Beruflich Dokumente
Kultur Dokumente
Carrier-Class Router
ZTE CORPORATION
No. 55, Hi-tech Road South, ShenZhen, P.R.China
Postcode: 518057
Tel: +86-755-26771900
Fax: +86-755-26770801
URL: http://support.zte.com.cn
E-mail: support@zte.com.cn
LEGAL INFORMATION
Copyright 2014 ZTE CORPORATION.
The contents of this document are protected by copyright laws and international treaties. Any reproduction or
distribution of this document or any portion of this document, in any form by any means, without the prior written
consent of ZTE CORPORATION is prohibited.
Revision History
Revision No.
Revision Date
Revision Reason
R1.0
2014-10-20
First edition.
SJ-20140731105308-016|2014-10-20 (R1.0)
Contents
About This Manual ......................................................................................... I
Chapter 1 Reliability Overview .................................................................. 1-1
Chapter 2 Service Availability Manager Configuration ........................... 2-1
2.1 SAMGR Overview .............................................................................................. 2-1
2.2 Configuring the SAMGR ..................................................................................... 2-4
2.3 SAMGR Configuration Instances ......................................................................... 2-5
2.3.1 Linkage Between EFM and VRRP ............................................................. 2-5
2.3.2 Linkage Between CFM and VRRP............................................................. 2-9
II
SJ-20140731105308-016|2014-10-20 (R1.0)
Figures............................................................................................................. I
Glossary ........................................................................................................ III
III
SJ-20140731105308-016|2014-10-20 (R1.0)
IV
SJ-20140731105308-016|2014-10-20 (R1.0)
Intended Audience
This manual is intended for:
l
l
l
Overview
Manager Configuration
configuration instances.
Chapter 3, VRRP
Configuration
configuration instances.
Configuration
configuration instances.
Configuration
configuration instances.
Configuration
configuration instances.
Configuration
configuration instances.
I
SJ-20140731105308-016|2014-10-20 (R1.0)
Configuration
configuration instances.
Conventions
This manual uses the following conventions:
Italics
Variables in commands. It may also refer to other related manuals and documents.
Bold
Menus, menu options, function names, input fields, option button names, check boxes,
drop-down lists, dialog box names, window names, parameters, and commands.
Constant
Text that you type, program codes, filenames, directory names, and function names.
width
[]
Optional parameters.
{}
Mandatory parameters.
II
SJ-20140731105308-016|2014-10-20 (R1.0)
Chapter 1
Reliability Overview
Reliability Introduction
With the rapid development of IP technology, various value-added services are widely
used on the Internet. Some important carrier-class services, such as Next Generation
Network (NGN), the 3rd Generation Mobile Communications (3G), Internet Protocol
Television (IPTV) stream media, special line, and Virtual Private Network (VPN), have
high requirement for reliability on the Internet Protocol (IP) network. The reliability
requirements of the carrier-class services on the IP network include:
l
l
l
Device reliability
Link reliability
Network reliability
On the bearer network, the availability of a network device is required to reach 99.999%.
In this case, the duration of service shutdown during continuous operation in a whole year
must be less than 5 minutes. High reliability is a basic requirement of a carrier-class device,
and it is a basic requirement for telecom operators to construct networks. As a basic
network for bearer services, the reliability of the bearer network becomes an important
part.
On a router or a Packet Transport Network (PTN), reliability technology includes device
hardware redundancy and network reliability technology. In this manual, the network
reliability technology is described.
Network reliability technology includes network fault detection technology and protection
switching technology.
l
l
l
l
End-to-end protection: APS 1:1 linear protection, APS 1+1 linear protection and hot
standby.
Local protection: FRR, including IP FRR, LDP FRR, TE FRR, and PW FRR.
1-2
SJ-20140731105308-016|2014-10-20 (R1.0)
Chapter 2
The SAMGR implements the linkage between various detection technologies and services.
It ensures the quick switch of services when the network link is faulty.
In practical applications, a router provides multiple detection technologies. At the same
time, there are also many protection switching applications that need to monitor detection
results on a real-time basis to meet the requirements for availability in different network
structures. Therefore, the SAMGR is used to implement the linkage between various
detection technologies and services.
The SAMGR isolates detection technologies from services, and reduces the coupling
between modules. The working principles are as follows:
1. The SAMGR abstracts a detection example to a track object. It associates the track
object with the detection example by configuring a track name for the track object.
The track name is called directly in the service where the detection result needs to be
monitored.
2. When detecting that the link state changes, the detection technology advertises the
state change to the SAMGR directly.
3. The SAMGR informs the application service associated with the track object. The
application service performs state switching in accordance with the state change to
protect the link.
2-1
SJ-20140731105308-016|2014-10-20 (R1.0)
At the same time, the SAMGR also can manage the binding relation between racks and
send the local state to the remote end. In this way, fault transmission and recovery is
accomplished.
2-2
SJ-20140731105308-016|2014-10-20 (R1.0)
Steps
1. Configure a track object.
Step
Command
Function
ZXR10(config)#samgr
interface <interface-name>
type "efm".
type "cfm".
<1-8191>
4
ZXR10(config-samgr)#track <name>
instance <1-150>
ZXR10(config-samgr)#track <name>
<ingress-vlaue>
ZXR10(config-samgr)#track <name> pw
pw-name <pw-name>
type "pw".
type "vrrp".
session <bfd-session-name>
10
meg<1-65535>
11
ZXR10(config-samgr)#track <name>
interface<interface-name>
type "interface".
2-4
SJ-20140731105308-016|2014-10-20 (R1.0)
Step
Command
Function
ZXR10(config)#samgr
ZXR10(config-samgr)#track-gr
oup <group-name>
configuration mode.
ZXR10(config-samgr-group-
track-group-name)#track
<track-name>
4
ZXR10(config-samgr-group-
track-group-name)#inactive-num
ber <1-10>
Command
Function
ZXR10(config)#samgr
track-group}<name>
Function
ose]]
[<trackname>[verbose]]
End of Steps
Configuration Flow
1. Configure EFM connection on the direct-connected interfaces of the link between S1
and R2.
2. Configure a EFM track object on the direct-connected interface of R2 in SAMGR configuration mode.
3. Configure the same VRRP group number and virtual address on R2 and R3. To set
R2 as a master router, bind the VRRP on R2 to the EFM track object.
4. When the EFM function is disabled on S1, the VRRP group on R2 is changed to the
Init status, and the VRRP group on R3 is changed to the Master status. When the
EFM function is enabled, the VRRP group on R2 is changed to the Master status, and
the VRRP group of R3 is changed to the Backup status.
Configuration Commands
Run the following commands on S1:
S1(config)#set ethernet-oam enable
S1(config)#interface gei_4/1
S1(config-gei_4/1)#set ethernet-oam
enable
R2(config)#efm
R2(config-efm)#set ethernet-oam function enable
R2(config-efm)#interface gei-0/2/0/1
R2(config-efm-if-gei-0/2/0/1)#set ethernet-oam function enable
R2(config-efm-if-gei-0/2/0/1)#exit
2-6
SJ-20140731105308-016|2014-10-20 (R1.0)
R2(config)#samgr
R2(config-samgr)#track efm efm interface gei-0/2/0/1
R2(config-samgr)#exit
R2(config)#vrrp
R2(config-vrrp)#interface gei-0/2/0/1
R2(config-vrrp-if-gei-0/2/0/1)#vrrp 1 ipv4 10.0.0.1
R2(config-vrrp-if-gei-0/2/0/1)#vrrp 1 out-interface gei-0/3/0/2
R2(config-vrrp-if-gei-0/2/0/1)#vrrp 1 track object efm link-type
R2(config-vrrp-if-gei-0/2/0/1)#exit
R3(config)#vrrp
R3(config-vrrp)#interface gei-0/5/0/1
R3(config-vrrp-if-gei-0/5/0/1)#vrrp 1 ipv4 10.0.0.1
R3(config-vrrp-if-gei-0/5/0/1)#vrrp 1 out-interface gei-0/6/0/2
R3(config-vrrp-if-gei-0/5/0/1)#end
Configuration Verification
Check the VRRP configuration results on R2 and R3. The results show that R2 is a master
router and R3 is a backup router. The output of the show samgr command on R2 shows
that the EFM track object is in up state.
R2#show vrrp
ipv4 brief
Interface
A P L State
gei-0/2/0/1
A P
255 1000
Master addr
Master 10.0.0.1
VRouter addr
10.0.0.1
Detect-type
App-num
State
TransState
efm
efm
up
T-ok
2-7
SJ-20140731105308-016|2014-10-20 (R1.0)
gei-0/5/0/1
A P L State
100 1000
Master addr
Backup 10.0.0.2
VRouter addr
10.0.0.1
When EFM is disabled on S1, the VRRP group on R2 is changed from Master to Init, and
that of R3 is changed to Master. The output of the show samgr command on R2 shows
that the EFM track object is in L-DOWN status.
S1(config)#set ethernet-oam enable
S1(config-efm)#set ethernet-oam function disable
S1(config-efm)#exit
gei-0/2/0/1
A P L State
100 1000
Master addr
Init
0.0.0.0
VRouter addr
10.0.0.1
Detect-type
App-num
State
efm
efm
L-down
TransState
gei-0/5/0/1
A P L State
100 1000
Master addr
Master 10.0.0.2
VRouter addr
10.0.0.1
When the EFM function on S1 is enabled, the VRRP group of R2 is changed to Master,
and that of R3 is changed to Backup. The EFM track object on R2 is in up status.
S1(config)#set ethernet-oam enable
S1(config-efm)#set ethernet-oam function enable
S1(config-efm)#exit
gei-0/2/0/1
A P L State
100 1000
Master addr
Master
10.0.0.1
VRouter addr
10.0.0.1
Detect-type
App-num
State
efm
efm
up
TransState
gei-0/5/0/1
100 1000
A P L State
P
Backup
Master addr
VRouter addr
10.0.0.2
10.0.0.1
2-8
SJ-20140731105308-016|2014-10-20 (R1.0)
Configuration Flow
1. Configure CFM continuous detection on the direct-connected interfaces of the link
between S1 and R2.
2. Configure a CFM track object on the direct-connected interface of R2 in SAMGR
configuration mode.
3. Configure the same VRRP group number and virtual address on R2 and R3. To set
R2 as a master router, bind VRRP on R2 to the CFM track object.
4. When the CFM function on S1 is disabled, the VRRP group of R2 is changed to the
Init status, and that of R3 is changed to the Master status. When the CFM function on
S1 is enabled, the VRRP group of R2 is changed to Master and that of R3 is changed
to Backup.
Configuration Commands
Run the following commands on S1:
S1(config)#cfm enable
S1(config)#cfm ccm-format 1
S1(config)#cfm create md session 1 name md2 level 7
S1(config-md)#ma create session 1 name a4
S1(config-md-ma)#create mep session 1 8 direction down
S1(config-md-ma)#create rmep session 1 16 remote-mac 00d0.d011.3377
S1(config-md-ma)#assign mep 8 to interface gei_4/1
S1(config-md-ma)#mep 8 state enable
S1(config-md-ma)#mep 8 ccm-send enable
S1(config-md-ma)#mep 16 state enable
R2(config)#cfm
R2(config-cfm)#set cfm enable
R2(config-cfm)#create md index 2 name-format 2 name md2 level 7
R2(config-cfm)#md index 2
R2(config-cfm-md-2)#create ma index 4 name-format 2 name a4
R2(config-cfm-md-2)#ma index 4
R2(config-cfm-md-2-ma-4)#create mep mepid 16 direction down interface gei-0/2/0/1
R2(config-cfm-md-2-ma-4)#create rmep mepid 8 remote-mac 00a1.1122.0011
R2(config-cfm-md-2-ma-4)#set mep 16 state enable
R2(config-cfm-md-2-ma-4)#set mep 16 ccm-send enable
R2(config-cfm-md-2-ma-4)#set mep 8 state enable
R2(config-cfm-md-2-ma-4)#exit
R2(config-cfm-md-2)#exit
R2(config-cfm)#exit
R2(config)#samgr
R2(config-samgr)#track cfm cfm md 2 ma 4 remote-mep 8
R2(config-samgr)#exit
R2(config)#vrrp
R2(config-vrrp)#interface gei-0/2/0/1
R2(config-vrrp-if-gei-0/2/0/1)#vrrp 1 ipv4 10.0.0.1
R2(config-vrrp-if-gei-0/2/0/1)#vrrp 1 out-interface gei-0/3/0/2
R2(config-vrrp-if-gei-0/2/0/1)#vrrp 1 track object cfm link-type
R2(config-vrrp-if-gei-0/2/0/1)#exit
2-10
SJ-20140731105308-016|2014-10-20 (R1.0)
Configuration Verification
Check the VRRP configuration result of R2 and R3. The results show that R2 is a Master
router and R3 is a Backup router. The output of the show samgr command shows that the
CFM track object is in up status.
R2#show vrrp
ipv4 brief
Interface
A P L State
gei-0/2/0/1
A P
255 1000
Master addr
VRouter addr
Master 10.0.0.1
10.0.0.1
Detect-type
App-num
State
TransState
cfm
cfm
up
T-ok
gei-0/5/0/1
100 1000
A P L State
P
Master addr
Backup 10.0.0.2
VRouter addr
10.0.0.1
When the CFM function of S1 is disabled, the VRRP of R2 is changed from Master to Init,
and that of R3 is changed to Master. The CFM track object of R2 is in local down status.
S1(config)#cfm disable
S1(config-cfm)#set cfm disable
S1(config-cfm)#exit
gei-0/2/0/1
100 1000
A P L State
P
Init
Master addr
0.0.0.0
VRouter addr
10.0.0.1
Detect-type
App-num
State
TransState
cfm
cfm
L-down
T-ok
gei-0/5/0/1
100 1000
A P L State
P
Master
Master addr
VRouter addr
10.0.0.2
10.0.0.1
2-11
SJ-20140731105308-016|2014-10-20 (R1.0)
When the CFM function of S1 is enabled, the VRRP of R2 is changed to Master, and that
of R3 is changed to Backup. The CFM track object of R2 is in up status.
S1(config)#cfm enable
S1(config-cfm)#set cfm enable
S1(config-cfm)#exit
A P L State
gei-0/2/0/1
A P
255 1000
Master addr
Master 10.0.0.1
VRouter addr
10.0.0.1
Detect-type
App-num
State
TransState
cfm
cfm
up
T-ok
gei-0/5/0/1
100 1000
A P L State
P
Backup
Master addr
VRouter addr
10.0.0.2
10.0.0.1
2-12
SJ-20140731105308-016|2014-10-20 (R1.0)
Chapter 3
VRRP Configuration
Table of Contents
VRRP Overview .........................................................................................................3-1
VRRP Network Application .........................................................................................3-4
Configuring the VRRP ................................................................................................3-8
VRRP Configuration Instances .................................................................................3-11
In LANs with multicasting or broadcasting ability (such as Ethernet), the VRRP provides
a logical network gateway to ensure that transmission links are used fully. This not only
avoids service interruption due to faults on a network gateway device, but also avoids
modification of routing protocol configuration.
