Yet Another Blog About Segment Routing, Part2 - TI-LFA

12/06/2019 Yet Another Blog About Segment Routing, Part2 : TI-LFA
MEMBER LOGIN
HOME PODCASTS » NEWS HOSTS SUBSCRIBE SPONSOR CONTACT Search this website
You are here: Home / Blogs / Yet Another Blog About Segment Routing, Part2 : TI-LFA
Yet Another Blog About Segment Routing,

Part2 : TI-LFA
Diptanshu Singh July 20, 2015
So I nally got some time after a while to write something. In this post we will be
looking at Topology Independent LFA aka TI-LFA. We will also compare TI-LFA with
LFA, rLFA and TE-FRR. If you don’t already have familiarity with LFA’s or TE-FRR
then take a look at my previous posts on TE design and IP FRR and Microloops.
The premise here is Fast-Reroute and we already know that we could use RSVP-TE
or LFA to achieve that. So does TI-LFA in the world of Segment Routing has anything
new to offer ? . Let’s take a look.
Problem: LFA’s doesn’t guarantee 100% Coverage

We already know that coverage in LFA’s is “Game of Thrones Metrics”. The most
commonly cited topology is the ring topology when it comes to illustrating LFA
coverage. So lets take a look at the below ring topology.
https://packetpushers.net/yet-another-blog-about-segment-routing-part2-ti-lfa/ 1/18
In the below g. 1, R2 (Source) will send R6 (Destination) via R1. If a failure happens
at the link between R1-R2 then it cannot send it to R3 as a FRR backup for R1-R2 as YouTube
R3 will send the traf c back to R2 (S). Basically R3 doesn’t meet inequality#1 (3 < 1 +
Anuta ATOM: Assurance, Telemetry,
2) i.e. R3’s best path is through failed link. So plain LFA’s won’t work and that’s where
and Orchestration for Multi-Vendor
remote LFA (rLFA) comes into the picture to solve this kind of situation.
Networks (Sponsored) June 11, 2019
The Weekly Show
Heavy Networking 454: Analyzing

Encrypted Traf c In The TLS 1.3 Era
With ExtraHop (Sponsored) June 7,
2019
Priority Queue
PQ 162: Edge Compute Use Cases And

Juniper’s Contrail Edge Cloud
(Sponsored) February 21, 2019
Fig.1
Network Break
In the case of rLFA’s, we try to nd PQ Nodes i.e. nodes with overlap between
Extended P-Space and Q-Space. Network Break 238: Google Borks
Itself; Apple Slices IoT Gadgets Into
Extended P-Space: The extended P-space of the protecting router with respect to Security Zones June 10, 2019
the protected link is the union of the P-spaces of the neighbors in that set of
neighbors with respect to the protected link. In below g. 2, “Extended P-Space
Brie ngs In Brief
“contains the routers that are R2 (S)’s direct neighbor, i.e. R3 can reach without using
the R2 (S) -R1 link which is R4 and R5 node. Tech Bytes: Network And Performance
Monitoring With NetBeez (Sponsored)
Q-SPACE: Q-space of a router with respect to a protected link is the set of routers June 3, 2019
from which that speci c router that can be reached without any path (including
ECMP Splits) transiting that protected link. In below g. 2, “Q-Space “contains the
routers that normally reach R6 (D) without using the R2 (S) -R1 link which is R1, R5 Day Two Cloud
and R4 nodes.
Day Two Cloud 010: The Role Of Egress
Control In Cloud Security May 29, 2019
PQ-Node: A router that is in both Extended P-Space and Q-Space is a PQ-node. Any
router which is a PQ-node can be a remote LFA candidate, i.e. the candidate router
to whom, if R2 (S) can send the packet, it will forward the packet to the destination
Datanauts
without traversing through R2 (S) -R1 link. In our case R4 and R5 are the PQ nodes
and are considered remote LFA candidates for R2 (S). Datanauts 166: Can You Hire ‘DevOps’?
June 5, 2019
In below g. 2, our PQ nodes are R4 and R5.

Full Stack Journey
Full Stack Journey 031: Using Bolt For

Task Automation With Yasmin Rajabi
May 14, 2019
IPv6 Buzz
IPv6 Buzz 027: Making The Leap To

Enterprise IPv6 May 30, 2019
The Community Show
Day Two Cloud 006: Dealing With The

Unknown Unknowns Of Building Cloud
Applications April 3, 2019
Recent Comments
Greg Ferro on Network Break 238:

Google Borks Itself; Apple Slices IoT
Fig.2 Gadgets Into Security Zones
jim warner on Broadcom Trident 3 –

So in the case of rLFA, R2 (S) will use the nearest PQ node as its backup path in the Programmable, Varied And Volume
event of R1-R2 link failure. The way this will be achieved by R2 (S), is by stacking two
Hugo Moss on Network Break 238:
LDP labels. Outer LDP label X, is the label to reach R4 and inner LDP label Y to reach
Google Borks Itself; Apple Slices IoT
R6 (D) from R4. With the help of the targeted LDP session, R2 (S) can know what Gadgets Into Security Zones
LDP label (Y) is used by R4 for sending traf c towards R6 (D).
ekachai on FreeZTP: Zero-Touch
Provisioning for Cisco Catalyst
Which brings up the point that in order for the PLR to know what label is being used
by PQ node for destination (D), it has to establish a Targeted LDP session with PQ ReturnoftheMus on Network Break
node to get the FEC to label mappings. 238: Google Borks Itself; Apple Slices
IoT Gadgets Into Security Zones
Steve M on Cloud Images with cloud-init

