Redundancy Mechanisms forcarrier Ethernet Networks and Layer 2 VPN services BRKSPG-2207

Transcription

1 Redundancy Mechanisms forcarrier Ethernet Networks and Layer 2 VPN services BRKSPG-2207

2 genda Introduction Resiliency Fundamentals ccess Resiliency Mechanisms ggregation and Core Resiliency Mechanisms MC Flushing Mechanisms Redundancy Solutions Summary 2

3 Introduction BRKSPG-2207_c Cisco and/or its affiliates. ll rights reserved. Cisco Public 3

4 Carrier Ethernet Services Metro Ethernet Forum (MEF) Service Visualization E-LINE: Ethernet Private Line (EPL) E-LN: Ethernet Private LN (EP-LN) E-LINE: Ethernet Virtual Private Line (EVPL) E-LN: Ethernet Virtual Private LN (EVP-LN) 4

5 Carrier Ethernet Networks Mobile Content Farm Residential ccess ggregation Edge MSPP VOD TV SIP Cable STB Business Corporate ETTx MPLS / IP BNG Core Network MPLS /IP Residential DSL DPI PON Ethernet SR/PE Content Farm VOD TV SIP 5

6 Resiliency Fundamentals BRKSPG-2207_c Cisco and/or its affiliates. ll rights reserved. Cisco Public 6

7 Resiliency Fundamentals Resiliency definition from Metro Ethernet Forum: ( ) self-healing property of the network that allows it to continue to function with minimal or no impact to the network users upon disruption, outages or degradation of facilities or equipment in the MEN ( ) [MEF-2] User s perspective SL attributes such as: vailability, Mean Time To Restore (MTTR), Mean Time Between Failure (MTBF) ctual methods and mechanisms used by SP not relevant Provider s perspective Translation of SLs to network protection requirements Selection of mechanisms / protocols to provide such protection 7

8 Ethernet-ware Resiliency Mechanisms Key Requirements MUST NOT allow data-plane loops Not even transient ones, as Ethernet header has no Time To Live (TTL) or equivalent field MUST ensure congruency of forward and reverse dataplane paths Prevent MC moves in scenarios with Load Balancing MUST ensure a unique entry/exit point into an ethernet segment Prevent delivery of duplicate packets - Designated Forwarder notion MUST ensure MC-relearning after topology change notification Prevent black-holing of traffic - MC address tables must be updated after re-convergence events 8

9 ccess Resiliency Mechanisms BRKSPG-2207_c Cisco and/or its affiliates. ll rights reserved. Cisco Public 11

10 ccess Resiliency Mechanisms Multi-Chassis LCP (mlcp) and Inter-Chassis Communication Protocol (ICCP) BRKSPG-2207_c Cisco and/or its affiliates. ll rights reserved. Cisco Public 12

11 Multi-Chassis LCP and ICCP Overview mlcp & ICCP enable a switch/router to use standard Ethernet Link ggregation for device dual-homing, with active/standby redundancy Dual-homed Device (DHD) operates as if it is connected to single virtual device and runs IEEE std X-2008 (LCP) Point of ttachment (Po) nodes run Inter-chassis Communication Protocol (ICCP) to synchronize state & form a Redundancy Group (RG) mlcp Standby Po Redundancy Group (RG) DHD Inter-chassis Communication Protocol (ICCP) Link ggregation Group LCP ctive Po 13

12 Protected Failure Points mlcp Offers Protection gainst 5 Failure Points: : DHD Port Failure B: DHD Uplink Failure C: ctive Po Port Failure D: ctive Po Node Failure E: ctive Po Isolation from Core Network Standby Po DHD B C D ctive Po 14 E

13 Background: Link ggregation Control Protocol System attributes: System MC address: MC address that uniquely identifies the switch System priority: determines which switch s Port Priority values win ggregator (bundle) attributes: ggregator key: identifies a bundle within a switch (per node significance) Maximum links per bundle: maximum number of forwarding links in bundle used for Hot Standby configuration Minimum links per bundle: minimum number of forwarding links in bundle, when threshold is crossed the bundle is disabled Key: 10 Port #: 1, Priority: 10 Port #: 2, Priority: 11 Key: 10 System Priority: 3 System MC: M2 Key: 35 gg3 gg4 Port #: 3, Priority: 5 Port #: 4, Priority: 6 gg1 gg2 System Priority: 5 System MC: M1 Key: 20 15

14 Background: Link ggregation Control Protocol (Cont.) Port attributes: Port key: defines which ports can be bundled together (per node significance) Port priority: specifies which ports have precedence to join a bundle when the candidate ports exceed the Maximum Links per Bundle value Port number: uniquely identifies a port in the switch (per node significance) Key: 10 Port #: 1, Priority: 10 Port #: 2, Priority: 11 Key: 10 System Priority: 3 System MC: M2 Key: 35 gg3 gg4 Port #: 3, Priority: 5 Port #: 4, Priority: 6 gg1 gg2 System Priority: 5 System MC: M1 Key: 20 16

15 Extending LCP cross Multi- Chassis: mlcp mlcp uses ICCP to synchronize LCP configuration & operational state between Pos, to provide DHD the perception of being connected to a single switch ll Pos use the same System MC ddress & System Priority when communicating with DHD Configurable or automatically synchronized via ICCP Every Po in the RG is configured with a unique Node ID (value 0 to 7). Node ID + 8 forms the most significant nibble of the Port Number For a given bundle, all links on the same Po must have the same Port Priority DHD Port #: 0x9001, Port Priority 1 Po1 Node ID: 1 ICCP Node ID: 2 System MC: aaaa.bbbb.cccc System Priority: 1 LCP Po2 Port #:0x001, Port Priority 2 17

