Beruflich Dokumente
Kultur Dokumente
and Troubleshooting
BRKRST-3020
Luc De Ghein
Technical Leader Services
Agenda
Introduction
LFA Overview
LFA Architecture
Per-link vs per-prefix
Repair path selection and tie-breakers
Remote LFA
Repair path in data plane
BRKRST-3020
Cisco Public
Introduction
Introduction
Best-effort traffic delivery for IPv4/v6 was good enough
Service failures caused by routing transitions are largely hidden by higher-level
protocols that retransmit the lost data
But, this not good enough anymore for voice and video traffic
We need something better: IP-FRR
Low-hanging fruit
MPLS is not needed
BRKRST-3020
Cisco Public
Goal - Benefits
Provide FAST restoration of traffic flow in case of network failure
Designed to give the same speed of recovery as MPLS TE FRR
Does not require MPLS to function (though may protect MPLS traffic if present)
Remote LFA does require MPLS at this time
Cisco Public
No signaling
protocol
LFA Overview
1-5 sec
Fast convergence
Same as above, but faster
Tuned routing protocol
< 1 sec
BRKRST-3020
Cisco Public
50-100 msec
MPLS TE FRR
Repair Path
Least cost
Link Protection
Yes
Yes
Node Protection
Yes
Yes
Path Protection
No
Yes
None
RSVP-TE
Provisioning
Minimal Configuration
Significant
Network Topology
SRLG
Yes
Yes
Yes
No
IPv6 support
Yes
No
BRKRST-3020
Cisco Public
t0 Failure Detection
t1 Failure Propagation (Flooding, Updates, etc)
t2 Topology/Routing Recalculation
t3 Update Routing and Forwarding Table (RIB/FIB)
t0 Failure Detection
tR Switchover to (pre-computed) backup path
t1 Failure Propagation (Flooding, Updates, etc)
t2 Topology/Routing Recalculation
t3 Update Routing and Forwarding Table (RIB/FIB)
LoC
t0
t1
t2
failure
LoC
t3
t4
t0 tR t1
t2
t3
t4
failure
BRKRST-3020
Cisco Public
10
LFA Architecture
R1
R2
primary path
BRKRST-3020
Cisco Public
12
Requirement
Speed
Speed of restoration
Fast detection
Cleanup
BRKRST-3020
Cisco Public
13
SPT
root router
&
10
B
20
10
10
30
10
10
10
30
10
G
10
30
10
calculating node
10
10
10
SPF
10
10
G
10
G
BRKRST-3020
Cisco Public
14
SPT
calculating node
10
10
10
SPF
20
10
10
root router
10
10
30
10
10
10
30
10
10
30
10
G
10
All of the LFA (directly connected and remote) is made possible by the calculating
router running an SPF with its neighbor(s) as root
10
G
An SPF with any router in the area as root is not needed (but could be theoretically done)
BRKRST-3020
Cisco Public
15
D
N
Name
Definition
Destination router
Neighboring router
D(A,B)
Distance
BRKRST-3020
Cisco Public
16
Downstream Path
Inequality 2: D(N,D) < D(S,D)
Node protection
Cisco Public
17
PN
PN = PseudoNode
representing the
BroadCast link with cost 0
BRKRST-3020
Cisco Public
18
General Theory
Examples
Inequality 1
Loop Free
Alternate
Inequality 2
Downstream
path
Inequality 3
Node
protection
Inequality 1: 11 < 12 + 15 ?
10
Inequality 2: 11 < 15 ?
S
12
11
Inequality 3: 11 < 16 + 5 ?
Inequality 1: 20 < 12 + 15 ?
10
Inequality 2: 20 < 15 ?
S
12
20
Inequality 3: 20 < 22 + 5 ?
10
Inequality 1: 25 < 12 + 15 ?
20
S
Inequality 2: 25 < 15 ?
12
N
BRKRST-3020
Inequality 3: 25 < 20 + 5 ?
2014 Cisco and/or its affiliates. All rights reserved.
Cisco Public
19
General Theory
Examples Bis
Inequality 1: 25 < 10 + 27 ?
22
Inequality 1
Loop Free
Alternate
Inequality 2
Downstream
path
Inequality 3
Node
protection
Inequality 2: 25 < 27 ?
20
S
20
Inequality 3: 25 < 20 + 5 ?
10
Inequality 1: 27 < 12 + 15 ?
12
Inequality 2: 27 < 15 ?
27
N
BRKRST-3020
Inequality 3: 27 < 22 + 5 ?
Cisco Public
20
General Theory
Example 4th Inequality
the link from S to N should not be the same as the protected link
Inequality 1
Loop Free
Alternate
Inequality 2
Downstream
path
Inequality 3
Node
protection
Inequality 4
Loop Free
Alternate BC
the link from N to D should not be the same as the protected link
8
10
25
0
10
21
PN
0
11
10
Inequality 4: 21 < 10 + 11 ?
