Sie sind auf Seite 1von 97

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

Understanding Resilient Ethernet Protocol Operation

BRKOPT-2216 Franois Tallet

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

Agenda
REP Protocol Basics
REP vs. STP
REP Is Configuration Driven REP Is not Deterministic by Default REP Is Fast REP has a Local Scope

End Ports and Topology Information Preemption and Load Balancing

Topology Change
Interaction with STP Conclusion
BRKOPT-2216 14442_04_2008_c2 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

REP Protocol Basics

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

REP Protocol Basics Context


Providers using Ethernet bridges to implement rings
The Spanning Tree Protocol (STP) is not very efficient on rings RPR requires special hardware

Software ring solutions (G.8032) are limited to rings


Resilient Ethernet Protocol (REP) must:
Perform as well as software ring solutions on rings

Using regular hardware


While supporting any kind of topology

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

REP Protocol Basics A Segment Protocol


REP Segment

f1

f2

f1

f2

f1

f2

f1

f2

f1

f2

interface f2 rep segment 10

interface f1 rep segment 10 interface f2 rep segment 10

interface f1 rep segment 10

REP operates on chain of bridges called segments A port is assigned to a unique segment using: (config-if)# [no] rep segment {id}

A segment can have up to two ports on a given bridge


BRKOPT-2216 14442_04_2008_c2 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

REP Protocol Basics Blocked Port


Edge Port f2 Blocks Traffic Edge Port

f1

f2

f1

f2

f1

f2

f1

f2

f1

f2

f2 Unblocks

Link Failure

f1

f2

f1

f2

f1

f2

f1

f2

f1

f2

When all links are operational, a unique port blocks the traffic on the segment
If any failure occurs within the segment, the blocked port goes forwarding
BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

REP Protocol Basics REP Segments Dont Introduce Loops


Bridged Domain

E1

E2

E1

E2

No connectivity between E1 and E2 through the segment


The segment can be attached to any bridged domain without introducing a loop

No control protocol needed between segment and bridged domain


BRKOPT-2216 14442_04_2008_c2 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

REP Protocol Basics REP Provides Two Redundant Gateways


Y Y

Bridged Domain
E1 E2 E1

Bridged Domain
E2

The segment provides one level of redundancy


Hosts on the segment can reach the rest of the network through either edge port, as necessary

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

REP Protocol Basics REP Creates a Redundant Link


Y Y

Segments can be wrapped into a ring


Can be seen as a redundant link in that case Note: Identification of edge ports requires additional configuration in that case
BRKOPT-2216 14442_04_2008_c2 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

10

REP Protocol Basics A Simple Building Block

REPification

Any redundant network can be built with REP segments!

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

11

REP Protocol Basics Summary


REP segment concept is primitive
A segment is a chain of bridges If all the links are available, REP blocks If there is at least a failure, REP unblocks

However any redundant network can be built with REP segments

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

12

STP vs. REP: REP Is Configuration Driven

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

13

REP Is Configuration Driven STP Is Plug-n-Play


A bridge forwards traffic on a port unless the port has been determined as being redundant
STP is plug-n-play and detect those ports by receiving BPDUs (Bridge Protocol Data Units) on them

If STP fails to detect a redundant port, consequences are catastrophic

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

14

REP Is Configuration Driven Unidirectional Link Failure


Normal Scenario
root

Unidirectional Link Failure on link A-B


root

My Port 2 Is Redundant
2 A bpdu B 1 A

Traffic Is Looping Clockwise 2 B bpdu Lost

My Port 2 Is Not Redundant


1

Unidirectional Link Failure

A link is declared up by the physical layer, but only transmits traffic in one direction

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

15

REP Is Configuration Driven STP Brain-Dead Bridge


The bridges STP process is not working
BPDUs are ignored or not acted upon
Bridge Bs STP Is Not Working
root

Traffic is still switched in hardware

Traffic looping in both directions 2 A bpdu B

???

