Beruflich Dokumente
Kultur Dokumente
V800R002C01
Issue 01
Date 2011-10-15
and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.
All other trademarks and trade names mentioned in this document are the property of their respective holders.
Notice
The purchased products, services and features are stipulated by the contract made between Huawei and the
customer. All or part of the products, services and features described in this document may not be within the
purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information,
and recommendations in this document are provided "AS IS" without warranties, guarantees or representations
of any kind, either express or implied.
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute the warranty of any kind, express or implied.
Website: http://www.huawei.com
Email: support@huawei.com
Intended Audience
This document describes the network reliability features in terms of its overview, principle, and
applications.
This document together with other types of document helps intended readers get a deep
understanding of the network reliability features.
This document is intended for:
l Network planning engineers
l Commissioning engineers
l Data configuration engineers
l System maintenance engineers
Symbol Conventions
The symbols that may be found in this document are defined as follows.
Symbol Description
Symbol Description
Indicates a tip that may help you solve a problem or save time.
Change History
Updates between document issues are cumulative. Therefore, the latest document issue contains
all updates made in previous issues.
Contents
2 VRRP..............................................................................................................................................17
2.1 Introduction to VRRP.......................................................................................................................................18
2.2 References........................................................................................................................................................19
2.3 Principles..........................................................................................................................................................20
2.3.1 Master/Backup Mode..............................................................................................................................24
2.3.2 VRRP Load Balancing............................................................................................................................24
2.3.3 VRRP Security........................................................................................................................................25
2.3.4 Tracking the Interface Status...................................................................................................................25
2.3.5 Fast VRRP Switchover............................................................................................................................26
2.3.6 Enabling the Virtual IP Address to Be Pinged........................................................................................26
2.4 Applications......................................................................................................................................................26
2.4.1 VRRP Tracking the Interface Status.......................................................................................................27
2.4.2 VRRP Tracking the BFD Session Status.................................................................................................28
3 EFM OAM.....................................................................................................................................29
3.1 Introduction to EFM OAM...............................................................................................................................30
3.2 References........................................................................................................................................................31
3.3 Principles..........................................................................................................................................................31
3.3.1 Peer Discovery.........................................................................................................................................31
3.3.2 Link Monitoring......................................................................................................................................33
3.3.3 Fault Notification.....................................................................................................................................33
3.3.4 Remote Loopback....................................................................................................................................34
3.3.5 Association Between EFM OAM and an Interface.................................................................................34
3.4 Applications......................................................................................................................................................35
1 BFD
Purpose
BFD minimizes the impact of a fault on services and improves network availability. To achieve
this, a network device must quickly detect a communication fault between adjacent devices. The
upper-layer protocol can then rectify the fault to maintain normal services.
On a live network, a link fault can be detected in one of the following ways:
l Hardware detection signals (for example, the Synchronous Digital Hierarchy (SDH) alarm
function) can detect a link fault. This allows for the quick fault detection .
l If the preceding method is unavailable, the Hello mechanism of a routing protocol can
detect a fault.
The preceding methods, however, have the following problems:
l Only certain media support fault detection through hardware.
l It takes longer than one second for the Hello mechanism of a routing protocol to detect a
fault. When data is transmitted at gigabit rates, such a slow detection will cause a large
amount of data to be discarded.
l In small-scale Layer 3 networks with no deployed routing protocols, the Hello mechanism
of a routing protocol cannot be used to detect a fault. In this case, a fault between any of
the interconnected systems is hard to detect.
BFD is developed to address the preceding problems.
The BFD provides the following functions:
l Fault detection with a light load and high speed for channels between neighboring
forwarding engines. It can detect faults that occur on an interface, a data link, or a
forwarding engine.
l Provides a unified mechanism to monitor any media and protocol layer in real time.
BFD sessions cannot be created on a management interface or bound to the IP address of a
management interface.
Benefits
BFD is used to monitor and rapidly detect changes in the connectivity of links or IP routes on a
network, which helps improve network performance. Quickly detecting a communication failure
between adjacent systems can help the system rapidly create a backup tunnel to restore
communication and improve the reliability of a network.
1.2 References
The following table lists the references of this document.