BRKRST-3020
Cisco Public
21
General Theory
Per-Link versus Per-Prefix LFA
Per-Prefix
Per-Link
D1
10
10
N1
10
10
10
10
D1
5
E
D1 + D2
5
N2
10
10
D1
10
N1
10
D2
D2
Backup path carries traffic for all destinations through primary next hop
5
N2
10
D2
10
Cisco Public
22
Inequality 1
General Theory
Loop Free
Alternate
Per-Link
10
15
15
20
B
10
20
B
10
10
E
X+Y
15
10
E
X+Y
Conclusion?
BRKRST-3020
Cisco Public
23
General Theory
Per-Link LFA Limitation
30
16
N1
70
D1
5
30
20
N2
16
30
D2
N1
70
40
D1
5
E
15
20
N2
30
D2
Traffic to D2 is forwarded to E on N2
Traffic to D1 is forwarded to D1
Conclusion?
BRKRST-3020
Cisco Public
24
General Theory
Comments/Coverage
LFA
Downstream paths
No loop possible
Less network coverage
BRKRST-3020
Cisco Public
25
Load Balancing/ECMP
ECMP : more than one primary next hop
The other primary next hops might provide:
alternate path
18
10
N1
14
10
14
N2
primary path
N3
BRKRST-3020
Cisco Public
26
Forwarding plane considers the fact that protecting label is different for each
prefix
Same LFA but different protecting label per prefix
BRKRST-3020
Cisco Public
27
Micro-Loops
A loop short in time
Resolved by normal link state convergence, i.e. loop until first SPF
During the reconvergence period some routers in the network forward traffic
based on the 'old' forwarding table and some routers have already switched to
use the 'new' forwarding table
Result of difference in updating speed on routers
CPU, forwarding ASICs, difference in distance in topology
BRKRST-3020
Cisco Public
28
Micro-Loops
rLFA tunnel
t4 end of updating on S
t5 end of updating on N
[t3-t4]-[t4-t5] N still has route for D, pointing to S:
loop
t5 loop resolved: N finished updating its tables:
then route for D points to R1
failure
BRKRST-3020
R1
R2
LoC
t0 tR t1
loop
t2
t3
Cisco Public
t4
t5
29
Micro-Loops
Micro loops
A loop short in time
Resolved by normal link state convergence, i.e. loop until first SPF
Solution
Routers connected to failed link delay updating forwarding table
Until all other routers have converged
RIB delay timer
BRKRST-3020
Cisco Public
30
Remote LFA
The Problem & The Solution
The problem
Directly connected LFA does not cover all
No neighbor is found which is an LFA
Remote LFA covers more
Typically a ring topology will need remote LFA
R2
Remote LFA
(encap tunnel)