Brain-dead Bridge

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

16

REP Is Configuration Driven STP Solutions Built in REP


Both STP problems described earlier have solutions (UDLD, LoopGuard, dispute, bridge assurance)
Those solutions imply additional configuration or design constraints (plug-n-play aspect is lost)

REP does not attempt to be plug-n-play and will not suffer from those issues

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

17

REP Is Configuration Driven REP Adjacency

3 4 Im 4 Im 4, Hearing 5

5 6 7 Im 5, Hearing 4

10

A segment port establishes an adjacency with a unique neighbor using a three-way handshake
The port is not considered operational until the adjacency is established

Periodic hellos are exchanged to maintain the adjacency


BRKOPT-2216 14442_04_2008_c2 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

18

REP Is Configuration Driven Link Integrity Checked Hop by Hop


1 2 Im 3 3 4 5 6

Unidirectional Link Failure

Im 4, Hearing 3

2 Im 3

Im 6

The location of a failure is known exactly REP blocks the failed link, thus providing maximum connectivity

Brain-Dead Bridge

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

19

REP Is Configuration Driven Summary


STP works with no configuration (plug-n-play)
REP requires explicit configuration REP requirements are strictly enforced REP is safer than STP with no configuration

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

20

STP vs. REP: REP Is Not Deterministic by Default

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

21

REP Is Not Deterministic by Default Link Coming Up


BPA P6, key6
1 2 3 4 5 6 7 8 9

BPA P7, key7

key6

key7

10

Link 6-7 Is Brought Up

Ports start in blocking state Blocked ports generate a key when they come up Blocked ports advertise their key to the whole segment with Blocked Port Advertisements (BPA) A port will only unblock if it receives a BPA carrying the key it has generated
BRKOPT-2216 14442_04_2008_c2 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

22

REP Is Not Deterministic by Default Priority Scheme


BPA P6, key7
1 2 3 4 5 6 7 8 9 10

Key6 > Key7, Port 6 Unblocks Port 7

The keys include a priority and a mac address They can be compared and no two keys are identical The port with the best key unblock the other(s)

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

23

REP Is Not Deterministic by Default REP Removes All Blocked Ports but One
Ports 6 & 7 Took Part in Election

10

Other Ports Were Not Considered!

REP removes all blocked ports but one Ports that were not blocking were not considered in the election

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

24

REP Is Not Deterministic by Default Not Deterministic Without Configuration

Different Initial Conditions (Different Links Come Up)

Different Final State

The final state depends on the initial conditions The blocked port is likely to be on the last link that came up

The blocked port determination is not deterministic!

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

25

REP Is Not Deterministic by Default Case of Link Flapping with STP


A A

D C

D C A

D C

D
C

Network Available

Network Unavailable: Convergence in Progress

Network Available

Link up and link down trigger STP convergence

A link flapping will keep the network unavailable


BRKOPT-2216 14442_04_2008_c2 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

26

REP Is Not Deterministic by Default Its a Feature!


The last link coming up in REP is blocked
A (single) link flapping have thus no impact on REP
Link Up
B C D

D C

Link Down

B C

Link Down

Network Available

Network Unavailable

Network Available While Link Flaps

An optional mechanism allows moving the location of a blocked port in an operational segment (more later)
BRKOPT-2216 14442_04_2008_c2 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

27

STP vs. REP: REP Is Fast

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

28

REP Is Fast STP Convergence: Hop by Hop

Propagation of the Failure Indication

The Blocked Port Is Moved to the Location of the Failure

A BPDU carries the failure indication hop by hop In the worst case, the information has to travel twice across the network before complete recovery

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

29

REP Is Fast BPDU Propagation Through a Bridge


Input Queue
Bridge CPU

Output Queue

BPDU In

Regenerated BPDU Out

Data Frame In

Switching ASIC

Unmodified Data Frame Out

The queuing and processing of the BPDUs add some delay to the propagation The BPDU is not just relayed, it is regenerated (the content of its fields is modified)
BRKOPT-2216 14442_04_2008_c2 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

30

REP Is Fast STP Makes No Assumption


A A A

Agreement
B

Proposal
B

Sync

Proposal

STP syncs all potential redundant links during convergence of new information Blocking the ports for the sync operation might be expensive in time (depending on the platform)
BRKOPT-2216 14442_04_2008_c2 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

31

REP Is Fast STP Convergence Summary


Queuing and scheduling delay (BPDUs waiting in input/output queues)
Processing delay (STP computation, port state changes)

