the ont-voipsignal bat-bind command to bind voice signal profiles in batches or run the
voipsignal command to bind a voice signal profile to an ONT. If you run these two commands
to bind profiles in batches or bind a voice signal profile to an ONT repeatedly, the last
configurations take effect.

h. (Optional) Configure the H.248 user codec.


Run the mgpstnuser codec command to configure the H.248 user codec. The H.248 user codec will
not be configured independently in this example.
i. (Optional) Configure the global VoIP media attributes of the ONT.
Run the ont-voip-media attribute command to configure the global VoIP media attributes of the
ONT. Before configuration, ensure that the configured media attributes are supported by the
corresponding ONT. Otherwise, the ONT configuration will fail. The global VoIP media attributes of
the ONT will not be configured independently in this example.

7. Save the configurations.

huawei(config)#save

1.2.5.8 Configuring the SIP-based Voice Service (on a Web Page


)
Configuring the SIP-based Voice Service (on a Web Page )

The OLT is connected to the remote ONT through a GPON port to provide users with the IP-based high-quality and
low-cost VoIP service.

Prerequisites

 The SIP interface data and POTS user configuration data corresponding to the MG interface have been
configured on the SIP server.

 The connection between the OLT and the SIP server is set up. The OLT can ping the IP address of the SIP
server successfully.

 The ONT has been added to the OLT. For details, see Adding an ONT to an OLT .

 Different voice services require different ONT software versions. Before the configuration, ensure that the
current ONT software version supports SIP. For details, see relevant ONT manuals.

 The Web page and NMS window for configuring ONT varies with ONT versions, but the parameter
configuration is the same. For details, see relevant ONT manuals.

2024-09-17 152
MA5800 Product Documentation

Data Plan

Item Data

ONT line Profile name: ftth


profile GEM port ID: 12

VLAN Plan Single VLAN tag:


SVLAN ID: 200
SVLAN type: smart
SVLAN attribute: common
CVLAN ID: 300
VLAN translation policy:
ONT: VLANs are configured for the ONTs on the same network in a unified manner, and the ONTs have
the same C-VLAN. The ONT adds a C-VLAN tag to packets.
OLT: translates the VLAN tag (C-VLAN <-> S-VLAN).

Voice IP address of the SIP server: 10.10.100.10/24


parameter Port ID of the SIP server: 5060
Home domain name: example.com
User phone number 1: 12345610
User phone number 2: 12345620

Procedure

 Configure the OLT.

1. Configure a traffic profile.


Run the display traffic table ip command to query the existing traffic profiles in the system. If the
existing traffic profiles in the system do not meet the requirements, run the traffic table ip command
to add a traffic profile.
Set the profile name to ftth_voip and do not limit the upstream and downstream rates. Set the priority
to 5 and packets are scheduled according to the priority carried.

huawei(config)#traffic table ip name ftth_voip cir off priority 5 priority-policy

local-setting

2. Configure the mapping relationship between a GEM port and a VLAN.


The service flow of user VLAN 300 is mapped to GEM port 12 in the ONT line profile.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#gem mapping 12 2 vlan 300
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

3. Create a service VLAN and add an upstream port to it.


Add upstream port 0/9/0 to VLAN 200.

huawei(config)#vlan 200 smart


huawei(config)#port vlan 200 0/9 0

2024-09-17 153
MA5800 Product Documentation

4. Create service flows.


Set the service VLAN to 200, GEM port ID to 12, and user VLAN to 300. Use traffic profile ftth_voip.

huawei(config)#service-port vlan 200 gpon 0/1/0 ont 1 gemport 12 multi-service

user-vlan 300 inbound traffic-table name ftth_voip outbound traffic-table name ftth_voip

huawei(config)#service-port vlan 200 gpon 0/1/0 ont 2 gemport 12 multi-service

user-vlan 300 inbound traffic-table name ftth_voip outbound traffic-table name ftth_voip

5. Enable the ARP proxy function.


Voice media streams for different users of the same SVLAN fail to interchange because the service ports
of the smart VLAN are isolated from each other. Therefore, the ARP proxy function needs to be enabled
on the OLT.

huawei(config)#arp proxy enable


huawei(config)#interface vlanif 200
huawei(config-if-vlanif200)#arp proxy enable
huawei(config-if-vlanif200)#quit

6. Save the configurations.

huawei(config)#save

 Configure the ONT on the Web page.

1. Log in to the Web configuration page.

a. Configure the IP address of the PC network adapter to be in the same network segment with the
IP address of the local maintenance Ethernet port on the ONT.

b. Open the Web browser, and enter the IP address (https with high priority is recommended) of
the local maintenance Ethernet port on the ONT. In the login window that is displayed, enter the
user name and password of the administrator. After the password is authenticated, the web
configuration window is displayed.

To enhance system security, change the password to a password that meets security requirements after
the first successful login. It is recommended that you change the password periodically.

2. Optional: Configure the voice protocol.

The default voice protocol is SIP. If the protocol is not changed, skip this step.

3. Configure parameters for the voice WAN interface.

2024-09-17 154
MA5800 Product Documentation

4. Configure parameters for the SIP-based voice interface.

2024-09-17 155
MA5800 Product Documentation

 The parameters of the SIP-based voice interface must be consistent with the corresponding configuration
on the softswitch.
 If dual-homing is configured, Address of the Standby Proxy Server must be configured.
 If Signaling Port is empty, the parameter value is the same as Media Port. If the upper-layer network
requires isolation of media streams from signaling streams, create different traffic streams for the media
streams and signaling streams on the OLT, create different WAN ports on the ONT, and bind the created
WAN ports to Media Port and Signaling Port. When the packet is forwarded from two WAN ports, the
configured VLAN is carried by default.

5. Check the registration status of the voice user.

2024-09-17 156
MA5800 Product Documentation

1.2.5.9 Configuring the SIP-based Voice Service (Through the


CLI)
Configuring the SIP-based Voice Service (Through the CLI)

The OLT manages ONTs and applies VoIP configurations to the ONT using the OMCI protocol. This topic describes
how to configure the SIP-based voice service.

Prerequisites
 The SIP interface data and POTS user configuration data corresponding to the MG interface have been
configured on the SIP server.

 The connection between the OLT and the SIP server is set up. The OLT can ping the IP address of the SIP
server successfully.

 The ONT has been added to the OLT. For details, see Adding an ONT to an OLT .

 Different voice services require different ONT software versions. Before the configuration, ensure that the
current ONT software version supports SIP. For details, see relevant ONT manuals.

 The Web page and NMS window for configuring ONT varies with ONT versions, but the parameter
configuration is the same. For details, see relevant ONT manuals.

Data Plan

Item Data

ONT line Profile name: ftth


profile GEM port ID: 12

VLAN Plan Single VLAN tag:


SVLAN ID: 200
SVLAN type: smart
SVLAN attribute: common
CVLAN ID: 300
VLAN translation policy:
ONT: VLANs are configured for the ONTs on the same network in a unified manner, and the ONTs have
the same C-VLAN. The ONT adds a C-VLAN tag to packets.
OLT: translates the VLAN tag (C-VLAN <-> S-VLAN).

2024-09-17 157
MA5800 Product Documentation

Item Data

Voice IP address of the SIP server: 10.10.100.10/24


parameter Port ID of the SIP server: 5060
Home domain name: example.com
User phone number 1: 12345610
User phone number 2: 12345620

Procedure

1. Configure a traffic profile.


Run the display traffic table ip command to query the existing traffic profiles in the system. If the existing
traffic profiles in the system do not meet the requirements, run the traffic table ip command to add a traffic
profile.

2. Configure the mapping relationship between a GEM port and a VLAN.


The service flow of user VLAN 300 is mapped to GEM port 12 in the ONT line profile.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#gem mapping 12 2 vlan 300
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

3. Create a service VLAN and add an upstream port to it.


Add upstream port 0/9/0 to VLAN 200.

huawei(config)#vlan 200 smart


huawei(config)#port vlan 200 0/9 0

4. Create service flows.


Set the service VLAN to 200, GEM port ID to 12, and user VLAN to 300. Use traffic profile ftth_voip.

huawei(config)#service-port vlan 200 gpon 0/1/0 ont 1 gemport 12 multi-service

user-vlan 300 inbound traffic-table name ftth_voip outbound traffic-table name ftth_voip

huawei(config)#service-port vlan 200 gpon 0/1/0 ont 2 gemport 12 multi-service

user-vlan 300 inbound traffic-table name ftth_voip outbound traffic-table name ftth_voip

5. Enable the ARP proxy function.


Voice media streams for different users of the same SVLAN fail to interchange because the service ports of
the smart VLAN are isolated from each other. Therefore, the ARP proxy function needs to be enabled on the
OLT.

huawei(config)#arp proxy enable


huawei(config)#interface vlanif 200
huawei(config-if-vlanif200)#arp proxy enable
huawei(config-if-vlanif200)#quit

6. Configure ONT voice profiles.

2024-09-17 158
MA5800 Product Documentation

ONT voice service configurations include the VoIP service provisioning mode, ONT voice profiles, voice
users, and voice-related parameters.

ONT voice profiles include the common MG interface attribute profile, POTS port profile, SIP service profile,
SIP agent profile, digitmap profile, and voice signal profile.

 Common MG interface attribute profile: saves common attributes of an ONT voice interface, including
the fax mode, fax/modem negotiation mode, and priority of the coding and decoding mode.

 POTS port profile: saves physical attributes of a POTS port on an ONT, including the impedance, Tx
gain, Rx gain, and signaling type of a POTS port.

 SIP service data profile: saves the data information about the ONT voice service, including the rights of
call waiting (CW), three-way calling (3WC), call transfer (CT), and call hold (CH).

 SIP agent profile: saves the SIP agent information about an ONT, including the IP address and domain
name of the SIP agent server and attributes of media packets and signaling packets.

 Digitmap profile: saves the digitmap information about an ONT, including the timeout time of the
digitmap timer and the digitmap format.

 Voice signal profile: saves the ONT signal tone and ringing tone.

Currently, the common MG interface attribute profile, POTS port profile, SIP service profile, and SIP agent
profile can be applied to an SIP interface, and the digitmap profile and voice signal profile can be bound to
an SIP interface.
For profiles that can be applied to an SIP interface, if parameters in those profiles are changed, those profiles
must be reapplied to the SIP interface so that the changed parameters can take effect. For profiles that can
be bound to an SIP interface, if parameters in those profiles are changed, those profiles do not need to be
rebound to the SIP interface and the changed parameters can take effect.

a. Configure the VoIP service provisioning mode.


Run the ont voip config-method command to configure the VoIP service provisioning mode. Run the
display ont info command to query the mode of issuing VoIP services.
In this example, the mode is default, that is, the VoIP service provisioning mode is depended on the
actual service provisioning mode on the ONT. Run this command to select a proper mode if the
system supports multiple voice service provisioning modes. The service provisioning modes can be
OMCI, FTP, and TR069.

FTP has security risks. The OMCI and TR069 service provisioning modes are recommended.

b. Configure and apply an MG interface public attribute profile.


In this example, the default profile 1 is used.

i. Configure an MG interface public attribute profile.


Run the display ont-mg-attribute-profile command to query the existing profile in the
system. If the existing profile in the system does not meet the requirements, run the ont-mg-
attribute-profile add command to add a profile.

2024-09-17 159
MA5800 Product Documentation

ii. Apply a common MG interface attribute profile.


Run the ont-if-sip bat-apply command to apply profiles in batches to SIP interfaces and run
the if-sip attribute command to apply a profile to an SIP interface or configure customized
parameters on an SIP interface. If you run these two commands to apply profiles in batches or
configure customized parameters repeatedly, the last configurations take effect.

c. Configure and apply a POTS port profile.


In this example, the default profile 1 is used.

i. Configure a POTS port profile.


Run the display ont-pots-profile command to query the existing profile in the system. If the
existing profile in the system does not meet the requirements, run the ont-pots-profile add
command to add a profile.

ii. Apply a POTS port profile.


Run the ont-pstnport electric bat-apply command to apply POTS port profiles in batches and
run the pstnport electric command to apply a POTS port profile to an SIP interface or
configure customized parameters on an SIP interface. If you run these two commands to apply
profiles in batches or configure customized parameters repeatedly, the last configurations take
effect.

d. Configure the voice WAN port of the ONT.


For ONT 1 and ONT 2, configure the IP address obtaining mode to DHCP, set the management VLAN
to VLAN 300, and use default values for other parameters.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont ipconfig 0 1 dhcp vlan 300
huawei(config-if-gpon-0/1)#ont ipconfig 0 2 dhcp vlan 300

e. Configure and apply an SIP agent profile.

i. Configure an SIP agent profile.


Run the display ont-sipagent-profile command to query the existing profile in the system. If
the existing profile in the system does not meet the requirements, run the ont-sipagent-
profile add command to add a profile.

Create SIP agent profile 2, set the IP address of the SIP server to 10.10.100.10, and use default
values for other parameters.

huawei(config)#ont-sipagent-profile add profile-id 2 proxy-server 10.10.100.10

ii. Add an SIP interface and apply an SIP agent profile to the interface.

For ONT 1 and ONT 2, set the MG ID to 1, apply SIP agent profile 2 to ONT 1 and ONT 2, and use
default values for other parameters.

huawei(config-if-gpon-0/1)#if-sip add 0 1 1 sipagent-profile profile-id 2


huawei(config-if-gpon-0/1)#if-sip add 0 2 1 sipagent-profile profile-id 2

f. Add POTS users.

2024-09-17 160
MA5800 Product Documentation

For ONT 1 and ONT 2, set the MG ID to 1 (identical to the MG ID of the added SIP interface), create
two POTS users named user11 and user2, set passwords to user1 and user2, set their phone numbers
to 12345610 and 12345620 and use default values for other parameters.

huawei(config-if-gpon-0/1)#sippstnuser add 0 1 1 mgid 1 username user1 telno 12345610


huawei(config-if-gpon-0/1)#sippstnuser add 0 2 1 mgid 1 username user2 telno 12345620

Run the display sippstnuser attribute command to check whether the configuration of the POTS
user is properly set.

huawei(config-if-gpon-0/1)#display sippstnuser attribute 0 1 1


------------------------------------------------------------------------------
F/S/P : 0/1/0
ONT ID :1
Port ID :1

MG ID :1
Telephone NO. : 12345610
User name : user1
Password : user1
...//The rest of the response information is omitted.

huawei(config-if-gpon-0/1)#display sippstnuser attribute 0 2 1


------------------------------------------------------------------------------
F/S/P : 0/1/0
ONT ID :2
Port ID :1

MG ID :1
Telephone NO. : 12345620
User name : user2
Password : user2
...//The rest of the response information is omitted.

g. Configure and apply an SIP service profile.


In this example, the default profile 1 is used.

i. Configure an SIP service profile.


Run the display ont-siprightflag-profile command to query the existing profile in the system.
If the existing profile in the system does not meet the requirements, run the ont-siprightflag-
profile add command to add a profile.

ii. Apply an SIP service profile.


Run the ont-sippstnuser bat-apply from command to apply profiles in batches to SIP
interfaces and run the sippstnuser rightflag command to apply a profile to a SIP interface or
configure customized parameters on a SIP interface. If you run these two commands to apply

2024-09-17 161
MA5800 Product Documentation

profiles in batches or configure customized parameters repeatedly, the last configurations take
effect.

h. Configure and bind a digitmap profile.


In this example, the default profile 1 is used.

i. Configure a digitmap profile.


Run the display ont-digitmap-profile command to query the existing profile in the system. If
the existing profile in the system does not meet the requirements, run the ont-digitmap-
profile add command to add a profile.

ii. Bind a digitmap profile.


Run the ont-sippstnuser bat-bind from command to apply profiles in batches to SIP
interfaces, or run the sippstnuser digitmap command to bind a profile to an SIP interface. If
you use these two commands to bind the profile to SIP ports repeatedly, the last configurations
take effect.

i. Configure and bind the voice signal profile.


In this example, the default profile 1 is used.

i. Configure the voice signal profile.


Run the display ont-voipsignal-profile command to query the existing profiles in the system.
If the existing profile in the system does not meet the requirement, run the ont-voipsignal-
profile command to add a profile.

ii. Configure the ONT signal tone.


Run the display ont-tone command to query the existing configuration in the system. If the
existing configuration in the system does not meet the requirement, run the ont-tone add
command to add signal tone parameters. The ONT signal tone will not be configured
independently in this example.

iii. Configure ONT ringing parameters.


Run the display ont-ring command to query the existing configuration in the system. If the
existing configuration in the system does not meet the requirement, run the ont-ring add
command to add ringing parameters. The ONT ringing parameter will not be configured
independently in this example.

iv. Run the commit command to save parameters of the voice signal profile to the database.

v. Bind the voice signal profile.


Run the ont-voipsignal bat-bind command to bind voice signal profiles in batches or run the
voipsignal command to bind a voice signal profile to an ONT. If you run these two commands
to bind profiles in batches or bind a voice signal profile to an ONT repeatedly, the last
configurations take effect.

j. (Optional) Configure the SIP user codec.


Run the sippstnuser codec command to configure the SIP user codec. The SIP user codec will not be
configured independently in this example.

2024-09-17 162
MA5800 Product Documentation

k. (Optional) Configure the global VoIP media attributes of the ONT.


Run the ont-voip-media attribute command to configure the global VoIP media attributes of the
ONT. Before configuration, ensure that the configured media attributes are supported by the
corresponding ONT. Otherwise, the ONT configuration will fail. The global VoIP media attributes of
the ONT will not be configured independently in this example.

7. Save the configurations.

huawei(config)#save

1.2.5.10 Configuring the BTV Service (on the Web Page)


Configuring the BTV Service (on the Web Page)

The OLT is connected to the remote gateway ONT through a GPON port to provide users with the bridge WAN
multicast service.

Prerequisites

 The OLT has been connected to the BRAS and the multicast source.

 The VLAN of the LAN switch port connected to the OLT is the same as the upstream VLAN of the OLT.

 The ONT has been added to the OLT. For details, see Adding an ONT to an OLT .

 The Web page for configuring ONT varies with ONT versions, but the parameter configuration is the same. For
details, see relevant ONT manuals.

Data Plan

Table 1 Data plan

Item Data

ONT line profile Profile name: ftth


GEM port ID: 13

Traffic profile ID: 8


802.1p priority: 4
CIR: off (unlimited)
Priority-based scheduling policy: local-setting

VLAN Plan Single VLAN tag:


SVLAN ID: 1000
MVLAN ID: 1000
VLAN type: smart
VLAN attribute: common
VLAN translation policy:
ONT: duplicates multicast packets based on user ports and MVLANs are stripped off downstream.
OLT: duplicates multicast packets based on PON ports with MVLAN unchanged.

2024-09-17 163
MA5800 Product Documentation

Table 1 Data plan

Item Data

Multicast service data Multicast protocol: IGMP proxy


Multicast version: IGMPv2
Multicast program: dynamic obtaining mode

Procedure
1. Configure the OLT.

a. Configure a traffic profile.


Set the profile name to ftth_iptv. Set the CIR to off (unlimited), priority to 4, and priority-based
scheduling policy to local-setting (that is, queues are scheduled based on the priority specified in the
profile).

Run the display traffic table ip command to query the existing traffic profiles in the system. If the existing
traffic profiles in the system do not meet the requirements, run the traffic table ip command to add a traffic
profile.

huawei(config)#traffic table ip name ftth_iptv cir off priority 4 priority-policy local-setting

b. Configure the mapping relationship between a GEM port and a VLAN.


The service flow of user VLAN 1000 is mapped to GEM port 13 in the ONT line profile.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#gem mapping 13 4 vlan 1000
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

c. Configure the VLAN of the Ethernet port on the ONT and the multicast forwarding mode.
If the ONT is connected to the STB through Ethernet port 2, add Ethernet port 2 to VLAN 1000.
Configure the multicast forwarding mode is untagged.

huawei(config)#ont-srvprofile gpon profile-name ftth


huawei(config-gpon-srvprofile-1)#port vlan eth 2 1000
huawei(config-gpon-srvprofile-1)#multicast-forward untag
huawei(config-gpon-srvprofile-1)#commit
huawei(config-gpon-srvprofile-1)#quit

d. Create a service VLAN and add an upstream port to it.


Add upstream port 0/9/0 to VLAN 1000.

huawei(config)#vlan 1000 smart


huawei(config)#port vlan 1000 0/9 0

e. Create service flows.

2024-09-17 164
MA5800 Product Documentation

Set the service VLAN to 1000, GEM port ID to 13, and user VLAN to 1000, and use traffic profile
ftth_iptv.

huawei(config)#service-port 1 vlan 1000 gpon 0/1/0 ont 1 gemport 13 multi-service

user-vlan 1000 inbound traffic-table name ftth_iptv outbound traffic-table name ftth_iptv

huawei(config)#service-port 2 vlan 1000 gpon 0/1/0 ont 2 gemport 13 multi-service

user-vlan 1000 inbound traffic-table name ftth_iptv outbound traffic-table name ftth_iptv

f. Create an MVLAN and configure the IGMP version.


Set the IGMP version for the MVLAN to IGMPv2.

huawei(config)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp version v2
This operation will delete all IPv4 programs with source IP addresses in the
current multicast VLAN
Are you sure to change current IGMP version? (y/n)[n]:y
Command is being executed. Please wait...
Command has been executed successfully

g. Configure a program library.

Set the mode for obtaining multicast programs to dynamic.

You can set the mode for obtaining multicast programs to dynamic only when the IGMP mode is off.

huawei(config-mvlan1000)#igmp mode off


Are you sure to close IGMP? (y/n)[n]:y
Command is being executed. Please wait...
Command has been executed successfully

huawei(config-mvlan1000)#igmp match mode disable


Command has been executed successfully

(Optional) Set the address range for the dynamic programs. If you need to limit the address range of
dynamic programs, perform this operation. For example, set the address range of dynamic programs
to 224.1.1.1-224.1.1.100.

huawei(config-mvlan1000)#igmp match group ip 224.1.1.1 to-ip 224.1.1.100

h. Set the IGMP mode.


Select the IGMP proxy mode.

huawei(config-mvlan1000)#igmp mode proxy


Are you sure to change IGMP mode? (y/n)[n]:y
Command is being executed. Please wait...
Command has been executed successfully

i. (Optional) Configure the IGMP upstream port.


In this example, the IGMP upstream port uses default value default.

2024-09-17 165
MA5800 Product Documentation

Run the display igmp config global command to query the IGMP upstream port mode. If this mode
does not meet the requirement, run the igmp uplink-port-mode command to configure it.
j. Configure multicast users.
Add service ports 1 and 2 as multicast users.

huawei(config-mvlan1000)#btv
huawei(config-btv)#igmp user add service-port 1
huawei(config-btv)#igmp user add service-port 2
huawei(config-btv)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp multicast-vlan member service-port 1
huawei(config-mvlan1000)#igmp multicast-vlan member service-port 2
huawei(config-mvlan1000)#quit

k. Save the configurations.

huawei(config)#save

2. Configure the ONT on the Web page.

a. Configure the working mode of a LAN port.


The LAN port bound to the WAN port must work in the Layer 3 mode. Therefore, set the working
mode to Layer 3 for the LAN port connected to the PC.

b. Configure parameters of a WAN port.

2024-09-17 166
MA5800 Product Documentation

If Service Type is set to IPTV or a type containing IPTV, this WAN port does not need to be bound to a LAN port.

c. Check the ONT connection status.

1.2.5.11 Configuring the VoD Service (on the Web Page)


Configuring the VoD Service (on the Web Page)

The OLT is connected to the remote gateway ONT through a GPON port to provide users with the VoD service.

Prerequisites

2024-09-17 167
MA5800 Product Documentation

 The iTMS has configured the IPTV WAN ports on the ONT.

 The OLT has been connected to the BRAS and the program source.

 The VLAN of the LAN switch port connected to the OLT is the same as the upstream VLAN of the OLT.

 The ONT has been added to the OLT. For details, see Adding an ONT to an OLT .

 The Web page for configuring ONT varies with ONT versions, but the parameter configuration is the same. For
details, see relevant ONT manuals.

Data Plan

Item Data

ONT line profile Profile name: ftth


GEM port ID: 13

Traffic profile ID: 8


802.1p priority: 4
CIR: off (unlimited)
Priority-based scheduling policy: local-setting

VLAN Plan Single VLAN tag:


SVLAN ID: 1000
VLAN type: smart
VLAN attribute: common
CVLAN: 2001
VLAN translation policy:
The ONT adds CVLAN tags (configured on the iTMS) to packets: untag<->C.
The OLT implements VLAN translation: C<->S.

Procedure

1. Configure the OLT.

a. Configure a traffic profile.


Set the profile name to ftth_iptv. Set the CIR to off (unlimited), priority to 4, and priority-based
scheduling policy to local-setting (that is, queues are scheduled based on the priority specified in the
profile).

Run the display traffic table ip command to query the existing traffic profiles in the system. If the existing
traffic profiles in the system do not meet the requirements, run the traffic table ip command to add a traffic
profile.

huawei(config)#traffic table ip name ftth_iptv cir off priority 4 priority-policy local-setting

b. Configure the mapping relationship between a GEM port and a VLAN.


The service flow of user VLAN 2001 is mapped to GEM port 13 in the ONT line profile.

2024-09-17 168
MA5800 Product Documentation

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#gem mapping 13 4 vlan 2001
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

c. Configure the VLAN of the Ethernet port on the ONT.


If the ONT is connected to the STB through Ethernet port 2, add Ethernet port 2 to VLAN 2001.

huawei(config)#ont-srvprofile gpon profile-name ftth


huawei(config-gpon-srvprofile-1)#port vlan eth 2 2001
huawei(config-gpon-srvprofile-1)#commit
huawei(config-gpon-srvprofile-1)#quit

d. Create a service VLAN and add an upstream port to it.


Add upstream port 0/9/0 to VLAN 1000.

huawei(config)#vlan 1000 smart


huawei(config)#port vlan 1000 0/9 0

e. Create service flows.


Create service flows. Set the S-VLAN to 1000, GEM port ID to 13, and C-VLAN to 2001, and use traffic
profile ftth_iptv. Set the VLAN translation policy to Translate. The C-VLAN 2001 of the ONT is
translated to S-VLAN 1000.

huawei(config)#service-port vlan 1000 gpon 0/1/0 ont 1 gemport 13 multi-service user-vlan 2001

tag-transform translate inbound traffic-table name ftth_iptv outbound traffic-table name ftth_iptv

huawei(config)#service-port vlan 1000 gpon 0/1/0 ont 2 gemport 13 multi-service user-vlan 2001

tag-transform translate inbound traffic-table name ftth_iptv outbound traffic-table name ftth_iptv

f. Save the configurations.

huawei(config)#save

2. Configure the ONT on the Web page.

a. Configure the working mode of a LAN port.


The LAN port bound to the WAN port must work in the Layer 3 mode. Therefore, set the working
mode to Layer 3 for the LAN port connected to the PC.

b. Configure parameters of a WAN port.

2024-09-17 169
MA5800 Product Documentation

If Service Type is set to IPTV or a type containing IPTV, this WAN port does not need to be bound to a LAN port.

c. Check the ONT connection status.

1.2.5.12 Configuring the CATV Service


Configuring the CATV Service

The OLT is connected to the remote ONT through a GPON port to provide users with the CATV service.

Prerequisites

2024-09-17 170
MA5800 Product Documentation

 The ONT is added to the OLT. For details, see Adding an ONT to an OLT .

 The ONT supports the CATV function.

Context

The optical transmitter at the CO end converts CATV signals to 1550 nm optical signals. After being amplified by
the built-in optical amplifier inside the EDFA integrated device, the built-in WDM1r module multiplexes the 1550
nm optical signals and data optical signals for transmission. The CATV receiver on the user side or the ONT
supporting CATV reception then restore 1550 nm optical signals to CATV video signals, as shown in the following
figure.

As shown in the figure, the EDFA is an integrated device supporting amplifying and multiplexing, which integrates optical
amplifiers and WDM1r modules.

On the OLT side, enable ONT CATV (which is enabled by default). On the ONT side, no other configurations are
required.

Procedure

1. (Optional) Enable ONT CATV.


The port is enabled by default.

huawei(config)#ont port attribute catv default-operational-state on

1.2.5.13 Configuring Any Port Any Service (on the Web Page)
Configuring Any Port Any Service (on the Web Page)

The OLT can connect a remote ONT through the GPON interface. This topic describes how to configure the function
of any port any service.

Prerequisites

 The OLT is connected to the BRAS.

2024-09-17 171
MA5800 Product Documentation

 Related configurations are performed on the BRAS according to the authentication and accounting
requirements for dialup users. For details about the configuration, see the BRAS configuration guide.

 The ONT has been added to the OLT.

 The VLAN of the LAN switch port connected to the OLT is consistent with the upstream VLAN of the OLT.

Data Plan

Item Service Type Data

ONT line Internet access Profile name: ftth


profile T-CONT ID: 4
GEM port ID for Internet access service: 14

Multicast Profile name: ftth


service T-CONT ID: 4
Multicast access service: 13

Traffic profile Internet access Profile name: ftth_hsi

802.1p priority: 0
Upstream and downstream bandwidth: 4 Mbit/s
Priority-based scheduling policy: local-setting

Multicast ID: 8
service
802.1p priority: 4
CIR: off (unlimited)
Priority-based scheduling policy: local-setting

VLAN Plan Internet access Double-tagged VLAN:

S-VLAN ID: 100


S-VLAN type: smart
S-VLAN attribute: stacking
CVLAN ID: 1001
C'-VLAN ID: 1010-1011
VLAN Translation Policy:
ONT: ONTs configure the VLAN and add the same C-VLAN tag to packets. All ONTs are
in the same C-VLAN.
OLT: The OLT performs VLAN translation: C<->S+C'. The C'-VLAN of every ONT differs
from each other.

Multicast Single VLAN tag:


service
SVLAN ID: 1000
MVLAN ID: 1000
CVLAN ID:1000
VLAN type: smart
VLAN attribute: common
VLAN translation policy:

2024-09-17 172
MA5800 Product Documentation

Item Service Type Data

ONT: duplicates multicast packets based on user ports and MVLANs are stripped off
downstream.
OLT: duplicates multicast packets based on PON ports with MVLAN unchanged.

Procedure

 Configure the OLT.

1. Configure a traffic profile.


Run the display traffic table ip command to query existing traffic profiles in the system. If the traffic
profiles existing in the system do not meet the requirements, you need to run the traffic table ip
command to add a traffic profile.
Set the name to ftth_hsi for the traffic profile of the Internet access service, the CIR to 4 Mbit/s, and the
priority to 0. In addition, configure the scheduling mode so that packets are scheduled according to
their priorities.

huawei(config)#traffic table ip name ftth_hsi cir 4096 priority 0 priority-policy local-setting

Configure traffic profile 8 for the multicast service. Set the CIR to off (unlimited), priority to 4, and
priority-based scheduling policy to local-setting (that is, queues are scheduled based on the priority
specified in the profile).

huawei(config)#traffic table ip index 8 cir off priority 4 priority-policy local-setting

2. Configure the mapping relationship between a GEM port and a VLAN.


The service flow of user VLAN 1001 is mapped to GEM port 14 in the ONT line profile. Map the service
flows of user VLAN 1000 to the GEM port with index 13.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#gem mapping 14 0 vlan 1001
huawei(config-gpon-lineprofile-1)#gem mapping 13 4 vlan 1000
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

Do not configure the port VLAN or native VLAN of an ONT port.

3. Create a service VLAN and add an upstream port to it.


Add upstream port 0/9/0 to VLAN 100 and 1000.

huawei(config)#vlan 100,1000 smart


huawei(config)#vlan attrib 100 stacking
huawei(config)#port vlan 100,1000 0/9/0 0

4. Create service flows.


For the Internet access service, set the service VLAN to 100, GEM port ID to 14, and user VLAN to 1001.
Use traffic profile ftth_hsi.

2024-09-17 173
MA5800 Product Documentation

huawei(config)#service-port 1 vlan 100 gpon 0/1/0 ont 1 gemport 14 multi-service

user-vlan 1001 tag-transform translate-and-add inner-vlan 1010 inbound traffic-table name


ftth_hsi outbound traffic-table name ftth_hsi
For the multicast service, set the service VLAN to 1000, GEM port ID to 13, and user VLAN to 1000, and
use traffic profile 8.

huawei(config)#service-port 2 vlan 1000 gpon 0/1/0 ont 1 gemport 13 multi-service

user-vlan 1000 rx-cttr 8 tx-cttr 8

5. Create an MVLAN and configure the IGMP version.


Set the IGMP version for the MVLAN to IGMPv2.

huawei(config)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp version v2
This operation will delete all IPv4 programs with source IP addresses in the
current multicast VLAN
Are you sure to change current IGMP version? (y/n)[n]:y
Command is being executed. Please wait...
Command has been executed successfully

6. Configure a program library.

Set the mode for obtaining multicast programs to dynamic.

You can set the mode for obtaining multicast programs to dynamic only when the IGMP mode is off.

huawei(config-mvlan1000)#igmp mode off


Are you sure to close IGMP? (y/n)[n]:y
Command is being executed. Please wait...
Command has been executed successfully

huawei(config-mvlan1000)#igmp match mode disable


Command has been executed successfully

(Optional) Set the address range for the dynamic programs. If you need to limit the address range of
dynamic programs, perform this operation. For example, set the address range of dynamic programs to
224.1.1.1-224.1.1.100.

huawei(config-mvlan1000)#igmp match group ip 224.1.1.1 to-ip 224.1.1.100

7. Set the IGMP mode.


Select the IGMP proxy mode.

huawei(config-mvlan1000)#igmp mode proxy


Are you sure to change IGMP mode? (y/n)[n]:y
Command is being executed. Please wait...
Command has been executed successfully

8. (Optional) Configure the IGMP upstream port.

2024-09-17 174
MA5800 Product Documentation

In this example, the IGMP upstream port uses default value default.
Run the display igmp config global command to query the IGMP upstream port mode. If this mode
does not meet the requirement, run the igmp uplink-port-mode command to configure it.
9. Configure multicast users.
Add service port 2 as multicast users.

huawei(config-btv)#igmp user add service-port 2


huawei(config-btv)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp multicast-vlan member service-port 2
huawei(config-mvlan1000)#quit

10. Save the configurations.

huawei(config)#save

 Configure the ONT on the web page.

1. Log in to the Web configuration page.

a. Configure the IP address of the PC network adapter to be in the same network segment with the
IP address of the local maintenance Ethernet port on the ONT.

b. Open the Web browser, and enter the IP address (https with high priority is recommended) of
the local maintenance Ethernet port on the ONT. In the login window that is displayed, enter the
user name and password of the administrator. After the password is authenticated, the web
configuration window is displayed.

To enhance system security, change the password to a password that meets security requirements after
the first successful login. It is recommended that you change the password periodically.

2. Configure the working mode of a LAN port.


The function of any port any service requires that all LAN ports work in Layer 3 mode. Set LAN ports to
Layer 3 mode.

3. Configure parameters of a WAN port.

Do not bind WAN ports and LAN ports during the configuration of any port any service.

WAN configuration for the Internet access service

2024-09-17 175
MA5800 Product Documentation

WAN configuration for the multicast service

2024-09-17 176
MA5800 Product Documentation

4. Configure a static route for the multicast service.

5. Check the ONT connection status.

2024-09-17 177
MA5800 Product Documentation

Result
The ONT can connect to the Internet access service or Multicast service through any LAN port.

1.2.5.14 Configuring Link Aggregation, Congestion Control,


and Security Policies
Configuring Link Aggregation, Congestion Control, and Security Policies

The global configuration of link aggregation and queue scheduling based on priorities ensures service reliability.
The global configuration of security policies ensures service security.

Context

Link aggregation provides a higher bandwidth and uplink reliability for optical line terminals (OLTs) by
aggregating multiple uplink Ethernet ports to one link aggregation group (LAG).
Congestion control places the packets to be sent from a port into multiple queues that are marked with different
priorities. Then, the packets are sent based on queue priorities.

Security policies ensure system, user, and service security.

Enable a service security function based on the service type. For details, see Principle of Security Data Plan .

Procedure

 Configure link aggregation.


The following configurations are used as an example to configure link aggregation:

 Uplink ports 0/9/0 and 0/9/1 are added to a LAG.

 The two ports send packets upstream based on the packets' source MAC addresses.

 The LAG works in Link Aggregation Control Protocol (LACP) static aggregation mode.

huawei(config)#link-aggregation 0/9 0-1 ingress workmode lacp-static

2024-09-17 178
MA5800 Product Documentation

 Configure queue scheduling.


According to quality of service (QoS) planning principles, all packets are scheduled in strict priority (SP) mode
and mapped to queues according to the packets' priorities. For details about QoS planning principles, see
Principle of QoS Planning .

huawei(config)#queue-scheduler strict-priority
huawei(config)#cos-queue-map cos0 0 cos4 4 cos5 5 cos6 6

 Configure system security.

 Enable deny of service (DoS) anti-attack on the OLT.

1. Run the security anti-dos enable command to globally enable DoS anti-attack.

2. Run the security anti-dos control-packet policy command to configure a protocol packet
processing policy that will be used when a DoS attack occurs.

3. Run the security anti-dos control-packet rate command to configure the threshold for the rate
of sending protocol packets to the CPU.

 Enable IP address anti-attack on the OLT.


Run the security anti-ipattack enable command to enable IP address anti-attack.

 Configure user security.

 Enable MAC address anti-flapping on the OLT.


Run the security anti-macduplicate enable command to enable MAC address anti-flapping.

 Enable MAC address anti-spoofing on the OLT.

1. In global config mode, run the security anti-macspoofing enable command to globally enable
MAC address anti-spoofing.

2. Enable MAC address anti-spoofing at VLAN level in global config mode or service profile mode:

a. In global config mode, run the security anti-macspoofing vlan command to enable MAC
address anti-spoofing.

b. In global config mode, run the vlan service-profile command to create a VLAN service
profile.

c. Perform the following operations to enable MAC address anti-spoofing in VLAN service
profile mode:

i. Run the security anti-macspoofing enable command to enable MAC address anti-
spoofing at VLAN level.

ii. Run the commit command to make the profile configuration take effect.

iii. Run the quit command to quit the VLAN service profile mode.

iv. Run the vlan bind service-profile command to bind the created VLAN service
profile to a VLAN.

2024-09-17 179
MA5800 Product Documentation

3. (Optional) Run the security anti-macspoofing max-mac-count command to set the maximum
number of MAC addresses that can be bound to a service flow.

4. (Optional) Run the security anti-macspoofing exclude command to configure the types of
packets for which MAC address anti-spoofing does not take effect, such as Internet Group
Management Protocol (IGMP) packets.

 Enable IP address anti-spoofing on the OLT.

IP address anti-spoofing can be enabled or disabled at three levels: global, VLAN, and service port levels.
This function takes effect only after it is enabled at the three levels. Among the three levels, IP address
anti-spoofing is disabled only at the global level by default.

1. In global config mode, run the security anti-ipspoofing enable command to enable IP address
anti-spoofing at the global level.

2. In VLAN service profile mode, run the security anti-ipspoofing enable command to enable IP
address anti-spoofing at the VLAN level.

3. Run the security anti-ipspoofing service-port serviceport-id enable command to enable IP


address anti-spoofing at the service port level.

 Configure service security.

 Enable Dynamic Host Configuration Protocol (DHCP) Option 82 on the OLT. This configuration is
recommended for the DHCP-based Internet access service.

1. Enable DHCP Option 82 on the OLT.


DHCP Option 82 can be enabled or disabled at four levels: global, port, VLAN, and service port
levels. This function takes effect only after it is enabled at the four levels. Among the four levels,
DHCP Option 82 is disabled only at the global level by default.

 The global level: In global config mode, run the dhcp option82 command to enable DHCP
Option 82 at the global level.
When you run this command, select the enable, forward, or rebuild parameter based on
site requirements. The three parameters can all enable DHCP Option 82 but provide different
packet processing policies on the OLT. For details, see the dhcp option82 command.

 The port level: In global config mode, run the dhcp option82 port or dhcp option82 board
command to enable DHCP Option 82 at the port level.

 The VLAN level:

a. In global config mode, run the vlan service-profile command to create a VLAN
service profile.

b. Run the dhcp option82 enable command to enable DHCP Option 82 at the VLAN
level.

c. Run the commit command to make the profile configuration take effect.

d. Run the quit command to quit the VLAN service profile mode.

2024-09-17 180
MA5800 Product Documentation

e. Run the vlan bind service-profile command to bind the created VLAN service profile
to a VLAN.

 The service port level: In global config mode, run the dhcp option82 service-port command
to enable DHCP Option 82 at the service port level.

2. On the OLT, run the dhcp-option82 permit-forwarding service-port command with the enable
parameter selected, to allow ONT DHCP packets to carry Option 82 information.

 Enable Policy Information Transfer Protocol (PITP) on the OLT. This configuration is recommended for
the PPPoE-based Internet access service.

1. Enable PITP on the OLT.


PITP can be enabled or disabled at four levels: global, port, VLAN, and service port levels. This
function takes effect only after it is enabled at the four levels. Among the four levels, PITP is
disabled only at the global level by default.

 The global level: In global config mode, run the pitp enable pmode, pitp forward pmode, or
pitp rebuild pmode command to enable PITP at the global level.
In the preceding commands, the enable, forward, and rebuild parameters can all enable
PITP but provide different packet processing policies on the OLT. Select one of them based
on site requirements. For details, see the pitp command.

 The port level: In global config mode, run the pitp port or pitp board command to enable
PITP at the port level.

 The VLAN level:

a. In global config mode, run the vlan service-profile command to create a VLAN
service profile.

b. Run the pitp enable command to enable PITP at the VLAN level.

c. Run the commit command to make the profile configuration take effect.

d. Run the quit command to quit the VLAN service profile mode.

e. Run the vlan bind service-profile command to bind the created VLAN service profile
to a VLAN.

 The service port level: In global config mode, run the pitp service-port command to enable
PITP at the service port level.

2. On the OLT, run the pitp permit-forwarding service-port command with the enable parameter
selected, to allow ONT PPPoE packets to carry a vendor tag.

1.2.5.15 Verifying Services


Verifying Services

2024-09-17 181
MA5800 Product Documentation

The ONTs are installed in users' houses which are far away from the central equipment room. ONTs provide
remote service verification methods including PPPoE dialup emulation, call emulation, and multicast emulation to
facilitate configuration and commissioning engineers to verify services remotely after service configuration.

Prerequisites
ONTs and upper-layer devices have been connected properly. The BRAS and MGC/IMS have been configured.

Background

Remote Service Function Description


Verification
Method

PPPoE dialup An ONT simulates a PPPoE user terminal software PPPoE dialup emulation requires a service
emulation to perform dialup and interact with the BRAS to flow which does not belong to a QinQ VLAN.
verify the connectivity between the ONT and BRAS.
A user name, password, and authentication
mode must be configured on the BRAS for the
PPPoE dialup emulation.
An ONT supports a maximum of a PPPoE
dialup emulation.

Call Emulation An ONT simulates a voice user to make a call to An ONT can simulate a caller or callee to
check whether the voice service data is correctly communicate with a phone in a call. In this
configured. You can also use the call emulation case, only a functional phone is required in the
function to locate a fault when the voice service is central office where the acceptance personnel
faulty. is.
An ONT supports a maximum of a call
emulation.

Multicast This function enables you to simulate a multicast Multicast services configured in the dynamic
emulation user going online and lead the program stream to an controllable multicast mode do not support
ONT. You can check whether the multicast service is this function.
normal by checking the real-time traffic of the
multicast program.

Data plan

Item Data Remarks

PPPoE dialup PPPoE user name: The user name, password, and authentication mode for the emulation test
emulation test@device must be configured on the BRAS. The entered user name, password, and
parameters Password: test1234 authentication mode must be consistent with those configured on the
BRAS.

Call emulation ONT POTS ID: 1 The default values are used. You can run the display pots emulational
parameters configuration command to check the parameter values.

Multicast Multicast service flow -


emulation ID: 1
parameters MVLAN: 1000
IP address of the
multicast program:

2024-09-17 182
MA5800 Product Documentation

Item Data Remarks

224.1.1.10

Procedure

 Verify the Internet access service using PPPoE dialup emulation.

1. In the xPON board mode, run the pppoe simulate start command to start a PPPoE dialup emulation
test. The following test uses GPON as an example:

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#pppoe simulate start
{ portid<U><0,7> }:0
{ ontid<U><0,127> }:1
{ eth<K>|untagged<K>|vlanid<U><0,4095> }:eth
{ ont-portid<U><1,8> }:4
{ untagged<K>|vlanid<U><0,4095> }:100
{ priority<U><0,7>|user-name<K> }:user-name
{ username<S><Length 1-64> }:test@device
{ user-password<K> }:user-password
{ password<S><Length 1-64> }:test1234
{ authentication-mode<K> }:authentication-mode
{ protocol<E><chap,pap> }:chap

Command:
pppoe simulate start 0 1 eth 4 100 user-name test@device user-password
test authentication-mode chap

huawei(config-if-gpon-0/1)#
----------------------------------
ONT PPPoE Test Result
----------------------------------
F/S/P : 0/1/0
ONT-ID :1
ONT ETH Port ID :4
ONT Vlan ID : 100
Vlan Priority :-
Emluator result : Success
Session ID : 18814
User IP : 192.168.100.101
Gateway IP : 192.168.100.1
----------------------------------

2024-09-17 183
MA5800 Product Documentation

 Troubleshooting methods for the Internet access service

1. Check whether configurations are complete on the OLT.

 Run the display ont info command to query the ONT status to check whether the ONT is
registered successfully.

 Run the display service-port command to check whether the Internet access service flow is
configured and whether the inner VLAN ID of the service flow is consistent with that in the data
plan.

 If a native VLAN is configured for the Ethernet port on the ONT, run the display ont port
attribute command in the xPON board mode to check whether the native VLAN is correct.

2. Check the upstream and downstream ports by checking the MAC address learning status.

a. Run the display mac-address vlan command to check the MAC address learning status of the
Internet service VLAN.

 If the upstream port does not learn a MAC address, check the network connections between
the upstream port and upper-layer devices and check the configurations of upper-layer
devices.

 If the downstream port does not learn a MAC address, check whether the ONT is activated,
whether the PC is connected to the right port on the ONT, and whether the PC is working
properly.

b. Run the display ont-learned-mac command to check whether the ONT connecting to the PON
port learned any MAC addresses.
If not, check whether the ONT properly connects to the PC or home gateway (HGW).

 Verify the voice service using call emulation.

1. Run the ont emulational call command to configure a call emulation test.

huawei(config)#test
huawei(config-test)#ont emulational call caller-port 0/1/0 1 1 telno 12345620
{ <cr>|caller-stop-time<K> }:

Command:
ont emulational call caller-port 0/1/0 1 1 telno 12345620

2. The ONT outputs the call emulation result after the test is complete.

huawei(config-test)#
----------------------------------------------------------------
F/S/P : 0/1/0
ONT-ID :0
ONT-POTSID :1
Test type : caller emulational call test
Detected number : 12345620

2024-09-17 184
MA5800 Product Documentation

Reported number : 12345620


Current status : test end
Test Result : success
----------------------------------------------------------------

 Troubleshooting methods for the voice service.

1. Check whether configurations are complete on the OLT.

 Run the display ont info command to query the ONT status to check whether the ONT is
registered successfully.

 Run the display service-port command to check whether the voice service flow is configured and
whether the inner VLAN ID of the service flow is consistent with that in the data plan.

2. Check the upstream and downstream ports by checking the MAC address learning status.

Run the display mac-address vlan command to check the MAC address learning status of the voice
service VLAN.

 If the upstream port does not learn a MAC address, check the network connections between the
upstream port and upper-layer devices and check the configurations of upper-layer devices.

 If the downstream port does not learn a MAC address, check whether the ONT is activated and
whether physical links are normal.

 If both the upstream and downstream ports can learn the MAC address, record the MAC address
of the ONT and log in to the service router (SR) to check whether an IP address is allocated to the
MAC address.

3. Check the registration status of the voice service.

 You can run the display ont port state command on the OLT to query the call connection status
on the POTS port. If Call State is RegisterFail or Connecting for a long time, check whether the
voice configuration on the MGC/SIP server is consistent with that on the ONT.

 If the ONT uses the H.248 protocol, you can run the display ont mg status command on the OLT
to query the registration status of the MG interface that connects to the ONT. If MG Status is
UnRegistered or Registering for a long time, check whether the voice configuration on the
MGC/SIP server is consistent with that on the ONT.

 You can query the registration status of the voice service on the ONT web page. If the query result
shows that the registration fails or the voice service is in the registering state for a long time,
check whether the voice configuration on the MGC/SIP server is consistent with that on the ONT.

 Verify the multicast service using multicast emulation.

1. Run the igmp static-join command to simulate a multicast user to order a multicast program.

huawei(config)#btv
huawei(config-btv)#igmp static-join service-port 1 ip 224.1.1.10 vlan 1000

2024-09-17 185
MA5800 Product Documentation

If the multicast program is obtained dynamically, igmp static-join can be executed successfully only when the
range for obtaining the dynamic program is set.

2. Run the display igmp user command to query the status of the multicast user.

huawei(config-btv)#display igmp user service-port 1


User : 0/1/0/1
State : online
Authentication : no-auth
Quick leave : MAC-based
IGMP flow ID :1
Video flow ID :1
Log switch : enable
Bind profiles :-
IGMP version : IGMP v3
Current version : IGMP v3
Current IGMP IPv6 version : IGMP IPv6 v2
Available programs :8
Global leave : disable
User max bandwidth : no-limit
Used bandwidth(kbps) :0
Used bandwidth
to max bandwidth(%) :-
Total video bandwidth :-
Mcast video bandwidth :-
Active program list
---------------------------------------------------------------------------
Program name VLAN IP/MAC State Start time
---------------------------------------------------------------------------
PROGRAM-5 1000 224.1.1.10 watching 2011-10-29
16:33:41+08:00
---------------------------------------------------------------------------
Total: 1

3. Run the display multicast flow-statistic command to query the real-time traffic of the multicast
program.

huawei(config-btv)#display multicast flow-statistic vlan 1000 ip 224.1.1.10


{ <cr>|sourceip<K> }:

Command:
display multicast flow-statistic vlan 1000 ip 224.1.1.10
Command is being executed. Please wait...
Multicast flow statistic result: 8736(kbps)

2024-09-17 186
MA5800 Product Documentation

1.2.6 Configuring Triple Play Service (GPON/XG-PON/XGS-PON


Networking in Simplified Mode)
Configuring Triple Play Service (GPON/XG-PON/XGS-PON Networking in Simplified Mode)

The GPON service configuration in simplified mode is implemented by creating an end-to-end (E2E) service port
between an OLT and an ONT. This topic describes how to achieve the GPON service configuration in simplified
mode by configuring the Internet access service, voice service, and multicast service in the FTTH scenario.

Service Requirements

On the same ONT, service ports in simplified mode conflict with services ports in profile mode. Therefore, they cannot be
configured concurrently.

 Subscribers use the bridging ONTs (supporting VoIP). The PC, STB, and phone are connected to different ports
on the ONT to achieve the triple play service.

 Different services are distinguished by different S-VLANs on an OLT.

 The internet access service has a rate restriction of 4 Mbit/s both in upstream and downstream directions.

 IPTV service has no rate restriction in upstream or downstream direction.

 The VoIP adopts the H.248 protocol and the phones connected to different ONTs can communicate with each
other.

Figure 1 shows an example network of the FTTH triple play service.

Figure 1 Example network of the FTTH triple play service

Prerequisite

 The OLT is connected to the BRAS, MGC, and the multicast source.

2024-09-17 187
MA5800 Product Documentation

 The interface data and the POTS user configuration data corresponding to the MG interface is configured on
the MGC.

 Related configurations are performed on the BRAS according to the authentication and accounting
requirements for dialup users. For details about the configuration, see the BRAS configuration guide.

 The VLAN of the LAN switch port connected to the OLT is consistent with the upstream VLAN of the OLT.

Procedure

 Configure the OLT.

1. Configure GPON ONT profiles.


GPON ONT profiles include the DBA profile, line profile, service profile, and alarm profile. In simplified
mode, the default DBA profile, line profile, and service profile are used. That is, these profiles do not
need to be configured.

a. Add an ONT line profile


The default line profile 0 is used. In this profile, the default T-CONT 0 and T-CONT 1 are created.
T-CONT 0 is bound to the default DBA profile 2 (the fixed bandwidth: 1 Mbit/s), and is used for
the OMCI management channel. T-CONT 1 is bound to the default DBA profile 0 (the assured
bandwidth: 8 Mbit/s, the maximum bandwidth: 20 Mbit/s), and is used for the service channel.
The DBA profile bound to a T-CONT can be modified.

b. Add an ONT service profile


The default service profile 0 is used. In this profile, the capability set of the ETH port and POTS
port is set to adaptive by default and therefore the OLT automatically matches the number of
ports according to the type of the online ONT.

c. (Optional) Add an alarm profile.

 The default GPON alarm profile 1 is used. The alarm thresholds of the default alarm profile
are 0, which indicates that no alarm is generated.

 In this example, the default alarm profile is used, and therefore the configuration of the
alarm profile is not required.

 Run the gpon alarm-profile add command to configure a GPON alarm profile, which is
used for monitoring the performance of an activated ONT line.

2. Add ONTs on the OLT.


The ONT is connected to a GPON port of the OLT by optical fibers. The service can be configured only
after ONTs are successfully added on the OLT.
The procedures for configuring GPON, XG-PON, and XGS-PON services are the same. The difference lies
in this step. Here, the GPON service is used as an example. When configuring XG-PON and XGS-PON
services, you need to configure the ONT network-side interface type parameter (ont-type) in the ont
add and ont confirm commands. Select a value based on the actual ONT capability or service data plan,
for example, 10g/2.5g.

2024-09-17 188
MA5800 Product Documentation

Two ONTs are connected to GPON port 0/1/1. The ONT IDs are 1 and 2, SNs are 3230313126595540
and 6877687714852901, passwords are 0100000001 and 0100000002, the discovery mode of
passwords is once-on, and the management mode is OMCI.

a. Add ONTs offline.


If the password of an ONT is known, run the ont add command to add an ONT offline.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont add 1 1 password-auth 0100000001 once-on no-aging omci
huawei(config-if-gpon-0/1)#ont add 1 2 password-auth 0100000002 once-on no-aging omci

b. Discover ONTs automatically.


If the password or SN of an ONT is unknown, run the port portid ont-auto-find command in
GPON mode to enable the ONT auto-discovery function of the GPON port. Then, run the ont
confirm command to confirm the ONT.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#port 1 ont-auto-find enable
huawei(config-if-gpon-0/1)#display ont autofind 1
//After this command is executed, the information of all automatically discovered ONTs connected to the
GPON port through optical splitters is displayed.

huawei(config-if-gpon-0/1)#ont confirm 1 ontid 1 sn-auth 3230313126595540 omci


huawei(config-if-gpon-0/1)#ont confirm 1 ontid 2 sn-auth 6877687714852901 omci

c. (Optional) Bind the alarm profile to the ONT.


The default profile 1 is used in this example.

huawei(config-if-gpon-0/1)#ont alarm-profile 1 1 profile-id 1


huawei(config-if-gpon-0/1)#ont alarm-profile 1 2 profile-id 1

3. Confirm that the ONTs go online successfully.


After an ONT is added, run the display ont info command to query the current status of the ONT.
Ensure that Config flag of the ONT is active, Run State is online, Config state is normal, and Match
state is match.

huawei(config-if-gpon-0/1)#display ont info 1 1


---------------------------------------------------------------------
F/S/P : 0/1/1
ONT-ID :1
Control flag : active //Indicates that the ONT is activated.
Run state : online //Indicates that the ONT goes online successfully.
Config state : normal //Indicates that the configuration state of the ONT is normal.
Match state : match //Indicates that the capability profile bound to the ONT is consistent with the actual
capability of the ONT.
...//The rest of the response information is omitted.

When Config state is failed, Run state is offline, or Match state is mismatch:

2024-09-17 189
MA5800 Product Documentation

 If Control flag is deactive, run the ont active command in GPON mode to activate the ONT.

 If Run state is offline, a physical line may be disconnected or the optical module may be
damaged. Check the line and the optical module.

 If Config state is failed, the configured ONT capability exceeds the actual ONT capability. In this
case, run the display ont failed-configuration command in diagnose mode to check the failed
configuration item and the failure cause. Then, rectify the fault accordingly.

4. Configure the Internet access service.

a. Create an S-VLAN and add an upstream port to it.


The VlAN ID is 100, and the VLAN type is smart. Add upstream port 0/9/0 to smart VLAN 100.

huawei(config)#vlan 100 smart


huawei(config)#port vlan 100 0/9 0

b. Configure a traffic profile.


Run the display traffic table ip command to query existing traffic profiles in the system. If the
traffic profiles existing in the system do not meet the requirements, you need to run the traffic
table ip command to add a traffic profile.
Set the profile ID to 8, the CIR to 4 Mbit/s, and the priority to 1. In addition, configure the
scheduling mode so that packets are scheduled according to their priorities.

huawei(config)#traffic table ip index 8 cir 4096 priority 1 priority-policy local-setting

c. Create a service port.


Set the service port indexes to 1 and 2, S-VLAN ID to 100, and C-VLAN ID to 10. The user PC is
connected to EHT port 1 on the ONT. The traffic profile 8 is used.

The user PC is connected to the ONT port. Therefore, the user-side VLAN is set to untagged.

huawei(config)#service-port 1 vlan 100 port 0/1/1 ont 1 eth 1 multi-service

user-vlan untagged inbound traffic-table index 8 outbound traffic-table index 8

huawei(config)#service-port 2 vlan 100 port 0/1/1 ont 2 eth 1 multi-service

user-vlan untagged inbound traffic-table index 8 outbound traffic-table index 8

5. Configure the voice service.

a. Create an S-VLAN and add an upstream port to it.


The VlAN ID is 200, and the VLAN type is smart. Add upstream port 0/9/0 to smart VLAN 200.

huawei(config)#vlan 200 smart


huawei(config)#port vlan 200 0/9 0

b. Enable ARP proxy.


For different users of the same S-VLAN, because the service ports of the smart VLAN are isolated
from each other, the voice media streams cannot interchange normally. The ARP proxy function

2024-09-17 190
MA5800 Product Documentation

of the OLT must be enabled so that different users of the same VLAN can communicate with each
other.

huawei(config)#arp proxy enable


huawei(config)#interface vlanif 200
huawei(config-if-vlanif200)#arp proxy enable
huawei(config-if-vlanif200)#quit

c. Configure a traffic profile.


Run the display traffic table ip command to query existing traffic profiles in the system. If the
traffic profiles existing in the system do not meet the requirements, you need to run the traffic
table ip command to add a traffic profile.
Set the profile ID to 9, the priority to 6 and no rate limitation on both the upstream and
downstream directions. In addition, configure the scheduling mode so that packets are
scheduled according to their priorities.

huawei(config)#traffic table ip index 9 cir off priority 6 priority-policy local-setting

d. Create a service port.


Set the service port indexes to 3 and 4, S-VLAN ID to 200, and C-VLAN ID to 20. The user phone
is connected to the POTS port on the ONT. The traffic profile 9 is used.

huawei(config)#service-port 3 vlan 200 port 0/1/1 ont 1 iphost multi-service

user-vlan 20 inbound traffic-table index 9 outbound traffic-table index 9

huawei(config)#service-port 4 vlan 200 port 0/1/1 ont 2 iphost multi-service

user-vlan 20 inbound traffic-table index 9 outbound traffic-table index 9

6. Configure the multicast service.

a. Create an S-VLAN and add an upstream port to it.


The VlAN ID is 1000, and the VLAN type is smart. Add upstream port 0/9/0 to smart VLAN 1000.

huawei(config)#vlan 1000 smart


huawei(config)#port vlan 1000 0/9 0

b. Configure a traffic profile.


Run the display traffic table ip command to query existing traffic profiles in the system. If the
traffic profiles existing in the system do not meet the requirements, you need to run the traffic
table ip command to add a traffic profile.
Set the profile ID to 10, the priority to 4 and no rate limitation on both the upstream and
downstream directions. In addition, configure the scheduling mode so that packets are
scheduled according to their priorities.

huawei(config)#traffic table ip index 10 cir off priority 4 priority-policy local-setting

c. Create a service port.


Set the service port indexes to 5 and 6, S-VLAN ID to 1000, C-VLAN ID to 30, and the ID of the
ONT ETH port connected to the user STB to 2. The traffic profile 10 is used.

2024-09-17 191
MA5800 Product Documentation

If the STB interconnected to the ONT does not support VLAN tag, the user-side VLAN is set to untagged
when creating service port.

huawei(config)#service-port 5 vlan 1000 port 0/1/1 ont 1 eth 2 multi-service

user-vlan 30 inbound traffic-table index 10 outbound traffic-table index 10

huawei(config)#service-port 6 vlan 1000 port 0/1/1 ont 2 eth 2 multi-service

user-vlan 30 inbound traffic-table index 10 outbound traffic-table index 10

d. Configure the IGMP version.


Set the IGMP version of the multicast VLAN to IGMPv3.

huawei(config)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp version v3

e. Create a multicast VLAN and select the IGMP mode.


Set the multicast VLAN ID to 1000 and select the IGMP proxy mode.

huawei(config-mvlan1000)#igmp mode proxy


Are you sure to change IGMP mode?(y/n)[n]:y

f. Configure a program library.


Configure the IP address of the multicast program to 224.1.1.10, program name to program1,
program source IP address to 10.10.10.10, and priority to 4.

huawei(config-mvlan1000)#btv
huawei(config-btv)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp program add name program1 ip 224.1.1.10 sourceip 10.10.10.10
priority 4

g. Configure a right profile.


Configure a profile named profile0, with the right of watching program 1.

huawei(config-mvlan1000)#btv
huawei(config-btv)#igmp profile add profile-name profile0
huawei(config-btv)#igmp profile profile-name profile0 program-name program1 watch

h. Configure multicast users.


Configure users of service ports 5 and 6 as multicast users and bind right profile profile0 to the
service ports.

huawei(config-btv)#igmp user add service-port 5 auth


huawei(config-btv)#igmp user add service-port 6 auth
huawei(config-btv)#igmp user bind-profile service-port 5 profile-name profile0
huawei(config-btv)#igmp user bind-profile service-port 6 profile-name profile0
huawei(config-btv)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp multicast-vlan member service-port 5
huawei(config-mvlan1000)#igmp multicast-vlan member service-port 6
huawei(config-mvlan1000)#quit

2024-09-17 192
MA5800 Product Documentation

7. Save the configurations.

huawei(config)#save

 Configure the ONT.


Configurations on the ONT are consistent with those in profile mode.

Result

 Use the PPPoE dialup software to dial on the PC. After the dialup is successful, the user can access the
Internet.

 Connect two phones to two TEL ports of different ONTs, and subscribers can use these two phones to call
each other.

 The subscriber can watch program 1 on the TV.

1.2.7 Configuring Triple Play Service (GPON/XG-PON/XGS-PON


Networking, Multicast and Internet Access in the Same S-
VLAN)
Configuring Triple Play Service (GPON/XG-PON/XGS-PON Networking, Multicast and Internet Access in the Same
S-VLAN)

During FTTH configuration, there is a scenario which requires the same S-VLAN be used for the multicast and
Internet access services. This topic describes how to make configurations in this scenario.

Service Requirements

 Subscribers use the bridging ONTs (supporting VoIP). The PC, STB, and phone are connected to different ports
on the ONT to achieve the triple play service.

 The multicast and the Internet access services use the same S-VLAN.

 The internet access service has a rate restriction of 4 Mbit/s both in upstream and downstream directions.

 IPTV service has no rate restriction in upstream or downstream direction.

 The VoIP adopts the H.248 protocol and the phones connected to different ONTs can communicate with each
other.

Figure 1 shows an example network of the FTTH triple play service.

Figure 1 Example network of the FTTH triple play service

2024-09-17 193
MA5800 Product Documentation

Prerequisite

 The OLT is connected to the BRAS, MGC, and the multicast source.

 The interface data and the POTS user configuration data corresponding to the MG interface is configured on
the MGC.

 Related configurations are performed on the BRAS according to the authentication and accounting
requirements for dialup users. For details about the configuration, see the BRAS configuration guide.

 The VLAN of the LAN switch port connected to the OLT is consistent with the upstream VLAN of the OLT.

Procedure

 Configure the OLT.


The general configuration procedure on the OLT is as follows: configure a GPON ONT profile, add ONTs, and
configure service data.

GPON ONT profiles include the DBA profile, line profile, service profile, and alarm profile.

 DBA profile: A DBA profile describes the GPON traffic parameters. A T-CONT is bound to a DBA profile
for dynamic bandwidth allocation, improving upstream bandwidth utilization.

 Line profile: A line profile describes the binding between the T-CONT and the DBA profile, the QoS mode
of the traffic stream, and the mapping between the GEM port and the ONT-side service.

 Service profile: A service profile provides the service configuration channel for the ONT that is managed
by using optical network terminal management and control interface (OMCI).

 Alarm profile: An alarm profile contains a series of alarm thresholds to measure and monitor the
performance of activated ONT lines. When a statistical value reaches the threshold, the host is notified
and an alarm is reported to the log host and the NMS.

1. Configure a DBA profile.

You can run the display dba-profile command to query existing DBA profiles in the system. If existing
DBA profiles do not meet requirements, run the dba-profile add command to add a DBA profile.

2024-09-17 194
MA5800 Product Documentation

huawei(config)#dba-profile add profile-name ftth_dba_mngt type1 fix 1024


huawei(config)#dba-profile add profile-name ftth_dba_voip type2 assure 1024
huawei(config)#dba-profile add profile-name ftth_dba_iptv type2 assure 1024
huawei(config)#dba-profile add profile-name ftth_dba_hsi type4 max 32768

Select a DBA profile of the proper bandwidth type and configure proper bandwidth according to the service types
and total user count of the ONT. Note that the sum of the fixed bandwidth and the assured bandwidth must not be
greater than the total bandwidth of the PON port.

2. Configure an ONT line profile.

Create a GPON ONT line profile, named ftth, and bind it to the DBA profile.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#tcont 4 dba-profile-name ftth_dba_mngt
huawei(config-gpon-lineprofile-1)#tcont 5 dba-profile-name ftth_dba_voip
huawei(config-gpon-lineprofile-1)#tcont 6 dba-profile-name ftth_dba_iptv
huawei(config-gpon-lineprofile-1)#tcont 7 dba-profile-name ftth_dba_hsi

Create different GEM ports according to different service types, in which

 GEM port 11 is used to carry management services.

 GEM port 12 is used to carry voice services.

 GEM port 13 is used to carry video services.

 GEM port 14 is used to carry Internet access services.

huawei(config-gpon-lineprofile-1)#gem add 11 eth tcont 4


huawei(config-gpon-lineprofile-1)#gem add 12 eth tcont 5
huawei(config-gpon-lineprofile-1)#gem add 13 eth tcont 6
huawei(config-gpon-lineprofile-1)#gem add 14 eth tcont 7

a. To change the default QoS mode, run the qos-mode command to set the QoS mode to gem-car or flow-
car, and run the gem add command to set the index of the traffic profile bound to the GEM port.
b. When the QoS mode is priority-queue (PQ), the default queue priority is 0; when the QoS mode is flow-car
or gem-car, traffic profile 6 is bound to the GEM port by default (no rate limitation).

After the configurations are complete, run the commit command to apply the parameters settings.

huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

3. Configure an ONT service profile.


Create a GPON ONT service profile, named ftth. Configure the capability set of the ETH port and POTS
port to adaptive. Then the system automatically adapts to the ONT according to the actual capability of
the online ONT.

2024-09-17 195
MA5800 Product Documentation

huawei(config)#ont-srvprofile gpon profile-name ftth


huawei(config-gpon-srvprofile-1)#ont-port eth adaptive pots adaptive

After the configurations are complete, run the commit command to apply the parameters setting.

huawei(config-gpon-srvprofile-1)#commit
huawei(config-gpon-srvprofile-1)#quit

4. (Optional) Add an alarm profile.

 The default GPON alarm profile 1 is used. The alarm thresholds for the default alarm profile are 0,
which indicates that no alarm is generated.

 In this example, the default alarm profile is used, and therefore the configuration of the alarm
profile is not required.

 Run the gpon alarm-profile add command to configure a GPON alarm profile, which is used for
monitoring the performance of an activated ONT line.

5. Add ONTs on the OLT.


The procedures for configuring GPON, XG-PON, and XGS-PON services are the same. The difference lies
in this step. Here, the GPON service is used as an example. When configuring XG-PON and XGS-PON
services, you need to configure the ONT network-side interface type parameter (ont-type) in the ont
add and ont confirm commands. Select a value based on the actual ONT capability or service data plan,
for example, 10g/2.5g.
Connect two ONTs to GPON port 0/1/0. Set the ONT IDs to 1 and 2, SNs to 3230313126595540 and
6877687714852901, passwords to 0100000001 and 0100000002, discovery mode for password
authentication to once-on, and management mode to OMCI. Bind the two ONTs to ONT line profile ftth
and ONT service profile ftth.
There are two methods of adding an ONT: add an ONT offline and confirm an automatically discovered
ONT.

 Add ONTs offline.


If the password of an ONT is known, run the ont add command to add an ONT offline.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont add 0 1 password-auth 0100000001 once-on no-aging omci ont-
lineprofile-name

ftth ont-srvprofile-name ftth

huawei(config-if-gpon-0/1)#ont add 0 2 password-auth 0100000002 once-on no-aging omci ont-


lineprofile-name

ftth ont-srvprofile-name ftth

 Confirm automatically discovered ONTs.


If the password or SN of an ONT is unknown, run the port portid ont-auto-find command in
GPON mode to enable the ONT auto-discovery function of the GPON port. Then, run the ont
confirm command to confirm the ONT.

huawei(config)#interface gpon 0/1

2024-09-17 196
MA5800 Product Documentation

huawei(config-if-gpon-0/1)#port 0 ont-auto-find enable


huawei(config-if-gpon-0/1)#display ont autofind 0
//After this command is executed, the information about all automatically discovered ONTs connected to the
GPON port through optical splitters is displayed.

huawei(config-if-gpon-0/1)#ont confirm 0 ontid 1 sn-auth 3230313126595540 omci ont-lineprofile-name

ftth ont-srvprofile-name ftth

huawei(config-if-gpon-0/1)#ont confirm 0 ontid 2 sn-auth 6877687714852901 omci ont-lineprofile-name

ftth ont-srvprofile-name ftth

If multiple ONTs of the same type bound to the same line profile or service profile are connected to the
same port, you can bulk add ONTs by bulk confirming automatically discovered ONTs to make configuration
easier and more efficient. To do so, the preceding command can be modified as follows:

huawei(config-if-gpon-0/1)#ont confirm 0 all sn-auth omci ont-lineprofile-name ftth


ont-srvprofile-name ftth

 (Optional) Bind the alarm profile to the ONT.


The default profile 1 is used in this example.

huawei(config-if-gpon-0/1)#ont alarm-profile 0 1 profile-id 1


huawei(config-if-gpon-0/1)#ont alarm-profile 0 2 profile-id 1

6. Confirm that the ONTs go online successfully.


After an ONT is added, run the display ont info command to query the current status of the ONT.
Ensure that Config flag of the ONT is active, Run State is online, Config state is normal, and Match
state is match.

huawei(config-if-gpon-0/1)#display ont info 0 1


---------------------------------------------------------------------
F/S/P : 0/1/0
ONT-ID :1
Control flag : active //Indicates that the ONT is activated.
Run state : online //Indicates that the ONT goes online successfully.
Config state : normal //Indicates that the configuration state of the ONT is normal.
Match state : match //Indicates that the capability profile bound to the ONT is consistent with the actual
capability of the ONT.
...//The rest of the response information is omitted.

When Config state is failed, Run state is offline, or Match state is mismatch:

 If Control flag is deactivated, run the ont activate command in GPON mode to activate the ONT.

 If Run state is offline, a physical line may be broken or the optical module may be damaged.
Check the line and the optical module.

2024-09-17 197
MA5800 Product Documentation

 If Config state is failed, the configured ONT capability exceeds the actual ONT capability. In this
case, run the display ont failed-configuration command in the diagnose mode to check the failed
configuration item and the failure cause. Then, rectify the fault accordingly.

7. Configure the Internet access service.


VLAN planning: As multicast and Internet access services use the same S-VLAN, single-tagged VLAN is
recommended for both services.

 S-VLAN ID: 1000

 S-VLAN type: smart

 S-VLAN attribute: common

 C-VLAN ID (customer VLAN ID carried by the ONT): 1010 for ONT 1 and 1011 for ONT 2

VLAN translation policy:

 ONT: Each ONT adds a C-VLAN tag to packets.

 OLT: The OLT performs VLAN translation (C-VLAN <-> S-VLAN).

a. Configure a traffic profile.


You can run the display traffic table ip command to query existing traffic profiles in the system.
If existing traffic profiles do not meet requirements, run the traffic table ip command to add a
traffic profile.
Set the profile name to ftth_hsi, CIR to 4 Mbit/s, and priority to 0. Packets are scheduled
according to the priority specified in the profile.

huawei(config)#traffic table ip name ftth_hsi cir 4096 priority 0 priority-policy local-setting

b. Configure the mapping between a GEM port and the ONT C-VLANs.
In the ONT line profile, map the service flows of C-VLAN 1010 and C-VLAN 1011 to GEM port 14.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#gem mapping 14 0 vlan 1010
huawei(config-gpon-lineprofile-1)#gem mapping 14 1 vlan 1011
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

c. Configure the VLANs of the Ethernet ports on ONTs.


Assume that two ONTs are connected to a PC through Ethernet port 1. In the ONT service profile,
add Ethernet port 1 to VLAN 1010 and VLAN 1011.

huawei(config)#ont-srvprofile gpon profile-name ftth


huawei(config-gpon-srvprofile-1)#port vlan eth 1 1010
huawei(config-gpon-srvprofile-1)#port vlan eth 1 1011
huawei(config-gpon-srvprofile-1)#commit
huawei(config-gpon-srvprofile-1)#quit

d. Configure the native VLANs of the ONT Ethernet ports.

2024-09-17 198
MA5800 Product Documentation

Set the native VLAN of Ethernet port 1 on ONT 1 to 1010 and set the native VLAN of Ethernet
port 1 on ONT 2 to 1011. In this way, the packets transmitted upstream from the ONTs to the
OLT carry the C-VLAN tags to differentiate users. Upon receiving packets, an ONT strips the
VLAN tag and sends the packets to the PC for processing.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont port native-vlan 0 1 eth 1 vlan 1010
huawei(config-if-gpon-0/1)#ont port native-vlan 0 2 eth 1 vlan 1011
huawei(config-if-gpon-0/1)#quit

e. Create an Internet access service VLAN and add an upstream port to it.
Set the S-VLAN to 1000 and the VLAN type to smart VLAN. Add upstream port 0/9/0 to VLAN
1000.

huawei(config)#vlan 1000 smart


huawei(config)#port vlan 1000 0/9 0

f. Create an Internet access service flow.


Use the traffic profile ftth_hsi.

huawei(config)#service-port 1 vlan 1000 gpon 0/1/0 ont 1 gemport 14 multi-service


user-vlan 1010 tag-transform translate inbound traffic-table name ftth_hsi
outbound traffic-table name ftth_hsi
huawei(config)#service-port 2 vlan 1000 gpon 0/1/0 ont 2 gemport 14 multi-service
user-vlan 1011 tag-transform translate inbound traffic-table name ftth_hsi
outbound traffic-table name ftth_hsi

8. Configure the voice service.


VLAN planning: single-tagged VLAN

 S-VLAN ID: 300

 S-VLAN type: smart

 S-VLAN attribute: common

 C-VLAN = S-VLAN

VLAN translation policy:

 ONT: An ONT adds a C-VLAN tag, and all ONTs use the same C-VLAN.

 OLT: The OLT transparently transmits VLAN packets.

a. Configure a traffic profile.


You can run the display traffic table ip command to query existing traffic profiles in the system.
If existing traffic profiles do not meet requirements, run the traffic table ip command to add a
traffic profile.
Set the profile name to ftth_voip, do not limit the upstream and downstream rates, and set the
priority to 5. Packets are scheduled according to the priority specified in the profile.

huawei(config)#traffic table ip name ftth_voip cir off priority 5 priority-policy

2024-09-17 199
MA5800 Product Documentation

local-setting

a. Configure the mapping between a GEM port and ONT C-VLANs.


In the ONT line profile, map the service flow of C-VLAN 300 to GEM port 12.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#gem mapping 12 2 vlan 300
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

b. Create a voice service VLAN and add an upstream port to it.


Add upstream port 0/9/0 to VLAN 300.

huawei(config)#vlan 300 smart


huawei(config)#port vlan 300 0/9 0

c. Create a service flow.


Set the S-VLAN to 300, GEM port ID to 12, and C-VLAN to 300, and use traffic profile ftth_voip.

huawei(config)#service-port 3 vlan 300 gpon 0/1/0 ont 1 gemport 12 multi-service

user-vlan 300 inbound traffic-table name ftth_voip outbound traffic-table name ftth_voip

huawei(config)#service-port 4 vlan 300 gpon 0/1/0 ont 2 gemport 12 multi-service

user-vlan 300 inbound traffic-table name ftth_voip outbound traffic-table name ftth_voip

d. Enable the ARP proxy function.


For different users in the same S-VLAN, the voice media streams cannot be exchanged normally
because service ports in the smart VLAN are isolated from each other. Therefore, the ARP proxy
function of the OLT is required so that users in the same VLAN can communicate with each
other.

huawei(config)#arp proxy enable


huawei(config)#interface vlanif 300
huawei(config-if-vlanif300)#arp proxy enable
huawei(config-if-vlanif300)#quit

9. Configure the multicast service.

VLAN planning: single-tagged VLAN (S-VLAN is the same as that for the Internet access service)

 S-VLAN ID: 1000

 S-VLAN type: smart

 S-VLAN attribute: common

 C-VLAN = S-VLAN = M-VLAN

VLAN translation policy:

 An ONT adds a C-VLAN tag, and all ONTs use the same C-VLAN. An ONT replicates multicast
packets based on user ports and removes M-VLAN tags in the downstream direction.

 The OLT replicates multicast packets based on PON ports with M-VLAN unchanged.

2024-09-17 200
MA5800 Product Documentation

a. Configure a traffic profile.


You can run the display traffic table ip command to query existing traffic profiles in the system.
If existing traffic profiles do not meet requirements, run the traffic table ip command to add a
traffic profile.
Set the profile name to ftth_iptv, CIR to off (no rate limitation), priority to 4, and priority-based
scheduling policy to local-setting (that is, packets are scheduled based on the priority specified
in the profile).

huawei(config)#traffic table ip name ftth_iptv cir off priority 4 priority-policy local-setting

b. Configure the mapping between a GEM port and ONT C-VLANs.


In the ONT line profile, map the service flow of C-VLAN 1000 to GEM port 13.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#gem mapping 13 4 vlan 1000
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

c. Configure the VLAN of the ONT Ethernet port and the multicast forwarding mode of the ONT.
If the ONT is connected to the STB through Ethernet port 2, add Ethernet port 2 to VLAN 1000.
Set the multicast forwarding mode of the ONT to untagged.

huawei(config)#ont-srvprofile gpon profile-name ftth


huawei(config-gpon-srvprofile-1)#port vlan eth 2 1000
huawei(config-gpon-srvprofile-1)#multicast-forward untag
huawei(config-gpon-srvprofile-1)#commit
huawei(config-gpon-srvprofile-1)#quit

d. Configure the native VLAN of the ONT port.


Set the native VLAN of Ethernet ports 2 on ONT 1 and ONT 2 to 1000. In this way, an ONT strips
VLAN tags from received packets, and sends the packets to the STB for processing.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont port native-vlan 0 1 eth 2 vlan 1000
huawei(config-if-gpon-0/1)#ont port native-vlan 0 2 eth 2 vlan 1000
huawei(config-if-gpon-0/1)#quit

e. Create an S-VLAN and add an upstream port to it.


Add upstream port 0/9/0 to smart VLAN 1000.

huawei(config)#vlan 1000 smart


huawei(config)#port vlan 1000 0/9 0

f. Create a service flow.


Set the S-VLAN to 1000, GEM port ID to 13, and C-VLAN to 1000, and use the traffic profile
ftth_iptv.

huawei(config)#service-port 5 vlan 1000 gpon 0/1/0 ont 1 gemport 13 multi-service

user-vlan 1000 inbound traffic-table name ftth_iptv outbound traffic-table name ftth_iptv

2024-09-17 201
MA5800 Product Documentation

huawei(config)#service-port 6 vlan 1000 gpon 0/1/0 ont 2 gemport 13 multi-service

user-vlan 1000 inbound traffic-table name ftth_iptv outbound traffic-table name ftth_iptv

g. Create an M-VLAN and configure the IGMP version.


Set the M-VLAN ID to 1000 and the IGMP version to IGMPv3.

huawei(config)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp version v3

h. Set the IGMP mode.


Select the IGMP proxy mode.

huawei(config-mvlan1000)#igmp mode proxy


Are you sure to change IGMP mode?(y/n)[n]:y

i. Configure an IGMP upstream port.


The IGMP upstream port ID is 0/9/0. The multicast upstream port mode is default. Protocol
packets are transmitted to all multicast upstream ports in the VLAN to which the program
belongs.

huawei(config-mvlan1000)#igmp uplink-port 0/9/0


huawei(config-mvlan1000)#btv
huawei(config-btv)#igmp uplink-port-mode default
Are you sure to change the uplink port mode?(y/n)[n]:y

j. Configure a program library.


Set the multicast IP address of the program to 224.1.1.10, program name to program1, source IP
address of the program to 10.10.10.10, and priority to 4.

huawei(config-btv)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp program add name program1 ip 224.1.1.10 sourceip 10.10.10.10
priority 4

k. Configure a rights profile.


Set the profile named to profile0, with the permission to watch program 1.

huawei(config-mvlan1000)#btv
huawei(config-btv)#igmp profile add profile-name profile0
huawei(config-btv)#igmp profile profile-name profile0 program-name program1 watch

l. Configure multicast users.


Configure users of service ports 5 and 6 as multicast users and bind rights profile profile0 to the
service ports.

huawei(config-btv)#igmp user add service-port 5 auth


huawei(config-btv)#igmp user add service-port 6 auth
huawei(config-btv)#igmp user bind-profile service-port 5 profile-name profile0
huawei(config-btv)#igmp user bind-profile service-port 6 profile-name profile0
huawei(config-btv)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp multicast-vlan member service-port 5

2024-09-17 202
MA5800 Product Documentation

huawei(config-mvlan1000)#igmp multicast-vlan member service-port 6


huawei(config-mvlan1000)#quit

10. Save the configurations.

huawei(config)#save

 Configure the ONT on the Web page.

1. Log in to the Web configuration page.

a. Configure the IP address of the PC network adapter to be in the same network segment with the
IP address of the local maintenance Ethernet port on the ONT.

b. Open the Web browser, and enter the IP address (https with high priority is recommended) of
the local maintenance Ethernet port on the ONT. In the login window that is displayed, enter the
user name and password of the administrator. After the password is authenticated, the web
configuration window is displayed.

To enhance system security, change the password to a password that meets security requirements after
the first successful login. It is recommended that you change the password periodically.

2. Configure the voice protocol.

The default voice protocol is SIP. Therefore, change the voice protocol first.

3. Configure parameters for the voice WAN interface.

2024-09-17 203
MA5800 Product Documentation

4. Configure parameters for the H.248-based voice interface.

 The parameters of the H.248-based voice interface must be consistent with the corresponding configuration
on the media gateway controller (MGC).
 If dual-homing is configured, Address of the Standby MGC must be configured.
 MID Format can be set to Domain Name, IP, or Device Name. If MID Format is set to Domain Name or
Device Name, the setting must be consistent with the corresponding configuration on the MGC.

2024-09-17 204
MA5800 Product Documentation

 MG Domain is ONT's domain name registered with the MGC. It is globally unique. MG Domain in this
example is ONT's password.
 If Media Port is empty, the parameter value is the same as Signaling Port. The media streams are not
isolated from signaling streams. If the upper-layer network requires isolation of media streams from
signaling streams, create different traffic streams for the media streams and signaling streams on the OLT,
create different WAN ports on the ONT, and bind the created WAN ports to Media Port and Signaling Port.
When the packet is forwarded from two WAN ports, the configured VLAN is carried by default.
 When the ONT is interconnected with a third-party softswitch, check RTP TID Prefix, Start Number of
RTP TID, and Width of RTP TID Number.

5. Check the registration status of the voice user.

Result

 Use the PPPoE dialup software to dial on the PC. After the dialup is successful, the user can access the
Internet.

 Connect two phones to two TEL ports of different ONTs, and subscribers can use these two phones to call
each other.

 The subscriber can watch program 1 on the TV.

1.2.8 Configuring FTTH Service (P2P Access)


Configuring FTTH Service (P2P Access)

Users connected to the OLT through an ONT, and are therefore provided with the Internet, VoIP, and IPTV service
through a same port.

Service Requirements

 ONT_1 and ONT_2 are provided with the triple play service through FTTH.

 The Internet access service is provided in PPPoE access mode.

 The IPTV user connected to ONT_1 can watch all the programs, and the IPTV user connected to ONT_2 can
watch only program BTV-1.

 The VoIP service and the IPTV service are provided in DHCP mode and obtain IP addresses from the DHCP
server in DHCP option-60 mode.

 After receiving different traffic streams, the OLT provides different QoS guarantees to the traffic streams
according to the priorities of the traffic streams.

2024-09-17 205
MA5800 Product Documentation

 Traffic streams are differentiated on the OLT by the user-side VLAN (C-VLAN).

Figure 1 Example network of the optical fiber access service in the single-port for multiple services mode

Table 1 Data plan for configuring the VLANs

Configuration Item Data Item Data

SVLAN HSI service SVLAN: 100


CVLAN: 2

IPTV service SVLAN: 1000


CVLAN: 4

VoIP service SVLAN: 200


CVLAN: 3

IPTV service data Multicast protocol IGMP proxy

Multicast version IGMP V3

Configuration mode of the multicast program Static configuration mode

IP address of the multicast server 10.10.10.10

Multicast DHCP server group 10.2.2.2


10.2.2.3

Multicast program BTV-1: 224.1.1.10


BTV-2: 224.1.1.20

QoS (priority) HSI service Priority: 1; queue scheduling: WRR

IPTV service Priority: 4; queue scheduling: WRR

VoIP service Priority: 5; queue scheduling: PQ

VoIP service data VoIP DHCP server group 10.1.1.2


10.1.1.3

Prerequisite

2024-09-17 206
MA5800 Product Documentation

 The OLT is connected to the upper-layer devices such as the BRAS, multicast server, SoftX3000, and DHCP
server.

 The VLAN of the LAN switch port connected to the OLT is the same as the upstream VLAN of the OLT.

Procedure

 Configure the Internet access service on the OLT.

1. Create a VLAN and add an upstream port to the VLAN.


The VLAN ID is 100, and the VLAN is a smart VLAN. The upstream port is 0/9/0.

huawei(config)#vlan 100 smart


huawei(config)#port vlan 100 0/9 0

2. Configure a traffic profile.


Because the VoIP, IPTV, and Internet access services are provided through the same port, you must set
the 802.1p priority of each service. Generally, the priorities are in a descending order for the VoIP
service, IPTV service, and Internet access service. In this example, set the traffic profile index to 7 and
the priority of the Internet access service to 1.

huawei(config)#traffic table ip index 7 cir 10240 priority 1 priority-policy local-Setting

3. Configure a service port.


Add a service port to the VLAN and use traffic profile 7. The user-side VLAN ID is 2.

huawei(config)#service-port vlan 100 eth 0/5/2 multi-service user-vlan 2 rx-cttr 7 tx-cttr 7


huawei(config)#service-port vlan 100 eth 0/5/3 multi-service user-vlan 2 rx-cttr 7 tx-cttr 7

4. Configure queue scheduling.


Use the 3PQ+5WRR queue scheduling. Queues 0-4 adopt the WRR mode, with the weights of 10, 10, 20,
20, and 40 respectively; queues 5-7 adopt the PQ mode.

Queue scheduling is a global configuration. You need to configure queue scheduling only once on the OLT, and
then the configuration takes effect globally. In the subsequent phases, you need not configure queue scheduling
repeatedly when configuring other services.

huawei(config)#queue-scheduler wrr 10 10 20 20 40 0 0 0

Configure the mapping between queues and 802.1p priorities. Priorities 0-7 map queues 0-7
respectively.

huawei(config)#cos-queue-map cos0 0 cos1 1 cos2 2 cos3 3 cos4 4 cos5 5 cos6 6 cos7 7

For the service board that supports only four queues, the mapping between 802.1p priorities and queue IDs is as
follows: priorities 0 and 1 map queue 1; priorities 2 and 3 map queue 2; priorities 4 and 5 map queue 3; priorities
6 and 7 map queue 4.

5. Save the configurations.

huawei(config)#save

2024-09-17 207
MA5800 Product Documentation

 Configure the VoIP service on the OLT.

1. Create a VLAN and add an upstream port to the VLAN.


The VLAN ID is 200, and the VLAN is a smart VLAN. The upstream port is0/9/0.

huawei(config)#vlan 200 smart


huawei(config)#port vlan 200 0/9 0

2. Configure a traffic profile.


The traffic profile index is 8, and the 802.1p priority of the VoIP service is 5.

huawei(config)#traffic table ip index 8 cir 10240 priority 5 priority-policy local-Setting

3. Configure a service port.


Add a service port to the VLAN and use traffic profile 8. The user-side VLAN ID is 3.

huawei(config)#service-port vlan 200 eth 0/5/2 multi-service user-vlan 3 rx-cttr 8 tx-cttr 8


huawei(config)#service-port vlan 200 eth 0/5/3 multi-service user-vlan 3 rx-cttr 8 tx-cttr 8

4. Configure the DHCP relay.


The VoIP service and the IPTV service are provided in DHCP mode. The DHCP option 60 domain is used
to differentiate service types.

 The DHCP domain of the VoIP service is voice.

 The IP addresses of VoIP DHCP server group 1 are 10.1.1.2 and 10.1.1.3.

 The IP address of the Layer 3 interface of VLAN 200 is 10.1.1.1/24.

 The gateway IP address of the DHCP domain is 10.1.1.1/24.

huawei(config)#dhcp mode layer-3 option-60


huawei(config)#dhcp-server 1 ip 10.1.1.2 10.1.1.3
huawei(config)#dhcp domain voice
huawei(config-dhcp-domain-voice)#dhcp-server 1
huawei(config-dhcp-domain-voice)#quit
huawei(config)#interface vlanif 200
huawei(config-if-vlanif200)#ip address 10.1.1.1 24
huawei(config-if-vlanif200)#dhcp domain voice gateway 10.1.1.1
huawei(config-if-vlanif200)#quit

The DHCP option 60 domain of the Ethernet phone (Ephone) varies with the terminal type. In the actual
configuration, see the operation instructions of the Ephone.

5. Save the configurations.

huawei(config)#save

 Configure the IPTV service on the OLT.

1. Create a VLAN and add an upstream port to the VLAN.


The VLAN ID is 1000, and the VLAN is a smart VLAN. The upstream port is 0/9/0.

2024-09-17 208
MA5800 Product Documentation

huawei(config)#vlan 1000 smart


huawei(config)#port vlan 1000 0/9 0

2. Configure a traffic profile.


The traffic profile index is 9, and the 802.1p priority of the IPTV service is 4.

huawei(config)#traffic table ip index 9 cir off priority 4 priority-policy local-Setting

3. Configure a service port.


Add a service port to the VLAN and use traffic profile 9. The user-side VLAN ID is 4.

huawei(config)#service-port 200 vlan 1000 eth 0/5/2 multi-service user-vlan 4 rx-cttr 9 tx-cttr 9
huawei(config)#service-port 300 vlan 1000 eth 0/5/3 multi-service user-vlan 4 rx-cttr 9 tx-cttr 9

4. Configure the DHCP relay.


The VoIP service and the IPTV service are provided in DHCP mode. The DHCP option 60 domain is used
to differentiate service types.

 The DHCP domain of the IPTV service is video.

 The IP addresses of IPTV DHCP server group 2 are 10.2.2.2 and 10.2.2.3.

 The IP address of the Layer 3 interface of VLAN 1000 is 10.2.2.1/24.

 The gateway IP address of the DHCP domain is 10.2.2.1/24.

huawei(config)#dhcp mode layer-3 option60


huawei(config)#dhcp-server 2 ip 10.2.2.2 10.2.2.3
huawei(config)#dhcp domain video
huawei(config-dhcp-domain-video)#dhcp-server 2
huawei(config-dhcp-domain-voice)#quit
huawei(config)#interface vlanif 1000
huawei(config-if-vlanif1000)#ip address 10.2.2.1 24
huawei(config-if-vlanif1000)#dhcp domain video gateway 10.2.2.1
huawei(config-if-vlanif1000)#quit

The DHCP option 60 domain of the set-top box (STB) varies with the terminal type. In the actual configuration,
see the operation instructions of the STB.

5. Create a multicast VLAN and select the IGMP mode.


Select the IGMP proxy mode.

huawei(config)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp mode proxy
Are you sure to change IGMP mode?(y/n)[n]:y

6. Set the IGMP version.


Set the IGMP version of the multicast VLAN to IGMP v3.

huawei(config-mvlan1000)#igmp version v3

7. Configure a program library.

2024-09-17 209
MA5800 Product Documentation

Configure the program names to BTV-1 and BTV-2, multicast IP addresses of the programs to
224.1.1.10 and 224.1.1.20, source IP address of the programs to 10.10.10.10, and priority to 4.

huawei(config-mvlan1000)#btv
huawei(config-btv)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp program add name BTV-1 ip 224.1.1.10 sourceip 10.10.10.10 priority 4
huawei(config-mvlan1000)#igmp program add name BTV-2 ip 224.1.1.20 sourceip 10.10.10.10 priority 4

8. Configure the right profile.


Configure the profile name to profile0, with the right of watching program BTV-1.

huawei(config-mvlan1000)#btv
huawei(config-btv)#igmp profile add profile-name profile0
huawei(config-btv)#igmp profile profile-name profile0 program-name BTV-1 watch

9. Configure the multicast users.


Add service ports 200 and 300 as multicast users.

huawei(config-btv)#igmp user add service-port 200 no-auth


huawei(config-btv)#igmp user add service-port 300 auth
huawei(config-btv)#igmp user bind-profile service-port 300 profile-name profile0
huawei(config-btv)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp multicast-vlan member service-port 200
huawei(config-mvlan1000)#igmp multicast-vlan member service-port 300
huawei(config-mvlan1000)#quit

10. Save the configurations.

huawei(config)#save

Result

After the related upstream device and downstream device are configured, the triple play service (Internet, VoIP,
and IPTV services) is available.

 The Internet user can access the Internet in PPPoE mode.

 The VoIP user can make and receive phone calls.

 The IPTV user connected to port 0/5/2 can watch all the programs, and the IPTV user connected to port
0/5/3 can watch only program BTV-1.

1.3 FTTB and FTTC Configuration


FTTB and FTTC Configuration

The FTTB and FTTC solution configuration guide describes how to configure typical FTTB/C services (such as
high-speed Internet access, multicast, and VoIP) on the OLT and the ONU step by step through examples.
Basic Concept

FTTB and FTTC solutions involve many concepts. This topic describes concepts involved in FTTB and FTTC solutions from
user side to network side based on the following integrated FTTB and FTTC network diagram.

2024-09-17 210
MA5800 Product Documentation

Principle of FTTB and FTTC Data Plan

This topic describes principles of data plan for various FTTB and FTTC networking diagrams in terms of device
management, QoS, services, and security. The examples in this topic are based on these principles to plan data.

FTTB Networking (GPON&XG-PON&XGS-PON Networking, LAN Access, Without HGW)

In this kind of networking, the ONU provides 100M FE access and POTS access for Internet access service and VoIP service
respectively for users. This topic describes how to configure the Internet access service and VoIP service on the OLT and
ONU in this networking.

FTTB/C Networking (GPON&XG-PON&XGS-PON Networking, xDSL Access, Without HGW)

In this kind of networking, an optical network unit (ONU) supports x digital subscriber line (xDSL) and plain old telephone
service (POTS) access and provides Internet access and voice over IP (VoIP) services. This topic describes the OLT and
ONU configurations required for commissioning Internet access and voice services.

FTTB/C+HGW Networking (GPON&XG-PON&XGS-PON Networking, ONU Providing the VoIP Service)

The home gateway (HGW) provides Internet access and Internet Protocol television (IPTV) services. The services are sent
upstream to the optical network unit (ONU) over a local area network (LAN) or x digital subscriber line (xDSL). The
Integrated Access Device (IAD) in the ONU provides voice services.

FTTB/C+HGW Networking (GPON&XG-PON&XGS-PON Networking, HGW Providing the VoIP Service)

In this kind of networking, the HGW provides the Internet access and IPTV services. In addition, the built-in IAD of the
HGW provides the VoIP service by connecting to the upstream ONU using LAN or xDSL.

1.3.1 Basic Concept


Basic Concept

FTTB and FTTC solutions involve many concepts. This topic describes concepts involved in FTTB and FTTC
solutions from user side to network side based on the following integrated FTTB and FTTC network diagram.

Integrated FTTB and FTTC Network Diagram

Figure 1 Integrated FTTB and FTTC network diagram (PON)

2024-09-17 211
MA5800 Product Documentation

Figure 2 Integrated FTTB and FTTC network diagram (Ethernet cascading)

User Side

Concept Introduction

HGW (or Home gateways (HGWs or HGs) are gateway devices designed for households and small-office network
HG) users. They provide routing functions, support various service interfaces (POTS, LAN, WLAN, or xDSL
interfaces), and support remote management and diagnosis.

VoD Video on demand (VoD) is known as interactive video on demand. Users can choose their desired programs
from the VoD program database. When watching programs, users can perform operations such as pause, fast
forward, fast rewind, and locate.

Multicast Multicast, or broadband TV (BTV) is similar to traditional wired broadcasting or television satellite
broadcasting. Users have the same experience in watching BTV programs and traditional television
programs. Unlike the traditional television, the IPTV system encodes audio signals into media streams and
multicasts the media streams over an IP network to user terminals.

Access Side

Concept Introduction

PON A passive optical network (PON) uses a point-to-multipoint (P2MP) network architecture. A PON
network consists of three parts: optical line terminal (OLT), optical distribution network (ODN), and
optical network units (ONUs). A PON network uses optical fibers for data transmission, supports more
users with less optical fiber resources, and provides a higher access rate.
Mainstream PON technologies include broadband passive optical network (BPON), Ethernet passive
optical network (EPON), 10G EPON, gigabit passive optical network (GPON), XG-PON, and XGS-PON.

ODN The ODN is composed of passive optical components, such as optical fibers and one or more passive
optical splitters. The ODN provides highly reliable optical channels between the OLT and ONUs.

OLT The OLT is an aggregation device located at the central office (CO), which terminates PON protocols.

ONU ONUs are located on the user side, providing various types of ports for connecting to user terminals. The
ONUs communicate with the OLT through a passive ODN.
NOTE:

ONUs in FTTB and FTTC networks refer to multi-dwelling units (MDUs).

Split Ratio Split ratio is the ratio of dividing a downstream optical signal into subsignals in the PON system. Greater
optical ratio requires more power to support physical distances.

PTP On a point to point (P2P) Ethernet cascading network, the OLT uses P2P Ethernet access board and

2024-09-17 212
MA5800 Product Documentation

Concept Introduction

Ethernet optical terminal to provide FTTx access to subscribers. The OLT can provide the combined service of
cascading video, voice, and data to meet application requirements of next-generation access devices.

FTTB Fiber to the building (FTTB) applies to medium- and high-density apartments or office buildings. The OLT
is connected to the ONU (deployed in the corridor) through optical fibers, and the ONU is then connected
to users through twisted pairs to provide users with the voice, data, and video services.

FTTC Fiber to the curb (FTTC) applies to scattered apartments and industrial parks. The OLT is connected to
the ONU (deployed in the hole at the curb or FAT on a telegraph pole) through optical fibers, and the ONU
is then connected to users through twisted pairs to provide users with the voice, data, and video services.
NOTE:

The difference between FTTB and FTTC is the ONU position. To simply description, this document uses FTTB
and FTTC, indicating that both FTTB and FTTC networks are supported.

Network Side

Concept Introduction

U-PE User-end provider edges (U-PEs) are routing devices directly connected to customer edges (UEs). U-PEs
support routing and MPLS encapsulation. If a U-PE is connected to multiple CEs and possesses the basic
bridging function, data frame forwarding only needs to be performed on the U-PE. This reduces the load of
the S-PE.

PE-AGG Aggregation provider edge (PE-AGG) routers provide aggregation and route forwarding functions for access
equipment. Compared with U-PEs, PE-AGGs feature higher performance, fewer interfaces, and higher
switching rates.

NGN/IMS A next generation network (NGN) is a network that uses softswitches as its core and uses open and
standardized architectures to provide abundant services such as VoIP, video, and data.
The IP multimedia subsystem (IMS) uses SIP signaling as its call control signaling to provide services such
as VoIP, data, and multimedia services.
NOTE:

NGN/IMS in this document refers to softswitches that support H.248 and SIP.

IPTV The IPTV headend system functions as the contents preparation platform in the IPTV system. It provides
Headend functions such as signal receipt, media format conversion, and media material management.

1.3.2 Principle of FTTB and FTTC Data Plan


Principle of FTTB and FTTC Data Plan

This topic describes principles of data plan for various FTTB and FTTC networking diagrams in terms of device
management, QoS, services, and security. The examples in this topic are based on these principles to plan data.
Principle of Device Management Data Plan

The device management plan includes the channel management plan and the IP address plan.

Principle of QoS Planning

QoS planning for FTTB is in E2E mode, and it can be divided into the following policies: traffic classification, marking, and
scheduling, traffic monitoring, and DBA policies.

2024-09-17 213
MA5800 Product Documentation

Principle of Internet Access Service Data Plan

The Internet access service plan mainly includes the plan of the VLAN and VLAN translation policy in different network
scenarios.

Principle of VoIP Service Data Plan

The VoIP service plan mainly includes the plan of VLANs and VLAN translation policy in different network scenarios, and
the plan of voice protocols.

Principle of IPTV Service Data Plan

The IPTV service plan mainly includes the plan of VLANs and VLAN translation policies in different network scenarios, and
the plan of IPTV services. IPTV services include multicast service and VoD service. These two services have relationships
and independence in VLAN planning.

Principle of Security Data Plan

The security plan involves system security plan, user security plan, and service security plan. Security policy ensures
service security from different aspects.

1.3.2.1 Principle of Device Management Data Plan


Principle of Device Management Data Plan

The device management plan includes the channel management plan and the IP address plan.
Plan Device/Service Introduction

Management OLT Use a single S-VLAN as the equipment management VLAN of the OLT and that of
channel all other equipment in the network.

ONU/MDU/GE Use a single S-VLAN as the equipment management VLAN of the ONU and that of
remote extended all other equipment in the network.
subrack

HGW Use a single S-VLAN as the management VLAN of the HGW that is managed by
the items.
Set a management VLAN for an entire network, an OLT, a PON board, or a PON
port for identifying services and physical locations. It is recommended that you
set different HGW management VLANs for the OLTs connected to one SR to
avoid an excessively large broadcast domain of the SR and convergence switch.

IP address Device management It is recommended that you use private network IP addresses as the
plan management IP address of the OLT and MDU for securing network devices.

Internet access A PC obtains a public network IP address using PPPoE dialup for Internet
service access.
The HGW obtains a public network IP address using PPPoE dialup.
A PC obtains a private network IP address using DHCP.

VoIP service If an MDU has a built-in voice module, the MDU functions as a DHCP client and
obtains IP addresses using DHCP. Multiple POTS ports on the MDU share one
public network IP address. If an HGW has a built-in voice module, the HGW
obtains IP address using DHCP.

2024-09-17 214
MA5800 Product Documentation

Plan Device/Service Introduction

IPTV service An STB obtains a public network IP address using DHCP and the subscriber can
order programs. The MDU is only used for transparent transmission.

TR069 service For scenarios in which TR069 is used for management, maintenance, and
service provisioning, the HGW functions as a DHCP client, obtains a public
network IP address using DHCP, and connects to the TR069 server (ACS).

1.3.2.2 Principle of QoS Planning


Principle of QoS Planning

QoS planning for FTTB is in E2E mode, and it can be divided into the following policies: traffic classification,
marking, and scheduling, traffic monitoring, and DBA policies.

Traffic Classification, Marking, and Scheduling Policies

Service Type 802.1p Queue Scheduling OLT Queue ID (8 ONT Queue ID


Priority Method Queues)
Supporting Eight Supporting Four
Queues Queues

Management 6 PQ 6 6 3
service

VoIP service 5 PQ 5 5 2

IPTV service 4 PQ 4 4 2

Internet access 0 PQ 0 0 0
service

 Different service packets are distinguished by different VLAN IDs. GEM ports are mapped based on 802.1p priorities for
the GPON system.
 Service priorities in this table are recommended values. The service priorities are arranged according to the carriers'
actual plan.

Traffic Monitoring and DBA Policies

Item Management Internet Access Service VoIP Service IPTV Service


Service

T-CONT (used only in Use different T-CONTs for different services.


GPON networks)

DBA type Select a suitable DBA type based on the service type. For example, select Type1 for the
management and voice services, and Type3 or Type4 for the Internet access and IPTV services.

DBA bandwidth Configure the DBA bandwidth according to the user's bandwidth package.
planning The assured bandwidth is the maximum bandwidth required by management packets, VoIP, and
IPTV upstream packets. The maximum bandwidth is greater than or equal to the maximum
bandwidth that users apply.

2024-09-17 215
MA5800 Product Documentation

Item Management Internet Access Service VoIP Service IPTV Service


Service

Downstream rate No rate limitation Configure rate limitation by a traffic No rate No rate
limitation on the OLT profile as required. [Remark 1] limitation limitation

Rate limitation on the Set ONU port rate limitation or xDSL line rate limitation as required. For details about the
ONU upstream port reference service bandwidth of each service for each user, see Table 1.

Rate limitation on the Set ONU port rate limitation or xDSL line rate limitation as required. For details about the
ONU downstream reference service bandwidth of each service for each user, see Table 1.
port

Table 1 Reference service bandwidth of each service for each user

Service Upstream Bandwidth Downstream Bandwidth Bandwidth Description


Type

Internet Determined based on the Determined based on the Available bandwidth of Internet access
access tariff package. tariff package. service = Committed bandwidth of the tariff
service package - VoIP bandwidth - IPTV bandwidth

VoIP 200 kbit/s (Bandwidth of 200 kbit/s (Bandwidth of The VoIP service has symmetrical upstream
service 200 kbit/s meets the 200 kbit/s meets the and downstream bandwidth. The actual
requirements of most requirements of most bandwidth is related to the coding and
application scenarios. For application scenarios. For decoding formats used by both
G.711 10 ms packetization, G.711 10 ms packetization, communication parties. (Assume that each
the required bandwidth is the required bandwidth is user uses 2 POTS ports.)
approximately 240 kbit/s.) approximately 240 kbit/s.)

IPTV N/A 2.5 Mbit/s per channel The IPTV service mainly occupies the
service downstream bandwidth. The actual
(common bandwidth depends on the coding format
program) used by the IPTV headend device, the picture
in picture information, and other factors. In
IPTV N/A 9.7 Mbit/s per channel addition, 10% bandwidth burst traffic and the
service number of programs that can be concurrently
(high watched by one user (in the case of multi-STB
definition access) are taken in to consideration.
program) The upstream bandwidth is mainly used for
IGMP packet transmission, which requires
less bandwidth. Therefore, the occupied
upstream bandwidth can be neglected.

The preceding bandwidth for each service is obtained based on historical statistics in most scenarios, which is for reference
only. The bandwidth for a device does not completely depend on the access device, and is not a fixed value. For example, the
IPTV service bandwidth depends on the IPTV headend service. Therefore, the carrier needs to obtain the required bandwidth
range from the supplier of the IPTV headend device.

 Rate limitation on the BRAS or SR is recommended. OLTs and ONUs do not limit rates on service flows. If the BRAS does
not support rate limitation, OLTs can limit rates on service flows using traffic profiles.
 The sum of assured bandwidth of all ONUs under a PON port and the fixed bandwidth of OMCI management channel must
be smaller than the GPON upstream bandwidth. Some bandwidth must be reserved for future service expansion.

2024-09-17 216
MA5800 Product Documentation

1.3.2.3 Principle of Internet Access Service Data Plan


Principle of Internet Access Service Data Plan

The Internet access service plan mainly includes the plan of the VLAN and VLAN translation policy in different
network scenarios.

Note
This configuration guide is written based on solution scenarios, covering the E2E service configuration process for
the OLT, ONU, and HGW.
This guide provides guidance for service configuration in fiber to the building (FTTB) and fiber to the curb (FTTC)
involving the OLT and ONUs of different models.

 OLTs are required in all FTTB and FTTC scenarios. When reading this guide, OLT customers can select
required information based on scenarios.

 ONUs used in different FTTB and FTTC scenarios may be different. When reading this guide, ONU customers
can select required information based on actual network planning or ONU application scenarios.

VLAN Planning and VLAN Translation Policy on PON Networks

Application Scenario VLAN Plan VLAN Translation

ONU OLT

FTTB networking (without Two-tagged The inner C-VLAN is mapped based on The OLT translates VLANs
HGWs) VLAN (S- user ports to ensure that ONUs under the and adds an S-VLAN. C'-
VLAN+C-VLAN) same PON board do not have the same C- VLAN <-> S-VLAN + C-
VLAN. VLAN

FTTB/FTTC+HGW HGWs (LAN upstream transmission)


networking (ONU providing
the VoIP service) Untagged upstream packets of HGWs:
ONUs map C-VLANs based on user ports.
FTTB/FTTC+HGW Tagged upstream packets of HGWs: ONUs
networking (HGW providing translate user VLANs to C'-VLANs.
the VoIP service) [Remark 1]
HGWs (xDSL upstream transmission):
ONUs translate PVCs to C'-VLANs.

Note

 To ensure traceability of users and finer-grained QoS control and management of users and services, plan per
user per service per VLAN (PUPSPV) for the Internet access service. Considering OLT capacity and VLAN
scalability, use dual VLANs (S-VLAN+C-VLAN) on the OLT to differentiate users for the Internet access service.

 The outer S-VLAN, which identifies services and physical location, can be allocated based on the OLT, PON
board (recommended), or PON port (recommended). The inner C-VLAN identifies users. User C-VLANs are
unique in one S-VLAN.

2024-09-17 217
MA5800 Product Documentation

It is recommended that you associate C-VLAN IDs with PON ports, optical splitters, and ONU ports to ensure C-VLAN
uniqueness and to facilitate location. Example: C-VLAN ID = 256 x PON port ID + 32 x Split ratio x (Optical port ID - 1) +
ONU port ID + 1

 It is recommended that you use stacking VLANs as S-VLANs so that security features, such as PPPoE+/option
82, anti-MAC attack, and anti-MAC spoofing can be easily deployed.

VLAN Planning and VLAN Translation Policy on Ethernet Cascading


Networks

Application Scenario VLAN VLAN Translation


Plan
MDU/GE Remote Extended Subrack OLT/Master
Subrack

FTTB or FTTC Ethernet Two-tag Without HGWs: The outer S-VLAN is planned based on MDUs The OLT transmits
cascading (MDUs VLAN and the inner C-VLAN identifies a user. Ensure that the C- packets
serving as independent solution VLANs of users using the same S-VLAN do not repeat each transparently.
nodes) other.
LAN access using HGWs:
Untagged upstream packets of HGWs: MDUs map C-VLANs
based on user ports and add S-VLANs to packets.
Tagged upstream packets of HGWs: MDUs translate user
VLANs to C-VLANs (user VLAN <-> C-VLAN) and add S-
VLANs to packets.
xDSL access using HGWs:
Asynchronous transfer mode (ATM) upstream transmission:
MDUs translate PVCs to C-VLANs (PVC <-> C-VLAN) and add
S-VLANs to packets. Ensure that the C-VLANs of users using
the same S-VLAN do not repeat each other.
Packet transfer mode (PTM) upstream transmission:
Untagged upstream packets of HGWs: MDUs map C-VLANs
based on user ports and add S-VLANs to packets. Tagged
upstream packets of HGWs: MDUs translate user VLANs to C-
VLANs (user VLAN <-> C-VLAN) and add S-VLANs to packets.
Ensure that the C-VLANs of users using the same S-VLAN do
not repeat each other.

FTTB and FTTC Without HGWs: The extended subrack maps inner C-VLANs The master
Ethernet cascading based on user ports and adds S-VLANs to packets. Ensure subrack transmits
(centralized that the C-VLANs of users using the same S-VLAN do not packets
management for GE repeat each other. transparently.
remote extended
subracks) xDSL access using HGWs:
ATM upstream transmission: The extended subrack
translates PVCs to C-VLANs (PVC <-> C-VLAN) and adds S-
VLANs to packets. Ensure that the C-VLANs of users using the
same S-VLAN do not repeat each other.
PTM upstream transmission: Untagged upstream packets of
HGWs: The extended subrack maps C-VLANs based on user
ports and adds S-VLANs to packets. User-VLAN-tagged
upstream packets of HGWs: The extended subrack translates
user VLANs to C-VLANs (user VLAN <-> C-VLAN) and adds S-
VLANs to packets. Ensure that the C-VLANs of users using the
same S-VLAN do not repeat each other.

2024-09-17 218
MA5800 Product Documentation

1.3.2.4 Principle of VoIP Service Data Plan


Principle of VoIP Service Data Plan

The VoIP service plan mainly includes the plan of VLANs and VLAN translation policy in different network
scenarios, and the plan of voice protocols.

Note
This configuration guide is written based on solution scenarios, covering the E2E service configuration process for
the OLT, ONU, and HGW.
This guide provides guidance for service configuration in fiber to the building (FTTB) and fiber to the curb (FTTC)
involving the OLT and ONUs of different models.

 OLTs are required in all FTTB and FTTC scenarios. When reading this guide, OLT customers can select
required information based on scenarios.

 ONUs used in different FTTB and FTTC scenarios may be different. When reading this guide, ONU customers
can select required information based on actual network planning or ONU application scenarios.

VLAN Planning and VLAN Translation Policy on PON Networks

Application VLAN Plan VLAN Translation Remarks


Scenario
ONU OLT

FTTB networking Single-tagged ONUs provide the VoIP service Transparently -


(without HGWs) VLAN and use the same S-VLAN. transmits packets.

FTTB+HGW Single-tagged ONUs provide the VoIP service Transparently This solution is
networking (ONU VLAN and use the same S-VLAN. transmits packets. recommended.
providing the VoIP
service) Double- ONUs provide the VoIP service The OLT adds one S- This solution is used
tagged VLAN and use the same C-VLAN. VLAN tag: C-VLAN <- only when double-
(S-VLAN+C- > S-VLAN+C-VLAN. tagged VLANs are
VLAN) planned.

FTTB+HGW Single-tagged When packets sent from the HGW Transparently This solution is
networking (HGW VLAN using LAN upstream transmits packets. recommended.
providing the VoIP transmission carries user VLANs,
service) Double- the ONU translates user VLANs to The OLT adds one S- This solution is used
tagged VLAN C-VLANs. VLAN tag: C-VLAN <- only when double-
(S-VLAN+C- HGWs (xDSL upstream > S-VLAN+C-VLAN. tagged VLANs are
VLAN) transmission): ONUs translate planned.
PVCs to C'-VLANs.

Note

 The VoIP service is a closed service self-operated by carriers. The single-tagged S-VLAN is the mainstream
application and is recommended.

 Set an S-VLAN for an entire network, an OLT, a PON board, or a PON port for identifying services and physical
locations. It is recommended that you set different VoIP VLANs for the OLTs connected to one VoIP SR to
avoid an excessively large broadcast domain of the VoIP SR and convergence switch.

2024-09-17 219
MA5800 Product Documentation

 The outer S-VLAN, which identifies services and physical locations, can be allocated based on the OLT, PON
board, or PON port. The inner C-VLAN identifies services or users.

VLAN Planning and VLAN Translation Policy on Ethernet Cascading


Networks

Application Scenario VLAN VLAN Translation


Plan
MDU/GE Remote Extended Subrack OLT/Master
Subrack

FTTB or FTTC Ethernet One-tag Without HGWs and with voice services provided by the The OLT transmits
cascading (MDUs serving VLAN MDU: Each MDU uses the same S-VLAN for its voice packets
as independent nodes) solution users. transparently.
LAN access with voice services provided by HGWs:
MDUs translate user VLANs to C-VLANs.
xDSL access with voice services provided by HGWs:
ATM upstream transmission: MDUs translate PVCs to C-
VLANs (PVC <-> C-VLAN).
PTM upstream transmission: Untagged upstream
packets of HGWs: MDUs map C-VLANs based on user
ports. User-VLAN-tagged upstream packets of HGWs:
MDUs translate user VLANs to C-VLANs (user VLAN <->
C-VLAN).

FTTB or FTTC Ethernet xDSL access with voice services provided by HGWs: The master subrack
cascading (centralized transmits packets
management for GE ATM upstream transmission: The extended subrack transparently.
remote extended translates PVCs to C-VLANs (PVC <-> C-VLAN).
subracks) PTM upstream transmission: Untagged upstream
packets of HGWs: The extended subrack maps C-VLANs
based on user ports. User-VLAN-tagged upstream
packets of HGWs: The extended subrack translates user
VLANs to C-VLANs (user VLAN <-> C-VLAN).

VoIP data plan based on H.248 or SIP

Item Remarks

MG interface/SIP Media and Media and Upstream VLANs of the VoIP service
interface data signaling signaling
NOTE: parameters upstream VLAN
(Must be the same
Media and Upstream ports of the VoIP service
as that on the MGC
signaling
or IMS core
upstream port
network device.)
Media IP Separating media streams from signaling streams
address and
signaling IP
address

Default IP Next hop IP address from an ONU/HGW to an MGC/IMS


address of the
MG

2024-09-17 220
MA5800 Product Documentation

Item Remarks

MG interface/SIP interface ID -

Signaling port ID Choose the transmission mode according to the


requirement on the MGC/IMS side.

IP address of primary MGC When dual homing is not configured, the parameters of the
(H.248)/IP address of primary primary MGC need to be configured. When dual homing is
IMS device (SIP) configured, the IP address and the port ID of the secondary
MGC must also be configured.
Port ID of primary MGC
(H248)/port ID of primary IMS
device (SIP)

Codec mode The codec mode is selected according to the requirements


on the MGC/IMS side. Generally, the text mode is used.

Transmission mode The transmission mode is selected according to the


requirements on the MGC/IMS side. Generally, UDP is used.

Home domain name (SIP) -

Profile index (SIP) -

H.248 version used for starting V1, V2 or V3 (default value). The interface may fail to be
negotiation registered because some softswitches do not support V3.

VoIP user configuration Phone number H.248: The phone numbers allocated by the MGC need to
data be determined, and the paging numbers for users'
emergency standalone need to be planned if the
emergency standalone function is provided.
SIP: The phone number that the IMS core network device
allocates to the user must be configured.

TID (H.248) If the TID template with which the PSTN user is bound
does not support terminal layering, this parameter needs
to be configured.

User priority According to the service requirements, user priorities must


be specified. The user priorities include the following:
cat1: government1 (category 1 government users)
cat2: government2 (category 2 government users)
cat3: normal (common users). This is the default value.

User type According to the service requirements, user type needs to


be specified. The user type includes the following:
DEL: direct exchange lines (default)
ECPBX: earth calling PBX
LCPBX: loop calling PBX
PayPhone: pay phone

Common Parameter System parameter The system parameters, including the international version
flag and message waiting indication (MWI) mode, need to
be configured according to local standards to ensure that
the response of the user terminal complies with the local
standards.

2024-09-17 221
MA5800 Product Documentation

Item Remarks

International parameters The attributes such as the upper and lower thresholds of
the flash-hooking duration need to be configured according
to the local standards to ensure that the response of the
user terminal complies with the local standards.

PSTN port attributes If the PSTN port needs to support the polarity reversal
accounting, the PSTN port needs to be configured to
support the polarity reversal pulse. Other attributes do not
need to be modified if there is no special requirement.

Ringing current attributes When the attributes of ring current are changed, ring
volume is changed. This parameter needs to be modified
according to the local standard only when the default ring
current attribute does not comply with the local standard.

1.3.2.5 Principle of IPTV Service Data Plan


Principle of IPTV Service Data Plan

The IPTV service plan mainly includes the plan of VLANs and VLAN translation policies in different network
scenarios, and the plan of IPTV services. IPTV services include multicast service and VoD service. These two
services have relationships and independence in VLAN planning.

Note

This configuration guide is written based on solution scenarios, covering the E2E service configuration process for
the OLT, ONU, and HGW.
This guide provides guidance for service configuration in fiber to the building (FTTB) and fiber to the curb (FTTC)
involving the OLT and ONUs of different models.

 OLTs are required in all FTTB and FTTC scenarios. When reading this guide, OLT customers can select
required information based on scenarios.

 ONUs used in different FTTB and FTTC scenarios may be different. When reading this guide, ONU customers
can select required information based on actual network planning or ONU application scenarios.

VLAN and VLAN translation policy

Application Service VLAN VLAN Translation Remarks


Scenario Type Plan
ONU OLT

Scenario 1: Multicast One- 1. The multicast VLAN (M- Upstream IGMP: The OLT This solution is
FTTB+HGW service tagged VLAN) of the HGW is performs IGMP proxy to recommended
networking VLAN different from the terminate IGMP packets because carriers
(ONU providing network-side M-VLAN. transmitted from the user will define a
the VoIP service) side and encapsulate IGMP unified M-VLAN on
Upstream IGMP: The ONU the HGW.
and packets transmitted by
performs IGMP proxy to
Scenario 2: terminate IGMP packets network-side M-VLANs.
FTTB+HGW transmitted from the user The OLT replicates multicast
networking side and encapsulate IGMP packets based on PON ports
(HGW providing packets transmitted by

2024-09-17 222
MA5800 Product Documentation

Application Service VLAN VLAN Translation Remarks


Scenario Type Plan
ONU OLT

the VoIP service) network-side M-VLANs. with M-VLANs unchanged.


Downstream multicast
service flows: The ONU
replicates multicast
packets based on user
ports and multicasts
downstream multicast
packets across VLANs:
user VLAN <-> M-VLAN

Multicast One- VLAN translation policy: Transparently transmits This solution is


VoD tagged packets. recommended.
service VLAN When packets sent from
The PSPV mode is
the HGW using LAN
recommended for
upstream transmission
the VoD service
carries user VLANs, the
because the
ONU translates user
service requires
VLANs to C-VLANs.
fewer VLANs.
When packets are sent
from the HGW using xDSL
upstream transmission,
the ONU translates PVCs
to C-VLANs.

FTTB or FTTC Multicast One-tag Upstream IGMP packets: Upstream IGMP packets: The This solution is
Ethernet service VLAN The MDU performs IGMP OLT performs IGMP proxy to recommended.
cascading (MDUs solution proxy to terminate IGMP terminate IGMP packets
serving as packets transmitted from transmitted from the user
independent the user side, encapsulate side, encapsulate the packets
nodes) the packets with an M- with an M-VLAN tag on the
VLAN tag on the network network side, and send the
side, and send the packets packets upstream.
upstream.
Downstream multicast
Downstream multicast service flows: The OLT
service flows: The MDU replicates multicast packets
replicates multicast based on GE ports with M-
packets based on user VLANs unchanged.
ports and multicasts
downstream packets
among M-VLANs.

Multicast One-tag HGWs (LAN upstream The OLT transmits packets This solution is
VoD VLAN transmission): MDUs transparently. recommended.
service solution translate user VLANs to C-
VLANs (user VLAN <-> C-
VLAN).
HGWs (xDSL upstream
transmission):
ATM upstream
transmission: MDUs
translate PVCs to C-VLANs
(PVC <-> C-VLAN).
PTM upstream
transmission: Untagged
upstream packets of
HGWs: MDUs map C-

2024-09-17 223
MA5800 Product Documentation

Application Service VLAN VLAN Translation Remarks


Scenario Type Plan
ONU OLT

VLANs based on user


ports. User-VLAN-tagged
upstream packets of
HGWs: MDUs translate
user VLANs to C-VLANs
(user VLAN <-> C-VLAN).

FTTB or FTTC Multicast One-tag HGWs (xDSL upstream Upstream IGMP packets: The This solution is
Ethernet service VLAN transmission) when M- master subrack performs recommended.
cascading solution VLANs on HGW side and IGMP proxy to terminate
(centralized network side are different: IGMP packets transparently
management for transmitted from the
GE remote Upstream IGMP packets:
The extended subrack extending board and
extended reported by the extended
subracks) performs IGMP proxy to
terminate IGMP packets subrack, encapsulate the
transmitted from the user packets with an M-VLAN tag
side, encapsulate the on the network side, and
packets with an M-VLAN send the packets to the
tag on the network side, upper-layer network.
and send the packets to Downstream multicast
the extending board. service flows: The control
Downstream multicast board in the master subrack
service flows: The replicates multicast packets
extended subrack based on Ethernet extending
replicates multicast boards, and the Ethernet
packets based on user extending boards replicate
ports, and multicasts the multicast packets based on
packets among M-VLANs GE ports with M-VLANs
(user VLAN <- M-VLAN). unchanged.

Multicast One-tag HGWs (xDSL upstream The master subrack This solution is
VoD VLAN transmission): transmits packets recommended.
service solution transparently.
ATM upstream
transmission: The
extended subrack
translates PVCs to C-
VLANs (PVC <-> C-VLAN).
PTM upstream
transmission: Untagged
upstream packets of
HGWs: The extended
subrack maps C-VLANs
based on user ports. User-
VLAN-tagged upstream
packets of HGWs: The
extended subrack
translates user VLANs to
C-VLANs (user VLAN <->
C-VLAN).

Note

 IPTV service is a closed service self-operated by carriers, and single—tagged S-VLAN is recommended.

2024-09-17 224
MA5800 Product Documentation

 The same S-VLAN or different S-VLANs can be used as the M-VLAN and VoD VLAN. It is recommended that
you use different S-VLANs as M-VLAN and VoD VLAN so that the upper-layer device can easily differentiate
the BTV service and VoD service.

 S-VLANs of VoD service can identify services and physical locations based on an entire network or an OLT. It
is recommended that you set different VoD VLANs for the OLTs connected to one IPTV SR to avoid an
excessively large broadcast domain of the SR and convergence switch.

Data plan for multicast service

Data Item Remarks

Multicast The OLT and ONU generally use IGMP proxy. The ONT or HGW generally uses IGMP snooping.
protocol

IGMP The compatibility policies of the IGMP version on access equipment distinguish between the network
version side and the user side.
In normal application scenarios, the device is usually the active initiating party. The IGMP version on the
multicast router can be seamlessly degraded without packet loss.
The terminals are always the active initiating party and can be seamlessly degraded without packet loss.
The recommended versions are as follows:
If the network-side version is V2, the recommended version for the access equipment is V2.
If the network-side version is V3, the recommended version for the access equipment is V2 or V3.
If the user-side version is V2, the recommended version for the access equipment is V2 or V3.
If the user-side version is V3, the recommended version for the access equipment is V3.