16 Inter-Chassis Communication Protocol ICCP allows two or more devices to form a Redundancy Group ICCP provides a control channel for synchronizing state between devices ICCP uses TCP/IP as the underlying transport ICCP rides on targeted LDP session, but MPLS need not be enabled Various redundancy applications can use ICCP: mlcp Pseudowire redundancy Under standardization in IETF: draft-ietf-pwe3-iccp-02.txt RG ICCP over Dedicated Link RG ICCP over Shared Network 18

17 Operational Variants DHD-Based Control DHD is configured to limit the maximum number of links per bundle Limit must be set to L, where L is the minimum number of links from DHD to any single Po Max Links per Bundle: L Standby Po Pos must be configured with Minimum Links per Bundle policy set to L as well This prevents unsupported scenario where uplinks from DHD to both Pos attempt to go active DHD L = 2 ICCP Selection of active/standby links is the responsibility of the DHD LCP ctive Po dvantages: Split Brain condition can be easily detected Disadvantages: Slower failover time compared to other variants 19

18 Operational Variants Po-Based Control Each Po is configured to limit the maximum number of links per bundle Max Links per Bundle: L Limit must be set to L, where L is the minimum number of links from DHD to any single Po Standby Po Selection of active/standby links is the responsibility of the Pos dvantages: Faster switchover times compared to other variants, and Minimum Link policy on Po can be flexible Disadvantage: If ICCP transport is lost, Split Brain condition would occur DHD LCP L = 2 ICCP ctive Po Max Links per Bundle: L 20

19 Operational Variants Standby Po Shared Control L = 2 DHD ICCP Max Links per Bundle: L LCP ctive Po Max Links per Bundle: L DHD and Pos are configured to limit the maximum number of links per bundle Limit must be set to L, where L is the minimum number of links from DHD to any single Po Selection of active/standby links is the responsibility of DHD and Pos combined dvantages: Split brain condition can be detected, and Minimum Link policy on Po can be flexible Disadvantages: If DHD does not support LCP fast failover, then failover time will be standard 21

20 Failover Operation Port/Link Failures DHD 3. LCP Exchanges L = 2 B Standby Po ICCP Max Links per Bundle: L Min Links per Bundle: M 2. Signal failover over ICCP 2B. Dynamic Port Priority or Bruteforce failover C ctive Po 1. Evaluate # of links Step 1 For port/link failures, active Po evaluates number of surviving links (selected or standby) in bundle: If > M, then no action If < M, then trigger failover to standby Po Step 2 ctive Po signals failover to standby Po over ICCP Step 2B Failover is triggered on DHD by one of: Dynamic Port Priority Mechanism: real-time change of LCP Port Priority on active Po to cause the standby Po links to gain precedence Brute-force Mechanism: change the state of the surviving links on active Po to admin down Step 3 Standby Po and DHD bring up standby links per regular LCP procedures 22

21 Failover Operation Node Failure DHD 2. LCP Exchanges 1B. Links Down Standby Po ICCP D ctive Po 1. IP Route- Watch or BFD timeout Step 1 Standby Po detects failure of ctive Po via one of: IP Route-watch: loss of IP routing adjacency BFD: loss of BFD keepalives Step 1B DHD detects failure of all its uplinks to previously active Po Step 2 Both Standby Po and DHD activate their Standby links per regular LCP procedures 23

22 Failover Operation Po Isolation from Core DHD 3. LCP Exchanges 2B. Dynamic Port Priority or Bruteforce failover Standby Po ICCP ctive Po 2. Signal failover over ICCP E 1. Detect core isolation Step 1 ctive Po detects all designated core interfaces are down Step 2 ctive Po signals standby Po over ICCP to trigger failover Step 2B ctive Po uses either Dynamic Port Priority or Brute-force Mechanism to signal DHD of failover Step 3 Standby Po and DHD bring up standby links per regular LCP procedures 24

23 mlcp/iccp dvantages llow dual-homing of access node that doesn t support spanning-tree (e.g. Router CE or DSLM) Support co-located and geo-redundant PEs Support revertive & non-revertive operation Standards based solution using IEEE 802.1X and draft-ietf-pwe3-iccp 25

24 ccess Resiliency Mechanisms Resilient Ethernet Protocol (REP) BRKSPG-2207_c Cisco and/or its affiliates. ll rights reserved. Cisco Public 26

25 REP Protocol Basics Segment Protocol REP Segment f1 f2 f1 f2 f1 f2 f1 f2 f1 f2 interface f2 rep segment 10 interface f1 rep segment 10 interface f2 rep segment 10 interface f1 rep segment 10 REP operates on chain of bridges called segments port is assigned to a unique segment using: (config-if)# [no] rep segment {id} segment can have up to two ports on a given bridge 27

26 Edge Port REP Protocol Basics Blocked Port f2 lternate Port (blocks traffic) Edge Port f1 f2 f1 f2 f1 f2 f1 f2 f1 f2 f2 Unblocks Link Failure f1 f2 f1 f2 f1 f2 f1 f2 f1 f2 When all links are operational, a unique port blocks the traffic on the segment If any failure occurs within the segment, the blocked port goes forwarding 28

27 Protected Failure Points Edge Port Edge Port B C f1 f2 f1 f2 f1 f2 f1 f2 f1 f2 REP Protects gainst ny Single Link, Port or Node Failure Within a Segment : Failure of a port within the segment B: Failure of a link within the segment C: Failure of a node within the segment 29

28 REP Protocol Basics REP Segments Don t Introduce Loops Bridged Domain E1 E2 E1 E2 No connectivity between E1 and E2 through the segment The segment can be attached to any bridged domain without introducing a loop No control protocol (other than TCN MC flush) between segment and bridged domain 30

