IPFRR Network Availability and Simplicity

2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public

IPFRR: Network Availability and Simplicity BRKRST-3052 Jean-Marc Barozet ([email protected])


! !Fast Reroute Requirements ! !BGP PIC ! !Loop Free Alternate (LFA) Per

Prefix LFA ! !Remote LFA ! !LFA Implementation

! !Configuration ! !Example

! !Conclusion

AGENDA

Fast Reroute Requirements


Convergence: Impact of Outage on Video

Convergence Low motion best

Low motion worst

High motion best

High motion worst

10ms 33ms 634ms 33ms 634ms

50ms 167ms 667ms 67ms 667ms

100ms 267ms 767ms 167ms 667ms

200ms 434ms 934ms 267ms 767ms

!"#$%#&(%##)*+, #-./0% 1#/&%#2%3/#$%#45#%67%4/#83##99+, #:83;.7";+%#5:#/&%#$-;3/ #43%#83#2%4.3%#$%#0-/ #.5=.4?@#5:#=-3/#5#!>";+%A#B&%#$-;3/ #43%#=-33#"-;#=-$#+-


Convergence

! ! Assume a flow from A to B ! ! T1: when L dies, the best path is impacted

! ! loss of traffic

! ! T2: When the traffic reaches the destination again through the computed next best path. ! ! If fast reroutes technologies are used, this may happen well before the network convergence ! ! Once the network converges, a next best path is computed

! ! Loss of Connectivity: T2 T1, called convergence hereafter ! ! Traffic can be restored long before the convergence time if fast reroute technology is used

!" #

$%&()*#+%*,-.##/#0#

D85?#D#

T1 T2

Convergence

E#F#

F#

G# H#


! !Minimize network downtime/traffic loss ! !Classical Convergence > 1 sec. ! !Fast Convergence < 1 sec. ! !Fast Re-Route < 50-100 msec.

! !Support all types (Link, Node or SRLG) of IP/MPLS restoration mechanisms. ! !Keep it simple and straight. ! !Keep it cost effective (both capex/opex)

Fast Convergence & Fast Reroute Overview

I#


Building Blocks Classical and Fast Convergence

Detection (link or node aliveness, routing updates received)

State propagation (routing updates send)

Walkthrough routing DBs

Compute primary path & label

Download to HW FIB

Switch to newer path

J#


Building Blocks Fast Reroute Path Precomputed

Detection (link or node aliveness, routing updates received)

State propagation (routing updates send)

Walkthrough routing DBs

Compute primary path & label

Download to HW FIB

Switch to newer path

Swith to Repair Path

Pre-Compute Repair path

Download to HW FIB

KL85%#M=4.=

BGP PIC


Prefix Independent Convergence (PIC)

! !What is it, and why?

! !PIC is the ability to restore forwarding without resorting to per prefix operations. ! !Loss Of Connectivity does not increase as my network grows (one problem

less).

0 5

10 15 20 25 30

n 2n 3n 4n 5n 6n

t, Lo

ss O

f C

onne

ctiv

ity

no pic pic


BGP Recursion

R1#show ip route 110.1.0.0 !Routing entry for 110.1.0.0/24! Known via "bgp 1", distance 200, metric 0, type internal! Last update from 10.0.0.3 00:01:20 ago! Routing Descriptor Blocks:! * 10.0.0.3, from 10.0.0.3, 00:01:20 ago! Route metric is 0, traffic share count is 1! AS Hops 0!

R1#show ip route 10.0.0.3!Routing entry for 10.0.0.3/32! Known via "ospf 1", distance 110, metric 75, type intra area! Last update from 10.0.1.2 on Serial2/0, 2d22h ago! Routing Descriptor Blocks:! * 10.0.1.2, from 10.0.0.3, 2d22h ago, via Serial2/0! Route metric is 75, traffic share count is 1!!

R1#show ip cef 110.1.0.0 !110.1.0.0/24, , cached adjacency to S2/0!0 packets, 0 bytes! via 10.0.0.3, 0 dependencies, recursive! next hop 10.0.1.2, S2/0 via 10.0.0.3/32! valid cached adjacency!