The virtual router has its own IP address 10.100.10.1 (this IP address can be the same
with an interface address on a router). Route A and router B also have their own IP
addresses (IP address of router A is 10.100.10.2 and IP address of router B is 10.100.10.3).
Hosts in the LAN only knows the IP address 10.100.10.1 of the virtual router. Hosts do
not know the IP addresses of router A and Router B. Router A and router B set the IP
address 10.100.10.1 of the virtual router as their default routes. Therefore, hosts in the
LAN communicate with other networks through this virtual router. The virtual router needs
to perform the following operations:
1. The virtual router selects a master router in accordance with the priority. The router
with the highest priority becomes the master router and its state is Master. If the priority
of routers are the same, the router which configures VRRP and enables the VRRP
function to send VRRP protocol messages first will be the master router. The master
router provides routing service.
2. The other router operates as a backup router. It detects the state of the master router
at any time.
l When the master router works properly, it sends a VRRP multicasting message
at a certain interval to inform the backup router in the group that the master router
works properly.
3-2
SJ-20140731105308-016|2014-10-20 (R1.0)
l
l
If the backup router in the group does not receive messages from the master
router for a long time, the backup router changes its state to Master.
When there are several backup routers in the group, there might be several master
routers at this time. In this situation, each master router compares the priorities
in the VRRP messages with its local priority. If its local priority is smaller than the
priorities in the VRRP messages, the master router changes its state to Backup.
Otherwise, the master keeps its state.
In this way, the router with the highest priority becomes the new master router. The
VRRP backup function is completed.
Initialize
A router enters this state after the system is started. When an interface receives a
startup message, the router becomes Backup state (when the priority is not 255) or
Master state (when the priority is 255). In Initialize state, the router does not handle
VRRP messages.
Master
When a router is in Master state, it performs the following operations:
1. It sends VRRP multicasting messages periodically.
2. It sends free Address Resolution Protocol (ARP) messages to make virtual
Medium Access Control (MAC) address that corresponds to the virtual IP address
known by all hosts in the network.
3. It replies to the ARP request for the virtual IP address with the virtual MAC address
instead of the real MAC address on the interface.
4. It forwards IP messages of which the destination MAC address is the virtual MAC
address.
In Master state, when the router receives a VRRP message in which the priority is
higher than the priority of the router, the router enters the Backup state. When it
receives a Shutdown event, the router enters the Initialize state.
Backup
When a router is in Backup state, it performs the following operations:
1. It receives VRRP multicasting messages from the master router to know the state
of the master router.
2. It does reply to the ARP requests for the virtual IP address.
3. It drops IP messages of which the destination IP address is the virtual IP address.
For the state conversion, see Figure 3-3.
3-3
SJ-20140731105308-016|2014-10-20 (R1.0)
In accordance with the above analysis, the hosts in the network do not have any extra
operations, and the communications with external network will not be affected due to the
faults on a router.
3-4
SJ-20140731105308-016|2014-10-20 (R1.0)
In Figure 3-4, the VRRP Group 1 monitors the interface marked with a red point on router A.
When the interface works properly, router A acts as the master router. When the interface
is down, the priority of router A is decreased. As a result, the priority of router A is lower
than that of router B. In this way, master/backup changeover is completed.
Each backup group contains a Master device and several Backup devices.
The Master devices in the backup groups can be different.
A router can be added into different backup groups, and the router has different
priorities in these backup groups.
1. Application scene descriptions of VRRP load sharing
l In Figure 3-5, the VRRP Group 1 (with virtual IP address 10.0.0.1) and the VRRP
Group 2 (with virtual IP address 10.0.0.100) are configured on the same interfaces
on router A and router B.
l The real IP address of physical router A is 10.0.0.2, and the real IP address of
physical router B is 10.0.0.3.
l The default gateway of a part of hosts in the LAN is 10.0.0.1, and the default
gateway of the other part of hosts in the LAN is 10.0.0.100.
2. Working mechanism
Router A and router B have the following agreements during the VRRP negotiation
through priority configuration of the backup groups on router A and router B:
l
l
3-5
SJ-20140731105308-016|2014-10-20 (R1.0)
A part of the hosts uses the backup group 1 as the gateway and the traffic is
sent through router A. The other part of the hosts uses the backup group 2 as the
gateway and the traffic is sent through router B.
In this way, the data flows are shared and backed up.
Application one
The VRRP protocol is used between router A and router B. These two routers are used
for master/backup selection. The EOAM (including Ethernet in the First Mile (EFM)
and Connectivity Fault Management (CFM)) is used to detect the link state between
the switch and the router.
Figure 3-6 EOAM for VRRP Application One
For the state transfer of EOAM for VRRP, see Figure 3-7. EOAM monitors the link
state between the router and the switch. When receiving the link fault notified by
EOAM in the master or backup state, the VRRP transfers to the initialize state directly.
When all VRRP interfaces are in up state and VRRP is in initialize state, the VRRP
receives link recovery notified by EOAM, and the backup group is the IP Owner, the
state will transfer to the master state, otherwise, the state will transfer to the backup
state.
3-6
SJ-20140731105308-016|2014-10-20 (R1.0)
Application two
The VRRP protocol is used between router A and router B, and these two routers are
used for master/backup selection, see Figure 3-8. The EOAM (including EFM and
CFM) is used to detect the link state between the switches and the routers. BFD is
used to detect the link state between routers. In this application, the EOAM can be
replaced by the link BFD.
Figure 3-8 EOAM for VRRP Application Two
For the state transfer of EOAM (or link BFD) + peer BFD for VRRP, see Figure 3-9.
When receiving the link fault notified by EOAM in the master or backup state, VRRP
transfers to the initialize state directly. When all VRRP interfaces are up, the VRRP is
in initialize state, the VRRP receives link recovery notified by EOAM, and the group
is the IP Owner, the state will transfer to the master state, otherwise, the state will
transfer to the backup state. If the VRRP is in backup state, and the VRRP receives
the link fault notified by peer BFD, the VRRP will transfer to the master state.
3-7
SJ-20140731105308-016|2014-10-20 (R1.0)
Application three
The VRRP protocol is used between router A and router B, see Figure 3-10. These
two routers are used for master/backup selection. The EOAM (including EFM and
CFM) is used to detect the link states between router A and router C, and between
router B and router C. The state of EOAM for VRRP transfers in accordance with
the VRRP protocol negotiation. When receiving the link fault notified by EOAM, the
VRRP decreases the priority based on configuration and triggers master/slave router
changeover.
Figure 3-10 EOAM for VRRP Application Three
Steps
1. Configure the VRRP.
3-8
SJ-20140731105308-016|2014-10-20 (R1.0)
Step
Command
Function
ZXR10(config)#vrrp
ZXR10(config-vrrp)#interface
<interface-name>
mode.
ZXR10(config-vrrp-if-interface-name)#v
rrp <vrid>ipv4<ip-address>[secondary]
ZXR10(config-vrrp-if-interface-name)#v
ZXR10(config-vrrp-if-interface-name)#v
ZXR10(config-vrrp-if-interface-name)#v
<50-40000>}
ZXR10(config-vrrp-if-interface-name)#v
ZXR10(config-vrrp-if-interface-name)#v
ZXR10(config-vrrp-if-interface-
<interface-name>[priority-decrement <1-254>|
rapid-down]
ZXR10(config-vrrp-if-interface-name)#v
3-9
SJ-20140731105308-016|2014-10-20 (R1.0)
Step
Command
Function
11
ZXR10(config-vrrp-if-interface-name)#v
12
ZXR10(config-vrrp-if-interface-name)#v
<1-254>}
13
ZXR10(config-vrrp-if-interface-name)#v
14
ZXR10(config-vrrp-if-interface-name)#v
15
ZXR10(config-vrrp-if-interface-name)#v
16
17
ZXR10(config-vrrp-if-interface-name)#v
mode.
ZXR10(config-vrrp-if-interface-name)#v
2. Configure the LINK BFD function or PEER BFD function relating to the VRRP.
Command
Function
session <bfd-session-name>
configuration mode.
ZXR10(config-vrrp-if-interface-name)#vrrp
Function
<1-255>]
End of Steps
3-11
SJ-20140731105308-016|2014-10-20 (R1.0)
Configuration Flow
1. Enter the interfaces on which VRRP should be enabled and configure IP addresses.
2. Enter VRRP configuration mode from global configuration mode and then enter the
interfaces to configure VRRP.
3. Configure the same VRRP group ID and virtual addresses for R1 and R2. To make
R1 the master router or specify a higher priority for R1, configure related commands
on R1 first. If the priorities (the default priority is 100) of two routers are the same, the
router on which VRRP is enabled first and messages are advertised first becomes the
master router in the group.
Configuration Commands
Run the following commands on R1:
R1(config)#interface gei-0/1/0/1
R1(config-if-gei-0/1/0/1)#no shutdown
R1(config-if-gei-0/1/0/1)#ip address 10.0.0.1 255.255.0.0
R1(config-if-gei-0/1/0/1)#exit
R1(config)#vrrp
R1(config-vrrp)#interface gei-0/1/0/1
R1(config-vrrp-if-gei-0/1/0/1)#vrrp 1 ipv4 10.0.0.1
R1(config-vrrp-if-gei-0/1/0/1)#end
3-12
SJ-20140731105308-016|2014-10-20 (R1.0)
Configuration Verification
View the VRRP information and configuration result on R1, as shown below.
R1#show vrrp ipv4 brief
Interface
gei-0/1/0/1
255 1000 A P
State
Master addr
VRouter addr
Master
10.0.0.1
10.0.0.1
State
Policy
Reduce-Priority
3-13
SJ-20140731105308-016|2014-10-20 (R1.0)
Configuration Flow
1. Enter the interfaces on which VRRP should be enabled and configure IP addresses.
2. Enter VRRP configuration mode from global configuration mode and then enter the
interfaces to configure VRRP.
3. Configure VRRP Group 1 and corresponding virtual address on R1. Configure VRRP
Group 2 and corresponding virtual address on R2. Specify a higher priority for VRRP
Group 1 on R1 and VRRP Group 2 on R2, so that R1 is the master router in Group
1 and the backup router in Group 2, and R2 is the master router in Group 2 and the
backup router in Group 1. R1 and R2 provide backups for each other.
Configuration Commands
Run the following commands on R1:
R1(config)#interface gei-0/1/0/1
R1(config-if-gei-0/1/0/1)#no shutdown
R1(config-if-gei-0/1/0/1)#ip address 10.0.0.1 255.255.0.0
R1(config-if-gei-0/1/0/1)#exit
R1(config)#vrrp
R1(config-vrrp)#interface gei-0/1/0/1
R1(config-vrrp-if-gei-0/1/0/1)#vrrp 1 ipv4 10.0.0.1
R1(config-vrrp-if-gei-0/1/0/1)#vrrp 2 ipv4 10.0.0.2
R1(config-vrrp-if-gei-0/1/0/1)end
3-14
SJ-20140731105308-016|2014-10-20 (R1.0)
Configuration Verification
View the VRRP information and configuration result on R1, as shown below.
R1#show vrrp ipv4 brief
Interface
gei-0/1/0/1 1
255 1000 A P
Master
10.0.0.1
10.0.0.1
gei-0/1/0/1 2
100 1000 P
Master
10.0.0.1
10.0.0.2
State
Policy
Reduce-Priority
3-15
SJ-20140731105308-016|2014-10-20 (R1.0)
Configuration Flow
1. Enter the interfaces on which VRRP should be enabled and configure IP addresses.
2. Enter VRRP configuration mode from global configuration mode and then enter the
interfaces to configure VRRP.
3. Configure the same VRRP group ID and virtual addresses for R1 and R2. To make
R1 as the master router, specify a higher priority on R1, or set it to be the IP address
owner which means that R1 interface address is taken as the virtual address and R1
has the highest priority 255.
4. In VRRP interface configuration mode, configure egress interfaces for VRRP groups
to ensure that packets can be sent and received through the two egress interfaces.
Configuration Commands
Run the following commands on R1:
R1(config)#interface gei-0/1/0/1
3-16
SJ-20140731105308-016|2014-10-20 (R1.0)
Configuration Verification
View the VRRP information and configuration result on R1, as shown below.
R1#show vrrp ipv4 brief
Interface
gei-0/1/0/1
vrID
1
Pri
Time
255
1000
L State
Master
Master addr
VRouter addr
10.0.0.1
10.0.0.1
3-17
SJ-20140731105308-016|2014-10-20 (R1.0)
State
Policy
Reduce-Priority
Configuration Flow
1. Enter the interfaces on which VRRP will be configured and configure IP addresses on
the interfaces.
2. Enter VRRP configuration mode from global configuration mode, and then enter the
interface on which VRRP will be configured.
3-18
SJ-20140731105308-016|2014-10-20 (R1.0)
3. Configure the same VRRP group ID and virtual IP address for Router A and Router B.
To set Router A as the master router, specify a higher priority on Router A, or set it to
be the IP address owner which means that Router A interface address is taken as the
virtual address and Router A has the highest priority 255.
4. Enter SAMGR configuration mode on Router A and Router B to configure an
detection object respectively. Configure the Ethernet Operation, Administration and
Maintenance (EOAM) object on Router A and Router B, and then configure the
Bidirectional Forwarding Detection (BFD) object.
5. Enter VRRP interface configuration mode on Router A and Router B, enable VRRP
track function to track the objects configured in Step 4 respectively.
Configuration Commands
Run the following commands on Router A:
RA(config)#interface gei-0/1/0/1
RA(config-if-gei-0/1/0/1)#no shutdown
RA(config-if-gei-0/1/0/1)#ip address 10.0.0.1 255.255.0.0
RA(config-if-gei-0/1/0/1)#exit
RA(config)#vrrp
RA(config-vrrp)#interface gei-0/1/0/1
RA(config-vrrp-if-gei-0/1/0/1)#vrrp 1 ipv4 10.0.0.3
RA(config-vrrp-if-gei-0/1/0/1)#vrrp 1 track object zte1 link-type
RA(config-vrrp-if-gei-0/1/0/1)#vrrp 1 track object zte2 peer-type
RA(config-vrrp-if-gei-0/1/0/1)#end
The trace object named zte1 and zte2 must be configured in the SAMGR module in
advance. For details, refer to Chapter 1 Service Availability Manager Configuration.
Run the following commands on Router B:
RB(config)#interface gei-0/1/0/1
RB(config-if-gei-0/1/0/1)#no shutdown
RB(config-if-gei-0/1/0/1)#ip address 10.0.0.2 255.255.0.0
RB(config-if-gei-0/1/0/1)#exit
RB(config)#vrrp
RB(config-vrrp)#interface gei-0/1/0/1
RB(config-vrrp-if-gei-0/1/0/1)#vrrp 1 ipv4 10.0.0.3
RB(config-vrrp-if-gei-0/1/0/1)#vrrp 1 track object zte1 link-type
RB(config-vrrp-if-gei-0/1/0/1)#vrrp 1 track object zte2 peer-type
RB(config-vrrp-if-gei-0/1/0/1)#end
The trace object named zte1 and zte2 must be configured in the SAMGR module in
advance. For details, refer to Chapter 1 Service Availability Manager Configuration.
