Post on 04-Jan-2016
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
IPFRR: Network Availability and Simplicity BRKRST-3052 Jean-Marc Barozet (jmb@cisco.com)
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
! !Fast Reroute Requirements ! !BGP PIC ! !Loop Free Alternate (LFA) Per
Prefix LFA ! !Remote LFA ! !LFA Implementation
! !Configuration ! !Example
! !Conclusion
AGENDA
Fast Reroute Requirements
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
Convergence: Impact of Outage on Video
Convergence Low motion best
Low motion worst
High motion best
High motion worst
10ms 33ms 634ms 33ms 634ms
50ms 167ms 667ms 67ms 667ms
100ms 267ms 767ms 167ms 667ms
200ms 434ms 934ms 267ms 767ms
!"#$%#&(%##)*+, #-./0% 1#/&%#2%3/#$%#45#%67%4/#83##99+, #:83;.7";+%#5:#/&%#$-;3/ #43%#83#2%4.3%#$%#0-/ #.5=.4?@#5:#=-3/#5#!>";+%A#B&%#$-;3/ #43%#=-33#"-;#=-$#+-
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
Convergence
! ! Assume a flow from A to B ! ! T1: when L dies, the best path is impacted
! ! loss of traffic
! ! T2: When the traffic reaches the destination again through the computed next best path. ! ! If fast reroutes technologies are used, this may happen well before the network convergence ! ! Once the network converges, a next best path is computed
! ! Loss of Connectivity: T2 T1, called convergence hereafter ! ! Traffic can be restored long before the convergence time if fast reroute technology is used
!" #
$%&()*#+%*,-.##/#0#
D85?#D#
T1 T2
Convergence
E#F#
F#
G# H#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
! !Minimize network downtime/traffic loss ! !Classical Convergence > 1 sec. ! !Fast Convergence < 1 sec. ! !Fast Re-Route < 50-100 msec.
! !Support all types (Link, Node or SRLG) of IP/MPLS restoration mechanisms. ! !Keep it simple and straight. ! !Keep it cost effective (both capex/opex)
Fast Convergence & Fast Reroute Overview
I#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
Building Blocks Classical and Fast Convergence
Detection (link or node aliveness, routing updates received)
State propagation (routing updates send)
Walkthrough routing DBs
Compute primary path & label
Download to HW FIB
Switch to newer path
J#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
Building Blocks Fast Reroute Path Precomputed
Detection (link or node aliveness, routing updates received)
State propagation (routing updates send)
Walkthrough routing DBs
Compute primary path & label
Download to HW FIB
Switch to newer path
Swith to Repair Path
Pre-Compute Repair path
Download to HW FIB
KL85%#M=4.=
BGP PIC
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
Prefix Independent Convergence (PIC)
! !What is it, and why?
! !PIC is the ability to restore forwarding without resorting to per prefix operations. ! !Loss Of Connectivity does not increase as my network grows (one problem
less).
0 5
10 15 20 25 30
n 2n 3n 4n 5n 6n
t, Lo
ss O
f C
onne
ctiv
ity
no pic pic
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
BGP Recursion
R1#show ip route 110.1.0.0 !Routing entry for 110.1.0.0/24! Known via "bgp 1", distance 200, metric 0, type internal! Last update from 10.0.0.3 00:01:20 ago! Routing Descriptor Blocks:! * 10.0.0.3, from 10.0.0.3, 00:01:20 ago! Route metric is 0, traffic share count is 1! AS Hops 0!
R1#show ip route 10.0.0.3!Routing entry for 10.0.0.3/32! Known via "ospf 1", distance 110, metric 75, type intra area! Last update from 10.0.1.2 on Serial2/0, 2d22h ago! Routing Descriptor Blocks:! * 10.0.1.2, from 10.0.0.3, 2d22h ago, via Serial2/0! Route metric is 75, traffic share count is 1!!
R1#show ip cef 110.1.0.0 !110.1.0.0/24, , cached adjacency to S2/0!0 packets, 0 bytes! via 10.0.0.3, 0 dependencies, recursive! next hop 10.0.1.2, S2/0 via 10.0.0.3/32! valid cached adjacency!