0"1"1"12#

0"1"101!#

3!4"#

50# 00"101"1"4!6#


Non Optimal: Flat FIB

BGP Net 110.0.0.0/24

BGP Net 110.5.0.0/24

IGP Net 10.0.0.3/32

OIF

OIF

OIF

! ! O4HPQ#E!H#%5/;@#&3#8/3#-$5#=-4=#K./0-850#!5/%;"4%#R-8"S#85"-;+


Right Architecture: Hierarchical FIB

FIB Entry 110.0.0.0/24

FIB Entry 110.2.0.0/24

Via 10.0.0.3

! Pointer Indirection between BGP and IGP entries allow for immediate leveraging of the IGP convergence, and immediate update of the multipath BGP pathlist at IGP convergence

! Only the parts of FIB actually affected by a change needs to be touched ! Used in newer IOS and IOS-XR (all platforms), enables Prefix Independent Convergence

CD:#A%E*#BFG3#10.1.2.2 10.1.5.5

HD:#G*@)-3*#

OIF

0""1"1"1"4!6#0""101"1"4!6#

7#

B;T4#E=-$#

890# 89!#

00"1"1"1"4!6#00"101"1"4!6#00"1!1"1"4!6#1#1#1#

:90# :92#

;3%


Failure in the Core Overview

1

0""1"1"1"4!6#0""101"1"4!6#

7# 890# 89!#

00"1"1"1"4!6#00"101"1"4!6#00"1!1"1"4!6#1#1#1#

:90# :92#

:96#

5!#

5I#

! ! Addresses failures in the core where the recursive BGP path stays intact. ! !Failures covered are P-PE link or P node failures that trigger a change of the IGP path to the BGP

next-hop.

! ! IGP convergence on PE1 leads to a modification of the RIB path to PE3. ! !BGP Dataplane Convergence is finished assuming the new path to the BGP nhop is leveraged

immediately

)U#


Failure in the Core Hierarchical FIB

V#CD:#J%E*@FGK3L#

HD:#J%E*@FGK3L# M(*G(*#HJ*%,&.%#

BGP Net 110.0.0.0/24

BGP Net 110.1.0.0/24

BGP Net 110.5.0.0/24

BGP pathlist

PE3 PE4 IGP pathlist

R5

OIF

IGP pathlist

R2 R5 OIF

OIF

O6+7=%C#QO)#83#4-5W0.;%:#"-;#HPQ#X.=


Failure in the Core Hierarchical FIB

V#CD:#J%E*@FGK3L#

HD:#J%E*@FGK3L# M(*G(*#HJ*%,&.%#

BGP Net 110.0.0.0/24

BGP Net 110.1.0.0/24

BGP Net 110.5.0.0/24

BGP pathlist

PE3 PE4 IGP pathlist

R5

OIF

IGP pathlist

R2 R5 OIF

OIF

! ! As soon as IGP converges 0(200msec), the IGP PL memory is updated and hence all children BGP PLs leverage the new path immediately

! ! Optimum convergence, Optimum Load-Balancing, Excellent Robustness

)I#


PE Node Failure Overview

2

0""1"1"1"4!6#0""101"1"4!6#

7#

B;T4#E=-$#

890# 89!#

:,-+,N#

C.O(G#

00"1"1"1"4!6#00"101"1"4!6#00"1!1"1"4!6#1#1#1#

:90# :92#

:96#:9!#

55#

! ! Addresses a change in the BGP path ! ! i.e. a change to a different BGP next-hop due to a PE node failure, which normally

would require network wide BGP best-path re-computation and path withdrawing ! ! BGP Dataplane Convergence is kicked in on PE1 and immediately redirects the packets

via PE4 using a pre-calculated alternate (repair) path.

)J#


PE Node Failure Details

0""1"1"1"4!6#0""101"1"4!6#

7# 890# 89!#

:,-+,N#

C.O(G#

00"1"1"1"4!6#00"101"1"4!6#00"1!1"1"4!6#1#1#1#

:90# :92#

:96#:9!#

55#

B;T4#E=-$#

! !PE1 has primary and backup path ! !Primary via PE3

! !Backup via PE4 best external route

! !What happens when node PE3 fails?

)N#


PE Node Failure Details

0""1"1"1"4!6#0""101"1"4!6#

7# 890# 89!#

:,-+,N#

C.O(G#

00"1"1"1"4!6#00"101"1"4!6#00"1!1"1"4!6#1#1#1#

:90# :92#

:96#

55#

:9!#

:92P3#42!#@F3*#,F(*%#,%+F=%


PE-CE Link Failure Overview

3

0""1"1"1"4!6#0""101"1"4!6#

7# 890# 89!#

:,-+,N#

C.O(G#

00"1"1"1"4!6#00"101"1"4!6#00"1!1"1"4!6#1#1#1#

:90# :92#

:96#:9!#

55#

:92#


PE-CE Link Failure Details

0""1"1"1"4!6#0""101"1"4!6#

7# 890# 89!#

:,-+,N#

C.O(G#

00"1"1"1"4!6#00"101"1"4!6#00"1!1"1"4!6#1#1#1#

:90# :92#

:96#:9!#

55#

B;T4#E=-$#

! !PE3 has primary and backup path ! !Primary via directly connected PE3-CE2 link

! !Backup via PE4 best external route

! !What happens when PE3-CE2 link fails?