R3
The solution
R4
BRKRST-3020
R5
Cisco Public
31
Remote LFA
No 100% Coverage
No tunnel to remote LFA is possible
A tunnel to R3 is not good enough (far enough), because the cost
from R3 to router D is 6 counter clockwise vs 3 clockwise
Packets coming out of the tunnel on R3 would be sent back to R1
clockwise
R2
R3
R5
R4
BRKRST-3020
Cisco Public
32
Remote LFA
Finding the Tunnel Endpoint
P space of Router S
Q space of Router E
S
PQ
Cisco Public
An algorithm is needed to
pick a PQ router if multiple
candidates exist
33
Remote LFA
Extended P-Space
P space of Router S
Q space of Router E
N
PQ
Cisco Public
34
Remote LFA
Calculating the P-space
topology
SPT
SPF
pruning
P-space
Cisco Public
35
Remote LFA
Calculating the Q-space
topology
rSPT rooted at C
rSPF
C
pruning
C
Q-space
D
Cisco Public
36
Remote LFA
Calculating the Set of PQ Candidates
Q-space
P-space
topology
BRKRST-3020
PQ
candidate
Cisco Public
37
Remote LFA
Extended P-Space
Extended P-space
P-space of each neighbor and the protected link
A
BRKRST-3020
Cisco Public
38
Remote LFA
Square with P-Space
SPT
A
A
pruning
SPF
C
topology
A
rSPT rooted at B
C
P-space
SPF
Q-space
pruning
A
BRKRST-3020
no intersection
C
C
2014 Cisco and/or its affiliates. All rights reserved.
Cisco Public
39
Remote LFA
Square with Extended P-Space
rSPT rooted at C
C
C
topology
A
A
D
B
B
rSPT rooted at B
C
Extended
P-space
pruning
SPF
SPF
Q-space
pruning
A
BRKRST-3020
PQ is
router D
C
C
2014 Cisco and/or its affiliates. All rights reserved.
Cisco Public
40
Remote LFA
Notes on Remote LFA
The Tunnel is an LSP
By LDP only
LDP should be enabled everywhere
If not, some prefixes/link might be unprotected
The sw will not take care of excluding those links
From forwarding plane point of view, the LSP is indistinguishable from an unprotected TE
tunnel
PQ node protection is link protecting only, not node protecting
PQ node calculations are only executed if there are unprotected paths for protectable
prefixes
Cisco Public
41
Remote LFA
Remote LFA with MPLS
Targetted LDP
Session
PQ
Label Bindings
(IGP prefixes)
Notes:
Router D is not aware it will be used as PQ node
Targetted LDP acceptance must be enabled on all routers
BRKRST-3020
Cisco Public
42
Remote LFA
Remote LFA with MPLS: Packet Forwarding
IP
IP
Targetted LDP
Session
IP
L1
IP
L3
Cisco Public
43
Tie Breaking
Tie Breaking
There Can Be Only One
Computation provides usually multiple LFAs
Need to select one LFA among multiple candidates for each prefix/path
How tie breaking works:
A set of consecutive rules, by preference
Each rule discards candidates
e.g. rule of node protecting eliminates paths which do not node protect
Cisco Public
45
Tie Breaking
Attributes
Attributes
Set of attributes are
ON by default
Order of attributes:
preference value
BRKRST-3020
SRLG
Primary Path
Interface Disjoin
Node protecting
Load Sharing
Downstream
Secondary
Cisco Public
46
primary path
Flags: RIB
LSA: 1/10.100.1.13/10.100.1.13
Flags: RIB, Repair, IntfDj, BcastDj, PrimPath , LC Dj, NodeProt, Downstr, LoadShare
LSA: 1/10.100.1.13/10.100.1.13
10
20
30
40
50
60
70
256
srlg
primary-path
interface-disjoint
lowest-metric
linecard-disjoint
node-protecting
broadcast-interface-disjoint
load-sharing
LSA: 1/10.100.1.13/10.100.1.13
Flags: Ignore, Repair, IntfDj, BcastDj, PrimPath , LC Dj, NodeProt, Downstr, LoadShare
LSA: 1/10.100.1.13/10.100.1.13
repair path via 10.1.5.6, Ethernet0/0, cost 31
LSA: 1/10.100.1.13/10.100.1.13
BRKRST-3020
47
Implementation Notes
Differences apply in implementations
Restrictions
Interface types (check www.cisco.com)
Remote LFA is only calculated when Directly Connected LFA does not provide
protection (if there are unprotected paths for protectable prefixes)
Less state
Less tunnels
Cisco Public
49
Implementation Notes
Per-prefix LFA performance is proportional to nr of neighbors and nr of prefixes
Memory increase
Distance tables
RIB needs to store backup paths
LDP storage increase
OSPF
Backup path for the prefix will always be calculated in the same area where primary path exists
Backup path will be of same route type (intra-area, inter-area, external, external-NSSA) and using
same metric type as primary path
IOS-XR: only per-link or per-prefix per interface
ISIS
No FRR SPF results are stored
BRKRST-3020
Cisco Public
50
SRLG
Assigning a Shared Risk Link Group (SRLG) to an Interface
IOS
IOS-XR
interface Ethernet0/0
srlg gid 100
ip address 10.1.5.1 255.255.255.0
BRKRST-3020
srlg
interface GigabitEthernet0/0/4/1
1 value 100
Cisco Public
51
Cisco Public
52
10.100.1.13/32
Known via "ospf 1", distance 110, metric 31, type intra area
Last update from 10.1.5.7 on Ethernet0/0, 5w4d ago
Routing Descriptor Blocks:
local binding:
label: 41
label of
primary path
label of
repair path
BRKRST-3020
Cisco Public
53
IP-Address
Protocol
Ethernet0/0
10.1.5.1
YES NVRAM
up
up
Serial2/0
10.1.1.1
YES NVRAM
up
up
Loopback0
10.100.1.1
YES NVRAM
up
up
MPLS-Remote-Lfa51
10.1.6.1
YES unset
up
up
MPLS-Remote-Lfa52
10.1.5.1
YES unset
up
up
BRKRST-3020
Cisco Public
54
Cisco Public
55
OSPF - IOS
spf
Access list
<1300-2699>
<cr>
<cr>
BRKRST-3020
Cisco Public
57
OSPF - IOS
What is Stored Extra?
SPFs are run for each neighbor with that neighbor as root!
Full SPFs with N as root are not stored on S
Some info needs to be stored in new tables to be used by partial SPF in between full SPFs
Distance to neighbor
Stored in Per-Neighbor Router Distance Table
Not the distance to all routers in that area needs to be stored
E is the primary
next hop router
N is the protecting
next hop router
Cisco Public
58
OSPF - IOS
What is Stored Extra?