0"1"1"12#
0"1"101!#
3!4"#
50# 00"101"1"4!6#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
Non Optimal: Flat FIB
BGP Net 110.0.0.0/24
BGP Net 110.5.0.0/24
IGP Net 10.0.0.3/32
OIF
OIF
OIF
! ! O4HPQ#E!H#%5/;@#&3#8/3#-$5#=-4=#K./0-850#!5/%;"4%#R-8"S#85"-;+
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
Right Architecture: Hierarchical FIB
FIB Entry 110.0.0.0/24
FIB Entry 110.2.0.0/24
Via 10.0.0.3
! Pointer Indirection between BGP and IGP entries allow for immediate leveraging of the IGP convergence, and immediate update of the multipath BGP pathlist at IGP convergence
! Only the parts of FIB actually affected by a change needs to be touched ! Used in newer IOS and IOS-XR (all platforms), enables Prefix Independent Convergence
CD:#A%E*#BFG3#10.1.2.2 10.1.5.5
HD:#G*@)-3*#
OIF
0""1"1"1"4!6#0""101"1"4!6#
7#
B;T4#E=-$#
890# 89!#
00"1"1"1"4!6#00"101"1"4!6#00"1!1"1"4!6#1#1#1#
:90# :92#
;3%
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
Failure in the Core Overview
1
0""1"1"1"4!6#0""101"1"4!6#
7# 890# 89!#
00"1"1"1"4!6#00"101"1"4!6#00"1!1"1"4!6#1#1#1#
:90# :92#
:96#
5!#
5I#
! ! Addresses failures in the core where the recursive BGP path stays intact. ! !Failures covered are P-PE link or P node failures that trigger a change of the IGP path to the BGP
next-hop.
! ! IGP convergence on PE1 leads to a modification of the RIB path to PE3. ! !BGP Dataplane Convergence is finished assuming the new path to the BGP nhop is leveraged
immediately
)U#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
Failure in the Core Hierarchical FIB
V#CD:#J%E*@FGK3L#
HD:#J%E*@FGK3L# M(*G(*#HJ*%,&.%#
BGP Net 110.0.0.0/24
BGP Net 110.1.0.0/24
BGP Net 110.5.0.0/24
BGP pathlist
PE3 PE4 IGP pathlist
R5
OIF
IGP pathlist
R2 R5 OIF
OIF
O6+7=%C#QO)#83#4-5W0.;%:#"-;#HPQ#X.=
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
Failure in the Core Hierarchical FIB
V#CD:#J%E*@FGK3L#
HD:#J%E*@FGK3L# M(*G(*#HJ*%,&.%#
BGP Net 110.0.0.0/24
BGP Net 110.1.0.0/24
BGP Net 110.5.0.0/24
BGP pathlist
PE3 PE4 IGP pathlist
R5
OIF
IGP pathlist
R2 R5 OIF
OIF
! ! As soon as IGP converges 0(200msec), the IGP PL memory is updated and hence all children BGP PLs leverage the new path immediately
! ! Optimum convergence, Optimum Load-Balancing, Excellent Robustness
)I#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
PE Node Failure Overview
2
0""1"1"1"4!6#0""101"1"4!6#
7#
B;T4#E=-$#
890# 89!#
:,-+,N#
C.O(G#
00"1"1"1"4!6#00"101"1"4!6#00"1!1"1"4!6#1#1#1#
:90# :92#
:96#:9!#
55#
! ! Addresses a change in the BGP path ! ! i.e. a change to a different BGP next-hop due to a PE node failure, which normally
would require network wide BGP best-path re-computation and path withdrawing ! ! BGP Dataplane Convergence is kicked in on PE1 and immediately redirects the packets
via PE4 using a pre-calculated alternate (repair) path.
)J#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
PE Node Failure Details
0""1"1"1"4!6#0""101"1"4!6#
7# 890# 89!#
:,-+,N#
C.O(G#
00"1"1"1"4!6#00"101"1"4!6#00"1!1"1"4!6#1#1#1#
:90# :92#
:96#:9!#
55#
B;T4#E=-$#
! !PE1 has primary and backup path ! !Primary via PE3
! !Backup via PE4 best external route
! !What happens when node PE3 fails?
)N#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
PE Node Failure Details
0""1"1"1"4!6#0""101"1"4!6#
7# 890# 89!#
:,-+,N#
C.O(G#
00"1"1"1"4!6#00"101"1"4!6#00"1!1"1"4!6#1#1#1#
:90# :92#
:96#
55#
:9!#
:92P3#42!#@F3*#,F(*%#,%+F=%
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
PE Node Failure Details
0""1"1"1"4!6#0""101"1"4!6#
7# 890# 89!#
:,-+,N#
C.O(G#
00"1"1"1"4!6#00"101"1"4!6#00"1!1"1"4!6#1#1#1#
:90# :92#
:96#
55#
:9!#
:92P3#42!#@F3*#,F(*%#,%+F=%
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
PE-CE Link Failure Overview
3
0""1"1"1"4!6#0""101"1"4!6#
7# 890# 89!#
:,-+,N#
C.O(G#
00"1"1"1"4!6#00"101"1"4!6#00"1!1"1"4!6#1#1#1#
:90# :92#
:96#:9!#
55#
:92#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
PE-CE Link Failure Details
0""1"1"1"4!6#0""101"1"4!6#
7# 890# 89!#
:,-+,N#
C.O(G#
00"1"1"1"4!6#00"101"1"4!6#00"1!1"1"4!6#1#1#1#
:90# :92#
:96#:9!#
55#
B;T4#E=-$#
! !PE3 has primary and backup path ! !Primary via directly connected PE3-CE2 link
! !Backup via PE4 best external route
! !What happens when PE3-CE2 link fails?