1.3 Principles
BFD detects communication faults between forwarding engines. Specifically, BFD detects the
connectivity of a data protocol on a path between systems. The path can be a physical link or a
logical link, including tunnels.
BFD interacts with upper-layer applications in the following way:
l An upper-layer application provides monitoring parameters for BFD, such as the address
and time.
l Using these parameters, BFD creates, deletes, or modifies a BFD session and notifies the
upper-layer application of the BFD session status.
BFD has the following features:
l Provides fault detection with a light load and high speed for paths between neighboring
forwarding engines.
l A single mechanism for fault detection on all mediums and protocol layers, providing a
uniform detection mechanism on an entire network.
The following sections describe the basic functions of BFD, including the BFD detection
mechanism, the types of links that BFD detects, session establishment modes, and session
management.
parameters include discriminators, expected minimum intervals for sending and receiving BFD
control packets, and local BFD session status. After negotiating successfully, BFD control
packets are periodically sent along the path between these two systems at the negotiated receiving
and sending intervals.
BFD can operate in one of two modes:
l Asynchronous mode: is the mode BFD primarily operates in. In asynchronous mode, two
systems periodically send BFD control packets to each other along the path between them.
If one system repeatedly fails to receive multiple BFD control packets within a specified
period, the status of the BFD session is considered Down.
l Demand mode: is used if a large number of BFD sessions exist on a system. With many
BFD sessions, periodically sending BFD control packets is very resource-intensive and
affects system performance. In this situation, the demand mode can be used. In demand
mode, the system does not periodically send BFD control packets after a BFD session has
been set up, but it detects connectivity through another mechanism (such as the Hello
mechanism of a routing protocol or the hardware detection mechanism) to reduce the
amount of system resources required by the BFD session.
LDP LSPs
TE: tunnels and static Constraint-Routing LSPs (CR-LSPs) and Resource Reservation
Protocol (RSVP) CR-LSPs that are bound to the tunnels.
BFD can detect a TE tunnel that uses a signaling protocol such as CR-static or RSVP-TE,
and the primary LSP bound to the TE tunnel.
In dynamic mode, BFD can detect the following types of LSPs:
LDP LSPs
TE: Static CR-LSPs and RSVP CR-LSPs that are bound to tunnels.
BFD sessions are differentiated by the My Discriminator field and the Your Discriminator field
in BFD control packets. The configurations of the My Discriminator field and the Your
Discriminator field are different depending on whether either a static BFD session or a dynamic
BFD session is being set up.
l Down: A BFD session is in the Down state or has been just set up.
l Init: The local system can communicate with the remote system, and the local system
expects the session to go Up.
l Up: A BFD session is successfully set up.
l AdminDown: A BFD session is in the administratively Down state.
The session status is conveyed in the State field of a BFD control packet. The system changes
the session status based on the local session status and the received session status of the remote
end.
When a BFD session is to be set up or deleted, the BFD state machine implements a three-way
handshake to ensure that the two systems are aware of the status change.
Figure 1-1 shows the transition process of the state machine in the establishment of a BFD
session.
INIT => UP
Sta: Up INIT => UP
Sta: Up
1. Router A and Router B start their BFD state machines with an initial state of Down.
Router A and Router B send BFD control packets with a State field of Down. In a static
BFD session, the value of the Your Discriminator field in a BFD control packet is manually
specified. In a dynamic BFD session, the value of the Your Discriminator field is 0.
2. After receiving a BFD packet with a State field of Down, Router B switches the session
status to Init and sends a BFD packet with a State field of Init.
3. After the local BFD session status of Router B changes to Init, Router B no longer processes
the received BFD packets with a State field of Down.
4. The state transition of the BFD session on Router A is the same as the state transition of
the BFD session on Router B.
5. After receiving a BFD packet with a State field of Init, Router B changes the local session
status to Up.
6. The status change of the BFD session on Router A is the same as the status change of the
BFD session on Router B.