Reliable (BPDUs retransmitted periodically)

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

32

REP Is Fast Stable Conditions


BPA P6, key6

10

The unique blocked port keeps sending its BPAs


Every port has stored a copy of the blocked ports key

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

33

REP Is Fast Open, Failed and Alternate Ports


Link Failure Open Port

10

Failed Ports

Alternate Port

A port that is forwarding is called an open port A port logically blocked by REP is an alternate port A port with a link status down is called a failed port Failed ports have better priority than alternate ones
BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

34

REP Is Fast Link Failure


Link Failure
BPA P3, key6

10

Failed Ports

Alternate Port

When a link fails, it sends a BPA with the key it had stored in order to unblock the previous alternate port The convergence is a one-step process

10

Final State: Key Updated


BRKOPT-2216 14442_04_2008_c2 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

35

REP Is Fast Link Status Layer Propagation


Periodic Hello
LSL
1 2 3 4 5 6

LSL

BPA Added to Periodic Hello

LSL

BPA

LSL

BPA

Link Status Layer (LSL): Responsible for maintaining the adjacency between neighbors
BPA are propagated inside the LSL frames The transmission is reliable, but still hop by hop as LSL frame are terminated by adjacent bridges
BRKOPT-2216 14442_04_2008_c2 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

36

REP Is Fast Link Status Layer Summary


STP BPDU
Hop by Hop yes

LSL BPA
yes

Reliable Queuing Delays Processing Delay

yes

yes

yes yes

yes little

LSL BPA tx not much faster than BPDU tx


BRKOPT-2216 14442_04_2008_c2 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

37

REP Is Fast Hardware Flood Layer Propagation


BPAs are not modified during their propagation
The Hardware Flood Layer (HFL) defines a frame designed to carry BPAs HFL frames are not terminated by the adjacent bridge and are switched like user data across the network

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

38

REP Is Fast BPA Propagation Using HFL


Input Queue
Bridge CPU

Output Queue

BPA in HFL Frame

Switching ASIC

Unmodified BPA in HFL Frame

HFL frames are both Switched through the bridge in hardware Queued to CPU for processing
BRKOPT-2216 14442_04_2008_c2 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

39

REP Is Fast HFL Propagation Is Backed up by LSL


HFL BPA P3, key6
1 2 3 4 5 6 7 8 9 10

LSL BPA P3, key6

BPA messages are propagated at the same time by HFL messages, flooded instantly (hardware support) LSL messages, reliable but relayed in software
BRKOPT-2216 14442_04_2008_c2 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

40

REP Is Fast BPA Propagation Summary


STP BPDU
Hop by Hop yes

LSL BPA
yes

HFL BPA
no

Reliable Queuing Delays Processing Delay

yes

yes

no

yes yes

yes little

no no

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

41

REP Is Fast HFL Needs a Dedicated VLAN


HFL messages are treated like user traffic
They are flooded on a dedicated admin VLAN The admin VLAN controls the reach of HFL messages If the administrative VLAN is not properly configured, REP will only rely on the LSL mechanism

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

42

REP Is Fast REP Administrative VLAN


Bridged Domain E1 E2

HFL Flooded Network Wide on the Admin VLAN

HFL Dropped by Blocked Port Admin VLAN Is Not Desirable on Access Ports

For HFL to function, the admin VLAN must span the path between the edge ports inside and outside of the segment
BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

43

REP Is Fast Administrative VLAN Configuration


By default, REP uses VLAN 1 as an administrative VLAN
This VLAN can configured using the global configuration command: (config)# [no] rep admin VLAN {id}

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

44

REP Is Fast HFL Frames Flooded Network Wide


Will the BPA Sent by Remote Segment 1 Unblock A?

E1 Segment 1 F1 F2 BPA F1, Key E2, Segment 1 E2 Bridged Domain Segment 1

HFL frames reach wherever the admin VLAN is configured BPAs include a segment ID in their fields What if two segments have the same ID in the network?
BRKOPT-2216 14442_04_2008_c2 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

45

REP Is Fast Local Effect of BPAs


The key included in the BPA is generated within the segment
A BPA can only unblock a port local to the segment that generated it

The key is not a security mechanism!