[9#



0""1"1"1"4!6#0""101"1"4!6#

7# 890# 89!#

:,-+,N#

C.O(G#

00"1"1"1"4!6#00"101"1"4!6#00"1!1"1"4!6#1#1#1#

:90# :92#

:96#:9!#

55#

B;T4#E=-$#

! !CEF (via BFD or link layer mechanism) detects PE3-CE2 link failure ! !CEF immediately swaps to repair path label

! !Traffic shunted to PE4 and across PE4-CE2 link

[Y#



0""1"1"1"4!6#0""101"1"4!6#

7# 890# 89!#

:,-+,N#

C.O(G#

00"1"1"1"4!6#00"101"1"4!6#00"1!1"1"4!6#1#1#1#

:90# :92#

:96#:9!#

55#

R-*@

Loop Free Alternate (LFA) Key Concepts


! !ISIS/OSPF and CEF can be very fast ! ! !200ms on high end platform can be achieved.

! !But".. ! !It runs at the process level

Does not guarantee time limit ! !Performance depends on tuning and platform implementation

Why Not Just Use Fast Convergence

[J#


! ! Stands for Loop Free Alternate ! ! A node other than the primary next hop

! ! Provides local protection for unicast traffic in pure IP (and MPLS/LDP) networks in event of a single failure, whether link, node, or shared risk link group (SRLG)

! ! Traffic is redirected to the LFA almost immediately after failure

! ! An LFA takes forwarding decision without knowledge of the failure ! ! LFA must not use the failed element to forward the traffic

! ! LFA must not use the protecting node to forward traffic

! ! LFA must not cause loop

What is an LFA?

:,-+,N#:*@#5%G-,#:*@#

Q;8+;@#\%6/>]-7#Q;-/%4


! !Goal is to bypass failed link and reach primary node via alternative way ! !Main Idea: We know there exists good path from primary node (i.e. B) to all

destinations, so if we can bypass failed link and deliver traffic to router which was next hop of primary path before link failure then we know that router can forward it further

Per-Link LFA Protection

9*#

:,-+,N#:*@#5%G-,#:*@#

Q;8+;@#\%6/>]-7#Q;-/%4


10.0.0.0/8

20.0.0.0/8

[#

Z#U#

U#

10.0.0.0/8, NH = D, cost= 10 20.0.0.0/8, NH = D, cost= 7

)#)#

[#

10.0.0.0/8, NH = C, cost=11 20.0.0.0/8, NH = A, cost=9

Y#

Z#

10.0.0.0/8, NH = A, cost=14 20.0.0.0/8, NH = direct, cost=6

Per Link LFA Limitations Per-Link LFA Does Not Work in Some Cases

F

A

B

D E

C

9)#


Directly Connected LFA Per Prefix LFA

!Protecting Node, also referred as Calculating Node, is responsible for pre-computing an alternate next-hop

!IGP pre-computes a backup path per IGP prefix

No degradation for IGP FC.

Per-Prefix LFA Computation is throttled by its own independent exp-backoff, does not start until the primary computation is finished and is interrupted if a new primary computation is scheduled

!FIB pre-installs the backup path in dataplane

Upon local failure, all the backup paths of the impacted prefixes are enabled in a prefix-independent manner (


Per-Prefix LFA FRR Overview

!P/p: we will compute the LFA for this destination IGP prefix FIB pre-installs the backup path in dataplane Upon local failure, all the backup paths of the impacted prefixes are enabled in a prefix-independent manner (


Per-Prefix LFA FRR Algorithm

!S checks for each neighbor N (N2) whether

Distance(NI,P/p) < Distance(NI, S) + Distance(S, P/p)

! i.e. Distance from the LFA to P/p via the protecting node S is greater than optimum distance from the LFA to P/p

Does the optimal path from the potential LFA to P/p pass through me?

P/p

Primary path to P/p

Q;-/%4]-7#

S

N1 N2

N3

D1 D2

B

Repair path P/p

9Y#


Path if N1 is node protecting LFA

Path if N1 is link protecting LFA

!N1 is a node protecting LFA if Distance(N1,p/P) < distance(NI, N2) + distance(N2, p/P) i.e. The distance from the LFA to the prefix via my primary next-hop is greater than the optimum distance from the LFA to the prefix

!If a neighbor is a node protecting LFA, then it is a Link protecting LFA

node protection is a sufficient condition for link protection

Link vs. Node Protection

P/p

Primary path to P/p

Q;-/%4]-7#

S

N1 N2

N3

D1 D2

B


! !Per-Prefix LFA Computation is throttled by its own independent exp-backoff ! !An LFA computation does not start until the primary computation is finished. ! !An ongoing LFA computation is interrupted if a new primary computation is

scheduled.

