- 
€
                            
 
Building on next-generation, high-performance hardware and the Huawei Versatile Routing Platform (VRP), the S5720-LI series support intelligent stack (iStack), flexible Ethernet networking, and diversified security control. They provide customers with a green, easy-to-manage, easy-to-expand, and cost-effective gigabit to the desktop solution. In addition, Huawei customizes specialized models to meet customer requirements and to suit special scenarios.
The models with front power sockets can be installed in a 300 mm deep cabinet. They can be maintained through the front panel, saving space in small equipment rooms.
The S5720-12TP-LI-AC adopts the ground-free design. Only the 220 V power module needs to be grounded. This design facilitates switch deployment in the places where grounding is difficult, such as corridor.
The models that use a fan-free design reduce power consumption and noise.
- 24 10/100/1000Base-T Ethernet ports, 4 GE SFP ports (2 of which are dualpurpose 10/100/1000Base-T or SFP ports)
- AC power supply
- PoE+
- Forwarding performance: 46.5 Mpps
- Switching capacity: 336 Gbit/s
- 802.3af (15.4 W per port): 24
- 802.3at (30 W per port): 12
PoE Power Supply Configuration
The S5720-LI series PoE-capable switches, including S5720-12TP-PWR-LI-AC, S5720-16X-PWH-LI-AC, S5720-28P-PWR-LIAC, S5720-28TP-PWR-LI-AC, S5720-28TP-PWR-LI-ACL, S5720-28X-PWR-LI-AC, S5720-28X-PWH-LI-AC, S5720-52P-PWRLI-AC, S5720-52X-PWR-LI-AC and S5720-52X-PWR-LI-ACF, have built-in PoE power supplies.
Flexible Ethernet Networking
In addition to traditional Spanning Tree Protocol (STP), Rapid Spanning Tree Protocol (RSTP), and Multiple Spanning Tree Protocol (MSTP), the S5720-LI supports Huawei-developed Smart Ethernet Protection (SEP) technology and the latest Ethernet Ring Protection Switching (ERPS) standard. SEP is a ring protection protocol specific to the Ethernet link layer, and applies to various ring network topologies, such as open ring topology, closed ring topology, and cascading ring topology. This protocol is reliable and easy to maintain, and implements fast protection switching within 50 ms. ERPS is defined in ITU-T G.8032. It implements millisecond-level protection switching based on traditional Ethernet MAC and bridging functions.
The S5720-LI supports Smart Link, which implements backup of uplinks. One S5720-LI switch can connect to multiple aggregation switches through multiple links, significantly improving reliability of access devices.
The S5720-LI supports Ethernet OAM (IEEE 802.3ah/802.1ag) to fast detect link faults
Diversified Security Control
The S5720-LI supports 802.1X authentication, MAC address authentication, and combined authentication on a per port basis, as well as Portal authentication on a per VLANIF interface basis, and implements dynamic policy delivery (VLAN, QoS, and ACL) to users.
The S5720-LI provides a series of mechanisms to defend against DoS and user-targeted attacks. DoS attacks are targeted at switches and include SYN flood, Land, Smurf, and ICMP flood attacks. User-targeted attacks include bogus DHCP server attacks, IP/MAC address spoofing, DHCP request flood, and change of the DHCP CHADDR value.
The S5720-LI collects and maintains information about access users, such as IP addresses, MAC addresses, IP address leases, VLAN IDs, and interface numbers in a DHCP snooping binding table. In this way, IP addresses and access interfaces of DHCP users can be tracked. You can specify DHCP snooping trusted and untrusted ports to ensure that users connect only to the authorized DHCP server.
The S5720-LI supports strict ARP learning. This feature prevents ARP spoofing attackers from exhausting ARP entries so that users can connect to the Internet normally.