The admin VLAN is used to restrict the reach of BPAs forwarded with HFL to trusted devices only

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

46

REP Is Fast Summary


REP only needs to handle a very simple topology
Its BPAs dont need processing while being relayed BPAs are relayed reliably hop-by-hop by the LSL BPAs are also propagated in hardware by the HFL The administrative VLAN contains the HFL flooding

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

47

STP vs. REP: REP Has a Local Scope

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

48

REP Has a Local Scope STP Has a Global Scope


Root Site 2 Provider Network Site 3 Site 1 Site 2 Provider Network Site 3 Root Site 1

Before STP Cost Tuning

Y
X

After Some STP Cost Tuning

Y
X

STP runs on the whole network. Segmentation impossible when there is redundancy All the costs are calculated from the unique root: Cost configured on Site3 depend on the root in Site1
BRKOPT-2216 14442_04_2008_c2 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

49

REP Has a Local Scope STP Local Changes Have Global Effects
Site 1 Site 2 Provider Network Site 3 Site 2 Topology Depends on Remote Site Root Provider Network Site 3 Topology Depends on Remote Site Y
X

Site 1

Root

A Switchover to a Secondary Root May Invalidate the Configuration

Y
X

Local changes have global effect This has to be anticipated when configuring STP

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

50

REP Has a Local Scope REP Local Changes Have Local Effect
Failure! Site 1 Site 2 Provider Network Site 3 Site 2 Provider Network Site 3 No Impact Site 1

Root

Root No Impact
Y
X

REP Version of the Network

No Dependency Between the Sites

Y
X

Convergence in a segment have no impact on other segments Local changes have local effect
BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

51

REP Has a Local Scope Side Effect of REPs Local Scope


A B A B

1- Red Segment Fails

2- Red Segment Fails Again

3- Green Segment Unaffected

REP only protects against a single failure, even if there are several levels of redundancy in the network. STP would have unblocked the green segment.
BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

52

REP Has a Local Scope Invalid Configuration


B

Loop!

Green and Blue Segments Are Completely Independent

Wrong configurations can result in permanent loops

STP sees the whole network and would not allow that

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

53

REP Has a Local Scope Summary


REP segments only reacts to events within their boundaries
REP only introduces one level of redundancy REP provides little protection against configuration errors REPs local scope is a desirable feature not a bug Attempting to fix this would be the first step toward re-inventing STP

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

54

End Ports and Topology Information

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

55

End Ports and Topology Information End Ports


REP Sub-Segment End Ports

10

End Port

REP Sub-Segment REP Segment

End Port

Edge and failed ports are end ports End ports define groups of contiguous operational links called sub-segments

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

56

End Ports and Topology Information End Port Advertisements


EPA Info 3,4 EPA Info 7,8,9 EPA Info 9

3
EPA Info 2

10

EPA Info 5,6

EPA Info 5,6,7,8

End ports send End Port Advertisements (EPAs) The EPAs are propagated hop by hop reliably by the LSL across the segment (or sub-segments) Each port that relay an EPA add some information
BRKOPT-2216 14442_04_2008_c2 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

57

End Ports and Topology Information Topology Information


Sub-Segment 5,6,7,8,9

A# show rep REP Segment BridgeName ---------A A B B C

topology segment 10 10 PortName Edge Role -------- ---- ---5 Fail 6 Open 7 Open 8 Open 9 Pri Open

EPA Info 7,8,9

EPA Info 9

10

EPA Info 5,6 Info 7,8,9 + Info 5,6 = Info 5,6,7,8,9

EPA Info 5,6,7,8 Info 9 + Info 5,6,7,8 = Info 5,6,7,8,9

By combining the information received in each direction, a bridge collects a view of the whole sub-segment To display the topology information, use: (exec)# show rep topology [segment id]
BRKOPT-2216 14442_04_2008_c2 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

58

End Ports and Topology Information Configuring Edge Ports


f2 f1 f2 f1 f1 f2 f1 f2 f1 f2 f1 f2

interface f1 rep segment 5 interface f2 rep segment 5

interface f1 rep segment 5 edge interface f2 rep segment 5 edge

Explicit Configuration of the Edge Ports Is Required

Edge ports are essential in order to generate EPAs However, in ring topologies, edge ports cannot be derived from the configuration