Configuration Verification
View the VRRP track information on Router A, as shown below.
RA#show vrrp ipv4 brief
3-19
SJ-20140731105308-016|2014-10-20 (R1.0)
vrID
Pri
Time
gei-0/1/0/1
100
1000
L State
Master
Master addr
VRouter addr
10.0.0.1
10.0.0.3
State
Policy
Reduce-Priority
3-20
SJ-20140731105308-016|2014-10-20 (R1.0)
Configuration Flow
1. Configure a track object on R1 and R2 in SAMGR configuration mode.
2. Relate the track object to R1 and R2 in VRRP configuration mode after the VRRP
function is configured.
Configuration Commands
Run the following commands on R1:
R1(config)#samgr
R1(config-samgr)#track 1 bfd session bfd
R1(config-samgr)#exit
R1(config)#vrrp
R1(config-vrrp)#interface xgei-0/5/0/3
R1(config-vrrp-if-xgei-0/5/0/3)#vrrp 1 track object 1 link-type
R1(config-vrrp-if-xgei-0/5/0/3)#exit
R1(config-vrrp)#exit
Configuration Verification
Run the show vrrp interface command on R1. The execution result is displayed as follows:
R1(config)#show vrrp interface xgei-0/5/0/3
xgei-0/5/0/3 - vrID 1
Vrrp configure info:
3-21
SJ-20140731105308-016|2014-10-20 (R1.0)
State
Policy
Reduce-Priority
Run the show vrrp interface command on R2. The execution result is displayed as follows:
R2(config)#show vrrp interface xgei-0/0/0/3
xgei-0/0/0/3 - vrID 1
Vrrp configure info:
IP version 4, VRRP version 3
Virtual IP address is 10.0.0.2
Virtual MAC address is 0000.5e00.0101
Advertise time is 1.000 (s)
Configured priority is 100
Preemption enable, delay 0 (s)
Reload delay 0 (s)
No authentication data
Check ttl enable
Vrrp accept mode enable
Out-interface send-mode is all
Tracked interface items: 0
Interface
State
Policy
Reduce-Priority
3-22
SJ-20140731105308-016|2014-10-20 (R1.0)
3-23
SJ-20140731105308-016|2014-10-20 (R1.0)
3-24
SJ-20140731105308-016|2014-10-20 (R1.0)
Chapter 4
If the destination is unreachable because the Ethernet interface of the peer gateway 1
corresponding to the main link is not configured with an IP address, the backup mode
that depends on the protocol status of the detection interface cannot implement the
active/standby switchover function.
4-1
SJ-20140731105308-016|2014-10-20 (R1.0)
In the same way, if the destination of (non-direct) the main link is faulty, for example, the
external dedicated line of gateway 1 is faulty, the traditional backup mechanism also cannot
implement the active/standby switchover function.
The detection results ( the destination ICMP is reachable or unreachable) will be fed back
to the related modules, such as static route backup module, dialing backup module, and
the VRRP module, to trigger the active/standby switchover operation. After that, the above
faults are solved.
l
l
Note:
You can check the Ping Detect result by running the show samgr brief command.
To use the Ping Detect function, the ICMP service of the firewall corresponding to the
objects to be detected should be enabled.
4-2
SJ-20140731105308-016|2014-10-20 (R1.0)
Steps
1. Configure the ping detect function.
Step
Command
Function
ZXR10(config)#detect-group
<group-number>
1200.
ZXR10(config-detect-group-number)#op
ZXR10(config-detect-group-number)#ret
ry-times <retry-times>
ZXR10(config-detect-group-number)#lo
op-time <seconds>
ZXR10(config-detect-group-number)#ti
me-out <seconds>
ZXR10(config-detect-group-number)#l
ist <list-number>
group.
ZXR10(config-detect-group-number-
4-3
SJ-20140731105308-016|2014-10-20 (R1.0)
Step
Command
Function
ZXR10(config-detect-group-number-
list-number)#item <item-number>[vrf
<vrf-name>]{<des-ipv4-address>[<next-ipv4-a
ZXR10(config-samgr)#track <name>
configuration mode.
Function
track-group function.
Displays the results of the Ping Detect function.
End of Steps
Interface
R1
R2
IP Address
Mask
gei-0/1/0/5
100.0.0.15
255.255.255.0
gei-0/1/0/6
101.0.0.15
255.255.255.0
gei-0/1/0/7
102.0.0.15
255.255.255.0
gei-0/1/0/5
100.0.0.20
255.255.255.0
gei-0/1/0/6
101.0.0.20
255.255.255.0
gei-0/1/0/7
102.0.0.20
255.255.255.0
Configuration Flow
1. Configure a detect group.
2. Configure the detect items for the detect group.
3. Enable the Ping Detect function in Samgr configuration mode, and check the results
by running the show command.
4. Configure the logical relationship to And or Or for the detect group, add an item that
cannot be pinged successfully, and then check the detect results.
Configuration Commands
Run the following commands to configure R1:
ZXR10(config)#detect-group 1
ZXR10(config-detect-group-1)#list 1
ZXR10(config-detect-group-1-list-1)#item 1 100.0.0.20
ZXR10(config-detect-group-1-list-1)#item 2 101.0.0.20
ZXR10(config-detect-group-1-list-1)#item 3 102.0.0.20
ZXR10(config-detect-group-1-list-1)#exit
ZXR10(config-detect-group-1)#exit
ZXR10(config)#samgr
ZXR10(config-samgr)#track test ping-detect group 1
ZXR10(config-samgr)#exit
Configuration Verification
Check the Ping Detect configuration results on R1:
ZXR10(config)#show samgr brief
The total of track at this Router is 1.
======================================================================
Track-name
Detect-type
App-num
State
TransState
test
ping-detect
up
T-ok
Set the logical relationship for the detect object to And, and then add an item that cannot
be pinged successfully.
ZXR10(config-detect-group-1-list-1)#option and
/*Set the logical relationship for the detect object to "and"*/
4-5
SJ-20140731105308-016|2014-10-20 (R1.0)
Detect-type
App-num
State
TransState
test
ping-detect
L-down
T-ok
Set the logical relationship for the detect object to Or, and then check the detect results:
ZXR10(config-detect-group-1-list-1)#option or
ZXR10(config-detect-group-1-list-1)#exit
/*Set the logical relationship for the detect object to "or"*/
ZXR10(config-detect-group-1)#exit
ZXR10(config)#show samgr brief
The total of track at this Router is 1.
======================================================================
Track-name
Detect-type
App-num
State
TransState
test
ping-detect
up
T-ok
4-6
SJ-20140731105308-016|2014-10-20 (R1.0)
Configuration Flow
1. Configure the IP address on R1, R2, and R4 separately, and enable the OSPF protocol.
The OSPF neighbour is established between the routers.
2. Configure the ping-detect detection group on R2, configure a track object in SAMGR
configuration mode, and bind the track object to the gei-0/7/1/8 interface.
Configuration Commands
Run the following commands on R1:
R1(config)#interface gei-0/0/0/8
R1(config-if-gei-0/0/0/8)#no shutdown
R1(config-if-gei-0/0/0/8)#ip address 71.88.1.2 255.255.255.0
R1(config-if-gei-0/0/0/8)#exit
R1(config)#router ospf 19
R1(config-ospf-19)#router-id 22.22.22.22
R1(config-ospf-19)#network 71.88.1.0 0.0.0.255 area 0
R1(config-ospf-19)#exit
R2(config)#vlan-configuration
R2(config-vlan)#interface gei-0/2/1/7.1
R2(config-vlan-if-gei-0/2/1/7.1)#encapsulation-dot1q 1
R2(config-vlan-if-gei-0/2/1/7.1)#exit
R2(config)#router ospf 19
R2(config-ospf-19)#router-id 22.11.11.22
R2(config-ospf-19)#network 71.88.1.0 0.0.0.255 area 0
R2(config-ospf-19)#network 41.52.17.0 0.0.0.255 area 0
R2(config-ospf-19)#exit
R2(config)#detect-group 10
R2(config-detect-group-10)#retry-times 3
R2(config-detect-group-10)#loop-time 12
R2(config-detect-group-10)#time-out 3
R2(config-detect-group-10)#list 1
R2(config-detect-group-10-list-1)#option or
R2(config-detect-group-10-list-1)#item 1 41.52.17.3 41.52.17.2 interface
4-7
SJ-20140731105308-016|2014-10-20 (R1.0)
R4(config)#vlan-configuration
R4(config-vlan)#interface gei-0/0/0/8.1
R4(config-vlan-if-gei-0/0/0/8.1)#encapsulation-dot1q 1
R4(config-vlan-if-gei-0/0/0/8.1)#exit
R4(config)#router ospf 19
R4(config-ospf-19)#router-id 33.33.33.33
R4(config-ospf-19)#network 41.52.17.0 0.0.0.255 area 0
R4(config-ospf-19)#exit
Configuration Verification
Execute the show samgr brief command to check the track object on R2. The track object
on R2 is in up status, and the directly connected route of the gei-0/7/1/8 interface is added.
R2(config)#show samgr brief
The total of track at this Router is 1.
Track-name
Detect-type
abc
ping-detect
App-num
1
State
TransState
up
T-ok
4-8
SJ-20140731105308-016|2014-10-20 (R1.0)
Dest
NextHop
RoutePrf
RouteMetric
Protocol
*>
71.88.1.0/24
71.88.1.1
direct
71.88.1.0/24
71.88.1.0
110
ospf
*>
71.88.1.1/32
71.88.1.1
address
Execute the shutdown command on the gei-0/2/1/7.1 interface. The track object of R2 is
in down status, and the directly connected route of the gei-0/7/1/8 interface is deleted.
R2#show samgr brief
The total of track at this Router is 1.
Track-name
Detect-type
abc
ping-detect
App-num
1
State
L-down
Dest
NextHop
RoutePrf
RouteMetric Protocol
4-9
SJ-20140731105308-016|2014-10-20 (R1.0)
4-10
SJ-20140731105308-016|2014-10-20 (R1.0)
Chapter 5
EFM Configuration
Table of Contents
EFM Overview............................................................................................................5-1
Configuring the EFM ..................................................................................................5-3
EFM Configuration Instances .....................................................................................5-6
EFM Features
The EFM features are as follows:
1. The EFM detects whether the EFM function on the peer device is enabled through its
protocol packets. It interacts with packets to know whether the negotiation procedure
is completed in accordance with the related configurations on two devices.
2. After the negotiation, the EFM collects statistics of link operation information (such as
error frames or symbols) in accordance with the link monitoring in a cycle.
5-1
SJ-20140731105308-016|2014-10-20 (R1.0)
3. When the number of error frames or symbols exceeds the threshold, the EFM triggers
related event notification to inform the local device and the remote device. In this way,
the network administrators know the operation information of the link.
The EFM can also enable remote loopback function to detect the packet loss caused by
the difference between the local receiving rate and the remote receiving rate or the link
fault.
EFM packets are low-speed protocol packets. The packets cannot be forwarded by
devices. Therefore, the EFM can only be applied on the directly connected device, see
Figure 5-1.
Figure 5-1 EFM Principle
The packets cannot be forwarded across devices. The application environment is simple.
The EFM has accuracy requirements for detection. Two devices send keepalive packets
periodically to each other to keep successful protocol negotiation. Other functions of EFM
can be enabled after the successful negotiation.
When detecting an event, the EFM notifies the peer device through specific packets.
5-2
SJ-20140731105308-016|2014-10-20 (R1.0)
Steps
1. Configure global attributes for the EFM.
Step
Command
Function
ZXR10(config)#efm
<value>
Command
Function
ZXR10(config-efm)#interface <interface-name>
<state>
interface.
ZXR10(config-efm-if-interface-name)#set
ZXR10(config-efm-if-interface-name)#set
ZXR10(config-efm-if-interface-name)#set
5-3
SJ-20140731105308-016|2014-10-20 (R1.0)
Step
Command
Function
function <state>
function on a specific
interface.
ZXR10(config-efm-if-interface-name)#set
<th-value>[window <win-value>]
ZXR10(config-efm-if-interface-name)#set
<th-value>[window <win-value>]
ZXR10(config-efm-if-interface-name)#set
<th-value>[window <win-value>]
10
ZXR10(config-efm-if-interface-name)#set
second-cycle statistics
<th-value>[window <win-value>]
5-4
SJ-20140731105308-016|2014-10-20 (R1.0)
Step
Command
Function
range: 1-900, and default: 1
s.
11
ZXR10(config-efm-if-interface-name)#set
12
13
<operation>
Function
Function
End of Steps
5-5
SJ-20140731105308-016|2014-10-20 (R1.0)
Configuration Flow
1. Configure EFM on the interface of R1 connecting to R2 directly. Enable EFM and
link-monitor on a specified interface, and then enable EFM globally.
2. Configure EFM on the interface of R2 connecting to R1 directly. Enable EFM and
link-monitor on a specified interface, and then enable EFM globally.
3. Run show ethernet-oam discovery command on R1 and R2 to check the EFM
connection establishment.
4. Run show ethernet-oam link-monitor command on R1 and R2 to view the count of link
errors between R1 and R2.
Configuration Commands
Run the following commands on R1:
R1(config)#efm
R1(config-efm)#interface gei-0/0/1/1
R1(config-efm-if-gei-0/0/1/1)#set ethernet-oam function enable
R1(config-efm-if-gei-0/0/1/1)#set ethernet-oam link-monitor funciton enable
R1(config-efm-if-gei-0/0/1/1)#exit
R1(config-efm)#set ethernet-oam oui R1
R1(config-efm)#set ethernet-oam function enable
R1(config-efm)#exit
5-6
SJ-20140731105308-016|2014-10-20 (R1.0)
Configuration Verification
1. Run the show ethernet-oam discovery command on R1 to check the link EFM
negotiation, as shown below.
R1(config-efm)#show ethernet-oam gei-0/0/1/1 discovery
PortId 32: Ethernet Oam enable
Local DTE
---------Config:
Mode
:active
Period Time
:10*(100ms)
:50*(100ms)
Status:
/*local state*/
Parser
:forward
Multiplexer
:forward
Stable
:yes
Discovery
:done
Loopback
:off
/*Loopback is off.*/
:1518
PDU Revision
:1
Unidirection
:nonsupport
package.*/
Remote DTE
----------Config:
Mode
:active
Link Monitor
:support
Unidirection
:nonsupport
Remote Loopback
:support
Mib Retrieval
:nonsupport
:1518
Remote OUI(hex)
:52-32-00
Status:
/*remote state*/
Parser
:forward
/*forwarding mode*/
Multiplexer
:forward
/*forwarding mode*/
Stable
:yes
Mac Address
:1622.30c4.e999
PDU Revision
:0
2. Run the show ethernet-oam link-monitor command on R1 to check the count of link
errors, as shown below.
