Protection
Transcript of Protection
AutomaticAutomaticProtection Protection SwitchingSwitching
Yaakov (J) Stein Chief ScientistRAD Data Communications
April 2009
Y(J)S APS Slide 2
Course OutlineCourse Outline• General protection switching principles
• Examples of protection mechanisms
• SONET/SDH• Ethernet linear protection• Ethernet ring protection• MPLS fast reroute
Y(J)S APS Slide 3
General principlesGeneral principles
DefinitionReferencesTraffic typesNetwork topologiesTriggersProtection classesEntitiesProtection typesSignaling
Y(J)S APS Slide 4
DefinitionDefinitionAutomatic Protection Switching (APS)
is a functionality of carrier-grade transport networksis often called resilience
since it enables service to quickly recover from failuresis required to ensure high reliability and availability
APS includes : detection of failures (signal fail or signal degrade) on a working channel switching traffic transmission to a protection channel selecting traffic reception from the protection channel (optionally) reverting back to the working channel once failure is repaired
Automatic means uses (at most) control plane protocols– no management layer or manual operations needed
Y(J)S APS Slide 5
Some useful referencesSome useful references
G.808.1 – generic linear protectionG.808.2 – generic ring protection (not yet written)G.841 and G.842 – SDHG.774.3/4/9/10 – SDH protection managementG.870 and G.873.1 – OTN G.8031 – Ethernet linear protectionG.8032 – Ethernet ring protectionG.8131 – T-MPLS APSY.1720 – MPLS I.630 – ATMM.495 – analog signal protectionG.781 – clock selection (can be used to protect synchornization)RFC 4090 – MPLS fast reroute
Y(J)S APS Slide 6
Traffic typesTraffic typesIn a network with APS capabilities, there are three types of traffic :
protected traffic– traffic that may be rapidly switched to protection channel– at any time it may be on the working channel or protection channel
Nonpreemptible Unprotected Traffic (NUT)– noncritical traffic that does not require protection mechanism– not affected by protection mechanism– somewhat less expensive to customer
extra (preemptible) traffic– best effort background traffic that runs on protection channel– preempted (blocked) when protection channel is needed– very inexpensive to customer
Y(J)S APS Slide 7
Network topologiesNetwork topologiesAPS can be defined for any topology with redundant links
e.g., for tree topologies no protection is possible
We will often discuss protection of individual links
However, there are two topologies that are of particular interest :
rings– protection is natural for rings
although there are other reasons for using rings as well– rings are so important that protection for other topologies
is often called linear protection
dense meshes– for this topology multiple local bypasses can be preconfigured– protection switching is similar to routing change, but faster
often called “fast reroute” (FRR)
Y(J)S APS Slide 8
TriggersTriggers
Protection switching is usually triggered by a failurealthough the operator may manually force a protection switch
A failure is declared when a fault condition persists long enough
for the ability to perform the required functionto be considered terminated
Failures are Signal Fail (SF) or Signal Degrade (SD) (of various types)and may be : detected by physical layer indicated by signaling (e.g. AIS) detected by OAM mechanisms
When there is no SF or SD, the state is called No Request (NR)
Y(J)S APS Slide 9
Switching time Switching time (1)(1)
SONET/SDH protection switching takes place in under 50 msRegarding multiplex section shared protection rings, G.841 states :The following network objectives apply:
1) Switch time – In a ring with no extra traffic, all nodes in the idle state (no detected failures,no active automatic or external commands, and receiving only Idle K-bytes), and with lessthan 1200 km of fibre, the switch (ring and span) completion time for a failure on a singlespan shall be less than 50 ms. On rings under all other conditions, the switch completiontime can exceed 50 ms (the specific interval is under study) to allow time to remove extratraffic, or to negotiate and accommodate coexisting APS requests.
while for linear VC trail protection, it says :The following network objectives apply:
1) Switch time – The APS algorithm for LO/HO VC trail protection shall operate as fast aspossible. A value of 50 ms has been proposed as a target time. Concerns have beenexpressed over this proposed target time when many VCs are involved. This is for furtherstudy. Protection switch completion time excludes the detection time necessary to initiate theprotection switch, and the hold-off time.