[9#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
PE-CE Link Failure Details
0""1"1"1"4!6#0""101"1"4!6#
7# 890# 89!#
:,-+,N#
C.O(G#
00"1"1"1"4!6#00"101"1"4!6#00"1!1"1"4!6#1#1#1#
:90# :92#
:96#:9!#
55#
B;T4#E=-$#
! !CEF (via BFD or link layer mechanism) detects PE3-CE2 link failure ! !CEF immediately swaps to repair path label
! !Traffic shunted to PE4 and across PE4-CE2 link
[Y#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
PE-CE Link Failure Details
0""1"1"1"4!6#0""101"1"4!6#
7# 890# 89!#
:,-+,N#
C.O(G#
00"1"1"1"4!6#00"101"1"4!6#00"1!1"1"4!6#1#1#1#
:90# :92#
:96#:9!#
55#
R-*@
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
PE-CE Link Failure Details
0""1"1"1"4!6#0""101"1"4!6#
7# 890# 89!#
:,-+,N#
C.O(G#
00"1"1"1"4!6#00"101"1"4!6#00"1!1"1"4!6#1#1#1#
:90# :92#
:96#:9!#
55#
R-*@
Loop Free Alternate (LFA) Key Concepts
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
! !ISIS/OSPF and CEF can be very fast ! ! !200ms on high end platform can be achieved.
! !But".. ! !It runs at the process level
Does not guarantee time limit ! !Performance depends on tuning and platform implementation
Why Not Just Use Fast Convergence
[J#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
! ! Stands for Loop Free Alternate ! ! A node other than the primary next hop
! ! Provides local protection for unicast traffic in pure IP (and MPLS/LDP) networks in event of a single failure, whether link, node, or shared risk link group (SRLG)
! ! Traffic is redirected to the LFA almost immediately after failure
! ! An LFA takes forwarding decision without knowledge of the failure ! ! LFA must not use the failed element to forward the traffic
! ! LFA must not use the protecting node to forward traffic
! ! LFA must not cause loop
What is an LFA?
:,-+,N#:*@#5%G-,#:*@#
Q;8+;@#\%6/>]-7#Q;-/%4
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
! !Goal is to bypass failed link and reach primary node via alternative way ! !Main Idea: We know there exists good path from primary node (i.e. B) to all
destinations, so if we can bypass failed link and deliver traffic to router which was next hop of primary path before link failure then we know that router can forward it further
Per-Link LFA Protection
9*#
:,-+,N#:*@#5%G-,#:*@#
Q;8+;@#\%6/>]-7#Q;-/%4
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
10.0.0.0/8
20.0.0.0/8
[#
Z#U#
U#
10.0.0.0/8, NH = D, cost= 10 20.0.0.0/8, NH = D, cost= 7
)#)#
[#
10.0.0.0/8, NH = C, cost=11 20.0.0.0/8, NH = A, cost=9
Y#
Z#
10.0.0.0/8, NH = A, cost=14 20.0.0.0/8, NH = direct, cost=6
Per Link LFA Limitations Per-Link LFA Does Not Work in Some Cases
F
A
B
D E
C
9)#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
Directly Connected LFA Per Prefix LFA
!Protecting Node, also referred as Calculating Node, is responsible for pre-computing an alternate next-hop
!IGP pre-computes a backup path per IGP prefix
No degradation for IGP FC.
Per-Prefix LFA Computation is throttled by its own independent exp-backoff, does not start until the primary computation is finished and is interrupted if a new primary computation is scheduled
!FIB pre-installs the backup path in dataplane
Upon local failure, all the backup paths of the impacted prefixes are enabled in a prefix-independent manner (
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
Per-Prefix LFA FRR Overview
!P/p: we will compute the LFA for this destination IGP prefix FIB pre-installs the backup path in dataplane Upon local failure, all the backup paths of the impacted prefixes are enabled in a prefix-independent manner (
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
Per-Prefix LFA FRR Algorithm
!S checks for each neighbor N (N2) whether
Distance(NI,P/p) < Distance(NI, S) + Distance(S, P/p)
! i.e. Distance from the LFA to P/p via the protecting node S is greater than optimum distance from the LFA to P/p
Does the optimal path from the potential LFA to P/p pass through me?