Multicast Static configuration is recommended. The OLT can also generate a multicast program library. In other
program words, the OLT dynamically generates a program list according to the programs requested by users. In
this mode, the program list does not need to be configured or maintained; however, the functions such as
program management, user multicast bandwidth management, program preview, and program prejoin
are not supported.

Multicast Default
preview
profile

Multicast Enabling this function is recommended. It reduced the exchange of IGMP packets, saving the bandwidth
fast leave resources.

1.3.2.6 Principle of Security Data Plan


Principle of Security Data Plan

The security plan involves system security plan, user security plan, and service security plan. Security policy
ensures service security from different aspects.

 The device provides complete security measures, but not all security measures need to be deployed. Only the security
measures that meet the following requirements need to be deployed:

 The security measures can be used on the live network.


 The security measures are easy to deploy.

2024-09-17 225
MA5800 Product Documentation

 The security measures are effective.

 Different ONUs support different security features. Select the security feature recommended in this topic according to
actual ONU capabilities.

System Security

Security Solution Description and Usage Suggestion


Vulnerability

DoS attack Enable the anti-DoS- After the anti-DoS-attack function is enabled, control packets are
attack function for OLT monitored and those exceeding the number threshold are discarded.
and MDU. Use this solution for new site deployment.

IP attack Enable the anti-IP- After the anti-IP-attack function is enabled, a device discards the IP packets
attack function for OLT received from the user side whose destination IP address is the IP address
and MDU. of the device, and therefore the system is protected.
Use this solution for new site deployment.

User Security

Security Solution Description and Usage Suggestion


Vulnerability

MAC spoofing Enable the anti- After anti-MAC-duplicate is enabled, the system records the first MAC address
MAC-duplicate learned from the port and binds the MAC address to the port and VLAN. If
function for OLT receiving packets sent from the host that has the same MAC address with the port,
and MDU. the system discards the packets directly. In this case, it can prevent users from
forging MAC addresses to perform malicious attacks.
Use this solution for new site deployment.

MAC attack Enable the anti- After anti-MAC spoofing is enabled, the system can prevent users from forging IP
MAC spoofing addresses to perform malicious attacks.
function for OLT Use this solution for new site deployment.
and MDU.

IP spoofing Enable the anti-IP After anti-IP spoofing is enabled, the system can prevent users from forging IP
spoofing function addresses to perform malicious attacks.
for MDU. Use this solution for new site deployment.

Service Security

Security Vulnerability Solution Description and Usage Suggestion

Unauthorized broadband DHCP option 82 is enabled on OLT In the DHCP option 82 mode, user's physical location
access of small or MDU, and the BRAS implements is added to the option 82 field carried in the DHCP
enterprises (IPoE) user authentication based on the request packet initiated by a user. The physical
RAIO information. location, used for user authentication on the upper-
layer authentication server, can help implement the
following functions:
The DHCP relay forwards DHCP response packets to
devices with specified CID and RID.
Prevents DHCP address exhaustion.
Achieves static allocation of DHCP addresses.

2024-09-17 226
MA5800 Product Documentation

Security Vulnerability Solution Description and Usage Suggestion

Implements anti-IP spoofing.


Implements anti-user ID spoofing.
Implements anti-MAC spoofing.
Use this solution for the DHCP Internet access service.

Broadband access of PPPoE+ (PITP) is enabled on OLT The BRAS responds to request packets of users with
residential users and MDU, and the BRAS specified CID and RID. In this way, the following
(PPPoE), user account implements user authentication functions are implemented:
theft/borrowing based on binding of the RAIO
information to the user account. Prevents IP address exhaustion.
Implements anti-IP spoofing.
Implements anti-user ID spoofing.
Implements anti-MAC spoofing.
Use this solution for the PPPoE Internet access service.

1.3.3 FTTB Networking (GPON&XG-PON&XGS-PON


Networking, LAN Access, Without HGW)
FTTB Networking (GPON&XG-PON&XGS-PON Networking, LAN Access, Without HGW)

In this kind of networking, the ONU provides 100M FE access and POTS access for Internet access service and VoIP
service respectively for users. This topic describes how to configure the Internet access service and VoIP service on
the OLT and ONU in this networking.

Context
There are two xPON configuration modes: distributed mode (also called discrete mode) and profile mode. The
difference between the two modes lies in command lines.

 Distributed mode: In this mode, ONUs need to be configured one by one but not in batches.

 Profile mode: In this mode, an ONU line profile and service profile are configured first. Then, ONUs can be
added in batches by binding profiles. This mode greatly improves service provisioning efficiency.

Generally, the xPON configuration mode is determined in a new deployment on the OLT and will not be changed.

For commands for the distributed configuration mode, see PON distributed-mode commands in the OLT Command Reference.

The description of this topic is based on the mode below.


Mode Query Method

GPON profile mode (system default) On the OLT:


huawei(config)#diagnose
huawei(diagnose)%%display xpon mode
-------------------------------------------
Current config mode: Profile-mode
-------------------------------------------

Service Requirements and Application Scenarios

2024-09-17 227
MA5800 Product Documentation

FTTB networking is usually used in trade estate and housing estate having high-density buildings and users. In FTTB
networking, optical fibers are connected from the central office (CO) to buildings. The network section from the service
convergence nodes to users is deployed by xDSL or LAN access. LAN access is easily and commonly deployed and
therefore becomes the first choice for bandwidth construction.

Configuration Procedure

Adding an ONU to an OLT

Services can be configured for an ONU only after the ONU is successfully added to an OLT.

Configuring the Management Channel Between the OLT and the ONU

After the inband management channel between the OLT and the ONU is configured and available, you can log in to the ONU
from the OLT to configure the ONU.

Configuring the Service Channel Between the OLT and the ONU

Various service flows can be configured on the OLT for different services so that service packets on the ONU can be
forwarded at Layer 2 according to the planned VLAN and forwarding policies.

Configuring LAN Internet Access Service (on the ONU)

This topic describes how to configure the Internet access service through the Ethernet port by the ONU. Specifically,
configure service flows on the ONU and configure the upstream VLAN to provide the service channel from the ONU to the
user and set up the upstream channel from the ONU to the OLT.

Configuring Link Aggregation, Congestion Control, and Security Policies

The global configuration of upstream link aggregation and queue scheduling based on priorities ensures service reliability.
The global configuration of security policies ensures service security.

Verifying Services

In the Fiber-to-the-building (FTTB) scenario, optical network units (ONUs) are installed in buildings that are far from the
central equipment room. ONUs support methods of remote service verification such as Point-to-Point Protocol over
Ethernet (PPPoE) dialup emulation and call emulation. Remote site verification eliminates the need to go to site for a
second time.

1.3.3.1 Service Requirements and Application Scenarios


Service Requirements and Application Scenarios

FTTB networking is usually used in trade estate and housing estate having high-density buildings and users. In
FTTB networking, optical fibers are connected from the central office (CO) to buildings. The network section from
the service convergence nodes to users is deployed by xDSL or LAN access. LAN access is easily and commonly
deployed and therefore becomes the first choice for bandwidth construction.

2024-09-17 228
MA5800 Product Documentation

Service Requirements
Only Internet access service and VoIP service are needed and there is no multicast requirement.
Considering simple and flexible service provisioning and easy OM, category-5 cables and FTTB (LAN access) are
used for deployment.

Application Scenarios

As shown in Figure 1, the ONU is deployed in the building and is connected to the user's home through the
category-5 cable.

 For the Internet access service: Users are connected to the ONU through category-5 cables and are
authenticated by dialup using PCs. Each user has an independent account and is authenticated and managed
on the BRAS.

 For the VoIP service: Users are provisioned with the VoIP service through the ONU with the build-in voice
module.

Figure 1 Example network of the FTTB service (LAN access)

1.3.3.2 Configuration Procedure


Configuration Procedure

Figure 1 shows the configuration roadmap diagram in the FTTB and FTTC networking scenarios using LAN access
without HGWs.

Figure 1 Configuration Roadmap Diagram in the FTTB and FTTC Networking Scenarios Using LAN Access Without
HGWs

2024-09-17 229
MA5800 Product Documentation

The following table lists the detailed description steps.


Item Procedure Remarks

OLT Add an ONU on the OLT. Services can be configured for an ONU only after the ONU is successfully added to an
OLT.

Configure the After the inband management channel between the OLT and the ONU is configured
management channel and available, you can log in to the ONU from the OLT to configure the ONU.
between the OLT and the
ONU.

Configure the service Service channels, such as Internet access service channel, are set up on the OLT so
channel between the OLT that services on the ONU can be normally forwarded.
and the ONU.

ONU Configure the Internet This topic describes how to configure the Internet access service through the
access service. Ethernet port by the ONU. Specifically, configure service flows on the ONU and
configure the upstream VLAN to provide the service channel from the ONU to the
user and set up the upstream channel from the ONU to the OLT.

Configure the VoIP service. NOTE:


The H.248 and SIP protocols are mutually exclusive for the VoIP service. Only one of
them is configured at a time.

OLT Configure the link The global configuration of upstream link aggregation and queue scheduling based
ONU aggregation, congestion on priorities ensures service reliability. The global configuration of security policies
control, and security ensures service security.
policy.

ONU Verify the services. The ONU provides remote verification methods including PPPoE dialup emulation
and call emulation for configuration and commissioning engineers to verify services
remotely after service configuration, avoiding a second on-site operation.

2024-09-17 230
MA5800 Product Documentation

1.3.3.3 Adding an ONU to an OLT


Adding an ONU to an OLT

Services can be configured for an ONU only after the ONU is successfully added to an OLT.

Context

 When an ONU is added, desired profiles, including the dynamic bandwidth allocation (DBA) profile, line
profile, and alarm profile, must be bound to the ONU. For details about functions and configuration methods
for these profiles, see Table 1.
Table 1 Introduction to ONU profiles

Profile Function Command


Type

DBA A DBA profile describes GPON traffic parameters. A T-CONT is bound to a DBA Query a DBA profile.
profile profile for dynamic bandwidth allocation, improving upstream bandwidth display dba-profile
utilization. Add a DBA profile. dba-
profile add

Line A line profile describes binding between the T-CONT and the DBA profile, the Query a line profile. display
profile QoS mode of the service flow, and mapping between the GEM port and the ont-lineprofile
ONU-side service. Add a line profile. ont-
lineprofile add

Alarm An alarm profile contains a series of alarm threshold parameters that are used Query an alarm profile.
profile for performance measurement and monitoring of the activated ONT lines. display gpon alarm-
profile
Add an alarm profile. gpon
alarm-profile add

 An ONU can be added in two modes. Select either mode as required.


Mode Usage Scenario Command

Add an ONU The ONU password or Run the ont add command to add an ONU.
offline. serial number (SN) is
obtained.

Online Both the ONU password In the GPON mode, run the port ont-auto-find command to enable the
confirm an and SN are not obtained. ONU auto-discovery function of a GPON port and then run the ont confirm
ONU. command to add an ONU.

Data Plan

Table 2 Data plan

Item Data

DBA profile NOTE:

All configuration items are provided here. Select desired ones based on service types.

Profile name: fttb_dba_mngt


Profile type: Type1

2024-09-17 231
MA5800 Product Documentation

Table 2 Data plan

Item Data

Fixed bandwidth: 1 Mbit/s


Profile name: fttb_dba_voip
Profile type: Type1
Fixed bandwidth: 4 Mbit/s
Profile name: fttb_dba_hsi
Profile type: Type4
Maximum bandwidth: 512 Mbit/s
Profile name: fttb_dba_vod
Profile type: Type3
Assured bandwidth: 8 Mbit/s
Maximum bandwidth: 16 Mbit/s
Profile name: fttb_dba_iptv
Profile type: Type3
Assured bandwidth: 8 Mbit/s
Maximum bandwidth: 16 Mbit/s

Line profile NOTE:

All configuration items are provided here. Select desired ones based on service types.

Profile name: fttb(c)


Profile ID: 10
T-CONT ID used by the management service: 4
T-CONT ID used by the voice service: 5
T-CONT ID used by the Internet access service: 6
T-CONT ID used by the VoD service: 7
T-CONT ID used by the IPTV service: 8

Network topology data PON port: 0/1/1


ONT ID: 1

Procedure

1. Configure GPON ONU profiles.

All configuration items are provided here. Select desired ones based on service types.

a. Configure a DBA profile.

huawei(config)#dba-profile add profile-name fttb_dba_mngt type1 fix 1024


huawei(config)#dba-profile add profile-name fttb_dba_voip type1 fix 4096
huawei(config)#dba-profile add profile-name fttb_dba_hsi type4 max 524288
huawei(config)#dba-profile add profile-name fttb_dba_vod type3 assure 8192 max 16384
huawei(config)#dba-profile add profile-name fttb_dba_iptv type3 assure 8192 max 16384

2024-09-17 232
MA5800 Product Documentation

b. Configure an ONU line profile.

i. Add GPON ONU line profile 10 fttb(c).

huawei(config)#ont-lineprofile gpon profile-id 10 profile-name fttb(c)

The ID of the line profile to be created must not exist in the system, and the line profile must be created
according to the data plan. In this example, line profile 10 is used.

ii. In the line profile mode, bind the T-CONT to the DBA profile.

huawei(config-gpon-lineprofile-10)#tcont 4 dba-profile-name fttb_dba_mngt


huawei(config-gpon-lineprofile-10)#tcont 5 dba-profile-name fttb_dba_voip
huawei(config-gpon-lineprofile-10)#tcont 6 dba-profile-name fttb_dba_hsi
huawei(config-gpon-lineprofile-10)#tcont 7 dba-profile-name fttb_dba_vod
huawei(config-gpon-lineprofile-10)#tcont 8 dba-profile-name fttb_dba_iptv

iii. In the line profile mode, create a GEM port for each T-CONT.
QoS policies must be configured for various service flows. For details about QoS data plan, see
Principle of QoS Planning .

huawei(config-gpon-lineprofile-10)#gem add 11 eth tcont 4 //Create GEM port 11 for T-CONT 4. Use the
same method to create other GEM ports.
huawei(config-gpon-lineprofile-10)#gem add 12 eth tcont 5
huawei(config-gpon-lineprofile-10)#gem add 13 eth tcont 6
huawei(config-gpon-lineprofile-10)#gem add 14 eth tcont 6
huawei(config-gpon-lineprofile-10)#gem add 15 eth tcont 7
huawei(config-gpon-lineprofile-10)#gem add 16 eth tcont 8

iv. Configure mapping between the GEM port and the ONU-side service.
Set the mode for mapping a GEM port to an ONU-side service to VLAN (default mode). Map
management service flows with C-VLAN 8 to GEM port 11, voice service flows with C-VLAN
200 to GEM port 12, Internet access service flows with C-VLANs 1001-1016 to GEM ports 13
and 14, VoD service flows with C-VLAN 300 to GEM port 15, and IPTV service flows with C-
VLAN 1000 to GEM port 16.

huawei(config-gpon-lineprofile-10)#gem mapping 11 0 vlan 8


huawei(config-gpon-lineprofile-10)#gem mapping 12 0 vlan 200
huawei(config-gpon-lineprofile-10)#gem mapping 13 0 vlan 1001
......
huawei(config-gpon-lineprofile-10)#gem mapping 13 7 vlan 1008
huawei(config-gpon-lineprofile-10)#gem mapping 14 0 vlan 1009
......
huawei(config-gpon-lineprofile-10)#gem mapping 14 7 vlan 1016
huawei(config-gpon-lineprofile-10)#gem mapping 15 0 vlan 300
huawei(config-gpon-lineprofile-10)#gem mapping 16 0 vlan 1000

2024-09-17 233
MA5800 Product Documentation

v. After the configuration is completed, run the commit command to make the configured
parameters take effect.

huawei(config-gpon-lineprofile-10)#commit
huawei(config-gpon-lineprofile-10)#quit

c. (Optional) Add an alarm profile.

 The ID of the default GPON alarm profile is 1. The thresholds for all the alarm parameters in the
default alarm profile are 0, which indicates that no alarm is generated.

 In this example, the default alarm profile is used. Therefore the configuration of the alarm
profile is not required.

2. Add an ONU to an OLT.


Assume that the ID of GPON port 0/1/1 is 1, SN is 32303131B39FD641, management mode is SNMP, and
the bound line profile is fttb(c). Connect the ONU to such a GPON port through the optical splitter.
There are two modes to add an ONT: add an ONT offline and confirm an automatically discovered ONU.

 Add an ONU offline.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont add 1 ontid 1 sn-auth 32303131B39FD641

snmp ont-lineprofile-name fttb(c)

 Confirm an automatically discovered ONU.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#port 1 ont-auto-find enable
huawei(config-if-gpon-0/1)#display ont autofind 1
huawei(config-if-gpon-0/1)#ont confirm 1 ontid 1 sn-auth 32303131B39FD641

snmp ont-lineprofile-name fttb(c)

a. (Optional) Bind the alarm profile to the ONU.


By default, alarm profile 1 is automatically bound to an ONU. A non-default alarm profile is bound
manually only when the default one does not meet the requirement.
In this example, the default alarm profile 1 is used and therefore the configuration of the alarm profile
is not required.

3. Check the ONU status.


After an ONU is added, run the display ont info command to query the current status of the ONU. Ensure
that Config flag of the ONU is active, Run State is online, and Config state is normal.

huawei(config-if-gpon-0/1)#display ont info 1 1


---------------------------------------------------------------------
F/S/P : 0/1/1
ONT-ID :1
Control flag : active //The ONU is activated.
Run state : online //The ONU is online.

2024-09-17 234
MA5800 Product Documentation

Config state : normal //The ONU configurations are recovered normally.


...//The rest of the response information is not provided here.
huawei(config-if-gpon-0/1)#quit

Follow-up Procedure

When Config state is failed, Run state is offline, or Match state is mismatch:

 If Control flag is deactive, run the ont active command in GPON mode to activate the ONU.

 If Run state is offline, a physical line may be broken or the optical module may be damaged. Check the line
and the optical module.

 If Config state is failed, the configured ONU capability exceeds the actual ONU capability. In this case, run the
display ont failed-configuration command in the diagnose mode to check the failed configuration item and
the failure cause. Then, rectify the fault accordingly.

 If the ONU does not match (Match state is mismatch), the port types and number of ports do not match the
actual port types and number of ports supported by the ONU. In this case, run the display ont capability
command to query the actual capability of the ONU, and then select one of the following modes to modify the
ONU configuration:

 Create a proper ONU profile according to the actual capability of the ONU, and then run the ont modify
command to modify the configuration data of the ONU.

 Modify the ONU profile according to the actual capability of the ONU and save the modification. Then, the
ONU automatically recovers the configuration successfully.

1.3.3.4 Configuring the Management Channel Between the OLT


and the ONU
Configuring the Management Channel Between the OLT and the ONU

After the inband management channel between the OLT and the ONU is configured and available, you can log in to
the ONU from the OLT to configure the ONU.

Data plan

Item Data Remarks

Management VLAN and Management VLAN ID: 8 To configure the MDU from the OLT by remote logging in to the
management IP address Management VLAN MDU, the management VLAN of the OLT and that of the MDU must
on the OLT side type: smart VLAN be the same, and the management IP address of the OLT and that of
Inband management IP the MDU must be in the same network segment.
address:
192.168.50.1/24

Management VLAN and Management VLAN ID: 8


management IP address Management VLAN
on the ONU side type: smart VLAN
Inband management IP

2024-09-17 235
MA5800 Product Documentation

Item Data Remarks

address:
192.168.50.2/24

Procedure
1. Configure the inband management VLAN and IP address of the OLT.
Configure the inband management VLAN to 8, VLAN priority to 6, and the IP address to 192.168.50.1/24.

huawei(config)#vlan 8 smart
huawei(config)#port vlan 8 0/9 0
huawei(config)#vlan priority 8 6
huawei(config)#interface vlanif 8
huawei(config-if-vlanif8)#ip address 192.168.50.1 24
huawei(config-if-vlanif8)#quit

2. Configure the inband management VLAN and IP address of the ONU.


Configure the static IP address of the ONU to 192.168.50.2/24, gateway to 192.168.50.254, and the
management VLAN ID to 8 (the same as the management VLAN of the OLT).

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont ipconfig 1 1 static ip-address 192.168.50.2 mask 255.255.255.0 gateway

192.168.50.254 vlan 8

huawei(config-if-gpon-0/1)#quit

3. Configure an inband management service port.


Configure the management service port ID to 1, management VLAN ID to 8, GEM port ID to 11, and user-side
VLAN ID to 8. The OLT does not limit inband management service flows. Therefore, it is recommended that
you use default traffic profile 6.

huawei(config)#service-port 1 vlan 8 gpon 0/1/1 ont 1 gemport 11 multi-service

user-vlan 8 rx-cttr 6 tx-cttr 6


4. Confirm that the management channel between the OLT and the ONU is available.

 On the OLT, run the ping 192.168.50.2 command to check the connectivity between the OLT and the
ONU. The ICMP ECHO-REPLY packet from the ONU should be received.

 On the OLT, You can remotely log in to the ONU to perform the configuration.

1.3.3.5 Configuring the Service Channel Between the OLT and


the ONU
Configuring the Service Channel Between the OLT and the ONU

Various service flows can be configured on the OLT for different services so that service packets on the ONU can be
forwarded at Layer 2 according to the planned VLAN and forwarding policies.

Context

2024-09-17 236
MA5800 Product Documentation

Service flows can be added in two modes, as described in Table 1. Select either mode as required.
Table 1 Adding service flows

Mode Command Remarks

Add service flows service-port -


one by one.

Add service flows multi-service- You need to specify the ontid + gemindex to identify a service flow and ensure that
in batches. port the number of GEM ports is the same as the number of VLANs on the user side.

Data plan

Item Data Remarks

Internet OLT VLAN ID: Assume that the split ratio of the optical splitter is 1:32, the ONU is
access connected to port 1 on the optical splitter using the optical cable, and the
CVLAN ID: 256 x GPON port ID
service user PC is connected to port 1 on the ONU. In this case, the inner VLAN is
+ 32 x Split ratio x (Splitter
258 according to the formula for calculating the inner VLAN.
port ID - 1) + ONU port ID + 1
For details about the data plan, see Principle of Internet Access Service
SVLAN: VLAN ID 100 and Data Plan .
attribute stacking
Upstream VLANs of the ONU:
1001-1016
Service flow ID: 101

VoIP OLT VLAN ID (VLAN For details about the data plan, see Principle of VoIP Service Data Plan .
service transparently transmitting the
ONU service): 200
ONU VLAN ID: 200
Service flow ID: 201

Procedure
 Configure the channel for the Internet access service.

1. Configure the service VLAN and add the upstream port to this VLAN.
Configure the SVLAN ID to 100, VLAN type to smart VLAN, and VLAN attribute to stacking. Add
upstream port 0/9/0 to VLAN 100.

huawei(config)#vlan 100 smart


huawei(config)#vlan attrib 100 stacking
huawei(config)#port vlan 100 0/9 0

2. Configure the corresponding traffic profile.


The 802.1p priority for the Internet access service is 0 and the traffic profile is unlimited. You can run
the display traffic table ip command to query the traffic profile in the system. Use traffic profile 6.

huawei(config)#display traffic table ip from-index 0

3. Configure service flows to receive and transparently transmits the Internet access service from the
ONU.
According to the data plan,

2024-09-17 237
MA5800 Product Documentation

 For the OLT: The SVLAN ID is 100, inner VLAN ID is 258. The user-side VLAN ID of the OLT is the
upstream VLAN ID of the ONU, that is, 1001. The Internet access service uses GEM port 13.

 For the ONU: The upstream VLAN ID is 1001.

huawei(config)#service-port 101 vlan 100 gpon 0/1/1 ont 1 gemport 13 multi-service

user-vlan 1001 tag-transform translate-and-add inner-vlan 258 rx-cttr 6 tx-cttr 6


 Configure the channel for the VoIP service.

1. Configure the service VLAN and add the upstream port to this VLAN.
Configure the SVLAN ID to 200 and VLAN type to smart VLAN. Add upstream port 0/9/0 to VLAN 200.

huawei(config)#vlan 200 smart


huawei(config)#port vlan 200 0/9 0

2. Configure the corresponding traffic profile.


The 802.1p priority of the VoIP service is 5 and the traffic profile is unlimited. You can run the display
traffic table ip command to query the traffic profile in the system. If the existing traffic profile does not
meet data plan requirements, a new traffic profile is required.
New traffic profile 9 is added. In the command execution, priority-policy is local-setting, which
indicates that service packets are scheduled by the priority specified in the traffic profile.

huawei(config)#traffic table ip index 9 cir off priority 5 priority-policy local-setting

3. Configure service flows to receive and transparently transmits the VoIP service from the ONU.
According to the data plan,

 For the OLT: The SVLAN ID is 200. The user-side VLAN ID of the OLT is the upstream VLAN ID of
the ONU, that is, 200. The VoIP service uses GEM port 12.

 For the ONU: The upstream VLAN ID is 200.

huawei(config)#service-port 201 vlan 200 gpon 0/1/1 ont 1 gemport 12 multi-service

user-vlan 200 rx-cttr 9 tx-cttr 9

1.3.3.6 Configuring LAN Internet Access Service (on the ONU)


Configuring LAN Internet Access Service (on the ONU)

This topic describes how to configure the Internet access service through the Ethernet port by the ONU.
Specifically, configure service flows on the ONU and configure the upstream VLAN to provide the service channel
from the ONU to the user and set up the upstream channel from the ONU to the OLT.

Data plan

Item Data Remarks

Port Upstream port: -


0/0/1
Service port: 0/3/1

2024-09-17 238
MA5800 Product Documentation

Item Data Remarks

Service VLAN ID: 1001- The ONU supporting 16 FE ports is used as an example. In actual configuration, plan
VLAN 1016 the data according to actual capabilities of devices.
VLAN type: smart For details about the data plan, see Principle of Internet Access Service Data Plan .
VLAN
VLAN attribute:
common

Traffic Profile ID: 8 For details about the data plan, see Principle of QoS Planning .
profile Committed rate: 4
Mbit/s
Priority: 0

Procedure

1. Log in to and configure the ONU.


You can remote log in to the ONU from the OLT to perform the configuration.

2. Create SVLANs.
Create smart SVLANs 1001-1016 in batches with attribute common.

huawei(config)#vlan 1001-1016 smart

3. Add the upstream port to SVLANs.


Add upstream port 0/0/1 to SVLANs.

huawei(config)#port vlan 1001-1016 0/0 1

4. Configure a traffic profile.


Run the display traffic table ip command to query the existing traffic profiles in the system. If the existing
traffic profile in the system does not meet the requirement, run the traffic table ip command to add a traffic
profile.
Assume that the committed information rate (CIR) is 4 Mbit/s, priority of upstream packets is 0, and
downstream packets are scheduled based on the priorities specified in the traffic profile. Configure traffic
profile 8.

huawei(config)#traffic table ip index 8 cir 4096 priority 0 priority-policy local-Setting

5. Add a service port.


Create service port 101, bind it to port 0/3/1, set the user-side VLAN to untagged and bind the VLAN to
traffic profile 8.

This example creates one service port as an example. Each service port maps a user. When configuring another service
port, map the corresponding SVLAN.

huawei(config)#service-port 101 vlan 1001 eth 0/3/1 multi-service user-vlan

untagged rx-cttr 8 tx-cttr 8

6. Save the data.

2024-09-17 239
MA5800 Product Documentation

huawei(config)#save

1.3.3.7 Configuring Link Aggregation, Congestion Control, and


Security Policies
Configuring Link Aggregation, Congestion Control, and Security Policies

The global configuration of upstream link aggregation and queue scheduling based on priorities ensures service
reliability. The global configuration of security policies ensures service security.

Context

On the OLT, link aggregation provides a higher bandwidth and uplink reliability for optical line terminals (OLTs)
by aggregating multiple uplink Ethernet ports to one link aggregation group (LAG). Link aggregation is
recommended.
Congestion control places the packets to be sent from a port into multiple queues that are marked with different
priorities. Then, the packets are sent based on queue priorities. Congestion control is recommended.

Security policies ensure system, user, and service security.

Enable a service security function based on the service type. For details, see Principle of Security Data Plan .

Procedure
 Configure link aggregation.
On the OLT, the following configurations are used as an example to configure link aggregation:

 Upstream ports 0/9/0 and 0/9/1 are added to a LAG.

 The two ports send packets upstream based on the packets' source MAC addresses.

 The LAG works in Link Aggregation Control Protocol (LACP) static aggregation mode.

huawei(config)#link-aggregation 0/9 0-1 ingress workmode lacp-static

 Configure queue scheduling.


On both the OLT and optical network units (ONUs), according to quality of service (QoS) planning principles,
all packets are scheduled in strict priority (SP) mode and mapped to queues according to the packets'
priorities. For details about QoS planning principles, see Principle of QoS Planning .

huawei(config)#queue-scheduler strict-priority
huawei(config)#cos-queue-map cos0 0 cos4 4 cos5 5 cos6 6

 Configure system security.

 Enable deny of service (DoS) anti-attack on both the OLT and ONUs.

1. Run the security anti-dos enable command to globally enable DoS anti-attack.

2024-09-17 240
MA5800 Product Documentation

2. Run the security anti-dos control-packet policy command to configure a protocol packet
processing policy that will be used when a DoS attack occurs.

3. Run the security anti-dos control-packet rate command to configure the threshold for the rate
of sending protocol packets to the CPU.

 Enable IP address anti-attack on both the OLT and ONUs.


Run the security anti-ipattack enable command to enable IP address anti-attack.

 Configure user security.

 Enable MAC address anti-flapping on both the OLT and ONUs.


Run the security anti-macduplicate enable command to enable MAC address anti-flapping.

 Enable MAC address anti-spoofing on both the OLT and ONUs.

1. In global config mode, run the security anti-macspoofing enable command to globally enable
MAC address anti-spoofing.

2. Enable MAC address anti-spoofing at VLAN level in global config mode or service profile mode:

a. In global config mode, run the security anti-macspoofing vlan command to enable MAC
address anti-spoofing.

b. Perform the following operations to enable MAC address anti-spoofing in service profile
mode:

i. In global config mode, run the vlan service-profile command to create a VLAN
service profile.

ii. Run the security anti-macspoofing enable command to enable MAC address anti-
spoofing at VLAN level.

iii. Run the commit command to make the profile configuration take effect.

iv. Run the quit command to quit the VLAN service profile mode.

v. Run the vlan bind service-profile command to bind the created VLAN service
profile to a VLAN.

3. (Optional) Run the security anti-macspoofing max-mac-count command to set the maximum
number of MAC addresses that can be bound to a service flow.

4. (Optional) Run the security anti-macspoofing exclude command to configure the types of
packets for which MAC address anti-spoofing does not take effect, such as Internet Group
Management Protocol (IGMP) packets.

 Enable IP address anti-spoofing on ONUs.

IP address anti-spoofing can be enabled or disabled at three levels: global, VLAN, and service port levels.
This function takes effect only after it is enabled at the three levels. Among the three levels, IP address
anti-spoofing is disabled only at the global level by default.

2024-09-17 241
MA5800 Product Documentation

1. In global config mode, run the security anti-ipspoofing enable command to enable IP address
anti-spoofing at the global level.

2. In VLAN service profile mode, run the security anti-ipspoofing enable command to enable IP
address anti-spoofing at the VLAN level.

3. Run the security anti-ipspoofing service-port serviceport-id enable command to enable IP


address anti-spoofing at the service port level.

 Configure service security.

 Enable Dynamic Host Configuration Protocol (DHCP) Option 82 on the OLT or ONUs. This configuration
is recommended for the DHCP-based Internet access service.

1. Enable DHCP Option 82 on the OLT or ONUs.


DHCP Option 82 can be enabled or disabled at four levels: global, port, VLAN, and service port
levels. This function takes effect only after it is enabled at the four levels. Among the four levels,
DHCP Option 82 is disabled only at the global level by default.

 The global level: In global config mode, run the dhcp option82 command to enable DHCP
Option 82 at the global level.
When you run this command, select the enable, forward, or rebuild parameter based on
site requirements. The three parameters can all enable DHCP Option 82 but provide different
packet processing policies on the OLT. For details, see the dhcp option82 command.

 The port level: In global config mode, run the dhcp option82 port or dhcp option82 board
command to enable DHCP Option 82 at the port level.

 The VLAN level:

a. In global config mode, run the vlan service-profile command to create a VLAN
service profile.

b. Run the dhcp option82 enable command to enable DHCP Option 82 at the VLAN
level.

c. Run the commit command to make the profile configuration take effect.

d. Run the quit command to quit the VLAN service profile mode.

e. Run the vlan bind service-profile command to bind the created VLAN service profile
to a VLAN.

 The service port level: In global config mode, run the dhcp option82 service-port command
to enable DHCP Option 82 at the service port level.

2. On the OLT, run the dhcp-option82 permit-forwarding service-port command with the enable
parameter selected, to allow ONU DHCP packets to carry Option 82 information.

 Enable Policy Information Transfer Protocol (PITP) on both the OLT and ONUs. This configuration is
recommended for the PPPoE-based Internet access service.

2024-09-17 242
MA5800 Product Documentation

1. Enable PITP on both the OLT and ONUs.


PITP can be enabled or disabled at four levels: global, port, VLAN, and service port levels. This
function takes effect only after it is enabled at the four levels. Among the four levels, PITP is
disabled only at the global level by default.

 The global level: In global config mode, run the pitp enable pmode, pitp forward pmode, or
pitp rebuild pmode command to enable PITP at the global level.
In the preceding commands, the enable, forward, and rebuild parameters can all enable
PITP but provide different packet processing policies on the OLT. Select one of them based
on site requirements. For details, see the pitp command.

 The port level: In global config mode, run the pitp port or pitp board command to enable
PITP at the port level.

 The VLAN level:

a. In global config mode, run the vlan service-profile command to create a VLAN
service profile.

b. Run the pitp enable command to enable PITP at the VLAN level.

c. Run the commit command to make the profile configuration take effect.

d. Run the quit command to quit the VLAN service profile mode.

e. Run the vlan bind service-profile command to bind the created VLAN service profile
to a VLAN.

 The service port level: In global config mode, run the pitp service-port command to enable
PITP at the service port level.

2. On the OLT, run the pitp permit-forwarding service-port command with the enable parameter
selected, to allow ONU PPPoE packets to carry a vendor tag.

1.3.3.8 Verifying Services


Verifying Services

In the Fiber-to-the-building (FTTB) scenario, optical network units (ONUs) are installed in buildings that are far
from the central equipment room. ONUs support methods of remote service verification such as Point-to-Point
Protocol over Ethernet (PPPoE) dialup emulation and call emulation. Remote site verification eliminates the need
to go to site for a second time.

Prerequisites

ONUs are properly connected to upper-layer devices. The broadband remote access server (BRAS) and media
gateway controller (MGC)/IP Multimedia Subsystem (IMS) have been configured.

Background Information

2024-09-17 243
MA5800 Product Documentation

Remote Service Function Remarks


Verification
Method

PPPoE emulation By emulating PPPoE terminal software, an ONU PPPoE dialup emulation requires a service
dialup dials up and interacts with the BRAS, to verify the flow that does not belong to a QinQ VLAN.
connectivity between the ONT and BRAS. The user name, password, and authentication
mode must be configured on the BRAS before
the PPPoE dialup emulation starts.
An ONU supports a maximum of one PPPoE
dialup emulation.

Call emulation An ONU emulates a call to check whether the voice An ONU can emulate a caller or callee in an
service configurations are correct. The call emulation test. A functional phone is
emulation function can also be used to locate faults required in the central office where the
when a voice service is faulty. acceptance personnel is.
An ONU can emulate the caller and callee
simultaneously in an emulation test. No
phone is required in the test.
An ONU supports a maximum of one call
emulation.

Procedure
 Verify the Internet access service using PPPoE dialup emulation.
The user name, password, and authentication mode required by the emulation test must be consistent with
those configured on the BRAS.

1. In global config mode, start an emulation test by running the pppoe simulate start command.

2. Query the emulation test information by running the display pppoe simulate info command.

3. Terminate the emulation test by running the pppoe simulate stop command.

 Verify the voice service using call emulation.


When an ONU simultaneously emulates the caller and the callee in an emulation test, retain the parameter
settings as default. To query default values, run the display pots emulational configuration command.
Assume that:

 Caller port: 0/3/0

 Called port: 0/3/15

 Called number: 12345616

1. Start an emulation test.

huawei(config)#test
huawei(config-test)#pots emulational-call caller-port 0/3/0 callee-port 0/3/15 callee-telno 12345616

2. The ONU outputs the call emulation result after the test is complete.
The ONU outputs the call emulation result and failure of the cause if the emulation test fails.

2024-09-17 244
MA5800 Product Documentation

1.3.4 FTTB/C Networking (GPON&XG-PON&XGS-PON


Networking, xDSL Access, Without HGW)
FTTB/C Networking (GPON&XG-PON&XGS-PON Networking, xDSL Access, Without HGW)

In this kind of networking, an optical network unit (ONU) supports x digital subscriber line (xDSL) and plain old
telephone service (POTS) access and provides Internet access and voice over IP (VoIP) services. This topic
describes the OLT and ONU configurations required for commissioning Internet access and voice services.

Context

There are two xPON configuration modes: distributed mode (also called discrete mode) and profile mode. The
difference between the two modes lies in command lines.

 Distributed mode: In this mode, ONUs need to be configured one by one but not in batches.

 Profile mode: In this mode, an ONU line profile and service profile are configured first. Then, ONUs can be
added in batches by binding profiles. This mode greatly improves service provisioning efficiency.

Generally, the xPON configuration mode is determined in a new deployment on the OLT and will not be changed.

For commands for the distributed configuration mode, see PON distributed-mode commands in the OLT Command Reference.

The description of this topic is based on the mode below.


Mode Query Method

GPON profile mode (system default) On the OLT:


huawei(config)#diagnose
huawei(diagnose)%%display xpon mode
-------------------------------------------
Current config mode: Profile-mode
-------------------------------------------

Service Requirements and Application Scenarios

Generally, Fiber-to-the-building (FTTB) applies to high-density residential areas or commercial centers. Users can access
service aggregation nodes using the local area network (LAN) and x digital subscriber line (xDSL). Fiber-to-the-curb
(FTTC) applies to low-density residential areas such as villas. xDSL is mainly used in the FTTC scenario because the
subscribers are as far as 300 m to 3000 m from the fiber distribution terminal.

Configuration Procedure

Adding an ONU to an OLT

Services can be configured for an ONU only after the ONU is successfully added to an OLT.

Configuring the Management Channel Between the OLT and the ONU

After the inband management channel between the OLT and the ONU is configured and available, you can log in to the ONU
from the OLT to configure the ONU.

2024-09-17 245
MA5800 Product Documentation

Configuring the Service Channel Between the OLT and the ONU

Various service flows can be configured on the OLT for different services so that service packets on the ONU can be
forwarded at Layer 2 according to the planned VLAN and forwarding policies.

Configuring the Internet Access Service (ADSL2+ Access, on the ONU)

This topic describes how to configure the Internet access service for ADSL2+ users on an optical network unit (ONU).

Configuring SuperVector (on the ONU)

SuperVector references VDSL2 profile 35b. Due to the increased operating frequency, inter-line crosstalk becomes more
prominent. Therefore, it is recommended that vectoring be enabled.

Configuring Link Aggregation, Congestion Control, and Security Policies

The global configuration of upstream link aggregation and queue scheduling based on priorities ensures service reliability.
The global configuration of security policies ensures service security.

Verifying Services

In the Fiber-to-the-building (FTTB) scenario, optical network units (ONUs) are installed in buildings that are far from the
central equipment room. ONUs support methods of remote service verification such as Point-to-Point Protocol over
Ethernet (PPPoE) dialup emulation and call emulation. Remote site verification eliminates the need to go to site for a
second time.

1.3.4.1 Service Requirements and Application Scenarios


Service Requirements and Application Scenarios

Generally, Fiber-to-the-building (FTTB) applies to high-density residential areas or commercial centers. Users can
access service aggregation nodes using the local area network (LAN) and x digital subscriber line (xDSL). Fiber-to-
the-curb (FTTC) applies to low-density residential areas such as villas. xDSL is mainly used in the FTTC scenario
because the subscribers are as far as 300 m to 3000 m from the fiber distribution terminal.

Service Requirements

Only Internet access service and VoIP service are needed and there is no multicast requirement.
To reuse the existing phone lines and overcome the challenges caused by long distance between ONUs and
subscribers, FTTB/C with xDSL access is recommended.

Application Scenario

As shown in Figure 1, an ONU is deployed in the building corridor, the curb (fiber distribution terminal), or at
home through twisted wires.

 Internet access service: A modem at the subscriber's house allows for high-speed Internet access. The
subscriber needs to dial up on a computer for authentication because the modem is a Layer 2 device. Each

2024-09-17 246
MA5800 Product Documentation

subscriber has a unique account. The broadband remote access server (BRAS) manages and authenticates
subscribers.

 Voices service: The voice module built in an ONU can provide voice over IP (VoIP) services.

Figure 1 FTTB/C networking diagram (xDSL)

1.3.4.2 Configuration Procedure


Configuration Procedure

Figure 1 shows the configuration roadmap diagram in the FTTB and FTTC networking scenarios using xDSL access
without HGWs.

Figure 1 Configuration Roadmap Diagram in the FTTB and FTTC Networking Scenarios Using xDSL Access Without
HGWs

The following table lists the configuration procedure.

2024-09-17 247
MA5800 Product Documentation

Item Procedure Remarks

OLT Add an ONU on the OLT. Services can be configured for an ONU only after the ONU is successfully added to
an OLT.

Configure the management After the inband management channel between the OLT and the ONU is
channel between the OLT configured and available, you can log in to the ONU from the OLT to configure the
and the ONU. ONU.

Configure the service channel Service channels, such as Internet access service channel, are set up on the OLT so
between the OLT and the that services on the ONU can be normally forwarded.
ONU.

ONU Configure the Internet access NOTE:


service. Different ONUs have different ports, including ADSL2+, VDSL2, G.fast and
VDSL2/G.fast vectoring ports, for the Internet access. Select an appropriate
configuration method according to the port type.

Configure the VoIP service. NOTE:


The H.248 and SIP protocols are mutually exclusive for the VoIP service. Only one of
them is configured at a time.

OLT Configure the link The global configuration of upstream link aggregation and queue scheduling
ONU aggregation, congestion based on priorities ensures service reliability. The global configuration of security
control, and security policy. policies ensures service security.

ONU Verify the services. The ONU provides remote verification methods including PPPoE dialup emulation
and call emulation for configuration and commissioning engineers to verify
services remotely after service configuration, avoiding a second on-site operation.

1.3.4.3 Adding an ONU to an OLT


Adding an ONU to an OLT

Services can be configured for an ONU only after the ONU is successfully added to an OLT.

Context

 When an ONU is added, desired profiles, including the dynamic bandwidth allocation (DBA) profile, line
profile, and alarm profile, must be bound to the ONU. For details about functions and configuration methods
for these profiles, see Table 1.
Table 1 Introduction to ONU profiles

Profile Function Command


Type

DBA A DBA profile describes GPON traffic parameters. A T-CONT is bound to a DBA Query a DBA profile.
profile profile for dynamic bandwidth allocation, improving upstream bandwidth display dba-profile
utilization. Add a DBA profile. dba-
profile add

Line A line profile describes binding between the T-CONT and the DBA profile, the Query a line profile. display
profile QoS mode of the service flow, and mapping between the GEM port and the ont-lineprofile
ONU-side service. Add a line profile. ont-
lineprofile add

Alarm An alarm profile contains a series of alarm threshold parameters that are used Query an alarm profile.

2024-09-17 248
MA5800 Product Documentation

Table 1 Introduction to ONU profiles

Profile Function Command


Type

profile for performance measurement and monitoring of the activated ONT lines. display gpon alarm-
profile
Add an alarm profile. gpon
alarm-profile add

 An ONU can be added in two modes. Select either mode as required.


Mode Usage Scenario Command

Add an ONU The ONU password or Run the ont add command to add an ONU.
offline. serial number (SN) is
obtained.

Online Both the ONU password In the GPON mode, run the port ont-auto-find command to enable the
confirm an and SN are not obtained. ONU auto-discovery function of a GPON port and then run the ont confirm
ONU. command to add an ONU.

Data Plan

Table 2 Data plan

Item Data

DBA profile NOTE:

All configuration items are provided here. Select desired ones based on service types.

Profile name: fttb_dba_mngt


Profile type: Type1
Fixed bandwidth: 1 Mbit/s
Profile name: fttb_dba_voip
Profile type: Type1
Fixed bandwidth: 4 Mbit/s
Profile name: fttb_dba_hsi
Profile type: Type4
Maximum bandwidth: 512 Mbit/s
Profile name: fttb_dba_vod
Profile type: Type3
Assured bandwidth: 8 Mbit/s
Maximum bandwidth: 16 Mbit/s
Profile name: fttb_dba_iptv
Profile type: Type3
Assured bandwidth: 8 Mbit/s
Maximum bandwidth: 16 Mbit/s

Line profile NOTE:

All configuration items are provided here. Select desired ones based on service types.

2024-09-17 249
MA5800 Product Documentation

Table 2 Data plan

Item Data

Profile name: fttb(c)


Profile ID: 10
T-CONT ID used by the management service: 4
T-CONT ID used by the voice service: 5
T-CONT ID used by the Internet access service: 6
T-CONT ID used by the VoD service: 7
T-CONT ID used by the IPTV service: 8

Network topology data PON port: 0/1/1


ONT ID: 1

Procedure

1. Configure GPON ONU profiles.

All configuration items are provided here. Select desired ones based on service types.

a. Configure a DBA profile.

huawei(config)#dba-profile add profile-name fttb_dba_mngt type1 fix 1024


huawei(config)#dba-profile add profile-name fttb_dba_voip type1 fix 4096
huawei(config)#dba-profile add profile-name fttb_dba_hsi type4 max 524288
huawei(config)#dba-profile add profile-name fttb_dba_vod type3 assure 8192 max 16384
huawei(config)#dba-profile add profile-name fttb_dba_iptv type3 assure 8192 max 16384

b. Configure an ONU line profile.

i. Add GPON ONU line profile 10 fttb(c).

huawei(config)#ont-lineprofile gpon profile-id 10 profile-name fttb(c)

The ID of the line profile to be created must not exist in the system, and the line profile must be created
according to the data plan. In this example, line profile 10 is used.

ii. In the line profile mode, bind the T-CONT to the DBA profile.

huawei(config-gpon-lineprofile-10)#tcont 4 dba-profile-name fttb_dba_mngt


huawei(config-gpon-lineprofile-10)#tcont 5 dba-profile-name fttb_dba_voip
huawei(config-gpon-lineprofile-10)#tcont 6 dba-profile-name fttb_dba_hsi
huawei(config-gpon-lineprofile-10)#tcont 7 dba-profile-name fttb_dba_vod
huawei(config-gpon-lineprofile-10)#tcont 8 dba-profile-name fttb_dba_iptv

iii. In the line profile mode, create a GEM port for each T-CONT.
QoS policies must be configured for various service flows. For details about QoS data plan, see
Principle of QoS Planning .

2024-09-17 250
MA5800 Product Documentation

huawei(config-gpon-lineprofile-10)#gem add 11 eth tcont 4 //Create GEM port 11 for T-CONT 4. Use the
same method to create other GEM ports.
huawei(config-gpon-lineprofile-10)#gem add 12 eth tcont 5
huawei(config-gpon-lineprofile-10)#gem add 13 eth tcont 6
huawei(config-gpon-lineprofile-10)#gem add 14 eth tcont 6
huawei(config-gpon-lineprofile-10)#gem add 15 eth tcont 7
huawei(config-gpon-lineprofile-10)#gem add 16 eth tcont 8

iv. Configure mapping between the GEM port and the ONU-side service.
Set the mode for mapping a GEM port to an ONU-side service to VLAN (default mode). Map
management service flows with C-VLAN 8 to GEM port 11, voice service flows with C-VLAN
200 to GEM port 12, Internet access service flows with C-VLANs 1001-1016 to GEM ports 13
and 14, VoD service flows with C-VLAN 300 to GEM port 15, and IPTV service flows with C-
VLAN 1000 to GEM port 16.

huawei(config-gpon-lineprofile-10)#gem mapping 11 0 vlan 8


huawei(config-gpon-lineprofile-10)#gem mapping 12 0 vlan 200
huawei(config-gpon-lineprofile-10)#gem mapping 13 0 vlan 1001
......
huawei(config-gpon-lineprofile-10)#gem mapping 13 7 vlan 1008
huawei(config-gpon-lineprofile-10)#gem mapping 14 0 vlan 1009
......
huawei(config-gpon-lineprofile-10)#gem mapping 14 7 vlan 1016
huawei(config-gpon-lineprofile-10)#gem mapping 15 0 vlan 300
huawei(config-gpon-lineprofile-10)#gem mapping 16 0 vlan 1000

v. After the configuration is completed, run the commit command to make the configured
parameters take effect.

huawei(config-gpon-lineprofile-10)#commit
huawei(config-gpon-lineprofile-10)#quit

c. (Optional) Add an alarm profile.

 The ID of the default GPON alarm profile is 1. The thresholds for all the alarm parameters in the
default alarm profile are 0, which indicates that no alarm is generated.

 In this example, the default alarm profile is used. Therefore the configuration of the alarm
profile is not required.

2. Add an ONU to an OLT.


Assume that the ID of GPON port 0/1/1 is 1, SN is 32303131B39FD641, management mode is SNMP, and
the bound line profile is fttb(c). Connect the ONU to such a GPON port through the optical splitter.
There are two modes to add an ONT: add an ONT offline and confirm an automatically discovered ONU.

 Add an ONU offline.

huawei(config)#interface gpon 0/1

2024-09-17 251
MA5800 Product Documentation

huawei(config-if-gpon-0/1)#ont add 1 ontid 1 sn-auth 32303131B39FD641

snmp ont-lineprofile-name fttb(c)

 Confirm an automatically discovered ONU.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#port 1 ont-auto-find enable
huawei(config-if-gpon-0/1)#display ont autofind 1
huawei(config-if-gpon-0/1)#ont confirm 1 ontid 1 sn-auth 32303131B39FD641

snmp ont-lineprofile-name fttb(c)

a. (Optional) Bind the alarm profile to the ONU.


By default, alarm profile 1 is automatically bound to an ONU. A non-default alarm profile is bound
manually only when the default one does not meet the requirement.
In this example, the default alarm profile 1 is used and therefore the configuration of the alarm profile
is not required.

3. Check the ONU status.


After an ONU is added, run the display ont info command to query the current status of the ONU. Ensure
that Config flag of the ONU is active, Run State is online, and Config state is normal.

huawei(config-if-gpon-0/1)#display ont info 1 1


---------------------------------------------------------------------
F/S/P : 0/1/1
ONT-ID :1
Control flag : active //The ONU is activated.
Run state : online //The ONU is online.
Config state : normal //The ONU configurations are recovered normally.
...//The rest of the response information is not provided here.
huawei(config-if-gpon-0/1)#quit

Follow-up Procedure

When Config state is failed, Run state is offline, or Match state is mismatch:

 If Control flag is deactive, run the ont active command in GPON mode to activate the ONU.

 If Run state is offline, a physical line may be broken or the optical module may be damaged. Check the line
and the optical module.

 If Config state is failed, the configured ONU capability exceeds the actual ONU capability. In this case, run the
display ont failed-configuration command in the diagnose mode to check the failed configuration item and
the failure cause. Then, rectify the fault accordingly.

 If the ONU does not match (Match state is mismatch), the port types and number of ports do not match the
actual port types and number of ports supported by the ONU. In this case, run the display ont capability
command to query the actual capability of the ONU, and then select one of the following modes to modify the
ONU configuration:

2024-09-17 252
MA5800 Product Documentation

 Create a proper ONU profile according to the actual capability of the ONU, and then run the ont modify
command to modify the configuration data of the ONU.

 Modify the ONU profile according to the actual capability of the ONU and save the modification. Then, the
ONU automatically recovers the configuration successfully.

1.3.4.4 Configuring the Management Channel Between the OLT


and the ONU
Configuring the Management Channel Between the OLT and the ONU

After the inband management channel between the OLT and the ONU is configured and available, you can log in to
the ONU from the OLT to configure the ONU.

Data plan

Item Data Remarks

Management VLAN and Management VLAN ID: 8 To configure the MDU from the OLT by remote logging in to the
management IP address Management VLAN MDU, the management VLAN of the OLT and that of the MDU must
on the OLT side type: smart VLAN be the same, and the management IP address of the OLT and that of
Inband management IP the MDU must be in the same network segment.
address:
192.168.50.1/24

Management VLAN and Management VLAN ID: 8


management IP address Management VLAN
on the ONU side type: smart VLAN
Inband management IP
address:
192.168.50.2/24

Procedure
1. Configure the inband management VLAN and IP address of the OLT.
Configure the inband management VLAN to 8, VLAN priority to 6, and the IP address to 192.168.50.1/24.

huawei(config)#vlan 8 smart
huawei(config)#port vlan 8 0/9 0
huawei(config)#vlan priority 8 6
huawei(config)#interface vlanif 8
huawei(config-if-vlanif8)#ip address 192.168.50.1 24
huawei(config-if-vlanif8)#quit

2. Configure the inband management VLAN and IP address of the ONU.


Configure the static IP address of the ONU to 192.168.50.2/24, gateway to 192.168.50.254, and the
management VLAN ID to 8 (the same as the management VLAN of the OLT).

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont ipconfig 1 1 static ip-address 192.168.50.2 mask 255.255.255.0 gateway

192.168.50.254 vlan 8

2024-09-17 253
MA5800 Product Documentation

huawei(config-if-gpon-0/1)#quit

3. Configure an inband management service port.


Configure the management service port ID to 1, management VLAN ID to 8, GEM port ID to 11, and user-side
VLAN ID to 8. The OLT does not limit inband management service flows. Therefore, it is recommended that
you use default traffic profile 6.

huawei(config)#service-port 1 vlan 8 gpon 0/1/1 ont 1 gemport 11 multi-service

user-vlan 8 rx-cttr 6 tx-cttr 6


4. Confirm that the management channel between the OLT and the ONU is available.

 On the OLT, run the ping 192.168.50.2 command to check the connectivity between the OLT and the
ONU. The ICMP ECHO-REPLY packet from the ONU should be received.

 On the OLT, You can remotely log in to the ONU to perform the configuration.

1.3.4.5 Configuring the Service Channel Between the OLT and


the ONU
Configuring the Service Channel Between the OLT and the ONU

Various service flows can be configured on the OLT for different services so that service packets on the ONU can be
forwarded at Layer 2 according to the planned VLAN and forwarding policies.

Context

Service flows can be added in two modes, as described in Table 1. Select either mode as required.
Table 1 Adding service flows

Mode Command Remarks

Add service flows service-port -


one by one.

Add service flows multi-service- You need to specify the ontid + gemindex to identify a service flow and ensure that
in batches. port the number of GEM ports is the same as the number of VLANs on the user side.

Data plan

Item Data Remarks

Internet OLT VLAN ID: Assume that the split ratio of the optical splitter is 1:32, the ONU is
access connected to port 1 on the optical splitter using the optical cable, and the
C-VLAN ID: 256 x GPON port ID
service user PC is connected to port 1 on the ONU. In this case, the inner VLAN is
+ 32 x Split ratio x (Splitter
258 according to the formula for calculating the inner VLAN.
port ID - 1) + ONU port ID + 1
For details about the data plan, see Principle of Internet Access Service
S-VLAN: VLAN ID 100 and Data Plan .
attribute stacking
Upstream VLANs of the ONU:
1001-1016
Service flow ID: 101

2024-09-17 254
MA5800 Product Documentation

Item Data Remarks

VoIP OLT VLAN ID (VLAN For details about the data plan, see Principle of VoIP Service Data Plan .
service transparently transmitting the
ONU service): 200
ONU VLAN ID: 200
Service flow ID: 201

Procedure

 Configure a channel for the Internet access service.

1. Configure the service VLAN and add the upstream port to this VLAN.
Configure the S-VLAN ID to 100, VLAN type to smart VLAN, and VLAN attribute to stacking. Add
upstream port 0/9/0 to VLAN 100.

huawei(config)#vlan 100 smart


huawei(config)#vlan attrib 100 stacking
huawei(config)#port vlan 100 0/9 0

2. Configure the corresponding traffic profile.


The 802.1p priority for the Internet access service is 0 and the traffic profile is unlimited. You can run
the display traffic table ip command to query the traffic profile in the system. Use traffic profile 6.

huawei(config)#display traffic table ip from-index 0

3. Configure service flows to receive and transparently transmits the Internet access service from the
ONU.
According to the data plan,

 For the OLT: The S-VLAN ID is 100, inner VLAN ID is 258. The user-side VLAN ID of the OLT is the
upstream VLAN ID of the ONU, that is, 1001. The Internet access service uses GEM port 13.

 For the ONU: The upstream VLAN ID is 1001.

huawei(config)#service-port 101 vlan 100 gpon 0/1/1 ont 1 gemport 13 multi-service

user-vlan 1001 tag-transform translate-and-add inner-vlan 258 rx-cttr 6 tx-cttr 6


 Configure a channel for the VoIP service.

1. Configure the service VLAN and add the upstream port to this VLAN.
Configure the S-VLAN ID to 200 and VLAN type to smart VLAN. Add upstream port 0/9/0 to VLAN 200.

huawei(config)#vlan 200 smart


huawei(config)#port vlan 200 0/9 0

2. Configure the corresponding traffic profile.


The 802.1p priority of the VoIP service is 5 and the traffic profile is unlimited. You can run the display
traffic table ip command to query the traffic profile in the system. If the existing traffic profile does not
meet data plan requirements, a new traffic profile is required.
New traffic profile 9 is added. In the command execution, priority-policy is local-setting, which
indicates that service packets are scheduled by the priority specified in the traffic profile.

2024-09-17 255
MA5800 Product Documentation

huawei(config)#traffic table ip index 9 cir off priority 5 priority-policy local-setting

3. Configure service flows to receive and transparently transmits the VoIP service from the ONU.
According to the data plan,

 For the OLT: The S-VLAN ID is 200. The user-side VLAN ID of the OLT is the upstream VLAN ID of
the ONU, that is, 200. The VoIP service uses GEM port 12.

 For the ONU: The upstream VLAN ID is 200.

huawei(config)#service-port 201 vlan 200 gpon 0/1/1 ont 1 gemport 12 multi-service

user-vlan 200 rx-cttr 9 tx-cttr 9

1.3.4.6 Configuring the Internet Access Service (ADSL2+


Access, on the ONU)
Configuring the Internet Access Service (ADSL2+ Access, on the ONU)

This topic describes how to configure the Internet access service for ADSL2+ users on an optical network unit
(ONU).

Context

The description of this topic is based on the mode below.


Mode Query Method

ADSL2+ common mode (RFC2662 mode) On the ONU:


huawei(config)#diagnose
huawei(diagnose)%%display xdsl mode
-------------------------------------------
ADSL Current mode : rfc2662
VDSL Current mode : tr129
--------------------------------------------

ADSL2+ ports working in normal mode (that is, RFC 2662 mode) need to bind an ADSL2+ line profile and an
ADSL2+ alarm profile. For the functions and configurations of each profile, see Table 1.
Table 1 ADSL2+ profile

Profile Function Configuration


Type

ADSL2+ An ADSL2+ line profile provides the following parameters: The system has four default profiles
line (profile 1, profile 1022, profile 1023,
profile ADSL/ADSL2+ working mode
and profile 1024) for activation of
Channel mode ADSL2+ ports in different conditions.
Upstream/Downstream line rate Profile 1 is used for activation of
common ADSL ports.
Upstream/Downstream interleave depth
Profile 1022 is used for fast activation
Noise margin
of ADSL ports.
When an ADSL2+ port is activated, the central office (CO) and the
Profile 1023 is used for long-reach
customer premises equipment (CPE) negotiate based on the
activation of existing ADSL ports.
parameters configured in the ADSL2+ line profile, to determine
whether the ADSL2+ port can work in the normal state in these Profile 1024 is used for activation of
conditions.

2024-09-17 256
MA5800 Product Documentation

Table 1 ADSL2+ profile

Profile Function Configuration


Type

ports on ADSL2+ boards.


Commands:
To query: display adsl line-profile
To add: adsl line-profile add or adsl
line-profile quickadd

ADSL2+ Values to be configured in an ADSL2+ line alarm profile are Commands:


alarm thresholds within any 15 minutes. When the statistics of an item
profile reach the threshold, the system informs the device of the event and To query: display adsl alarm-profile
sends alarms to the NMS. To add: adsl alarm-profile add or
adsl alarm-profile quickadd

Data Plan

The following table provides key information about the Internet access service (ADSL2+ access).
Item Data Remarks

Traffic profile ID: 8 A traffic profile implements rate-limiting.


CIR: 4 Mbit/s
VLAN priority: 0
Downstream priority policy: local-
setting

VPI/VCI of VPI: 0 Internet service providers (ISPs) provide VPI/VCI


ADSL2+ users VCI: 35 information.

ADSL2+ line ID: 1024 (default); key parameters: A traffic profile or an ADSL2+ line profile can implement rate-
profile limiting on ADSL2+ ports. This example uses a default traffic
Working mode: full compatibility profile.
Channel working mode: interleaved
Maximum upstream/downstream rate
(kbit/s): 24544/1024

ADSL2+ alarm ID: 1 (default) The system does not check whether parameter thresholds are
profile crossed and so does not report alarms.

Procedure

1. Log in to the ONU to perform the configuration.


You can remote log in to the ONU from the OLT to perform the configuration.

2. Configure a traffic profile.


You can run the display traffic table ip command to query the traffic profiles existing in the system. If the
traffic profiles existing in the system do not meet the requirements, you need to run the traffic table ip
command to add a traffic profile.

2024-09-17 257
MA5800 Product Documentation

Add traffic profile 8 and set the committed information rate (CIR) to 4 Mbit/s. The priority for upstream
packets is 0, and downstream packets are scheduled based on the priority specified in the traffic profile.

huawei(config)#traffic table ip index 8 cir 4096 priority 0 priority-policy local-setting

3. Create service VLANs.


Create service VLANs 1001-1016 in batches whose type is smart and attribute is common (the service VLAN
IDs must be consistent with the user VLAN IDs of the OLT). Add the service VLANs to upstream port 0/0/1.

huawei(config)#vlan 1001-1016 smart


huawei(config)#port vlan 1001-1016 0/0 1

4. Add a service port.

Assume that the VPI/VCI of users is 0/35 and the VLAN ID is 1001. Add a service port as follows:

//Create service port 101, bind port 0/2/0 to it, set VPI/VCI to 0/35, and bind traffic profile 8 to the user VLAN./
huawei(config)#service-port 101 vlan 1001 adsl 0/2/0 vpi 0 vci 35 multi-service user-vlan untagged rx-cttr 8 tx-cttr
8

5. (Optional) Configure an ADSL2+ line profile.

 Configure an ADSL2+ line profile only when the default one does not meet requirements.

 This example uses the default ADSL2+ line profile (ID: 1024).

6. (Optional) Configure an ADSL2+ alarm profile.


This example uses the default ADSL2+ alarm profile (ID: 1).

7. Bind an ADSL2+ line profile and an ADSL2+ alarm profile, and activate the ADSL2+ port.
For example, bind ADSL2+ line profile 1024 and ADSL2+ alarm profile 1, and activate ADSL2+ port 0/2/0.

huawei(config)#interface adsl 0/2


huawei(config-if-adsl-0/2)#deactivate 0
huawei(config-if-adsl-0/2)#alarm-config 0 1
huawei(config-if-adsl-0/2)#activate 0 profile-index 1024

1.3.4.7 Configuring SuperVector (on the ONU)


Configuring SuperVector (on the ONU)

SuperVector references VDSL2 profile 35b. Due to the increased operating frequency, inter-line crosstalk becomes
more prominent. Therefore, it is recommended that vectoring be enabled.

Data Plan

Table 1 Data planning table

Configuration Item Data

Traffic profile ID: 8


Assured rate: 4 Mbit/s
VLAN priority: 0

2024-09-17 258
MA5800 Product Documentation

Table 1 Data planning table

Configuration Item Data

Downstream priority policy: local-setting

VDSL mode TR129

SuperVector parameters SuperVector profile ID: 3 (profile 35b)


Retransmission: enable.

Rollback mode of profile 35b: roll back to profile 17a

Vectoring parameters Bandplan type: 998ade


US0 type: type-a

Policy of configuring the number of ports frequently going online and offline: no-limit

Procedure

1. Log in to the ONU to perform the configuration.


You can remote log in to the ONU from the OLT to perform the configuration.

2. Configure a traffic profile.


You can run the display traffic table ip command to query the traffic profiles existing in the system. If the
traffic profiles existing in the system do not meet the requirements, you need to run the traffic table ip
command to add a traffic profile.
Add traffic profile 8 and set the committed information rate (CIR) to 4 Mbit/s. The priority for upstream
packets is 0, and downstream packets are scheduled based on the priority specified in the traffic profile.

huawei(config)#traffic table ip index 8 cir 4096 priority 0 priority-policy local-setting

3. Create service VLANs.


Create service VLANs 1001-1016 in batches whose type is smart and attribute is common (the service VLAN
IDs must be consistent with the user VLAN IDs of the OLT). Add the service VLANs to upstream port 0/0/1.

huawei(config)#vlan 1001-1016 smart


huawei(config)#port vlan 1001-1016 0/0 1

4. Add a service port.

Assume that the VDSL2 mode is PTM, VLAN ID is 1001, the port is 0/1/0, and user-side VLAN is untagged.
To create service flow 101, perform the following configurations:

huawei(config)#service-port 101 vlan 1001 vdsl mode ptm 0/1/0 multi-service user-vlan

untagged rx-cttr 8 tx-cttr 8

5. Configure SuperVector profile parameters.

huawei(config)#vdsl line-profile quickadd 3 snr 60 0 300 60 0 300 mode-specific 1 vdsl-parameter 9 35 u0-used


transmit-power 145 145 g.998.4-rtx-mode 1 1
huawei(config)#vdsl channel-profile quickadd 3 path-mode ptm retransmission phyr-ds enable phyr-us enab inp 4 2
rate 32 500000 32 100000

2024-09-17 259
MA5800 Product Documentation

huawei(config)#vdsl line-template quickadd 3 line 3 channel1 3 100 100

6. Configure the rollback mode of VDSL2 G.993.2 profile 35b. If the CPE connected to the port does not support
the 35b mode, the line is automatically activated in the configured fallback mode. By default, the profile is
rolled back to profile 17a.

huawei(config)#xdsl g.993.2profile fallback-35b 0x40

7. Bind the line template and the alarm profile, and activate the SuperVector port.

huawei(config)#interface vdsl 0/1


huawei(config-if-vdsl-0/1)#deactivate 0
huawei(config-if-vdsl-0/1)#activate 0 template-index 3
huawei(config-if-vdsl-0/1)#alarm-config 0 1
huawei(config-if-vdsl-0/1)#quit

8. Configure vectoring parameters and enable vectoring.

huawei(config)#xdsl vectoring bandplan-type 998ade us0-type type-a


huawei(config)#xdsl frequent-retrain-control 0/1/0 control-policy no-limit
huawei(config)#xdsl vectoring enable

1.3.4.8 Configuring Link Aggregation, Congestion Control, and


Security Policies
Configuring Link Aggregation, Congestion Control, and Security Policies

The global configuration of upstream link aggregation and queue scheduling based on priorities ensures service
reliability. The global configuration of security policies ensures service security.

Context

On the OLT, link aggregation provides a higher bandwidth and uplink reliability for optical line terminals (OLTs)
by aggregating multiple uplink Ethernet ports to one link aggregation group (LAG). Link aggregation is
recommended.
Congestion control places the packets to be sent from a port into multiple queues that are marked with different
priorities. Then, the packets are sent based on queue priorities. Congestion control is recommended.

Security policies ensure system, user, and service security.

Enable a service security function based on the service type. For details, see Principle of Security Data Plan .

Procedure

 Configure link aggregation.


On the OLT, the following configurations are used as an example to configure link aggregation:

 Upstream ports 0/9/0 and 0/9/1 are added to a LAG.

2024-09-17 260
MA5800 Product Documentation

 The two ports send packets upstream based on the packets' source MAC addresses.

 The LAG works in Link Aggregation Control Protocol (LACP) static aggregation mode.

huawei(config)#link-aggregation 0/9 0-1 ingress workmode lacp-static

 Configure queue scheduling.


On both the OLT and optical network units (ONUs), according to quality of service (QoS) planning principles,
all packets are scheduled in strict priority (SP) mode and mapped to queues according to the packets'
priorities. For details about QoS planning principles, see Principle of QoS Planning .

huawei(config)#queue-scheduler strict-priority
huawei(config)#cos-queue-map cos0 0 cos4 4 cos5 5 cos6 6

 Configure system security.

 Enable deny of service (DoS) anti-attack on both the OLT and ONUs.

1. Run the security anti-dos enable command to globally enable DoS anti-attack.

2. Run the security anti-dos control-packet policy command to configure a protocol packet
processing policy that will be used when a DoS attack occurs.

3. Run the security anti-dos control-packet rate command to configure the threshold for the rate
of sending protocol packets to the CPU.

 Enable IP address anti-attack on both the OLT and ONUs.


Run the security anti-ipattack enable command to enable IP address anti-attack.

 Configure user security.

 Enable MAC address anti-flapping on both the OLT and ONUs.


Run the security anti-macduplicate enable command to enable MAC address anti-flapping.

 Enable MAC address anti-spoofing on both the OLT and ONUs.

1. In global config mode, run the security anti-macspoofing enable command to globally enable
MAC address anti-spoofing.

2. Enable MAC address anti-spoofing at VLAN level in global config mode or service profile mode:

a. In global config mode, run the security anti-macspoofing vlan command to enable MAC
address anti-spoofing.

b. Perform the following operations to enable MAC address anti-spoofing in service profile
mode:

i. In global config mode, run the vlan service-profile command to create a VLAN
service profile.

ii. Run the security anti-macspoofing enable command to enable MAC address anti-
spoofing at VLAN level.

iii. Run the commit command to make the profile configuration take effect.

2024-09-17 261
MA5800 Product Documentation

iv. Run the quit command to quit the VLAN service profile mode.

v. Run the vlan bind service-profile command to bind the created VLAN service
profile to a VLAN.

3. (Optional) Run the security anti-macspoofing max-mac-count command to set the maximum
number of MAC addresses that can be bound to a service flow.

4. (Optional) Run the security anti-macspoofing exclude command to configure the types of
packets for which MAC address anti-spoofing does not take effect, such as Internet Group
Management Protocol (IGMP) packets.

 Enable IP address anti-spoofing on ONUs.

IP address anti-spoofing can be enabled or disabled at three levels: global, VLAN, and service port levels.
This function takes effect only after it is enabled at the three levels. Among the three levels, IP address
anti-spoofing is disabled only at the global level by default.

1. In global config mode, run the security anti-ipspoofing enable command to enable IP address
anti-spoofing at the global level.

2. In VLAN service profile mode, run the security anti-ipspoofing enable command to enable IP
address anti-spoofing at the VLAN level.

3. Run the security anti-ipspoofing service-port serviceport-id enable command to enable IP


address anti-spoofing at the service port level.

 Configure service security.

 Enable Dynamic Host Configuration Protocol (DHCP) Option 82 on the OLT or ONUs. This configuration
is recommended for the DHCP-based Internet access service.

1. Enable DHCP Option 82 on the OLT or ONUs.


DHCP Option 82 can be enabled or disabled at four levels: global, port, VLAN, and service port
levels. This function takes effect only after it is enabled at the four levels. Among the four levels,
DHCP Option 82 is disabled only at the global level by default.

 The global level: In global config mode, run the dhcp option82 command to enable DHCP
Option 82 at the global level.
When you run this command, select the enable, forward, or rebuild parameter based on
site requirements. The three parameters can all enable DHCP Option 82 but provide different
packet processing policies on the OLT. For details, see the dhcp option82 command.

 The port level: In global config mode, run the dhcp option82 port or dhcp option82 board
command to enable DHCP Option 82 at the port level.

 The VLAN level:

a. In global config mode, run the vlan service-profile command to create a VLAN
service profile.

2024-09-17 262
MA5800 Product Documentation

b. Run the dhcp option82 enable command to enable DHCP Option 82 at the VLAN
level.

c. Run the commit command to make the profile configuration take effect.

d. Run the quit command to quit the VLAN service profile mode.

e. Run the vlan bind service-profile command to bind the created VLAN service profile
to a VLAN.

 The service port level: In global config mode, run the dhcp option82 service-port command
to enable DHCP Option 82 at the service port level.

2. On the OLT, run the dhcp-option82 permit-forwarding service-port command with the enable
parameter selected, to allow ONU DHCP packets to carry Option 82 information.

 Enable Policy Information Transfer Protocol (PITP) on both the OLT and ONUs. This configuration is
recommended for the PPPoE-based Internet access service.

1. Enable PITP on both the OLT and ONUs.


PITP can be enabled or disabled at four levels: global, port, VLAN, and service port levels. This
function takes effect only after it is enabled at the four levels. Among the four levels, PITP is
disabled only at the global level by default.

 The global level: In global config mode, run the pitp enable pmode, pitp forward pmode, or
pitp rebuild pmode command to enable PITP at the global level.
In the preceding commands, the enable, forward, and rebuild parameters can all enable
PITP but provide different packet processing policies on the OLT. Select one of them based
on site requirements. For details, see the pitp command.

 The port level: In global config mode, run the pitp port or pitp board command to enable
PITP at the port level.

 The VLAN level:

a. In global config mode, run the vlan service-profile command to create a VLAN
service profile.

b. Run the pitp enable command to enable PITP at the VLAN level.

c. Run the commit command to make the profile configuration take effect.

d. Run the quit command to quit the VLAN service profile mode.

e. Run the vlan bind service-profile command to bind the created VLAN service profile
to a VLAN.

 The service port level: In global config mode, run the pitp service-port command to enable
PITP at the service port level.

2. On the OLT, run the pitp permit-forwarding service-port command with the enable parameter
selected, to allow ONU PPPoE packets to carry a vendor tag.

2024-09-17 263
MA5800 Product Documentation

1.3.4.9 Verifying Services


Verifying Services

In the Fiber-to-the-building (FTTB) scenario, optical network units (ONUs) are installed in buildings that are far
from the central equipment room. ONUs support methods of remote service verification such as Point-to-Point
Protocol over Ethernet (PPPoE) dialup emulation and call emulation. Remote site verification eliminates the need
to go to site for a second time.

Prerequisites

ONUs are properly connected to upper-layer devices. The broadband remote access server (BRAS) and media
gateway controller (MGC)/IP Multimedia Subsystem (IMS) have been configured.

Background Information

Remote Service Function Remarks


Verification
Method

PPPoE emulation By emulating PPPoE terminal software, an ONU PPPoE dialup emulation requires a service
dialup dials up and interacts with the BRAS, to verify the flow which does not belong to a QinQ VLAN.
connectivity between the ONT and BRAS. The user name, password, and authentication
mode must be configured on the BRAS before
the PPPoE dialup emulation starts.
An ONU supports a maximum of one PPPoE
dialup emulation.

Call emulation An ONU emulates a call to check whether the voice An ONU can emulate a caller or callee in an
service configurations are correct. The call emulation test. A functional phone is
emulation function can also be used to locate faults required in the central office where the
when a voice service is faulty. acceptance personnel is.
An ONU can emulate the caller and callee
simultaneously in an emulation test. No
phone is required in the test.
An ONU supports a maximum of one call
emulation.

Procedure

 Verify the Internet access service using PPPoE dialup emulation.


The user name, password, and authentication mode required by the emulation test must be consistent with
those configured on the BRAS.

1. In global config mode, start an emulation test by running the pppoe simulate start command.

2. Query the emulation test information by running the display pppoe simulate info command.

3. Terminate the emulation test by running the pppoe simulate stop command.

 Verify the voice service using call emulation.

2024-09-17 264
MA5800 Product Documentation

When an ONU simultaneously emulates the caller and the callee in an emulation test, retain the parameter
settings as default. To query default values, run the display pots emulational configuration command.
Assume that:

 Caller port: 0/3/0

 Called port: 0/3/15

 Called number: 12345616

1. Start an emulation test.

huawei(config)#test
huawei(config-test)#pots emulational-call caller-port 0/3/0 callee-port 0/3/15 callee-telno 12345616

2. The ONU outputs the call emulation result after the test is complete.
The ONU outputs the call emulation result and failure of the cause if the emulation test fails.

1.3.5 FTTB/C+HGW Networking (GPON&XG-PON&XGS-PON


Networking, ONU Providing the VoIP Service)
FTTB/C+HGW Networking (GPON&XG-PON&XGS-PON Networking, ONU Providing the VoIP Service)

The home gateway (HGW) provides Internet access and Internet Protocol television (IPTV) services. The services
are sent upstream to the optical network unit (ONU) over a local area network (LAN) or x digital subscriber line
(xDSL). The Integrated Access Device (IAD) in the ONU provides voice services.

Context
There are two xPON configuration modes: distributed mode (also called discrete mode) and profile mode. The
difference between the two modes lies in command lines.

 Distributed mode: In this mode, ONUs need to be configured one by one but not in batches.

 Profile mode: In this mode, an ONU line profile and service profile are configured first. Then, ONUs can be
added in batches by binding profiles. This mode greatly improves service provisioning efficiency.

Generally, the xPON configuration mode is determined in a new deployment on the OLT and will not be changed.

For commands for the distributed configuration mode, see PON distributed-mode commands in the OLT Command Reference.

The description of this topic is based on the mode below.


Mode Query Method

GPON profile mode (system default) On the OLT:


huawei(config)#diagnose
huawei(diagnose)%%display xpon mode
-------------------------------------------
Current config mode: Profile-mode
-------------------------------------------

Service Requirements and Application Scenarios

2024-09-17 265
MA5800 Product Documentation

Configuration Procedure

Adding an ONU to an OLT

Services can be configured for an ONU only after the ONU is successfully added to an OLT.

Configuring the Management Channel Between the OLT and the ONU

After the inband management channel between the OLT and the ONU is configured and available, you can log in to the ONU
from the OLT to configure the ONU.

Configuring the Service Channel Between the OLT and the ONU

This topic describes how to configure service channels between an optical line terminal (OLT) and an optical network unit
(ONU) on a gigabit-capable passive optical network (GPON). After channels for involved service types are configured on an
OLT to which an ONU is connected, packets of the service types from the ONU can be forwarded based on planned VLANs
and policies at Layer 2.

Configuring the Internet Access Service (LAN Access, on the ONU)

This topic describes how to configure the Internet access service for home gateway (HGW) users on an optical network
unit (ONU) when HGWs are connected upstream to the ONU through local area networks (LANs).

Configuring H.248 Voice Service (on the ONU)

This topic describes how to configure the voice service on the ONU based on the H.248 protocol to provide the high quality
and low cost VoIP service for users.

Configuring SIP Voice Service (on the ONU)

This topic describes how to configure voice services based on the Session Initiation Protocol (SIP) on an optical network
unit (ONU). The voice over IP (VoIP) services have high quality, but require low cost.

Configuring the IPTV Service (on the ONU)

This topic describes how to configure the video on demand (VoD) service and multicast service for home gateway (HGW)
users on an optical network unit (ONU) when HGWs are connected upstream to the ONU through local area networks
(LANs) or in xDSL mode.

Configuring Link Aggregation, Congestion Control, and Security Policies

The global configuration of upstream link aggregation and queue scheduling based on priorities ensures service reliability.
The global configuration of security policies ensures service security.

Configuring the Internet Access Service (on the HGW)

This topic describes how to configure the Internet access service on home gateways (HGWs) that use the LAN or xDSL for
upstream transmission. This configuration enables home users to access Internet at high speeds through PCs.

Configuring the IPTV Service (on the HGW)

2024-09-17 266
MA5800 Product Documentation

This topic describes how to configure the IPTV service on high gateways (HGWs) that use LAN or xDSL for upstream
transmission. This configuration enables home users to watch IPTV programs using STBs and TVs.

Verifying Services

This topic describes how to verify service configurations in the FTTB+HGW networking (ONU providing the VoIP service).
In this scenario, the ONUs are placed in the building far away from the central office. The ONUs provide remote service
verification methods including PPPoE dialup emulation, call emulation, and multicast emulation for configuration and
commissioning engineers to verify services remotely after services are configured.

1.3.5.1 Service Requirements and Application Scenarios


Service Requirements and Application Scenarios

Service Requirements

A gigabit-capable passive optical network (GPON) should be capable of delivering triple play service over Category
5 cables or twisted pairs. Service requirements are described as follows:

 Sharing of Internet access among multiple computers in the household

 Access of multiple phones in the household

 Internet Protocol (IPTV) services (program preview or watch) enabled by set-top boxes (STB)

 Independent provisioning of Internet access, voice, and IPTV services

 Ensured service security:

 Internet access services protected against unauthorized access, hijacking or unauthorized borrowing of
user accounts, MAC/IP spoofing, and malicious attack

 Voice and IPTV services protected against MAC/IP spoofing, malicious attack, and traffic flooding attack

 Easy fault location and service maintenance

Application Scenario

As shown in Figure 1, a GPON optical line terminal (OLT) is deployed at the central office (CO), where services are
converged into the metropolitan area network. An optical network unit (ONU) is deployed in the building corridor
or the curb (fiber distribution terminal). Service access ports are provided by the local area network (LAN) or the
home gateway (HGW) of an x digital subscriber line (xDSL) upstream.

 An HGW sends services upstream to an ONU through ETH or xDSL ports, and provides Internet services for
downstream subscribers through fast Ethernet (FE) ports or WiFi, and IPTV services through FE ports.

 The HGW has Layer 3 functions (such as PPPoE dialup and NAT), which enable multiple PCs of a family to
access the Internet at the same time (NAT is short for network address translation).

 Set-top boxes (STB) are connected to HGWs to provide IPTV services (program preview and watch).

2024-09-17 267
MA5800 Product Documentation

 The integrated access device (IAD) in an ONU provides at least one plain old telephone service (POTS)
interface, which allows for access of multiple phones in the household.

Figure 1 GPON FTTB+HGW networking Diagram (voice, Internet access and IPTV services)

1.3.5.2 Configuration Procedure


Configuration Procedure

Figure 1 shows the configuration roadmap diagram in the FTTB+HGW networking scenarios (ONU providing the
VoIP service).

Figure 1 Configuration Roadmap Diagram in the FTTB+HGW Networking Scenarios (ONU Providing the VoIP Service)

2024-09-17 268
MA5800 Product Documentation

The following table lists the configuration procedure.


Item Procedure Remarks

OLT Add an ONU on the OLT. Services can be configured for an ONU only after the ONU is successfully added to
an OLT.

Configure the management After the inband management channel between the OLT and the ONU is configured
channel between the OLT and available, you can log in to the ONU from the OLT to configure the ONU.
and the ONU.

Configure the service Service channels, such as Internet access service channel, are set up on the OLT so
channel between the OLT that services on the ONU can be normally forwarded.
and the ONU.

ONU Configure the Internet NOTE:


access service. Different ONUs have different ports, including LAN, ADSL2+, VDSL2, and VDSL2
vectoring ports, for the Internet access. Select an appropriate configuration method
according to the port type.

Configure the VoIP service. NOTE:


The H.248 and SIP protocols are mutually exclusive for the VoIP service. Only one of
them is configured at a time.

Configure the IPTV service. IPTV services include the VoD and multicast services that are different in
configuration procedures and need to be configured separately.

OLT Configure the link The global configuration of upstream link aggregation and queue scheduling based
ONU aggregation, congestion on priorities ensures service reliability. The global configuration of security
control, and security policy. policies ensures service security.

2024-09-17 269
MA5800 Product Documentation

Item Procedure Remarks

HGW Configure the Internet HGWs have different models and appearances but their configuration procedures
access service on the HGW. are similar. This topic uses the HG239 that uses LAN for upstream transmission
and the HG527 uses ADSL2+ for upstream transmission as examples.
NOTE:

Vectoring is supported by the HG612 and HG622 only.

Configure the IPTV service -


on the HGW.

ONU Verify the services. The ONU provides remote verification methods including PPPoE dialup emulation,
call emulation and multicast emulation for the commissioning and configuration
engineers to verify services remotely after service configuration, avoiding a second
on-site operation.

1.3.5.3 Adding an ONU to an OLT


Adding an ONU to an OLT

Services can be configured for an ONU only after the ONU is successfully added to an OLT.

Context

 When an ONU is added, desired profiles, including the dynamic bandwidth allocation (DBA) profile, line
profile, and alarm profile, must be bound to the ONU. For details about functions and configuration methods
for these profiles, see Table 1.
Table 1 Introduction to ONU profiles

Profile Function Command


Type

DBA A DBA profile describes GPON traffic parameters. A T-CONT is bound to a DBA Query a DBA profile.
profile profile for dynamic bandwidth allocation, improving upstream bandwidth display dba-profile
utilization. Add a DBA profile. dba-
profile add

Line A line profile describes binding between the T-CONT and the DBA profile, the Query a line profile. display
profile QoS mode of the service flow, and mapping between the GEM port and the ont-lineprofile
ONU-side service. Add a line profile. ont-
lineprofile add

Alarm An alarm profile contains a series of alarm threshold parameters that are used Query an alarm profile.
profile for performance measurement and monitoring of the activated ONT lines. display gpon alarm-
profile
Add an alarm profile. gpon
alarm-profile add

 An ONU can be added in two modes. Select either mode as required.


Mode Usage Scenario Command

Add an ONU The ONU password or Run the ont add command to add an ONU.
offline. serial number (SN) is
obtained.

2024-09-17 270
MA5800 Product Documentation

Mode Usage Scenario Command

Online Both the ONU password In the GPON mode, run the port ont-auto-find command to enable the
confirm an and SN are not obtained. ONU auto-discovery function of a GPON port and then run the ont confirm
ONU. command to add an ONU.

Data Plan

Table 2 Data plan

Item Data

DBA profile NOTE:

All configuration items are provided here. Select desired ones based on service types.

Profile name: fttb_dba_mngt


Profile type: Type1
Fixed bandwidth: 1 Mbit/s
Profile name: fttb_dba_voip
Profile type: Type1
Fixed bandwidth: 4 Mbit/s
Profile name: fttb_dba_hsi
Profile type: Type4
Maximum bandwidth: 512 Mbit/s
Profile name: fttb_dba_vod
Profile type: Type3
Assured bandwidth: 8 Mbit/s
Maximum bandwidth: 16 Mbit/s
Profile name: fttb_dba_iptv
Profile type: Type3
Assured bandwidth: 8 Mbit/s
Maximum bandwidth: 16 Mbit/s

Line profile NOTE:

All configuration items are provided here. Select desired ones based on service types.

Profile name: fttb(c)


Profile ID: 10
T-CONT ID used by the management service: 4
T-CONT ID used by the voice service: 5
T-CONT ID used by the Internet access service: 6
T-CONT ID used by the VoD service: 7
T-CONT ID used by the IPTV service: 8

Network topology data PON port: 0/1/1


ONT ID: 1

Procedure

2024-09-17 271
MA5800 Product Documentation

1. Configure GPON ONU profiles.

All configuration items are provided here. Select desired ones based on service types.

a. Configure a DBA profile.

huawei(config)#dba-profile add profile-name fttb_dba_mngt type1 fix 1024


huawei(config)#dba-profile add profile-name fttb_dba_voip type1 fix 4096
huawei(config)#dba-profile add profile-name fttb_dba_hsi type4 max 524288
huawei(config)#dba-profile add profile-name fttb_dba_vod type3 assure 8192 max 16384
huawei(config)#dba-profile add profile-name fttb_dba_iptv type3 assure 8192 max 16384

b. Configure an ONU line profile.

i. Add GPON ONU line profile 10 fttb(c).

huawei(config)#ont-lineprofile gpon profile-id 10 profile-name fttb(c)

The ID of the line profile to be created must not exist in the system, and the line profile must be created
according to the data plan. In this example, line profile 10 is used.

ii. In the line profile mode, bind the T-CONT to the DBA profile.

huawei(config-gpon-lineprofile-10)#tcont 4 dba-profile-name fttb_dba_mngt


huawei(config-gpon-lineprofile-10)#tcont 5 dba-profile-name fttb_dba_voip
huawei(config-gpon-lineprofile-10)#tcont 6 dba-profile-name fttb_dba_hsi
huawei(config-gpon-lineprofile-10)#tcont 7 dba-profile-name fttb_dba_vod
huawei(config-gpon-lineprofile-10)#tcont 8 dba-profile-name fttb_dba_iptv

iii. In the line profile mode, create a GEM port for each T-CONT.
QoS policies must be configured for various service flows. For details about QoS data plan, see
Principle of QoS Planning .

huawei(config-gpon-lineprofile-10)#gem add 11 eth tcont 4 //Create GEM port 11 for T-CONT 4. Use the
same method to create other GEM ports.
huawei(config-gpon-lineprofile-10)#gem add 12 eth tcont 5
huawei(config-gpon-lineprofile-10)#gem add 13 eth tcont 6
huawei(config-gpon-lineprofile-10)#gem add 14 eth tcont 6
huawei(config-gpon-lineprofile-10)#gem add 15 eth tcont 7
huawei(config-gpon-lineprofile-10)#gem add 16 eth tcont 8

iv. Configure mapping between the GEM port and the ONU-side service.
Set the mode for mapping a GEM port to an ONU-side service to VLAN (default mode). Map
management service flows with C-VLAN 8 to GEM port 11, voice service flows with C-VLAN
200 to GEM port 12, Internet access service flows with C-VLANs 1001-1016 to GEM ports 13
and 14, VoD service flows with C-VLAN 300 to GEM port 15, and IPTV service flows with C-
VLAN 1000 to GEM port 16.

2024-09-17 272
MA5800 Product Documentation

huawei(config-gpon-lineprofile-10)#gem mapping 11 0 vlan 8


huawei(config-gpon-lineprofile-10)#gem mapping 12 0 vlan 200
huawei(config-gpon-lineprofile-10)#gem mapping 13 0 vlan 1001
......
huawei(config-gpon-lineprofile-10)#gem mapping 13 7 vlan 1008
huawei(config-gpon-lineprofile-10)#gem mapping 14 0 vlan 1009
......
huawei(config-gpon-lineprofile-10)#gem mapping 14 7 vlan 1016
huawei(config-gpon-lineprofile-10)#gem mapping 15 0 vlan 300
huawei(config-gpon-lineprofile-10)#gem mapping 16 0 vlan 1000

v. After the configuration is completed, run the commit command to make the configured
parameters take effect.

huawei(config-gpon-lineprofile-10)#commit
huawei(config-gpon-lineprofile-10)#quit

c. (Optional) Add an alarm profile.

 The ID of the default GPON alarm profile is 1. The thresholds for all the alarm parameters in the
default alarm profile are 0, which indicates that no alarm is generated.

 In this example, the default alarm profile is used. Therefore the configuration of the alarm
profile is not required.

2. Add an ONU to an OLT.


Assume that the ID of GPON port 0/1/1 is 1, SN is 32303131B39FD641, management mode is SNMP, and
the bound line profile is fttb(c). Connect the ONU to such a GPON port through the optical splitter.
There are two modes to add an ONT: add an ONT offline and confirm an automatically discovered ONU.

 Add an ONU offline.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont add 1 ontid 1 sn-auth 32303131B39FD641

snmp ont-lineprofile-name fttb(c)

 Confirm an automatically discovered ONU.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#port 1 ont-auto-find enable
huawei(config-if-gpon-0/1)#display ont autofind 1
huawei(config-if-gpon-0/1)#ont confirm 1 ontid 1 sn-auth 32303131B39FD641

snmp ont-lineprofile-name fttb(c)

a. (Optional) Bind the alarm profile to the ONU.


By default, alarm profile 1 is automatically bound to an ONU. A non-default alarm profile is bound
manually only when the default one does not meet the requirement.
In this example, the default alarm profile 1 is used and therefore the configuration of the alarm profile
is not required.

2024-09-17 273
MA5800 Product Documentation

3. Check the ONU status.


After an ONU is added, run the display ont info command to query the current status of the ONU. Ensure
that Config flag of the ONU is active, Run State is online, and Config state is normal.

huawei(config-if-gpon-0/1)#display ont info 1 1


---------------------------------------------------------------------
F/S/P : 0/1/1
ONT-ID :1
Control flag : active //The ONU is activated.
Run state : online //The ONU is online.
Config state : normal //The ONU configurations are recovered normally.
...//The rest of the response information is not provided here.
huawei(config-if-gpon-0/1)#quit

Follow-up Procedure

When Config state is failed, Run state is offline, or Match state is mismatch:

 If Control flag is deactive, run the ont active command in GPON mode to activate the ONU.

 If Run state is offline, a physical line may be broken or the optical module may be damaged. Check the line
and the optical module.

 If Config state is failed, the configured ONU capability exceeds the actual ONU capability. In this case, run the
display ont failed-configuration command in the diagnose mode to check the failed configuration item and
the failure cause. Then, rectify the fault accordingly.

 If the ONU does not match (Match state is mismatch), the port types and number of ports do not match the
actual port types and number of ports supported by the ONU. In this case, run the display ont capability
command to query the actual capability of the ONU, and then select one of the following modes to modify the
ONU configuration:

 Create a proper ONU profile according to the actual capability of the ONU, and then run the ont modify
command to modify the configuration data of the ONU.

 Modify the ONU profile according to the actual capability of the ONU and save the modification. Then, the
ONU automatically recovers the configuration successfully.

1.3.5.4 Configuring the Management Channel Between the OLT


and the ONU
Configuring the Management Channel Between the OLT and the ONU

After the inband management channel between the OLT and the ONU is configured and available, you can log in to
the ONU from the OLT to configure the ONU.

Data plan

2024-09-17 274
MA5800 Product Documentation

Item Data Remarks

Management VLAN and Management VLAN ID: 8 To configure the MDU from the OLT by remote logging in to the
management IP address Management VLAN MDU, the management VLAN of the OLT and that of the MDU must
on the OLT side type: smart VLAN be the same, and the management IP address of the OLT and that of
Inband management IP the MDU must be in the same network segment.
address:
192.168.50.1/24

Management VLAN and Management VLAN ID: 8


management IP address Management VLAN
on the ONU side type: smart VLAN
Inband management IP
address:
192.168.50.2/24

Procedure

1. Configure the inband management VLAN and IP address of the OLT.


Configure the inband management VLAN to 8, VLAN priority to 6, and the IP address to 192.168.50.1/24.

huawei(config)#vlan 8 smart
huawei(config)#port vlan 8 0/9 0
huawei(config)#vlan priority 8 6
huawei(config)#interface vlanif 8
huawei(config-if-vlanif8)#ip address 192.168.50.1 24
huawei(config-if-vlanif8)#quit

2. Configure the inband management VLAN and IP address of the ONU.


Configure the static IP address of the ONU to 192.168.50.2/24, gateway to 192.168.50.254, and the
management VLAN ID to 8 (the same as the management VLAN of the OLT).

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont ipconfig 1 1 static ip-address 192.168.50.2 mask 255.255.255.0 gateway

192.168.50.254 vlan 8

huawei(config-if-gpon-0/1)#quit

3. Configure an inband management service port.


Configure the management service port ID to 1, management VLAN ID to 8, GEM port ID to 11, and user-side
VLAN ID to 8. The OLT does not limit inband management service flows. Therefore, it is recommended that
you use default traffic profile 6.

huawei(config)#service-port 1 vlan 8 gpon 0/1/1 ont 1 gemport 11 multi-service

user-vlan 8 rx-cttr 6 tx-cttr 6


4. Confirm that the management channel between the OLT and the ONU is available.

 On the OLT, run the ping 192.168.50.2 command to check the connectivity between the OLT and the
ONU. The ICMP ECHO-REPLY packet from the ONU should be received.

 On the OLT, You can remotely log in to the ONU to perform the configuration.

2024-09-17 275
MA5800 Product Documentation

1.3.5.5 Configuring the Service Channel Between the OLT and


the ONU
Configuring the Service Channel Between the OLT and the ONU

This topic describes how to configure service channels between an optical line terminal (OLT) and an optical
network unit (ONU) on a gigabit-capable passive optical network (GPON). After channels for involved service types
are configured on an OLT to which an ONU is connected, packets of the service types from the ONU can be
forwarded based on planned VLANs and policies at Layer 2.

Prerequisites

1. Adding an ONU to an OLT is performed.

2. Configuring the Management Channel Between the OLT and the ONU is performed.

Data Plan

The following table provides key information about the service channels between an OLT and an ONU.
Service Type VLAN Plan Remarks

Internet S-VLAN ID: 100; S-VLAN Plan the Internet access service in per user per service per VLAN
access service attribute: stacking (PUPSPV) mode and apply S-VLAN+C-VLAN to differentiate users.
C-VLAN ID: 1001-1016 For details, see Principle of Internet Access Service Data Plan .

VoIP service S-VLAN ID: 200 The voice over IP (VoIP) service is a carrier-operating, closed service
C-VLAN ID: 200 and primarily adopts only S-VLAN tags, which are transparently
transmitted by OLTs.
For details, see Principle of VoIP Service Data Plan .

VoD service S-VLAN ID: 300 Plan the video on demand (VoD) service in per user per VLAN (PUPV)
mode if possible, as the VoD service requires only a few VLAN
resources.
The VoD service is a carrier-operating, closed service and primarily
adopts only S-VLAN tags, which are transparently transmitted by OLTs.
For details, see Principle of IPTV Service Data Plan .

Multicast Multicast VLAN ID: 1000 The multicast service is a carrier-operating, closed service and
service Multicast cascading port: primarily adopts only S-VLAN tags.
0/1/1 For details, see Principle of IPTV Service Data Plan .
IGMP version: IGMPv3
IGMP mode: IGMP proxy
Multicast IP address range:
224.1.1.10-224.1.1.100
IP address of the multicast
server: 10.10.10.10/24

C-VLANs in the preceding table are defined for OLTs. That is, they are upstream VLANs or S-VLANs of ONUs.

Procedure

2024-09-17 276
MA5800 Product Documentation

 Configure a channel for the Internet access service.

1. Create an S-VLAN and add an upstream port to it.


Create S-VLAN 100 with the stacking attribute and add upstream port 0/9/0 to the S-VLAN.

huawei(config)#vlan 100 smart


huawei(config)#vlan attrib 100 stacking
huawei(config)#port vlan 100 0/9 0

2. Configure a traffic profile.


The 802.1p priority of the Internet access service is 0, and rate limitation is not required. To check
whether any existing traffic profile meets the requirements, run the display traffic table ip command.
In this example, the query result shows that traffic profile 6 meets the requirements, so no traffic
profile needs to be configured.

huawei(config)#display traffic table ip from-index 0

3. Configure a service flow for receiving and transparently transmitting the Internet access service from
the ONU side.
Configure a service flow with the GEM port ID being 13 and user-side VLAN ID being 1001 (example
value). The ONU is connected to GPON port 0/1/1, upstream and downstream traffic are rate-limited
on the ONU but not on the OLT, and traffic profile 6 is referenced.

huawei(config)#service-port vlan 100 gpon 0/1/1 ont 1 gemport 13 multi-service user-vlan 1001 tag-
transform translate-and-add rx-cttr 6 tx-cttr 6

 Configure a channel for the VoIP service.

1. Create an S-VLAN and add an upstream port to it.


Create S-VLAN 200 with the common attribute and add upstream port 0/9/0 to the S-VLAN.

huawei(config)#vlan 200 smart


huawei(config)#port vlan 200 0/9 0

2. Configure a traffic profile.


The 802.1p priority of the VoIP service is 5, and rate limitation is not required. To check whether any
existing traffic profile meets the requirements, run the display traffic table ip command. In this
example, the query result shows that no traffic profile meets the requirements, so a traffic profile needs
to be configured.
Add traffic profile 9 and set priority-policy to local-setting. Then, traffic is scheduled based on the
priority specified in the traffic profile.

huawei(config)#traffic table ip index 9 cir off priority 5 priority-policy local-setting

3. Configure a service flow for receiving and transparently transmitting the VoIP service from the ONU
side.
Configure a service flow with the GEM port ID being 12 and user-side VLAN ID being 200. The ONU is
connected to GPON port 0/1/1, upstream and downstream traffic are rate-limited on the ONU but not
on the OLT, and traffic profile 9 is referenced.

2024-09-17 277
MA5800 Product Documentation

huawei(config)#service-port vlan 200 gpon 0/1/1 ont 1 gemport 12 multi-service user-vlan 200 rx-cttr 9 tx-
cttr 9

 Configure a channel for the VoD service.

1. Create an S-VLAN and add an upstream port to it.


Create S-VLAN 300 with the common attribute and add upstream port 0/9/0 to the S-VLAN.

huawei(config)#vlan 300 smart


huawei(config)#port vlan 300 0/9 0

2. Configure a traffic profile.


The 802.1p priority of the VoD service is 4, and rate limitation is not required. To check whether any
existing traffic profile meets the requirements, run the display traffic table ip command. In this
example, the query result shows that no traffic profile meets the requirements, so a traffic profile needs
to be configured.
Add traffic profile 10 and set priority-policy to local-setting. Then, traffic is scheduled based on the
priority specified in the traffic profile.

huawei(config)#traffic table ip index 10 cir off priority 4 priority-policy local-Setting

3. Configure a service flow for the VoD service.


Configure a service flow with the GEM port ID being 15 and user-side VLAN ID being 300. The ONU is
connected to GPON port 0/1/1, upstream and downstream traffic are rate-limited on the ONU but not
on the OLT, and traffic profile 10 is referenced.

huawei(config)#service-port vlan 300 gpon 0/1/1 ont 1 gemport 15 multi-service user-vlan 300 rx-cttr 10 tx-
cttr 10

 Configure a channel for the multicast service.

1. Create an S-VLAN and add an upstream port to it.


Create S-VLAN 1000 with the common attribute and add upstream port 0/9/0 to the S-VLAN.

huawei(config)#vlan 1000 smart


huawei(config)#port vlan 1000 0/9 0

2. Configure a service flow for the multicast service.


Configure a service flow with the GEM port ID being 16 and user-side VLAN ID being 1000. ONT 1 is
connected to GPON port 0/1/1, upstream and downstream traffic are rate-limited on the ONU but not
on the OLT, and traffic profile 10 is referenced.

huawei(config)#service-port vlan 1000 gpon 0/1/1 ont 1 gemport 16 multi-service user-vlan 1000 rx-cttr 10
tx-cttr 10

3. Configure a multicast cascading port.


Set GPON port 0/1/1 as a multicast cascading port, ONU ID to 1, and GEM port 16 to carry the multicast
service.

huawei(config)#btv
huawei(config-btv)#igmp cascade-port 0/1/1 ontid 1 gemport-index 16

2024-09-17 278
MA5800 Product Documentation

4. Set the IGMP version.


Set the IGMP version to IGMPv3.

huawei(config)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp version v3

5. Set the IGMP mode.


Select the IGMP proxy mode.

huawei(config-mvlan1000)#igmp mode proxy


Are you sure to change IGMP mode?(y/n)[n]:y

6. Configure an IGMP upstream port.


Set the IGMP upstream port to port 0/9/0.

huawei(config-mvlan1000)#igmp uplink-port 0/9/0

7. Configure a program library.


Set the multicast IP address range to 224.1.1.10-224.1.1.100 and the IP address of the multicast server
to 10.10.10.10.

huawei(config-mvlan1000)#igmp program add batch ip 224.1.1.10 to-ip 224.1.1.100 sourceip 10.10.10.10

1.3.5.6 Configuring the Internet Access Service (LAN Access, on


the ONU)
Configuring the Internet Access Service (LAN Access, on the ONU)

This topic describes how to configure the Internet access service for home gateway (HGW) users on an optical
network unit (ONU) when HGWs are connected upstream to the ONU through local area networks (LANs).

Data Plan

The following table provides key information about the Internet access service (LAN access).
Item Data Remarks

Traffic ID: 8 -
profile CIR: 4 Mbit/s
VLAN priority: 0
Downstream priority policy: local-
setting

User VLAN Untagged HGWs can send untagged packets or packets with user VLAN
tags.
User VLAN ID: 1, 2, 3...

Procedure

1. Log in to the ONU to perform the configuration.


You can remote log in to the ONU from the OLT to perform the configuration.

2. Configure a traffic profile.

2024-09-17 279
MA5800 Product Documentation

You can run the display traffic table ip command to query the traffic profiles existing in the system. If the
traffic profiles existing in the system do not meet the requirements, you need to run the traffic table ip
command to add a traffic profile.
Add traffic profile 8 and set the committed information rate (CIR) to 4 Mbit/s. The priority for upstream
packets is 0, and downstream packets are scheduled based on the priority specified in the traffic profile.

huawei(config)#traffic table ip index 8 cir 4096 priority 0 priority-policy local-setting

3. Create service VLANs.


Create service VLANs 1001-1016 in batches whose type is smart and attribute is common (the service VLAN
IDs must be consistent with the user VLAN IDs of the OLT). Add the service VLANs to upstream port 0/0/1.

huawei(config)#vlan 1001-1016 smart


huawei(config)#port vlan 1001-1016 0/0 1

4. Add a service port.


Configurations for untagged packets and packets with user VLAN tags are different.

 For untagged packets, the configuration is as follows (assuming that the VLAN ID is 1001):

//Create service port 101, bind port 0/3/1 to it, set the user VLAN to untagged, and bind traffic profile 8 to the user
VLAN./
huawei(config)#service-port 101 vlan 1001 eth 0/3/1 multi-service user-vlan untagged rx-cttr 8 tx-cttr 8

 For packets with user VLAN tags, the configuration is as follows (assuming that the user VLAN ID is 10
and the VLAN ID is 1001):

//Create service port 101, bind port 0/3/1 to it, set the user VLAN ID to 10, and bind traffic profile 8 to the user
VLAN./
huawei(config)#service-port 101 vlan 1001 eth 0/3/1 multi-service user-vlan 10 rx-cttr 8 tx-cttr 8

1.3.5.7 Configuring H.248 Voice Service (on the ONU)


Configuring H.248 Voice Service (on the ONU)

This topic describes how to configure the voice service on the ONU based on the H.248 protocol to provide the high
quality and low cost VoIP service for users.

Prerequisites

 The media gateway controller (MGC) interface data and the PSTN user data corresponding to the media
gateway (MG) interface is configured on the MGC.

 Ensure that the Status of the voice board on the ONU is Normal by running the display board 0 command.

Precautions

1. An ONU supports both the H.248 and SIP protocols; however, these two protocols are mutually exclusive.
You can run the display protocol support command to query the currently supported voice protocol.

2024-09-17 280
MA5800 Product Documentation

2. If the voice protocol needs to be switched, you need to delete the global digitmap and the MG interface
(under H.248 protocol) or SIP interface (under SIP protocol) first and run the protocol support command
to switch the protocol. After the configuration is complete, save the configuration and restart the system to
make the configured protocol take effect.

This operation interrupts the ongoing services carried on the currently used MG/SIP interface. Hence, exercise caution when
performing this operation.

Data plan
For details about the data plan, see Principle of VoIP Service Data Plan .
Item Data

MG interface data Media and Media and 200


NOTE: signaling signaling upstream
parameters VLANs
The data configuration must be
the same as the data Media and 0/0/1
configuration on the MGC. signaling upstream
port

Media IP address 10.10.10.10/24


and signaling IP
address

Default gateway IP 10.10.10.1/24


address

MG interface ID 0

Signaling port ID 2944

IP address of the primary MGC 10.200.200.200/24

Port ID of the primary MGC 2944

Coding Text

Transmission mode UDP

H248 version that MG starts to 1 (the negotiation starts from V1)


negotiate

Voice user configuration data Phone number 12345601-12345616

Terminal identification Terminal layering is not supported and


the terminal identification ranges from
0 to 15.

User priority Cat2 for phone 1


Cat3 for phone 2 to phone 16 (default)

User type Common user (DEL user by default)

Common parameter System parameter Default value

2024-09-17 281
MA5800 Product Documentation

Item Data

Overseas parameter Default value

PSTN port attribute Polarity-reversal

Ringing current attribute Default value

Procedure

1. Log in to and configure the ONU.


You can remote log in to the ONU from the OLT to perform the configuration.

2. Configure the upstream VLAN interface.


Specify the upstream VLAN interface for the media stream and the signaling flows and configure the IP
addresses of the Layer 3 interface. These IP addresses are the sources of the IP address pools for the media
stream and the signaling flows.

a. Create an upstream VLAN.


The VLAN ID is 200 and the VLAN is a smart VLAN.

huawei(config)#vlan 200 smart

b. Add the upstream port to the created upstream VLAN.


Add upstream port 0/0/1 to VLAN 2000.

huawei(config)#port vlan 200 0/0 1

c. Configure the IP address of the Layer 3 interface.


Enter the VLAN interface mode and configure the lP address of the Layer 3 interface to 10.10.10.10

huawei(config)#interface vlanif 200


huawei(config-if-vlanif200)#ip address 10.10.10.10 24
huawei(config-if-vlanif200)#quit

3. Configure the media and signaling IP address pools.


Configure both the media IP address and signaling IP address to 10.10.10.10 and the MG IP address to
10.10.10.1.

huawei(config)#voip
huawei(config-voip)#ip address media 10.10.10.10 10.10.10.1
huawei(config-voip)#ip address signaling 10.10.10.10
huawei(config-voip)#quit

 You can configure the attributes of the MG interface only when the media IP address and the signaling IP address
exist in the media and signaling IP address pools.
 The media IP address can be different from the signaling IP address. Plan the data according to actual networking.

4. Configure static routes.

2024-09-17 282
MA5800 Product Documentation

Because the IP address of the VLAN interface and the IP address(10.200.200.200/24) of the MGC are in
different network segments, you need to configure a route for the network segment from gateway10.10.10.1
to 10.200.200.0.

huawei(config)#ip route-static 10.200.200.0 24 10.10.10.1

5. Add an MG interface.
Add an MG interface to communicate with the MGC, which ensures that the MGC can control the call
connection through the MG interface. Add MG interface 0 according to the data plan.

huawei(config)#interface h248 0
Are you sure to add MG interface?(y/n)[n]:y

6. Configure the attributes of the MG interface.


Pay attention to the following when configuring the attributes of the MG interface according to the data
plan:

 The MG interface is registered by the IP address (default mode) or domain name, which must be the
same as that on the MGC.

 The negotiated H.248 protocol version is V1, V2 or V3 (default value). The interface may fail to be
registered because some softswitches do not support V3.

huawei(config-if-h248-0)#if-h248 attribute mgip 10.10.10.10 mgport 2944 code text transfer udp primary-mgc-ip1
10.200.200.200 primary-mgc-port

2944 mg-media-ip1 10.10.10.10 start-negotiate-version 1

7. Reset the MG interface.

huawei(config-if-h248-0)#reset coldstart
Are you sure to reset MG interface?(y/n)[n]:y
huawei(config-if-h248-0)#quit

 You must cold reset the MG interface after configuring. Otherwise, the MG interface does not take effect.
 The MG interface can be cold reset only after parameters mgip, mgport, primary-mgc-ip1 (or mgc-domain-
name1), mgcport_1, code, transfer, and mg-media-ip are correctly configured.

8. Configure the PSTN user data.


Configure phone numbers of users 0/3/0-0/3/15 to 12345601-12345616 in batches and terminal
identification to 0-15.

 Phone numbers are used for only internal emergency standalone, that is, internal extensions call each
other. Actual phone numbers are assigned by the MGC.

 If the user of the MG interface is configured to support terminal layering, you need not configure the
terminal identification because the system automatically allocates it. If the user of the MG interface
does not support terminal layering, the terminal identification is mandatory. The terminal
identification must be unique on one MG interface.

2024-09-17 283
MA5800 Product Documentation

huawei(config)#esl user
huawei(config-esl-user)#mgpstnuser batadd 0/3/0 0/3/15 0 terminalid 0 telno 12345601

9. Configure the call priority of a PSTN user.

huawei(config-esl-user)#mgpstnuser modify 0/3/0 priority cat2


huawei(config-esl-user)#quit

10. Configure all the PSTN ports to support polarity reversal.


Configure the physical attributes of the PSTN port to which the users belong to support polarity reversal so
that the user supports polarity reversal accounting.

huawei(config)#pstnport
huawei(config-pstnport)#pstnport attribute batset 0/3/0 0/3/15 reverse-pole-pulse enable
huawei(config-pstnport)#quit

11. Save the data.

huawei(config)#save

1.3.5.8 Configuring SIP Voice Service (on the ONU)


Configuring SIP Voice Service (on the ONU)

This topic describes how to configure voice services based on the Session Initiation Protocol (SIP) on an optical
network unit (ONU). The voice over IP (VoIP) services have high quality, but require low cost.

Prerequisites

 The IP Multimedia Subsystem (IMS) interface data and public switched telephone network (PSTN) user data
corresponding to the SIP interface is configured on the IMS.

 Status of the voice board on the ONU is normal. (To verify board status, run the display board 0 command.)

Precautions

1. An ONU supports both the H.248 and SIP protocols; however, these two protocols are mutually exclusive.
You can run the display protocol support command to query the currently supported voice protocol.

2. If the voice protocol needs to be switched, you need to delete the global digitmap and the MG interface
(under H.248 protocol) or SIP interface (under SIP protocol) first and run the protocol support command
to switch the protocol. After the configuration is complete, save the configuration and restart the system to
make the configured protocol take effect.

This operation interrupts the ongoing services carried on the currently used MG/SIP interface. Hence, exercise caution when
performing this operation.

Data Plan

2024-09-17 284
MA5800 Product Documentation

For configuration rules and description of configuration items, see Principle of VoIP Service Data Plan .
Item Data

SIP interface data Media and signaling Media and signaling 200
NOTE: parameters upstream VLANs

(It must be the same as that on Media and signaling 0/0/1


the IMS core network device.) upstream port

Media IP address and 10.10.10.10/24


signaling IP address

Default gateway IP 10.10.10.1/24


address

SIP interface ID 0

Signaling port ID 5060

IP address of the main IMS equipment 10.200.200.200/24

Port ID of the main IMS equipment 5060

Transmission mode UDP

Home domain name (SIP) domainname123

Profile index (SIP) 1

Voice user configuration data Phone number 12345601-12345616

User priority Phone 1 indicates Cat2.


Phone 2 to phone 16 indicate
Cat3 (default value).

User type Common user (the DEL user by


default)

Common Parameter System parameter Default value

Overseas parameter Default value

PSTN port attribute Polarity-Reversing Pulse

Ringing current attribute Default value

Procedure

1. Log in to and configure the ONU.


You can remote log in to the ONU from the OLT to perform the configuration.

2. Configure the upstream VLAN interface.


Specify the upstream VLAN interface for the media stream and the signaling flows and configure the IP
addresses of the Layer 3 interface. These IP addresses are the sources of the IP address pools for the media
stream and the signaling flows.

a. Create an upstream VLAN.

2024-09-17 285
MA5800 Product Documentation

The VLAN ID is 200 and the VLAN is a smart VLAN.

huawei(config)#vlan 200 smart

b. Add the upstream port to the created upstream VLAN.


Add upstream port 0/0/1 to VLAN 2000.

huawei(config)#port vlan 200 0/0 1

c. Configure the IP address of the Layer 3 interface.


Enter the VLAN interface mode and configure the lP address of the Layer 3 interface to 10.10.10.10

huawei(config)#interface vlanif 200


huawei(config-if-vlanif200)#ip address 10.10.10.10 24
huawei(config-if-vlanif200)#quit

3. Configure the media and signaling IP address pools.


Set the media IP address and signaling IP address to 10.10.10.10, and the media gateway to 10.10.10.1.

huawei(config)#voip
huawei(config-voip)#ip address media 10.10.10.10 10.10.10.1
huawei(config-voip)#ip address signaling 10.10.10.10
huawei(config-voip)#quit

 Attributes of the SIP interface can be configured only when the media IP address and the signaling IP address
exist in the media and signaling IP address pools.
 The Media IP address and signaling IP address can be different. Data planning should be based on networking
requirements.

4. Configure static routes.


Because the IP address of the VLAN interface and that of theIMS (10.200.200.200/24) are in different
network segments, the configuredroutes must be from gateway 10.10.10.1 to the network segment
10.200.200.0.

huawei(config)#ip route-static 10.200.200.0 24 10.10.10.1

5. Add an SIP interface.


The SIP interface is used for IMS communication.

huawei(config)#interface sip 0
Are you sure to add the SIP interface?(y/n)[n]:y

6. Configure the basic attributes of the SIP interface.

huawei(config-if-sip-0)#if-sip attribute basic media-ip 10.10.10.10 signal-ip 10.10.10.10 signal-port 5060 transfer
udp primary-proxy-ip1 10.200.200.200 primary-proxy-port 5060 home-domain domainname123 sipprofile-index
1

7. (Optional) Configure the optional attributes of the SIP interface.

2024-09-17 286
MA5800 Product Documentation

Run the if-sip attribute optional command to configure the optional attributes, including the domain
name, description, register server uniform resource identifier (URI), phone context, and conference factory
URI of the SIP interface.

8. Reset the SIP interface.

huawei(config-if-sip-0)#reset
Are you sure to reset the SIP interface?(y/n)[n]:y
huawei(config-if-sip-0)#quit

9. Configure the SIP PSTN user data.


Configure in batches the phone numbers of users 0/3/0-0/3/15 to 12345601-12345616.

 To configure the data of a single SIP PSTN user, run the sippstnuser add command.
 To configure the data of multiple SIP PSTN users in batches, run the sippstnuser batadd command.

huawei(config)#esl user
huawei(config-esl-user)#sippstnuser batadd 0/3/0 0/3/15 0 telno 12345601

10. Configure call priorities for SIP PSTN users.

huawei(config-esl-user)#sippstnuser attribute set 0/3/0 priority cat2


huawei(config-esl-user)#quit

11. Configure all the PSTN ports to support polarity reversal.


Configure the physical attributes of the PSTN port to which the users belong to support polarity reversal so
that the user supports polarity reversal accounting.

huawei(config)#pstnport
huawei(config-pstnport)#pstnport attribute batset 0/3/0 0/3/15 reverse-pole-pulse enable
huawei(config-pstnport)#quit

12. Save the data.

huawei(config)#save

1.3.5.9 Configuring the IPTV Service (on the ONU)


Configuring the IPTV Service (on the ONU)

This topic describes how to configure the video on demand (VoD) service and multicast service for home gateway
(HGW) users on an optical network unit (ONU) when HGWs are connected upstream to the ONU through local area
networks (LANs) or in xDSL mode.

Data Plan

The following table provides key information about the IPTV service.
Item Data Remarks

Traffic profile ID: 10 -

2024-09-17 287
MA5800 Product Documentation

Item Data Remarks

CIR: off
VLAN priority: 4
Downstream priority
policy: local-setting

User VLAN in the scenario in which User VLAN ID: 1, 2, HGWs can send untagged packets or packets with
HGWs are upstream connected to an ONU 3... user VLAN tags.
through LANs

VPI/VCI of ADSL2+ users in the scenario VPI: 0 Internet service providers (ISPs) provide VPI/VCI
in which HGWs are connected upstream VCI: 35 information.
to an ONU in ADSL2+ mode

VDSL2 path mode in the scenario in PTM Both the central office and HGWs must support the
which HGWs are connected upstream to PTM mode.
an ONU in VDSL2 mode

VLAN ID of the VoD service 300 The VoD service is a carrier-operating, closed service
and primarily adopts only SVLAN tags, which are
transparently transmitted by OLTs.

Multicast VLAN ID of the ONU 1000 -

Multicast VLAN ID of HGWs 43 A carrier generally specifies a globally unique


multicast VLAN ID for HGWs.

Procedure

 Configure the VoD service.


Create VLAN 300 with the common attribute and add upstream port 0/0/1 to the VLAN.

huawei(config)#vlan 300 smart


huawei(config)#port vlan 300 0/0 1

Configure a traffic profile for the IPTV service.


The IEEE 802.1p priority of the IPTV service is 4, and rate limitation is not required. To check whether any
existing traffic profile meets the requirements, run the display traffic table ip command. In this example, the
query result shows that no traffic profile meets the requirements, so a traffic profile needs to be configured.
Add traffic profile 10 and set priority-policy to local-setting. Then, traffic is scheduled based on the priority
specified in the traffic profile.

huawei(config)#traffic table ip index 10 cir off priority 4 priority-policy local-setting

Configure a service flow for the VoD service.


Configurations vary according to upstream interface types of HGWs.

 If HGWs are connected to an ONU upstream through LANs and upstream packets contain user VLAN tags,
the ONU needs to perform a switch between user VLAN IDs and SVLAN IDs.
Assume that the user VLAN ID is 1 and the Ethernet port is 0/3/1. Add a service flow as follows:

huawei(config)#service-port 301 vlan 300 eth 0/3/1 multi-service user-vlan 1 rx-cttr 10 tx-cttr 10

 If HGWs are connected to an ONU upstream in ADSL2+ mode, upstream packets contain users' PVC
information so the ONU needs to perform a switch between PVC information and SVLAN IDs.

2024-09-17 288
MA5800 Product Documentation

Assume that the VPI/VCI is 0/35 and the ADSL2+ port is 0/2/0. Add a service flow as follows:

huawei(config)#service-port 301 vlan 300 adsl vpi 0 vci 35 0/2/0 multi-service user-vlan untagged rx-cttr 10 tx-
cttr 10

 If HGWs are connected to an ONU upstream in VDSL2 mode, formats of upstream packets depend on the
encapsulation mode.
Assume that the VDSL2 path mode is PTM mode, port is 0/1/0, and packets from the user VLAN are
untagged. Add a service flow as follows:

huawei(config)#service-port 301 vlan 300 vdsl mode ptm 0/1/0 multi-service user-vlan untagged rx-cttr 10 tx-
cttr 10

 Configure the multicast service.


Create multicast VLAN 1000 with the common attribute and add upstream port 0/0/1 to the multicast VLAN.

huawei(config)#vlan 1000 smart


huawei(config)#port vlan 1000 0/0 1

Set the IGMP version to IGMP v3.

huawei(config)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp version v3

Set the IGMP mode to IGMP proxy.

huawei(config-mvlan1000)#igmp mode proxy


Are you sure to change IGMP mode?(y/n)[n]:y

Configure the IGMP upstream port.

huawei(config-mvlan1000)#igmp uplink-port 0/0/1

Configure a program library. Set the multicast IP address range to 224.1.1.10-224.1.1.100 and the IP address
of the multicast server to 10.10.10.10.

huawei(config-mvlan1000)#igmp program add batch ip 224.1.1.10 to-ip 224.1.1.100 sourceip 10.10.10.10


huawei(config-mvlan1000)#quit

Configure a service flow for the multicast service.


Configurations vary according to upstream interface types of HGWs.

 If HGWs are connected to an ONU upstream through LANs, assume that the user VLAN ID is 43 and the
Ethernet port is 0/3/1, and add a service flow as follows:

huawei(config)#service-port 401 vlan 1000 eth 0/3/1 multi-service user-vlan 43 rx-cttr 10 tx-cttr 10

 If HGWs are connected to an ONU upstream in ADSL2+ mode, assume that the VPI/VCI is 0/35 and the
ADSL2+ port is 0/2/0, and add a service flow as follows:

huawei(config)#service-port 401 vlan 1000 adsl vpi 0 vci 35 0/2/0 multi-service user-vlan untagged rx-cttr 10
tx-cttr 10

 If HGWs are connected to an ONU upstream in VDSL2 mode, assume that the VDSL2 path mode is PTM
mode, the user VLAN ID is 43, and the VDSL2 port is 0/1/0, and add a service flow as follows:

2024-09-17 289
MA5800 Product Documentation

huawei(config)#service-port 401 vlan 1000 vdsl mode ptm 0/1/0 multi-service user-vlan 43 rx-cttr 10 tx-cttr 10

Configure a multicast user and add the user to the multicast VLAN.
Configure service flow 401 as a multicast user, add the user to multicast VLAN 1000, and adopt the no-auth
mode for the multicast user.

huawei(config-mvlan1000)#btv
huawei(config-btv)#igmp user add service-port 401 no-auth
huawei(config-btv)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp multicast-vlan member service-port 401
huawei(config-mvlan1000)#quit

1.3.5.10 Configuring Link Aggregation, Congestion Control,


and Security Policies
Configuring Link Aggregation, Congestion Control, and Security Policies

The global configuration of upstream link aggregation and queue scheduling based on priorities ensures service
reliability. The global configuration of security policies ensures service security.

Context

On the OLT, link aggregation provides a higher bandwidth and uplink reliability for optical line terminals (OLTs)
by aggregating multiple uplink Ethernet ports to one link aggregation group (LAG). Link aggregation is
recommended.
Congestion control places the packets to be sent from a port into multiple queues that are marked with different
priorities. Then, the packets are sent based on queue priorities. Congestion control is recommended.

Security policies ensure system, user, and service security.

Enable a service security function based on the service type. For details, see Principle of Security Data Plan .

Procedure
 Configure link aggregation.
On the OLT, the following configurations are used as an example to configure link aggregation:

 Upstream ports 0/9/0 and 0/9/1 are added to a LAG.

 The two ports send packets upstream based on the packets' source MAC addresses.

 The LAG works in Link Aggregation Control Protocol (LACP) static aggregation mode.

huawei(config)#link-aggregation 0/9 0-1 ingress workmode lacp-static

 Configure queue scheduling.

2024-09-17 290
MA5800 Product Documentation

On both the OLT and optical network units (ONUs), according to quality of service (QoS) planning principles,
all packets are scheduled in strict priority (SP) mode and mapped to queues according to the packets'
priorities. For details about QoS planning principles, see Principle of QoS Planning .

huawei(config)#queue-scheduler strict-priority
huawei(config)#cos-queue-map cos0 0 cos4 4 cos5 5 cos6 6

 Configure system security.

 Enable deny of service (DoS) anti-attack on both the OLT and ONUs.

1. Run the security anti-dos enable command to globally enable DoS anti-attack.

2. Run the security anti-dos control-packet policy command to configure a protocol packet
processing policy that will be used when a DoS attack occurs.

3. Run the security anti-dos control-packet rate command to configure the threshold for the rate
of sending protocol packets to the CPU.

 Enable IP address anti-attack on both the OLT and ONUs.


Run the security anti-ipattack enable command to enable IP address anti-attack.

 Configure user security.

 Enable MAC address anti-flapping on both the OLT and ONUs.


Run the security anti-macduplicate enable command to enable MAC address anti-flapping.

 Enable MAC address anti-spoofing on both the OLT and ONUs.

1. In global config mode, run the security anti-macspoofing enable command to globally enable
MAC address anti-spoofing.

2. Enable MAC address anti-spoofing at VLAN level in global config mode or service profile mode:

a. In global config mode, run the security anti-macspoofing vlan command to enable MAC
address anti-spoofing.

b. Perform the following operations to enable MAC address anti-spoofing in service profile
mode:

i. In global config mode, run the vlan service-profile command to create a VLAN
service profile.

ii. Run the security anti-macspoofing enable command to enable MAC address anti-
spoofing at VLAN level.

iii. Run the commit command to make the profile configuration take effect.

iv. Run the quit command to quit the VLAN service profile mode.

v. Run the vlan bind service-profile command to bind the created VLAN service
profile to a VLAN.