There are similar statements in other clauses as well
Y(J)S APS Slide 10
Switching time Switching time (2)(2) This 50 ms time has become the golden standard
and new protection schemes are expected to meet this objectiveHowever, studying the literature that lead up to SONET/SDH standards
shows that the objective was to attain the minimum possible timefor the sum of– persistent (i.e. non-transient) failure detection– speed of light propagation– signaling protocol time– regaining sync alignment
and 50 ms was the minimum that was considered practical !Many modern standards have “built in” 50 ms
and much marketing literature boasts “faster than 50 ms”But there is really nothing special about 50 ms 50 ms gaps in voiced speech are noticeable, but not fatal if infrequent 50 ms of data at high rates can not be stored and later forwarded timing circuits can withstand much more than 50 ms without clock
Y(J)S APS Slide 11
Protection classesProtection classes
It is useful to distinguish two different protection classes
path protection (AKA trail protection, end-to-end protection)– when a failure is detected on the end-to-end path
we switch to an alternative end-to-end path– the failure is usually detected by end-to-end OAM
local protection (AKA local restoration, SNC protection, bypass, detour)– we protect individual network elements, links, or groups of same– when such an entity fails
only that local entity is bypassed– the failure may be detected by link OAM or physical layer means
Y(J)S APS Slide 12
APS entities APS entities (1)(1)
The following entities are important in APS working channel – channel used when no failure exists protection channel – channel used when a failure exists head-end – entity transmitting data to working/protection channel tail-end – entity receiving data from the working/protection channel
Note: we will usually consider traffic to be bidirectionalso that the head-end for one direction is the tail-end for the opposite direction
head-end tail-end
working channel
protection channel
Y(J)S APS Slide 13
APS entities APS entities (2)(2) Bridge – function at head-end that connects traffic (including extra traffic)
to the working and protection channels Selector – function at tail-end that extracts traffic (perhaps extra traffic)
from the working or protection channel
APS signaling channel – channel used to communicate between head-end and tail-end for APS purposes
Trail termination – function responsible for failure detection
including injection and extraction of OAM
head-end
(bridge)
tail-end
(selector)
working channel
protection channel
signaling channel
Y(J)S APS Slide 14
Revertive operationRevertive operation
Reversion means returning to use the working channel after the failure has been rectified
Protection mechanisms can be revertive or nonrevertive
Revertive mechanisms may be preferable when the working channel has better performance (free BW, BER, delay) when there are frequent switches (easier to manage) when there is extra traffic
but nonrevertive also has advantages only one service disruption due to protection switching may be simpler to implement
Y(J)S APS Slide 15
Uni/bi-directionalUni/bi-directionalWe will usually consider bidirectional trafficbut even then the failures can be uni- or bi- directionaland for unidirectional failures there can be uni- or bi- directional switches
unidirectional failure
bidirectional failure
working channel
protection channel in useworking channel
protection channel
unidirectional protection
working channel
protection channel in useworking channel
protection channel in use
bidirectional protection
Y(J)S APS Slide 16
Uni- / bi- directional switchingUni- / bi- directional switchingUnidirectional switching may be advantageous for 1+1 faster and no signaling channel is needed no unnecessary service disruption for direction without failure higher chance of protection under multiple failures easier to implement for local protection maintains extra traffic in direction without failure
But bidirectional may be preferable easier management since directions traverse same network elements does not disrupt delay balance between direction may simplify repair since failed spans are unused
Y(J)S APS Slide 17
Protection typesProtection types
We distinguish several different protection types 1+1 1:1 1:n m:n (1:1)n
Each type has its applicability, advantages, and disadvantagesand there are trade-offs between simplicity BW consumption protection switch time signaling requirements
Y(J)S APS Slide 18
1+1 protection1+1 protectionSimplest and fastest form of protection
but only 50% of actual physical capacity is used although the rest is available for extra traffic
Head-end bridge always sends data on both channelsTail-end selector chooses channel to use (based on BER, dLOS, etc.)