BFD for IP detects single-hop and multi-hop IPv4 and IPv6 links:
l Single-hop BFD detects the IP route connectivity between directly-connected systems. The
single hop refers to a hop on an IP link. Only one single-hop BFD session can be set up to
detect a specified interface that is enabled with a specified data protocol between two
systems.
l Multi-hop BFD detects all paths between two systems. Each path may contain multiple
hops, and these paths may partially overlap.
Application Environment
Typical application I:
Figure 1-2 shows a BFD session detecting a single-hop IPv4 path between two routers and the
BFD session is bound to the outgoing interface.
POS1/0/0 POS1/0/0
10.1.1.1/25 10.1.1.2/25
RouterA RouterB
BFD session
Figure 1-3 shows a BFD session detecting a multi-hop IPv4 path between Router A and
Router C. The BFD session is bound to the peer IP address but not the outgoing interface.
BFD session
Figure 1-4 shows a BFD session detecting a single-hop IPv6 path between Router A and
Router B. The BFD session is bound to the outgoing interface.
BFD session
RouterA RouterB
GE1/0/0 GE1/0/0
2001::1/64 2001::2/64
BFD session
BFD session
BFD session
link is normal. On a trunk member link, multicast BFD packets are forwarded through the
network layer without IP attributes, and they travel directly through the data link layer to detect
link connectivity. The remote IP address used in the multicast BFD session is the default known
multicast IP address (224.0.0.107-224.0.0.250). Any packet with the default known multicast
IP address is forwarded to the BFD module. The IP forwarding process is then complete.
Application Environment
GE1/0/0 GE1/0/0
RouterA RouterB
BFD session
As shown in Figure 1-6, multicast BFD can quickly detect connectivity of a link between
interfaces. A BFD session that adopts the default multicast address and is bound to the outgoing
interface GE 1/0/0 is required on Router A and Router B to quickly detect the connectivity of
the link in between them.
Application Environment
GE1/0/0 GE1/0/0
RouterA RouterB
BFD session
In Figure 1-7, a BFD session is established between Router A and Router B. The BFD session
sends a packet with the source address of the default multicast IP address to the bound interface
GE 1/0/0 to detect the single-hop link. After BFD for PIS is configured, when detecting a link
fault, the BFD session sends a message indicating the Down state to the associated interface.
The interface then enters the BFD Down state.
1.4 Applications
Unlike dynamic routing protocols, USRs lack a detection mechanism. If a fault occurs on a
network, an administrator needs to handle it manually. Using BFD for USR, BFD sessions are
bound to IPv4 static routes on a public network and can detect the status of the links of those
routes.
A single BFD session can only be bound to a single IPv4 USR. When a BFD session bound to
a USR detects a fault (for example, the link changes from Up to Down) on a link of the USR,
BFD reports the fault to the routing management module (RM). Then, the RM sets the USR to
"inactive" (indicating that the route is unavailable and deleted from the IP routing table).
When the BFD session bound to the USR is successfully set up or the link of the USR recovers
from the fault (that is, the link changes from Down to Up), BFD reports the event to the RM and
the RM sets the USR to "active" (indicating that the route is available and added to the IP routing
table).
BFD for OSPF associates a BFD session with OSPF. The BFD session quickly detects any link
failure and notifies OSPF of the failure. This shortens the time required for OSPF to respond to
a change of network topology.
Table 1-1 shows the time required for network convergence when OSPF is and is not associated
with a BFD session.
RouterC
cost1
cost1
POS1/0/0
RouterA RouterB
POS2/0/0
cost1
cost10
RouterD
As shown in Figure 1-8, Router A sets up OSPF neighbor relationships with both Router C and
Router D. The outgoing interface of the route from Router A to Router B is POS 1/0/0, and the
route is destined for Router B through Router C. When the neighbor status is Full, OSPF notifies
BFD of the establishment of a BFD session.
1. When the link between Router A and Router C fails, BFD detects the fault and notifies
Router A of it.
2. Router A then processes that the neighbor has gone Down and recalculates the route. The
outgoing interface of the new route is POS 2/0/0, and the route is destined for Router B
through Router D.
BFD for IS-IS refers to the dynamic establishment of a BFD session that is triggered by IS-IS
but not configured manually. When detecting a fault, the BFD session notifies IS-IS of the fault
through the RM. Then, IS-IS processes the event that the neighbor has gone Down and quickly
updates the link state PDU (LSP) and performs the partial route calculation (PRC). In this
manner, IS-IS routes quickly converge.