Easy Operations and Maintenance (O&M)
The S5720-LI supports Huawei EasyOperation which is a solution that provides zero-touch deployment, replacement of faulty devices without additional configuration, USB-based deployment, batch configuration, and batch remote upgrade. The EasyOperation solution facilitates device deployment, upgrade, service provisioning, and other management and maintenance operations, and also greatly reduces O&M costs. The S5720-LI can be managed and maintained using Simple Network Management Protocol (SNMP) V1, V2, and V3, Command Line Interface (CLI), web-based network management system, or Secure Shell (SSH) V2.0. Additionally, it supports remote network monitoring (RMON), multiple log hosts, port traffic statistics collection, and network quality analysis, helping with network consolidation and reconstruction.
EasyDeploy: The Commander collects topology information about the connected clients and stores the clients' startup information based on the topology. Clients can be replaced with zero-touch configuration. The Commander can deliver configurations and scripts to clients in batches and query the delivery results. In addition, the Commander can collect and display information about power consumption on the entire network.S5720-LI Series Simplified Gigabit Ethernet Switches 7
The S5720-LI can use the GARP VLAN Registration Protocol (GVRP) to implement dynamic distribution, registration, and propagation of VLAN attributes. GVRP reduces manual configuration workload and ensures correct configuration. Additionally, the S5720-LI supports MUX VLAN, which involves a principal VLAN and multiple subordinate VLANs. Subordinate VLANs are classified into group VLANs and separate VLANs. Ports in the principal VLAN can communicate with ports in subordinate VLANs. Ports in a subordinate group VLAN can communicate with each other, whereas ports in a subordinate separate VLAN can communicate only with ports in the principal VLAN. The S5720-LI also supports VLAN Central Management Protocol (VCMP) and VLAN-Based Spanning Tree (VBST) protocol.
Intelligent O&M
The S5720-LI provides telemetry technology to collect device data in real time and send the data to Huawei campus network analyzer CampusInsight. The CampusInsight analyzes network data based on the intelligent fault identification algorithm, accurately displays the real-time network status, effectively demarcates and locates faults in a timely manner, and identifies network problems that affect user experience, accurately guaranteeing user experience.
The S5720-LI supports a variety of intelligent O&M features for audio and video services, including the enhanced Media Delivery Index (eMDI). With this eDMI function, the switch can function as a monitored node to periodically conduct statistics and report audio and video service indicators to the CampusInsight platform. In this way, the CampusInsight platform can quickly demarcate audio and video service quality faults based on the results of multiple monitored nodes.
Intelligent Stack (iStack)
The S5720-LI supports intelligent stack (iStack). This technology combines multiple switches into a single logical switch. Member switches in a stack implement redundancy backup to improve device reliability and use inter-device link aggregation to improve link reliability. iStack ensures path failover within 200 milliseconds and implements hitless master/backup switchover.
iStack provides high network scalability. You can increase ports, bandwidth, and processing capacity of a stack by simply adding member switches to the stack.
iStack also simplifies device configuration and management. After a stack is set up, multiple physical switches are virtualized into a single logical device. You can log in to any member switch in the stack to manage all the member switches in the stack.
Excellent Network Traffic Analysis
The S5720-LI supports the sFlow function. It uses a method defined in the sFlow standard to sample traffic passing through it and sends sampled traffic to the collector in real time. The collected traffic statistics are used to generate statistical reports, helping enterprises maintain their networks.
Enhanced QoS Control Mechanism
The S5720-LI provides excellent QoS capabilities and supports queue scheduling and congestion control algorithms. Additionally, it adopts innovative priority queuing and multi-level scheduling mechanisms to implement fine-grained scheduling of data flows, meeting service quality requirements of different user terminals and services.
The S5720-LI implements complex traffic classification based on packet information, such as the 5-tuple, IP preference, ToS, DSCP, IP protocol type, ICMP type, TCP source port, VLAN ID, Ethernet protocol type, and CoS. ACLs can be applied to the inbound or outbound direction of a port.
The S5720-LI supports flow-based two-rate three-color CAR. Each port supports eight priority queues, multiple queue scheduling algorithms, such as WRR, DRR, SP, WRR+SP, and DRR+SP, and WRED that is a congestion avoidance algorithm. All of these features ensure high-quality voice, video, and data services.