2024-09-17 291
MA5800 Product Documentation

3. (Optional) Run the security anti-macspoofing max-mac-count command to set the maximum
number of MAC addresses that can be bound to a service flow.

4. (Optional) Run the security anti-macspoofing exclude command to configure the types of
packets for which MAC address anti-spoofing does not take effect, such as Internet Group
Management Protocol (IGMP) packets.

 Enable IP address anti-spoofing on ONUs.

IP address anti-spoofing can be enabled or disabled at three levels: global, VLAN, and service port levels.
This function takes effect only after it is enabled at the three levels. Among the three levels, IP address
anti-spoofing is disabled only at the global level by default.

1. In global config mode, run the security anti-ipspoofing enable command to enable IP address
anti-spoofing at the global level.

2. In VLAN service profile mode, run the security anti-ipspoofing enable command to enable IP
address anti-spoofing at the VLAN level.

3. Run the security anti-ipspoofing service-port serviceport-id enable command to enable IP


address anti-spoofing at the service port level.

 Configure service security.

 Enable Dynamic Host Configuration Protocol (DHCP) Option 82 on the OLT or ONUs. This configuration
is recommended for the DHCP-based Internet access service.

1. Enable DHCP Option 82 on the OLT or ONUs.


DHCP Option 82 can be enabled or disabled at four levels: global, port, VLAN, and service port
levels. This function takes effect only after it is enabled at the four levels. Among the four levels,
DHCP Option 82 is disabled only at the global level by default.

 The global level: In global config mode, run the dhcp option82 command to enable DHCP
Option 82 at the global level.
When you run this command, select the enable, forward, or rebuild parameter based on
site requirements. The three parameters can all enable DHCP Option 82 but provide different
packet processing policies on the OLT. For details, see the dhcp option82 command.

 The port level: In global config mode, run the dhcp option82 port or dhcp option82 board
command to enable DHCP Option 82 at the port level.

 The VLAN level:

a. In global config mode, run the vlan service-profile command to create a VLAN
service profile.

b. Run the dhcp option82 enable command to enable DHCP Option 82 at the VLAN
level.

c. Run the commit command to make the profile configuration take effect.

d. Run the quit command to quit the VLAN service profile mode.

2024-09-17 292
MA5800 Product Documentation

e. Run the vlan bind service-profile command to bind the created VLAN service profile
to a VLAN.

 The service port level: In global config mode, run the dhcp option82 service-port command
to enable DHCP Option 82 at the service port level.

2. On the OLT, run the dhcp-option82 permit-forwarding service-port command with the enable
parameter selected, to allow ONU DHCP packets to carry Option 82 information.

 Enable Policy Information Transfer Protocol (PITP) on both the OLT and ONUs. This configuration is
recommended for the PPPoE-based Internet access service.

1. Enable PITP on both the OLT and ONUs.


PITP can be enabled or disabled at four levels: global, port, VLAN, and service port levels. This
function takes effect only after it is enabled at the four levels. Among the four levels, PITP is
disabled only at the global level by default.

 The global level: In global config mode, run the pitp enable pmode, pitp forward pmode, or
pitp rebuild pmode command to enable PITP at the global level.
In the preceding commands, the enable, forward, and rebuild parameters can all enable
PITP but provide different packet processing policies on the OLT. Select one of them based
on site requirements. For details, see the pitp command.

 The port level: In global config mode, run the pitp port or pitp board command to enable
PITP at the port level.

 The VLAN level:

a. In global config mode, run the vlan service-profile command to create a VLAN
service profile.

b. Run the pitp enable command to enable PITP at the VLAN level.

c. Run the commit command to make the profile configuration take effect.

d. Run the quit command to quit the VLAN service profile mode.

e. Run the vlan bind service-profile command to bind the created VLAN service profile
to a VLAN.

 The service port level: In global config mode, run the pitp service-port command to enable
PITP at the service port level.

2. On the OLT, run the pitp permit-forwarding service-port command with the enable parameter
selected, to allow ONU PPPoE packets to carry a vendor tag.

1.3.5.11 Configuring the Internet Access Service (on the HGW)


Configuring the Internet Access Service (on the HGW)

2024-09-17 293
MA5800 Product Documentation

This topic describes how to configure the Internet access service on home gateways (HGWs) that use the LAN or
xDSL for upstream transmission. This configuration enables home users to access Internet at high speeds through
PCs.

Context

Home users generally access the Internet in Point-to-Point Protocol over Ethernet (PPPoE) dial-up mode. PPPoE
dial-up can be performed on PCs or HGWs.
HGWs have different models and appearance and therefore, their configuration processes are not the same. This
topic describes how to configure the Internet access service on an HGW generally. The actual configuration varies
depending on different HGWs.

Procedure

1. Log in to the web configuration window.

a. Enter the default IP address in the address bar of the browser, and then press Enter.

b. In the login window, enter the user name and password (the default value is provided by ISP) of the
administrator and click OK.
To enhance system security, change the password to a password that meets security requirements
after the first successful login. It is recommended that you change the password periodically.

2. Set parameters for the Internet access service.

a. Choose Internet access service configuration from the navigation tree.


b. Set parameters for the Internet access service.
Parameter Value

Bearing service Internet

VLAN enabling Enabled: VLAN tags are added to upstream packets.


(Set this parameter when the HGW uses Disabled: VLAN tags are not added to upstream packets.
the LAN or VDSL2 for upstream NOTE:
transmission)
When Internet access service flows are created on the ONU, if the value of
uservlan is untagged, set this parameter to Disabled; otherwise, set it to
Enabled.

VLANID[1-4094] If VLAN enabling is set to Enabled, the values of UserVLAN, such as 1, 2, and
(Set this parameter when the HGW uses 3 and so on, map the values of uservlan when Internet access service flows
the LAN or VDSL2 for upstream are created on the ONU.
transmission)

VPI/VCI Set the VPI/VCI to be the same as that configured on the devices at the
(Set this parameter when the HGW uses central office. In this example, set this parameter to 0/35.
ADSL2+ for upstream transmission)

Mode PPPoE

c. Submit the configuration.

2024-09-17 294
MA5800 Product Documentation

1.3.5.12 Configuring the IPTV Service (on the HGW)


Configuring the IPTV Service (on the HGW)

This topic describes how to configure the IPTV service on high gateways (HGWs) that use LAN or xDSL for
upstream transmission. This configuration enables home users to watch IPTV programs using STBs and TVs.

Context
HGWs have different models and appearance and therefore, their configuration processes are not the same. This
topic describes how to configure the Internet access service on an HGW generally. The actual configuration varies
depending on different HGWs.

Procedure

1. Log in to the web configuration window.

a. Enter the default IP address in the address bar of the browser, and then press Enter.

b. In the login window, enter the user name and password (the default value is provided by ISP) of the
administrator and click OK.
To enhance system security, change the password to a password that meets security requirements
after the first successful login. It is recommended that you change the password periodically.

2. Set parameters for the multicast service.

a. Choose multicast service configuration from the navigation tree.


b. Set parameters for the multicast service.
Parameter Value

Bearing service OTHER: It is used for the IPTV service.

VLAN enabling Enabled: VLAN tags are added to upstream packets.


NOTE:
When multicast service flows are configured on the ONU, if the value of
uservlan is untagged, set this parameter to Disabled; otherwise, set it to
Enabled.

VLANID[1-4094] Multicast VLAN IDs on the HGW map the values of uservlan when multicast
service flows are created on the ONU.

VPI/VCI Set the VPI/VCI to be the same as that configured on the devices at the
(Set this parameter when the HGW uses central office. In this example, set this parameter to 0/35.
ADSL2+ for upstream transmission)

Binding item LAN4 (Example: LAN4 interface serves as the IPTV interface)

Mode Bridge

DHCP transparent transmission Enabled

c. Submit the configuration.

2024-09-17 295
MA5800 Product Documentation

1.3.5.13 Verifying Services


Verifying Services

This topic describes how to verify service configurations in the FTTB+HGW networking (ONU providing the VoIP
service). In this scenario, the ONUs are placed in the building far away from the central office. The ONUs provide
remote service verification methods including PPPoE dialup emulation, call emulation, and multicast emulation for
configuration and commissioning engineers to verify services remotely after services are configured.

Prerequisites
ONUs and upper-layer devices have been connected properly. The BRAS and MGC/IMS have been configured.

Background Information

The following table lists the remote verification methods for different services.

Currently, the VoD service does not support remote verification.

Remote Service Function Remarks


Verification
Method

PPPoE dialup An ONT emulates PPPoE user terminal software to PPPoE dialup emulation requires a service
emulation perform dialup and interact with the BRAS to verify the flow which does not belong to a QinQ
connectivity between the ONT and BRAS. VLAN.
A user name, password, and authentication
mode must be configured on the BRAS for
the PPPoE dialup emulation.
An ONU supports a maximum of one PPPoE
dialup emulation.

Call emulation An ONT emulates a VoIP user to make a call to check An ONU can emulate the caller or callee in
whether the VoIP service data is correctly configured. a call to a phone. Therefore, a functioning
You can also use the call emulation function to locate a phone is required in the central office
fault when the VoIP service is faulty. where the acceptance personnel is.
An ONU can emulate the caller and callee
simultaneously in an emulation test. No
phone is required in the test.
An ONU supports a maximum of one call
emulation.

Multicast This function enables you to emulate a multicast user The multicast service that is configured in
emulation going online and lead the program stream to an ONU. the dynamic controllable multicast mode
By querying the real-time traffic of the multicast does not support remote verification.
program, you can check whether the multicast function
is performing well.

Procedure
 Verify the Internet access service using PPPoE dialup emulation.

2024-09-17 296
MA5800 Product Documentation

The user name, password, and authentication mode required by the emulation test must be consistent with
those configured on the BRAS.

1. In global config mode, start an emulation test by running the pppoe simulate start command.

2. Query the emulation test information by running the display pppoe simulate info command.

3. Terminate the emulation test by running the pppoe simulate stop command.

 Verify the voice service using call emulation.


When an ONU simultaneously emulates the caller and the callee in an emulation test, retain the parameter
settings as default. To query default values, run the display pots emulational configuration command.
Assume that:

 Caller port: 0/3/0

 Called port: 0/3/15

 Called number: 12345616

1. Start an emulation test.

huawei(config)#test
huawei(config-test)#pots emulational-call caller-port 0/3/0 callee-port 0/3/15 callee-telno 12345616

2. The ONU outputs the call emulation result after the test is complete.
The ONU outputs the call emulation result and failure of the cause if the emulation test fails.

 Verify the multicast service using multicast emulation.


Assume that:

 Multicast service flow ID: 401

 Multicast VLAN: 1000

 IP address of the multicast program: 224.1.1.10

1. Order a multicast program by emulating a multicast user.

huawei(config)#btv
huawei(config-btv)#igmp static-join service-port 401 ip 224.1.1.10 vlan 1000

2. Query the status of the multicast user.

huawei(config-btv)#display igmp user service-port 401

3. Query the real-time traffic of the multicast program.

huawei(config-btv)#display multicast flow-statistic ip 224.1.1.10 vlan 1000

 Verify the VoD service.

1. Run the display mac-address service-port command on the ONU to query learned MAC addresses of
VoD users. The learned MAC addresses of VoD users indicate that services are functioning properly
between the ONU and VoD users.

2024-09-17 297
MA5800 Product Documentation

2. On the OLT, run the display mac-address vlan command to query the learned ONU MAC addresses.
The learned ONU MAC addresses indicate that services are functioning properly between the OLT and
ONUs.

1.3.6 FTTB/C+HGW Networking (GPON&XG-PON&XGS-PON


Networking, HGW Providing the VoIP Service)
FTTB/C+HGW Networking (GPON&XG-PON&XGS-PON Networking, HGW Providing the VoIP Service)

In this kind of networking, the HGW provides the Internet access and IPTV services. In addition, the built-in IAD of
the HGW provides the VoIP service by connecting to the upstream ONU using LAN or xDSL.

Context
There are two xPON configuration modes: distributed mode (also called discrete mode) and profile mode. The
difference between the two modes lies in command lines.

 Distributed mode: In this mode, ONUs need to be configured one by one but not in batches.

 Profile mode: In this mode, an ONU line profile and service profile are configured first. Then, ONUs can be
added in batches by binding profiles. This mode greatly improves service provisioning efficiency.

Generally, the xPON configuration mode is determined in a new deployment on the OLT and will not be changed.

For commands for the distributed configuration mode, see PON distributed-mode commands in the OLT Command Reference.

The description of this topic is based on the mode below.


Mode Query Method

GPON profile mode (system default) On the OLT:


huawei(config)#diagnose
huawei(diagnose)%%display xpon mode
-------------------------------------------
Current config mode: Profile-mode
-------------------------------------------

Service Requirements and Application Scenarios

Configuration Procedure

Adding an ONU to an OLT

Services can be configured for an ONU only after the ONU is successfully added to an OLT.

Configuring the Management Channel Between the OLT and the ONU

After the inband management channel between the OLT and the ONU is configured and available, you can log in to the ONU
from the OLT to configure the ONU.

Configuring the Service Channel Between the OLT and the ONU

2024-09-17 298
MA5800 Product Documentation

This topic describes how to configure service channels between an optical line terminal (OLT) and an optical network unit
(ONU) on a gigabit-capable passive optical network (GPON). After channels for involved service types are configured on an
OLT to which an ONU is connected, packets of the service types from the ONU can be forwarded based on planned VLANs
and policies at Layer 2.

Configuring the Internet Access Service (LAN Access, on the ONU)

This topic describes how to configure the Internet access service for home gateway (HGW) users on an optical network
unit (ONU) when HGWs are connected upstream to the ONU through local area networks (LANs).

Configuring the Voice Service Channel (on the ONU)

This topic describes how to configure the VoIP service on an ONU. In this scenario, The HGW provides the VoIP service and
the ONU is configured to establish VoIP service channels.

Configuring the IPTV Service (on the ONU)

This topic describes how to configure the video on demand (VoD) service and multicast service for home gateway (HGW)
users on an optical network unit (ONU) when HGWs are connected upstream to the ONU through local area networks
(LANs) or in xDSL mode.

Configuring Link Aggregation, Congestion Control, and Security Policies

The global configuration of upstream link aggregation and queue scheduling based on priorities ensures service reliability.
The global configuration of security policies ensures service security.

Configuring the Internet Access Service (on the HGW)

This topic describes how to configure the Internet access service on home gateways (HGWs) that use the LAN or xDSL for
upstream transmission. This configuration enables home users to access Internet at high speeds through PCs.

Configuring the IPTV Service (on the HGW)

This topic describes how to configure the IPTV service on high gateways (HGWs) that use LAN or xDSL for upstream
transmission. This configuration enables home users to watch IPTV programs using STBs and TVs.

Configuring the VoIP Service (on the HGW)

This topic describes how to configure the voice service on home gateways (HGWs) that use the LAN or xDSL for upstream
transmission. This configuration enables home users to enjoy the POTS service by using an analog telephone.

Verifying Services

This topic describes the remote verification methods in the FTTB+HGW scenario (HGW providing the VoIP service). ONUs
provide remote service verification methods including PPPoE dialup emulation and multicast emulation for configuration
and commissioning engineers to verify services remotely after service configuration, avoiding a second on-site operation.

2024-09-17 299
MA5800 Product Documentation

1.3.6.1 Service Requirements and Application Scenarios


Service Requirements and Application Scenarios

Service Requirements

A gigabit-capable passive optical network (GPON) should be capable of delivering triple play service over Category
5 cables or twisted pairs. Service requirements are described as follows:

 Sharing of Internet access among multiple computers in the household

 Access of multiple phones in the household

 Internet Protocol (IPTV) services (program preview or watch) enabled by set-top boxes (STB)

 Independent provisioning of Internet access, voice, and IPTV services

 Ensured service security:

 Internet access services protected against unauthorized access, hijacking or unauthorized borrowing of
user accounts, MAC/IP spoofing, and malicious attack

 Voice and IPTV services protected against MAC/IP spoofing, malicious attack, and traffic flooding attack

 Easy fault location and service maintenance

Application Scenario

Figure 1 shows a GPON FTTB+HGW network. The GPON OLT is deployed at the central office and connects to the
MAN using aggregation, and the ONU is deployed in the buildings or street fiber distribution terminals. Access
interfaces are deployed on the HGW that connects to the ONU using LAN or xDSL.

 The HGW connects to the upstream ONU through the Ethernet or xDSL port and provides the Internet access
service through the FE or Wi-Fi port and the IPTV service through the FE port in the downstream direction.

 The HGW has Layer 3 functions (such as PPPoE dialup and NAT), which enable multiple PCs of a family to
access the Internet at the same time.

 The STB connected to the HGW provides IPTV program preview and access functions.

 The IAD embedded in the HGW provides one or several POTS ports, which enable multiple phones of a family
to access the Internet at the same time.

Figure 1 GPON FTTB+HGW Networking for the Internet, VoIP, and IPTV Services (HGW Providing the VoIP Service)

2024-09-17 300
MA5800 Product Documentation

1.3.6.2 Configuration Procedure


Configuration Procedure

Figure 1 shows the configuration roadmap diagram in the FTTB+HGW networking scenarios (HGW providing the
VoIP service).

Figure 1 Configuration Roadmap Diagram in the FTTB+HGW Networking Scenarios (HGW providing the VoIP service)

The following table describes the configuration procedure.


Configured Procedure Configuration
Device

2024-09-17 301
MA5800 Product Documentation

Configured Procedure Configuration


Device

OLT Add an ONU on the OLT. Services can be configured for an ONU only after the ONU is successfully
added to an OLT.

Configure the After the inband management channel between the OLT and the ONU is
management channel configured and available, you can log in to the ONU from the OLT to configure
between the OLT and the the ONU.
ONU.

Configure the service Service channels, such as Internet access service channel, are set up on the
channel between the OLT so that services on the ONU can be normally forwarded.
OLT and the ONU.

ONU Configure the Internet NOTE:


access service. Different ONUs have different ports, including LAN, ADSL2+, VDSL2, G.fast and
VDSL2/G.fast vectoring ports, for the Internet access. Select an appropriate
configuration method according to the port type.

Configure the VoIP In the FTTB+HGW networking (HGW provides the VoIP service), the built-in
service channel on the IAD of the HGW provides the VoIP service. Therefore, VoIP service parameters
ONU. do not need to be configured on the ONU and only transparent transmission
service flows need to be created.

Configure the IPTV IPTV services include the VoD and multicast services that are different in
service on the ONU. configuration procedures and need to be configured separately.

OLT Configure the link The global configuration of upstream link aggregation and queue scheduling
ONU aggregation, congestion based on priorities ensures service reliability. The global configuration of
control, and security security policies ensures service security.
policy.

HGW Configure the Internet HGWs have different models and appearances but their configuration
access service on the procedures are similar. This topic uses the HG239 that uses LAN for upstream
HGW. transmission and the HG527 uses ADSL2+ for upstream transmission as
examples.
NOTE:

Vectoring is supported by the HG612 and HG622 only.

Configure the IPTV -


service on the HGW.

Configure the VoIP This topic describes how to configure the voice service on home gateways
service on the HGW. (HGWs) that use the LAN or xDSL for upstream transmission. This
configuration enables home users to enjoy the POTS service by using an
analog telephone.

ONU Verify the services. ONUs provide remote service verification methods including PPPoE dialup
HGW emulation, call emulation, and multicast emulation to allow configuration and
commissioning engineers to verify services remotely after service
configuration. This remote service verification eliminates a second on-site
operation.
Voice services on the HGW do no support remote service verification.

1.3.6.3 Adding an ONU to an OLT


Adding an ONU to an OLT

Services can be configured for an ONU only after the ONU is successfully added to an OLT.

2024-09-17 302
MA5800 Product Documentation

Context
 When an ONU is added, desired profiles, including the dynamic bandwidth allocation (DBA) profile, line
profile, and alarm profile, must be bound to the ONU. For details about functions and configuration methods
for these profiles, see Table 1.
Table 1 Introduction to ONU profiles

Profile Function Command


Type

DBA A DBA profile describes GPON traffic parameters. A T-CONT is bound to a DBA Query a DBA profile.
profile profile for dynamic bandwidth allocation, improving upstream bandwidth display dba-profile
utilization. Add a DBA profile. dba-
profile add

Line A line profile describes binding between the T-CONT and the DBA profile, the Query a line profile. display
profile QoS mode of the service flow, and mapping between the GEM port and the ont-lineprofile
ONU-side service. Add a line profile. ont-
lineprofile add

Alarm An alarm profile contains a series of alarm threshold parameters that are used Query an alarm profile.
profile for performance measurement and monitoring of the activated ONT lines. display gpon alarm-
profile
Add an alarm profile. gpon
alarm-profile add

 An ONU can be added in two modes. Select either mode as required.


Mode Usage Scenario Command

Add an ONU The ONU password or Run the ont add command to add an ONU.
offline. serial number (SN) is
obtained.

Online Both the ONU password In the GPON mode, run the port ont-auto-find command to enable the
confirm an and SN are not obtained. ONU auto-discovery function of a GPON port and then run the ont confirm
ONU. command to add an ONU.

Data Plan

Table 2 Data plan

Item Data

DBA profile NOTE:

All configuration items are provided here. Select desired ones based on service types.

Profile name: fttb_dba_mngt


Profile type: Type1
Fixed bandwidth: 1 Mbit/s
Profile name: fttb_dba_voip
Profile type: Type1
Fixed bandwidth: 4 Mbit/s
Profile name: fttb_dba_hsi

2024-09-17 303
MA5800 Product Documentation

Table 2 Data plan

Item Data

Profile type: Type4


Maximum bandwidth: 512 Mbit/s
Profile name: fttb_dba_vod
Profile type: Type3
Assured bandwidth: 8 Mbit/s
Maximum bandwidth: 16 Mbit/s
Profile name: fttb_dba_iptv
Profile type: Type3
Assured bandwidth: 8 Mbit/s
Maximum bandwidth: 16 Mbit/s

Line profile NOTE:

All configuration items are provided here. Select desired ones based on service types.
Profile name: fttb(c)
Profile ID: 10
T-CONT ID used by the management service: 4
T-CONT ID used by the voice service: 5
T-CONT ID used by the Internet access service: 6
T-CONT ID used by the VoD service: 7
T-CONT ID used by the IPTV service: 8

Network topology data PON port: 0/1/1


ONT ID: 1

Procedure

1. Configure GPON ONU profiles.

All configuration items are provided here. Select desired ones based on service types.

a. Configure a DBA profile.

huawei(config)#dba-profile add profile-name fttb_dba_mngt type1 fix 1024


huawei(config)#dba-profile add profile-name fttb_dba_voip type1 fix 4096
huawei(config)#dba-profile add profile-name fttb_dba_hsi type4 max 524288
huawei(config)#dba-profile add profile-name fttb_dba_vod type3 assure 8192 max 16384
huawei(config)#dba-profile add profile-name fttb_dba_iptv type3 assure 8192 max 16384

b. Configure an ONU line profile.

i. Add GPON ONU line profile 10 fttb(c).

huawei(config)#ont-lineprofile gpon profile-id 10 profile-name fttb(c)

2024-09-17 304
MA5800 Product Documentation

The ID of the line profile to be created must not exist in the system, and the line profile must be created
according to the data plan. In this example, line profile 10 is used.

ii. In the line profile mode, bind the T-CONT to the DBA profile.

huawei(config-gpon-lineprofile-10)#tcont 4 dba-profile-name fttb_dba_mngt


huawei(config-gpon-lineprofile-10)#tcont 5 dba-profile-name fttb_dba_voip
huawei(config-gpon-lineprofile-10)#tcont 6 dba-profile-name fttb_dba_hsi
huawei(config-gpon-lineprofile-10)#tcont 7 dba-profile-name fttb_dba_vod
huawei(config-gpon-lineprofile-10)#tcont 8 dba-profile-name fttb_dba_iptv

iii. In the line profile mode, create a GEM port for each T-CONT.
QoS policies must be configured for various service flows. For details about QoS data plan, see
Principle of QoS Planning .

huawei(config-gpon-lineprofile-10)#gem add 11 eth tcont 4 //Create GEM port 11 for T-CONT 4. Use the
same method to create other GEM ports.
huawei(config-gpon-lineprofile-10)#gem add 12 eth tcont 5
huawei(config-gpon-lineprofile-10)#gem add 13 eth tcont 6
huawei(config-gpon-lineprofile-10)#gem add 14 eth tcont 6
huawei(config-gpon-lineprofile-10)#gem add 15 eth tcont 7
huawei(config-gpon-lineprofile-10)#gem add 16 eth tcont 8

iv. Configure mapping between the GEM port and the ONU-side service.
Set the mode for mapping a GEM port to an ONU-side service to VLAN (default mode). Map
management service flows with C-VLAN 8 to GEM port 11, voice service flows with C-VLAN
200 to GEM port 12, Internet access service flows with C-VLANs 1001-1016 to GEM ports 13
and 14, VoD service flows with C-VLAN 300 to GEM port 15, and IPTV service flows with C-
VLAN 1000 to GEM port 16.

huawei(config-gpon-lineprofile-10)#gem mapping 11 0 vlan 8


huawei(config-gpon-lineprofile-10)#gem mapping 12 0 vlan 200
huawei(config-gpon-lineprofile-10)#gem mapping 13 0 vlan 1001
......
huawei(config-gpon-lineprofile-10)#gem mapping 13 7 vlan 1008
huawei(config-gpon-lineprofile-10)#gem mapping 14 0 vlan 1009
......
huawei(config-gpon-lineprofile-10)#gem mapping 14 7 vlan 1016
huawei(config-gpon-lineprofile-10)#gem mapping 15 0 vlan 300
huawei(config-gpon-lineprofile-10)#gem mapping 16 0 vlan 1000

v. After the configuration is completed, run the commit command to make the configured
parameters take effect.

huawei(config-gpon-lineprofile-10)#commit
huawei(config-gpon-lineprofile-10)#quit

2024-09-17 305
MA5800 Product Documentation

c. (Optional) Add an alarm profile.

 The ID of the default GPON alarm profile is 1. The thresholds for all the alarm parameters in the
default alarm profile are 0, which indicates that no alarm is generated.

 In this example, the default alarm profile is used. Therefore the configuration of the alarm
profile is not required.

2. Add an ONU to an OLT.


Assume that the ID of GPON port 0/1/1 is 1, SN is 32303131B39FD641, management mode is SNMP, and
the bound line profile is fttb(c). Connect the ONU to such a GPON port through the optical splitter.
There are two modes to add an ONT: add an ONT offline and confirm an automatically discovered ONU.

 Add an ONU offline.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont add 1 ontid 1 sn-auth 32303131B39FD641

snmp ont-lineprofile-name fttb(c)

 Confirm an automatically discovered ONU.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#port 1 ont-auto-find enable
huawei(config-if-gpon-0/1)#display ont autofind 1
huawei(config-if-gpon-0/1)#ont confirm 1 ontid 1 sn-auth 32303131B39FD641

snmp ont-lineprofile-name fttb(c)

a. (Optional) Bind the alarm profile to the ONU.


By default, alarm profile 1 is automatically bound to an ONU. A non-default alarm profile is bound
manually only when the default one does not meet the requirement.
In this example, the default alarm profile 1 is used and therefore the configuration of the alarm profile
is not required.

3. Check the ONU status.


After an ONU is added, run the display ont info command to query the current status of the ONU. Ensure
that Config flag of the ONU is active, Run State is online, and Config state is normal.

huawei(config-if-gpon-0/1)#display ont info 1 1


---------------------------------------------------------------------
F/S/P : 0/1/1
ONT-ID :1
Control flag : active //The ONU is activated.
Run state : online //The ONU is online.
Config state : normal //The ONU configurations are recovered normally.
...//The rest of the response information is not provided here.
huawei(config-if-gpon-0/1)#quit

Follow-up Procedure

2024-09-17 306
MA5800 Product Documentation

When Config state is failed, Run state is offline, or Match state is mismatch:

 If Control flag is deactive, run the ont active command in GPON mode to activate the ONU.

 If Run state is offline, a physical line may be broken or the optical module may be damaged. Check the line
and the optical module.

 If Config state is failed, the configured ONU capability exceeds the actual ONU capability. In this case, run the
display ont failed-configuration command in the diagnose mode to check the failed configuration item and
the failure cause. Then, rectify the fault accordingly.

 If the ONU does not match (Match state is mismatch), the port types and number of ports do not match the
actual port types and number of ports supported by the ONU. In this case, run the display ont capability
command to query the actual capability of the ONU, and then select one of the following modes to modify the
ONU configuration:

 Create a proper ONU profile according to the actual capability of the ONU, and then run the ont modify
command to modify the configuration data of the ONU.

 Modify the ONU profile according to the actual capability of the ONU and save the modification. Then, the
ONU automatically recovers the configuration successfully.

1.3.6.4 Configuring the Management Channel Between the OLT


and the ONU
Configuring the Management Channel Between the OLT and the ONU

After the inband management channel between the OLT and the ONU is configured and available, you can log in to
the ONU from the OLT to configure the ONU.

Data plan

Item Data Remarks

Management VLAN and Management VLAN ID: 8 To configure the MDU from the OLT by remote logging in to the
management IP address Management VLAN MDU, the management VLAN of the OLT and that of the MDU must
on the OLT side type: smart VLAN be the same, and the management IP address of the OLT and that of
Inband management IP the MDU must be in the same network segment.
address:
192.168.50.1/24

Management VLAN and Management VLAN ID: 8


management IP address Management VLAN
on the ONU side type: smart VLAN
Inband management IP
address:
192.168.50.2/24

Procedure

1. Configure the inband management VLAN and IP address of the OLT.


Configure the inband management VLAN to 8, VLAN priority to 6, and the IP address to 192.168.50.1/24.

2024-09-17 307
MA5800 Product Documentation

huawei(config)#vlan 8 smart
huawei(config)#port vlan 8 0/9 0
huawei(config)#vlan priority 8 6
huawei(config)#interface vlanif 8
huawei(config-if-vlanif8)#ip address 192.168.50.1 24
huawei(config-if-vlanif8)#quit

2. Configure the inband management VLAN and IP address of the ONU.


Configure the static IP address of the ONU to 192.168.50.2/24, gateway to 192.168.50.254, and the
management VLAN ID to 8 (the same as the management VLAN of the OLT).

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont ipconfig 1 1 static ip-address 192.168.50.2 mask 255.255.255.0 gateway

192.168.50.254 vlan 8

huawei(config-if-gpon-0/1)#quit

3. Configure an inband management service port.


Configure the management service port ID to 1, management VLAN ID to 8, GEM port ID to 11, and user-side
VLAN ID to 8. The OLT does not limit inband management service flows. Therefore, it is recommended that
you use default traffic profile 6.

huawei(config)#service-port 1 vlan 8 gpon 0/1/1 ont 1 gemport 11 multi-service

user-vlan 8 rx-cttr 6 tx-cttr 6


4. Confirm that the management channel between the OLT and the ONU is available.

 On the OLT, run the ping 192.168.50.2 command to check the connectivity between the OLT and the
ONU. The ICMP ECHO-REPLY packet from the ONU should be received.

 On the OLT, You can remotely log in to the ONU to perform the configuration.

1.3.6.5 Configuring the Service Channel Between the OLT and


the ONU
Configuring the Service Channel Between the OLT and the ONU

This topic describes how to configure service channels between an optical line terminal (OLT) and an optical
network unit (ONU) on a gigabit-capable passive optical network (GPON). After channels for involved service types
are configured on an OLT to which an ONU is connected, packets of the service types from the ONU can be
forwarded based on planned VLANs and policies at Layer 2.

Prerequisites

1. Adding an ONU to an OLT is performed.

2. Configuring the Management Channel Between the OLT and the ONU is performed.

Data Plan

2024-09-17 308
MA5800 Product Documentation

The following table provides key information about the service channels between an OLT and an ONU.
Service Type VLAN Plan Remarks

Internet S-VLAN ID: 100; S-VLAN Plan the Internet access service in per user per service per VLAN
access service attribute: stacking (PUPSPV) mode and apply S-VLAN+C-VLAN to differentiate users.
C-VLAN ID: 1001-1016 For details, see Principle of Internet Access Service Data Plan .

VoIP service S-VLAN ID: 200 The voice over IP (VoIP) service is a carrier-operating, closed service
C-VLAN ID: 200 and primarily adopts only S-VLAN tags, which are transparently
transmitted by OLTs.
For details, see Principle of VoIP Service Data Plan .

VoD service S-VLAN ID: 300 Plan the video on demand (VoD) service in per user per VLAN (PUPV)
mode if possible, as the VoD service requires only a few VLAN
resources.
The VoD service is a carrier-operating, closed service and primarily
adopts only S-VLAN tags, which are transparently transmitted by OLTs.
For details, see Principle of IPTV Service Data Plan .

Multicast Multicast VLAN ID: 1000 The multicast service is a carrier-operating, closed service and
service Multicast cascading port: primarily adopts only S-VLAN tags.
0/1/1 For details, see Principle of IPTV Service Data Plan .
IGMP version: IGMPv3
IGMP mode: IGMP proxy
Multicast IP address range:
224.1.1.10-224.1.1.100
IP address of the multicast
server: 10.10.10.10/24

C-VLANs in the preceding table are defined for OLTs. That is, they are upstream VLANs or S-VLANs of ONUs.

Procedure

 Configure a channel for the Internet access service.

1. Create an S-VLAN and add an upstream port to it.


Create S-VLAN 100 with the stacking attribute and add upstream port 0/9/0 to the S-VLAN.

huawei(config)#vlan 100 smart


huawei(config)#vlan attrib 100 stacking
huawei(config)#port vlan 100 0/9 0

2. Configure a traffic profile.


The 802.1p priority of the Internet access service is 0, and rate limitation is not required. To check
whether any existing traffic profile meets the requirements, run the display traffic table ip command.
In this example, the query result shows that traffic profile 6 meets the requirements, so no traffic
profile needs to be configured.

huawei(config)#display traffic table ip from-index 0

3. Configure a service flow for receiving and transparently transmitting the Internet access service from
the ONU side.

2024-09-17 309
MA5800 Product Documentation

Configure a service flow with the GEM port ID being 13 and user-side VLAN ID being 1001 (example
value). The ONU is connected to GPON port 0/1/1, upstream and downstream traffic are rate-limited
on the ONU but not on the OLT, and traffic profile 6 is referenced.

huawei(config)#service-port vlan 100 gpon 0/1/1 ont 1 gemport 13 multi-service user-vlan 1001 tag-
transform translate-and-add rx-cttr 6 tx-cttr 6

 Configure a channel for the VoIP service.

1. Create an S-VLAN and add an upstream port to it.


Create S-VLAN 200 with the common attribute and add upstream port 0/9/0 to the S-VLAN.

huawei(config)#vlan 200 smart


huawei(config)#port vlan 200 0/9 0

2. Configure a traffic profile.


The 802.1p priority of the VoIP service is 5, and rate limitation is not required. To check whether any
existing traffic profile meets the requirements, run the display traffic table ip command. In this
example, the query result shows that no traffic profile meets the requirements, so a traffic profile needs
to be configured.
Add traffic profile 9 and set priority-policy to local-setting. Then, traffic is scheduled based on the
priority specified in the traffic profile.

huawei(config)#traffic table ip index 9 cir off priority 5 priority-policy local-setting

3. Configure a service flow for receiving and transparently transmitting the VoIP service from the ONU
side.
Configure a service flow with the GEM port ID being 12 and user-side VLAN ID being 200. The ONU is
connected to GPON port 0/1/1, upstream and downstream traffic are rate-limited on the ONU but not
on the OLT, and traffic profile 9 is referenced.

huawei(config)#service-port vlan 200 gpon 0/1/1 ont 1 gemport 12 multi-service user-vlan 200 rx-cttr 9 tx-
cttr 9

 Configure a channel for the VoD service.

1. Create an S-VLAN and add an upstream port to it.


Create S-VLAN 300 with the common attribute and add upstream port 0/9/0 to the S-VLAN.

huawei(config)#vlan 300 smart


huawei(config)#port vlan 300 0/9 0

2. Configure a traffic profile.


The 802.1p priority of the VoD service is 4, and rate limitation is not required. To check whether any
existing traffic profile meets the requirements, run the display traffic table ip command. In this
example, the query result shows that no traffic profile meets the requirements, so a traffic profile needs
to be configured.
Add traffic profile 10 and set priority-policy to local-setting. Then, traffic is scheduled based on the
priority specified in the traffic profile.

huawei(config)#traffic table ip index 10 cir off priority 4 priority-policy local-Setting

2024-09-17 310
MA5800 Product Documentation

3. Configure a service flow for the VoD service.


Configure a service flow with the GEM port ID being 15 and user-side VLAN ID being 300. The ONU is
connected to GPON port 0/1/1, upstream and downstream traffic are rate-limited on the ONU but not
on the OLT, and traffic profile 10 is referenced.

huawei(config)#service-port vlan 300 gpon 0/1/1 ont 1 gemport 15 multi-service user-vlan 300 rx-cttr 10 tx-
cttr 10

 Configure a channel for the multicast service.

1. Create an S-VLAN and add an upstream port to it.


Create S-VLAN 1000 with the common attribute and add upstream port 0/9/0 to the S-VLAN.

huawei(config)#vlan 1000 smart


huawei(config)#port vlan 1000 0/9 0

2. Configure a service flow for the multicast service.


Configure a service flow with the GEM port ID being 16 and user-side VLAN ID being 1000. ONT 1 is
connected to GPON port 0/1/1, upstream and downstream traffic are rate-limited on the ONU but not
on the OLT, and traffic profile 10 is referenced.

huawei(config)#service-port vlan 1000 gpon 0/1/1 ont 1 gemport 16 multi-service user-vlan 1000 rx-cttr 10
tx-cttr 10

3. Configure a multicast cascading port.


Set GPON port 0/1/1 as a multicast cascading port, ONU ID to 1, and GEM port 16 to carry the multicast
service.

huawei(config)#btv
huawei(config-btv)#igmp cascade-port 0/1/1 ontid 1 gemport-index 16

4. Set the IGMP version.


Set the IGMP version to IGMPv3.

huawei(config)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp version v3

5. Set the IGMP mode.


Select the IGMP proxy mode.

huawei(config-mvlan1000)#igmp mode proxy


Are you sure to change IGMP mode?(y/n)[n]:y

6. Configure an IGMP upstream port.


Set the IGMP upstream port to port 0/9/0.

huawei(config-mvlan1000)#igmp uplink-port 0/9/0

7. Configure a program library.


Set the multicast IP address range to 224.1.1.10-224.1.1.100 and the IP address of the multicast server
to 10.10.10.10.

huawei(config-mvlan1000)#igmp program add batch ip 224.1.1.10 to-ip 224.1.1.100 sourceip 10.10.10.10

2024-09-17 311
MA5800 Product Documentation

1.3.6.6 Configuring the Internet Access Service (LAN Access, on


the ONU)
Configuring the Internet Access Service (LAN Access, on the ONU)

This topic describes how to configure the Internet access service for home gateway (HGW) users on an optical
network unit (ONU) when HGWs are connected upstream to the ONU through local area networks (LANs).

Data Plan

The following table provides key information about the Internet access service (LAN access).
Item Data Remarks

Traffic ID: 8 -
profile CIR: 4 Mbit/s
VLAN priority: 0
Downstream priority policy: local-
setting

User VLAN Untagged HGWs can send untagged packets or packets with user VLAN
tags.
User VLAN ID: 1, 2, 3...

Procedure

1. Log in to the ONU to perform the configuration.


You can remote log in to the ONU from the OLT to perform the configuration.

2. Configure a traffic profile.


You can run the display traffic table ip command to query the traffic profiles existing in the system. If the
traffic profiles existing in the system do not meet the requirements, you need to run the traffic table ip
command to add a traffic profile.
Add traffic profile 8 and set the committed information rate (CIR) to 4 Mbit/s. The priority for upstream
packets is 0, and downstream packets are scheduled based on the priority specified in the traffic profile.

huawei(config)#traffic table ip index 8 cir 4096 priority 0 priority-policy local-setting

3. Create service VLANs.


Create service VLANs 1001-1016 in batches whose type is smart and attribute is common (the service VLAN
IDs must be consistent with the user VLAN IDs of the OLT). Add the service VLANs to upstream port 0/0/1.

huawei(config)#vlan 1001-1016 smart


huawei(config)#port vlan 1001-1016 0/0 1

4. Add a service port.


Configurations for untagged packets and packets with user VLAN tags are different.

 For untagged packets, the configuration is as follows (assuming that the VLAN ID is 1001):

//Create service port 101, bind port 0/3/1 to it, set the user VLAN to untagged, and bind traffic profile 8 to the user
VLAN./

2024-09-17 312
MA5800 Product Documentation

huawei(config)#service-port 101 vlan 1001 eth 0/3/1 multi-service user-vlan untagged rx-cttr 8 tx-cttr 8

 For packets with user VLAN tags, the configuration is as follows (assuming that the user VLAN ID is 10
and the VLAN ID is 1001):

//Create service port 101, bind port 0/3/1 to it, set the user VLAN ID to 10, and bind traffic profile 8 to the user
VLAN./
huawei(config)#service-port 101 vlan 1001 eth 0/3/1 multi-service user-vlan 10 rx-cttr 8 tx-cttr 8

1.3.6.7 Configuring the Voice Service Channel (on the ONU)


Configuring the Voice Service Channel (on the ONU)

This topic describes how to configure the VoIP service on an ONU. In this scenario, The HGW provides the VoIP
service and the ONU is configured to establish VoIP service channels.

Data Plan

Data plan for configuring the VoIP service on the ONU


Item Data Remarks

Upstream 200 The upstream VLAN on the ONU is also called the SVLAN on the ONU. It
VLAN corresponds to the CVLAN on the OLT.
The VoIP service is a closed service operated by carriers. SVLAN with a
single tag is the mainstream application. The OLT transparently
transmits the SVLAN of the ONU.

Traffic profile ID: 9 For the VoIP service, it is recommended to rate limit traffic on the BRAS
Committed rate: off or SR without using traffic profiles.
VLAN priority
Priority policy: Local-Setting

User port The HGW uses LAN for Different types of HGWs establish service flows in different ways.
upstream transmission:
0/3/1
The HGW uses ADSL2+ for
upstream transmission:
0/2/0
The HGW uses VDSL2 for
upstream transmission:
0/1/0

User VLAN on 200 It is recommended that the user VLAN on the HGW be the same as the
the HGW upstream VLAN on the ONU when the HGW provides the VoIP service.

Procedure
1. Create the upstream VLAN and add upstream ports 0/0/1 to it.

huawei(config)#vlan 200 smart


huawei(config)#port vlan 200 0/0 1

2. Configure a VoIP service traffic profile.

2024-09-17 313
MA5800 Product Documentation

The 802.1p priority of the VoIP service is 5 and the traffic profile specifies no rate limit. Run the display
traffic table ip command to query existing traffic profiles in the system. If there is no traffic profile to meet
the requirements listed in the data plan, create one.
Add traffic profile 9 and set Local-Setting to priority-policy so that packets are scheduled according to their
priorities.

huawei(config)#traffic table ip index 9 cir off priority 5 priority-policy Local-Setting

3. Create the VoIP service flow.

 For the HGW that uses LAN for upstream transmission, the VoIP service is configured as follows:

huawei(config)#service-port 201 vlan 200 eth 0/3/1 multi-service user-vlan

200 rx-cttr 9 tx-cttr 9

 For the HGW that uses ADSL2+ for upstream transmission, the VoIP service is configured as follows:

huawei(config)#service-port 201 vlan 200 adsl 0/2/0 vpi 0 vci 35 multi-service user-vlan

200 rx-cttr 9 tx-cttr 9

 For the HGW that uses VDSL2 for upstream transmission, the VoIP service is configured as follows:

huawei(config)#service-port 201 vlan 200 vdsl mode ptm 0/1/0 multi-service user-vlan

200 rx-cttr 9 tx-cttr 9

1.3.6.8 Configuring the IPTV Service (on the ONU)


Configuring the IPTV Service (on the ONU)

This topic describes how to configure the video on demand (VoD) service and multicast service for home gateway
(HGW) users on an optical network unit (ONU) when HGWs are connected upstream to the ONU through local area
networks (LANs) or in xDSL mode.

Data Plan

The following table provides key information about the IPTV service.
Item Data Remarks

Traffic profile ID: 10 -


CIR: off
VLAN priority: 4
Downstream priority
policy: local-setting

User VLAN in the scenario in which User VLAN ID: 1, 2, HGWs can send untagged packets or packets with
HGWs are upstream connected to an ONU 3... user VLAN tags.
through LANs

VPI/VCI of ADSL2+ users in the scenario VPI: 0 Internet service providers (ISPs) provide VPI/VCI
in which HGWs are connected upstream VCI: 35 information.
to an ONU in ADSL2+ mode

VDSL2 path mode in the scenario in PTM Both the central office and HGWs must support the
which HGWs are connected upstream to PTM mode.

2024-09-17 314
MA5800 Product Documentation

Item Data Remarks

an ONU in VDSL2 mode

VLAN ID of the VoD service 300 The VoD service is a carrier-operating, closed service
and primarily adopts only SVLAN tags, which are
transparently transmitted by OLTs.

Multicast VLAN ID of the ONU 1000 -

Multicast VLAN ID of HGWs 43 A carrier generally specifies a globally unique


multicast VLAN ID for HGWs.

Procedure

 Configure the VoD service.


Create VLAN 300 with the common attribute and add upstream port 0/0/1 to the VLAN.

huawei(config)#vlan 300 smart


huawei(config)#port vlan 300 0/0 1

Configure a traffic profile for the IPTV service.


The IEEE 802.1p priority of the IPTV service is 4, and rate limitation is not required. To check whether any
existing traffic profile meets the requirements, run the display traffic table ip command. In this example, the
query result shows that no traffic profile meets the requirements, so a traffic profile needs to be configured.
Add traffic profile 10 and set priority-policy to local-setting. Then, traffic is scheduled based on the priority
specified in the traffic profile.

huawei(config)#traffic table ip index 10 cir off priority 4 priority-policy local-setting

Configure a service flow for the VoD service.


Configurations vary according to upstream interface types of HGWs.

 If HGWs are connected to an ONU upstream through LANs and upstream packets contain user VLAN tags,
the ONU needs to perform a switch between user VLAN IDs and SVLAN IDs.
Assume that the user VLAN ID is 1 and the Ethernet port is 0/3/1. Add a service flow as follows:

huawei(config)#service-port 301 vlan 300 eth 0/3/1 multi-service user-vlan 1 rx-cttr 10 tx-cttr 10

 If HGWs are connected to an ONU upstream in ADSL2+ mode, upstream packets contain users' PVC
information so the ONU needs to perform a switch between PVC information and SVLAN IDs.
Assume that the VPI/VCI is 0/35 and the ADSL2+ port is 0/2/0. Add a service flow as follows:

huawei(config)#service-port 301 vlan 300 adsl vpi 0 vci 35 0/2/0 multi-service user-vlan untagged rx-cttr 10 tx-
cttr 10

 If HGWs are connected to an ONU upstream in VDSL2 mode, formats of upstream packets depend on the
encapsulation mode.
Assume that the VDSL2 path mode is PTM mode, port is 0/1/0, and packets from the user VLAN are
untagged. Add a service flow as follows:

huawei(config)#service-port 301 vlan 300 vdsl mode ptm 0/1/0 multi-service user-vlan untagged rx-cttr 10 tx-
cttr 10

2024-09-17 315
MA5800 Product Documentation

 Configure the multicast service.


Create multicast VLAN 1000 with the common attribute and add upstream port 0/0/1 to the multicast VLAN.

huawei(config)#vlan 1000 smart


huawei(config)#port vlan 1000 0/0 1

Set the IGMP version to IGMP v3.

huawei(config)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp version v3

Set the IGMP mode to IGMP proxy.

huawei(config-mvlan1000)#igmp mode proxy


Are you sure to change IGMP mode?(y/n)[n]:y

Configure the IGMP upstream port.

huawei(config-mvlan1000)#igmp uplink-port 0/0/1

Configure a program library. Set the multicast IP address range to 224.1.1.10-224.1.1.100 and the IP address
of the multicast server to 10.10.10.10.

huawei(config-mvlan1000)#igmp program add batch ip 224.1.1.10 to-ip 224.1.1.100 sourceip 10.10.10.10


huawei(config-mvlan1000)#quit

Configure a service flow for the multicast service.


Configurations vary according to upstream interface types of HGWs.

 If HGWs are connected to an ONU upstream through LANs, assume that the user VLAN ID is 43 and the
Ethernet port is 0/3/1, and add a service flow as follows:

huawei(config)#service-port 401 vlan 1000 eth 0/3/1 multi-service user-vlan 43 rx-cttr 10 tx-cttr 10

 If HGWs are connected to an ONU upstream in ADSL2+ mode, assume that the VPI/VCI is 0/35 and the
ADSL2+ port is 0/2/0, and add a service flow as follows:

huawei(config)#service-port 401 vlan 1000 adsl vpi 0 vci 35 0/2/0 multi-service user-vlan untagged rx-cttr 10
tx-cttr 10

 If HGWs are connected to an ONU upstream in VDSL2 mode, assume that the VDSL2 path mode is PTM
mode, the user VLAN ID is 43, and the VDSL2 port is 0/1/0, and add a service flow as follows:

huawei(config)#service-port 401 vlan 1000 vdsl mode ptm 0/1/0 multi-service user-vlan 43 rx-cttr 10 tx-cttr 10

Configure a multicast user and add the user to the multicast VLAN.
Configure service flow 401 as a multicast user, add the user to multicast VLAN 1000, and adopt the no-auth
mode for the multicast user.

huawei(config-mvlan1000)#btv
huawei(config-btv)#igmp user add service-port 401 no-auth
huawei(config-btv)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp multicast-vlan member service-port 401
huawei(config-mvlan1000)#quit

2024-09-17 316
MA5800 Product Documentation

1.3.6.9 Configuring Link Aggregation, Congestion Control, and


Security Policies
Configuring Link Aggregation, Congestion Control, and Security Policies

The global configuration of upstream link aggregation and queue scheduling based on priorities ensures service
reliability. The global configuration of security policies ensures service security.

Context

On the OLT, link aggregation provides a higher bandwidth and uplink reliability for optical line terminals (OLTs)
by aggregating multiple uplink Ethernet ports to one link aggregation group (LAG). Link aggregation is
recommended.
Congestion control places the packets to be sent from a port into multiple queues that are marked with different
priorities. Then, the packets are sent based on queue priorities. Congestion control is recommended.

Security policies ensure system, user, and service security.

Enable a service security function based on the service type. For details, see Principle of Security Data Plan .

Procedure

 Configure link aggregation.


On the OLT, the following configurations are used as an example to configure link aggregation:

 Upstream ports 0/9/0 and 0/9/1 are added to a LAG.

 The two ports send packets upstream based on the packets' source MAC addresses.

 The LAG works in Link Aggregation Control Protocol (LACP) static aggregation mode.

huawei(config)#link-aggregation 0/9 0-1 ingress workmode lacp-static

 Configure queue scheduling.


On both the OLT and optical network units (ONUs), according to quality of service (QoS) planning principles,
all packets are scheduled in strict priority (SP) mode and mapped to queues according to the packets'
priorities. For details about QoS planning principles, see Principle of QoS Planning .

huawei(config)#queue-scheduler strict-priority
huawei(config)#cos-queue-map cos0 0 cos4 4 cos5 5 cos6 6

 Configure system security.

 Enable deny of service (DoS) anti-attack on both the OLT and ONUs.

1. Run the security anti-dos enable command to globally enable DoS anti-attack.

2. Run the security anti-dos control-packet policy command to configure a protocol packet
processing policy that will be used when a DoS attack occurs.

2024-09-17 317
MA5800 Product Documentation

3. Run the security anti-dos control-packet rate command to configure the threshold for the rate
of sending protocol packets to the CPU.

 Enable IP address anti-attack on both the OLT and ONUs.


Run the security anti-ipattack enable command to enable IP address anti-attack.

 Configure user security.

 Enable MAC address anti-flapping on both the OLT and ONUs.


Run the security anti-macduplicate enable command to enable MAC address anti-flapping.

 Enable MAC address anti-spoofing on both the OLT and ONUs.

1. In global config mode, run the security anti-macspoofing enable command to globally enable
MAC address anti-spoofing.

2. Enable MAC address anti-spoofing at VLAN level in global config mode or service profile mode:

a. In global config mode, run the security anti-macspoofing vlan command to enable MAC
address anti-spoofing.

b. Perform the following operations to enable MAC address anti-spoofing in service profile
mode:

i. In global config mode, run the vlan service-profile command to create a VLAN
service profile.

ii. Run the security anti-macspoofing enable command to enable MAC address anti-
spoofing at VLAN level.

iii. Run the commit command to make the profile configuration take effect.

iv. Run the quit command to quit the VLAN service profile mode.

v. Run the vlan bind service-profile command to bind the created VLAN service
profile to a VLAN.

3. (Optional) Run the security anti-macspoofing max-mac-count command to set the maximum
number of MAC addresses that can be bound to a service flow.

4. (Optional) Run the security anti-macspoofing exclude command to configure the types of
packets for which MAC address anti-spoofing does not take effect, such as Internet Group
Management Protocol (IGMP) packets.

 Enable IP address anti-spoofing on ONUs.

IP address anti-spoofing can be enabled or disabled at three levels: global, VLAN, and service port levels.
This function takes effect only after it is enabled at the three levels. Among the three levels, IP address
anti-spoofing is disabled only at the global level by default.

1. In global config mode, run the security anti-ipspoofing enable command to enable IP address
anti-spoofing at the global level.

2024-09-17 318
MA5800 Product Documentation

2. In VLAN service profile mode, run the security anti-ipspoofing enable command to enable IP
address anti-spoofing at the VLAN level.

3. Run the security anti-ipspoofing service-port serviceport-id enable command to enable IP


address anti-spoofing at the service port level.

 Configure service security.

 Enable Dynamic Host Configuration Protocol (DHCP) Option 82 on the OLT or ONUs. This configuration
is recommended for the DHCP-based Internet access service.

1. Enable DHCP Option 82 on the OLT or ONUs.


DHCP Option 82 can be enabled or disabled at four levels: global, port, VLAN, and service port
levels. This function takes effect only after it is enabled at the four levels. Among the four levels,
DHCP Option 82 is disabled only at the global level by default.

 The global level: In global config mode, run the dhcp option82 command to enable DHCP
Option 82 at the global level.
When you run this command, select the enable, forward, or rebuild parameter based on
site requirements. The three parameters can all enable DHCP Option 82 but provide different
packet processing policies on the OLT. For details, see the dhcp option82 command.

 The port level: In global config mode, run the dhcp option82 port or dhcp option82 board
command to enable DHCP Option 82 at the port level.

 The VLAN level:

a. In global config mode, run the vlan service-profile command to create a VLAN
service profile.

b. Run the dhcp option82 enable command to enable DHCP Option 82 at the VLAN
level.

c. Run the commit command to make the profile configuration take effect.

d. Run the quit command to quit the VLAN service profile mode.

e. Run the vlan bind service-profile command to bind the created VLAN service profile
to a VLAN.

 The service port level: In global config mode, run the dhcp option82 service-port command
to enable DHCP Option 82 at the service port level.

2. On the OLT, run the dhcp-option82 permit-forwarding service-port command with the enable
parameter selected, to allow ONU DHCP packets to carry Option 82 information.

 Enable Policy Information Transfer Protocol (PITP) on both the OLT and ONUs. This configuration is
recommended for the PPPoE-based Internet access service.

1. Enable PITP on both the OLT and ONUs.

2024-09-17 319
MA5800 Product Documentation

PITP can be enabled or disabled at four levels: global, port, VLAN, and service port levels. This
function takes effect only after it is enabled at the four levels. Among the four levels, PITP is
disabled only at the global level by default.

 The global level: In global config mode, run the pitp enable pmode, pitp forward pmode, or
pitp rebuild pmode command to enable PITP at the global level.
In the preceding commands, the enable, forward, and rebuild parameters can all enable
PITP but provide different packet processing policies on the OLT. Select one of them based
on site requirements. For details, see the pitp command.

 The port level: In global config mode, run the pitp port or pitp board command to enable
PITP at the port level.

 The VLAN level:

a. In global config mode, run the vlan service-profile command to create a VLAN
service profile.

b. Run the pitp enable command to enable PITP at the VLAN level.

c. Run the commit command to make the profile configuration take effect.

d. Run the quit command to quit the VLAN service profile mode.

e. Run the vlan bind service-profile command to bind the created VLAN service profile
to a VLAN.

 The service port level: In global config mode, run the pitp service-port command to enable
PITP at the service port level.

2. On the OLT, run the pitp permit-forwarding service-port command with the enable parameter
selected, to allow ONU PPPoE packets to carry a vendor tag.

1.3.6.10 Configuring the Internet Access Service (on the HGW)


Configuring the Internet Access Service (on the HGW)

This topic describes how to configure the Internet access service on home gateways (HGWs) that use the LAN or
xDSL for upstream transmission. This configuration enables home users to access Internet at high speeds through
PCs.

Context

Home users generally access the Internet in Point-to-Point Protocol over Ethernet (PPPoE) dial-up mode. PPPoE
dial-up can be performed on PCs or HGWs.
HGWs have different models and appearance and therefore, their configuration processes are not the same. This
topic describes how to configure the Internet access service on an HGW generally. The actual configuration varies
depending on different HGWs.

Procedure

2024-09-17 320
MA5800 Product Documentation

1. Log in to the web configuration window.

a. Enter the default IP address in the address bar of the browser, and then press Enter.

b. In the login window, enter the user name and password (the default value is provided by ISP) of the
administrator and click OK.
To enhance system security, change the password to a password that meets security requirements
after the first successful login. It is recommended that you change the password periodically.

2. Set parameters for the Internet access service.

a. Choose Internet access service configuration from the navigation tree.


b. Set parameters for the Internet access service.
Parameter Value

Bearing service Internet

VLAN enabling Enabled: VLAN tags are added to upstream packets.


(Set this parameter when the HGW uses Disabled: VLAN tags are not added to upstream packets.
the LAN or VDSL2 for upstream NOTE:
transmission)
When Internet access service flows are created on the ONU, if the value of
uservlan is untagged, set this parameter to Disabled; otherwise, set it to
Enabled.

VLANID[1-4094] If VLAN enabling is set to Enabled, the values of UserVLAN, such as 1, 2, and
(Set this parameter when the HGW uses 3 and so on, map the values of uservlan when Internet access service flows
the LAN or VDSL2 for upstream are created on the ONU.
transmission)

VPI/VCI Set the VPI/VCI to be the same as that configured on the devices at the
(Set this parameter when the HGW uses central office. In this example, set this parameter to 0/35.
ADSL2+ for upstream transmission)

Mode PPPoE

c. Submit the configuration.

1.3.6.11 Configuring the IPTV Service (on the HGW)


Configuring the IPTV Service (on the HGW)

This topic describes how to configure the IPTV service on high gateways (HGWs) that use LAN or xDSL for
upstream transmission. This configuration enables home users to watch IPTV programs using STBs and TVs.

Context

HGWs have different models and appearance and therefore, their configuration processes are not the same. This
topic describes how to configure the Internet access service on an HGW generally. The actual configuration varies
depending on different HGWs.

Procedure

2024-09-17 321
MA5800 Product Documentation

1. Log in to the web configuration window.

a. Enter the default IP address in the address bar of the browser, and then press Enter.

b. In the login window, enter the user name and password (the default value is provided by ISP) of the
administrator and click OK.
To enhance system security, change the password to a password that meets security requirements
after the first successful login. It is recommended that you change the password periodically.

2. Set parameters for the multicast service.

a. Choose multicast service configuration from the navigation tree.


b. Set parameters for the multicast service.
Parameter Value

Bearing service OTHER: It is used for the IPTV service.

VLAN enabling Enabled: VLAN tags are added to upstream packets.


NOTE:
When multicast service flows are configured on the ONU, if the value of
uservlan is untagged, set this parameter to Disabled; otherwise, set it to
Enabled.

VLANID[1-4094] Multicast VLAN IDs on the HGW map the values of uservlan when multicast
service flows are created on the ONU.

VPI/VCI Set the VPI/VCI to be the same as that configured on the devices at the
(Set this parameter when the HGW uses central office. In this example, set this parameter to 0/35.
ADSL2+ for upstream transmission)

Binding item LAN4 (Example: LAN4 interface serves as the IPTV interface)

Mode Bridge

DHCP transparent transmission Enabled

c. Submit the configuration.

1.3.6.12 Configuring the VoIP Service (on the HGW)


Configuring the VoIP Service (on the HGW)

This topic describes how to configure the voice service on home gateways (HGWs) that use the LAN or xDSL for
upstream transmission. This configuration enables home users to enjoy the POTS service by using an analog
telephone.

Context
HGWs have different models and appearance and therefore, their configuration processes are not the same. This
topic describes how to configure the voice service on an HGW. The actual configuration varies depending on
different HGWs.
The built-in integrated access device (IAD) of the HGW uses SIP as the voice protocol.

2024-09-17 322
MA5800 Product Documentation

Procedure

1. Log in to the web configuration window.

a. Enter the default IP address in the address bar of the browser, and then press Enter.

b. In the login window, enter the user name and password (the default value is provided by ISP) of the
administrator and click OK.
To enhance system security, change the password to a password that meets security requirements
after the first successful login. It is recommended that you change the password periodically.

2. Set parameters of the voice service.

a. Choose the voice service configuration from the navigation tree.


b. Set parameters of the voice service.
Parameter Value

Bearing service VoIP

Enabling status Enabled

VPI/VCI Set the VPI/VCI to be the same as that configured on the devices at the
(Set this parameter when the HGW uses central office. In this example, set this parameter to 0/35.
ADSL2+ for upstream transmission)

Vlan ID The voice VLAN IDs on the HGW map the values of uservlan when voice
service flows are created on the ONU.

802.1p Enabled

Mode Route: Route mode

DHCP Enabled

NAT Enabled

c. Choose the voice telephone number configuration from the navigation tree. Set the parameters as
follows:
Parameter Value

Address Preferred IP address of the proxy server: 10.200.200.200

Port ID Preferred signaling port ID of the proxy server: 5060

Enabled Enabled

User number To use the VoIP account, you can set the account to the user telephone number. In this example, set the
user telephone number to 12345601.

User -
password

d. Submit the configuration.

2024-09-17 323
MA5800 Product Documentation

1.3.6.13 Verifying Services


Verifying Services

This topic describes the remote verification methods in the FTTB+HGW scenario (HGW providing the VoIP
service). ONUs provide remote service verification methods including PPPoE dialup emulation and multicast
emulation for configuration and commissioning engineers to verify services remotely after service configuration,
avoiding a second on-site operation.

Prerequisites
ONUs and upper-layer devices are connected properly. The BRAS and MGC/IMS have been configured.

Context

This topic describes the remote verification method for different service.

The VoD service and HGW VoIP service currently do not support remote verification.

Remote Service Function Remarks


Verification
Method

PPPoE dialup An ONU emulates a PPPoE user terminal software to PPPoE dialup emulation requires a
emulation perform dialup and interact with the BRAS to verify the service flow which does not belong to
connectivity between the ONT and BRAS. a QinQ VLAN.
A user name, password, and
authentication mode must be
configured on the BRAS for the PPPoE
dialup emulation.
An ONU supports a maximum of one
PPPoE dialup emulation.

Multicast With this function, you can emulate a multicast user to go The multicast service configured in
emulation online and lead the program stream to an ONU. By querying dynamic controllable multicast mode
the real-time traffic of the multicast program, you can check does not support the remote
whether the multicast function is performing well. acceptance function.

Procedure
 Verify the Internet access service using PPPoE dialup emulation.
The user name, password, and authentication mode required by the emulation test must be consistent with
those configured on the BRAS.

1. In global config mode, start an emulation test by running the pppoe simulate start command.

2. Query the emulation test information by running the display pppoe simulate info command.

3. Terminate the emulation test by running the pppoe simulate stop command.

 Verify the multicast service using multicast emulation.

2024-09-17 324
MA5800 Product Documentation

Assume that:

 Multicast service flow ID: 401

 Multicast VLAN: 1000

 IP address of the multicast program: 224.1.1.10

1. Order a multicast program by emulating a multicast user.

huawei(config)#btv
huawei(config-btv)#igmp static-join service-port 401 ip 224.1.1.10 vlan 1000

2. Query the status of the multicast user.

huawei(config-btv)#display igmp user service-port 401

3. Query the real-time traffic of the multicast program.

huawei(config-btv)#display multicast flow-statistic ip 224.1.1.10 vlan 1000

 Verify the VoD service.

1. Run the display mac-address service-port command on the ONU to query learned MAC addresses of
VoD users. The learned MAC addresses of VoD users indicate that services are functioning properly
between the ONU and VoD users.

2. On the OLT, run the display mac-address vlan command to query the learned ONU MAC addresses.
The learned ONU MAC addresses indicate that services are functioning properly between the OLT and
ONUs.

 Verify the VoIP service.

1. Log in to the HGW management web page. For details, see the Configuring the VoIP Service (on the
HGW) .
2. Choose Status > Broadband VoIP Information (here depending on the actual HGW web page) to
query the service registration status and telephone number.
Expected service registration status: Register successfully.

1.4 FTTO Configuration (Large-sized Enterprise Access)


FTTO Configuration (Large-sized Enterprise Access)

Large-sized enterprises generally adopt private line access service. Compared with individual services, this service
features various access methods, large number of access users, high security requirement, and cross-region
deployment.

In this document, the FTTO large-sized enterprise private line access service is written as enterprise access service for short.

Overview of Enterprise Access Service

This topic describes the basic knowledge about the enterprise access service. Before configuring the enterprise access
service, you are advised to learn about the basic knowledge.

2024-09-17 325
MA5800 Product Documentation

Principle of Planning Data for Enterprise Access Service

This topic plans data for the enterprise access service from multiple dimensions. The data plan guides configuration and
optimization of the enterprise service in different scenarios.

Configuring Layer 2 Interoperation Service Between Enterprise Branches (GPON)

Different branches of an enterprise can achieve Layer 2 interoperation through ONUs. Then, different branches can
transmit service traffic to each other just like in the same LAN, which can improve coordination work efficiency.

Configuring Enterprise DDN Private Line Access Service (GPON)

Enterprise DDN private line service is converted to E1 signals. ONUs access the E1 signals and transmit them in Native
TDM mode.

Configuring Enterprise IP PBX Private Line Access Service (GPON)

ONUs provide GE/FE ports to access IP private branch exchange (PBX) services of an enterprise and transmit them to an
OLT. Then, the OLT forwards the service data upstream to the packet switched network (PSN). This achieves unified
carrying of voice, data, and video services.

Configuring Enterprise PRA PBX Private Line Access Service (GPON)

ONUs provide PRA E1 ports to access PRA private branch exchange (PBX) services of an enterprise and transmit them to
an OLT. Then, the OLT forwards the service data upstream to the packet switched network (PSN). This achieves voice-to-
IP conversion, simplifying the network architecture.

1.4.1 Overview of Enterprise Access Service


Overview of Enterprise Access Service

This topic describes the basic knowledge about the enterprise access service. Before configuring the enterprise
access service, you are advised to learn about the basic knowledge.

Network Diagram of Enterprise Access Service

User Side

2024-09-17 326
MA5800 Product Documentation

Concept Description

IP PBX IP private branch exchange (PBX) is an IP-based enterprise telephone exchange system. IP PBX uses ICT
technology to seamlessly integrate voice communication into the data communication network of an
enterprise, simply network architecture, and provide better voice communication between branches of
the enterprise.

PRA PBX PRA PBX, that is, TDM PBX, also called a switch, is a telephone exchange used within an enterprise. With
the PRA PBX, staff in the enterprise can use internal telephones to make free calls by dialing short
numbers. Outgoing calls are made through a unified trunk. PRA PBX can lower costs and improve work
efficiency for the enterprise.

DDN Digital data network (DDN) is a network that uses digital channels to transmit data signals. It provides
permanent and semi-permanent connections for users. Compared with traditional analog channels, DDN
channels have a higher transmission quality, transmission rate, and bandwidth use rate. DDN is widely
used in financial departments, governments, and enterprise groups that require high real-time data
switching

DDN node A DDN network consists of backbone node machines and access node machines.
machine A backbone node machine (2M node) implements network service conversion. It provides interfaces and
cross-connections for 2 Mbit/s (E1) digital channels, multiplexes and cross-connects Nx64 kbit/s circuit
signals, and supports cables reconnection for frame relay services.
An access node machine accesses various services for DDN. It provides interfaces for Nx64 kbit/s and
2048 kbit/s digital channels, multiplexes Nx64 kbit/s (N=1–31) signals, and accesses voice and fax users.

Protocol Protocol converter is a device used to convert standard or proprietary protocol of one device to the
converter protocol suitable for the other device or tools to achieve the interoperability. In this document, it
implements protocol conversion between V.24/V.35 and E1.

Access Side

Concept Description

PON A passive optical network (PON) uses a point-to-multipoint (P2MP) network architecture. A PON network
consists of three parts: optical line terminal (OLT), optical distribution network (ODN), and optical network
units (ONUs). A PON network uses optical fibers for data transmission, supports more users with less optical
fiber resources, and provides a higher access rate.
Mainstream PON technologies include broadband passive optical network (BPON), Ethernet passive optical
network (EPON), 10G EPON, gigabit passive optical network (GPON), XG-PON, and XGS-PON.

ODN The ODN is composed of passive optical components, such as optical fibers and one or more passive optical
splitters. The ODN provides highly reliable optical channels between the OLT and ONUs.

OLT The OLT is an aggregation device located at the central office (CO), which terminates PON protocols.

ONU ONUs are located on the user side, providing various types of ports for connecting to user terminals. The
ONUs communicate with the OLT through a passive ODN.

Network Side

Concept Description

SDH Synchronous digital hierarchy (SDH) is a transmission scheme that follows ITU-T G.707, G.708, and G.709. It
defines the transmission features of digital signals such as frame structure, multiplexing mode, transmission
rate level, and interface code. SDH is an important part of ISDN and B-ISDN. It interleaves the bytes of low-
speed signals to multiplex the signals to high-speed counterparts, and the line coding of scrambling is used
only for signals. SDH is suitable for the fiber communications system with high speed and a large capacity

2024-09-17 327
MA5800 Product Documentation

Concept Description

since it uses synchronous multiplexing and flexible mapping structure.

NGN/IMS A next generation network (NGN) is a network that uses softswitches as its core and uses open and
standardized architectures to provide abundant services such as VoIP, video, and data.
The IP multimedia subsystem (IMS) uses SIP signaling as its call control signaling to provide services such as
VoIP, data, and multimedia services.
NOTE:

NGN/IMS in this document refers to softswitches that support H.248 and SIP.

1.4.2 Principle of Planning Data for Enterprise Access Service


Principle of Planning Data for Enterprise Access Service

This topic plans data for the enterprise access service from multiple dimensions. The data plan guides
configuration and optimization of the enterprise service in different scenarios.
Principle of Equipment Management Data Plan

Data planning for equipment management covers planning of management VLANs and IP addresses.

Principle of VLAN Data Plan

VLAN planning for the enterprise access service covers planning of VLANs and VLAN translation policies in different
networking scenarios.

Principle of QoS Data Plan

QoS planning for the enterprise access service is end-to-end. QoS policies include traffic classification, marking and
scheduling, traffic monitoring, and DBA policies. QoS policies for different scenarios are different. This topic provides QoS
policies in the following scenarios.

Principle of Protocol Transparent Transmission Data Plan

The enterprise access service involves transparent transmission of protocol packets. Different equipment configurations
are required for transparently transmitting different protocol packets.

Principle of Security Data Plan

Security planning covers planning of system security, user security, and service security data. An appropriate security plan
ensures normal running of services.

Principle of Reliability Data Plan

Reliability planning covers planning of equipment reliability and upstream/downstream networking protection.
Reliability planning helps to achieve high reliability of private line services.

1.4.2.1 Principle of Equipment Management Data Plan


Principle of Equipment Management Data Plan

2024-09-17 328
MA5800 Product Documentation

Data planning for equipment management covers planning of management VLANs and IP addresses.

Management VLAN Planning

 The OLT and ONUs use the same management VLAN.

 The OLT and ONUs use a single S-VLAN as the equipment management VLAN.

IP Address Planning

Scenario IP Address Planning

Equipment management A management IP address is allocated to each OLT/ONU. Management IP addresses of


ONUs connected to the same OLT are usually in the same network segment. Private IP
addresses planned by the carrier are used for the purpose of security.

Layer 2 interoperation Enterprise service flows are forwarded at Layer 2 within the FTTx network. Therefore,
between different enterprise no IP addresses need to be planned on the OLT and ONUs for enterprise users.
branches

Enterprises DDN private line No IP addresses need to be planned because ONUs access the private line service
access through E1.

Enterprise IP PBX access No IP addresses need to be planned because the OLT and ONUs provide Layer 2
transparent channels.

Enterprise PRA PBX access ONUs convert PRA voice signals to H.248 or SIP voice signals. Therefore, the following IP
addresses need to be planned:
Media IP address
Signaling IP address
Default gateway IP address

Enterprise E1/T1 unified IP addresses are planned as follows:


access
On OLTs, source IP addresses of SAToP connections must be planned for E1 boards.
Enterprise E1/T1 unified On ONUs, source IP addresses of SAToP connections must be planned for E1 boards.
access (OLT Cascading)
These IP addresses are valid only between OLTs and ONUs and therefore can be planned
as private IP addresses.

1.4.2.2 Principle of VLAN Data Plan


Principle of VLAN Data Plan

VLAN planning for the enterprise access service covers planning of VLANs and VLAN translation policies in
different networking scenarios.

VLAN and VLAN Translation Policy

Scenario VLAN Planning VLAN Translation

ONU OLT

2024-09-17 329
MA5800 Product Documentation

Scenario VLAN Planning VLAN Translation

ONU OLT

Layer 2 ONUs and the OLT must use single VLAN tags. The same C-VLAN is The OLT allocates a
interoperation planned for different global S-VLAN to each
between different Service flows of the same enterprise have the enterprise: C-VLAN<-
branches of an
enterprise same VLAN on the OLT. >S-VLAN.
enterprise.
branches Service flows of the same enterprise can have NOTICE:
Different C-VLANs are
different VLANs on ONUs but the VLANs must
planned for different Packets must be
be translated to the same VLAN on the OLT.
enterprises. forwarded based
on VLAN+MAC at
Layer 2 instead of
S-VLAN+C-VLAN.

Enterprises DDN Use a reserved C-VLAN (starts from 4000). N/A N/A
private line access NOTICE:

A reserved C-VLAN cannot be used for


Ethernet services on ONUs.

Enterprise IP PBX Single VLAN tag: ONUs and the OLT use single Different user VLANs are The OLT transparently
access VLAN tags. Service packets are forwarded planned for different transmits the packets
based on single VLAN tags after being services (service packets with C-VLANs from
transmitted from the OLT upstream to the with different ONUs.
metro network. In this way, a large number of destination addresses or
VLANs for the metro network will be paths) of the IP PBX.
occupied if there are many OLTs.
User VLANs of packets
sent from the IP PBX are
translated to a specified
C-VLAN based on service
types.

(Recommended) Double VLAN tags: Each OLT Different user VLANs are The OLT adds an S-
uses double VLAN tags, an outer VLAN tag (S- planned for different VLAN tag: C-VLAN<->S-
VLAN) and inner VLAN tag (C-VLAN). S– services (service packets VLAN+C-VLAN.
VLANs are the same but C–VLANs are with different
different. In this way, the number of VLANs destination addresses or
required for the metro network is paths) of the IP PBX.
significantly reduced.
User VLANs of packets
sent from the IP PBX are
translated to a specified
C-VLAN based on service
types.

Enterprise PRA (Recommended) Single VLAN tag ONUs access the PRA The OLT transparently
PBX access PBX through E1, provide transmits packets.
the VoIP PRA service,
and use the same C-
VLAN.

Double VLAN tags ONUs access the PRA The OLT adds an S-
PBX through E1, provide VLAN tag: C-VLAN<->S-
the VoIP PRA service, VLAN+C-VLAN.
and use the same C-
VLAN.

Enterprise E1/T1 Plan a global VLAN on the OLT and ONUs, N/A N/A
unified access which cannot conflict with other service

2024-09-17 330
MA5800 Product Documentation

Scenario VLAN Planning VLAN Translation

ONU OLT

Enterprise E1/T1 VLANs.


unified access (OLT
Cascading)

1.4.2.3 Principle of QoS Data Plan


Principle of QoS Data Plan

QoS planning for the enterprise access service is end-to-end. QoS policies include traffic classification, marking and
scheduling, traffic monitoring, and DBA policies. QoS policies for different scenarios are different. This topic
provides QoS policies in the following scenarios.

Layer 2 interoperation Between Different Enterprise Branches

Parameter Value

Traffic classification, 802.1p priority 4


marking, and scheduling
policies Queue PQ
scheduling
mode

OLT queue ID 4
(eight queues)

Traffic monitoring OLT T-CONT (only An independent T-CONT is used.


and DBA policies for GPON)

DBA Type Type 3 ("Assured bandwidth+maximum bandwidth" DBA profile. This


type of DBA not only ensures a fixed bandwidth for users but also enables
users to preempt a certain amount of bandwidth, but the total bandwidth
cannot exceed the maximum bandwidth.)

DBA bandwidth Plan the bandwidth according to users' requirements.

Downstream Configure the profile according to users' bandwidth requirements.


traffic profile

ONU Upstream port Rates of upstream ports are not limited.


rate limit

Downstream Rates of downstream ports are not limited.


port rate limit

Enterprise DDN Private Line Access


In this scenario, ONUs access services from the DDN through E1 lines. Therefore, the QoS policies are mainly
planned for traffic on PON lines.
Parameter Value Remarks

T-CONT It is recommended that the number of It is recommended that all E1 lines of the same ONU use the

2024-09-17 331
MA5800 Product Documentation

Parameter Value Remarks

T-CONTs do not exceed 3. The T-CONT same T-CONT.


ID ranges from 1 to 3.

DBA type Fixed bandwidth and minimum delay The DBA must be configured properly to achieve low delay, low
jitter, and zero packet loss so that the quality of the DDN private
line service can be ensured.

DBA Nx7232 kbit/s is recommended. (N is It is recommended that the T-CONT ID be 1, 2, or 3 and all E1
bandwidth the number of E1 lines.) lines of the same ONU use the same T-CONT. This setting can
leverage bandwidth resources. Each E1 line requires only 5440
kbit/s.

Enterprise PRA PBX Access

Parameter Value

Traffic classification, 802.1p priority 5


marking, and scheduling
policies Queue PQ
scheduling
mode

OLT queue ID 5
(eight queues)

Traffic monitoring OLT T-CONT (only All services share a T-CONT.


and DBA policies for GPON)

DBA type Type 3 ("Assured bandwidth+maximum bandwidth" DBA profile. This


type of DBA not only ensures a fixed bandwidth for users but also enables
users to preempt a certain amount of bandwidth, but the total bandwidth
cannot exceed the maximum bandwidth.)

DBA bandwidth DBA bandwidth is configured based on the bandwidth package selected by
the user.
The assured bandwidth is the maximum bandwidth required for
transmitting management packets and VoIP service packets. The
maximum bandwidth is equal to or higher than the maximum bandwidth
applied by the user.

Downstream Downstream traffic rate is not limited.


traffic profile

ONU Upstream port Set this parameter based on requirements.


rate limit

Downstream Set this parameter based on requirements.


port rate limit

Enterprise IP PBX Access

The QoS policies for this scenario are the same as those for the Layer 2 interoperation Between Different
Enterprise Branches scenario.

2024-09-17 332
MA5800 Product Documentation

Enterprise E1/T1 unified access

In this scenario, ONUs access services through E1/T1 lines. Therefore, the QoS policies are mainly planned for
traffic on PON lines.
Parameter Value Remarks

T-CONT It is recommended that the number of T- It is recommended that all E1 lines of the same ONU use the
CONTs do not exceed 3. The T-CONT ID same T-CONT.
ranges from 1 to 3.

DBA type Fixed bandwidth and minimum delay The DBA must be configured properly to achieve low delay,
low jitter, and zero packet loss so that the quality of the T1
base station access service can be ensured.

DBA E1 access: Nx8 Mbit/s is recommended. -


bandwidth (N is the number of E1 lines.)
T1 access: Nx6 Mbit/s is recommended.
(N is the number of E1 lines.)

Enterprise E1/T1 unified access (OLT Cascading)


The QoS policies for this scenario are the same as those for the Enterprise E1/T1 unified access scenario.

1.4.2.4 Principle of Protocol Transparent Transmission Data


Plan
Principle of Protocol Transparent Transmission Data Plan

The enterprise access service involves transparent transmission of protocol packets. Different equipment
configurations are required for transparently transmitting different protocol packets.

Configurations for Protocol Transparent Transmission

Protocol Type Protocol Description Configuration (remarks 1)

BPDU STP, MSTP, RSTP, IS-IS The function of transparently transmitting


BPDU packets must be enabled.
Configuration example:
huawei(config)#vlan service-profile profile-id 1
huawei(config-vlan-srvprof-1)#bpdu tunnel
enable

ETH OAM IEEE 802.1ag No configuration is required because packets


are transparently transmitted by hardware.

Broadcast ARP No configuration is required because packets


are transparently transmitted by hardware.

Layer 2/Layer NTP, BGP, LDP, RSVP, IGMP, PIM No configuration is required because packets
3 protocol are transparently transmitted by hardware.

OSPF The function of transparently transmitting OSPF


packets must be enabled.

2024-09-17 333
MA5800 Product Documentation

Protocol Type Protocol Description Configuration (remarks 1)

Configuration example:
huawei(config)#vlan service-profile profile-id 1
huawei(config-vlan-srvprof-1)#ospf tunnel
enable

RIP The function of transparently transmitting RIP


packets must be enabled.
Configuration example:
huawei(config)#vlan service-profile profile-id 1
huawei(config-vlan-srvprof-1)#rip tunnel enable

VTP/CDP VTP/CDP protocol is a proprietary protocol of other The function of transparently transmitting
vendors. It is used to discover neighbors and VTP/CDP packets must be enabled.
establish neighbor relationship. Configuration example:
huawei(config)#vlan service-profile profile-id 1
huawei(config-vlan-srvprof-1)#vtp-cdp tunnel
enable

Unknown Planned by carriers for special purposes The function of transparently transmitting
multicast unknown multicast packets must be enabled.
Configuration example:
huawei(config)#multicast-unknown policy
service-port 1 transparent

Remarks 1: The configurations take effect only after the configured VLAN service profile is bound to a VLAN.
Command: vlan bind service-profile vlan-id profile-id

1.4.2.5 Principle of Security Data Plan


Principle of Security Data Plan

Security planning covers planning of system security, user security, and service security data. An appropriate
security plan ensures normal running of services.

 The device provides complete security measures, but not all security measures need to be deployed. Only the security
measures that meet the following requirements need to be deployed:

 The security measures can be used on the live network.


 The security measures are easy to deploy.
 The security measures are effective.

 Different ONUs support different security features. Select the security feature recommended in this topic according to
actual ONU capabilities.

System Security

Security Solution Description and Usage Suggestion


Vulnerability

DoS attack Enable the anti-DoS- After the anti-DoS-attack function is enabled, control packets are
attack function for OLT monitored and those exceeding the number threshold are discarded.
and MDU. Use this solution for new site deployment.

2024-09-17 334
MA5800 Product Documentation

Security Solution Description and Usage Suggestion


Vulnerability

IP attack Enable the anti-IP- After the anti-IP-attack function is enabled, a device discards the IP packets
attack function for OLT received from the user side whose destination IP address is the IP address
and MDU. of the device, and therefore the system is protected.
Use this solution for new site deployment.

User Security

Security Solution Description and Usage Suggestion


Vulnerability

MAC spoofing Enable the anti- After anti-MAC-duplicate is enabled, the system records the first MAC address
MAC-duplicate learned from the port and binds the MAC address to the port and VLAN. If
function for OLT receiving packets sent from the host that has the same MAC address with the port,
and MDU. the system discards the packets directly. In this case, it can prevent users from
forging MAC addresses to perform malicious attacks.
Use this solution for new site deployment.

MAC attack Enable the anti- After anti-MAC spoofing is enabled, the system can prevent users from forging IP
MAC spoofing addresses to perform malicious attacks.
function for OLT Use this solution for new site deployment.
and MDU.

IP spoofing Enable the anti-IP After anti-IP spoofing is enabled, the system can prevent users from forging IP
spoofing function addresses to perform malicious attacks.
for MDU. Use this solution for new site deployment.

1.4.2.6 Principle of Reliability Data Plan


Principle of Reliability Data Plan

Reliability planning covers planning of equipment reliability and upstream/downstream networking protection.
Reliability planning helps to achieve high reliability of private line services.

Equipment Reliability

Protection Description Suggestion


Scheme

Main control The system uses two main control boards of the same model and version. The two Mandatory
board 1+1 main control boards work in the active/standby mode by default. When the active main
protection control board fails, the system switches to the standby main control board to prevent
service interruption.

Power board 1+1 A subrack is configured with two power boards of the same model and version, which Mandatory
protection back up each other. When one of the power boards fails, the other power board can still
provide power supply to the device and so the system can still work properly.

Upstream Networking Protection

Protection Description Suggestion


Scheme

2024-09-17 335
MA5800 Product Documentation

Protection Description Suggestion


Scheme

Link Multiple Ethernet ports are bound together as an aggregation group to N/A
aggregation increase the bandwidth and balance the inbound and outbound load of
group each member port. In addition, the ports in an aggregation group back up
each other, which enhances the reliability of links.

Protection A protection group of upstream ports contains a working port and a When the main control
group protection port. In normal state, the working port carries services and the board is used to transmit
(Ethernet) protection port does not. When the link at the working port is faulty, the traffic upstream, this
system automatically switches services from the working port to the protection scheme is
protection port to ensure normal service transmission and protect the mandatory.
uplink.

Link aggregation group and Ethernet protection group usually are not configured at the same time. You are advised to
configure only one of the two protection schemes.

Downstream Networking Protection

Protection Description Suggestion


Scheme

xPON Type B Two PON ports on the same OLT back up each other. When one of It provides port-level protection
single the PON ports fails, the system automatically switches to the other and has a low cost. The inter-board
homing PON port. This protection scheme provides port-level protection protection mode is recommended.
with low costs. It protects services against fiber failure at the
working port.

GPON Type C Two PON ports on the same OLT, two PON ports on an ONU, two It provides link-level protection.
single backbone optical fibers, two optical splitters, and two tributary
homing optical fibers are configured to provide link-level protection.

GPON Type C Two PON ports on different OLTs, two PON ports on an ONU, two It provides full backup protection,
dual homing backbone optical fibers, two optical splitters, and two tributary which is the highest level of
optical fibers are configured to implement this protection. The protection, at the same time, it has
difference between this protection scheme and the GPON Type C the highest cost.
single homing protection scheme is that the ONU needs to be dual This protection scheme can be
homed to two OLTs in this protection scheme. This full-backup configured for only the Ethernet
protection scheme provides the highest-level protection for links QinQ private line service. It does
and has the highest costs. not support TDM services, including
Native TDM and SAToP.

The Type B single homing protection scheme, Type C single homing scheme, and Type C dual homing protection scheme are
mutually exclusive. Therefore, only one of these protection schemes can be configured for an ONU.

1.4.3 Configuring Layer 2 Interoperation Service Between


Enterprise Branches (GPON)
Configuring Layer 2 Interoperation Service Between Enterprise Branches (GPON)

Different branches of an enterprise can achieve Layer 2 interoperation through ONUs. Then, different branches can
transmit service traffic to each other just like in the same LAN, which can improve coordination work efficiency.

2024-09-17 336
MA5800 Product Documentation

Service Requirement and Application Scenario

Configuration Process

Adding ONUs to OLT

This topic describes how to add ONUs to the OLT. ONUs can be configured only after they are added to the OLT
successfully.

Configuring Management Service Ports on OLT and ONUs

This topic describes how to configure management service ports (also called service flows) on the OLT and ONUs. After the
connections between the inband management service ports on the OLT and ONUs are reachable, you can log in to the
ONUs on the OLT and configure the ONUs.

Configuring Layer 2 Interoperation Service Ports on OLT

This topic describes how to configure service ports on the OLT for Layer 2 interoperation so that data packets sent from
different ONUs can be forwarded based on the same VLAN at Layer 2.

Configuring Ethernet Access Service Ports on ONUs

This topic describes how to configure service ports on ONUs and configure upstream VLANs to make the ONU-to-user
connection reachable and create ONU-to-OLT upstream data channels.

Configuring Congestion Control and Security Policies

This topic describes how to configure global priority-based scheduling policies for queues to ensure service reliability and
configure global security policies to ensure service security.

Configuring E2E Reliability

This topic describes how to configure end-to-end (E2E) protection schemes for the enterprise private line service which
has a high requirement on service reliability.

Verifying Services

This topic describes how to verify the Layer 2 interoperation service by checking the service configurations, service port
status, and connectivity between PCs in different branches of an enterprise.

1.4.3.1 Service Requirement and Application Scenario


Service Requirement and Application Scenario

Service Requirement

An enterprise that has multiple branches requires intercommunication between different branches or between its
headquarter and branches. Virtual private network (VPN) can achieve secure interconnection but requires
additional devices and complex management. It requires high costs even if a leased VPN is used. In addition, the

2024-09-17 337
MA5800 Product Documentation

bandwidth provided by a VPN is limited due to restricted VPN access modes and the bandwidth control is
inflexible.
To address the preceding problems, the Layer 2 interoperation technology using fiber access is put forward and
becomes the main trend.

Application Scenario

As shown in Figure 1, ONUs are deployed in branches of an enterprise. The ONUs access and converge Ethernet
services of the enterprise through FE/GE ports and transmit the services to the OLT. The OLT implements Layer 2
interoperation between different branches of the enterprise.

Figure 1 Network diagram for Layer 2 interoperation between enterprise branches

Note: Because the bandwidth of upstream and downstream PON ports is fixed, the number of enterprises
connected to an OLT is limited when the enterprises require symmetric bandwidth. When an enterprise requires
100 Mbit/s symmetric bandwidth:

1. The number of enterprises or branches connected to a PON port should not exceed eight.

2. The number of enterprises or branches connected to a PON board should not exceed 64.

3. The number of enterprises connected to an OLT cannot exceed 200 (20G/100M) if the upstream bandwidth
is 2x10GE. (The number of enterprises connected to an OLT is mainly restricted by the upstream
bandwidth.)

2024-09-17 338
MA5800 Product Documentation

1.4.3.2 Configuration Process


Configuration Process

The following figure shows the configuration process for Layer 2 interoperation between branches of an
enterprise.

An OLT can connect to multiple ONUs (for enterprise branches). Configurations for different ONUs are similar. Therefore, this
document uses two ONUs (ONU1 and ONU2) as example to describe how to configure Layer 2 interoperation.

1.4.3.3 Adding ONUs to OLT


Adding ONUs to OLT

This topic describes how to add ONUs to the OLT. ONUs can be configured only after they are added to the OLT
successfully.

Context

 When adding ONUs, you need to bind related profiles to the ONUs, including the DBA profile, line profile, and
alarm profile. For the functions of each profile and how to configure profiles, see Table 1.

2024-09-17 339
MA5800 Product Documentation

Table 1 ONU profile

Profile Function Command


Type

DBA Describes GPON traffic parameters. A T-CONT is bound to a DBA profile for Query: display dba-
profile dynamic bandwidth allocation, improving upstream bandwidth utilization. profile
Add: dba-profile add

Line Describes the binding relationship between T-CONTs and DBA profiles, QoS mode Query: display ont-
profile of service flows, and mapping between GEM ports and services on ONUs. lineprofile
Add: ont-lineprofile
add

Alarm Provides a series of alarm threshold parameters that are used for performance Query: display gpon
profile measurement and monitoring of activated ONU lines. alarm-profile
Add: gpon alarm-
profile add

 An ONU can be added in two modes. Select either mode as required.


Mode Application Scenario Command

Offline addition The password or serial Run the ont add command to add the ONU.
number of an ONU has been
obtained.

Online The password and serial Run the port ont-auto-find command in the GPON mode to enable
confirmation number of an ONU are the automatic discovery function for the GPON port and run the ont
unknown. confirm command to add the ONU.

Data Planning

Table 2 Key data plan

Configuration Item Data

DBA profile Profile ID: 20


Profile type: Type 3
Assured bandwidth: 100 Mbit/s
Maximum bandwidth: 120 Mbit/s

Line profile Profile ID: 10


T-CONT ID: 4
GEM port ID for management service: 11
GEM port ID for Layer 2 interoperation service: 12

Networking data For example, add two ONUs (ONU 1 and ONU 2) for carrying services of different branches.
ONU 1 is connected to PON port 0/3/1.
ONU 2 is connected to PON port 0/4/1.

Procedure

1. Configure GPON ONU profiles.

2024-09-17 340
MA5800 Product Documentation

a. Configure a DBA profile.

huawei(config)#dba-profile add profile-id 20 type3 assure 102400 max 122880

b. Configure an ONU line profile.

i. Create GPON ONU line profile 10.

huawei(config)#ont-lineprofile gpon profile-id 10

Create a line profile according to the data plan. The ID of the line profile to be created cannot conflict
with existing profile IDs in the system. In this example, the ID of the line profile is 10.

ii. In the line profile configuration mode, bind T-CONT 4 to DBA profile 20.

huawei(config-gpon-lineprofile-10)#tcont 4 dba-profile-id 20

iii. In the line profile configuration mode, bind GEM ports to T-CONTs.

 Add GEM port 11 for carrying the management service flow.

 Add GEM port 12 for carrying the Layer 2 interoperation service flow.

Both GEM port 11 and GEM port 12 are bound to T-CONT 4. During configuration, set QoS
policies for each service flow. For details on QoS data planning, see Principle of QoS Data Plan .

huawei(config-gpon-lineprofile-10)#gem add 11 eth tcont 4 cascade on


huawei(config-gpon-lineprofile-10)#gem add 12 eth tcont 4 cascade on

iv. Configure mapping between GEM ports and ONU-side services.


Set the mapping mode to VLAN mode (the default mode). Map the management service flow
(C-VLAN 8) to GEM port 11, and map Layer 2 interoperation service flow (C-VLAN 300) to GEM
port 12.

huawei(config-gpon-lineprofile-10)#gem mapping 11 0 vlan 8


huawei(config-gpon-lineprofile-10)#gem mapping 12 1 vlan 300

v. After the configuration is completed, run the commit command to make the configured
parameters take effect.

huawei(config-gpon-lineprofile-10)#commit
huawei(config-gpon-lineprofile-10)#quit

c. (Optional) Configure an alarm profile.

 The default GPON alarm profile ID is 1. The value of each alarm threshold is 0 which indicates
that alarms are not reported.

 In this example, the default alarm profile is used and no configuration is required.

2. Add ONUs to the OLT.

a. Add ONU 1 and ONU2 in offline mode.

2024-09-17 341
MA5800 Product Documentation

Connect ONU 1 and ONU 2 to GPON ports 0/3/1 and 0/4/1 respectively through an optical splitter.
The serial numbers of the two ONUs are 3230313163902641 and 32303131B39FD642 respectively,
and the management mode is SNMP. Both the ONUs are bound to line profile 10.

huawei(config)#interface gpon 0/3


huawei(config-if-gpon-0/3)#ont add 1 ontid 1 sn-auth 3230313163902641

snmp ont-lineprofile-id 10

huawei(config-if-gpon-0/3)#quit
huawei(config)#interface gpon 0/4
huawei(config-if-gpon-0/4)#ont add 1 ontid 2 sn-auth 32303131B39FD642

snmp ont-lineprofile-id 10

b. (Optional) Bind an alarm profile.


By default, an ONU will be automatically bound to alarm profile 1 (default profile). You need to
manually bind an alarm profile to an ONU only when the default alarm profile does not meet
requirements.
In this example, the default alarm profile is used. Therefore, you do not need to manually bind an
alarm profile.

3. Confirm the ONU status.


After adding an ONU, run the display ont info command to query the current status of the ONU. Ensure that
Control flag is active, Run State is online, and Config state is normal.

The following uses ONU 1 as an example to describe how to confirm ONU status.

huawei(config-if-gpon-0/3)#display ont info 1 1


---------------------------------------------------------------------
F/S/P : 0/3/1
ONT-ID :1
Control flag : active //Indicates that the ONU is activated.
Run state : online //Indicates that the ONU is online.
Config state : normal //Indicates that the ONU is in normal state.
...//Other command output is omitted.
huawei(config-if-gpon-0/3)#quit

Follow-up Procedure

When Config state is failed, Run state is offline, or Match state is mismatch:

 If Control flag is deactivated, run the ont activate command in GPON mode to activate the ONU.

 If Run state is offline, a physical line may be broken or the optical module may be damaged. Check the line
and the optical module.

 If Config state is failed, the configured ONU capability exceeds the actual ONU capability. In this case, run the
display ont failed-configuration command in the diagnose mode to check the failed configuration item and
the failure cause. Then, rectify the fault accordingly.

2024-09-17 342
MA5800 Product Documentation

1.4.3.4 Configuring Management Service Ports on OLT and


ONUs
Configuring Management Service Ports on OLT and ONUs

This topic describes how to configure management service ports (also called service flows) on the OLT and ONUs.
After the connections between the inband management service ports on the OLT and ONUs are reachable, you can
log in to the ONUs on the OLT and configure the ONUs.

Data Plan

Configuration Item Data

Management VLAN and management IP address for OLT Management VLAN ID: 8
Management VLAN type: smart
Inband management IP address: 192.168.50.1/24

Management VLAN and management IP address for ONU Management VLAN ID: 8
Management VLAN type: smart
Inband management IP address for ONU 1: 192.168.50.2/24
Inband management IP address for ONU 2: 192.168.50.3/24

To log in to and configure an ONU remotely on the OLT, the management VLAN of the OLT must be the same as that of the ONU,
and the management IP address of the OLT and that of the ONU must be in the same network segment.

Procedure

1. Configure the inband management VLAN and IP address of the OLT.


Set the inband management VLAN to 8, VLAN priority to 6, and IP address to 192.168.50.1/24.

huawei(config)#vlan 8 smart
huawei(config)#port vlan 8 0/9 0
huawei(config)#vlan priority 8 6
huawei(config)#interface vlanif 8
huawei(config-if-vlanif8)#ip address 192.168.50.1 24
huawei(config-if-vlanif8)#quit

2. Configure the inband management VLAN and IP address of the ONU.


Set the static IP address to 192.168.50.2/24 for ONU1, 192.168.50.3/24 for ONU2, the gateway IP address to
192.168.50.1, and management VLAN to 8 (which is the same as that of the OLT).

huawei(config)#interface gpon 0/3


huawei(config-if-gpon-0/3)#ont ipconfig 1 1 static ip-address 192.168.50.2 mask 255.255.255.0 gateway

192.168.50.1 vlan 8

huawei(config-if-gpon-0/3)#quit
huawei(config)#interface gpon 0/4
huawei(config-if-gpon-0/4)#ont ipconfig 1 2 static ip-address 192.168.50.3 mask 255.255.255.0 gateway

2024-09-17 343
MA5800 Product Documentation

192.168.50.1 vlan 8

huawei(config-if-gpon-0/4)#quit

3. Configure an inband management service port.


Set the management VLAN to 8, GEM port ID to 11, and user VLAN to 8. The OLT does not rate limit the
inband management service port. Therefore, directly use the default traffic profile 6.

huawei(config)#service-port vlan 8 gpon 0/3/1 ont 1 gemport 11 multi-service

user-vlan 8 rx-cttr 6 tx-cttr 6

huawei(config)#service-port vlan 8 gpon 0/4/1 ont 2 gemport 11 multi-service

user-vlan 8 rx-cttr 6 tx-cttr 6

4. Confirm that the connections between the management service ports on the OLT and ONUs are reachable.

 Run the ping ONU ip command on the OLT to verify the connectivity between the OLT and ONUs. If the
OLT receives ICMP ECHO-REPLY packets from the ONUs, the connection is reachable.

 When the connection is reachable, you can remotely log in to the ONU from the OLT and configure the
ONUs.

1.4.3.5 Configuring Layer 2 Interoperation Service Ports on


OLT
Configuring Layer 2 Interoperation Service Ports on OLT

This topic describes how to configure service ports on the OLT for Layer 2 interoperation so that data packets sent
from different ONUs can be forwarded based on the same VLAN at Layer 2.

Prerequisites

The ARP proxy function is disabled using the arp proxy disable command. (The Layer 2 interoperation function
and ARP proxy function are mutually exclusive.)

Data Plan

Configuration Item Data

Layer 2 interoperation S-VLAN OLT VLAN ID (the OLT transparently transmits VLANs of ONU): 300
VLAN forwarding mode: vlan-mac (default)
ONU VLAN ID: 300
Service flow ID: 301

Traffic profile Profile ID: 10


Assured bandwidth: 100 Mbit/s
Priority source: user-cos
Default priority: 4

For detailed data planning, see Principle of VLAN Data Plan .

2024-09-17 344
MA5800 Product Documentation

Procedure
1. Configure an S-VLAN and add an upstream port to it.
Set the S-VLAN ID of the Layer 2 interoperation service to 300, VLAN type to smart VLAN, and add upstream
port 0/9/0 to the VLAN.

huawei(config)#vlan 300 smart


huawei(config)#port vlan 300 0/9 0

2. Configure a traffic profile.


Add a new traffic profile 10 and set the assured rate to 100 Mbit/s. Packets transmitted upstream use the
priority (4 by default) copied from the user side. Packets transmitted downstream use the priority carried
by themselves.

huawei(config)#traffic table ip index 10 cir 102400 priority user-cos 4 priority-policy tag-in-package

3. Configure a service port to receive and transparently transmit the Layer 2 interoperation service that is sent
from ONU 1 and ONU 2.
Set the service attributes based on the data plan:

 For the OLT, set the S-VLAN ID to 300, C-VLAN ID to 300 which is the same as the upstream VLAN ID of
the ONU, and GEM port ID to 12 for the Layer 2 interoperation service.

 For ONUs, set the upstream VLAN ID to 300.

huawei(config)#service-port 301 vlan 300 gpon 0/3/1 ont 1 gemport 12 multi-service

user-vlan 300 rx-cttr 10 tx-cttr 10

huawei(config)#service-port 302 vlan 300 gpon 0/4/1 ont 2 gemport 12 multi-service

user-vlan 300 rx-cttr 10 tx-cttr 10

4. Configure attributes for protocol transparent transmission.


Create a VLAN service profile, enable the VLAN Layer 2 interoperation function, and configure attributes for
protocol transparent transmission. Then, bind the profile to VLAN 300. For details on data planning for
protocol transparent transmission, see Principle of Protocol Transparent Transmission Data Plan .

huawei(config)#vlan service-profile profile-id 1


huawei(config-vlan-srvprof-1)#user-bridging enable //Mandatory
huawei(config-vlan-srvprof-1)#bpdu tunnel enable
huawei(config-vlan-srvprof-1)#ospf tunnel enable
huawei(config-vlan-srvprof-1)#rip tunnel enable
huawei(config-vlan-srvprof-1)#vtp-cdp tunnel enable
huawei(config-vlan-srvprof-1)#commit
huawei(config-vlan-srvprof-1)#quit
huawei(config)#multicast-unknown policy service-port 301 transparent
huawei(config)#multicast-unknown policy service-port 302 transparent
huawei(config)#vlan bind service-profile 300 profile-id 1

2024-09-17 345
MA5800 Product Documentation

1.4.3.6 Configuring Ethernet Access Service Ports on ONUs


Configuring Ethernet Access Service Ports on ONUs

This topic describes how to configure service ports on ONUs and configure upstream VLANs to make the ONU-to-
user connection reachable and create ONU-to-OLT upstream data channels.

Data Planning

Configuration Item Data

Port Upstream port: 0/0/1


Service port: 0/3/1

SVLAN VLAN ID: 300


VLAN type: smart
VLAN attribute: common

Traffic profile Profile ID: 8


Assured rate: no rate limit
Priority source: user-cos
Default priority: 4

Data plans for ONU1 and ONU 2 are the same. This topic uses one ONU as an example to describe how to configure the ONU.

Procedure

1. Remotely log in to an ONU to configure the ONU.


You can remote log in to the ONU from the OLT to perform the configuration.

2. Create an SVLAN and add an upstream port to the VLAN.

huawei(config)#vlan 300 smart


huawei(config)#port vlan 300 0/0 1

3. Configure a traffic profile.


Configure traffic profile 8. The upstream and downstream rates are not limited. Packets transmitted
upstream use the priority (4 by default) copied from the user side. Packets transmitted downstream use the
priority carried by themselves.

huawei(config)#traffic table ip index 8 cir off priority user-cos 4 priority-policy tag-in-package

4. Add a service port.


Add service port 301 and bind it to port 0/3/1. Set the user VLAN to untagged and bind it to traffic profile 8.

huawei(config)#service-port 301 vlan 300 eth 0/3/1 multi-service user-vlan

untagged rx-cttr 8 tx-cttr 8

2024-09-17 346
MA5800 Product Documentation

Packets sent from the user side (enterprise branches) may be transmitted upstream with a VLAN tag. In this case,
change untagged to the VLAN tag when configuring a service port.

1.4.3.7 Configuring Congestion Control and Security Policies


Configuring Congestion Control and Security Policies

This topic describes how to configure global priority-based scheduling policies for queues to ensure service
reliability and configure global security policies to ensure service security.

Context
Congestion control uses queue scheduling technology to map packets sent from the same port into multiple queues
and process packets in each queue based on priority. Congestion control is recommended.

Security policies cover system security, user security, and service security, which ensure normal running of
services.

Enable security features based on service types. For details, see Principle of Security Data Plan .

Procedure

 Configure queue scheduling.


Based on Principle of QoS Data Plan , all packets use strict priorities for queue scheduling and are mapped to
queues based on priorities.

huawei(config)#queue-scheduler strict-priority
huawei(config)#cos-queue-map cos0 0 cos1 1 cos2 2 cos3 3 cos4 4 cos5 5 cos6 6 cos7 7 //System default

 Configure system security.

 Enable deny of service (DoS) anti-attack on both the OLT and ONUs.

1. Run the security anti-dos enable command to globally enable DoS anti-attack.

2. Run the security anti-dos control-packet policy command to configure a protocol packet
processing policy that will be used when a DoS attack occurs.

3. Run the security anti-dos control-packet rate command to configure the threshold for the rate
of sending protocol packets to the CPU.

 Enable IP address anti-attack on both the OLT and ONUs.


Run the security anti-ipattack enable command to enable IP address anti-attack.

 Configure user security.

 Enable MAC address anti-flapping on both the OLT and ONUs.


Run the security anti-macduplicate enable command to enable MAC address anti-flapping.

 Enable MAC address anti-spoofing on both the OLT and ONUs.

2024-09-17 347
MA5800 Product Documentation

1. In global config mode, run the security anti-macspoofing enable command to globally enable
MAC address anti-spoofing.

2. Enable MAC address anti-spoofing at VLAN level in global config mode or service profile mode:

a. In global config mode, run the security anti-macspoofing vlan command to enable MAC
address anti-spoofing.

b. Perform the following operations to enable MAC address anti-spoofing in service profile
mode:

i. In global config mode, run the vlan service-profile command to create a VLAN
service profile.

ii. Run the security anti-macspoofing enable command to enable MAC address anti-
spoofing at VLAN level.

iii. Run the commit command to make the profile configuration take effect.

iv. Run the quit command to quit the VLAN service profile mode.

v. Run the vlan bind service-profile command to bind the created VLAN service
profile to a VLAN.

3. (Optional) Run the security anti-macspoofing max-mac-count command to set the maximum
number of MAC addresses that can be bound to a service flow.

4. (Optional) Run the security anti-macspoofing exclude command to configure the types of
packets for which MAC address anti-spoofing does not take effect, such as Internet Group
Management Protocol (IGMP) packets.

 Enable IP address anti-spoofing on ONUs.

IP address anti-spoofing can be enabled or disabled at three levels: global, VLAN, and service port levels.
This function takes effect only after it is enabled at the three levels. Among the three levels, IP address
anti-spoofing is disabled only at the global level by default.

1. In global config mode, run the security anti-ipspoofing enable command to enable IP address
anti-spoofing at the global level.

2. In VLAN service profile mode, run the security anti-ipspoofing enable command to enable IP
address anti-spoofing at the VLAN level.

3. Run the security anti-ipspoofing service-port serviceport-id enable command to enable IP


address anti-spoofing at the service port level.

1.4.3.8 Configuring E2E Reliability


Configuring E2E Reliability

This topic describes how to configure end-to-end (E2E) protection schemes for the enterprise private line service
which has a high requirement on service reliability.

2024-09-17 348
MA5800 Product Documentation

Context
Reliability covers equipment reliability, upstream networking protection, and downstream networking protection.
For details on reliability data planning, see Principle of Reliability Data Plan .

 Upstream networking protection includes link aggregation group and protection group.

 Downstream networking protection includes Type B, Type C single homing, and Type C dual homing, which
are used to protect service ports. Ports on the same ONU can be configured only with the same protection
scheme.

This topic describes how to configure five mainstream protection schemes. Select required protection schemes based on the
carrier's requirement and actual networking scenario.

Procedure

 Configure a link aggregation group.


Bind upstream ports 0/9/0 and 0/9/1 together as an aggregation link group. Each member port in the group
transmits packets based on source MAC addresses. The working mode is LACP static aggregation.

huawei(config)#link-aggregation 0/9 0-1 ingress workmode lacp-static

 Configure a protection group.


Configure upstream ports 0/9/0 and 0/9/1 on a board as a port protection group. Set port 0/9/0 as the
working port and port 0/9/1 as the protection port, set the working mode to time delay detection, and enable
the protection group.

huawei(config-protect)#protect-group first 0/9/0 second 0/9/1 eth workmode timedelay enable

 Configure the Type B protection.

Figure 1 shows the Type B protection networking diagram.

Figure 1 Type B protection

Configure redundancy backup for ports 0/3/1 and 0/3/2 on the same GPON board on OLT. When port 0/3/1
fails, the system can automatically switch to port 0/3/2.

huawei(config)#protect-group 0 protect-target gpon-uni-port workmode timedelay


huawei(protect-group-0)#protect-group member port 0/3/1 role work
huawei(protect-group-0)#protect-group member port 0/3/2 role protect

2024-09-17 349
MA5800 Product Documentation

huawei(protect-group-0)#protect-group enable

The configurations of services accessed by the ONUs remain the same after the Type B protection is configured. That is,
the service configurations are applied only to the working GPON port.

 Configure the Type C single homing protection.


Figure 2 shows networking diagram for the Type C single homing protection. Configure two 1:N optical
splitters, one for connecting the working PON ports on the OLT and ONUs, and one for connecting the
protection PON ports on the OLT and ONUs. This protection scheme protects both the backbone fibers and
tributary fibers.
The configurations of services accessed by the ONUs remain the same after the Type C single homing
protection is configured. That is, the service configurations are applied only to the working PON port on the
OLT and working upstream PON ports on the ONUs.

Figure 2 Type C single homing protection

As shown in the preceding figure, Type C single homing protecting is configured for optical fiber links
between the OLT and ONU.

 The ports on the GPON service board are 0/3/1 and 0/3/2.

 The link at port 0/3/1 is the working link.

 The link at port 0/3/2 is the protection link.

 The ONU ID is 1.

 The ONU is authenticated by serial number (SN). The SN of the ONU is 3230313163902641 and the
management mode is SNMP.

 The ID of the line profile bound to the ONU is 10.

huawei(config)#interface gpon 0/3


huawei(config-if-gpon-0/3)#ont add 1 1 sn-auth 3230313163902641 snmp ont-lineprofile-id 10
huawei(config-if-gpon-0/3)#ont add 2 1 protect-side
huawei(config-if-gpon-0/3)#quit
huawei(config)#protect-group protect-target gpon-uni-ont workmode portstate
huawei(protect-group-1)#protect-group member port 0/3/1 ont 1 role work
huawei(protect-group-1)#protect-group member port 0/3/2 ont 1 role protect
huawei(protect-group-1)#protect-group enable

2024-09-17 350
MA5800 Product Documentation

huawei(protect-group-1)#quit

 Configure the Type C dual homing protection.


Figure 3 shows the networking diagram for the Type C dual homing protection. Two PON ports on different
OLTs, two PON ports on an ONU, two backbone optical fibers, two optical splitters, and two tributary optical
fibers are configured to implement this protection. The difference between this protection scheme and the
Type C single homing protection scheme is that the ONU needs to be dual homed to two OLTs in this
protection scheme.
The models and versions of main control boards on the active and standby OLTs must be the same. The
models and versions of GPON boards on the active and standby OLTs also must be the same. Data on the
active OLT cannot be automatically synchronized with that on the standby OLT. Therefore, data
synchronization between the active and standby OLTs must be manually ensured.
This protection scheme can be configured for only the Ethernet QinQ private line service. It does not support
TDM services, including Native TDM and SAToP.

Figure 3 Type C dual homing protection

As shown in the preceding figure, Type C dual homing protection is configured for two OLTs (huawei_A and
huawei_B).

 huawei_A is the active OLT while huawei_B is the standby OLT.

 The ports on the service boards on both OTLs are 0/3/1.

 The dual homing protection group ID is 1.

 The ONU ID is 1.

 The ONU is authenticated by serial number (SN). The SN of the ONU is 3230313163902641 and the
management mode is SNMP.

 The ID of the line profile bound to the ONU is 10.

Configurations on the active OLT huawei_A:


huawei_A(config)#interface gpon 0/3
huawei_A(config-if-gpon-0/3)#ont add 1 1 sn-auth 3230313163902641 snmp ont-lineprofile-id 10
huawei_A(config-if-gpon-0/3)#quit
huawei_A(config)#protect-group 1 protect-target gpon-uni-ont workmode dual-parenting

2024-09-17 351
MA5800 Product Documentation

huawei_A(protect-group-1)#protect-group member port 0/3/1 ont 1 role work

Configurations on the standby OLT huawei_B:


huawei_B(config)#interface gpon 0/3
huawei_B(config-if-gpon-0/3)#ont add 1 1 sn-auth 3230313163902641 snmp ont-lineprofile-id 10
huawei_B(config-if-gpon-0/3)#quit
huawei_B(config)#protect-group 1 protect-target gpon-uni-ont workmode dual-parenting
huawei_B(protect-group-1)#protect-group member port 0/3/1 ont 1 role protect
huawei_B(protect-group-1)#protect-group enable

1.4.3.9 Verifying Services


Verifying Services

This topic describes how to verify the Layer 2 interoperation service by checking the service configurations,
service port status, and connectivity between PCs in different branches of an enterprise.

Prerequisites

PCs (with different MAC addresses) connected to different ONUs have been configured. Ensure that the IP
addresses of the PCs are in the same network segment or subnet segment.

Procedure

1. Check whether the VLAN configurations are correct.

huawei(config)#display vlan 300


{ <cr>|inner-vlan<K>|to<K> }:

Command:
display vlan 300
VLAN ID: 300
VLAN type: smart
VLAN attribute: common
VLAN description:
VLAN forwarding mode in control board: VLAN-MAC
VLAN forwarding mode: VLAN-MAC
VLAN broadcast packet forwarding policy: forward
VLAN unknown multicast packet forwarding policy: forward
VLAN unknown unicast packet forwarding policy: forward
VLAN bind service profile ID: 1
VLAN bind RAIO profile index: -
VLAN priority: -
Standard port number: 0
---------------------------------------------------------
INDEX TYPE STATE F/ S/ P VPI VCI FLOWTYPE FLOWPARA

2024-09-17 352
MA5800 Product Documentation

---------------------------------------------------------
10 gpon up 0/3 / 1 1 12 vlan 300
11 gpon up 0/3 / 1 2 12 vlan 300
---------------------------------------------------------
Service virtual port number: 2
Note: F--Frame, S--Slot, P--Port,
VPI indicates ONT ID for PON, VCI indicates GEM index for GPON,
v/e--vlan/encap, pri-tag--priority-tagged

huawei(config)#display vlan service-profile profile-id 1

Profile ID: 1
Profile Name: srvprof-1
---------------------------------------------------------------------
Parameter Committed Not Committed
---------------------------------------------------------------------
Forwarding mode NotConfig -
Anti-macspoofing NotConfig -
Anti-ipspoofing enable -
PPPoE MAC mode NotConfig -
BPDU tunnel enable -
RIP tunnel enable -
VTP-CDP tunnel enable -
DHCP mode n/a -
DHCP proxy enable -
DHCP option82 enable -
PITP enable -
Broadcast packet policy NotConfig -
Multicast packet policy NotConfig -
Unknown unicast packet policy NotConfig -
User-bridging enable -
IPoE VMAC NotConfig -
PPPoE VMAC NotConfig -
PPPoA VMAC NotConfig -
Mismatch IGMP packet policy discard -
VMAC aging mode MAC-learning -
OSPF tunnel enable -
Layer-3 protocol tunnel enable -
MAC-address learning fabric enable -
DHCPv6 mode n/a -
DHCPv6 option enable -
PPPoA MAC mode NotConfig -
Anti-IPv6spoofing enable -
IPv6 DAD proxy disable -

2024-09-17 353
MA5800 Product Documentation

Bind route and ND disable -


NS-reply function disable -
ARP-reply function disable -
DHCP relay-interface relay-agent NotConfig -
Multicast packet policy fabric forward -
---------------------------------------------------------------------
Binding VLAN list : 300
---------------------------------------------------------------------

2. Check whether the service port is normal.

huawei(config)#display service-port vlan 300


{ <cr>|autosense<K>|sort-by<K> }:

Command:
display service-port vlan 300
Switch-Oriented Flow List
----------------------------------------------------------------------------
INDEX VLAN VLAN PORT F/ S/ P VPI VCI FLOW FLOW RX TX STATE
ID ATTR TYPE TYPE PARA
----------------------------------------------------------------------------
10 300 common gpon 0/3 /1 1 12 vlan 300 - - up
11 300 common gpon 0/3 /1 2 12 vlan 300 - - up
----------------------------------------------------------------------------
Total : 2 (Up/Down : 2/0)

huawei(config)#display statistics service-port 10


Number of upstream bytes : 1044794
Number of upstream packets : 4522
Number of upstream discard packets : 200
Number of downstream bytes : 1351261
Number of downstream packets : 4677
Number of downstream discard packets : 0

3. Check the connectivity between the PCs.

a. Use the PCs to ping each other. If the PCs can ping each other successfully, the PCs are reachable to
each other.
For example, the IP addresses of PC1 and PC2 are 192.168.1.10 and 192.168.1.30 respectively. Ping
PC2 on PC1. The expected result is as follows:

2024-09-17 354
MA5800 Product Documentation

b. You can see one PC in My Network Places on the other PC and the two PCs can share data.

1.4.4 Configuring Enterprise DDN Private Line Access Service


(GPON)
Configuring Enterprise DDN Private Line Access Service (GPON)

Enterprise DDN private line service is converted to E1 signals. ONUs access the E1 signals and transmit them in
Native TDM mode.
Service Requirement and Application Scenario

Configuration Process

Adding ONUs to OLT

This topic describes how to add ONUs to the OLT. ONUs can be configured only after they are added to the OLT
successfully.

Configuring Management Service Ports on OLT and ONUs

This topic describes how to configure management service ports (also called service flows) on the OLT and ONUs. After the
connections between the inband management service ports on the OLT and ONUs are reachable, you can log in to the
ONUs on the OLT and configure the ONUs.

Configuring TDM Connections

This topic describes how to configure Native TDM connections between GPON ports and E1 upstream ports to transmit E1
private line service data.

Configuring Clock Synchronization

In this scenario, the E1 line clock can be used to achieve network-wide clock synchronization.

Verifying Services

This topic describes how to use the PDH/SDH tester to verify the private line access service.

2024-09-17 355
MA5800 Product Documentation

1.4.4.1 Service Requirement and Application Scenario


Service Requirement and Application Scenario

Service Requirement

The DDN private line service is widely used in financial departments, governments, and enterprises that require
highly real-time data switching. It provides a rate from 64 kbit/s to 2 Mbit/s. GPON access in OLT+ONU mode can
access the DDN private line service along with other data services and voice service. This access mode does not
require independent maintenance of the DDN network, simplifying network architecture.

Application Scenario

As shown in Figure 1, a protocol converter is deployed between an ONU and DDN node machine to convert DDN
private line services to E1 services. The ONU accesses the E1 services and encapsulates the service packets in TDM
over GEM mode and then transmits the packets to the OLT. The OLT decapsulates the service packets to E1 data
and transmits the data to the SDH network through upstream E1 ports, achieving transparent transmission of DDN
services.

Figure 1 Networking diagram of the DDN private line access service

1.4.4.2 Configuration Process


Configuration Process

The following figure shows the configuration process for the DDN private line access service.

2024-09-17 356
MA5800 Product Documentation

1.4.4.3 Adding ONUs to OLT


Adding ONUs to OLT

This topic describes how to add ONUs to the OLT. ONUs can be configured only after they are added to the OLT
successfully.

Context

 When adding ONUs, you need to bind related profiles to the ONUs, including the DBA profile, line profile, and
alarm profile.

 An ONU can be added in two modes: offline addition and online confirmation. Select either mode as required.

Data Plan

Table 1 Key data plan

Configuration Data
Item

DBA profile DBA profile for management service: dba-profile_1 (system default)
DBA profile for private line service:

2024-09-17 357
MA5800 Product Documentation

Table 1 Key data plan

Configuration Data
Item

Profile ID: 21
Profile type: Fixed bandwidth and minimum delay
DBA bandwidth: 28928 kbit/s (Each ONU accesses four E1 private lines and each line has a
recommended DBA bandwidth of 7232 kbit/s.)

Line profile Profile ID: 11


T-CONT ID: 1 (for private line service) and 2 (for management service)
GEM port ID for management service: 11
GEM port ID for DDN private line service: 13

Networking data PON port: 0/3/1


ONU parameters:
ONU ID: 1
SN: 3230313163902641

Procedure

1. Configure GPON ONU profiles.

a. Configure a DBA profile. Enable the bandwidth compensation function and set the DBA bandwidth
allocation mode for the GPON port to minimum bandwidth delay.

huawei(config)#dba-profile add profile-id 21 type1 fix 28928 bandwidth_compensate yes


huawei(config)#interface gpon 0/3
huawei(config-if-gpon-0/3)#port dba bandwidth-assignment-mode 1 min-loop-delay
huawei(config-if-gpon-0/3)#quit

b. Configure an ONU line profile.

huawei(config)#ont-lineprofile gpon profile-id 11


huawei(config-gpon-lineprofile-11)#tcont 1 dba-profile-id 21 //Bind T-CONT 1 to DBA profile 21
huawei(config-gpon-lineprofile-11)#tcont 2 dba-profile-id 1 //Bind T-CONT 2 to DBA profile 1
huawei(config-gpon-lineprofile-11)#gem add 11 eth tcont 2
huawei(config-gpon-lineprofile-11)#gem add 13 tdm tcont 1 //Add GEM port 13 to T-CONT 1.
huawei(config-gpon-lineprofile-11)#gem mapping 11 0 vlan 8
huawei(config-gpon-lineprofile-11)#gem mapping 13 1 e1 1 //Map GEM port 13 to E1 port 1 on the ONU.
huawei(config-gpon-lineprofile-11)#commit
huawei(config-gpon-lineprofile-11)#quit

c. (Optional) Configure an alarm profile.

 The default GPON alarm profile ID is 1. The value of each alarm threshold is 0 which indicates
that alarms are not reported.

 In this example, the default alarm profile is used and no configuration is required.

2024-09-17 358
MA5800 Product Documentation

2. Add ONUs to the OLT.

a. Add ONU 3 in offline mode.

huawei(config)#interface gpon 0/3


huawei(config-if-gpon-0/3)#ont add 1 ontid 1 sn-auth 3230313163902641

snmp ont-lineprofile-id 11
b. (Optional) Bind an alarm profile.
By default, an ONU will be automatically bound to alarm profile 1 (default profile). You need to
manually bind an alarm profile to an ONU only when the default alarm profile does not meet
requirements.
In this example, the default alarm profile is used. Therefore, you do not need to manually bind an
alarm profile.

3. Confirm the ONU status.


After adding an ONU, run the display ont info command to query the current status of the ONU. Ensure that
Control flag is active, Run State is online, and Config state is normal.

The following uses ONU 1 as an example to describe how to confirm ONU status.

huawei(config-if-gpon-0/3)#display ont info 1 1


---------------------------------------------------------------------
F/S/P : 0/3/1
ONT-ID :1
Control flag : active //Indicates that the ONU is activated.
Run state : online //Indicates that the ONU is online.
Config state : normal //Indicates that the ONU is in normal state.
...//Other command output is omitted.
huawei(config-if-gpon-0/3)#quit

Follow-up Procedure

When Config state is failed, Run state is offline, or Match state is mismatch:

 If Control flag is deactivated, run the ont activate command in GPON mode to activate the ONT.

 If Run state is offline, a physical line may be broken or the optical module may be damaged. Check the line
and the optical module.

 If Config state is failed, the configured ONT capability exceeds the actual ONT capability. In this case, run the
display ont failed-configuration command in the diagnose mode to check the failed configuration item and
the failure cause. Then, rectify the fault accordingly.

1.4.4.4 Configuring Management Service Ports on OLT and


ONUs
Configuring Management Service Ports on OLT and ONUs

2024-09-17 359
MA5800 Product Documentation

This topic describes how to configure management service ports (also called service flows) on the OLT and ONUs.
After the connections between the inband management service ports on the OLT and ONUs are reachable, you can
log in to the ONUs on the OLT and configure the ONUs.

Data Plan

Configuration Item Data

Management VLAN and management IP address for OLT Management VLAN ID: 8
Management VLAN type: smart
Inband management IP address: 192.168.50.1/24

Management VLAN and management IP address for ONU Management VLAN ID: 8
Management VLAN type: smart
Inband management IP address for ONU 3: 192.168.50.2/24

Procedure

1. Configure the inband management VLAN and IP address of the OLT.


Set the inband management VLAN to 8, VLAN priority to 6, and IP address to 192.168.50.1/24.

huawei(config)#vlan 8 smart
huawei(config)#port vlan 8 0/9 0
huawei(config)#vlan priority 8 6
huawei(config)#interface vlanif 8
huawei(config-if-vlanif8)#ip address 192.168.50.1 24
huawei(config-if-vlanif8)#quit

2. Configure the inband management VLAN and IP address of the ONU.

huawei(config)#interface gpon 0/3


huawei(config-if-gpon-0/3)#ont ipconfig 1 1 static ip-address 192.168.50.2 mask 255.255.255.0 gateway

192.168.50.1 vlan 8

huawei(config-if-gpon-0/3)#quit

3. Configure an inband management service port.


Set the management VLAN to 8, GEM port ID to 11, and user VLAN to 8. The OLT does not rate limit the
inband management service port. Therefore, directly use the default traffic profile 6.

huawei(config)#service-port vlan 8 gpon 0/3/1 ont 1 gemport 11 multi-service

user-vlan 8 rx-cttr 6 tx-cttr 6


4. Confirm that the connections between the management service ports on the OLT and ONU are reachable.

 Run the ping ONU ip command on the OLT to verify the connectivity between the OLT and ONU. If the
OLT receives ICMP ECHO-REPLY packets from the ONU, the connection is reachable.