E
What?
Where?
D(S,N)
D(S,E)
D(N,E)
BRKRST-3020
Cisco Public
E is the primary
next hop router
N is the protecting
next hop router
59
OSPF - IOS
New Storing Elements: Per-Neighbor Tables
What
Where?
Description
Why?
Per-Neighbor Router
Distance Table
Distance to ABRs/ASBRs
Per-Neighbor Router
Distance Table
Needed by partial
SPF
Per-Neighbor Network
Distance Table
BRKRST-3020
Needed by partial
SPF when
calculating repair
path (reachability) for
LSA type 5/7
Cisco Public
60
OSPF - IOS
New Storing Elements: Per-Neighbor Tables - Example
R1# show ip os neighbor fast-reroute
| begin ID 10.100.1.2
neighbor N of S
(root of SPF)
D(S,N)
10.100.1.1
[10]
10.100.1.2
[0]
10.100.1.3
[10]
10.100.1.9
[25]
10.100.1.10
[30]
10.100.1.13
[40]
neighbors E of S
with D(N,E)
ABRs/ASBRs with
D(N,ABR/ASBR)
[20]
10.1.5.7
S is router R1
N is router R2
i intra-area route
I inter-area route
BRKRST-3020
D(N,PN)
cost from N to DR
Cisco Public
61
OSPF - IOS
Primary and Repair Path in LRIB (Local RIB)
R1#show ip ospf rib 10.100.1.13
OSPF local RIB
Codes: * - Best, > - Installed in global RIB
*>
LSA: type/LSID/originator
primary path
Flags: RIB
LSA: 1/10.100.1.13/10.100.1.13
LSA: 1/10.100.1.13/10.100.1.13
repair path via 10.1.4.5, Serial5/0, cost 31
Flags: Ignore, Repair, IntfDj, BcastDj, PrimPath, LC Dj, NodeProt, Downstr
LSA: 1/10.100.1.13/10.100.1.13
BRKRST-3020
Cisco Public
62
Configuration
IOS - OSPF
OSPF router config mode
[no] fast-reroute per-prefix enable [area <area-id>] prefixpriority {high | low}
N
O
T
E
S
BRKRST-3020
Cisco Public
63
Configuration
IOS - OSPF
OSPF router config mode
[no] prefix-priority high route-map <route-map>
N
O
T
E
S
match tag
match route-type
match ip address
are ignored
BRKRST-3020
Cisco Public
64
Configuration
IOS - OSPF
OSPF router config mode
[no] fast-reroute keep-all-paths
N
O
T
E
S
BRKRST-3020
N
O
T
E
S
Cisco Public
65
Configuration
IOS - OSPF
Interface config mode
[no] ip ospf fast-reroute per-prefix protection [disable]
N
O
T
E
S
BRKRST-3020
Cisco Public
66
Configuration
IOS - OSPF
Interface config mode
[no] ip ospf fast-reroute per-prefix candidate [disable]
N
O
T
E
S
BRKRST-3020
Cisco Public
67
Configuration
IOS - OSPF
OSPF router config mode
[no] fast-reroute per-prefix tie-break <attribute> [required]
index <priority>
N
O
T
E
S
Supported attributes:
interface-disjoint
broadcast-interface-disjoint
srlg
downstream
node-protecting
linecard-disjoint
primary-path
secondary-path
lowest-metric
BRKRST-3020
Cisco Public
68
For Your
Reference
Description
Default values
IOS OSPF
Comment
srlg (SRLG)
10
primary-path (PrimPath)
20
Backup is member of
ECMP set
interface-disjoint (IntfDj)
30
lowest-metric (CostWon)
40
50
node-protecting (NodeProt)
60
broadcast-interface-disjoint
(BcastDj)
70
load-sharing (LoadShare)
255
downstream (Downstr)
secondary-pathBRKRST-3020
Prefer secondary
over
primary
path
2014 Cisco
and/or
its affiliates.
All rights reserved.
Not configurable.
This is the catch-at-the-end
policy
Disabled by default
Cisco Public-
Disabled by default
69
Topology name
Priority
Base
Low
No
AS external
Base
Low
srlg
20
primary-path
30
interface-disjoint
40
lowest-metric
50
linecard-disjoint
60
node-protecting
70
broadcast-interface-disjoint
256
load-sharing
Last SPF calculation started 5d13h ago and was running for 11 ms.