No Degradation for IGP FC

\-/%C#,QE#4=4.=%+7/%:#85#43%#-"#4-5(%;0%54%#%(%5/##

9Z#


10.0.0.0/8

20.0.0.0/8

Per Prefix LFA Example (1/3)

! ! IGP pre-computes a backup path per IGP prefix ! ! FIB pre-installs the backup path in dataplane

[#

Z#U#

U#)#

)#

[#

Y#

Z#

10.0.0.0/8, NH = D, cost = 10 20.0.0.0/8, NH = D, cost = 7

A

F

B

D E

C


10.0.0.0/8

20.0.0.0/8


10.0.0.0/8, NH = D, cost = 10 20.0.0.0/8, NH = D, cost = 7

10.0.0.0/8, NH = C, cost =11 20.0.0.0/8, NH = A, cost =9

10.0.0.0/8, NH = A, cost =14 20.0.0.0/8, NH = direct , cost =6


A

F

B

D E

C [#

Z#U#

U#)#

)#

[#

Y#

Z#


10.0.0.0/8

20.0.0.0/8


10.0.0.0/8, NH = D, cost = 10 20.0.0.0/8, NH = D, cost = 7

10.0.0.0/8, NH = D, cost =10 LFA: B 20.0.0.0/8, NH = D, cost =7 LFA: F


A

F

B

D E

C [#

Z#U#

U#)#

)#

[#

Y#

Z#


Per-Prefix LFA Not All Prefixes Necessarily Have an LFA

)*#

)*#

)*#

[*#

)*#Q;-/%4


Per-Prefix LFA Not All Prefixes Necessarily Have an LFA

Link Failure

Q;8+;@##\-:%#

Reconverge Normally

10.0.0.0/8

Primary SPF run 10.0.0.0/8, Next-Hop = B, Cost = 30

Secondary SPF rooted at neighbor D 10.0.0.0/8, Next-Hop = A, Cost = 40

No LFA for 10.0.0.0/8!

A

D

B

E

C )*#

)*#

)*#

[*#

)*#

[*#

Q;-/%4


G5-/&%;#Q-3382=%#DEG#

Q-3382=%#DEG#

Multiple LFA Selection

! ! A given IGP route could have multiple LFA candidates ! ! multiple neighbors meet the LFA equation ! ! Parallel links and paths are not uncommon anymore

[#

)#

Y#

U#

)#[#

Z#

U#

Q;-/%4


! ! IGP will select one and only one backup path per primary path ! !Need to select an LFA among multiple candidates (tie-break) ! !Tie-break works as BGP Best-Path

! ! a set of consecutive rules ! ! each rule discards candidates ! ! scheme stops when one single path remains ! ! if a rule excludes all paths, then the rule is skipped

! !Each LFA candidate has different attributes ! !LC disjointness, primary vs secondary, guaranteed-node-protection, backup path metric,

etc

! !The default Tie breaking order is configurable

Per-Prefix LFA Candidates One Backup Path per Primary Path

Y9#


LFA in MPLS Network Directly Connected LFA

Q;-/%4

Remote LFA


R2

R4

R6 R7

R5

R3

R1

G44%33#F%08-5#

H4?2-5%#

O*^*#

O*^)#

O*^*#O*^)#

O*^*#

O*^*#

O*^)#

O*^)#

O*^*#O*^*#

O*^*#

O*^)#

O*^)# O*^)#

Directly Connected LFA What Works

! ! if R2 sends a R7-destined packet to R1, R1 sends it via R3, R5, R7

! ! R2 does have an LFA for R7

YZ#


R2

R4

R6 R7

R5

R3

R1

G44%33#F%08-5#

H4?2-5%#

O*^*#

O*^)#

O*^*#O*^)#

O*^*#

O*^*#

O*^)#

O*^)#

O*^*#O*^*#

O*^*#

O*^)#

O*^)# O*^)#

! ! If R2 sends a R6-destined packet to R1, R1 sends it back to R2

! ! R2 does NOT have a LFA for R6

! ! Limited per-prefix LFA protection in the ring ! ! Still, some would like a simple solution for

some topology not solvable by LFA ! ! Solution: Remote LFA Extension (aka PQ

algorithm)