R1(config)#show ethernet-oam gei-0/0/1/1 link-monitor
5-7
SJ-20140731105308-016|2014-10-20 (R1.0)
: 1(million symbols)
: 1(symbol)
Error Symbols
: 0
: 0
: 1(s)
: 1(frame)
Error Frames
: 0
: 0
: 0
: 1(frame)
Error Frames
: 0
: 0
: 0
: 1(s)
: 1(s)
: 0(s)
: 0(s)
: 0
3. Run the show ethernet-oam discovery command on R2 to check the link EFM
negotiation, as shown below.
R2(config)#show ethernet-oam gei-0/0/0/1 discovery
PortId 66: Ethernet Oam enable
Local DTE
---------Config:
Mode
:active
Period Time
:10*(100ms)
:50*(100ms)
5-8
SJ-20140731105308-016|2014-10-20 (R1.0)
:forward
Multiplexer
:forward
Stable
:yes
Discovery
:done
Loopback
:off
:1518
PDU Revision
:0
Unidirection
:nonsupport
Remote DTE
----------Config:
Mode
:active
Link Monitor
:support
Unidirection
:nonsupport
Remote Loopback
:support
Mib Retrieval
:nonsupport
:1514
Remote OUI(hex)
: 52-31-00
Status:
Parser
:forward
Multiplexer
:forward
Stable
:yes
Mac Address
:1210.1210.1211
PDU Revision
:1
4. Run the show ethernet-oam link-monitor command on R2 to check the count of link
errors, as shown below.
R2(config)#show ethernet-oam gei-0/0/0/1 link-monitor
Link Monitoring of Interface: gei-0/0/0/1
Link Monitoring enable
Error Symbol Period Event:
Symbol Window
: 1(million symbols)
: 1(symbol)
Error Symbols
: 0
: 0
: 1(s)
: 1(frame)
Error Frames
: 0
: 0
5-9
SJ-20140731105308-016|2014-10-20 (R1.0)
: 0
: 1(frame)
Error Frames
: 0
: 0
: 0
: 1(s)
: 1(s)
: 0(s)
: 0(s)
: 0
Configuration Flow
1. Configure EFM on the interface of R1 connecting to R2 directly. Enable EFM globally.
2. Configure EFM on the interface of R2 connecting to R1 directly. Enable EFM globally.
3. After the EFM connection is established on R1 and R2, enable remote loopback on
R1.
4. Run show ethernet-oam discovery command on R1 and R2 to check the EFM
connection establishment.
Configuration Commands
Run the following commands on R1:
5-10
SJ-20140731105308-016|2014-10-20 (R1.0)
Configuration Verification
On the link where the EFM connection is established, R1 sends packets to R2 except
OAMPDU. When R2 receives the packets, it will loop them back to R1 directly.
R1(config-efm)#show ethernet-oam gei-0/0/1/1 discovery
PortId 3: Ethernet Oam enable
Local DTE
---------Config:
Mode
:active
Period Time
:10*(100ms)
:50*(100ms)
Status:
Parser
:discard
Multiplexer
:forward
Stable
:yes
5-11
SJ-20140731105308-016|2014-10-20 (R1.0)
:done
Loopback
:on(Master)
:1518
PDU Revision
:3
Unidirection
:nonsupport
Remote DTE
----------Config:
Mode
:active
Link Monitor
:support
Unidirection
:nonsupport
Remote Loopback
:support
Mib Retrieval
:nonsupport
:1518
Remote OUI(hex)
:52-32-00
Status:
Parser
:loopback
Multiplexer
:discard
Stable
:yes
Mac Address
:00ee.ff10.2102
PDU Revision
:1
5-12
SJ-20140731105308-016|2014-10-20 (R1.0)
Chapter 6
CFM Configuration
Table of Contents
CFM Overview ...........................................................................................................6-1
Configuring the CFM ..................................................................................................6-4
CFM Configuration Instances .....................................................................................6-7
Fault detection: An MEP sends and receives Continuity Check Messages (CCMs)
periodically to detect the connectivity of the network. It can discover connectivity
failures and non-consensual connectivity (situations of wrong connections).
Fault confirmation and isolation: This function belongs to the management behavior.
Network administrators confirm the faults through Loopback Messages (LBMs) or
Loopback Replies (LBRs), and then isolate the faults.
6-1
SJ-20140731105308-016|2014-10-20 (R1.0)
Path discovery: An MEP uses Linktrace Messages (LTMs) or Linktrace Replies (LTRs)
to discover paths and trace the path from an MEP to another MEP or the path between
Maintenance domain Intermediate Points (MIPs).
CFM Features
The CFM can check, isolate, and report connectivity faults in VLANs effectively.
To manage and maintain the network, network administrators make a plan for the network
services and levels, and divide the entire network into several MDs. For the sketch map
of an MD, see Figure 6-1.
Figure 6-1 Maintenance Domain
A series of ports are defined for the edge devices and the internal device, see Figure 6-1.
l
l
The gray points on the edge devices are the services ports connecting to devices
outside the domain. These points are defined as MEPs.
The black points on the devices (including the internal device) are ports connecting to
devices inside the domain. These points are defined as MIPs.
the inclusion relation of domains. A domain of a higher level may include domains of lower
levels. However, a domain of a lower level cannot include a domain of a higher level. The
domains of the same level cannot include each other. Therefore, the domain of the largest
range has the highest level. The inclusion relation of domains can be tangent (internally
tangent or externally tangent) and inclusive, but it cannot be intersecting.
IEEE 802.1ag standard defines the following mechanisms:
1. Several nesting MDs configured through a bridge network or a network of a bridge
network. The domains may be managed by different management organizations.
2. An Maintenance Association (MA) identified by an individual MD in a specific bridge
and a group of VLANs.
3. The protocol, flow, and formats of CFM protocol packets that are used to detect and
isolate connectivity faults.
4. Configuration ability to configure and manage Maintenance Points (MPs) in an MA. An
MP is used to generate and receive CFM packets.
5. MPs ordered to execute isolation and result inspection for confirmed faults.
LCK Function
The ETH-LCK function is used to learn about the management locking of the server layer
MEP and subsequentservice traffic interruption. The service traffic is sent to the MEP that
expects to receive the traffic. The MEP that receives the frame carrying the ETH-LCK
information can distinguish faults from management locking of the MEP. This function is
an application used by the MEP for management locking. The MEP periodically continues
sending the frames carrying the ETH-LCK information until the management/diagnosis is
unlocked.
To support the ETH-LCK transmission function, you need to configure the following specific
information:
l
l
LCK transmission: When a signal is locked, the MEP sends an LCK frame whose
transmission period depends on the LCK transmission period. The transmission
periods of LCK and AIS are the same. The first LCK frame must be sent after the
management/diagnosis action.
LCK receiving: Once an LCK frame is received, the MEP checks this frame to ensure
that its MEP level corresponds to the configured MEP level. The period field indicates the
expected LCK frame period. The MEP needs to immediately checks the LCK status after
receiving the LCK frame, and then clears the LCK status if no LCK frame is received within
3.5 times the LCK transmission period.
Client-Level
Before enabling the AIS and LCK functions, the CFM needs to set the client level of the
local MEP.
6-3
SJ-20140731105308-016|2014-10-20 (R1.0)
The client-level configurations involve the client-level configurations of the LCK and AIS
functions. After these two functions are enabled, signals are transmitted between the
specified maintenance domain layer specified by the client-level value, and the client level
must be higher than the MD level of the local MEP.
Steps
1. Configure the CFM function.
Step
Command
Function
ZXR10(config)#cfm
Creates an MD.
Enters MD configuration
mode.
Creates an MA.
Enters MA configuration
mode.
ZXR10(config-cfm-md-index-ma-index)#set
ccminterval <interval>
Creates an MEP.
ZXR10(config-cfm-md-index-ma-index)#create
6-4
SJ-20140731105308-016|2014-10-20 (R1.0)
Step
Command
Function
ZXR10(config-cfm-md-index-ma-index)#create rmep
Creates an RMEP.
10
ZXR10(config-cfm-md-index-ma-index)#create mip
Creates an MIP.
ZXR10(config-cfm-md-index-ma-index)#set mep
12
ZXR10(config-cfm-md-index-ma-index)#set mep
13
ZXR10(config-cfm-md-index-ma-index)#set mep
14
ZXR10(config-cfm-md-index-ma-index)#set mep
15
ZXR10(config-cfm-md-index-ma-index)#set mep
6-5
SJ-20140731105308-016|2014-10-20 (R1.0)
Step
Command
Function
16
ZXR10(config-cfm-md-index-ma-index)#create rmep
Creates an RMEP.
Function
Sends LBMs.
<value>]
Command
Function
ZXR10(config-cfm)#interface <IfName>
Enters PW interface
configuration mode.
6-6
SJ-20140731105308-016|2014-10-20 (R1.0)
Function
<ma-index>
<specify-interface>}
End of Steps
Configuration Flow
1. Create MDs and MAs on R1 and R2. The MDs have the same ID and name, and the
MAs have the same ID and name. Enable CFM globally.
2. Create local MEPs on the direct connected interfaces of R1 and R2. The MEPs are
of the same level. Use the peer MAC and MEP ID to create RMEPs on R1 and R2.
Enable local MEP, CCM sending and RMEP.
3. Run the show cfm mp command on R1 and R2 to check the MEP identification bit to
see the CFM connection establishment.
Configuration Commands
Run the following commands on R1:
6-7
SJ-20140731105308-016|2014-10-20 (R1.0)
/*fast detection*/
Configuration Verification
1. Run the show cfm mp all md 1 ma 1 command on R1 to check the link information, as
shown below.
R1(config)#show cfm mp all md 1 ma 1
MP type
: Local MEP
Direction
: down
MEPID
: 1
MEPIndex
: 1
Level
: 4
Primary VID
: 0
Assign port
: gei-0/0/1/1
Priority
: 7
LowestAlarmPriority
: 1
6-8
SJ-20140731105308-016|2014-10-20 (R1.0)
: invalid
Admin state
: enable
CCM state/interval
: enable/3.3ms
AIS state/interval
: disable/1s
LCK state/interval
: disable/1s
DM state
: disable
LM state
: disable
-----------------------------------------------------------------------PresentRDI
: 0
MADefectIndication
: 0
SomeRDIDefect
: 0
SomeRMEPCCMDefect
: 0
ErrorCCMDefect
: 0
UnexpectedLevelDefect
: 0
UnexpectedPeriodDefect
: 0
UnexpectedMACDefect
: 0
UnexpectedMEPIDDefect
: 0
XconCCMDefect
: 0
AISRcvdFlag
: 0
LCKRcvdFlag
: 0
-----------------------------------------------------------------------TotalSendCCMs
: 61225
TotalRcvdCCMs
: 61225
RightRcvdCCMs
: 61225
DefErrorCCMs
: 0
DiscardCCMs
: 0
DefXconCCMs
: 0
TotalSendLBMs
: 0
TotalRcvdLBRs
: 0
TotalRcvdLBMs
: 0
TotalSendLBRs
: 0
------------------------------------------------------------------------
MP type
: Remote MEP
MEPID
: 2
MEPIndex
: 2
Level
: 4
RemoteMAC
: 00ee.efab.ede3
Admin state
: enable
CCM interval
: 3.3ms
-----------------------------------------------------------------------RMEPLastRDI
: 0
RMEPCCMdefect
: false
-----------------------------------------------------------------------LMMCount
: 0
DLMCount
: 0
LMMFrameSendRemote
: 0
DLMFrameSendRemote
: 0
LMMFrameSendLocal
: 0
DLMFrameSendLocal
: 0
LMMFrameLossRemote
: 0
DLMFrameLossRemote
: 0
LMMFrameLossLocal
: 0
DLMFrameLossLocal
: 0
LMMAveFrameLossRemote
: 0
DLMAveFrameLossRemote
: 0
LMMAveFrameLossLocal
: 0
DLMAveFrameLossLocal
: 0
LMMHighFrameLossRemote
: 0
DLMHighFrameLossRemote
: 0
LMMHighFrameLossLocal
: 0
DLMHighFrameLossLocal
: 0
LMMTotalFrameLossRemote : 0
DLMTotalFrameLossRemote : 0
LMMTotalFrameLossLocal
DLMTotalFrameLossLocal
: 0
: 0
LMMFrameLossRatioRemote : 0.000000
DLMFrameLossRatioRemote : 0.000000
LMMFrameLossRatioLocal
DLMFrameLossRatioLocal
: 0.000000
: 0.000000
6-9
SJ-20140731105308-016|2014-10-20 (R1.0)
1DMFrameTimeDelay
: 0s, 0ns
1DMFrameTimeDelayChg
: 0s, 0ns
DMMFrameTimeDelay
: 0s, 0ns
DMMFrameTimeDelayChg
: 0s, 0ns
On-demand DM Count
1DMFrameTimeDelay
: 0s, 0ns
1DMFrameTimeDelayChg
: 0s, 0ns
DMMFrameTimeDelay
: 0s, 0ns
DMMFrameTimeDelayChg
: 0s, 0ns
------------------------------------------------------------------------
2. Run the show cfm mp all md 1 ma 1 command on R2 to check the link information, as
shown below.
R2(config)#show cfm mp all md 1 ma 1
MP type
Direction
: Local MEP
: down
MEPID
: 2
MEPIndex
: 1
Level
: 4
Primary VID
: 0
Assign port
: gei-0/0/1/1
Priority
: 7
LowestAlarmPriority
: 1
Client level
: invalid
Admin state
: enable
CCM state/interval
: enable/3.3ms
AIS state/interval
: disable/1s
LCK state/interval
: disable/1s
DM state
: disable
LM state
: disable
-----------------------------------------------------------------------PresentRDI
: 0
MADefectIndication
: 0
SomeRDIDefect
: 0
SomeRMEPCCMDefect
: 0
ErrorCCMDefect
: 0
UnexpectedLevelDefect
: 0
UnexpectedPeriodDefect
: 0
UnexpectedMACDefect
: 0
UnexpectedMEPIDDefect
: 0
XconCCMDefect
: 0
AISRcvdFlag
: 0
LCKRcvdFlag
: 0
-----------------------------------------------------------------------TotalSendCCMs
: 61719
TotalRcvdCCMs
: 61225
RightRcvdCCMs
: 61225
DefErrorCCMs
: 0
DiscardCCMs
: 0
DefXconCCMs
: 0
TotalSendLBMs
: 0
TotalRcvdLBRs
: 0
TotalRcvdLBMs
: 0
TotalSendLBRs
: 0
6-10
SJ-20140731105308-016|2014-10-20 (R1.0)
MP type
: Remote MEP
MEPID
: 1
MEPIndex
: 2
Level
: 4
RemoteMAC
: 0016.1514.1112
Admin state
: enable
CCM interval
: 3.3ms
-----------------------------------------------------------------------RMEPLastRDI
: 0
RMEPCCMdefect
: false
-----------------------------------------------------------------------LMMCount
: 0
DLMCount
: 0
LMMFrameSendRemote
: 0
DLMFrameSendRemote
: 0
LMMFrameSendLocal
: 0
DLMFrameSendLocal
: 0
LMMFrameLossRemote
: 0
DLMFrameLossRemote
: 0
LMMFrameLossLocal
: 0
DLMFrameLossLocal
: 0
LMMAveFrameLossRemote
: 0
DLMAveFrameLossRemote
: 0
LMMAveFrameLossLocal
: 0
DLMAveFrameLossLocal
: 0
LMMHighFrameLossRemote
: 0
DLMHighFrameLossRemote
: 0
LMMHighFrameLossLocal
: 0
DLMHighFrameLossLocal
: 0
LMMTotalFrameLossRemote : 0
LMMTotalFrameLossLocal
DLMTotalFrameLossRemote : 0
: 0
DLMTotalFrameLossLocal
: 0
LMMFrameLossRatioRemote : 0.000000
DLMFrameLossRatioRemote : 0.000000
LMMFrameLossRatioLocal
DLMFrameLossRatioLocal
: 0.000000
: 0.000000
-----------------------------------------------------------------------Proactive DM Count
1DMFrameTimeDelay
: 0s, 0ns
1DMFrameTimeDelayChg
: 0s, 0ns
DMMFrameTimeDelay
: 0s, 0ns
DMMFrameTimeDelayChg
: 0s, 0ns
On-demand DM Count
1DMFrameTimeDelay
: 0s, 0ns
1DMFrameTimeDelayChg
: 0s, 0ns
DMMFrameTimeDelay
: 0s, 0ns
DMMFrameTimeDelayChg
: 0s, 0ns
------------------------------------------------------------------------
6-11
SJ-20140731105308-016|2014-10-20 (R1.0)
Configuration Flow
1. Create MDs and MAs on CE1, PE1, PE2 and CE2. The MDs have the same ID and
name, and the MAs have the same ID and name.