BRKRST-3020
Cisco Public
70
Protected
Primary paths
All
High
Low
All
High
Low
All High
Low
Se6/0
Yes
40% 100%
0%
Se5/0
Yes
25%
40%
0%
Se4/0
Yes
10
40%
66%
0%
Se3/0
Yes
0%
0%
0%
Se2/0
Yes
66% 100%
0%
Et0/0
Yes
11
27%
50%
0%
Area total:
37
21
16
13
13
35%
61%
0%
Process total:
37
21
16
13
13
35%
61%
BRKRST-3020
Coverage in percentage
Per area
Per interface
High - low
Cisco Public
71
Interface
IP-Address
Protocol
Ethernet0/0
10.1.5.1
YES manual up
up
Loopback0
10.100.1.1
YES manual up
up
MPLS-Remote-Lfa4
10.1.5.1
YES unset
up
up
MPLS-Remote-Lfa5
10.1.4.1
YES unset
up
up
MPLS-Remote-Lfa6
10.1.4.1
YES unset
up
up
Area
Topology name
Priority
Base
High
Yes
secondary-path
20
node-protecting
256
load-sharing
Last SPF calculation started 00:07:40 ago and was running for 37 ms.
BRKRST-3020
Cisco Public
72
Interface MPLS-Remote-Lfa4
Tunnel type: MPLS-LDP
Tailend router ID: 10.100.1.11
Termination IP address: 10.100.1.11
Outgoing interface: Ethernet0/0
First hop gateway: 10.1.5.6
Tunnel metric: 21
Protects:
Interface MPLS-Remote-Lfa5
BRKRST-3020
Cisco Public
73
BRKRST-3020
Cisco Public
74
Protocol
up
up
LDP session
75
For Your
Reference
Broken example
R1#show ip cef 10.100.1.5
10.100.1.5/32
nexthop 10.1.4.5 Serial5/0 label [implicit-null|none]
Cisco Public
76
Troubleshooting LFA
R1#show ip ospf fast-reroute prefix-summary
Area 0:
Interface
Protected
Primary paths
All
High
Low
All
High
Low
All High
Low
Se6/0
Yes
11
9%
20%
0%
36%
80%
0%
Se5/0
Yes
33%
50%
0%
44%
66%
0%
Se4/0
Yes
57% 100%
0%
57% 100%
0%
Se3/0
Yes
0%
0%
0%
0%
0%
0%
Se2/0
Yes
0%
0%
0%
0%
0%
0%
Et0/0
Yes
33%
50%
0%
44%
66%
0%
Area total:
37
22
15
11
11
29%
50%
0%
43%
72%
0%
Process total:
37
22
15
11
11
29%
50%
0%
43%
72%
0%
Cisco Public
77
BRKRST-3020
Cisco Public
78
For Your
Reference
OSPF-1 FRSPF: Scheduling IPFRR SPF, change 'X', area dummy area, instance 440
...
OSPF-1 FRSPF: Create list of candidate neighbors for intra SPF in area 0
OSPF-1 FRSPF: Adding neighbor 10.100.1.8 via Serial6/0 to SPF work queue
OSPF-1 FRSPF: Adding neighbor 10.100.1.7 via Ethernet0/0 to SPF work queue
...
Start of FRSPF
BRKRST-3020
Cisco Public
79
For Your
Reference
OSPF-1
OSPF-1
20/30,
OSPF-1
Found Q leg
Trying to match P legs and Q
legs, resulting in PQ nodes
BRKRST-3020
Cisco Public
80
ISIS - IOS
Configuration
IOS - ISIS
ISIS router config mode
fast-reroute per-prefix <level> {[all] | [route-map map-tag]}
N
O
T
E
S
BRKRST-3020
Cisco Public
82
Configuration
IOS - ISIS
Interface config mode
isis fast-reroute protection <level> disable
N
O
T
E
S
BRKRST-3020
N
O
T
E
S
Cisco Public
83
Configuration
IOS - ISIS
Interface config mode
isis fast-reroute exclude <level> interface <interface-B>
N
O
T
E
S
BRKRST-3020
Cisco Public
84
Troubleshooting ISIS-IOS
router#show isis fast-reroute summary
Load for five secs: 2%/0%; one minute: 1%; five minutes: 1%
Time source is hardware calendar, *09:38:52.670 UTC Mon Nov 25 2013
Tag one:
IPv4 Fast-Reroute Protection Summary:
Prefix Counts:
Total
Protected
Coverage
High priority:
0%
Normal priority:
16
12
75%
Total:
16
12
75%
BRKRST-3020
Cisco Public
85
BRKRST-3020
Cisco Public
86
For Your
Reference
Description
Default values
IOS ISIS
Comment
Srlg (SRLG)
10
primary-path (PrimPath)
20
Backup is member of
ECMP set
lowest-backup-path-metric
30
40
node-protecting (NodeProt)
50
load-sharing (LoadShare)
255
Downstream (Downstr)
Disabled by default
secondary-path
Disabled by default
BRKRST-3020
Cisco Public
Not configurable.