Edge ports can be specified explicitly using: (config-if)# [no] rep segment {id} edge
BRKOPT-2216 14442_04_2008_c2 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

59

End Ports and Topology Information Segment Complete


EPA: Im Edge Port ID9

10

End Port: Edge 1

EPA: Im Edge Port ID2

Alternate Port (Not Failed)

End Port: Edge 9

The EPAs also carries the ID of the edge ports When both edge ports see each other, the segment is complete: there is no failed link (no failed port)

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

60

End Ports and Topology Information Summary

10

End Port (Failed)

REP Sub-Segment

End Port (Edge)

End ports are edge or failed ports They send EPA messages that collect information about the extend of the operation (sub-)segment EPAs determine the segment complete condition
BRKOPT-2216 14442_04_2008_c2 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

61

Enforcing the Desired Topology

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

62

Enforcing the Desired Topology Primary Edge Election

10

Primary Edge

Secondary Edge

The primary edge is the edge port with the best ID, the other is secondary edge The secondary edge acknowledge the primary edge in the EPA messages it sends When the primary receives the acknowledgement from the secondary, it detects the segment is complete
BRKOPT-2216 14442_04_2008_c2 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

63

Enforcing the Desired Topology Use of the Primary Edge Port


The primary edge is unique in the segment
Segment wide parameter configuration will be centralized on the primary edge In particular, it will control
The location of the segment port the user wants to block (by default, the choice is not deterministic)
The VLAN load-balancing

The election of the primary edge port can be influenced by setting: (config-if)# [no] rep segment {id} edge primary

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

64

Enforcing the Desired Topology Specifying an Alternate Port


A desired blocked port can be specified from the primary edge, using the command: (config-if)# [no] rep block port {neighbor #} vlan all
Desired Configuration
#+1 f1 f2 #+2 f3 #+3 f4 #+4 f5 #+5 f6 #+6 f7

Offset Relative to Primary Edge


#+7 f8 #+8 f9 f10

Alternate Port
interface f2 rep segment 10 edge primary rep block port 5 vlan all

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

65

Enforcing the Desired Topology Step 1: Link Failure

f1

f2

f3

f4

f5

f6

f7

f8

f9

f10

Desired Configuration

Alternate Port

f1

f2

f3

f4

f5

f6

f7

f8

f9

f10

Link 4-5 Fails Failed Ports

A link fails. The alternate port is replaced by two failed ports around the failure

The edge ports dont receive any EPA from a peer edge port: the segment is not complete (failed)
BRKOPT-2216 14442_04_2008_c2 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

66

Enforcing the Desired Topology Step 2: Segment Complete

f1

f2

f3

f4

f5

f6

f7

f8

f9

f10

New Topology

The link is repaired: a failed port becomes alternate, the other failed port disappears The stable topology is not the desired one (determination of the alternate port not deterministic) The edge ports see each other in the EPAs they send: the primary edge knows the segment is complete
BRKOPT-2216 14442_04_2008_c2 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

67

Enforcing the Desired Topology Step 3: Preemption

f1

f2

f3

f4

f5

f6

f7

f8

f9

f10

Preemption Request
f1 f2 f3 f4 f5 f6 f7 f8 f9 f10

Two Alternate Ports

The primary edge sends an EPA message instructing f6 to preempt


f6 goes alternate. There are two alternate ports!

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

68

Enforcing the Desired Topology Step 4: Preemption Completes


BPA Port f6, Key4

f1

f2

f3

f4

f5

f6

f7

f8

f9

f10

Port f6 Unblocks Port f4


f1 f2 f3 f4 f5 f6 f7 f8 f9 f10

Back to Desired Topology

Port f6 preempts the segment: As if it had failed, f6 sends a BPA to unblock port f4 The segment has returned to the desired topology

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

69

Enforcing the Desired Topology Triggering Preemption


The preemption is optional
It can only be triggered after the primary edge detects the segment complete The trigger can be automatic, after a configurable delay (config-if)# [no] rep preempt delay {seconds} Or it can be started from the CLI prompt (exec)# rep preempt segment {id}