The BFD detection interval can be set in milliseconds. Instead of replacing the Hello mechanism
of IS-IS, BFD works with IS-IS to quickly detect an adjacency fault. In addition, BFD instructs
IS-IS to recalculate routes, which ensures correct packet forwarding.
Application Environment
BFD session
BFD is enabled on Router A, Router B, and Router C. When a fault occurs on the link between
Router A and Router B, the BFD session quickly detects the fault and notifies IS-IS of the fault
through the RM. Then, IS-IS sets the neighbor status to Down to trigger an IS-IS topology
calculation. In addition, IS-IS updates LSPs to ensure that other neighbors, such as those of
Router C and Router B, can receive the updated LSPs from Router B quickly. In this manner,
the network topology quickly converges.
Application Environment
BFD session
AS 100 AS 200
EBGP
POS1/0/0
POS1/0/0
200.1.1.2/24
RouterA200.1.1.1/24
RouterB
BFD session
As shown in Figure 1-10, Router A belongs to AS 100 and Router B belongs to AS 200.
Router A and Router B are directly connected and an External Border Gateway Protocol (EGBP)
connection is set up. BFD is enabled to detect the BGP neighbor relationship between Router A
and Router B. When the link between Router A and Router B fails, BFD can quickly detect the
fault and notify BGP of the fault.
Application Environment
P1
PE1 CE2
BFD session
PE3
As shown in Figure 1-11, only traffic from PE1 to CE2 is involved in this implementation. When
a fault occurs on the link between PE1 and P1, PE1 can detect the fault through the interface,
and BFD for LDP LSP is not required. When a fault occurs on the link between P1 and PE2,
however, PE1 cannot detect the fault through the interface, therefore BFD for LDP LSP needs
to be configured so that faults can be quickly detected.
An LDP LSP is set up from PE1 to PE2. BFD for LDP LSP is enabled and a BFD session is set
up to detect the LDP LSP. In addition, policies for Virtual Private Network fast reroute (VPN
FRR) are configured on PE1 and the protection path between PE1 and PE3 is specified.
When a fault occurs on the link between PE1 and P1 or between P1 and PE2, PE1 quickly detects
the LSP fault and triggers VPN FRR switching. In this manner, traffic is switched to the path
PE1 -> PE3 -> CE2 for protection.
The traditional detection mechanisms, including the RSVP Hello mechanism and the RSVP
summary refresh (Srefresh) mechanism, require a long time to detect a fault. BFD uses fast
packet transmission mode and can quickly detect faults on an MPLS TE tunnel, which then
triggers the fast traffic fallover. In this manner, services are maintained.
Dynamic BFD for CR-LSP functions in the same manner as static BFD for CR-LSP. The
session establishment mode of dynamic BFD for CR-LSP is different from that of static
BFD for CR-LSP. In dynamic BFD for CR-LSP, the establishment of a BFD session is
dynamically triggered.
The difference between BFD for TE and BFD for CR-LSP is that the objects that BFD reports
faults to are different. In BFD for TE, BFD notifies applications such as VPN, of faults and
triggers the traffic fallover between different tunnel interfaces. In BFD for CR-LSP, BFD notifies
TE tunnels of faults and triggers the traffic fallover between different CR-LSPs in the same TE
tunnel.
BFD is bound to an LSP, and a BFD session is set up between the ingress and the egress. A BFD
packet is sent by the ingress and forwarded to the egress through an LSP. Then, the egress
responds to the BFD packet. In this manner, a BFD session at the ingress can quickly detect any
change to the status of the path through which the LSP passes.
After a link fault is detected, BFD notifies the LSP management module. Then, traffic is switched
to the backup LSP, and a new BFD session is set up between the ingress and the egress along
the backup LSP.
Before
switchover
After switchover
Primary Lsp
Backup Lsp
BFD session
In Figure 1-12, a BFD session detects the link through which the primary LSP passes. When a
fault occurs on the link of the primary LSP, the BFD session at the ingress immediately reports
the fault to the forwarding plane. Then, the ingress switches traffic to the backup LSP.