2. Set the interfaces on CE1 and CE2 as a group of CFM connectivity detection. For the
configuration, refer to the configuration example of CFM Fast Connectivity Detection.
Enable alarm on CE1 and CE2.
3. Configure MIPs on the interfaces of PE1 and PE2 at the public network side and the
AC side. Enable CFM globally.
4. Configure CE1 to execute CFM linktrace and CFM loopback towards MIPs and MEPs
on PE1, PE2 and CE2. Check the link connectivity.
Configuration Commands
Run the following commands on CE1:
CE1(config)#cfm
CE1(config-cfm)#set cfm enable
CE1(config-cfm)#create md index 1 name-format 2 name MD1 level 4
CE1(config-cfm)#md index 1
CE1(config-cfm-md-1)#create ma index 1 name-format 2 name MA1 vid 1
/*VLAN value of the sub-interface on the AC side of the L2VPN AC.*/
CE1(config-cfm-md-1)#ma index 1
CE1(config-cfm-md-1-ma-1)#create mep mepid 1 direction down interface gei-0/2/0/6.1
CE1(config-cfm-md-1-ma-1)#set ccminterval 1
/*fast detection*/
6-12
SJ-20140731105308-016|2014-10-20 (R1.0)
6-13
SJ-20140731105308-016|2014-10-20 (R1.0)
Configuration Verification
CE1 executes CFM linktrace (trace) and CFM loopback (ping) towards PE1, PE2 and
CE2. If the link is normal, the responses of the operations (trace and ping) are correct. If
the link becomes faulty from normal state, CE1 and CE2 will generate CFM alarms. The
operations (trace and ping) executed by CE2 towards are shown below.
CE2#cfm loopback md 1 ma 1 local-mep 1 type unicast 0016.1514.1312
Sending 3 loopback messages to 0016.1514.1312,timeout is 5 seconds.
Hops
MAC ADDRESS
Forwarded
Ingress
Egress
Relay
Action
Action
Action
------------------------------------------------------------------------------F
00d0.d0c0.e21f
Forwarded
IngOk
0022.2324.251f
Forwarded
IngOk
0016.1514.1312
Not Forwarded
IngOk
EgrOk
EgrOk
RlyFDB
RlyFDB
RlyHit
Trace complet
6-14
SJ-20140731105308-016|2014-10-20 (R1.0)
Chapter 7
BFD Configuration
Table of Contents
BFD Overview ............................................................................................................7-1
Configuring the BFD...................................................................................................7-2
BFD Configuration Instances....................................................................................7-10
BFD Features
The BFD is a simple Hello protocol. It is similar to the Hello mechanisms of routing
protocols. The BFD is simpler and universal. The two systems that establish a BFD
session send packets to each other periodically. If one system does not receive any
packet from the peer in a specific period, it considers that there is a failure on the
communication path. The BFD session will be down, and the BFD will inform the upper
layer protocol to select another path. To reduce the loads of devices, some special
application modes are designed in the BFD. In these modes, devices can reduce the
number of BFD packets sent to the peers; or it is unnecessary for the devices to send
BFD packets periodically. The devices can send the packets only when it is necessary.
The BFD protocol aims at fast failure detection (including failures on interfaces, data
links, and even forwarding engines) on a bidirectional tunnel between forwarding engines.
Another aim is to provide a single detection mechanism that can be applied to any type of
medium and any protocol layer. BFD detects failures in the forwarding engines between a
device and the next hop. It is likely to work in some parts of a system forwarding engine.
The forwarding engine and the control engine are isolated. This not only binds the
7-1
SJ-20140731105308-016|2014-10-20 (R1.0)
protocol to the forwarding plane, but also isolates the protocol from the routing protocol
engine (control plane). Therefore, BFD can take effect in non-interrupt forwarding and
run in the control engine.
The BFD provides failure detection between systems, including directly connected physical
links, virtual links, tunnels, MPLS LSPs, and multi-hop routing paths.
Static BFD
A ZXR10 M6000-S BFD can be established in the following two modes:
l
l
Steps
1. Configure an BFD session.
Step
Command
Function
ZXR10(config)#bfd
ZXR10(config-bfd)#session <session-name>{l2-bfd
<src-ip-address>, establishes
| ipv6}<src-ip-address><dst-ip-address>[vrf <vrf-name>]|
address).
<dst-ip-address>, establishes
te_tunnel <tunnel-id>}
SJ-20140731105308-016|2014-10-20 (R1.0)
Step
Command
Function
the session . If the egress
interface is not specified,
the message may be sent
locally instead of the egress
interface.
ZXR10(config-bfd)#interface <interface-name>
ZXR10(config-bfd-interface-name)#time-negotiation
<multiplier>
ZXR10(config-bfd-peer-session-name)#pkt-len min
ZXR10(config-bfd-peer-session-name)#multiport
{enable | disable}
ZXR10(config-bfd-peer-session-name)#dscp <DSCP
value>
ZXR10(config-bfd-l2-session-name)#discriminator
ld <local-discriminator> rd <remote-discriminator>
7-3
SJ-20140731105308-016|2014-10-20 (R1.0)
Step
Command
Function
address>
<interval>: indicates the interval to send detection message. Range: 3990. Unit: ms.
<min-rx-interval>: indicates the interval to receive detection message. Range: 3990.
Unit: ms.
<multiplier>: indicates the detection multiplier. Range: 350.
<min-pkt-length>: minimum length of a BFD detection package, range: 24512,
default: 24 bytes.
<max-pkt-length>: maximum length of a BFD detection package, range: 24512,
default: 24 bytes.
enable: sets the UDP port number of the package to 3784.
disable: set the UDP port number of the package to 4784.
<DSCP value>: DSCP value of the BFD package, range: 063, default: 56.
<local-discriminator>: identifier of the local session, range: 12048.
<remote-discriminator>: identifier of the remote session, range: 14294967295.
<multicast-ipv4-address>: detects the multiple destination address of the BFD session
on L2, range: 224.0.0.111224.0.0.250, default: 224.0.0.250.
2. Configure the BFD function for a static route.
Command
Function
er's-address> | <interface-name>[<forwarding-router's-address>]}
Command
Function
ZXR10(config-ospf-id)#bfd
ZXR10(config-ospf-id)#interface
<interface-name>
ZXR10(config-ospf-id-if-interface-name)#b
fd [disable]
current interface.
Command
Function
<vrf-name>]
ZXR10(config-isis-id)#interface
<interface-name>
ZXR10(config-isis-id-if-interface-name)#bf
d-enable
After BFD is enabled on an interface running IS-IS, when the interface establishes
IS-IS neighbor relationship with a remote interface, the BFD session based on IS-IS
is established on the direct-connected link between this pair of interfaces.
5. Configure BGP BFD.
Step
Command
Function
ZXR10(config-bgp)#neighbor {<ipv4-address>|<ipv
Enables BFD.
Step
Command
Function
ZXR10(config-bgp)#neighbor [<ipv4-address>|<p
Command
Function
<vrf-name>]
<ip-address>]
It is only necessary to configure LDP BFD unidirectionally. After the remote address
of the LSP is specified, the BFD session in the reverse direction will be established
automatically, and the destination address is the LDP discovery sources.
<FEC address>: The LSP address to establish a BFD session, usually a remote network
segment.
<mask length>: The mask length of the remote address, range: 032.
<interval>: The minimum intervals of sending packets, range: 3990, in the unit of ms.
<min_rx>: The minimum interval of receiving packets, range: 3990 s.
<multiplier>: Multiplier of detection time-out, range: 350.
7. Configure RSVP BFD.
Command
Function
ZXR10(config)#mpls traffic-eng
ZXR10(config-mpls-te)#interface te_tunnel<number>
ZXR10(config-mpls-te-if-interface-name)#bfd
ZXR10(config-mpls-te-tunnel-te_tunnel-
7-6
SJ-20140731105308-016|2014-10-20 (R1.0)
<interval>: The minimum interval to send specified BFD control message, range:
3990 ms.
<min-rx>: The minimum interval to receive specified BFD control message, range:
3990 ms.
<multiplier>: Multiplier of specified BFD control messages, range: 350.
8. Configure the BFD function related to the VRRP.
Command
Function
session <bfd-session-name>
ZXR10(config-vrrp-if-interface-name)#vrrp <vrid>
priority-decrement <priority-value>}
Function
ZXR10(config-vpws-vpws-name-pw-pw-number-
mode.
10. Configure the remote PW-BFD transmission, and then BGP-BFD faults can be
transmitted to the PW-BFD in the L2 network. In this way, the access point can switch
over active and standby PWs.
Command
Function
ZXR10(config-bfd)#session<instance-name>pw-bfd
pw-name<pw-name>[local-IP <local-ip-address>
name.
Remote-IP<remote-ip-address>pw-ttl<ttl-number>][CV-Stop]
7-7
SJ-20140731105308-016|2014-10-20 (R1.0)
Function
of IP type.
<remote- discriminator>]
<local-ipv4-address><remote-ipv4-address>[vrf <vrf-name>][ld
session.
of LDP type.
discriminator>]
7-8
SJ-20140731105308-016|2014-10-20 (R1.0)
Command
Function
<vrf-name>: VRF name. Range:
132 characters.
<local-discriminator>: local
identifier.
<remote-discriminator>: remote
identifier. Range: 14294967295.
of RSVP type.
discriminator>]
Function
<board-name>]
session.
<board-name>]
session.
<board-name>]
BFD session.
<board-name>]
BFD session.
BFD session.
<board-name>]
session.
<board-name>]
BFD session.
<board-name>]
session.
7-9
SJ-20140731105308-016|2014-10-20 (R1.0)
Command
Function
<board-name>]
BFD session.
<board-name>]
device.
<local-discriminator>
Function
End of Steps
7-10
SJ-20140731105308-016|2014-10-20 (R1.0)
Configuration Flow
1.
2.
3.
4.
5.
Configuration Commands
Run the following commands on R1:
R1(config)#interface gei-0/2/0/3
R1(config-if-gei-0/2/0/3)#no shutdown
R1(config-if-gei-0/2/0/3)#ip address 199.1.1.1 255.255.255.0
R1(config-if-gei-0/2/0/3)#exit
R1(config)#interface gei-0/2/0/7
R1(config-if-gei-0/2/0/7)#no shutdown
R1(config-if-gei-0/2/0/7)#ip address 33.1.1.1 255.255.255.0
R1(config-if-gei-0/2/0/7)#exit
R1(config)#ip multicast-routing
R1(config-mcast)#router pim
R1(config-mcast-pim)#interface gei-0/2/0/3
R1(config-mcast-pim-if-gei-0/2/0/3)#pimsm
R1(config-mcast-pim-if-gei-0/2/0/3)#bfd-enable
R1(config-mcast-pim-if-gei-0/2/0/3)#exit
R1(config-mcast-pim)#interface gei-0/2/0/7
R1(config-mcast-pim-if-gei-0/2/0/7)#pimsm
R1(config-mcast-pim-if-gei-0/2/0/7)#dr-priority 20
R1(config-mcast-pim-if-gei-0/2/0/7)#exit
R2(config)#ip multicast-routing
R2(config-mcast)#router pim
7-11
SJ-20140731105308-016|2014-10-20 (R1.0)
Configuration Verification
Run the show ip pim interface command on R1 to check the interface status. The execution
result is displayed as follows:
R1(config)#show ip pim interface
Address
Interface
State Nbr
Hello
DR
DR
PIM
33.1.1.1
gei-0/2/0/7
Up
30
20
33.1.1.1
199.1.1.1
gei-0/2/0/3
Up
30
199.1.1.2 Disabled S
Mode
Silent
Disabled S
Run the show ip pim neighbor command on R1 to check the neighbour status. The
execution result is displayed as follows:
R1(config)#show ip pim neighbor
Neighbor Address
Interface
DR Priority
Uptime
Expires
Ver
199.1.1.2
gei-0/2/0/3
00:07:48
00:01:23
V2
Run the show bfd neighbor ip brief command on R1 to check the BFD status. The execution
result is displayed as follows:
R1(config)#show bfd neighbor ip brief
LocalAddr
PeerAddr
LD
RD
199.1.1.1
199.1.1.2
2053
2054
Hold
150
State
UP
Interface
gei-0/2/0/3
Remote Discr:2054
Holdown(ms):150
Interface: gei-0/2/0/3
Vpnid:0
VRF Name:---
State:UP
BFD Type:SingleHop
Instance Name:
---------------------------------------------------------------------------Version:1
Final Bit:1
Local Diag:0
Demand Mode:0
Poll Bit:0
MinTxInt:50
MinRxInt:50
Multiplier:3
Received MinTxInt:50
Received MinRxInt:50
Received Multiplier:3
Length:24
7-12
SJ-20140731105308-016|2014-10-20 (R1.0)
Rx Count:4352
/100
/59
Tx Count:4159
/120
/59
Registered Protocols:PIM
Uptime:0 day(s),0 hour(s),6 minute(s)
Control Plane Rcv Phy Interface Name: gei-0/2/0/3
===========================================================================
Run the show ip pim neighbor command on R2 to check the neighbour status. The
execution result is displayed as follows:
R2(config)#show ip pim neighbor
Neighbor Address
Interface
DR Priority
Uptime
Expires
Ver
199.1.1.1
gei-0/3/0/8
00:07:48
00:01:23
V2
Run the show bfd neighbor ip brief command on R2 to check the BFD status. The execution
result is displayed as follows:
R2(config)#show bfd neighbor ip brief
LocalAddr
PeerAddr
LD
RD
Hold
State
Interface
199.1.1.2
199.1.1.1
2055
2054
150
UP
gei-0/3/0/8
Remote Discr:2054
Holdown(ms):150
Interface: gei-0/3/0/8
Vpnid:0
VRF Name:---
State:UP
BFD Type:SingleHop
Instance Name:
---------------------------------------------------------------------------Version:1
Final Bit:1
Local Diag:0
Demand Mode:0
Poll Bit:0
MinTxInt:50
MinRxInt:50
Multiplier:3
Received MinTxInt:50
Received MinRxInt:50
Received Multiplier:3
Length:24
Rx Count:804
/100
/59
Tx Count:813
/80
/59
Registered Protocols:PIM
Uptime:0 day(s),0 hour(s),1 minute(s)
Control Plane Rcv Phy Interface Name: gei-0/3/0/8
============================================================================
7-13
SJ-20140731105308-016|2014-10-20 (R1.0)
Configuration Flow
1. Configure static single-hop BFD on R1.
2. Configure static route BFD on R2.
Configuration Commands
Run the following commands on R1:
R1(config)#interface xgei-0/5/0/3
R1(config-if-xgei-0/5/0/3)#no shutdown
R1(config-if-xgei-0/5/0/3)#ip address 172.20.130.213 255.255.255.0
R1(config-if-xgei-0/5/0/3)#exit
R1(config)#interface loopback1
R1(config-if-loopback1)#ip address 172.20.96.1 255.255.255.255
R1(config-if-loopback1)#exit
R1(config)#bfd
R1(config-bfd)#session test link-bfd ipv4 172.20.130.213 172.20.130.214
interface xgei-0/5/0/3
R1(config-bfd-link-test)#!