Directly Connected LFA What Does Not Work

YI#


R2

R4

R6 R7

R5

R3

R1

G44%33#F%08-5#

H4?2-5%#

! !Any node which meets the P and Q properties ! ! P: the set of nodes reachable from R2

without traversing [R2-R4] ! ! Q: the set of nodes which can reach R4

without traversing [R2-R4]

! !Best PQ node ! ! the closest from R2: R5

! !Establish a directed LDP session with the selected PQ node

Remote LFA (aka PQ) Applied to Ring H4?2-5%#

YJ#


Remote LFA Protection

! !R2s LIB ! ! R4s label for FEC R6 = 408 ! ! R1s label for FEC R5 = 103 ! ! R5s label for FEC R6 = 502

! !R2s FIB for destination R6 ! ! Primary: out-label = 408, oif = R4

! ! Backup: out-label = 502

oif = [push 103, oif = R1]

R2

R4

R6 R7

R5

R3

R1

G44%33#F%08-5#

H4?2-5%#

)*9#

Y*J#

U*[#


Comparison

MPLS TE-FRR 1-hop link

MPLS TE-FRR Full Mesh

Remote LFA

7 primary TE tunnels to operate

42 primary TE tunnels to operate

N*(N-1) = 7 * (7-1) = 7*6 = 42

Automated IGP/LDP behavior

7 backup TE tunnels to operate

7 backup TE tunnels to operate

Automated IGP/LDP behavior

Exposed to u-Loop no u-Loop Exposed to u-Loop

Better capacity planning: the backup traffic does not go all the way to the next-hop. Packets are forwarded on per-destination shortest-paths as soon as they reach the PQ node

R2

R4

R6 R7

R5

R3

R1

G44%33#F%08-5#

H4?2-5%#


1.! Per-Prefix LFA 2.! Remote LFA with implicit LDP LSP to

PQ node 3.! Remote LFA with explicit RSVP LSP to

Q node rule 3 is optional and happens only if 100%-coverage is desired

Alternate Selection

R2

R4

R6 R7

R5

R3

R1

G44%33#F%08-5#

H4?2-5%#

U)#


! ! Rule1 Per Prefix LFA ! ! Rule2 Remote LFA with Implicit LDP LSP to PQ Node

! ! Rule3 Remote LFA with Explicit RSVP LSP to Q Node ! ! optional, happens only if 100% coverage is desired)

Excellent Coverage (Rule2)

M-5W;+%:#2@#85:%7%5:%5/#3/.:@#R_5:= ^%;8a-5#/#!3-4-;%#[*)*S##G=3-#3.77-;/%:#2@#M;8:%5#

U[#


! ! Rule1 Per Prefix LFA ! ! Rule2 Remote LFA with Implicit LDP LSP to PQ Node

! ! Rule3 Remote LFA with Explicit RSVP LSP to Q Node ! ! optional, happens only if 100% coverage is desired)

100% Coverage (Rule3)

\-5>./-+/%:#Qb#=0-;8/&+#

U9#


! ! Very simple Computation ! ! PQ is per-link not per-prefix

! ! P set is known once per-prefix LFA is computed

! ! Q set is a simple dijkstra

! ! Incremental deployment ! ! Keep the LFA properties

No protocol change at all

Only requires new code at the node where Remote LFA is enabled (Specifically, the PQ node does not require new code).

! ! Excellent Scale ! ! Implicit LDP LSP to PQ (rule2) always exist

No new LSP required at all

! ! Explicit RSVP LSP to Q (rule3) is very rare

Implied by the simulation reported in draft

Explicit study will be added

! ! Excellent Coverage

Conclusion Remote LFA

UY#

Loop Free Alternate (LFA) Implementation Per Prefix LFA Configuration


! !By default, LFA computation is disabled ! !To enable LFA computation

! !Default action ! !LFA computations is enabled for all routes ! !FRR is enabled on all supported interfaces

IOS Enabling LFA for IS-IS

router isis! fast-reroute per-prefix {level-1 | level-2} {all | route-map } !S

UZ#


ISIS Using Route Maps Protecting BGP Next-hops Using Interface Tags

Ethernet 1/0

Ethernet 1/1

interface ethernet 1/0! ip address 10.1.1.1 255.255.255.0! ip router isis! isis tag 17!interface ethernet 1/1! ip address 172.16.1.1 255.255.255.0! ip router isis! isis tag 17!router isis! net 49.0001.0001.0001.0001.00! fast-reroute per-prefix level-2!

router isis! net 47.0004.004d.0001.0001.c11.1111.00 ! fast-reroute per-prefix level-2 route-map ipfrr-include!!!route-map ipfrr-include! match tag 17! !