Application Environment
This networking is applicable to BFD for TE, BFD for hot standby, and BFD for tunnel protection
group.
R1 R2
P2 Primary tunnel
Backup tunnel
P3
Primary Lsp
Backup Lsp
2 VRRP
l VRRP Router: It is a device running VRRP and may join one or multiple virtual routers.
l Virtual Router: It is an abstract device managed by VRRP, also called a VRRP backup
group. A virtual router functions as the default gateway in a shared local area network
(LAN). A virtual router consists of a virtual router identifier and a group of virtual IP
addresses.
l Virtual IP address: It is the IP address of a virtual router. A virtual router can be manually
assigned one or multiple virtual IP addresses.
l IP address owner: It is a VRRP router that uses a virtual IP address as the actual interface
address. When working normally, the VRRP router responds to the packets with the
destination address being the virtual IP address, such as ping packets and TCP packets.
l Virtual MAC address: It is a MAC address generated by a virtual router according to a
virtual router ID. A virtual router has one virtual MAC address in the format of
00-00-5E-00-01-{VRID}. When responding to an Address Resolution Protocol (ARP)
request, a virtual router uses the virtual MAC address rather than the real MAC address of
the interface.
l Primary IP address: A primary IP address is selected from the real interface addresses.
Usually, it is the first configured IP address of the interface. The primary IP address is used
as the source IP address in VRRP advertisement packets.
l Master Router (virtual router master): It is a VRRP router that forwards packets to the
virtual IP address or responds to ARP requests. When an IP address owner is available, it
usually functions as the master router.
l Backup Routers (virtual router backups): They are a group of VRRP routers that do not
forward packets. When the master router becomes faulty, the backup routers compete to
be the new master router.
l Preemption mode: In preemption mode, if the priority of a backup router is higher than the
priority of the current master router, the backup router automatically becomes the master
router.
Purpose
With the development of the Internet, the demand for high network reliability is increasing. For
LAN users, it is important to be in contact with the external network at any time.
Usually, all hosts within a network are configured with the same default route destined for an
egress gateway. In this manner, the hosts communicate with external networks. When the egress
gateway becomes faulty, all hosts fail to communicate with external networks.
To improve the reliability of the system, a common method is to configure multiple egress
gateways. The route selection among these gateways, however, is a problem to be solved because
hosts in a LAN do not support dynamic routing protocols.
In this situation, the Internet Engineering Task Force (IETF) puts forward VRRP. VRRP
provides reliability for hosts in a LAN to access external networks. A VRRP backup group with
a specified virtual IP address can be configured on routers. Hosts use the virtual IP address as
the default gateway address. This implements gateway backup without changing the networking.
This protocol defines the following application functions:
Benifits
A VRRP backup group brings uses the following benefits:
2.2 References
The following table lists the references of this document.
RFC 2338 Virtual Router Redundancy Protocol (version number One 1998) -
RFC 2787 Definitions of Managed Objects for the Virtual Router Redundancy -
Protocol
RFC 3768 Virtual Router Redundancy Protocol (version number Two 2004) -
RFC5798 Virtual Router Redundancy Protocol Version 3 for IPv4 and IPv6 -
2.3 Principles
VRRP combines a group of routers on a LAN into a backup group that functions as a virtual
router. Hosts on the LAN only use the IP address of the virtual router, not the actual IP address
of a target device. By setting the IP address of the virtual router as the default gateway, the hosts
on the LAN can communicate with external networks using this virtual gateway.
VRRP dynamically associates the virtual router with a physical router that transmits services.
When the physical router fails, another router is elected to transmit services. The entire process
is transparent to users. The internal and external networks can communicate without interruption.
Virtual IP Address:
10.110.10.1 RouterA
Master
10.110.10.5
HostA
RouterB
Backup
10.110.10.6
HostB Network
RouterC
10.110.10.7 Backup
HostC
Ethernet
On the network shown in Figure 2-1, the implementation of the virtual router is as follows:
l Router A, Router B, and Router C form a VRRP backup group that functions as a virtual
router. The IP address of the virtual router is 10.110.10.1. The virtual IP address can be
specified or borrowed from an interface on another router in this VRRP backup group.
l The actual IP addresses of the physical routers: Router A, Router B, and Router C are
10.110.10.5, 10.110.10.6, and 10.110.10.7 respectively.
l Hosts on the LAN only need to set the default route to 10.111.10.1 rather than a physical
interface address of a specific router.