7-14
SJ-20140731105308-016|2014-10-20 (R1.0)
Configuration Verification
After the configuration, a static single-hop BFD session on R1 and a static route BFD
session on R2 should be established successfully. Run the following command to view
the configuration results.
Run the show bfd neighbors [ip brief|ip-detail] command to check whether the static
single-hop BFD configuration and static route BFD take effect.
Check the configuration result on R1.
R1#show bfd neighbors ip brief
LocalAddr
PeerAddr
LD
RD
Hold
State
Interface
172.20.130.213
172.20.130.214
58
150
UP
xgei-0/5/0/3
Remote Discr:2395
State:UP
Holdown(ms):150
Interface: xgei-0/5/0/3
Vpnid:0
VRF Name:---
BFD Type:SingleHop
Instance Name:test
---------------------------------------------------------------------------Version:1
Final Bit:1
Local Diag:0
Demand Mode:0
Poll Bit:1
MinTxInt:50
MinRxInt:50
Multiplier:3
Received MinTxInt:50
Received MinRxInt:50
Received Multiplier:3
Length:24
Rx Count:0
/0
/0
Tx Count:0
/0
/0
Registered Protocols:INSTANCE
Uptime:0 day(s),0 hour(s),0 minute(s)
Control Plane Rcv Phy Interface Name: xgei-0/5/0/3
=============================================================================
PeerAddr
LD
RD
Hold
State
interface
172.20.130.214
172.20.130.213
58
150
UP
xgei-0/0/0/3
7-15
SJ-20140731105308-016|2014-10-20 (R1.0)
Remote Discr:2153
Holdown(ms):150
Interface: xgei-0/0/0/3
Vpnid:0
VRF Name:---
State:UP
BFD Type:SingleHop
Instance Name:
---------------------------------------------------------------------------Version:1
Final Bit:1
Local Diag:0
Demand Mode:0
Poll Bit:1
MinTxInt:50
MinRxInt:50
Multiplier:3
Received MinTxInt:50
Received MinRxInt:50
Received Multiplier:3
Length:24
Rx Count:0
/0
/0
Tx Count:188
/0
/0
Registered Protocols:STATIC
Uptime:0 day(s),0 hour(s),0 minute(s)
Control Plane Rcv Phy Interface Name: xgei-0/0/0/3
============================================================================
Configuration Flow
1. Configure static multi-hop BFD on R1.
2. Configure BGP multi-hop BFD on R3.
7-16
SJ-20140731105308-016|2014-10-20 (R1.0)
Configuration Commands
Run the following commands on R1:
R1(config)#interface xgei-0/5/0/1
R1(config-if-xgei-0/5/0/1)#no shutdown
R1(config-if-xgei-0/5/0/1)#ip address 172.20.130.18 255.255.255.0
R1(config-if-xgei-0/5/0/1)#exit
R1(config)#interface loopback1
R1(config-if-loopback1)#ip address 172.20.96.1 255.255.255.255
R1(config-if-loopback1)#exit
R1(config)#router ospf 1
R1(config-ospf-1)#network 172.20.130.0 0.0.0.255 area 0.0.0.0
R1(config-ospf-1)#network 172.20.96.1 0.0.0.0 area 0.0.0.0
R1(config-ospf-1)#exit
R2(config)#router ospf 1
R2(config-ospf-1)#network 172.20.130.0 0.0.0.255 area 0.0.0.0
R2(config-ospf-1)#network 172.20.140.0 0.0.0.255 area 0.0.0.0
R2(config-ospf-1)#network 172.20.96.2 0.0.0.0 area 0.0.0.0
R2(config-ospf-1)#exit
7-17
SJ-20140731105308-016|2014-10-20 (R1.0)
R3(config)#router ospf 1
R3(config-ospf-1)#network 172.20.140.0 0.0.0.255 area 0.0.0.0
R3(config-ospf-1)#network 172.20.108.2 0.0.0.0 area 0.0.0.0
R3(config-ospf-1)#exit
Configuration Verification
After the configuration, a static multi-hop BFD session on R1 and a BGP multi-hop BFD
session on R3 should be established successfully. Run the following command to view
the configuration results.
Run the show bfd neighbors [ip brief|ip detail] command to check whether the static
single-hop BFD configuration and BGP multi-hop BFD configuration take effect.
Check the configuration result on R1.
R1(config)#show bfd neighbors ip brief
LocalAddr
172.20.96.1
PeerAddr
172.20.108.2
LD
RD
Hold
State
Interface
150
UP
---
Remote Discr:2153
Holdown(ms):150
Interface:---
Vpnid:0
VRF Name:
State:UP
BFD Type:MultiHop
Instance Name:test
---------------------------------------------------------------------------Version:1
Final Bit:1
Local Diag:0
Demand Mode:0
Poll Bit:1
7-18
SJ-20140731105308-016|2014-10-20 (R1.0)
MinRxInt:50
Multiplier:3
Received MinTxInt:50
Received MinRxInt:50
Received Multiplier:3
Length:24
Rx Count:190
/200
/200
Tx Count:188
/220
/220
Registered Protocols:INSTANCE
Uptime:0 day(s),0 hour(s),0 minute(s)
Control Plane Rcv Phy Interface Name:
============================================================================
PeerAddr
LD
RD
Hold
State
172.20.108.2
172.20.96.1
150
UP
Interface
-----
Remote Discr:2127
Holdown(ms):150
Interface:---
Vpnid:0
VRF Name:---
State:UP
BFD Type:MultiHop
Instance Name:test
---------------------------------------------------------------------------Version:1
Final Bit:1
Local Diag:0
Demand Mode:0
Poll Bit:1
MinTxInt:50
MinRxInt:50
Multiplier:3
Received MinTxInt:50
Received MinRxInt:50
Received Multiplier:3
Length:24
Rx Count:50
/50
/48
Tx Count:40
/48
/46
Registered Protocols:BGP
Uptime:0 day(s),0 hour(s),0 minute(s)
Control Plane Rcv Phy Interface Name: xgei-0/0/0/4
============================================================================
7-19
SJ-20140731105308-016|2014-10-20 (R1.0)
7-20
SJ-20140731105308-016|2014-10-20 (R1.0)
Chapter 8
FRR Configuration
Table of Contents
IP FRR Configuration .................................................................................................8-1
Static Route FRR Configuration .................................................................................8-4
L2 VPN FRR Configuration ........................................................................................8-5
L3VPN FRR Configuation...........................................................................................8-6
TE FRR Configuration ................................................................................................8-7
3. The time that is used to take the corresponding responses to the invalid node and
link. The response includes triggering and flooding the new link state, and updating
packets. Normally it is several milliseconds to tens of milliseconds.
4. The time that is used to notice other nodes in network that the local router link is invalid.
Normally it is tens of milliseconds to a hundred seconds normally on each node.
5. The time that is used to recalculate the triggering route. For Interior Gateway Protocol
(IGP) protocols that use Dijkstra algorithm, the time is tens of milliseconds.
6. The time that is used to interact with line interface cards to calculate the new routing
information and form the new forwarding table. The time varies in accordance with the
number of routing entries. Normally it is several hundred milliseconds.
7. The time that is used to load the new forwarding route entries into hardware. Normally
it is tens of milliseconds.
The traffic loss may occur in the above mentioned steps. The traffic loss can be divided
into two stages, including:
1. Stage 1: The router fails to discover the invalid link immediately, and it still forwards
the traffic to the invalid link.
2. Stage 2: The route discovers the invalid link, but the network is in convergence
process. The local forwarding table is different with that of other routers, which
causes micro-loop in forwarding plane.
To shorten the traffic interruption duration, a mechanism must be provided to implement
the following functions:
1. Discover the invalid link quickly.
2. When the link is invalid, provide a recovery path quickly.
3. Prevent forwarding micro-loop during the further recovery process.
This mechanism is the IP Fast-Reroute (FRR).
Work Flow
The working procedure of IP FRR is as follows:
1.
2.
3.
4.
Detect faults quickly: The common technologies include BFD, and physical signal test.
Modify the forwarding plane: Hand over the traffic to the recalculated backup path.
Perform route re-convergence.
After finishing the re-convergence, hand over the route to the optimal path.
Obviously, the backup path is to fill the FRR gap, which hands over the traffic to the backup
next hop, to guarantee that the service will not be interrupted.
There are some conditions to form the OSPF FRR or IS-IS FRR relationship. To form
the FRR relationship of default LFAs test mode, the algorithm should meet the condition
Distance_opt (Ni, D) < Distance_opt (Ni, S) + Distance (S, D). That is, the distance from
the next hop on the backup link to the destination should be shorter than the sum of the
distance from the next hop on the backup link to the source node and the distance from
the source node on the primary link to the destination node.
8-2
SJ-20140731105308-016|2014-10-20 (R1.0)
To form the FRR relationship of down-stream-path mode, the algorithm should meet the
condition Distance_opt (Ni, D) < Distance (S, D). That is, the distance from the next hop
on the backup link to the destination should be shorter than that from the source node on
the primary link to the destination node.
The establishment of BGP FRR relationship is relatively simpler. It only needs two different
next hops to the same destination.
As shown above, there are three links from CE1 to CE2 (not considering PE3),
PE1>PE2>CE2, PE1>PE4>CE2, and PE1>PE4>PE2>CE2.
When the link between PE1 and PE2 is faulty, TE /LDP FRR will be triggered to switch
the link (external switchover). However, for VPN FRR, the nexthop is PE2, and the link
between PE1 and PE2 is reachable (Before the TE /LDP FRR switchover, the link is PE1
> PE2. After the TE /LDP FRR switchover, the link is PE1>PE4>PE2. The relationship of
VPN FRR is not changed, so the switchover is not required. (VPN FRR and TE /LDP FRR
share the same egress interface, so the internal VPN FRR supports only BFD perceptive
switchover instead of the port switchover in nested mode.
When PE2 is faulty, the VPN FRR switchover happens (internal switchover) when the
link PE1>PE4>PE2 is unreachable, and the link PE1>PE4 is reachable. In this case, the
multiple link protection, and multiple switchover purpose are realized.
8-3
SJ-20140731105308-016|2014-10-20 (R1.0)
The FRR switchover is the same as VPN FRR + TE/LDP FRR application scene.
IP FRR+TE FRR
As shown in Figure 8-2, IP FRR is formed among PE1, PE2, and PE3, and TE FRR is
formed between PE1 and PE2.
4. After the route convergence, the traffic will be handed over to the optimization path.
The backup path is to fill the route convergence gap. It ensures the continuity of the service
by switching the traffic to the backup path quickly.
The static route cannot calculate the route and converge the route again, so the user needs
to specify routes to form the relationship between the active route and the backup route.
That is to say, configure two static routes with the same destination address, different
egress interfaces and different priorities.
When the active PW has a fault, with the link failure detection technology such as BFD,
PW FRR handover will be triggered. For example, CE forwards traffic to CE2. When the
active PW (PW12) or NPE2 has a fault, PW FRR handover is triggered. Traffic on UPE1 is
handed over to the standby PW (PW13) quickly. When the active PW recovers, PW FRR
handover is traggered again and traffic is handed over back to the active PW.
8-6
SJ-20140731105308-016|2014-10-20 (R1.0)
With the route fast switching technology in the private VPN network, the forwarding items of
the active PE and the standby PE set in a remote PE, and the PE fault fast detection, VPN
FRR switches the traffic to a standby path before the VPN route convergence is completed
TE FRR Modes
MPLS TE FRR is realized on the base of RSVP TE.
There are two modes to realize MPLS TE FRR.
l
Detour mode: It is one-to-one backup. In this mode, the device provides protection
for each protected LSP and establishes a protecting path for each protected LSP. The
protecting path is called Detour LSP.
8-7
SJ-20140731105308-016|2014-10-20 (R1.0)
Bypass mode: It is facility backup. In this mode, a protecting path is used to protect
several LSPs. The protecting path is called Bypass LSP.
Detour mode realizes the protection for each LSP. This needs relatively more cost. In
practical applications, Bypass mode is widely used. The following contents describe
Bypass mode is described in details.
Bypass mode is shown in Figure 8-5. The blue arrows indicate the active LSP, and the red
arrows indicate the Bypass LSP. When the link between RTB and RTC or the node RTC
is invalid, the data on the active LSP will be handed over to the Bypass LSP. The packet
sent by RTB uses the label distributed by RTF in the top layer of the header. Meanwhile,
the out-label of RTC is input into the label stack to be used as the next layer label.
Figure 8-5 FRR Though Bypass Mode
On the path RTB - RTF - RTD, the LSP uses two layers of labels. When RTD receives a
packet, it pops out the label that is distributed for RTF by RTD, and then it uses the label
that is distributed for RTF by RTD to forward the packet.
Related Item
l
l
l
l
Active LSP: It is relative to the Detour LSP or the Bypass LSP. It is the protected LSP.
Point of Local Repair (PLR): It is the head node of the Detour LSP or the Bypass LSP.
It must be on the active LSP, and it should not be the tail node.
Merge Point (MP): It is the tail node of the Detour LSP or the Bypass LSP. It must be
on the active LSP, and it should not be the head node.