29 REP Protocol Basics REP Provides Two Redundant Gateways Bridged Domain Y Bridged Domain Y E1 E2 E1 E2 X X The segment provides one level of redundancy Hosts on the segment can reach the rest of the network through either edge port, as necessary 31

30 REP Protocol Basics REP Creates a Redundant Link Y Y X B X B Segments can be wrapped into a ring Can be seen as a redundant link in that case Identification of edge ports requires additional configuration in that case 32

31 REP dvantages Fast and predictable convergence Convergence time: 50 to 250ms Fast failure notification even in large rings with high number of node Manual configuration for predictable failover behavior Co-existence with spanning tree STP is deactivated on REP interfaces Limit the scope of spanning tree Topology changes notification from REP to STP Optimal bandwidth utilization VLN load balancing Easy to configure and troubleshoot Topology archiving for easy troubleshooting Known fixed topology Simple mechanism to setup the alternate port (blocking) 33

32 ccess Resiliency Mechanisms MST ccess Gateway (MST-G) (a.k.a. Reverse Layer 2 Gateway Ports (R-L2GP)) BRKSPG-2207_c Cisco and/or its affiliates. ll rights reserved. Cisco Public 34

33 Motivation for MST-G GW1 ccess L2 Network 1 Core Network GW2 ccess L2 Network 2 Terminate multiple Ethernet access networks into same pair of Gateway nodes Each access network maintains independent topology (control plane isolation) Fast convergence in all cases ccess nodes run standard MST Gateway nodes act as root bridges 35

34 MST-G Overview Dynamic MST BPDU Pre-configured MST BPDU Root MST-G Ports ccess Network Core Network MST-G ports Dynamic MST BPDU Send pre-configured BPDUs advertising root & second best bridge Ignore incoming BPDUs from access network, except for TCN lways in Designated Forwarding state Pre-configured MST BPDU Second Best Bridge Control PW for TCN Relay React and relay TCN over a special control pseudowire L2 access network Can have arbitrary topology (e.g. ring or mesh) Runs standard MST protocol Handles port blocking/unblocking Root Port Designated Port lternate Port 36

35 Protected Failure Points MST-G Ports D ccess Network B C Core Network MST-G Provides Protection gainst ny of the Following Failure Points: : Failure of link connecting access network to gateway B: Failure of gateway access-facing port C: Gateway node failure D: Failure within access network, including access network total split 37

36 Failure Scenarios Gateway Direct Failures ccess Network B Root C MST-G Ports Core Network Second Best Bridge ccess Network Core Network TCN Root ccess switches detect failure MST re-converges in access network, choosing second best bridge as the new root TCN propagated all the way to new root 38

37 Failure Scenarios ccess Network Split Root MST-G Ports D ccess Network Core Network Second Best Bridge Root ccess Network Core Network TCN Root ccess network completely partitioned Sub-network isolated from original root selects second best bridge as new root TCN is propagated to new root, relayed over control PW and into the other sub-network 39

38 ggregation and Core Resiliency Mechanisms BRKSPG-2207_c Cisco and/or its affiliates. ll rights reserved. Cisco Public 40

39 Pseudowire Redundancy with LDP Background CE PE1 MPLS PW 2 PW 1 <IP1, VCID1> <IP2, VCID2> Designate Pseudowires as either primary or backup Primary Pseudowire used for traffic forwarding, and backup takes over in case of failure Signaling Redundant Pseudowires in targeted LDP session Cold Redundancy: Backup PWs were not signaled until required to take over Warm Redundancy: Backup PWs were signaled up in the controlplane but held down in the data-plane. Use C Fault code-point in LDP Status Message to indicate a backup PW Hot Redundancy: Use PW Preferential Forwarding Status Bits 41

40 Pseudowire Redundancy with LDP PW Status Signaling CE tldp PW PE1 PE2 0x Pseudowire forwarding (clear all failures) 0x Pseudowire Not Forwarding 0x Local ttachment Circuit (ingress) Receive Fault RFC x Local ttachment Circuit (egress) Transmit Fault 0x Local PSN-facing PW (ingress) Receive Fault 0x Local PSN-facing PW (egress) Transmit Fault 0x PW Forwarding Standby 0x PW Request to go ctive draft-ietf-pwe3-redundancy-bit Only this bit is required/used (with help of ICCP) 42

41 One-Way Pseudowire Redundancy Overview interface Ethernet1/0.1 encapsulation dot1q 1001 xconnect pw-class mpls backup peer CE PE1 PW 1 MPLS PW 2 PE2 PE3 llows dual-homing of one local PE to two remote PEs Two pseudowires: primary & backup provide redundancy for a single C lternate LSPs (TE Tunnels) can be used for additional redundancy Faults on the primary PW cause delayed failover to backup PW 43

42 One-Way Pseudowire Redundancy Failure Protection Points MPLS CE PE1 PW 2 B PE2 PW 1 PE3. Loss of next hop P node as notified by IGP PW failover is delayed to allow IGP chance to restore B. Loss of Remote PE LDP session timeout BFD timeout 44

43 One-Way Pseudowire Redundancy Operation CE PE1 MPLS PW 2 PW 1 PE2 PE3 Control is on dual-homed PE side, via static configuration Signaling: If PEs support LDP PW status per RFC4447, backup PW is signaled (up in control-plane, down in data-plane) If PEs do not support PW status, backup PW is not signaled in the control-plane Failover operation: Upon primary PW failure, failover is triggered after a configurable delay (seconds) Upon recovery, system reverts to primary PW after configurable delay (seconds) 45

44 Two-Way Pseudowire Redundancy Overview CE MPLS PW 1 PE3 PE1 PW 2 PW 3 PE2 PW 4 PE4 llows dual-homing of two local PEs to two remote PEs Four pseudowires: 1 primary & 3 backup provide redundancy for a dual-homed device 46