Hosts communicate with external networks by using this virtual gateway. The working
mechanism of the VRRP backup group is as follows:
l A master router is selected according to the priority. There are two modes for the selection
of a master router.
After a comparison of priorities, the router with a higher priority is selected as the master
router.
When two routers with the same priority compete to be the master router, their IP
addresses are compared. The router whose interface has a higher IP address is selected
as the master router.
l Other routers function as backup routers and track the status of the master router all the
time.
When working normally, the master router sends a VRRP advertisement packet at
intervals to notify the backup routers in the group that the master router works normally.
In a VRRP backup group consisting of a master router and a backup router, if the backup
router has not received any advertisement packet from the master router within a period
of time, the backup router becomes the master router. If there are multiple backup
routers in a VRRP backup group and the backup routers have not received any
advertisement packet from the master router within a certain period of time, more than
one backup router may claim to be the master router in a short period. The routers then
compare the priorities of the received VRRP packets with the local priority, and the
router with a higher priority is selected as the master router. After a backup router
becomes the master, it sends gratuitous ARP packets to refresh MAC entries on the
routers. In this manner, user traffic is switched to the master router. In addition, the
entire process is open to users.
The preceding analysis shows that in VRRP, no additional operations need to be performed on
the hosts, and the hosts can communicate with external networks normally even when a router
fails.
0 34 7 15 23 31
Version Type Virtual Rtr ID Priority Count IP Addrs
Auth Type Adver Int Checksum
IP Address (1)
...
IP Address (n)
Authentication Data (1)
Authentication Data (2)
Figure 2-3 shows the transition process of the VRRP state machine.
Initialize
A
A
ed
Sh
S t ts p
d
iv
an
ce
a r ri o
ut
i
t u ri
do
re
d
5 ve
p ty
w
is
m is
25 ei
n
ge
i s ec
es s
m
sa
es
r
sa ma
rit is
es
sa
g e lle
io e
m
ge
pr ag
is r t h
y
n
s
w
is
re an
its es
do
ce 2
re
m
ut
ce
iv 5 5
up
Sh
ed
iv
at
ed
A
an
St
Initialize: After a device in a VRRP backup group starts, the device works in the Initialize state.
If this device receives a Startup message indicating that its VRRP-enabled interface is Up, this
device transitions to Backup or Master. If the device is the IP address owner whose VRRP
priority value is 255, it transitions to Master after receiving the Startup message. A device in the
Initialize state processes no VRRP Advertisement packet.
l Transitions to Backup if the VRRP priority in a received VRRP packet is higher than the
local VRRP priority.
l Transitions to Backup if the VRRP priority in a received VRRP packet is the same as the
local VRRP priority and the IP address of the sender is higher than the IP address of the
master device.
l Transitions to Initialize after receiving a Shutdown message, indicating that the VRRP-
enabled interface has been shut down.
Backup: A device in the Backup state performs the following operations:
l Receives VRRP Advertisement packets from the master device, and checks whether the
sender is the master.
l Produces no response to an ARP request carrying the virtual IP address.
l Discards IP packets whose destination MAC address is the virtual MAC address.
l Discards IP packets whose destination IP address is the virtual IP address.
l Discards packets carrying VRRP priorities lower than the local VRRP priority and does
not reset the Adver_Timer. Alternatively, it discards the packet and resets the Adver_Timer,
but does not compare IP addresses if receiving packets carrying VRRP priorities the same
as the local VRRP priority.
l Transitions to Master if a Master_Down_Timer timeout message is received.
l Transitions to Initialize after receiving a Shutdown message, indicating that the VRRP-
enabled interface is shut down.