P/p
Primary path to P/p
Q;-/%4]-7#
S
N1 N2
N3
D1 D2
B
Repair path P/p
9Y#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
Path if N1 is node protecting LFA
Path if N1 is link protecting LFA
!N1 is a node protecting LFA if Distance(N1,p/P) < distance(NI, N2) + distance(N2, p/P) i.e. The distance from the LFA to the prefix via my primary next-hop is greater than the optimum distance from the LFA to the prefix
!If a neighbor is a node protecting LFA, then it is a Link protecting LFA
node protection is a sufficient condition for link protection
Link vs. Node Protection
P/p
Primary path to P/p
Q;-/%4]-7#
S
N1 N2
N3
D1 D2
B
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
! !Per-Prefix LFA Computation is throttled by its own independent exp-backoff ! !An LFA computation does not start until the primary computation is finished. ! !An ongoing LFA computation is interrupted if a new primary computation is
scheduled.
No Degradation for IGP FC
\-/%C#,QE#4=4.=%+7/%:#85#43%#-"#4-5(%;0%54%#%(%5/##
9Z#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
10.0.0.0/8
20.0.0.0/8
Per Prefix LFA Example (1/3)
! ! IGP pre-computes a backup path per IGP prefix ! ! FIB pre-installs the backup path in dataplane
[#
Z#U#
U#)#
)#
[#
Y#
Z#
10.0.0.0/8, NH = D, cost = 10 20.0.0.0/8, NH = D, cost = 7
A
F
B
D E
C
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
10.0.0.0/8
20.0.0.0/8
Per Prefix LFA Example (2/3)
10.0.0.0/8, NH = D, cost = 10 20.0.0.0/8, NH = D, cost = 7
10.0.0.0/8, NH = C, cost =11 20.0.0.0/8, NH = A, cost =9
10.0.0.0/8, NH = A, cost =14 20.0.0.0/8, NH = direct , cost =6
! ! IGP pre-computes a backup path per IGP prefix ! ! FIB pre-installs the backup path in dataplane
A
F
B
D E
C [#
Z#U#
U#)#
)#
[#
Y#
Z#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
10.0.0.0/8
20.0.0.0/8
Per Prefix LFA Example (3/3)
10.0.0.0/8, NH = D, cost = 10 20.0.0.0/8, NH = D, cost = 7
10.0.0.0/8, NH = D, cost =10 LFA: B 20.0.0.0/8, NH = D, cost =7 LFA: F
! ! IGP pre-computes a backup path per IGP prefix ! ! FIB pre-installs the backup path in dataplane
A
F
B
D E
C [#
Z#U#
U#)#
)#
[#
Y#
Z#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
Per-Prefix LFA Not All Prefixes Necessarily Have an LFA
)*#
)*#
)*#
[*#
)*#Q;-/%4
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
Per-Prefix LFA Not All Prefixes Necessarily Have an LFA
Link Failure
Q;8+;@##\-:%#
Reconverge Normally
10.0.0.0/8
Primary SPF run 10.0.0.0/8, Next-Hop = B, Cost = 30
Secondary SPF rooted at neighbor D 10.0.0.0/8, Next-Hop = A, Cost = 40
No LFA for 10.0.0.0/8!
A
D
B
E
C )*#
)*#
)*#
[*#
)*#
[*#
Q;-/%4
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
G5-/&%;#Q-3382=%#DEG#
Q-3382=%#DEG#
Multiple LFA Selection
! ! A given IGP route could have multiple LFA candidates ! ! multiple neighbors meet the LFA equation ! ! Parallel links and paths are not uncommon anymore
[#
)#
Y#
U#
)#[#
Z#
U#
Q;-/%4
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
! ! IGP will select one and only one backup path per primary path ! !Need to select an LFA among multiple candidates (tie-break) ! !Tie-break works as BGP Best-Path
! ! a set of consecutive rules ! ! each rule discards candidates ! ! scheme stops when one single path remains ! ! if a rule excludes all paths, then the rule is skipped
! !Each LFA candidate has different attributes ! !LC disjointness, primary vs secondary, guaranteed-node-protection, backup path metric,
etc
! !The default Tie breaking order is configurable
Per-Prefix LFA Candidates One Backup Path per Primary Path
Y9#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
LFA in MPLS Network Directly Connected LFA
Q;-/%4
Remote LFA
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
R2
R4
R6 R7
R5
R3
R1
G44%33#F%08-5#
H4?2-5%#
O*^*#
O*^)#
O*^*#O*^)#
O*^*#
O*^*#
O*^)#
O*^)#
O*^*#O*^*#
O*^*#
O*^)#
O*^)# O*^)#
Directly Connected LFA What Works
! ! if R2 sends a R7-destined packet to R1, R1 sends it via R3, R5, R7
! ! R2 does have an LFA for R7
YZ#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
R2
R4
R6 R7
R5
R3
R1
G44%33#F%08-5#
H4?2-5%#
O*^*#
O*^)#
O*^*#O*^)#
O*^*#
O*^*#
O*^)#
O*^)#
O*^*#O*^*#
O*^*#
O*^)#
O*^)# O*^)#
! ! If R2 sends a R6-destined packet to R1, R1 sends it back to R2