Link protection: The PLR and the MP are connected through a direct connection. The
active LSP passes through this link. When this link is invalid, the data can be handed
over to the Detour LSP or the Bypass LSP.
Node protection: The PLR and the MP are connected through a router. The active
LSP passes this router. When this router is invalid, the data can be handed over to
the Detour LSP or the Bypass LSP.
8-8
SJ-20140731105308-016|2014-10-20 (R1.0)
FRR in Bypass mode described here is realized according to RFC by extending the
SESSION_ATTRIBUTE object and the RECORD_ROUTE object.
In the SESSION_ATTRIBUT object of a PATH message, the flag bits added include
whether the LSP needs local protection, whether to record labels, whether to use
Share-Explicit (SE) style, and whether to protect bandwidth.
In the RECORD_ROUTE object of an RESV message, the flag bits added include
whether the LSP has been protected, whether the data has been handed over,
whether it is the bandwidth that has been protected, and whether it is protected by
a node.
8-9
SJ-20140731105308-016|2014-10-20 (R1.0)
In manual Bypass LSP establishment, when a tunnel without FRR attribute is specified
to protect a physical interface, the LSP it corresponds to becomes the Bypass LSP. As
shown in Figure 8-6, the manual establishment of a Bypass LSP (tunnel12 on RT2)
is triggered by configuration on the PLR (RT2). The configuration has no difference
from that of a common LSP basically, except that FRR attribute cannot be configured
for a Bypass LSP. That is, a Bypass LSP cannot be an active LSP at the same time,
and LSPs cannot be nested-protected.
Automatic Bypass LSP is a simplification of the manual mode. When the active LSP
needs FRR protection, the PLR can select a Bypass LSP or establish a Bypass
LSP automatically to protect the active LSP. This mode is called automatic Bypass.
An automatic Bypass can protect multiple active LSPs as long as it meets the
requirements of the active LSPs.
8-10
SJ-20140731105308-016|2014-10-20 (R1.0)
A Bypass LSP can protect multiple physical interfaces, but it cannot protect the egress of
its own.
FRR can protect a link or a node. When Bypass LSP protection is needed, it is necessary
to plan the link or node to be protected and specify the protection mode (link protection or
node protection). Generally, node protection can protect the protected node and the link
between this node and the PLR. It seems that node protection is better.
Generally, the bandwidth of a Bypass LSP is used to protect the active LSP. All resources
on the tunnel are only used after handover. During configuration, it is necessary to make
sure that the bandwidth configured is not less than the sum of all LSPs to be protected.
Otherwise, when FRR is valid, Bypass cannot provide the protection that meets the
requirements of user services completely.
Generally, Bypass LSP is in idle state, and it does not carry over data services. If the
Bypass LSP is intended to protect the active LSP and forward data at the same time, it is
required to configure enough bandwidth.
Binding Calculation
Binding can mean to specify a Bypass LSP to protect a physical interface. This is called
the binding between a Bypass LSP and a physical interface. A Bypass LSP can be bound
to multiple physical interfaces. A physical interface can also be bound to multiple Bypass
LSPs.
Binding can also mean to select a suitable Bypass LSP to protect an active LSP. This is
called the binding between an active LSP and a Bypass LSP. The binding calculation is the
procedure to bind an active LSP to a Bypass LSP. If the binding calculation succeeds, the
RESV message will inform the upstream nodes that the active LSP has been protected.
The result of the binding calculation includes the following items:
l
l
l
Protection type (it is link-type protection or node-type protection) and LSR ID of the
MP
The label distributed by the MP for the previous hop (This label corresponds to the
label of the MP LSR ID in RECORD_ROUTE object of the active LSP.)
Bypass LSP interface and the NHLFE information of the Bypass LSP
The result is mainly used for the sending of data and signaling from the Bypass LSP after
handover.
The binding calculation result is saved. When local invalidation occurs, the result can be
used immediately. This is the reason why MPLS TE FRR can make fast responses to
invalidations.
Invalidation Detection
Invalidation detection aims at discovering the invalidation of the link (between RT2 and
RT3) or the node (RT3) as soon as possible, thus to trigger handover to reduce packet
loss.
8-11
SJ-20140731105308-016|2014-10-20 (R1.0)
Handover Procedure
Handover means to enable the Bypass LSP. The data and RSVP messages on the active
LSP will not be forwarded along the previous path.
Handover can be triggered when the interface (eth1 of RT2) is closed by a command or
when invalidation detection discovers an interface (eth1 of RT2) invalidation. The data and
signaling of the protected LSP on the invalid interface will be handed over to the Bypass
LSP. The upstream nodes are informed that the handover occurs.
4. All nodes previous to the MP are deleted in an Explicit Route Object (ERO). The
address first belonging to the MP is changed to the MP LSR ID.
The MP receives the PATH message through the Bypass LSP. As the SESSION is not
changed, but the ingress LSR ID (it is RT1 LSR ID previously) in SENDERTEMPLATE is
changed to the egress interface (eth2 on RT2) address of the PLR on the Bypass LSP, MP
will know that this is a PATH message after the FRR handover and the local node is the
MP.
The PATH message sent to downstream by the MP does not change with the handover.
The RESV message sent to upstream by the MP is changed according to the following
points:
1. The Filter Spec source address in the message is changed to the PHOP address
(address of eth2 on RT2) in the PATH message.
2. The NHOP in the message is changed to the ingress interface (eth2 on RT4) address
of the MP on the Bypass LSP.
3. The RECORD_ROUTE object in the RESV message records the ingress interface
(eth2 on RT4) address of the MP on Bypass LSP.
4. The destination in the IP header of the message is the egress interface (eth2 on RT2)
address of the PLR on the Bypass LSP.
5. The Time To Live (TTL) value in the RESV message is set to 255. The TTL value in
the header of the protocol message is set to 1.
After the handover, the RESV message sent to upstream by the PLR also has some
changes. The egress interface (eth2 on RT2) address of the PLR on the Bypass LSP
is added to the RECORD_ROUTE object.
After the handover, the forwarding paths of PTEAR message, RERR message, RTEAR
message and PERR message of the active LSP also change.
After the handover of node protection, the protected node (RT3) may send the PTEAR
message to downstream due to the expiration of the PATH message. The MP (RT4) will
ignore this message. In addition, the MP will send the RTEAR message on the previous
LSP ingress interface (eth3 on RT4) during the handover. This is to make the protected
node (RT3) release corresponding resource as soon as possible.
MBB
For FRR, a function of Make Before Break (MBB) is to make the LSP (tunnel1 on RT1)
protected by the Bypass LSP recover to normal state. When handover occurs on the active
LSP, the head node starts the MBB procedure to calculate a new available path. When
the new path is established, a new suitable standby LSP will be selected to form the new
binding relationship.
Data Forwarding
Before the handover, the data forwarding on the active LSP is the same with that on a
common LSP. After the handover, the data is forwarded to the MP through the Bypass
LSP.
8-13
SJ-20140731105308-016|2014-10-20 (R1.0)
8-14
SJ-20140731105308-016|2014-10-20 (R1.0)
Chapter 9
9.1 Overview
For some network applications, users cannot deploy end-to-end PWs or tunnels. As a
result, the service protection is complicated, especially in a multi-point fault scenario, and
services may be interrupted. In a typical bridging network solution, the access layer,
convergence layer, and core layer respectively use their network protection measures.
However, there is no mapping mechanism among these layers, which may result in service
interruption in case of a multi-point fault.
Figure 9-1 shows a bridging network. The access layer uses the "PW-FRR + VRRP"
protection, the convergence layer uses the "Hot-Standby + VPN-FRR" or "static
end-to-end tunnel + VPN-FRR" protection, and the core layer uses the "dynamic VRRP
+ active/standby" protection. If a multi-point fault occurs, for example, 1 and 2, 2 and 3,
3 and 4, or 4 and 5, the end-to-end service is interrupted.
A multi-point fault may result in end-to-end service interruption, because the access layer,
convergence layer, and core layer only provide protection on the local layers, and cannot
detect faults of other layers. As a result, a normal layer sends data through original routes,
and a faulty layer cannot transfer service traffic because of the multi-point fault.
9-1
SJ-20140731105308-016|2014-10-20 (R1.0)
The OAM mapping and linkage between different layers can solve the above problem. For
the principle, see Figure 9-2.
9-2
SJ-20140731105308-016|2014-10-20 (R1.0)
When R1 detects that faults 1 and 2 occur simultaneously, R1 notifies R2 about the faults
through the application fault OAM binding function, and then R2 performs the protection
switching.
The association can be implemented through detection groups. The association can be
used to shut down a port or prevent the port from transferring messages (excluding OAM
messages).
l
l
9-3
SJ-20140731105308-016|2014-10-20 (R1.0)
Steps
1. Configure the L2 association detection function for an interface.
Step
Command
Function
ZXR10(config)#interface {<interface-name>|byname
<byname>}
mode.
ZXR10(config-if-interface-name)#track
<track-name>[group]
interface.
Command
Function
ZXR10(config)#interface {<interface-name>|byname
<byname>}
mode.
ZXR10(config-if-interface-name)#ipv4 track
<track-name>[group]
Command
Function
ZXR10(config)#interface {<interface-name>|byname
<byname>}
mode.
ZXR10(config-if-interface-name)#ipv6 track
<track-name>[group]
Function
ZXR10(config)#show running-config-interface
[interface-name]
configuration.
End of Steps
Steps
1. Block or shut down an interface based on the interface detection result.
Step
Command
Function
ZXR10(config)#interface {<interface-name>|byname
<byname>}
mode.
ZXR10(config-if-interface-name)#track
trigger<track-name>[group]{block|shutdown}
Function
ZXR10(config)#show running-config-interface
[interface-name]
configuration.
End of Steps
9-5
SJ-20140731105308-016|2014-10-20 (R1.0)
9-6
SJ-20140731105308-016|2014-10-20 (R1.0)
Chapter 10
Graceful Restart
Configuration
Table of Contents
IP Graceful Restart Configuration .............................................................................10-1
LDP Graceful Restart Configuration .........................................................................10-3
Applying IP GR in OSPF
Applying IP GR in IS-IS
Applying IP GR in BGP
OSPF/IS-IS GR
This policy is:
1. Other routers on the network keep their link states during the IS-IS/OSPF restart
period.
2. The restarted router keeps its forwarding information before the restart in a short
period, that is, the FIB can keep steady on the restarted router in a short period, thus
not affecting the forwarding of the data flow.
3. After the router is restarted, the router finishes the LSP/Link State Advertisement (LSA)
synchronization with its neighbor routers quickly.
4. The router calculates Shortest Path First (SPF) after the LSP/LSA database
synchronization.
With this policy, the restarted router still can forward data during the restart period, and
the neighbor routers still can operate properly during the restart period. The restart will not
cause any route oscillation.
10-1
SJ-20140731105308-016|2014-10-20 (R1.0)
BGP GR
At present, the routing protocols only run on the Management Process Units (MPUs)
of a router. The routing protocols do not run on a standby board. After active/standby
changeover, the routing protocols run on the standby board.
To support the GR capability, the route protocol needs to accomplish the following tasks.
l
l
Prevent the neighbor relationship between the neighbor routers and the restarted
router from being oscillated during the restart period.
After the restart, the restarted router synchronizes the routing information with its
neighbor routers as soon as possible, and then updates the local routing information.
GR Router
1. When initiating to establish the BGP neighbor relationship, R1 and R2 negotiate
the GR capability through OPEN messages.
2. When the R1 is restarted, routes are kept on the interface cards for forwarding
data.
3. The R1 establishes a new Transfer Control Protocol (TCP) connection with the
neighbor R2. In the BGP OPEN message, When the Restart state field in the
BGP OPEN message is set to 1, it indicates that the router is restarted just now.
At the same time, the router advertises the value of restart time to neighbors (this
value should be less than the Holdtime value in the OPEN message). In addition,
the router also needs to inform the neighbors of the supported address family
route GR.
4. After establishing BGP neighbor relationship with R2 successfully, R1 receives
and processes the route updates from the neighbor and starts the Wait-For-EOR
timer.
5. The R1 puts the local BGP route calculation off until it receives the End-of-RIB
flags from all GR-Aware BGP neighbors or until the local Wait-For-EOR timer
times out.
6. The R1 calculates routes and sends route updates to the neighbors. After the
updates are completed, R1 sends the End-of-RIB flags to the neighbors.
Helper Router
1. When initiating to establish BGP neighbor relationship, R2 negotiates with R1
about the GR capability, and it records R1 as a GR-Capable router.
2. When R1 is restarted, R2 may be aware that the TCP connection between itself
and R1 is disconnected, or maybe R2 does not detect the disconnection before
a new TCP connection is established between them. If R2 does not detect the
disconnection, go to Step 4. Otherwise, go to Step 3.
3. The R2 keeps the routes sent from the restarted router R1 and marks the stale
flags. After that, R2 starts the Restart Timer.
4. The restarted router initiates to establish a new connection, deletes the Restart
Timer, and starts the Wait-For-EOR Timer.
5. If the Restart Timer times out before the new connection is established, or if R2
receives the OPEN message (for the new connection) whose Forwarding state
10-2
SJ-20140731105308-016|2014-10-20 (R1.0)
is not 1 (The Forwarding state value 0 indicates that the restarted router does
not support nonstop forwarding of the corresponding address family routes), or if
the OPEN message does not contain the corresponding AFI/SAFI address family
support information, R2 goes to Step 8.
6. Otherwise, R2 sends route updates to the restarted router. After that, it sends the
End-Of-RIB flags.
7. If the Wait-For-EOR Timer times out before the End-Of-RIB flags are sent, R2
goes to Step 8.
8. The kept routes of the restarted router is cleared. The data is forwarded in
accordance with the normal BGP forwarding flow.
When the LDP Graceful Restart mechanism is not used, and the session is interrupted
for the restart of the version, protocol, or session, all related control modules and
transferring items will be deleted. In addition, you need to bind the flag after the
session is restarted again.
After the LDP Graceful Restart mechanism is used (the router can transfer data), all
items can be transferred through the old flag after the session is interrupted. In this
case, the operations on the control plane have no effect on the data plane.
The LSD Graceful Restart mechanism is used for the LSR that can transfer the data or
cannot transfer the data during the LDP restart. However, at least one LSR can transfer
data during the restart. For the LSR that cannot transfer data, it helps the neighbor node
to reduce the influence on the data transferring although it cannot reduce the influence on
its own data transferring.
Session restart. During this restart, the LSR can transfer data, and the session can
be established again. In this case, you may not know which LSR is restarted. These
10-3
SJ-20140731105308-016|2014-10-20 (R1.0)
two LSRs save the control information of the LDP protocol, so they can be considered
as the auxiliary node.
LSR restart or LDP signaling restart. During this restart, LSR can transfer data. For
example, restart nodes and auxiliary nodes exist during the version update or the
active/standby changeover. The restart node has no control information of the LDP
protocol layer, so the corresponding handling methods are different.
Restart node
1. When the control plane of the LSR is restarted, you must ensure that it can transfer
data during the recovery process. If not, you need to set the Recovery Time in
the Initialization message sent to the peer end to 0s.