RouterB
Backup
10.110.10.6
HostB Network
RouterC
Backup/Master
HostC 10.110.10.7
Ethernet
Backup group 2
Virtual IP Address:
10.110.10.2
As shown in Figure 2-4, two backup groups are configured, namely, Backup group 1 and Backup
group 2.
l Router A functions as the master in Backup group 1 and a backup in Backup group 2.
l Router B functions as a backup in both Backup group 1 and Backup group 2.
l Router C functions as the master in Backup group 2 and a backup in Backup group 1.
l Certain hosts use Backup group 1 as the gateway, and the other hosts use Backup group 2
as the gateway.
In this manner, load balancing of data traffic is carried out, and the mutual backup is achieved.
the priority of each device in the VRRP backup group automatically changes by a certain value.
This allows the VRRP-enabled devices in the VRRP backup group to re-compete with each other
to be the master device.
A VRRP backup group tracks a maximum of eight interfaces in either of the following modes:
l Increase mode: means that if the tracked interface goes Down, the VRRP priorities of
devices in a VRRP backup group increase by a specified value.
l Reduce mode: means that if the tracked interface goes Down, the VRRP priorities of devices
in a VRRP backup group reduce by a specified value.
2.4 Applications
Figure 2-5 Networking diagram for VRRP tracking the interface status
Internet
GE1/0/0 GE1/0/0
Switch
Solved problem: VRRP cannot detect status changes of VRRP-incapable interface. If the link
between the VRRP-enabled device and hosts fails, VRRP cannot detect the fault and services
are interrupted.
On the network shown in Figure 2-5, VRRP is enabled on Router A and Router B. The VRRP
priority of Router B is higher than that of Router A. Router B tracks the interface connected to
the Internet in Reduce mode. Router B is the master device and forwards user traffic along the
links in green in Figure 2-5. Router B is tracking the interface connected to the Internet in Reduce
mode. If the interface fails, the VRRP backup group detects the change and reduces VRRP
priorities to perform a master/backup switchover. As a result, Router A preempts the master
device and takes over user traffic.
RouterA RouterB
Switch
Solved problem: Traffic loss lasts a long time though a VRRP backup group detects a link fault
after the fault occurs.
Configuration notes are as follows:
l BFD that detects faults in milliseconds is enabled to detect faults in the link between
Router A and Router B. If the link or a remote host fails, the BFD session can rapidly detect
the fault.
l After the VRRP backup group is configured to track the BFD session, if BFD detects a
fault, the BFD session goes Down. The VRRP backup group will be notified of the status
change.
l The VRRP backup group adjusts the VRRP priorities to allow a backup device to rapidly
preempt the master device.
l By tracking the BFD session, a VRRP backup group performs a master/backup switchover
within 200 milliseconds.
On the network shown in Figure 2-6, a VRRP backup group is configured on Router A and
Router B. Router A is the master device and forwards user traffic. A BFD session is established
on Router A and Router B. The VRRP backup group tracks the status of the BFD session. If the
status of the BFD session changes, the VRRP priorities of devices in the VRRP backup group
change. This triggers the master/backup switchover. If a BFD session detects a link fault between
Router A and a switch, the BFD session goes Down and the status change is reported to VRRP.
The priority of Router B increases to be higher than the priority of Router A. Router B becomes
the master immediately and subsequent user traffic is forwarded by Router B. In this manner,
the master/backup VRRP switchover is rapidly performed.
3 EFM OAM
Purpose
Since it first appeared, the Ethernet technology has gradually become the major LAN technology
because of its easy implementation and low costs. In recent years, Gigabit Ethernet and 10G
Ethernet have been introduced, which have enabled Ethernet to expand its sphere of application
to MANs or WANs.
Ethernet was initially used in LANs. Compared with MANs and WANs, LANs have less
stringent reliability and stability requirements. Ethernet, therefore, lacks an OAM mechanism,
which hinders Ethernet from developing into an ISP network. As such, it becomes necessary to
implement OAM on the Ethernet.
3.2 References
Document Description Remarks
3.3 Principles
Interface 1
in active mode Responds to peer discovery
by replying with an OAM PDU
In Figure 3-1, assume that the EFM OAM working mode of Interface 1 is active and that the
mode of Interface 2 is passive. After EFM OAM is enabled on Interface 1, the EFM OAM state
of Interface 1 becomes Discovery. The peer discovery process is performed as follows:
1. Interface 1 sends an OAM PDU to Interface 2. This OAM PDU carries the EFM OAM
configuration of Interface 1.