Easy O&M with the Front Panel
The models with front power sockets can be installed in a 300 mm deep cabinet, and can be maintained through the front panel. This simplifies equipment O&M and allows more flexible cabinet deployment. The small-sized cabinets can be placed against a wall or back to back to save space in the equipment room.
Cloud Management
The Huawei cloud management platform allows users to configure, monitor, and inspect switches on the cloud, reducing on-site deployment and O&M manpower costs and decreasing network OPEX. Huawei switches support both cloud management and on-premise management modes. These two management modes can be flexibly switched as required to achieve smooth evolution while maximizing return on investment (ROI).
High-Performance VRP Software System
Huawei S series switches build on a unified Versatile Routing Platform (VRP) software system, meeting the growing network scale and the evolving Internet technologies and guaranteeing network services and network quality.
VRP is a network operating system developed by Huawei with independent intellectual property rights. It can run on multiple hardware platforms and provide unified network, user, and management views. VRP provides flexible application solutions for users. In addition, VRP is a future-proof platform that maximally protects customer investments.
The VRP platform is focused on IP services and uses a component-based architecture to provide more than 300 features. Besides, VRP stands out for its application-based tailorable and scalable capabilities.
OPS
The Open Programmability System (OPS) is an open platform based on the Python language. IT administrators can program the O&M functions of a switch through Python scripts to quickly innovate functions and implement intelligent O&M.
PoE Features
Perpetual PoE: When a PoE switch is rebooted after the software version is upgraded, the power supply to PDs is not interrupted. This capability ensures that PDs are not powered off during the switch reboot.
Fast PoE: S5720-28X-PWH-LI-AC and S5720-16X-PWH-LI-AC switches can supply power to PDs within 10 seconds after they are powered on. This is different from common switches that generally take 1 to 3 minutes to start to supply power to PDs. When a PoE switch reboots due to a power failure, the PoE switch continues to supply power to the PDs immediately after being powered on without waiting until it finishes reboot. This greatly shortens the power failure time of PDs.
PoE++ Power Supply: The S5720-16X/28X-PWH-LI-AC can provide Ethernet power supply (PoE++) for APs and surveillance cameras. As the 802.11ac standard and related products are released, the wireless access rate has reached 2.5 Gbit/s. The S5720-28X-PWH-LI fixed switch can match perfectly with high-speed APs, and provide the long-distance 200-meter PoE++ supply function and 60 W PoE on a port.
200-meter PoE Power Supply: When some PoE++ ports on Huawei S5720-28X-PWH-LI-AC work at 2.5 Gbit/s and Category 5E shielded network cables are used, the switch can provide 200-meter PoE power supply to Huawei specific APs, such as AP7052DN, AP7152DN, AP6052DN, AP8082DN, AP8182DN, AP7052DE, and AP7060DN.
Specification:
| S5720-28TP-PWR-LI-AC | |
| Fixed port | |
|---|---|
| GE port | 28 | 
| 10GE port | - | 
| Management port | |
| ETH | NA | 
| Console port (RJ45) | Supported | 
| USB port | NA | 
| CPU | |
| Frequency | 800 MHz | 
| Cores | 1 | 
| Storage | |
| Memory (RAM) | 512 MB | 
| Flash memory | Hardware: 512 MB, of which 240 MB is available for users | 
| Power supply system | |
| Power supply type | Built-in AC | 
| Power supply redundancy | - | 
| RPS | - | 
| Rated voltage range | 100 - 240 V AC 50/60 Hz | 
| Maximum voltage range | 90 - 264 V AC 47 - 63 Hz | 
| Maximum input current | 7 A | 