! ! R2 does NOT have a LFA for R6
! ! Limited per-prefix LFA protection in the ring ! ! Still, some would like a simple solution for
some topology not solvable by LFA ! ! Solution: Remote LFA Extension (aka PQ
algorithm)
Directly Connected LFA What Does Not Work
YI#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
R2
R4
R6 R7
R5
R3
R1
G44%33#F%08-5#
H4?2-5%#
! !Any node which meets the P and Q properties ! ! P: the set of nodes reachable from R2
without traversing [R2-R4] ! ! Q: the set of nodes which can reach R4
without traversing [R2-R4]
! !Best PQ node ! ! the closest from R2: R5
! !Establish a directed LDP session with the selected PQ node
Remote LFA (aka PQ) Applied to Ring H4?2-5%#
YJ#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
Remote LFA Protection
! !R2s LIB ! ! R4s label for FEC R6 = 408 ! ! R1s label for FEC R5 = 103 ! ! R5s label for FEC R6 = 502
! !R2s FIB for destination R6 ! ! Primary: out-label = 408, oif = R4
! ! Backup: out-label = 502
oif = [push 103, oif = R1]
R2
R4
R6 R7
R5
R3
R1
G44%33#F%08-5#
H4?2-5%#
)*9#
Y*J#
U*[#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
Comparison
MPLS TE-FRR 1-hop link
MPLS TE-FRR Full Mesh
Remote LFA
7 primary TE tunnels to operate
42 primary TE tunnels to operate
N*(N-1) = 7 * (7-1) = 7*6 = 42
Automated IGP/LDP behavior
7 backup TE tunnels to operate
7 backup TE tunnels to operate
Automated IGP/LDP behavior
Exposed to u-Loop no u-Loop Exposed to u-Loop
Better capacity planning: the backup traffic does not go all the way to the next-hop. Packets are forwarded on per-destination shortest-paths as soon as they reach the PQ node
R2
R4
R6 R7
R5
R3
R1
G44%33#F%08-5#
H4?2-5%#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
1.! Per-Prefix LFA 2.! Remote LFA with implicit LDP LSP to
PQ node 3.! Remote LFA with explicit RSVP LSP to
Q node rule 3 is optional and happens only if 100%-coverage is desired
Alternate Selection
R2
R4
R6 R7
R5
R3
R1
G44%33#F%08-5#
H4?2-5%#
U)#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
! ! Rule1 Per Prefix LFA ! ! Rule2 Remote LFA with Implicit LDP LSP to PQ Node
! ! Rule3 Remote LFA with Explicit RSVP LSP to Q Node ! ! optional, happens only if 100% coverage is desired)
Excellent Coverage (Rule2)
M-5W;+%:#2@#85:%7%5:%5/#3/.:@#R_5:= ^%;8a-5#/#!3-4-;%#[*)*S##G=3-#3.77-;/%:#2@#M;8:%5#
U[#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
! ! Rule1 Per Prefix LFA ! ! Rule2 Remote LFA with Implicit LDP LSP to PQ Node
! ! Rule3 Remote LFA with Explicit RSVP LSP to Q Node ! ! optional, happens only if 100% coverage is desired)
100% Coverage (Rule3)
\-5>./-+/%:#Qb#=0-;8/&+#
U9#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
! ! Very simple Computation ! ! PQ is per-link not per-prefix
! ! P set is known once per-prefix LFA is computed
! ! Q set is a simple dijkstra
! ! Incremental deployment ! ! Keep the LFA properties
No protocol change at all
Only requires new code at the node where Remote LFA is enabled (Specifically, the PQ node does not require new code).
! ! Excellent Scale ! ! Implicit LDP LSP to PQ (rule2) always exist
No new LSP required at all
! ! Explicit RSVP LSP to Q (rule3) is very rare
Implied by the simulation reported in draft
Explicit study will be added
! ! Excellent Coverage
Conclusion Remote LFA
UY#
Loop Free Alternate (LFA) Implementation Per Prefix LFA Configuration
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
! !By default, LFA computation is disabled ! !To enable LFA computation
! !Default action ! !LFA computations is enabled for all routes ! !FRR is enabled on all supported interfaces
IOS Enabling LFA for IS-IS
router isis! fast-reroute per-prefix {level-1 | level-2} {all | route-map } !S
UZ#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
ISIS Using Route Maps Protecting BGP Next-hops Using Interface Tags
Ethernet 1/0
Ethernet 1/1
interface ethernet 1/0! ip address 10.1.1.1 255.255.255.0! ip router isis! isis tag 17!interface ethernet 1/1! ip address 172.16.1.1 255.255.255.0! ip router isis! isis tag 17!router isis! net 49.0001.0001.0001.0001.00! fast-reroute per-prefix level-2!
router isis! net 47.0004.004d.0001.0001.c11.1111.00 ! fast-reroute per-prefix level-2 route-map ipfrr-include!!!route-map ipfrr-include! match tag 17! !