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

70

Enforcing the Desired Topology VLAN Load Balancing Capability


REP can block at most in two different locations
A range of VLANs can be configured on the primary edge This range will be blocked by a specified alternate port

The complementary range is blocked by the primary edge


The configuration is again entered at the primary edge: (config-if)# [no] rep block port {neighbor#} vlan {VLAN_list}

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

71

Enforcing the Desired Topology VLAN Load Balancing (Step 1)


interface f2 rep segment 1 edge primary rep block port 5 VLAN 2001-4095
#+1 f1 f2 #+2 f3 #+3 f4 #+4 f5 #+5 f6 #+6 f7 #+7 f8 #+8 f9 f10

BPA Port 2, VLANs 1-2000

Preemption Request

f1

f2

f3

f4

f5

f6

f7

f8

f9

f10

Blocks VLANs 1-2000

Blocks VLANs 2001-4095

Two Alternate Ports

BPAs include a bitmap of VLANs The primary edge preempts a range of VLANs
BRKOPT-2216 14442_04_2008_c2 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

72

Enforcing the Desired Topology VLAN Load Balancing (Step 2)

f1

f2

f3

f4

f5

f6

f7

f8

f9

f10

Blocks VLANs 1-2000 BPA Port 6, VLANs 20014095


f1 f2 f3 f4 f5 f6

Blocks VLANs 2001-4095

f7

f8

f9

f10

Blocks VLANs 1-2000

Blocks VLANs 2001-4095

Using a command EPA message, the primary edge instructs port f6 to preempt the remaining VLANs
BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

73

Enforcing the Desired Topology Summary


In a segment that is complete, two ports can preempt and block complementary ranges of VLANs
Those ports are
The elected primary edge

Another arbitrary port determined by configuration

Configuration can be centralized on the primary edge The preemption can be triggered manually or after a configured delay

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

74

Topology Changes

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

75

Topology Changes Learning Bridges


X Y X Y Y Y Y X Y Y X Y X Y X Y Y

X
Y Y X

Y X

X Y

X
Y

X Y

Filtering Entries Populated from Conversation X-Y

After a Change in the Topology, Starred Entries Are Incorrect

Bridges learn the location of the stations from the traffic they forward Mac-addresses are added to a filtering table After a failure, the filtering table must be updated
BRKOPT-2216 14442_04_2008_c2 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

76

Topology Changes REP Topology Change Bit


X
Y X X Y X X XX Y

X
X

X
Y

BPA, TC
X X Y Y Y Y

BPA, TC

X
X X

X
Y X

XX
X Y

A Topology Change (TC) bit is set in the BPA to advertise that the filtering tables need updating

All the entries in the tables are flushed


Traffic is flooded while tables are being repopulated
BRKOPT-2216 14442_04_2008_c2 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

77

Topology Changes Topology Changes Between Segments


y Y y Y

X X

Entry for X remaining

Segment 2 Segment 1
X X X X

BPA, TC, Segment 1

BPA, TC, Segment 1

X X

Entries for X Removed

BPAs Flush Entries for X in Segment 1

Entry for X Left in Segment 2 Causes Black Holing

BPAs have local effect. No flush performed outside of the segment that originated them
BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

78

Topology Changes Propagating TC Outside the Segment


Edge ports are responsible for advertising TCs to the rest of the network
Configured on edge ports (config-if)# [no] rep stcn segment {id_list}

When the edge port receives a BPA with the TC bit set, it will generate a new BPA with TC bit set for the segments specified

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

79

Topology Changes

TC Propagation
interface E1 rep segment 1 edge rep stcn 2
E1

BPA, TC, Segment 2


B E2

BPA Generated by E2 BPA TC for Segment 1 Converted into BPA TC for Segment 2 at the Edge

Segment 2

Segment 1 BPA, TC, Segment 1

BPA, TC, Segment 1

Both edge ports receive a TC indication They are configured to propagate it to another segment

This step is achieved in software. It will introduce a slight delay


BRKOPT-2216 14442_04_2008_c2 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

80

Topology Changes Summary


After a convergence, the filtering databases need to be updated to prevent black-holing
REP BPAs include a TC bit that carry the appropriate notification within a segment

If the TC needs to propagate to another segment, explicit configuration is needed on the edge ports

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

81

STP Interaction

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

82

STP Interaction STP Does Not Run on Segment Ports


Segment ports are not added to the STP
From the perspective of STP, REP ports dont exist!