| Maximum power consumption of the device | Without PDs: 38.8 W With PDs: 444.8 W (PDs: 369.6 W) | 
| Power consumption in the case of 30% traffic load | 27.4 W | 
| Heat dissipation system | |
| Heat dissipation mode | Air-cooled heat dissipation and intelligent fan speed adjustment | 
| Number of fan modules | 2 | 
| Airflow | Air flows in from the left side and exhausts from the right side | 
| Maximum heat dissipation of the device (BTU/hour) | Without PDs: 132.4 | 
| Physical specifications | |
| Chassis dimensions (W x D x H, mm) | 442 x 310 x 43.6 mm | 
| Chassis heigh | 1 U | 
| Chassis weight (full configuration weight, including weight of packaging materials) | 5.3 kg | 
| Environment parameters | |
| Long-term operating temperature | 0 - 1800 m: 0°C - 45°C 
 1800 - 5000 m: The operating temperature decreases 1°C for every 220m increase in altitude | 
| Short-term operating temperature | 0 - 1800 m: -5°C - 50°C 
 1800 - 5000 m The operating temperature decreases 1°C for every 220m increase in altitude | 
| Storage temperature | -40°C - 70°C | 
| Relative humidity | 5%-95% (noncondensing) | 
| Noise under normal temperature (sound power) | 48.6 dB(A) | 
| Noise under high temperature (sound power) | 66.4 dB(A) | 
| Noise under normal temperature (sound pressure) | 43.3 dB(A) | 
| Surge protection specification (RJ45 service port) | ±7 kV | 
| MTBF | 40 years | 
| Software | |
| Ethernet features | |
| Ethernet basics | Full-duplex, halfduplex, and autonegotiation Rate autonegotiation on an interface Flow control on an interface Jumbo frames Link aggregation Load balancing among links of a trunk Transparent transmission of Layer 2 protocol packets Device Link Detection Protocol (DLDP) Link Layer Discovery Protocol (LLDP) Link Layer Discovery Protocol-Media Endpoint Discovery Interface isolation Broadcast traffic suppression on an interface Multicast traffic suppression on an interface Unknown unicast traffic suppression on an interface VLAN broadcast traffic suppression VLAN multicast traffic suppression VLAN unknown unicast traffic suppression | 
| VLAN | VLAN: 4094 VLANIF: 1024 Access mode Trunk mode Hybrid mode QinQ mode Default VLAN VLAN assignment based on interfaces VLAN assignment based on protocols VLAN assignment based on IP subnets VLAN assignment based on MAC addresses VLAN assignment based on MAC address + IP address VLAN assignment based on MAC address + IP address + interface number Adding double VLAN tags to packets based on interfaces VLAN mapping Selective QinQ MUX VLAN Voice VLAN Guest VLAN | 
| GVRP | GARP GVRP | 
| VCMP | VCMP | 
| MAC | MAC address 16K Automatic learning of MAC addresses Automatic aging of MAC addresses Static, dynamic, and blackhole MAC address entries Interface-based MAC address learning limiting Sticky MAC MAC address flapping detection MAC address spoofing defense Port bridge | 
| ARP | Static ARP Dynamic ARP ARP entry: 2048 ARP aging detection Intra-VLAN proxy ARP Routed proxy ARP | 
| Ethernet loop protection | |
| MSTP | STP RSTP MSTP VBST BPDU protection Root protection Loop protection Defense against TC BPDU attacks | 
| Loopback detection | Loop detection on an interface | 
| SEP | SEP | 
| Smart Link | Smart Link Smart Link multiinstance Monitor Link | 
| RRPP | RRPP Single RRPP ring Tangent RRPP ring Intersecting RRPP ring Hybrid networking of RRPP rings and other ring networks | 
| ERPS | G.8032 v1 G.8032 v2 ERPS semi-ring topology ERPS closed-ring topology | 
| IPv4/IPv6 forwarding | |
| IPv4 and unicast routing | IPv4 static routing VRF DHCP client DHCP server DHCP relay Routing policies IPv4 routes: 4000 RIPv1 RIPv2 OSPF Policy-based routing (PBR) | 
| Multicast routing features | IGMPv1/v2/v3 PIM-DM PIM-SM MSDP IPv4 multicast routes: 1022 IPv6 multicast routes: 496 Multicast routing policies RPF | 