For unidirectional1+1 switching there is no need for APS signalingIf non-revertive
there is no distinction between working and protection channels
channel A
channel B
Y(J)S APS Slide 19
1:1 protection1:1 protectionHead-end bridge usually sends data on working channelWhen failure detected it starts sending data over protection channel
and tail-end needs to select the protection channel
When not in use, protection channel can be used for extra traffic
However, since failure is detected by tail-end, APS signaling is needed
Protection channel should have OAM running to ensure its functionality
working channel
protection channel
extra traffic
APS signaling
Y(J)S APS Slide 20
1:n protection1:n protection
One protection channel is allocated for n working channels
Only can protect one working channel at a time
but improbable that more than 1 working channel will simultaneously fail
Only 1/(n+1) of total capacity is reserved for protection
working channels
protection channel
Y(J)S APS Slide 21
m:n protectionm:n protection
To enable protection of more than 1 channel
m protection channels are allocated for n working channels (m < n)
m simultaneous failures can be protected
Less protection capacity dedicated than for n times 1:1
When failure detected, 1 of the m protection channels need to be assigned and signaled
working channels
protection channels
Y(J)S APS Slide 22
(1:1)(1:1)nn protection protectionThis is like n times 1:1 but the n protection channels share bandwidthOnly 1 failed working channel can be protected
This is different from 1:n since n protection channels are preconfigured n working channels need not be of the same type
Protection bandwidth must be at least that of the largest working channel
Y(J)S APS Slide 23
APS algorithmAPS algorithm
We have seen that protection switching is a tricky businessSo it is not surprising that network elements that support APS
run an APS algorithm
This algorithm inputs configuration (protection type, revertive?, available channels, …) failure indications (NR, SF, SD) operator commands APS signaling (more on that soon)
and makes switching decisions
The algorithm maintains state information for head-end and tail-end
APS algorithms are detailed in standards documents
Y(J)S APS Slide 24
PriorityPriority
Not every failure event / operator command results in a protection switch
For examplein 1:n protection the protection channel may already be in use !
Conflicts are resolved by assigning priorities to events/commands
When an event is detected or a command receivedthe APS algorithm will not act if an event/command or equal or higher priority is already in effect
True failure conditions usually have higher priority than manual commands
Y(J)S APS Slide 25
TimersTimersEven failure events with priority are not acted upon immediately
to do so would cause unnecessary switches after transient defects
The APS algorithm may maintains several timers, such as Holdoff timers
– the time between detection of a SF or SD eventand the APS algorithm acting upon this even
– the algorithm usually used is called “peek twice”i.e., the condition is checked again after the timer expires
Wait To Restore timer– for revertive switching, the time between detection of the failure
being cleared and the APS algorithm acting upon this event– also used in SDH optimized bidirectional 1+1 (nonrevertive)
Guard timer– for rings – blockout time during which APS messages are ignored
(since they may be old and outdated)
Y(J)S APS Slide 26
APS signalingAPS signaling
In all types except unidirectional 1+1, APS signaling is neededAPS signaling is used to synchronize between head-end and tail-endIt is critical that head-end and tail-end always be in the same state
Example messages include : No Request (NR) by tail-end to inform head-end of Signal Failure (SF) by head-end to confirm the event’s priority by head-end to report the particular protection channel by tail-end to inform head-end of Reverse (bidirectional) Request (RR) by tail-end after failure cleared to Wait To Restore (WTR) by tail-end after failure cleared to Do Not Revert (DNR) for nonrevertive
Y(J)S APS Slide 27
APS signaling phasesAPS signaling phases
When APS signaling is used, it needs to be as rapid as possibleDepending on the scenario it may be 1-phase tailhead (fastest)