This is the catch-at-the-end
policy
87
Troubleshooting ISIS-IOS
router#show isis rib 10.1.100.7 255.255.255.255
10.1.100.7/32
[115/L1/20] via 10.1.5.7(GigabitEthernet1/4), from 10.1.100.7, tag 0, LSP[6/17]
(installed)
repair path: 10.1.6.7(GigabitEthernet1/5) metric:20 (PP,DS,SR) LSP[6]
BRKRST-3020
Cisco Public
88
Troubleshooting ISIS-IOS
router#show isis fast-reroute interfaces
Load for five secs: 0%/0%; one minute: 0%; five minutes: 0%
Time source is hardware calendar, *10:00:36.834 UTC Mon Nov 25
2013
BRKRST-3020
Cisco Public
89
Troubleshooting ISIS-IOS
debug isis fast-reroute path-selection
show isis fast-reroute remote-lfa tunnels
<1300-2699>
level-1
Apply to Level 1
level-2
Apply to Level 2
terse
<cr>
BRKRST-3020
Cisco Public
90
Troubleshooting ISIS-IOS
router#
10:13:04.914: ISIS-SPF (one): L1 LSP 6 (0000.0000.0007.00-00) flagged for recalculation from 96EB874
10:13:06.914: ISIS-SPF (one): LSP 6 (0000.0000.0007.00-00) Type STD
10:13:06.914: ISIS-SPF (one): spf_result: next_hop_parents:0x14157A48 root_distance:10, parent_count:1, parent_index:1 db_on_paths:1
10:13:06.914: ISIS-SPF (one): Calculating routes for L1 LSP 6 (0000.0000.0007.00-00)
10:13:06.914: ISIS-SPF (one): lsptype:0, current_lsp(0000.0000.0007.00-00)(6)
isis_walk_lsp
10:13:07.114: ISIS-SPF (one): L1 LSP 1 (0000.0000.0003.00-00) flagged for recalculation from 96EB874
500 ms
BRKRST-3020
Cisco Public
91
Troubleshooting ISIS-IOS
router#show ip route repair-paths 10.1.100.2
PQ router
router#show isis fast-reroute remote-lfa tunnels
BRKRST-3020
Cisco Public
92
OSPF IOS-XR
OSPF IOS-XR
What is Stored Extra?
Per-link LFA: nothing
Per-prefix LFA
Per neighbor distance table
Cisco Public
94
Show Route
RP/0/RP1/CPU0:MeltDown#show route
Tue Nov 12 18:22:22.174 CET
Codes: C - connected, S - static, R - RIP, B - BGP, (>) - Diversion path
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - ISIS, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, su - IS-IS summary null, * - candidate default
U - per-user static route, o - ODR, L - local, G
- DAGR
BRKRST-3020
Cisco Public
95
Configuration
IOS-XR - OSPF
OSPF interface config mode
[no] fast-reroute {per-link|per-prefix}
[no] fast-reroute per-prefix exclude interface {interface-name}
[no] fast-reroute per-prefix lfa-candidate interface {interface-name}
used for allowing TE tunnel (explicit-path)
other interface types are by default on the lfa-candidate list
BRKRST-3020
Cisco Public
96
Configuration
IOS-XR - OSPF
OSPF router config mode
[no] fast-reroute per-prefix load-sharing disable
[no] fast-reroute per-prefix priority-limit [critical|high|medium]
same or higher priority only will be calculated
Cisco Public
97
Configuration
IOS-XR - OSPF
OSPF interface config mode
[no] fast-reroute per-link lfa-candidate interface {interface-name}
[no] fast-reroute per-link use-candidate-only
BRKRST-3020
Cisco Public
98
LFA -Candidates
IOS-XR - OSPF
router ospf ldg
fast-reroute per-prefix
fast-reroute per-prefix use-candidate-only enable
Route type:
area 0
Intra-area
mpls traffic-eng
Area: 0.0.0.0,
interface Loopback0
SPF priority: 4,
network point-to-point
RIB version: 0,
6 13:05:44.837
Metric: 3
SPF version: 42
Source: Unknown
interface tunnel-te3
Backup path:
cost 3
interface GigabitEthernet0/0/4/0
network point-to-point
Cisco Public
99
For Your
Reference
0 = not considered
Tie-Breaker option
Description
node-protecting
Default values
IOS-XR OSPF
40
lc-disjoint
30
lowest-backup-metric
20
primary-path
10
Downstream
SRLG-disjoint
secondary-path
load-sharing (LoadShare)
BRKRST-3020
Comment
255
Cisco Public
Can be disabled
100
Troubleshooting OSPF-IOS-XR
RP/0/RP1/CPU0:MeltDown#show ospf
Index
No Tunnel (Implicit)
255