M*@%,#5F(*%,3#

;#

F-./%#/03#;%#Y#2@/%3#=-50#5:#c--:%:#$8/D,G3#85#3.2>BD#)#-"#BD#)9U##

A

B

C

D

E

F

UI#


! !By default, LFA computation is disabled ! !To enable LFA computation

IOS-XR Enabling LFA for IS-IS

router isis ! interface ! address-family ipv4 [unicast]! fast-reroute per-prefix level !

S

UJ#


! ! IOS implements per-prefix LFA FRR ! ! Per-prefix LFA FRR enabled for all areas unless explicitly specified

! ! LFA FRR automatically enabled on OSPF interfaces

! ! No audit trail of potential LFAs is stored

! ! Repair paths are computed for all prefixes though not all prefixes may have repair paths

IOS Enabling LFA for OSPF

router ospf 1! router-id 10.1.1.1! fast-reroute per-prefix enable prefix-priority low! network 10.0.0.0 255.255.255.255 area 0! !

S

UN#


! !Directly connected LFA must already be enabled ! ! ISIS

! !fast-reroute remote-lfa mpls-ldp [maximum-metric ]

! !OSPF ! !fast-reroute per-prefix remote-lfa [area ] tunnel mpls-ldp ! !fast-reroute per-prefix remote-lfa [area ] maximum-cost

! !maximum-metric/maximum-cost configuration is used to limit the candidate PQ nodes

! !Remote LFA calculations are only executed for destinations not protected by directly connected LFA

Z*#

IOS Configuration: Remote LFA Enable/Disable

Loop Free Alternate (LFA) Implementation Per Prefix LFA Example


R2

R4

R6 R7

R5

R3

R1

G44%33#F%08-5#

H4?2-5%#

O*^*#

O*^)#

O*^*#O*^)#

O*^*#

O*^*#

O*^)#

O*^)#

O*^*#O*^*#

O*^*#

O*^)#

O*^)# O*^)#

! !Each router has a different label range to quickly identity the labels ! !R1 Label range: [100-10000] ! !R2 Label range: [200-10000] ! !R3 Label range: [300-10000] ! !R4 Label range: [400-10000] ! !R5 Label range: [500-10000] ! !R6 Label range: [600-10000] ! !R7 Label range: [700-10000]

Ring Topology

Z[#

2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public Z9#

1. Enabling Directly Connected LFA Configuration

interface Loopback0! ip address 100.2.2.2 255.255.255.255! ip router isis ! isis tag 200!!!router isis! net 49.0100.0002.0002.0002.00! is-type level-2-only! metric-style wide level-2! ip route priority high tag 200! spf-interval 1 10 1000! prc-interval 1 10 1000! lsp-gen-interval 1 10 100! fast-reroute per-prefix level-2 route-map IPFRR-LOOP!!!!!route-map IPFRR-LOOP permit 10! match tag 200!!!

5!#

DEG#%52=%:#"-;#=--724?#-5=@#

2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public ZY#

Enabling LFA Coverage

R2#sh isis fast-reroute summary !IPv4 Fast-Reroute Protection Summary:!! Prefix Counts: Total Protected Coverage! High priority: 6 2 33%! Normal priority: 7 0 0%! Total: 13 2 15%!!R2#!

5!#

2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public ZU#

Enabling LFA IP Route to R6

R2#sh ip route 100.6.6.6!Routing entry for 100.6.6.6/32! Known via "isis", distance 115, metric 30! Tag 200, type level-2! Redistributing via isis! Last update from 10.2.4.4 on Ethernet0/0, 02:49:11 ago! Routing Descriptor Blocks:! * 10.2.4.4, from 100.6.6.6, 02:49:11 ago, via Ethernet0/0! Route metric is 30, traffic share count is 1! Route tag 200!R2#!

5!#

G3#%67=85%:#2%"-;%#d#5-#;%78;#7/(8=2=%#"-;#EOM#FZ#

2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public ZZ#

Enabling LFA IP Route to R7

R2#sh ip route 100.7.7.7!Routing entry for 100.7.7.7/32! Known via "isis", distance 115, metric 40! Tag 200, type level-2! Redistributing via isis! Last update from 10.2.4.4 on Ethernet0/0, 00:15:21 ago! Routing Descriptor Blocks:! * 10.2.4.4, from 100.7.7.7, 00:15:21 ago, via Ethernet0/0! Route metric is 40, traffic share count is 1! Route tag 200! Repair Path: 10.1.2.1, via Ethernet0/1!R2#!