– tail-end informs head-end of failure– both ends uniquely know the protection channel to be used– only for 1+1 and unidirectional-(1:1)n (including 1:1)
2-phase 1) tailhead 2) headtail
– tail-end informs head-end of failure– head-end signals that it has switched to protection channel– not for bidirectional-1:n or m:n
3-phase 1) tailhead 2) headtail 3) tailhead (slowest)– works for all protection types (including m:n)
Y(J)S APS Slide 28
Examples of 1-phase Examples of 1-phase
Example of when 1-phase signaling is possible is 1:1 or (1:1)n
1. upon detection of failure the tail-end sends SF to the head-endand immediately changes its selector (blind switch)upon receipt the head-end changes the bridge setting(no priority is checked)
1-phase can also be used for bidirectional 1:11. upon detection of failure the tail-end sends SF to the head-end
and immediately changes both its selector and bridgeupon receipt the head-end changes its bridge and selector
Y(J)S APS Slide 29
Example of 2-phase Example of 2-phase
2-phase is useful for unidirectional 1:n with priority checking1. upon detection of failure the tail-end sends SF to the head-end
but does not change its selector 2. the head-end checks priority
sends confirmation to tail-end (with identity of working channel)the bridge setting is changed
3. the tail-end changes its selector
Y(J)S APS Slide 30
Example of 3-phaseExample of 3-phase
3-phase signaling is imperative for bidirectional 1:n1. upon detection of failure the tail-end sends SF to the head-end
but does not change its selector 2. the head-end checks priority, and sends confirmation to tail-end
the bridge setting is changedand also sends a reverse request
3. the tail-end changes selectorchecks priority and sends confirmation to head-endthe bridge setting is changed
Y(J)S APS Slide 31
For G.805 buffsFor G.805 buffsto add 1+1 trail protection to a trail - expand a trail termination functionwe use a special transport processing function - the protection switch
unprotectedtrail
the unprotected TTs report status to the protection switch
protected trail
Y(J)S APS Slide 32
SONET/SDH APSSONET/SDH APS
Y(J)S APS Slide 33
SONET protection ?SONET protection ?SONET/SDH networks need to be highly reliable (five nines)Down-time should be minimal (less than 50 msec)So systems must repair themselves (no time for manual intervention)
Upon detection of a failure (dLOS, dLOF, high BER)the network must reroute traffic (protection switching)from working channel to protection channel
SDH APS is unidirectionalSDH APS may be revertive
head-end NE tail-end NE
working channel
protection channel
Y(J)S APS Slide 34
SONET/SDH layersSONET/SDH layers
Between regenerators there are sections (regenerator sections)Between ADMs there are lines (multiplex sections)Between path terminations there are paths
Protection can be at OC-n level (different physical fibers)or at STM/VC level or end-to-end path (trail protection)
PathTermination
PathTermination
LineTermination
LineTermination
SectionTermination
path
line line (MS section) line
ADM ADMregenerator
section section sectionsection
Y(J)S APS Slide 35
Synchronous Payload Envelope
Line APSLine APS9
row
s
TransportOverhead
TOH
6 ro
ws
3 ro
ws
90 columns
9 ro
ws
TOH consists of 3 rows of section overhead - frame sync, trace, EOC, … 6 rows of line overhead - pointers, SSM, FEBE, and
Line APS signaling - bytes K1 and K2
Y(J)S APS Slide 36
HO Path APSHO Path APS
POH is responsible for type, status, path performance monitoring, VCAT, trace
HO Path APS signaling is 4 MSBs of byte K3
J1
B3
C2
G1
F2
H4
F3
K3
N1
POH
Y(J)S APS Slide 37
LO Path APSLO Path APS
VC OH is responsible for
Timing, PM, REI, …
LO Path APS signaling is4 MSBs of byte K4
1 875930
V5
J2
N2
K4
VC OH
V1
V2
V3
V4
Y(J)S APS Slide 38
How does it work?How does it work?
Head-end and tail-end NEs have bridges (muxes)Head-end and tail-end NEs maintain bidirectional signaling channel
Signaling is contained in K bytes of protection channel
For line APS K1 – tail-end status and requests K2 – head-end status
head-end bridge tail-end bridgeworking channel
protection channel signaling channel
Y(J)S APS Slide 39
Linear 1+1 protectionLinear 1+1 protection
Can be at OC-n level (different physical fibers)
or at STM/VC level (SubNetwork Connection Protection)or end-to-end path (called trail protection)
Head-end bridge always sends data on both channelsTail-end chooses channel to use based on BER, dLOS, etc.