STP Region

STP Region

No BPDU Tx or RX REP Segment

Physical Network Configuration

Connectivity, as Seen by STP

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

83

STP Interaction Valid REP Configuration


REP configuration must not introduce loops
STP Region

STP Perspective

No REP Port No Loop

STP Region

STP Region REP Segment Data Plane Perspective

Traffic Not Looping


BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

84

STP Interaction Invalid REP Configuration


REP is not plug-n-play: cannot recover from some configuration errors
STP Region STP Perspective No REP Port No Loop

STP Region

REP Segment STP Region Data Plane Perspective

Traffic Is Looping!
BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

85

STP Interaction Topology Changes and STP


XX Y Y X X Y Y X X Y Y X X Y Y X X X
B

Y X Y Y Y X X Y Y Y Y Y

Y X X Y Y Y

STP Region

STP Region

X Y
B

Entries Cleared by REP in the Segment

Filtering Entries Populated from Conversation X-Y

After a Change in the Topology, StarEntries Are Incorrect

To avoid black holing, mac address tables in the STP region must be updated after a reconvergence in a segment

The case is similar to the TC between segments presented earlier on


BRKOPT-2216 14442_04_2008_c2 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

86

STP Interaction Edge Port Generate STP TC


interface E1 rep segment 1 edge rep stcn stp
STP TC STP Region
Y

STP TC E1
X

E2

REP TCs Are Converted into STP TCs a the Edges

A configuration in the edge port allows converting BPA TC into STP TC: (config-if)# [no] rep stcn stp

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

87

STP Interaction Migration from REP to STP


While migrating from REP to STP, the user could end up in a situation where one or several bridges are isolated
stp stp rep stp

REP Ports with No Neighbors = Failed

The switch cannot be configured from the network any more!


BRKOPT-2216 14442_04_2008_c2 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

88

STP Interaction Failed Open Port


REP is able to differentiate between a port that is failed because of a link failure or because of no neighbor

stp stp rep

stp

REP Unblocks a Failed Port to Maintain Connectivity

A port with no neighbor will be Failed Open if there is already a port with higher priority blocking in the segment
BRKOPT-2216 14442_04_2008_c2 2008 Cisco Systems, Inc. All rights reserved. Cisco Public

89

STP Interaction Summary


STP is disabled on REP ports
Caution must be taken to avoid configuring loops REP includes a mechanism to export TCs to STP REP maintains connectivity while transitioning from STP to REP

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

90

Conclusion

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

91

Conclusion REP Was Designed to Not Be STP


REP is a simple concept
REP requires simple configuration and is robust Its has local effect, which makes it easy to segment and operate the network

REP convergence can be independent of the diameter of the network, which makes it ideal for long chains

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

92

Conclusion Summary REP vs. STP


REP
Configuration Driven: Configuration Error Can Be Fatal Local Scope: Simple But with Single Level of Redundancy Fast: Convergence Independent of the Number of Nodes

STP
Plug-n-Play: Operates with No Configuration Global Scope: Can use all the Redundant Links Available Slow in Large Networks: Hop-by-Hop Transmission Suffers from Large Network Diameter

Can Operate in a NonDeterministic Way

Always Deterministic

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

93

Conclusion Related Sessions


BRKOPT-2205: Deploying and Designing with the Resilient Ethernet Protocol
BRKOPT-2102: 802.17 Resilient Packet Ring Overview

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

94

Q and A

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

95

Complete Your Online Session Evaluation


Give us your feedback and you could win fabulous prizes. Winners announced daily. Receive 20 Passport points for each session evaluation you complete. Complete your session evaluation online now (open a browser through our wireless network to access our portal) or visit one of the Internet stations throughout the Convention Center.
Dont forget to activate your Cisco Live virtual account for access to all session material on-demand and return for our live virtual event in October 2008. Go to the Collaboration Zone in World of Solutions or visit www.cisco-live.com.

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

96

BRKOPT-2216 14442_04_2008_c2

2008 Cisco Systems, Inc. All rights reserved.

Cisco Public

97