 When the connection is reachable, you can remotely log in to the ONU from the OLT and configure the
ONU.

2024-09-17 360
MA5800 Product Documentation

1.4.4.5 Configuring TDM Connections


Configuring TDM Connections

This topic describes how to configure Native TDM connections between GPON ports and E1 upstream ports to
transmit E1 private line service data.

Context
The OLT can transmit data to the SDH network through E1 lines. Each E1 line provides 2 Mbit/s bandwidth.

Data Plan

Upstream Transmission Mode Data

Upstream transmission through E1 Port on the EDSH board: 0/5/0

Procedure

 Configure a TDM E1 connection for E1 upstream transmission.

huawei(config)#tdm-connect connectid 1 tdm 0/5/0 gpon 0/3/1 ontid 3 gemportIndex 13

1.4.4.6 Configuring Clock Synchronization


Configuring Clock Synchronization

In this scenario, the E1 line clock can be used to achieve network-wide clock synchronization.

Prerequisites
The clock daughter board CKUA must be on the main control board.

Context

Configuration roadmap for clock synchronization:

1. The OLT traces the upstream E1 line clock of the EDSH board as the system clock.

2. The system clock is delivered to an ONU through optical paths of the GPON board.

3. The ONU uses the line clock of the GPON upstream port as the system clock.

4. The ONU E1 transmit clock is synchronized with the system clock of the ONU.

Procedure

 Configure a clock on the OLT.

1. Add a system clock source.

2024-09-17 361
MA5800 Product Documentation

Run the clock source command to configure the line clock of E1 port 0/5/0 on the EDSH board as the
system clock source. Set the ID of the clock source to 0.
The clock module selects a reference source for phase lock based on priorities.

huawei(config)#clock source 0 0/5/0

2. Configure a priority for the system clock source.


Run the clock priority command to set the priority of clock source 0 to the highest priority.

huawei(config)#clock priority system 0

3. Query configurations and the status of the system clock source.


Run the display clock source system command to query the configurations and the status of the clock
source. Ensure that configurations of the system clock source are correct and the status is Normal.

Run the display clock mode command to query the clock working mode. Ensure that the clock
daughter board works in tracing mode.

huawei(config)#display clock mode


Clock manage-mode:Third-mode
Clock subboard work-mode:Tracing

 Configure a clock on the ONU.

1. Configure the GPON line clock as the system clock.


The system clock of the OLT is delivered to the ONU through the GPON port on the OLT, achieving clock
synchronization between the OLT and the ONU.

a. Run the clock source command to configure the clock recovered from the GPON upstream port
as the system clock of the ONU.

b. Run the clock priority command to configure the priority of the clock source.

huawei(config)#clock source 0 0/0/1


Clock source set succeeded

huawei(config)#clock priority system 0

2. Configure the system clock as the transmit clock for an E1 port.

a. Run the interface tdm command to enter the E1 port configuration mode.

b. Run the tx clock or port portid udt system command to configure the system clock as the
transmit clock of the port.

c. Run the display port state command to query the transmit clock of the E1 port.

huawei(config)#interface tdm 0/1


huawei(config-if-tdm-0/1)#port 0 udt system
huawei(config-if-tdm-0/1)#display port state 0
---------------------------------------
Port :0

2024-09-17 362
MA5800 Product Documentation

State : normal
Mode : UDT
Code : HDB3
Looptype :-
Timeslot :-
Clock : system
CRC4 :-
Signaling :-
ESF :-
Impedance : 120 Ohm
---------------------------------------

3. Query configurations and the status of the system clock source.


Run the display clock source command to query configurations and the status of the system clock
source.

huawei(config-if-tdm-0/1)#quit
huawei(config)#display clock source
---------------------------------------------------------------
Index Config Type Source State Priority Output
---------------------------------------------------------------
0 YES line 0/0/1 Normal 0 YES
1 NO -- -/ -/ - --- --- ---
2 NO -- -/ -/ - --- --- ---
3 NO -- -/ -/ - --- --- ---
4 NO -- -/ -/ - --- --- ---
5 NO -- -/ -/ - --- --- ---
6 NO -- -/ -/ - --- --- ---
7 NO -- -/ -/ - --- --- ---
8 NO -- -/ -/ - --- --- ---
9 NO -- -/ -/ - --- --- ---
---------------------------------------------------------------

1.4.4.7 Verifying Services


Verifying Services

This topic describes how to use the PDH/SDH tester to verify the private line access service.

Prerequisites
The private line service has been configured.

Networking

Figure 1 Test setup for E1 upstream service

2024-09-17 363
MA5800 Product Documentation

Procedure

1. Set up network environment according to the preceding diagrams for service acceptance tests.

Ensure clock synchronization for the test. It is recommended that the tester use the internal free-run clock, the OLT
trace the clock of the tester, and the ONU trace the clock of the OLT.

2. Use the E1 line tester to send packets for the test.


The test duration must be 12 hours or longer. There should be no alarms on the tester and the bit error rate
must be less than 1E-9.

Follow-up Procedure

When the test on service connectivity fails, you can check for the failure causes by performing loopbacks. The
following loopbacks are supported:

 Remote loopback on the OLT

 Local loopback on the OLT

 Local loopback on the ONU

 Remote loopback on the ONU

Loopback Function Networking Configuration


Mode

Remote Loops back signals to the Enable/Disable the remote


loopback on network side on the loopback for the E1 port.
the OLT OLT. This loopback
huawei(config)#interface
checks whether the top 0/5
service from the OLT to huawei(config-if-top-
the network-side 0/5)#loopback 0 remote
channel is normal. huawei(config-if-top-
0/5)#undo loopback 0

Local Loops back signals to the Enable/Disable the local


loopback on user side on the OLT. loopback for the E1 port.
the OLT This loopback checks
huawei(config)#interface
whether the link top 0/5
between the OLT and huawei(config-if-top-
the E1 port on the ONU 0/5)#loopback 0 local
is normal. huawei(config-if-top-
0/5)#undo loopback 0

2024-09-17 364
MA5800 Product Documentation

Loopback Function Networking Configuration


Mode

Local Loops back signals to the huawei(config)#interface


loopback on network side on the tdm 0/1
the ONU ONU. This loopback huawei(config-if-tdm-
checks whether the link 0/1)#loopback 0 local
between the E1 port on huawei(config-if-tdm-
the ONU and the board 0/1)#undo loopback 0
on the OLT is normal.

Remote Loops back signals to the huawei(config)#interface


loopback on user side on the ONU. tdm 0/1
the ONU This loopback checks huawei(config-if-tdm-
whether the link 0/1)#loopback 0 remote
between the ONU and huawei(config-if-tdm-
user terminal is normal. 0/1)#undo loopback 0

1.4.5 Configuring Enterprise IP PBX Private Line Access


Service (GPON)
Configuring Enterprise IP PBX Private Line Access Service (GPON)

ONUs provide GE/FE ports to access IP private branch exchange (PBX) services of an enterprise and transmit them
to an OLT. Then, the OLT forwards the service data upstream to the packet switched network (PSN). This achieves
unified carrying of voice, data, and video services.
Service Requirement and Application Scenario

Configuration Process

Adding ONUs to OLT

This topic describes how to add ONUs to the OLT. ONUs can be configured only after they are added to the OLT
successfully.

Configuring Management Service Ports on OLT and ONUs

This topic describes how to configure management service ports (also called service flows) on the OLT and ONUs. After the
connections between the inband management service ports on the OLT and ONUs are reachable, you can log in to the
ONUs on the OLT and configure the ONUs.

Configuring OLT QinQ Service Ports

This topic describes how to configure QinQ service ports on the OLT to add an S-VLAN tag to IP PBX packets sent from
ONUs and transmit the packets to the upper-layer IP network.

Configuring Ethernet Access Service Ports on ONUs

This topic describes how to configure service ports on ONUs and upstream VLANs to make the connections between ONUs
and user terminals reachable and create upstream channels between ONUs and the OLT, achieving access of IP PBX
services through Ethernet ports.

2024-09-17 365
MA5800 Product Documentation

Configuring Congestion Control and Security Policies

This topic describes how to configure global priority-based scheduling policies for queues to ensure service reliability and
configure global security policies to ensure service security.

Configuring E2E Reliability

This topic describes how to configure end-to-end (E2E) protection schemes for the enterprise private line service which
has a high requirement on service reliability.

Verifying Services

This topic describes how to verify the IP PBX access service by testing calls.

1.4.5.1 Service Requirement and Application Scenario


Service Requirement and Application Scenario

Service Requirement

 The IP private branch exchange (PBX) data can be transparently transmitted on the PON network.

 The operation method for end users connected to the IP PBX is not changed.

Application Scenario

As shown in Figure 1, ONUs access IP PBX services through FE/GE ports. The OLT transparently transmits the data
to the IP network in QinQ mode.

Figure 1 Networking diagram of the IP PBX access service

1.4.5.2 Configuration Process


Configuration Process

The following figure shows the configuration process for the IP PBX access service.

2024-09-17 366
MA5800 Product Documentation

1.4.5.3 Adding ONUs to OLT


Adding ONUs to OLT

This topic describes how to add ONUs to the OLT. ONUs can be configured only after they are added to the OLT
successfully.

Context

 When adding ONUs, you need to bind related profiles to the ONUs, including the DBA profile, line profile,
service profile, and alarm profile.

 An ONU can be added in two modes: offline addition and online confirmation. Select either mode as required.

Data Planning

Table 1 Key data plan

Configuration Item Data

2024-09-17 367
MA5800 Product Documentation

Table 1 Key data plan

Configuration Item Data

DBA profile Profile ID: 20


Profile type: Type 3
Assured bandwidth: 100 Mbit/s
Maximum bandwidth: 120 Mbit/s

Line profile Profile ID: 10


T-CONT ID: 4
GEM port ID for management service: 11
GEM port ID for other services: 12

Networking data PON port: 0/3/1


ONU parameters:
ONU ID: 1
SN: 3230313163902641

Procedure

1. Configure GPON ONU profiles.

a. Configure a DBA profile.

huawei(config)#dba-profile add profile-id 20 type3 assure 102400 max 122880

b. Configure an ONU line profile.

huawei(config)#ont-lineprofile gpon profile-id 10


huawei(config-gpon-lineprofile-10)#tcont 4 dba-profile-id 20 //Bind T-CONT 4 to DBA profile 20
huawei(config-gpon-lineprofile-10)#gem add 11 eth tcont 0
huawei(config-gpon-lineprofile-10)#gem add 12 eth tcont 4 //Add GEM port 12 to T-CONT 4
huawei(config-gpon-lineprofile-10)#gem mapping 11 0 vlan 8
huawei(config-gpon-lineprofile-10)#gem mapping 12 1 vlan 300 //Map GEM port 12 to CVLAN 300
huawei(config-gpon-lineprofile-10)#commit
huawei(config-gpon-lineprofile-10)#quit

c. (Optional) Configure an alarm profile.

 The default GPON alarm profile ID is 1. The value of each alarm threshold is 0 which indicates
that alarms are not reported.

 In this example, the default alarm profile is used and no configuration is required.

2. Add ONUs to the OLT.

a. Add ONU 1 in offline mode.

huawei(config)#interface gpon 0/3


huawei(config-if-gpon-0/3)#ont add 1 ontid 1 sn-auth 3230313163902641

snmp ont-lineprofile-id 10

2024-09-17 368
MA5800 Product Documentation

b. (Optional) Bind an alarm profile.


By default, an ONU will be automatically bound to alarm profile 1 (default profile). You need to
manually bind an alarm profile to an ONU only when the default alarm profile does not meet
requirements.
In this example, the default alarm profile is used. Therefore, you do not need to manually bind an
alarm profile.

3. Confirm the ONU status.


After adding an ONU, run the display ont info command to query the current status of the ONU. Ensure that
Control flag is active, Run State is online, and Config state is normal.

The following uses ONU 1 as an example to describe how to confirm ONU status.

huawei(config-if-gpon-0/3)#display ont info 1 1


---------------------------------------------------------------------
F/S/P : 0/3/1
ONT-ID :1
Control flag : active //Indicates that the ONU is activated.
Run state : online //Indicates that the ONU is online.
Config state : normal //Indicates that the ONU is in normal state.
...//Other command output is omitted.
huawei(config-if-gpon-0/3)#quit

Follow-up Procedure

When Config state is failed, Run state is offline, or Match state is mismatch:

 If Control flag is deactivated, run the ont activate command in GPON mode to activate the ONT.

 If Run state is offline, a physical line may be broken or the optical module may be damaged. Check the line
and the optical module.

 If Config state is failed, the configured ONT capability exceeds the actual ONT capability. In this case, run the
display ont failed-configuration command in the diagnose mode to check the failed configuration item and
the failure cause. Then, rectify the fault accordingly.

1.4.5.4 Configuring Management Service Ports on OLT and


ONUs
Configuring Management Service Ports on OLT and ONUs

This topic describes how to configure management service ports (also called service flows) on the OLT and ONUs.
After the connections between the inband management service ports on the OLT and ONUs are reachable, you can
log in to the ONUs on the OLT and configure the ONUs.

Data Plan

2024-09-17 369
MA5800 Product Documentation

Configuration Item Data

Management VLAN and management IP address for OLT Management VLAN ID: 8
Management VLAN type: smart
Inband management IP address: 192.168.50.1/24

Management VLAN and management IP address for ONU Management VLAN ID: 8
Management VLAN type: smart
Inband management IP address for ONU 3: 192.168.50.2/24

Procedure

1. Configure the inband management VLAN and IP address of the OLT.


Set the inband management VLAN to 8, VLAN priority to 6, and IP address to 192.168.50.1/24.

huawei(config)#vlan 8 smart
huawei(config)#port vlan 8 0/9 0
huawei(config)#vlan priority 8 6
huawei(config)#interface vlanif 8
huawei(config-if-vlanif8)#ip address 192.168.50.1 24
huawei(config-if-vlanif8)#quit

2. Configure the inband management VLAN and IP address of the ONU.

huawei(config)#interface gpon 0/3


huawei(config-if-gpon-0/3)#ont ipconfig 1 1 static ip-address 192.168.50.2 mask 255.255.255.0 gateway

192.168.50.1 vlan 8

huawei(config-if-gpon-0/3)#quit

3. Configure an inband management service port.


Set the management VLAN to 8, GEM port ID to 11, and user VLAN to 8. The OLT does not rate limit the
inband management service port. Therefore, directly use the default traffic profile 6.

huawei(config)#service-port vlan 8 gpon 0/3/1 ont 1 gemport 11 multi-service

user-vlan 8 rx-cttr 6 tx-cttr 6


4. Confirm that the connections between the management service ports on the OLT and ONU are reachable.

 Run the ping ONU ip command on the OLT to verify the connectivity between the OLT and ONU. If the
OLT receives ICMP ECHO-REPLY packets from the ONU, the connection is reachable.

 When the connection is reachable, you can remotely log in to the ONU from the OLT and configure the
ONU.

1.4.5.5 Configuring OLT QinQ Service Ports


Configuring OLT QinQ Service Ports

This topic describes how to configure QinQ service ports on the OLT to add an S-VLAN tag to IP PBX packets sent
from ONUs and transmit the packets to the upper-layer IP network.

2024-09-17 370
MA5800 Product Documentation

Data Plan
For details on VLAN planning, see Principle of VLAN Data Plan . VLAN translation policies for the Enterprise IP
private branch exchange (PBX) access service are shown in Figure 1. Different data packets of the IP PBX carry
different user VLANs (for example, 20, 21, ... in the following figure). The user VLANs are translated to C-VLAN 300
on the ONU and then the OLT adds the outer VLAN 1300 to the packets before transmitting them upstream. In this
manner, only two VLANs are required on the MAN for the base station access service, which significantly reduces
the number of VLANs.

Figure 1 VLAN translation process

Configuration Item Data

SVLAN VLAN ID: 1300


VLAN attribute: q-in-q

CVLAN (upstream VALN of the ONU) 300

Traffic profile Profile ID: 10


Assured bandwidth: 100 Mbit/s
Priority source: user-cos
Default priority: 4

Because packets transmitted from the OLT carry two VLAN tags, the interconnected equipment on the metro network must be
able to identify and restore packets with two VLAN tags.

Procedure

1. Configure an S-VLAN and add an upstream port to it.


Set the S-VLAN ID of the IP PBX service to 1300, VLAN type to smart, VLAN attribute to QinQ, and add
upstream port 0/9/0 to the VLAN.

huawei(config)#vlan 1300 smart


huawei(config)#vlan attrib 1300 q-in-q
huawei(config)#port vlan 1300 0/9 0

2. Configure a traffic profile for the service port.


Add a new traffic profile 10 and set the assured rate to 100 Mbit/s. Packets transmitted upstream use the
priority (4 by default) copied from the user side. Packets transmitted downstream use the priority carried
by themselves.

2024-09-17 371
MA5800 Product Documentation

huawei(config)#traffic table ip index 10 cir 102400 priority user-cos 4 priority-policy tag-in-package

3. Configure a QinQ service port.


According to Principle of VLAN Data Plan , VLANs of packets sent from the IP PBX are all translated to
CLVAN 300. Then, the OLT adds an S-VLAN tag to the packets: C-VLAN<->S-VLAN+C-VLAN. Traffic profile 10
is used.

huawei(config)#service-port vlan 1300 gpon 0/3/1 ont 1 gemport 12 multi-service

user-vlan 300 rx-cttr 10 tx-cttr 10

If you need to transparently transmit the C-VLAN to S-VLAN, then user qinq S-VLAN, set S-VLAN=C-VLAN, and create a
service-port with "tag-transform transparent".

1.4.5.6 Configuring Ethernet Access Service Ports on ONUs


Configuring Ethernet Access Service Ports on ONUs

This topic describes how to configure service ports on ONUs and upstream VLANs to make the connections
between ONUs and user terminals reachable and create upstream channels between ONUs and the OLT, achieving
access of IP PBX services through Ethernet ports.

Data Planning

Configuration Item Data

Port Upstream port: 0/0/1


Service port: 0/3/1

SVLAN VLAN ID: 300


VLAN type: smart
VLAN attribute: common

Traffic profile Profile ID: 8


Assured rate: no rate limit
Priority source: user-cos
Default priority: 4

Procedure

1. Remotely log in to an ONU to configure the ONU.


You can remote log in to the ONU from the OLT to perform the configuration.

2. Create an SVLAN 300.

huawei(config)#vlan 300 smart

3. Add upstream port 0/0/1 to the SVLAN.

huawei(config)#port vlan 300 0/0 1

4. Configure a traffic profile.

2024-09-17 372
MA5800 Product Documentation

Configure traffic profile 8. The upstream and downstream rates are not limited. Packets transmitted
upstream use the priority (4 by default) copied from the user side. Packets transmitted downstream use the
priority carried by themselves.

huawei(config)#traffic table ip index 8 cir off priority user-cos 4 priority-policy tag-in-package

5. Add a service port.


Add a service port and bind it to port 0/3/1. Set the user VLAN to untagged and bind it to traffic profile 8.

huawei(config)#service-port vlan 300 eth 0/3/1 multi-service user-vlan

untagged rx-cttr 8 tx-cttr 8

Packets sent from the user side (IP PBX) may be transmitted upstream with a VLAN tag. In this case, change untagged
to the VLAN tag when configuring a service port.

1.4.5.7 Configuring Congestion Control and Security Policies


Configuring Congestion Control and Security Policies

This topic describes how to configure global priority-based scheduling policies for queues to ensure service
reliability and configure global security policies to ensure service security.

Context

Congestion control uses queue scheduling technology to map packets sent from the same port into multiple queues
and process packets in each queue based on priority. Congestion control is recommended.

Security policies cover system security, user security, and service security, which ensure normal running of
services.

Enable security features based on service types. For details, see Principle of Security Data Plan .

Procedure

 Configure queue scheduling.


Based on Principle of QoS Data Plan , all packets use strict priorities for queue scheduling and are mapped to
queues based on priorities.

huawei(config)#queue-scheduler strict-priority
huawei(config)#cos-queue-map cos0 0 cos1 1 cos2 2 cos3 3 cos4 4 cos5 5 cos6 6 cos7 7 //System default

 Configure system security.

 Enable deny of service (DoS) anti-attack on both the OLT and ONUs.

1. Run the security anti-dos enable command to globally enable DoS anti-attack.

2024-09-17 373
MA5800 Product Documentation

2. Run the security anti-dos control-packet policy command to configure a protocol packet
processing policy that will be used when a DoS attack occurs.

3. Run the security anti-dos control-packet rate command to configure the threshold for the rate
of sending protocol packets to the CPU.

 Enable IP address anti-attack on both the OLT and ONUs.


Run the security anti-ipattack enable command to enable IP address anti-attack.

 Configure user security.

 Enable MAC address anti-flapping on both the OLT and ONUs.


Run the security anti-macduplicate enable command to enable MAC address anti-flapping.

 Enable MAC address anti-spoofing on both the OLT and ONUs.

1. In global config mode, run the security anti-macspoofing enable command to globally enable
MAC address anti-spoofing.

2. Enable MAC address anti-spoofing at VLAN level in global config mode or service profile mode:

a. In global config mode, run the security anti-macspoofing vlan command to enable MAC
address anti-spoofing.

b. Perform the following operations to enable MAC address anti-spoofing in service profile
mode:

i. In global config mode, run the vlan service-profile command to create a VLAN
service profile.

ii. Run the security anti-macspoofing enable command to enable MAC address anti-
spoofing at VLAN level.

iii. Run the commit command to make the profile configuration take effect.

iv. Run the quit command to quit the VLAN service profile mode.

v. Run the vlan bind service-profile command to bind the created VLAN service
profile to a VLAN.

3. (Optional) Run the security anti-macspoofing max-mac-count command to set the maximum
number of MAC addresses that can be bound to a service flow.

4. (Optional) Run the security anti-macspoofing exclude command to configure the types of
packets for which MAC address anti-spoofing does not take effect, such as Internet Group
Management Protocol (IGMP) packets.

 Enable IP address anti-spoofing on ONUs.

IP address anti-spoofing can be enabled or disabled at three levels: global, VLAN, and service port levels.
This function takes effect only after it is enabled at the three levels. Among the three levels, IP address
anti-spoofing is disabled only at the global level by default.

2024-09-17 374
MA5800 Product Documentation

1. In global config mode, run the security anti-ipspoofing enable command to enable IP address
anti-spoofing at the global level.

2. In VLAN service profile mode, run the security anti-ipspoofing enable command to enable IP
address anti-spoofing at the VLAN level.

3. Run the security anti-ipspoofing service-port serviceport-id enable command to enable IP


address anti-spoofing at the service port level.

1.4.5.8 Configuring E2E Reliability


Configuring E2E Reliability

This topic describes how to configure end-to-end (E2E) protection schemes for the enterprise private line service
which has a high requirement on service reliability.

Context
Reliability covers equipment reliability, upstream networking protection, and downstream networking protection.
For details on reliability data planning, see Principle of Reliability Data Plan .

 Upstream networking protection includes link aggregation group and protection group.

 Downstream networking protection includes Type B, Type C single homing, and Type C dual homing, which
are used to protect service ports. Ports on the same ONU can be configured only with the same protection
scheme.

This topic describes how to configure five mainstream protection schemes. Select required protection schemes based on the
carrier's requirement and actual networking scenario.

Procedure

 Configure a link aggregation group.


Bind upstream ports 0/9/0 and 0/9/1 together as an aggregation link group. Each member port in the group
transmits packets based on source MAC addresses. The working mode is LACP static aggregation.

huawei(config)#link-aggregation 0/9 0-1 ingress workmode lacp-static

 Configure a protection group.


Configure upstream ports 0/9/0 and 0/9/1 on a board as a port protection group. Set port 0/9/0 as the
working port and port 0/9/1 as the protection port, set the working mode to time delay detection, and enable
the protection group.

huawei(config-protect)#protect-group first 0/9/0 second 0/9/1 eth workmode timedelay enable

 Configure the Type B protection.

Figure 1 shows the Type B protection networking diagram.

Figure 1 Type B protection

2024-09-17 375
MA5800 Product Documentation

Configure redundancy backup for ports 0/3/1 and 0/3/2 on the same GPON board on OLT. When port 0/3/1
fails, the system can automatically switch to port 0/3/2.

huawei(config)#protect-group 0 protect-target gpon-uni-port workmode timedelay


huawei(protect-group-0)#protect-group member port 0/3/1 role work
huawei(protect-group-0)#protect-group member port 0/3/2 role protect
huawei(protect-group-0)#protect-group enable

The configurations of services accessed by the ONUs remain the same after the Type B protection is configured. That is,
the service configurations are applied only to the working GPON port.

 Configure the Type C single homing protection.


Figure 2 shows networking diagram for the Type C single homing protection. Configure two 1:N optical
splitters, one for connecting the working PON ports on the OLT and ONUs, and one for connecting the
protection PON ports on the OLT and ONUs. This protection scheme protects both the backbone fibers and
tributary fibers.
The configurations of services accessed by the ONUs remain the same after the Type C single homing
protection is configured. That is, the service configurations are applied only to the working PON port on the
OLT and working upstream PON ports on the ONUs.

Figure 2 Type C single homing protection

As shown in the preceding figure, Type C single homing protecting is configured for optical fiber links
between the OLT and ONU.

 The ports on the GPON service board are 0/3/1 and 0/3/2.

 The link at port 0/3/1 is the working link.

 The link at port 0/3/2 is the protection link.

 The ONU ID is 1.

2024-09-17 376
MA5800 Product Documentation

 The ONU is authenticated by serial number (SN). The SN of the ONU is 3230313163902641 and the
management mode is SNMP.

 The ID of the line profile bound to the ONU is 10.

huawei(config)#interface gpon 0/3


huawei(config-if-gpon-0/3)#ont add 1 1 sn-auth 3230313163902641 snmp ont-lineprofile-id 10
huawei(config-if-gpon-0/3)#ont add 2 1 protect-side
huawei(config-if-gpon-0/3)#quit
huawei(config)#protect-group protect-target gpon-uni-ont workmode portstate
huawei(protect-group-1)#protect-group member port 0/3/1 ont 1 role work
huawei(protect-group-1)#protect-group member port 0/3/2 ont 1 role protect
huawei(protect-group-1)#protect-group enable
huawei(protect-group-1)#quit

 Configure the Type C dual homing protection.


Figure 3 shows the networking diagram for the Type C dual homing protection. Two PON ports on different
OLTs, two PON ports on an ONU, two backbone optical fibers, two optical splitters, and two tributary optical
fibers are configured to implement this protection. The difference between this protection scheme and the
Type C single homing protection scheme is that the ONU needs to be dual homed to two OLTs in this
protection scheme.
The models and versions of main control boards on the active and standby OLTs must be the same. The
models and versions of GPON boards on the active and standby OLTs also must be the same. Data on the
active OLT cannot be automatically synchronized with that on the standby OLT. Therefore, data
synchronization between the active and standby OLTs must be manually ensured.
This protection scheme can be configured for only the Ethernet QinQ private line service. It does not support
TDM services, including Native TDM and SAToP.

Figure 3 Type C dual homing protection

As shown in the preceding figure, Type C dual homing protection is configured for two OLTs (huawei_A and
huawei_B).

 huawei_A is the active OLT while huawei_B is the standby OLT.

2024-09-17 377
MA5800 Product Documentation

 The ports on the service boards on both OTLs are 0/3/1.

 The dual homing protection group ID is 1.

 The ONU ID is 1.

 The ONU is authenticated by serial number (SN). The SN of the ONU is 3230313163902641 and the
management mode is SNMP.

 The ID of the line profile bound to the ONU is 10.

Configurations on the active OLT huawei_A:


huawei_A(config)#interface gpon 0/3
huawei_A(config-if-gpon-0/3)#ont add 1 1 sn-auth 3230313163902641 snmp ont-lineprofile-id 10
huawei_A(config-if-gpon-0/3)#quit
huawei_A(config)#protect-group 1 protect-target gpon-uni-ont workmode dual-parenting
huawei_A(protect-group-1)#protect-group member port 0/3/1 ont 1 role work

Configurations on the standby OLT huawei_B:


huawei_B(config)#interface gpon 0/3
huawei_B(config-if-gpon-0/3)#ont add 1 1 sn-auth 3230313163902641 snmp ont-lineprofile-id 10
huawei_B(config-if-gpon-0/3)#quit
huawei_B(config)#protect-group 1 protect-target gpon-uni-ont workmode dual-parenting
huawei_B(protect-group-1)#protect-group member port 0/3/1 ont 1 role protect
huawei_B(protect-group-1)#protect-group enable

1.4.5.9 Verifying Services


Verifying Services

This topic describes how to verify the IP PBX access service by testing calls.

Prerequisites
The IP PBX access service has been deployed.

Procedure

1. Test calls between users connected to the IP PBX according to table 1.

2. Test calls from a user connected to the IP PBX to an IMS user according to table 1.

3. Test calls from an IMS user to a user connected to the IP PBX according to table 1.
Table 1 IP PBX access service verification

Category Test Calls Between Users Test Calls from a User Test Calls from an IMS User to
Connected to the IP PBX Connected to the IP PBX to an a User Connected to the IP
IMS User PBX

Prerequisites User A and user B access the User A accesses the network User A is a common IMS user
network through the IP PBX and through the IP PBX and has been and has been registered.

2024-09-17 378
MA5800 Product Documentation

Table 1 IP PBX access service verification

Category Test Calls Between Users Test Calls from a User Test Calls from an IMS User to
Connected to the IP PBX Connected to the IP PBX to an a User Connected to the IP
IMS User PBX

both users have been registered. registered. User B accesses the network
through the IP PBX and has been
User A and user B are idle. User B is a common IMS user
registered.
and has been registered.
User A and user B are idle.
User A and user B are idle.

Test User A calls user B. The same as that in the "Test The same as that in the "Test
procedure Calls Between Users Connected Calls Between Users Connected
User B answers the call. Check the to the IP PBX" column to the IP PBX" column
call between user A and user B.
User A releases the call.

Expected User B hears the ringing tone. The same as that in the "Test The same as that in the "Test
result Calls Between Users Connected Calls Between Users Connected
The call is set up. to the IP PBX" column to the IP PBX" column
The call is released.

1.4.6 Configuring Enterprise PRA PBX Private Line Access


Service (GPON)
Configuring Enterprise PRA PBX Private Line Access Service (GPON)

ONUs provide PRA E1 ports to access PRA private branch exchange (PBX) services of an enterprise and transmit
them to an OLT. Then, the OLT forwards the service data upstream to the packet switched network (PSN). This
achieves voice-to-IP conversion, simplifying the network architecture.
Service Requirement and Application Scenario

Configuration Process

Adding ONUs to OLT

This topic describes how to add ONUs to the OLT. ONUs can be configured only after they are added to the OLT
successfully.

Configuring Management Service Ports on OLT and ONUs

This topic describes how to configure management service ports (also called service flows) on the OLT and ONUs. After the
connections between the inband management service ports on the OLT and ONUs are reachable, you can log in to the
ONUs on the OLT and configure the ONUs.

Configuring Service Ports for Voice Transparent Transmission

This topic describes how to create service ports on the OLT to transparently transmit VoIP service data from ONUs to the
upper-layer voice server.

Configuring VoIP PRA Access

2024-09-17 379
MA5800 Product Documentation

This topic describes how to configure VoIP PRA access. ONUs provide PRA E1 ports to access the PRA PBX service and
convert PRA signaling to ISDN Q.931-User Adaptation Layer (IUA) signaling, achieving signaling exchange between ONUs
and media gateway controller (MGCs).

Configuring Congestion Control and Security Policies

This topic describes how to configure global priority-based scheduling policies for queues to ensure service reliability and
configure global security policies to ensure service security.

Configuring Network Protection

This topic describes how to configure end-to-end (E2E) protection schemes for the enterprise private line service which
has a high requirement on service reliability.

Verifying Services

This topic describes how to verify the PRA PBX service by testing calls.

1.4.6.1 Service Requirement and Application Scenario


Service Requirement and Application Scenario

Service Requirement

PRA PBX is a telephone exchange used in an enterprise. With the PRA PBX, staff in the enterprise can use internal
telephones to make free calls by dialing short numbers. Outgoing calls are made through a unified trunk. After the
PRA PBX service is accessed in PON mode using "OLT+ONU", VoIP calls can be made. Compared with services
provided by the PRA PBX itself, the VoIP service has following advantages:

 Outgoing call data is carried over IP, which greatly lowers communication costs for enterprises and retains
good call quality.

 No extra investment is required because the voice service is deployed directly using the PRA PBX.

 Free calls can be made between branches in different regions.

 More value-added services can be provided based on IP networks.

In addition, the operation method for end users connected to the PRA PBX is not changed.

Application Scenario

As shown in Figure 1, ONUs access PRA PBX services through E1 lines. The OLT transmits the data to the upper
NGN/IMS, achieving the VoIP-based PRA voice service.

Figure 1 Networking diagram of the PRA PBX access service

2024-09-17 380
MA5800 Product Documentation

1.4.6.2 Configuration Process


Configuration Process

The following figure shows the configuration process for the PRA PBX access service.

1.4.6.3 Adding ONUs to OLT


Adding ONUs to OLT

2024-09-17 381
MA5800 Product Documentation

This topic describes how to add ONUs to the OLT. ONUs can be configured only after they are added to the OLT
successfully.

Context
 When adding ONUs, you need to bind related profiles to the ONUs, including the DBA profile, line profile,
service profile, and alarm profile.

 An ONU can be added in two modes: offline addition and online confirmation. Select either mode as required.

Data Planning

Table 1 Key data plan

Configuration Item Data

DBA profile Profile ID: 20


Profile type: Type 3
Assured bandwidth: 100 Mbit/s
Maximum bandwidth: 120 Mbit/s

Line profile Profile ID: 10


T-CONT ID: 4
GEM port ID for management service: 11
GEM port ID for other services: 12

Networking data PON port: 0/3/1


ONU parameters:
ONU ID: 1
SN: 3230313163902641

Procedure

1. Configure GPON ONU profiles.

a. Configure a DBA profile.

huawei(config)#dba-profile add profile-id 20 type3 assure 102400 max 122880

b. Configure an ONU line profile.

huawei(config)#ont-lineprofile gpon profile-id 10


huawei(config-gpon-lineprofile-10)#tcont 4 dba-profile-id 20 //Bind T-CONT 4 to DBA profile 20
huawei(config-gpon-lineprofile-10)#gem add 11 eth tcont 0
huawei(config-gpon-lineprofile-10)#gem add 12 eth tcont 4 //Add GEM port 12 to T-CONT 4
huawei(config-gpon-lineprofile-10)#gem mapping 11 0 vlan 8
huawei(config-gpon-lineprofile-10)#gem mapping 12 1 vlan 300 //Map GEM port 12 to CVLAN 300
huawei(config-gpon-lineprofile-10)#commit
huawei(config-gpon-lineprofile-10)#quit

2024-09-17 382
MA5800 Product Documentation

c. (Optional) Configure an alarm profile.

 The default GPON alarm profile ID is 1. The value of each alarm threshold is 0 which indicates
that alarms are not reported.

 In this example, the default alarm profile is used and no configuration is required.

2. Add ONUs to the OLT.

a. Add ONU 1 in offline mode.

huawei(config)#interface gpon 0/3


huawei(config-if-gpon-0/3)#ont add 1 ontid 1 sn-auth 3230313163902641

snmp ont-lineprofile-id 10
b. (Optional) Bind an alarm profile.
By default, an ONU will be automatically bound to alarm profile 1 (default profile). You need to
manually bind an alarm profile to an ONU only when the default alarm profile does not meet
requirements.
In this example, the default alarm profile is used. Therefore, you do not need to manually bind an
alarm profile.

3. Confirm the ONU status.


After adding an ONU, run the display ont info command to query the current status of the ONU. Ensure that
Control flag is active, Run State is online, and Config state is normal.

The following uses ONU 1 as an example to describe how to confirm ONU status.

huawei(config-if-gpon-0/3)#display ont info 1 1


---------------------------------------------------------------------
F/S/P : 0/3/1
ONT-ID :1
Control flag : active //Indicates that the ONU is activated.
Run state : online //Indicates that the ONU is online.
Config state : normal //Indicates that the ONU is in normal state.
...//Other command output is omitted.
huawei(config-if-gpon-0/3)#quit

Follow-up Procedure

When Config state is failed, Run state is offline, or Match state is mismatch:

 If Control flag is deactivated, run the ont activate command in GPON mode to activate the ONT.

 If Run state is offline, a physical line may be broken or the optical module may be damaged. Check the line
and the optical module.

 If Config state is failed, the configured ONT capability exceeds the actual ONT capability. In this case, run the
display ont failed-configuration command in the diagnose mode to check the failed configuration item and
the failure cause. Then, rectify the fault accordingly.

2024-09-17 383
MA5800 Product Documentation

1.4.6.4 Configuring Management Service Ports on OLT and


ONUs
Configuring Management Service Ports on OLT and ONUs

This topic describes how to configure management service ports (also called service flows) on the OLT and ONUs.
After the connections between the inband management service ports on the OLT and ONUs are reachable, you can
log in to the ONUs on the OLT and configure the ONUs.

Data Plan

Configuration Item Data

Management VLAN and management IP address for OLT Management VLAN ID: 8
Management VLAN type: smart
Inband management IP address: 192.168.50.1/24

Management VLAN and management IP address for ONU Management VLAN ID: 8
Management VLAN type: smart
Inband management IP address for ONU 3: 192.168.50.2/24

Procedure

1. Configure the inband management VLAN and IP address of the OLT.


Set the inband management VLAN to 8, VLAN priority to 6, and IP address to 192.168.50.1/24.

huawei(config)#vlan 8 smart
huawei(config)#port vlan 8 0/9 0
huawei(config)#vlan priority 8 6
huawei(config)#interface vlanif 8
huawei(config-if-vlanif8)#ip address 192.168.50.1 24
huawei(config-if-vlanif8)#quit

2. Configure the inband management VLAN and IP address of the ONU.

huawei(config)#interface gpon 0/3


huawei(config-if-gpon-0/3)#ont ipconfig 1 1 static ip-address 192.168.50.2 mask 255.255.255.0 gateway

192.168.50.1 vlan 8

huawei(config-if-gpon-0/3)#quit

3. Configure an inband management service port.


Set the management VLAN to 8, GEM port ID to 11, and user VLAN to 8. The OLT does not rate limit the
inband management service port. Therefore, directly use the default traffic profile 6.

huawei(config)#service-port vlan 8 gpon 0/3/1 ont 1 gemport 11 multi-service

user-vlan 8 rx-cttr 6 tx-cttr 6


4. Confirm that the connections between the management service ports on the OLT and ONU are reachable.

2024-09-17 384
MA5800 Product Documentation

 Run the ping ONU ip command on the OLT to verify the connectivity between the OLT and ONU. If the
OLT receives ICMP ECHO-REPLY packets from the ONU, the connection is reachable.

 When the connection is reachable, you can remotely log in to the ONU from the OLT and configure the
ONU.

1.4.6.5 Configuring Service Ports for Voice Transparent


Transmission
Configuring Service Ports for Voice Transparent Transmission

This topic describes how to create service ports on the OLT to transparently transmit VoIP service data from ONUs
to the upper-layer voice server.

Data Plan

Configuration Item Data

SVLAN VLAN ID: 300


VLAN attribute: common

CVLAN (upstream VALN of the ONU) 300

Traffic profile Profile ID: 10


Assured bandwidth: 100 Mbit/s
Priority source: user-cos
Default priority: 5

The VoIP service is a self-operated service. The single S-VLAN is a mainstream application and is recommended.

Procedure

1. Configure an S-VLAN and add an upstream port to it.


Set the S-VLAN ID of the PRA PBX service to 300, VLAN type to smart, and add upstream port 0/9/0 to the
VLAN.

huawei(config)#vlan 300 smart


huawei(config)#port vlan 300 0/9 0

2. Configure a traffic profile for the service port.


Add a new traffic profile 10 and set the assured rate to 100 Mbit/s. Packets transmitted upstream use the
priority (5 by default) copied from the user side. Packets transmitted downstream use the priority carried
by themselves.

huawei(config)#traffic table ip index 10 cir 102400 priority user-cos 5 priority-policy tag-in-package

3. Configure a service port.


According to Principle of VLAN Data Plan , VLANs of packets sent from the PRA PBX are all translated to
CLVAN 300. The OLT transparently transmits the packets. The traffic profile 10 is used.

2024-09-17 385
MA5800 Product Documentation

huawei(config)#service-port vlan 300 gpon 0/3/1 ont 1 gemport 12 multi-service

user-vlan 300 rx-cttr 10 tx-cttr 10

1.4.6.6 Configuring VoIP PRA Access


Configuring VoIP PRA Access

This topic describes how to configure VoIP PRA access. ONUs provide PRA E1 ports to access the PRA PBX service
and convert PRA signaling to ISDN Q.931-User Adaptation Layer (IUA) signaling, achieving signaling exchange
between ONUs and media gateway controller (MGCs).

Prerequisites

The H.248 protocol is a master/slave protocol which is used by an MGC to control access gateways (AGs) to
implement call connections. The data, including media gateway (MG) interface attributes and voice user attributes
on AGs, must be consistent with those on the MGC. Therefore, before configuring the VoIP voice service, plan data
with the MGC.

Context

IUA is the ISDN Q.931-User Adaptation Layer protocol. IUA links carry signaling exchanged between ONUs and
MGCs.

Data Plan

Table 1 Data plan for VoIP PRA service

Configuration Item Data

VLAN VLAN ID: 300


IP address of the Layer 3 interface: 10.10.10.10/24

MG interface MG ID: 0
Media/signaling IP address: 10.10.10.10/24
MGC IP address: 10.200.200.200
Gateway IP address: 10.10.10.1
Protocol port: 2944

IUA linkset IUA link set ID: 1


Working mode of the link set: override
Interface ID (IID) generation mode: 2
Service environment of the IUA link set: client
Interlocking function: enabled

IUA link IUA link ID: 0


Local port ID: 1402
Local IP address: 10.10.10.10
Remote port ID: 1404
Remote IP address for the primary MGC: 10.200.200.200
Interlocking policy: the link switches over with the primary MAC

2024-09-17 386
MA5800 Product Documentation

Table 1 Data plan for VoIP PRA service

Configuration Item Data

PRA port Subrack ID/slot ID/port ID: 0/1/0


Terminal ID: 512

Procedure

1. Configure an upstream VLAN and VLAN interface.


Specify an upstream VLAN interface for the media stream and signaling flow, and set the IP addresses of the
Layer 3 interface. These IP addresses are the sources of the media and signaling IP address pools.

a. Create an upstream VLAN 300 and add upstream port 0/0/1 to the VLAN.

huawei(config)#vlan 300 smart


huawei(config)#port vlan 300 0/0 1

b. Configure the IP address of Layer 3 interface.


Enter the VLAN interface mode and set the IP address of the Layer 3 interface to 10.10.10.10.

huawei(config)#interface vlanif 300


huawei(config-if-vlanif300)#ip address 10.10.10.10 24
huawei(config-if-vlanif300)#quit

2. Configure the media and signaling IP address pools.


The media and signaling IP addresses are 10.10.10.10, and the media gateway IP address is 10.10.10.1.

huawei(config)#voip
huawei(config-voip)#ip address media 10.10.10.10 10.10.10.1
huawei(config-voip)#ip address signaling 10.10.10.10
huawei(config-voip)#quit

The media IP address can be different from the signaling IP address. You can make data plan according to the actual
network situation.

3. Configure a static route.


Because the IP address of the VLAN interface and the IP address of the MGC (10.200.200.200/24) are in
different network segments, a route from gateway 10.10.10.1 to 10.200.200.0 network segment must be
configured.

huawei(config)#ip route-static 10.200.200.0 24 10.10.10.1

4. Add an MG interface and configure interface attributes.

a. Add an MG interface.
Add an MG interface for the MG to communicate with the MGC, which ensures that the MGC can
control call connections through the MG interface. Add MG interface 0 according to the data plan.

huawei(config)#interface h248 0

2024-09-17 387
MA5800 Product Documentation

Are you sure to add MG interface?(y/n)[n]:y

b. Configure MG interface attributes.


Configure MG interface attributes according to the data plan. When configuring the attributes, note
that:

 The registration mode of the MG interface must be consistent with that on the MGC. Registration
mode: by IP address (default) or by domain name

 H.248 version for negotiation: H.248v1, H.248v2, or H.248v3 (default). When H.248v3 is used,
interfaces fail to be registered if some softswitches do not support H.248v3.

huawei(config-if-h248-0)#if-h248 attribute mgip 10.10.10.10 mgport

2944 code text transfer udp primary-mgc-ip1 10.200.200.200 primary-mgc-port


2944 mg-media-ip1 10.10.10.10 start-negotiate-version 1

c. Enable the MG interface.

huawei(config-if-h248-0)#reset coldstart
Are you sure to reset MG interface?(y/n)[n]:y
huawei(config-if-h248-0)#quit

 After configuring the MG interface, you must perform a cold reset on the interface. Otherwise, the
interface cannot take effect.
 You can perform a cold reset on the MG interface only after the following parameters are correctly
configured: mgip, mgport, primary-mgc-ip1 (or mgc-domain-name1), mgcport_1, code, transfer, and
mg-media-ip.

d. Query the running status of the MG interface.


If the MG interface is interconnected with the MGC successfully, the MG interface is in normal state
which indicates that the interface is working properly.

huawei(config)#display if-h248 all


-------------------------------------------------------------------------
MGID Trans State MGPort MGIP MGCPort MGCIP/DomainName
-------------------------------------------------------------------------
0 UDP Normal 2944 10.10.10.10 2944 10.200.200.200
-------------------------------------------------------------------------

5. Configure IUA links.


In the sigtran mode, configure the Signaling Transport protocol stack. Add an IUA link set first and then add
IUA links.

huawei(config)#sigtran
huawei(config-sigtran)#iua-linkset add 1 mgid 0 jointly-work enable trafficmode override iid-map 2 cs-mode client
huawei(config-sigtran)#iua-link add 0 1 1402 10.10.10.10 1404 10.200.200.200 jointly-work-with primary-mgc
huawei(config-sigtran)#quit

6. Add ISDN PRA user.

2024-09-17 388
MA5800 Product Documentation

huawei(config)#esl user

huawei(config-esl-user)#mgprauser add 0/1/0 0 1 interfaceid 0 terminalid 512

1.4.6.7 Configuring Congestion Control and Security Policies


Configuring Congestion Control and Security Policies

This topic describes how to configure global priority-based scheduling policies for queues to ensure service
reliability and configure global security policies to ensure service security.

Context
Congestion control uses queue scheduling technology to map packets sent from the same port into multiple queues
and process packets in each queue based on priority. Congestion control is recommended.

Security policies cover system security, user security, and service security, which ensure normal running of
services.

Enable security features based on service types. For details, see Principle of Security Data Plan .

Procedure

 Configure queue scheduling.


Based on Principle of QoS Data Plan , all packets use strict priorities for queue scheduling and are mapped to
queues based on priorities.

huawei(config)#queue-scheduler strict-priority
huawei(config)#cos-queue-map cos0 0 cos1 1 cos2 2 cos3 3 cos4 4 cos5 5 cos6 6 cos7 7 //System default

 Configure system security.

 Enable deny of service (DoS) anti-attack on both the OLT and ONUs.

1. Run the security anti-dos enable command to globally enable DoS anti-attack.

2. Run the security anti-dos control-packet policy command to configure a protocol packet
processing policy that will be used when a DoS attack occurs.

3. Run the security anti-dos control-packet rate command to configure the threshold for the rate
of sending protocol packets to the CPU.

 Enable IP address anti-attack on both the OLT and ONUs.


Run the security anti-ipattack enable command to enable IP address anti-attack.

 Configure user security.

 Enable MAC address anti-flapping on both the OLT and ONUs.


Run the security anti-macduplicate enable command to enable MAC address anti-flapping.

 Enable MAC address anti-spoofing on both the OLT and ONUs.

2024-09-17 389
MA5800 Product Documentation

1. In global config mode, run the security anti-macspoofing enable command to globally enable
MAC address anti-spoofing.

2. Enable MAC address anti-spoofing at VLAN level in global config mode or service profile mode:

a. In global config mode, run the security anti-macspoofing vlan command to enable MAC
address anti-spoofing.

b. Perform the following operations to enable MAC address anti-spoofing in service profile
mode:

i. In global config mode, run the vlan service-profile command to create a VLAN
service profile.

ii. Run the security anti-macspoofing enable command to enable MAC address anti-
spoofing at VLAN level.

iii. Run the commit command to make the profile configuration take effect.

iv. Run the quit command to quit the VLAN service profile mode.

v. Run the vlan bind service-profile command to bind the created VLAN service
profile to a VLAN.

3. (Optional) Run the security anti-macspoofing max-mac-count command to set the maximum
number of MAC addresses that can be bound to a service flow.

4. (Optional) Run the security anti-macspoofing exclude command to configure the types of
packets for which MAC address anti-spoofing does not take effect, such as Internet Group
Management Protocol (IGMP) packets.

 Enable IP address anti-spoofing on ONUs.

IP address anti-spoofing can be enabled or disabled at three levels: global, VLAN, and service port levels.
This function takes effect only after it is enabled at the three levels. Among the three levels, IP address
anti-spoofing is disabled only at the global level by default.

1. In global config mode, run the security anti-ipspoofing enable command to enable IP address
anti-spoofing at the global level.

2. In VLAN service profile mode, run the security anti-ipspoofing enable command to enable IP
address anti-spoofing at the VLAN level.

3. Run the security anti-ipspoofing service-port serviceport-id enable command to enable IP


address anti-spoofing at the service port level.

1.4.6.8 Configuring Network Protection


Configuring Network Protection

This topic describes how to configure end-to-end (E2E) protection schemes for the enterprise private line service
which has a high requirement on service reliability.

2024-09-17 390
MA5800 Product Documentation

Context
Reliability covers equipment reliability, upstream networking protection, and downstream networking protection.
For details on reliability data planning, see Principle of Reliability Data Plan .

 Upstream networking protection includes link aggregation group and protection group. Usually, link
aggregation group is configured when the NXED board is used to transmit traffic upstream; protection group
is configured when the main control board is used to transmit traffic upstream. The two protection schemes
are not configured at the same time.

 Downstream networking protection includes Type B, Type C single homing, and Type C dual homing, which
are used to protect service ports. Ports on the same ONU can be configured only with the same protection
scheme.

This topic describes how to configure five mainstream protection schemes. Select required protection schemes based on the
carrier's requirement and actual networking scenario.

Procedure

 Configure a link aggregation group.


Bind upstream ports 0/9/0 and 0/9/1 together as an aggregation link group. Each member port in the group
transmits packets based on source MAC addresses. The working mode is LACP static aggregation.

huawei(config)#link-aggregation 0/9 0-1 ingress workmode lacp-static

 Configure a protection group.


Configure upstream ports 0/9/0 and 0/9/1 on one board as a port protection group. Set port 0/9/0 as the
working port and port 0/9/1 as the protection port, set the working mode to time delay detection, and enable
the protection group.

huawei(config-protect)#protect-group first 0/9/0 second 0/9/1 eth workmode timedelay enable

 Configure the Type B protection.

Figure 1 shows the Type B protection networking diagram.

Figure 1 Type B protection

Configure redundancy backup for ports 0/3/1 and 0/3/2 on the same GPON board on OLT. When port 0/3/1
fails, the system can automatically switch to port 0/3/2.

2024-09-17 391
MA5800 Product Documentation

huawei(config)#protect-group 0 protect-target gpon-uni-port workmode timedelay


huawei(protect-group-0)#protect-group member port 0/3/1 role work
huawei(protect-group-0)#protect-group member port 0/3/2 role protect
huawei(protect-group-0)#protect-group enable

The configurations of services accessed by the ONUs remain the same after the Type B protection is configured. That is,
the service configurations are applied only to the working GPON port.

 Configure the Type C single homing protection.


Figure 2 shows networking diagram for the Type C single homing protection. Configure two 1:N optical
splitters, one for connecting the working PON ports on the OLT and ONUs, and one for connecting the
protection PON ports on the OLT and ONUs. This protection scheme protects both the backbone fibers and
tributary fibers.
The configurations of services accessed by the ONUs remain the same after the Type C single homing
protection is configured. That is, the service configurations are applied only to the working PON port on the
OLT and working upstream PON ports on the ONUs.

Figure 2 Type C single homing protection

As shown in the preceding figure, Type C single homing protecting is configured for optical fiber links
between the OLT and ONU.

 The ports on the GPON service board are 0/3/1 and 0/3/2.

 The link at port 0/3/1 is the working link.

 The link at port 0/3/2 is the protection link.

 The ONU ID is 1.

 The ONU is authenticated by serial number (SN). The SN of the ONU is 3230313163902641 and the
management mode is SNMP.

 The ID of the line profile bound to the ONU is 10.

huawei(config)#interface gpon 0/3


huawei(config-if-gpon-0/3)#ont add 1 1 sn-auth 3230313163902641 snmp ont-lineprofile-id 10
huawei(config-if-gpon-0/3)#ont add 2 1 protect-side
huawei(config-if-gpon-0/3)#quit
huawei(config)#protect-group protect-target gpon-uni-ont workmode portstate
huawei(protect-group-1)#protect-group member port 0/3/1 ont 1 role work

2024-09-17 392
MA5800 Product Documentation

huawei(protect-group-1)#protect-group member port 0/3/2 ont 1 role protect


huawei(protect-group-1)#protect-group enable
huawei(protect-group-1)#quit

 Configure the Type C dual homing protection.


Figure 3 shows the networking diagram for the Type C dual homing protection. Two PON ports on different
OLTs, two PON ports on an ONU, two backbone optical fibers, two optical splitters, and two tributary optical
fibers are configured to implement this protection. The difference between this protection scheme and the
Type C single homing protection scheme is that the ONU needs to be dual homed to two OLTs in this
protection scheme.
The models and versions of main control boards on the active and standby OLTs must be the same. The
models and versions of GPON boards on the active and standby OLTs also must be the same. Data on the
active OLT cannot be automatically synchronized with that on the standby OLT. Therefore, data
synchronization between the active and standby OLTs must be manually ensured.
This protection scheme can be configured for only the Ethernet QinQ private line service. It does not support
TDM services, including Native TDM and SAToP.

Figure 3 Type C dual homing protection

As shown in the preceding figure, Type C dual homing protection is configured for two OLTs (huawei_A and
huawei_B).

 huawei_A is the active OLT while huawei_B is the standby OLT.

 The ports on the service boards on both OTLs are 0/3/1.

 The dual homing protection group ID is 1.

 The ONU ID is 1.

 The ONU is authenticated by serial number (SN). The SN of the ONU is 3230313163902641 and the
management mode is SNMP.

 The ID of the line profile bound to the ONU is 10.

Configurations on the active OLT huawei_A:


huawei_A(config)#interface gpon 0/3
huawei_A(config-if-gpon-0/3)#ont add 1 1 sn-auth 3230313163902641 snmp ont-lineprofile-id 10

2024-09-17 393
MA5800 Product Documentation

huawei_A(config-if-gpon-0/3)#quit
huawei_A(config)#protect-group 1 protect-target gpon-uni-ont workmode dual-parenting
huawei_A(protect-group-1)#protect-group member port 0/3/1 ont 1 role work

Configurations on the standby OLT huawei_B:


huawei_B(config)#interface gpon 0/3
huawei_B(config-if-gpon-0/3)#ont add 1 1 sn-auth 3230313163902641 snmp ont-lineprofile-id 10
huawei_B(config-if-gpon-0/3)#quit
huawei_B(config)#protect-group 1 protect-target gpon-uni-ont workmode dual-parenting
huawei_B(protect-group-1)#protect-group member port 0/3/1 ont 1 role protect
huawei_B(protect-group-1)#protect-group enable

1.4.6.9 Verifying Services


Verifying Services

This topic describes how to verify the PRA PBX service by testing calls.

Prerequisites
The PRA PBX access service has been deployed.

Procedure

1. Test calls between users connected to the PRA PBX according to table 1.

2. Test calls from a user connected to the PRA PBX to an MGC user according to table 1.

3. Test calls from an MGC user to a user connected to the PRA PBX according to table 1.
Table 1 PRA PBX access service verification

Category Test Calls Between Users Test Calls from a User Test Calls from an MGC User
Connected to the PRA PBX Connected to the PRA PBX to to a User Connected to the
an MGC User PRA PBX

Prerequisites User A and user B access the User A accesses the network User A is a common MGC user
network through the PRA PBX and through the PRA PBX and has and has been registered.
both users have been registered. been registered.
User B accesses the network
User A and user B are idle. User B is a common MGC user through the PRA PBX and has
and has been registered. been registered.
User A and user B are idle. User A and user B are idle.

Test User A calls user B. The same as that in the "Test The same as that in the "Test
procedure Calls Between Users Connected Calls Between Users Connected
User B answers the call. Check the to the PRA PBX" column to the PRA PBX" column
call between user A and user B.
User A releases the call.

Expected User B hears the ringing tone. The same as that in the "Test The same as that in the "Test
result Calls Between Users Connected Calls Between Users Connected
The call is set up. to the PRA PBX" column to the PRA PBX" column

2024-09-17 394
MA5800 Product Documentation

Table 1 PRA PBX access service verification

Category Test Calls Between Users Test Calls from a User Test Calls from an MGC User
Connected to the PRA PBX Connected to the PRA PBX to to a User Connected to the
an MGC User PRA PBX

The call is released.

1.5 FTTO Configuration (SOHO and SME)


FTTO Configuration (SOHO and SME)

This chapter describes the configurations of the following services for small office and home office (SOHO) users
and small- and medium-sized enterprises (SMEs) in fiber to the office (FTTO) scenarios: services of Internet access
through cables, services of Internet access through wireless fidelity (Wi-Fi), VoIP services, fax services, point of
sale (POS) sdadianhua services, multicast services, and private line services.

Context
FTTO is positioned for SOHO users, SMEs, and enterprises. This chapter provides service configurations only for
SOHO users and SMEs. For details about service configurations for enterprises, see FTTO Configuration (Large-
sized Enterprise Access) .

Basic Concept

FTTO SOHO and SME solutions involve many concepts. This topic describes concepts involved in FTTO SOHO and SME
solutions from user side to network side based on the following FTTO SOHO and SME network diagram.

Principles of Planning Data for FTTO Services (SOHO and SME)

This section describes the principles of planning data for small office and home office (SOHO) users and small- and
medium-sized enterprises (SMEs) in fiber to the office (FTTO) scenarios, from the aspect of security, device management,
quality of service (QoS), and services. The data of all the examples involved in this section is planned following the
principles.

Bridging Networking(GPON)

This section describes the configurations for the Internet access, voice, and video services on optical network units (ONUs)
in bridging networking.

Gateway Networking(GPON)

This section describes the configurations for the Internet access, voice, and video services on optical network units (ONUs)
in gateway networking.

Configuring Layer 2 Interoperation Service Between Enterprise Branches (GPON)

Different branches of an enterprise can achieve Layer 2 interoperation through ONUs. Then, different branches can
transmit service traffic to each other just like in the same LAN, which can improve coordination work efficiency.

2024-09-17 395
MA5800 Product Documentation

Configuring FTTO SOHO and SME Services (GE Optical Port)

FTTO ONU users connect to the P2P board of the OLT or to the switch using a GE optical upstream port to use the Internet
access, Wi-Fi, voice, and video services.

Configuring FTTO SOHO and SME Services (GE Electrical Port)

An FTTO ONU functions as a routing gateway. Its users use a GE electrical upstream port to connect to the LAN port of an
ONU on an FTTB or FTTC network to use the Internet access, Wi-Fi, voice, and video services.

1.5.1 Basic Concept


Basic Concept

FTTO SOHO and SME solutions involve many concepts. This topic describes concepts involved in FTTO SOHO and
SME solutions from user side to network side based on the following FTTO SOHO and SME network diagram.

Figure 1 FTTO SOHO and SME Network Diagram

Scenario

Concept Description

Small office home office (SOHO) SOHO is positioned for miniature enterprises, such as home offices, shops, and
markets.

Small- and medium-sized An SME contains 10-300 personnel. SME is positioned for small- and medium-sized
enterprise (SME) enterprises, campuses, and net bars.

User Side

Concept Introduction

VoD VoD is known as interactive video on demand. Users can choose their desired programs from the VoD
program database. When watching programs, users can perform operations such as pause, fast forward,
fast rewind, and locate.

Multicast Multicast, or broadband TV (BTV) is similar to traditional wired broadcasting or television satellite
broadcasting. Users have the same experience in watching BTV programs and traditional television

2024-09-17 396
MA5800 Product Documentation

Concept Introduction

programs. Unlike the traditional television, the IPTV system encodes audio signals into media streams
and multicasts the media streams over an IP network to user terminals.

Fax A communication tool widely used in enterprises and institutions to transmit digital text and images
through phone lines.

Point of sale A terminal supporting multiple functions. After being installed in a promissory shop or designated
(POS) network of a credit card and accessing the network, the POS machine implements speedy, convenient, and
reliable automatic electronic funds transfer. The POS machine supports consumption, advance payment,
balance inquiry, and transfer.

Wireless A short-distance wireless transmission technology, which supports wireless signals for Internet access
fidelity (Wi- within hundreds of feet.
Fi)

Access Side

Concept Introduction

PON A passive optical network (PON) uses a point-to-multipoint (P2MP) network architecture. A PON network
consists of three parts: optical line terminal (OLT), optical distribution network (ODN), and optical network
units (ONUs). A PON network uses optical fibers for data transmission, supports more users with less optical
fiber resources, and provides a higher access rate.

ODN The ODN is composed of passive optical components, such as optical fibers and one or more passive optical
splitters. The ODN provides highly reliable optical channels between the OLT and ONUs.

OLT The OLT is an aggregation device located at the central office (CO), which terminates PON protocols. OLTs in
this document are MA5800.

ONU ONUs are located on the user side, providing various types of ports for connecting to user terminals. The
ONUs communicate with the OLT through a passive ODN.

Split Split ratio is the ratio of dividing a downstream optical signal into sub-signals in the PON system. Greater
Ratio optical ratio requires more power to support physical distances.

Network Side

Concept Introduction

U-PE User-end provider edges (U-PEs) are routing devices directly connected to customer edges (UEs). U-PEs
support routing and MPLS encapsulation. If a U-PE is connected to multiple CEs and possesses the basic
bridging function, data frame forwarding only needs to be performed on the U-PE. This reduces the load of
the S-PE.

PE-AGG Aggregation provider edge (PE-AGG) routers provide aggregation and route forwarding functions for access
equipment. Compared with U-PEs, PE-AGGs feature higher performance, fewer interfaces, and higher
switching rates.

NGN/IMS A next generation network (NGN) is a network that uses softswitches as its core and uses open and
standardized architectures to provide abundant services such as VoIP, video, and data.
The IP multimedia subsystem (IMS) uses SIP signaling as its call control signaling to provide services such
as VoIP, data, and multimedia services.
NOTE:
NGN/IMS in this document refers to softswitches that support H.248 and SIP.

2024-09-17 397
MA5800 Product Documentation

Concept Introduction

IPTV head The IPTV head end system functions as the contents preparation platform in the IPTV system. It provides
end functions such as signal receipt, media format conversion, and media material management.

1.5.2 Principles of Planning Data for FTTO Services (SOHO and


SME)
Principles of Planning Data for FTTO Services (SOHO and SME)

This section describes the principles of planning data for small office and home office (SOHO) users and small- and
medium-sized enterprises (SMEs) in fiber to the office (FTTO) scenarios, from the aspect of security, device
management, quality of service (QoS), and services. The data of all the examples involved in this section is planned
following the principles.
Principles of Planing Device Management Data

The device management plan includes the channel management plan and the IP address plan.

Principle of QoS Planning

QoS planning is in E2E mode, and it can be divided into the following policies: traffic classification, marking, and
scheduling, traffic monitoring, and DBA policies.

Principle of Internet Access Service Data Plan

The Internet access service plan mainly includes the plan of the VLAN and VLAN translation policy in different network
scenarios.

Principles of Planning Voice Service Data

The voice service plan mainly includes the plan of the VLAN and VLAN translation policy in different network scenario,
and the plan of voice protocol.

Principle of IPTV Service Data Plan

The IPTV service data plan mainly include the plan of VLAN and VLAN translation policy in different network scenario, and
the plan of IPTV service.

Principle of Security Data Plan

The security plan involves system security plan, user security plan, and service security plan. Security policy ensures
service security from different aspects.

1.5.2.1 Principles of Planing Device Management Data


Principles of Planing Device Management Data

The device management plan includes the channel management plan and the IP address plan.

Device Management Data Plan

2024-09-17 398
MA5800 Product Documentation

Plan Device/Service Description

Management OLT Use a single-tagged VLAN as the device management VLAN of the OLT. All other
channel devices in the network use single-tagged VLANs as the device management
VLAN.

ONU Use a single-tagged S-VLAN as the management VLAN of the ONU that is
managed.
Set an S-VLAN for an entire network, an OLT, a PON board or a PON port for
identifying services and physical locations.

IP address plan Internet access A PC obtains an IP address through PPPoE dialup. The ONU transparently
(bridging service transmits the packets.
networking)
IPTV service The set top box (STB) obtains an IP address from the DHCP server for ordering
programs. The ONU transparently transmits the packets.

VoIP service The ONU functions as a DHCP client and obtains an IP address from the DHCP
server, or the NMS issues a static IP address to the ONU using the configuration
file. Voice signaling and media streams at multiple POTS ports share one IP
address. Media streams are distinguished by port.

IP address plan Internet access As a DHCP client, the ONU obtains a public IP address through PPPoE dialup. As a
(gateway service DHCP server, the ONU allocates private network IP addresses to PCs that access
networking) the Internet through the network cables or Wi-Fi. After NAT, all the PCs
connected to the router use the public IP address to access the Internet.

IPTV service As a DHCP client, the ONU obtains a public network IP address through DHCP. As
a DHCP server, the ONU allocates private IP addresses to STBs. After NAT, all the
STBs connected to the ONU use a public IP address to order programs.

VoIP service As a DHCP client, the ONU obtains a public IP address through DHCP, or the NMS
allocates an IP address to the ONU through a configuration file, or the ACS
allocates a static IP address to the ONU through TR069. The voice signaling
streams and the media streams of multiple POTS ports share the IP address.
Media streams can be distinguished by different ports.

1.5.2.2 Principle of QoS Planning


Principle of QoS Planning

QoS planning is in E2E mode, and it can be divided into the following policies: traffic classification, marking, and
scheduling, traffic monitoring, and DBA policies.

Traffic Classification, Marking, and Scheduling Policies

Service Type 802.1p Queue Scheduling OLT Queue ID (8 ONT Queue ID


Priority Method Queues)
Supporting Eight Supporting Four
Queues Queues

Management 6 PQ 6 6 3
service

VoIP service 5 PQ 5 5 2

IPTV service 4 PQ 4 4 2

Internet access 0 PQ 0 0 0

2024-09-17 399
MA5800 Product Documentation

Service Type 802.1p Queue Scheduling OLT Queue ID (8 ONT Queue ID


Priority Method Queues)
Supporting Eight Supporting Four
Queues Queues

service

Note

 Different service packets are distinguished by different VLAN IDs. GEM ports are mapped based on 802.1p
priorities for the GPON system.

 Service priorities in this table are recommended values. The service priorities are arranged according to the
carriers' actual plan.

Traffic Monitoring and DBA Policies

Item Management Internet Access Service VoIP Service IPTV Service


Service

T-CONT (used only in Use different T-CONTs for different services.


GPON networks)

DBA type Select a suitable DBA type based on the service type. For example, select Type1 for the
management and voice services, and Type3 or Type4 for the Internet access and IPTV services.

DBA bandwidth Configure the DBA bandwidth according to the user's bandwidth package.
planning The assured bandwidth is the maximum bandwidth required by management packets, VoIP, and
IPTV upstream packets. The maximum bandwidth is greater than or equal to the maximum
bandwidth that users apply.

Downstream rate No rate limitation Configure rate limitation by a traffic No rate No rate
limitation on the OLT profile as required. [Remark 1] limitation limitation

Rate limitation on the Set ONU port rate limitation or xDSL line rate limitation as required. [Remark 1]
ONU upstream port

Rate limitation on the Set ONU port rate limitation or xDSL line rate limitation as required. [Remark 1]
ONU downstream
port

Remark 1: For details about the reference service bandwidth of each service for each user, see Table 1.
Table 1 Reference service bandwidth of each service for each user

Service Upstream Bandwidth Downstream Bandwidth Bandwidth Description


Type

Internet Determined based on the Determined based on the Available bandwidth of Internet access
access tariff package. tariff package. service = Committed bandwidth of the tariff
service package - VoIP bandwidth - IPTV bandwidth

VoIP 200 kbit/s (Bandwidth of 200 kbit/s (Bandwidth of The VoIP service has symmetrical upstream
service 200 kbit/s meets the 200 kbit/s meets the and downstream bandwidth. The actual
requirements of most requirements of most bandwidth is related to the coding and
application scenarios. For application scenarios. For decoding formats used by both
G.711 10 ms packetization, G.711 10 ms packetization, communication parties. (Assume that each
the required bandwidth is the required bandwidth is user uses 2 POTS ports.)

2024-09-17 400
MA5800 Product Documentation

Table 1 Reference service bandwidth of each service for each user

Service Upstream Bandwidth Downstream Bandwidth Bandwidth Description


Type

approximately 240 kbit/s.) approximately 240 kbit/s.)

IPTV N/A 2.5 Mbit/s per channel The IPTV service mainly occupies the
service downstream bandwidth. The actual
(common bandwidth depends on the coding format
program) used by the IPTV headend device, the picture
in picture information, and other factors. In
IPTV N/A 9.7 Mbit/s per channel addition, 10% bandwidth burst traffic and the
service number of programs that can be concurrently
(high watched by one user (in the case of multi-STB
definition access) are taken in to consideration.
program) The upstream bandwidth is mainly used for
IGMP packet transmission, which requires
less bandwidth. Therefore, the occupied
upstream bandwidth can be neglected.

The preceding bandwidth for each service is obtained based on historical statistics in most scenarios, which is for reference
only. The bandwidth for a device does not completely depend on the access device, and is not a fixed value. For example, the
IPTV service bandwidth depends on the IPTV headend service. Therefore, the carrier needs to obtain the required bandwidth
range from the supplier of the IPTV headend device.

Note

 Rate limitation on the BRAS or SR is recommended. OLTs and ONUs do not limit rates on service flows. If the
BRAS does not support rate limitation, OLTs can limit rates on service flows using traffic profiles.

 The sum of assured bandwidth of all ONUs under a PON port and the fixed bandwidth of OMCI management
channel must be smaller than the GPON upstream bandwidth. Some bandwidth must be reserved for future
service expansion.

1.5.2.3 Principle of Internet Access Service Data Plan


Principle of Internet Access Service Data Plan

The Internet access service plan mainly includes the plan of the VLAN and VLAN translation policy in different
network scenarios.

VLAN and VLAN Translation policy for Internet Access Service

Application VLAN Plan VLAN Translation Policy


Scenario

Bridging ONU Double-tagged ONU: ONUs configure the VLAN and add the same C-VLAN tag to packets. All
VLAN ONUs are in the same C-VLAN.
OLT: The OLT performs VLAN translation: C<->S+C'. The C'-VLAN of every ONU
differs from each other.

Gateway ONU Double-tagged ONU: ONUs configure the VLAN and add the same C-VLAN tag to packets. All
VLAN ONUs are in the same C-VLAN.

2024-09-17 401
MA5800 Product Documentation

Application VLAN Plan VLAN Translation Policy


Scenario

OLT: The OLT performs VLAN translation: C<->S+C'. The C'-VLAN of every ONU
differs from each other.

VLAN and VLAN Translation policy for Wi-Fi Service

Application VLAN Plan VLAN Translation Policy


Scenario

Gateway ONU Single-tagged ONU: The upstream packets sent from the Router carry user-VLANs and the ONU
VLAN transparently transmits them.
OLT: The OLT performs VLAN translation: C<->S.

Note:

 UserVLAN: VLAN carried by upstream packets of user-side devices, U for short.

 C-VLAN: VLAN added based on the ONU port. For details, see the description of the Double-tagged VLAN S+C.

 Double-tagged VLAN S+C: C indicates the inner VLAN (C-VLAN) and S indicates the outer VLAN (S-VLAN).

 Double-layer VLAN S+C': C' indicates the translated inner VLAN (C'-VLAN) and S indicates the outer VLAN
(SVLAN).

 Single-tagged S-VLAN: Single-tagged VLAN marked or translated by the OLT. It is generally used in a single-
tagged VLAN translation scenario.

 C<->S+C': Bidirectional VLAN translation: translates the inner C-VLAN and then adds one outer S-VLAN.

 C<->S+C: Bidirectional VLAN translation: maintains the inner C-VLAN and adds one outer S-VLAN.

 To ensure traceability of users and finer-grained QoS control and management of users and services, plan per user per
service per VLAN (PUPSPV) for the Internet access service. Considering OLT capacity and VLAN scalability, use dual
VLANs (S-VLAN+C-VLAN) on the OLT to differentiate users for the Internet access service.
 The outer S-VLAN, which identifies services and physical location, can be allocated based on the OLT, PON board, or PON
port. The inner C-VLAN identifies users. User C-VLANs must be unique in one S-VLAN.
 It is recommended that you use stacking VLANs as S-VLANs so that security features, such as PPPoE+/opton82, and anti
MAC attacks and anti-spoofing can be easily deployed.
 The 802.1q in 802.1q (QinQ) VLAN is used in the enterprise private line scenario, such as (TLS). The device transparently
transmits packets. It is not recommended that you use QinQ VLANs as S-VLANs for the triple play services of residential
users.

1.5.2.4 Principles of Planning Voice Service Data


Principles of Planning Voice Service Data

The voice service plan mainly includes the plan of the VLAN and VLAN translation policy in different network
scenario, and the plan of voice protocol.

VLAN and VLAN Translation Policy.


2024-09-17 402
MA5800 Product Documentation

Usage VLAN Plan VLAN Translation Policy


Scenario

Bridging Single-tagged ONU: Provide the VoIP service through the ONU. Configure the service VLAN (S-VLAN)
ONU VLAN tag in a unified manner.
OLT: The OLT transparently transmits S-VLAN tags.

Double-tagged ONU: Provide the VoIP service through the ONU. Configure the customer VLAN (C-VLAN)
VLAN tag in a unified manner. The C-VLAN tag identifies the VoIP service.
OLT: The OLT adds an S-VLAN tag to a C-VLAN tag and supports the switching between
the C-VLAN tag and the S-VLAN+C-VLAN tag.

Gateway Single-tagged ONU: Configure a VLAN for all ONUs and add the same C-VLAN tag to packets. All ONUs
ONU VLAN are in the same C-VLAN.
OLT: The OLT transparently transmits VLAN tags (the C-VLAN is the same as the planned
S-VLAN).

Single-tagged ONU: Configure a VLAN for all ONUs and add the same C-VLAN tag to packets. All ONUs
VLAN are in the same C-VLAN.
OLT: The OLT switches between the C-VLAN tag and the S-VLAN tag (the C-VLAN is
different from the planned S-VLAN).

Note:

 UserVLAN: VLAN carried by upstream packets of user-side devices, U for short.

 C-VLAN: VLAN added based on the ONU port. For details, see the description of the Double-tagged VLAN S+C.

 Double-tagged VLAN S+C: C indicates the inner VLAN (C-VLAN) and S indicates the outer VLAN (S-VLAN).

 Double-layer VLAN S+C': C' indicates the translated inner VLAN (C'-VLAN) and S indicates the outer VLAN
(SVLAN).

 Single-tagged S-VLAN: Single-tagged VLAN marked or translated by the OLT. It is generally used in a single-
tagged VLAN translation scenario.

 C<->S+C': Bidirectional VLAN translation: translates the inner C-VLAN and then adds one outer S-VLAN.

 C<->S+C: Bidirectional VLAN translation: maintains the inner C-VLAN and adds one outer S-VLAN.

 The VoIP service is a closed service self-operated by carriers. The single-tagged S-VLAN is the mainstream application
and is recommended.
 When the planned VLAN is single-tagged VLAN, the S-VLAN can identify services and physical locations based on an OLT
device, a PON board or a PON port. It is recommended that you set different voice VLANs for the OLTs connected to one
VoIP SR to avoid an excessively large broadcast domain of the SR and convergence switch.
 When the planned VLAN is S-VLAN+C-VLAN, the outer S-VLAN can identify services and physical locations based on an
OLT device, a PON board or a PON port. The inner C-VLAN is used to identify services (the fixed value) and users.

VoIP Data Plan Based on H. 248 or SIP

Item Description

MG interface/SIP Media and Media and Upstream VLANs of the VoIP service
signaling signaling

2024-09-17 403
MA5800 Product Documentation

Item Description

interface data parameters upstream


NOTE: VLANs
must be consistent
Media and Upstream ports of the VoIP service
with the data on
signaling
the MGC/IMS core
upstream port
network devices.
Media IP Supports separating media from signaling.
addresses and
signaling IP
addresses

Default The next hop IP address from an ONU/HGW to an MGC/IMS.


gateway IP
address.

MG interface/SIP interface ID None

Signaling port ID Select a transmission mode according to the requirement on


the MGC/IMS side.

IP address of active MGC If the dual homing is not configured, only one MGC parameter
(H.248)/IP address of active needs to be configured. If the dual homing is configured, the
IMS device (SIP) IP address and port ID of the standby MGC need to be
configured.
Port ID of active MGC
(H248)/port ID of active IMS
device (SIP)

Coding Select the coding method according to the requirement on


the MGC/IMS side. Generally, the text coding method is
adopted.

Transmission mode Select a transmission mode according to the requirement on


the MGC/IMS side. Generally, the UDP transmission mode is
adopted.

Home domain (SIP) None

Profile index None

The version of H248 protocol V1, V2 or V3 (by default). The interface may fail to be
that MG starts to negotiate registered because some softswitches do not support V3.

Voice port data Phone number For H248 protocol: The phone numbers allocated by the MGC
need to be determined, and the paging numbers for users'
emergency standalone need to be planned if the emergency
standalone function is provided.
For SIP protocol: The phone number that the IMS core
network device allocates to the user must be configured.

Terminal ID (H248) If the TID template with which the POTS user is bound does
not support terminal layering, this parameter needs to be
configured.

User priority According to the service requirements, user priorities must


be specified. The user priorities include the following:
cat1: government1 (category 1 government users)
cat2: government2 (category 2 government users)

2024-09-17 404
MA5800 Product Documentation

Item Description

cat3: common (common users)

User type According to the service requirements, user type needs to be


specified. The user type includes the following:
DEL: direct exchange lines (default)
ECPBX: earth calling PBX
LCPBX: loop calling PBX
PayPhone: pay phone

Common parameter system parameter The system parameters including the overseas version flag
and message waiting indication (MWI) mode need to be
configured according to the local standard to ensure that the
response of the user terminal complies with the local
standard.

Overseas parameters The attributes such as the upper and lower thresholds of the
flash-hooking duration need to be configured according to
the local standards to ensure that the response of the user
terminal complies with the local standards.

POTS port attributes If the POTS port needs to support the polarity reversal
accounting, the POTS port needs to be configured to support
the polarity reversal pulse. Other attributes do not need to be
modified if there is no special requirement.

Ringing current attributes When the attributes of ring current are changed, ring volume
is changed accordingly. Generally, no adjustment is required
for the ringing tone volume. You need to modify the
parameters of the ringing current attributes according to the
local standard only when the default ringing current
attributes do not comply with the local standard.

1.5.2.5 Principle of IPTV Service Data Plan


Principle of IPTV Service Data Plan

The IPTV service data plan mainly include the plan of VLAN and VLAN translation policy in different network
scenario, and the plan of IPTV service.
IPTV services include multicast service and video on demand (VoD) service. These two services are relevant but
independent in VLAN planning.

VLAN and VLAN Translation Policy.

Application Service VLAN Plan VLAN Translation Policy


Scenario Type

Bridging ONU Multicast Single- ONUs transparently transmit upstream packets with M-VLANs sent
service tagged VLAN from STB. Multicast packets are replicated downstream with M-VLAN
unchanged.
The OLT replicates multicast packets based on PON ports with M-VLAN
unchanged.

Single- ONUs translate the upstream VLANs sent from STB to M-VLANs.

2024-09-17 405
MA5800 Product Documentation

Application Service VLAN Plan VLAN Translation Policy


Scenario Type

tagged VLAN The OLT replicates multicast packets based on PON ports with M-VLAN
unchanged.

VoD Single- The ONU adds the default S-VLAN tag to packets from iTV service ports.
tagged VLAN The OLT transparently transmits S-VLAN tags.

Double- The ONU adds C-VLAN tags to packets. All ONUs are in the same C-
tagged VLAN VLAN.
The OLT implements VLAN translation: U->S+C.

Gateway ONU Multicast Single- ONUs replicate packets based on user ports and M-VLANs are removed
service tagged VLAN in downstream direction.
The OLT replicates multicast packets based on PON ports with M-VLAN
unchanged.

VoD Single- ONUs add C-VLAN tags to packets. Untagged VLANs are translated to C-
tagged VLAN VLANs.
The OLT implements VLAN translation: C -> S.

Note:

 UserVLAN: VLAN carried by upstream packets of user-side devices, U for short.

 C-VLAN: VLAN added based on the ONU port. For details, see the description of the Double-tagged VLAN S+C.

 Double-tagged VLAN S+C: C indicates the inner VLAN (C-VLAN) and S indicates the outer VLAN (S-VLAN).

 Double-layer VLAN S+C': C' indicates the translated inner VLAN (C'-VLAN) and S indicates the outer VLAN
(SVLAN).

 Single-tagged S-VLAN: Single-tagged VLAN marked or translated by the OLT. It is generally used in a single-
tagged VLAN translation scenario.

 C<->S+C': Bidirectional VLAN translation: translates the inner C-VLAN and then adds one outer S-VLAN.

 C<->S+C: Bidirectional VLAN translation: maintains the inner C-VLAN and adds one outer S-VLAN.

 IPTV service is a closed service self-operated by carriers, and single-tagged S-VLAN is recommended.
 The same S-VLAN or different S-VLANs can be used as the M-VLAN and VoD VLAN. It is recommended that you use
different S-VLANs as M-VLAN and VoD VLAN so that the upper-level device easily differentiates between the BTV service
and VoD service.
 S-VLANs of VoD service can identify services and physical locations based on an entire network or an OLT. It is
recommended that you set different VoIP VLANs for the OLTs connected to one VoIP SR to avoid an excessively large
broadcast domain of the VoIP SR and convergence switch.

1.5.2.6 Principle of Security Data Plan


Principle of Security Data Plan

The security plan involves system security plan, user security plan, and service security plan. Security policy
ensures service security from different aspects.

2024-09-17 406
MA5800 Product Documentation

 The device provides complete security measures, but not all security measures need to be deployed. Only the security
measures that meet the following requirements need to be deployed:

 The security measures can be used on the live network.


 The security measures are easy to deploy.
 The security measures are effective.

 Different ONUs support different security features. Select the security feature recommended in this topic according to
actual ONU capabilities.

System Security

Security Solution Description and Usage Suggestion


Vulnerability

DoS attack Enable the anti-DoS- After the anti-DoS-attack function is enabled, control packets are
attack function for OLT monitored and those exceeding the number threshold are discarded.
and MDU. Use this solution for new site deployment.

IP attack Enable the anti-IP- After the anti-IP-attack function is enabled, a device discards the IP packets
attack function for OLT received from the user side whose destination IP address is the IP address
and MDU. of the device, and therefore the system is protected.
Use this solution for new site deployment.

User Security

Security Solution Description and Usage Suggestion


Vulnerability

MAC spoofing Enable the anti- After anti-MAC-duplicate is enabled, the system records the first MAC address
MAC-duplicate learned from the port and binds the MAC address to the port and VLAN. If
function for OLT receiving packets sent from the host that has the same MAC address with the port,
and MDU. the system discards the packets directly. In this case, it can prevent users from
forging MAC addresses to perform malicious attacks.
Use this solution for new site deployment.

MAC attack Enable the anti- After anti-MAC spoofing is enabled, the system can prevent users from forging IP
MAC spoofing addresses to perform malicious attacks.
function for OLT Use this solution for new site deployment.
and MDU.

IP spoofing Enable the anti-IP After anti-IP spoofing is enabled, the system can prevent users from forging IP
spoofing function addresses to perform malicious attacks.
for MDU. Use this solution for new site deployment.

Service Security

Security Vulnerability Solution Description and Usage Suggestion

Unauthorized broadband DHCP option 82 is enabled on OLT In the DHCP option 82 mode, user's physical location
access of small and MDU, and the BRAS is added to the option 82 field carried in the DHCP
enterprises (IPoE) implements user authentication request packet initiated by a user. The physical

2024-09-17 407
MA5800 Product Documentation

Security Vulnerability Solution Description and Usage Suggestion

based on the RAIO information. location, used for user authentication on the upper-
layer authentication server, can help implement the
following functions:
The DHCP relay forwards DHCP response packets to
devices with specified CID and RID.
Prevents DHCP address exhaustion.
Achieves static allocation of DHCP addresses.
Implements anti-IP spoofing.
Implements anti-user ID spoofing.
Implements anti-MAC spoofing.
Use this solution for the DHCP Internet access service.

Broadband access of PPPoE+ (PITP) is enabled on OLT The BRAS responds to request packets of users with
residential users and MDU, and the BRAS specified CID and RID. In this way, the following
(PPPoE), user account implements user authentication functions are implemented:
theft/borrowing based on binding of the RAIO
information to the user account. Prevents IP address exhaustion.
Implements anti-IP spoofing.
Implements anti-user ID spoofing.
Implements anti-MAC spoofing.
Use this solution for the PPPoE Internet access service.

1.5.3 Bridging Networking(GPON)


Bridging Networking(GPON)

This section describes the configurations for the Internet access, voice, and video services on optical network units
(ONUs) in bridging networking.
Service Requirements and Usage Scenario

Configuration Procedure

Adding an ONU to an OLT

Services can be configured for an ONU only after the ONU is successfully added to an OLT.

Configuring the Internet Access Service

The OLT is connected to the remote ONU through a GPON port to provide users with high-speed Internet access services.

Configuring the BTV Service

The OLT is connected to the remote bridging ONU through a GPON port to provide users with the multicast service.

Configuring the VoD Service

The OLT is connected to the remote bridging ONU through a GPON port to provide users with the VoD service.

Configuring Link Aggregation, Congestion Control, and Security Policies

2024-09-17 408
MA5800 Product Documentation

Service reliability is improved by configuring uplink aggregation and priority scheduling policy for queues in global
configuration mode, and service security is improved by configuring security policy in global configuration mode.

Verifying Services

In the FTTO scenario, ONUs are installed at users' houses or in business buildings which are far away from the central
equipment room. ONUs provide remote service verification methods including PPPoE dialup emulation, and multicast
emulation to facilitate configuration and commissioning engineers to verify services remotely after service configuration.

1.5.3.1 Service Requirements and Usage Scenario


Service Requirements and Usage Scenario

Service Requirements

Optical network units (ONUs) work in bridging mode. This scenario provides transparent transmission channels
and requires simple service configuration, so this scenario applies to Layer 2 networking.

 PCs connect to an ONU.

 TVs connect to an ONU through set top boxes (STBs) to receive VoD and multicast services.

 The Internet access, and IPTV services are secure.

 The Internet access service is protected against unauthorized access, user account forgery or
unauthorized borrowing, MAC or IP address spoofing, and attacks from malicious users.

 The IPTV services are protected against MAC or IP address spoofing, attacks from malicious users, and
heavy traffic.

 A service fault is easy to locate, and services are easy to maintain.

Usage Scenario

Figure 1 Bridging networking

1.5.3.2 Configuration Procedure


Configuration Procedure

Figure 1 shows the configuration procedure in the bridging networking.

2024-09-17 409
MA5800 Product Documentation

Figure 1 Configuration procedure in the bridging networking

The following table lists the detailed description steps.


Item Procedure Remarks

OLT Adding an ONU to an OLT Services can be configured for an ONU only after the ONU is successfully added to
an OLT.

OLT Configuring the Internet -


Access Service

OLT Configuring the BTV Service IPTV services include the VoD and multicast services that are different in
configuration procedures and need to be configured separately.
OLT Configuring the VoD Service

OLT Configuring Link Service reliability is improved by configuring uplink aggregation and priority
Aggregation, Congestion scheduling policy for queues in global configuration mode, and service security is
Control, and Security Policy improved by configuring security policy in global configuration mode.

OLT Verifying Services The OLT provides remote verification methods including ONU PPPoE and DHCP
dialup emulation and multicast emulation for configuration and commissioning
engineers to verify services remotely after service configuration, avoiding a second
on-site operation.

1.5.3.3 Adding an ONU to an OLT


Adding an ONU to an OLT

Services can be configured for an ONU only after the ONU is successfully added to an OLT.

Data Plan

Table 1 Data plan

Item Data

DBA profile Profile name: ftto_dba

2024-09-17 410
MA5800 Product Documentation

Table 1 Data plan

Item Data

Profile type: Type3


Assured bandwidth: 8 Mbit/s
Maximum bandwidth: 50 Mbit/s

ONU line profile Profile name: ftto_line


T-CONT ID: 4
GEM port ID for management services: 11
GEM port ID for video services: 13
GEM port ID for Internet access services: 14

ONU service profile Profile name: ftto_ser


ONU port capability set: adaptive

Network topology data PON port: 0/1/0


ONU IDs: 1 and 2

Procedure

1. Configure GPON ONU profiles.

GPON ONU profiles include the DBA profile, line profile, service profile, and alarm profile.

 DBA profile: A DBA profile describes GPON traffic parameters. A T-CONT is bound to a DBA profile for
dynamic bandwidth allocation, improving upstream bandwidth utilization.

 Line profile: A line profile describes the binding between the T-CONT and the DBA profile, the QoS
mode of the traffic stream, and the mapping between the GEM port and the ONU-side service.

 Service profile: A service profile provides the service configuration channel for the ONU that is
managed by using optical network terminal management and control interface (OMCI).

 Alarm profile: An alarm profile contains a series of alarm thresholds to measure and monitor the
performance of activated ONU lines. When a statistical value reaches the threshold, the host is notified
and an alarm is reported to the log host and the NMS.

a. Configure a DBA profile.


Run the display dba-profile command to query existing DBA profiles in the system. If the existing
DBA profiles in the system do not meet the requirements, run the dba-profile add command to add a
DBA profile.
Create the same DBA profile for different types of services. Set the profile name to ftto_dba, profile
type to type3, assured bandwidth to 8 Mbit/s, and maximum bandwidth to 50 Mbit/s.

huawei(config)#dba-profile add profile-name ftto_dba type3 assure 8192 max 51200

Select a DBA profile of the proper bandwidth type and configure proper bandwidth according to the service
types and total user count of the ONU. Note that the sum of the fixed bandwidth and the assured bandwidth
must not be greater than the total bandwidth of the PON port.

2024-09-17 411
MA5800 Product Documentation

b. Configure an ONU line profile.


Create a GPON ONU line profile, named ftto_line, and bind it to the DBA profile ftto_dba.

huawei(config)#ont-lineprofile gpon profile-name ftto_line


huawei(config-gpon-lineprofile-1)#tcont 4 dba-profile-name ftto_dba

Create different GEM ports according to different service types, in which

 GEM port 11 is used to carry management services.

 GEM port 13 is used to carry video services.

 GEM port 14 is used to carry Internet access services.

huawei(config-gpon-lineprofile-1)#gem add 11 eth tcont 4


huawei(config-gpon-lineprofile-1)#gem add 13 eth tcont 4
huawei(config-gpon-lineprofile-1)#gem add 14 eth tcont 4

1. To change the default QoS mode, run the qos-mode command to set the QoS mode to gem-car or flow-
car, and run the gem add command to set the index of the traffic profile bound to the GEM port.
2. When the QoS mode is priority-queue (PQ), the default queue priority is 0; when the QoS mode is flow-
car or gem-car, traffic profile 6 is bound to the GEM port by default (no rate limitation).

After the configurations are complete, run the commit command to apply the parameters setting.

huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

c. Configure an ONU service profile.


Create a GPON ONU service profile, named ftto_ser. Configure the capability set of the ETH port and
POTS port to adaptive. Then the system automatically adapts to the ONU according to the actual
capability of the online ONU.

huawei(config)#ont-srvprofile gpon profile-name ftto_ser


huawei(config-gpon-srvprofile-1)#ont-port eth adaptive pots adaptive

After the configurations are complete, run the commit command to apply the parameters setting.

huawei(config-gpon-srvprofile-1)#commit
huawei(config-gpon-srvprofile-1)#quit

d. (Optional) Add an alarm profile.

 The default GPON alarm profile 1 is used. The alarm thresholds of the default alarm profile are 0,
which indicates that no alarm is generated.

 In this example, the default alarm profile is used, and therefore the configuration of the alarm
profile is not required.

 Run the gpon alarm-profile add command to configure a GPON alarm profile, which is used for
monitoring the performance of an activated ONU line.

2. Add an ONU.

2024-09-17 412
MA5800 Product Documentation

Connect two ONUs to GPON port 0/1/0. Set the ONU IDs to 1 and 2, SNs to 3230313126595540 and
6877687714852901, passwords to 0100000001 and 0100000002, discovery mode for password
authentication to once-on, and management mode to OMCI. Bind the two ONUs to ONU line profile ftto_line
and ONU service profile ftto_ser.
There are two methods of adding an ONU: add an ONU offline and confirm an automatically discovered ONU.

 Add ONUs offline.


If the password of an ONU is known, run the ont add command to add an ONU offline.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont add 0 1 password-auth 0100000001 once-on no-aging omci ont-lineprofile-
name

ftto_line ont-srvprofile-name ftto_ser

huawei(config-if-gpon-0/1)#ont add 0 2 password-auth 0100000002 once-on no-aging omci ont-lineprofile-


name

ftto_line ont-srvprofile-name ftto_ser

 Confirm automatically discovered ONUs


If the password or SN of an ONU is unknown, run the port portid ont-auto-find command in GPON
mode to enable the ONU auto-discovery function of the GPON port. Then, run the ont confirm
command to confirm the ONU.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#port 0 ont-auto-find enable
huawei(config-if-gpon-0/1)#display ont autofind 0
//After this command is executed, the information about all ONUs connected to the GPON port through optical
splitters is displayed.

huawei(config-if-gpon-0/1)#ont confirm 0 ontid 1 sn-auth 3230313126595540 omci ont-lineprofile-name

ftto_line ont-srvprofile-name ftto_ser

huawei(config-if-gpon-0/1)#ont confirm 0 ontid 2 sn-auth 6877687714852901 omci ont-lineprofile-name

ftto_line ont-srvprofile-name ftto_ser

If multiple ONUs of the same type bound to the same line profile or service profile are connected to the same port,
you can bulk add ONUs by bulk confirming automatically discovered ONUs to make configuration easier and more
efficient. To do so, the preceding command can be modified as follows:
huawei(config-if-gpon-0/1)#ont confirm 0 all sn-auth omci ont-lineprofile-name ftto_line
ont-srvprofile-name ftto_ser

 (Optional) Bind the alarm profile to the ONU.


The default profile 1 is used in this example.

huawei(config-if-gpon-0/1)#ont alarm-profile 0 1 profile-id 1


huawei(config-if-gpon-0/1)#ont alarm-profile 0 2 profile-id 1

3. Check ONU status.

2024-09-17 413
MA5800 Product Documentation

After an ONU is added, run the display ont info command to query the current status of the ONU. Ensure
that Config flag of the ONU is active, Run State is online, Config state is normal, and Match state is
match.

huawei(config-if-gpon-0/1)#display ont info 0 1


---------------------------------------------------------------------
F/S/P : 0/1/0
ONT-ID :1
Control flag : active //Indicates that the ONU is activated.
Run state : online //Indicates that the ONU goes online successfully.
Config state : normal //Indicates that the configuration state of the ONU is normal.
Match state : match //Indicates that the capability profile bound to the ONU is consistent with the actual capability
of the ONU.
...//The rest of the response information is omitted.

When Config state is failed, Run state is offline, or Match state is mismatch:

 If Control flag is deactive, run the ont active command in GPON mode to activate the ONU.

 If Run state is offline, a physical line may be broken or the optical module may be damaged. Check the
line and the optical module.

 If Config state is failed, the configured ONU capability exceeds the actual ONU capability. In this case,
run the display ont failed-configuration command in the diagnose mode to check the failed
configuration item and the failure cause. Then, rectify the fault accordingly.

 If the ONU does not match, that is, Match state is mismatch, the port types and number of ports
undermatch the actual port types and number of ports supported by the ONU. In this case, run the
display ont capability command to query the actual capability of the ONU, and then select one of the
following modes to modify the ONU configuration:

 Create a proper ONU profile according to the actual capability of the ONU, and then run the ont
modify command to modify the configuration data of the ONU.

 Modify the ONU profile according to the actual capability of the ONU and save the modification.
Then, the ONU automatically recovers the configuration successfully.

1.5.3.4 Configuring the Internet Access Service


Configuring the Internet Access Service

The OLT is connected to the remote ONU through a GPON port to provide users with high-speed Internet access
services.

Prerequisite

 The OLT is connected to the BRAS.

 Related configurations are performed on the BRAS according to the authentication and accounting
requirements for dialup users. For details about the configuration, see the BRAS configuration guide.

2024-09-17 414
MA5800 Product Documentation

 The ONU has been added to the OLT. For details, see Adding an ONU to an OLT .

Data Plan

Table 1 Data plan

Item Data

ONU line profile Profile name: ftto_line


T-CONT ID: 4
GEM port ID for Internet access services: 14

ONU service profile Profile name: ftto_ser


ONU port capability set: adaptive

Network topology data Upstream port: 0/9/0


PON port: 0/1/0
ONU IDs: 1 and 2
ID of the port on the ONU that is connected to the PC: 1

Procedure

 Configure the OLT.

1. Configure a traffic profile.


Run the display traffic table ip command to query existing traffic profiles in the system. If the traffic
profiles existing in the system do not meet the requirements, you need to run the traffic table ip
command to add a traffic profile.
Set the profile ID to ftto_hsi, the CIR to 4 Mbit/s, and the priority to 0. In addition, configure the
scheduling mode so that packets are scheduled according to their priorities.

huawei(config)#traffic table ip name ftto_hsi cir 4096 priority 0 priority-policy local-setting

2. Configure the mapping between a GEM port and a VLAN. Create a VLAN and a service flow.
Table 2 Scenario plan

Scenario VLAN Plan VLAN Translation Policy

bridging ONU + Double-tagged VLAN ONU: ONUs configure the VLAN and add the same C-VLAN tag to packets. All
Router ONUs are in the same C-VLAN.
S-VLAN ID: 100
OLT: The OLT switches between the C-VLAN tag and the S-VLAN+C-VLAN tag.
S-VLAN type: smart
S-VLAN attribute:
stacking
C-VLAN ID: 1001-
1002
C-VLAN ID: 45

Configure the mapping between a GEM port and a VLAN. The service flow of user-side VLAN 45 is
mapped to GEM port 14 in the ONU line profile.

huawei(config)#ont-lineprofile gpon profile-name ftto_line

2024-09-17 415
MA5800 Product Documentation

huawei(config-gpon-lineprofile-1)#gem mapping 14 0 vlan 45


huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

Configure the VLAN of the Ethernet port on the ONU. Add Ethernet port 1 to VLAN 45 in the ONU
service profile.

huawei(config)#ont-srvprofile gpon profile-name ftto_ser


huawei(config-gpon-srvprofile-1)#port vlan eth 1 45
huawei(config-gpon-srvprofile-1)#commit

Create an Internet access service VLAN and add an upstream port to it. Add upstream port 0/9/0 to
VLAN 100.

huawei(config)#vlan 100 smart


huawei(config)#vlan attrib 100 stacking
huawei(config)#port vlan 100 0/9 0

Create Internet access service flows. Set S-VLAN ID to 100 and GEM port ID to 14. Use traffic profile
ftto_hsi.

huawei(config)#service-port vlan 100 gpon 0/1/0 ont 1 gemport 14 multi-service

user-vlan 45 tag-transform translate-and-add inner-vlan 1001 inbound traffic-table


name ftto_hsi outbound traffic-table name ftto_hsi

huawei(config)#service-port vlan 100 gpon 0/1/0 ont 2 gemport 14 multi-service

user-vlan 45 tag-transform translate-and-add inner-vlan 1002 inbound traffic-table


name ftto_hsi outbound traffic-table name ftto_hsi

3. Save the data.

huawei(config)#save

 The ONU does not need to be configured.

1.5.3.5 Configuring the BTV Service


Configuring the BTV Service

The OLT is connected to the remote bridging ONU through a GPON port to provide users with the multicast service.

Prerequisites

 The IPTV WAN ports on the ONU use factory defaults.

 The OLT has been connected to the BRAS and the multicast source.

 The ONU has been added to the OLT. For details, see Adding an ONU to an OLT .

Data Plan

Table 1 Data plan

2024-09-17 416
MA5800 Product Documentation

Item Data

ONU line profile Profile name: ftto_line


T-CONT ID: 4
GEM port ID: 13

ONU service profile Profile name: ftto_ser


ONU port capability set: adaptive

Traffic profile ID: 8


802.1p priority: 4
CIR: off (unlimited)
Priority-based scheduling policy: local-setting

Multicast service data Multicast protocol: IGMP proxy


Multicast version: IGMPv2
Multicast program: dynamic obtaining mode

Procedure

 Configure the OLT.

1. Configure a traffic profile.


Configure traffic profile 8. Set the CIR to off (unlimited), priority to 4, and priority-based scheduling
policy to local-setting (that is, queues are scheduled based on the priority specified in the profile).

Run the display traffic table ip command to query existing traffic profiles in the system. If the existing traffic
profiles in the system do not meet the requirements, run the traffic table ip command to add a traffic profile.

huawei(config)#traffic table ip index 8 cir off priority 4 priority-policy

local-setting
2. Configure the mapping between a GEM port and an Ethernet port on an ONU. Create a service VLAN
and a service flow.
Table 2 Data plan

VLAN Plan VLAN Translation Policy

S-VLAN ID: 1000 ONU: transparently transmits the M-VLAN of the user port. Multicast packets are duplicated
downstream with M-VLAN unchanged.
C-VLAN ID: 1000 OLT: duplicates multicast packets based on PON ports with M-VLAN unchanged.
M-VLAN ID: 1000
VLAN type: smart
VLAN attribute:
common

Configure the mapping between a GEM port and an Ethernet port on an ONU. If the ONU is connected to
the STB through Ethernet port 2, map the service flow of Ethernet port 2 to GEM port 13 in the ONU
line profile.

huawei(config)#ont-lineprofile gpon profile-name ftto_line

2024-09-17 417
MA5800 Product Documentation

huawei(config-gpon-lineprofile-1)#mapping mode port


huawei(config-gpon-lineprofile-1)#gem mapping 13 1 eth 2
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

Configure a VLAN translation policy for the Ethernet port on the ONU. If the ONU is connected to the
HGW through Ethernet port 2, VLAN 43 of the HGW is translated to VLAN 1000 and the M-VLAN of the
ONU is translated to VLAN 1000.

huawei(config)#ont-srvprofile gpon profile-name ftto_ser


huawei(config-gpon-srvprofile-1)#port vlan eth 2 1000
huawei(config-gpon-srvprofile-1)#multicast-forward untag
huawei(config-gpon-srvprofile-1)#commit
huawei(config-gpon-srvprofile-1)#quit

Configure the native VLAN of the ONU port. If the ONU is connected to the STB through Ethernet port 2,
the native VLAN ID is 1000.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont port native-vlan 0 1 eth 2 vlan 1000
huawei(config-if-gpon-0/1)#ont port native-vlan 0 2 eth 2 vlan 1000
huawei(config-if-gpon-0/1)#quit

Create a service VLAN and add an upstream port to it. Add upstream port 0/9/0 to VLAN 1000.

huawei(config)#vlan 1000 smart


huawei(config)#port vlan 1000 0/9 0

Create service flows. Set the service VLAN to 1000, GEM port ID to 13, and user VLAN to 1000, and use
traffic profile 8.

huawei(config)#service-port 1 vlan 1000 gpon 0/1/0 ont 1 gemport 13 multi-service

user-vlan 1000 rx-cttr 8 tx-cttr 8

huawei(config)#service-port 2 vlan 1000 gpon 0/1/0 ont 2 gemport 13 multi-service

user-vlan 1000 rx-cttr 8 tx-cttr 8

3. Create an M-VLAN and configure the IGMP version.


Set the IGMP version for the M-VLAN to IGMPv2.

huawei(config)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp version v2
This operation will delete all IPv4 programs with source IP addresses in the
current multicast VLAN
Are you sure to change current IGMP version? (y/n)[n]:y
Command is being executed. Please wait...
Command has been executed successfully

4. Configure a program library.

Set the mode for obtaining multicast programs to dynamic.

2024-09-17 418
MA5800 Product Documentation

You can set the mode for obtaining multicast programs to dynamic only when the IGMP mode is off.

huawei(config-mvlan1000)#igmp mode off


Are you sure to close IGMP? (y/n)[n]:y
Command is being executed. Please wait...
Command has been executed successfully

huawei(config-mvlan1000)#igmp match mode disable


Command has been executed successfully

(Optional) Set the address range for the dynamic programs. If you need to limit the address range of
dynamic programs, perform this operation. For example, set the address range of dynamic programs to
224.1.1.1-224.1.1.100.

huawei(config-mvlan1000)#igmp match group ip 224.1.1.1 to-ip 224.1.1.100

5. Set the IGMP mode.


Select the IGMP proxy mode.

huawei(config-mvlan1000)#igmp mode proxy


Are you sure to change IGMP mode? (y/n)[n]:y
Command is being executed. Please wait...
Command has been executed successfully

6. Configure the IGMP upstream port.


Set the IGMP upstream port ID to 0/9/0 and working mode to default. Protocol packets are
transmitted to all the IGMP upstream ports in the multicast VLAN.

huawei(config-mvlan1000)#igmp uplink-port 0/9/0


huawei(config-mvlan1000)#btv
huawei(config-btv)#igmp uplink-port-mode default
Are you sure to change the uplink port mode?(y/n)[n]:y

7. (Optional) Set multicast global parameters.


In this example, the default settings are used for all the multicast global parameters.
8. Configure multicast users.
Add service ports 1 and 2 as multicast users.

huawei(config-btv)#igmp user add service-port 1


huawei(config-btv)#igmp user add service-port 2
huawei(config-btv)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp multicast-vlan member service-port 1
huawei(config-mvlan1000)#igmp multicast-vlan member service-port 2
huawei(config-mvlan1000)#quit

9. Save the data.

huawei(config)#save

2024-09-17 419
MA5800 Product Documentation

 The ONU does not need to be configured.

1.5.3.6 Configuring the VoD Service


Configuring the VoD Service

The OLT is connected to the remote bridging ONU through a GPON port to provide users with the VoD service.

Prerequisites

 The OLT is connected to the BRAS and the program source.

 The ONU has been added to the OLT. For details, see Adding an ONU to an OLT .

Data Plan

Table 1 Data plan

Item Data

ONU line profile Profile name: ftto_line


T-CONT ID: 4
GEM port ID: 13

ONU service profile Profile name: ftto_ser


ONU port capability set: adaptive

Traffic profile ID: 8


802.1p priority: 4
CIR: off (unlimited)
Priority-based scheduling policy: local-setting

Procedure

1. Configure the OLT.

a. Configure a traffic profile.


Configure traffic profile 8. Set the CIR to off (unlimited), priority to 4, and priority-based scheduling
policy to local-setting (that is, queues are scheduled based on the priority specified in the profile).

Run the display traffic table ip command to query existing traffic profiles in the system. If the existing traffic
profiles in the system do not meet the requirements, run the traffic table ip command to add a traffic profile.

huawei(config)#traffic table ip index 8 cir off priority 4 priority-policy

local-setting
b. Perform this step in the bridging ONU (single VLAN tag) scenario.
Table 2 Data plan

VLAN Plan VLAN Translation Policy

2024-09-17 420
MA5800 Product Documentation

Table 2 Data plan

VLAN Plan VLAN Translation Policy

S-VLAN ID: 1100 The ONU adds the default S-VLAN tag to packets from iTV service ports.
The OLT transparently transmits S-VLAN tags.
VLAN type: smart
VLAN attribute: common
C-VLAN = U-VLAN

Configure the mapping between a GEM port and a VLAN. The service flow of user VLAN 1100 is
mapped to GEM port 13 in the ONU line profile.

huawei(config)#ont-lineprofile gpon profile-name ftto_line


huawei(config-gpon-lineprofile-1)#gem mapping 13 4 vlan 1100
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

Configure the VLAN of the Ethernet port on the ONU. If the ONU is connected to the STB through
Ethernet port 2, add Ethernet port 2 to VLAN 1100.

huawei(config)#ont-srvprofile gpon profile-name ftto_ser


huawei(config-gpon-srvprofile-1)#port vlan eth 2 1100
huawei(config-gpon-srvprofile-1)#commit
huawei(config-gpon-srvprofile-1)#quit

Create a service VLAN and add an upstream port to it. Add upstream port 0/9/0 to VLAN 1100.

huawei(config)#vlan 1100 smart


huawei(config)#port vlan 1100 0/9 0

Create service flows. Set the service VLAN to 1100, GEM port ID to 13, and user VLAN to 43, and use
traffic profile 8.

huawei(config)#service-port 3 vlan 1100 gpon 0/1/0 ont 1 gemport 13

rx-cttr 8 tx-cttr 8 tag-transform transparent

huawei(config)#service-port 4 vlan 1100 gpon 0/1/0 ont 2 gemport 13

rx-cttr 8 tx-cttr 8 tag-transform transparent

c. Perform this step in the bridging ONU (double VLAN tags) scenario.
Table 3 Data plan

VLAN Plan VLAN Translation Policy

S-VLAN ID: 1100 The ONU adds C-VLAN tags to packets. All ONUs are in the same C-VLAN.
The OLT switches between the C-VLAN tag and the S-VLAN+C'-VLAN tag.
VLAN type: smart
VLAN attribute: stacking
C'-VLAN: 2010
C-VLAN: 2001

Configure the mapping between a GEM port and a VLAN. The service flow of user VLAN 2001 is
mapped to GEM port 13 in the ONU line profile.

2024-09-17 421
MA5800 Product Documentation

huawei(config)#ont-lineprofile gpon profile-name ftto_line


huawei(config-gpon-lineprofile-1)#gem mapping 13 4 vlan 2001
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

Configure the VLAN of the Ethernet port on the ONU. If the ONU is connected to the STB through
Ethernet port 2, add Ethernet port 2 to VLAN 2001.

huawei(config)#ont-srvprofile gpon profile-name ftto_ser


huawei(config-gpon-srvprofile-1)#port vlan eth 2 2001
huawei(config-gpon-srvprofile-1)#commit
huawei(config-gpon-srvprofile-1)#quit

Create a service VLAN and add an upstream port to it. Set the attribute of VLAN 1100 to stacking. Add
upstream port 0/9/0 to VLAN 1100.

huawei(config)#vlan 1100 smart


huawei(config)#vlan attrib 1100 stacking
huawei(config)#port vlan 1100 0/9 0

Create service flows. Set the service VLAN to 1100, GEM port ID to 13, and user VLAN to 2001, and
use traffic profile 8. Set the VLAN translation policy to Translate and Add to translate the C-VLAN
2001 to C'-VLAN 2010.

huawei(config)#service-port 3 vlan 1100 gpon 0/1/0 ont 1 gemport 13

multi-service user-vlan 2001 tag-transform translate-and-add inner-vlan 2010


rx-cttr 8 tx-cttr 8

huawei(config)#service-port 4 vlan 1100 gpon 0/1/0 ont 2 gemport 13

multi-service user-vlan 2001 tag-transform translate-and-add inner-vlan 2010


rx-cttr 8 tx-cttr 8

d. Save the data.

huawei(config)#save

2. The ONU does not need to be configured.

1.5.3.7 Configuring Link Aggregation, Congestion Control, and


Security Policies
Configuring Link Aggregation, Congestion Control, and Security Policies

Service reliability is improved by configuring uplink aggregation and priority scheduling policy for queues in global
configuration mode, and service security is improved by configuring security policy in global configuration mode.

Context

In link aggregation, multiple uplink Ethernet ports are aggregated into a group to increase bandwidth and
reliability of uplinks of the OLT. You are advised to configure link aggregation.

2024-09-17 422
MA5800 Product Documentation

Congestion control queues packets from one port into multiple queues and schedules the packets based on queue
priorities. You are advised to configure congestion control.

Security policy involves system security, user security, and service security, ensuring service security from
different aspects.

 You are advised to enable the service security feature according to service types. For details, see Principle of Security
Data Plan .
 The configuration of the system security, user security, and service security introduced in this topic is on the OLT side.
The configuration on the ONU side is through the web and is simple, here we do not introduce it.

Procedure

 Configure link aggregation.


On the OLT side, configure upstream ports 0/9/0 and 0/9/1 as an aggregation group. Each member port in
the aggregation group allocates packets based on the source MAC address. The working mode is LACP static
aggregation.

huawei(config)#link-aggregation 0/9 0-1 ingress workmode lacp-static

 Configure queue scheduling(On the OLT side).


According to " Principle of QoS Planning ", all packets are scheduled in strict priority queue mode and mapped
into different queues based on priorities.

huawei(config)#queue-scheduler strict-priority
huawei(config)#cos-queue-map cos0 0 cos4 4 cos5 5 cos6 6

 Configure system security.

 Enable deny of service (DoS) anti-attack on the OLT.

1. Run the security anti-dos enable command to globally enable DoS anti-attack.

2. Run the security anti-dos control-packet policy command to configure a protocol packet
processing policy that will be used when a DoS attack occurs.

3. Run the security anti-dos control-packet rate command to configure the threshold for the rate
of sending protocol packets to the CPU.

 Enable IP address anti-attack on the OLT.


Run the security anti-ipattack enable command to enable IP address anti-attack.

 Configure user security.

 Enable MAC address anti-flapping on the OLT.


Run the security anti-macduplicate enable command to enable MAC address anti-flapping.

 Enable MAC address anti-spoofing on the OLT.

1. In global config mode, run the security anti-macspoofing enable command to globally enable
MAC address anti-spoofing.

2024-09-17 423
MA5800 Product Documentation

2. Enable MAC address anti-spoofing at VLAN level in global config mode or service profile mode:

a. In global config mode, run the security anti-macspoofing vlan command to enable MAC
address anti-spoofing.

b. Perform the following operations to enable MAC address anti-spoofing in service profile
mode:

i. In global config mode, run the vlan service-profile command to create a VLAN
service profile.

ii. Run the security anti-macspoofing enable command to enable MAC address anti-
spoofing at VLAN level.

iii. Run the commit command to make the profile configuration take effect.

iv. Run the quit command to quit the VLAN service profile mode.

v. Run the vlan bind service-profile command to bind the created VLAN service
profile to a VLAN.

3. (Optional) Run the security anti-macspoofing max-mac-count command to set the maximum
number of MAC addresses that can be bound to a service flow.

4. (Optional) Run the security anti-macspoofing exclude command to configure the types of
packets for which MAC address anti-spoofing does not take effect, such as Internet Group
Management Protocol (IGMP) packets.

 Configure service security.

 Enable Dynamic Host Configuration Protocol (DHCP) Option 82 on the OLT. This configuration is
recommended for the DHCP-based Internet access service.

1. DHCP Option 82 can be enabled or disabled at four levels: global, port, VLAN, and service port
levels. This function takes effect only after it is enabled at the four levels. Among the four levels,
DHCP Option 82 is disabled only at the global level by default.

 The global level: In global config mode, run the dhcp option82 command to enable DHCP
Option 82 at the global level.
When you run this command, select the enable, forward, or rebuild parameter based on
site requirements. The three parameters can all enable DHCP Option 82 but provide different
packet processing policies on the OLT. For details, see the dhcp option82 command.

 The port level: In global config mode, run the dhcp option82 port or dhcp option82 board
command to enable DHCP Option 82 at the port level.

 The VLAN level:

a. In global config mode, run the vlan service-profile command to create a VLAN
service profile.

b. Run the dhcp option82 enable command to enable DHCP Option 82 at the VLAN
level.

2024-09-17 424
MA5800 Product Documentation

c. Run the commit command to make the profile configuration take effect.

d. Run the quit command to quit the VLAN service profile mode.

e. Run the vlan bind service-profile command to bind the created VLAN service profile
to a VLAN.

 The service port level: In global config mode, run the dhcp option82 service-port command
to enable DHCP Option 82 at the service port level.

2. On the OLT, run the dhcp-option82 permit-forwarding service-port command with the enable
parameter selected, to allow ONU DHCP packets to carry Option 82 information.

 Enable Policy Information Transfer Protocol (PITP) on the OLT. This configuration is recommended for
the PPPoE-based Internet access service.

1. PITP can be enabled or disabled at four levels: global, port, VLAN, and service port levels. This
function takes effect only after it is enabled at the four levels. Among the four levels, PITP is
disabled only at the global level by default.

 The global level: In global config mode, run the pitp enable pmode, pitp forward pmode, or
pitp rebuild pmode command to enable PITP at the global level.
In the preceding commands, the enable, forward, and rebuild parameters can all enable
PITP but provide different packet processing policies on the OLT. Select one of them based
on site requirements. For details, see the pitp command.

 The port level: In global config mode, run the pitp port or pitp board command to enable
PITP at the port level.

 The VLAN level:

a. In global config mode, run the vlan service-profile command to create a VLAN
service profile.

b. Run the pitp enable command to enable PITP at the VLAN level.

c. Run the commit command to make the profile configuration take effect.

d. Run the quit command to quit the VLAN service profile mode.

e. Run the vlan bind service-profile command to bind the created VLAN service profile
to a VLAN.

 The service port level: In global config mode, run the pitp service-port command to enable
PITP at the service port level.

2. On the OLT, run the pitp permit-forwarding service-port command with the enable parameter
selected, to allow ONU PPPoE packets to carry a vendor tag.

1.5.3.8 Verifying Services


Verifying Services

2024-09-17 425
MA5800 Product Documentation

In the FTTO scenario, ONUs are installed at users' houses or in business buildings which are far away from the
central equipment room. ONUs provide remote service verification methods including PPPoE dialup emulation,
and multicast emulation to facilitate configuration and commissioning engineers to verify services remotely after
service configuration.

Prerequisites
ONUs and upper-layer devices have been connected properly. The BRAS has been configured.

Background

Remote Service Function Description


Verification
Method

PPPoE dialup An ONU simulates a PPPoE user terminal software to PPPoE dialup emulation requires a
emulation perform dialup and interact with the BRAS to verify the service flow which does not belong to
connectivity between the ONU and BRAS. a QinQ VLAN.
A user name, password, and
authentication mode must be
configured on the BRAS for the
PPPoE dialup emulation.
An ONU supports a maximum of a
PPPoE dialup emulation.

Multicast This function enables you to simulate a multicast user going Multicast services configured in the
emulation online and lead the program stream to an ONU. You can dynamic controllable multicast mode
check whether the multicast service is normal by checking do not support this function.
the real-time traffic of the multicast program.

Data plan

Item Data Remarks

PPPoE dialup PPPoE user name: The user name, password, and authentication mode for the emulation test
emulation test@user must be configured on the BRAS. The entered user name, password, and
parameters Password: test authentication mode must be consistent with those configured on the BRAS.

Multicast Multicast service -


emulation flow ID: 1
parameters M-VLAN: 1000
IP address of the
multicast program:
224.1.1.10

Procedure
 Verify the Internet access service using PPPoE dialup emulation.

1. In the xPON board mode, run the pppoe simulate start command to start a PPPoE dialup emulation
test.

2024-09-17 426
MA5800 Product Documentation

The service is functional if the test result is success. The following test uses GPON as an example:

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#pppoe simulate start
{ portid<U><0,7> }:0
{ ontid<U><0,127> }:1
{ eth<K>|untagged<K>|vlanid<U><0,4095> }:eth
{ ont-portid<U><1,8> }:4
{ untagged<K>|vlanid<U><0,4095> }:100
{ priority<U><0,7>|user-name<K> }:user-name
{ username<S><Length 1-64> }:test@user
{ user-password<K> }:user-password
{ password<S><Length 1-64> }:test
{ authentication-mode<K> }:authentication-mode
{ protocol<E><chap,pap> }:chap

Command:
pppoe simulate start 0 1 eth 4 100 user-name test@user user-password
test authentication-mode chap

huawei(config-if-gpon-0/1)#
----------------------------------
ONT PPPoE Test Result
----------------------------------
F/S/P : 0/1/0
ONT-ID :1
ONT ETH Port ID :4
ONT Vlan ID : 100
Vlan Priority :-
Emluator result : Success
Session ID : 18814
User IP : 172.16.100.109
Gateway IP : 172.16.100.1
----------------------------------

 Troubleshooting methods for the Internet access service

1. Check whether configurations are complete on the OLT.

 Run the display ont info command to query the ONU status to check whether the ONU is
registered successfully.

 Run the display service-port command to check whether the Internet access service flow is
configured and whether the inner VLAN ID of the service flow is consistent with that in the data
plan.

2024-09-17 427
MA5800 Product Documentation

 If a native VLAN is configured for the Ethernet port on the ONU, run the display ont port
attribute command in the xPON board mode to check whether the native VLAN is correct.

2. Check the upstream and downstream ports by checking the MAC address learning status.

a. Run the display mac-address vlan command to check the MAC address learning status of the
Internet service VLAN.

 If the upstream port does not learn a MAC address, check the network connections between
the upstream port and upper-layer devices and check the configurations of upper-layer
devices.

 If the downstream port does not learn a MAC address, check whether the ONU is activated,
whether the PC is connected to the right port on the ONU, and whether the PC is working
properly.

b. Run the display ont-learned-mac command to check whether the ONU connecting to the PON
port learned any MAC addresses.
If not, check whether the ONU properly connects to the PC or home gateway (HGW).

 Verify the multicast service using multicast emulation.

1. Run the igmp static-join command to simulate a multicast user to order a multicast program.

huawei(config)#btv
huawei(config-btv)#igmp static-join service-port 1 ip 224.1.1.10 vlan 1000

If the multicast program is obtained dynamically, igmp static-join can be executed successfully only when the
range for obtaining the dynamic program is set.

2. Run the display igmp user command to query the status of the multicast user.
The multicast user is normal if the queried result is online.

huawei(config-btv)#display igmp user service-port 1


User : 0/1/0/1
State : online
Authentication : no-auth
Quick leave : MAC-based
IGMP flow ID :1
Video flow ID :1
Log switch : enable
Bind profiles :-
IGMP version : IGMP v3
Current version : IGMP v3
Current IGMP IPv6 version : IGMP IPv6 v2
Available programs :8
Global leave : disable
User max bandwidth : no-limit

2024-09-17 428
MA5800 Product Documentation

Used bandwidth(kbps) :0
Used bandwidth
to max bandwidth(%) :-
Total video bandwidth :-
Mcast video bandwidth :-
Active program list
---------------------------------------------------------------------------
Program name VLAN IP/MAC State Start time
---------------------------------------------------------------------------
PROGRAM-5 1000 224.1.1.10 watching 2011-10-29
16:33:41+08:00
---------------------------------------------------------------------------
Total: 1

3. Run the display multicast flow-statistic command to query the real-time traffic of the multicast
program.
The multicast program can be ordered if the queried result is a non-empty value.

huawei(config-btv)#display multicast flow-statistic vlan 1000 ip 224.1.1.10


{ <cr>|sourceip<K> }:

Command:
display multicast flow-statistic vlan 1000 ip 224.1.1.10
Command is being executed. Please wait...
Multicast flow statistic result: 8736(kbps)

1.5.4 Gateway Networking(GPON)


Gateway Networking(GPON)

This section describes the configurations for the Internet access, voice, and video services on optical network units
(ONUs) in gateway networking.

Context

Web pages displayed in this section are examples of the MA5675 unless otherwise stated. Other ONUs have the similar
operation process. Web pages of different products may be different. However, differences do not affect functions.

Service Requirements and Usage Scenario

Small office and home office (SOHO) is positioned for miniature enterprises, such as shops and markets, and home officers.

Configuration Procedure

Adding an ONU to an OLT

Services can be configured for an ONU only after the ONU is successfully added to an OLT.

2024-09-17 429
MA5800 Product Documentation

Configuring the Internet Access Service

The OLT is connected to the remote ONU through a GPON port to provide users with high-speed Internet access services.

Configuring the Wi-Fi Service (Web Pages)

An OLT connects to remote ONUs using GPON ports to provide the high-speed Wi-Fi access service for users.

Configuring Soft GRE Tunnel-based Wi-Fi Sharing (U2000)

This section describes how to configure soft GRE tunnel-based Wi-Fi sharing on a GPON ONU.

Configuring VLAN Tunnel-based Wi-Fi Sharing (U2000)

This section describes how to configure VLAN tunnel-based Wi-Fi sharing on a GPON ONU.

Configuring the H.248-based Voice Service (on a Web Page)

The OLT is connected to the remote ONU through a GPON port to provide users with the IP-based high-quality and low-
cost VoIP service.

Configuring the H.248-based Voice Service (Through the CLI)

The OLT manages ONUs and applies VoIP configurations to the ONU using the OMCI protocol. This topic describes how to
configure the H.248-based voice service.

Configuring the SIP-based Voice Service (on a Web Page)

The OLT is connected to the remote ONU through a GPON port to provide users with the IP-based high-quality and low-
cost VoIP service.

Configuring the SIP-based Voice Service (Through the CLI)

The OLT manages ONUs and applies VoIP configurations to the ONU using the OMCI protocol. This topic describes how to
configure the SIP-based voice service.

Configuring the BTV Service

The OLT is connected to the remote gateway ONU through a GPON port to provide users with the bridge WAN multicast
service.

Configuring the VoD Service

The OLT is connected to the remote gateway ONU through a GPON port to provide users with the VoD service.

Configuring L2TP Services

An enterprise employee in a business trip or an enterprise branch visits HQ intranet resources using Layer 2 Tunneling
Protocol (L2TP) tunnels.

Configuring Link Aggregation, Congestion Control, and Security Policies

2024-09-17 430
MA5800 Product Documentation

Service reliability is improved by configuring uplink aggregation and priority scheduling policy for queues in global
configuration mode, and service security is improved by configuring security policy in global configuration mode.

Verifying Services

In the FTTO scenario, ONUs are installed at users' houses or in business buildings which are far away from the central
equipment room. ONUs provide remote service verification methods including PPPoE dialup emulation, call emulation,
and multicast emulation to facilitate configuration and commissioning engineers to verify services remotely after service
configuration.

1.5.4.1 Service Requirements and Usage Scenario


Service Requirements and Usage Scenario

Small office and home office (SOHO) is positioned for miniature enterprises, such as shops and markets, and home
officers.