45 Two-Way Pseudowire Redundancy Failure Protection Points CE PE1 B MPLS PW 1 PW 2 PW 3 PE3 PE2 PW 4 PE4. Failure of primary PE node B. Isolation of primary PE node from the MPLS core 47

46 Two-Way Pseudowire Redundancy Independent Operation Mode Every PE decides the local status of the PW: ctive or Standby PW is selected as primary for forwarding if it is active on both local & remote PEs PW is considered as backup if it is declared as Backup by either local or remote PE PE1 PE1 PE1 ctive ctive PW Standby MPLS ctive Standby Standby PE2 PE2 PE2 PE1 Standby ctive PE2 48

47 Two-Way Pseudowire Redundancy Determining Pseudowire State VPWS / H-VPLS two-way coupled: When C changes state to ctive 1, both PWs will advertise ctive When C changes state to Standby 1, both PWs will advertise Standby H-VPLS two-way decoupled: Regardless from C state, Primary PW and Backup PWs will advertise ctive state For H-VPLS, all PWs in (at npe) are ctive simultaneously, for both access & core PWs (1) ctive / Standby C states determined for example by mlcp ctive Standby ctive ctive Standby Standby pseudowire-class <class name> encapsulation mpls status peer topology dual-homed ctive Standby ctive ctive ctive ctive pseudowire-class <class name> encapsulation mpls status peer topology dual-homed status decoupled 49

48 Two-Way Pseudowire Redundancy Determining Pseudowire State (Cont.) VPLS Two-way Coupled: When at least 1 C in changes state to ctive, all PWs in will advertise ctive When all Cs in change state to Standby, all PWs in will advertise Standby mode VPLS Two-way Decoupled: Regardless from C states, all PWs in will advertise ctive state Standby Standby ctive Standby Standby Standby Standby Standby ctive ctive ctive ctive Standby Standby Standby Default behavior no extra CLI ctive ctive ctive Standby Standby Standby ctive ctive ctive l2 vfi <vfi name> manual vpn id <vpn id> status decoupled neighbor <neighbor ip address> neighbor <neighbor ip address> 50

49 MC Flushing Mechanisms BRKSPG-2207_c Cisco and/or its affiliates. ll rights reserved. Cisco Public 51

50 Why MC Flushing Is Needed? Topology Changes Y X Y X Y Y Y X Y X Y Y X X X Y Y X Y X Y X Y X Y X X X Y B X Y X Y Filtering Entries Populated from Conversation X-Y fter a Change in the Topology, Starred Entries re Incorrect Bridges learn the location of the stations from the traffic they forward Mac-addresses are added to a filtering table fter a failure, the filtering table must be updated 52

51 REP Topology Change Notification On topology change, nodes next to fault send Blocked Port dvertisement (BP) with Topology Change (TC) bit set to 1 Nodes react to this by flushing their MC tables for affected VLN(s) Topology changes not propagated beyond segment except by explicit configuration Primary Edge Port 0/1 M1 Primary Edge Port 0/1 Flush Flush Flush BP, TC = 1 Common Link Common Link BP, TC = 1! Secondary Edge Port 0/2 Secondary Edge Port 0/2 Flush Flush M2 M2 Flush 53 M1

52 RSTP Topology Change Notification Rapid STP (IEEE 802.1D-2004) introduced new Topology Change Notification mechanism (from IEEE 802.1D-1998) M2 Detection Transitions from blocking to forwarding state cause topology change RSTP i.e. only increase in connectivity is TC Link Down events no longer trigger TCN Edge ports (port-fast) are not flushed Notification via TCN Flag in configuration BPDU TCN BPDU no longer used; no ack required (TC flag not used) Broadcasted on the network by the initiator (not by the Root bridge as in IEEE 802.1D-1998) Flush M1 Flush BPDU TC = 1 RSTP BPDU TC = 1 Flush M2 Flush Flush Flush 54 M1

53 LDP MC ddress Withdrawal Topology Change detected PE IP/MPLS Core PE C LDP MC Withdrawal PE B PE D Transmitted by a VPLS PE that detects a topology change to all other PEs in the VPLS instance Out of band indication Optionally may contain a list of MC addresses to be flushed If MC list is empty flush all addresses except those learnt from transmitting PE. If specific MC remove specified MC address(es) Defined in RFC

54 End-to-End Redundancy Solutions BRKSPG-2207_c Cisco and/or its affiliates. ll rights reserved. Cisco Public 56

55 End-to-End Redundancy Solutions Use cases presented in the section: Service Type E-LINE Transport Enabler VPWS ccess Redundancy Hub and Spoke (ctive / Backup) Protocol / Feature mlcp + 2-way PW Red. (coupled mode) E-LINE VPLS Ring MST + MST-G E-LINE VPLS Ring REP E-LN E-LN VPLS H-VPLS Hub and Spoke (ctive / Backup) Hub and Spoke (ctive / Backup) mlcp + 2-way PW Red. (decoupled mode) mlcp + 2-way PW Red. (decoupled mode) E-LN VPLS Ring REP See ppendix section 57

56 E-LINE vailability Models ctive/backup ccess Node Redundancy (mlcp) BRKSPG-2207_c Cisco and/or its affiliates. ll rights reserved. Cisco Public 58

57 E-LINE availability model ctive / Backup ccess Node Redundancy (mlcp) Port / Link Failures I Events Initial state VPWS 1 B F 2 F B LCP F C 1 ICCP S S 3 4 S ICCP LCP F -C Port / Link Failures ctive Po detects 1 failure and signals failover over ICCP For VPWS Coupled Mode, attachment circuit (C) state (ctive/standby) drives PW state advertised to remote peers 1 B Failover triggered on DHD Standby link brought up per LCP proc. ctive Po advertises Standby state on its PWs Standby Po advertises ctive state on its PWs Forwarding EoMPLS PW Non-Forwarding EoMPLS PW 59