Node Protection
40
Line-card Disjoint
30
Lowest Metric
20
Primary Path
10
Downstream
Secondary Path
SRLG Disjoint
Area BACKBONE(0)
BRKRST-3020
Cisco Public
101
Per-link LFA
RP/0/RP1/CPU0:MeltDown#show ospf routes 10.1.100.7/32 backup-path
O
Cisco Public
102
Troubleshooting OSPF-IOS-XR
RP/0/RP1/CPU0:MeltDown#show route 10.1.100.6/32 detail
Routing entry for 10.1.100.6/32
Known via "ospf 1", distance 110, metric 3, type intra area
Routing Descriptor Blocks
10.1.1.7, from 10.1.100.7, via GigabitEthernet0/0/4/1, Backup
Route metric is 0
Label: None
NHID:0x0(Ref:0)
10.1.7.4, from 10.1.100.7, via GigabitEthernet0/0/4/2, Protected
Route metric is 3
Label: None
NHID:0x0(Ref:0)
Backup path id:33
Route version is 0xa6 (166)
BRKRST-3020
Cisco Public
103
Troubleshooting OSPF-IOS-XR
RP/0/RP1/CPU0:MeltDown#show ospf routes 10.1.100.6/32 detail
OSPF Route entry for 10.1.100.6/32
Route type:
Intra-area
Metric: 3
SPF version: 40043
Source: Unknown
BRKRST-3020
Cisco Public
104
Troubleshooting OSPF-IOS-XR
16
16 (100%)
13 (81%)
BRKRST-3020
Cisco Public
105
Neighbor topology
Distance
Type
Revision
10.1.100.1
42
10.1.100.2
42
10.1.100.3
42
10.1.100.4
42
10.1.100.5
42
10.1.100.6
42
10.1.100.7
42
BRKRST-3020
ASBR
Cisco Public
106
Remote Backup
RP/0/RP1/CPU0:MeltDown#show route 10.1.100.6
Routing entry for 10.1.100.6/32
Known via "isis one", distance 115, metric 20, type level-1
Installed Dec
BRKRST-3020
Cisco Public
107
Remote Backup
RP/0/RP1/CPU0:MeltDown# show mpls ldp forwarding fast-reroute
Codes:
- = GR label recovering, (!) = LFA FRR pure backup path
{} = Label stack with multi-line output for a routing path
G = GR, S = Stale, R = Remote LFA FRR backup
Prefix
Label
Label(s)
Outgoing
In
Out
Interface
Next Hop
Flags
G S R
16001
16004
16001
Gi0/0/4/1
10.1.1.7
27
Gi0/0/4/3
10.1.11.3
37
Gi0/0/4/2
10.1.7.4
{ 29
Gi0/0/4/3
10.1.11.3
16007 }
(!)
(!)
MPLS tunnel to
10.1.100.5
(10.1.100.5)
Cisco Public
108
very chatty!
redirect output to file
BRKRST-3020
Cisco Public
109
ISIS IOS-XR
Configuration
IOS-XR - ISIS
ISIS interface config mode
[no] fast-reroute {per-link|per-prefix}
[no] fast-reroute per-prefix exclude interface {interface-name}
[no] fast-reroute per-prefix lfa-candidate interface {interface-name}
used for allowing TE tunnel (explicit-path)
BRKRST-3020
Cisco Public
111
Configuration
IOS-XR - ISIS
ISIS router config mode
[no] fast-reroute per-prefix load-sharing disable
[no] fast-reroute per-prefix priority-limit [critical|high|medium]
same or higher priority only will be calculated
Cisco Public
112
Configuration
IOS-XR - ISIS
ISIS interface config mode
[no] fast-reroute per-link lfa-candidate interface {interface-name}
[no] fast-reroute per-link exclude {interface-name}
[no] fast-reroute per-link level {1-2}
Cisco Public
113
Troubleshooting ISIS-IOS-XR
RP/0/RP1/CPU0:MeltDown#show route isis
i L1 10.1.100.2/32 [115/30] via 10.1.11.3, 17:00:42, GigabitEthernet0/0/4/3
[115/0] via 10.1.2.7, 17:00:42, GigabitEthernet0/0/4/0 (!)
BRKRST-3020
Cisco Public
114
Troubleshooting ISIS-IOS-XR
RP/0/RP1/CPU0:MeltDown#show isis fast-reroute detail 10.1.100.7/32
IS-IS one IPv4 Unicast FRR backups
Cisco Public
115
Troubleshooting ISIS-IOS-XR
RP/0/RP1/CPU0:MeltDown#show isis fast-reroute 10.1.100.6/32 detail
Tue Dec
3 08:32:32.245 CET
Remote FRR
Backup path
BRKRST-3020
Cisco Public
116
Troubleshooting ISIS-IOS-XR
RP/0/RP1/CPU0:MeltDown#show isis fast-reroute summary
IS-IS one IPv4 Unicast FRR summary
Critical
High
Medium
Low
Total
Priority
Priority
Priority
Priority
10
14
Unprotected
Protection coverage
0.00%
0.00%
66.67%
83.33%
77.78%
Prefixes reachable in L1
BRKRST-3020
Cisco Public
117
Troubleshooting ISIS-IOS-XR
RP/0/RP1/CPU0:MeltDown#debug isis spf frr ?