Demysti ed
Fig.3
Now what if we increase the cost between R6 (D) and R5 then we don’t have any
nodes in PQ space which means rLFA cannot provide coverage in this situation.
Fig.4
So we have established two things so far:
1) rLFA requires targeted LDP sessions
2) We still don’t have 100% coverage.
In case of TI-LFA’s:
1) No Need of Targeted LDP sessions
So the rst improvement SR brings here is that there isn’t a need for Targeted LDP
sessions anymore. If we revisit our previous g. 3, In the case of SR, R2 (S) will stack
two labels, rst is the Node-SID label of R6 (D) and top label as Node-SID label of R4
i.e. 16004. Pretty simple right? As you can see SR brings simplicity by getting rid of
Targeted LDP sessions.
Fig.5
2) Double Segment Protection
As we saw earlier that in the case where there is no overlap between P and Q space
then rLFA doesn’t provide coverage. TI-LFA can provide coverage in these kind of
situations by steering the packets from P-Space to Q-Space nodes.
In the below Fig.6, Assume that the adjacency SID is 24065 for R5-R6 link. Then R2
(S) can form a three label stack with rst two top labels are used to steer the packets
from P to Q space nodes and third label is the destination pre x-sid label.
Fig.6
3) Path Optimality
Another thing which TI-LFA brings is the path optimality from PLR perspective. TI-
LFA’s always prefers the post-convergence path from a PLR point of view. So let’s
take a look
In g. 7, when the link between P4-P5 fails, we can see the backup paths taken in the
case of LFA and RSVP-TE.
Fig.7
In the case of RSVP-TE FRR (link protection, facility backup), traf c will circle all the
way back to the next-hop (P5). Obviously it’s sub-optimal, but is a temporary
condition till the headend PE1 realizes about the failure.
In the case of LFA, you can see that the path goes via P4–P2 link which has a higher
metric. Considering that metrics represents bandwidth of a link in a network, in the
event of a failure, traf c will be going through low bandwidth links which could cause
congestion and packet drops on the low capacity link. In this case it would be a better
if PLR i.e. P4 can use the post-convergence path from its perspective, i.e. via P1-P2-
P3 as the backup path, but in the case of LFA, P4 can’t use P1 as a backup path as
P1’s best path is via P4 (loop will occur).
In the case of TI-LFA, it’s possible for the PLR i.e. P4 to use the post-convergence
path which is via P1-P2-P3-PE2. In the below g.8, PLR P4 will send packets with
two stack labels with the top label to get to P2 and the inner pre x-sid for the
destination. Path for P2 from P4 perspective is via P1. When P1 sees the top label for
P2, it pops the label and send it towards P2 and from there you already know it will
follow all the way to the destination.So you can see in the case of TI-LFA, the optimal
path is used from a perspective of PLR.
Fig.8
Conclusion:
We saw in this post that TI-LFA’s brings 100% topology coverage, simplicity and path
optimality. I hope this post has given some deeper level insights to TI-LFA.
About Diptanshu Singh

Diptanshu Singh is a n00b who realizes everyday how big of a n00b he
is.Opinions expressed here are solely my own and do not express the views
or opinions of my Present or Past employer.
Comments
Bryan says
September 29, 2015 at 8:58 pm
Great explanation!
Reply
Robin Smith says

August 24, 2017 at 10:37 am
Very good doc thank you.
Robin Smith
CCIE #4230
Reply
Amit says
March 3, 2016 at 3:09 am
Very nice article.. and good to know some of the bene ts of TI-LFA- No T-LDP Session
and use of intersecting P and Q space when there is no PQ node, use of post
convergence path.
I have one doubt last example which you have shown – assume a topology where
there is no LFA and there is a PQ-node which is not a sub-optimal path, then how TI-
LFA will choose a post convergence path. Does it look for intersecting P and Q Space
?? or some-thing else ??
Thanks
Amit Dhamija
Reply
Dip says
March 4, 2016 at 3:48 pm