2. If the LSR can transfer data, you need to start the timer (the corresponding value
can be set), and then set all the transferred items to stale. When the timer times
out, delete all transferred items marked with stale. The notified Recovery time
when you re-establish the session is the remaining time of the timer when the
Initialization message is sent.
3. During the restart, the LSR still can transfer data with the old transferring items. At
the same time, it can establish a session again and send the mapping information
through the processes stipulated in the LDP protocol. When the LSR receives
a mapping message, it will find the corresponding items in the transferring table,
and then clear the stale mark. In this case, the restart process is completed.
Auxiliary node
1. After the LSR finds that the session with the the neighbor is down, it will confirm
that the the neighbor node can transfer data in accordance with the FT Reconnect
Timeout in the Initialization message when a session is established. If the the
neighbor node can transfer data, it will set all transferring labels learnt from the
session to stale, and then save these labels for the later data transferring.
2. When the session is down, the LSR restarts the reconnect timer. The set time is
the minimum value between the FT Reconnect Timeout notified by the peer end
and the Neighbor Liveness time configured locally. In this case, the LSR waits
for both parties to establish the session again. If the session is not established
successfully after the timer times out, the forwarding items marked with stale will
be deleted.
3. If the session is established successfully before the timer times out, the LSR will
cancel the timer, and determine the recovery time notified by the peer end. If the
the neighbor router cannot transfer data, it will delete all the items marked with
stale. If the the neighbor router can transfer data, this LSR will restart the timer.
The set time is the minimum time between the Recovery Time notified by the peer
end and the Maximum Recovery time configured locally.
4. After receiving the mapping message from the peer end, the LSR will recover or
update the items marked with stale, and then clear the stale mark. At the same
time, this router will send the mapping information on the assumption that the
session is in up status. If the timer times out, the LSR will delete all the transferring
items marked with stale.
10-4
SJ-20140731105308-016|2014-10-20 (R1.0)
The following uses an example to describe the working process of LDP Graceful Restart.
R1 and R2 is configured with the LDP Graceful Restart function, and the session and the
corresponding LSP that supports the LDP Graceful Restart function are established, see
Figure 10-1.
Figure 10-1 Network Architecture of LDP Graceful Restart Configuration
10-5
SJ-20140731105308-016|2014-10-20 (R1.0)
10-6
SJ-20140731105308-016|2014-10-20 (R1.0)
Chapter 11
NSR Configuration
Table of Contents
NSR Overview..........................................................................................................11-1
Configuring the NSR Function ..................................................................................11-2
NSR Configuration Example.....................................................................................11-3
GR: a series of standards defined in IETF, which ensures that the package forwarding
operation is not interrupted when the protocol is restarted. This function minimizes the
influence of faults on the whole network.
NSR: a higher reliability technology. It ensures that the route between the forwarding
plane and the control plane is not interrupted after the switchover between the
active/standby control planes. With this function, the device faults almost have no
influence on the whole network.
Traditionally, route convergence happens when the device has a fault. During the route
convergence, both loops and black holes may occur, which have serious influence on the
network.
With the NSR function, a fault is recovered within the device, so there is no influence
on the network. The NSR function synchronizes valid information in real time between
the processing units of the active/standby control planes. During the active/standby
switchover, the NSR function ensures that the route between the forwarding plane and the
control plane is not interrupted. After the switchover, extra protocol recovery procedures
with its neighbors are not required.
NSR Principle
After the NSR function is enabled for the device, the normal handling flow is as follows:
1. Input packages are sent to the processing unit of the active control plane.
11-1
SJ-20140731105308-016|2014-10-20 (R1.0)
2. After receiving the input packages, the processing unit of the active control plane
processes these packages, generates necessary check information, and then sends
all packages to the processing unit of the standby control plane.
3. After receiving the packages from the processing unit of the active control plane, the
processing unit of the standby control plane processes all information, and then sends
a complete message to the processing unit of the active control plane.
4. After receiving the complete message from the processing unit of the standby control
plane, the processing unit of the active control plane sends all output packages
generated by itself.
The device with the NSR function synchronizes the information in real time between the
processing units of the active/standby control planes, which ensures that the statuses
and processing logics of the processing units of the active/standby control planes are the
same. When the processing unit of the active control plane is faulty, the active/standby
switchover happens. The processing unit of the standby control plane immediately
becomes active. In this case, the services of both the forwarding plane and the control
plane are not interrupted, and extra protocol recovery procedures with its neighbors are
not required.
Steps
1. Enable the NSR function.
Command
Function
Function
Function
Configuration Flow
1. Confirm that the device operates properly. The ACT indicator on the active main
control board is ON, and that of the standby main control board is OFF. The RUN
indicators on both the active/standby main control boards flash at the frequency of
1Hz. The ALARM indicators on the active/standby main control boards are OFF.
2. Configure the NSR function.
3. Check the NSR configuration results.
Configuration Commands
Run the following command on the ZXR10 M6000-S:
ZXR10(config)#nsr enable all
Configuration Verification
Run the show synchronization detail command to check the NSR configuration results. The
execution result is displayed as follows:
ZXR10(config)#show synchronization detail
======================================================================
======================================================================
Module
LE
Sync-type
Module
LE
Sync-type
Sync-state
11-3
SJ-20140731105308-016|2014-10-20 (R1.0)
T_SC
GR
Synchronized
---------------------------------------------------------------------OSPF
T_SC
GR
Synchronized
---------------------------------------------------------------------BGP
T_SC
GR
Synchronized
---------------------------------------------------------------------RIP
T_SC
GR
Synchronized
---------------------------------------------------------------------BASE
T_SC
GR
Synchronized
---------------------------------------------------------------------LDP
T_SC
GR
Synchronized
---------------------------------------------------------------------MPLSTE
T_SC
GR
Synchronized
---------------------------------------------------------------------======================================================================
DB sync-state
: Synchronized
: Synchronized
======================================================================
/*The NSR function takes effect only when it is used together with a module,
for example, the IS-IS and OSPF.*/
11-4
SJ-20140731105308-016|2014-10-20 (R1.0)
Chapter 12
board in real time. When the master/slave state or in-place state changes, the scan
thread will inform the corresponding main-control process to trigger the master/slave
handover flow quickly.
When the thread scans that the master board operates improperly and the slave board
operates properly, it will trigger the handover. The procedure of handover is implemented
by the corresponding process module of the main-control.
Context
You can implement active/standby switchovers through commands, by removing and
re-installing the active main control board, by pressing the EXCH button, by pressing the
reset button on the active main control board, or when a fault occurs on the active main
control board.
Active/standby switchover can be classified into compulsive switchovers and graceful
switchovers.
l
The differences between a compulsive switchover and a graceful switchover are described
below.
l
For a compulsive switchover (except the force command switchover), the system
does not check whether the conditions to perform switchover are met. No matter
which state the board is in at present, the switchover is accomplished by resetting the
master main control board.
When you run the force command to complete the active/standby switchover, you
need to check required conditions for the switchover, for example, the standby board is
online, the file initialization is completed, and the database initialization is completed.
The active/standby switchover fails when one condition is not met.
For a graceful switchover, the system checks whether the conditions to perform
switchover are met, for example, whether the slave board is online, whether the
version synchronization is completed, whether the process is powered on, and
whether the database synchronization is completed.
12-2
SJ-20140731105308-016|2014-10-20 (R1.0)
Steps
1. Check the active/standby synchronization status before the active/standby switchover
configuration.
The prerequisites to execute the active/standby switchover correctly are as follows:
the active/standby main control boards are online and are operating properly, and the
synchronization of the active/standby database is completed.
Before executing the active/standby switchover, run the following commands to
verify that the active and the standby main control boards are online, and that the
synchronization of the active and the standby database is completed.
Commands
Function
ZXR10#show processor
ZXR10#show synchronization
Function
End of Steps
Configuration Flow
1. When the device work properly, the ACT indicator for the master main control board is
on, and the ACT indicator for the slave main control board is off. The RUN indicator for
12-3
SJ-20140731105308-016|2014-10-20 (R1.0)
the master main control board flashes at the frequency of 1 Hz. The ALM indicators
for the master and slave main control boards are off.
2. Use one of the following operations to implement master/slave handover:
a. Configure the master/slave main control handover command.
b. Press the reset button on the master main control board.
c.
Plug out the master main control board and then plug it in.
Configuration Verification
View the configuration result, as shown below.
/*Before the handover*/
R2#show processor
================================================================================
================================================================================
Character: CPU current character in system
MSC
SSC
N/A
CPU(5s)
CPU(1m)
CPU(5m)
Peak
PhyMem
FreeMem
Mem
================================================================================
================================================================================
N/A
10%
10%
11%
18%
2048
718
64.941%
-------------------------------------------------------------------------------PFU-0/3/0
N/A
9%
8%
9%
9%
4096
2451
40.161%
-------------------------------------------------------------------------------MPU-0/5/0
SSC
9%
9%
9%
9%
4096
2849
30.444%
--------------------------------------------------------------------------------
12-4
SJ-20140731105308-016|2014-10-20 (R1.0)
MSC
27%
24%
26%
27%
6144
4190
31.803%
SSC
N/A
CPU(5s)
CPU(1m)
CPU(5m)
Peak
PhyMem
FreeMem
Mem
================================================================================
================================================================================
N/A
10%
10%
11%
18%
2048
718
64.941%
-------------------------------------------------------------------------------PFU-0/3/0
N/A
9%
8%
9%
9%
4096
2451
40.161%
-------------------------------------------------------------------------------MPU-0/5/0
MSC
100%
100%
9%
100%
4096
2849
30.444%
-------------------------------------------------------------------------------MPU-0/6/0
SSC
26%
25%
27%
27%
6144
4190
31.803%
12-5
SJ-20140731105308-016|2014-10-20 (R1.0)
12-6
SJ-20140731105308-016|2014-10-20 (R1.0)
Chapter 13
LDP
VRF
MP-BGP
Through the configuration for these three parts, several routes from the external layer and
internal layer of the MPLS VPN and the CE side share the load in the private network and
the public network.
13-1
SJ-20140731105308-016|2014-10-20 (R1.0)
13-2
SJ-20140731105308-016|2014-10-20 (R1.0)
Figures
Figure 2-1 Linkage Among VRRP, SAMGR, EOAM and BFD.................................... 2-2
Figure 2-2 Linkage of Symmetrical Dual-Connection Between CE and PE................ 2-3
Figure 2-3 Linkage Between EFM and VRRP ........................................................... 2-6
Figure 2-4 Link Between CFM and VRRP ................................................................. 2-9
Figure 3-1 Default Network Gateway in LAN ............................................................. 3-1
Figure 3-2 VRRP Election Flow................................................................................. 3-2
Figure 3-3 State Conversion in VRRP....................................................................... 3-4
Figure 3-4 Application of VRRP Monitoring Interface ................................................ 3-4
Figure 3-5 Application of VRRP Load Sharing........................................................... 3-5
Figure 3-6 EOAM for VRRP Application One ............................................................ 3-6
Figure 3-7 VRRP and EOAM State Transfer ............................................................. 3-7
Figure 3-8 EOAM for VRRP Application Two............................................................. 3-7
Figure 3-9 VRRP and EOAM + Peer BFD State Transfer .......................................... 3-8
Figure 3-10 EOAM for VRRP Application Three........................................................ 3-8
Figure 3-11 Basic VRRP Configuration (IPv4) ......................................................... 3-12
Figure 3-12 Symmetrical VRRP Configuration (IPv4) .............................................. 3-14
Figure 3-13 VRRP Heartbeat Configuration (IPv4) .................................................. 3-16
Figure 3-14 VRRP Track Configuration (IPv4)......................................................... 3-18
Figure 3-15 VRRP Function and VRRP-Related LINK BFD Function
Configuration ........................................................................................ 3-21
Figure 4-1 Application Overview of Ping Detect ........................................................ 4-1
Figure 4-2
Figure 4-3 Track Ping Function Used for Directly Connected Routes ........................ 4-6
Figure 5-1 EFM Principle .......................................................................................... 5-2
Figure 5-2 Network Architecture of EFM Connection Establishment.......................... 5-6
Figure 5-3 EFM Remote Loopback ......................................................................... 5-10
Figure 6-1 Maintenance Domain ............................................................................... 6-2
Figure 6-2 CFM Connection Establishment............................................................... 6-7
Figure 6-3 Cross-L2 VPN Connectivity Detection .................................................... 6-12
Figure 7-1 PIM BFD Function Configuration Example ............................................. 7-10
Figure 7-2 Static Single-Hop BFD Configuration Example....................................... 7-14
Figure 7-3 Static Multi-Hop BFD Configuration Example ......................................... 7-16
I
SJ-20140731105308-016|2014-10-20 (R1.0)
II
SJ-20140731105308-016|2014-10-20 (R1.0)
Glossary
3G
- The 3rd Generation Mobile Communications
AC
- Access Circuit
APS
- Automatic Protection Switching
ARP
- Address Resolution Protocol
BFD
- Bidirectional Forwarding Detection
CCM
- Continuity Check Message
CFM
- Connectivity Fault Management
EFM
- Ethernet in the First Mile
ERO
- Explicit Route Object
FIB
- Forwarding Information Base
FRR
- Fast Reroute
GR
- Graceful Restart
IEEE
- Institute of Electrical and Electronics Engineers
IETF
- Internet Engineering Task Force
IGP
- Interior Gateway Protocol
IP
- Internet Protocol
IPTV
- Internet Protocol Television
III
SJ-20140731105308-016|2014-10-20 (R1.0)
IS-IS
- Intermediate System-to-Intermediate System
ITU
- International Telecommunications Union
LAN
- Local Area Network
LBM
- Loopback Message
LDP
- Label Distribution Protocol
LSA
- Link State Advertisement
LSP
- Label Switched Path
LSR
- Label Switch Router
LTM
- Link Trace Message
LTR
- Link Trace Reply
MA
- Maintenance Association
MAC
- Media Access Control
MAN
- Metropolitan Area Network
MIP
- Maintenance domain Intermediate Point
MP
- Merge Point
MPLS
- Multiprotocol Label Switching
MPU
- Management Process Unit
NGN
- Next Generation Network
NSR
- Non-Stop Routing
IV
SJ-20140731105308-016|2014-10-20 (R1.0)
Glossary
OAM
- Operation, Administration and Maintenance
OSPF
- Open Shortest Path First
OUI
- Organizationally Unique Identifier
PLR
- Point of Local Repair
PTN
- Packet Transport Network
PWE3
- Pseudo Wire Emulation Edge-to-Edge
QoS
- Quality of Service
RFC
- Request For Comments
SPF
- Shortest Path First
TCP
- Transmission Control Protocol
TTL
- Time To Live
VLAN
- Virtual Local Area Network
VPN
- Virtual Private Network
VRRP
- Virtual Router Redundancy Protocol
VoIP
- Voice over Internet Protocol
WAN
- Wide Area Network
V
SJ-20140731105308-016|2014-10-20 (R1.0)