M*@%,#5F(*%,3#
;#
F-./%#/03#;%#Y#2@/%3#=-50#5:#c--:%:#$8/D,G3#85#3.2>BD#)#-"#BD#)9U##
A
B
C
D
E
F
UI#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
! !By default, LFA computation is disabled ! !To enable LFA computation
IOS-XR Enabling LFA for IS-IS
router isis ! interface ! address-family ipv4 [unicast]! fast-reroute per-prefix level !
S
UJ#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
! ! IOS implements per-prefix LFA FRR ! ! Per-prefix LFA FRR enabled for all areas unless explicitly specified
! ! LFA FRR automatically enabled on OSPF interfaces
! ! No audit trail of potential LFAs is stored
! ! Repair paths are computed for all prefixes though not all prefixes may have repair paths
IOS Enabling LFA for OSPF
router ospf 1! router-id 10.1.1.1! fast-reroute per-prefix enable prefix-priority low! network 10.0.0.0 255.255.255.255 area 0! !
S
UN#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
! !Directly connected LFA must already be enabled ! ! ISIS
! !fast-reroute remote-lfa mpls-ldp [maximum-metric ]
! !OSPF ! !fast-reroute per-prefix remote-lfa [area ] tunnel mpls-ldp ! !fast-reroute per-prefix remote-lfa [area ] maximum-cost
! !maximum-metric/maximum-cost configuration is used to limit the candidate PQ nodes
! !Remote LFA calculations are only executed for destinations not protected by directly connected LFA
Z*#
IOS Configuration: Remote LFA Enable/Disable
Loop Free Alternate (LFA) Implementation Per Prefix LFA Example
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
R2
R4
R6 R7
R5
R3
R1
G44%33#F%08-5#
H4?2-5%#
O*^*#
O*^)#
O*^*#O*^)#
O*^*#
O*^*#
O*^)#
O*^)#
O*^*#O*^*#
O*^*#
O*^)#
O*^)# O*^)#
! !Each router has a different label range to quickly identity the labels ! !R1 Label range: [100-10000] ! !R2 Label range: [200-10000] ! !R3 Label range: [300-10000] ! !R4 Label range: [400-10000] ! !R5 Label range: [500-10000] ! !R6 Label range: [600-10000] ! !R7 Label range: [700-10000]
Ring Topology
Z[#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public Z9#
1. Enabling Directly Connected LFA Configuration
interface Loopback0! ip address 100.2.2.2 255.255.255.255! ip router isis ! isis tag 200!!!router isis! net 49.0100.0002.0002.0002.00! is-type level-2-only! metric-style wide level-2! ip route priority high tag 200! spf-interval 1 10 1000! prc-interval 1 10 1000! lsp-gen-interval 1 10 100! fast-reroute per-prefix level-2 route-map IPFRR-LOOP!!!!!route-map IPFRR-LOOP permit 10! match tag 200!!!
5!#
DEG#%52=%:#"-;#=--724?#-5=@#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public ZY#
Enabling LFA Coverage
R2#sh isis fast-reroute summary !IPv4 Fast-Reroute Protection Summary:!! Prefix Counts: Total Protected Coverage! High priority: 6 2 33%! Normal priority: 7 0 0%! Total: 13 2 15%!!R2#!
5!#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public ZU#
Enabling LFA IP Route to R6
R2#sh ip route 100.6.6.6!Routing entry for 100.6.6.6/32! Known via "isis", distance 115, metric 30! Tag 200, type level-2! Redistributing via isis! Last update from 10.2.4.4 on Ethernet0/0, 02:49:11 ago! Routing Descriptor Blocks:! * 10.2.4.4, from 100.6.6.6, 02:49:11 ago, via Ethernet0/0! Route metric is 30, traffic share count is 1! Route tag 200!R2#!
5!#
G3#%67=85%:#2%"-;%#d#5-#;%78;#7/(8=2=%#"-;#EOM#FZ#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public ZZ#
Enabling LFA IP Route to R7
R2#sh ip route 100.7.7.7!Routing entry for 100.7.7.7/32! Known via "isis", distance 115, metric 40! Tag 200, type level-2! Redistributing via isis! Last update from 10.2.4.4 on Ethernet0/0, 00:15:21 ago! Routing Descriptor Blocks:! * 10.2.4.4, from 100.7.7.7, 00:15:21 ago, via Ethernet0/0! Route metric is 40, traffic share count is 1! Route tag 200! Repair Path: 10.1.2.1, via Ethernet0/1!R2#!