Service Requirements
Optical network units (ONUs) work in gateway mode. Users require Internet, voice, and multicast services. The
HGW ONU facilitates interconnection of home devices by providing Layer 3 services, such as Point-to-Point
Protocol over Ethernet (PPPoE)/DHCP dialup, network address translation (NAT), and Internet Group
Management Protocol (IGMP) snooping. This scenario provides fine-grained management channels and service
control, and mainly applies to Layer 3 networking.

 The Internet can be accessed through not only cables but also wireless fidelity (Wi-Fi). A SOHO user connects
to an ONU through the LAN port on the user's computer. The Dynamic Host Configuration Protocol (DHCP)
address pool of the ONU assigns an IP address to the user. After PPPoE dialup is automatically performed on
the ONU, the ONU connects to the OLT in GPON access mode and then connects to the upper-layer network, to
provide the high-speed Internet access service for the SOHO user.

 Many voice service ports are required to connect to phone sets, fax machines, and point of sale (POS)
machines.

 TVs connect to an ONU through set top boxes (STBs) to receive VoD and multicast services.

 The Internet access, voice, and IPTV services are secure.

 The Internet access service is protected against unauthorized access, user account forgery or
unauthorized borrowing, MAC or IP address spoofing, and attacks from malicious users.

 The voice and IPTV services are protected against MAC or IP address spoofing, attacks from malicious
users, and heavy traffic.

 A service fault is easy to locate, and services are easy to maintain.

Usage Scenario

2024-09-17 431
MA5800 Product Documentation

Figure 1 SOHO networking

1.5.4.2 Configuration Procedure


Configuration Procedure

Figure 1 shows the configuration procedure in the gateway networking.

Figure 1 Configuration procedure in the gateway networking

The following table lists the detailed description steps.


Item Procedure Remarks

OLT Adding an ONU to an OLT Services can be configured for an ONU only after the ONU is successfully
added to an OLT.

OLT Configuring the Internet Access Service -


ONU

OLT Configuring the Configuring the NOTE:


ONU Voice Service H.248-based Voice The H.248 and SIP protocols are mutually exclusive for the VoIP service.
Service (on a Web
Only one of them is configured at a time.
Page)

2024-09-17 432
MA5800 Product Documentation

Item Procedure Remarks

Configuring the
H.248-based Voice
Service (Through the
CLI)

Configuring the SIP-


based Voice Service
(on a Web Page)

Configuring the SIP-


based Voice Service
(Through the CLI)

OLT Configuring the BTV Service IPTV services include the VoD and multicast services that are different
in configuration procedures and need to be configured separately.
OLT Configuring the VoD Service

OLT Configuring the Configuring the Wi-Fi -


ONU Wi-Fi Service Service

Configuring Soft GRE -


Tunnel-based Wi-Fi
Sharing

Configuring VLAN -
Tunnel-based Wi-Fi
Sharing

OLT Configuring Link Aggregation, Service reliability is improved by configuring uplink aggregation and
Congestion Control, and Security Policy priority scheduling policy for queues in global configuration mode, and
service security is improved by configuring security policy in global
configuration mode.

OLT Verifying Services The OLT provides remote verification methods including ONU PPPoE
and DHCP dialup emulation, call emulation, and multicast emulation for
configuration and commissioning engineers to verify services remotely
after service configuration, avoiding a second on-site operation.

1.5.4.3 Adding an ONU to an OLT


Adding an ONU to an OLT

Services can be configured for an ONU only after the ONU is successfully added to an OLT.

Data Plan

Table 1 Data plan

Item Data

DBA profile Profile name: ftto_dba


Profile type: Type3
Assured bandwidth: 8 Mbit/s
Maximum bandwidth: 50 Mbit/s

ONU line profile Profile name: ftto_line

2024-09-17 433
MA5800 Product Documentation

Table 1 Data plan

Item Data

T-CONT ID: 4
GEM port ID for management services: 11
GEM port ID for voice services: 12
GEM port ID for video services: 13
GEM port ID for Internet access services: 14

ONU service profile Profile name: ftto_ser


ONU port capability set: adaptive

Network topology data PON port: 0/1/0


ONU IDs: 1 and 2

Procedure

1. Configure GPON ONU profiles.

GPON ONU profiles include the DBA profile, line profile, service profile, and alarm profile.

 DBA profile: A DBA profile describes GPON traffic parameters. A T-CONT is bound to a DBA profile for
dynamic bandwidth allocation, improving upstream bandwidth utilization.

 Line profile: A line profile describes the binding between the T-CONT and the DBA profile, the QoS
mode of the traffic stream, and the mapping between the GEM port and the ONU-side service.

 Service profile: A service profile provides the service configuration channel for the ONU that is
managed by using optical network terminal management and control interface (OMCI).

 Alarm profile: An alarm profile contains a series of alarm thresholds to measure and monitor the
performance of activated ONU lines. When a statistical value reaches the threshold, the host is notified
and an alarm is reported to the log host and the NMS.

a. Configure a DBA profile.


Run the display dba-profile command to query existing DBA profiles in the system. If the existing
DBA profiles in the system do not meet the requirements, run the dba-profile add command to add a
DBA profile.
Create the same DBA profile for different types of services. Set the profile name to ftto_dba, profile
type to type3, assured bandwidth to 8 Mbit/s, and maximum bandwidth to 50 Mbit/s.

huawei(config)#dba-profile add profile-name ftto_dba type3 assure 8192 max 51200

Select a DBA profile of the proper bandwidth type and configure proper bandwidth according to the service
types and total user count of the ONU. Note that the sum of the fixed bandwidth and the assured bandwidth
must not be greater than the total bandwidth of the PON port.

b. Configure an ONU line profile.


Create a GPON ONU line profile, named ftto_line, and bind it to the DBA profile ftto_dba.

huawei(config)#ont-lineprofile gpon profile-name ftto_line

2024-09-17 434
MA5800 Product Documentation

huawei(config-gpon-lineprofile-1)#tcont 4 dba-profile-name ftto_dba

Create different GEM ports according to different service types, in which

 GEM port 11 is used to carry management services.

 GEM port 12 is used to carry voice services.

 GEM port 13 is used to carry video services.

 GEM port 14 is used to carry Internet access services.

huawei(config-gpon-lineprofile-1)#gem add 11 eth tcont 4


huawei(config-gpon-lineprofile-1)#gem add 12 eth tcont 4
huawei(config-gpon-lineprofile-1)#gem add 13 eth tcont 4
huawei(config-gpon-lineprofile-1)#gem add 14 eth tcont 4

1. To change the default QoS mode, run the qos-mode command to set the QoS mode to gem-car or flow-
car, and run the gem add command to set the index of the traffic profile bound to the GEM port.
2. When the QoS mode is priority-queue (PQ), the default queue priority is 0; when the QoS mode is flow-
car or gem-car, traffic profile 6 is bound to the GEM port by default (no rate limitation).

After the configurations are complete, run the commit command to apply the parameters setting.

huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

c. Configure an ONU service profile.


Create a GPON ONU service profile, named ftto_ser. Configure the capability set of the ETH port and
POTS port to adaptive. Then the system automatically adapts to the ONU according to the actual
capability of the online ONU.

huawei(config)#ont-srvprofile gpon profile-name ftto_ser


huawei(config-gpon-srvprofile-1)#ont-port eth adaptive pots adaptive

After the configurations are complete, run the commit command to apply the parameters setting.

huawei(config-gpon-srvprofile-1)#commit
huawei(config-gpon-srvprofile-1)#quit

d. (Optional) Add an alarm profile.

 The default GPON alarm profile 1 is used. The alarm thresholds of the default alarm profile are 0,
which indicates that no alarm is generated.

 In this example, the default alarm profile is used, and therefore the configuration of the alarm
profile is not required.

 Run the gpon alarm-profile add command to configure a GPON alarm profile, which is used for
monitoring the performance of an activated ONU line.

2. Add an ONU.

2024-09-17 435
MA5800 Product Documentation

Connect two ONUs to GPON port 0/1/0. Set the ONU IDs to 1 and 2, SNs to 3230313126595540 and
6877687714852901, passwords to 0100000001 and 0100000002, discovery mode for password
authentication to once-on, and management mode to OMCI. Bind the two ONUs to ONU line profile ftto_line
and ONU service profile ftto_ser.
There are two methods of adding an ONU: add an ONU offline and confirm an automatically discovered ONU.

 Add ONUs offline.


If the password of an ONU is known, run the ont add command to add an ONU offline.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont add 0 1 password-auth 0100000001 once-on no-aging omci ont-lineprofile-
name

ftto_line ont-srvprofile-name ftto_ser

huawei(config-if-gpon-0/1)#ont add 0 2 password-auth 0100000002 once-on no-aging omci ont-lineprofile-


name

ftto_line ont-srvprofile-name ftto_ser

 Confirm automatically discovered ONUs


If the password or SN of an ONU is unknown, run the port portid ont-auto-find command in GPON
mode to enable the ONU auto-discovery function of the GPON port. Then, run the ont confirm
command to confirm the ONU.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#port 0 ont-auto-find enable
huawei(config-if-gpon-0/1)#display ont autofind 0
//After this command is executed, the information about all ONUs connected to the GPON port through optical
splitters is displayed.

huawei(config-if-gpon-0/1)#ont confirm 0 ontid 1 sn-auth 3230313126595540 omci ont-lineprofile-name

ftto_line ont-srvprofile-name ftto_ser

huawei(config-if-gpon-0/1)#ont confirm 0 ontid 2 sn-auth 6877687714852901 omci ont-lineprofile-name

ftto_line ont-srvprofile-name ftto_ser

If multiple ONUs of the same type bound to the same line profile or service profile are connected to the same port,
you can bulk add ONUs by bulk confirming automatically discovered ONUs to make configuration easier and more
efficient. To do so, the preceding command can be modified as follows:
huawei(config-if-gpon-0/1)#ont confirm 0 all sn-auth omci ont-lineprofile-name ftto_line
ont-srvprofile-name ftto_ser

 (Optional) Bind the alarm profile to the ONU.


The default profile 1 is used in this example.

huawei(config-if-gpon-0/1)#ont alarm-profile 0 1 profile-id 1


huawei(config-if-gpon-0/1)#ont alarm-profile 0 2 profile-id 1

3. Check ONU status.

2024-09-17 436
MA5800 Product Documentation

After an ONU is added, run the display ont info command to query the current status of the ONU. Ensure
that Config flag of the ONU is active, Run State is online, Config state is normal, and Match state is
match.

huawei(config-if-gpon-0/1)#display ont info 0 1


---------------------------------------------------------------------
F/S/P : 0/1/0
ONT-ID :1
Control flag : active //Indicates that the ONU is activated.
Run state : online //Indicates that the ONU goes online successfully.
Config state : normal //Indicates that the configuration state of the ONU is normal.
Match state : match //Indicates that the capability profile bound to the ONU is consistent with the actual capability
of the ONU.
...//The rest of the response information is omitted.

When Config state is failed, Run state is offline, or Match state is mismatch:

 If Control flag is deactive, run the ont active command in GPON mode to activate the ONU.

 If Run state is offline, a physical line may be broken or the optical module may be damaged. Check the
line and the optical module.

 If Config state is failed, the configured ONU capability exceeds the actual ONU capability. In this case,
run the display ont failed-configuration command in the diagnose mode to check the failed
configuration item and the failure cause. Then, rectify the fault accordingly.

 If the ONU does not match, that is, Match state is mismatch, the port types and number of ports
undermatch the actual port types and number of ports supported by the ONU. In this case, run the
display ont capability command to query the actual capability of the ONU, and then select one of the
following modes to modify the ONU configuration:

 Create a proper ONU profile according to the actual capability of the ONU, and then run the ont
modify command to modify the configuration data of the ONU.

 Modify the ONU profile according to the actual capability of the ONU and save the modification.
Then, the ONU automatically recovers the configuration successfully.

1.5.4.4 Configuring the Internet Access Service


Configuring the Internet Access Service

The OLT is connected to the remote ONU through a GPON port to provide users with high-speed Internet access
services.

Prerequisite

 The OLT is connected to the BRAS.

 Related configurations are performed on the BRAS according to the authentication and accounting
requirements for dialup users. For details about the configuration, see the BRAS configuration guide.

2024-09-17 437
MA5800 Product Documentation

 The ONU has been added to the OLT. For details, see Adding an ONU to an OLT .

Data Plan

Table 1 Data plan

Item Data

ONU line profile Profile name: ftto_line


T-CONT ID: 4
GEM port ID for Internet access services: 14

ONU service profile Profile name: ftto_ser


ONU port capability set: adaptive

Procedure

 Configure the OLT.

1. Configure a traffic profile.


Run the display traffic table ip command to query the existing traffic profiles in the system. If the
traffic profiles existing in the system do not meet the requirements, you need to run the traffic table ip
command to add a traffic profile.
Set the profile ID to ftto_hsi, the CIR to 4 Mbit/s, and the priority to 0. In addition, configure the
scheduling mode so that packets are scheduled according to their priorities.

huawei(config)#traffic table ip name ftto_hsi cir 4096 priority 0 priority-policy local-setting

2. Configure the mapping between a GEM port and a VLAN. Create a service VLAN and a service flow.
Table 2 Scenario plan

Scenario VLAN Plan VLAN Translation Policy

gateway Double-tagged VLAN ONU: Configure a VLAN for all ONUs and add the same C-VLAN tag to packets. All
ONU ONUs are in the same C-VLAN.
S-VLAN ID: 100
OLT: The OLT switches between the C-VLAN tag and the S-VLAN+C'-VLAN tag. All
S-VLAN type: smart ONUs are in different C-VLANs.
S-VLAN attribute:
stacking
C-VLAN ID: 1001
C'-VLAN ID: 1010-
1011

Configure the mapping between a GEM port and a VLAN. The service flow of user VLAN 1001 is
mapped to GEM port 14 in the ONU line profile.

huawei(config)#ont-lineprofile gpon profile-name ftto_line


huawei(config-gpon-lineprofile-1)#gem mapping 14 0 vlan 1001
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

2024-09-17 438
MA5800 Product Documentation

Create a service VLAN and add an upstream port to it. Add upstream port 0/9/0 to VLAN 100.

huawei(config)#vlan 100 smart


huawei(config)#vlan attrib 100 stacking
huawei(config)#port vlan 100 0/9 0

Create service flows. Set the service VLAN to 100, GEM port ID to 14, and user VLAN to 1001, and use
traffic profile ftto_hsi.

huawei(config)#service-port vlan 100 gpon 0/1/0 ont 1 gemport 14 multi-service

user-vlan 1001 tag-transform translate-and-add inner-vlan 1010 inbound traffic-table name


ftto_hsi outbound traffic-table name ftto_hsi

huawei(config)#service-port vlan 100 gpon 0/1/0 ont 2 gemport 14 multi-service

user-vlan 1001 tag-transform translate-and-add inner-vlan 1011 inbound traffic-table name


ftto_hsi outbound traffic-table name ftto_hsi

3. Save the data.

huawei(config)#save

 Configure an optical network terminal (ONU) on the web page.


Layer 3 route mode is used for connecting an ONU to the upper-layer device. IP addresses of users' PCs are
allocated by the DHCP IP address pool on the ONU. PPPoE auto dialup is performed on the ONU. Parameters of
the WAN port must be configured on the ONU.

1. Log in to the web configuration window.

a. Configure the IP address of the PC network adapter to be in the same network segment as the IP
address of the local maintenance Ethernet port on the ONU (default: 192.168.100.1).

b. Open the web browser, and enter the IP address of the local maintenance Ethernet port on the
ONU.

c. In the login window, enter the user name (default: telecomadmin) and password (default:
admintelecom) of the administrator. After the password authentication is passed, the web
configuration interface is displayed.

Please modify the initial password in time to ensure administrator account security.

2. Configure the working mode of a LAN port.

a. In the navigation tree, choose LAN > LAN Port Work Mode. Select the check box of LAN 1 and
set LAN1 to work in the Layer 3 mode.

b. Click Apply to apply the configuration.

2024-09-17 439
MA5800 Product Documentation

3. Configure parameters of a WAN port.

a. In the navigation tree, choose WAN > WAN Configuration.

b. In the right pane, click New. In the dialog box that is displayed, configure parameters of a WAN
port as follows:

 WAN Connection: Enable

 Encapsulation Mode: PPPoE

 WAN mode: Route WAN

 Service type: INTERNET (For configuring the Internet access service, INTERNET or a
combination containing INTERNET needs to be selected.)

 VLAN ID: 1001 (The VLAN ID of the ONU must be the same as the user-side VLAN ID
configured on the OLT.)

 802.1p: 1

 User Name: iadtest@pppoe, Password: iadtest (The user name and password must be the
same as the user name and password configured on the BRAS.)

 Binding options: LAN1

 IP acquisition Mode: PPPoE

 NAT: Enable (NAT must be enabled to configure the Internet access service.)

c. Click Apply to apply the configuration.

4. Save the configuration.


In the navigation tree, choose System Tools > Configuration File. In the right pane, click Save
Configuration to save the configuration.

2024-09-17 440
MA5800 Product Documentation

5. Check the ONU connection status.


In the navigation tree, choose Status > WAN Information. In the right pane, Status is Connected and
the obtained IP address is displayed at IP Address.

1.5.4.5 Configuring the Wi-Fi Service (Web Pages)


Configuring the Wi-Fi Service (Web Pages)

An OLT connects to remote ONUs using GPON ports to provide the high-speed Wi-Fi access service for users.

Prerequisites

 The OLT communicates with the BRAS.

 Dialup users have been configured on the BRAS based on user authentication and charging requirements. For
details about the configurations, see the BRAS configuration guide.

 An ONU has been added to the OLT. For details about how to add an ONU to an OLT, see Adding an ONU to an
OLT .

 The Internet access service has been configured. For details, see Configuring the Internet Access Service .

 The VLAN housing the LAN switch port connected to the OLT is the same as the upstream VLAN configured on
the OLT.

Data Plan

Item Data

ONU line Profile name: ftto_line


profile T-CONT ID: 4
GEM port ID of the Internet access service: 14

VLAN planning Dual VLAN tags:

2024-09-17 441
MA5800 Product Documentation

Item Data

S-VLAN ID: 100


S-VLAN type: smart
S-VLAN attribute: stacking
C-VLAN ID: 1001
C'-VLAN ID: 1010-1011
VLAN translation policy:
ONU: VLANs are centrally configured. A C-VLAN tag is added to packets on ONUs, and all ONUs use the
same C-VLAN.
OLT: VLAN translation, C <-> S+C', is performed on the OLT. Each ONU has a unique C'-VLAN.

Procedure
1. Before configuring the Wi-Fi service using web pages, perform the following operations to log in to the
configuration web page:

a. Set the IP address of the network interface card (NIC) on the PC. Ensure that this IP address is in the
same network segment as the local maintenance IP address (192.168.100.1 by default) of the ONU.

b. Start the IE browser, enter https://192.168.100.1:80 or http://192.168.100.1 in the address bar.


(https://192.168.100.1:80 is preferred because of higher security.) In the login web page, enter the
user name and password, the default values of which are telecomadmin and admintelecom,
respectively. After the password is authenticated, the configuration web page is displayed.

Please modify the initial password in time to ensure administrator account security.

Configure the Layer 3 bridging Wi-Fi service.

a. Configure Wi-Fi parameters.


Choose WLAN from the main menu. Then, in the navigation tree on the left side of the page, choose
WLAN Basic Configuration and configure parameters shown in the following figure.

2024-09-17 442
MA5800 Product Documentation

b. Configure Layer 3 bridging WAN port parameters.


Choose WAN from the main menu. Then, in the navigation tree on the left side of the page, choose
WAN Configuration and configure parameters shown in the following figure.

In this example, the Internet access service using Wi-Fi is implemented in PPPoE dialup mode. If the DHCP
mode is required, set Encapsulation Mode to IPoE and enable DHCP relay. For details, see Web Page Reference.

c. Check ONU connection status.


Choose Status from the main menu. Then, in the navigation tree on the left side of the page, choose
WAN Information to check the ONU connection status.

2024-09-17 443
MA5800 Product Documentation

Configure the Layer 3 routing Wi-Fi service.

a. Configure Wi-Fi parameters.


Choose WLAN from the main menu. Then, in the navigation tree on the left side of the page, choose
WLAN Basic Configuration and configure parameters shown in the following figure.

b. Configure Layer 3 routing WAN port parameters.

2024-09-17 444
MA5800 Product Documentation

c. Check the ONU connection status.


Choose Status from the main menu. Then, in the navigation tree on the left side of the page, choose
WAN Information to check the ONU connection status.

Result

 For the Layer 3 bridging Wi-Fi service, SSID-specific wireless signals can be detected by the PC. After a user
enters a correct authentication key and is PPPoE authenticated, the user can access the Internet.

 For the Layer 3 routing Wi-Fi service, SSID-specific wireless signals can be detected by the PC. After a user
enters a correct authentication key, the PC automatically obtains an IP address allocated by the ONU using
DHCP. After the ONU automatically performs PPPoE dialup and the dialup is successful, the user can access
the Internet.

2024-09-17 445
MA5800 Product Documentation

The security and encryption modes configured on Wi-Fi terminals must be the same as those configured on the ONU. If a Wi-Fi
terminal does not support TKIP&AES or AES, the Wi-Fi driver may be of an early version. In such a case, update the driver.

1.5.4.6 Configuring Soft GRE Tunnel-based Wi-Fi Sharing


(U2000)
Configuring Soft GRE Tunnel-based Wi-Fi Sharing (U2000)

This section describes how to configure soft GRE tunnel-based Wi-Fi sharing on a GPON ONU.

Prerequisites
In the soft GRE tunnel solution, the BRAS supports Ethernet over GRE tunnels and encapsulates and decapsulates
GRE packets. The ONU connects to a Huawei ME60, which uses a specified version and service board to support
soft GRE tunnels. If the ONU connects to a third-party router, the router supports EoGRE tunnels.

Data Plan

For data upstream transmission using soft GRE tunnels, data can be authenticated in web portal or 802.1x mode.
This section uses the 802.1x authentication as an example. The differences between the two authentication modes
are provided in the following steps.
Item Data

Value-added ONU service profile Profile name: FTTO_value

WAN port parameters WAN port name: WAN1


WAN port status: enabled
Connection type: routing
NAT (NATEnabled) status: enabled
Service type: Internet access

RADIUS parameters Authentication mode: 802.1x-EAP


IP address of the RADIUS server: 10.101.106.254
Key of the RADIUS server: SoftGRE1
RADIUS authentication port: 1812
RADIUS accounting: enabled
RADIUS accounting port: 1813

GRE tunnel parameters Tunnel name: GRE


Outbound port: WAN1
IP address of the peer end: 10.136.136.136
Inbound port: SSID2

Static routing parameters Destination IP address: 10.101.106.254


Mask of the destination address: 255.255.255.255
WAN port name: WAN1

Procedure

2024-09-17 446
MA5800 Product Documentation

1. Configure a WAN port.

a. Log in to a U2000 client and choose Configuration > Access Profile Management from the main
menu.
b. In the navigation tree on the left side of the window, choose PON Profile > ONT VAS Profile. Then,
click the General ONT VAS Profile tab page on the right side of the window. Right-click the list in the
lower part and choose Add(Service Configuration Type) from the shortcut menu.
c. In the dialog box that is displayed, configure the profile name. In the navigation tree on the left side of
the window, right-click WAN Device > WAN Device 1 > WAN Connection and choose Add IP
Connection from the shortcut menu. Add a routing WAN port and configure basic WAN parameters.

2. Add two SSIDs. Configure SSID2 as the operator SSID. Set WLAN authentication parameters for the operator.

a. In the navigation tree on the left side of the window, right-click LAN Device > LAN Interface 1 >
WLAN Configuration and choose Add from the shortcut menu. Then, add two SSIDs.

b. In the navigation tree on the left side of the window, right-click LAN Device > LAN Interface 1 >
WLAN Configuration for ISP and choose Add from the shortcut menu. Right-click the added WLAN
Configuration for ISP 1 and choose SSID Index 2 from the shortcut menu.

2024-09-17 447
MA5800 Product Documentation

c. Click Next. In the window that is displayed, click Add. Then, configure the authentication mode and
parameters for WLAN Configuration for ISP 1.

In 802.1x authentication mode, RADIUS parameters listed in the red box must be configured. In web portal
authentication mode, RADIUS parameters do not need to be configured.

3. Configure WAN port parameters.


In the navigation tree on the left side of the window, choose WAN Device > WAN Device 1 > WAN
Connection > WAN Connection 1 > WAN IP Interface > WAN IP Interface 1. Then, in the pane on the
right side of the window, configure WAN port parameters.

2024-09-17 448
MA5800 Product Documentation

4. Configure a GRE tunnel.

a. In the navigation tree on the left side of the window, right-click SoftGRE Tunnel Management and
choose Add from the shortcut menu. Click the added SoftGRE Tunnel InfoInstance 1 and configure
the soft GRE tunnel in the pane on the right side of the window.
Egress Interface is the configured WAN port, and Remote Address is the IP address of the ME60.

b. In the navigation tree on the left side of the window, right-click SoftGRE Tunnel Management >
SoftGRE Tunnel InfoInstance 1 > SoftGRE Tunnel Ingress Interface and choose Add from the
shortcut menu. Click the added SoftGRE Tunnel 1 and configure the inbound port of the soft GRE
tunnel in the pane on the right side of the window.

2024-09-17 449
MA5800 Product Documentation

5. Configure a static route.

a. In the navigation tree on the left side of the window, right-click Layer 3 Forwarding > Static route
and choose Add from the shortcut menu. Click the added Policy Route 1 and configure the
destination IP address, mask, and upstream bridging WAN 1 port in the pane on the right side of the
window. The destination IP address is the IP address of the RADIUS server.

In 802.1x authentication mode, a static route must be configured. The reason is as follows: After the WAN port
functioning as a GRE tunnel obtains an IP address, no default route is generated. In such a case, the RADIUS
client cannot communicate with the RADIUS server. In web portal authentication mode, this step is not
required.

b. Click OK and then Finish.

6. Issue a universal value-added service profile to the ONU.

2024-09-17 450
MA5800 Product Documentation

a. Choose View > Main Topology from the main menu to enter the main topology.
b. In Main Topology, double-click the OLT connected to the ONU to enter the service configuration
window. In the navigation tree on the left side of the window, choose GPON > GPON Management.
Then, click the GPON ONU tab page on the right side of the window.
c. Right-click the ONU to which the profile is to be bound and choose Value-Added ServiceBind VAS
Profile from the shortcut menu.
d. In the dialog box that is displayed, select the configured universal value-added service profile and
click OK.

1.5.4.7 Configuring VLAN Tunnel-based Wi-Fi Sharing (U2000)


Configuring VLAN Tunnel-based Wi-Fi Sharing (U2000)

This section describes how to configure VLAN tunnel-based Wi-Fi sharing on a GPON ONU.

Data Plan

For data upstream transmission using VLAN tunnels, data can be authenticated in web portal or 802.1x mode.
This section uses the 802.1x authentication as an example.
Item Data

Value-added ONU service profile Profile name: FTTO_value

WAN port parameters WAN 1:


WAN port status: enabled
Connection type: routing
NAT (NATEnabled) status: enabled
Service type: Internet access
WAN 2:

2024-09-17 451
MA5800 Product Documentation

Item Data

WAN port status: enabled


Connection type: bridging
NAT (NATEnabled) status: disabled
Service type: Internet access

RADIUS parameters Authentication mode: 802.1x-EAP


IP address of the RADIUS server: 10.101.106.254
Key of the RADIUS server: SoftGRE1
RADIUS authentication port: 1812
RADIUS accounting: enabled
RADIUS accounting port: 1813

Policy routing parameters Policy routing type: SourcePhyPort


Physical port name: SSID2
WAN port name: WAN2

Procedure

1. Configure WAN ports.

a. Log in to a U2000 client and choose Configuration > Access Profile Management from the main
menu.
b. In the navigation tree on the left side of the window, choose PON Profile > ONT VAS Profile. Then,
click the General ONT VAS Profile tab page on the right side of the window. Right-click the list in the
lower part and choose Add(Service Configuration Type) from the shortcut menu.
c. In the dialog box that is displayed, configure the profile name. In the navigation tree on the left side of
the window, right-click WAN Device > WAN Device 1 > WAN Connection and choose Add IP
Connection from the shortcut menu. Add two WAN ports and configure basic WAN parameters.
WAN port 1 is configured as a routing WAN port, which is used for transmitting data upstream for
private users in addition to being used by RADIUS clients. WAN port 2 is configured as a bridging
WAN port, which is used for transmitting data upstream for Wi-Fi shared users.

2024-09-17 452
MA5800 Product Documentation

In web portal authentication mode, only one bridging WAN is required.

2. Add two SSIDs. Configure SSID2 as the operator SSID. Set WLAN authentication parameters for the operator.

a. In the navigation tree on the left side of the window, right-click LAN Device > LAN Interface 1 >
WLAN Configuration and choose Add from the shortcut menu. Then, add two SSIDs.

b. In the navigation tree on the left side of the window, right-click LAN Device > LAN Interface 1 >
WLAN Configuration for ISP and choose Add from the shortcut menu. Right-click the added WLAN
Configuration for ISP 1 and choose SSID Index 2 from the shortcut menu.

2024-09-17 453
MA5800 Product Documentation

c. Click Next. In the window that is displayed, click Add. Then, configure the authentication mode and
parameters for WLAN Configuration for ISP 1.

In 802.1x authentication mode, RADIUS parameters listed in the red box must be configured. In web portal
authentication mode, RADIUS parameters do not need to be configured.

3. Configure WAN port parameters.

a. In the navigation tree on the left side of the window, choose WAN Device > WAN Device 1 > WAN
Connection > WAN Connection 1 > WAN IP Interface > WAN IP Interface 1. Then, in the pane on
the right side of the window, configure WAN port parameters.

2024-09-17 454
MA5800 Product Documentation

b. Use the same method to configure WAN port parameters for WAN IP Interface 2. The only difference
is as follows: WAN IP Interface 2 is a bridging WAN port, which does not require the configuration of
the NATEnabled parameter.

In web portal authentication mode, bridging WAN port parameters are also required.

4. Configure a policy route.

a. In the navigation tree on the left side of the window, right-click Layer 3 Forwarding > Policy route
and choose Add from the shortcut menu. Click the added Policy Route 1 and bind SSID 2 to upstream
bridging WAN port 2 in this route in the pane on the right side of the window.

b. Click OK and then Finish.

5. Issue a universal value-added service profile to the ONU.

a. Choose View > Main Topology from the main menu to enter the main topology.

2024-09-17 455
MA5800 Product Documentation

b. In Main Topology, double-click the OLT connected to the ONU to enter the service configuration
window. In the navigation tree on the left side of the window, choose GPON > GPON Management.
Then, click the GPON ONU tab page on the right side of the window.
c. Right-click the ONU to which the profile is to be bound and choose Value-Added ServiceBind VAS
Profile from the shortcut menu.
d. In the dialog box that is displayed, select the configured universal value-added service profile and
click OK.

1.5.4.8 Configuring the H.248-based Voice Service (on a Web


Page)
Configuring the H.248-based Voice Service (on a Web Page)

The OLT is connected to the remote ONU through a GPON port to provide users with the IP-based high-quality and
low-cost VoIP service.

Prerequisite

 The interface data and POTS port data corresponding to the MG interface have been configured on the MGC.

 The OLT has been connected to the MGC. The OLT can ping the IP address of the MGC server successfully.

 The ONU has been added to the OLT. For details, see Adding an ONU to an OLT .

 Different voice services require different ONU software versions. Before the configuration, ensure that the
ONU software version supports H.248. For details, see relevant ONU manuals.

Context

2024-09-17 456
MA5800 Product Documentation

Table 1 Data plan

Item Data

ONU line profile Profile name: ftto_line


T-CONT ID: 4
GEM port ID: 12

ONU service profile Profile name: ftto_ser


ONU port capability set: adaptive

Networking data IP address of the MGC server: 10.200.200.200/24


Port ID of the MGC server: 2944

Procedure

 Configure the OLT.

1. Configure a traffic profile.


Set the profile name to ftto_voip and do not limit the upstream and downstream rates. Set the priority
to 5 and packets are scheduled according to the priority carried.
Run the display traffic table ip command to query existing traffic profiles in the system. If the existing
traffic profiles in the system do not meet the requirements, run the traffic table ip command to add a
traffic profile.

huawei(config)#traffic table ip name ftto_voip cir off priority 5 priority-policy local-setting

2. Configure the mapping between a GEM port and a VLAN. Create a service VLAN and a service flow.
Table 2 Scenario plan

Scenario VLAN Plan VLAN Translation Policy

Scenario Single VLAN tag ONU: Configure a VLAN for all ONUs and add the same C-VLAN tag to packets. All
1 ONUs are in the same C-VLAN.
S-VLAN ID: 300
OLT: The OLT transparently transmits VLAN tags (the C-VLAN is the same as the
S-VLAN type: smart planned S-VLAN).
S-VLAN attribute:
common
C-VLAN ID: 300

Scenario Single VLAN tag ONU: Configure a VLAN for all ONUs and add the same C-VLAN tag to packets. All
2 ONUs are in the same C-VLAN.
S-VLAN ID: 300
OLT: The OLT switches between C-VLAN tags and S-VLAN tags (C-VLAN is different
S-VLAN type: smart from the planned S-VLAN).
S-VLAN attribute:
common
C-VLAN ID: 3001

Scenario 1:
Configure the mapping between a GEM port and a VLAN. The service flow of user VLAN 300 is mapped
to GEM port 12 in the ONU line profile.

huawei(config)#ont-lineprofile gpon profile-name ftto_line

2024-09-17 457
MA5800 Product Documentation

huawei(config-gpon-lineprofile-1)#gem mapping 12 2 vlan 300


huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

Create a service VLAN and add an upstream port to it. Add upstream port 0/9/0 to VLAN 300.

huawei(config)#vlan 300 smart


huawei(config)#port vlan 300 0/9 0

Create service flows. Set the service VLAN to 300, GEM port ID to 12, and user VLAN to 300, and use
traffic profile ftto_voip.

huawei(config)#service-port vlan 300 gpon 0/1/0 ont 1 gemport 12 multi-service user-vlan 300 inbound
traffic-table name ftto_voip outbound traffic-table name ftto_voip
huawei(config)#service-port vlan 300 gpon 0/1/0 ont 2 gemport 12 multi-service user-vlan 300 inbound
traffic-table name ftto_voip outbound traffic-table name ftto_voip

Scenario 2:
Configure the mapping between a GEM port and a VLAN. The service flow of user VLAN 3001 is
mapped to GEM port 12 in the ONU line profile.

huawei(config)#ont-lineprofile gpon profile-name ftto_line


huawei(config-gpon-lineprofile-1)#gem mapping 12 2 vlan 3001
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

Create a service VLAN and add an upstream port to it. Add upstream port 0/9/0 to VLAN 300.

huawei(config)#vlan 300 smart


huawei(config)#vlan attrib 300 stacking
huawei(config)#port vlan 300 0/9 0

Create service flows. Set the service VLAN to 300, GEM port ID to 12, and user VLAN to 3001. Use traffic
profile ftto_voip.

huawei(config)#service-port vlan 300 gpon 0/1/0 ont 1 gemport 12 multi-service user-vlan 3001 tag-
transform translate inbound traffic-table name ftto_voip outbound traffic-table name ftto_voip
huawei(config)#service-port vlan 300 gpon 0/1/0 ont 2 gemport 12 multi-service user-vlan 3001 tag-
transform translate inbound traffic-table name ftto_voip outbound traffic-table name ftto_voip

3. Enable the ARP proxy function.


Voice media streams for different users of the same S-VLAN fail to interchange because the service
ports of the smart VLAN are isolated from each other. Therefore, the ARP proxy function needs to be
enabled on the OLT.

huawei(config)#arp proxy enable


huawei(config)#interface vlanif 300
huawei(config-if-vlanif300)#arp proxy enable
huawei(config-if-vlanif300)#quit

4. Save the data.

huawei(config)#save

2024-09-17 458
MA5800 Product Documentation

 Configure the ONU on the web page.

1. Log in to the web configuration window.

a. Configure the IP address of the PC network adapter to be in the same network segment as the IP
address of the local maintenance Ethernet port on the ONU (default: 192.168.100.1).

b. Open the web browser, and enter the IP address of the local maintenance Ethernet port on the
ONU.

c. In the login window, enter the user name (default: telecomadmin) and password (default:
admintelecom) of the administrator. After the password authentication is passed, the web
configuration interface is displayed.

Please modify the initial password in time to ensure administrator account security.

2. Configure parameters of a voice WAN port.

a. In the navigation tree, choose WAN > WAN Configuration.

b. In the right pane, click New. In the dialog box that is displayed, configure parameters of a WAN
port as follows:

 WAN Connection: Enable

 Service List: VoIP (For configuring the VoIP service, VoIP or a combination containing VoIP
needs to be selected.)

 Mode: Route

 VLAN ID: 300 (The VLAN ID of the ONU must be the same as the user-side VLAN ID
configured on the OLT.)

 802.1p: 5

 IP Acquisition Mode: DHCP

2024-09-17 459
MA5800 Product Documentation

c. Click Apply to apply the configuration.

3. Configure the parameters of the H.248-based voice interface.

a. In the navigation tree, choose Voice > VoIP Basic Configuration.

b. In the right pane, configure the parameters of the H.248-based voice interface as follows (other
parameters use the default settings):

 Set MGC Address below Primary Server to 10.200.200.200.

 MID Format: DomainName

 MG Domain: 6877687714852901

 Signaling Port: 1_VOIP_R_VID_300

 Region: China

 The parameters of the H.248-based voice interface must be consistent with the corresponding
configuration on the media gateway controller (MGC).
 If dual-homing is configured, MGC Address below Secondary Server must be configured.
 MID Format can be set to Domain Name, IP, or Device. If MID Format is set to Domain Name or
Device, the setting must be consistent with the corresponding configuration on the MGC.
 Domain Name is ONU's domain name registered with the MGC. It is globally unique. Domain Name
in this example is ONU's SN.
 If Media Port is empty, the parameter value is the same as Signaling Port. The media streams are
not isolated from signaling streams. If the upper-layer network requires isolation of media streams
from signaling streams, create different traffic streams for the media streams and signaling streams
on the OLT, create different WAN ports on the ONU, and bind the created WAN ports to Media Port
and Signaling Port.
 Profile Index can be set to Default, BT, FT, KPN, PCCW, ZTE, or BELL. Choose the value based on
the MGC type. Profile Index is set to Default (indicating interconnection with Huawei MGC) in this
example. If the settings do not meet requirements, configure UserDefine. For details about how to
configure this parameter, contact Huawei technical support engineers.
 When the ONU is interconnected with a third-party softswitch, check RTP TID Prefix, Start
Number of RTP TID, and Width of RTP TID Number.

2024-09-17 460
MA5800 Product Documentation

c. Click Apply to apply the configuration.

4. Configure parameters of the H.248-based voice users.

a. In the navigation tree, choose Voice > VoIP Basic Configuration.

b. In the right pane, configure the parameters of voice user 1 as follows:

 Line Name: A0

 Associated POTS: 1 (binding port TEL1 on the ONU)

 Select Enable Line Name to enable the voice user configuration.

c. Click Apply to apply the configuration.

d. In the right pane, click New to add voice user 2, and configure the parameters of voice user 2 as
follows:

 Line Name: A1

 Associated POTS: 2 (binding port TEL2 on the ONU)

 Select Enable Line Name to enable the voice user configuration.

e. Click Apply to apply the configuration.

 The terminal IDs A0 and A1 must be consistent with the corresponding configuration on the MGC.
 If Associated POTS is 1, port TEL1 on the ONU is bound. If Associated POTS is 2, port TEL2 on the ONU is
bound.

2024-09-17 461
MA5800 Product Documentation

5. (Optional) Configure a route.


Perform this operation if the IP address of the ONU and the IP address of the voice server are in
different network segments.

a. Choose Route > Default Route Configuration from the main menu.

b. Select Enable the default route and set WAN name to 1_VOIP_R_VID_300.

Figure 1 shows the settings.

Figure 1 Configuring a route

c. Click Apply to apply the configuration.

6. Save the configuration.


In the navigation tree, choose System Tools > Configuration File. In the right pane, click Save
Configuration to save the configuration.

7. Restart the voice process.


In the navigation tree, choose Status > VoIP Information. In the right pane, click Restart VoIP.

8. Check the ONU connection status.

2024-09-17 462
MA5800 Product Documentation

In the navigation tree, choose Status > WAN Information. In the right pane, Status is Connected and
the obtained IP address is displayed at IP Address.

9. Check the registration status of a voice user.


In the navigation tree, choose Status > VoIP Information. In the right pane, User Status is Up.

1.5.4.9 Configuring the H.248-based Voice Service (Through


the CLI)
Configuring the H.248-based Voice Service (Through the CLI)

The OLT manages ONUs and applies VoIP configurations to the ONU using the OMCI protocol. This topic describes
how to configure the H.248-based voice service.

Prerequisite

 The interface data and POTS port data corresponding to the MG interface have been configured on the MGC.

 The OLT has been connected to the MGC. The OLT can ping the IP address of the MGC server successfully.

 The ONU has been added to the OLT. For details, see Adding an ONU to an OLT .

 Different voice services require different ONU software versions. Before the configuration, ensure that the
ONU software version supports H.248. For details, see relevant ONU manuals.

Context

Table 1 Data plan

Item Data

ONU line profile Profile name: ftto_line


T-CONT ID: 4
GEM port ID: 12

2024-09-17 463
MA5800 Product Documentation

Table 1 Data plan

Item Data

ONU service profile Profile name: ftto_ser


ONU port capability set: adaptive

Networking data IP address of the MGC server: 10.200.200.200/24


Port ID of the MGC server: 2944

Procedure

1. Configure a traffic profile.


Set the profile name to ftto_voip and do not limit the upstream and downstream rates. Set the priority to 5
and packets are scheduled according to the priority carried.
Run the display traffic table ip command to query existing traffic profiles in the system. If the existing
traffic profiles in the system do not meet the requirements, run the traffic table ip command to add a traffic
profile.

2. Configure the mapping between a GEM port and a VLAN. Create a service VLAN and a service flow.
Table 2 Scenario plan

Scenario VLAN Plan VLAN Translation Policy

Scenario Single VLAN tag ONU: Configure a VLAN for all ONUs and add the same C-VLAN tag to packets. All
1 ONUs are in the same C-VLAN.
S-VLAN ID: 300
OLT: The OLT transparently transmits VLAN tags (the C-VLAN is the same as the
S-VLAN type: smart planned S-VLAN).
S-VLAN attribute:
common
C-VLAN ID: 300

Scenario Single VLAN tag ONU: Configure a VLAN for all ONUs and add the same C-VLAN tag to packets. All
2 ONUs are in the same C-VLAN.
S-VLAN ID: 300
OLT: The OLT switches between C-VLAN tags and S-VLAN tags (C-VLAN is different
S-VLAN type: smart from the planned S-VLAN).
S-VLAN attribute:
common
C-VLAN ID: 3001

Scenario 1:
Configure the mapping between a GEM port and a VLAN. The service flow of user VLAN 300 is mapped to
GEM port 12 in the ONU line profile.

huawei(config)#ont-lineprofile gpon profile-name ftto_line


huawei(config-gpon-lineprofile-1)#gem mapping 12 2 vlan 300
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

Create a service VLAN and add an upstream port to it. Add upstream port 0/9/0 to VLAN 300.

huawei(config)#vlan 300 smart

2024-09-17 464
MA5800 Product Documentation

huawei(config)#port vlan 300 0/9 0

Create service flows. Set the service VLAN to 300, GEM port ID to 12, and user VLAN to 300, and use traffic
profile ftto_voip.

huawei(config)#service-port vlan 300 gpon 0/1/0 ont 1 gemport 12 multi-service user-vlan 300 inbound traffic-
table name ftto_voip outbound traffic-table name ftto_voip
huawei(config)#service-port vlan 300 gpon 0/1/0 ont 2 gemport 12 multi-service user-vlan 300 inbound traffic-
table name ftto_voip outbound traffic-table name ftto_voip

Scenario 2:
Configure the mapping between a GEM port and a VLAN. The service flow of user VLAN 3001 is mapped to
GEM port 12 in the ONU line profile.

huawei(config)#ont-lineprofile gpon profile-name ftto_line


huawei(config-gpon-lineprofile-1)#gem mapping 12 2 vlan 3001
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

Create a service VLAN and add an upstream port to it. Add upstream port 0/9/0 to VLAN 300.

huawei(config)#vlan 300 smart


huawei(config)#vlan attrib 300 stacking
huawei(config)#port vlan 300 0/9 0

Create service flows. Set the service VLAN to 300, GEM port ID to 12, and user VLAN to 3001. Use traffic
profile ftto_voip.

huawei(config)#service-port vlan 300 gpon 0/1/0 ont 1 gemport 12 multi-service user-vlan 3001 tag-transform
translate inbound traffic-table name ftto_voip outbound traffic-table name ftto_voip
huawei(config)#service-port vlan 300 gpon 0/1/0 ont 2 gemport 12 multi-service user-vlan 3001 tag-transform
translate inbound traffic-table name ftto_voip outbound traffic-table name ftto_voip

3. Configure ONU voice service profiles.


ONU voice service profiles include the interface common profile, MGC interface profile, and POTS port
profile.

 Interface common profile: saves common attributes of an ONU voice interface, including the fax mode,
fax/modem negotiation mode, and priority of the coding and decoding mode.

 MGC interface profile: saves the IP address or domain name of the MGC, protocol port ID of the MGC
transport layer to which the MG interface belongs, and DSCP priority of media packets.

 POTS port profile: saves physical attributes of a POTS port on an ONU, including the impedance,
transmitting gain, receiving gain, and signaling type of the POTS port.

a. Configure an interface common profile.


Run the display ont-mg-attribute-profile command to query the existing interface common profile
in the system. If the existing interface common profile in the system does not meet the requirements,
run the ont-mg-attribute-profile add command to add an interface common profile.
In this example, the default interface common profile, namely interface common profile 1 is used.

2024-09-17 465
MA5800 Product Documentation

b. Configure an MGC interface profile.


Run the display ont-mgc-profile command to query the existing MGC interface profile in the system.
If the existing MGC interface profile in the system does not meet the requirements, run the ont-mgc-
profile add command to add an MGC interface profile.
Create MGC interface profile 2, set the IP address of the MGC to 10.200.200.200, and use default
values for other parameters.

huawei(config)#ont-mgc-profile add profile-id 2 primary-mgc 10.200.200.200

c. Configure a POTS port profile.


Run the display ont-pots-profile command to query the existing POTS port profile in the system. If
the existing POTS port profile in the system does not meet the requirements, run the ont-pots-
profile add command to add a POTS port profile.
In this example, the default POTS port profile, namely POTS port profile 1 is used.

4. Configure the IP addresses of ONU SIP users.


For ONU 1 and ONU 2, configure the IP address obtaining mode to the static mode, set the IP addresses to
10.10.10.10/24 and 10.10.10.20/24, set the management VLAN to VLAN 20, and use default values for other
parameters.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont ipconfig 0 1 dhcp vlan 20
huawei(config-if-gpon-0/1)#ont ipconfig 0 2 dhcp vlan 20

5. Configure H.248 POTS users.

a. Add an H.248 interface and apply an MGC interface profile to the interface.
For ONU 1 and ONU 2, set the MG ID to 1, apply MGC interface profile 2 to ONU 1 and ONU 2, and use
default values for other parameters.
If parameters of an MGC interface profile are changed, the MGC interface profile must be reapplied to
the ONU so that the changed parameters can take effect.

huawei(config-if-gpon-0/1)#if-h248 add 0 1 1 mgc-profile profile-id 2


huawei(config-if-gpon-0/1)#if-h248 add 0 2 1 mgc-profile profile-id 2

b. Add POTS users.


For ONU 1 and ONU 2, create a POTS user, set the MG ID to 1 (identical to the MG ID of the H.248
interface), and set the physical terminal port ID to A0 and A1.

huawei(config-if-gpon-0/1)#mgpstnuser add 0 1 1 mgid 1 terminalid A0


huawei(config-if-gpon-0/1)#mgpstnuser add 0 2 1 mgid 1 terminalid A1

Run the display mgpstnuser attribute command to check whether the configuration of the POTS
user is properly set.

huawei(config-if-gpon-0/1)#display mgpstnuser attribute 0 1 1


------------------------------------------------------------------------------
F/S/P : 0/1/0
ONT ID :1
Port ID :1

2024-09-17 466
MA5800 Product Documentation

MG ID :1
Terminal ID : A0
...//The rest of the response information is omitted.

huawei(config-if-gpon-0/1)#display mgpstnuser attribute 0 2 1


------------------------------------------------------------------------------
F/S/P : 0/1/0
ONT ID :2
Port ID :1

MG ID :1
Terminal ID : A1
...//The rest of the response information is omitted.

6. Apply ONU voice service profiles


After ONU voice service profiles are applied, if parameters in those profiles are changed, those profiles must
be reapplied so that the changed parameters can take effect.

a. Apply an interface common profile.


Run the if-h248 attribute command to apply an interface common profile to an H.248 interface or
configure the interface customized parameters, or run the ont-if-h248 bat-apply command to bulk
apply the interface common profiles to H.248 interfaces. If you use these two commands to apply the
interface common profiles or configure the interface customized parameters repeatedly, the last
configurations take effect.
In this example, the default interface common profile, namely interface common profile 1 is used.

b. Apply a POTS port profile.


Run the pstnport electric command to apply a POTS port profile to an H.248 interface or configure
the interface customized parameters, or run the ont-pstnport electric bat-apply command to bulk
apply the POTS port profiles to H.248 interfaces. If you use these two commands to apply the POTS
port profiles or configure the interface customized parameters repeatedly, the last configurations
take effect.
In this example, the default POTS port profile, namely POTS port profile 1 is used.

7. (Optional) Configure the H.248 user codec.


Run the mgpstnuser codec command to configure the H.248 user codec. The H.248 user codec will not be
configured independently in this example.

8. Save the data.

huawei(config)#save

2024-09-17 467
MA5800 Product Documentation

1.5.4.10 Configuring the SIP-based Voice Service (on a Web


Page)
Configuring the SIP-based Voice Service (on a Web Page)

The OLT is connected to the remote ONU through a GPON port to provide users with the IP-based high-quality and
low-cost VoIP service.

Prerequisite

 The SIP interface data and POTS port data corresponding to the MG interface have been configured on the SIP
server.

 The connection between the OLT and the SIP server is set up. The OLT can ping the IP address of the SIP
server successfully.

 The ONU has been added to the OLT. For details, see Adding an ONT to an OLT .

 Different voice services require different ONU software versions. Before the configuration, ensure that the
current ONU software version supports SIP. For details, see relevant ONU manuals.

Data Plan

Table 1 Data plan

Item Data

ONU line profile Profile name: ftto_line


T-CONT ID: 4
GEM port ID: 12

ONU service profile Profile name: ftto_ser


ONU port capability set: adaptive

Voice parameter IP address of the SIP server: 10.200.200.200/24


Port ID of the SIP server: 5060
Home domain name: example.com
User phone number 1: 80001234
User phone number 2: 80001235

Procedure

 Configure the OLT.

1. Configure a traffic profile.


Set the profile name to ftto_voip and do not limit the upstream and downstream rates. Set the priority
to 5 and packets are scheduled according to the priority carried.
Run the display traffic table ip command to query existing traffic profiles in the system. If the existing
traffic profiles in the system do not meet the requirements, run the traffic table ip command to add a
traffic profile.

2024-09-17 468
MA5800 Product Documentation

huawei(config)#traffic table ip name ftto_voip cir off priority 5 priority-policy local-setting

2. Configure the mapping between a GEM port and a VLAN. Create a service VLAN and a service flow.
Table 2 Scenario plan

Scenario VLAN Plan VLAN Translation Policy

Scenario Single VLAN tag ONU: Configure a VLAN for all ONUs and add the same C-VLAN tag to packets. All
1 ONUs are in the same C-VLAN.
S-VLAN ID: 300
OLT: The OLT transparently transmits VLAN tags (the C-VLAN is the same as the
S-VLAN type: smart planned S-VLAN).
S-VLAN attribute:
common
C-VLAN ID: 300

Scenario Single VLAN tag ONU: Configure a VLAN for all ONUs and add the same C-VLAN tag to packets. All
2 ONUs are in the same C-VLAN.
S-VLAN ID: 300
OLT: The OLT switches between C-VLAN tags and S-VLAN tags (C-VLAN is different
S-VLAN type: smart from the planned S-VLAN).
S-VLAN attribute:
common
C-VLAN ID: 3001

Scenario 1:
Configure the mapping between a GEM port and a VLAN. The service flow of user VLAN 300 is mapped
to GEM port 12 in the ONU line profile.

huawei(config)#ont-lineprofile gpon profile-name ftto_line


huawei(config-gpon-lineprofile-1)#gem mapping 12 2 vlan 300
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

Create a service VLAN and add an upstream port to it. Add upstream port 0/9/0 to VLAN 300.

huawei(config)#vlan 300 smart


huawei(config)#port vlan 300 0/9 0

Create service flows. Set the service VLAN to 300, GEM port ID to 12, and user VLAN to 300, and use
traffic profile ftto_voip.

huawei(config)#service-port vlan 300 gpon 0/1/0 ont 1 gemport 12 multi-service user-vlan 300 inbound
traffic-table name ftto_voip outbound traffic-table name ftto_voip
huawei(config)#service-port vlan 300 gpon 0/1/0 ont 2 gemport 12 multi-service user-vlan 300 inbound
traffic-table name ftto_voip outbound traffic-table name ftto_voip

Scenario 2:
Configure the mapping between a GEM port and a VLAN. The service flow of user VLAN 3001 is
mapped to GEM port 12 in the ONU line profile.

huawei(config)#ont-lineprofile gpon profile-name ftto_line


huawei(config-gpon-lineprofile-1)#gem mapping 12 2 vlan 3001
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

2024-09-17 469
MA5800 Product Documentation

Create a service VLAN and add an upstream port to it. Add upstream port 0/9/0 to VLAN 300.

huawei(config)#vlan 300 smart


huawei(config)#vlan attrib 300 stacking
huawei(config)#port vlan 300 0/9 0

Create service flows. Set the service VLAN to 300, GEM port ID to 12, and user VLAN to 3001. Use traffic
profile ftto_voip.

huawei(config)#service-port vlan 300 gpon 0/1/0 ont 1 gemport 12 multi-service user-vlan 3001 tag-
transform translate inbound traffic-table name ftto_voip outbound traffic-table name ftto_voip
huawei(config)#service-port vlan 300 gpon 0/1/0 ont 2 gemport 12 multi-service user-vlan 3001 tag-
transform translate inbound traffic-table name ftto_voip outbound traffic-table name ftto_voip

3. Enable the ARP proxy function.


Voice media streams for different users of the same S-VLAN fail to interchange because the service
ports of the smart VLAN are isolated from each other. Therefore, the ARP proxy function needs to be
enabled on the OLT.

huawei(config)#arp proxy enable


huawei(config)#interface vlanif 300
huawei(config-if-vlanif300)#arp proxy enable
huawei(config-if-vlanif300)#quit

4. Save the data.

huawei(config)#save

 Configure the ONU on the web page.

1. Log in to the web configuration window.

a. Configure the IP address of the PC network adapter to be in the same network segment as the IP
address of the local maintenance Ethernet port on the ONU (default: 192.168.100.1).

b. Open the web browser, and enter the IP address of the local maintenance Ethernet port on the
ONU.

c. In the login window, enter the user name (default: telecomadmin) and password (default:
admintelecom) of the administrator. After the password authentication is passed, the web
configuration interface is displayed.

Please modify the initial password in time to ensure administrator account security.

2. Configure parameters of a voice WAN port.

a. In the navigation tree, choose WAN > WAN Configuration.

b. In the right pane, click New. In the dialog box that is displayed, configure parameters of a WAN
port as follows:

2024-09-17 470
MA5800 Product Documentation

 WAN Connection: Enable

 Service List: VoIP (For configuring the VoIP service, VoIP or a combination containing VoIP
needs to be selected.)

 Mode: Route

 VLAN ID: 300 (The VLAN ID of the ONU must be the same as the user-side VLAN ID
configured on the OLT.)

 802.1p: 5

 IP Acquisition Mode: DHCP

c. Click Apply to apply the configuration.

3. Configure the parameters of the SIP-based voice interface.

a. In the navigation tree, choose Voice > VoIP Basic Configuration.

b. In the right pane, configure the parameters of the SIP-based voice interface as follows (other
parameters use the default settings):

 Set Proxy Server Address below Primary Server to 10.200.200.200.

 Home Domain: softx3000.example.com

 Signaling Port: 1_VOIP_R_VID_300

 Region: China

 The parameters of the SIP-based voice interface must be consistent with the corresponding
configuration on the softswitch.
 If dual-homing is configured, Proxy Server Address below Secondary Server must be configured.
 If Signaling Port is empty, the parameter value is the same as Media Port. If the upper-layer
network requires isolation of media streams from signaling streams, create different traffic streams
for the media streams and signaling streams on the OLT, create different WAN ports on the ONU,

2024-09-17 471
MA5800 Product Documentation

and bind the created WAN ports to Media Port and Signaling Port. When the packet is forwarded
from two WAN ports, the configured VLAN is carried by default.

c. Click Apply to apply the configuration.

4. Configure the parameters of the SIP-based voice users.

a. In the navigation tree, choose Voice > VoIP Basic Configuration.

b. In the right pane, configure parameters of voice user 1 as follows:

 Register User Name: 80001234

 Auth User Name: [email protected]

 Password: iadtest1

 Associated POTS: 1 (binding port TEL1 on the ONU)

 Select Enable to enable the voice user configuration.

c. Click Apply to apply the configuration.

d. Register User Name: 80001235

e. Auth User Name: [email protected]

f. Password: iadtest2

g. Associated POTS: 2 (binding port TEL2 on the ONU)

h. Select Enable User to enable the voice user configuration.

i. Click Apply to apply the configuration.

2024-09-17 472
MA5800 Product Documentation

 The parameters of the SIP-based voice user must be consistent with the corresponding configuration on the
softswitch.
 If Associated POTS is 1, port TEL1 on the ONU is bound. If Associated POTS is 2, port TEL2 on the ONU is
bound.

5. (Optional) Configure a route.


Perform this operation if the IP address of the ONU and the IP address of the voice server are in
different network segments.

a. Choose Route > Default Route Configuration from the main menu.

b. Select Enable the default route and set WAN name to 1_VOIP_R_VID_300.

Figure 1 shows the settings.

Figure 1 Configuring a route

c. Click Apply to apply the configuration.

6. Save the configuration.


In the navigation tree, choose System Tools > Configuration File. In the right pane, click Save
Configuration to save the configuration.

7. Restart the voice process.


In the navigation tree, choose Status > VoIP Information. In the right pane, click Restart VoIP.

2024-09-17 473
MA5800 Product Documentation

8. Check the ONU connection status.


In the navigation tree, choose Status > WAN Information. In the right pane, Status is Connected and
the obtained IP address is displayed at IP Address.

9. Check the registration status of the voice user.


In the navigation tree, choose Status > VoIP Information. In the right pane, User Status is Up.

1.5.4.11 Configuring the SIP-based Voice Service (Through the


CLI)
Configuring the SIP-based Voice Service (Through the CLI)

The OLT manages ONUs and applies VoIP configurations to the ONU using the OMCI protocol. This topic describes
how to configure the SIP-based voice service.

Prerequisite

 The SIP interface data and POTS port data corresponding to the MG interface have been configured on the SIP
server.

 The connection between the OLT and the SIP server is set up. The OLT can ping the IP address of the SIP
server successfully.

 The ONU has been added to the OLT. For details, see Adding an ONT to an OLT .

 Different voice services require different ONU software versions. Before the configuration, ensure that the
current ONU software version supports SIP. For details, see relevant ONU manuals.

2024-09-17 474
MA5800 Product Documentation

Data Plan

Table 1 Data plan

Item Data

ONU line profile Profile name: ftto_line


T-CONT ID: 4
GEM port ID: 12

ONU service profile Profile name: ftto_ser


ONU port capability set: adaptive

Voice parameter IP address of the SIP server: 10.200.200.200/24


Port ID of the SIP server: 5060
Home domain name: example.com
User phone number 1: 80001234
User phone number 2: 80001235

Procedure

1. Configure a traffic profile.


Set the profile name to ftto_voip and do not limit the upstream and downstream rates. Set the priority to 5
and packets are scheduled according to the priority carried.
Run the display traffic table ip command to query existing traffic profiles in the system. If the existing
traffic profiles in the system do not meet the requirements, run the traffic table ip command to add a traffic
profile.

2. Configure the mapping between a GEM port and a VLAN. Create a service VLAN and a service flow.
Table 2 Scenario plan

Scenario VLAN Plan VLAN Translation Policy

Scenario Single VLAN tag ONU: Configure a VLAN for all ONUs and add the same C-VLAN tag to packets. All
1 ONUs are in the same C-VLAN.
S-VLAN ID: 300
OLT: The OLT transparently transmits VLAN tags (the C-VLAN is the same as the
S-VLAN type: smart planned S-VLAN).
S-VLAN attribute:
common
C-VLAN ID: 300

Scenario Single VLAN tag ONU: Configure a VLAN for all ONUs and add the same C-VLAN tag to packets. All
2 ONUs are in the same C-VLAN.
S-VLAN ID: 300
OLT: The OLT switches between C-VLAN tags and S-VLAN tags (C-VLAN is different
S-VLAN type: smart from the planned S-VLAN).
S-VLAN attribute:
common
C-VLAN ID: 3001

Scenario 1:
Configure the mapping between a GEM port and a VLAN. The service flow of user VLAN 300 is mapped to
GEM port 12 in the ONU line profile.

2024-09-17 475
MA5800 Product Documentation

huawei(config)#ont-lineprofile gpon profile-name ftto_line


huawei(config-gpon-lineprofile-1)#gem mapping 12 2 vlan 300
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

Create a service VLAN and add an upstream port to it. Add upstream port 0/9/0 to VLAN 300.

huawei(config)#vlan 300 smart


huawei(config)#port vlan 300 0/9 0

Create service flows. Set the service VLAN to 300, GEM port ID to 12, and user VLAN to 300, and use traffic
profile ftto_voip.

huawei(config)#service-port vlan 300 gpon 0/1/0 ont 1 gemport 12 multi-service user-vlan 300 inbound traffic-
table name ftto_voip outbound traffic-table name ftto_voip
huawei(config)#service-port vlan 300 gpon 0/1/0 ont 2 gemport 12 multi-service user-vlan 300 inbound traffic-
table name ftto_voip outbound traffic-table name ftto_voip

Scenario 2:
Configure the mapping between a GEM port and a VLAN. The service flow of user VLAN 3001 is mapped to
GEM port 12 in the ONU line profile.

huawei(config)#ont-lineprofile gpon profile-name ftto_line


huawei(config-gpon-lineprofile-1)#gem mapping 12 2 vlan 3001
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

Create a service VLAN and add an upstream port to it. Add upstream port 0/9/0 to VLAN 300.

huawei(config)#vlan 300 smart


huawei(config)#vlan attrib 300 stacking
huawei(config)#port vlan 300 0/9 0

Create service flows. Set the service VLAN to 300, GEM port ID to 12, and user VLAN to 3001. Use traffic
profile ftto_voip.

huawei(config)#service-port vlan 300 gpon 0/1/0 ont 1 gemport 12 multi-service user-vlan 3001 tag-transform
translate inbound traffic-table name ftto_voip outbound traffic-table name ftto_voip
huawei(config)#service-port vlan 300 gpon 0/1/0 ont 2 gemport 12 multi-service user-vlan 3001 tag-transform
translate inbound traffic-table name ftto_voip outbound traffic-table name ftto_voip

3. Configure ONU voice service profiles.


ONU voice service profiles include the interface common profile, SIP agent profile, SIP service data profile,
POTS port profile, and digitmap profile.

 Interface common profile: saves common attributes of an ONU voice interface, including the fax mode,
fax/modem negotiation mode, and priority of the coding and decoding mode.

 SIP agent profile: saves the SIP agent information about an ONU, including the IP address and domain
name of the SIP agent server and attributes of media packets and signaling packets.

 SIP service data profile: saves the data information about ONU voice services, including the rights of
the call waiting service, three-party service, call forwarding service, and call holding service.

2024-09-17 476
MA5800 Product Documentation

 POTS port profile: saves physical attributes of a POTS port on an ONU, including the impedance,
transmitting gain, receiving gain, and signaling type of the POTS port.

 Digitmap profile: saves the digitmap information about an ONU, including the timeout time of the
digitmap timer and the digitmap format.

a. Configure an interface common profile.


Run the display ont-mg-attribute-profile command to query the existing interface common profile
in the system. If the existing interface common profile in the system does not meet the requirements,
run the ont-mg-attribute-profile add command to add an interface common profile.
In this example, the default interface common profile, namely interface common profile 1 is used.
b. Configure an SIP agent profile.
Run the display ont-sipagent-profile command to query the existing SIP agent profile in the system.
If the existing SIP agent profile in the system does not meet the requirements, run the ont-sipagent-
profile add command to add an SIP agent profile.
Create SIP agent profile 2, set the IP address of the SIP server to 10.200.200.200, and use default
values for other parameters.

huawei(config)#ont-sipagent-profile add profile-id 2 proxy-server 10.200.200.200

c. Configure an SIP service data profile.


Run the display ont-siprightflag-profile command to query the existing SIP agent profile in the
system. If the existing SIP service data profile in the system does not meet the requirements, run the
ont-siprightflag-profile add command to add an SIP service data profile.
In this example, the default SIP service data profile, namely SIP service data profile 1 is used.
d. Configure a POTS port profile.
Run the display ont-pots-profile command to query the existing POTS port profile in the system. If
the existing POTS port profile in the system does not meet the requirements, run the ont-pots-
profile add command to add a POTS port profile.
In this example, the default POTS port profile, namely POTS port profile 1 is used.
e. Configure a digitmap profile.
Run the display ont-digitmap-profile command to query the existing digitmap profile in the system.
If the existing digitmap profile in the system does not meet the requirements, run the ont-digitmap-
profile add command to add a digitmap profile.
In this example, the default digitmap profile, namely digitmap profile 1 is used.

4. Configure an IP address for an ONU SIP user.


For ONU 1 and ONU 2, configure the IP address obtaining mode to the DHCP mode, set the management
VLAN to VLAN 20, and use default values for other parameters.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont ipconfig 0 1 dhcp vlan 20
huawei(config-if-gpon-0/1)#ont ipconfig 0 2 dhcp vlan 20

5. Configure SIP POTS users.

a. Add an SIP interface and apply an SIP agent profile to the interface.

2024-09-17 477
MA5800 Product Documentation

For ONU 1 and ONU 2, set the MG ID to 1, apply SIP agent profile 2 to ONU 1 and ONU 2, and use
default values for other parameters.
If parameters in an SIP agent profile are changed, the SIP agent profile must be reapplied to the ONU
so that the changed parameters can take effect.

huawei(config-if-gpon-0/1)#if-sip add 0 1 1 sipagent-profile profile-id 2


huawei(config-if-gpon-0/1)#if-sip add 0 2 1 sipagent-profile profile-id 2

b. Add POTS users.


For ONU 1 and ONU 2, set the MG ID to 1 (identical to the MG ID of the added SIP interface), create
two POTS users named huawei1 and huawei2, set passwords to user1 and user2, set their phone
numbers to 80001234 and 80001235 and use default values for other parameters.

huawei(config-if-gpon-0/1)#sippstnuser add 0 1 1 mgid 1 username huawei1 telno 80001234


huawei(config-if-gpon-0/1)#sippstnuser add 0 2 1 mgid 1 username huawei2 telno 80001235

Run the display sippstnuser attribute command to check whether the configuration of the POTS
user is properly set.

huawei(config-if-gpon-0/1)#display sippstnuser attribute 0 1 1


------------------------------------------------------------------------------
F/S/P : 0/1/0
ONT ID :1
Port ID :1

MG ID :1
Telephone NO. : 80001234
User name : huawei1
Password : user1
...//The rest of the response information is omitted.

huawei(config-if-gpon-0/1)#display sippstnuser attribute 0 2 1


------------------------------------------------------------------------------
F/S/P : 0/1/0
ONT ID :2
Port ID :1

MG ID :1
Telephone NO. : 80001235
User name : huawei2
Password : user2
...//The rest of the response information is omitted.

6. Apply and bind an ONU voice service profile to an SIP interface


Currently, the interface common profile, SIP agent profile, SIP service data profile, and POTS port profile can
be applied to an SIP interface, and the digitmap profile can be bound to an SIP interface.

2024-09-17 478
MA5800 Product Documentation

For profiles that can be applied to an SIP interface, if parameters in those profiles are changed, those profiles
must be reapplied to the SIP interface so that the changed parameters can take effect. For profiles that can
be bound to an SIP interface, if parameters in those profiles are changed, those profiles do not need to be
rebound to the SIP interface and the changed parameters can take effect.
The method for applying an SIP agent profile is introduced in 5.a. The following will introduce the methods
for applying an interface common profile, an SIP service data profile, and a POTS port profile, and the
method for binding a digitmap to an SIP interface.

a. Apply an interface common profile.


Run the if-sip attribute command to apply an interface common profile to an SIP interface or
configure the interface customized parameters, or run the ont-if-sip bat-apply from command to
bulk apply the interface common profiles to SIP interfaces. If you use these two commands to apply
the interface common profiles or configure the interface customized parameters repeatedly, the last
configurations take effect.
In this example, the default interface common profile, namely interface common profile 1 is used.

b. Apply an SIP service data profile.


Run the sippstnuser rightflag command to apply an SIP service data profile to an SIP interface or
configure the interface customized parameters, or run the ont-sippstnuser bat-apply from
command to bulk apply the SIP service data profiles to SIP interfaces. If you use these two commands
to apply the SIP service data profiles or configure the interface customized parameters repeatedly,
the last configurations take effect.
In this example, the default SIP service data profile, namely SIP service data profile 1 is used.

c. Apply a POTS port profile.


Run the pstnport electric command to apply a POTS port profile to an SIP interface or configure the
interface customized parameters, or run the ont-pstnport electric bat-apply command to bulk
apply the POTS port profiles to SIP interfaces. If you use these two commands to apply the POTS port
profiles or configure the interface customized parameters repeatedly, the last configurations take
effect.
In this example, the default POTS port profile, namely POTS port profile 1 is used.

d. Bind a digitmap profile.


Run the sippstnuser digitmap command to bind a digitmap profile to an SIP interface, or run the
ont-sippstnuser bat-bind from command to bulk apply the digitmap profiles to SIP interfaces. If you
use these two commands to bind the SIP service data profiles to SIP ports repeatedly, the last
configurations take effect.
In this example, the default digitmap profile, namely digitmap profile 1 is used.

7. (Optional) Configure the SIP user codec.


Run the sippstnuser codec command to configure the SIP user codec. The SIP user codec will not be
configured independently in this example.

8. Save the data.

huawei(config)#save

2024-09-17 479
MA5800 Product Documentation

1.5.4.12 Configuring the BTV Service


Configuring the BTV Service

The OLT is connected to the remote gateway ONU through a GPON port to provide users with the bridge WAN
multicast service.

Prerequisites

 The IPTV WAN ports on the ONU use factory defaults.

 The OLT has been connected to the BRAS and the multicast source.

 The ONU has been added to the OLT. For details, see Adding an ONU to an OLT .

Data Plan

Table 1 Data plan

Item Data

ONU line profile Profile name: ftto_line


T-CONT ID: 4
GEM port ID: 13

ONU service profile Profile name: ftto_ser


ONU port capability set: adaptive

Traffic profile ID: 8


802.1p priority: 4
CIR: off (unlimited)
Priority-based scheduling policy: local-setting

Multicast service data Multicast protocol: IGMP proxy


Multicast version: IGMPv2
Multicast program: dynamic obtaining mode

Procedure

1. Configure the OLT.

a. Configure a traffic profile.


Configure traffic profile 8. Set the CIR to off (unlimited), priority to 4, and priority-based scheduling
policy to local-setting (that is, queues are scheduled based on the priority specified in the profile).

Run the display traffic table ip command to query existing traffic profiles in the system. If the existing traffic
profiles in the system do not meet the requirements, run the traffic table ip command to add a traffic profile.

huawei(config)#traffic table ip index 8 cir off priority 4 priority-policy

local-setting

2024-09-17 480
MA5800 Product Documentation

b. Configure the VLAN and service flows.


Table 2 Data plan

VLAN Plan VLAN Translation Policy

Single VLAN tag ONU: duplicates multicast packets based on user ports and M-VLANs are stripped off
downstream.
S-VLAN ID: 1000
OLT: duplicates multicast packets based on PON ports with M-VLAN unchanged.
M-VLAN ID: 1000
VLAN type: smart
VLAN attribute:
common

Configure the mapping between a GEM port and an Ethernet port on an ONU. If the ONU is connected
to the STB through Ethernet port 2, map the service flow of Ethernet port 2 to GEM port 13 in the
ONU line profile.

huawei(config)#ont-lineprofile gpon profile-name ftto_line


huawei(config-gpon-lineprofile-1)#gem mapping 13 2 vlan 1000
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

Configure the multicast forwarding mode is untagged.

huawei(config)#ont-srvprofile gpon profile-name ftto_ser


huawei(config-gpon-srvprofile-1)#multicast-forward untag
huawei(config-gpon-srvprofile-1)#commit
huawei(config-gpon-srvprofile-1)#quit

Create a service VLAN and add an upstream port to it. Add upstream port 0/9/0 to VLAN 1000.

huawei(config)#vlan 1000 smart


huawei(config)#port vlan 1000 0/9 0

Create service flows. Set the service VLAN to 1000, GEM port ID to 13, and user VLAN to 1000, and
use traffic profile 8.

huawei(config)#service-port 1 vlan 1000 gpon 0/1/0 ont 1 gemport 13 multi-service

user-vlan 1000 rx-cttr 8 tx-cttr 8

huawei(config)#service-port 2 vlan 1000 gpon 0/1/0 ont 2 gemport 13 multi-service

user-vlan 1000 rx-cttr 8 tx-cttr 8

c. Create an M-VLAN and configure the IGMP version.


Set the IGMP version for the M-VLAN to IGMPv2.

huawei(config)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp version v2
This operation will delete all IPv4 programs with source IP addresses in the
current multicast VLAN
Are you sure to change current IGMP version? (y/n)[n]:y
Command is being executed. Please wait...
Command has been executed successfully

2024-09-17 481
MA5800 Product Documentation

d. Configure a program library.

Set the mode for obtaining multicast programs to dynamic.

You can set the mode for obtaining multicast programs to dynamic only when the IGMP mode is off.

huawei(config-mvlan1000)#igmp mode off


Are you sure to close IGMP? (y/n)[n]:y
Command is being executed. Please wait...
Command has been executed successfully

huawei(config-mvlan1000)#igmp match mode disable


Command has been executed successfully

(Optional) Set the address range for the dynamic programs. If you need to limit the address range of
dynamic programs, perform this operation. For example, set the address range of dynamic programs
to 224.1.1.1-224.1.1.100.

huawei(config-mvlan1000)#igmp match group ip 224.1.1.1 to-ip 224.1.1.100

e. Set the IGMP mode.


Select the IGMP proxy mode.

huawei(config-mvlan1000)#igmp mode proxy


Are you sure to change IGMP mode? (y/n)[n]:y
Command is being executed. Please wait...
Command has been executed successfully

f. Configure the IGMP upstream port.


Set the IGMP upstream port ID to 0/9/0 and working mode to default. Protocol packets are
transmitted to all the IGMP upstream ports in the multicast VLAN.

huawei(config-mvlan1000)#igmp uplink-port 0/9/0


huawei(config-mvlan1000)#btv
huawei(config-btv)#igmp uplink-port-mode default
Are you sure to change the uplink port mode?(y/n)[n]:y

g. (Optional) Set multicast global parameters.


In this example, the default settings are used for all the multicast global parameters.
h. Configure multicast users.
Add service ports 1 and 2 as multicast users.

huawei(config-btv)#igmp user add service-port 1


huawei(config-btv)#igmp user add service-port 2
huawei(config-btv)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp multicast-vlan member service-port 1
huawei(config-mvlan1000)#igmp multicast-vlan member service-port 2
huawei(config-mvlan1000)#quit

2024-09-17 482
MA5800 Product Documentation

i. Save the data.

huawei(config)#save

2. The ONU does not need to be configured.

1.5.4.13 Configuring the VoD Service


Configuring the VoD Service

The OLT is connected to the remote gateway ONU through a GPON port to provide users with the VoD service.

Prerequisites

 The IPTV WAN ports on the ONU use factory defaults.

 The OLT has been connected to the BRAS and the program source.

 The ONU has been added to the OLT. For details, see Adding an ONU to an OLT .

Data Plan

Table 1 Data plan

Item Data

ONU line profile Profile name: ftto_line


T-CONT ID: 4
GEM port ID: 13

ONU service profile Profile name: ftto_ser


ONU port capability set: adaptive

Traffic profile ID: 8


802.1p priority: 4
CIR: off (unlimited)
Priority-based scheduling policy: local-setting

Procedure

1. Configure the OLT.

a. Configure a traffic profile.


Configure traffic profile 8. Set the CIR to off (unlimited), priority to 4, and priority-based scheduling
policy to local-setting (that is, queues are scheduled based on the priority specified in the profile).

Run the display traffic table ip command to query existing traffic profiles in the system. If the existing traffic
profiles in the system do not meet the requirements, run the traffic table ip command to add a traffic profile.

huawei(config)#traffic table ip index 8 cir off priority 4 priority-policy

local-setting

2024-09-17 483
MA5800 Product Documentation

b. Configure the VLAN and service flows.


Table 2 Data plan

VLAN Plan VLAN Translation Policy

Single VLAN tag The ONU adds CVALN tags to packets: untagged <-> C-VLAN tag.
S-VLAN ID: 1100 The OLT implements VLAN translation: C-VLAN tag <-> S-VLAN tag.

VLAN type: smart


VLAN attribute: common
C-VLAN: 2001

Configure the mapping between a GEM port and a VLAN. The service flow of user VLAN 2001 is
mapped to GEM port 13 in the ONU line profile.

huawei(config)#ont-lineprofile gpon profile-name ftto_line


huawei(config-gpon-lineprofile-1)#gem mapping 13 4 vlan 2001
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

Create a service VLAN and add an upstream port to it. Add upstream port 0/9/0 to VLAN 1100.

huawei(config)#vlan 1100 smart


huawei(config)#port vlan 1100 0/9 0

Create service flows. Set the S-VLAN to 1100, GEM port ID to 13, and C-VLAN to 2001, and use traffic
profile 8. Set the VLAN translation policy to Translate. The C-VLAN 2001 of the ONU is translated to S-
VLAN 1100.

huawei(config)#service-port 3 vlan 1100 gpon 0/1/0 ont 1 gemport 13

multi-service user-vlan 2001 tag-transform translate rx-cttr 8 tx-cttr 8

huawei(config)#service-port 4 vlan 1100 gpon 0/1/0 ont 2 gemport 13

multi-service user-vlan 2001 tag-transform translate rx-cttr 8 tx-cttr 8

c. Save the data.

huawei(config)#save

2. The ONU does not need to be configured.

1.5.4.14 Configuring L2TP Services


Configuring L2TP Services

An enterprise employee in a business trip or an enterprise branch visits HQ intranet resources using Layer 2
Tunneling Protocol (L2TP) tunnels.

Prerequisites

 The ONU is added to the OLT.

 The OLT assigns the ONU WAN the VLAN.

2024-09-17 484
MA5800 Product Documentation

Context

This function is supported by only the MA5675, MA5675M, and MA5676. An ONU functions as a L2TP client but
does not a L2TP server.

Procedure

1. Log in to the web page.

a. Configure the IP address of the PC network interface card (NIC) to be in the same network segment as
the local maintenance IP address of the ONU (default: 192.168.100.1).
b. Open the browser, and enter the local maintenance IP address of the ONT.
c. In the login window, enter the user name (default: telecomadmin) and password (default:
admintelecom) of the administrator. After the password authentication, the web configuration
window is displayed.

Please modify the initial password in time to ensure administrator account security.

2. Configure WAN port parameters.

a. Select WAN > WAN Configuration from the main menu.


b. In the right pane, click New. In the dialog box that is displayed, set WAN port parameters in sequence
as follows:

 Enable WAN: enable

 Encapsulation Mode: IPoE

 WAN mode: Route WAN

 Service type: INTERNET

 VLAN ID: 199 (The VLAN ID of the ONU must be the same as the user-side VLAN ID configured
on the OLT.)

 802.1p: 6

 IP acquisition Mode: Static

 NAT: Enable (NAT must be enabled to configure the Internet access service.)

 IP Address: 10.10.20.26

 You are advised to separately create a WAN port for L2TP services (do not share the same WAN port with
other services). Configuring the priority of a WAN port to improve the priority of L2TP services so as to
ensure point-to-point (P2P) QoS scheduling.
 Binding Options cannot select LAN-related options.

2024-09-17 485
MA5800 Product Documentation

3. Enable L2TP LAC.

a. Choose Network Application > L2TP LAC Configurationfrom the main menu.
b. In the right pane, click New. In the dialog box that is displayed, set L2TP LAC parameters in sequence
as follows:

 Enable LAC: enable

 LNS Address: 192.168.100.254

 LNS Port: 1701

 Interface: 1_INTERNET_R_VID_199 (use the WAN port for L2TP services)

2024-09-17 486
MA5800 Product Documentation

4. Configure an L2TP tunnel route.

a. ChooseNetwork Application > L2TP Tunnel Route Configuration from the main menu.
b. In the right pane, click New. In the dialog box that is displayed, set L2TP tunnel route parameters in
sequence as follows:

 Destination IP Address: 192.168.98.12

 Destination Subnet Mask: 255.255.255.255

5. Confirm the L2TP tunnel status.


Choose Status > L2TP LAC Tunnel Status from the main menu. After an L2TP tunnel is set up, you can
query its status, for example, whether packets are received and transmitted normally.

2024-09-17 487
MA5800 Product Documentation

1.5.4.15 Configuring Link Aggregation, Congestion Control,


and Security Policies
Configuring Link Aggregation, Congestion Control, and Security Policies

Service reliability is improved by configuring uplink aggregation and priority scheduling policy for queues in global
configuration mode, and service security is improved by configuring security policy in global configuration mode.

Context

In link aggregation, multiple uplink Ethernet ports are aggregated into a group to increase bandwidth and
reliability of uplinks of the OLT. You are advised to configure link aggregation.
Congestion control queues packets from one port into multiple queues and schedules the packets based on queue
priorities. You are advised to configure congestion control.

Security policy involves system security, user security, and service security, ensuring service security from
different aspects.

 You are advised to enable the service security feature according to service types. For details, see Principle of Security
Data Plan .
 The configuration of the system security, user security, and service security introduced in this topic is on the OLT side.
The configuration on the ONU side is through the web and is simple, here we do not introduce it.

Procedure

 Configure link aggregation.


On the OLT side, configure upstream ports 0/9/0 and 0/9/1 as an aggregation group. Each member port in
the aggregation group allocates packets based on the source MAC address. The working mode is LACP static
aggregation.

huawei(config)#link-aggregation 0/9 0-1 ingress workmode lacp-static

2024-09-17 488
MA5800 Product Documentation

 Configure queue scheduling(On the OLT side).


According to " Principle of QoS Planning ", all packets are scheduled in strict priority queue mode and mapped
into different queues based on priorities.

huawei(config)#queue-scheduler strict-priority
huawei(config)#cos-queue-map cos0 0 cos4 4 cos5 5 cos6 6

 Configure system security.

 Enable deny of service (DoS) anti-attack on the OLT.

1. Run the security anti-dos enable command to globally enable DoS anti-attack.

2. Run the security anti-dos control-packet policy command to configure a protocol packet
processing policy that will be used when a DoS attack occurs.

3. Run the security anti-dos control-packet rate command to configure the threshold for the rate
of sending protocol packets to the CPU.

 Enable IP address anti-attack on the OLT.


Run the security anti-ipattack enable command to enable IP address anti-attack.

 Configure user security.

 Enable MAC address anti-flapping on the OLT.


Run the security anti-macduplicate enable command to enable MAC address anti-flapping.

 Enable MAC address anti-spoofing on the OLT.

1. In global config mode, run the security anti-macspoofing enable command to globally enable
MAC address anti-spoofing.

2. Enable MAC address anti-spoofing at VLAN level in global config mode or service profile mode:

a. In global config mode, run the security anti-macspoofing vlan command to enable MAC
address anti-spoofing.

b. Perform the following operations to enable MAC address anti-spoofing in service profile
mode:

i. In global config mode, run the vlan service-profile command to create a VLAN
service profile.

ii. Run the security anti-macspoofing enable command to enable MAC address anti-
spoofing at VLAN level.

iii. Run the commit command to make the profile configuration take effect.

iv. Run the quit command to quit the VLAN service profile mode.

v. Run the vlan bind service-profile command to bind the created VLAN service
profile to a VLAN.

2024-09-17 489
MA5800 Product Documentation

3. (Optional) Run the security anti-macspoofing max-mac-count command to set the maximum
number of MAC addresses that can be bound to a service flow.

4. (Optional) Run the security anti-macspoofing exclude command to configure the types of
packets for which MAC address anti-spoofing does not take effect, such as Internet Group
Management Protocol (IGMP) packets.

 Configure service security.

 Enable Dynamic Host Configuration Protocol (DHCP) Option 82 on the OLT. This configuration is
recommended for the DHCP-based Internet access service.

1. DHCP Option 82 can be enabled or disabled at four levels: global, port, VLAN, and service port
levels. This function takes effect only after it is enabled at the four levels. Among the four levels,
DHCP Option 82 is disabled only at the global level by default.

 The global level: In global config mode, run the dhcp option82 command to enable DHCP
Option 82 at the global level.
When you run this command, select the enable, forward, or rebuild parameter based on
site requirements. The three parameters can all enable DHCP Option 82 but provide different
packet processing policies on the OLT. For details, see the dhcp option82 command.

 The port level: In global config mode, run the dhcp option82 port or dhcp option82 board
command to enable DHCP Option 82 at the port level.

 The VLAN level:

a. In global config mode, run the vlan service-profile command to create a VLAN
service profile.

b. Run the dhcp option82 enable command to enable DHCP Option 82 at the VLAN
level.

c. Run the commit command to make the profile configuration take effect.

d. Run the quit command to quit the VLAN service profile mode.

e. Run the vlan bind service-profile command to bind the created VLAN service profile
to a VLAN.

 The service port level: In global config mode, run the dhcp option82 service-port command
to enable DHCP Option 82 at the service port level.

2. On the OLT, run the dhcp-option82 permit-forwarding service-port command with the enable
parameter selected, to allow ONU DHCP packets to carry Option 82 information.

 Enable Policy Information Transfer Protocol (PITP) on the OLT. This configuration is recommended for
the PPPoE-based Internet access service.

1. PITP can be enabled or disabled at four levels: global, port, VLAN, and service port levels. This
function takes effect only after it is enabled at the four levels. Among the four levels, PITP is
disabled only at the global level by default.

2024-09-17 490
MA5800 Product Documentation

 The global level: In global config mode, run the pitp enable pmode, pitp forward pmode, or
pitp rebuild pmode command to enable PITP at the global level.
In the preceding commands, the enable, forward, and rebuild parameters can all enable
PITP but provide different packet processing policies on the OLT. Select one of them based
on site requirements. For details, see the pitp command.

 The port level: In global config mode, run the pitp port or pitp board command to enable
PITP at the port level.

 The VLAN level:

a. In global config mode, run the vlan service-profile command to create a VLAN
service profile.

b. Run the pitp enable command to enable PITP at the VLAN level.

c. Run the commit command to make the profile configuration take effect.

d. Run the quit command to quit the VLAN service profile mode.

e. Run the vlan bind service-profile command to bind the created VLAN service profile
to a VLAN.

 The service port level: In global config mode, run the pitp service-port command to enable
PITP at the service port level.

2. On the OLT, run the pitp permit-forwarding service-port command with the enable parameter
selected, to allow ONU PPPoE packets to carry a vendor tag.

1.5.4.16 Verifying Services


Verifying Services

In the FTTO scenario, ONUs are installed at users' houses or in business buildings which are far away from the
central equipment room. ONUs provide remote service verification methods including PPPoE dialup emulation, call
emulation, and multicast emulation to facilitate configuration and commissioning engineers to verify services
remotely after service configuration.

Prerequisites
ONUs and upper-layer devices have been connected properly. The BRAS and MGC/IMS have been configured.

Background

Remote Service Function Description


Verification
Method

PPPoE dialup An ONU simulates a PPPoE user terminal software PPPoE dialup emulation requires a service
emulation to perform dialup and interact with the BRAS to flow which does not belong to a QinQ VLAN.
verify the connectivity between the ONU and BRAS.
A user name, password, and authentication

2024-09-17 491
MA5800 Product Documentation

Remote Service Function Description


Verification
Method

mode must be configured on the BRAS for the


PPPoE dialup emulation.
An ONU supports a maximum of a PPPoE
dialup emulation.

Call Emulation An ONU simulates a voice user to make a call to An ONU can simulate a caller or callee to
check whether the voice service data is correctly communicate with a phone in a call. In this
configured. You can also use the call emulation case, only a functional phone is required in the
function to locate a fault when the voice service is central office where the acceptance personnel
faulty. locate.
An ONU supports only once call emulation.

Multicast This function enables you to simulate a multicast Multicast services configured in the dynamic
emulation user going online and lead the program stream to controllable multicast mode do not support
an ONU. You can check whether the multicast this function.
service is normal by checking the real-time traffic of
the multicast program.

Data plan

Item Data Remarks

PPPoE dialup PPPoE user name: The user name, password, and authentication mode for the emulation test
emulation test@user must be configured on the BRAS. The entered user name, password, and
parameters Password: test authentication mode must be consistent with those configured on the BRAS.

Call emulation ONU POTS ID: 1 The default values are used. You can run the display pots emulational
parameters configuration command to check the parameter values.

Multicast Multicast service -


emulation flow ID: 1
parameters MVLAN: 1000
IP address of the
multicast program:
224.1.1.10

Procedure

 Verify the Internet access service using PPPoE dialup emulation.

1. In xPON board mode, run the pppoe simulate start command to start a PPPoE dialup emulation test.
The service is functional if the test result is success. The following test uses GPON as an example:

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#pppoe simulate start
{ portid<U><0,7> }:0
{ ontid<U><0,127> }:1
{ eth<K>|untagged<K>|vlanid<U><0,4095> }:eth
{ ont-portid<U><1,24> }:4

2024-09-17 492
MA5800 Product Documentation

{ untagged<K>|vlanid<U><0,4095> }:100
{ priority<U><0,7>|user-name<K> }:user-name
{ username<S><Length 1-64> }:test@user
{ user-password<K> }:user-password
{ password<S><Length 1-64> }:test
{ authentication-mode<K> }:authentication-mode
{ protocol<E><chap,pap> }:chap

Command:
pppoe simulate start 0 1 eth 4 100 user-name test@user user-password
test authentication-mode chap

huawei(config-if-gpon-0/1)#
----------------------------------
ONT PPPoE Test Result
----------------------------------
F/S/P : 0/1/0
ONT-ID :1
ONT ETH Port ID :4
ONT Vlan ID : 100
Vlan Priority :-
Emluator result : Success
Session ID : 18814
User IP : 172.16.100.109
Gateway IP : 172.16.100.1
----------------------------------

 Troubleshooting methods for the Internet access service

1. Check whether configurations are complete on the OLT.

 Run the display ont info command to query the ONU status to check whether the ONU is
registered successfully.

 Run the display service-port command to check whether the Internet access service flow is
configured and whether the inner VLAN ID of the service flow is consistent with that in the data
plan.

 If a native VLAN is configured for the Ethernet port on the ONU, run the display ont port
attribute command in xPON board mode to check whether the native VLAN is correct.

2. Check the upstream and downstream ports by checking the MAC address learning status.

a. Run the display mac-address vlan command to check the MAC address learning status of the
Internet service VLAN.

2024-09-17 493
MA5800 Product Documentation

 If the upstream port does not learn a MAC address, check the network connections between
the upstream port and upper-layer devices and check the configurations of upper-layer
devices.

 If the downstream port does not learn a MAC address, check whether the ONU is activated,
whether the PC is connected to the right port on the ONU, and whether the PC is working
properly.

b. Run the display ont-learned-mac command to check whether the ONU connecting to the PON
port learned any MAC addresses.
If not, check whether the ONU properly connects to the PC or home gateway (HGW).

 Verify the voice service using call emulation.

1. Run the ont emulational call command to configure a call emulation test.

huawei(config)#test
huawei(config-test)#ont emulational call caller-port 0/1/0 1 1 telno 28777192
{ <cr>|caller-stop-time<K> }:

Command:
ont emulational call caller-port 0/1/0 1 1 telno 28777192

2. The ONU outputs the call emulation result after the test is complete.
The service is functional if the test result is success.

huawei(config-test)#
----------------------------------------------------------------
F/S/P : 0/1/0
ONT-ID :0
ONT-POTSID :1
Test type : caller emulational call test
Detected number : 28777192
Reported number : 28777192
Current status : test end
Test Result : success
----------------------------------------------------------------

 Troubleshooting methods for the voice service.

1. Check whether configurations are complete on the OLT.

 Run the display ont info command to query the ONU status to check whether the ONU is
registered successfully.

 Run the display service-port command to check whether the voice service flow is configured and
whether the inner VLAN ID of the service flow is consistent with that in the data plan.

2. Check the upstream and downstream ports by checking the MAC address learning status.

2024-09-17 494
MA5800 Product Documentation

Run the display mac-address vlan command to check the MAC address learning status of the voice
service VLAN.

 If the upstream port does not learn a MAC address, check the network connections between the
upstream port and upper-layer devices and check the configurations of upper-layer devices.

 If the downstream port does not learn a MAC address, check whether the ONU is activated and
whether physical links are normal.

 If both the upstream and downstream ports can learn the MAC address, record the MAC address
of the ONU and log in to the service router (SR) to check whether an IP address is allocated to the
MAC address.

3. Check the registration status of the voice service.

 You can run the display ont port state command in GPON mode on the OLT to query the call
connection status on the POTS port. If Call State is RegisterFail or Connecting for a long time,
check whether the voice configuration on the MGC/SIP server is consistent with that on the ONU.

 If the ONU uses the H.248 protocol, you can run the display ont mg status command in GPON
mode on the OLT to query the registration status of the MG interface that connects to the ONU. If
MG Status is UnRegistered or Registering for a long time, check whether the voice configuration
on the MGC/SIP server is consistent with that on the ONU.

 You can query the registration status of the voice service on the ONU web page. If the query result
shows that the registration fails or the voice service is in the registering state for a long time,
check whether the voice configuration on the MGC/SIP server is consistent with that on the ONU.

 Verify the multicast service using multicast emulation.

1. Run the igmp static-join command to simulate a multicast user to order a multicast program.

huawei(config)#btv
huawei(config-btv)#igmp static-join service-port 1 ip 224.1.1.10 vlan 1000

If the multicast program is obtained dynamically, igmp static-join can be executed successfully only when the
range for obtaining the dynamic program is set.

2. Run the display igmp user command to query the status of the multicast user.
The multicast user is normal if the queried result is online.

huawei(config-btv)#display igmp user service-port 1


User : 0/1/0/1
State : online
Authentication : no-auth
Quick leave : MAC-based
IGMP flow ID :1
Video flow ID :1
Log switch : enable
Bind profiles :-

2024-09-17 495
MA5800 Product Documentation

IGMP version : IGMP v3


Current version : IGMP v3
Current IGMP IPv6 version : IGMP IPv6 v2
Available programs :8
Global leave : disable
User max bandwidth : no-limit
Used bandwidth(kbps) :0
Used bandwidth
to max bandwidth(%) :-
Total video bandwidth :-
Mcast video bandwidth :-
Active program list
---------------------------------------------------------------------------
Program name VLAN IP/MAC State Start time
---------------------------------------------------------------------------
PROGRAM-5 1000 224.1.1.10 watching 2011-10-29
16:33:41+08:00
---------------------------------------------------------------------------
Total: 1

3. Run the display multicast flow-statistic command to query the real-time traffic of the multicast
program.
The multicast program can be ordered if the queried result is a non-empty value.

huawei(config-btv)#display multicast flow-statistic vlan 1000 ip 224.1.1.10


{ <cr>|sourceip<K> }:

Command:
display multicast flow-statistic vlan 1000 ip 224.1.1.10
Command is being executed. Please wait...
Multicast flow statistic result: 8736(kbps)

1.5.5 Configuring Layer 2 Interoperation Service Between


Enterprise Branches (GPON)
Configuring Layer 2 Interoperation Service Between Enterprise Branches (GPON)

Different branches of an enterprise can achieve Layer 2 interoperation through ONUs. Then, different branches can
transmit service traffic to each other just like in the same LAN, which can improve coordination work efficiency.
Service Requirement and Application Scenario

Configuration Procedure

Adding ONUs to OLT

2024-09-17 496
MA5800 Product Documentation

This topic describes how to add ONUs to the OLT. ONUs can be configured only after they are added to the OLT
successfully.

Configuring Layer 2 Interoperation Service Ports on OLT

This topic describes how to configure service ports on the OLT for Layer 2 interoperation so that data packets sent from
different ONUs can be forwarded based on the same VLAN at Layer 2.

Configuring Congestion Control and Security Policies

This topic describes how to configure global priority-based scheduling policies for upstream queues to ensure service
reliability and configure global security policies to ensure service security.

Verifying Services

This topic describes how to verify the Layer 2 interoperation service by checking the service configurations, service port
status, and connectivity between PCs in different branches of an enterprise.

1.5.5.1 Service Requirement and Application Scenario


Service Requirement and Application Scenario

Service Requirement

An enterprise that has multiple branches requires intercommunication between different branches or between its
headquarter and branches. Virtual private network (VPN) can achieve secure interconnection but requires
additional devices and complex management. It requires high costs even if a leased VPN is used. In addition, the
bandwidth provided by a VPN is limited due to restricted VPN access modes and the bandwidth control is
inflexible.
To address the preceding problems, the Layer 2 interoperation technology using fiber access is put forward and
becomes the main trend.

Application Scenario

As shown in Figure 1, ONUs are deployed in branches of an enterprise. The ONUs access and converge Ethernet
services of the enterprise through GE/FE ports and transmit the services to the OLT. The OLT implements Layer 2
interoperation between different branches of the enterprise.
ONUs supporting this scenario: MA5612, MA5628, MA5616, MA5694, MA5698

Figure 1 Network diagram for Layer 2 interoperation between enterprise branches

2024-09-17 497
MA5800 Product Documentation

Note: Because the bandwidth of upstream and downstream PON ports is fixed, the number of enterprises
connected to an OLT is limited when the enterprises require symmetric bandwidth. When an enterprise requires
100 Mbit/s symmetric bandwidth and uses an 8-channel PON board:

1. The number of enterprises or branches connected to a PON port should not exceed eight.

2. The number of enterprises or branches connected to a PON board should not exceed 64.

3. The number of enterprises connected to an OLT cannot exceed 200 (20G/100M) if the upstream bandwidth
is 2 x 10GE. (The number of enterprises connected to an OLT is mainly restricted by the upstream
bandwidth.)

1.5.5.2 Configuration Procedure


Configuration Procedure

Figure 1 shows the configuration procedure for Layer 2 interoperation between branches of an enterprise.

Figure 1 Configuration procedure for Layer 2 interoperation between branches of an enterprise

2024-09-17 498
MA5800 Product Documentation

The following table lists the detailed description steps.


Item Procedure Remarks

OLT Adding an ONU to an OLT This topic describes how to add ONUs to the OLT. ONUs can be configured only
after they are added to the OLT successfully.

OLT Configuring Layer 2 None


Interoperation Service Ports
on OLT

OLT Configuring Congestion This topic describes how to configure global priority-based scheduling policies
Control and Security Policies for upstream queues to ensure service reliability and configure global security
policies to ensure service security.

OLT Verifying Services None

1.5.5.3 Adding ONUs to OLT


Adding ONUs to OLT

This topic describes how to add ONUs to the OLT. ONUs can be configured only after they are added to the OLT
successfully.

Context
 When adding ONUs, you need to bind related profiles to the ONUs, including the DBA profile, line profile,
service profile, and alarm profile. For the functions of each profile and how to configure profiles, see Table 1.
Table 1 ONU profile

Profile Function Command


Type

DBA Describes GPON traffic parameters. A T-CONT is bound to a DBA profile for Query: display dba-
profile dynamic bandwidth allocation, improving upstream bandwidth utilization. profile
Add: dba-profile add

2024-09-17 499
MA5800 Product Documentation

Table 1 ONU profile

Profile Function Command


Type

Line Describes the binding relationship between T-CONTs and DBA profiles, QoS mode Query: display ont-
profile of service flows, and mapping between GEM ports and services on ONUs. lineprofile
Add: ont-lineprofile
add

Service Describes the parameters of the ONT managed by the OLT in OMCI mode. Query: display ont-
profile srvprofile
Add: ont-srvprofile
add

Alarm Provides a series of alarm threshold parameters that are used for performance Query: display gpon
profile measurement and monitoring of activated ONU lines. alarm-profile
Add: gpon alarm-
profile add

 An ONU can be added in two modes. Select either mode as required.


Mode Usage Scenario Command

Offline addition The password or serial Run the ont add command to add the ONU.
number of an ONU has been
obtained.

Online The password and serial Run the port ont-auto-find command in the GPON mode to enable the
confirmation number of an ONU are automatic discovery function for the GPON port and run the ont
unknown. confirm command to add the ONU.

Data Planning

Table 2 Key data plan

Configuration Data
Item

DBA profile Profile ID: 20


Profile type: Type 3
Assured bandwidth: 100 Mbit/s
Maximum bandwidth: 120 Mbit/s

Line profile Profile ID: 10


T-CONT ID: 4
GEM port ID for Layer 2 interoperation service: 12

Service profile Profile ID: 11


Ethernet and POTS port capability set: adaptive
ID of the ONU Ethernet VLAN: 300
NOTE:

Ensure that the capability set of the service profile is greater than or equal to that of the device.
Otherwise, some ports fail to be configured.

Networking data For example, add two ONUs (ONU 1 and ONU 2) for carrying services of different branches.

2024-09-17 500
MA5800 Product Documentation

Table 2 Key data plan

Configuration Data
Item

ONU 1 is connected to PON port 0/3/1.


ONU 2 is connected to PON port 0/4/1.

Procedure
1. Configure GPON ONU profiles.

a. Configure a DBA profile.

huawei(config)#dba-profile add profile-id 20 type3 assure 102400 max 122880

b. Configure an ONU line profile.

i. Create GPON ONU line profile 10.

huawei(config)#ont-lineprofile gpon profile-id 10

Create a line profile according to the data plan. The ID of the line profile to be created cannot conflict
with existing profile IDs in the system. In this example, the ID of the line profile is 10.

ii. In the line profile configuration mode, bind T-CONT 4 to DBA profile 20.

huawei(config-gpon-lineprofile-10)#tcont 4 dba-profile-id 20

iii. In the line profile configuration mode, bind GEM ports to T-CONTs.
Add GEM port 12 for carrying the Layer 2 interoperation service flow.
GEM port 11 is bound to T-CONT 4. During configuration, set QoS policies for each service flow.
For details on QoS data planning, see Principle of QoS Data Plan .

huawei(config-gpon-lineprofile-10)#gem add 12 eth tcont 4 cascade on

iv. Configure mapping between GEM ports and ONU-side services.


Set the mapping mode to VLAN mode (the default mode). Map Layer 2 interoperation service
flow (C-VLAN 300) to GEM port 12.

huawei(config-gpon-lineprofile-10)#gem mapping 12 1 vlan 300

v. After the configuration is complete, run the commit command to make the configured
parameters take effect.

huawei(config-gpon-lineprofile-10)#commit
huawei(config-gpon-lineprofile-10)#quit

c. Configure an ONU service profile.

i. Create a GPON ONU service profile with ID 11.

2024-09-17 501
MA5800 Product Documentation

huawei(config)#ont-srvprofile gpon profile-id 11

Ensure that the ID of the service profile to be created does not exist in the system. Create a service
profile according to the planned data. Service profile 11 is used as an example.

ii. Configure the Ethernet and POTS port capability set to adaptive. Then, the system adapts the
capability to the actual capability of the online ONU.

huawei(config-gpon-srvprofile-11)#ont-port eth adaptive pots adaptive

iii. Add Ethernet port 1 to VLAN 300.

huawei(config-gpon-srvprofile-11)#port vlan eth 1 300

iv. Run the commit command to make the configurations take effect.

huawei(config-gpon-srvprofile-11)#commit
huawei(config-gpon-srvprofile-11)#quit

d. Set the ID of the native VLAN containing Ethernet port 1 to 300.

huawei(config)#interface gpon 0/3


huawei(config-if-gpon-0/3)#ont port native-vlan 1 1 eth 1 vlan 300
huawei(config-if-gpon-0/3)#quit
huawei(config)#interface gpon 0/4
huawei(config-if-gpon-0/4)#ont port native-vlan 1 2 eth 1 vlan 300
huawei(config-if-gpon-0/4)#quit

e. (Optional) Configure an alarm profile.

 The default GPON alarm profile ID is 1. The value of each alarm threshold is 0 which indicates
that alarms are not reported.

 In this example, the default alarm profile is used and no configuration is required.

2. Add ONUs to the OLT.

a. Add ONU 1 and ONU2 in offline mode.


Connect ONU 1 and ONU 2 to GPON ports 0/3/1 and 0/4/1 respectively through an optical splitter.
The serial numbers of the two ONUs are 3230313163902641 and 32303131B39FD642 respectively,
and the management mode is OMCI. Both the ONUs are bound to line profile 10 and service profile
11.

huawei(config)#interface gpon 0/3


huawei(config-if-gpon-0/3)#ont add 1 ontid 1 sn-auth 3230313163902641

omci ont-lineprofile-id 10 ont-srvprofile-id 11

huawei(config-if-gpon-0/3)#quit
huawei(config)#interface gpon 0/4
huawei(config-if-gpon-0/4)#ont add 1 ontid 2 sn-auth 32303131B39FD642

omci ont-lineprofile-id 10 ont-srvprofile-id 11

2024-09-17 502
MA5800 Product Documentation

b. (Optional) Bind an alarm profile.


By default, an ONU will be automatically bound to alarm profile 1 (default profile). You need to
manually bind an alarm profile to an ONU only when the default alarm profile does not meet
requirements.
In this example, the default alarm profile is used. Therefore, you do not need to manually bind an
alarm profile.

3. Confirm the ONU status.


After adding an ONU, run the display ont info command to query the current status of the ONU. Ensure that
Control flag is active, Run State is online, and Config state is normal.

The following uses ONU 1 as an example to describe how to confirm ONU status.

huawei(config-if-gpon-0/3)#display ont info 1 1


---------------------------------------------------------------------
F/S/P : 0/3/1
ONT-ID :1
Control flag : active //Indicates that the ONU is activated.
Run state : online //Indicates that the ONU is online.
Config state : normal //Indicates that the ONU is in normal state.
...//Other command output is omitted.
huawei(config-if-gpon-0/3)#quit

Follow-up Procedure

When Config state is failed, Run state is offline, or Match state is mismatch:

 If Control flag is deactivated, run the ont activate command in GPON mode to activate the ONT.

 If Run state is offline, a physical line may be broken or the optical module may be damaged. Check the line
and the optical module.

 If Config state is failed, the configured ONT capability exceeds the actual ONT capability. In this case, run the
display ont failed-configuration command in the diagnose mode to check the failed configuration item and
the failure cause. Then, rectify the fault accordingly.

1.5.5.4 Configuring Layer 2 Interoperation Service Ports on


OLT
Configuring Layer 2 Interoperation Service Ports on OLT

This topic describes how to configure service ports on the OLT for Layer 2 interoperation so that data packets sent
from different ONUs can be forwarded based on the same VLAN at Layer 2.

Prerequisites

The ARP proxy function is disabled using the arp proxy disable command. (The Layer 2 interoperation function
and ARP proxy function are mutually exclusive.)

2024-09-17 503
MA5800 Product Documentation

Data Plan

Configuration Item Data

Layer 2 interoperation SVLAN OLT VLAN ID (the OLT transparently transmits VLANs of ONU): 300
VLAN forwarding mode: vlan-mac (default)
ONU VLAN ID: 300
Service flow ID: 301

Traffic profile Profile ID: 10


Assured bandwidth: 100 Mbit/s
Priority source: user-cos
Default priority: 4

For detailed data planning, see Principle of VLAN Data Plan .

Procedure

1. Configure an SVLAN and add an upstream port to it.


Set the SVLAN ID of the Layer 2 interoperation service to 300, VLAN type to smart VLAN, and add upstream
port 0/9/0 to the VLAN.

huawei(config)#vlan 300 smart


huawei(config)#port vlan 300 0/9 0

2. Configure a traffic profile.


Add a new traffic profile 10 and set the assured rate to 100 Mbit/s. Packets transmitted upstream use the
priority (4 by default) copied from the user side. Packets transmitted downstream use the priority carried
by themselves.

huawei(config)#traffic table ip index 10 cir 102400 priority user-cos 4 priority-policy tag-in-package

3. Configure a service port to receive and transparently transmit the Layer 2 interoperation service that is sent
from ONU 1 and ONU 2.
Set the service attributes based on the data plan:

 For the OLT, set the SVLAN ID to 300, CVLAN ID to 300 which is the same as the upstream VLAN ID of
the ONU, and GEM port ID to 12 for the Layer 2 interoperation service.

 For ONUs, set the upstream VLAN ID to 300.

huawei(config)#service-port 301 vlan 300 gpon 0/3/1 ont 1 gemport 12 multi-service

user-vlan 300 rx-cttr 10 tx-cttr 10

huawei(config)#service-port 302 vlan 300 gpon 0/4/1 ont 2 gemport 12 multi-service

user-vlan 300 rx-cttr 10 tx-cttr 10

4. Configure attributes for protocol transparent transmission.

2024-09-17 504
MA5800 Product Documentation

Create a VLAN service profile, enable the VLAN Layer 2 interoperation function, and configure attributes for
protocol transparent transmission. Then, bind the profile to VLAN 300. For details on data planning for
protocol transparent transmission, see Principle of Protocol Transparent Transmission Data Plan .

huawei(config)#vlan service-profile profile-id 1


huawei(config-vlan-srvprof-1)#user-bridging enable //Mandatory
huawei(config-vlan-srvprof-1)#bpdu tunnel enable
huawei(config-vlan-srvprof-1)#ospf tunnel enable
huawei(config-vlan-srvprof-1)#rip tunnel enable
huawei(config-vlan-srvprof-1)#vtp-cdp tunnel enable
huawei(config-vlan-srvprof-1)#commit
huawei(config-vlan-srvprof-1)#quit
huawei(config)#multicast-unknown policy service-port 301 transparent
huawei(config)#multicast-unknown policy service-port 302 transparent
huawei(config)#vlan bind service-profile 300 profile-id 1

1.5.5.5 Configuring Congestion Control and Security Policies


Configuring Congestion Control and Security Policies

This topic describes how to configure global priority-based scheduling policies for upstream queues to ensure
service reliability and configure global security policies to ensure service security.

Context
Congestion control uses queue scheduling technology to map packets sent from the same port into multiple queues
and process packets in each queue based on priority. Congestion control is recommended.

Security policies cover system security, user security, and service security, which ensure normal running of
services.

 You are advised to enable the service security feature according to service types. For details, see Principle of Security
Data Plan .
 The configuration of the system security, user security, and service security introduced in this topic is on the OLT side.
The configuration on the ONU side is through the web and is simple and therefore, it is not introduced here.

Procedure

 Configure queue scheduling.


Based on Principle of QoS Data Plan , all packets use strict priorities for queue scheduling and are mapped to
queues based on priorities.

huawei(config)#queue-scheduler strict-priority
huawei(config)#cos-queue-map cos0 0 cos1 1 cos2 2 cos3 3 cos4 4 cos5 5 cos6 6 cos7 7 //System default

 Configure system security policies.

2024-09-17 505
MA5800 Product Documentation

 Enable deny of service (DoS) anti-attack on the OLT.

1. Run the security anti-dos enable command to globally enable DoS anti-attack.

2. Run the security anti-dos control-packet policy command to configure a protocol packet
processing policy that will be used when a DoS attack occurs.

3. Run the security anti-dos control-packet rate command to configure the threshold for the rate
of sending protocol packets to the CPU.

 Enable IP address anti-attack on the OLT.


Run the security anti-ipattack enable command to enable IP address anti-attack.

 Configure user security policies.

 Enable MAC address anti-flapping on the OLT.


Run the security anti-macduplicate enable command to enable MAC address anti-flapping.

 Enable IP address anti-spoofing on the OLT.

1. In global config mode, run the security anti-ipspoofing enable command to globally enable IP
address anti-spoofing.

2. Enable IP address anti-spoofing at VLAN level, perform the following operations to enable IP
address anti-spoofing in service profile mode:

a. Run the vlan service-profile command to create a VLAN service profile.

b. Run the security anti-ipspoofing enable command to enable IP address anti-spoofing at


VLAN level.

c. Run the commit command to make the profile configuration take effect.

d. Run the quit command to quit the VLAN service profile mode.

e. Run the vlan bind service-profile command to bind the created VLAN service profile to a
VLAN.

 The service port level: In global config mode, run the security anti-ipspoofing service-port serviceport-
id enable command to enable IP address anti-spoofing at the service port level.

1.5.5.6 Verifying Services


Verifying Services

This topic describes how to verify the Layer 2 interoperation service by checking the service configurations,
service port status, and connectivity between PCs in different branches of an enterprise.

Prerequisites

PCs (with different MAC addresses) connected to different ONUs have been configured. Ensure that the IP
addresses of the PCs are in the same network segment or subnet segment.

2024-09-17 506
MA5800 Product Documentation

Procedure

1. Check whether the VLAN configurations are correct.

huawei(config)#display vlan 300


{ <cr>|inner-vlan<K>|to<K> }:

Command:
display vlan 300
VLAN ID: 300
VLAN type: smart
VLAN attribute: common
VLAN description:
VLAN forwarding mode in control board: VLAN-MAC
VLAN forwarding mode: VLAN-MAC
VLAN broadcast packet forwarding policy: forward
VLAN unknown multicast packet forwarding policy: forward
VLAN unknown unicast packet forwarding policy: forward
VLAN bind service profile ID: 1
VLAN bind RAIO profile index: -
VLAN priority: -
Standard port number: 0
---------------------------------------------------------
INDEX TYPE STATE F/ S/ P VPI VCI FLOWTYPE FLOWPARA
---------------------------------------------------------
10 gpon up 0/3 / 1 1 12 vlan 300
11 gpon up 0/3 / 1 2 12 vlan 300
---------------------------------------------------------
Service virtual port number: 2
Note: F--Frame, S--Slot, P--Port,
VPI indicates ONT ID for PON, VCI indicates GEM index for GPON,
v/e--vlan/encap, pri-tag--priority-tagged

huawei(config)#display vlan service-profile profile-id 1

Profile ID: 1
Profile Name: srvprof-1
---------------------------------------------------------------------
Parameter Committed Not Committed
---------------------------------------------------------------------
Forwarding mode NotConfig -
Anti-macspoofing NotConfig -
Anti-ipspoofing enable -
PPPoE MAC mode NotConfig -
BPDU tunnel enable -

2024-09-17 507
MA5800 Product Documentation

RIP tunnel enable -


VTP-CDP tunnel enable -
DHCP mode n/a -
DHCP proxy enable -
DHCP option82 enable -
PITP enable -
Broadcast packet policy NotConfig -
Multicast packet policy NotConfig -
Unknown unicast packet policy NotConfig -
User-bridging enable -
IPoE VMAC NotConfig -
PPPoE VMAC NotConfig -
PPPoA VMAC NotConfig -
Mismatch IGMP packet policy discard -
VMAC aging mode MAC-learning -
OSPF tunnel enable -
Layer-3 protocol tunnel enable -
MAC-address learning fabric enable -
DHCPv6 mode n/a -
DHCPv6 option enable -
PPPoA MAC mode NotConfig -
Anti-IPv6spoofing enable -
IPv6 DAD proxy disable -
Bind route and ND disable -
NS-reply function disable -
ARP-reply function disable -
DHCP relay-interface relay-agent NotConfig -
Multicast packet policy fabric forward -
---------------------------------------------------------------------
Binding VLAN list : 300
---------------------------------------------------------------------

2. Check whether the service port is normal.

huawei(config)#display service-port vlan 300


{ <cr>|autosense<K>|sort-by<K> }:

Command:
display service-port vlan 300
Switch-Oriented Flow List
----------------------------------------------------------------------------
INDEX VLAN VLAN PORT F/ S/ P VPI VCI FLOW FLOW RX TX STATE
ID ATTR TYPE TYPE PARA
----------------------------------------------------------------------------

2024-09-17 508
MA5800 Product Documentation

10 300 common gpon 0/3 /1 1 12 vlan 300 - - up


11 300 common gpon 0/3 /1 2 12 vlan 300 - - up
----------------------------------------------------------------------------
Total : 2 (Up/Down : 2/0)

huawei(config)#display statistics service-port 10


Number of upstream bytes : 1044794
Number of upstream packets : 4522
Number of upstream discard packets : 200
Number of downstream bytes : 1351261
Number of downstream packets : 4677
Number of downstream discard packets : 0

3. Check the connectivity between the PCs.

a. Use the PCs to ping each other. If the PCs can ping each other successfully, the PCs are reachable to
each other.
For example, the IP addresses of PC1 and PC2 are 192.168.1.10 and 192.168.1.30 respectively. Ping
PC2 on PC1. The expected result is as follows:

b. You can see one PC in My Network Places on the other PC and the two PCs can share data.

1.5.6 Configuring FTTO SOHO and SME Services (GE Optical


Port)
Configuring FTTO SOHO and SME Services (GE Optical Port)

FTTO ONU users connect to the P2P board of the OLT or to the switch using a GE optical upstream port to use the
Internet access, Wi-Fi, voice, and video services.

Usage Scenario
This section uses the ONU users connecting to the P2P board of the OLT through a GE optical upstream port as an
example to describe how to configure the FTTO SOHO and SME services.
In this scenario, an FTTO ONU connects to a P2P board, of the OLT using a GE optical upstream port and then to the
upper-layer network.

Figure 1 Networking using a GE optical port for upstream transmission

2024-09-17 509
MA5800 Product Documentation

Data Plan

Table 1 Data Plan

Item Sub-item Data

S-VLAN HSI service S-VLAN: 100


C-VLAN: 1001

IPTV service S-VLAN: 1000


M-VLAN: 1000
C-VLAN: 400

VoIP service S-VLAN: 300


C-VLAN: 300

IPTV service data IGMP mode IGMP proxy

IGMP version IGMPv3

Configuration mode for multicast videos Static

IP address of the multicast server 10.10.10.10

IP addresses of the DHCP server group 10.2.2.2


10.2.2.3

Multicast videos: BTV-1: 224.1.1.10


BTV-2: 224.1.1.20

QoS (priority) HSI service Priority: 1; queue scheduling mode: WRR

IPTV service Priority: 4; queue scheduling mode: WRR

VoIP service Priority: 5; queue scheduling mode: PQ

Procedure

 Configure the Internet access service on the OLT.

2024-09-17 510
MA5800 Product Documentation

1. Create a VLAN and add the upstream port to it.


The ID and type of the VLAN are 100 and smart, respectively. The upstream port is 0/9/0.

huawei(config)#vlan 100 smart


huawei(config)#port vlan 100 0/9 0

2. Configure a traffic profile.


The VoIP, IPTV, and Internet access services are provisioned using the same port. Therefore, the
802.1p priority for each service must be configured. The 802.1p priorities for the VoIP, IPTV, and
Internet access services are in descending order generally. In this example, the index of the traffic
profile is 7, and the 802.1p priority of the Internet access service is 1.

huawei(config)#traffic table ip index 7 cir 10240 priority 1 priority-policy

local-Setting

3. Configure service ports.


Add service ports to the VLAN. The VLAN ID is 1001, and traffic profile 7 is bound to this VLAN.

huawei(config)#service-port vlan 100 eth 0/5/2 multi-service user-vlan 1001

rx-cttr 7 tx-cttr 7

huawei(config)#service-port vlan 100 eth 0/5/3 multi-service user-vlan 1001

rx-cttr 7 tx-cttr 7

4. Configure queue scheduling.


Queues are scheduled in 3PQ+5WRR mode. Specifically, queues 5-7 are scheduled in PQ mode, and
queues 0-4 are scheduled in WRR mode with weights 10, 10, 20, 20, and 40, respectively.

Queue scheduling is configured globally. Specifically, after queue scheduling is configured on the OLT, this
configuration takes effect globally and also for follow-up configured services.

huawei(config)#queue-scheduler wrr 10 10 20 20 40 0 0 0

Configure mappings between 802.1p priorities and queues. 802.1p priorities 0-7 map to queues 0-7,
respectively.

huawei(config)#cos-queue-map cos0 0 cos1 1 cos2 2 cos3 3 cos4 4 cos5 5 cos6 6

cos7 7

If a board supports only four queues, the mappings between 802.1p priorities and queues are as follows: 802.1p
priorities 0 and 1 map queue 1, 2 and 3 map queue 2, 4 and 5 map queue 3, and 6 and 7 map queue 4.

5. Save the data.

huawei(config)#save

 Configure the Internet access service on the ONU.


Layer 3 route mode is used for connecting an ONU to the upper-layer device. IP addresses of users' PCs are
allocated by the DHCP IP address pool on the ONU. PPPoE auto dialup is performed on the ONU. Parameters of
the WAN port must be configured on the ONU.

2024-09-17 511
MA5800 Product Documentation

1. Log in to the web configuration window.

a. Configure the IP address of the PC network adapter to be in the same network segment as the IP
address of the local maintenance Ethernet port on the ONU (default: 192.168.100.1).

b. Open the web browser, and enter the IP address of the local maintenance Ethernet port on the
ONU.

c. In the login window, enter the user name (default: telecomadmin) and password (default:
admintelecom) of the administrator. After the password authentication is passed, the web
configuration interface is displayed.

Please modify the initial password in time to ensure administrator account security.

2. Configure the working mode of a LAN port.

a. In the navigation tree, choose LAN > LAN Port Work Mode. Select the check box of LAN 1 and
set LAN1 to work in the Layer 3 mode.

b. Click Apply to apply the configuration.

3. Configure parameters of a WAN port.

a. In the navigation tree, choose WAN > WAN Configuration.

b. In the right pane, click New. In the dialog box that is displayed, configure parameters of a WAN
port as follows:

 WAN Connection: Enable

 Encapsulation Mode: PPPoE

 WAN mode: Route WAN

 Service type: INTERNET (For configuring the Internet access service, INTERNET or a
combination containing INTERNET needs to be selected.)

 VLAN ID: 1001 (The VLAN ID of the ONU must be the same as the user-side VLAN ID
configured on the OLT.)

 802.1p: 1

 User Name: iadtest@pppoe, Password: iadtest (The user name and password must be the
same as the user name and password configured on the BRAS.)

 Binding options: LAN1

 IP acquisition Mode: PPPoE

2024-09-17 512
MA5800 Product Documentation

 NAT: Enable (NAT must be enabled to configure the Internet access service.)

c. Click Apply to apply the configuration.

4. Save the configuration.


In the navigation tree, choose System Tools > Configuration File. In the right pane, click Save
Configuration to save the configuration.

5. Check the ONU connection status.


In the navigation tree, choose Status > WAN Information. In the right pane, Status is Connected and
the obtained IP address is displayed at IP Address.

 Configure the VoIP service on the OLT.

1. Create a VLAN and add the upstream port to it.


The ID and type of the VLAN are 300 and smart, respectively. The upstream port is 0/9/0.

huawei(config)#vlan 300 smart

2024-09-17 513
MA5800 Product Documentation

huawei(config)#port vlan 300 0/9 0

2. Configure a traffic profile.


The index of the traffic profile is 8. The 802.1p priority of the VoIP service is 6.

huawei(config)#traffic table ip index 8 cir 2048 priority 6 priority-policy

local-Setting

3. Configure service ports.


Add service ports to the VLAN. The VLAN ID is 300, and traffic profile 8 is bound to this VLAN.

huawei(config)#service-port vlan 300 eth 0/5/2 multi-service user-vlan 300

rx-cttr 8 tx-cttr 8

huawei(config)#service-port vlan 300 eth 0/5/3 multi-service user-vlan 300

rx-cttr 8 tx-cttr 8

4. Save the data.

huawei(config)#save

 Configure the H.248-compliant VoIP service on the ONU.

1. Log in to the web configuration window.

a. Configure the IP address of the PC network adapter to be in the same network segment as the IP
address of the local maintenance Ethernet port on the ONU (default: 192.168.100.1).

b. Open the web browser, and enter the IP address of the local maintenance Ethernet port on the
ONU.

c. In the login window, enter the user name (default: telecomadmin) and password (default:
admintelecom) of the administrator. After the password authentication is passed, the web
configuration interface is displayed.

Please modify the initial password in time to ensure administrator account security.

2. Configure parameters of a voice WAN port.

a. In the navigation tree, choose WAN > WAN Configuration.

b. In the right pane, click New. In the dialog box that is displayed, configure parameters of a WAN
port as follows:

 WAN Connection: Enable

 Service List: VoIP (For configuring the VoIP service, VoIP or a combination containing VoIP
needs to be selected.)

 Mode: Route

 VLAN ID: 300 (The VLAN ID of the ONU must be the same as the user-side VLAN ID
configured on the OLT.)

2024-09-17 514
MA5800 Product Documentation

 802.1p: 5

 IP Acquisition Mode: DHCP

c. Click Apply to apply the configuration.

3. Configure the parameters of the H.248-based voice interface.

a. In the navigation tree, choose Voice > VoIP Basic Configuration.

b. In the right pane, configure the parameters of the H.248-based voice interface as follows (other
parameters use the default settings):

 Set MGC Address below Primary Server to 10.200.200.200.

 MID Format: DomainName

 MG Domain: 6877687714852901

 Signaling Port: 1_VOIP_R_VID_300

 Region: China

 The parameters of the H.248-based voice interface must be consistent with the corresponding
configuration on the media gateway controller (MGC).
 If dual-homing is configured, MGC Address below Secondary Server must be configured.
 MID Format can be set to Domain Name, IP, or Device. If MID Format is set to Domain Name or
Device, the setting must be consistent with the corresponding configuration on the MGC.
 Domain Name is ONU's domain name registered with the MGC. It is globally unique. Domain Name
in this example is ONU's SN.
 If Media Port is empty, the parameter value is the same as Signaling Port. The media streams are
not isolated from signaling streams. If the upper-layer network requires isolation of media streams
from signaling streams, create different traffic streams for the media streams and signaling streams
on the OLT, create different WAN ports on the ONU, and bind the created WAN ports to Media Port
and Signaling Port.
 Profile Index can be set to Default, BT, FT, KPN, PCCW, ZTE, or BELL. Choose the value based on
the MGC type. Profile Index is set to Default (indicating interconnection with Huawei MGC) in this

2024-09-17 515
MA5800 Product Documentation

example. If the settings do not meet requirements, configure UserDefine. For details about how to
configure this parameter, contact Huawei technical support engineers.
 When the ONU is interconnected with a third-party softswitch, check RTP TID Prefix, Start
Number of RTP TID, and Width of RTP TID Number.

c. Click Apply to apply the configuration.