2. After receiving the OAM PDU, Interface 2 compares its EFM OAM configuration with
that of Interface 1 and then responds with an OAM PDU. The OAM PDU sent from
Interface 2 to Interface 1 carries not only the EFM OAM configurations of both Interface
1 and Interface 2, but also the Flags field, which indicates whether Interface 2 is satisfied
with the EFM OAM configuration of Interface 1.
Figure 3-2 shows the OAM PDU format.
3. After receiving the OAM PDU sent by Interface 2, Interface 1 compares its EFM OAM
configuration with that of Interface 2 to check whether their configurations match.
After the preceding process is complete, Interface 1 and Interface 2 enter the Detect state if their
EFM OAM configurations match. In the Detect state, the two interfaces periodically send OAM
PDUs to maintain their neighbor relationship. If their EFM OAM configurations do not match,
the two interfaces remain in the Discovery state and keep sending OAM PDUs for status
negotiation until the negotiation succeeds or EFM is disabled on one or both of the interfaces.
l Interface faults: If an interface fault occurs, the EFM module logs the fault event and sends
an Information OAMPDU to report the fault event to the peer device.
l Board or system reset: If a board or system is reset, the EFM module logs the fault event
and sends an Information OAMPDU to report the fault event to the peer device.
Non-OAM PDUs
Interface 1 Interface 2
in active mode in passive mode
Data flow
Remote loopback can be enabled on an interface only when the interface is in active mode and
both the local interface and its remote peer are in the Detect state. Remote loopback functions
as follows:
1. The local interface sends a loopback request to the remote interface and waits for a response.
2. After receiving the loopback request from the local interface, the remote interface sends a
loopback reply to the local interface and then enters the remote loopback state.
3. If the local interface receives the loopback reply within two seconds, it enters the remote
loopback state. If the local interface does not receive a loopback reply in two seconds, it
retransmits a loopback request to the remote interface. An interface can retransmit a
loopback request a maximum of three times.
To stop remote loopback, the local interface sends the remote interface a message that disables
remote loopback. After receiving this message, the remote interface exits the loopback state.
Users may forget to stop remote loopback after a remote loopback test, which will make the link
unable to forward service data for a long time. To avoid such a situation, remote loopback can
be automatically disabled after a timeout period. The timeout period of remote loopback is
configurable. After remote loopback times out, the local interface automatically sends the remote
interface a message to disable remote loopback.
are blocked. Therefore, associating EFM OAM with an interface may greatly affect services.
After detecting link connectivity recovery, EFM OAM resumes packet forwarding and unblocks
Layer 2 and Layer 3 services on the interface. Before associating EFM OAM with an interface,
ensure that the EFM OAM protocol state of the interfaces at both ends of the link is Detect.
Current optical interfaces support the full-duplex mode. Optical interfaces are considered
physically Up if they can receive packets. It is possible, however, for the working state and
physical state of an optical interface to be inconsistent.
In Figure 3-5, Device A and Device B are connected through two optical interfaces, GE 1/0/1
and GE 1/0/1. If Line 2 becomes faulty, GE 1/0/1 on Device B cannot receive any packets, and
its physical state becomes Down. GE 1/0/1 on Device A can still receive packets sent by Device
B over Line 1. Therefore, the physical state of GE 1/0/1 on Device A remains Up. In this case,
however, GE 1/0/1 on Device A is unable to transmit services, and the services on Device A are
not aware of the actual working state of this interface. As a result, service transmission is affected.
Figure 3-5 Schematic diagram of EFM OAM connectivity check for a single fiber
Device A Device B
GE1/0/1 GE1/0/1
2
TX
GE1/0/1 1 GE1/0/1
RX
3.4 Applications
EFM OAM can be used to detect faults on and monitor the performance of E-LAN services.
Metro
CE
UPE CE
802.3ah detection
802.3ah is used between CEs and UPEs to implement OAM between links.