Odp500058 VPN Frr Technology Issue1.0_20070312_a

8/13/2019 Odp500058 VPN Frr Technology Issue1.0_20070312_a

1/18

www.huawei.com

Copyright 2006 Huawei Technologies Co., Ltd. All rights reserved.

ODP500058VPN FRR Technology

ISSUE 1.0


2/18


Objectives

Upon completion of this course, you will be able to:

Describe VPN FRR Technologies Evolution

Describe VPN FRR Technologies Principle


3/18


Contents

1. Technology History

2. Tec h n o lo g y A n a ly s is


4/18Copyright 2006 Huawei Technologies Co., Ltd. All rights reserved.

FRR Technology

FRR (fast re-route) technologies is a kind of mean aboutfailure restoration.

IP FRR

MPLS TE FRR

VPN FRR


5/18


MPLS TE FRR- Protect Link and Node

IP Co re

Primary LSP

Backup L SP

Deploy a backup LSP for the primary LSP, when the Primary LSP is broken, the traffic istransferred to the backup LSP. When the Primary LSP restores, the traffic comes back.

The hot -standby mode the backup LSP is built in advance. The ordinary mode the backup LSP is built when the Primary LSP is broken. MPLS OAM should be used for this situation to detect the end-to-end failure of Primary

LSP quickly.

PEPE

200

300

210

210

310

210

210

PECE

Protection methods is built between PEs (Outer Label) for Link and middle Node


6/18


Why VPN FRR

IP Co re

PEs seriously fails, what happens?

PEPE

PE

CE

PE become down with Power Off, etc.

Traditional Methods IGP will convergence with several seconds

LDP will convergence with several seconds Path switch will cost 5 seconds including internal and external label switch MBGP will convergence the private routers which depended by the quantity of

routes Long Time cost, for the carriers important service such as NGN,3G. How to quickly convergence??

IGP convergenceLDP convergencePrivate route convergence


7/18


Why?- VPN FRR

The VPN FRR uses the VPN-based fast switchover technologies for privatenetwork routes.

Forward entries pointing to the active and standby PEs are set on the remotePE, together with the fast PE fault detection, to reduce the time needed for theservice convergence on a CE dual homing network in case of PE fault.

This also breaks the correlation between the time for PE fault recovery and thequantity of private network routes in the bearer network.

IP Co re

PEPE

PECE

PE become down with Power Off, etc.

IGP convergence

LDP convergencePrivate route convergence

Only Used In CE dual-home situation


8/18


Contents

1. Technology History

2. Technology Analysis


9/18


VRF for NGN VPN Site1DIP PE-ID Interface Label Priority LSP Stat

MG2 PE2 POS1/Tunnel1 100 10 ActiveMG2 PE3 POS2/Tunnel 2 200 20 backup

MG1 MG2

The tunnel LSP can be built by VPN over RSVP, VPN over LDP, VPN over LDP over RSVP.For NGN VPN Site1, PE1 has two VPN routes to MG2.

PE1 maintains the MP-BGP keep-alive MSGs with PE2 and PE3 to defect the neighbor failure. Thetimeout time is several seconds.

When PE2 is broken, based on the keep-alive MSGs, PE1 would select the PE3 as the next-hop PEfor MG2 in NGN VPN, the time of switch-over is several seconds. During the time, all the traffic from MG1 to MG2 by PE2 would be dropped.

PE1 PE2

PE3

Tunnel LSP1

Tunnel LSP2

NGN VPN Site1NGN VPN Site2


MG2 PE3 POS2/Tunnel 2 200 20 Active

IP/MPLS Core

VPN FRR


10/18



MG2 PE2 POS1/Tunnel1 100 10 ActiveMG2 PE3 POS2/Tunnel 2 200 20 backup

MG1 MG2

Switch-over by VPN FRR

Enable the multi-hop BFD between PE1 and PE2. Enable the multi-hop BFD between PE1 and PE3. When PE2 is broken, BFD finds it, the VRN interacts with BFD, and adopts the new routes.

The time of switch-over can be 100-200 ms.

PE1 PE2

PE3

Tunnel LSP1

Tunnel LSP2

NGN VPN Site1NGN VPN Site2


MG2 PE3 POS2/Tunnel 2 200 20 Active

HelloHello IP/MPLS Core

VPN FRR is a node feature available in Huawei router. It need not to work with othervendor product to achieve the switchover advantages.


11/18


VPN FRR Analysis

Use the FRR technology

Select optimum and suboptimum VPN routes from two PE These two routes both are written into forwarding entry The forwarding entry consists of forward prefix, internal label andselected external LSP tunnel

PEA PE-B

PE-C

CE

VPNRT1 FIB RT1 RT2

Priority optimum suboptimum

LSP status available backup

Prefix A A

I-label m n

E-label i j

After VPN FRR Enabled

Both RT1 and RT2 are written in FIB

VPNRT2

Control flowOuter LSP

Prefix A


12/18


VPN FRR Analysis

Configure BFD to detect PE to PE faults

When faults occur, set flag in FIB to unavailable Outer LSP will switch first Then the optimum FIB entry take in use with LSP status change

PE-A PE-B

PE-C

CE

VPNRT1

VPN

RT2

In use

BFD session

When failure, BFD session down

FIB RT1 RT2

Priority optimum suboptimum

LSP status available backup

Prefix A A

I-label m n

E-label i j

unavailable

RT2 FIB entry take in use

RT2

In use after BFDsession down

Outer LSP Control Flow

Data Flow


13/18


Normal Forwarding Flow

P-CPE-A

PE-B P-D

PE-E CE-BCE-A10.0.0.0/2410.0.1.0/2410.0.2.0/24

.