4. Configure parameters of the H.248-based voice users.

a. In the navigation tree, choose Voice > VoIP Basic Configuration.

b. In the right pane, configure the parameters of voice user 1 as follows:

 Line Name: A0

 Associated POTS: 1 (binding port TEL1 on the ONU)

 Select Enable Line Name to enable the voice user configuration.

c. Click Apply to apply the configuration.

d. In the right pane, click New to add voice user 2, and configure the parameters of voice user 2 as
follows:

 Line Name: A1

 Associated POTS: 2 (binding port TEL2 on the ONU)

 Select Enable Line Name to enable the voice user configuration.

e. Click Apply to apply the configuration.

 The terminal IDs A0 and A1 must be consistent with the corresponding configuration on the MGC.
 If Associated POTS is 1, port TEL1 on the ONU is bound. If Associated POTS is 2, port TEL2 on the ONU is
bound.

2024-09-17 516
MA5800 Product Documentation

5. (Optional) Configure a route.


Perform this operation if the IP address of the ONU and the IP address of the voice server are in
different network segments.

a. Choose Route > Default Route Configuration from the main menu.

b. Select Enable the default route and set WAN name to 1_VOIP_R_VID_300.

Figure 2 shows the settings.

Figure 2 Configuring a route

c. Click Apply to apply the configuration.

6. Save the configuration.


In the navigation tree, choose System Tools > Configuration File. In the right pane, click Save
Configuration to save the configuration.

7. Restart the voice process.


In the navigation tree, choose Status > VoIP Information. In the right pane, click Restart VoIP.

8. Check the ONU connection status.

2024-09-17 517
MA5800 Product Documentation

In the navigation tree, choose Status > WAN Information. In the right pane, Status is Connected and
the obtained IP address is displayed at IP Address.

9. Check the registration status of a voice user.


In the navigation tree, choose Status > VoIP Information. In the right pane, User Status is Up.

 Configure the SIP-compliant VoIP service on the ONU.

1. Log in to the web configuration window.

a. Configure the IP address of the PC network adapter to be in the same network segment as the IP
address of the local maintenance Ethernet port on the ONU (default: 192.168.100.1).

b. Open the web browser, and enter the IP address of the local maintenance Ethernet port on the
ONU.

c. In the login window, enter the user name (default: telecomadmin) and password (default:
admintelecom) of the administrator. After the password authentication is passed, the web
configuration interface is displayed.

Please modify the initial password in time to ensure administrator account security.

2. Configure parameters of a voice WAN port.

a. In the navigation tree, choose WAN > WAN Configuration.

b. In the right pane, click New. In the dialog box that is displayed, configure parameters of a WAN
port as follows:

 WAN Connection: Enable

 Service List: VoIP (For configuring the VoIP service, VoIP or a combination containing VoIP
needs to be selected.)

 Mode: Route

2024-09-17 518
MA5800 Product Documentation

 VLAN ID: 300 (The VLAN ID of the ONU must be the same as the user-side VLAN ID
configured on the OLT.)

 802.1p: 5

 IP Acquisition Mode: DHCP

c. Click Apply to apply the configuration.

3. Configure the parameters of the SIP-based voice interface.

a. In the navigation tree, choose Voice > VoIP Basic Configuration.

b. In the right pane, configure the parameters of the SIP-based voice interface as follows (other
parameters use the default settings):

 Set Proxy Server Address below Primary Server to 10.200.200.200.

 Home Domain: softx3000.example.com

 Signaling Port: 1_VOIP_R_VID_300

 Region: China

 The parameters of the SIP-based voice interface must be consistent with the corresponding
configuration on the softswitch.
 If dual-homing is configured, Proxy Server Address below Secondary Server must be configured.
 If Signaling Port is empty, the parameter value is the same as Media Port. If the upper-layer
network requires isolation of media streams from signaling streams, create different traffic streams
for the media streams and signaling streams on the OLT, create different WAN ports on the ONU,
and bind the created WAN ports to Media Port and Signaling Port. When the packet is forwarded
from two WAN ports, the configured VLAN is carried by default.

2024-09-17 519
MA5800 Product Documentation

c. Click Apply to apply the configuration.

4. Configure the parameters of the SIP-based voice users.

a. In the navigation tree, choose Voice > VoIP Basic Configuration.

b. In the right pane, configure parameters of voice user 1 as follows:

 Register User Name: 80001234

 Auth User Name: [email protected]

 Password: iadtest1

 Associated POTS: 1 (binding port TEL1 on the ONU)

 Select Enable to enable the voice user configuration.

c. Click Apply to apply the configuration.

d. Register User Name: 80001235

e. Auth User Name: [email protected]

f. Password: iadtest2

g. Associated POTS: 2 (binding port TEL2 on the ONU)

h. Select Enable User to enable the voice user configuration.

i. Click Apply to apply the configuration.

2024-09-17 520
MA5800 Product Documentation

 The parameters of the SIP-based voice user must be consistent with the corresponding configuration on the
softswitch.
 If Associated POTS is 1, port TEL1 on the ONU is bound. If Associated POTS is 2, port TEL2 on the ONU is
bound.

5. (Optional) Configure a route.


Perform this operation if the IP address of the ONU and the IP address of the voice server are in
different network segments.

a. Choose Route > Default Route Configuration from the main menu.

b. Select Enable the default route and set WAN name to 1_VOIP_R_VID_300.

Figure 3 shows the settings.

Figure 3 Configuring a route

c. Click Apply to apply the configuration.

6. Save the configuration.


In the navigation tree, choose System Tools > Configuration File. In the right pane, click Save
Configuration to save the configuration.

7. Restart the voice process.


In the navigation tree, choose Status > VoIP Information. In the right pane, click Restart VoIP.

2024-09-17 521
MA5800 Product Documentation

8. Check the ONU connection status.


In the navigation tree, choose Status > WAN Information. In the right pane, Status is Connected and
the obtained IP address is displayed at IP Address.

9. Check the registration status of the voice user.


In the navigation tree, choose Status > VoIP Information. In the right pane, User Status is Up.

 Configure the IPTV service on the OLT.

The IPTV service does not need to be configured on the ONU.

1. Create a VLAN and add the upstream port to it.


The ID and type of the VLAN are 1000 and smart, respectively. The upstream port is 0/9/0.

huawei(config)#vlan 1000 smart


huawei(config)#port vlan 1000 0/9 0

2. Configure a traffic profile.


The index of the traffic profile is 9. The 802.1p priority of the IPTV service is 5.

huawei(config)#traffic table ip index 9 cir off priority 5 priority-policy

local-Setting

3. Configure service ports.


Add service ports to the VLAN. The VLAN ID is 4, and traffic profile 9 is bound to this VLAN.

huawei(config)#service-port 200 vlan 1000 eth 0/5/2 multi-service user-vlan 400

rx-cttr 9 tx-cttr 9

2024-09-17 522
MA5800 Product Documentation

huawei(config)#service-port 300 vlan 1000 eth 0/5/3 multi-service user-vlan 400

rx-cttr 9 tx-cttr 9

4. Create an M-VLAN and set the IGMP mode to IGMP proxy.

huawei(config)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp mode proxy
Are you sure to change IGMP mode?(y/n)[n]:y

5. Configure the IGMP version to IGMPv3.

huawei(config-mvlan1000)#igmp version v3

6. Configure the IGMP upstream port.


The IGMP upstream port is 0/9/0 and works in default mode. In addition, protocol packets are sent to
all IGMP upstream ports contained in the M-VLAN housing the ordered video.

huawei(config-mvlan1000)#igmp uplink-port 0/9/0


huawei(config-mvlan1000)#btv
huawei(config-btv)#igmp uplink-port-mode default
Are you sure to change the uplink port mode?(y/n)[n]:y

7. (Optional) Configure global multicast parameters.


Perform this step if the default multicast parameters must be modified. In this example, all global
multicast parameters use default settings.
8. Configure multicast videos.
The multicast videos are BTV-1 and BTV-2. The IP addresses of these videos are 224.1.1.10 and
224.1.1.20, respectively. Both videos use the same source IP address 10.10.10.10.

huawei(config-btv)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp program add name BTV-1 ip 224.1.1.10 sourceip

10.10.10.10

huawei(config-mvlan1000)#igmp program add name BTV-2 ip 224.1.1.20 sourceip

10.10.10.10

9. Configure a rights profile.


The profile name is profile0, which allows users to watch video BTV-1.

huawei(config-mvlan1000)#btv
huawei(config-btv)#igmp profile add profile-name profile0
huawei(config-btv)#igmp profile profile-name profile0 program-name BTV-1 watch

10. Configure multicast users.


Configure multicast users with service flows 200 and 300.

huawei(config-btv)#igmp user add service-port 200 no-auth


huawei(config-btv)#igmp user add service-port 300 auth
huawei(config-btv)#igmp user bind-profile service-port 300 profile-name profile0
huawei(config-btv)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp multicast-vlan member service-port 200

2024-09-17 523
MA5800 Product Documentation

huawei(config-mvlan1000)#igmp multicast-vlan member service-port 300


huawei(config-mvlan1000)#quit

11. Save the data.

huawei(config)#save

 Configure the Wi-Fi service on the ONU.

1. Configure Wi-Fi parameters.


Choose WLAN from the main menu. Then, in the navigation tree on the left side of the page, choose
WLAN Basic Configuration and configure parameters shown in the following figure.

2. Configure Layer 3 routing WAN port parameters.

2024-09-17 524
MA5800 Product Documentation

3. Check the ONU connection status.


Choose Status from the main menu. Then, in the navigation tree on the left side of the page, choose
WAN Information to check the ONU connection status.

Result

The configured services can be used only after both the OLT and ONU are configured.

 For the Internet access service, users can access the Internet using PPPoE dialup.

 For the VoIP service, users can make and receive calls.

 For the IPTV service, the user connected to port 0/5/2 can watch both videos, and the user connected to port
0/5/3 can watch only video BTV-1.

2024-09-17 525
MA5800 Product Documentation

 For the Wi-Fi service, SSID-specific wireless signals can be detected by the PC. After a user enters a correct
authentication key, the PC automatically obtains an IP address allocated by the ONU using DHCP. After the
ONU automatically performs PPPoE dialup and the dialup is successful, the user can access the Internet.

1.5.7 Configuring FTTO SOHO and SME Services (GE Electrical


Port)
Configuring FTTO SOHO and SME Services (GE Electrical Port)

An FTTO ONU functions as a routing gateway. Its users use a GE electrical upstream port to connect to the LAN
port of an ONU on an FTTB or FTTC network to use the Internet access, Wi-Fi, voice, and video services.

Usage Scenario
In this scenario, the FTTO ONU functions as a routing gateway. It uses a GE electrical upstream port to connect to
the LAN port on an upper-layer ONU and then to the upper-layer network through a PON network.

 MA5676C do not support voice service.


 In this scenario, the GE electrical upstream port can alternatively be a GE service port.

Figure 1 Networking using a GE electrical port for upstream transmission

Data Plan

Table 1 Data Plan

Item Sub-item

HSI service Encapsulation type: PPPoE


VLAN ID: 1001 (same as the user VLAN configured on the upper-layer ONU)
NAT (NATEnabled) status: enabled

VoIP service VLAN ID: 300


IP address obtaining mode: DHCP

2024-09-17 526
MA5800 Product Documentation

Table 1 Data Plan

Item Sub-item

Wi-Fi service SSID name: WirelessNet1


Authentication mode: WPA Pre-Shared-key
Encryption mode: TKIP
WPS status: enabled

IPTV service Omitted (This service is configured on the upper-layer ONU and OLT.)

Procedure
 Configure the FTTB or FTTC network.
For details about how to configure the FTTB or FTTC network, see the Configuration Guide.

 Configure the Internet access service on the FTTO ONU.


Layer 3 route mode is used for connecting an ONU to the upper-layer device. IP addresses of users' PCs are
allocated by the DHCP IP address pool on the ONU. PPPoE auto dialup is performed on the ONU. Parameters of
the WAN port must be configured on the ONU.

1. Log in to the web configuration window.

a. Configure the IP address of the PC network adapter to be in the same network segment as the IP
address of the local maintenance Ethernet port on the ONU (default: 192.168.100.1).

b. Open the web browser, and enter the IP address of the local maintenance Ethernet port on the
ONU.

c. In the login window, enter the user name (default: telecomadmin) and password (default:
admintelecom) of the administrator. After the password authentication is passed, the web
configuration interface is displayed.

Please modify the initial password in time to ensure administrator account security.

2. Configure the working mode of a LAN port.

a. In the navigation tree, choose LAN > LAN Port Work Mode. Select the check box of LAN 1 and
set LAN1 to work in the Layer 3 mode.

b. Click Apply to apply the configuration.

3. Configure parameters of a WAN port.

2024-09-17 527
MA5800 Product Documentation

a. In the navigation tree, choose WAN > WAN Configuration.

b. In the right pane, click New. In the dialog box that is displayed, configure parameters of a WAN
port as follows:

 WAN Connection: Enable

 Encapsulation Mode: PPPoE

 WAN mode: Route WAN

 Service type: INTERNET (For configuring the Internet access service, INTERNET or a
combination containing INTERNET needs to be selected.)

 VLAN ID: 1001 (The VLAN ID of the FTTO ONU must be the same as the user-side VLAN ID
configured on the upper ONU.)

 802.1p: 1

 User Name: iadtest@pppoe, Password: iadtest (The user name and password must be the
same as the user name and password configured on the BRAS.)

 Binding options: LAN1

 IP acquisition Mode: PPPoE

 NAT: Enable (NAT must be enabled to configure the Internet access service.)

c. Click Apply to apply the configuration.

4. Save the configuration.


In the navigation tree, choose System Tools > Configuration File. In the right pane, click Save
Configuration to save the configuration.

2024-09-17 528
MA5800 Product Documentation

5. Check the ONU connection status.


In the navigation tree, choose Status > WAN Information. In the right pane, Status is Connected and
the obtained IP address is displayed at IP Address.

 Configure the H.248-compliant VoIP service on the FTTO ONU.

1. Log in to the web configuration window.

a. Configure the IP address of the PC network adapter to be in the same network segment as the IP
address of the local maintenance Ethernet port on the ONU (default: 192.168.100.1).

b. Open the web browser, and enter the IP address of the local maintenance Ethernet port on the
ONU.

c. In the login window, enter the user name (default: telecomadmin) and password (default:
admintelecom) of the administrator. After the password authentication is passed, the web
configuration interface is displayed.

Please modify the initial password in time to ensure administrator account security.

2. Configure parameters of a voice WAN port.

a. In the navigation tree, choose WAN > WAN Configuration.

b. In the right pane, click New. In the dialog box that is displayed, configure parameters of a WAN
port as follows:

 WAN Connection: Enable

 Service List: VoIP (For configuring the VoIP service, VoIP or a combination containing VoIP
needs to be selected.)

 Mode: Route

2024-09-17 529
MA5800 Product Documentation

 VLAN ID: 300 (The VLAN ID of the ONU must be the same as the user-side VLAN ID
configured on the upper ONU.)

 802.1p: 5

 IP Acquisition Mode: DHCP

c. Click Apply to apply the configuration.

3. Configure the parameters of the H.248-based voice interface.

a. In the navigation tree, choose Voice > VoIP Basic Configuration.

b. In the right pane, configure the parameters of the H.248-based voice interface as follows (other
parameters use the default settings):

 Set MGC Address below Primary Server to 10.200.200.200.

 MID Format: DomainName

 MG Domain: 6877687714852901

 Signaling Port: 1_VOIP_R_VID_300

 Region: China

 The parameters of the H.248-based voice interface must be consistent with the corresponding
configuration on the media gateway controller (MGC).
 If dual-homing is configured, MGC Address below Secondary Server must be configured.
 MID Format can be set to Domain Name, IP, or Device. If MID Format is set to Domain Name or
Device, the setting must be consistent with the corresponding configuration on the MGC.
 Domain Name is ONU's domain name registered with the MGC. It is globally unique. Domain Name
in this example is ONU's SN.
 If Media Port is empty, the parameter value is the same as Signaling Port. The media streams are
not isolated from signaling streams. If the upper-layer network requires isolation of media streams
from signaling streams, create different traffic streams for the media streams and signaling streams
on the OLT, create different WAN ports on the ONU, and bind the created WAN ports to Media Port
and Signaling Port.

2024-09-17 530
MA5800 Product Documentation

 Profile Index can be set to Default, BT, FT, KPN, PCCW, ZTE, or BELL. Choose the value based on
the MGC type. Profile Index is set to Default (indicating interconnection with Huawei MGC) in this
example. If the settings do not meet requirements, configure UserDefine. For details about how to
configure this parameter, contact Huawei technical support engineers.
 When the ONU is interconnected with a third-party softswitch, check RTP TID Prefix, Start
Number of RTP TID, and Width of RTP TID Number.

c. Click Apply to apply the configuration.

4. Configure parameters of the H.248-based voice users.

a. In the navigation tree, choose Voice > VoIP Basic Configuration.

b. In the right pane, configure the parameters of voice user 1 as follows:

 Line Name: A0

 Associated POTS: 1 (binding port TEL1 on the ONU)

 Select Enable Line Name to enable the voice user configuration.

c. Click Apply to apply the configuration.

d. In the right pane, click New to add voice user 2, and configure the parameters of voice user 2 as
follows:

 Line Name: A1

 Associated POTS: 2 (binding port TEL2 on the ONU)

 Select Enable Line Name to enable the voice user configuration.

e. Click Apply to apply the configuration.

 The terminal IDs A0 and A1 must be consistent with the corresponding configuration on the MGC.

2024-09-17 531
MA5800 Product Documentation

 If Associated POTS is 1, port TEL1 on the ONU is bound. If Associated POTS is 2, port TEL2 on the ONU is
bound.

5. (Optional) Configure a route.


Perform this operation if the IP address of the ONU and the IP address of the voice server are in
different network segments.

a. Choose Route > Default Route Configuration from the main menu.

b. Select Enable the default route and set WAN name to 1_VOIP_R_VID_300.

Figure 2 shows the settings.

Figure 2 Configuring a route

c. Click Apply to apply the configuration.

6. Save the configuration.


In the navigation tree, choose System Tools > Configuration File. In the right pane, click Save
Configuration to save the configuration.

7. Restart the voice process.


In the navigation tree, choose Status > VoIP Information. In the right pane, click Restart VoIP.

2024-09-17 532
MA5800 Product Documentation

8. Check the ONU connection status.


In the navigation tree, choose Status > WAN Information. In the right pane, Status is Connected and
the obtained IP address is displayed at IP Address.

9. Check the registration status of a voice user.


In the navigation tree, choose Status > VoIP Information. In the right pane, User Status is Up.

 Configure the SIP-compliant VoIP service on the FTTO ONU.

1. Log in to the web configuration window.

a. Configure the IP address of the PC network adapter to be in the same network segment as the IP
address of the local maintenance Ethernet port on the ONU (default: 192.168.100.1).

b. Open the web browser, and enter the IP address of the local maintenance Ethernet port on the
ONU.

c. In the login window, enter the user name (default: telecomadmin) and password (default:
admintelecom) of the administrator. After the password authentication is passed, the web
configuration interface is displayed.

Please modify the initial password in time to ensure administrator account security.

2. Configure parameters of a voice WAN port.

a. In the navigation tree, choose WAN > WAN Configuration.

2024-09-17 533
MA5800 Product Documentation

b. In the right pane, click New. In the dialog box that is displayed, configure parameters of a WAN
port as follows:

 WAN Connection: Enable

 Service List: VoIP (For configuring the VoIP service, VoIP or a combination containing VoIP
needs to be selected.)

 Mode: Route

 VLAN ID: 300 (The VLAN ID of the ONU must be the same as the user-side VLAN ID
configured on the upper ONU.)

 802.1p: 5

 IP Acquisition Mode: DHCP

c. Click Apply to apply the configuration.

3. Configure the parameters of the SIP-based voice interface.

a. In the navigation tree, choose Voice > VoIP Basic Configuration.

b. In the right pane, configure the parameters of the SIP-based voice interface as follows (other
parameters use the default settings):

 Set Proxy Server Address below Primary Server to 10.200.200.200.

 Home Domain: softx3000.example.com

 Signaling Port: 1_VOIP_R_VID_300

 Region: China

 The parameters of the SIP-based voice interface must be consistent with the corresponding
configuration on the softswitch.
 If dual-homing is configured, Proxy Server Address below Secondary Server must be configured.

2024-09-17 534
MA5800 Product Documentation

 If Signaling Port is empty, the parameter value is the same as Media Port. If the upper-layer
network requires isolation of media streams from signaling streams, create different traffic streams
for the media streams and signaling streams on the OLT, create different WAN ports on the ONU,
and bind the created WAN ports to Media Port and Signaling Port. When the packet is forwarded
from two WAN ports, the configured VLAN is carried by default.

c. Click Apply to apply the configuration.

4. Configure the parameters of the SIP-based voice users.

a. In the navigation tree, choose Voice > VoIP Basic Configuration.

b. In the right pane, configure parameters of voice user 1 as follows:

 Register User Name: 80001234

 Auth User Name: [email protected]

 Password: iadtest1

 Associated POTS: 1 (binding port TEL1 on the ONU)

 Select Enable to enable the voice user configuration.

c. Click Apply to apply the configuration.

d. Register User Name: 80001235

e. Auth User Name: [email protected]

f. Password: iadtest2

g. Associated POTS: 2 (binding port TEL2 on the ONU)

h. Select Enable User to enable the voice user configuration.

2024-09-17 535
MA5800 Product Documentation

i. Click Apply to apply the configuration.

 The parameters of the SIP-based voice user must be consistent with the corresponding configuration on the
softswitch.
 If Associated POTS is 1, port TEL1 on the ONU is bound. If Associated POTS is 2, port TEL2 on the ONU is
bound.

5. (Optional) Configure a route.


Perform this operation if the IP address of the ONU and the IP address of the voice server are in
different network segments.

a. Choose Route > Default Route Configuration from the main menu.

b. Select Enable the default route and set WAN name to 1_VOIP_R_VID_300.

Figure 3 shows the settings.

Figure 3 Configuring a route

c. Click Apply to apply the configuration.

6. Save the configuration.


In the navigation tree, choose System Tools > Configuration File. In the right pane, click Save
Configuration to save the configuration.

7. Restart the voice process.

2024-09-17 536
MA5800 Product Documentation

In the navigation tree, choose Status > VoIP Information. In the right pane, click Restart VoIP.

8. Check the ONU connection status.


In the navigation tree, choose Status > WAN Information. In the right pane, Status is Connected and
the obtained IP address is displayed at IP Address.

9. Check the registration status of the voice user.


In the navigation tree, choose Status > VoIP Information. In the right pane, User Status is Up.

 Configure the IPTV service. (The IPTV service does not need to be configured on the FTTO ONU.)

 Configure the Wi-Fi service on the FTTO ONU.

1. Configure Wi-Fi parameters.


Choose WLAN from the main menu. Then, in the navigation tree on the left side of the page, choose
WLAN Basic Configuration and configure parameters shown in the following figure.

2024-09-17 537
MA5800 Product Documentation

2. Configure Layer 3 routing WAN port parameters.

2024-09-17 538
MA5800 Product Documentation

3. Check the ONU connection status.


Choose Status from the main menu. Then, in the navigation tree on the left side of the page, choose
WAN Information to check the ONU connection status.

Result

The configured services can be used only after both the FTTB/FTTC ONU and FTTO ONU are configured.

 For the Internet access service, users can access the Internet using PPPoE dialup.

 For the VoIP service, users can make and receive calls.

 For the IPTV service, users can watch videos with configured permissions.

2024-09-17 539
MA5800 Product Documentation

 For the Wi-Fi service, SSID-specific wireless signals can be detected by the PC. After a user enters a correct
authentication key, the PC automatically obtains an IP address allocated by the ONU using DHCP. After the
ONU automatically performs PPPoE dialup and the dialup is successful, the user can access the Internet.

1.6 FTTM Configuration (Base Station Access)


FTTM Configuration (Base Station Access)

On an FTTM (base station access) network, 2G or 3G/4G base stations are connected to ONUs that serve as cell
backhaul units (CBUs) in multiple modes. Then the ONUs transmit 2G or 3G services to OLTs and then to the
upper-layer network. After being transmitted over the upper-layer network, the services access the basic station
controller (BSC) or radio network controller (RNC). In this manner, 2G or 3G/4G services are carried on the base
station access network.
Basic Concepts

Many concepts are involved in the base station access solution. The following only provides major concepts involved in the
network diagram of base station access service.

Principle of Planning Data for Base Station Access Service

This topic plans base station access service in a unified manner from different dimensions. The data plans are used to
guide configuration and optimization of base station access service in different scenarios.

Configuring Base station access Clock Synchronization

This topic describes the concept and principle of clock synchronization in base station access network, clock
synchronization solutions supported by devices, and configuration differences.

Configuring E1 Base Station Access Service (in Native TDM Mode, GPON)

ONUs transmit E1 signals of base stations to OLTs in Native TDM mode and OLTs are interconnected with transmission
equipment through E1 ports. In this manner, traditional circuit switching services can be carried over GPON networks.

Configuring Ethernet Base Station Access Service (in QinQ VLAN Mode, GPON)

ONUs are connected to IP base stations through FE/GE Ethernet ports and OLTs are interconnected with MAN equipment
in QinQ VLAN mode to achieve access of base station services. Alternatively, OLTs are interconnected with MAN
equipment in common VLAN or stacking VLAN mode to achieve access of base station services. You can plan the access
mode according to your requirements. The QinQ VLAN mode is described as an example.

Configuring the Access Service of Ethernet Base Stations (Layer 3 GRE Mode, GPON)

ONUs are connected to IP base stations through GE/XGE Ethernet ports and OLTs are interconnected with metropolitan
area network (MAN) equipment in generic routing encapsulation (GRE) mode to achieve access of base station services.

Configuring the Access Service of Ethernet Base Stations (Layer 2 Non-GRE Mode, GPON)

ONUs are connected to IP base stations through GE/XGE Ethernet ports and OLTs are interconnected with metropolitan
area network (MAN) equipment in Common VLAN mode to achieve access of base station services.

2024-09-17 540
MA5800 Product Documentation

Configuring Symmetrical TDM PWE3 Access for OLTs on Both Sides (GPON)

Two OLTs are symmetrically connected to the packet switched network (PSN). Signals of enterprise or base transceiver
station (BTS) private line services are transmitted to an ONU through an E1 port, and then the ONU sends the signals to
the OLT through GPON lines. The OLT, functioning as a superstratum provider edge (SPE), is connected to its peer OLT
through TDM PWE3. This enables the PSN network to carry traditional circuit switched (CS) services.

Configuring E1 Access for the ONU and Creating TDM PWE3 Between the ONU and Peer PE (GPON)

An ONU is connected to the OLT through GPON lines. Signals of enterprise or base transceiver station (BTS) private line
services are transmitted to the OLT through the E1 port on the ONU. TDM PWE3 is created between the ONU and the peer
provider edge (PE) CX600 to enable the packet switched network (PSN) to carry traditional circuit switched (CS) services.

Configuring Small-Cell Base Station Access Service (through GUI Pre-Deployment, GPON)

Dock ONUs are connected to small-cell base stations through Ethernet ports, and OLTs interconnect with the devices on
the metro network through QinQ VLANs to provide the access service for small-cell base stations. This topic describes how
to implement the access service of a small-cell base station through GUI pre-deployment in the scenario with the U2000
available.

1.6.1 Basic Concepts


Basic Concepts

Many concepts are involved in the base station access solution. The following only provides major concepts
involved in the network diagram of base station access service.

Network Diagram of Base Station Access Service

User Side

Concept Description

BTS Base transceiver station, a 2G base station. BTSs are controlled by base station controllers (BSCs) and
constitute a a base station subsystem (BSS) with BSCs as radio devices. BTSs serve for a district and
communicate with mobile stations (MSs) through air interfaces.

NodeB A 3G base station, providing physical radio links between mobile devices (mobile phones) and the universal
mobile telecommunications system (UMTS) network. NodeBs transmit and receive data through radio
interfaces.

2024-09-17 541
MA5800 Product Documentation

Network Side

Concept Description

SDH Synchronous digital hierarchy. SDH is a transmission scheme that follows ITU-T G.707, G.708, and G.709. It
defines the transmission features of digital signals such as frame structure, multiplexing mode, transmission
rate level, and interface code. SDH is an important part of ISDN and B-ISDN. It interleaves the bytes of low-
speed signals to multiplex the signals to high-speed counterparts, and the line coding of scrambling is used
only for signals. SDH is suitable for the fiber communications system with high speed and a large capacity
since it uses synchronous multiplexing and flexible mapping structure.

PTN Packet transport network. PTN provides bidirectional point-to-point connections for packet switching
services and supports point-to-point networking using various service granularity. It can use lower-layer
transmission channels such as SDH, Ethernet, and OTN to transmit services.

BSC/RNC BSC: Base station controller. A BSC controls a group of base stations and manages the radio network.
Specifically, BSCs manage radio districts and channels, operate and maintain radio devices, manage
connections of MSs, and provide interfaces between base stations and the mobile switching center (MSC).
Radio control functions can be integrated in BSCs whenever possible to simplify functions of base stations.
RNC: radio network controller. RNCs are key NEs on 3G networks. RNCs manage mobility, process calls,
manage links, and switch users on the access network.

1.6.2 Principle of Planning Data for Base Station Access


Service
Principle of Planning Data for Base Station Access Service

This topic plans base station access service in a unified manner from different dimensions. The data plans are used
to guide configuration and optimization of base station access service in different scenarios.
Principle of Equipment Management Data Plan

Equipment management planning involves planning for management VLANs and IP addresses.

Principle of VLAN Data Plan

VLAN planning for the base station access service covers planning of VLANs and VLAN translation policies in different
networking scenarios.

Principle of QoS Data Plan

QoS planning for the base station access service is end-to-end. QoS policies include traffic classification, marking and
scheduling, traffic monitoring, and DBA policies. QoS policies for different scenarios are different. This topic provides QoS
policies in the following scenarios.

Principle of Clock Synchronization Data Plan

Wireless base stations have high requirements on clock precision. Clock synchronization solutions must be planned based
on types and standards of base stations.

Principle of Security Data Plan

Security planning involves planning for system security, user security, and service security. Security policy ensures normal
services.

2024-09-17 542
MA5800 Product Documentation

Principle of Reliability Data Plan

Reliability planning covers planning of equipment reliability and upstream/downstream networking protection.
Reliability planning helps to achieve high reliability of private line services.

1.6.2.1 Principle of Equipment Management Data Plan


Principle of Equipment Management Data Plan

Equipment management planning involves planning for management VLANs and IP addresses.

Management VLAN Planning

 The OLT and ONUs use the same management VLAN.

 The OLT and ONUs use a single S-VLAN as the equipment management VLAN.

IP Address Planning

Scenario IP Address Planning

Equipment management A management IP address is allocated to each OLT/ONU. Management IP addresses of


ONUs connected to the same OLT are usually in the same network segment. Private IP
addresses planned by the carrier are used for the purpose of security.

E1 base station access service No IP addresses need to be planned because ONUs access the private line service
(in Native TDM mode) through E1.

Ethernet base station access No IP addresses need to be planned because the OLT and ONUs provide Layer 2
service (in QinQ VLAN mode) transparent channels.

Symmetrical TDM PWE3 Plan IP address of VLAN interface, and MPLS loopback interface symmetrically
access for OLTs on both sides Both IP addresses of VLAN interfaces should be in the same network segment

E1 access for the ONU and Plan IP address of the ONU E1 board
TDM PWE3 between the ONU Plan IP address of the sub interface of CX600
and peer PE Both IP addresses should be in the same network segment

Small-cell base station access No IP addresses need to be planned because the OLT and ONUs provide Layer 2
service transparent channels.

1.6.2.2 Principle of VLAN Data Plan


Principle of VLAN Data Plan

VLAN planning for the base station access service covers planning of VLANs and VLAN translation policies in
different networking scenarios.

VLAN and VLAN Translation Policy

Scenario VLAN Planning VLAN Translation

2024-09-17 543
MA5800 Product Documentation

ONU OLT

E1 base station Use a reserved C-VLAN (starts from 4000). N/A N/A
access service (in NOTICE:
Native TDM mode)
A reserved C-VLAN cannot be used for Ethernet
services on ONUs.

Symmetrical TDM Plan a global VLAN on the OLT and ONUs, which N/A N/A
PWE3 access for cannot conflict with other service VLANs.
OLTs on both sides
E1 access for the
ONU and TDM
PWE3 between the
ONU and peer PE

Ethernet base Single VLAN tag: ONUs and the OLT use single Different user VLANs are The OLT
station access VLAN tags. Service packets are forwarded based planned for different transparently
service (in QinQ on single VLAN tags after being transmitted services (service packets transmits the
VLAN mode) from the OLT upstream to the metro network. In with different destination packets with C-
Small-cell base this way, a large number of VLANs for the metro addresses or paths) of VLANs from ONUs.
station access network will be occupied if there are many base stations.
service OLTs.
User VLANs of packets
Generally, four VLANs are planned for Ethernet sent from the base
base station access service, which are used for: stations are translated to
Clock synchronization a specified C-VLAN based
on service types.
Voice and data services of base stations
Base station management
ONU management

(Recommended) Double VLAN tags: Each OLT Different user VLANs are The OLT adds an S-
uses double VLAN tags, an outer VLAN tag (S- planned for different VLAN tag: C-VLAN<-
VLAN) and inner VLAN tag (C-VLAN). S-LVANs services (service packets >S-VLAN+C-VLAN.
are the same but C-LVANs are different. In this with different destination
way, the number of VLANs required for the addresses or paths) of
metro network is significantly reduced. base stations.
User VLANs of packets
sent from the base
stations are translated to
a specified C-VLAN based
on service types.

1.6.2.3 Principle of QoS Data Plan


Principle of QoS Data Plan

QoS planning for the base station access service is end-to-end. QoS policies include traffic classification, marking
and scheduling, traffic monitoring, and DBA policies. QoS policies for different scenarios are different. This topic
provides QoS policies in the following scenarios.

E1 Base Station Access Service (in Native TDM Mode) / Symmetrical TDM
PWE3 access for OLTs on both sides / E1 access for the ONU and TDM
PWE3 between the ONU and peer PE

2024-09-17 544
MA5800 Product Documentation

In this scenario, ONUs access services through E1 lines. Therefore, the QoS policies are mainly planned for traffic
on PON lines.
Parameter Value Remarks

T-CONT It is recommended that the number of It is recommended that all E1 lines of the same ONU use the
T-CONTs do not exceed 3. The T-CONT same T-CONT.
ID ranges from 1 to 3.

DBA type Fixed bandwidth and minimum delay The DBA must be configured properly to achieve low delay, low
jitter, and zero packet loss so that the quality of the E1 base
station access service can be ensured.

DBA Nx7232 kbit/s is recommended. (N is It is recommended that the T-CONT ID be 1, 2, or 3 and all E1
bandwidth the number of E1 lines.) lines of the same ONU use the same T-CONT. This setting can
leverage bandwidth resources. Each E1 line requires only 5440
kbit/s.

Ethernet Base Station Access Service (in QinQ VLAN Mode) / Small-cell
base station access service

Parameter Value

Traffic classification, 802.1p priority OAM service of base stations: 7


marking, and scheduling Synchronization service of base stations: 7
policies Voice and data services of base stations: 7

Queue PQ
scheduling
mode

OLT queue ID 7
(eight queues)

Traffic monitoring OLT T-CONT (only QinQ private line services use a separate T-CONT to distinguish the QinQ
and DBA policies for GPON) private line services from other services.

DBA type Type 3 ("Assured bandwidth+maximum bandwidth" DBA profile. This


type of DBA not only ensures a fixed bandwidth for users but also enables
users to preempt a certain amount of bandwidth, but the total bandwidth
cannot exceed the maximum bandwidth.)

DBA bandwidth Configure DBA bandwidth based on bandwidth requirements of base


stations.

Downstream Configure a traffic profile based on bandwidth requirements of base


traffic profile stations.

ONU Upstream port Rates of upstream ports are not limited.


rate limit

Downstream Rates of downstream ports are not limited.


port rate limit

1.6.2.4 Principle of Clock Synchronization Data Plan


Principle of Clock Synchronization Data Plan

2024-09-17 545
MA5800 Product Documentation

Wireless base stations have high requirements on clock precision. Clock synchronization solutions must be
planned based on types and standards of base stations.

Clock Synchronization Solution

Classification Clock Description


Synchronization
Solution

Frequency BITS clock For GSM and WCDMA base stations that only require frequency
synchronization synchronization, BITS clocks are transmitted to base stations to achieve
network-wide clock synchronization when OLTs have BITS input clocks.

E1/STM-1 line clock For GSM and WCDMA base stations that only require frequency
synchronization, E1/STM-1 line clocks are used to achieve clock
synchronization when OLTs transmit services upstream to SDH networks
through E1/STM-1 ports.

Synchronous For GSM and WCDMA base stations that only require frequency
Ethernet clock synchronization, clocks restored from code streams on Ethernet links are
used to achieve network-wide clock synchronization when OLTs transmit
services upstream to PSN networks through GE/10GE ports.

Time 1PPS+ToD time OLTs receive time information through 1PPS+TOD ports. The time
synchronization information is transmitted from external time servers (such as Huawei
SYNLOCK T6020) that obtain standard time synchronization information
using GPS. This solution is recommended for 3G and LTE stations.

1588V2 time The OLT obtains the 1588v2 time by using the upstream network interface
(the time is transmitted by the upstream network hop by hop). Then, the OLT
transmits the time to the ONU through the GPON line. After recovering the
time, the ONU transmits the time to the base station by means of the 1588v2
or time interface.

The priority of recommended frequency synchronization solutions is as follows: BITS clock > line clock > synchronous Ethernet
clock. Select a clock source based on the actual conditions of COs.

Recommended Clock Synchronization Solutions for Different Base Station


Access Scenarios

Scenario Recommended Clock Synchronization Solution

E1 base station access service (in Native TDM mode) BITS clock
E1/STM-1 line clock

E1 base station access service (in GPON SAToP mode) BITS clock
E1/STM-1 line clock

Ethernet base station access service (in QinQ VLAN mode) Synchronous Ethernet clock
1PPS+ToD time (remark 1)
1588v2 time

Remark 1: Ethernet base stations may require time synchronization.

2024-09-17 546
MA5800 Product Documentation

1.6.2.5 Principle of Security Data Plan


Principle of Security Data Plan

Security planning involves planning for system security, user security, and service security. Security policy ensures
normal services.

 The device provides complete security measures, but not all security measures need to be deployed. Only the security
measures that meet the following requirements need to be deployed:

 The security measures can be used on the live network.


 The security measures are easy to deploy.
 The security measures are effective.

 Different ONUs support different security features. Select the security feature recommended in this topic according to
actual ONU capabilities.

System Security

Security Solution Description and Usage Suggestion


Vulnerability

DoS attack Enable the anti-DoS- After the anti-DoS-attack function is enabled, control packets are
attack function for OLT monitored and those exceeding the number threshold are discarded.
and MDU. Use this solution for new site deployment.

IP attack Enable the anti-IP- After the anti-IP-attack function is enabled, a device discards the IP packets
attack function for OLT received from the user side whose destination IP address is the IP address
and MDU. of the device, and therefore the system is protected.
Use this solution for new site deployment.

User Security

Security Solution Description and Usage Suggestion


Vulnerability

MAC spoofing Enable the anti- After anti-MAC-duplicate is enabled, the system records the first MAC address
MAC-duplicate learned from the port and binds the MAC address to the port and VLAN. If
function for OLT receiving packets sent from the host that has the same MAC address with the port,
and MDU. the system discards the packets directly. In this case, it can prevent users from
forging MAC addresses to perform malicious attacks.
Use this solution for new site deployment.

MAC attack Enable the anti- After anti-MAC spoofing is enabled, the system can prevent users from forging IP
MAC spoofing addresses to perform malicious attacks.
function for OLT Use this solution for new site deployment.
and MDU.

IP spoofing Enable the anti-IP After anti-IP spoofing is enabled, the system can prevent users from forging IP
spoofing function addresses to perform malicious attacks.
for MDU. Use this solution for new site deployment.

2024-09-17 547
MA5800 Product Documentation

1.6.2.6 Principle of Reliability Data Plan


Principle of Reliability Data Plan

Reliability planning covers planning of equipment reliability and upstream/downstream networking protection.
Reliability planning helps to achieve high reliability of private line services.

Equipment Reliability

Protection Description Suggestion


Scheme

Main control The system uses two main control boards of the same model and Mandatory
board 1+1 version. The two main control boards work in the active/standby
protection mode by default. When the active main control board fails, the system
switches to the standby main control board to prevent service
interruption.

Power board A subrack is configured with two power boards of the same model and Mandatory
1+1 protection version, which back up each other. When one of the power boards fails,
the other power board can still provide power supply to the device and
so the system can still work properly.

Upstream The system uses two upstream interface boards of the same model and This protection scheme is
board 1+1 version. Each board provides one upstream port and two upstream recommended when the
protection ports are bound together using Link Aggregation Control Protocol NXED board is used to
(LACP). When the active upstream port fails, traffic will be transmitted transmit traffic upstream.
upstream through the standby upstream port.

Upstream Networking Protection

Protection Description Suggestion


Scheme

Link Multiple Ethernet ports are bound together as an aggregation group to This protection scheme is
aggregation increase the bandwidth and balance the inbound and outbound load of mandatory when the NXED
group each member port. In addition, the ports in an aggregation group back up board is used to transmit
each other, which enhances the reliability of links. traffic upstream.

Protection A protection group of upstream ports contains a working port and a When the main control
group protection port. In normal state, the working port carries services and the board is used to transmit
(Ethernet) protection port does not. When the link at the working port is faulty, the traffic upstream, this
system automatically switches services from the working port to the protection scheme is
protection port to ensure normal service transmission and protect the mandatory.
uplink.

Link aggregation group and Ethernet protection group usually are not configured at the same time. You are advised to
configure only one of the two protection schemes.

Downstream Networking Protection

Protection Description Suggestion


Scheme

2024-09-17 548
MA5800 Product Documentation

Protection Description Suggestion


Scheme

xPON Type B Two PON ports on the same OLT back up each other. When one of It provides port-level protection
single the PON ports fails, the system automatically switches to the other and has a low cost. The inter-board
homing PON port. This protection scheme provides port-level protection protection mode is recommended.
with low costs. It protects services against fiber failure at the
working port.

GPON Type C Two PON ports on the same OLT, two PON ports on an ONU, two It provides link-level protection.
single backbone optical fibers, two optical splitters, and two tributary
homing optical fibers are configured to provide link-level protection.

GPON Type C Two PON ports on different OLTs, two PON ports on an ONU, two It provides full backup protection,
dual homing backbone optical fibers, two optical splitters, and two tributary which is the highest level of
optical fibers are configured to implement this protection. The protection, at the same time, it has
difference between this protection scheme and the GPON Type C the highest cost.
single homing protection scheme is that the ONU needs to be dual This protection scheme can be
homed to two OLTs in this protection scheme. This full-backup configured for only the Ethernet
protection scheme provides the highest-level protection for links QinQ private line service. It does
and has the highest costs. not support TDM services, including
Native TDM and SAToP.

The Type B single homing protection scheme, Type C single homing scheme, and Type C dual homing protection scheme are
mutually exclusive. Therefore, only one of these protection schemes can be configured for an ONU.

1.6.3 Configuring Base station access Clock Synchronization


Configuring Base station access Clock Synchronization

This topic describes the concept and principle of clock synchronization in base station access network, clock
synchronization solutions supported by devices, and configuration differences.
Configuring BITS Clock Synchronization

The OLT receives the clock through the BITS and transmits the clock to the ONU through the PON line and then
downstream to the base station, implementing clock synchronization of the entire network.

Configuring E1 Line Clock Synchronization

When optical line terminals (OLTs) access a base station that requires only frequency synchronization, such as
GSM/WCDMA, and when OLTs are connected upstream to the synchronous digital hierarchy (SDH) network by using the
E1

Configuring Ethernet Clock Synchronization

When OLTs access a base transceiver station (BTS) that requires only frequency synchronization, such as
GSM/WCDMA/FDD LTE and when the OLTs are connected upstream to the packet switched network (PSN) by using the
GE/10GE port, the clock can be recovered from the bit streams on the Ethernet link, implementing synchronization
between over the entire network.

Configuring "1PPS+ToD" Clock Synchronization

2024-09-17 549
MA5800 Product Documentation

In the base stations that require time synchronization, such as CDMA2000/TD-SCDMA/LTE, the OLT obtains time by
"1PPS+ToD" time injection way. The OLT transmits the clocks to the ONU through GPON lines and then downstream to the
base station, implementing clock synchronization of the entire network.

Configuring 1588v2 Clock Synchronization

In the base stations that require time synchronization, such as CDMA2000/TD-SCDMA/LTE, the OLT brings 1588v2 clocks
in end-to-end (E2E) 1588v2 mode. The OLT transmits the clocks to the ONU through GPON lines and then downstream to
the base station, implementing clock synchronization of the entire network.

1.6.3.1 Configuring BITS Clock Synchronization


Configuring BITS Clock Synchronization

The OLT receives the clock through the BITS and transmits the clock to the ONU through the PON line and then
downstream to the base station, implementing clock synchronization of the entire network.

Application Context
As shown in Figure 1, the OLT receives the clock from the BITS and the clock share the same clock source with the
BSC/RNC. Then the OLT transmits the clock to the ONU through the PON line clock. After recovering the clock, the
ONU transmits the clock to the base station through the E1 or FE/GE port.

Figure 1 BITS clock synchronization

Prerequisite

 The clock daughter board CKUA of the SCU board must be in position.

 The OLT must have the BITS clock input resource.

 The CIUA board (its BITS clock daughter board must be in position) must work in the normal state.

Data Plan

Item Data

CIUA board Ports: 0/0/0 and 0/0/1


Clock type: BITS 2 MHz, 120 ohms

2024-09-17 550
MA5800 Product Documentation

Item Data

Clock priority: p0 > p1

Upstream port 0/9/0

E1 port of the ONU 0/1/0

ETH port of the ONU 0/3/1

Configuration Concept

1. The OLT uses the BITS line clock as the system clock.

2. The system clock is issued to the ONU through the optical path of the PON service board.

3. The ONU uses the line clock of the PON upstream port as the system clock.

4. The E1 Tx clock of the ONU is synchronized to the system clock of the ONU.

Procedure

1. Configure the OLT-side clock.

a. Configure a system clock source.


Run the clock source command to configure BITS_IN ports 0/0/0 and 0/0/1 on the CIUA board as
the system clock sources. Set their IDs to 0 and 1 respectively.

huawei(config)#clock source 0 0/0/0 2mhz 120ohm


huawei(config)#clock source 1 0/0/1 2mhz 120ohm

b. Set the priority of the system clock source.


Run the clock priority command to configure the priorities of clock sources 0 and 1 to p0 > P1.

huawei(config)#clock priority system 0/1

c. Query the configuration and status of the system clock source.


Run the display clock source command to query the configuration and status of the clock source.
Ensure that the configuration information about the system clock is matching and the status is
normal.

2. Configure the ONU-side clock.

a. Configure the PON line clock source as the system clock.


The system clock of the OLT is issued to the ONU through the optical path of the PON port,
implementing the clock synchronization between the OLT and the ONU.

i. Run the clock source command to configure the clock recovered from the PON upstream port
as the system clock source of the ONU.

ii. Run the clock priority command to configure the priority of the clock source.

huawei(config)#clock source 0 0/0/1

2024-09-17 551
MA5800 Product Documentation

Clock source set succeeded

huawei(config)#clock priority system 0

b. (Optional) Configure the system clock as the Tx clock of the E1 port.

This step is required only when the base station is connected to the ONU through the E1 port. When the base
station is connected to the ONU through the ETH port, this step is not required. By default, it is the system clock
and cannot be modified.

i. Run the interface tdm command to enter the E1 port configuration mode.

ii. Run the tx clock or port portid udt system command to configure the Tx clock of the port as
the system clock.

iii. Run the display port state command to query the Tx clock of the E1 port.

huawei(config)#interface tdm 0/1


huawei(config-if-tdm-0/1)#port 0 udt system
huawei(config-if-tdm-0/1)#display port state 0
---------------------------------------
Port :0
State : normal
Mode : UDT
Code : HDB3
Looptype :-
Timeslot :-
Clock : system
CRC4 :-
Signaling :-
ESF :-
Impedance : 120 Ohm
---------------------------------------

c. Query the configuration and status of the system clock source.


Run the display clock source command to query the configuration and status of the system clock
source.

huawei(config-if-tdm-0/1)#quit
huawei(config)#display clock source
--------------------------------------------------------------------
Index Type Source State Priority QL Selected
--------------------------------------------------------------------
0 line 0/0/1 Normal 0 --- YES
1 -- -/ -/ - --- --- NO ---
2 -- -/ -/ - --- --- NO ---
3 -- -/ -/ - --- --- NO ---

2024-09-17 552
MA5800 Product Documentation

4 -- -/ -/ - --- --- NO ---


5 -- -/ -/ - --- --- NO ---
6 -- -/ -/ - --- --- NO ---
7 -- -/ -/ - --- --- NO ---
8 -- -/ -/ - --- --- NO ---
9 -- -/ -/ - --- --- NO ---
--------------------------------------------------------------------

Result

After the configuration of base station access service is complete, use the test meter to perform tests on the
E1/ETH access port of the ONU and the upstream GE/10GE port. The long-term bit error ratio (BER) and delay
should be able to meet the requirements for actual applications.

1.6.3.2 Configuring E1 Line Clock Synchronization


Configuring E1 Line Clock Synchronization

When optical line terminals (OLTs) access a base station that requires only frequency synchronization, such as
GSM/WCDMA, and when OLTs are connected upstream to the synchronous digital hierarchy (SDH) network by
using the E1

Application Context

As shown in Figure 1, the OLT recovers the clock from the E1 line. This clock is transmitted by the BSC/RNC
through the SDH network and then transmitted to the ONU through the PON line clock. After recovering the clock,
the ONU transmits the clock to the base station through the E1 line.

Figure 1 E1 line clock synchronization

Prerequisite

The clock daughter board CKUA of the main control board must be in position.

2024-09-17 553
MA5800 Product Documentation

Data Plan

Item Data

EDSH board Port ID: 0/5/0

E1 port of the ONU 0/1/0

Configuration Concept

1. The OLT traces the upstream E1 line clock of the board as the system clock.

2. The system clock is issued to the ONU through the optical path of the PON service board.

3. The ONU uses the line clock of the PON upstream port as the system clock.

4. The E1 Tx clock of the ONU is synchronized to the system clock of the ONU.

Procedure

1. Configure the OLT-side clock.

a. Configure a system clock source.


Run the clock source command to configure the line clock of E1 port 0/5/0 on the board as the
system clock source. Set the clock source ID to 0.
The clock module automatically judges the types of the specified clock sources (E1) and selects them
according to their priorities, serving as the clock sources for phase lock.

huawei(config)#clock source 0 0/5/0

b. Set the priority of the system clock source.


Run the clock priority command to configure clock source 0 to have the highest priority.

huawei(config)#clock priority system 0

c. Query the configuration and status of the system clock source.


Run the display clock source command to query the configuration and status of the clock source.
Ensure that the configuration information about the system clock is matching and the status is
normal.

2. Configure the ONU-side clock.

a. Configure the PON line clock source as the system clock.


The system clock of the OLT is issued to the ONU through the optical path of the PON port,
implementing the clock synchronization between the OLT and the ONU.

i. Run the clock source command to configure the clock recovered from the PON upstream port
as the system clock source of the ONU.

ii. Run the clock priority command to configure the priority of the clock source.

huawei(config)#clock source 0 0/0/1

2024-09-17 554
MA5800 Product Documentation

Clock source set succeeded

huawei(config)#clock priority system 0

b. Configure the system clock as the Tx clock of the E1 port.

i. Run the interface tdm command to enter the E1 port configuration mode.

ii. Run the tx clock or port portid udt system command to configure the Tx clock of the port as
the system clock.

iii. Run the display port state command to query the Tx clock of the E1 port.

huawei(config)#interface tdm 0/1


huawei(config-if-tdm-0/1)#port 0 udt system
huawei(config-if-tdm-0/1)#display port state 0
---------------------------------------
Port :0
State : normal
Mode : UDT
Code : HDB3
Looptype :-
Timeslot :-
Clock : system
CRC4 :-
Signaling :-
ESF :-
Impedance : 120 Ohm
---------------------------------------

c. Query the configuration and status of the system clock source.


Run the display clock source command to query the configuration and status of the system clock
source.

huawei(config-if-tdm-0/1)#quit
huawei(config)#display clock source
--------------------------------------------------------------------
Index Type Source State Priority QL Selected
--------------------------------------------------------------------
0 line 0/0/1 Normal 0 --- YES
1 -- -/ -/ - --- --- NO ---
2 -- -/ -/ - --- --- NO ---
3 -- -/ -/ - --- --- NO ---
4 -- -/ -/ - --- --- NO ---
5 -- -/ -/ - --- --- NO ---
6 -- -/ -/ - --- --- NO ---
7 -- -/ -/ - --- --- NO ---

2024-09-17 555
MA5800 Product Documentation

8 -- -/ -/ - --- --- NO ---


9 -- -/ -/ - --- --- NO ---
--------------------------------------------------------------------

Result

After the configuration of base station access service is complete, use the test meter to perform tests on the E1 port
of the ONU and the upstream E1 port of the OLT. The long-term bit error ratio (BER) and delay should be able to
meet the application requirements.

1.6.3.3 Configuring Ethernet Clock Synchronization


Configuring Ethernet Clock Synchronization

When OLTs access a base transceiver station (BTS) that requires only frequency synchronization, such as
GSM/WCDMA/FDD LTE and when the OLTs are connected upstream to the packet switched network (PSN) by
using the GE/10GE port, the clock can be recovered from the bit streams on the Ethernet link, implementing
synchronization between over the entire network.

Application Context
As shown in Figure 1, the OLT receives the clock from the upstream synchronous Ethernet port. (This clock is
transmitted through the PSN network and must be supported by all intermediate nodes.) Then the clock is
transmitted to the ONU through the PON line clock. After recovering the clock, the ONU transmits the clock to the
base station through the synchronous Ethernet or independent clock port.

Figure 1 Ethernet clock synchronization

Prerequisite

 The clock daughter board CKUA of the SCU board must be in position.

 The upstream MAN PSN of the OLT must feature the capability of Ethernet synchronization.

Data Plan

Item Data

Upstream port 0/9/0

2024-09-17 556
MA5800 Product Documentation

Item Data

E1 port of the ONU 0/1/0

ETH port of the ONU 0/3/1

Configuration Concept

1. The OLT uses the synchronous Ethernet clock of the upstream slot as the system clock.

2. The system clock is issued to the ONU through the optical path of the PON service board.

3. The ONU uses the line clock of the PON upstream port as the system clock.

4. The Tx clock of the E1 or ETH port on the ONU is synchronized to the system clock of the ONU.

Procedure

1. Configure the OLT-side clock.

a. Configure a system clock source.


Run the clock source command to configure the line clock of the GE/10GE port on the GIU board as
the system clock source. Set the clock source ID to 0.
The clock module automatically judges the types of the specified clock sources (ETH), and selects
them according to their priorities, serving as clock sources for phase lock.

huawei(config)#clock source 0 0/9/0

b. Set the priority of the system clock source.


Run the clock priority command to configure clock source 0 to have the highest priority.

huawei(config)#clock priority system 0

c. Query the configuration and status of the system clock source.


Run the display clock source command to query the configuration and status of the clock source.
Ensure that the configuration information about the system clock is matching and the status is
normal.

2. Configure the ONU-side clock.

a. Configure the PON line clock source as the system clock.


The system clock of the OLT is issued to the ONU through the optical path of the PON port,
implementing the clock synchronization between the OLT and the ONU.

i. Run the clock source command to configure the clock recovered from the PON upstream port
as the system clock source of the ONU.

ii. Run the clock priority command to configure the priority of the clock source.

huawei(config)#clock source 0 0/0/1


Clock source set succeeded

2024-09-17 557
MA5800 Product Documentation

huawei(config)#clock priority system 0

b. (Optional) Configure the system clock as the Tx clock of the E1 port.

This step is required only when the base station is connected to the ONU through the E1 port. When the base
station is connected to the ONU through the ETH port, this step is not required. By default, it is the system clock
and cannot be modified.

i. Run the interface tdm command to enter the E1 port configuration mode.

ii. Run the tx clock or port portid udt system command to configure the Tx clock of the port as
the system clock.

iii. Run the display port state command to query the Tx clock of the E1 port.

huawei(config)#interface tdm 0/1


huawei(config-if-tdm-0/1)#port 0 udt system
huawei(config-if-tdm-0/1)#display port state 0
---------------------------------------
Port :0
State : normal
Mode : UDT
Code : HDB3
Looptype :-
Timeslot :-
Clock : system
CRC4 :-
Signaling :-
ESF :-
Impedance : 120 Ohm
---------------------------------------

c. Query the configuration and status of the system clock source.


Run the display clock source command to query the configuration and status of the system clock
source.

huawei(config-if-tdm-0/1)#quit
huawei(config)#display clock source
--------------------------------------------------------------------
Index Type Source State Priority QL Selected
--------------------------------------------------------------------
0 line 0/0/1 Normal 0 --- YES
1 -- -/ -/ - --- --- NO ---
2 -- -/ -/ - --- --- NO ---
3 -- -/ -/ - --- --- NO ---
4 -- -/ -/ - --- --- NO ---

2024-09-17 558
MA5800 Product Documentation

5 -- -/ -/ - --- --- NO ---


6 -- -/ -/ - --- --- NO ---
7 -- -/ -/ - --- --- NO ---
8 -- -/ -/ - --- --- NO ---
9 -- -/ -/ - --- --- NO ---
--------------------------------------------------------------------

Result
After the configuration of base station access service is complete, use the test meter to perform tests on the
E1/ETH access port of the ONU and the upstream GE/10GE port. The long-term bit error ratio (BER) and delay
should be able to meet the requirements for actual applications.

1.6.3.4 Configuring "1PPS+ToD" Clock Synchronization


Configuring "1PPS+ToD" Clock Synchronization

In the base stations that require time synchronization, such as CDMA2000/TD-SCDMA/LTE, the OLT obtains time
by "1PPS+ToD" time injection way. The OLT transmits the clocks to the ONU through GPON lines and then
downstream to the base station, implementing clock synchronization of the entire network.

Context

"1PPS+ToD" is a time synchronization technology. The quality of clock transmitted by "1PPS+ToD" meets the
stratum 3 clock requirement and the time quality reaches a sub-microsecond precision, which solves the time and
clock synchronization problems of the user. In addition, using "1PPS+ToD" can better reduce user's investment.
Therefore, it is applicable to the base station access services.

Application Context

As shown in Figure 1, the OLT is injected with time through the 1PPS+ToD interface (the time source is obtained
from the GPS). Then, the OLT transmits the time signals to the ONU by means of the GPON time synchronization
technology. After recovering the time signals, the ONU transmits them to the base station by means of the time
interface.
This scheme has no additional requirement for the PSN network, but the OLT must be deployed with a BITS server
(such as SYNLOCK from Huawei). Therefore, this scheme is recommended when the upstream network of the OLT
does not support 1588V2.
This scheme requires that ONU supports external clock interface.

Figure 1 "1PPS+ToD" time injection

2024-09-17 559
MA5800 Product Documentation

Prerequisite

 The clock daughter board CKUA of the SCU control board must be in position.

 The CIUA board (with the BITSB daughter board) must be in position.

 GPON service boards must support 1588v2. For details, see hardware supported by 1588v2.

Data Plan

Item Data

Clock source The time is injected from the BITS IN port of the CIUA board to the 1PPS+ToD interface:
BITS IN ports of the CIUA board: 0/0/0 and 0/0/1
Clock priority: p0 > p1

ETH port of the ONU 0/3/1

Configuration Concept

1. On the OLT side, select the 1PPS+ToD clock signal as the system clock source.

2. The system clock is issued to the ONU through the optical path of the PON service board.

3. The ONU uses the 1588V2 clock of the PON upstream port as the system clock.

4. The ONU transmits time signals to the base station by using the FE/GE port or the clock output interface on
panel.

Procedure

 Configure the OLT-side clock.

1. Add a "1PPS+ToD" clock source.


Add two line "1PPS+ToD" clock source, and specify their index and priority.

huawei(config)#ptp source 0 0/0/0


huawei(config)#ptp source 1 0/0/1

2024-09-17 560
MA5800 Product Documentation

huawei(config)#ptp priority 0/1

2. Configure the "1PPS+ToD" clock source as the system clock source.

huawei(config)#clock source 0 0/0/0 2mhz 120ohm


huawei(config)#clock source 1 0/0/0 2mhz 120ohm
huawei(config)#clock priority system 0/1

3. Query the configuration and status of the "1PPS+ToD" clock source and system clock source.

huawei(config)#display ptp source


----------------------------------------------------------------
Index Board Source State Priority Selected LockState
----------------------------------------------------------------
0 H801CITD 0/0/ 0 Normal 0 YES successful
1 H801CITD 0/0/ 1 Normal 1 successful
2 --- -/ -/ - --- --- --- ---
3 --- -/ -/ - --- --- --- ---
4 --- -/ -/ - --- --- --- ---
5 --- -/ -/ - --- --- --- ---
6 --- -/ -/ - --- --- --- ---
7 --- -/ -/ - --- --- --- ---
8 --- -/ -/ - --- --- --- ---
9 --- -/ -/ - --- --- --- ---
----------------------------------------------------------------
huawei(config)#display clock source system
-----------------------------------------------------------------------
Index Board Source Clk-type State Priority QL Selected
-----------------------------------------------------------------------
0 H801CITD 0/0/ 0 2MHz Normal 0 --- YES
1 H801CITD 0/0/ 1 2MHz Normal 1 --- ---
-----------------------------------------------------------------------

 Configure the ONU-side clock (the clock is connected to the base station by using GE port to implement
time synchronization).
This configuration is applicable to time synchronization in the base station where synchronous base station
technologies (TDS-CDMA/CDMA2000/LTE is a representative) are adopted. The base station must provide
ETH ports and support 1588v2 packets.

1. Add a system clock source (frequency synchronization).


The 1588v2 clock is issued to the ONU through the optical path of the PON port, implementing the
clock synchronization between the OLT and the ONU.

a. Run the clock source command to add the 1588v2 clock source as the system clock source.

huawei(config)#clock source 0 0/0/1

b. Run the clock priority command to configure the priority of the 1588v2 clock source.

2024-09-17 561
MA5800 Product Documentation

huawei(config)#clock priority system 0

2. Configure the 1588v2 time source (time synchronization).

a. Run the ptp enable command to enable the 1588v2 function.

huawei(config)#ptp enable

b. Run the ptp source command to add the 1588v2 clock source as the system clock source.

huawei(config)#ptp source 0 0/0/1

c. Run the ptp priority command to configure the priority of the 1588v2 clock source.

huawei(config)#ptp priority 0

3. Run the ptp port enable command to enable the 1588v2 function on the Ethernet port to transmit
1588v2 packets on the specified port.

huawei(config)#ptp port 0/3/1 enable

4. Query the configuration and status of the 1588v2 clock source and system clock source.

 Run the display ptp source command to query the status of the 1588v2 clock source.

 Run the display clock source command to query the configuration and status of the system clock
source.

huawei(config)#display ptp source


---------------------------------------------------------------------
Index Type Source State Priority Selected Lock state
---------------------------------------------------------------------
0 1588 0/0/1 Normal 0 --- successful
1 -- -/ -/ - --- --- --- ---
2 -- -/ -/ - --- --- --- ---
3 -- -/ -/ - --- --- --- ---
4 -- -/ -/ - --- --- --- ---
5 -- -/ -/ - --- --- --- ---
6 -- -/ -/ - --- --- --- ---
7 -- -/ -/ - --- --- --- ---
8 -- -/ -/ - --- --- --- ---
9 -- -/ -/ - --- --- --- ---
---------------------------------------------------------------------
huawei(config)#display clock source
--------------------------------------------------------------------
Index Type Source State Priority QL Selected
--------------------------------------------------------------------
0 line 0/0/1 Normal 0 --- YES
1 -- -/ -/ - --- --- NO ---
2 -- -/ -/ - --- --- NO ---

2024-09-17 562
MA5800 Product Documentation

3 -- -/ -/ - --- --- NO ---


4 -- -/ -/ - --- --- NO ---
5 -- -/ -/ - --- --- NO ---
6 -- -/ -/ - --- --- NO ---
7 -- -/ -/ - --- --- NO ---
8 -- -/ -/ - --- --- NO ---
9 -- -/ -/ - --- --- NO ---
--------------------------------------------------------------------

 Configure the ONU-side clock (the ONU provides the base station with a clock by using the clock
interface on the panel to implement time synchronization).
This configuration is applicable to time synchronization in the base station where synchronous base station
technologies (TDS-CDMA/CDMA2000/LTE is a representative) are adopted. If a base station provides the
ETH port but does not support 1588v2 packets, the ONU outputs 1PPS+ToD time for the base station
synchronization.

1. Add a system clock source (frequency synchronization).


The 1588v2 clock is issued to the ONU through the optical path of the PON port, implementing the
clock synchronization between the OLT and the ONU.

a. Run the clock source command to add the 1588v2 clock source as the system clock source.

huawei(config)#clock source 0 0/0/1

b. Run the clock priority command to configure the priority of the 1588v2 clock source.

huawei(config)#clock priority system 0

2. Configure the 1588v2 time source (time synchronization).

a. Run the ptp enable command to enable the 1588v2 function.

huawei(config)#ptp enable

b. Run the ptp source command to add the 1588v2 clock source as the system clock source.

huawei(config)#ptp source 0 0/0/1

c. Run the ptp priority command to configure the priority of the 1588v2 clock source.

huawei(config)#ptp priority 0

3. Configure the time output mode of the clock output interface.

The ONU provides an independent output clock through time output port 0 on the panel. Configure the
clock output signal to 2 MHz and time signal to 1pps+ubx.

Configure the clock/time output mode according to actual conditions.

huawei(config)#clock bits-type 0 clock 2mhz


BITS clock parameter set successfully

2024-09-17 563
MA5800 Product Documentation

huawei(config)#clock bits-type 0 time 1pps protocol ubx


BITS clock parameter set successfully

1.6.3.5 Configuring 1588v2 Clock Synchronization


Configuring 1588v2 Clock Synchronization

In the base stations that require time synchronization, such as CDMA2000/TD-SCDMA/LTE, the OLT brings
1588v2 clocks in end-to-end (E2E) 1588v2 mode. The OLT transmits the clocks to the ONU through GPON lines
and then downstream to the base station, implementing clock synchronization of the entire network.

Context

1588v2 is a time synchronization technology. The quality of clock transmitted by 1588v2 meets the stratum 3
clock requirement and the time quality reaches a sub-microsecond precision, which solves the time and clock
synchronization problems of the user. In addition, using 1588v2 can better reduce user's investment. Therefore,
1588v2 is applicable to the base station access services.

Application Context

As shown in Figure 1, the OLT obtains the 1588v2 time by using the upstream network interface (the time is
transmitted by the upstream network hop by hop). Then, the OLT transmits the time to the ONU through the GPON
line. After recovering the time, the ONU transmits the time to the base station by means of the 1588v2 or time
interface.
This scheme does not require a 1588v2 server on the OLT. Therefore, this scheme is recommended when the
upstream network of the OLT supports 1588v2 hop by hop.

Figure 1 E2E 1588v2

Prerequisite

 The clock daughter board CKUA of the SCU control board must be in position.

 GPON service boards must support 1588v2. For details, see hardware supported by 1588v2.

Data Plan

Item Data

2024-09-17 564
MA5800 Product Documentation

Item Data

1588v2 clock source GE/10 GE ports of OLT: 0/9/0


Clock source selection mode: priority

GPON port 0/3/1

ETH port of the ONU 0/3/1

Configuration Concept

1. On the OLT side, select the clock signal recovered from 1588v2 packets as the system clock source.

2. The system clock is issued to the ONU through the optical path of the PON service board.

3. The ONU uses the 1588v2 clock of the PON upstream port as the system clock.

4. The Tx clock of the GE port on the ONU is synchronized to the system clock of the ONU.

5. The ONU synchronizes the clock and time with the base station in the following three modes:

 The ONU transmits 1588v2 packets to the base station by using the GE port.

 The ONU provides independent time signals to the base station by using the clock output interface.

Procedure

 Configure the OLT-side clock.

1. Configure the global 1588v2 function.


Run the ptp enable command to enable 1588v2 on a device.

huawei(config)#ptp enable

(Optional) Run the ptp domain command to configure a 1588v2 time domain.
Each time domain supports only one clock source. All the devices in the 1588v2 time domain are
synchronized with the clock source. Ensure that the time domain of an MDU is the same as that of the
optical line terminal (OLT).

huawei(config)#ptp domain 1

2. Configure the system clock source and time synchronization (frequency synchronization).

a. Run the clock source command to configure the index of the system clock source.
The clock source can be the synchronous clock recovered from a GE or 10 GE line on the
network side, 1588v2 clock, or BITS clock.
When the network supports synchronous Ethernet clock, the clock is recommended.

huawei(config)#clock source 0 1588

b. Run the clock priority system command to set the priority of the clock source. A device may
trace multiple clock sources for synchronizing the clock. It selects the clock source with the
highest priority as the clock source.

2024-09-17 565
MA5800 Product Documentation

huawei(config)#clock priority system 0

c. Optional: Configure the mode for dynamically selecting the system clock source.
The system supports static and dynamic selection. When dynamic selection is required based on
Synchronization Status Message (SSM), run the clock ql-mode enable command to enable the
SSM selection mode.

3. Configure a 1588v2 time source (time synchronization).

a. Run the ptp source command to configure a 1588v2 time source.

b. Configure the mode of selecting the 1588v2 time source.


A time source can be statically or dynamically selected.

 To statically select a time source based on the local priority, run the ptp priority command
to set the priority of the time source.

 To dynamically select a time source based on the best master clock (BMC), run the ptp bmc
enable command to configure the status of the automatic BMC source selection function.

c. Run the ptp port enable command to enable 1588v2 on an Ethernet port to transmit 1588v2
packets.
Enable 1588v2 on the ports that are required to transmit 1588v2 packets, for example, the
uplink port on an OLT and user-side port on an MDU. You are not required to enable the function
on the GPON port connecting the OLT and MUD.

huawei(config)#ptp source 0 0/9/0


huawei(config)#ptp port 0/9/0 enable

4. (Optional) Configure the attributes of the 1588 V2 clock source.


Configure 1588v2 parameters, such as timestamp mode of the 1588v2 packets, MAC encapsulation
mode, and UDP encapsulation mode. By default, the MAC mode is used as the packet encapsulation
mode, and the L2 multicast mode is used as the packet forwarding mode.
When the default attributes of the 1588v2 clock source do not meet the actual requirement, run the
ptp port command to modify the attributes.

Before modification, ensure that the attributes of the 1588v2 clock source are the same as the actual ones. In this
example, assume that the default attributes of the system clock source meet the application requirements.

5. Query the configuration and status of the 1588v2 clock source and system clock source.

 Run the display ptp source command to query the status of the 1588v2 clock source.

 Run the display clock source command to query the configuration and status of the system clock
source.

 Configure the ONU-side clock (the clock is connected to the base station by using GE port to implement
time synchronization).

2024-09-17 566
MA5800 Product Documentation

This configuration is applicable to time synchronization in the base station where synchronous base station
technologies (TDS-CDMA/CDMA2000/LTE is a representative) are adopted. The base station must provide
ETH ports and support 1588v2 packets.

1. Add a system clock source (frequency synchronization).


The 1588v2 clock is issued to the ONU through the optical path of the PON port, implementing the
clock synchronization between the OLT and the ONU.

a. Run the clock source command to add the 1588v2 clock source as the system clock source.

huawei(config)#clock source 0 0/0/1

b. Run the clock priority command to configure the priority of the 1588v2 clock source.

huawei(config)#clock priority system 0

2. Configure the 1588v2 time source (time synchronization).

a. Run the ptp enable command to enable the 1588v2 function.

huawei(config)#ptp enable

b. Run the ptp source command to add the 1588v2 clock source as the system clock source.

huawei(config)#ptp source 0 0/0/1

c. Run the ptp priority command to configure the priority of the 1588v2 clock source.

huawei(config)#ptp priority 0

3. Run the ptp port enable command to enable the 1588v2 function on the Ethernet port to transmit
1588v2 packets on the specified port.

huawei(config)#ptp port 0/3/1 enable

4. Query the configuration and status of the 1588v2 clock source and system clock source.

 Run the display ptp source command to query the status of the 1588v2 clock source.

 Run the display clock source command to query the configuration and status of the system clock
source.

huawei(config)#display ptp source


---------------------------------------------------------------------
Index Type Source State Priority Selected Lock state
---------------------------------------------------------------------
0 1588 0/0/1 Normal 0 --- successful
1 -- -/ -/ - --- --- --- ---
2 -- -/ -/ - --- --- --- ---
3 -- -/ -/ - --- --- --- ---
4 -- -/ -/ - --- --- --- ---
5 -- -/ -/ - --- --- --- ---
6 -- -/ -/ - --- --- --- ---

2024-09-17 567
MA5800 Product Documentation

7 -- -/ -/ - --- --- --- ---


8 -- -/ -/ - --- --- --- ---
9 -- -/ -/ - --- --- --- ---
---------------------------------------------------------------------
huawei(config)#display clock source
--------------------------------------------------------------------
Index Type Source State Priority QL Selected
--------------------------------------------------------------------
0 line 0/0/1 Normal 0 --- YES
1 -- -/ -/ - --- --- NO ---
2 -- -/ -/ - --- --- NO ---
3 -- -/ -/ - --- --- NO ---
4 -- -/ -/ - --- --- NO ---
5 -- -/ -/ - --- --- NO ---
6 -- -/ -/ - --- --- NO ---
7 -- -/ -/ - --- --- NO ---
8 -- -/ -/ - --- --- NO ---
9 -- -/ -/ - --- --- NO ---
--------------------------------------------------------------------

 Configure the ONU-side clock (the ONU provides the base station with a clock by using the clock
interface on the panel to implement time synchronization).
This configuration is applicable to time synchronization in the base station where synchronous base station
technologies (TDS-CDMA/CDMA2000/LTE is a representative) are adopted. If a base station provides the
ETH port but does not support 1588v2 packets, the ONU outputs 1PPS+ToD time for the base station
synchronization.

1. Add a system clock source (frequency synchronization).


The 1588v2 clock is issued to the ONU through the optical path of the PON port, implementing the
clock synchronization between the OLT and the ONU.

a. Run the clock source command to add the 1588v2 clock source as the system clock source.

huawei(config)#clock source 0 0/0/1

b. Run the clock priority command to configure the priority of the 1588v2 clock source.

huawei(config)#clock priority system 0

2. Configure the 1588v2 time source (time synchronization).

a. Run the ptp enable command to enable the 1588v2 function.

huawei(config)#ptp enable

b. Run the ptp source command to add the 1588v2 clock source as the system clock source.

huawei(config)#ptp source 0 0/0/1

c. Run the ptp priority command to configure the priority of the 1588v2 clock source.

2024-09-17 568
MA5800 Product Documentation

huawei(config)#ptp priority 0

3. Configure the time output mode of the clock output interface.

The ONU provides an independent output clock through time output port 0 on the panel. Configure the
clock output signal to 2 MHz and time signal to 1pps+ubx.

Configure the clock/time output mode according to actual conditions.

huawei(config)#clock bits-type 0 clock 2mhz


BITS clock parameter set successfully
huawei(config)#clock bits-type 0 time 1pps protocol ubx
BITS clock parameter set successfully

Result
After the FTTM service configuration is complete, use the test meter to perform tests on the ETH access port of the
ONU and the upstream GE/10GE port of the OLT. The long-term bit error ratio (BER) and delay should be able to
meet the requirements for actual applications.

1.6.4 Configuring E1 Base Station Access Service (in Native


TDM Mode, GPON)
Configuring E1 Base Station Access Service (in Native TDM Mode, GPON)

ONUs transmit E1 signals of base stations to OLTs in Native TDM mode and OLTs are interconnected with
transmission equipment through E1 ports. In this manner, traditional circuit switching services can be carried over
GPON networks.
Service Requirement and Application Scenario

Configuration Process

Adding ONUs to OLT

This topic describes how to add ONUs to the OLT. ONUs can be configured only after they are added to the OLT
successfully.

Configuring Management Service Ports on OLT and ONUs

This topic describes how to configure management service ports (also called service flows) on the OLT and ONUs. After the
connections between the inband management service ports on the OLT and ONUs are reachable, you can log in to the
ONUs on the OLT and configure the ONUs.

Configuring TDM Connections

This topic describes how to configure Native TDM connections between GPON ports and E1 upstream ports to transmit E1
private line service data.

2024-09-17 569
MA5800 Product Documentation

Configuring Clock Synchronization

In this scenario, the E1 line clock can be used to achieve network-wide clock synchronization.

Configuring Congestion Control and Security Policies

This topic describes how to configure global priority-based scheduling policies for queues to ensure service reliability and
configure global security policies to ensure service security.

Configuring Network Protection

The base station access service has high requirements on reliability. Therefore, network protection solutions must be
configured in the upstream and downstream directions.

Verifying Services

This topic describes how to use the PDH/SDH tester to verify the private line access service.

1.6.4.1 Service Requirement and Application Scenario


Service Requirement and Application Scenario

Service Requirement

As a mainstream full-service access technology in the future, the passive optical network (PON) supports fast
deployment and service provisioning. It also helps simplify the access network and reduce the costs on
construction and subsequent maintenance of the access network. Currently, carriers in China and outside China
are using the PON to carry 2G/3G base station services over their existing FTTx networks that are established for
accessing individual/enterprise users. In this manner, carriers can implement the access of all the services at the
access layer in a unified mode.

 ONUs are connected to 2G or 3G base stations through E1 ports.

 GPON is used for carrying the mobile access network in a unified manner to meet mobile carriers'
requirements for a high bandwidth and high-density coverage of base stations.

 Existing SDH resources are utilized efficiently to implement high-quality transmission of TDM services.

Application Scenario

As shown in Figure 1, the ONU accesses TDM services of the 2G or 3G base station through the E1 port, and then
transmits the service data to the GPON service board on the OLT in the Native TDM mode. The OLT restores TDM
signals, and then transmits the signals to the SDH network through the E1 port (provided by the NH1A daughter
board) or STM-1 port (provided by the O2CE daughter board) on the TOPA board. In this manner, service access of
the 2G or 3G base station is implemented between the ONU and the OLT in the Native TDM mode.

Figure 1 Networking diagram of E1 base station access service

2024-09-17 570
MA5800 Product Documentation

1.6.4.2 Configuration Process


Configuration Process

The following figure shows the configuration process for E1 base station access service.

1.6.4.3 Adding ONUs to OLT


Adding ONUs to OLT

This topic describes how to add ONUs to the OLT. ONUs can be configured only after they are added to the OLT
successfully.

2024-09-17 571
MA5800 Product Documentation

Context
 When adding ONUs, you need to bind related profiles to the ONUs, including the DBA profile, line profile, and
alarm profile.

 An ONU can be added in two modes: offline addition and online confirmation. Select either mode as required.

Data Plan

Table 1 Key data plan

Configuration Data
Item

DBA profile DBA profile for management service: dba-profile_1 (system default)
DBA profile for private line service:
Profile ID: 21
Profile type: Fixed bandwidth and minimum delay
DBA bandwidth: 28928 kbit/s (Each ONU accesses four E1 private lines and each line has a
recommended DBA bandwidth of 7232 kbit/s.)

Line profile Profile ID: 11


T-CONT ID: 1 (for private line service) and 2 (for management service)
GEM port ID for management service: 11
GEM port ID for DDN private line service: 13

Networking data PON port: 0/3/1


ONU parameters:
ONU ID: 1
SN: 3230313163902641

Procedure

1. Configure GPON ONU profiles.

a. Configure a DBA profile. Enable the bandwidth compensation function and set the DBA bandwidth
allocation mode for the GPON port to minimum bandwidth delay.

huawei(config)#dba-profile add profile-id 21 type1 fix 28928 bandwidth_compensate yes


huawei(config)#interface gpon 0/3
huawei(config-if-gpon-0/3)#port dba bandwidth-assignment-mode 1 min-loop-delay
huawei(config-if-gpon-0/3)#quit

b. Configure an ONU line profile.

huawei(config)#ont-lineprofile gpon profile-id 11


huawei(config-gpon-lineprofile-11)#tcont 1 dba-profile-id 21 //Bind T-CONT 1 to DBA profile 21
huawei(config-gpon-lineprofile-11)#tcont 2 dba-profile-id 1 //Bind T-CONT 2 to DBA profile 1
huawei(config-gpon-lineprofile-11)#gem add 11 eth tcont 2

2024-09-17 572
MA5800 Product Documentation

huawei(config-gpon-lineprofile-11)#gem add 13 tdm tcont 1 //Add GEM port 13 to T-CONT 1.


huawei(config-gpon-lineprofile-11)#gem mapping 11 0 vlan 8
huawei(config-gpon-lineprofile-11)#gem mapping 13 1 e1 1 //Map GEM port 13 to E1 port 1 on the ONU.
huawei(config-gpon-lineprofile-11)#commit
huawei(config-gpon-lineprofile-11)#quit

c. (Optional) Configure an alarm profile.

 The default GPON alarm profile ID is 1. The value of each alarm threshold is 0 which indicates
that alarms are not reported.

 In this example, the default alarm profile is used and no configuration is required.

2. Add ONUs to the OLT.

a. Add ONU 3 in offline mode.

huawei(config)#interface gpon 0/3


huawei(config-if-gpon-0/3)#ont add 1 ontid 1 sn-auth 3230313163902641

snmp ont-lineprofile-id 11
b. (Optional) Bind an alarm profile.
By default, an ONU will be automatically bound to alarm profile 1 (default profile). You need to
manually bind an alarm profile to an ONU only when the default alarm profile does not meet
requirements.
In this example, the default alarm profile is used. Therefore, you do not need to manually bind an
alarm profile.

3. Confirm the ONU status.


After adding an ONU, run the display ont info command to query the current status of the ONU. Ensure that
Control flag is active, Run State is online, and Config state is normal.

The following uses ONU 1 as an example to describe how to confirm ONU status.

huawei(config-if-gpon-0/3)#display ont info 1 1


---------------------------------------------------------------------
F/S/P : 0/3/1
ONT-ID :1
Control flag : active //Indicates that the ONU is activated.
Run state : online //Indicates that the ONU is online.
Config state : normal //Indicates that the ONU is in normal state.
...//Other command output is omitted.
huawei(config-if-gpon-0/3)#quit

Follow-up Procedure

When Config state is failed, Run state is offline, or Match state is mismatch:

 If Control flag is deactivated, run the ont activate command in GPON mode to activate the ONT.

2024-09-17 573
MA5800 Product Documentation

 If Run state is offline, a physical line may be broken or the optical module may be damaged. Check the line
and the optical module.

 If Config state is failed, the configured ONT capability exceeds the actual ONT capability. In this case, run the
display ont failed-configuration command in the diagnose mode to check the failed configuration item and
the failure cause. Then, rectify the fault accordingly.

1.6.4.4 Configuring Management Service Ports on OLT and


ONUs
Configuring Management Service Ports on OLT and ONUs

This topic describes how to configure management service ports (also called service flows) on the OLT and ONUs.
After the connections between the inband management service ports on the OLT and ONUs are reachable, you can
log in to the ONUs on the OLT and configure the ONUs.

Data Plan

Configuration Item Data

Management VLAN and management IP address for OLT Management VLAN ID: 8
Management VLAN type: smart
Inband management IP address: 192.168.50.1/24

Management VLAN and management IP address for ONU Management VLAN ID: 8
Management VLAN type: smart
Inband management IP address for ONU 3: 192.168.50.2/24

Procedure

1. Configure the inband management VLAN and IP address of the OLT.


Set the inband management VLAN to 8, VLAN priority to 6, and IP address to 192.168.50.1/24.

huawei(config)#vlan 8 smart
huawei(config)#port vlan 8 0/9 0
huawei(config)#vlan priority 8 6
huawei(config)#interface vlanif 8
huawei(config-if-vlanif8)#ip address 192.168.50.1 24
huawei(config-if-vlanif8)#quit

2. Configure the inband management VLAN and IP address of the ONU.

huawei(config)#interface gpon 0/3


huawei(config-if-gpon-0/3)#ont ipconfig 1 1 static ip-address 192.168.50.2 mask 255.255.255.0 gateway

192.168.50.1 vlan 8

huawei(config-if-gpon-0/3)#quit

3. Configure an inband management service port.

2024-09-17 574
MA5800 Product Documentation

Set the management VLAN to 8, GEM port ID to 11, and user VLAN to 8. The OLT does not rate limit the
inband management service port. Therefore, directly use the default traffic profile 6.

huawei(config)#service-port vlan 8 gpon 0/3/1 ont 1 gemport 11 multi-service

user-vlan 8 rx-cttr 6 tx-cttr 6


4. Confirm that the connections between the management service ports on the OLT and ONU are reachable.

 Run the ping ONU ip command on the OLT to verify the connectivity between the OLT and ONU. If the
OLT receives ICMP ECHO-REPLY packets from the ONU, the connection is reachable.

 When the connection is reachable, you can remotely log in to the ONU from the OLT and configure the
ONU.

1.6.4.5 Configuring TDM Connections


Configuring TDM Connections

This topic describes how to configure Native TDM connections between GPON ports and E1 upstream ports to
transmit E1 private line service data.

Prerequisites
Required hardware is available.

Context

The OLT can transmit data to the SDH network through E1 lines. Each E1 line provides 2 Mbit/s bandwidth.

Data Plan

Upstream Transmission Mode Data

Upstream transmission through E1 Port on the EDSH board: 0/5/0

Procedure
 Configure a TDM E1 connection.

huawei(config)#tdm-connect connectid 1 tdm 0/5/0 gpon 0/3/1 ontid 3 gemportIndex 13

1.6.4.6 Configuring Clock Synchronization


Configuring Clock Synchronization

In this scenario, the E1 line clock can be used to achieve network-wide clock synchronization.

Prerequisites
The clock daughter board CKUA must be on the control board.

2024-09-17 575
MA5800 Product Documentation

Context

Configuration roadmap for clock synchronization:

1. The OLT traces the upstream E1 line clock of the EDSH board as the system clock.

2. The system clock is delivered to an ONU through optical paths of the GPON board.

3. The ONU uses the line clock of the GPON upstream port as the system clock.

4. The ONU E1 transmit clock is synchronized with the system clock of the ONU.

Procedure

 Configure a clock on the OLT.

1. Add a system clock source.


Run the clock source command to configure the line clock of E1 port 0/5/0 on the EDSH board as the
system clock source. Set the ID of the clock source to 0.
The clock module selects a reference source for phase lock based on priorities.

huawei(config)#clock source 0 0/5/0

2. Configure a priority for the system clock source.


Run the clock priority command to set the priority of clock source 0 to the highest priority.

huawei(config)#clock priority system 0

3. Query configurations and the status of the system clock source.

Run the display clock source system command to query configurations and status of the clock source.
Ensure that configurations of the system clock source are correct and the status is Normal.

huawei(config)#display clock source system


------------------------------------------------------------------------------
Index Board Source Clk-type State Priority QL Selected
------------------------------------------------------------------------------
0 H901EDSH 0/5/0 E1 Normal 0 --- YES
------------------------------------------------------------------------------

Run the display clock mode command to query the clock working mode. Ensure that the clock
daughter board works in tracing mode.

huawei(config)#display clock mode


Clock manage-mode:Third-mode
Clock subboard work-mode:Tracing

 Configure a clock on the ONU.

1. Configure the GPON line clock as the system clock.


The system clock of the OLT is delivered to the ONU through the GPON port on the OLT, achieving clock
synchronization between the OLT and the ONU.

2024-09-17 576
MA5800 Product Documentation

a. Run the clock source command to configure the clock recovered from the GPON upstream port
as the system clock source of the ONU.

b. Run the clock priority command to configure the priority of the clock source.

huawei(config)#clock source 0 0/0/1


Clock source set succeeded

huawei(config)#clock priority system 0

2. Configure the system clock as the transmit clock for an E1 port.

a. Run the interface tdm command to enter the E1 port configuration mode.

b. Run the tx clock or port portid udt system command to configure the system clock as the
transmit clock of the port.

c. Run the display port state command to query the transmit clock of the E1 port.

huawei(config)#interface tdm 0/1


huawei(config-if-tdm-0/1)#port 0 udt system
huawei(config-if-tdm-0/1)#display port state 0
---------------------------------------
Port :0
State : normal
Mode : UDT
Code : HDB3
Looptype :-
Timeslot :-
Clock : system
CRC4 :-
Signaling :-
ESF :-
Impedance : 120 Ohm
---------------------------------------

3. Query configurations and the status of the system clock source.


Run the display clock source command to query the configurations and status of the system clock
source.

huawei(config-if-tdm-0/1)#quit
huawei(config)#display clock source
---------------------------------------------------------------
Index Config Type Source State Priority Output
---------------------------------------------------------------
0 YES line 0/0/1 Normal 0 YES
1 NO -- -/ -/ - --- --- ---
2 NO -- -/ -/ - --- --- ---

2024-09-17 577
MA5800 Product Documentation

3 NO -- -/ -/ - --- --- ---


4 NO -- -/ -/ - --- --- ---
5 NO -- -/ -/ - --- --- ---
6 NO -- -/ -/ - --- --- ---
7 NO -- -/ -/ - --- --- ---
8 NO -- -/ -/ - --- --- ---
9 NO -- -/ -/ - --- --- ---
---------------------------------------------------------------

1.6.4.7 Configuring Congestion Control and Security Policies


Configuring Congestion Control and Security Policies

This topic describes how to configure global priority-based scheduling policies for queues to ensure service
reliability and configure global security policies to ensure service security.

Context
Congestion control uses queue scheduling technology to map packets sent from the same port into multiple queues
and process packets in each queue based on priority. Congestion control is recommended.

Security policies cover system security, user security, and service security, which ensure normal running of
services.

Enable security features based on service types. For details, see Principle of Security Data Plan .

Procedure

 Configure queue scheduling.


Based on Principle of QoS Data Plan , all packets use strict priorities for queue scheduling and are mapped to
queues based on priorities.

huawei(config)#queue-scheduler strict-priority
huawei(config)#cos-queue-map cos0 0 cos1 1 cos2 2 cos3 3 cos4 4 cos5 5 cos6 6 cos7 7 //System default

 Configure system security.

 Enable deny of service (DoS) anti-attack on both the OLT and ONUs.

1. Run the security anti-dos enable command to globally enable DoS anti-attack.

2. Run the security anti-dos control-packet policy command to configure a protocol packet
processing policy that will be used when a DoS attack occurs.

3. Run the security anti-dos control-packet rate command to configure the threshold for the rate
of sending protocol packets to the CPU.

 Enable IP address anti-attack on both the OLT and ONUs.

2024-09-17 578
MA5800 Product Documentation

Run the security anti-ipattack enable command to enable IP address anti-attack.

 Configure user security.

 Enable MAC address anti-flapping on both the OLT and ONUs.


Run the security anti-macduplicate enable command to enable MAC address anti-flapping.

 Enable MAC address anti-spoofing on both the OLT and ONUs.

1. In global config mode, run the security anti-macspoofing enable command to globally enable
MAC address anti-spoofing.

2. Enable MAC address anti-spoofing at VLAN level in global config mode or service profile mode:

a. In global config mode, run the security anti-macspoofing vlan command to enable MAC
address anti-spoofing.

b. Perform the following operations to enable MAC address anti-spoofing in service profile
mode:

i. In global config mode, run the vlan service-profile command to create a VLAN
service profile.

ii. Run the security anti-macspoofing enable command to enable MAC address anti-
spoofing at VLAN level.

iii. Run the commit command to make the profile configuration take effect.

iv. Run the quit command to quit the VLAN service profile mode.

v. Run the vlan bind service-profile command to bind the created VLAN service
profile to a VLAN.

3. (Optional) Run the security anti-macspoofing max-mac-count command to set the maximum
number of MAC addresses that can be bound to a service flow.

4. (Optional) Run the security anti-macspoofing exclude command to configure the types of
packets for which MAC address anti-spoofing does not take effect, such as Internet Group
Management Protocol (IGMP) packets.

 Enable IP address anti-spoofing on ONUs.

IP address anti-spoofing can be enabled or disabled at three levels: global, VLAN, and service port levels.
This function takes effect only after it is enabled at the three levels. Among the three levels, IP address
anti-spoofing is disabled only at the global level by default.

1. In global config mode, run the security anti-ipspoofing enable command to enable IP address
anti-spoofing at the global level.

2. In VLAN service profile mode, run the security anti-ipspoofing enable command to enable IP
address anti-spoofing at the VLAN level.

3. Run the security anti-ipspoofing service-port serviceport-id enable command to enable IP


address anti-spoofing at the service port level.

2024-09-17 579
MA5800 Product Documentation

1.6.4.8 Configuring Network Protection


Configuring Network Protection

The base station access service has high requirements on reliability. Therefore, network protection solutions must
be configured in the upstream and downstream directions.

Context
 The downstream protection solutions are Type B protection and Type C single-homing protection. The
following uses Type C single-homing protection as an example.

Procedure

 Configure the Type C single homing protection.


Figure 1 shows networking diagram for the Type C single homing protection. Configure two 1:N optical
splitters, one for connecting the working PON ports on the OLT and ONUs, and one for connecting the
protection PON ports on the OLT and ONUs. This protection scheme protects both the backbone fibers and
tributary fibers.
The configurations of services accessed by the ONUs remain the same after the Type C single homing
protection is configured. That is, the service configurations are applied only to the working PON port on the
OLT and working upstream PON ports on the ONUs.

Figure 1 Type C single homing protection

As shown in the preceding figure, Type C single homing protecting is configured for optical fiber links
between the OLT and ONU.

 The ports on the GPON service board are 0/3/1 and 0/3/2.

 The link at port 0/3/1 is the working link.

 The link at port 0/3/2 is the protection link.

 The ONU ID is 1.

 The ONU is authenticated by serial number (SN). The SN of the ONU is 3230313163902641 and the
management mode is SNMP.

 The ID of the line profile bound to the ONU is 10.

huawei(config)#interface gpon 0/3

2024-09-17 580
MA5800 Product Documentation

huawei(config-if-gpon-0/3)#ont add 1 1 sn-auth 3230313163902641 snmp ont-lineprofile-id 10


huawei(config-if-gpon-0/3)#ont add 2 1 protect-side
huawei(config-if-gpon-0/3)#quit
huawei(config)#protect-group protect-target gpon-uni-ont workmode portstate
huawei(protect-group-1)#protect-group member port 0/3/1 ont 1 role work
huawei(protect-group-1)#protect-group member port 0/3/2 ont 1 role protect
huawei(protect-group-1)#protect-group enable
huawei(protect-group-1)#quit

1.6.4.9 Verifying Services


Verifying Services

This topic describes how to use the PDH/SDH tester to verify the private line access service.

Prerequisites
The private line service has been configured.

Networking

Figure 1 Test setup for E1 upstream service

Procedure

1. Set up network environment according to the preceding diagrams for service acceptance tests.

Ensure clock synchronization for the test. It is recommended that the tester use the internal free-run clock, the OLT
trace the clock of the tester, and the ONU trace the clock of the OLT.

2. Use the E1 line tester to send packets for the test.


The test duration must be 12 hours or longer. There should be no alarms on the tester and the bit error rate
must be less than 1E-9.

Follow-up Procedure

When the test on service connectivity fails, you can check for the failure causes by performing loopbacks. The
following loopbacks are supported:

2024-09-17 581
MA5800 Product Documentation

 Remote loopback on the OLT

 Local loopback on the OLT

 Local loopback on the ONU

 Remote loopback on the ONU

Loopback Function Networking Configuration


Mode

Remote Loops back signals to Enable/Disable the remote


loopback on the network side on the loopback for the E1 port.
the OLT OLT. This loopback
huawei(config)#interface
checks whether the top 0/5
service from the OLT to huawei(config-if-top-
the network-side 0/5)#loopback 0 remote
channel is normal. huawei(config-if-top-
0/5)#undo loopback 0

Local Loops back signals to Enable/Disable the local


loopback on the user side on the loopback for the E1 port.
the OLT OLT. This loopback
huawei(config)#interface
checks whether the link top 0/5
between the OLT and huawei(config-if-top-
the E1 port on the ONU 0/5)#loopback 0 local
is normal. huawei(config-if-top-
0/5)#undo loopback 0

Local Loops back signals to huawei(config)#interface


loopback on the network side on the tdm 0/1
the ONU ONU. This loopback huawei(config-if-tdm-
checks whether the link 0/1)#loopback 0 local
between the E1 port on huawei(config-if-tdm-
the ONU and the OLT is 0/1)#undo loopback 0
normal.

Remote Loops back signals to huawei(config)#interface


loopback on the user side on the tdm 0/1
the ONU ONU. This loopback huawei(config-if-tdm-
checks whether the link 0/1)#loopback 0 remote
between the ONU and huawei(config-if-tdm-
user terminal is normal. 0/1)#undo loopback 0

1.6.5 Configuring Ethernet Base Station Access Service (in


QinQ VLAN Mode, GPON)
Configuring Ethernet Base Station Access Service (in QinQ VLAN Mode, GPON)

ONUs are connected to IP base stations through FE/GE Ethernet ports and OLTs are interconnected with MAN
equipment in QinQ VLAN mode to achieve access of base station services. Alternatively, OLTs are interconnected
with MAN equipment in common VLAN or stacking VLAN mode to achieve access of base station services. You can
plan the access mode according to your requirements. The QinQ VLAN mode is described as an example.
Service Requirements and Application Scenarios

Configuration Process

2024-09-17 582
MA5800 Product Documentation

Adding ONUs to OLT

This topic describes how to add ONUs to the OLT. ONUs can be configured only after they are added to the OLT
successfully.

Configuring Management Service Ports on OLT and ONUs

This topic describes how to configure management service ports (also called service flows) on the OLT and ONUs. After the
connections between the inband management service ports on the OLT and ONUs are reachable, you can log in to the
ONUs on the OLT and configure the ONUs.

Configuring OLT QinQ VLANs and Service Ports

This topic describes how to configure QinQ VLANs and service ports to enable various packets received from base stations
to be forwarded based on specified policies.

Configuring Ethernet Access Service Ports on ONUs

Add a service port on an ONU and configure an upstream VLAN to make the ONU-to-user service flows available and create
an ONU-to-OLT upstream data channel.

Configuring Clock Synchronization

In this scenario, the synchronous Ethernet clock can be used to achieve network-wide clock synchronization.

Configuring Congestion Control and Security Policies

This topic describes how to configure global priority-based scheduling policies for queues to ensure service reliability and
configure global security policies to ensure service security.

Configuring Network Protection

This topic describes how to configure end-to-end (E2E) protection schemes for the base station access service which has a
high requirement on service reliability.

Verifying Services

The Ethernet base station access service can be verified by checking the connectivity and alarms of the service.

1.6.5.1 Service Requirements and Application Scenarios


Service Requirements and Application Scenarios

Service Requirements

 ONUs are connected to 3G/LTE base stations and GPON is used for carrying the mobile access network in a
unified manner to meet mobile carriers' requirements for a high bandwidth and high-density coverage of base
stations.

2024-09-17 583
MA5800 Product Documentation

 A simple, mature solution is used for service configuration to ensure high service quality as well as high
transmission efficiency.

Application Scenarios

As shown in Figure 1, ONUs receive the ETH service data from 3G base stations through FE/GE ports, encapsulate
the ETH packets into GEM frames, and then send them to the OLT through the GPON upstream ports. The OLT
restores the ETH signals and configures QinQ VLANs for the signals to enable the data of base stations to be
transparently transmitted to the remote PTN over the public network. Then the remote PTN device restores the
ETH signals.

Figure 1 Networking diagram of Ethernet base station access service

1.6.5.2 Configuration Process


Configuration Process

The following figure shows the configuration process for Ethernet base station access service (in QinQ VLAN
mode).

2024-09-17 584
MA5800 Product Documentation

1.6.5.3 Adding ONUs to OLT


Adding ONUs to OLT

This topic describes how to add ONUs to the OLT. ONUs can be configured only after they are added to the OLT
successfully.

Context

 When adding ONUs, you need to bind related profiles to the ONUs, including the DBA profile, line profile,
service profile, and alarm profile.

 An ONU can be added in two modes: offline addition and online confirmation. Select either mode as required.

Data Planning

2024-09-17 585
MA5800 Product Documentation

Table 1 Key data plan

Configuration Item Data

DBA profile Profile ID: 20


Profile type: Type 3
Assured bandwidth: 100 Mbit/s
Maximum bandwidth: 120 Mbit/s

Line profile Profile ID: 10


T-CONT ID: 4
GEM port ID for management service of ONUs: 11
GEM Port ID for synchronization service of base stations: 12
GEM Port ID for OAM service of base stations: 13
GEM Port ID for voice and data services of base stations: 14

VLAN (remark 1) VLAN for management service of ONUs: 8


VLAN for base station access service:
VLAN for synchronization service: 1000
VLAN for OAM service: 1001
VLAN for voice and data services: 1002

Networking data PON port: 0/3/1


ONU parameters:
ONU ID: 1
SN: 3230313163902641

Remark 1: Ethernet base stations have multiple services and different services require different VLANs. The
preceding table uses the synchronization service, OAM service, and voice and data services as an example.

Procedure

1. Configure GPON ONU profiles.

a. Configure a DBA profile.

huawei(config)#dba-profile add profile-id 20 type3 assure 102400 max 122880

b. Configure an ONU line profile.

huawei(config)#ont-lineprofile gpon profile-id 10


huawei(config-gpon-lineprofile-10)#tcont 4 dba-profile-id 20 //Bind T-CONT 4 to DBA profile 20.
huawei(config-gpon-lineprofile-10)#gem add 11 eth tcont 0
huawei(config-gpon-lineprofile-10)#gem add 12 eth tcont 4 //Add GEM port 12 to T-CONT 4.
huawei(config-gpon-lineprofile-10)#gem add 13 eth tcont 4 //Add GEM port 13 to T-CONT 4.
huawei(config-gpon-lineprofile-10)#gem add 14 eth tcont 4 //Add GEM port 14 to T-CONT 4.
huawei(config-gpon-lineprofile-10)#gem mapping 11 0 vlan 8
huawei(config-gpon-lineprofile-10)#gem mapping 12 1 vlan 1000 //Map GEM port 12 to CVLAN 1000.
huawei(config-gpon-lineprofile-10)#gem mapping 13 2 vlan 1001 //Map GEM port 13 to CVLAN 1001.
huawei(config-gpon-lineprofile-10)#gem mapping 14 3 vlan 1002 //Map GEM port 14 to CVLAN 1002.

2024-09-17 586
MA5800 Product Documentation

huawei(config-gpon-lineprofile-10)#commit
huawei(config-gpon-lineprofile-10)#quit

c. (Optional) Configure an alarm profile.

 The default GPON alarm profile ID is 1. The value of each alarm threshold is 0 which indicates
that alarms are not reported.

 In this example, the default alarm profile is used and no configuration is required.

2. Add ONUs to the OLT.

a. Add ONU 1 in offline mode.

huawei(config)#interface gpon 0/3


huawei(config-if-gpon-0/3)#ont add 1 1 sn-auth 3230313163902641

snmp ont-lineprofile-id 10
b. (Optional) Bind an alarm profile.
By default, an ONU will be automatically bound to alarm profile 1 (default profile). You need to
manually bind an alarm profile to an ONU only when the default alarm profile does not meet
requirements.
In this example, the default alarm profile is used. Therefore, you do not need to manually bind an
alarm profile.

3. Confirm the ONU status.


After adding an ONU, run the display ont info command to query the current status of the ONU. Ensure that
Control flag is active, Run State is online, and Config state is normal.

The following uses ONU 1 as an example to describe how to confirm ONU status.

huawei(config-if-gpon-0/3)#display ont info 1 1


---------------------------------------------------------------------
F/S/P : 0/3/1
ONT-ID :1
Control flag : active //Indicates that the ONU is activated.
Run state : online //Indicates that the ONU is online.
Config state : normal //Indicates that the ONU is in normal state.
...//Other command output is omitted.
huawei(config-if-gpon-0/3)#quit

Follow-up Procedure

When Config state is failed, Run state is offline, or Match state is mismatch:

 If Control flag is deactivated, run the ont activate command in GPON mode to activate the ONT.

 If Run state is offline, a physical line may be broken or the optical module may be damaged. Check the line
and the optical module.

2024-09-17 587
MA5800 Product Documentation

 If Config state is failed, the configured ONT capability exceeds the actual ONT capability. In this case, run the
display ont failed-configuration command in the diagnose mode to check the failed configuration item and
the failure cause. Then, rectify the fault accordingly.

1.6.5.4 Configuring Management Service Ports on OLT and


ONUs
Configuring Management Service Ports on OLT and ONUs

This topic describes how to configure management service ports (also called service flows) on the OLT and ONUs.
After the connections between the inband management service ports on the OLT and ONUs are reachable, you can
log in to the ONUs on the OLT and configure the ONUs.

Data Plan

Configuration Item Data

Management VLAN and management IP address for OLT Management VLAN ID: 8
Management VLAN type: smart
Inband management IP address: 192.168.50.1/24

Management VLAN and management IP address for ONU Management VLAN ID: 8
Management VLAN type: smart
Inband management IP address for ONU 3: 192.168.50.2/24

Procedure
1. Configure the inband management VLAN and IP address of the OLT.
Set the inband management VLAN to 8, VLAN priority to 6, and IP address to 192.168.50.1/24.

huawei(config)#vlan 8 smart
huawei(config)#port vlan 8 0/9 0
huawei(config)#vlan priority 8 6
huawei(config)#interface vlanif 8
huawei(config-if-vlanif8)#ip address 192.168.50.1 24
huawei(config-if-vlanif8)#quit

2. Configure the inband management VLAN and IP address of the ONU.

huawei(config)#interface gpon 0/3


huawei(config-if-gpon-0/3)#ont ipconfig 1 1 static ip-address 192.168.50.2 mask 255.255.255.0 gateway

192.168.50.1 vlan 8

huawei(config-if-gpon-0/3)#quit

3. Configure an inband management service port.


Set the management VLAN to 8, GEM port ID to 11, and user VLAN to 8. The OLT does not rate limit the
inband management service port. Therefore, directly use the default traffic profile 6.

huawei(config)#service-port vlan 8 gpon 0/3/1 ont 1 gemport 11 multi-service

2024-09-17 588
MA5800 Product Documentation

user-vlan 8 rx-cttr 6 tx-cttr 6


4. Confirm that the connections between the management service ports on the OLT and ONU are reachable.

 Run the ping ONU ip command on the OLT to verify the connectivity between the OLT and ONU. If the
OLT receives ICMP ECHO-REPLY packets from the ONU, the connection is reachable.

 When the connection is reachable, you can remotely log in to the ONU from the OLT and configure the
ONU.

1.6.5.5 Configuring OLT QinQ VLANs and Service Ports


Configuring OLT QinQ VLANs and Service Ports

This topic describes how to configure QinQ VLANs and service ports to enable various packets received from base
stations to be forwarded based on specified policies.

Prerequisites

The MAN equipment (for example, CX600) interconnected with the OLT must support the QinQ VLAN
encapsulation mode and be able to terminate QinQ VLANs.

Context

For details on VLAN planning, see Principle of VLAN Data Plan . VLAN translation policies for the Ethernet base
station access service are shown in Figure 1.

 Synchronization packets (remark 1) of the base station are untagged. A VLAN tag is added to the packets on
the ONU and the OLT transparently transmits the VLAN tag.

 Different management packets of the base station carry different user VLANs (for example, 20, 21, ... in the
following figure). The user VLANs are translated to C-VLAN 1001 on the ONU and then the OLT adds the outer
VLAN 300 to the packets before transmitting them upstream.

 Different voice and data packets of the base station carry different user VLANs (for example, 30, 31, ... in the
following figure). The user VLANs are translated to C-VLAN 1002 on the ONU and then the OLT adds the outer
VLAN 300 to the packets before transmitting them upstream.

In this manner, only two VLANs are required on the MAN for the base station access service, which significantly
reduces the number of VLANs.

Remark 1: In this example, the base station supports the clock over IP mode and is synchronized with the IP clock
server using the NTP protocol.

Figure 1 VLAN translation for Ethernet base station access service

2024-09-17 589
MA5800 Product Documentation

Data Plan

Configuration Item Data

SVLAN VLAN for synchronization service of base stations: 1000


VLAN for voice and data services of base stations: 300

CVLAN (upstream VALN of the ONU) VLAN for base station access service:
VLAN for synchronization service: 1000
VLAN for OAM service: 1001
VLAN for voice and data services: 1002

Traffic profile OAM service and synchronization service of base stations:


ID: 10
CIR: OFF
Priority source: user-cos, default priority: 7
Priority policy: tag-in-package
Voice and data services of base stations:
ID: 11
CIR: 20 Mbit/s
Priority source: user-inner-cos, default priority: 7
Priority policy: tag-in-package

ONT ID 1

PON port PON port: 0/3/1

Procedure

1. Configure QinQ VLANs.


Add two VLANs 1000 and 300 on the OLT, set attributes of the two VLANs to QinQ, and add the upstream
port to the two VLANs.

huawei(config)#vlan 1000 smart


huawei(config)#vlan attrib 1000 q-in-q
huawei(config)#port vlan 1000 0/9 0

2024-09-17 590
MA5800 Product Documentation

huawei(config)#vlan 300 smart


huawei(config)#vlan attrib 300 q-in-q
huawei(config)#port vlan 300 0/9 0

2. Configure traffic profiles.

 Add a traffic profile 10 and do not limit rates. Packets transmitted upstream use the priority (7 by
default) copied from the user VLAN. Packets transmitted downstream use the priority carried by
themselves.

 Add a traffic profile 11 and set the assured rate to 20 Mbit/s. Packets transmitted upstream use the
priority (7 by default) copied from the inner VLAN. Packets transmitted downstream use the priority
carried by themselves.

huawei(config)#traffic table ip index 10 cir off priority user-cos 7 priority-policy tag-in-package


huawei(config)#traffic table ip index 11 cir 20480 priority user-inner-cos 7 priority-policy tag-in-package

3. Configure service ports.


Configure service ports for the synchronization service, OAM service, and voice and data services of base
stations.

huawei(config)#service-port vlan 1000 gpon 0/3/1 ont 1 gemport 12 multi-service user-vlan

1000 tag-transform transparent rx-cttr 10 tx-cttr 10 //Synchronization service port

huawei(config)#service-port vlan 300 gpon 0/3/1 ont 1 gemport 13 multi-service user-vlan

1001 tag-transform default rx-cttr 10 tx-cttr 10 //OAM service port

huawei(config)#service-port vlan 300 gpon 0/3/1 ont 1 gemport 14 multi-service user-vlan

1002 tag-transform default rx-cttr 11 tx-cttr 11 //Voice and data service port

1.6.5.6 Configuring Ethernet Access Service Ports on ONUs


Configuring Ethernet Access Service Ports on ONUs

Add a service port on an ONU and configure an upstream VLAN to make the ONU-to-user service flows available
and create an ONU-to-OLT upstream data channel.

Data Planning

Configuration Item Data

Port Upstream port: 0/0/1


Service port: 0/3/1

SVLAN (upstream VLAN of the ONU) VLAN for base station access service:
VLAN for synchronization service: 1000
VLAN for OAM service: 1001
VLAN for voice and data services: 1002

User VLAN (original VLAN of packets from base stations) Synchronization service of base stations: untagged

2024-09-17 591
MA5800 Product Documentation

Configuration Item Data

VLAN for OAM service of base stations: 20


VLAN for voice and data services of base stations: 30

Traffic profile ID: 10


CIR: OFF
Priority source: user-cos, default priority: 7
Priority policy: tag-in-package

Procedure

1. Create S-VLANs and add an upstream port to the VLANs.


Create VLANs 1000, 1001, and 1002.

huawei(config)#vlan 1000-1002 smart


huawei(config)#port vlan 1000 0/0 1
huawei(config)#port vlan 1001 0/0 1
huawei(config)#port vlan 1002 0/0 1

2. Configure a traffic profile.


Add a traffic profile 10 and do not limit rates. Packets transmitted upstream use the priority (7 by default)
copied from the user VLAN. Packets transmitted downstream use the priority carried by themselves.

huawei(config)#traffic table ip index 10 cir off priority user-cos 7 priority-policy tag-in-package

3. Configure Ethernet access service ports.


Configure service ports for the synchronization service, OAM service, and voice and data services of base
stations. According to Principle of VLAN Data Plan , ONUs translate user VLANs to a specified C-VLAN.

huawei(config)#service-port vlan 1000 eth 0/3/1 multi-service user-vlan

untagged rx-cttr 10 tx-cttr 10 //Syncronization service port

huawei(config)#service-port vlan 1001 eth 0/3/1 multi-service user-vlan

20 rx-cttr 10 tx-cttr 10 //OAM service port

huawei(config)#service-port vlan 1002 eth 0/3/1 multi-service user-vlan

30 rx-cttr 10 tx-cttr 10 //Voice and data service port

Packets from different base stations may carry different user VLANs. Ensure that user VLANs are consistent with the
actual ones during configuration.

1.6.5.7 Configuring Clock Synchronization


Configuring Clock Synchronization

In this scenario, the synchronous Ethernet clock can be used to achieve network-wide clock synchronization.

2024-09-17 592
MA5800 Product Documentation

Prerequisites

 The clock daughter board CKUA of the SCU board must be in position.

 The upstream MAN PSN of the OLT must feature the capability of Ethernet synchronization.

Context

According to actual requirements, Ethernet base stations support synchronous Ethernet (frequency
synchronization) and 1588v2 (time synchronization). This document uses synchronous Ethernet as an example.
For details about how to configure 1588v2 time synchronization, see " Configuring 1588v2 Clock Synchronization
".

Data Plan

Configuration Item Data

Upstream port Port: 0/9/0

ETH port of the ONU 0/3/1

Procedure

 Configure a clock on the OLT.

1. Add a system clock source.


Configure the Ethernet line clock input from GIU port 0/9/0 as the system clock 0. Set the priority to 0
(highest priority).

huawei(config)#clock source 0 0/9/0


huawei(config)#clock priority system 0

2. Query configurations and the status of the system clock source.

Run the display clock source system command to query the configurations and the status of the clock
source. Ensure that configurations of the system clock source are correct and the status is Normal.

huawei(config)#display clock source system


------------------------------------------------------------------------------
Index Board Source Clk-type State Priority QL Selected
------------------------------------------------------------------------------
0 H801GICK 0/9/0 ETH Normal 0 --- YES
------------------------------------------------------------------------------

Run the display clock mode command to query the clock working mode. Ensure that the clock
daughter board works in tracing mode.

huawei(config)#display clock mode


Clock manage-mode:Third-mode

2024-09-17 593
MA5800 Product Documentation

Clock subboard work-mode:Tracing

 Configure a clock on the ONU.


The transmit clock of the port is the system clock by default when base stations are connected to the ONU
through ETH ports. The transmit clock cannot be modified. Therefore, you only need to configure the system
clock for the ONU.

1. Configure the PON line clock as the system clock.

huawei(config)#clock source 0 0/0/1


huawei(config)#clock priority system 0

2. Query the configuration and status of the system clock source.


Run the display clock source command to query the configuration and status of the system clock
source.

huawei(config-if-tdm-0/1)#quit
huawei(config)#display clock source
--------------------------------------------------------------------
Index Type Source State Priority QL Selected
--------------------------------------------------------------------
0 line 0/0/1 Normal 0 --- YES
1 -- -/ -/ - --- --- NO ---
2 -- -/ -/ - --- --- NO ---
3 -- -/ -/ - --- --- NO ---
4 -- -/ -/ - --- --- NO ---
5 -- -/ -/ - --- --- NO ---
6 -- -/ -/ - --- --- NO ---
7 -- -/ -/ - --- --- NO ---
8 -- -/ -/ - --- --- NO ---
9 -- -/ -/ - --- --- NO ---
--------------------------------------------------------------------

1.6.5.8 Configuring Congestion Control and Security Policies


Configuring Congestion Control and Security Policies

This topic describes how to configure global priority-based scheduling policies for queues to ensure service
reliability and configure global security policies to ensure service security.

Context

Congestion control uses queue scheduling technology to map packets sent from the same port into multiple queues
and process packets in each queue based on priority. Congestion control is recommended.

Security policies cover system security, user security, and service security, which ensure normal running of
services.

2024-09-17 594
MA5800 Product Documentation

Enable security features based on service types. For details, see Principle of Security Data Plan .

Procedure

 Configure queue scheduling.


Based on Principle of QoS Data Plan , all packets use strict priorities for queue scheduling and are mapped to
queues based on priorities.

huawei(config)#queue-scheduler strict-priority
huawei(config)#cos-queue-map cos0 0 cos1 1 cos2 2 cos3 3 cos4 4 cos5 5 cos6 6 cos7 7 //System default

 Configure system security.

 Enable deny of service (DoS) anti-attack on both the OLT and ONUs.

1. Run the security anti-dos enable command to globally enable DoS anti-attack.

2. Run the security anti-dos control-packet policy command to configure a protocol packet
processing policy that will be used when a DoS attack occurs.

3. Run the security anti-dos control-packet rate command to configure the threshold for the rate
of sending protocol packets to the CPU.

 Enable IP address anti-attack on both the OLT and ONUs.


Run the security anti-ipattack enable command to enable IP address anti-attack.

 Configure user security.

 Enable MAC address anti-flapping on both the OLT and ONUs.


Run the security anti-macduplicate enable command to enable MAC address anti-flapping.

 Enable MAC address anti-spoofing on both the OLT and ONUs.

1. In global config mode, run the security anti-macspoofing enable command to globally enable
MAC address anti-spoofing.

2. Enable MAC address anti-spoofing at VLAN level in global config mode or service profile mode:

a. In global config mode, run the security anti-macspoofing vlan command to enable MAC
address anti-spoofing.

b. Perform the following operations to enable MAC address anti-spoofing in service profile
mode:

i. In global config mode, run the vlan service-profile command to create a VLAN
service profile.

ii. Run the security anti-macspoofing enable command to enable MAC address anti-
spoofing at VLAN level.

iii. Run the commit command to make the profile configuration take effect.

2024-09-17 595
MA5800 Product Documentation

iv. Run the quit command to quit the VLAN service profile mode.

v. Run the vlan bind service-profile command to bind the created VLAN service
profile to a VLAN.

3. (Optional) Run the security anti-macspoofing max-mac-count command to set the maximum
number of MAC addresses that can be bound to a service flow.

4. (Optional) Run the security anti-macspoofing exclude command to configure the types of
packets for which MAC address anti-spoofing does not take effect, such as Internet Group
Management Protocol (IGMP) packets.

 Enable IP address anti-spoofing on ONUs.

IP address anti-spoofing can be enabled or disabled at three levels: global, VLAN, and service port levels.
This function takes effect only after it is enabled at the three levels. Among the three levels, IP address
anti-spoofing is disabled only at the global level by default.

1. In global config mode, run the security anti-ipspoofing enable command to enable IP address
anti-spoofing at the global level.

2. In VLAN service profile mode, run the security anti-ipspoofing enable command to enable IP
address anti-spoofing at the VLAN level.

3. Run the security anti-ipspoofing service-port serviceport-id enable command to enable IP


address anti-spoofing at the service port level.

1.6.5.9 Configuring Network Protection


Configuring Network Protection

This topic describes how to configure end-to-end (E2E) protection schemes for the base station access service
which has a high requirement on service reliability.

Context

Reliability covers equipment reliability, upstream networking protection, and downstream networking protection.
For details on reliability data planning, see Principle of Reliability Data Plan .

 Upstream networking protection includes link aggregation group and protection group. Usually, link
aggregation group is configured when the NXED board is used to transmit traffic upstream; protection group
is configured when the main control board is used to transmit traffic upstream. The two protection schemes
are not configured at the same time.

 Downstream networking protection includes Type B, Type C single homing, and Type C dual homing, which
are used to protect service ports. Ports on the same ONU can be configured only with the same protection
scheme.

2024-09-17 596
MA5800 Product Documentation

This topic describes how to configure five mainstream protection schemes. Select required protection schemes based on the
carrier's requirement and actual networking scenario.

Procedure

 Configure a link aggregation group.


Bind upstream ports 0/8/0 and 0/8/1 together as an aggregation link group. Each member port in the group
transmits packets based on source MAC addresses. The working mode is LACP static aggregation.

huawei(config)#link-aggregation 0/8 0-1 ingress workmode lacp-static

 Configure a protection group.


Configure upstream ports 0/9/0 and 0/9/1 on the control board as a port protection group. Set port 0/9/0 as
the working port and port 0/9/1 as the protection port, set the working mode to time delay detection, and
enable the protection group.

huawei(config-protect)#protect-group first 0/9/0 second 0/9/1 eth workmode timedelay enable

 Configure the Type B protection.

Figure 1 shows the Type B protection networking diagram.

Figure 1 Type B protection

Configure redundancy backup for ports 0/3/1 and 0/3/2 on the same GPON board on OLT. When port 0/3/1
fails, the system can automatically switch to port 0/3/2.

huawei(config)#protect-group 0 protect-target gpon-uni-port workmode timedelay


huawei(protect-group-0)#protect-group member port 0/3/1 role work
huawei(protect-group-0)#protect-group member port 0/3/2 role protect
huawei(protect-group-0)#protect-group enable

The configurations of services accessed by the ONUs remain the same after the Type B protection is configured. That is,
the service configurations are applied only to the working GPON port.

 Configure the Type C single homing protection.


Figure 2 shows networking diagram for the Type C single homing protection. Configure two 1:N optical
splitters, one for connecting the working PON ports on the OLT and ONUs, and one for connecting the
protection PON ports on the OLT and ONUs. This protection scheme protects both the backbone fibers and
tributary fibers.

2024-09-17 597
MA5800 Product Documentation

The configurations of services accessed by the ONUs remain the same after the Type C single homing
protection is configured. That is, the service configurations are applied only to the working PON port on the
OLT and working upstream PON ports on the ONUs.

Figure 2 Type C single homing protection

As shown in the preceding figure, Type C single homing protecting is configured for optical fiber links
between the OLT and ONU.

 The ports on the GPON service board are 0/3/1 and 0/3/2.

 The link at port 0/3/1 is the working link.

 The link at port 0/3/2 is the protection link.

 The ONU ID is 1.

 The ONU is authenticated by serial number (SN). The SN of the ONU is 3230313163902641 and the
management mode is SNMP.

 The ID of the line profile bound to the ONU is 10.

huawei(config)#interface gpon 0/3


huawei(config-if-gpon-0/3)#ont add 1 1 sn-auth 3230313163902641 snmp ont-lineprofile-id 10
huawei(config-if-gpon-0/3)#ont add 2 1 protect-side
huawei(config-if-gpon-0/3)#quit
huawei(config)#protect-group protect-target gpon-uni-ont workmode portstate
huawei(protect-group-1)#protect-group member port 0/3/1 ont 1 role work
huawei(protect-group-1)#protect-group member port 0/3/2 ont 1 role protect
huawei(protect-group-1)#protect-group enable
huawei(protect-group-1)#quit

 Configure the Type C dual homing protection.


Figure 3 shows the networking diagram for the Type C dual homing protection. Two PON ports on different
OLTs, two PON ports on an ONU, two backbone optical fibers, two optical splitters, and two tributary optical
fibers are configured to implement this protection. The difference between this protection scheme and the
Type C single homing protection scheme is that the ONU needs to be dual homed to two OLTs in this
protection scheme.
The models and versions of main control boards on the active and standby OLTs must be the same. The
models and versions of GPON boards on the active and standby OLTs also must be the same. Data on the

2024-09-17 598
MA5800 Product Documentation

active OLT cannot be automatically synchronized with that on the standby OLT. Therefore, data
synchronization between the active and standby OLTs must be manually ensured.
This protection scheme can be configured for only the Ethernet QinQ private line service. It does not support
TDM services, including Native TDM and SAToP.

Figure 3 Type C dual homing protection

As shown in the preceding figure, Type C dual homing protection is configured for two OLTs (huawei_A and
huawei_B).

 huawei_A is the active OLT while huawei_B is the standby OLT.

 The ports on the service boards on both OTLs are 0/3/1.

 The dual homing protection group ID is 1.

 The ONU ID is 1.

 The ONU is authenticated by serial number (SN). The SN of the ONU is 3230313163902641 and the
management mode is SNMP.

 The ID of the line profile bound to the ONU is 10.

Configurations on the active OLT huawei_A:


huawei_A(config)#interface gpon 0/3
huawei_A(config-if-gpon-0/3)#ont add 1 1 sn-auth 3230313163902641 snmp ont-lineprofile-id 10
huawei_A(config-if-gpon-0/3)#quit
huawei_A(config)#protect-group 1 protect-target gpon-uni-ont workmode dual-parenting
huawei_A(protect-group-1)#protect-group member port 0/3/1 ont 1 role work

Configurations on the standby OLT huawei_B:


huawei_B(config)#interface gpon 0/3
huawei_B(config-if-gpon-0/3)#ont add 1 1 sn-auth 3230313163902641 snmp ont-lineprofile-id 10
huawei_B(config-if-gpon-0/3)#quit
huawei_B(config)#protect-group 1 protect-target gpon-uni-ont workmode dual-parenting
huawei_B(protect-group-1)#protect-group member port 0/3/1 ont 1 role protect
huawei_B(protect-group-1)#protect-group enable

2024-09-17 599
MA5800 Product Documentation

1.6.5.10 Verifying Services


Verifying Services

The Ethernet base station access service can be verified by checking the connectivity and alarms of the service.

Prerequisites
The base station access service has been deployed.

Procedure

1. Check connectivity.

a. Check the connectivity between base stations and the IP clock server.
On base stations, configure management IP addresses and static routes to the IP clock server, and
then perform ping operations. In normal cases, the ICMP ECHO-REPLY message can be received from
the IP clock server.
b. Check the connectivity between base stations and the OAM server.
On base stations, configure IP addresses of management channels and static routes to the OAM
server, and then perform ping operations. In normal cases, the ICMP ECHO-REPLY message can be
received from the OAM server.
c. Check the connectivity between base stations and the RNC.
On base stations, configure service port IP addresses and static routes to the RNC, and then perform
ping operations. In normal cases, the ICMP ECHO-REPLY message can be received from the RNC.