No need for signalingIf non-revertive
there is no distinction between working and protection channels
head-end NE tail-end NE
working channel
protection channel
Y(J)S APS Slide 40
Linear 1:1 protectionLinear 1:1 protectionHead-end bridge usually sends data on working channelWhen tail-end detects failure it signals (using K1) to head-endHead-end then starts sending data over protection channel
When not in useprotection channel can be used for (discounted) extra traffic (pre-emptible unprotected traffic)
May be at any layer (but only OC-n level protects against fiber cuts)
working channel
protection channel
extra traffic
Y(J)S APS Slide 41
Linear 1:N protectionLinear 1:N protection
In order to save BWwe allocate 1 protection channel for every N working channels
N limited to 144 bits in K1 byte from tail-end to head-end – 0 protection channel – 1-14 working channels – 15 extra traffic channel
working channels
protection channel
Y(J)S APS Slide 42
Two fiber vs. Four-fiber ringsTwo fiber vs. Four-fiber ringsRing based protection is popular in North America (100K+ rings)Full protection against physical fiber cutsSimpler and less expensive than mesh topologiesProtection at line (multiplexed section) or path layerFour-fiber rings
fully redundant at OC levelcan support bidirectional routing at line layer
Two-fiber ringssupport unidirectional routing at line layer
2 fibers in opposite directions
Y(J)S APS Slide 43
Unidirectional vs. bidirectionalUnidirectional vs. bidirectionalUnidirectional routing
working channel B-A same direction (e.g. clockwise) as A-Bmanagement simplicity: A-B and B-A can occupy same timeslotsInefficient: waste in ring BW and excessive delay in one direction
Bidirectional routingA-B and B-1 are opposite in directionboth using shortest routespatial reuse: timeslots can be reused in other sections
A
BA-B
B-A
A
BB-A
A-B
C
B-C
C-B
Y(J)S APS Slide 44
UPSR vs. BLSR UPSR vs. BLSR (MS-SPRing)(MS-SPRing)
Of all the possible combinations, only a few are in use
Unidirectional Path Switched Ringsprotects tributariesextension of 1+1 to ring topology
Bidirectional Line Switched Rings (two-fiber and four-fiber versions)called Multiplex Section Shared Protection Ring in SDHsimultaneously protects all tributaries in STMextension of 1:1 to ring topology
Path switching
Line switching
Two-fiber
Four-fiber
Unidirectional
Bidirectional
UPSR
BLSR
Y(J)S APS Slide 45
UPSRUPSRWorking channel is in one direction
protection channel in the opposite direction
All traffic is added in both directions decision as to which to use at drop point (no signaling)
Normally non-revertive, so effective two diversity paths
Good match for access networks1 access resilient ring
less expensive than fiber pair per customer
Inefficient for core networksno spatial reuse
every signal in every spanin both directions
node needs to continuously monitorevery tributary to be dropped
Y(J)S APS Slide 46
BLSRBLSR
Switch at line level – less monitoring
When failure detected tail-end NE signals head-end NE
Works for unidirectional/bidirectional fiber cuts, and NE failures
Two-fiber versionhalf of OC-N capacity devoted to protectiononly half capacity available for traffic
Four-fiber versionfull redundant OC-N devoted to protectiontwice as many NEs as compared to two-fiber
Examplerecovery from unidirectional fiber cut
Y(J)S APS Slide 47
Ethernet linear APSEthernet linear APS
STP
LAG
G.8031
Y(J)S APS Slide 48
STPSTPThe original Spanning Tree Protocol automatically removed loops
from arbitrary networks (with loops)
However, its convergence was very slow (about a minute)
STP can not be used as a protection mechanismsince its reconvergence time is very longdue to a cumbersome protocoland long holdoff timer settings
An evolutionary update called Rapid STP 802.1w was incorporated into 802.1D-2004 clause 17that converges in about the same time as STPbut can reconverge after a topology change in less than 1 second
RSTP can be used to detect failures and reconvergeand thus can be used as a primitive protection mechanism