58 E-LINE availability model ctive / Backup ccess Node Redundancy (mlcp) Port / Link Failures (cont.) I Events Initial state VPWS F F B LCP F C ICCP S S ICCP 60 LCP Local site access failure does not trigger LCP failover at remote site (i.e. control-plane separation between sites) F -C Port / Link Failures ctive Po detects 1 failure and signals failover over ICCP 1 B Failover triggered on DHD E Forwarding EoMPLS PW Standby link brought up per LCP proc. ctive Po advertises Standby state on its PWs Standby Po advertises ctive state on its PWs End State Non-Forwarding EoMPLS PW

59 E-LINE availability model ctive / Backup ccess Node Redundancy (mlcp) Po Node Failure VPWS Events F D I Initial state F D ctive Po Node Failure Standby Po detects node failure (BFD 1 timeout or IP routewatch) LCP 1 ICCP ICCP LCP 1 B Failover triggered on DHD 1 B 2 Standby link brought up per LCP proc. 2 S 3 S 3 Standby Po advertises ctive state on its PWs Po node failures detected by BFD (session timeout) or IP route-watch (loss of routing adjacency) Forwarding EoMPLS PW Non-Forwarding EoMPLS PW 61

60 E-LINE availability model ctive / Backup ccess Node Redundancy (mlcp) VPWS Po Node Failure (cont.) F D I Events Initial state S F D ctive Po Node Failure Standby Po detects node failure (BFD 1 timeout or IP routewatch) LCP ICCP ICCP LCP 1 B Failover triggered on DHD 2 Standby link brought up per LCP proc. S 3 Standby Po advertises ctive state on its PWs E End State No remote LCP switchover even if remote Pos detect loss of PW before local LCP switchover is performed Forwarding EoMPLS PW Non-Forwarding EoMPLS PW 62

61 E-LINE availability model ctive / Backup ccess Node Redundancy (mlcp) VPWS Uplink Core Failure (Po Core Isolation) F E I Events Initial state F E Core Isolation 1 B 2 LCP 1 ICCP S 3 S ICCP 63 LCP Link and Node failures in the Core are handled by IP routing and/or MPLS FRR do not trigger LCP switchover ctive Po detects core isolation and 1 signals failover over ICCP ctive Po signals failover to DHD 1 B (dynamic port priority changes / bruteforce) 2 3 Forwarding EoMPLS PW Standby link brought up per LCP proc. Standby Po advertises ctive state on its PWs Non-Forwarding EoMPLS PW

62 E-LINE availability model ctive / Backup ccess Node Redundancy (mlcp) Uplink Core Failure (Po Core Isolation) (cont.) VPWS Events F E I Initial state S F E Core Isolation ctive Po detects core isolation and 1 signals failover over ICCP LCP ICCP ICCP LCP ctive Po signals failover to DHD 1 B (dynamic port priority changes / bruteforce) 2 Standby link brought up per LCP proc. S 3 Standby Po advertises ctive state on its PWs E End State Forwarding EoMPLS PW Non-Forwarding EoMPLS PW 64

63 E-LINE vailability Models Ring ccess Node Redundancy (MST) BRKSPG-2207_c Cisco and/or its affiliates. ll rights reserved. Cisco Public 65

64 E-LINE availability model Ring ccess Node Redundancy (MST) VPLS MST Ring Span Failure Primary STP Root MST G Secondary Root MST G Blocked Ports I F B Events Initial state Ring Span failure 1 2 B 2 F B B MST MST G Secondary STP Root MST G Primary Root MST 1 ccess switch detects link failure (looses root port), blocks failed port and sends root proposal to B B selects bottom GG as new root 2 (unblocks port towards it) 2 B B blocks port towards MST isolation; not carried over MPLS cloud MST ccess Gateway (MST-G) on ggregation Nodes transmits statically configured BPDUs STP TCN EoMPLS PW Forwarding EoMPLS PW Non-Forwarding EoMPLS PW MST Native Vlan 66

65 E-LINE availability model Ring ccess Node Redundancy (MST) VPLS 1 2 B 2 F B 3 3 B B MST Ring Span Failure (cont.) 6 MST 3 C Primary STP Root MST G 4 B MST G Secondary STP Root 5 4 Secondary Root MST G 67 MST G Primary Root Special between GG nodes to relay TCN BPDUs used to trigger MC flushes after a Topology Change (TC) 5 5 MST Blocked Ports 3 -B Events B flushes MC table. Signals 3 C Topology Change (TC) to GG device GG flushes MC table. Triggers LDP 4 MC add. withdrawal to VPLS peers 4 B GG device propagates TCN over BPDU PW 5 6 Proposal / greement handshake between B and. B unblocks port towards GG (local and remote) flush MC tables Top GG generates TCN on local ring

66 E-LINE availability model Ring ccess Node Redundancy (MST) VPLS MST Ring Span Failure (cont.) Events Blocked Ports 6 Top GG generates TCN on local ring MST G MST G E End State F B MST MST MST G MST G Each ring on unique TCN domain for control plane isolation Two MST instances for VLN load balancing over ring STP TCN EoMPLS PW Forwarding EoMPLS PW Non-Forwarding EoMPLS PW MST Native Vlan 68

67 E-LINE vailability Models Ring ccess Node Redundancy (REP) BRKSPG-2207_c Cisco and/or its affiliates. ll rights reserved. Cisco Public 69