5!#

F%78;#7/F)#"-;#EOM#FI#e8;%4/=@#4-55%4/%:#DEG#

2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public ZI#

Enabling LFA RIB

R2#sh isis rib 100.7.7.7 255.255.255.255!!!IPv4 local RIB for IS-IS process !!IPV4 unicast topology base (TID 0, TOPOID 0x0) =================!Repair path attributes:! DS - Downstream, LC - Linecard-Disjoint, NP - Node-Protecting! PP - Primary-Path, SR - SRLG-Disjoint!!!100.7.7.7/32! [115/L2/40] via 10.2.4.4(Ethernet0/0), from 100.7.7.7, tag 200, LSP[4/18]! (installed)! repair path: 10.1.2.1(Ethernet0/1) metric:50 (NP,SR) LSP[4]!R2#!

5!#

2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public ZJ#

2. Enabling Remote LFA Configuration

mpls ldp discovery targeted-hello accept!!!interface Loopback0! ip address 100.2.2.2 255.255.255.255! ip router isis ! isis tag 200!!!router isis! net 49.0100.0002.0002.0002.00! is-type level-2-only! metric-style wide level-2! ip route priority high tag 200! spf-interval 1 10 1000! prc-interval 1 10 1000! lsp-gen-interval 1 10 100! fast-reroute per-prefix level-2 route-map IPFRR-LOOP! fast-reroute remote-lfa level-2 mpls-ldp!!!!!route-map IPFRR-LOOP permit 10! match tag 200!!!

5!#

DEG#%52=%:#"-;#=--724?#-5=@#

2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public ZN#

Enabling Remote LFA Coverage and tunnels

R2#sh isis fast-reroute summary !IPv4 Fast-Reroute Protection Summary:!! Prefix Counts: Total Protected Coverage! High priority: 6 6 100%! Normal priority: 7 0 0%! Total: 13 6 46%!!R2#!

5!#

R2#show isis fast-reroute remote-lfa tunnels!Tag Null - Fast-Reroute Remote-LFA Tunnels:!! MPLS-Remote-Lfa1: use Et0/0, nexthop 10.2.4.4, end point 100.7.7.7! MPLS-Remote-Lfa2: use Et0/1, nexthop 10.1.2.1, end point 100.5.5.5!!R2#!

2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public I*#

Enabling Remote LFA FRR Manager

5!#

R2#sh frr-manager client all!Registered clients:!Handle Name IDBs Sessions! 0 ISIS 2 2!R2#!

R2#sh frr-manager client client-name "ISIS" interfaces !I/F Type Next-hop End-point OutI/F Other!MP1 LDP 10.2.4.4 100.7.7.7 Et0/0 lbl=410 !MP2 LDP 10.1.2.1 100.5.5.5 Et0/1 lbl=103 !R2#!

R2#sh frr-manager client client-name "ISIS" sessions !Type End-point !LDP 100.7.7.7 !LDP 100.5.5.5 !R2#!

Outlabel for PQ node IP prefix (100.5.5.5/32)


R2#sh mpls ldp bindings 100.6.6.6 32! lib entry: 100.6.6.6/32, rev 14! local binding: label: 203! remote binding: lsr: 100.4.4.4:0, label: 408! remote binding: lsr: 100.1.1.1:0, label: 110! remote binding: lsr: 100.7.7.7:0, label: 700! remote binding: lsr: 100.5.5.5:0, label: 502!R2#!

I)#

Repair Path to FEC R6 LDP Bindings

R2#sh mpls ldp bindings 100.5.5.5 32! lib entry: 100.5.5.5/32, rev 28! local binding: label: 210! remote binding: lsr: 100.1.1.1:0, label: 103! remote binding: lsr: 100.4.4.4:0, label: 405! remote binding: lsr: 100.7.7.7:0, label: 701! remote binding: lsr: 100.5.5.5:0, label: imp-null!R2#!

5!# M&%4?#285:850#";-+#F)#>#P8(%3#/&%#=2%=#/-#;%4Qb#5-:%#FU#

M&%4?#285:850#";-+#Qb#5-:%#FU#/-#;%4FZ#

U*[#)*9#

2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public I[#

Repair Path to FEC R6 IP Route to R6

R2#sh ip route 100.6.6.6!Routing entry for 100.6.6.6/32! Known via "isis", distance 115, metric 30! Tag 200, type level-2! Redistributing via isis! Last update from 10.2.4.4 on Ethernet0/0, 00:03:23 ago! Routing Descriptor Blocks:! * 10.2.4.4, from 100.6.6.6, 00:03:23 ago, via Ethernet0/0! Route metric is 30, traffic share count is 1! Route tag 200! Repair Path: 100.5.5.5, via MPLS-Remote-Lfa2!R2#!