However, the switching time will be many tens of ms to 100s of ms
Y(J)S APS Slide 49
Use of LAGUse of LAGEthernet “link aggregation” (AKA bonding, Ethernet trunk, inverse mux, NIC teaming)
enables bonding several ports together as single uplink
Defined by 802.3ad task force and folded into 802.3-2000 as clause 43
Binding of ports to Link Aggregation Groups (LAGs) distributed via
Link Aggregation Control Protocol (LACP)
LACP uses slow protocol frames (up to 5 per second)Links may be dynamically added/removed from LAG
and LACP continuously monitors to detect if changes needed
Upon link failure LAG delivers traffic at a reduced rate
Thus LAG can be used as a primitive protection mechanism
When used this way it is called worker/standby or N+N mode
The restoration time will be on the order of 1 second
Y(J)S APS Slide 50
G.8031G.8031Q9 of SG15 in the ITU-T is responsible for protection switching
In 2006 it produced G.8031 Linear Ethernet Protection Switching
G.8031 uses standard Ethernet formats, but is incompatible with STP
The standard addresses point-to-point VLAN connections SNC (local) protection class 1+1 and 1:1 protection types unidirectional and bidirectional switching for 1+1 bidirectional switching for 1:1 revertive and nonrevertive modes 1-phase signaling protocol
G.8031 uses Y.1731 OAM CCM messages in order to detect failures
G.8031 defines a new OAM opcode (39) for APS signaling messages
Switching times should be under 50 ms (only holdoff timers when groups)
Y(J)S APS Slide 51
G.8031 signalingG.8031 signalingThe APS signaling message looks like this :
– regular APS messages are sent 1 per 5 seconds– after change 3 messages are sent at max rate (300 per sec)
where req/state identifies the message (NR, SF, WTR, SD, forced switch, etc) prot. type identifies the protection type (1+1, 1:1, uni/bidirectional, etc.) requested and bridged signal identify incoming / outgoing traffic
since only 1+1 and 1:1 they are either null or traffic (all other values reserved)
MEL(3b)
VER=0(5b)
OPCODE=39(1B)
FLAGS=0(1B)
OFFSET=4(1B)
req/state(4b)
prot. type(4b)
requested sig(1B)
bridged sig(1B)
reserved(1B)
END=0(1B)
Y(J)S APS Slide 52
G.8031 1:1 revertive operationG.8031 1:1 revertive operationIn the normal (NR) state : head-end and tail-end exchange CCM (at 300 per second rate)
on both working and protection channels head-end and tail-end exchange NR APS messages
on the protection channel (every 5 seconds)
When a failure appears in the working channel tail-end stops receiving 3 CCM messages on working channel tail-end enters SF state tail-end sends 3 SF messages at 300 per second on the APS channel tail-end switches selector (bi-d and bridge) to the protection channel head-end (receiving SF) switches bridge (bi-d and selector) to protection channel tail-end continues sending SF messages every 5 seconds head-end sends NR messages but with bridged=normal
When the failure is cleared tail-end leaves SF state and enters WTR state (typically 5 minutes, 5..12 min) tail-end sends WTR message to head-end (in nonrevertive - DNR message) tail-end sends WTR every 5 seconds when WTR expires both sides enter NR state
Y(J)S APS Slide 53
Ethernet ring APSEthernet ring APS
G.8032
RPR
CLEER
Y(J)S APS Slide 54
Ethernet rings ?Ethernet rings ?Ethernet has become carrier grade : deterministic connection-oriented forwarding OAM synchronization
The only thing missing to completely replace SDH is ring protection
However, Ethernet and ring architectures don’t go together Ethernet has no TTL, so looped traffic will loop forever STP builds trees out of any architecture – no loops allowed
There are two ways to make an Ethernet ring open loop
– cut the ring by blocking some link– when protection is required - block the failed link
closed loop– disable STP (but avoid infinite loops in some way !)– when protection is required - steer and/or wrap traffic
Y(J)S APS Slide 55
Ethernet ring protocolsEthernet ring protocols