68 E-LINE availability model Ring ccess Node Redundancy (REP) VPLS REP Ring Span Failure REP lternate (blocked) port I Events Initial state F B B 1 B REP Primary Edge Port Secondary Edge Port REP F B 1 -B Ring Span failure ccess switches and B detect link failure. Send Blocked Port dvertisement (BP) with TC bit set on the segment 2 1 Secondary Edge Port 3 Primary Edge Port 2 3 ccess nodes in the ring flush MC tables and propagate BP GG node receives BP and unblocks alternate port REP enabled segment with Edge Ports on ggregation Nodes VLN load balancing using lternate Port configured on Secondary Edge Port Forwarding EoMPLS PW Non-Forwarding EoMPLS PW REP dmin vlan 70

69 E-LINE availability model Ring ccess Node Redundancy (REP) VPLS REP Ring Span Failure (cont.) 5 REP lternate (blocked) port 3 Events GG node receives BP and unblocks alternate port F B B 1 B Primary Edge Port 4 Secondary Edge Port 4 GG nodes flush MC tables. Trigger LDP MC add withdrawal to VPLS peers REP 5 REP 5 Remote peers flush MC tables 1 Secondary Edge Port 4 Primary Edge Port 2 3 Forwarding EoMPLS PW Non-Forwarding EoMPLS PW REP dmin vlan 71

70 E-LINE availability model Ring ccess Node Redundancy (REP) VPLS REP Ring Span Failure (cont.) REP lternate (blocked) port 5 Events Remote peers flush MC tables E End State Primary Edge Port Secondary Edge Port F B REP REP Secondary Edge Port Primary Edge Port Forwarding EoMPLS PW Non-Forwarding EoMPLS PW REP dmin vlan 72

71 E-LN vailability Models ctive/backup ccess Node Redundancy (mlcp) BRKSPG-2207_c Cisco and/or its affiliates. ll rights reserved. Cisco Public 73

72 E-LN availability model ctive / Backup ccess Node Redundancy (mlcp) VPLS Port / Link Failures Events 4 4 I Initial state 1 B F C F -C Port / Link Failures F F B LCP 2 For VPLS Decoupled Mode, s PWs always advertised in ctive state, regardless of C state 1 Failover triggered on ICCP ICCP LCP 1 B DHD 3 4 ctive Po detects 1 failure and signals failover over ICCP Standby link brought up per LCP proc. Standby Po flushes MC table and triggers LDP MC add. withdrawal to remote peers Remote PEs flush MC addresses Forwarding EoMPLS PW Non-Forwarding EoMPLS PW 74

73 E-LN availability model ctive / Backup ccess Node Redundancy (mlcp) VPLS Port / Link Failures (cont.) Events F C 4 E Remote PEs flush MC addresses End State F B F ICCP ICCP LCP LCP Forwarding EoMPLS PW Non-Forwarding EoMPLS PW 75

74 Platform Support BRKSPG-2207_c Cisco and/or its affiliates. ll rights reserved. Cisco Public 76

75 Disclaimer Many of the products and features described herein remain in varying stages of development and will be offered on a when-and-if-available basis. This roadmap is subject to change at the sole discretion of Cisco, and Cisco will have no liability for delay in the delivery or failure to deliver any of the products or features set forth in this document. 77

76 Feature Cisco ME 3400 / 3400E Cisco ME 3600X / 3800X Cisco Catalyst 3750-ME Cisco 7600 REP X X X X Cisco SR 9000 MST X X X X X MST-G / REP-G * X X PVST-G Platform Support and 6-month Roadmap G.8032 Radar Radar Radar Radar 1HCY2011 IOS-XR One-Way PW Redundancy X X X X Two-Way PW Redundancy X X LDP MC ddress Withdrawal 78 X X X X LCP X X X X X ICCP and mlcp ctive / Backup mlcp ctive / ctive X 2HCY (3)S FlexLink X X X X (*) REP ccess Gateway (REP-G) is a special use of MST-G where GG devices not supporting REP can handle STP TCN BPDUs generated by an adjacent REP segment with Edge No Neighbor feature X Radar

77 Summary BRKSPG-2207_c Cisco and/or its affiliates. ll rights reserved. Cisco Public 79

78 Summary Various access redundancy mechanisms are available, which enable node as well as network multi-homing: Multichassis LCP (mlcp) MST ccess Gateway (MST-G) REP ccess Gateway ggregation/core redundancy mechanisms operating at the pseudowire layer primarily protect against PE node failures: One-way Pseudowire Redundancy Two-way Pseudowire Redundancy bove mechanisms can interwork to provide comprehensive end-to-end resiliency solutions for E-Line and E-LN services. 80

79 References Cisco IOS L2VPN Pseudowire Redundancy 922_TSD_Products_Configuration_Guide_Chapter.html Cisco IOS Multichassis LCP Configuration Guide Cisco ME 3400 / 3400E REP Configuration Guide se/configuration/guide/swrep.html Cisco 7600 ES+ Layer 1 and Layer 2 features (covering MST / REP on EVC, Two-way PW redundancy, ICCP, mlcp, MST-G) _chap4.html Cisco 7600 H-VPLS N-PE Redundancy for QinQ and MPLS ccess (covering MST on npe, LDP MC ddress Withdrawal) red.html Cisco Link State Tracking 81

80 References (cont.) Cisco SR 9000 Configuring Link Bundles (covering Multichassis LCP) tion/guide/lesc40lbun.html Cisco SR 9000 L2VPN and Ethernet Services Configuration Guide (covering MST, MST-G, PW Redundancy, LDP MC ddress Withdrawal) tion/guide/lesc40.html 82