2. Check alarms.
Check logs on base stations. Verify that no alarms are generated within 24 hours.

1.6.6 Configuring the Access Service of Ethernet Base Stations


(Layer 3 GRE Mode, GPON)
Configuring the Access Service of Ethernet Base Stations (Layer 3 GRE Mode, GPON)

ONUs are connected to IP base stations through GE/XGE Ethernet ports and OLTs are interconnected with
metropolitan area network (MAN) equipment in generic routing encapsulation (GRE) mode to achieve access of
base station services.
Service Requirements and Application Scenarios

Configuration Procedure

Adding an ONU to an OLT

An ONU can be configured only after it is successfully added to an OLT.

Configuring the VLAN and Service Flow

2024-09-17 600
MA5800 Product Documentation

This topic describes how to configure the VLAN and service flow on the OLT so that the various packets from base stations
can be forwarded according to the specified forwarding policies.

Configuring OSPF

The OLT uses different upstream VLANs and VLAN interfaces to create Open Shortest Path First (OSPF) processes with
remote SA1 and SA2.

Configuring GRE Tunnels

Packets between OLTs and routers are transmitted through generic routing encapsulation (GRE) tunnels.

Configuring Network Protection

The access service of base stations has high requirements on reliability. Therefore, end-to-end (E2E) protection is
required.

Verifying Services

Verifying the access service of Ethernet base stations can be performed by continuity check (CC) and alarm check.

1.6.6.1 Service Requirements and Application Scenarios


Service Requirements and Application Scenarios

Service Requirements

 ONUs are connected to 3G base stations and GPON is used for bearing the mobile access network in a unified
manner, meeting mobile carriers' requirements for high bandwidth and high-density coverage of base
stations.

 A simple and mature service configuration scheme is used, which ensures service quality and high
transmission efficiency.

Application Scenarios

As shown in Figure 1, an ONU receives Ethernet service packets from a base station through a GE/XGE port,
encapsulates these packets into GPON encapsulation mode (GEM) frames, and then sends these frames to the OLT
through a GPON upstream port. The OLT restores the Ethernet signals and implements generic routing
encapsulation (GRE) for these signals. Then, the encapsulated packets are transmitted to a remote router through
GRE tunnels and the router restores Ethernet signals again.

Figure 1 Network diagram for implementing access service of an Ethernet base station

2024-09-17 601
MA5800 Product Documentation

1.6.6.2 Configuration Procedure


Configuration Procedure

The following figure shows the configuration procedure about service access of an Ethernet base station in the
generic routing encapsulation (GRE) tunnel mode.

1.6.6.3 Adding an ONU to an OLT


Adding an ONU to an OLT

An ONU can be configured only after it is successfully added to an OLT.

2024-09-17 602
MA5800 Product Documentation

Context
 When adding ONUs, you need to bind related profiles to the ONUs, including the DBA profile, line profile,
service profile, and alarm profile.

 An ONU can be added in two modes: offline addition and online confirmation. Select either mode as required.

Data Planning

Table 1 Key data planning table

Configuration Item Data

DBA profile Profile ID: 20


Profile type: type 5
Fixed bandwidth: 1024 kbit/s
Assured bandwidth: 100 Mbit/s
Maximum bandwidth: 2 Gbit/s

ONU line profile Profile ID: 10


T-CONT ID: 4
GEM port ID: 11. One GEM port bears all services.

ONU service profile Profile ID: 20


Profile name: base-profile
Ethernet port capability set of the service profile: adaptive
Native VLAN: Ignored

Networking data PON port: 0/3/1


ONU parameter:
ONU ID: 1
SN: 3230313163902641

Procedure

1. Configure GPON ONU profiles.

a. Configure a DBA profile.

huawei(config)#dba-profile add profile-id 20 type5 fix 1024 assure 102400 max 2048000

b. Configure an ONU line profile.

huawei(config)#ont-lineprofile gpon profile-id 10


huawei(config-gpon-lineprofile-10)#tcont 4 dba-profile-id 20 //Bind T-CONT 4 to DBA profile 20.
huawei(config-gpon-lineprofile-10)#gem add 11 eth tcont 0
huawei(config-gpon-lineprofile-10)#mapping-mode priority
huawei(config-gpon-lineprofile-10)#gem mapping 11 0 priority 0
huawei(config-gpon-lineprofile-10)#gem mapping 11 1 priority 1
huawei(config-gpon-lineprofile-10)#gem mapping 11 2 priority 2
huawei(config-gpon-lineprofile-10)#commit

2024-09-17 603
MA5800 Product Documentation

huawei(config-gpon-lineprofile-10)#quit

c. Configure an ONU service profile.

huawei(config)#ont-srvprofile gpon profile-id 20 profile-name base-profile


huawei(config-gpon-srvprofile-20)#ont-port eth adaptive
huawei(config-gpon-srvprofile-20)#native-vlan unconcern
huawei(config-gpon-srvprofile-20)#commit
huawei(config-gpon-srvprofile-20)#quit

2. Add an ONU to an OLT.

a. Add ONU 1 to an OLT in the offline mode.

huawei(config)#interface gpon 0/3


huawei(config-if-gpon-0/3)#ont add 1 1 sn-auth 3230313163902641 snmp ont-lineprofile-id 10

b. (Optional) Bind an alarm profile.


By default, an ONU will be automatically bound to alarm profile 1 (default profile). You need to
manually bind an alarm profile to an ONU only when the default alarm profile does not meet
requirements.
In this example, the default alarm profile is used. Therefore, you do not need to manually bind an
alarm profile.

3. Confirm the ONU status.


After adding an ONU, run the display ont info command to query the current status of the ONU. Ensure that
Control flag is active, Run State is online, and Config state is normal.

The following uses ONU 1 as an example to describe how to confirm ONU status.

huawei(config-if-gpon-0/3)#display ont info 1 1


---------------------------------------------------------------------
F/S/P : 0/3/1
ONT-ID :1
Control flag : active //Indicates that the ONU is activated.
Run state : online //Indicates that the ONU is online.
Config state : normal //Indicates that the ONU is in normal state.
...//Other command output is omitted.
huawei(config-if-gpon-0/3)#quit

Follow-up Procedure

When Config state is failed, Run state is offline, or Match state is mismatch:

 If Control flag is deactivated, run the ont activate command in GPON mode to activate the ONT.

 If Run state is offline, a physical line may be broken or the optical module may be damaged. Check the line
and the optical module.

2024-09-17 604
MA5800 Product Documentation

 If Config state is failed, the configured ONT capability exceeds the actual ONT capability. In this case, run the
display ont failed-configuration command in the diagnose mode to check the failed configuration item and
the failure cause. Then, rectify the fault accordingly.

1.6.6.4 Configuring the VLAN and Service Flow


Configuring the VLAN and Service Flow

This topic describes how to configure the VLAN and service flow on the OLT so that the various packets from base
stations can be forwarded according to the specified forwarding policies.

Data Plan

Configuration Item Data

Upstream VLAN VLAN 10 and VLAN 20

CVLAN (upstream VLAN on the ONU) VLANs of the access services in base stations:
VLAN of the data service in the 3G base station: 301
VLAN of the voice service in the 3G base station: 1201

SVLAN Be the same as the CVLAN.

Traffic profile In the upstream direction:


ID: 10
Name: GreInboundTable
CIR: off
Source of the priority: user-cos; default priority: 0
Enqueuing priority scheduling policy: tag-in-package
In the downstream direction:
ID: 11
Name: GreOutBoundTable
CIR: off
Source of the priority: user-tos; default priority: 0
Enqueuing priority scheduling policy: tag-in-package

VLAN interface Bound VPN instance:


VLAN interface 301: vpn1
VLAN interface 1201: vpn7
Configured IP address:
For VLAN interface 301, IP address: 10.3.1.4; subnet mask: 255.255.255.248
For VLAN interface 1201, IP address: 10.12.1.4; subnet mask: 255.255.255.248

Procedure

1. Configure the smart VLAN.

2024-09-17 605
MA5800 Product Documentation

Add VLANs 10 and 20 on the OLT and then respectively add upstream ports to the VLANs.

huawei(config)#vlan 10 smart
huawei(config)#port vlan 10 0/9 0
huawei(config)#vlan 20 smart
huawei(config)#port vlan 20 0/10 0

2. Configure the traffic profile. In the upstream direction, use the policy of copying the CoS priority. In the
downstream direction, use the policy of copying the ToS priority.

huawei(config)#traffic table ip index 10 name GreInboundTable cir off priority user-cos 0 priority-policy tag-in-
package
huawei(config)#traffic table ip index 11 name GreOutBoundTable cir off priority user-tos 0 priority-policy tag-in-
package

3. Configure the service flow.


Respectively configure service flows for the data and voice services in 3G basic stations.

huawei(config)#ont-srvprofile gpon profile-id 20


huawei(config-gpon-srvprofile-20)#port vlan eth 1 translation 301 user-vlan 301
huawei(config-gpon-srvprofile-20)#port vlan eth 1 translation 1201 user-vlan 1201
huawei(config-gpon-srvprofile-20)#commit
huawei(config-gpon-srvprofile-20)#quit
huawei(config)#service-port 301 vlan 301 gpon 0/3/1 ont ontid gemport gemid multi-service user-vlan 301 tag-
transform translate inbound traffic-table index 10 outbound traffic-table index 11
huawei(config)#service-port 1201 vlan 1201 gpon 0/3/1 ont ontid gemport gemid multi-service user-vlan 1201 tag-
transform translate inbound traffic-table index 10 outbound traffic-table index 11

4. Create a VLAN interface, bind this interface to a VPN instance, and set an IP address for the VLAN interface.

huawei(config)#interface Vlanif 301


huawei(config-if-vlanif301)#ip binding vpn-instance vpn1
huawei(config-if-vlanif301)#ip address 10.3.1.4 255.255.255.248
huawei(config-if-vlanif301)#quit
huawei(config)#interface Vlanif 1201
huawei(config-if-vlanif1201)#ip binding vpn-instance vpn7
huawei(config-if-vlanif1201)#ip address 10.12.1.4 255.255.255.248
huawei(config-if-vlanif1201)#quit

1.6.6.5 Configuring OSPF


Configuring OSPF

The OLT uses different upstream VLANs and VLAN interfaces to create Open Shortest Path First (OSPF) processes
with remote SA1 and SA2.

Prerequisites
Both the OLT and adjacent router use the OSPF protocol.

2024-09-17 606
MA5800 Product Documentation

Data Planning

Configuration Data
Item

Loopback interface Loopback 31 interface: used to transmit management packets and generic routing encapsulation
(GRE) packets
IP address: 10.128.31.1 255.255.255.255

VLANIF 10 MTU: 2000


IP address: 192.168.1.1/24
Description: ospf_to_SA1
Authentication mode: HMAC-MD5; ciphertext: authentication10
Overhead needed for OSPF running: 2000
Fill in the MTU value during the transmission of DD packets.
Interval for retransmitting LSAs between adjacent devices: 2s
Bidirectional forwarding detection (BFD): enabled; minimum Rx and Tx interval: 100 ms; local
detection multiplier: 4

VLANIF 20 MTU: 2000


IP address: 192.168.2.1/24
Description: ospf_to_SA2
Authentication mode: HMAC-MD5; ciphertext: authentication20
Overhead needed for OSPF running: 2001
Fill in the MTU value during the transmission of DD packets.
Interval for retransmitting LSAs between adjacent devices: 2s
BFD: enabled; minimum Rx and Tx interval: 100 ms; local detection multiplier: 4

Procedure

1. Configure an IP address for the loopback 31 interface.

huawei(config)#interface loopback 31
huawei(config-if-loopback31)#ip address 10.128.31.1 255.255.255.255
huawei(config-if-loopback31)#quit

2. Configure VLAN interface 10.

huawei(config)#interface vlanif 10
huawei(config-if-vlanif10)#mtu 2000
huawei(config-if-vlanif10)#ip address 192.168.1.1 24
huawei(config-if-vlanif10)#description ospf_to_SA1
huawei(config-if-vlanif10)#ospf authentication-mode hmac-md5 1 cipher authentication10
huawei(config-if-vlanif10)#ospf cost 2000
huawei(config-if-vlanif10)#ospf mtu-enable
huawei(config-if-vlanif10)#ospf timer retransmit 2
huawei(config-if-vlanif10)#ospf bfd enable

2024-09-17 607
MA5800 Product Documentation

huawei(config-if-vlanif10)#ospf bfd min-tx-interval 100 min-rx-interval 100 detect-multiplier 4


huawei(config-if-vlanif10)#quit

3. Configure VLAN interface 20.

huawei(config)#interface vlanif 20
huawei(config-if-vlanif20)#mtu 2000
huawei(config-if-vlanif20)#description ospf_to_SA2
huawei(config-if-vlanif20)#ip address 192.168.2.1 24
huawei(config-if-vlanif20)#ospf authentication-mode hmac-md5 1 cipher authentication20
huawei(config-if-vlanif20)#ospf cost 2001
huawei(config-if-vlanif20)#ospf mtu-enable
huawei(config-if-vlanif20)#ospf timer retransmit 2
huawei(config-if-vlanif20)#ospf bfd enable
huawei(config-if-vlanif20)#ospf bfd min-tx-interval 100 min-rx-interval 100 detect-multiplier 4
huawei(config-if-vlanif20)#quit

1.6.6.6 Configuring GRE Tunnels


Configuring GRE Tunnels

Packets between OLTs and routers are transmitted through generic routing encapsulation (GRE) tunnels.

Prerequisites
The MAN equipment that interconnects with an OLT must support and terminate GRE encapsulation.

Data Plan

Configuration Item Data

GRE tunnel Index of the priority profile: 10


Name of the priority profile: GreProfile
Ingress of the GRE tunnel: mapping from dscp-outer to cos-inner
Egress of the GRE tunnel: The priority policy for packets to join a queue is dscp-inner.
Index of the referenced mapping profile: 0

Tunnel interface Tunnel 1 interface


Network address: 10.158.1.1/24
Source address: 10.128.31.1/32
Destination address: 10.0.0.10/32
Bound VPN: VPN 1
Tunnel encapsulation mode: GRE
Keepalive function of the GRE tunnel: enable
Period of sending Keepalive packets from the local end of the GRE tunnel: 12s
Retry times: 4

2024-09-17 608
MA5800 Product Documentation

Configuration Item Data

Tunnel 7 interface
Network address: 10.158.7.1/24
Source address: 10.128.31.1/32
Destination address: 10.0.0.10/32
Bound VPN: VPN 7
Tunnel encapsulation mode: GRE
Keepalive function of the GRE tunnel: enable
Period of sending Keepalive packets from the local end of the GRE tunnel: 12s
Retry times: 4

Procedure
1. Create VPN instances.

huawei(config)#ip vpn-instance vpn1


huawei(config-vpn-instance-vpn1)#ipv4-family
huawei(config-vpn-instance-vpn1-af-ipv4)#quit
huawei(config-vpn-instance-vpn1)#quit
huawei(config)#ip vpn-instance vpn7
huawei(config-vpn-instance-vpn7)#ipv4-family
huawei(config-vpn-instance-vpn7-af-ipv4)#quit
huawei(config-vpn-instance-vpn7)#quit

2. Configure GRE tunnels. Bind VPN instances.

huawei(config)#ip tunnel priority-profile gre index 10 name GreProfile inbound dscp-outer cos-inner mapping-
profile 0 outbound priority-policy qcos dscp-inner mapping-profile 0
huawei(config)#interface Tunnel 1
huawei(config-if-tunnel1)#ip binding vpn-instance vpn1
huawei(config-if-tunnel1)#ip address 10.158.1.1 255.255.255.0//Tunnel 1 network address
huawei(config-if-tunnel1)#tunnel-protocol gre
huawei(config-if-tunnel1)#keepalive period 12 retry-times 4
huawei(config-if-tunnel1)#source 10.128.31.1 255.255.255.255//Tunnel 1 source address
huawei(config-if-tunnel1)#destination 10.0.0.10 255.255.255.255//Tunnel 1 destination address
huawei(config-if-tunnel1)#tunnel pathmtu enable
huawei(config-if-tunnel1)#priority-profile binding index 10
huawei(config-if-tunnel1)#gre statistics
huawei(config)#quit
huawei(config)#interface Tunnel 7
huawei(config-if-tunnel7)#ip binding vpn-instance vpn7
huawei(config-if-tunnel7)#ip address 10.158.7.1 255.255.255.0//Tunnel 7 network address
huawei(config-if-tunnel7)#tunnel-protocol gre
huawei(config-if-tunnel7)#keepalive period 12 retry-times 4

2024-09-17 609
MA5800 Product Documentation

huawei(config-if-tunnel7)#source 10.128.31.1 255.255.255.255//Tunnel 7 source address


huawei(config-if-tunnel7)#destination 10.0.0.10 255.255.255.255//Tunnel 7 destination address
huawei(config-if-tunnel7)#tunnel pathmtu enable
huawei(config-if-tunnel7)#priority-profile binding index 10
huawei(config-if-tunnel7)#gre statistics
huawei(config-if-tunnel7)#quit

3. Configure static routes on the OLT. Set GRE tunnel 1 to be the default next-hop of VPN 1, and GRE tunnel 7 to
be the default next-hop of VPN 7.

huawei(config)#ip route-static vpn-instance vpn1 0.0.0.0 0.0.0.0 Tunnel 1


huawei(config)#ip route-static vpn-instance vpn7 0.0.0.0 0.0.0.0 Tunnel 7

1.6.6.7 Configuring Network Protection


Configuring Network Protection

The access service of base stations has high requirements on reliability. Therefore, end-to-end (E2E) protection is
required.

Context

 Upstream networks use the bidirectional forwarding detection (BFD) for Open Shortest Path First (OSPF)
protection. Configuring BFD for OSPF helps the system to rapidly detect link status and speed up OSPF
convergence when the link status changes.

 Downstream networks use type B single-homing protection, which is intended for service ports.

Procedure

 Configure BFD for OSPF.

huawei(config)#ospf 1 router-id 10.1.1.1


huawei(config-ospf-1)#bfd all-interfaces enable
huawei(config-ospf-1)#bfd all-interfaces min-tx-interval 100 min-rx-interval 100 detect-multiplier 4
huawei(config-ospf-1)#maximum load-balancing 8
huawei(config-ospf-1)#area 0
huawei(config-ospf-1-area-0.0.0.0)#network 10.1.1.1 0.0.0.0
huawei(config-ospf-1-area-0.0.0.0)#network 192.168.1.1 0.0.0.255
huawei(config-ospf-1-area-0.0.0.0)#network 192.168.2.1 0.0.0.255

 Configure type B single-homing protection.

Figure 1 shows the network that supports type B single-homing protection.

Figure 1 Network that supports type B single-homing protection

2024-09-17 610
MA5800 Product Documentation

Add ports 0/2/1 and 0/3/1 on different GPON service boards on the OLT to a GPON type B single-homing
protection group. If port 0/2/1 is faulty, the system switches to port 0/3/1 to access services.

huawei(config)#protect-group 0 protect-target gpon-uni-port workmode timedelay


huawei(protect-group-0)#protect-group member port 0/2/1 role work
huawei(protect-group-0)#protect-group member port 0/3/1 role protect
huawei(protect-group-0)#protect-group enable

Service configurations on the ONU remain unchanged before and after type B single-homing protection is configured.
That is, service configurations are applied to the active GPON port only.

1.6.6.8 Verifying Services


Verifying Services

Verifying the access service of Ethernet base stations can be performed by continuity check (CC) and alarm check.

Prerequisites
The access service of Ethernet base stations is deployed.

Procedure

1. Check CC from the base station to RNC. Configure the IP address of the service channel and the static route
to the RNC on the base station, and then perform the ping operation. Normally, ICMP ECHO-REPLY response
from the RNC can be received.

2. Check alarms. Check logs of the base station. Normal running requires no alarms during at least 24 hours.

1.6.7 Configuring the Access Service of Ethernet Base Stations


(Layer 2 Non-GRE Mode, GPON)
Configuring the Access Service of Ethernet Base Stations (Layer 2 Non-GRE Mode, GPON)

ONUs are connected to IP base stations through GE/XGE Ethernet ports and OLTs are interconnected with
metropolitan area network (MAN) equipment in Common VLAN mode to achieve access of base station services.
Service Requirements and Application Scenarios

Configuration Procedure

2024-09-17 611
MA5800 Product Documentation

Adding an ONU to an OLT

An ONU can be configured only after it is successfully added to an OLT.

Configuring the VLAN and Service Flow

This topic describes how to configure the VLAN and service flow on the OLT so that the various packets from base stations
can be forwarded according to the specified forwarding policies.

Configuring Network Protection

The access service of base stations has high requirements on reliability. Therefore, end-to-end (E2E) protection is
required.

Verifying Services

Verifying the access service of Ethernet base stations can be performed by continuity check (CC) and alarm check.

1.6.7.1 Service Requirements and Application Scenarios


Service Requirements and Application Scenarios

Service Requirements

 ONUs are connected to 3G base stations and GPON is used for bearing the mobile access network in a unified
manner, meeting mobile carriers' requirements for high bandwidth and high-density coverage of base
stations.

 A simple and mature service configuration scheme is used, which ensures service quality and high
transmission efficiency.

Application Scenarios

As shown in Figure 1, an ONU receives Ethernet service packets from a base station through a GE/XGE port,
encapsulates these packets into GPON encapsulation mode (GEM) frames, and then sends these frames to the OLT
through a GPON upstream port. The OLT restores the Ethernet signals and configures common VLAN for these
signals. Then, the encapsulated packets are transmitted to a remote router and the router restores Ethernet signals
again.

Figure 1 Network diagram for implementing access service of an Ethernet base station

2024-09-17 612
MA5800 Product Documentation

1.6.7.2 Configuration Procedure


Configuration Procedure

The following figure shows the configuration procedure about service access of an Ethernet base station in the
non-generic routing encapsulation (GRE) tunnel mode.

1.6.7.3 Adding an ONU to an OLT


Adding an ONU to an OLT

An ONU can be configured only after it is successfully added to an OLT.

Context

 When adding ONUs, you need to bind related profiles to the ONUs, including the DBA profile, line profile,
service profile, and alarm profile.

 An ONU can be added in two modes: offline addition and online confirmation. Select either mode as required.

Data Planning

Table 1 Key data planning table

Configuration Item Data

DBA profile Profile ID: 20

2024-09-17 613
MA5800 Product Documentation

Table 1 Key data planning table

Configuration Item Data

Profile type: type 5


Fixed bandwidth: 1024 kbit/s
Assured bandwidth: 100 Mbit/s
Maximum bandwidth: 2 Gbit/s

ONU line profile Profile ID: 10


T-CONT ID: 4
GEM port ID: 11. One GEM port bears all services.

ONU service profile Profile ID: 20


Profile name: base-profile
Ethernet port capability set of the service profile: adaptive
Native VLAN: Ignored

Networking data PON port: 0/3/1


ONU parameter:
ONU ID: 1
SN: 3230313163902641

Procedure

1. Configure GPON ONU profiles.

a. Configure a DBA profile.

huawei(config)#dba-profile add profile-id 20 type5 fix 1024 assure 102400 max 2048000

b. Configure an ONU line profile.

huawei(config)#ont-lineprofile gpon profile-id 10


huawei(config-gpon-lineprofile-10)#tcont 4 dba-profile-id 20 //Bind T-CONT 4 to DBA profile 20.
huawei(config-gpon-lineprofile-10)#gem add 11 eth tcont 0
huawei(config-gpon-lineprofile-10)#mapping-mode priority
huawei(config-gpon-lineprofile-10)#gem mapping 11 0 priority 0
huawei(config-gpon-lineprofile-10)#gem mapping 11 1 priority 1
huawei(config-gpon-lineprofile-10)#gem mapping 11 2 priority 2
huawei(config-gpon-lineprofile-10)#commit
huawei(config-gpon-lineprofile-10)#quit

c. Configure an ONU service profile.

huawei(config)#ont-srvprofile gpon profile-id 20 profile-name base-profile


huawei(config-gpon-srvprofile-20)#ont-port eth adaptive
huawei(config-gpon-srvprofile-20)#native-vlan unconcern
huawei(config-gpon-srvprofile-20)#commit
huawei(config-gpon-srvprofile-20)#quit

2024-09-17 614
MA5800 Product Documentation

2. Add an ONU to an OLT.

a. Add ONU 1 to an OLT in the offline mode.

huawei(config)#interface gpon 0/3


huawei(config-if-gpon-0/3)#ont add 1 1 sn-auth 3230313163902641 snmp ont-lineprofile-id 10

b. (Optional) Bind an alarm profile.


By default, an ONU will be automatically bound to alarm profile 1 (default profile). You need to
manually bind an alarm profile to an ONU only when the default alarm profile does not meet
requirements.
In this example, the default alarm profile is used. Therefore, you do not need to manually bind an
alarm profile.

3. Confirm the ONU status.


After adding an ONU, run the display ont info command to query the current status of the ONU. Ensure that
Control flag is active, Run State is online, and Config state is normal.

The following uses ONU 1 as an example to describe how to confirm ONU status.

huawei(config-if-gpon-0/3)#display ont info 1 1


---------------------------------------------------------------------
F/S/P : 0/3/1
ONT-ID :1
Control flag : active //Indicates that the ONU is activated.
Run state : online //Indicates that the ONU is online.
Config state : normal //Indicates that the ONU is in normal state.
...//Other command output is omitted.
huawei(config-if-gpon-0/3)#quit

Follow-up Procedure

When Config state is failed, Run state is offline, or Match state is mismatch:

 If Control flag is deactivated, run the ont activate command in GPON mode to activate the ONT.

 If Run state is offline, a physical line may be broken or the optical module may be damaged. Check the line
and the optical module.

 If Config state is failed, the configured ONT capability exceeds the actual ONT capability. In this case, run the
display ont failed-configuration command in the diagnose mode to check the failed configuration item and
the failure cause. Then, rectify the fault accordingly.

1.6.7.4 Configuring the VLAN and Service Flow


Configuring the VLAN and Service Flow

This topic describes how to configure the VLAN and service flow on the OLT so that the various packets from base
stations can be forwarded according to the specified forwarding policies.

2024-09-17 615
MA5800 Product Documentation

Data Plan

Configuration Item Data

Upstream VLAN VLAN 10 and VLAN 20

CVLAN (upstream VLAN on the ONU) VLANs of the access services in base stations:
VLAN of the data service in the 3G base station: 301
VLAN of the voice service in the 3G base station: 1201

SVLAN Be the same as the CVLAN.

Traffic profile In the upstream direction:


ID: 10
Name: InboundTable
CIR: off
Source of the priority: user-cos; default priority: 0
Enqueuing priority scheduling policy: tag-in-package
In the downstream direction:
ID: 11
Name: OutBoundTable
CIR: off
Source of the priority: user-tos; default priority: 0
Enqueuing priority scheduling policy: tag-in-package

VLAN interface Configured IP address:


For VLAN interface 301, IP address: 10.3.1.4; subnet mask: 255.255.255.248
For VLAN interface 1201, IP address: 10.12.1.4; subnet mask: 255.255.255.248

Procedure
1. Configure the smart VLAN.
Add VLANs 10 and 20 on the OLT and then respectively add upstream ports to the VLANs.

huawei(config)#vlan 10 smart
huawei(config)#port vlan 10 0/9 0
huawei(config)#vlan 20 smart
huawei(config)#port vlan 20 0/10 0

2. Configure the traffic profile. In the upstream direction, use the policy of copying the CoS priority. In the
downstream direction, use the policy of copying the ToS priority.

huawei(config)#traffic table ip index 10 name InboundTable cir off priority user-cos 0 priority-policy tag-in-package
huawei(config)#traffic table ip index 11 name OutBoundTable cir off priority user-tos 0 priority-policy tag-in-
package

3. Configure the service flow.


Respectively configure service flows for the data and voice services in 3G basic stations.

2024-09-17 616
MA5800 Product Documentation

huawei(config)#ont-srvprofile gpon profile-id 20


huawei(config-gpon-srvprofile-20)#port vlan eth 1 translation 301 user-vlan 301
huawei(config-gpon-srvprofile-20)#port vlan eth 1 translation 1201 user-vlan 1201
huawei(config-gpon-srvprofile-20)#commit
huawei(config-gpon-srvprofile-20)#quit
huawei(config)#service-port 301 vlan 301 gpon 0/3/1 ont ontid gemport gemid multi-service user-vlan 301 tag-
transform translate inbound traffic-table index 10 outbound traffic-table index 11
huawei(config)#service-port 1201 vlan 1201 gpon 0/3/1 ont ontid gemport gemid multi-service user-vlan 1201 tag-
transform translate inbound traffic-table index 10 outbound traffic-table index 11

4. Create a VLAN interface and set an IP address for the VLAN interface.

huawei(config)#interface Vlanif 301


huawei(config-if-vlanif301)#ip address 10.3.1.4 255.255.255.248
huawei(config-if-vlanif301)#quit
huawei(config)#interface Vlanif 1201
huawei(config-if-vlanif1201)#ip address 10.12.1.4 255.255.255.248
huawei(config-if-vlanif1201)#quit

1.6.7.5 Configuring Network Protection


Configuring Network Protection

The access service of base stations has high requirements on reliability. Therefore, end-to-end (E2E) protection is
required.

Context

 Upstream networks use link aggregation group (LAG). Member links in a LAG dynamically back up each other.
When one link disconnects, another link immediately takes over.

 Downstream networks use type B single-homing protection, which is intended for service ports.

Procedure

 Configure a link aggregation group.


Bind upstream ports 0/9/0 and 0/9/1 together as an aggregation link group. Each member port in the group
transmits packets based on source MAC addresses. The working mode is LACP static aggregation.

huawei(config)#link-aggregation 0/9 0-1 ingress workmode lacp-static

 Configure type B single-homing protection.

Figure 1 shows the network that supports type B single-homing protection.

Figure 1 Network that supports type B single-homing protection

2024-09-17 617
MA5800 Product Documentation

Add ports 0/2/1 and 0/3/1 on different GPON service boards on the OLT to a GPON type B single-homing
protection group. If port 0/2/1 is faulty, the system switches to port 0/3/1 to access services.

huawei(config)#protect-group 0 protect-target gpon-uni-port workmode timedelay


huawei(protect-group-0)#protect-group member port 0/2/1 role work
huawei(protect-group-0)#protect-group member port 0/3/1 role protect
huawei(protect-group-0)#protect-group enable

Service configurations on the ONU remain unchanged before and after type B single-homing protection is configured.
That is, service configurations are applied to the active GPON port only.

1.6.7.6 Verifying Services


Verifying Services

Verifying the access service of Ethernet base stations can be performed by continuity check (CC) and alarm check.

Prerequisites
The access service of Ethernet base stations is deployed.

Procedure

1. Check CC from the base station to RNC. Configure the IP address of the service channel and the static route
to the RNC on the base station, and then perform the ping operation. Normally, ICMP ECHO-REPLY response
from the RNC can be received.

2. Check alarms. Check logs of the base station. Normal running requires no alarms during at least 24 hours.

1.6.8 Configuring Symmetrical TDM PWE3 Access for OLTs on


Both Sides (GPON)
Configuring Symmetrical TDM PWE3 Access for OLTs on Both Sides (GPON)

Two OLTs are symmetrically connected to the packet switched network (PSN). Signals of enterprise or base
transceiver station (BTS) private line services are transmitted to an ONU through an E1 port, and then the ONU
sends the signals to the OLT through GPON lines. The OLT, functioning as a superstratum provider edge (SPE), is
connected to its peer OLT through TDM PWE3. This enables the PSN network to carry traditional circuit switched
(CS) services.
Service Requirements and Application Scenario

2024-09-17 618
MA5800 Product Documentation

Configuration Procedure

Adding ONUs to the OLT and Configuring the Management Service Port

Related configurations can be performed for ONUs only after the ONUs are successfully added to the OLT. After the inband
management service port is created and available, you can log in to the ONUs from the OLT to configure the ONUs.

Configuring the TDM Connection and TDM PW

A TDM connection between the OLT and ONU is created and bound to the PW, so that TDM PWE3 services can be
transmitted between two OLTs.

Configuring Clock Synchronization

In this scenario, network-wide clock synchronization is implemented through synchronous Ethernet clocks.

Configuring Congestion Control and Security Policies

This topic describes how to configure global priority-based scheduling policies for queues to ensure service reliability and
configure global security policies to ensure service security.

Configuring Network Protection

This topic describes how to configure end-to-end (E2E) protection schemes for the base station access service which has a
high requirement on service reliability.

Verifying Services

Verifying private line services requires a dedicated E1 line test instrument.

1.6.8.1 Service Requirements and Application Scenario


Service Requirements and Application Scenario

Service Requirements

Enhancing O&M capability: The MxU configurations can be performed on the OLT, which simplifies the
configuration process.
Minimizing network construction costs: Only 1 SPUB board is required for an OLT.
Allowing TDM services to traverse the packet switched network (PSN): TDM services are deployed independently.

Application Scenario

As shown in Figure 1, OLT-A and OLT-B are symmetrically deployed on both sides of the PSN network. Both OLT-A
and OLT-B are connected to ONUs through GPON lines. Enterprise or base transceiver station (BTS) private line
services are transmitted to the ONUs through E1 ports. Proprietary TOE channels between the ONUs and OLTs are
used to encapsulate the packets of TDM services. Symmetrical TDM PWs are created between the 2 OLTs to
provide cross-PSN-network access and backhaul for enterprise or BTS private line services.

2024-09-17 619
MA5800 Product Documentation

Figure 1 Example network of symmetrical GPON TDM PWE3 access

1.6.8.2 Configuration Procedure


Configuration Procedure

The following figure shows the procedure of symmetrically configuring TDM PWE3 access for OLTs on both sides
of the packet switched network (PSN). Because the 2 OLTs are symmetrically deployed, the configuration steps on
the 2 OLT are the same.

1.6.8.3 Adding ONUs to the OLT and Configuring the


Management Service Port
Adding ONUs to the OLT and Configuring the Management Service Port

Related configurations can be performed for ONUs only after the ONUs are successfully added to the OLT. After the
inband management service port is created and available, you can log in to the ONUs from the OLT to configure the
ONUs.

2024-09-17 620
MA5800 Product Documentation

Context
 When an ONU is added, related profiles need to be bound to the ONU, including the dynamic bandwidth
allocation (DBA) profile, line profile, and alarm profile.

 An ONU can be added in two modes: adding an ONU offline and confirming an ONU online. Select either mode
as required.

Data Plan

Table 1 Key data plan

Item Data

DBA profile DBA profile for management services: system default profile 1
DBA profile for private line services:
Profile ID: 21
Profile type: fixed bandwidth and minimum delay mode
DBA bandwidth: 28928 kbit/s (assume that 4 E1 private lines are connected to 1 ONU
and each E1 private line is configured with a bandwidth of 7232 kbit/s)

Line profile Profile ID: 11


T-CONT 1 is used for private line services and T-CONT 2 for management services.
GEM port ID for management services: 11
GEM port ID for private line services: 13

Networking data PON port: 0/3/1


ONU parameters:
ONU ID: 1
SN: 3230313163902641

Management VLAN and On the OLT:


management IP address Management VLAN ID: 8
Management VLAN type: smart VLAN
Inband management IP address: 192.168.50.1/24
On the ONU:
Management VLAN ID: 8
Management VLAN type: smart VLAN
Inband management IP address: 192.168.50.2/24

Procedure

1. Configure GPON ONU profiles.

a. Configure the DBA profile for private line services, enable bandwidth compensation, and set the DBA
bandwidth allocation mode of the GPON port to min-loop-delay.

huawei(config)#dba-profile add profile-id 21 type1 fix 28928 bandwidth_compensate yes


huawei(config)#interface gpon 0/3
huawei(config-if-gpon-0/3)#port dba bandwidth-assignment-mode 1 min-loop-delay

2024-09-17 621
MA5800 Product Documentation

huawei(config-if-gpon-0/3)#quit

b. Configure an ONU line profile.

huawei(config)#ont-lineprofile gpon profile-id 11


huawei(config-gpon-lineprofile-11)#tcont 1 dba-profile-id 21 //Bind DBA profile 21 to T-CONT 1.
huawei(config-gpon-lineprofile-11)#tcont 2 dba-profile-id 1 //Bind DBA profile 1 to T-CONT 2.
huawei(config-gpon-lineprofile-11)#gem add 11 eth tcont 2
huawei(config-gpon-lineprofile-11)#gem add 13 tdm tcont 1 //Add GEM port 13 to T-CONT 1.
huawei(config-gpon-lineprofile-11)#gem mapping 11 0 vlan 8
huawei(config-gpon-lineprofile-11)#gem mapping 13 1 tdm-vcl //Map GEM port 13 to the TDM connection.
huawei(config-gpon-lineprofile-11)#commit
huawei(config-gpon-lineprofile-11)#quit

c. (Optional) Configure the alarm profile.

 The ID of the default GPON alarm profile is 1. The thresholds for all the alarm parameters in the
default alarm profile are 0, which indicates that no alarm is generated.

 In this example, the default alarm profile is used, and therefore the configuration of the alarm
profile is not required.

2. Add an ONU to the OLT.

a. Add ONU 1 offline.

huawei(config)#interface gpon 0/3


huawei(config-if-gpon-0/3)#ont add 1 ontid 1 sn-auth 3230313163902641

snmp ont-lineprofile-id 11
b. (Optional) Bind the alarm profile to ONU 1.
By default, alarm profile 1 is automatically bound to the ONU. You need to manually bind a non-
default alarm profile to the ONU only when the default one does not meet the requirement.
In this example, the default alarm profile 1 is used, and therefore the configuration of the alarm
profile is not required.

3. Check the ONU status.


After the ONU is added, run the display ont info command to query the status of the ONU. Ensure that
Config flag of the ONU is active, Run State is online, and Config state is normal.

To query the status of ONU 1, do as follows:

huawei(config-if-gpon-0/3)#display ont info 1 1


---------------------------------------------------------------------
F/S/P : 0/3/1
ONT-ID :1
Control flag : active //Indicates that the ONU is activated.
Run state : online //Indicates that the ONU goes online normally.
Config state : normal //Indicates that the configuration recovery state of the ONU is normal.
...//The following command output is omitted.

2024-09-17 622
MA5800 Product Documentation

huawei(config-if-gpon-0/3)#quit

4. Configure the inband management VLAN and IP address of the OLT.


Create a VLAN whose ID is 8 as the inband management VLAN of the OLT, set the VLAN priority to 6, and set
the IP address of the VLAN interface to 192.168.50.1/24.

huawei(config)#vlan 8 smart
huawei(config)#vlan priority 8 6
huawei(config)#port vlan 8 0/9 0
huawei(config)#interface vlanif 8
huawei(config-if-vlanif8)#ip address 192.168.50.1 24
huawei(config-if-vlanif8)#quit

5. Configure the inband management VLAN and IP address of the ONU.

huawei(config)#interface gpon 0/3


huawei(config-if-gpon-0/3)#ont ipconfig 1 1 static ip-address 192.168.50.2 mask 255.255.255.0 gateway

192.168.50.1 vlan 8

huawei(config-if-gpon-0/3)#quit

6. Configure an inband management service port.


The management VLAN is VLAN 8, the GEM port ID is 11, and user VLAN is VLAN 8. The OLT does not limit
the rate of inband management services. Therefore, you can directly bind default traffic profile 6 to the
inband management service port.

huawei(config)#service-port vlan 8 gpon 0/3/1 ont 1 gemport 11 multi-service

user-vlan 8 rx-cttr 6 tx-cttr 6


7. Check whether the management service port between the OLT and the ONU is available.

 Run the ping ONU ip command on the OLT to check the connectivity between the OLT and the ONU. If
the ICMP ECHO-REPLY packets from the ONU are received, the connectivity between the OLT and the
ONU is in good condition.

 If you can remotely log in to the ONU from the OLT to perform configurations for the ONU, the
management service port between the OLT and the ONU is available.

Follow-up Procedure

When Config state is failed, Run state is offline, or Match state is mismatch:

 If Control flag is deactivated, run the ont activate command in GPON mode to activate the ONT.

 If Run state is offline, a physical line may be broken or the optical module may be damaged. Check the line
and the optical module.

 If Config state is failed, the configured ONT capability exceeds the actual ONT capability. In this case, run the
display ont failed-configuration command in the diagnose mode to check the failed configuration item and
the failure cause. Then, rectify the fault accordingly.

2024-09-17 623
MA5800 Product Documentation

1.6.8.4 Configuring the TDM Connection and TDM PW


Configuring the TDM Connection and TDM PW

A TDM connection between the OLT and ONU is created and bound to the PW, so that TDM PWE3 services can be
transmitted between two OLTs.

Prerequisites
The SPUB board is in position and functions normally.

Data Plan

When OLTs are symmetrically connected to the packet switched network (PSN), the configuration steps for OLT-A
and OLT-B are the same, and only the configuration data varies with the OLTs. The varied configuration data of
OLT-A and OLT-B will be separately described in this topic.
Table 1 Key data plan

Item Data

VLAN 1000

ONU E1 port Port ID: 0/1/0


Port signaling mode: unstructured data transfer (UDT)
Transmit clock of the port: system clock

IP address OLT-A:
IP address of the VLAN interface: 10.0.0.10/24
IP address of the loopback interface: 10.1.1.1/32
OLT-B:
IP address of the VLAN interface: 10.0.0.20/24
IP address of the loopback interface: 10.2.2.2/32

PW parameters The following parameters must be the same on the 2 OLTs.


PW ID: 1
PW type: TDM SAToP E1
Control word: enabled
PW load time: 125 μs
Size of jitter buffer: 500 μs
RTP header: enabled

Procedure

1. Configure the TDM connection.

a. Configure the TDM virtual channel link (VCL) on the ONU.

2024-09-17 624
MA5800 Product Documentation

On GPON port 0/3/1, create the TDM VCL for E1 port 0/1/0 of ONU 0.

Each E81A board has 8 E1 ports. Port IDs 0 to 7 on board 0/1 correspond to ONT port IDs 1 to 8, port IDs 0 to 7
on board 0/2 correspond to ONT port IDs 9 to 16, and so forth.

huawei(config-if-gpon-0/3)ont tdm-vcl 1 0 tdm-vcl-id 0 satop 1


huawei(config-if-gpon-0/3)quit

b. Configure the TDM connection on the OLT.

huawei(config)tdm-connect connectid 0 tdm pwe3-uplink gpon 0/3/11 ontid 1 gemportIndex 13 tdm-vcl 0

2. Configure the basic functions of multiprotocol label switching (MPLS).

a. Create VLAN 1000, add the upstream port into VLAN 1000, and configure the IP address of VLAN
interface 1000.

huawei(config)#vlan 1000 smart


huawei(config)#port vlan 1000 0/9 0
huawei(config)#interface vlanif 1000
huawei(config-if-vlanif1000)#ip address 10.0.0.10 24

b. Configure the IP address of the loopback interface and MPLS LSR ID.

huawei(config)#interface loopback 0
huawei(config-if-loopback0)#ip address 10.1.1.1 32
huawei(config)#mpls lsr-id 10.1.1.1

c. Enable MPLS, MPLS L2VPN, and MPLS LDP globally, and then enable MPLS and MPLS LDP for the
VLAN interface.

huawei(config)#mpls
Info: Mpls starting, please wait... OK!
huawei(config-mpls)#quit
huawei(config)#mpls l2vpn
huawei(config)#mpls ldp
huawei(config)#mpls vlan 1000
huawei(config)#interface vlanif 1000
huawei(config-if-vlanif1000)#mpls
huawei(config-if-vlanif1000)#mpls ldp

d. Configure a static route to the peer OLT.


Configure a static route from OLT-A to OLT-B.

huawei(config)#ip route-static 10.2.2.2 32 10.0.0.20

Configure a static route from OLT-B to OLT-A.

huawei(config)#ip route-static 10.1.1.1 32 10.0.0.10

2024-09-17 625
MA5800 Product Documentation

After the static routes are configured successfully, ping the VLAN interface or LSR ID of the peer OLT
from one OLT. Normally, the ICMP ECHO-REPLY packets from the peer OLT can be received.

3. Configure the MPLS PW.


PW parameter peer-address (configured on the 2 OLTs) is set to the LSR ID of the peer OLT, and other PW
parameters must be set identically on the 2 OLTs.

huawei(config)#pw-para 1
huawei(config-pw-para-1)#peer-address 10.1.1.1 //Set the peer address to the LSR ID of the peer OLT.
huawei(config-pw-para-1)#pw-type tdm satop e1 //The PW type must be the same as the attribute of the E1 port on the
ONU.
//Configure the SAToP encapsulation, and set the E1 port signaling mode to UDT.
huawei(config-pw-para-1)#control-word
huawei(config-pw-para-1)#tdm-load-time satop e1 loadtime 125
huawei(config-pw-para-1)#jitter-buffer buffer-size 500
huawei(config-pw-para-1)#rtp-header encap payload-type 0 sn 0 ssrc rcv 0 tx 0
huawei(config-pw-para-1)#quit

4. Dynamically bind PW 1 to the TDM connection.

huawei(config)#pw-ac-binding tdm 0 pw 1

5. Configure the attributes of the E1 port on the ONU.


Log in to the ONU from the OLT, and then configure the port signaling mode of E1 port 0/1/0 to UDT and
the transmit clock to system.

huawei(config)#interface tdm 0/1


huawei(config-if-tdm-0/1)#port 0 udt system
huawei(config-if-tdm-0/1)#quit

Follow-up Procedure

After all the configurations are performed successfully, the related information about the CESoP connection can be
queried by running the display cesop-connect command on the ONU.

huawei(config)#display cesop-connect all


------------------------------------------------------------------------------
ID PORT VCL ENCAP REMOTEMAC REMOTEIP LOCALUDP REMOTEUDP VLAN
ID TYPE /RXPWLABEL /TXPWLABEL
------------------------------------------------------------------------------
0 0/1 /0 0 MPLS 00-e0-fc - 9343 8192 TOE
------------------------------------------------------------------------------
Total: 1

1.6.8.5 Configuring Clock Synchronization


Configuring Clock Synchronization

2024-09-17 626
MA5800 Product Documentation

In this scenario, network-wide clock synchronization is implemented through synchronous Ethernet clocks.

Prerequisites

 The clock daughter board of the SCU control board is in position.

 The upstream MAN PSN of the OLT supports Synchronous Ethernet.

Data Plan

Item Data

Ethernet upstream Port: 0/9/0


board NOTE:

The SPUF board exclusively occupies a service slot. This topic uses the GIU upstream board as an
example.

Procedure

 Configure the OLT-side clock.

1. Configure a system clock source.


Use the Ethernet line clock input from GIU port 0/9/0 as the system clock. Set the index of the system
clock to 0 and priority to 0 (highest priority).

huawei(config)#clock source 0 0/9/0


huawei(config)#clock priority system 0

2. Query the configurations and status of the system clock source.

Run the display clock source system command to query the configurations and status of the clock
source. Ensure that the configurations of the system clock source are correct and the status of the
system clock source is Normal.

huawei(config)#display clock source system


------------------------------------------------------------------------------
Index Board Source Clk-type State Priority QL Selected
------------------------------------------------------------------------------
0 H801GICK 0/9/0 ETH Normal 0 --- YES
------------------------------------------------------------------------------

Run the display clock mode command to query the working mode of the clock. Ensure that the
working mode of the clock daughter board is Tracing.

huawei(config)#display clock mode


Clock manage-mode:Third-mode
Clock subboard work-mode:Tracing

 Configure the ONU-side clock.

2024-09-17 627
MA5800 Product Documentation

1. Configure the PON line clock as the system clock.

huawei(config)#clock source 0 0/0/1


huawei(config)#clock priority system 0

2. Query the configuration and status of the system clock source.


Run the display clock source command to query the configuration and status of the system clock
source.

huawei(config-if-tdm-0/1)#quit
huawei(config)#display clock source
--------------------------------------------------------------------
Index Type Source State Priority QL Selected
--------------------------------------------------------------------
0 line 0/0/1 Normal 0 --- YES
1 -- -/ -/ - --- --- NO ---
2 -- -/ -/ - --- --- NO ---
3 -- -/ -/ - --- --- NO ---
4 -- -/ -/ - --- --- NO ---
5 -- -/ -/ - --- --- NO ---
6 -- -/ -/ - --- --- NO ---
7 -- -/ -/ - --- --- NO ---
8 -- -/ -/ - --- --- NO ---
9 -- -/ -/ - --- --- NO ---
--------------------------------------------------------------------

1.6.8.6 Configuring Congestion Control and Security Policies


Configuring Congestion Control and Security Policies

This topic describes how to configure global priority-based scheduling policies for queues to ensure service
reliability and configure global security policies to ensure service security.

Context

Congestion control uses queue scheduling technology to map packets sent from the same port into multiple queues
and process packets in each queue based on priority. Congestion control is recommended.

Security policies cover system security, user security, and service security, which ensure normal running of
services.

Enable security features based on service types. For details, see Principle of Security Data Plan .

Procedure

 Configure queue scheduling.

2024-09-17 628
MA5800 Product Documentation

Based on Principle of QoS Data Plan , all packets use strict priorities for queue scheduling and are mapped to
queues based on priorities.

huawei(config)#queue-scheduler strict-priority
huawei(config)#cos-queue-map cos0 0 cos1 1 cos2 2 cos3 3 cos4 4 cos5 5 cos6 6 cos7 7 //System default

 Configure system security.

 Enable deny of service (DoS) anti-attack on both the OLT and ONUs.

1. Run the security anti-dos enable command to globally enable DoS anti-attack.

2. Run the security anti-dos control-packet policy command to configure a protocol packet
processing policy that will be used when a DoS attack occurs.

3. Run the security anti-dos control-packet rate command to configure the threshold for the rate
of sending protocol packets to the CPU.

 Enable IP address anti-attack on both the OLT and ONUs.


Run the security anti-ipattack enable command to enable IP address anti-attack.

 Configure user security.

 Enable MAC address anti-flapping on both the OLT and ONUs.


Run the security anti-macduplicate enable command to enable MAC address anti-flapping.

 Enable MAC address anti-spoofing on both the OLT and ONUs.

1. In global config mode, run the security anti-macspoofing enable command to globally enable
MAC address anti-spoofing.

2. Enable MAC address anti-spoofing at VLAN level in global config mode or service profile mode:

a. In global config mode, run the security anti-macspoofing vlan command to enable MAC
address anti-spoofing.

b. Perform the following operations to enable MAC address anti-spoofing in service profile
mode:

i. In global config mode, run the vlan service-profile command to create a VLAN
service profile.

ii. Run the security anti-macspoofing enable command to enable MAC address anti-
spoofing at VLAN level.

iii. Run the commit command to make the profile configuration take effect.

iv. Run the quit command to quit the VLAN service profile mode.

v. Run the vlan bind service-profile command to bind the created VLAN service
profile to a VLAN.

3. (Optional) Run the security anti-macspoofing max-mac-count command to set the maximum
number of MAC addresses that can be bound to a service flow.

2024-09-17 629
MA5800 Product Documentation

4. (Optional) Run the security anti-macspoofing exclude command to configure the types of
packets for which MAC address anti-spoofing does not take effect, such as Internet Group
Management Protocol (IGMP) packets.

 Enable IP address anti-spoofing on ONUs.

IP address anti-spoofing can be enabled or disabled at three levels: global, VLAN, and service port levels.
This function takes effect only after it is enabled at the three levels. Among the three levels, IP address
anti-spoofing is disabled only at the global level by default.

1. In global config mode, run the security anti-ipspoofing enable command to enable IP address
anti-spoofing at the global level.

2. In VLAN service profile mode, run the security anti-ipspoofing enable command to enable IP
address anti-spoofing at the VLAN level.

3. Run the security anti-ipspoofing service-port serviceport-id enable command to enable IP


address anti-spoofing at the service port level.

1.6.8.7 Configuring Network Protection


Configuring Network Protection

This topic describes how to configure end-to-end (E2E) protection schemes for the base station access service
which has a high requirement on service reliability.

Context

Reliability covers equipment reliability, upstream networking protection, and downstream networking protection.
For details on reliability data planning, see Principle of Reliability Data Plan .

 Upstream networking protection includes link aggregation group and protection group. Usually, link
aggregation group is configured when the NXED board is used to transmit traffic upstream; protection group
is configured when the main control board is used to transmit traffic upstream. The two protection schemes
are not configured at the same time.

 Downstream networking protection includes Type B, Type C single homing, and Type C dual homing, which
are used to protect service ports. Ports on the same ONU can be configured only with the same protection
scheme.

This topic describes how to configure five mainstream protection schemes. Select required protection schemes based on the
carrier's requirement and actual networking scenario.

Procedure

 Configure a link aggregation group.

2024-09-17 630
MA5800 Product Documentation

Bind upstream ports 0/8/0 and 0/8/1 together as an aggregation link group. Each member port in the group
transmits packets based on source MAC addresses. The working mode is LACP static aggregation.

huawei(config)#link-aggregation 0/8 0-1 ingress workmode lacp-static

 Configure a protection group.


Configure upstream ports 0/9/0 and 0/9/1 on the control board as a port protection group. Set port 0/9/0 as
the working port and port 0/9/1 as the protection port, set the working mode to time delay detection, and
enable the protection group.

huawei(config-protect)#protect-group first 0/9/0 second 0/9/1 eth workmode timedelay enable

 Configure the Type B protection.

Figure 1 shows the Type B protection networking diagram.

Figure 1 Type B protection

Configure redundancy backup for ports 0/3/1 and 0/3/2 on the same GPON board on OLT. When port 0/3/1
fails, the system can automatically switch to port 0/3/2.

huawei(config)#protect-group 0 protect-target gpon-uni-port workmode timedelay


huawei(protect-group-0)#protect-group member port 0/3/1 role work
huawei(protect-group-0)#protect-group member port 0/3/2 role protect
huawei(protect-group-0)#protect-group enable

The configurations of services accessed by the ONUs remain the same after the Type B protection is configured. That is,
the service configurations are applied only to the working GPON port.

 Configure the Type C single homing protection.


Figure 2 shows networking diagram for the Type C single homing protection. Configure two 1:N optical
splitters, one for connecting the working PON ports on the OLT and ONUs, and one for connecting the
protection PON ports on the OLT and ONUs. This protection scheme protects both the backbone fibers and
tributary fibers.
The configurations of services accessed by the ONUs remain the same after the Type C single homing
protection is configured. That is, the service configurations are applied only to the working PON port on the
OLT and working upstream PON ports on the ONUs.

Figure 2 Type C single homing protection

2024-09-17 631
MA5800 Product Documentation

As shown in the preceding figure, Type C single homing protecting is configured for optical fiber links
between the OLT and ONU.

 The ports on the GPON service board are 0/3/1 and 0/3/2.

 The link at port 0/3/1 is the working link.

 The link at port 0/3/2 is the protection link.

 The ONU ID is 1.

 The ONU is authenticated by serial number (SN). The SN of the ONU is 3230313163902641 and the
management mode is SNMP.

 The ID of the line profile bound to the ONU is 10.

huawei(config)#interface gpon 0/3


huawei(config-if-gpon-0/3)#ont add 1 1 sn-auth 3230313163902641 snmp ont-lineprofile-id 10
huawei(config-if-gpon-0/3)#ont add 2 1 protect-side
huawei(config-if-gpon-0/3)#quit
huawei(config)#protect-group protect-target gpon-uni-ont workmode portstate
huawei(protect-group-1)#protect-group member port 0/3/1 ont 1 role work
huawei(protect-group-1)#protect-group member port 0/3/2 ont 1 role protect
huawei(protect-group-1)#protect-group enable
huawei(protect-group-1)#quit

 Configure the Type C dual homing protection.


Figure 3 shows the networking diagram for the Type C dual homing protection. Two PON ports on different
OLTs, two PON ports on an ONU, two backbone optical fibers, two optical splitters, and two tributary optical
fibers are configured to implement this protection. The difference between this protection scheme and the
Type C single homing protection scheme is that the ONU needs to be dual homed to two OLTs in this
protection scheme.
The models and versions of main control boards on the active and standby OLTs must be the same. The
models and versions of GPON boards on the active and standby OLTs also must be the same. Data on the
active OLT cannot be automatically synchronized with that on the standby OLT. Therefore, data
synchronization between the active and standby OLTs must be manually ensured.
This protection scheme can be configured for only the Ethernet QinQ private line service. It does not support
TDM services, including Native TDM and SAToP.

Figure 3 Type C dual homing protection

2024-09-17 632
MA5800 Product Documentation

As shown in the preceding figure, Type C dual homing protection is configured for two OLTs (huawei_A and
huawei_B).

 huawei_A is the active OLT while huawei_B is the standby OLT.

 The ports on the service boards on both OTLs are 0/3/1.

 The dual homing protection group ID is 1.

 The ONU ID is 1.

 The ONU is authenticated by serial number (SN). The SN of the ONU is 3230313163902641 and the
management mode is SNMP.

 The ID of the line profile bound to the ONU is 10.

Configurations on the active OLT huawei_A:


huawei_A(config)#interface gpon 0/3
huawei_A(config-if-gpon-0/3)#ont add 1 1 sn-auth 3230313163902641 snmp ont-lineprofile-id 10
huawei_A(config-if-gpon-0/3)#quit
huawei_A(config)#protect-group 1 protect-target gpon-uni-ont workmode dual-parenting
huawei_A(protect-group-1)#protect-group member port 0/3/1 ont 1 role work

Configurations on the standby OLT huawei_B:


huawei_B(config)#interface gpon 0/3
huawei_B(config-if-gpon-0/3)#ont add 1 1 sn-auth 3230313163902641 snmp ont-lineprofile-id 10
huawei_B(config-if-gpon-0/3)#quit
huawei_B(config)#protect-group 1 protect-target gpon-uni-ont workmode dual-parenting
huawei_B(protect-group-1)#protect-group member port 0/3/1 ont 1 role protect
huawei_B(protect-group-1)#protect-group enable

1.6.8.8 Verifying Services


Verifying Services

Verifying private line services requires a dedicated E1 line test instrument.

Prerequisites

2024-09-17 633
MA5800 Product Documentation

The configuration of private line services has been completed.

Context

Because E1 access is applied to both sides of the packet switched network (PSN), an E1 line test instrument can be
used to verify services. The E1 line test instrument is connected to the E1 port of the device on one side of the
network after the port loopback or hardware loopback is configured on the E1 port of the device on the other side
of the network.

Procedure

1. Configure a local loopback on the E1 port.


If the E1 port of the ONU is used to provide access for the private line services, the configurations are as
follows:

huawei(config)#interface tdm 0/1


huawei(config-if-tdm-0/1)#loopback 0 local
This operation will interrupt the service, continue? (y/n)[n]:y

If the E1 port of the EDTB board on the OLT is used to provide access for the private line services, the
configurations are as follows:

huawei(config)#interface edt 0/2


huawei(config-if-edt-0/2)#loopback 0 local

2. Use the E1 line test instrument to send packets.

Ensure the synchronization between clocks. It is recommended that the E1 line test instrument should use the self-
generated clock, the OLT should trace the clock of the E1 line test instrument, and the ONU should trace the clock of the
OLT.

The test duration must be equal to or longer than 12 hours. No alarm information is displayed on the test
instrument, and the bit error rate (BER) must be lower than 1E-9.

Follow-up Procedure

You can collect the packet statistics to check whether the CESoP and TDM connections are normal.

 Collect the statistics of packets sent and received by the CESoP connection on the ONU.

huawei(config)#display cesop-connect statistics 0


------------------------------------------------------
CONNECTID : 0
------------------------------------------------------
Lost Packet Count: 0
Received Packet Count: 58733
Transmitted Packet Count: 58732
Overflow Jitter Buffer Times: 0

2024-09-17 634
MA5800 Product Documentation

Underflow Jitter Buffer Times: 0


Received Abnormal Packet Count: 0
Received Sn-error Packet Count: 0
Received Ssrc-error Packet Count: 0
------------------------------------------------------

In the command output, the number of received packets must be the same as that of sent packets.

 Collect the statistics of packets sent and received by the TDM connection on the OLT.

huawei(config)#display tdm-connect statistics 0


---------------------------------------------------------------
Statistics on ONU side:
Discarded Packets :0
Received Packets : 132252
Transmitted Packets : 132253
Received Error CESoP Packets :0
Received SN Error CESoP Packets :0
Received SSRC Error CESoP Packets :0
-------------------------------------------------------------

In the command output, the number of received packets must be the same as that of sent packets.

1.6.9 Configuring E1 Access for the ONU and Creating TDM


PWE3 Between the ONU and Peer PE (GPON)
Configuring E1 Access for the ONU and Creating TDM PWE3 Between the ONU and Peer PE (GPON)

An ONU is connected to the OLT through GPON lines. Signals of enterprise or base transceiver station (BTS) private
line services are transmitted to the OLT through the E1 port on the ONU. TDM PWE3 is created between the ONU
and the peer provider edge (PE) CX600 to enable the packet switched network (PSN) to carry traditional circuit
switched (CS) services.
Service Requirements and Application Scenario

Service Requirement and Application Scenario

Adding ONUs to the OLT and Configuring the Management Service Port

Services can be configured for an ONU only after the ONU is successfully added to the OLT.

Configuring the TDM VCL and CESoP Connection on the ONU

Configuring the Static LSP and PW on the CX600

Configuring Clock Synchronization

In this scenario, network-wide clock synchronization is implemented through synchronous Ethernet clocks.

Verifying Services

2024-09-17 635
MA5800 Product Documentation

Verifying private line services requires a dedicated E1 line test instrument.

1.6.9.1 Service Requirements and Application Scenario


Service Requirements and Application Scenario

Service Requirements

Minimizing network construction costs: No CSPA or SPUB board is required on the OLT.
Allowing TDM services to traverse the packet switched network (PSN): TDM services are deployed independently.

Application Scenario

As shown in Figure 1, an ONU is connected to the OLT through GPON lines. Enterprise or base transceiver station
(BTS) private line services are transmitted to the ONU through an E1 port. Static TDM PWs are created between
the ONU and the peer provider edge (PE) to provide cross-PSN-network access and backhaul for enterprise or BTS
private line services.

Figure 1 Example network of E1 access for the ONU and TDM PWE3 between the ONU and peer PE

1.6.9.2 Service Requirement and Application Scenario


Service Requirement and Application Scenario

The following figure shows the procedure of configuring E1 access for the ONU and creating TDM PWE3 between
the ONU and peer PE.

2024-09-17 636
MA5800 Product Documentation

1.6.9.3 Adding ONUs to the OLT and Configuring the


Management Service Port
Adding ONUs to the OLT and Configuring the Management Service Port

Services can be configured for an ONU only after the ONU is successfully added to the OLT.

Context

 When an ONU is added, related profiles need to be bound to the ONU, including the dynamic bandwidth
allocation (DBA) profile, line profile, and alarm profile.

 An ONU can be added in two modes: adding an ONU offline and confirming an ONU online. Select either mode
as required.

Data Plan

Table 1 Key data plan

Item Data

DBA profile Profile ID: 21


Profile type: fixed bandwidth and minimum delay mode
DBA bandwidth: 28928 kbit/s (assume that 4 E1 private lines are connected to 1 ONU
and each E1 private line is configured with a bandwidth of 7232 kbit/s)

2024-09-17 637
MA5800 Product Documentation

Table 1 Key data plan

Item Data

Line profile Profile ID: 11


T-CONT ID: 1
GEM port ID for management service: 11
GEM port ID for private line service: 13

Networking data PON port: 0/3/1


ONU parameters:
ONU ID: 1
SN: 32303131B39FD641

Management VLAN and On the OLT:


management IP address Management VLAN ID: 8
Management VLAN type: smart VLAN
Inband management IP address: 192.168.50.1/24
On the ONU:
Management VLAN ID: 8
Management VLAN type: smart VLAN
Inband management IP address: 192.168.50.2/24

Service VLAN 300

Traffic profile (for transparent Index: 10


transmission) CIR: off
Policy: user-cos; default priority: 7
Priority policy: tag-in-package

Procedure

1. Configure GPON ONU profiles.

a. Configure the DBA profile, and set the DBA bandwidth allocation mode of the GPON port to min-
loop-delay.

huawei(config)#dba-profile add profile-id 21 type1 fix 28928


huawei(config)#interface gpon 0/3
huawei(config-if-gpon-0/3)#port dba bandwidth-assignment-mode 1 min-loop-delay
huawei(config-if-gpon-0/3)#quit

b. Configure an ONU line profile.

huawei(config)#ont-lineprofile gpon profile-id 11


huawei(config-gpon-lineprofile-11)#tcont 1 dba-profile-id 21 //Bind DBA profile 21 to T-CONT 1.
huawei(config-gpon-lineprofile-11)#gem add 11 eth tcont 0
huawei(config-gpon-lineprofile-11)#gem add 13 eth tcont 1 //Add GEM port 13 to T-CONT 1.
huawei(config-gpon-lineprofile-11)#gem mapping 11 0 vlan 8
huawei(config-gpon-lineprofile-11)#gem mapping 13 1 vlan 300 //Map GEM port 13 to VLAN 300.
huawei(config-gpon-lineprofile-11)#commit

2024-09-17 638
MA5800 Product Documentation

huawei(config-gpon-lineprofile-11)#quit

c. (Optional) Configure the alarm profile.

 The ID of the default GPON alarm profile is 1. The thresholds for all the alarm parameters in the
default alarm profile are 0, which indicates that no alarm is generated.

 In this example, the default alarm profile is used, and therefore the configuration of the alarm
profile is not required.

2. Add an ONU to the OLT.

a. Add ONU 1 offline.

huawei(config)#interface gpon 0/3


huawei(config-if-gpon-0/3)#ont add 1 ontid 1 sn-auth 3230313163902641

snmp ont-lineprofile-id 11
b. (Optional) Bind the alarm profile to ONU 1.
By default, alarm profile 1 is automatically bound to the ONU. You need to manually bind a non-
default alarm profile to the ONU only when the default one does not meet the requirement.
In this example, the default alarm profile 1 is used, and therefore the configuration of the alarm
profile is not required.

3. Check the ONU status.


After the ONU is added, run the display ont info command to query the status of the ONU. Ensure that
Config flag of the ONU is active, Run State is online, and Config state is normal.

To query the status of ONU 1, do as follows:

huawei(config-if-gpon-0/3)#display ont info 1 1


---------------------------------------------------------------------
F/S/P : 0/3/1
ONT-ID :1
Control flag : active //Indicates that the ONU is activated.
Run state : online //Indicates that the ONU goes online normally.
Config state : normal //Indicates that the configuration recovery state of the ONU is normal.
...//The following command output is omitted.
huawei(config-if-gpon-0/3)#quit

4. Configure the inband management VLAN and IP address of the OLT.


Create a VLAN whose ID is 8 as the inband management VLAN of the OLT, set the VLAN priority to 6, and set
the IP address of the VLAN interface to 192.168.50.1/24.

huawei(config)#vlan 8 smart
huawei(config)#vlan priority 8 6
huawei(config)#port vlan 8 0/9 0
huawei(config)#interface vlanif 8
huawei(config-if-vlanif8)#ip address 192.168.50.1 24
huawei(config-if-vlanif8)#quit

2024-09-17 639
MA5800 Product Documentation

5. Configure the inband management VLAN and IP address of the ONU.

huawei(config)#interface gpon 0/3


huawei(config-if-gpon-0/3)#ont ipconfig 1 1 static ip-address 192.168.50.2 mask 255.255.255.0 gateway

192.168.50.1 vlan 8

huawei(config-if-gpon-0/3)#quit

6. Configure an inband management service port.


The management VLAN is VLAN 8, the GEM port ID is 11, and user VLAN is VLAN 8. The OLT does not limit
the rate of inband management services. Therefore, you can directly bind default traffic profile 6 to the
inband management service port.

huawei(config)#service-port vlan 8 gpon 0/3/1 ont 1 gemport 11 multi-service

user-vlan 8 rx-cttr 6 tx-cttr 6


7. Check whether the management service port between the OLT and the ONU is available.

 Run the ping ONU ip command on the OLT to check the connectivity between the OLT and the ONU. If
the ICMP ECHO-REPLY packets from the ONU are received, the connectivity between the OLT and the
ONU is in good condition.

 If you can remotely log in to the ONU from the OLT to perform configurations for the ONU, the
management service port between the OLT and the ONU is available.

8. Configure the traffic profile and create the service port for transparently transmitting services.
Set the service VLAN (SVLAN) ID to 300, GEM port ID to 13, and customer VLAN (CVLAN) ID to 300. The
OLT does not limit the rate of services that are transparently transmitted. Traffic profile 10 is bound to the
service port for transparently transmitting services.

huawei(config)#traffic table ip index 10 cir off priority user-cos 7 priority-policy tag-In-package


huawei(config)#service-port vlan 300 gpon 0/3/1 ont 1 gemport 13 multi-service

user-vlan 300 rx-cttr 10 tx-cttr 10

Follow-up Procedure

When Config state is failed, Run state is offline, or Match state is mismatch:

 If Control flag is deactivated, run the ont activate command in GPON mode to activate the ONT.

 If Run state is offline, a physical line may be broken or the optical module may be damaged. Check the line
and the optical module.

 If Config state is failed, the configured ONT capability exceeds the actual ONT capability. In this case, run the
display ont failed-configuration command in the diagnose mode to check the failed configuration item and
the failure cause. Then, rectify the fault accordingly.

1.6.9.4 Configuring the TDM VCL and CESoP Connection on the


ONU
Configuring the TDM VCL and CESoP Connection on the ONU

2024-09-17 640
MA5800 Product Documentation

Data Plan

Item Data

E1 port parameters Port ID: 0/1/0


Port signaling mode: structured data transfer
(SDT)
Transmit clock of the port: system clock
Port signaling: common channel signaling (CCS)
CRC-4 frame check: enabled
IP address: 10.0.0.10
Port timeslot: 1-15 (timeslot bitmap: 0xfffe)

Service VLAN 300

Static LSP parameters Tx LSP label: 2000


Rx LSP label: 8200

Static PW parameters Tx PW label: 8000


NOTE: Rx PW label: 8500
The PW parameters on the ONU must be the same as those on the RTP header: enabled
CX600. PW load time: 1000 μs
Maximum jitter delay: 2 ms

Procedure

1. Create the service VLAN and add an upstream port to the VLAN.

huawei(config)#vlan 300 smart


huawei(config)#port vlan 300 0/0 0

2. Configure the attributes of the E1 Port.

huawei(config)#interface tdm 0/1


huawei(config-if-tdm-0/1)#port 0 sdt system ccs crc enable
huawei(config-if-tdm-0/1)#set ip-address 10.0.0.10
huawei(config-if-tdm-0/1)#quit

3. Configure the TDM virtual channel link (VCL).


Set the TDM VCL ID to 0 and the type to CESoP, and use timeslot 1-16.

huawei(config)#tdm-vcl tdm-vcl-id 0 cesop 0/1/0 timeslot 0xfffe

4. Configure the CESoP connection.


Use VLAN 300 to carry CESoP services. Set the Rx PW label to 8500, Tx PW label to 8000, Rx LSP label to
8200, Tx LSP label to 2000, and gateway IP address (the next hop is the CX600) to 10.0.0.20. Then configure
the specific attributes of the CESoP connection.

huawei(config)#cesop-connect 1 tdm 0 vlan 300 rcv-pw-label 8500 trans-pw-label 8000

rcv-lsp-label 8200 trans-lsp-label 2000 gateway 10.0.0.20

huawei(config)#cesop rtp 1 enable //Enable RTP header.


huawei(config)#cesop loadtime 1 1000 //The load time is 1000 μs (namely 8 frames).

2024-09-17 641
MA5800 Product Documentation

huawei(config)#cesop jitter-buffer 1 2000 //The maximum jitter delay is 2 ms.


huawei(config)#cesop encap 0 ssrc rcv 0 tx 0 //Both the Tx and Rx SSRIDs are 0.

1.6.9.5 Configuring the Static LSP and PW on the CX600


Configuring the Static LSP and PW on the CX600

Data Plan

Item Data

Parameters of the GE sub interface Sub interface ID: 1/0/0.1


VLAN to which the sub interface belongs: 300
IP address of the sub interface: 10.0.0.20/24

E1 port parameters Port ID: 2/1/0


Working mode: channelized mode (CEL)
Timeslot: 1-15

Static LSP parameters Parameters configured on the ingress node:


Destination ID address: 10.0.0.10/32
Next-hop IP address: 10.0.0.10
Egress interface: GE sub interface 1/0/0.1
Egress label: 8200 (the same as the Rx LSP label on the
ONU)
Parameters configured on the egress node:
Ingress interface: GE sub interface 1/0/0.1
Ingress label: 2000 (the same as the Tx LSP label on
the ONU)

Static PW parameters Tx PW label: 8500 (the same as the Rx PW label on the


NOTE: ONU)
The PW parameters on the CX600 must be the same as those on Rx PW label: 8000 (the same as the Tx PW label on the
the ONU. ONU)
RTP header: enabled
Number of TDM frames encapsulated in each PW
packet: 8
Maximum jitter delay: 2 ms

Procedure

1. Configure the GE sub interface.


Set the ID of the sub interface to 1/0/0.1, add the sub interface to VLAN 300, and set the IP address of the
sub interface to 10.0.0.20/24.

[CX600]interface GigabitEthernet 1/0/0.1


[CX600-GigabitEthernet1/0/0.1]vlan-type dot1q 300
[CX600-GigabitEthernet1/0/0.1]ip address 10.0.0.20 24
[CX600-GigabitEthernet1/0/0.1]quit

2024-09-17 642
MA5800 Product Documentation

Enable MPLS globally and then enable MPLS for the GE sub interface.

[CX600]mpls
[CX600]interface GigabitEthernet 1/0/0.1
[CX600-GigabitEthernet1/0/0.1]mpls

2. Configure the E1 port.


Configure E1 port 2/1/0. Set the working mode to CEL and timeslot 1-15 as a channel.

The timeslot on the CX600 must be the same as that on the ONU.

[CX600]controller E1 2/1/0
[CX600-E1 2/1/0]using ce1
[CX600-E1 2/1/0]channel-set 0 timeslot-list 1-15
[CX600-E1 2/1/0]quit

3. Configure the static route to the ONU.


Configure the static route whose destination IP address is the IP address of the E1 board on the ONU and
egress interface is GE sub interface 1/0/0.1.

[CX600]ip route-static 10.0.0.10 32 GigabitEthernet 1/0/0.1 10.0.0.10

4. Configure the CX600 as the ingress node of the static LSP.

[CX600]static-lsp ingress lsp1 destination 10.0.0.10 32 nexthop 10.0.0.10

outgoing-interface GigabitEthernet 1/0/0.1 out-label 8200

5. Configure the CX600 as the egress node of the static LSP.

[CX600]static-lsp egress lsp2 incoming-interface GigabitEthernet 1/0/0.1

in-label 2000

6. Configure the static PW.

[CX600]interface Serial2/1/0:0
[CX600-Serial2/1/0:0]link-protocol tdm
[CX600-Serial2/1/0:0]mpls static-l2vc destination 10.0.0.10 transmit-vpn

-label 8500 receive-vpn-label 8000 rtp-header tdm-encapsulation 8 jitter-buffer 2

1.6.9.6 Configuring Clock Synchronization


Configuring Clock Synchronization

In this scenario, network-wide clock synchronization is implemented through synchronous Ethernet clocks.

Prerequisites

 The clock daughter board CKUA of the control board is in position.

 The upstream MAN PSN of the OLT supports Synchronous Ethernet.

2024-09-17 643
MA5800 Product Documentation

Data Plan

Item Data

Ethernet upstream port 0/9/0


NOTE:

This topic uses the control board upstreaming as an example.

Procedure

 Configure the OLT-side clock.

1. Configure a system clock source.


Use the Ethernet line clock input from Ethernet port 0/9/0 as the system clock. Set the index of the
system clock to 0 and priority to 0 (highest priority).

huawei(config)#clock source 0 0/9/0


huawei(config)#clock priority system 0

2. Query the configurations and status of the system clock source.

Run the display clock source system command to query configurations and status of the clock source.
Ensure that the configurations of the system clock source are correct and the status of the system clock
source is Normal.

huawei(config)#display clock source system


------------------------------------------------------------------------------
Index Board Source Clk-type State Priority QL Selected
------------------------------------------------------------------------------
0 H901MPLB 0/9/0 ETH Normal 0 --- YES
------------------------------------------------------------------------------

Run the display clock mode command to query the working mode of the clock. Ensure that the
working mode of the clock daughter board is Tracing.

huawei(config)#display clock mode


Clock manage-mode:Third-mode
Clock subboard work-mode:Tracing

 Configure the ONU-side clock.

1. Configure the PON line clock as the system clock.

huawei(config)#clock source 0 0/0/1


huawei(config)#clock priority system 0

2. Query the configuration and status of the system clock source.


Run the display clock source command to query the configuration and status of the system clock
source.

huawei(config-if-tdm-0/1)#quit

2024-09-17 644
MA5800 Product Documentation

huawei(config)#display clock source


--------------------------------------------------------------------
Index Type Source State Priority QL Selected
--------------------------------------------------------------------
0 line 0/0/1 Normal 0 --- YES
1 -- -/ -/ - --- --- NO ---
2 -- -/ -/ - --- --- NO ---
3 -- -/ -/ - --- --- NO ---
4 -- -/ -/ - --- --- NO ---
5 -- -/ -/ - --- --- NO ---
6 -- -/ -/ - --- --- NO ---
7 -- -/ -/ - --- --- NO ---
8 -- -/ -/ - --- --- NO ---
9 -- -/ -/ - --- --- NO ---
--------------------------------------------------------------------

1.6.9.7 Verifying Services


Verifying Services

Verifying private line services requires a dedicated E1 line test instrument.

Prerequisites
The configuration of private line services has been completed.

Context

Because E1 access is applied to both sides of the packet switched network (PSN), an E1 line test instrument can be
used to verify services. The E1 line test instrument is connected to the E1 port of the device on one side of the
network after the port loopback or hardware loopback is configured on the E1 port of the device on the other side
of the network.

Procedure

1. Configure a local loopback on the E1 port.


If the E1 port of the ONU is used to provide access for the private line services, the configurations are as
follows:

huawei(config)#interface tdm 0/1


huawei(config-if-tdm-0/1)#loopback 0 local
This operation will interrupt the service, continue? (y/n)[n]:y

If the E1 port of the OLT is used to provide access for the private line services, the configurations are as
follows:

huawei(config)#interface top 0/2

2024-09-17 645
MA5800 Product Documentation

huawei(config-if-top-0/2)#loopback 0 local

2. Use the E1 line test instrument to send packets.

Ensure the synchronization between clocks. It is recommended that the E1 line test instrument should use the self-
generated clock, the OLT should trace the clock of the E1 line test instrument, and the ONU should trace the clock of the
OLT.

The test duration must be equal to or longer than 12 hours. No alarm information is displayed on the test
instrument, and the bit error rate (BER) must be lower than 1E-9.

Follow-up Procedure

You can collect the packet statistics to check whether the CESoP and TDM connections are normal.

 Collect the statistics of packets sent and received by the CESoP connection on the ONU.

huawei(config)#display cesop-connect statistics 0


------------------------------------------------------
CONNECTID : 0
------------------------------------------------------
Lost Packet Count: 0
Received Packet Count: 58733
Transmitted Packet Count: 58732
Overflow Jitter Buffer Times: 0
Underflow Jitter Buffer Times: 0
Received Abnormal Packet Count: 0
Received Sn-error Packet Count: 0
Received Ssrc-error Packet Count: 0
------------------------------------------------------

In the command output, the number of received packets must be the same as that of sent packets.

 Collect the statistics of packets sent and received by the TDM connection on the OLT.

huawei(config)#display tdm-connect statistics 0


---------------------------------------------------------------
Statistics on ONU side:
Discarded Packets :0
Received Packets : 132252
Transmitted Packets : 132253
Received Error CESoP Packets :0
Received SN Error CESoP Packets :0
Received SSRC Error CESoP Packets :0
-------------------------------------------------------------

In the command output, the number of received packets must be the same as that of sent packets.

2024-09-17 646
MA5800 Product Documentation

1.6.10 Configuring Small-Cell Base Station Access Service


(through GUI Pre-Deployment, GPON)
Configuring Small-Cell Base Station Access Service (through GUI Pre-Deployment, GPON)

Dock ONUs are connected to small-cell base stations through Ethernet ports, and OLTs interconnect with the
devices on the metro network through QinQ VLANs to provide the access service for small-cell base stations. This
topic describes how to implement the access service of a small-cell base station through GUI pre-deployment in the
scenario with the U2000 available.
Service Requirements and Application Scenarios

Configuration Procedure

Configuring the IP Address of the NMS Server and the IP Address Pool of the ONU (GPON Dock Scenario)

Creating the Authentication-Free Policy and Associating It with the OLT (GPON Dock Scenario)

Configuring the Remote Software Commissioning Policy (GPON Dock Scenario)

Configuring the IP Address of the NMS Server (VDSL2 Dock Scenario)

Creating the Authentication-Free Policy (VDSL2 Dock Scenario)

Configuring the Remote Software Commissioning Policy (VDSL2 Dock Scenario)

Configuring the VDSL2 Bonding Group on the DSLAM (VDSL2 Dock Scenario)

Adding the P2P Pre-Deployment Policy (VDSL2 Dock Scenario)

Configuring Clock Synchronization

In this scenario, network-wide clock synchronization is implemented through synchronous Ethernet clocks.

Verifying Services

The Ethernet base station access service can be verified by checking the connectivity and alarms of the service.

1.6.10.1 Service Requirements and Application Scenarios


Service Requirements and Application Scenarios

Service Requirements

As the last mile that connects users to the Internet, small-cell backhaul is an important part of an FTTx network.
For small-cell backhaul, customers expect to:

2024-09-17 647
MA5800 Product Documentation

 Use the existing access resources to provide backhaul services for distributed small-cell base stations.

 Use a simple and mature service configuration scheme, featuring a high transmission efficiency in addition to
ensuring the QoS.

 Simplify sites to lower the site installation and maintenance costs.

Application Scenarios

As shown in Figure 1, ONUs, functioning as Dock devices, receive Ethernet service data from small-cell base
stations through Ethernet ports and then send the service data to the OLT. The OLT restores the Ethernet signals
and adds 2 VLAN tags (QinQ VLAN encapsulation) to the data, so that the data from the small cell bases can be
transparently transmitted to the peer PTN devices through the public network and then the PTN devices restore
them to the original data.

Figure 1 Implementing access service of a small-cell base station

1.6.10.2 Configuration Procedure


Configuration Procedure

The following figure shows the configuration procedure for implementing the access service of a small-cell base
station (in QinQ VLAN mode through GUI pre-deployment).

1.6.10.3 Configuring the IP Address of the NMS Server and the


IP Address Pool of the ONU (GPON Dock Scenario)
Configuring the IP Address of the NMS Server and the IP Address Pool of the ONU (GPON Dock Scenario)

Prerequisites

 The OLT is added to the NMS.

2024-09-17 648
MA5800 Product Documentation

 Related xFTP configurations are completed.

Data Plan

Configuration Data Remarks


Item

IP address of the 10.10.10.10 The NMS server needs to use ports 23, 8080, 9801, and 9803. Therefore,
NMS server ensure that the firewall does not block these ports so that the NMS
server can normally communicate with devices.

IP address of the 10.10.10.20 This IP address is designated for Layer 3 VLAN interface 8 and is used
OLT for inband management.

IP address pool of IP address pool: The ONU gateway IP address is used as the IP address of the Layer 3
the ONU 10.10.11.2 to interface on the OLT.
10.10.11.125
Subnet mask:
255.255.254.0
ONU gateway:
10.10.10.20
Management VLAN ID:
8
VLAN priority: 7

Procedure
 Configure the IP address of the NMS server used for receiving traps.
The OLT reports FTTM ONU information to the NMS through traps. Here the trap destination host (namely,
the destination host to which traps are sent) is the NMS server.
For any OLT, only 1 trap destination host is required. If multiple trap destination hosts are configured for the
OLT, delete the unnecessary ones.

1. Choose Administration > NE Communicate Parameter > Set NE SNMP Expanded Parameters
(traditional style) from the main menu or select Fix-Network NE Configuration in Application
Center and choose Administration > NE Communicate Parameter > Set NE SNMP Expanded
Parameters (application style) from the main menu.
2. Click Filter. In the Select Device dialog box, select the desired OLT from the Device Type drop-down
list and click OK.
3. In the device list, select a record and click the Target Host tab.
4. On the Target Host tab, right-click in a blank area and choose Add from the shortcut menu.
5. In the dialog box that is displayed, set the parameters, as shown in Figure 1.

Figure 1 Configuring the trap destination host

2024-09-17 649
MA5800 Product Documentation

6. Click OK.

 Configure the IP address pool of the ONU.


On an FTTM network, IP addresses are automatically allocated because no authentication is required. In this
way, an ONU IP address pool needs to be configured so that ONUs, when going online, can automatically
obtain an IP address.

1. Choose Configuration > FTTx Service Pre-Deployment > ONU IP Pool Management (traditional
style) from the main menu or select Fix-Network NE Configuration in Application Center and
choose Access Service > FTTx Service Pre-Deployment > ONU IP Pool Management (application
style) from the main menu.
2. In the information list, right-click and choose Add from the shortcut menu.
3. In the dialog box that is displayed, set the parameters, as shown in Figure 2.

Figure 2 Configuring the IP address pool of the ONU

4. Click OK.

2024-09-17 650
MA5800 Product Documentation

1.6.10.4 Creating the Authentication-Free Policy and


Associating It with the OLT (GPON Dock Scenario)
Creating the Authentication-Free Policy and Associating It with the OLT (GPON Dock Scenario)

Prerequisites

You have completed the configurations of the following profiles:

 SNMP profile

 DBA profile

 Line profile

 MEF IP traffic profile

Context

If you configure an ONU authentication-free policy and associate it with the OLT through the NMS, the FTTM ONU,
when going online, will be automatically added to the NMS according to the ONU type and the authentication-free
policy.

Data Plan

Configuration Item Data

SNMP profile Name: snmpv3

DBA profile Name: MA5694S_dba

Line profile Name: MA5694S_lineprofile

Management service flow Name: pvc_manage. The attributes of the management service flow are as
follows:
Smart VLAN ID: 8
multi-service user-vlan (multiple services distinguished by different user
VLANs)
User VLAN ID: 8
VLAN translation policy: translate
Upstream and downstream traffic profile: ip-traffic-table_6

Voice and data service flow Name: pvc_traffic. The attributes of the voice and data service flow are as
follows:
Smart VLAN ID: 300
multi-service user-vlan (multiple services distinguished by different user
VLANs)
User VLAN ID: 1002
VLAN translation policy: translate-and-add
Upstream and downstream traffic profile: ip-traffic-table_11

2024-09-17 651
MA5800 Product Documentation

Configuration Item Data

Base station synchronization service Name: pvc_sync. The attributes of the base station synchronization service flow
flow are as follows:
Smart VLAN ID: 1000
multi-service user-vlan (multiple services distinguished by different user
VLANs)
User VLAN ID: 1000
VLAN translation policy: transparent
Upstream and downstream traffic profile: ip-traffic-table_10

Base station OAM service flow Name: pvc_oam. The attributes of the base station OAM service flow are as
follows:
Smart VLAN ID: 300
multi-service user-vlan (multiple services distinguished by different user
VLANs)
User VLAN ID: 1001
VLAN translation policy: translate-and-add
Upstream and downstream traffic profile: ip-traffic-table_10

Procedure

1. Configure the FTTM GPON ONU authentication-free policy.

a. Choose Configuration > FTTx Service Pre-Deployment > ONU PnP Management (compatibility
style) from the main menu or select Fix-Network NE Configuration in Application Center and
choose Access Service > FTTx Service Pre-Deployment > ONU PnP Management (application
style) from the main menu.
b. Click the ONU Authentication-Free Configuration tab.
c. Right-click in a blank area and choose Add from the shortcut menu. Configure related parameters in
the displayed Add ONU Authentication-Free Configuration dialog box, as shown in Figure 1.

Figure 1 Configuring the ONU authentication-free policy

2024-09-17 652
MA5800 Product Documentation

d. Right-click Service Port in the navigation tree and choose Add Service Port from the shortcut menu
to add service ports according to services supported by the small cell.
Figure 2 shows how to add a management service flow; Figure 3 shows how to add a voice and data
service flow.

Figure 2 Adding a management service flow

Figure 3 Adding a voice and data service flow

2024-09-17 653
MA5800 Product Documentation

2. Associate the ONU authentication-free policy with the OLT.

a. In the authentication-free policy list, select the MDU authentication-free policy and click the NE
Reference tab in the lower pane.

b. On the NE Reference tab, right-click the OLT and choose Associate from the shortcut menu.

1.6.10.5 Configuring the Remote Software Commissioning


Policy (GPON Dock Scenario)
Configuring the Remote Software Commissioning Policy (GPON Dock Scenario)

Prerequisites

The configuration script is available.

Context

If you configure a remote software commissioning policy through the NMS, the NMS, according to the ONU type
and the configured policy, will automatically issue the configuration script to the FTTM ONUs once the ONUs go
online, and the service channels will be automatically established.

Procedure

1. Choose Configuration > FTTx Service Pre-Deployment > ONU PnP Management (compatibility style)
from the main menu or select Fix-Network NE Configuration in Application Center and choose Access
Service > FTTx Service Pre-Deployment > ONU PnP Management (application style) from the main
menu.

2. Click the ONU Onsite Commissioning-Free Configuration tab.

2024-09-17 654
MA5800 Product Documentation

3. Right-click in a blank area and choose Add from the shortcut menu. In the dialog box that is displayed,
configure a GPON-upstream MDU commissioning-free policy.
The following figure shows the configuration dialog box.

1.6.10.6 Configuring the IP Address of the NMS Server (VDSL2


Dock Scenario)
Configuring the IP Address of the NMS Server (VDSL2 Dock Scenario)

Prerequisites

 The OLT is added to the NMS.

 Related xFTP configurations are completed.

Context

The OLT reports FTTM ONU information to the NMS through traps. Here the trap destination host (namely, the
destination host to which traps are sent) is the NMS server.
For any OLT, only 1 trap destination host is required. If multiple trap destination hosts are configured for the OLT,
delete the unnecessary ones.

Data Plan

Configuration Data Remarks


Item

IP address of the 10.10.10.10/24 The NMS server needs to use ports 23, 8080, 9801, and 9803. Therefore, ensure
NMS server that the firewall does not block these ports so that the NMS server can normally
communicate with devices.

IP address of the 10.10.10.20/24 This IP address is designated for Layer 3 VLAN interface 8 and is used for inband
OLT management.

Procedure

2024-09-17 655
MA5800 Product Documentation

1. Choose Configuration > Router/Switch/Security Configuration > Switch EPON Template (traditional
style) from the main menu or select Fix-Network NE Configuration in Application Center and choose
Configuration > Router/Switch/Security Configuration > Switch EPON Template (application style)
from the main menu.

2. Click Filter. In the Select Device dialog box, select the desired OLT NE from the Device Type drop-down
list and click OK.

3. In the device list, select a record and click the Target Host tab.

4. On the Target Host tab, right-click in a blank area and choose Add from the shortcut menu.

5. In the dialog box that is displayed, set the parameters, as shown in Figure 1.

Figure 1 Configuring the trap destination host

6. Click OK.

1.6.10.7 Creating the Authentication-Free Policy (VDSL2 Dock


Scenario)
Creating the Authentication-Free Policy (VDSL2 Dock Scenario)

Prerequisites

You have completed the configurations of the following profiles:

 SNMP profile

 DBA profile

 Line profile

 MEF IP traffic profile

Context

If you configure an ONU authentication-free policy and associate it with the OLT through the NMS, the FTTM ONU,
when going online, will be automatically added to the NMS according to the ONU type and the authentication-free
policy.

2024-09-17 656
MA5800 Product Documentation

Data Plan

Configuration Item Data

SNMP profile Name: snmpv3

DBA profile Name: MA5694S_dba

Line profile Name: MA5694S_lineprofile

Management service flow Name: pvc_manage. The attributes of the management service flow are as
follows:
Smart VLAN ID: 8
multi-service user-vlan (multiple services distinguished by different user
VLANs)
User VLAN ID: 8
VLAN translation policy: translate
Upstream and downstream traffic profile: ip-traffic-table_6

Voice and data service flow Name: pvc_traffic. The attributes of the voice and data service flow are as
follows:
Smart VLAN ID: 300
multi-service user-vlan (multiple services distinguished by different user
VLANs)
User VLAN ID: 1002
VLAN translation policy: translate-and-add
Upstream and downstream traffic profile: ip-traffic-table_11

Base station synchronization service Name: pvc_sync. The attributes of the base station synchronization service flow
flow are as follows:
Smart VLAN ID: 1000
multi-service user-vlan (multiple services distinguished by different user
VLANs)
User VLAN ID: 1000
VLAN translation policy: transparent
Upstream and downstream traffic profile: ip-traffic-table_10

Base station OAM service flow Name: pvc_oam. The attributes of the base station OAM service flow are as
follows:
Smart VLAN ID: 300
multi-service user-vlan (multiple services distinguished by different user
VLANs)
User VLAN ID: 1001
VLAN translation policy: translate-and-add
Upstream and downstream traffic profile: ip-traffic-table_10

Procedure
1. Configure the FTTM ONU authentication-free policy in the VDSL2 upstream transmission scenario.

2024-09-17 657
MA5800 Product Documentation

a. Choose Configuration > FTTx Service Pre-Deployment > ONU PnP Management (compatibility
style) from the main menu or select Fix-Network NE Configuration in Application Center and
choose Access Service > FTTx Service Pre-Deployment > ONU PnP Management (application
style) from the main menu.
b. Click the ONU Authentication-Free Configuration tab.
c. Right-click in a blank area and choose Add from the shortcut menu. Configure related parameters in
the displayed Add ONU Authentication-Free Configuration dialog box, as shown in Figure 1.

Figure 1 Configuring the ONU authentication-free policy

d. Right-click Service Port in the navigation tree and choose Add Service Port from the shortcut menu
to add service ports according to services supported by the small cell.
Figure 2 shows how to add a management service flow; Figure 3 shows how to add a voice and data
service flow.

Figure 2 Adding a management service flow

2024-09-17 658
MA5800 Product Documentation

Figure 3 Adding a voice and data service flow

1.6.10.8 Configuring the Remote Software Commissioning


Policy (VDSL2 Dock Scenario)
Configuring the Remote Software Commissioning Policy (VDSL2 Dock Scenario)

Prerequisites

 The configuration script is available.

 Ensure that the database of MA5694S is empty. Otherwise, the remote software commissioning cannot be
used.

Context

If you configure a remote software commissioning policy through the NMS, the NMS, according to the ONU type
and the configured policy, will automatically issue the configuration script to the FTTM ONUs once the ONUs go
online, and the service channels will be automatically established.

Procedure

1. Choose Configuration > FTTx Service Pre-Deployment > ONU PnP Management (compatibility style)
from the main menu or select Fix-Network NE Configuration in Application Center and choose Access
Service > FTTx Service Pre-Deployment > ONU PnP Management (application style) from the main
menu.

2. Click the ONU Onsite Commissioning-Free Configuration tab.

3. Right-click in a blank area and choose Add from the shortcut menu. In the dialog box that is displayed,
configure a VDSL2-upstream MDU commissioning-free policy.

2024-09-17 659
MA5800 Product Documentation

The following figure shows the configuration dialog box.

Example

The following provides the contents of preceding configuration file MA5694S-COMM.cfg.

vlan 1000-1002 smart


port vlan 1000 0/0 0
port vlan 1001 0/0 0
port vlan 1002 0/0 0
traffic table ip index 10 cir off priority user-cos 7 priority-policy tag-in-package
service-port vlan 1000 eth 0/1/0 multi-service user-vlan
untagged rx-cttr 10 tx-cttr 10
service-port vlan 1001 eth 0/1/0 multi-service user-vlan
20 rx-cttr 10 tx-cttr 10
service-port vlan 1002 eth 0/1/0 multi-service user-vlan
30 rx-cttr 10 tx-cttr 10

1.6.10.9 Configuring the VDSL2 Bonding Group on the DSLAM


(VDSL2 Dock Scenario)
Configuring the VDSL2 Bonding Group on the DSLAM (VDSL2 Dock Scenario)

Prerequisites

 The DSLAM (MA5616) is successfully added to the NMS.

 The service channel between the OLT and the DSLAM is established and available.

Data Plan

Configuration Data Remarks


Item

VDSL2 bonding Master port: 0/3/0 The MA5616 supports only 4-pair
group Slave ports: 0/3/1 to 0/3/3 bonding VDSL2 Dock devices.

2024-09-17 660
MA5800 Product Documentation

Configuration Data Remarks


Item

Bonding group DEFVAL (system default profile which does not limit the -
profile rate in upstream and downstream directions)

Procedure

1. In the Main Topology, double-click the required NE and choose NE Explorer from the shortcut menu.

2. Choose DSL > VDSL Port from the navigation tree.

3. On the VDSL2 Bonding Group tab page, right-click in a blank area and choose Add from the shortcut menu.

4. In the Adding Bonding Group dialog box, select the desired ports, as shown in the following figure.

Figure 1 Adding the VDSL2 bonding group

5. In the list of bonding groups, select the newly-added bonding group, right-click, and choose Activate from
the shortcut menu.

Follow-up Procedure
Wait for a moment, and then check whether the ports in the bonding group are activated.

1.6.10.10 Adding the P2P Pre-Deployment Policy (VDSL2 Dock


Scenario)
Adding the P2P Pre-Deployment Policy (VDSL2 Dock Scenario)

Data Plan

Configuration Item Data Remarks

ONU information Upstream transmission mode: VDSL2 bonding -

Master port in the bonding group: 0/3/0

2024-09-17 661
MA5800 Product Documentation

Configuration Item Data Remarks

IP address and subnet mask: 10.10.11.2/255.255.254.0


Management VLAN ID: 8
Default gateway: 10.10.10.20

SNMP profile snmpv3 -

Authentication-free configuration Enabled; name of the authentication-free policy: MA5694S_noauth_vdsl -

Procedure

1. In the Main Topology, double-click a desired DSLAM (MA5616) in the Physical Root navigation tree, or
right-click a desired DSLAM and choose NE Explorer from the shortcut menu.

2. Choose P2P Device Predeployment from the navigation tree.

3. In the P2P Device Predeployment tab, right-click and choose Add... from the shortcut menu.

4. In the dialog box that is displayed, set the parameters, as shown in Figure 1.

Figure 1 Adding the P2P device pre-deployment policy

5. Click OK.

Result

After the P2P pre-deployment is completed, connect a VDSL2 Dock device to the port of the VDSL2 bonding group
on the DSLAM, and then wait for several minutes until the VDSL2 Dock device is automatically found and obtains IP
address. In this moment, the deployment status in the P2P Device Predeployment tab becomes green (as shown
in the following figure), and the NMS topology shows that the VDSL2 Dock device functions normally after the
VDSL2 Dock device is synchronized to the NMS.

2024-09-17 662
MA5800 Product Documentation

1.6.10.11 Configuring Clock Synchronization


Configuring Clock Synchronization

In this scenario, network-wide clock synchronization is implemented through synchronous Ethernet clocks.

Prerequisites

 The clock daughter board CKUA of the SCU board must be in position.

 The upstream MAN PSN of the OLT must feature the capability of Ethernet synchronization.

Context

The clock synchronization scheme of a small-cell base station can be synchronous Ethernet (frequency
synchronization) or IEEE 1588v2 (time synchronization). This topic uses the synchronous Ethernet as an example
to describe how to configure clock synchronization. For IEEE 1588v2 time synchronization configurations, see
Configuring 1588v2 Clock Synchronization .

Data Plan

Configuration Item Data

Upstream port 0/9/0

ONU Port Upstream port: 0/0/0


UNI interface: 0/1/0

Procedure
 Configure the OLT-side clock.

1. Configure a system clock source.

2024-09-17 663
MA5800 Product Documentation

Use the Ethernet line clock input from port 0/9/0 as the system clock. Set the index of the system clock
to 0 and priority to 0 (highest priority).

huawei(config)#clock source 0 0/9/0


huawei(config)#clock priority system 0

2. Query the configurations and status of the system clock source.


Run the display clock source system command to query the configurations and status of the system
clock source. Ensure that the configurations of the system clock source are correct and the status of the
system clock source is Normal.

Run the display clock mode command to query the working mode of the clock. Ensure that the
working mode of the clock daughter board is Tracing.

huawei(config)#display clock mode


Clock manage-mode:Third-mode
Clock subboard work-mode:Tracing

 Configure the ONU-side clock.


When a small-cell base station is connected to an ONU through the Ethernet port, the port transmit clock is
defaulted to the system clock and cannot be modified. Therefore, you need to configure only the system clock
of the ONU.
When the ONU functions as the GPON Dock device, the MA5694S is connected upstream to the OLT through
the GPON port. In this way, you need to configure clock synchronization on the OLT and ONU.
Use the line clock obtained from the upstream port as the system clock.

1. Use the line clock obtained from the upstream port as the system clock.

huawei(config)#clock source 0 0/0/0


huawei(config)#clock priority system 0

2. Query the configurations and status of the system clock source.


Run the display clock source command to query the configurations and status of the system clock
source.

huawei(config)#display clock source


--------------------------------------------------------------------
Index Type Source State Priority QL Selected
--------------------------------------------------------------------
0 line 0/0/0 Normal 0 --- YES
1 -- -/ -/ - --- --- NO ---
2 -- -/ -/ - --- --- NO ---
3 -- -/ -/ - --- --- NO ---
4 -- -/ -/ - --- --- NO ---
5 -- -/ -/ - --- --- NO ---
6 -- -/ -/ - --- --- NO ---
7 -- -/ -/ - --- --- NO ---
8 -- -/ -/ - --- --- NO ---

2024-09-17 664
MA5800 Product Documentation

9 -- -/ -/ - --- --- NO ---


--------------------------------------------------------------------

1.6.10.12 Verifying Services


Verifying Services

The Ethernet base station access service can be verified by checking the connectivity and alarms of the service.

Prerequisites
The base station access service has been deployed.

Procedure

1. Check connectivity.

a. Check the connectivity between base stations and the IP clock server.
On base stations, configure management IP addresses and static routes to the IP clock server, and
then perform ping operations. In normal cases, the ICMP ECHO-REPLY message can be received from
the IP clock server.
b. Check the connectivity between base stations and the OAM server.
On base stations, configure IP addresses of management channels and static routes to the OAM
server, and then perform ping operations. In normal cases, the ICMP ECHO-REPLY message can be
received from the OAM server.
c. Check the connectivity between base stations and the RNC.
On base stations, configure service port IP addresses and static routes to the RNC, and then perform
ping operations. In normal cases, the ICMP ECHO-REPLY message can be received from the RNC.

2. Check alarms.
Check logs on base stations. Verify that no alarms are generated within 24 hours.

1.7 IPv6 Configuration


IPv6 Configuration

IPv6 Networking

The FTTH IPv6 solution is part of the Huawei fixed broadband solution for IPv6, supporting the access of the IPv6 high
speed Internet (HSI) service and IPTV service.

Configuration Difference Between IPv6 and IPv4

The main configuration difference between the IPv6 and IPv4 services lies in the configurations on the OLT, MDU, and
ONT.

Configuring IPv6 Services in the FTTB/C (No HGWs) Scenario

This section describes the methods for configuring IPv6 services in the FTTB/C (No HGWs) scenario.

2024-09-17 665
MA5800 Product Documentation

Configuring IPv6 Services in the FTTB+HGW Scenario

This section describes the methods for configuring IPv6 services in the FTTB+HGW scenario.

Configuring IPv6 Services in the FTTH (Bridging ONT) Scenario

This section describes the methods for configuring IPv6 services in the FTTH (bridging ONT) scenario.

Configuring IPv6 Services in the FTTH (Gateway ONT) Scenario

This section describes the methods for configuring IPv6 services in the FTTH (gateway ONT) scenario.

1.7.1 IPv6 Networking


IPv6 Networking

The FTTH IPv6 solution is part of the Huawei fixed broadband solution for IPv6, supporting the access of the IPv6
high speed Internet (HSI) service and IPTV service.
The Huawei FBB solution for IPv6 includes the following scenarios based on service access modes. Since "HSI
scenario: IPv4/IPv6 DS+PPPoE+L2TP" and "HSI scenario: IPv4/IPv6 DS+NAT+PPPoE" in this solution are the same
as those in the FTTx solution, they are not elaborated in this document.

 HSI scenario: IPv4/IPv6 DS+NAT+PPPoE

 HSI scenario: IPv4/IPv6 DS+NAT+IPoE

 HSI scenario: IPv4/IPv6 DS+PPPoE+L2TP

 HSI scenario: DS-Lite+PPPoE

 IPTV scenario: IPv4/IPv6 DS+IPoE

 IPTV scenario: IPv4/IPv6 DS+PPPoE

The access network devices still use IPv4, instead of IPv6, to implement voice services.
Table 1 lists how the access network devices process different services in different IPv6 networking scenarios. For
details, see the data planning and configuration for each scenario.
Table 1 IPv6 networking scenarios

Network Service Scheme OLT ONU


Topology

FTTB/C (no HSI IPv4/IPv6 Layer 2 forwarding Layer 2 forwarding


HGW) DS+NAT+PPPoE

IPv4/IPv6
DS+NAT+IPoE

DS-Lite+PPPoE Not supported Not supported

IPTV IPv4/IPv6 No such networking scenario No such networking scenario


DS+IPoE

IPv4/IPv6
DS+PPPoE

2024-09-17 666
MA5800 Product Documentation

Table 1 IPv6 networking scenarios

Network Service Scheme OLT ONU


Topology

FTTB+HGW HSI IPv4/IPv6 Layer 2 forwarding Layer 2 forwarding


DS+NAT+PPPoE

IPv4/IPv6
DS+NAT+IPoE

DS-Lite+PPPoE

IPTV IPv4/IPv6 It is recommended that a multicast service It is recommended that the


DS+IPoE channel from the OLT to the ONU be ONU be used to duplicate
established to transparently transmit IPv6 multicast flows.
multicast service packets at Layer 2.

IPv4/IPv6 Not recommended Not recommended


DS+PPPoE

FTTH HSI IPv4/IPv6 Layer 2 forwarding Layer 2 forwarding


(bridging DS+NAT+PPPoE
ONT)
IPv4/IPv6
DS+NAT+IPoE

DS-Lite+PPPoE Not supported Not supported

IPTV IPv4/IPv6 The OLT is used to duplicate IPv6 multicast Bridge forwarding
DS+IPoE flows.

IPv4/IPv6 Not recommended Not recommended


DS+PPPoE

FTTH HSI IPv4/IPv6 Layer 2 forwarding To enable IPv4/IPv6 DS on


(gateway DS+NAT+PPPoE the ONT, enable IPv4 and
ONT) IPv6 concurrently on the
IPv4/IPv6 WAN port.
DS+NAT+IPoE

DS-Lite+PPPoE If DS-Lite is enabled on the


ONT, enable IPv6 and DS-Lite
on the WAN port.

IPTV IPv4/IPv6 The OLT is used to duplicate IPv6 multicast Bridge forwarding
DS+IPoE flows.

IPv4/IPv6 Not recommended Not recommended


DS+PPPoE

In the "IPv4/IPv6 DS+PPPoE" scheme of each networking scenario, the broadband remote access server (BRAS), instead of the
access network devices, duplicates multicast flows, so that this scheme does not support large scale application and is therefore
not recommended.

1.7.2 Configuration Difference Between IPv6 and IPv4


Configuration Difference Between IPv6 and IPv4

2024-09-17 667
MA5800 Product Documentation

The main configuration difference between the IPv6 and IPv4 services lies in the configurations on the OLT, MDU,
and ONT.
Configuration Differences Between IPv6 and IPv4 on the OLT

Configurations between IPv6 and IPv4 on the OLT vary in the ACL, security feature, and IPTV multicast service.

Configuration Differences Between IPv6 and IPv4 on the ONU

Configurations between IPv6 and IPv4 on the ONU vary in the ACL, security feature, and IPTV multicast service.

Configuration Difference Between IPv6 and IPv4 on the ONT

For the bridging ONT, configurations for IPv6 and IPv4 are the same. For the gateway ONT, the HSI service configurations
for IPv6 and IPv4 are different.

1.7.2.1 Configuration Differences Between IPv6 and IPv4 on


the OLT
Configuration Differences Between IPv6 and IPv4 on the OLT

Configurations between IPv6 and IPv4 on the OLT vary in the ACL, security feature, and IPTV multicast service.

Configuration Difference in Each Scenario


Table 1 lists the configuration difference between IPv6 and IPv4 on the OLT in each scenario. For details about the
commands, see the later section.
Table 1 Configuration difference between IPv6 and IPv4 on the OLT

Service Scheme Configuration Difference Between IPv6 and IPv4

HSI IPv4/IPv6 The ACL and anti-IP spoofing configurations are different for the two services.
DS+NAT+PPPoE

IPv4/IPv6 The ACL, anti-IP spoofing, and DHCP option configurations are different for the two
DS+NAT+IPoE services.

DS-Lite+PPPoE The ACL and anti-IP spoofing configurations are different for the two services.

IPTV IPv4/IPv6 DS+IPoE The ACL, anti-IP spoofing, DHCP option, and multicast IGMP protocol configurations
are different for the two services.

ACL

ACL configurations on the OLT are different for IPv6 and IPv4 on the network which runs both IPv4 and IPv6
services, irrespective of the networking scenarios and service implementation schemes. When configuring basic
and advanced IPv6 ACLs, ensure that the keyword "ipv6" is included in the configuration command. For details, see
Table 2.
Table 2 Commands for configuring IPv4 and IPv6 ACL on the OLT

2024-09-17 668
MA5800 Product Documentation

IPv4 IPv6 IPv6 ACL Supported or Not

acl acl ipv6 Supported

packet-filter { inbound | packet-filter { inbound | Supported


outbound } outbound } ipv6

rule rule Supported


NOTE:

After IPv6 is introduced, the protocol parameter in the rule


command is extended to support the IPv6 protocols.

Security Feature
Anti-IP spoofing configurations for IPv6 and IPv4 are different on the network which runs both IPv4 and IPv6
services, irrespective of the networking scenarios and service implementation schemes. If the IPoE and DHCP
protocols are used, DHCP option configurations for IPv6 and IPv4 are also different. For details, see Table 3.

 The IP addresses in anti-IP spoofing configurations are different for the two services.

 In the IPv4 configuration, DHCP option is DHCPv4 option 82. In the IPv6 configuration, DHCP option is
DHCPv6 option 18/37.
The DHCP option function is used together with the RAIO function, which enables the OLT to include physical
information (including RID and CID) of the user, such as the subrack/slot/port. In this way, the BRAS or DHCP
server is able to perform user authentication and tracing. When DHCPv4 is in use, the OLT includes RID and
CID to the option 82 field. When DHCPv6 is in use, the OLT includes the RID to the option 37 field in the
DHCPv6 packet and the CID to the option 18 field. The sub option 7 and sub option 9 functions of DHCPv4
option 82 are not supported by DHCPv6.

Table 3 Commands for configuring IPv4 and IPv6 security features on the OLT

IPv4 IPv6 IPv6 Security Supported or


Not

DHCP Option

raio-mode mode dhcp-option82 raio-mode mode dhcpv6-option Supported

dhcp option82 dhcpv6 option Supported

dhcp-option82 permit-forwarding service- dhcpv6-option permit-forwarding Supported


port

raio sub-option - Not supported

dhcp sub-option7 - Not supported

- raio dhcpv6-option37 enterprise- Supported


num

display dhcp option82 display dhcpv6 option Supported

display dhcp config display dhcpv6 config Supported

2024-09-17 669
MA5800 Product Documentation

Table 3 Commands for configuring IPv4 and IPv6 security features on the OLT

IPv4 IPv6 IPv6 Security Supported or


Not

Anti-IP spoofing

security anti-ipspoofing security anti-ipv6spoofing Supported

display security bind ip display security bind ipv6 Supported

IPTV Multicast Service

The IGMP protocol configurations (used to implement the IPTV multicast service) for IPv6 and IPv4 on the OLT are
different. IPv4 uses the IGMP protocol while IPv6 uses the MLD protocol (the IGMP protocol for IPv6). The IPv4
multicast service can share VLANs with the IPv6 multicast service; therefore, you can deploy the IPv6 multicast
service in existing IPv4 M-VLANs only by adding IPv6 multicast programs in the IPv4 M-VLANs and in right
profiles. The configured parameters such as the bound right profiles and M-VLANs can remain unchanged. For
details about the difference of the IGMP commands between the two services, see Table 4.
Table 4 Commands for configuring the IPv4 and IPv6 multicast services on the OLT

IPv4 IPv6 IPv6 Multicast Supported or Not

MVLAN

igmp mode igmp ipv6 mode Supported

igmp match mode igmp ipv6 match mode Supported

igmp version igmp ipv6 version Supported

igmp match group igmp ipv6 match group Supported

display igmp config vlan display igmp ipv6 config vlan Supported

igmp inner-vlan - Not supported

igmp send global-leave - Not supported

Multicast user and right

debugging igmp debugging igmp ipv6 Supported

Preview

igmp preview - Not supported

igmp preview reset count - Not supported

igmp preview reset record - Not supported

igmp preview-profile add - Not supported

igmp preview-profile delete - Not supported

2024-09-17 670
MA5800 Product Documentation

Table 4 Commands for configuring the IPv4 and IPv6 multicast services on the OLT

IPv4 IPv6 IPv6 Multicast Supported or Not

igmp preview-profile modify - Not supported

display igmp preview user - Not supported

display igmp preview-profile - Not supported

Protocol parameter

igmp proxy router gen-query-interval igmp ipv6 proxy router gen-query-interval Supported

igmp proxy router gen-response-time igmp ipv6 proxy router gen-response-time Supported

igmp proxy router robustness igmp ipv6 proxy router robustness Supported

igmp proxy router sp-query-interval igmp ipv6 proxy router sp-query-interval Supported

igmp proxy router sp-query-number igmp ipv6 proxy router sp-query-number Supported

igmp proxy router sp-response-time igmp ipv6 proxy router sp-response-time Supported

igmp initial-unsolicited-report interval igmp ipv6 initial-unsolicited-report interval Supported

igmp unsolicited-report interval igmp ipv6 unsolicited-report interval Supported

display igmp config vlan display igmp ipv6 config vlan Supported

igmp proxy router timeout - Not supported

Multicast additional function

igmp leave-proxy igmp ipv6 leave-proxy Supported

igmp priority igmp ipv6 priority Supported

imgp report-proxy igmp ipv6 report-proxy Supported

igmp accelerator - Not supported

igmp echo - Not supported

igmp encapsulation - Not supported

igmp multicast-tag - Not supported

igmp policy - Not supported

igmp query-offline-user - Not supported

igmp user-action-report - Not supported

igmp mismatch - Not supported

display igmp policy - Not supported

igmp sip-gip-forward - Not supported

2024-09-17 671
MA5800 Product Documentation

Table 4 Commands for configuring the IPv4 and IPv6 multicast services on the OLT

IPv4 IPv6 IPv6 Multicast Supported or Not

Statistics

igmp statistic reset igmp ipv6 statistic reset Supported

display igmp statistic display igmp ipv6 statistic Supported

display multicast flow-statistic - Not supported

Log

display igmp log statistic - Not supported

The multicast commands that are not listed in this table are the commands shared by the IPv4 multicast and IPv6 multicast.

1.7.2.2 Configuration Differences Between IPv6 and IPv4 on


the ONU
Configuration Differences Between IPv6 and IPv4 on the ONU

Configurations between IPv6 and IPv4 on the ONU vary in the ACL, security feature, and IPTV multicast service.

Configuration Difference in Each Scenario


Table 1 lists the configuration difference between IPv6 and IPv4 on the ONU in each scenario. For details about the
commands, see the later section.
Table 1 Configuration difference between IPv6 and IPv4 on the ONU

Service Scheme Configuration Difference Between IPv6 and IPv4

HSI IPv4/IPv6 The ACL and anti-IP spoofing configurations are different for the two services.
DS+NAT+PPPoE

IPv4/IPv6 The ACL, anti-IP spoofing, and DHCP option configurations are different for the two
DS+NAT+IPoE services.

DS-Lite+PPPoE The ACL and anti-IP spoofing configurations are different for the two services.

IPTV IPv4/IPv6 DS+IPoE The ACL, anti-IP spoofing, DHCP option, and multicast IGMP protocol configurations
are different for the two services.

ACL
ACL configurations on the ONU are different for IPv6 and IPv4 on the network which runs both IPv4 and IPv6
services, irrespective of the networking scenarios and service implementation schemes. When configuring basic
and advanced IPv6 ACLs, ensure that the keyword "ipv6" is included in the configuration command. For details, see
Table 2.

2024-09-17 672
MA5800 Product Documentation

Table 2 Commands for configuring IPv4 and IPv6 ACL on the ONU

IPv4 IPv6 IPv6 ACL Supported or Not

acl acl ipv6 Supported

packet-filter { inbound | packet-filter { inbound | Supported


outbound } outbound } ipv6

rule rule Supported


NOTE:

After IPv6 is introduced, the protocol parameter in the rule


command is extended to support the IPv6 protocols.

Security

Anti-IP spoofing configurations for IPv6 and IPv4 are different on the network which runs both IPv4 and IPv6
services, irrespective of the networking scenarios and service implementation schemes. If the IPoE and DHCP
protocols are used, DHCP option configurations for IPv6 and IPv4 are also different. For details, see Table 3.

 The IP addresses in anti-IP spoofing configurations are different for the two services.

 In the IPv4 configuration, DHCP option is DHCPv4 option 82. In the IPv6 configuration, DHCP option is
DHCPv6 option 18/37.
In the IPv6 configuration, the DHCP option function is used together with the RAIO function, which enables
the ONU to include physical information (including RID and CID) of the user, such as the subrack/slot/port. In
this way, the BRAS or DHCP server is able to perform user authentication and tracing. When DHCPv4 is in use,
the ONU includes RID and CID to the option 82 field. When DHCPv6 is in use, the ONU includes the RID to the
option 37 field in the DHCPv6 packet and the CID to the option 18 field. The sub option 7 and sub option 9
functions of DHCPv4 option 82 are not supported by DHCPv6.

Table 3 Commands for configuring IPv4 and IPv6 security features on the ONU

IPv4 IPv6 IPv6 Security Supported or


Not

Supports DHCP option82.

raio-mode mode dhcp-option82 raio-mode mode dhcpv6-option Supported

dhcp option82 dhcpv6 option Supported

dhcp-option82 permit-forwarding service- dhcpv6-option permit-forwarding Supported


port

raio sub-option - Not supported

dhcp sub-option7 - Not supported

- raio dhcpv6-option37 enterprise- Supported


num

display dhcp option82 display dhcpv6 option Supported

2024-09-17 673
MA5800 Product Documentation

Table 3 Commands for configuring IPv4 and IPv6 security features on the ONU

IPv4 IPv6 IPv6 Security Supported or


Not

display dhcp config display dhcpv6 config Supported

Anti-IP spoofing

security anti-ipspoofing security anti-ipv6spoofing Supported

display security bind ip display security bind ipv6 Supported

IPTV Multicast Service

The IGMP protocol configurations (used to implement the IPTV multicast service) for IPv6 and IPv4 on the ONU
are different. IPv4 uses the IGMP protocol while IPv6 uses the MLD protocol (the IGMP protocol for IPv6). The IPv4
multicast service can share VLANs with the IPv6 multicast service; therefore, you can deploy the IPv6 multicast
service in existing IPv4 M-VLANs only by adding IPv6 multicast programs in the IPv4 M-VLANs and in right
profiles. The configured parameters such as the bound right profiles and M-VLANs can remain unchanged. For
details about the difference in the IGMP commands for the two services, see Table 4.
Table 4 Commands for configuring the IPv4 and IPv6 multicast services on the ONU

IPv4 IPv6 IPv6 Multicast Supported or Not

MVLAN

igmp mode igmp ipv6 mode Supported

igmp match mode igmp ipv6 match mode Supported

igmp version igmp ipv6 version Supported

igmp match group igmp ipv6 match group Supported

display igmp config vlan display igmp ipv6 config vlan Supported

igmp send global-leave - Not supported

Multicast user and right

debugging igmp debugging igmp ipv6 Supported

Preview

igmp preview - Not supported

igmp preview reset count - Not supported

igmp preview reset record - Not supported

igmp preview-profile add - Not supported

igmp preview-profile delete - Not supported

2024-09-17 674
MA5800 Product Documentation

Table 4 Commands for configuring the IPv4 and IPv6 multicast services on the ONU

IPv4 IPv6 IPv6 Multicast Supported or Not

igmp preview-profile modify - Not supported

display igmp preview user - Not supported

display igmp preview-profile - Not supported

Protocol parameter

igmp proxy router gen-query-interval igmp ipv6 router gen-query-interval Supported

igmp proxy router gen-response-time igmp ipv6 router gen-response-time Supported

igmp proxy router robustness igmp ipv6 router robustness Supported

igmp proxy router sp-query-interval igmp ipv6 router sp-query-interval Supported

igmp proxy router sp-query-number igmp ipv6 router sp-query-number Supported

igmp proxy router sp-response-time igmp ipv6 router sp-response-time Supported

igmp initial-unsolicited-report interval igmp ipv6 initial-unsolicited-report interval Supported

igmp unsolicited-report interval igmp ipv6 unsolicited-report interval Supported

display igmp config vlan display igmp ipv6 config vlan Supported

igmp proxy router timeout - Not supported

Statistics

igmp statistic reset igmp ipv6 statistic reset Supported

display igmp statistic display igmp ipv6 statistic Supported

display multicast flow-statistic - Not supported

Log

display igmp log - Not supported

display igmp statistic display igmp ipv6 statistic Supported

Multicast additional function

igmp leave-proxy igmp ipv6 leave-proxy Supported

igmp priority igmp ipv6 priority Supported

imgp report-proxy igmp ipv6 report-proxy Supported

igmp echo - Not supported

igmp encapsulation - Not supported

igmp policy - Not supported

2024-09-17 675
MA5800 Product Documentation

Table 4 Commands for configuring the IPv4 and IPv6 multicast services on the ONU

IPv4 IPv6 IPv6 Multicast Supported or Not

igmp query-offline-user - Not supported

igmp user-action-report - Not supported

igmp mismatch - Not supported

display igmp policy - Not supported

The multicast commands that are not listed in this table are the commands shared by IPv4 and IPv6 multicast services.

1.7.2.3 Configuration Difference Between IPv6 and IPv4 on the


ONT
Configuration Difference Between IPv6 and IPv4 on the ONT

For the bridging ONT, configurations for IPv6 and IPv4 are the same. For the gateway ONT, the HSI service
configurations for IPv6 and IPv4 are different.

Configuring the IPv6 WAN Port on the Gateway ONT

For IPv6 IPTV multicast service, no extra configuration is required. For the IPv6 HSI service, the Internet WAN port
on the gateway ONT must be configured (only Internet WAN port supports IPv6). If the gateway ONT uses the
IPv6/IPv4 DS scheme, select IPv4/IPv6 for Protocol Type. If the gateway ONT uses the DS-Lite scheme, select
IPv6 for Protocol Type. For details, see Figure 1.

Figure 1 Configuring the IPv6 WAN port

2024-09-17 676
MA5800 Product Documentation

Configuring the IPv6 Address of the LAN Side on the Gateway ONT

The gateway ONT can be configured to allocate IPv6 addresses to the terminals after IPv6 is introduced. For
details, see Figure 2.

Figure 2 Configuring the IPv6 address on the LAN side

Configuring the Static IPv6 Route on the Gateway ONT

The gateway ONT can be configured with the static IPv6 route after IPv6 is introduced. For details, see Figure 3.

Figure 3 Configuring the IPv6 static route

1.7.3 Configuring IPv6 Services in the FTTB/C (No HGWs)


Scenario
Configuring IPv6 Services in the FTTB/C (No HGWs) Scenario

This section describes the methods for configuring IPv6 services in the FTTB/C (No HGWs) scenario.
Application Scenarios

The FTTB/C (no HGW) networking supports the access of IPv6 HSI services. Generally, no IPTV services will be deployed
when there is no HGW.

Data Planning

This section describes the security, device management data, QoS, Internet service data, and voice service data planning.

Configuration Procedure

This section describes the IPv6 service configuration procedure by scenario, and compares it with the IPv4 service
configuration procedure.

2024-09-17 677
MA5800 Product Documentation

Configuration Example

Introduce the end-to-end service configuration based on the FTTB/C without HGW networking and the corresponding
data plan.

1.7.3.1 Application Scenarios


Application Scenarios

The FTTB/C (no HGW) networking supports the access of IPv6 HSI services. Generally, no IPTV services will be
deployed when there is no HGW.
As shown in Figure 1, the ONU, which is installed in a corridor or street optical distribution box, transmits services
to users through category-5 cables (LAN access) or twisted pairs (xDSL access). The OLT and ONU work with
upper-layer devices to support Huawei DS+NAT+PPPoE/DS+NAT+IPoE HSI IPv6 solutions.

 For voice services: The ONU with a built-in voice module can directly provide VoIP services for users. The
ONU processes VoIP services using the IPv4 protocol instead of the IPv6 protocol.

 For Internet access services: Users connect to the ONU through category-5 cables (LAN access) or the modem
and twisted pairs (xDSL access). The PC and BRAS support the IPv4/IPv6 DS and can be connected in the
PPPoE or IPoE mode. The OLT and ONU implement Layer 2 forwarding, irrespective of whether the access
service is IPv4 or IPv6. Service configurations for IPv4 and IPv6 are the same. Only the ACL, anti-IP spoofing,
and DHCP option configurations for IPv4 and IPv6 are different.

Figure 1 FTTB/C (no HGW) networking

1.7.3.2 Data Planning


Data Planning

This section describes the security, device management data, QoS, Internet service data, and voice service data
planning.

Security Planning

Security planning includes system security, user security, and service security, ensuring that user services are
provided properly from different dimensions.
In the FTTB/C (no HGW) networking scenario, the data for IPv6 and IPv4 security planning differs only in anti-IP
spoofing and DHCP option.

2024-09-17 678
MA5800 Product Documentation

Anti-IP spoofing: This function needs to be configured separately for IPv6 services.

The anti-IP spoofing function can be enabled or disabled at three levels. This function takes effect only when it is
enabled at all the three levels.

1. Global level: Run the security anti-ipv6spoofing enable command in global config mode.

2. VLAN level: Run the security anti-ipv6spoofing enable command in VLAN service profile mode.

3. Service port level: Run the security anti-ipv6spoofing service-port serviceport-id enable command.

DHCP option: The DHCP option for IPv4 is DHCPv4 option 82 and for IPv6 is DHCPv6 option 18/37.

The DHCPv6 option18 and option37 functions can be enabled or disabled at two levels. This function takes effect
only when it is enabled at both levels.

1. Global level: Run the dhcpv6 option enable command in global config mode.

2. VLAN level: Run the dhcpv6 option enable command in VLAN service profile mode.

Device Management Data Planning

Device management data planning includes the management channel and IP address planning. The management
channels for IPv6 and IPv4 services are the same.
Planning Device or Solution Introduction
Service

Management OLT The device management uses single-tagged VLANs on the entire network.
channel
ONU The device management uses single-tagged VLANs on the entire network.

IP address Device IPv4 private network IP addresses are still used as management IP addresses of the
planning management OLT and MDU devices.