Open loop methods G.8032 (ERPS) rSTP (ex 802.1w) RFER (RAD) ERP (NSN) RRST (based on RSTP) REP (Cisco) RRSTP (Alcatel) RRPP (Huawei) EAPS (Extreme, RFC 3619) EPSR (Allied Telesis) PSR (Overture)
Closed loop methods RPR (IEEE 802.17) CLEER and NERT (RAD)
Y(J)S APS Slide 56
G.8032G.8032Q9 of SG15 produced G.8032 between 2006 and 2008
G.8032 is similar to G.8031 strives for 50 ms protection (< 1200 km, < 16 nodes)
– but here this number is deceiving as MAC table is flushed standard Ethernet format but incompatible with STP uses Y.1731 CCM for failure detection employs Y.1731 extension for R-APS signaling (opcode=40) R-APS message format similar to APS of G.8031
(but between every 2 nodes and to MAC address 01-19-A7-00-00-01) revertive and nonrevertive operation defined
However, G.8032 is more complex due to requirement to avoid loop creation under any circumstances need to localize failures need to maintain consistency between all nodes on ring existence of a special node (RPL owner)
Y(J)S APS Slide 57
RPLRPL
G.8032 defines the Ring Protection Link (RPL)as the link to be blocked (to avoid closing the loop) in NR state
One of the 2 nodes connected to the RPL is designated the RPL owner
Unlike RFER there is only one RPL owner the RPL and owner are designated before setup operation is usually revertive
All ring nodes are simultaneously in 1 of 2 modes – idle or protecting in idle mode the RPL is blocked in protecting mode the failed link is blocked and RPL is unblocked in revertive operation
once the failure is cleared the block link is unblocked and the RPL is blocked again
Y(J)S APS Slide 58
G.8032 revertive operationG.8032 revertive operationIn the idle state : adjacent nodes exchange CCM at 300 per second rate (including over RPL) exchange NR RB (RPL Blocked) messages in dedicated VLAN every 5 seconds
(but not over RPL) R-APS messages are never forwarded
When a failure appears between 2 nodes node(s) missing CCM messages peek twice with holdoff time node(s) block failed link and flush MAC table node(s) send SF message (3 times @ max rate, then every 5 sec) node receiving SF message will check priority and unblock any blocked link node receiving SF message will send SF message to its other neighbor in stable protecting state SF messages over every unblocked link
When the failure is cleared node(s) detect CCM and start guard timer (blocks acting on R-APS messages) node(s) send NR messages to neighbors (3 times @ max rate, then every 5 sec) RPL owner receiving NR starts WTR timer when WTR expires RPL owner blocks RPL, flushes table, and sends NR RB node receiving NR RB flushes table, unblocks any blocked ports, sends NR RB
Y(J)S APS Slide 59
RPR – 802.17RPR – 802.17Resilient Packet Rings are compatible with standard Ethernet, but different frame format are robust (lossless, <50ms protection, OAM) are fair (based on client throttling) support QoS (3 classes – A, B, C) are efficient (full spatial reuse) are plug and play (automatic station autodiscovery) extend use of existing fiber rings
counter-rotating add/drop ringlets, running SONET/SDH (any rate, PoS, GFP or LAPS) or “packetPHY” (1 or 10 Gb/s ETH PHY)
developed by 802.17 WGbased on Cisco’s Spatial Reuse Protocol (RFC 2892)
ringlet1
ringlet0
ringlet selection
Y(J)S APS Slide 60
Basic RPR queuingBasic RPR queuing
traffic from local sourcesent according to fairnessfirst sent to ringlet selection
PTQ
STQ
AC B
fairness
AC B
traffic going around ringplaced into internal bufferin dual-transit queue mode
placed into 1 of 2 buffersaccording to service class
sent according to fairness
traffic for local sinkplaced in output buffer
according to service class
Primary/Secondary Transit Queue
Y(J)S APS Slide 61
RPR service classesRPR service classes
class use info rate D/FDV FE
A0 RT reserved low No
A1 RT allocated,
reclaimable
low No
B-CIR near RT allocated,
reclaimable
bounded No
B-EIR near RT opportunistic unbounded Yes
C BE opportunistic unbounded Yes
RPR defines 3 main classes class A : real time (low latency/FDV) class B : near real time (bounded predictable latency/FDV) class C : best effort