5!#

F%78;#7/-$#(8=2=%#(8#F%+-/%#DEG#FU#

2012 Cisco and/or its affiliates. All rights reserved. BRKRST-3052 Cisco Public I9#

Repair Path to FEC R6 Tunnel End-point R5

5I#

R5#show mpls ldp discovery! Local LDP Identifier:! 100.5.5.5:0! Discovery Sources:! Interfaces:! Ethernet0/0 (ldp): xmit/recv! LDP Id: 100.7.7.7:0! Ethernet0/1 (ldp): xmit/recv! LDP Id: 100.3.3.3:0! Targeted Hellos:! 100.5.5.5 -> 100.2.2.2 (ldp): passive, xmit/recv! LDP Id: 100.2.2.2:0!R5#!

No specific commands for remote LFA Use the usual LDP show commands #

Conclusion


Availability IPv4


7600 (IOS)

ASR1000 (IOS-XE)

ASR9k (IOS-XR)

CRS-1 (IOS-XR)

Per Link LFA FRR Not Available Not Available 4.0.1 3.5.0

OSPF LFA FRR (per prefix) 15.1(3)S 3.4S 4.2.0 4.2.0

ISIS LFA FRR (per prefix) 15.1(2)S 3.4S 4.0.1 4.0.1

EIGRP FRR (per prefix) 15.2(4)S* 3.7S* Futur Futur

OSPF Remote LFA 15.2(2)S 3.6S 4.3.1* 4.3.1*

ISIS Remote LFA 15.2(2)S 3.6S 4.3.1* 4.3.1*

BGP PIC Core for IP/MPLS 12.2(33)SRC 2.5S 3.7.0 3.4

BGP PIC Edge 12.2(33)SRE 2.5S 4.0.0 4.0.0

fE./.;%#


Availability IPv6


7600 (IOS)

ASR1000 (IOS-XE)

ASR9k (IOS-XR)

CRS-1 (IOS-XR)

Per Link LFA FRR Not Available Not Available 4.3.1* 4.3.1*

OSPF LFA FRR (per prefix) Radar Radar 4.3.1* 4.3.1*

ISIS LFA FRR (per prefix) Radar Radar 4.3.1* 4.3.1*

EIGRP FRR (per prefix) Radar Radar Radar Radar

OSPF Remote LFA Radar Radar Radar Radar

ISIS Remote LFA Radar Radar Radar Radar

BGP PIC Core 3.5S 3.5S 3.7.0 3.4

BGP PIC Edge 3.5S 3.5S 4.0.0 4.0.0

fE./.;%#


! ! BGP PIC ! !Additional second best path

! !BGP installs the best and backup/alternate paths for the affected prefixes into the BGP RIB

! ! LFA ! !Pre-computed, pre-installed

! !Prefix-independent

! !Simple, deployment friendly, good scaling

! !But Topology dependant

IPFRR IGP computation is very CPU-intensive task

! ! Overall - Always looking for enhancements ! !And now Remote LFA and RCMD

! !Same applicability to IPv4 and IPv6

Conclusion

II#


! !RFC-5286 Basic Specification for IP Fast Reroute: Loop-Free Alternates ! !RFC-5714 IP Fast Reroute Framework ! !RFC-5715 A Framework for Loop-Free Convergence ! !draft-ietf-rtgwg-lfa-applicability-xx

More Information

IJ#


Complete Your Online Session Evaluation ! ! Give us your feedback and you

could win fabulous prizes. Winners announced daily.

! ! Receive 20 Passport points for each session evaluation you complete.

! ! Complete your session evaluation online now (open a browser through our wireless network to access our portal) or visit one of the Internet stations throughout the Convention Center.

Dont forget to activate your Cisco Live Virtual account for access to all session material, communities, and on-demand and live activities throughout the year. Activate your account at the Cisco booth in the World of Solutions or visit www.ciscolive.com.

IN#


Final Thoughts

! !Get hands-on experience with the Walk-in Labs located in World of Solutions, booth 1042

! !Come see demos of many key solutions and products in the main Cisco booth 2924

! !Visit www.ciscoLive365.com after the event for updated PDFs, on-demand session videos, networking, and more!

! !Follow Cisco Live! using social media: ! !Facebook: https://www.facebook.com/ciscoliveus ! !Twitter: https://twitter.com/#!/CiscoLive ! !LinkedIn Group: http://linkd.in/CiscoLI

J*#

IPFRR Network Availability and Simplicity

Documents

Transcript of IPFRR Network Availability and Simplicity