Hey Amit,
Correct me if I misunderstood your question, but essentially you are saying that if
there is no LFA and there is a PQ-Node which is on an optimal path (not a sub-
optimal path) aka post convergence path then what does TI-LFA does?. TI-LFA
will choose that PQ node. In comparison to rLFA where we would have needed a
Targeted-LDP to accomplish that, in the world of Segment-Routing, it will use
that Node-label to get to that PQ node.
Thanks
Dip
Reply
Amit says
March 6, 2016 at 5:55 am
Hi Dip
To be clear and more speci c – my query is if there exists an PQ node which

is not on an post convergence path – a temporary path as FRR takes for few
milliseconds. Now during this scenario how TI-LFA will ensure it can provide
the protection on post convergence path.
Will it choose this PQ node or use some other mechanism to choose the post
convergence path ??
Thanks !
Amit Dhamija
Reply
Dip says
March 6, 2016 at 6:48 am
Hey Amit,
Thanks for clari cation. I should have added one more example, which
covers your scenario. To answer your question, TI-LFA will choose a
Post-Convergence Path (which is better than having an intermediate
path, then converge again back to post-convergence path)…For
instance, Assume a Node1 which is con gured with TI-LFA link
protection, Node1 is going to calculate the post-convergence path with
the link being failed (the link which its protecting) and use that path as
the backup path aka post-convergence path for the protecting link.
Now the next question (which we have seen with LFA’s as well) is that
its possible that few nodes on the post-convergence path may point
back to the Protecting node Node1 to reach the destination hence a
loop. Now, thanks to Segment-Routing (Source Routing), Protecting
Node Node1 can express the backup-path in terms of Node SID’s +
Adjacency SID’s labels which allows the traf c to steer on the post-
convergence path without causing loops. Node1 will impose a node
label or combination of Node+Adjacency SID label for the intermediate
nodes on the post-convergence path to make sure that the loop doesn’t
occur. Example 2 Double-Segment Protection gives a glimpse of how a
Node can express the Path with Node+Adjacency SID labels, it isn’t
exactly the scenario we are talking about (I was more focussed on
explaining it with rings), but you can apply the same thought process in
terms of SR concept for the post convergence path.
Let me know if this still doesn’t answer it.
Thanks
Dip
Reply
Amit says
March 8, 2016 at 3:07 am
Thanks Dip for clari cation.
Regards
Amit Dhamija
leaf says
February 3, 2017 at 11:49 am
nice article!
Reply
Victor says
July 26, 2017 at 10:32 pm

I like this tutorial mostly. But I have different opinion on the comparison
between TI-LFA and TE-FRR after Fig. 7:
TE-FRR is to protect facility (router or link) failures. It will carry all impacted LSPs over
the single (or a few of) TE-FRR bypass LSP(s) around the impacted facility. That is why
TE-FRR will cause sub-optimal route for some end-to-end LSPs as shown in Fig.7.
TI-FRR is per-pre x based. That allows it to nd near-optimal
near protection route from
PLR (Point of Local Repair) to the destination. This makes it different from TE-FRR
was trying to accomplish. There is a Juniper version of detour FRR (within TE-FRR)
that might be able to do that but not well-deployed because of the scalability concern.
Another point of TE-FRR is that it can use either CSPF or the of ine computation to
nd bypass routes. The second of ine method allows TE-FRR to achieve similar or
better route selection criteria and exibility comparing to TI-FRR. The “better” comes
from the longer list of pin-pointed nodes alone the route without limitation of SID
depth on routers, and the scalable features since TE-FRR bypass LSP aggregate all
LSPs instead of TI-FRR using per- ow based protection.
Reply
Leave a Reply
Your email address will not be published. Required elds are marked *
Comment
Name *
Email *
Website
Post Comment
PacketPushers Podcast PacketPushers Articles Website Information Connect

Heavy Networking All the News & Blogs Frequently Asked Questions Contact PacketPushers
Network Break Only the Latest News Subscribe Ask Me Anything
Priority Queue Only the Community Blogs Sponsorship Subscribe to Podcasts
Brie ngs In Brief Virtual Toolbox How To Pitch Us Sponsorship
Datanauts Meet the Hosts
Full Stack Journey Search Terms & Conditions
IPv6 Buzz Privacy Policy
Search this website Search
Day Two Cloud
Community Podcast
© Copyright 2019 Packet Pushers Interactive, LLC · All Rights Reserved

Yet Another Blog About Segment Routing, Part2 - TI-LFA

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Yet Another Blog About Segment Routing, Part2 - TI-LFA

Hochgeladen von

Copyright:

Verfügbare Formate

12/06/2019 Yet Another Blog About Segment Routing, Part2 : TI-LFA

Yet Another Blog About Segment Routing,

Problem: LFA’s doesn’t guarantee 100% Coverage

The Weekly Show

Heavy Networking 454: Analyzing

PQ 162: Edge Compute Use Cases And

Full Stack Journey 031: Using Bolt For

IPv6 Buzz 027: Making The Leap To

The Community Show

Day Two Cloud 006: Dealing With The

Greg Ferro on Network Break 238:

jim warner on Broadcom Trident 3 –

Steve M on Cloud Images with cloud-init

So we have established two things so far:

1) rLFA requires targeted LDP sessions

2) We still don’t have 100% coverage.

2) Double Segment Protection

About Diptanshu Singh

Robin Smith says

March 4, 2016 at 3:48 pm

To be clear and more speci c – my query is if there exists an PQ node which

Let me know if this still doesn’t answer it.

July 26, 2017 at 10:32 pm

PacketPushers Podcast PacketPushers Articles Website Information Connect

© Copyright 2019 Packet Pushers Interactive, LLC · All Rights Reserved

Das könnte Ihnen auch gefallen