| IPv6 features | IPv6 protocol stack ND ND entry: 1000 ND snooping DHCPv6 snooping RIPng DHCPv6 server DHCPv6 relay OSPFv3 IPv6 routes: 1000 VRRP6 MLDv1/v2 PIM-DM for IPv6 PIM-SM for IPv6 | 
| Layer 2 multicast | |
| Layer 2 multicast features | IGMPv1/v2/v3 snooping IGMP snooping proxy MLD snooping Multicast traffic suppression Inter-VLAN multicast replication | 
| Device reliability | |
| Stacking | Service interfacebased stacking Maximum number of stacked devices: 9 Stack bandwidth (Unidirectional): Up to 48 Gbit/s | 
| VRRP | VRRP standard protocol | 
| Ethernet OAM | |
| EFM (802.3ah) | Automatic discovery of links Link fault detection Link troubleshooting Remote loopback | 
| CFM (802.1ag) | Software-level CCM 802.1ag MAC ping 802.1ag MAC trace | 
| OAM association | Association between 802.1ag and 802.3ah | 
| Y.1731 | Unidirectional delay and jitter measurement Bidirectional delay and jitter measurement | 
| QoS features | |
| Traffic classification | Traffic classification based on ACLs Configuring traffic classification priorities Matching the simple domains of packets | 
| Traffic behavior | Traffic filtering Traffic policing (CAR) Modifying the packet priorities Modifying the simple domains of packets Modifying the packet VLANs | 
| Traffic shaping | Traffic shaping on an egress interface Traffic shaping on queues on an interface | 
| Congestion avoidance | Tail drop | 
| Congestion management | Priority Queuing (PQ) Weighted Deficit Round Robin (WDRR) PQ+WDRR Weighted Round Robin (WRR) PQ+WRR | 
| ACL | |
| Packet filtering at Layer 2 to Layer 4 | Number of rules per IPv4 ACL: 2K Number of rules per IPv6 ACL: 2K Basic IPv4 ACL Advanced IPv4 ACL Basic IPv6 ACL Advanced IPv6 AC Layer 2 ACL User-defined ACL | 
| Configuration and maintenance | |
| Login and configuration management | Command line interface (CLI)-based configuration Console terminal service Telnet terminal service SSH v1.5 SSH v2.0 SNMP-based NMS for unified configuration Web page-based configuration and management EasyDeploy (client) SVF Cloud management OPS | 
| File system | Directory and file management File upload and download | 
| Monitoring and maintenance | eMDI Hardware monitoring Log information output Alarm information output Debugging information output Port mirroring Flow mirroring Remote mirroring Energy saving | 
| Version upgrade | Version upgrade Version rollback | 
| Security | |
| ARP security | ARP packet rate limiting ARP anti-spoofing Association between ARP and STP Dynamic ARP Inspection (DAI) Static ARP Inspection (SAI) Egress ARP Inspection (EAI) | 
| IP security | ICMP attack defense IPSG for IPv4 IPSG user capacity IPSG for IPv6 IPSGv6 user capacity | 
| Local attack defense | CPU attack defense | 
| MFF | MFF | 
| DHCP snooping | DHCP snooping Option 82 function Dynamic rate limiting for DHCP packets | 
| Attack defense | Defense against malformed packet attacks Defense against UDP flood attacks Defense against TCP SYN flood attacks Defense against ICMP flood attacks Defense against packet fragment attacks Local URPF | 
| User access and authentication | |
| AAA | Local authentication Local authorization RADIUS authentication RADIUS authorization RADIUS accounting HWTACACS authentication HWTACACS authorization HWTACACS accounting | 
| NAC | 802.1X authentication MAC address authentication Portal authentication Hybrid authentication | 
| Policy association | Functioning as the access device | 
| Other | |
| Network management | Ping Tracert NQA NTP sFlow SNMP v1 SNMP v2c SNMP v3 HTTP HTTPS NETCONF/YANG RMON | 
| Interoperability | VLAN-based Spanning Tree (VBST) Link-type Negotiation Protocol (LNP) VLAN Central Management Protocol (VCMP) | 


 
                               
         
        
     
                              
 
    