5!#
F%78;#7/F)#"-;#EOM#FI#e8;%4/=@#4-55%4/%:#DEG#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public ZI#
Enabling LFA RIB
R2#sh isis rib 100.7.7.7 255.255.255.255!!!IPv4 local RIB for IS-IS process !!IPV4 unicast topology base (TID 0, TOPOID 0x0) =================!Repair path attributes:! DS - Downstream, LC - Linecard-Disjoint, NP - Node-Protecting! PP - Primary-Path, SR - SRLG-Disjoint!!!100.7.7.7/32! [115/L2/40] via 10.2.4.4(Ethernet0/0), from 100.7.7.7, tag 200, LSP[4/18]! (installed)! repair path: 10.1.2.1(Ethernet0/1) metric:50 (NP,SR) LSP[4]!R2#!
5!#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public ZJ#
2. Enabling Remote LFA Configuration
mpls ldp discovery targeted-hello accept!!!interface Loopback0! ip address 100.2.2.2 255.255.255.255! ip router isis ! isis tag 200!!!router isis! net 49.0100.0002.0002.0002.00! is-type level-2-only! metric-style wide level-2! ip route priority high tag 200! spf-interval 1 10 1000! prc-interval 1 10 1000! lsp-gen-interval 1 10 100! fast-reroute per-prefix level-2 route-map IPFRR-LOOP! fast-reroute remote-lfa level-2 mpls-ldp!!!!!route-map IPFRR-LOOP permit 10! match tag 200!!!
5!#
DEG#%52=%:#"-;#=--724?#-5=@#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public ZN#
Enabling Remote LFA Coverage and tunnels
R2#sh isis fast-reroute summary !IPv4 Fast-Reroute Protection Summary:!! Prefix Counts: Total Protected Coverage! High priority: 6 6 100%! Normal priority: 7 0 0%! Total: 13 6 46%!!R2#!
5!#
R2#show isis fast-reroute remote-lfa tunnels!Tag Null - Fast-Reroute Remote-LFA Tunnels:!! MPLS-Remote-Lfa1: use Et0/0, nexthop 10.2.4.4, end point 100.7.7.7! MPLS-Remote-Lfa2: use Et0/1, nexthop 10.1.2.1, end point 100.5.5.5!!R2#!
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public I*#
Enabling Remote LFA FRR Manager
5!#
R2#sh frr-manager client all!Registered clients:!Handle Name IDBs Sessions! 0 ISIS 2 2!R2#!
R2#sh frr-manager client client-name "ISIS" interfaces !I/F Type Next-hop End-point OutI/F Other!MP1 LDP 10.2.4.4 100.7.7.7 Et0/0 lbl=410 !MP2 LDP 10.1.2.1 100.5.5.5 Et0/1 lbl=103 !R2#!
R2#sh frr-manager client client-name "ISIS" sessions !Type End-point !LDP 100.7.7.7 !LDP 100.5.5.5 !R2#!
Outlabel for PQ node IP prefix (100.5.5.5/32)
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
R2#sh mpls ldp bindings 100.6.6.6 32! lib entry: 100.6.6.6/32, rev 14! local binding: label: 203! remote binding: lsr: 100.4.4.4:0, label: 408! remote binding: lsr: 100.1.1.1:0, label: 110! remote binding: lsr: 100.7.7.7:0, label: 700! remote binding: lsr: 100.5.5.5:0, label: 502!R2#!
I)#
Repair Path to FEC R6 LDP Bindings
R2#sh mpls ldp bindings 100.5.5.5 32! lib entry: 100.5.5.5/32, rev 28! local binding: label: 210! remote binding: lsr: 100.1.1.1:0, label: 103! remote binding: lsr: 100.4.4.4:0, label: 405! remote binding: lsr: 100.7.7.7:0, label: 701! remote binding: lsr: 100.5.5.5:0, label: imp-null!R2#!
5!# M&%4?#285:850#";-+#F)#>#P8(%3#/&%#=2%=#/-#;%4Qb#5-:%#FU#
M&%4?#285:850#";-+#Qb#5-:%#FU#/-#;%4FZ#
U*[#)*9#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public I[#
Repair Path to FEC R6 IP Route to R6
R2#sh ip route 100.6.6.6!Routing entry for 100.6.6.6/32! Known via "isis", distance 115, metric 30! Tag 200, type level-2! Redistributing via isis! Last update from 10.2.4.4 on Ethernet0/0, 00:03:23 ago! Routing Descriptor Blocks:! * 10.2.4.4, from 100.6.6.6, 00:03:23 ago, via Ethernet0/0! Route metric is 30, traffic share count is 1! Route tag 200! Repair Path: 100.5.5.5, via MPLS-Remote-Lfa2!R2#!