Internet IPv4 address: A PC obtains the IPv4 address from the BRAS using PPPoE or DHCP.
If IPoE dial-up is used, the static address can be configured for the PC.
The BRAS can allocate a public network IP address to a PC for Internet access.
The BRAS can allocate a private network address to a PC. The private network
address is translated to the public network address by CGN (NAT44).
IPv6 address: A PC obtains the IPv6 address from the BRAS using PPPoE, SLAAC, or
DHCPv6. If IPoE dial-up is used, the static address can be configured for the PC.

IPTV service The IPTV service is not provisioned in this scenario.

VoIP service The IPv4 protocol is still used. An ONU functions as the DHCP client to obtain the IP
address using DHCP.

QoS Planning

The E2E QoS planning includes the flow classification, marking/scheduling policy, traffic monitoring, and DBA
policy.
When the IPv6 protocol is used, the QoS planning is the same for both IPv6 and IPv4.

2024-09-17 679
MA5800 Product Documentation

 Management service: IPv4

 Voice service: IPv4

 IPTV service: N/A.

 Internet service: It is recommended that access devices use one flow to carry IPv6 and IPv4 Internet services.
The QoS planning is the same for the flow that carries both IPv6 and IPv4 Internet services and the flow that
carries only the IPv4 Internet service.

Internet Service Planning

The Internet service planning includes the VLAN and VLAN switching policy planning in different networking
scenarios.
IPv6 and IPv4 Internet services: It is recommended that devices use one flow to carry IPv6 and IPv4 Internet
services. This facilitates the control of the aggregate rate for IPv6 and IPv4 Internet services. The QoS planning is
the same for the flow that carries both IPv6 and IPv4 Internet services and the flow that carries only the IPv4
Internet service. For details, see Principle of Internet Access Service Data Plan .

Voice Service Data Planning

Voice service data planning includes the VLAN/VLAN switching policy planning in different networking scenarios,
and voice protocol planning.
Even after IPv6 is used, the device still uses IPv4 to implement voice services.

1.7.3.3 Configuration Procedure


Configuration Procedure

This section describes the IPv6 service configuration procedure by scenario, and compares it with the IPv4 service
configuration procedure.

FTTB (No HGW, LAN Access) Configuration Procedure

The following figure shows the IPv6 service configuration procedure in the FTTB (no HGW, LAN access) scenario.
In this scenario, the planning and configuration procedure/method for IPv6 and IPv4 services are almost the same
except the commands for configuring anti-IP spoofing and DHCP option. For details, see Configuration Difference
Between IPv6 and IPv4 .

2024-09-17 680
MA5800 Product Documentation

Texts in blue show the configuration difference between IPv6 and IPv4.

FTTB/C (No HGW, xDSL Access) Configuration Procedure

The following figure shows the IPv6 service configuration procedure in the FTTB/C (no HGW, xDSL access)
scenario. In this scenario, the planning and configuration procedure/method for IPv6 and IPv4 services are almost
the same except the commands for configuring anti-IP spoofing and DHCP option. For details, see Configuration
Difference Between IPv6 and IPv4 .

2024-09-17 681
MA5800 Product Documentation

Texts in blue show the configuration difference between IPv6 and IPv4.

1.7.3.4 Configuration Example


Configuration Example

Introduce the end-to-end service configuration based on the FTTB/C without HGW networking and the
corresponding data plan.

Key Messages for Configuration

 Even after IPv6 is used, the OLT and ONU implement Layer 2 forwarding in this networking, irrespective of
whether the access service is IPv4 or IPv6. Service configurations for IPv4 and IPv6 are the same.

 For the HSI service from one end user, one service flow is used to carry IPv6 and IPv4 Internet services, and
the same service VLAN is used.

 Even after IPv6 is used, the voice service is still realized by IPv4.

Data plan on the OLT side

2024-09-17 682
MA5800 Product Documentation

Item Data Memo

ONU data plan

DBA profile Profile name: fttb_dba The ONU is connected to OLT through the GPON interface.
Profile type: Type3
Assured bandwidth: 8 Mbit/s
Maximum bandwidth: 20
Mbit/s

Line profile Profile name: fttb(c)


Profile ID: 10
T-CONT ID: 4
GEM port ID for management
service: 11
GEM port ID for Internet
access service: 12
GEM port ID for VoIP service:
13

Network topology PON port: 0/1/1


data ONT ID: 1

LAG data plan

LAG Ports: 0/9/0 and 0/9/1 Configure upstream ports 0/9/0 and 0/9/1 into an
Working mode: LACP static aggregation group. Each member port in the aggregation group
aggregation allocates packets based on the source MAC address.

Queue scheduling data plan

Queue scheduling Queue scheduling: strict System default is adopted in this example.
priority (SQ) mode
Priority mapping: mapped
into different queues based on
priorities

Management channel data plan

Management VLAN Management VLAN ID: 8 To configure the MDU from the OLT by logging in to the MDU,
and management IP Management VLAN type: the management VLAN of the OLT and that of the MDU must be
address on the OLT smart VLAN the same, and the management IP address of the OLT and that
side Inband management IP of the MDU must be in the same network segment.
address: 192.168.50.1/24

Management VLAN Management VLAN ID: 8


and management IP Management VLAN type:
address on the ONU smart VLAN
side Inband management IP
address: 192.168.50.2/24

Service channel data plan

Internet access service OLT VLAN ID: Assume that the split ratio of the optical splitter is 1:32, the
ONU is connected to port 1 on the optical splitter using the
C-VLAN ID: 256 x GPON port
optical cable, and the user PC is connected to port 1 on the
ID + 32 x Split ratio x (Splitter
ONU. In this case, the inner VLAN is 258 according to the
port ID - 1) + ONU port ID + 1
formula for calculating the inner VLAN.
S-VLAN: VLAN ID 100 and For details about the data plan, see Data Planning .

2024-09-17 683
MA5800 Product Documentation

Item Data Memo

attribute stacking
Upstream VLANs of the ONU:
1001-1016
Service flow ID: 101

VoIP service OLT VLAN ID (VLAN For details about the data plan, see Data Planning .
transparently transmitting the
ONU service): 200
ONU VLAN ID: 200
Service flow ID: 201

Security data plan

System security Anti-DOS attack: disabled System default is adopted in this example.
Anti-ICMP attack: disabled
Anti-IP attack: disabled

User security Anti-MAC duplicate: disabled System default is adopted in this example.
Anti-IP spoofing: disabled

Service security Forward the packet with PITP In this example, the location information is added to packets
tag: enabled by the ONU equipment and these packets are forwarded by the
Forward the packet with OLT equipment.
DHCPv4 Option82: enabled
Forward the packet with
DHCPv6 Option18/37:
enabled

Data plan of the ONU side

Item Data Memo

HSI service data plan

Port Upstream port: 0/0/1 -


Service port: 0/3/1

Service VLAN VLAN ID: 1001-1016 The ONU supporting 16 FE ports is used as an
VLAN type: smart VLAN example. In actual configuration, plan the data
VLAN attribute: common according to actual capabilities of devices.
For details about the data plan, see Data Planning .

Traffic profile Profile ID: 8 For details about the data plan, see Data Planning .
Committed rate: 4 Mbit/s
Priority: 0

Queue scheduling data plan

Queue scheduling Queue scheduling: strict priority (SQ) System default is adopted in this example.
mode
Priority mapping: mapped into different
queues based on priorities

Service security data plan

2024-09-17 684
MA5800 Product Documentation

Item Data Memo

System security Anti-DOS attack: disabled System default is adopted in this example.
Anti-ICMP attack: disabled
Anti-IP attack: disabled

User security Anti-MAC duplicate: disabled System default is adopted in this example.
Anti-IP spoofing: disabled

PPPoE Service RAIO Type: PITP P PITP is recommended for PPPoE.


security RAIO Mode: common

IPv4oE Service RAIO Type: DHCP Option 82 DHCPv4 option and DHCPv6 option are
security RAIO Mode: common recommended for IPoE.

IPv6oE Service RAIO Type: DHCPv6 Option


security RAIO Mode: common

Voice service data plan

Media and signaling 200 H.248 protocol is adopted in this example.


upstream VLANs

Media and signaling 0/0/1


upstream port

Media IP address and 10.11.11.11/24


signaling IP address

Default gateway IP 10.11.11.11/24


address

MG interface ID 0

Signaling port ID 2944

IP address of the 10.200.200.200/24


primary MGC

Port ID of the primary 2944


MGC

Coding Text

Transmission mode UDP

H248 version that MG 1 (the negotiation starts from V1)


starts to negotiate

Phone number 12345601-12345624

Terminal Terminal layering is not supported and


identification the terminal identification ranges from 0
to 23.

User priority Cat2 for phone 1


Cat3 for phone 2 to phone 24 (default)

User type Common user (DEL user by default)

2024-09-17 685
MA5800 Product Documentation

Item Data Memo

System parameter Default value

Overseas parameter Default value

PSTN port attribute Polarity-reversal

Ringing current Default value


attribute

Procedure

1. Configure GPON ONU profiles.

a. Configure a DBA profile.

huawei(config)#dba-profile add profile-name fttb_dba type3 assure 8192 max 20480

b. Configure an ONU line profile.

huawei(config)#ont-lineprofile gpon profile-id 10 profile-name fttb(c)

huawei(config-gpon-lineprofile-10)#tcont 4 dba-profile-name fttb_dba

huawei(config-gpon-lineprofile-10)#gem add 11 eth tcont 4 cascade on


huawei(config-gpon-lineprofile-10)#gem add 12 eth tcont 4 cascade on
huawei(config-gpon-lineprofile-10)#gem add 13 eth tcont 4 cascade on

huawei(config-gpon-lineprofile-10)#gem mapping 11 0 vlan 8


huawei(config-gpon-lineprofile-10)#gem mapping 12 1 vlan 1001
huawei(config-gpon-lineprofile-10)#gem mapping 13 2 vlan 200

huawei(config-gpon-lineprofile-10)#commit
huawei(config-gpon-lineprofile-10)#quit

c. (Optional) Add an alarm profile.


In this example, the default alarm profile is used, and therefore the configuration of the alarm profile
is not required.

2. Add an ONU to an OLT.


Assume that the ID of GPON port 0/1/1 is 1, SN is 3230313163902641, management mode is SNMP, and the
bound line profile is fttb(c). Connect the ONU to such a GPON port through the optical splitter.
There are two modes to add an ONT: add an ONT offline and confirm an automatically discovered ONU.

 Add an ONU offline.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont add 1 ontid 1 sn-auth 3230313163902641

snmp ont-lineprofile-name fttb(c)

 Confirm an automatically discovered ONU.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#port 1 ont-auto-find enable

2024-09-17 686
MA5800 Product Documentation

huawei(config-if-gpon-0/1)#display ont autofind 1


huawei(config-if-gpon-0/1)#ont confirm 1 ontid 1 sn-auth 3230313163902641

snmp ont-lineprofile-name fttb(c)

a. (Optional) Bind the alarm profile to the ONU.


In this example, the default alarm profile 1 is used. Therefore, the configuration of the alarm profile is
not required.

3. Check the ONU status.


After an ONU is added, run the display ont info command to query the current status of the ONU. Ensure
that Config flag of the ONU is active, Run State is online, and Config state is normal.

huawei(config-if-gpon-0/1)#display ont info 1 1


---------------------------------------------------------------------
F/S/P : 0/1/1
ONT-ID :1
Control flag : active //The ONU is activated.
Run state : online //The ONU is online.
Config state : normal //The ONU configurations are recovered normally.
...//The rest of the response information is not provided here.
huawei(config-if-gpon-0/1)#quit

4. Configure the inband management VLAN and IP address of the OLT.

huawei(config)#vlan 8 smart
huawei(config)#port vlan 8 0/9 0
huawei(config)#vlan priority 8 6
huawei(config)#interface vlanif 8
huawei(config-if-vlanif8)#ip address 192.168.50.1 24
huawei(config-if-vlanif8)#quit

5. Configure the inband management VLAN and IP address of the ONU.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont ipconfig 1 1 static ip-address 192.168.50.2 mask 255.255.255.0 gateway

192.168.50.1 vlan 8

huawei(config-if-gpon-0/1)#quit

6. Configure an inband management service port.

huawei(config)#service-port 1 vlan 8 gpon 0/1/1 ont 1 gemport 11 multi-service

user-vlan 8 rx-cttr 6 tx-cttr 6

7. Confirm that the management channel between the OLT and the ONU is available.

 On the OLT, run the ping 192.168.50.2 command to check the connectivity between the OLT and the
ONU. The ICMP ECHO-REPLY packet from the ONU should be received.

 On the OLT, you can remotely log in to the ONU to perform the configuration.

2024-09-17 687
MA5800 Product Documentation

8. Configure a channel for the Internet access service.

huawei(config)#vlan 100 smart


huawei(config)#vlan attrib 100 stacking
huawei(config)#port vlan 100 0/9 0

huawei(config)#service-port 101 vlan 100 gpon 0/1/1 ont 1 gemport 12 multi-service

user-vlan 1001 tag-transform translate-and-add inner-vlan 258 rx-cttr 6 tx-cttr 6

9. Configure a channel for the VoIP service.

huawei(config)#vlan 200 smart


huawei(config)#port vlan 200 0/9 0

huawei(config)#traffic table ip index 9 cir off priority 5 priority-policy local-setting

huawei(config)#service-port 201 vlan 200 gpon 0/1/1 ont 1 gemport 13 multi-service

user-vlan 200 rx-cttr 9 tx-cttr 9

10. Configure LAG for upstream ports.


Configure upstream ports 0/9/0 and 0/9/1 into an aggregation group. Each member port in the aggregation
group allocates packets based on the source MAC address. The working mode is LACP static aggregation.

huawei(config)#link-aggregation 0/9 0-1 ingress workmode lacp-static

11. (Optional) When PPPoE is adopted, enable forwarding the packets with PITP tag on the OLT equipment.

huawei(config)#pitp permit-forwarding service-port 101 enable

12. (Optional) When IPoE is adopted, enable forwarding the packets with DHCP option on the OLT equipment.

huawei(config)#dhcp-option82 permit-forwarding service-port 101 enable //For IPv4 packets


huawei(config)#dhcpv6-option permit-forwarding port 0/1/1 ontid 1 enable //For IPv6 packets

13. Save the configuration data on the OLT.

huawei(config)#save

14. Log in to and configure the ONU.


You can remotely log in to the ONU from the OLT to perform the configuration.

The following steps are configured on the ONU side.

15. Configuration the HSI service on the ONU side.

This example creates one service port as an example. Each service port maps a user. When configuring another service
port, map the corresponding S-VLAN.

huawei(config)#vlan 1001-1016 smart


huawei(config)#port vlan 1001-1016 0/0 1

huawei(config)#traffic table ip index 8 cir 4096 priority 0 priority-policy local-Setting

huawei(config)#service-port 101 vlan 1001 eth 0/3/1 multi-service user-vlan

2024-09-17 688
MA5800 Product Documentation

untagged rx-cttr 8 tx-cttr 8

16. (Optional) Configure the PITP function for PPPoE.

huawei(config)#raio-mode common pitp-pmode


huawei(config)#pitp enable pmode

17. (Optional) Configure the DHCP option function for IPoE.

huawei(config)#raio-mode common dhcp-option82 //For DHCPv4 packets


huawei(config)#dhcp option82 enable //For DHCPv4 packets
huawei(config)#raio-mode common dhcpv6-option //For DHCPv6 packets
huawei(config)#dhcpv6 option enable //For DHCPv6 packets

18. Configure the voice service.

huawei(config)#vlan 200 smart

huawei(config)#port vlan 200 0/0 1

huawei(config)#interface vlanif 200


huawei(config-if-vlanif200)#ip address 10.11.11.11 24
huawei(config-if-vlanif200)#quit

huawei(config)#voip
huawei(config-voip)#ip address media 10.11.11.11 10.11.11.11
huawei(config-voip)#ip address signaling 10.11.11.11
huawei(config-voip)#quit

huawei(config)#ip route-static 10.200.200.0 24 10.11.11.11

huawei(config)#interface h248 0
Are you sure to add MG interface?(y/n)[n]:y

huawei(config-if-h248-0)#if-h248 attribute mgip 10.11.11.11 mgport

2944 code text transfer udp primary-mgc-ip1 10.200.200.200 primary-mgc-port


2944 mg-media-ip1 10.11.11.11 start-negotiate-version 1

huawei(config-if-h248-0)#reset coldstart
Are you sure to reset MG interface?(y/n)[n]:y
huawei(config-if-h248-0)#quit

huawei(config)#esl user
huawei(config-esl-user)#mgpstnuser batadd 0/3/0 0/3/15 0 terminalid 0 telno 12345601

huawei(config-esl-user)#mgpstnuser modify 0/3/0 priority cat2


huawei(config-esl-user)#quit

huawei(config)#pstnport
huawei(config-pstnport)#pstnport attribute batset 0/3/0 0/3/15 reverse-pole-pulse enable
huawei(config-pstnport)#quit

19. Save the configuration on the ONU side.

huawei(config)#save

2024-09-17 689
MA5800 Product Documentation

1.7.4 Configuring IPv6 Services in the FTTB+HGW Scenario


Configuring IPv6 Services in the FTTB+HGW Scenario

This section describes the methods for configuring IPv6 services in the FTTB+HGW scenario.
Application Scenario

The FTTB+HGW networking includes two scenarios: The ONU provides the voice service in one scenario and the HGW
provides the voice service in another scenario. After IPv6 is introduced to the network, the voice service still uses IPv4 so
that these two voice scenarios do not change after IPv6 introduction.

Data Planning

This section describes the security, device management data, QoS, Internet service data, voice service data, and IPTV
service data planning.

Configuration Procedure

This section describes the IPv6 service configuration procedure by scenario, and compares it with the IPv4 service
configuration procedure.

Configuration Example

Introduce the end-to-end service configuration based on the FTTB+HGW networking and the corresponding data plan.

1.7.4.1 Application Scenario


Application Scenario

The FTTB+HGW networking includes two scenarios: The ONU provides the voice service in one scenario and the
HGW provides the voice service in another scenario. After IPv6 is introduced to the network, the voice service still
uses IPv4 so that these two voice scenarios do not change after IPv6 introduction.

FTTB+HGW Application Scenario


Figure 1 shows an FTTB+HGW network. The OLT is deployed at the CO and connects to the MAN by aggregation,
and the ONU is deployed in the buildings or street fiber distribution terminals. Access interfaces are deployed on
the HGW that connects to the ONU using LAN or xDSL upstream transmission (deployed in user houses). Together
with upper layer devices, the FTTB+HGW network supports the HSI and IPTV services implemented by the
schemes of the Huawei fixed broadband solution for IPv6: IPv4/IPv6 DS+NAT+PPPoE, IPv4/IPv6 DS+NAT+IPoE,
and DS-Lite+PPPoE (for the HSI services) and IPv4/IPv6 DS+IPoE and IPv4/IPv6 DS+PPPoE (for the IPTV service).

 Upstream networking: The HGW connects to the ONU through upstream ETH or xDSL port.

 HSI service: The HGW has Layer 3 functions (such as PPPoE dial-up and NAT), which enable multiple PCs of a
family to access the Internet at the same time.

 If the HGW uses the IPv4/IPv6 DS scheme, the PPPoE or IPoE channel that supports both IPv4 and IPv6
is established between the HGW and the BRAS. The OLT and ONU perform Layer 2 forwarding,

2024-09-17 690
MA5800 Product Documentation

irrespective of whether the access service is IPv4 or IPv6. Service configurations for IPv4 and IPv6 are
the same. Only the ACL, anti-IP spoofing, and DHCP option configurations for IPv4 and IPv6 are different.

 If the HGW uses the DS-Lite scheme, the PPPoE channel that supports only IPv6 is established between
the HGW and the BRAS. As for IPv4, the HGW encapsulates IPv4 packets and transmits them to the BRAS
or CGN using the 4in6 tunnel. The OLT and ONU perform Layer 2 forwarding, irrespective of whether the
access service is IPv4 or IPv6. Service configurations for IPv4 and IPv6 are the same. Only the ACL, anti-
IP spoofing, and DHCP option configurations for IPv4 and IPv6 are different.

 IPTV service: Users can preview or view IPTV programs by connecting an STB to the HGW. STB supports
IPv4/IPv6 DS and uses IPv4 or IPv6 (cannot be used together) to carry IPTV services.

 If the STB uses IPoE, choose the ONU preferentially to duplicate multicast flows. On the ONU, IPv6 and
IPv4 multicast services are configured in the same way but with different commands. On the OLT, service
channels to the ONU need to be established, multicast flows do not need to be duplicated, and IGMP IPv6
data needs to be configured.

 If the STB uses PPPoE, it establishes a PPPoE connection to the BRAS. The OLT, ONU, and HGW only
forward PPPoE service flows and do not process multicast services. Therefore, this scheme is not
recommended.

 Voice service: The voice service can be provided by the ONU with the build-in voice module or the build-in
IAD of the HGW. The VoIP service on ONU or HGW is still implemented by IPv4.

Figure 1 FTTB+HGW service networking

1.7.4.2 Data Planning


Data Planning

This section describes the security, device management data, QoS, Internet service data, voice service data, and
IPTV service data planning.

Security Planning

Security planning includes system security, user security, and service security, ensuring that user services are
provided properly from different dimensions.

2024-09-17 691
MA5800 Product Documentation

In the FTTB+HGW networking scenario, only anti-IP spoofing and DHCP option of IPv6 and IPv4 services are
different.
Anti-IP spoofing: This function needs to be configured separately for IPv6 services.

The anti-IP spoofing function can be enabled or disabled at three levels. This function takes effect only when it is
enabled at all the three levels.

1. Global level: Run the security anti-ipv6spoofing enable command in global config mode.

2. VLAN level: Run the security anti-ipv6spoofing enable command in VLAN service profile mode.

3. Service port level: Run the security anti-ipv6spoofing service-port serviceport-id enable command.

DHCP option: The DHCP option for IPv4 is DHCPv4 option 82 and for IPv6 is DHCPv6 option 18/37.

The DHCPv6 option18 and option37 functions can be enabled or disabled at two levels. This function takes effect
only when it is enabled at both levels.

1. Global level: Run the dhcpv6 option enable command in global config mode.

2. VLAN level: Run the dhcpv6 option enable command in VLAN service profile mode.

Device Management Data Planning

Device management data planning includes the management channel and IP address planning. The management
channels for IPv6 and IPv4 services are the same.
Planning Device or Solution Introduction
Service

Management OLT The device management uses single-tagged VLANs on the entire network.
channel
ONU The device management uses single-tagged VLANs on the entire network.

HGW Single-tagged S-VLANs are used as management VLANs for all HGWs that need to be
managed by the iTMS.
The management VLANs for HGWs can be allocated to an entire network, an OLT, a
PON board, or a PON port to identify services and physical locations. It is
recommended that you set different HGW management VLANs for the OLTs connected
to one SR to avoid an excessively large broadcast domain of the SR and convergence
switch.

IP address Device IPv4 private network IP addresses are still used as management IP addresses of the
planning management OLT and MDU devices.

Internet IPv4 address: An HGW obtains the IPv4 address from the BRAS using PPPoE or DHCP.
If IPoE dial-up is used, the static address can be configured. At the same time, as the
DHCP server, the HGW allocates private network IP addresses to PCs. The NAT function
enables these PCs to go online by sharing the IPv4 address allocated by the BRAS.
The BRAS can allocate a public network IP address to an HGW.
The BRAS can allocate a private network address to an HGW. The private network
address is translated to the public network address by CGN (NAT44).
IPv6 address: An HGW obtains the IPv6 address from the BRAS using PPPoE or DHCP.
If IPoE dial-up is used, the static address can be configured. At the same time, the HGW
as the DHCP server obtains the prefix of an IPv6 address, and allocates IPv6 addresses
to connected PCs.

2024-09-17 692
MA5800 Product Documentation

Planning Device or Solution Introduction


Service

IPTV service If the IPv4 protocol is used, an STB obtains the IP address from the BRAS using DHCP.
If the IPv6 protocol is used, the STB obtains the IP address in either of the following
ways:
Obtains the IP address from the BRAS using DHCPv6.
Obtains the IP address from the BRAS using SLAAC.

VoIP service The IPv4 protocol is still used. An ONU or HGW functions as the DHCP client to obtain
the IP address using DHCP.

TR069 service The IPv4 protocol is still used. In scenarios in which TR069 is required for
management maintenance and service provisioning, the HGW functions as the DHCP
client to obtain a public network IP address from the DHCP server to connect the
TR069 server ACS.

QoS Planning

The E2E QoS planning includes the flow classification, marking/scheduling policy, traffic monitoring, and DBA
policy.
When the IPv6 protocol is used, the QoS planning is the same for both IPv6 and IPv4.

 Management service: IPv4

 Voice service: IPv4

 IPTV service: One user uses either IPv6 or IPv4 at one time. The QoS planning for IPv6 and IPv4 IPTV services
is the same.

 Internet service: It is recommended that access devices use one flow to carry IPv6 and IPv4 Internet services.
The QoS planning is the same for the flow that carries both IPv6 and IPv4 Internet services and the flow that
carries only the IPv4 Internet service.

Internet Service Planning

The Internet service planning includes the VLAN and VLAN switching policy planning in different networking
scenarios.
IPv6 and IPv4 Internet services: It is recommended that devices use one flow to carry IPv6 and IPv4 Internet
services. This facilitates the control of the aggregate rate for IPv6 and IPv4 Internet services. The QoS planning is
the same for the flow that carries both IPv6 and IPv4 Internet services and the flow that carries only the IPv4
Internet service.

Voice Service Data Planning

Voice service data planning includes the VLAN/VLAN switching policy planning in different networking scenarios,
and voice protocol planning.
Even after IPv6 is used, the device still uses IPv4 to implement voice services.

2024-09-17 693
MA5800 Product Documentation

IPTV Service Data Planning

IPTV service data planning includes the VLAN/VLAN switching policy planning in different networking scenarios,
and IPTV service planning.
When the IPv6 protocol is used, one IPTV user uses either IPv6 or IPv4 at one time. The VLAN data planning for
IPv6 is consistent with that for IPv4. For details, see Principle of IPTV Service Data Plan . The IPv6 version of the
IGMP protocol is also known as multicast listener discovery (MLD). The following table lists the detailed data
planning.
Data Item Remarks

IGMP The OLT and ONU use the IGMP IPv6 proxy.

IGMP version The compatibility policies of the IGMP version on access devices are different on the network side
(multicast router) and the user side (terminal).
In normal application scenarios:
The device is usually the initiating party. The IGMP version on the multicast router can be seamlessly
degraded without packet loss.
The terminal is usually the initiating party. The IGMP version on the device can be seamlessly
degraded without packet loss.
Recommended IGMP IPv6 protocol versions are as follows:
When the network side is V1, the access device uses V1.
When the network side is V2, the access device uses V1 or V2.
When the network side is V1, the access device uses V1 or V2.
When the network side is V2, the access device uses V2.

Multicast Static configuration is recommended. The OLT can also generate a multicast program library, that is,
program dynamically generate a program list according to the programs requested by users.

Multicast Not supported.


preview profile

Multicast The fast leave function is enabled (recommended) to help reduce the exchange of IGMP packets and
fastleave save bandwidth resources.

1.7.4.3 Configuration Procedure


Configuration Procedure

This section describes the IPv6 service configuration procedure by scenario, and compares it with the IPv4 service
configuration procedure.

FTTB+HGW (ONU Provides the Voice Service) Configuration Procedure

The following figure shows the IPv6 service configuration procedure in the FTTB+HGW (ONU provides the voice
service) scenario. In this scenario, the planning and configuration procedure/method for IPv6 and IPv4 services
are almost the same except the following differences. On the OLT side, multicast service channels between the OLT
and ONU and part configuration commands of the security policy are different. On the ONU side, configuration
commands of IPTV multicast services are different. Configuration Difference Between IPv6 and IPv4 shows the
differences.

2024-09-17 694
MA5800 Product Documentation

Texts in blue show the configuration (on OLT and ONU) difference between IPv6 and IPv4.
For differences between the HGW's IPv6 and IPv4 service processing, see documentation of the HGW products.

FTTB+HGW (HGW provides the voice service) Configuration Procedure

The following figure shows the IPv6 service configuration procedure in the FTTB+HGW (ONU provides the voice
service) scenario. In this scenario, the planning and configuration procedure/method for IPv6 and IPv4 services
are almost the same except the following differences. On the OLT side, multicast service channels between the OLT
and ONU and part configuration commands of the security policy are different. On the ONU side, configuration
commands of IPTV multicast services are different. Configuration Difference Between IPv6 and IPv4 shows the
differences.

2024-09-17 695
MA5800 Product Documentation

Texts in blue show the configuration (on OLT and ONU) difference between IPv6 and IPv4.
For differences between the HGW's IPv6 and IPv4 service processing, see documentation of the HGW products.

1.7.4.4 Configuration Example


Configuration Example

Introduce the end-to-end service configuration based on the FTTB+HGW networking and the corresponding data
plan.

Key Messages for Configuration

 Even after IPv6 is used, the voice service is still realized by IPv4.

2024-09-17 696
MA5800 Product Documentation

 Even after IPv6 is used, the OLT and ONU implement Layer 2 forwarding for HSI service in this networking,
irrespective of whether the access service is IPv4 or IPv6. Service configurations for IPv4 and IPv6 are the
same. For the HSI service from one end user, one service flow is used to carry IPv6 and IPv4 Internet services,
and the same service VLAN is used.

 For multicast service, the ONU is the node to make multicast duplication. The configuration procedure is the
same for IPv4 multicast and IPv6 multicast. The IPv4 multicast service and IPv6 multicast service can be
configured in the same multicast VLAN on the ONU equipment.

Data plan on the OLT side

Item Data Memo

ONU data plan

DBA profile Profile name: fttb_dba The ONU is connected to OLT through the GPON interface.
Profile type: Type3
Assured bandwidth: 8
Mbit/s
Maximum bandwidth: 20
Mbit/s

Line profile Profile name: fttb(c)


Profile ID: 10
T-CONT ID: 4
GEM port ID for
management service: 11
GEM port ID for Internet
access service: 12
GEM port ID for VoIP
service: 13

Network topology data PON port: 0/1/1


ONT ID: 1

LAG data plan

LAG Ports: 0/9/0 and 0/9/1 Configure upstream ports 0/9/0 and 0/9/1 into an aggregation
Working mode: LACP static group. Each member port in the aggregation group allocates
aggregation packets based on the source MAC address.

Queue scheduling data plan

Queue scheduling Queue scheduling: strict System default is adopted in this example.
priority (SQ) mode
Priority mapping: mapped
into different queues based
on priorities

Management channel data plan

Management VLAN and Management VLAN ID: 8 To configure the MDU from the OLT by logging in to the MDU,
management IP address Management VLAN type: the management VLAN of the OLT and that of the MDU must be
on the OLT side smart VLAN the same, and the management IP address of the OLT and that
Inband management IP of the MDU must be in the same network segment.
address: 192.168.50.1/24

2024-09-17 697
MA5800 Product Documentation

Item Data Memo

Management VLAN and Management VLAN ID: 8


management IP address Management VLAN type:
on the ONU side smart VLAN
Inband management IP
address: 192.168.50.2/24

Service channel data plan

Internet access service S-VLAN ID: 100; S-VLAN Plan the Internet access service in per user per service per
attribute: stacking VLAN (PUPSPV) mode and apply S-VLAN+C-VLAN to
C-VLAN ID: 1000-1016 differentiate users.
Traffic profile: 6 The 802.1p priority of the Internet access service is 0, and rate
limitation is not required. System traffic profile 6 can be used.
For details, see Data Planning .

VoIP service S-VLAN ID: 200 The voice over IP (VoIP) service is a carrier-operating, closed
C-VLAN ID: 200 service and primarily adopts only S-VLAN tags, which are
Traffic profile: 9 transparently transmitted by OLTs.
The 802.1p priority of the VoIP service is 5, and rate limitation
is not required. System traffic profiles do not meet the
requirements and new traffic profile shall be configured.
For details, see Data Planning .

VoD service S-VLAN ID: 300 Plan the video on demand (VoD) service in per user per VLAN
Traffic profile: 10 (PUPV) mode if possible, as the VoD service requires only a few
VLAN resources.
The VoD service is a carrier-operating, closed service and
primarily adopts only S-VLAN tags, which are transparently
transmitted by OLTs.
The 802.1p priority of the VoD service is 4, and rate limitation is
not required. System traffic profiles do not meet the
requirements and new traffic profile shall be configured.
For details, see Data Planning .

Multicast service Multicast VLAN ID: 1000 The multicast service is a carrier-operating, closed service and
Multicast cascading port: primarily adopts only S-VLAN tags.
0/1/1 Take the same traffic profile with the VoD service.
IGMP version: IGMPv3 For details, see Data Planning .
IGMP mode: IGMP proxy
Multicast IP address range:
224.1.1.10-224.1.1.100
IP address of the multicast
server: 10.10.10.10/24
Traffic profile: 10

Security data plan

System security Anti-DOS attack: disabled System default is adopted in this example.
Anti-ICMP attack: disabled
Anti-IP attack: disabled

User security Anti-MAC duplicate: System default is adopted in this example.


disabled
Anti-IP spoofing: disabled

Service security Forward the packet with In this example, the location information is added to packets by
PITP tag: enabled the ONU equipment and these packets are forwarded by the

2024-09-17 698
MA5800 Product Documentation

Item Data Memo

Forward the packet with OLT equipment.


DHCPv4 Option82: enabled
Forward the packet with
DHCPv6 Option18/37:
enabled

Data plan of the ONU side

Item Data Memo

HSI service data plan

Traffic profile ID: 8 -


CIR: 4 Mbit/s
VLAN priority: 0
Downstream priority policy: local-
setting

User VLAN Untagged HGWs can send untagged packets or packets


with user VLAN tags.
User VLAN ID: 1, 2, 3...

Queue scheduling data plan

Queue scheduling Queue scheduling: strict priority System default is adopted in this example.
(SQ) mode
Priority mapping: mapped into
different queues based on
priorities

Service security data plan

System security Anti-DOS attack: disabled System default is adopted in this example.
Anti-ICMP attack: disabled
Anti-IP attack: disabled

User security Anti-MAC duplicate: disabled System default is adopted in this example.
Anti-IP spoofing: disabled

PPPoE Service security RAIO Type: PITP P PITP is recommended for PPPoE.
RAIO Mode: common

IPv4oE Service security RAIO Type: DHCP Option 82 DHCPv4 option and DHCPv6 option are
RAIO Mode: common recommended for IPoE.

IPv6oE Service security RAIO Type: DHCPv6 Option


RAIO Mode: common

Voice service data plan

Media and signaling upstream 200 H.248 protocol is adopted in this example.
VLANs

Media and signaling upstream port 0/0/1

Media IP address and signaling IP 10.11.11.11/24

2024-09-17 699
MA5800 Product Documentation

Item Data Memo

address

Default gateway IP address 10.11.11.11/24

MG interface ID 0

Signaling port ID 2944

IP address of the primary MGC 10.200.200.200/24

Port ID of the primary MGC 2944

Coding Text

Transmission mode UDP

H248 version that MG starts to 1 (the negotiation starts from V1)


negotiate

Phone number 12345601-12345624

Terminal identification Terminal layering is not supported


and the terminal identification
ranges from 0 to 23.

User priority Cat2 for phone 1


Cat3 for phone 2 to phone 24
(default)

User type Common user (DEL user by


default)

System parameter Default value

Overseas parameter Default value

PSTN port attribute Polarity-reversal

Ringing current attribute Default value

IPTV service data plan

Traffic profile ID: 10 -


CIR: off
VLAN priority: 4
Downstream priority policy: local-
setting

User VLAN in the scenario in which User VLAN ID: 1, 2, 3... HGWs can send untagged packets or packets
HGWs are upstream connected to an with user VLAN tags.
ONU through LANs

VPI/VCI of ADSL2+ users in the VPI: 0 Internet service providers (ISPs) provide
scenario in which HGWs are VCI: 35 VPI/VCI information.
connected upstream to an ONU in
ADSL2+ mode

VDSL2 path mode in the scenario in PTM Both the central office and HGWs must
which HGWs are connected support the PTM mode.

2024-09-17 700
MA5800 Product Documentation

Item Data Memo

upstream to an ONU in VDSL2 mode

VLAN ID of the VoD service 300 The VoD service is a carrier-operating,


closed service and primarily adopts only
SVLAN tags, which are transparently
transmitted by OLTs.

Multicast VLAN ID of the ONU 1000 -

Multicast VLAN ID of HGWs 43 A carrier generally specifies a globally


unique multicast VLAN ID for HGWs.

Procedure

1. Configure GPON ONU profiles.

a. Configure a DBA profile.

huawei(config)#dba-profile add profile-name fttb_dba type3 assure 8192 max 20480

b. Configure an ONU line profile.

huawei(config)#ont-lineprofile gpon profile-id 10 profile-name fttb(c)

huawei(config-gpon-lineprofile-10)#tcont 4 dba-profile-name fttb_dba

huawei(config-gpon-lineprofile-10)#gem add 11 eth tcont 4 cascade on


huawei(config-gpon-lineprofile-10)#gem add 12 eth tcont 4 cascade on
huawei(config-gpon-lineprofile-10)#gem add 13 eth tcont 4 cascade on

huawei(config-gpon-lineprofile-10)#gem mapping 11 0 vlan 8


huawei(config-gpon-lineprofile-10)#gem mapping 12 1 vlan 1001
huawei(config-gpon-lineprofile-10)#gem mapping 13 2 vlan 200

huawei(config-gpon-lineprofile-10)#commit
huawei(config-gpon-lineprofile-10)#quit

c. (Optional) Add an alarm profile.


In this example, the default alarm profile is used. Therefore, the configuration of the alarm profile is
not required.

2. Add an ONU to an OLT.


Assume that the ID of GPON port 0/1/1 is 1, SN is 3230313163902641, management mode is SNMP, and the
bound line profile is fttb(c). Connect the ONU to such a GPON port through the optical splitter.
There are two modes to add an ONT: add an ONT offline and confirm an automatically discovered ONU.

 Add an ONU offline.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont add 1 ontid 1 sn-auth 3230313163902641

snmp ont-lineprofile-name fttb(c)

 Confirm an automatically discovered ONU.

2024-09-17 701
MA5800 Product Documentation

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#port 1 ont-auto-find enable
huawei(config-if-gpon-0/1)#display ont autofind 1
huawei(config-if-gpon-0/1)#ont confirm 1 ontid 1 sn-auth 3230313163902641

snmp ont-lineprofile-name fttb(c)

a. (Optional) Bind the alarm profile to the ONU.


In this example, the default alarm profile 1 is used, and therefore the configuration of the alarm
profile is not required.

3. Check the ONU status.


After an ONU is added, run the display ont info command to query the current status of the ONU. Ensure
that Config flag of the ONU is active, Run State is online, and Config state is normal.

huawei(config-if-gpon-0/1)#display ont info 1 1


---------------------------------------------------------------------
F/S/P : 0/1/1
ONT-ID :1
Control flag : active //The ONU is activated.
Run state : online //The ONU is online.
Config state : normal //The ONU configurations are recovered normally.
...//The rest of the response information is not provided here.
huawei(config-if-gpon-0/1)#quit

4. Configure the inband management VLAN and IP address of the OLT.

huawei(config)#vlan 8 smart
huawei(config)#port vlan 8 0/9 0
huawei(config)#vlan priority 8 6
huawei(config)#interface vlanif 8
huawei(config-if-vlanif8)#ip address 192.168.50.1 24
huawei(config-if-vlanif8)#quit

5. Configure the inband management VLAN and IP address of the ONU.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont ipconfig 1 1 static ip-address 192.168.50.2 mask 255.255.255.0 gateway

192.168.50.1 vlan 8

huawei(config-if-gpon-0/1)#quit

6. Configure an inband management service port.

huawei(config)#service-port 1 vlan 8 gpon 0/1/1 ont 1 gemport 11 multi-service

user-vlan 8 rx-cttr 6 tx-cttr 6

7. Confirm that the management channel between the OLT and the ONU is available.

 On the OLT, run the ping 192.168.50.2 command to check the connectivity between the OLT and the
ONU. The ICMP ECHO-REPLY packet from the ONU should be received.

2024-09-17 702
MA5800 Product Documentation

 On the OLT, you can remotely log in to the ONU to perform the configuration.

8. Configure a channel for the Internet access service.

huawei(config)#vlan 100 smart


huawei(config)#vlan attrib 100 stacking
huawei(config)#port vlan 100 0/9 0

huawei(config)#service-port vlan 100 gpon 0/1/1 ont 1 gemport 12 multi-service

user-vlan 1001 tag-transform translate-and-add rx-cttr 6 tx-cttr 6

9. Configure a channel for the Voice service.

huawei(config)#vlan 200 smart


huawei(config)#port vlan 200 0/9 0

huawei(config)#traffic table ip index 9 cir off priority 5 priority-policy local-setting

huawei(config)#service-port vlan 200 gpon 0/1/1 ont 1 gemport 13 multi-service

user-vlan 200 rx-cttr 9 tx-cttr 9

10. Configure a channel for the VoD service.

huawei(config)#vlan 300 smart


huawei(config)#port vlan 300 0/9 0

huawei(config)#traffic table ip index 10 cir off priority 4 priority-policy local-Setting

huawei(config)#service-port vlan 300 gpon 0/1/1 ont 1 gemport 14 multi-service

user-vlan 300 rx-cttr 10 tx-cttr 10

11. Configure a channel for the multicast service.

huawei(config)#vlan 1000 smart


huawei(config)#port vlan 1000 0/9 0

huawei(config)#service-port vlan 1000 gpon 0/1/1 ont 1 gemport 14 multi-service

user-vlan 1000 rx-cttr 10 tx-cttr 10

huawei(config)#btv
huawei(config-btv)#igmp cascade-port 0/1/1 ontid 1 gemport-index 14

huawei(config)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp ipv6 version v2

huawei(config-mvlan1000)#igmp ipv6 mode proxy


Are you sure to change IGMP IPv6 mode?(y/n)[n]:y

huawei(config-mvlan1000)#igmp uplink-port 0/9/0

huawei(config-mvlan1000)#igmp program add batch ipv6 ff15:: to-ipv6 ff15::ffff

source-ipv6 2001:db8::1

12. Configure LAG for upstream ports.


Configure upstream ports 0/9/0 and 0/9/1 into an aggregation group. Each member port in the aggregation
group allocates packets based on the source MAC address. The working mode is LACP static aggregation.

huawei(config)#link-aggregation 0/9 0-1 ingress workmode lacp-static

2024-09-17 703
MA5800 Product Documentation

13. (Optional) When PPPoE is adopted, enable forwarding the packets with PITP tag on the OLT equipment.

huawei(config)#pitp permit-forwarding service-port 101 enable

14. (Optional) When IPoE is adopted, enable forwarding the packets with DHCP option on the OLT equipment.

huawei(config)#dhcp-option82 permit-forwarding service-port 101 enable //For IPv4 packets


huawei(config)#dhcpv6-option permit-forwarding port 0/1/1 ontid 1 enable //For IPv6 packets

15. Save the configuration data on the OLT.

huawei(config)#save

16. Log in to and configure the ONU.


You can remotely log in to the ONU from the OLT to perform the configuration.

The following steps are configured on the ONU side.

17. Configuration the HSI service on the ONU side.

This example creates one service port as an example. Each service port maps a user. When configuring another service
port, map the corresponding S-VLAN.

huawei(config)#vlan 1001-1016 smart


huawei(config)#port vlan 1001-1016 0/0 1

huawei(config)#traffic table ip index 8 cir 4096 priority 0 priority-policy local-setting

Configurations for untagged packets and packets with user VLAN tags are different.

 For untagged packets, the configuration is as follows (assuming that the VLAN ID is 1001):

//Create service port 101, bind port 0/3/1 to it, set the user VLAN to untagged, and bind traffic profile 8 to the user
VLAN./ huawei(config)#service-port 101 vlan 1001 eth 0/3/1 multi-service user-vlan untagged rx-cttr 8 tx-cttr
8

 For packets with user VLAN tags, the configuration is as follows (assuming that the user VLAN ID is 10
and the VLAN ID is 1001):

//Create service port 101, bind port 0/3/1 to it, set the user VLAN ID to 10, and bind traffic profile 8 to the user
VLAN./ huawei(config)#service-port 101 vlan 1001 eth 0/3/1 multi-service user-vlan 10 rx-cttr 8 tx-cttr 8

18. (Optional) Configure the PITP function for PPPoE.

huawei(config)#raio-mode common pitp-pmode


huawei(config)#pitp enable pmode

19. (Optional) Configure the DHCP option function for IPoE.

huawei(config)#raio-mode common dhcp-option82 //For DHCPv4 packets


huawei(config)#dhcp option82 enable //For DHCPv4 packets
huawei(config)#raio-mode common dhcpv6-option //For DHCPv6 packets

2024-09-17 704
MA5800 Product Documentation

huawei(config)#dhcpv6 option enable //For DHCPv6 packets

20. Configure the voice service.

huawei(config)#vlan 200 smart

huawei(config)#port vlan 200 0/0 1

huawei(config)#interface vlanif 200


huawei(config-if-vlanif200)#ip address 10.11.11.11 24
huawei(config-if-vlanif200)#quit

huawei(config)#voip
huawei(config-voip)#ip address media 10.11.11.11 10.11.11.11
huawei(config-voip)#ip address signaling 10.11.11.11
huawei(config-voip)#quit

huawei(config)#ip route-static 10.200.200.0 24 10.11.11.11

huawei(config)#interface h248 0
Are you sure to add MG interface?(y/n)[n]:y

huawei(config-if-h248-0)#if-h248 attribute mgip 10.11.11.11 mgport

2944 code text transfer udp primary-mgc-ip1 10.200.200.200 primary-mgc-port


2944 mg-media-ip1 10.11.11.11 start-negotiate-version 1

huawei(config-if-h248-0)#reset coldstart
Are you sure to reset MG interface?(y/n)[n]:y
huawei(config-if-h248-0)#quit

huawei(config)#esl user
huawei(config-esl-user)#mgpstnuser batadd 0/3/0 0/3/15 0 terminalid 0 telno 12345601

huawei(config-esl-user)#mgpstnuser modify 0/3/0 priority cat2


huawei(config-esl-user)#quit

huawei(config)#pstnport
huawei(config-pstnport)#pstnport attribute batset 0/3/0 0/3/15 reverse-pole-pulse enable
huawei(config-pstnport)#quit

21. Configure the VoD service.


Create VLAN 300 with the common attribute and add upstream port 0/0/1 to the VLAN.

huawei(config)#vlan 300 smart huawei(config)#port vlan 300 0/0 1

Configure a traffic profile for the IPTV service.


The IEEE 802.1p priority of the IPTV service is 4, and rate limitation is not required. To check whether any
existing traffic profile meets the requirements, run the display traffic table ip command. In this example,
the query result shows that no traffic profile meets the requirements, so a traffic profile needs to be
configured.
Add traffic profile 10 and set priority-policy to local-setting. Then, traffic is scheduled based on the priority
specified in the traffic profile.

huawei(config)#traffic table ip index 10 cir off priority 4 priority-policy local-setting

Configure a service flow for the VoD service.


Configurations vary according to upstream interface types of HGWs.

2024-09-17 705
MA5800 Product Documentation

 If HGWs are connected to an ONU upstream through LANs and upstream packets contain user VLAN
tags, the ONU needs to perform a switch between user VLAN IDs and S-VLAN IDs.
Assume that the user VLAN ID is 1 and the Ethernet port is 0/3/1. Add a service flow as follows:

huawei(config)#service-port 301 vlan 300 eth 0/3/1 multi-service user-vlan 1 rx-cttr 10 tx-cttr 10

 If HGWs are connected to an ONU upstream in ADSL2+ mode, upstream packets contain users' PVC
information so the ONU needs to perform a switch between PVC information and S-VLAN IDs.
Assume that the VPI/VCI is 0/35 and the ADSL2+ port is 0/2/0. Add a service flow as follows:

huawei(config)#service-port 301 vlan 300 adsl vpi 0 vci 35 0/2/0 multi-service user-vlan untagged rx-cttr 10
tx-cttr 10

 If HGWs are connected to an ONU upstream in VDSL2 mode, formats of upstream packets depend on
the encapsulation mode.
Assume that the VDSL2 path mode is PTM mode, port is 0/1/0, and packets from the user VLAN are
untagged. Add a service flow as follows:

huawei(config)#service-port 301 vlan 300 vdsl mode ptm 0/1/0 multi-service user-vlan untagged rx-cttr 10 tx-
cttr 10

22. Configure the multicast service.

huawei(config)#vlan 1000 smart


huawei(config)#port vlan 1000 0/0 1

huawei(config)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp ipv6 version v2

huawei(config-mvlan1000)#igmp ipv6 mode proxy


Are you sure to change IGMP IPv6 mode?(y/n)[n]:y

huawei(config-mvlan1000)#igmp uplink-port 0/0/1

huawei(config-mvlan1000)#igmp program add batch ipv6 ff15:: to-ipv6 ff15::ffff

source-ipv6 2001:db8::1

huawei(config-mvlan1000)#quit

Configure a service flow for the multicast service.


Configurations vary according to upstream interface types of HGWs.

 If HGWs are connected to an ONU upstream through LANs, assume that the user VLAN ID is 43 and the
Ethernet port is 0/3/1, and add a service flow as follows:

huawei(config)#service-port 401 vlan 1000 eth 0/3/1 multi-service user-vlan 43 rx-cttr 10 tx-cttr 10

 If HGWs are connected to an ONU upstream in ADSL2+ mode, assume that the VPI/VCI is 0/35 and the
ADSL2+ port is 0/2/0, and add a service flow as follows:

huawei(config)#service-port 401 vlan 1000 adsl vpi 0 vci 35 0/2/0 multi-service user-vlan untagged rx-cttr 10
tx-cttr 10

 If HGWs are connected to an ONU upstream in VDSL2 mode, assume that the VDSL2 path mode is PTM
mode, the user VLAN ID is 43, and the VDSL2 port is 0/1/0, and add a service flow as follows:

2024-09-17 706
MA5800 Product Documentation

huawei(config)#service-port 401 vlan 1000 vdsl mode ptm 0/1/0 multi-service user-vlan 43 rx-cttr 10 tx-cttr
10

huawei(config-mvlan1000)#btv
huawei(config-btv)#igmp user add service-port 401 no-auth
huawei(config-btv)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp multicast-vlan member service-port 401
huawei(config-mvlan1000)#quit

23. Save the configuration on the ONU side.

huawei(config)#save

1.7.5 Configuring IPv6 Services in the FTTH (Bridging ONT)


Scenario
Configuring IPv6 Services in the FTTH (Bridging ONT) Scenario

This section describes the methods for configuring IPv6 services in the FTTH (bridging ONT) scenario.
Application Scenarios

The FTTH (bridging ONT) supports multiple IPv6 HSI and IPTV service schemes.

Data Planning

This section describes the security, device management data, QoS, Internet service data, voice service data, and IPTV
service data planning.

Configuration Procedure

This section describes IPv6 configuration procedure, and compares it with the IPv4 configuration procedure.

Configuration Example

Introduce the end-to-end service configuration based on the FTTH (Bridging ONT) networking and the corresponding data
plan.

1.7.5.1 Application Scenarios


Application Scenarios

The FTTH (bridging ONT) supports multiple IPv6 HSI and IPTV service schemes.

FTTH (Bridging ONT) Application Scenario

As shown in Figure 1, the FTTH (bridging ONT) works with upper-layer devices to support
DS+NAT+PPPoE/DS+NAT+IPoE HSI and DS+IPoE or DS+PPPoE IPTV services in the Huawei fixed network IPv6
solution.

2024-09-17 707
MA5800 Product Documentation

 For voice services: The ONT with a built-in voice module can directly provide VoIP services for users. The
ONT still processes VoIP services using IPv4.

 Internet service: The PC and BRAS support the IPv4/IPv6 dual-stack, and can be connected through the
PPPoE or IPoE dial-up. The OLT and ONT perform Layer 2 forwarding for both IPv4 and IPv6 user services,
which can be configured almost in the same way. The only difference is that commands for configuring the
ACL and security (DHCP option and anti-IP spoofing) features are different.

 IPTV service: STBs support IPv4/IPv6 dual-stack and carry IPTV services using either IPv4 or IPv6.

 When STBs use IPoE and the OLT functions as the multicast duplication point, the process for
configuring IPv6 and IPv4 multicast services is the same, but commands are different. The ONTs perform
Layer 2 forwarding for only IPTV services, and the configurations for IPv6 and IPv4 multicast services
are the same on the ONT side.

 When STBs use the PPPoE dial-up, they directly connect to the BRAS by PPPoE. The OLT and ONTs only
forward PPPoE services instead of processing multicast services. This solution is not recommended.

Figure 1 FTTH (bridging ONT) service networking

1.7.5.2 Data Planning


Data Planning

This section describes the security, device management data, QoS, Internet service data, voice service data, and
IPTV service data planning.

Security Planning

Security planning includes system security, user security, and service security, ensuring that user services are
provided properly from different dimensions.
In the FTTH (bridging ONT) networking scenario, only anti-IP spoofing and DHCP option of IPv6 and IPv4 services
are different.
Anti-IP spoofing: This function needs to be configured separately for IPv6 services.

The anti-IP spoofing function can be enabled or disabled at three levels. This function takes effect only when it is
enabled at all the three levels.

1. Global level: Run the security anti-ipv6spoofing enable command in global config mode.

2024-09-17 708
MA5800 Product Documentation

2. VLAN level: Run the security anti-ipv6spoofing enable command in VLAN service profile mode.

3. Service port level: Run the security anti-ipv6spoofing service-port serviceport-id enable command.

DHCP option: The DHCP option for IPv4 is DHCPv4 option 82 and for IPv6 is DHCPv6 option 18/37.

The DHCPv6 option18 and option37 functions can be enabled or disabled at two levels. This function takes effect
only when it is enabled at both levels.

1. Global level: Run the dhcpv6 option enable command in global config mode.

2. VLAN level: Run the dhcpv6 option enable command in VLAN service profile mode.

Device Management Data Planning

Device management data planning includes the management channel and IP address planning. The management
channels for IPv6 and IPv4 services are the same.
Planning Device or Solution Introduction
Service

Management OLT The device management uses single-tagged VLANs on the entire network.
channel

IP address Internet IPv4 address: The PC obtains the IPv4 address from the BRAS using PPPoE or IPoE.
planning
(bridging ONT) The BRAS can allocate a public network IP address to the PC.
The BRAS can allocate a private network address to the PC. The private address is
translated to the public network address by CGN (NAT44).
When the IPoE dial-up is used, the static IPv4 address can be allocated to the PC.
IPv6 address: The PC obtains the IPv4 address from the BRAS using PPPoE or IPoE.
The PC can also obtain the IP address from the BRAS using DHCPv6.
The PC can also obtain the IP address from the BRAS using SLAAC.
When the IPoE dial-up is used, the static IPv4 address can be allocated to the PC.
In all preceding situations, the ONT is only used for transparent transmission, but does
not participate in the address allocation.

IPTV If the IPv4 protocol is used, an STB obtains the IP address from the BRAS using DHCP.
service
If the IPv6 protocol is used, the STB obtains the IP address in either of the following
ways:
Obtains the IP address from the BRAS using DHCPv6.
Obtains the IP address from the BRAS using SLAAC.
In all preceding situations, the ONT is only used for transparent transmission, but does
not participate in the address allocation.

VoIP The IPv4 protocol is still used. The ONT functions as the DHCP client to obtain an IP
service address from the DHCP server, or the NMS issues a static IP address to the ONT using
the configuration file. Voice media/signaling flows at multiple POTS ports share one IP
address. Media flows are differentiated by port.

QoS Planning

2024-09-17 709
MA5800 Product Documentation

The E2E QoS planning includes the flow classification, marking/scheduling policy, traffic monitoring, and DBA
policy.
When the IPv6 protocol is used, the QoS planning is the same for both IPv6 and IPv4.

 Management service: IPv4

 Voice service: IPv4

 IPTV service: One user uses either IPv6 or IPv4 at one time. The QoS planning for IPv6 and IPv4 IPTV services
is the same.

 Internet service: It is recommended that devices use one flow to carry IPv6 and IPv4 Internet services. The
QoS planning is the same for the flow that carries both IPv6 and IPv4 Internet services and the flow that
carries only the IPv4 Internet service.

Internet Service Planning

The Internet service planning includes the VLAN and VLAN switching policy planning in different networking
scenarios.
IPv6 and IPv4 Internet services: It is recommended that devices use one flow to carry IPv6 and IPv4 Internet
services. This facilitates the control of the aggregate rate for IPv6 and IPv4 Internet services. The QoS planning is
the same for the flow that carries both IPv6 and IPv4 Internet services and the flow that carries only the IPv4
Internet service.

Voice Service Data Planning

Voice service data planning includes the VLAN/VLAN switching policy planning in different networking scenarios,
and voice protocol planning.
When the IPv6 protocol is used, the voice service still uses IPv4 to implement voice services.

IPTV Service Data Planning

IPTV service data planning includes the VLAN/VLAN switching policy planning in different networking scenarios,
and IPTV service planning.
When the IPv6 protocol is used, one IPTV user uses either IPv6 or IPv4 at one time. The VLAN data planning for
IPv6 is consistent with that for IPv4. For details, see Principle of IPTV Service Data Plan .

1.7.5.3 Configuration Procedure


Configuration Procedure

This section describes IPv6 configuration procedure, and compares it with the IPv4 configuration procedure.

FTTH (Bridging ONT) Configuration Procedure

After IPv6 is introduced to the FTTH (bridging ONT) scenario, the service configuration procedure is shown in the
following figure. When IPv6 is introduced, the configurations for security features and BTV multicast services on

2024-09-17 710
MA5800 Product Documentation

the OLT side are different from those of IPv4. Other configurations do not change. For differences, see
Configuration Difference Between IPv6 and IPv4 .

Texts in blue show the configuration difference between IPv6 and IPv4.

1.7.5.4 Configuration Example


Configuration Example

Introduce the end-to-end service configuration based on the FTTH (Bridging ONT) networking and the
corresponding data plan.

Key Messages for Configuration


In this example, two ONTs are connected to the same PON port of the OLT. Triple play services are required.

 Even after IPv6 is used, the voice service is still realized by IPv4.

 Even after IPv6 is used, the OLT and ONT implement Layer 2 forwarding for HSI service in this networking,
irrespective of whether the access service is IPv4 or IPv6. Service configurations for IPv4 and IPv6 are the
same. For the HSI service from one end user, one service flow is used to carry IPv6 and IPv4 Internet services,
and the same service VLAN is used.

 For multicast service, the OLT is the node to make multicast duplication. The configuration procedure is the
same for IPv4 multicast and IPv6 multicast. The IPv4 multicast service and IPv6 multicast service can be
configured in the same multicast VLAN on the OLT equipment.

2024-09-17 711
MA5800 Product Documentation

Data plan on the OLT side

The data of the bridging ONT can be configured through the web, the NMS, or the CLI at the OLT side. In this
example, the data of the ONT is configured through the CLI at the OLT side.
Item Data Memo

ONT data plan

DBA profile Profile name: ftth_dba The ONTs are connected to the OLT through the GPON
Profile type: Type 3 port.
Assured bandwidth: 8 Mbit/s
Maximum bandwidth: 20 Mbit/s

ONT line Profile name: ftth


profile T-CONT ID: 4
GEM port ID for management service: 11
GEM port ID for voice service: 12
GEM port ID for video service: 13
GEM port ID for Internet access service: 14

ONT service Profile name: ftth


profile ONT port capability set: adaptive

Network PON port: 0/1/0


topology data ONT IDs: 1 and 2

LAG data plan

LAG Ports: 0/9/0 and 0/9/1 Configure upstream ports 0/9/0 and 0/9/1 into an
Working mode: LACP static aggregation aggregation group. Each member port in the aggregation
group allocates packets based on the source MAC
address.

Queue scheduling data plan

Queue Queue scheduling: strict priority (SQ) mode System default is adopted in this example.
scheduling Priority mapping: mapped into different
queues based on priorities

Security data plan

System Anti-DOS attack: disabled System default is adopted in this example.


security Anti-ICMP attack: disabled
Anti-IP attack: disabled

User security Anti-MAC duplicate: disabled System default is adopted in this example.
Anti-IP spoofing: disabled

PPPoE Service RAIO Type: PITP P PITP is recommended for PPPoE.


security RAIO Mode: common

IPv4oE Service RAIO Type: DHCP Option 82 DHCPv4 option and DHCPv6 option are recommended
security RAIO Mode: common for IPoE.

IPv6oE Service RAIO Type: DHCPv6 Option


security RAIO Mode: common

2024-09-17 712
MA5800 Product Documentation

Item Data Memo

HSI service data plan

ONT line Profile name: ftth For details, see Data Planning .
profile T-CONT ID: 4
GEM port ID for Internet access service: 14

ONT service Profile name: ftth


profile ONT port capability set: adaptive

Traffic profile Profile name: ftth_hsi


CIR: 4 Mbit/s
Priority: 0

Network Upstream port: 0/9/0


topology data PON port: 0/1/0
ONT IDs: 1 and 2
ID of the port on the ONT that is connected
to the PC: 1

Voice service data plan

ONT line Profile name: ftth For details, see Data Planning .
profile T-CONT ID: 4
GEM port ID: 12

ONT service Profile name: ftth


profile ONT port capability set: adaptive

Traffic profile Profile name: ftth_voip


CIR: not limited
Priority: 5

Networking IP address of the MGC server:


data 10.200.200.200/24
Port ID of the MGC server: 2944

BTV multicast service data plan

ONT line Profile name: ftth For details, see Data Planning .
profile T-CONT ID: 4
GEM port ID: 13

ONT service Profile name: ftth


profile ONT port capability set: adaptive

Traffic profile ID: 8


802.1p priority: 4
CIR: off (unlimited)
Priority-based scheduling policy: local-
setting

VLAN Plan S-VLAN ID: 1000


VLAN type: smart
VLAN attribute: common

VLAN ONT: duplicates packets based on user

2024-09-17 713
MA5800 Product Documentation

Item Data Memo

Translation ports and multicast VLANs (M-VLANs) are


Policy stripped off downstream.
OLT: duplicates multicast packets based on
PON ports with M-VLAN unchanged.

Multicast Multicast protocol: IGMP proxy


service data Multicast version: IGMPv2
Multicast program: dynamic obtaining
mode
Program address area: ff15::-ff15::ffff

VOD service data plan

ONT line Profile name: ftth For details, see Data Planning .
profile T-CONT ID: 4
GEM port ID: 13

ONT service Profile name: ftth


profile ONT port capability set: adaptive

Traffic profile ID: 8


802.1p priority: 4
CIR: off (unlimited)
Priority-based scheduling policy: local-
setting

VLAN Plan S-VLAN ID: 1100


VLAN type: smart
VLAN attribute: common
C-VLAN=S-VLAN

VLAN ONT: adds C-VLAN tags to iTV service


Translation packets.
Policy OLT: transparently transmits packets with
S-VLANs.

Procedure

1. Configure LAG for upstream ports.


Configure upstream ports 0/9/0 and 0/9/1 into an aggregation group. Each member port in the aggregation
group allocates packets based on the source MAC address. The working mode is LACP static aggregation.

huawei(config)#link-aggregation 0/9 0-1 ingress workmode lacp-static

2. Configure GPON ONT profiles.

a. Configure a DBA profile.


Create the same DBA profile for different types of services. Set the profile name to ftth_dba, profile
type to type3, assured bandwidth to 8 Mbit/s, and maximum bandwidth to 20 Mbit/s.

huawei(config)#dba-profile add profile-name ftth_dba type3 assure 8192 max 20480

2024-09-17 714
MA5800 Product Documentation

b. Configure an ONT line profile.


Create a GPON ONT line profile, named ftth, and bind it to the DBA profile ftth_dba.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#tcont 4 dba-profile-name ftth_dba

huawei(config-gpon-lineprofile-1)#gem add 11 eth tcont 4


huawei(config-gpon-lineprofile-1)#gem add 12 eth tcont 4
huawei(config-gpon-lineprofile-1)#gem add 13 eth tcont 4
huawei(config-gpon-lineprofile-1)#gem add 14 eth tcont 4

huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

c. Configure an ONT service profile.


Create a GPON ONT service profile, named ftth. Configure the capability set of the ETH port and POTS
port to adaptive. Then the system automatically adapts to the ONT according to the actual capability
of the online ONT.

huawei(config)#ont-srvprofile gpon profile-name ftth


huawei(config-gpon-srvprofile-1)#ont-port eth adaptive pots adaptive

huawei(config-gpon-srvprofile-1)#commit
huawei(config-gpon-srvprofile-1)#quit

d. (Optional) Add an alarm profile. In this example, the default alarm profile is used, and therefore the
configuration of the alarm profile is not required.

3. Add ONTs.
Connect two ONTs to GPON port 0/1/0. Set the ONT IDs to 1 and 2, SNs to 3230313126595540 and
6877687714852901, passwords to 0100000001 and 0100000002, discovery mode for password
authentication to once-on, and management mode to OMCI. Bind the two ONTs to ONT line profile ftth and
ONT service profile ftth.
There are two methods of addingan ONT: add an ONT offline and confirm an automatically discovered ONT.

 Add ONTs offline.


If the password of an ONT is known, run the ont add command to add an ONT offline.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont add 0 1 password-auth 0100000001 once-on no-aging omci ont-lineprofile-
name

ftth ont-srvprofile-name ftth

huawei(config-if-gpon-0/1)#ont add 0 2 password-auth 0100000002 once-on no-aging omci ont-lineprofile-


name

ftth ont-srvprofile-name ftth

 Confirm automatically discovered ONTs


If the password or SN of an ONT is unknown, run the port portid ont-auto-find command in GPON
mode to enable the ONT auto-discovery function of the GPON port. Then, run the ont confirm
command to confirm the ONT.

2024-09-17 715
MA5800 Product Documentation

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#port 0 ont-auto-find enable
huawei(config-if-gpon-0/1)#display ont autofind 0
//After this command is executed, the information about all ONTs connected to the GPON port through optical
splitters is displayed.

huawei(config-if-gpon-0/1)#ont confirm 0 ontid 1 sn-auth 3230313126595540 omci ont-lineprofile-name

ftth ont-srvprofile-name ftth

huawei(config-if-gpon-0/1)#ont confirm 0 ontid 2 sn-auth 6877687714852901 omci ont-lineprofile-name

ftth ont-srvprofile-name ftth

If multiple ONTs of the same type bound to the same line profile or service profile are connected to the same port,
you can bulk add ONTs by bulk confirming automatically discovered ONTs to make configuration easier and more
efficient. To do so, the preceding command can be modified as follows:

huawei(config-if-gpon-0/1)#ont confirm 0 all sn-auth omci ont-lineprofile-name ftth


ont-srvprofile-name ftth

 (Optional) Bind the alarm profile to the ONT.


The default profile 1 is used in this example.

huawei(config-if-gpon-0/1)#ont alarm-profile 0 1 profile-id 1


huawei(config-if-gpon-0/1)#ont alarm-profile 0 2 profile-id 1

4. Check ONT status.


After an ONT is added, run the display ont info command to query the current status of the ONT. Ensure
that Config flag of the ONT is active, Run State is online, Config state is normal, and Match state is
match.

huawei(config-if-gpon-0/1)#display ont info 0 1


---------------------------------------------------------------------
F/S/P : 0/1/0
ONT-ID :1
Control flag : active //Indicates that the ONT is activated.
Run state : online //Indicates that the ONT goes online successfully.
Config state : normal //Indicates that the configuration state of the ONT is normal.
Match state : match //Indicates that the capability profile bound to the ONT is consistent with the actual capability
of the ONT.
...//The rest of the response information is omitted.

When Config state is failed, Run state is offline, or Match state is mismatch:

 If Control flag is deactive, run the ont active command in GPON mode to activate the ONU.

 If Run state is offline, a physical line may be broken or the optical module may be damaged. Check the
line and the optical module.

2024-09-17 716
MA5800 Product Documentation

 If Config state is failed, the configured ONU capability exceeds the actual ONU capability. In this case,
run the display ont failed-configuration command in the diagnose mode to check the failed
configuration item and the failure cause. Then, rectify the fault accordingly.

 If the ONU does not match, that is, Match state is mismatch, the port types and number of ports
undermatch the actual port types and number of ports supported by the ONU. In this case, run the
display ont capability command to query the actual capability of the ONU, and then select one of the
following modes to modify the ONU configuration:

 Create a proper ONU profile according to the actual capability of the ONU, and then run the ont
modify command to modify the configuration data of the ONU.

 Modify the ONU profile according to the actual capability of the ONU and save the modification.
Then, the ONU automatically recovers the configuration successfully.

5. Configure the traffic profile for the HSI service.

huawei(config)#traffic table ip name ftth_hsi cir 4096 priority 0 priority-policy local-setting

6. Configure the service port for the HSI service.


Table 1 Scenario plan

Scenario VLAN Plan VLAN Translation Policy

Scenario Double-tagged VLAN ONT: ONTs configure the VLAN and add the same C-VLAN tag to packets. All ONTs
1 are in the same C-VLAN.
S-VLAN ID: 100
OLT: The OLT performs VLAN translation: C<->S+C'. The C-VLAN of every ONT
S-VLAN type: smart differs from each other.
S-VLAN attribute:
stacking
C-VLAN ID: 1001
C-VLAN ID: 1010-
1011

Scenario Double-tagged VLAN ONT: ONTs transparently transmit untagged packets on the user side.
2 OLT: The OLT adds two VLAN tags (S+C) to packets. The C-VLAN of every ONT
S-VLAN: 100
differs from each other.
S-VLAN type: smart
S-VLAN attribute:
stacking
C-VLAN ID: 1001-
1002

 Scenario 1:
Configure the mapping between a GEM port and a VLAN. The service flow of C-VLAN 1001 is mapped to
GEM port 14 in the ONT line profile.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#gem mapping 14 0 vlan 1001
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

2024-09-17 717
MA5800 Product Documentation

Configure the VLAN of the Ethernet port on the ONT. If the ONT is connected to the PC through
Ethernet port 1, add Ethernet port 1 to VLAN 1001 in the ONT service profile.

huawei(config)#ont-srvprofile gpon profile-name ftth


huawei(config-gpon-srvprofile-1)#port vlan eth 1 1001
huawei(config-gpon-srvprofile-1)#commit
huawei(config-gpon-srvprofile-1)#quit

Configure the native VLAN of the ONT port. Set the native VLAN ID of Ethernet port 1 to 1001.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont port native-vlan 0 1 eth 1 vlan 1001
huawei(config-if-gpon-0/1)#ont port native-vlan 0 2 eth 1 vlan 1001
huawei(config-if-gpon-0/1)#quit

Create an Internet access service VLAN and add an upstream port to it. Add upstream port 0/9/0 to
VLAN 100.

huawei(config)#vlan 100 smart


huawei(config)#vlan attrib 100 stacking
huawei(config)#port vlan 100 0/9 0

Create service flows. Set the service VLAN to 100, GEM port ID to 14, and user VLAN to 1001. Use traffic
profile ftth_hsi.

huawei(config)#service-port vlan 100 gpon 0/1/0 ont 1 gemport 14 multi-service

user-vlan 1001 tag-transform translate-and-add inner-vlan 1010 inbound traffic-table name


ftth_hsi outbound traffic-table name ftth_hsi

huawei(config)#service-port vlan 100 gpon 0/1/0 ont 2 gemport 14 multi-service

user-vlan 1001 tag-transform translate-and-add inner-vlan 1011 inbound traffic-table name


ftth_hsi outbound traffic-table name ftth_hsi

 Scenario 2:
Configure the mapping between a GEM port and an Ethernet port on the ONT. Map the service flow of
Ethernet port 1 to GEM port 14 in the ONT line profile.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#mapping mode port
huawei(config-gpon-lineprofile-1)#gem mapping 14 0 eth 1
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

Configure the ONT packet processing mode. If the ONT is connected to the PC through Ethernet port 1,
in the ONT service profile, set the packet transmission mode to TAG transparent transmission for
Ethernet port 1.

huawei(config)#ont-srvprofile gpon profile-name ftth


huawei(config-gpon-srvprofile-1)#port vlan eth 1 transparent
huawei(config-gpon-srvprofile-1)#commit
huawei(config-gpon-srvprofile-1)#quit

2024-09-17 718
MA5800 Product Documentation

Create an Internet access service VLAN and add an upstream port to it. Add upstream port 0/9/0 to
VLAN 100.

huawei(config)#vlan 100 smart


huawei(config)#vlan attrib 100 stacking
huawei(config)#port vlan 100 0/9 0

Create service flows. Set S-VLAN ID to 100 and GEM port ID to 14. Use traffic profile ftth_hsi.

huawei(config)#service-port vlan 100 gpon 0/1/0 ont 1 gemport 14 multi-service

user-vlan untagged tag-transform add-double inner-vlan 1001 inbound traffic-table


name ftth_hsi outbound traffic-table name ftth_hsi

huawei(config)#service-port vlan 100 gpon 0/1/0 ont 2 gemport 14 multi-service

user-vlan untagged tag-transform add-double inner-vlan 1002 inbound traffic-table


name ftth_hsi outbound traffic-table name ftth_hsi

7. Configure the traffic profile for the voice service.

huawei(config)#traffic table ip name ftth_voip cir off priority 5 priority-policy

local-setting

8. Configure the VLAN translation policy and service flows for the voice service.

a. Perform this step in the bridging ONT (single VLAN tag) scenario.
Table 2 Data plan

Scenario VLAN Plan VLAN Translation Policy

Bridging ONT Single VLAN tag ONT: provides the VoIP service and uses the same S-VLAN.
VLAN ID: 300
VLAN type: smart
VLAN attribute: common

Configure the mapping relationship between a GEM port and a VLAN. The service flow of user VLAN
300 is mapped to GEM port 12 in the ONT line profile.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#gem mapping 12 2 vlan 300
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

Create a service VLAN and add an upstream port to it. Add upstream port 0/9/0 to VLAN 300.

huawei(config)#vlan 300 smart


huawei(config)#port vlan 300 0/9 0

Create service flows. Set the service VLAN to 300, GEM port ID to 12, and user VLAN to 300, and use
traffic profile ftth_voip.

huawei(config)#service-port vlan 300 gpon 0/1/0 ont 1 gemport 12 multi-service

user-vlan 300 inbound traffic-table name ftth_voip outbound traffic-table name


ftth_voip

2024-09-17 719
MA5800 Product Documentation

huawei(config)#service-port vlan 300 gpon 0/1/0 ont 2 gemport 12 multi-service

user-vlan 300 inbound traffic-table name ftth_voip outbound traffic-table name


ftth_voip

b. Perform this step in the bridging ONT (double VLAN tags) scenario.
Table 3 Data plan

Scenario VLAN Plan VLAN Translation Policy

Bridging Double VLAN tags ONT: provides the VoIP service and uses the same C-VLAN. A C-VLAN identifies a
ONT VoIP service.
S-VLAN ID: 300
OLT: implements VLAN translation: C<->S+C.
S-VLAN type: smart
S-VLAN attribute:
stacking
C-VLAN ID: 3001

Configure the mapping relationship between a GEM port and a VLAN. The service flow of user VLAN
3001 is mapped to GEM port 12 in the ONT line profile.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#gem mapping 12 2 vlan 3001
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

Create a service VLAN and add an upstream port to it. Add upstream port 0/9/0 to VLAN 300.

huawei(config)#vlan 300 smart


huawei(config)#vlan attrib 300 stacking
huawei(config)#port vlan 300 0/9 0

Create service flows. Set the service VLAN to 300, GEM port ID to 12, and user VLAN to 3001, and use
traffic profile ftth_voip.

huawei(config)#service-port vlan 300 gpon 0/1/0 ont 1 gemport 12 multi-service

user-vlan 3001 tag-transform default inbound traffic-table name ftth_voip outboun


d traffic-table name ftth_voip

huawei(config)#service-port vlan 300 gpon 0/1/0 ont 2 gemport 12 multi-service

user-vlan 3001 tag-transform default inbound traffic-table name ftth_voip outboun


d traffic-table name ftth_voip

9. Configure ONT voice service profiles.


ONT voice service profiles include the interface common profile, MGC interface profile, and POTS port
profile.

 Interface common profile: saves common attributes of an ONT voice interface, including the fax mode,
fax/modem negotiation mode, and priority of the coding and decoding mode.

 MGC interface profile: saves the IP address or domain name of the MGC, protocol port ID of the MGC
transport layer to which the MG interface belongs, and DSCP priority of media packets.

2024-09-17 720
MA5800 Product Documentation

 POTS port profile: saves physical attributes of a POTS port on an ONT, including the impedance,
transmitting gain, receiving gain, and signaling type of the POTS port.

a. Configure an interface common profile.


Run the display ont-mg-attribute-profile command to query the existing interface common profile
in the system. If the existing interface common profile in the system does not meet the requirements,
run the ont-mg-attribute-profile add command to add an interface common profile.
In this example, the default interface common profile, namely interface common profile 1 is used.
b. Configure an MGC interface profile.
Run the display ont-mgc-profile command to query the existing MGC interface profile in the system.
If the existing MGC interface profile in the system does not meet the requirements, run the ont-mgc-
profile add command to add an MGC interface profile.
Create MGC interface profile 2, set the IP address of the MGC to 10.200.200.200, and use default
values for other parameters.

huawei(config)#ont-mgc-profile add profile-id 2 primary-mgc 10.200.200.200

c. Configure a POTS port profile.


Run the display ont-pots-profile command to query the existing POTS port profile in the system. If
the existing POTS port profile in the system does not meet the requirements, run the ont-pots-
profile add command to add a POTS port profile.
In this example, the default POTS port profile, namely POTS port profile 1 is used.

10. Configure the IP addresses of ONT H.248 users.


For ONT 1 and ONT 2, configure the IP address obtaining mode to the dhcp mode, set the management
VLAN to VLAN 20, and use default values for other parameters.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont ipconfig 0 1 dhcp vlan 20
huawei(config-if-gpon-0/1)#ont ipconfig 0 2 dhcp vlan 20

11. Configure H.248 PSTN users.

a. Add an H.248 interface and apply an MGC interface profile to the interface.
For ONT 1 and ONT 2, set the MG ID to 1, apply MGC interface profile 2 to ONT 1 and ONT 2, and use
default values for other parameters.
If parameters of an MGC interface profile are changed, the MGC interface profile must be reapplied to
the ONT so that the changed parameters can take effect.

huawei(config-if-gpon-0/1)#if-h248 add 0 1 1 mgc-profile profile-id 2


huawei(config-if-gpon-0/1)#if-h248 add 0 2 1 mgc-profile profile-id 2

b. Add PSTN users.


For ONT 1 and ONT 2, create a PSTN user, set the MG ID to 1 (identical to the MG ID of the H.248
interface), and set the physical terminal port ID to A0 and A1.

huawei(config-if-gpon-0/1)#mgpstnuser add 0 1 1 mgid 1 terminalid A0


huawei(config-if-gpon-0/1)#mgpstnuser add 0 2 1 mgid 1 terminalid A1

2024-09-17 721
MA5800 Product Documentation

Run the display mgpstnuser attribute command to check whether the configuration of the PSTN
user is properly set.

huawei(config-if-gpon-0/1)#display mgpstnuser attribute 0 1 1


------------------------------------------------------------------------------
F/S/P : 0/1/0
ONT ID :1
Port ID :1

MG ID :1
Terminal ID : A0
...//The rest of the response information is omitted.

huawei(config-if-gpon-0/1)#display mgpstnuser attribute 0 2 1


------------------------------------------------------------------------------
F/S/P : 0/1/0
ONT ID :2
Port ID :1

MG ID :1
Terminal ID : A1
...//The rest of the response information is omitted.

12. Apply ONT voice service profiles


After ONT voice service profiles are applied, if parameters in those profiles are changed, those profiles must
be reapplied so that the changed parameters can take effect.

a. Apply an interface common profile.


Run the if-h248 attribute command to apply an interface common profile to an H.248 interface or
configure the interface customized parameters, or run the ont-if-h248 bat-apply command to bulk
apply the interface common profiles to H.248 interfaces. If you use these two commands to apply the
interface common profiles or configure the interface customized parameters repeatedly, the last
configurations take effect.
In this example, the default interface common profile, namely interface common profile 1 is used.

b. Apply a POTS port profile.


Run the pstnport electric command to apply a POTS port profile to an H.248 interface or configure
the interface customized parameters, or run the ont-pstnport electric bat-apply command to bulk
apply the POTS port profiles to H.248 interfaces. If you use these two commands to apply the POTS
port profiles or configure the interface customized parameters repeatedly, the last configurations
take effect.
In this example, the default POTS port profile, namely POTS port profile 1 is used.

13. (Optional) Configure the H.248 user codec.

2024-09-17 722
MA5800 Product Documentation

Run the mgpstnuser codec command to configure the H.248 user codec. The H.248 user codec will not be
configured independently in this example.

14. Configure the traffic profile for the IPTV service.

huawei(config)#traffic table ip index 8 cir off priority 4 priority-policy

local-setting

15. Configure the VLAN translation policy and service port for the multicast service.
Configure the mapping relationship between a GEM port and an Ethernet port on the ONT. If the ONT is
connected to the STB through Ethernet port 2, map the service flow of Ethernet port 2 to GEM port 13 in the
ONT line profile.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#mapping mode port
huawei(config-gpon-lineprofile-1)#gem mapping 13 1 eth 2
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

Configure the VLAN of the Ethernet port on the ONT. If the ONT is connected to the STB through Ethernet
port 2, add Ethernet port 2 to VLAN 1000.

huawei(config)#ont-srvprofile gpon profile-name ftth


huawei(config-gpon-srvprofile-1)#port vlan eth 2 1000
huawei(config-gpon-srvprofile-1)#multicast-forward untag
huawei(config-gpon-srvprofile-1)#commit
huawei(config-gpon-srvprofile-1)#quit

Configure the native VLAN of the ONT port. If the ONT is connected to the STB through Ethernet port 2, the
native VLAN ID is 1000.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont port native-vlan 0 1 eth 2 vlan 1000
huawei(config-if-gpon-0/1)#ont port native-vlan 0 2 eth 2 vlan 1000
huawei(config-if-gpon-0/1)#quit

Create a service VLAN and add an upstream port to it. Add upstream port 0/9/0 to VLAN 1000.

huawei(config)#vlan 1000 smart


huawei(config)#port vlan 1000 0/9 0

Create service flows. Set the service VLAN to 1000, GEM port ID to 13, and user VLAN to untagged, and use
traffic profile 8.

huawei(config)#service-port 1 vlan 1000 gpon 0/1/0 ont 1 gemport 13 multi-service

user-vlan untagged rx-cttr 8 tx-cttr 8

huawei(config)#service-port 2 vlan 1000 gpon 0/1/0 ont 2 gemport 13 multi-service

user-vlan untagged rx-cttr 8 tx-cttr 8

16. Create an M-VLAN and configure the IGMP version.


Set the IGMP version for the M-VLAN to IGMP IPv6 v2.

2024-09-17 723
MA5800 Product Documentation

huawei(config)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp ipv6 version v2
This operation will delete all IPv6 programs with source IP addresses in the
current multicast VLAN
Are you sure to change current IGMP IPv6 version? (y/n)[n]:y
Command is being executed. Please wait...
Command has been executed successfully

17. Configure a program library.

Set the mode for obtaining multicast programs to dynamic.

You can set the mode for obtaining multicast programs to dynamic only when the IGMP mode is off.

huawei(config-mvlan1000)#igmp ipv6 mode off


Are you sure to close IGMP IPv6? (y/n)[n]:y
Command is being executed. Please wait...
Command has been executed successfully

huawei(config-mvlan1000)#igmp ipv6 match mode disable


Command has been executed successfully

(Optional) Set the address range for the dynamic programs. If you need to limit the address range of
dynamic programs, perform this operation. For example, set the address range of dynamic programs to
ff15::-ff15::ffff.

huawei(config-mvlan1000)#igmp ipv6 match group ipv6 ff15:: to-ipv6 ff15::ffff

18. Set the IGMP IPv6 mode.


Select the IGMP IPv6 proxy mode.

huawei(config-mvlan1000)#igmp ipv6 mode proxy


Are you sure to change IGMP IPv6 mode? (y/n)[n]:y
Command is being executed. Please wait...
Command has been executed successfully

19. Configure the IGMP upstream port.


Set the IGMP upstream port ID to 0/9/0 and working mode to default. Protocol packets are transmitted to
all the IGMP upstream ports in the multicast VLAN.

huawei(config-mvlan1000)#igmp uplink-port 0/9/0


huawei(config-mvlan1000)#btv
huawei(config-btv)#igmp uplink-port-mode default
Are you sure to change the uplink port mode?(y/n)[n]:y

20. Configure multicast users.


Add service ports 1 and 2 as multicast users.

2024-09-17 724
MA5800 Product Documentation

huawei(config-btv)#igmp policy service-port 1 normal


huawei(config-btv)#igmp policy service-port 2 normal
huawei(config-btv)#igmp user add service-port 1
huawei(config-btv)#igmp user add service-port 2
huawei(config-btv)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp multicast-vlan member service-port 1
huawei(config-mvlan1000)#igmp multicast-vlan member service-port 2
huawei(config-mvlan1000)#quit

21. Configure the traffic profile for the VoD service.

huawei(config)#traffic table ip index 8 cir off priority 4 priority-policy

local-setting

22. Configure the VLAN translation policy and service port for the VoD service.
Configure the mapping relationship between a GEM port and a VLAN. The service flow of user VLAN 1100 is
mapped to GEM port 13 in the ONT line profile.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#gem mapping 13 4 vlan 1100
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

Configure the VLAN of the Ethernet port on the ONT. If the ONT is connected to the STB through Ethernet
port 2, add Ethernet port 2 to VLAN 1100.

huawei(config)#ont-srvprofile gpon profile-name ftth


huawei(config-gpon-srvprofile-1)#port vlan eth 2 1100
huawei(config-gpon-srvprofile-1)#commit
huawei(config-gpon-srvprofile-1)#quit

Configure the native VLAN of the ONT port. If the ONT is connected to the STB through Ethernet port 2, the
native VLAN ID is 1100.

huawei(config-if-gpon-0/1)#ont port native-vlan 0 1 eth 2 vlan 1100


huawei(config-if-gpon-0/1)#ont port native-vlan 0 2 eth 2 vlan 1100
huawei(config-if-gpon-0/1)#quit

Create a service VLAN and add an upstream port to it. Add upstream port 0/9/0 to VLAN 1100.

huawei(config)#vlan 1100 smart


huawei(config)#port vlan 1100 0/9 0

Create service flows. Set the service VLAN to 1100, GEM port ID to 13, and VLAN translation mode to
transparent transmission, and use traffic profile 8.

huawei(config)#service-port 3 vlan 1100 gpon 0/1/0 ont 1 gemport 13 rx-cttr 8 tx-cttr 8 tag-transform transparent
huawei(config)#service-port 4 vlan 1100 gpon 0/1/0 ont 2 gemport 13 rx-cttr 8 tx-cttr 8 tag-transform transparent

23. (Optional) Configure the PITP function for PPPoE.

huawei(config)#raio-mode common pitp-pmode

2024-09-17 725
MA5800 Product Documentation

huawei(config)#pitp enable pmode

24. (Optional) Configure the DHCP option function for IPoE.

huawei(config)#raio-mode common dhcp-option82 //For DHCPv4 packets


huawei(config)#dhcp option82 enable //For DHCPv4 packets
huawei(config)#raio-mode common dhcpv6-option //For DHCPv6 packets
huawei(config)#dhcpv6 option enable //For DHCPv6 packets

25. Save the configuration on the OLT side.

huawei(config)#save

1.7.6 Configuring IPv6 Services in the FTTH (Gateway ONT)


Scenario
Configuring IPv6 Services in the FTTH (Gateway ONT) Scenario

This section describes the methods for configuring IPv6 services in the FTTH (gateway ONT) scenario.
Application Scenarios

The FTTH (gateway ONT) supports multiple IPv6 HSI and IPTV service solutions.

Data Plan

This section describes the security, device management data, QoS, Internet service data, voice service data, and IPTV
service data planning.

Configuration Procedure

This section describes IPv6 configuration procedure, and compares it with the IPv4 configuration procedure.

Configuration Example

Introduce the end-to-end service configuration based on the FTTH (Gateway ONT) networking and the corresponding data
plan.

1.7.6.1 Application Scenarios


Application Scenarios

The FTTH (gateway ONT) supports multiple IPv6 HSI and IPTV service solutions.

FTTH (Gateway ONT) Application Scenarios

As shown in Figure 1, the FTTH (gateway ONT) works with upper-layer devices to support DS+NAT+PPPoE,
DS+NAT+IPoE/DS-Lite+NAT+PPPoE HSI and DS+IPoE/DS+PPPoE IPTV services in the Huawei fixed network IPv6
solution.

 Voice service: The ONT with a built-in voice module can provide VoIP services for users. The ONT can process
VoIP services using IPv4.

2024-09-17 726
MA5800 Product Documentation

 Internet service: The PC and BRAS support the IPv4/IPv6 dual-stack, and can be connected through the
PPPoE or IPoE dial-up. The OLT and ONT have the same forwarding and configuration methods for both IPv4
and IPv6 user services. The only difference is that commands for configuring the ACL and security (DHCP
option and anti-IP spoofing) features are different.

 For DS+NAT+PPPoE and DS+NAT+IPoE solutions, both the ONT and BRAS support IPv4/IPv6 dual-stack
and are connected using PPPoE or IPoE. The ONT must enable the IPv4 and IPv6 simultaneously at the
WAN port. The OLT performs Layer 2 forwarding for both IPv4 and IPv6 user services, which are
configured almost in the same way. The only difference is that commands for configuring the ACL and
security features (DHCP option and anti-IP spoofing) are different.

 For DS-Lite+PPPoE, the BRAS must support IPv4/IPv6 dual-stack while the ONT supports the DS-Lite.
The ONT and BRAS are connected using PPPoE. The HGW encapsulates IPv4 service packets into the
4in6 tunnel, and transmits them to the CGN for decapsulation. The ONT must enable DS-Lite at the WAN
port. The OLT performs Layer 2 forwarding for both IPv4 and IPv6 user services, which are configured
almost in the same way. The only difference is that commands for configuring DHCP option and anti-IP
spoofing are different.

 IPTV service: The STB supports IPv4/IPv6 dual-stack and carries IPTV services using either IPv4 or IPv6.

 When the STB uses IPoE and the OLT functions as the multicast duplication point, the process for
configuring IPv6 and IPv4 multicast services is the same, but commands are different. The OLT and ONU
perform bridge forwarding for both IPv4 and IPv6 user services, which can be configured almost in the
same way.

 When the STB uses PPPoE, it directly connects to the BRAS by PPPoE. The OLT and ONT only forward
PPPoE services instead of processing multicast services. This solution is not recommended.

Figure 1 FTTH (gateway ONT) service networking

1.7.6.2 Data Plan


Data Plan

This section describes the security, device management data, QoS, Internet service data, voice service data, and
IPTV service data planning.

Security Planning

2024-09-17 727
MA5800 Product Documentation

Security planning includes system security, user security, and service security, ensuring that user services are
provided properly from different dimensions.
In the FTTH (gateway ONT) networking scenario, only anti-IP spoofing and DHCP option of IPv6 and IPv4 services
are different.
Anti-IP spoofing: This function needs to be configured separately for IPv6 services.

The anti-IP spoofing function can be enabled or disabled at three levels. This function takes effect only when it is
enabled at all the three levels.

1. Global level: Run the security anti-ipv6spoofing enable command in global config mode.

2. VLAN level: Run the security anti-ipv6spoofing enable command in VLAN service profile mode.

3. Service port level: Run the security anti-ipv6spoofing service-port serviceport-id enable command.

DHCP option: The DHCP option for IPv4 is DHCPv4 option 82 and for IPv6 is DHCPv6 option 18/37.

The DHCPv6 option18 and option37 functions can be enabled or disabled at two levels. This function takes effect
only when it is enabled at both levels.

1. Global level: Run the dhcpv6 option enable command in global config mode.

2. VLAN level: Run the dhcpv6 option enable command in VLAN service profile mode.

Device Management Data Planning

Device management data planning includes the management channel and IP address planning. The management
channels for IPv6 and IPv4 services are the same.
Planning Device or Solution Introduction
Service

Management OLT The device management uses single-tagged VLANs on the entire network.
channel

IP address Internet IPv4 address: An ONT obtains the IPv4 address from the BRAS using PPPoE or
planning DHCP. If IPoE dial-up is used, the static address can be configured. At the same time,
(gateway ONT) as the DHCP server, the ONT allocates private network IP addresses to PCs. The NAT
function enables these PCs to go online by sharing the IPv4 address allocated by the
BRAS.
The BRAS can allocate a public network IP address to an ONT.
The BRAS can allocate a private network address to an ONT. The private network
address is translated to the public network address by CGN (NAT44).
IPv6 address: An ONT obtains the IPv6 address from the BRAS using PPPoE, SLAAC,
or DHCPv6. If IPoE dial-up is used, the static address can be configured. At the same
time, the ONT as the DHCP server obtains the prefix of an IPv6 address, and
allocates IPv6 addresses to connected PCs using the network cable or WiFi.

IPTV service If the IPv4 protocol is used, an STB obtains the IP address from the BRAS using
DHCP.
If the IPv6 protocol is used, the STB obtains the IP address in either of the following
ways:
Obtains the IP address from the BRAS using DHCPv6.

2024-09-17 728
MA5800 Product Documentation

Planning Device or Solution Introduction


Service

Obtains the IP address from the BRAS using SLAAC.

VoIP service The IPv4 protocol is still used. The ONT functions as the DHCP client to obtain an IP
address from the DHCP server, or the NMS issues a static IP address to the ONT
using the configuration file. Voice media/signaling flows at multiple POTS ports
share one IP address. Media flows are classified by port.

TR069 The IPv4 protocol is still used. For scenarios in which TR069 is required for
management management maintenance and service provisioning, the ONT functions as the DHCP
client to obtain a public network IP address from the DHCP server to connect the
TR069 server ACS.

QoS Planning
The E2E QoS planning includes the flow classification, marking/scheduling policy, traffic monitoring, and DBA
policy.
When the IPv6 protocol is used, the QoS planning is the same for both IPv6 and IPv4.

 Management service: IPv4

 Voice service: IPv4

 IPTV service: One user uses either IPv6 or IPv4 at one time. The QoS planning for IPv6 and IPv4 IPTV services
is the same.

 Internet service: It is recommended that access devices use one flow to carry IPv6 and IPv4 Internet services.
The QoS planning is the same for the flow that carries both IPv6 and IPv4 Internet services and the flow that
carries only the IPv4 Internet service.

Internet Service Planning

The Internet service planning includes the VLAN and VLAN switching policy planning in different networking
scenarios.
IPv6 and IPv4 Internet services: It is recommended that devices use one flow to carry IPv6 and IPv4 Internet
services. This facilitates the control of the aggregate rate for IPv6 and IPv4 Internet services. The QoS planning is
the same for the flow that carries both IPv6 and IPv4 Internet services and the flow that carries only the IPv4
Internet service.

Voice Service Data Planning

Voice service data planning includes the VLAN/VLAN switching policy planning in different networking scenarios,
and voice protocol planning.
Even after IPv6 is used, the device still uses IPv4 to implement voice services.

IPTV Service Data Planning

2024-09-17 729
MA5800 Product Documentation

IPTV service data planning includes the VLAN/VLAN switching policy planning in different networking scenarios,
and IPTV service planning.
When the IPv6 protocol is used, one IPTV user uses either IPv6 or IPv4 at one time. The VLAN data planning for
IPv6 is consistent with that for IPv4. IGMP protocol differences are demonstrated in the configuration procedure.

1.7.6.3 Configuration Procedure


Configuration Procedure

This section describes IPv6 configuration procedure, and compares it with the IPv4 configuration procedure.

FTTH (Gateway ONT) Configuration Procedure

After IPv6 is introduced to the FTTH (gateway ONT) scenario, the service configuration procedure is shown in the
following figure. When IPv6 is introduced, the configurations for security features, Layer 3 Internet services,
bridging WAN multicast services are different from those of IPv4. For differences, see Configuration Difference
Between IPv6 and IPv4 .

Texts in blue show the configuration difference between IPv6 and IPv4.

1.7.6.4 Configuration Example


Configuration Example

Introduce the end-to-end service configuration based on the FTTH (Gateway ONT) networking and the
corresponding data plan.

2024-09-17 730
MA5800 Product Documentation

Key Messages for Configuration


In this example, two ONTs are connected to the same PON port of the OLT. Triple play services are required.

 Even after IPv6 is used, the voice service is still realized by IPv4.

 Even after IPv6 is used, the OLT implement Layer 2 forwarding for HSI service in this networking, irrespective
of whether the access service is IPv4 or IPv6. Service configurations for IPv4 and IPv6 are the same. For the
HSI service from one end user, one service flow is used to carry IPv6 and IPv4 Internet services, and the same
service VLAN is used. The gateway ONT requires specific configuration to enable the IPv4/IPv6 dual stack or
the DS-Lite for the HSI service.

 For multicast service, the OLT is the node to make multicast duplication. The configuration procedure is the
same for IPv4 multicast and IPv6 multicast. The IPv4 multicast service and IPv6 multicast service can be
configured in the same multicast VLAN on the OLT equipment.

Data plan on the OLT side

Web or the NMS is recommended to configure the gateway ONT layer 3 HSI service. CLI through the OLT is
recommended to configure the gateway ONT voice service. The WAN interface for multicast service on the ONT is
configured by iTMS.
Item Data Memo

ONT data plan

DBA profile Profile name: ftth_dba The ONTs are connected to the OLT through the GPON
Profile type: Type3 port.
Assured bandwidth: 8 Mbit/s
Maximum bandwidth: 20 Mbit/s

ONT line Profile name: ftth


profile T-CONT ID: 4
GEM port ID for management services: 11
GEM port ID for voice services: 12
GEM port ID for video services: 13
GEM port ID for Internet access services: 14

ONT service Profile name: ftth


profile ONT port capability set: adaptive

Network PON port: 0/1/0


topology data ONT IDs: 1 and 2

LAG data plan

LAG Ports: 0/9/0 and 0/9/1 Configure upstream ports 0/9/0 and 0/9/1 into an
Working mode: LACP static aggregation aggregation group. Each member port in the aggregation
group allocates packets based on the source MAC
address.

Queue scheduling data plan

Queue Queue scheduling: strict priority (SQ) mode System default is adopted in this example.
scheduling Priority mapping: mapped into different

2024-09-17 731
MA5800 Product Documentation

Item Data Memo

queues based on priorities

Security data plan

System Anti-DOS attack: disabled System default is adopted in this example.


security Anti-ICMP attack: disabled
Anti-IP attack: disabled

User security Anti-MAC duplicate: disabled System default is adopted in this example.
Anti-IP spoofing: disabled

PPPoE Service RAIO Type: PITP P PITP is recommended for PPPoE.


security RAIO Mode: common

IPv4oE Service RAIO Type: DHCP Option 82 DHCPv4 option and DHCPv6 option are recommended
security RAIO Mode: common for IPoE.

IPv6oE Service RAIO Type: DHCPv6 Option


security RAIO Mode: common

HSI service data plan

ONT line Profile name: ftth For details, see Data Plan .
profile T-CONT ID: 4
GEM port ID: 14

ONT service Profile name: ftth


profile ONT port capability set: adaptive

Traffic profile Profile name: ftth_hsi


CIR: 4 Mbit/s
Priority: 0

Network Upstream port: 0/9/0


topology data PON port: 0/1/0
ONT IDs: 1 and 2
ID of the port on the ONT that is connected
to the PC: 1

Voice service data plan

ONT line Profile name: ftth For details, see Data Plan .
profile T-CONT ID: 4
GEM port ID: 12

ONT service Profile name: ftth


profile ONT port capability set: adaptive

Traffic profile Profile name: ftth_voip


CIR: not limited
Priority: 5

Networking IP address of the MGC server:


data 10.200.200.200/24
Port ID of the MGC server: 2944

2024-09-17 732
MA5800 Product Documentation

Item Data Memo

Bridge WAN multicast service data plan

ONT line Profile name: ftth For details, see Data Plan .
profile T-CONT ID: 4
GEM port ID: 13

ONT service Profile name: ftth


profile ONT port capability set: adaptive

Traffic profile ID: 8


802.1p priority: 4
CIR: off (unlimited)
Priority-based scheduling policy: local-
setting

VLAN Plan S-VLAN ID: 1000


VLAN type: smart
VLAN attribute: common

VLAN ONT: duplicates packets based on user


Translation ports and multicast VLANs (M-VLANs) are
Policy stripped off downstream.
OLT: duplicates multicast packets based on
PON ports with M-VLAN unchanged.

Multicast Multicast protocol: IGMP proxy


service data Multicast version: IGMPv2
Multicast program: dynamic obtaining
mode
Program address area: ff15::-ff15::ffff

VOD service data plan

ONT line Profile name: ftth For details, see Data Plan .
profile T-CONT ID: 4
GEM port ID: 13

ONT service Profile name: ftth


profile ONT port capability set: adaptive

Traffic profile ID: 8


802.1p priority: 4
CIR: off (unlimited)
Priority-based scheduling policy: local-
setting

VLAN Plan Single VLAN tag:


S-VLAN ID: 1100
VLAN type: smart
VLAN attribute: common
C-VLAN: 2001

VLAN The ONT adds CVALN tags (configured on


Translation the iTMS) to packets: untag<->C.
Policy The OLT implements VLAN translation: C<-

2024-09-17 733
MA5800 Product Documentation

Item Data Memo

>S.

Procedure

1. Configure LAG for upstream ports.


Configure upstream ports 0/9/0 and 0/9/1 into an aggregation group. Each member port in the aggregation
group allocates packets based on the source MAC address. The working mode is LACP static aggregation.

huawei(config)#link-aggregation 0/9 0-1 ingress workmode lacp-static

2. Configure GPON ONT profiles.

a. Configure a DBA profile.


Create the same DBA profile for different types of services. Set the profile name to ftth_dba, profile
type to type3, assured bandwidth to 8 Mbit/s, and maximum bandwidth to 20 Mbit/s.

huawei(config)#dba-profile add profile-name ftth_dba type3 assure 8192 max 20480

b. Configure an ONT line profile.


Create a GPON ONT line profile, named ftth, and bind it to the DBA profile ftth_dba.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#tcont 4 dba-profile-name ftth_dba

huawei(config-gpon-lineprofile-1)#gem add 11 eth tcont 4


huawei(config-gpon-lineprofile-1)#gem add 12 eth tcont 4
huawei(config-gpon-lineprofile-1)#gem add 13 eth tcont 4
huawei(config-gpon-lineprofile-1)#gem add 14 eth tcont 4

huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

c. Configure an ONT service profile.


Create a GPON ONT service profile, named ftth. Configure the capability set of the ETH port and POTS
port to adaptive. Then the system automatically adapts to the ONT according to the actual capability
of the online ONT.

huawei(config)#ont-srvprofile gpon profile-name ftth


huawei(config-gpon-srvprofile-1)#ont-port eth adaptive pots adaptive

huawei(config-gpon-srvprofile-1)#commit
huawei(config-gpon-srvprofile-1)#quit

d. (Optional) Add an alarm profile. In this example, the default alarm profile is used, and therefore the
configuration of the alarm profile is not required.

3. Add ONTs.
Connect two ONTs to GPON port 0/1/0. Set the ONT IDs to 1 and 2, SNs to 3230313126595540 and
6877687714852901, passwords to 0100000001 and 0100000002, discovery mode for password

2024-09-17 734
MA5800 Product Documentation

authentication to once-on, and management mode to OMCI. Bind the two ONTs to ONT line profile ftth and
ONT service profile ftth.
There are two modes to add an ONT: add an ONT offline and confirm an automatically discovered ONT.

 Add ONTs offline.


If the password of an ONT is known, run the ont add command to add an ONT offline.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont add 0 1 password-auth 0100000001 once-on no-aging omci ont-lineprofile-
name

ftth ont-srvprofile-name ftth

huawei(config-if-gpon-0/1)#ont add 0 2 password-auth 0100000002 once-on no-aging omci ont-lineprofile-


name

ftth ont-srvprofile-name ftth

 Confirm automatically discovered ONTs


If the password or SN of an ONT is unknown, run the port portid ont-auto-find command in GPON
mode to enable the ONT auto-discovery function of the GPON port. Then, run the ont confirm
command to confirm the ONT.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#port 0 ont-auto-find enable
huawei(config-if-gpon-0/1)#display ont autofind 0
//After this command is executed, the information about all ONTs connected to the GPON port through optical
splitters is displayed.

huawei(config-if-gpon-0/1)#ont confirm 0 ontid 1 sn-auth 3230313126595540 omci ont-lineprofile-name

ftth ont-srvprofile-name ftth

huawei(config-if-gpon-0/1)#ont confirm 0 ontid 2 sn-auth 6877687714852901 omci ont-lineprofile-name

ftth ont-srvprofile-name ftth

If multiple ONTs of the same type bound to the same line profile or service profile are connected to the same port,
you can bulk add ONTs by bulk confirming automatically discovered ONTs to make configuration easier and more
efficient. To do so, the preceding command can be modified as follows:

huawei(config-if-gpon-0/1)#ont confirm 0 all sn-auth omci ont-lineprofile-name ftth


ont-srvprofile-name ftth

 (Optional) Bind the alarm profile to the ONT.


The default profile 1 is used in this example.

huawei(config-if-gpon-0/1)#ont alarm-profile 0 1 profile-id 1


huawei(config-if-gpon-0/1)#ont alarm-profile 0 2 profile-id 1

4. Check ONT status.

2024-09-17 735
MA5800 Product Documentation

After an ONT is added, run the display ont info command to query the current status of the ONT. Ensure
that Config flag of the ONT is active, Run State is online, Config state is normal, and Match state is
match.

huawei(config-if-gpon-0/1)#display ont info 0 1


---------------------------------------------------------------------
F/S/P : 0/1/0
ONT-ID :1
Control flag : active //Indicates that the ONT is activated.
Run state : online //Indicates that the ONT goes online successfully.
Config state : normal //Indicates that the configuration state of the ONT is normal.
Match state : match //Indicates that the capability profile bound to the ONT is consistent with the actual capability
of the ONT.
...//The rest of the response information is omitted.

When Config state is failed, Run state is offline, or Match state is mismatch:

 If Control flag is deactive, run the ont active command in GPON mode to activate the ONU.

 If Run state is offline, a physical line may be broken or the optical module may be damaged. Check the
line and the optical module.

 If Config state is failed, the configured ONU capability exceeds the actual ONU capability. In this case,
run the display ont failed-configuration command in the diagnose mode to check the failed
configuration item and the failure cause. Then, rectify the fault accordingly.

 If the ONU does not match, that is, Match state is mismatch, the port types and number of ports
undermatch the actual port types and number of ports supported by the ONU. In this case, run the
display ont capability command to query the actual capability of the ONU, and then select one of the
following modes to modify the ONU configuration:

 Create a proper ONU profile according to the actual capability of the ONU, and then run the ont
modify command to modify the configuration data of the ONU.

 Modify the ONU profile according to the actual capability of the ONU and save the modification.
Then, the ONU automatically recovers the configuration successfully.

5. Configure the traffic profile for the HSI service.

huawei(config)#traffic table ip name ftth_hsi cir 4096 priority 0 priority-policy local-setting

6. Configure the VLAN translation policy and service port for the HSI service.
Table 1 Scenario plan

Scenario VLAN Plan VLAN Translation Policy

Scenario Double VLAN tags ONT: The iTMS factory default setting (untag) is used.
1 OLT: performs VLAN translation: Untag<->S+C. The OLT adds different C-VLANs to
S-VLAN ID: 100
packets from different ONTs.
S-VLAN type: smart
S-VLAN attribute:

2024-09-17 736
MA5800 Product Documentation

Table 1 Scenario plan

Scenario VLAN Plan VLAN Translation Policy

stacking
C-VLAN ID: 1001-
1002

Scenario Double VLAN tags ONT: The iTMS configures C-VLANs in a unified manner.
2 OLT: performs VLAN translation: C<->S+C'. The OLT translates C-VLANs from
S-VLAN ID: 100
different ONTs to different C-VLANs.
S-VLAN type: smart
S-VLAN attribute:
stacking
C-VLAN ID: 1010-
1011
C-VLAN ID: 1001

 Scenario 1:
Configure the ONT packet processing mode. In the ONT service profile, set the packet transmission
mode to TAG transparent transmission for Ethernet port 1.

huawei(config)#ont-srvprofile gpon profile-name ftth


huawei(config-gpon-srvprofile-1)#port vlan eth 1 transparent
huawei(config-gpon-srvprofile-1)#commit
huawei(config-gpon-srvprofile-1)#quit

Create a service VLAN and add an upstream port to it. Add upstream port 0/19/0 to VLAN 100.

huawei(config)#vlan 100 smart


huawei(config)#vlan attrib 100 stacking
huawei(config)#port vlan 100 0/19 0

Create service flows. Set S-VLAN ID to 100 and GEM port ID to 14. Use traffic profile ftth_hsi.

huawei(config)#service-port vlan 100 gpon 0/1/0 ont 1 gemport 14 multi-service

user-vlan untagged tag-transform add-double inner-vlan 1001 inbound traffic-table name


ftth_hsi outbound traffic-table name ftth_hsi

huawei(config)#service-port vlan 100 gpon 0/1/0 ont 2 gemport 14 multi-service

user-vlan untagged tag-transform add-double inner-vlan 1002 inbound traffic-table name


ftth_hsi outbound traffic-table name ftth_hsi

 Scenario 2:
Configure the mapping relationship between a GEM port and a VLAN. The service flow of user VLAN
1001 is mapped to GEM port 14 in the ONT line profile.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#gem mapping 14 0 vlan 1001
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

Create a service VLAN and add an upstream port to it. Add upstream port 0/19/0 to VLAN 100.

2024-09-17 737
MA5800 Product Documentation

huawei(config)#vlan 100 smart


huawei(config)#vlan attrib 100 stacking
huawei(config)#port vlan 100 0/19 0

Create service flows. Set the service VLAN to 100, GEM port ID to 14, and user VLAN to 1001, and use
traffic profile ftth_hsi.

huawei(config)#service-port vlan 100 gpon 0/1/0 ont 1 gemport 14 multi-service

user-vlan 1001 tag-transform translate-and-add inner-vlan 1010 inbound traffic-table name


ftth_hsi outbound traffic-table name ftth_hsi

huawei(config)#service-port vlan 100 gpon 0/1/0 ont 2 gemport 14 multi-service

user-vlan 1001 tag-transform translate-and-add inner-vlan 1011 inbound traffic-table name


ftth_hsi outbound traffic-table name ftth_hsi

7. Configure the traffic profile for the voice service.

huawei(config)#traffic table ip name ftth_voip cir off priority 5 priority-policy

local-setting

8. Configure the VLAN translation policy and service port for the voice service.
Table 2 Scenario plan

Scenario VLAN Plan VLAN Translation Policy

Scenario Single VLAN tag ONT: The iTMS issues the VLAN of the WAN port or factory default setting is
1 used.
S-VLAN ID: 300
OLT: transparently transmits VLAN (C-VLAN is the same as the planned S-VLAN).
S-VLAN type: smart
S-VLAN attribute:
common
C-VLAN ID: 300

Scenario Single VLAN tag: ONT: The iTMS issues the VLAN of the WAN port or factory default setting is
2 used.
S-VLAN ID: 300
OLT: performs VLAN translation: C<->S (C-VLAN is different from the planned S-
S-VLAN type: smart VLAN).
S-VLAN attribute:
common
C-VLAN ID: 3001

Scenario 1:
Configure the mapping relationship between a GEM port and a VLAN. The service flow of user VLAN 300 is
mapped to GEM port 12 in the ONT line profile.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#gem mapping 12 2 vlan 300
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

Create a service VLAN and add an upstream port to it. Add upstream port 0/9/0 to VLAN 300.

huawei(config)#vlan 300 smart

2024-09-17 738
MA5800 Product Documentation

huawei(config)#port vlan 300 0/9 0

Create service flows. Set the service VLAN to 300, GEM port ID to 12, and user VLAN to 300, and use traffic
profile ftth_voip.

huawei(config)#service-port vlan 300 gpon 0/1/0 ont 1 gemport 12 multi-service

user-vlan 300 inbound traffic-table name ftth_voip outbound traffic-table name


ftth_voip

huawei(config)#service-port vlan 300 gpon 0/1/0 ont 2 gemport 12 multi-service

user-vlan 300 inbound traffic-table name ftth_voip outbound traffic-table name


ftth_voip
Scenario 2:
Configure the mapping relationship between a GEM port and a VLAN. The service flow of user VLAN 3001 is
mapped to GEM port 12 in the ONT line profile.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#gem mapping 12 2 vlan 3001
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

Create a service VLAN and add an upstream port to it. Add upstream port 0/9/0 to VLAN 300.

huawei(config)#vlan 300 smart


huawei(config)#vlan attrib 300 stacking
huawei(config)#port vlan 300 0/9 0

Create service flows. Set the service VLAN to 300, GEM port ID to 12, and user VLAN to 3001. Use traffic
profile ftth_voip.

huawei(config)#service-port vlan 300 gpon 0/1/0 ont 1 gemport 12 multi-service

user-vlan 3001 tag-transform translate inbound traffic-table name ftth_voip outboun


d traffic-table name ftth_voip

huawei(config)#service-port vlan 300 gpon 0/1/0 ont 2 gemport 12 multi-service

user-vlan 3001 tag-transform translate inbound traffic-table name ftth_voip outboun


d traffic-table name ftth_voip

9. Configure ONT voice service profiles.


ONT voice service profiles include the interface common profile, MGC interface profile, and POTS port
profile.

 Interface common profile: saves common attributes of an ONT voice interface, including the fax mode,
fax/modem negotiation mode, and priority of the coding and decoding mode.

 MGC interface profile: saves the IP address or domain name of the MGC, protocol port ID of the MGC
transport layer to which the MG interface belongs, and DSCP priority of media packets.

 POTS port profile: saves physical attributes of a POTS port on an ONT, including the impedance,
transmitting gain, receiving gain, and signaling type of the POTS port.

a. Configure an interface common profile.

2024-09-17 739
MA5800 Product Documentation

Run the display ont-mg-attribute-profile command to query the existing interface common profile
in the system. If the existing interface common profile in the system does not meet the requirements,
run the ont-mg-attribute-profile add command to add an interface common profile.
In this example, the default interface common profile, namely interface common profile 1 is used.
b. Configure an MGC interface profile.
Run the display ont-mgc-profile command to query the existing MGC interface profile in the system.
If the existing MGC interface profile in the system does not meet the requirements, run the ont-mgc-
profile add command to add an MGC interface profile.
Create MGC interface profile 2, set the IP address of the MGC to 10.200.200.200, and use default
values for other parameters.

huawei(config)#ont-mgc-profile add profile-id 2 primary-mgc 10.200.200.200

c. Configure a POTS port profile.


Run the display ont-pots-profile command to query the existing POTS port profile in the system. If
the existing POTS port profile in the system does not meet the requirements, run the ont-pots-
profile add command to add a POTS port profile.
In this example, the default POTS port profile, namely POTS port profile 1 is used.

10. Configure the IP addresses of ONT H.248 users.


For ONT 1 and ONT 2, configure the IP address obtaining mode to the dhcp mode, set the management
VLAN to VLAN 20, and use default values for other parameters.

huawei(config)#interface gpon 0/1


huawei(config-if-gpon-0/1)#ont ipconfig 0 1 dhcp vlan 20
huawei(config-if-gpon-0/1)#ont ipconfig 0 2 dhcp vlan 20

11. Configure H.248 PSTN users.

a. Add an H.248 interface and apply an MGC interface profile to the interface.
For ONT 1 and ONT 2, set the MG ID to 1, apply MGC interface profile 2 to ONT 1 and ONT 2, and use
default values for other parameters.
If parameters of an MGC interface profile are changed, the MGC interface profile must be reapplied to
the ONT so that the changed parameters can take effect.

huawei(config-if-gpon-0/1)#if-h248 add 0 1 1 mgc-profile profile-id 2


huawei(config-if-gpon-0/1)#if-h248 add 0 2 1 mgc-profile profile-id 2

b. Add PSTN users.


For ONT 1 and ONT 2, create a PSTN user, set the MG ID to 1 (identical to the MG ID of the H.248
interface), and set the physical terminal port ID to A0 and A1.

huawei(config-if-gpon-0/1)#mgpstnuser add 0 1 1 mgid 1 terminalid A0


huawei(config-if-gpon-0/1)#mgpstnuser add 0 2 1 mgid 1 terminalid A1

Run the display mgpstnuser attribute command to check whether the configuration of the PSTN
user is properly set.

huawei(config-if-gpon-0/1)#display mgpstnuser attribute 0 1 1


------------------------------------------------------------------------------

2024-09-17 740
MA5800 Product Documentation

F/S/P : 0/1/0
ONT ID :1
Port ID :1

MG ID :1
Terminal ID : A0
...//The rest of the response information is omitted.

huawei(config-if-gpon-0/1)#display mgpstnuser attribute 0 2 1


------------------------------------------------------------------------------
F/S/P : 0/1/0
ONT ID :2
Port ID :1

MG ID :1
Terminal ID : A1
...//The rest of the response information is omitted.

12. Apply ONT voice service profiles


After ONT voice service profiles are applied, if parameters in those profiles are changed, those profiles must
be reapplied so that the changed parameters can take effect.

a. Apply an interface common profile.


Run the if-h248 attribute command to apply an interface common profile to an H.248 interface or
configure the interface customized parameters, or run the ont-if-h248 bat-apply command to bulk
apply the interface common profiles to H.248 interfaces. If you use these two commands to apply the
interface common profiles or configure the interface customized parameters repeatedly, the last
configurations take effect.
In this example, the default interface common profile, namely interface common profile 1 is used.

b. Apply a POTS port profile.


Run the pstnport electric command to apply a POTS port profile to an H.248 interface or configure
the interface customized parameters, or run the ont-pstnport electric bat-apply command to bulk
apply the POTS port profiles to H.248 interfaces. If you use these two commands to apply the POTS
port profiles or configure the interface customized parameters repeatedly, the last configurations
take effect.
In this example, the default POTS port profile, namely POTS port profile 1 is used.

13. (Optional) Configure the H.248 user codec.


Run the mgpstnuser codec command to configure the H.248 user codec. The H.248 user codec will not be
configured independently in this example.

14. Configure the traffic profile for the IPTV service.

huawei(config)#traffic table ip index 8 cir off priority 4 priority-policy

local-setting

2024-09-17 741
MA5800 Product Documentation

15. Configure the VLAN translation policy and service port for the multicast service.

a. Configure the mapping relationship between a GEM port and a VLAN.


The service flow of user VLAN 1000 is mapped to GEM port 13 in the ONT line profile.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#gem mapping 13 4 vlan 1000
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

b. Configure the VLAN of the Ethernet port on the ONT and the multicast forwarding mode.
If the ONT is connected to the STB through Ethernet port 2, add Ethernet port 2 to VLAN 1000.
Configure the multicast forwarding mode is untagged.

huawei(config)#ont-srvprofile gpon profile-name ftth


huawei(config-gpon-srvprofile-1)#port vlan eth 2 1000
huawei(config-gpon-srvprofile-1)#multicast-forward untag
huawei(config-gpon-srvprofile-1)#commit
huawei(config-gpon-srvprofile-1)#quit

c. Create a service VLAN and add an upstream port to it.


Add upstream port 0/9/0 to VLAN 1000.

huawei(config)#vlan 1000 smart


huawei(config)#port vlan 1000 0/9 0

d. Create service flows.


Set the service VLAN to 1000, GEM port ID to 13, and user VLAN to 1000, and use traffic profile
ftth_iptv.

huawei(config)#service-port vlan 1000 gpon 0/1/0 ont 1 gemport 13 multi-service

user-vlan 1000 inbound traffic-table name ftth_iptv outbound traffic-table name ftth_iptv

huawei(config)#service-port vlan 1000 gpon 0/1/0 ont 2 gemport 13 multi-service

user-vlan 1000 inbound traffic-table name ftth_iptv outbound traffic-table name ftth_iptv

16. Create an M-VLAN and configure the IGMP version.


Set the IGMP version for the M-VLAN to IGMP IPv6 v2.

huawei(config)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp ipv6 version v2
This operation will delete all IPv6 programs with source IP addresses in the
current multicast VLAN
Are you sure to change current IGMP IPv6 version? (y/n)[n]:y
Command is being executed. Please wait...
Command has been executed successfully

17. Configure a program library.

Set the mode for obtaining multicast programs to dynamic.

2024-09-17 742
MA5800 Product Documentation

You can set the mode for obtaining multicast programs to dynamic only when the IGMP mode is off.

huawei(config-mvlan1000)#igmp ipv6 mode off


Are you sure to close IGMP IPv6? (y/n)[n]:y
Command is being executed. Please wait...
Command has been executed successfully

huawei(config-mvlan1000)#igmp ipv6 match mode disable


Command has been executed successfully

(Optional) Set the address range for the dynamic programs. If you need to limit the address range of
dynamic programs, perform this operation. For example, set the address range of dynamic programs to
ff15::-ff15::ffff.

huawei(config-mvlan1000)#igmp ipv6 match group ipv6 ff15:: to-ipv6 ff15::ffff

18. Set the IGMP IPv6 mode.


Select the IGMP IPv6 proxy mode.

huawei(config-mvlan1000)#igmp ipv6 mode proxy


Are you sure to change IGMP IPv6 mode? (y/n)[n]:y
Command is being executed. Please wait...
Command has been executed successfully

19. Configure the IGMP upstream port.


Set the IGMP upstream port ID to 0/9/0 and working mode to default. Protocol packets are transmitted to
all the IGMP upstream ports in the multicast VLAN.

huawei(config-mvlan1000)#igmp uplink-port 0/9/0


huawei(config-mvlan1000)#btv
huawei(config-btv)#igmp uplink-port-mode default
Are you sure to change the uplink port mode?(y/n)[n]:y

20. Configure multicast users.


Add service ports 1 and 2 as multicast users.

huawei(config-btv)#igmp policy service-port 1 normal


huawei(config-btv)#igmp policy service-port 2 normal
huawei(config-btv)#igmp user add service-port 1
huawei(config-btv)#igmp user add service-port 2
huawei(config-btv)#multicast-vlan 1000
huawei(config-mvlan1000)#igmp multicast-vlan member service-port 1
huawei(config-mvlan1000)#igmp multicast-vlan member service-port 2
huawei(config-mvlan1000)#quit

21. Configure the VLAN translation policy and service port for the VoD service.

2024-09-17 743
MA5800 Product Documentation

a. Configure the mapping relationship between a GEM port and a VLAN.


The service flow of user VLAN 1000 is mapped to GEM port 13 in the ONT line profile.

huawei(config)#ont-lineprofile gpon profile-name ftth


huawei(config-gpon-lineprofile-1)#gem mapping 13 4 vlan 1000
huawei(config-gpon-lineprofile-1)#commit
huawei(config-gpon-lineprofile-1)#quit

b. Configure the VLAN of the Ethernet port on the ONT.


If the ONT is connected to the STB through Ethernet port 2, add Ethernet port 2 to VLAN 1000.

huawei(config)#ont-srvprofile gpon profile-name ftth


huawei(config-gpon-srvprofile-1)#port vlan eth 2 1000
huawei(config-gpon-srvprofile-1)#commit
huawei(config-gpon-srvprofile-1)#quit

c. Create a service VLAN and add an upstream port to it.


Add upstream port 0/9/0 to VLAN 1000.

huawei(config)#vlan 1000 smart


huawei(config)#port vlan 1000 0/9 0

d. Create service flows.


Set the service VLAN to 1000, GEM port ID to 13, and VLAN translation mode to transparent
transmission, and use traffic profile ftth_iptv.

huawei(config)#service-port vlan 1000 gpon 0/1/0 ont 1 gemport 13 inbound traffic-table name ftth_iptv

outbound traffic-table name ftth_iptv tag-transform transparent

huawei(config)#service-port vlan 1000 gpon 0/1/0 ont 2 gemport 13 inbound traffic-table name ftth_iptv

outbound traffic-table name ftth_iptv tag-transform transparent

22. (Optional) Configure the PITP function for PPPoE.

huawei(config)#raio-mode common pitp-pmode


huawei(config)#pitp enable pmode

23. (Optional) Configure the DHCP option function for IPoE.

huawei(config)#raio-mode common dhcp-option82 //For DHCPv4 packets


huawei(config)#dhcp option82 enable //For DHCPv4 packets
huawei(config)#raio-mode common dhcpv6-option //For DHCPv6 packets
huawei(config)#dhcpv6 option enable //For DHCPv6 packets

24. Save the configuration on the OLT side.

huawei(config)#save

25. Log in to the web configuration window.

a. Configure the IP address of the PC network adapter to be in the same network segment with the IP
address of the local maintenance Ethernet port on the ONT (default: 192.168.100.1).

2024-09-17 744
MA5800 Product Documentation

b. Open the web browser, and enter the IP address of the local maintenance Ethernet port on the ONT.
In the login window, enter the user name (default: telecomadmin) and password (default:
admintelecom) of the administrator. After the password is authenticated, the web configuration
window is displayed.

The following steps are configured on the ONT through the web page.

26. Configure the working mode for the LAN port.

a. Choose LAN > LAN Port Work Mode from the navigation tree. Select the check box next to LAN1 to
set port LAN1 to work in Layer 3 mode. Figure 1 shows the parameter settings.

Figure 1 Parameter settings on the web page for the LAN port

b. Click Apply to make the configuration take effect.

27. Configure parameters for a WAN interface.

a. Choose WAN > WAN Configuration from the navigation tree.

b. In the right pane, click New. In the dialog box that is displayed, set the parameters as follows:

 Select Enable WAN Connection to enable the new WAN connection.

 Set Encapsulation Mode to PPPOE or IPOE according to the IPv6 HSI solution.

 Set Protocol Type to IPv4/IPv6 (dual stack) or IPv6 (DS-Lite).

 Set Mode to Route WAN.

 Set Service List to INTERNET.

 Select Enable VLAN.

 Set VLAN ID to 1001.

 Set 802.1p to 0.

 Set User Name to iadtest@pppoe and Password to iadtest.

 Select the check box next to LAN1 in the Binding options area, indicating that the WAN port is
bound to LAN1.

IPv4 Information

 Set IP Acquisition Mode to PPPoE when PPPoE is adopted for HSI. Set IP Acquisition Mode to
Static or DHCP according to the data plan.

 Select Enable NAT to enable the NAT function.

2024-09-17 745
MA5800 Product Documentation

IPv6 Information

 DHCP-PD is recommended for Prefix Acquisition Mode.

 DHCP is recommended for IP Acquisition Mode.

 In case of DS-Lite solution and the Protocol Type in the Basic Information field is set to IPv6,
set the DSLite Work Mode to Auto.

Figure 2 shows the parameter settings.

Figure 2 Parameter settings on the web page for the WAN port

c. Click Apply to make the configuration take effect.

2024-09-17 746

You might also like