A.B.C.D/length
X:X::X/length
detail
internal
level
lsp-id
prefix-list
summary
thread
topology
tracepoint
verbose
<cr>
BRKRST-3020
Cisco Public
118
For Your
Reference
Description
Default values
IOS-XR ISIS
Comment
primary-path (PrimPath)
10
Backup is member of
ECMP set
lowest-backup-path-metric
20
30
node-protecting (NodeProt)
40
load-sharing (LoadShare)
255
Srlg (SRLG)
Disabled by default
Downstream (Downstr)
Disabled by default
secondary-path
Disabled by default
BRKRST-3020
Cisco Public
Not configurable.
This is the catch-at-the-end
policy
119
Configuration
Microloop Avoidance
Both OSPF
& ISIS
Cisco Public
120
Deployment
A mix of routers with difference in speed, leads to slower/faster reaction to
network events
Can lead to micro-loops
BRKRST-3020
Cisco Public
121
EIGRP
Only Per-Prefix LFA
EIGRP uses the Diffusing Update Algorithm (DUAL) to calculate the successor and
feasible successors
Uses existing Feasible Successors for repair paths, so no additional computational load
New: repair route is ready
Automatically enabled on all interfaces covered by the protocol
Repair paths can be equal or unequal cost (though variance command)
Coverage is not necessarily 100%
Design the network to have Feasible Successors
metric calculation (BW and delay only)
10 7
metric
delays * 256
min bandwidth
BRKRST-3020
Cisco Public
122
EIGRP
kechance#show ip eigrp topology 10.1.100.1 255.255.255.255
Vector metric:
Minimum bandwidth is 1000000 Kbit
Total delay is 11000000 picoseconds
Reliability is 255/255
Load is 1/255
successor
feasible successor
Hop count is 2
+ repair path
BRKRST-3020
Cisco Public
123
Configuration
IOS - EIGRP
EIGRP router config mode
[no] fast-reroute load-sharing disable
Cisco Public
124
Troubleshooting
IOS - EIGRP
debug eigrp frr
BRKRST-3020
Cisco Public
125
For Your
Reference
Tie-Breaker option
Description
Default values
IOS OSPF
Comment
Shared risk of links
srlg (SRLG)
10
interface-disjoint (IntfDj)
20
lowest-backup-path-metric
30
40
BRKRST-3020
Cisco Public
126
Troubleshooting Roundup
LFA coverage is not always 100%
Perhaps LFA is only enabled for one OSPF area only
Cisco Public
127
Conclusion
Conclusion
Its simple
Simple CLI, simple functionality
Its fast
Its rich
Link, node, SRLG protection
Deployment friendly
No protocol change, local to one router, incremental deployment
Good scaling
Remote LFA to the rescue for difficult topologies
For example: ring topologies
Topology dependant
Might not be providing 100% coverage
BRKRST-3020
Cisco Public
129
Cisco Public
130
Availability IPv4
OSPFv2 Per
Link LFA
7600
(IOS)
ASR1K
(IOSXE)
ASR901
ASR903 ISR4451--X ME3600
(IOS-XE)
ME3800 CSR1000v
ASR9K
(IOSXR)
CRS1
(IOSXR)
12K
(IOS-XR)
4.0.1
3.9.0
4.0.1
4.0.1
3.5.0
4.0.1
OSPFv2 LFA
15.1(3)S
(per prefix)
3.4.0S
3.6.0S
3.8.0S
4.2.0
4.2.0
4.2.0
3.4.0S
3.6.0S
3.8.0S
4.0.1
4.0.1
4.0.1
5.1.0
4.3.1?
5.1.0
4.3.1?
EIGRP LFA
(per prefix)
15.2(4)S
OSPFv2
Remote LFA
15.2(2)S
15.2(2)SNI
15.3(2)S
15.3(2)S
ISIS Remote
LFA
15.2(2)S
15.2(2)SNI
15.3(2)S
15.3(2)S
3.9.0aS
Cisco Public
132
Availability IPv6
7600 (IOS) ASR1K (IOS-XE) ASR9K (IOS-XR)
Per Link LFA
CRS1 (IOS-XR)
4.3.1
4.3.1
4.3.1
4.3.1
4.3.1
4.3.1
BRKRST-3020
Cisco Public
133