5!#
F%78;#7/-$#(8=2=%#(8#F%+-/%#DEG#FU#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public I9#
Repair Path to FEC R6 Tunnel End-point R5
5I#
R5#show mpls ldp discovery! Local LDP Identifier:! 100.5.5.5:0! Discovery Sources:! Interfaces:! Ethernet0/0 (ldp): xmit/recv! LDP Id: 100.7.7.7:0! Ethernet0/1 (ldp): xmit/recv! LDP Id: 100.3.3.3:0! Targeted Hellos:! 100.5.5.5 -> 100.2.2.2 (ldp): passive, xmit/recv! LDP Id: 100.2.2.2:0!R5#!
No specific commands for remote LFA Use the usual LDP show commands #
Conclusion
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
Availability IPv4
MPLS TE-FRR 1-hop link
7600 (IOS)
ASR1000 (IOS-XE)
ASR9k (IOS-XR)
CRS-1 (IOS-XR)
Per Link LFA FRR Not Available Not Available 4.0.1 3.5.0
OSPF LFA FRR (per prefix) 15.1(3)S 3.4S 4.2.0 4.2.0
ISIS LFA FRR (per prefix) 15.1(2)S 3.4S 4.0.1 4.0.1
EIGRP FRR (per prefix) 15.2(4)S* 3.7S* Futur Futur
OSPF Remote LFA 15.2(2)S 3.6S 4.3.1* 4.3.1*
ISIS Remote LFA 15.2(2)S 3.6S 4.3.1* 4.3.1*
BGP PIC Core for IP/MPLS 12.2(33)SRC 2.5S 3.7.0 3.4
BGP PIC Edge 12.2(33)SRE 2.5S 4.0.0 4.0.0
fE./.;%#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
Availability IPv6
MPLS TE-FRR 1-hop link
7600 (IOS)
ASR1000 (IOS-XE)
ASR9k (IOS-XR)
CRS-1 (IOS-XR)
Per Link LFA FRR Not Available Not Available 4.3.1* 4.3.1*
OSPF LFA FRR (per prefix) Radar Radar 4.3.1* 4.3.1*
ISIS LFA FRR (per prefix) Radar Radar 4.3.1* 4.3.1*
EIGRP FRR (per prefix) Radar Radar Radar Radar
OSPF Remote LFA Radar Radar Radar Radar
ISIS Remote LFA Radar Radar Radar Radar
BGP PIC Core 3.5S 3.5S 3.7.0 3.4
BGP PIC Edge 3.5S 3.5S 4.0.0 4.0.0
fE./.;%#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
! ! BGP PIC ! !Additional second best path
! !BGP installs the best and backup/alternate paths for the affected prefixes into the BGP RIB
! ! LFA ! !Pre-computed, pre-installed
! !Prefix-independent
! !Simple, deployment friendly, good scaling
! !But Topology dependant
IPFRR IGP computation is very CPU-intensive task
! ! Overall - Always looking for enhancements ! !And now Remote LFA and RCMD
! !Same applicability to IPv4 and IPv6
Conclusion
II#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
! !RFC-5286 Basic Specification for IP Fast Reroute: Loop-Free Alternates ! !RFC-5714 IP Fast Reroute Framework ! !RFC-5715 A Framework for Loop-Free Convergence ! !draft-ietf-rtgwg-lfa-applicability-xx
More Information
IJ#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
Complete Your Online Session Evaluation ! ! Give us your feedback and you
could win fabulous prizes. Winners announced daily.
! ! Receive 20 Passport points for each session evaluation you complete.
! ! Complete your session evaluation online now (open a browser through our wireless network to access our portal) or visit one of the Internet stations throughout the Convention Center.
Dont forget to activate your Cisco Live Virtual account for access to all session material, communities, and on-demand and live activities throughout the year. Activate your account at the Cisco booth in the World of Solutions or visit www.ciscolive.com.
IN#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public
Final Thoughts
! !Get hands-on experience with the Walk-in Labs located in World of Solutions, booth 1042
! !Come see demos of many key solutions and products in the main Cisco booth 2924
! !Visit www.ciscoLive365.com after the event for updated PDFs, on-demand session videos, networking, and more!
! !Follow Cisco Live! using social media: ! !Facebook: https://www.facebook.com/ciscoliveus ! !Twitter: https://twitter.com/#!/CiscoLive ! !LinkedIn Group: http://linkd.in/CiscoLI
J*#
2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public