81 cronyms IP and MPLS cronym Description cronym C ttachment Circuit PW S utonomous System PWE3 BFD Bidirectional Failure Detection QoS CoS Class of Service RD ECMP Equal Cost Multipath RIB EoMPLS Ethernet over MPLS RR FRR Fast Re-Route RSVP H-VPLS Hierarchical VPLS RSVP-TE IETF Internet Engineering Task Force RT IGP Interior Gateway Protocol TE LDP Label Distribution Protocol tldp LER Label Edge Router VC LFIB Labeled Forwarding Information Base VCID LSM Label Switched Multicast LSP Label Switched Path VPLS LSR Label Switching Router VPN MPLS Multi-Protocol Label Switching VPWS NLRI Network Layer Reachability Information VRF PSN Packet Switch Network VSI Description Pseudo-Wire Pseudo-Wire End-to-End Emulation Quality of Service Route Distinguisher Routing Information Base Route Reflector Resource Reservation Protocol RSVP based Traffic Engineering Route Target Traffic Engineering Targeted LDP Virtual Circuit VC Identifier Virtual Forwarding Instance Virtual Private LN Service Virtual Private Network Virtual Private Wire Service Virtual Route Forwarding Instance Virtual Switching Instance 83

82 cronym CL BD BP BPDU BRS CE C-VLN / CE-VLN CoS DHD DSLM E-LN E-Line E-Tree EFP EPL cronyms Ethernet/Bridging Description ccess Control List Bridge Domain Blocked Port dvertisement (REP PDU) Bridge Protocol Data Unit Broadband ccess Server Customer Equipment (Edge) Customer / CE VLN Class of Service Dual Homed Device DSL ccess Modulator Ethernet LN service (multipoint) Ethernet Line service (point-to-point) Ethernet Tree service (rooted multipoint) Ethernet Flow Point Ethernet Private Line cronym EVP-LN ICCP IEEE IPoETV IPTV L2GP LCP LN MEF MEN MIRP mlcp MRP Description Ethernet Virtual Private LN Inter-Chassis Communication Protocol Institute of Electrical and Electronics Engineers TV on IP over Ethernet Television over IP Layer 2 Gateway Ports Link ggregation Control Protocol Local rea Network Metro Ethernet Forum Metro Ethernet Network Multiple I-Tag Registration Protocol Multi-Chassis LCP Multiple Registration Protocol EP-LN Ethernet Private LN MST / MSTP Multiple Instance STP EVC EVPL Ethernet Virtual Connection Ethernet Virtual Private Line MSTG-G MST ccess Gateway 84

83 cronym MSTi MTBF MTTR MVRP OM PE Po Q-in-Q QoS R-L2GP REP REP-G RG SL SLS STP SVI S-VLN TC cronyms Ethernet/Bridging (Cont.) Description MST Instances Mean Time Between Failures Mean Time To Recover Multiple VLN Registration Protocol Operations, dministration and Maintenance Provider Edge device Point of ttachment VLN tunneling using two 802.1Q tags Quality of Service Reverse L2GP Resilient Ethernet Protocol REP ccess Gateway Redundancy Group Service Level greement Service Level Specification Spanning Tree Protocol Switch Virtual Interface (interface vlan) Service VLN (Provider VLN) Topology Change cronym TCN UNI VID VLN VoD VoIP Description Topology Change Notification User to Network Interface VLN Identifier Virtual LN Video on Demand Voice over IP 85

84 cronym B-BEB BCB B-D BEB B-MC B-S B-Tag B-VLN C-D CE C-MC C-S C-Tag C-VLN / CE-VLN D FCS IB-BEB cronyms Provider Backbone Bridging Description B-Component BEB Backbone Core Bridge Backbone Destination ddress Backbone Edge Bridge Backbone MC ddress Backbone Source ddress B-VLN Tag Backbone VLN Customer Destination ddress Customer Equipment (Edge) Customer MC ddress Customer Source ddress C-VLN Tag Customer / CE VLN Destination MC ddress Frame Check Sequence Combined I-Component & B-Component BEB cronym I-BEB IEEE I-SID I-Tag MC N-PE PB PBB PBBN PBN PE Q-in-Q S S-Tag S-VLN UNI U-PE VLN Description I-Component BEB Institute of Electrical and Electronics Engineers Instance Service Identifier I-SID Tag Media ccess Control Network-facing Provider Edge device Provider Bridge Provider Backbone Bridge / Bridging Provider Backbone Bridging Network Provider Bridging Network Provider Edge device VLN tunneling using two 802.1Q tags Source MC ddress S-VLN Tag Service VLN (Provider VLN) User to Network Interface User-facing Provider Edge device Virtual LN 86

85 BRKSPG-2207 Recommended Reading Please browse on-site Cisco Store for suitable reading. 87

86 Please complete your Session Survey We value your feedback - don't forget to complete your online session evaluations after each session. Complete 4 session evaluations & the Overall Conference Evaluation (available from Thursday) to receive your Cisco Networkers 20 th nniversary t-shirt. ll surveys can be found on our onsite portal and mobile website: You can also access our mobile site and complete your evaluation from your mobile phone: 1. Scan the ccess Code (See for software, alternatively type in the access URL) 2. Login 3. Complete and Submit the evaluation 88

87 89

88 ppendix ccess Resiliency Mechanisms Resilient Ethernet Protocol (REP) (cont.) BRKSPG-2207_c Cisco and/or its affiliates. ll rights reserved. Cisco Public 90

89 ppendix MC Flushing Mechanisms (cont.) BRKSPG-2207_c Cisco and/or its affiliates. ll rights reserved. Cisco Public 94