Y(J)S APS Slide 62
RPR Class useRPR Class useA0 ring BW is reserved – not reclaimed even if no traffic
in dual-transit queue mode: class A frames from the ring are queued in PTQ class B, C in STQ
priority for egress frames in PTQ local class A frames local class B (when no frames in PTQ) frames in STQ local class C (when no PTQ, STQ, local A or B)
Notes:class A have minimal delayclass B have higher priority than STQ transit frames, so bounded delay/FDVclasses B and C share STQ, so once in ring have similar delay
Y(J)S APS Slide 63
RPR - protectionRPR - protection
rings give inherent protection against single point of failure
RPR specifies 2 mechanisms steering wrapping (optional)
(implementations may also do wrapping then steering)
wrap
steering info
Y(J)S APS Slide 64
NERT and CLEERNERT and CLEERNew Ethernet Ring Technology / Closed Loop Encapsulated Ethernet Ring
Similar to RPR but uses real Ethernet format
NERT and CLEER distinguish between ring nodes switches connected to ring nodes
Traffic in ring is MAC-in-MAC encapsulated External MACs are of ring node Internal MACs are original
Unexpected external MACs discarded
External MACs learned as in 1ah
Ring nodes forward according to table
NERT floods, CLEER never floods
Protection switch only involves changing tableso service restoration is fast
ring nodes
switches
Y(J)S APS Slide 65
MPLS fast rerouteMPLS fast reroute
IP FRR
RFC 4090
Y(J)S APS Slide 66
IP FRRIP FRR
True protection mechanisms do not exist for connectionless IPIn practice, routing protocols discover breaks and recalculate routes
but this usually takes a long timeLink-state IGPs detect link-down state using hellos
for OSPF - typically every 10 sec, and detection after 40 secand then Dijkstra algorithm avoids the failed link
BFD can be used to speed up the detectionHowever, the information still has to be propagated further (seconds?) and FIBs updated (100s of ms)
Various IP Fast ReRoute (IP FRR) mechanisms have been proposedbut true protection is best done at the MPLS level
Y(J)S APS Slide 67
MPLS fast rerouteMPLS fast reroute
RSVP-TE enables MPLS traffic engineering by fine control over placementspecifies explicit path using information gathered from IGPresources may be reserved at LSRs along the way
RFC 4090 defines extensions to RSVP-TE – Fast ReRoute (FRR)LSRs along the path preconfigure local bypasses (detours)Upon detection of failure by BFD (specified in microseconds, typically 10s of ms) or RSVP hellos (RFC default is 5 ms) or RESV / PATH messages (driven by IGP)upstream LSR simply enables the detourSince this is a local action, it should be fastRFC 4090 only discusses adding FRR to RSVP-TE network
but its use with LDP is possible if there is a single label generator
not discussed
in RFC 4090
Y(J)S APS Slide 68
PLRs and MPsPLRs and MPs
A fundamental entities in MPLS FRR are Point of Local Repair (PLR) Merge Point (MP)
A PLR is the LSR before the failed element (link or node)
All LSRs except the egress LER can be PLRs
The PLR is solely responsible for the FRR (no explicit APS signaling)
During path setup, potential PLRs create detours towards the egress LER
A MP is the LSR where the detour rejoins the LSP
All LSRs except the ingress LER can be MPs
ingressLER
egressLERPLR MP
Y(J)S APS Slide 69
MethodsMethodsRFC 4090 defines two different protection methodsUsually one or the other is employed in a given network
One-to-one backup each LSP protected separately detour LSP created for each LSP at each potential PLR no labels pushed
Facility backup backup tunnel for multiple LSPs bypass tunnel created at each potential PLR uses label stacking
PLR MP
PLR MP
Y(J)S APS Slide 70
NHOP and NNHOPNHOP and NNHOP
MPLS FRR can bypass a failed link or a failed nodeIn order to bypass a single failed link
we need an alternative path to the next hop (NHOP)
In order to bypass a single failed node, we need an alternative path to the next next hop (NNHOP)
PLR MP
PLR MP