90 Multiple VLN Registration Protocol (MVRP) pplication of IEEE 802.1ak Multiple Registration Protocol (MRP) Builds dynamic VLN reachability trees within a spanning tree instance Enables source pruning of floods Defines new declaration messages as a replacement for TCNs Sent in addition to existing STP TC messages Generated by ports declaring a given VID on bridges that detect a topology change Net effect - only VLNs active in the area of the network that is actually affected by the topology change are flushed VLNs not present in that part of the network are unaffected VLNs that are affected are only flushed in the affected sub-tree VLN 100 Reachability Tree! VLN 200 Reachability Tree MSTI for VLNs 100 & 200 Blocked link in MSTI Bridge Flush (New Declaration) 95

91 Multiple I-Tag Registration Protocol (MIRP) Problem Statement In IEEE 802.1ah networks, BEBs learn Customer MC (C-MC) to Backbone MC (B-MC) associations On a topology change due to failure, if a given C-MC is now reachable via a different BEB, traffic black-holing may occur due to stale C-MC to B-MC bindings CM1 CM1 DHD1 DHD1! BEB 1 M1 BEB 2 M2 X BEB 1 M1 BEB 2 M2 BCB BCB BEB 3 M3 C-MC B-MC CM1 BEB 3 M3 CM1 M1 C-MC B-MC M1 DHD2 DHD2 CM2 CM2 DHD Dual Home Device BEB Backbone Edge Bridge BCB Backbone Core Bridge 96

92 Multiple I-Tag Registration Protocol (MIRP) Mechanism MIRP allows a BEB to signal another BEB to flush MC table entries for one or more I-SIDs CM1 DHD1 BEB 1 M1 BEB 2 M2 C-MC B-MC CM1 M1 BCB BEB 3 M3 C-MC B-MC CM1 M1 DHD2 CM2 Unlike MVRP, this is an edge-to-edge function pplication of IEEE 802.1ak MRP, under standardization in IEEE 802.1Qbe CM1 DHD1 1! BEB 1 M1 BEB 2 M2 C-MC B-MC 2a CM1 M1 C-MC B-MC BCB 2b BEB 3 M3 C-MC B-MC CM1 3 M1 C-MC B-MC DHD2 CM2 DHD Dual Home Device BEB Backbone Edge Bridge BCB Backbone Core Bridge 97

93 ppendix End-to-End Redundancy Solutions (cont.) BRKSPG-2207_c Cisco and/or its affiliates. ll rights reserved. Cisco Public 98

94 E-LN vailability Models Ring ccess Node Redundancy (REP) BRKSPG-2207_c Cisco and/or its affiliates. ll rights reserved. Cisco Public 99

95 E-LN availability model Ring ccess Node Redundancy (REP) VPLS REP Ring Span Failure REP lternate (blocked) port I Events Initial state F B B 1 B REP Primary Edge Port Secondary Edge Port REP F B 1 -B Ring Span failure ccess switches and B detect link failure. Send Blocked Port dvertisement (BP) with TC bit set on the segment 2 1 Secondary Edge Port 3 Primary Edge Port 2 3 ccess nodes in the ring flush MC tables and propagate BP GG node receives BP and unblocks alternate port REP enabled segment with Edge Ports on ggregation Nodes VLN load balancing using lternate Port configured on Secondary Edge Port Forwarding EoMPLS PW Non-Forwarding EoMPLS PW REP dmin vlan 100

96 E-LN availability model Ring ccess Node Redundancy (REP) VPLS REP Ring Span Failure (cont.) 5 REP lternate (blocked) port 3 Events GG node receives BP and unblocks alternate port F B B 1 B Primary Edge Port 4 Secondary Edge Port 4 GG nodes flush MC tables. Trigger LDP MC add withdrawal to VPLS peers REP 5 REP 5 Remote peers flush MC tables 1 4 Secondary Edge Port Primary Edge Port 2 3 Forwarding EoMPLS PW Non-Forwarding EoMPLS PW REP dmin vlan 101

97 E-LN availability model Ring ccess Node Redundancy (REP) VPLS REP Ring Span Failure (cont.) REP lternate (blocked) port 5 E Events Remote peers flush MC tables End State Primary Edge Port Secondary Edge Port F B REP REP Secondary Edge Port Primary Edge Port Topology depicted shows full mesh VPLS but can also be implemented using H-VPLS with ctive/standby PWs Forwarding EoMPLS PW Non-Forwarding EoMPLS PW REP dmin vlan 102

98 E-LN vailability Models H-VPLS (MPLS ccess) ctive/backup ccess Node Redundancy (mlcp) BRKSPG-2207_c Cisco and/or its affiliates. ll rights reserved. Cisco Public 103

99 E-LN availability model ctive / Backup ccess Node Redundancy (mlcp) H-VPLS Port / Link Failures I Events Initial state F F B LCP F C 1 ICCP 4 F -C Port / Link Failures ctive Po detects 1 failure and signals failover over ICCP 1 B Failover triggered on DHD 2 Standby link brought up per LCP proc. 1 B 2 3 For H-VPLS Decoupled Mode, Primary/Backup PW in active/active states respectively, regardless of C state 3 4 Standby Po flushes MC table and triggers LDP MC add. withdrawal to VPLS hub PE Hub PE flushes MC addresses and triggers LDP MC address withdrawal to other hub PEs 104 Forwarding EoMPLS PW Non-Forwarding EoMPLS PW

100 E-LN availability model ctive / Backup ccess Node Redundancy (mlcp) H-VPLS Port / Link Failures F C 4 E Events Hub PE flushes MC addresses and triggers LDP MC address withdrawal to other hub PEs End State F B F LCP ICCP Failure of VPLS Hub PE (detected by loss of routing adjacency (IP route-watch)), triggers failover to backup PW No LCP switchover performed 105 Forwarding EoMPLS PW Non-Forwarding EoMPLS PW