11.0.0.0/2411.0.1.0/24

VPN1(BGP)Route inner label outer label

10.0.0.0/24 M N10.0.1.0/24 M N.

10.n.3.0/24 M N

VPN1(BGP)Route inner label outer label10.0.0.0/24 K L10.0.1.0/24 K L

. 10.n.3.0/24 K L

VPN1( BGP)Route inner label outer label priority

10.0.0.0/24 K Y sub-Primary10.0.0.0/24 M Z primary10.0.1.0/24 K Y sub-Primary10.0.1.0/24 M Z Primary10.n.2.0/24 K Y sub-Primary10.0.2.0/24 M Z Primary

FTN and NHLFERoute inner label outer label10.0.0.0/24 M Z10.0.1.0/24 M Z10.0.2.0/24 M Z

Z M IP Data


14/18



10.0.0.0/24 K Y sub-Primary10.0.1.0/24 K Y sub-Primary10.n.2.0/24 K Y sub-Primary

Normal Forwarding Flow

P-CPE-A

PE-B P-D

PE-E CE-BCE-A10.0.0.0/2410.0.1.0/2410.0.2.0/24

.

11.0.0.0/2411.0.1.0/24

VPN1(BGP)Route inner label outer label

10.0.0.0/24 M N10.0.1.0/24 M N.

10.n.3.0/24 M N


. 10.n.3.0/24 K L


10.0.0.0/24 K Y sub-Primary10.0.0.0/24 M Z primary10.0.1.0/24 K Y sub-Primary10.0.1.0/24 M Z Primary10.n.2.0/24 K Y sub-Primary10.0.2.0/24 M Z Primary

FTN and NHLFERoute inner label outer label10.0.0.0/24 K Y10.0.1.0/24 K Y10.0.2.0/24 K Y

Y K IP Data

FTN and NHLFERoute inner label outer label10.0.0.0/24 M Z10.0.1.0/24 M Z10.0.2.0/24 M Z

M Z IP Data


15/18


Traffic Forwarding by VPN FRR Enable

P-CPE-A

CE-BCE-A

10.0.0.0/2410.0.1.0/2410.0.2.0/24

.

11.0.0.0/2411.0.1.0/24

VPN1(BGP)Route inner label outer label10.0.0.0/24 M N10.0.1.0/24 M N

. 10.n.3.0/24 M N


. 10.n.3.0/24 K L

VPN1( BGP)

Route inner label outer label priority10.0.0.0/24 K Y sub-Primary10.0.0.0/24 M Z primary10.0.1.0/24 K Y sub-Primary10.0.1.0/24 M Z Primary10.n.3.0/24 K Y sub-Primary10.n.3.0/24 M Z Primary

FTN and NHLFERoute inner label outer label LSP stat

10.0.0.0/24 M Z available10.0.1.0/24 M Z available10.n.3.0/24 M Z available

10.0.0.0/24 K Y backup10.0.1.0/24 K Y backup10.n.3.0/24 K Y backup

Z M IP Data

BFD session

PE-B

PE-E

P-D


16/18


FTN and NHLFERoute inner label outer label LSP Stat10.0.0.0/24 M Z unavailable

10.0.1.0/24 M Z unavailable 10.n.3.0/24 M Z unavailable 10.0.0.0/24 K Y available 10.0.1.0/24 K Y available 10.n.3.0/24 K Y available

FTN and NHLFERoute inner label outer label LSP stat10.0.0.0/24 M Z available10.0.1.0/24 M Z available

10.n.3.0/24 M Z available10.0.0.0/24 K Y backup 10.0.1.0/24 K Y backup 10.n.3.0/24 K Y backup

Traffic Forwarding by VPN FRR Enable

P-CPE-A

PE-B P-D

PE-E CE-BCE-A10.0.0.0/2410.0.1.0/2410.0.2.0/24

.

11.0.0.0/2411.0.1.0/24

VPN1(BGP)Route inner label outer label10.0.0.0/24 M N10.0.1.0/24 M N

. 10.n.3.0/24 M N


. 10.n.3.0/24 K L


10.0.0.0/24 K Y sub-Primary10.0.0.0/24 M Z primary10.0.1.0/24 K Y sub-Primary10.0.1.0/24 M Z Primary10.n.3.0/24 K Y sub-Primary10.n.3.0/24 M Z Primary

Z M IP Data

BFD session

Y K IP Data


17/18


VPN FRR configure

Configure IP address on the interface (omitted)Configure IGP protocol In MPLS backbone (omitted)Configure MPLS basic capability and MPLS-TE for TE tunnel (omitted)Configure VPN instance on PE router (omitted)Establish EBGP(or igp) adjacency between PE and CE, import VPN route (omitted)Establish MP-IBGP adjacency between PEs (omitted)Configure VPN FRR on PE

Example:#Configure VPN FRR route policy< PEA> system-view [PEA] ip ip-prefixlist vpn_frr_list permit 10.0.241.2 32 [PEA] route-policy vpn_frr_rp permit node 10

[PEA -route-policy] if-match ip nexthop ip-prefix vpn_frr_list[PEA -route-policy] apply backup- nexthop ip address sub-optimum [PEA -route-policy] quit #Enable VPN FRR[PEA] ip vpn-instance vpn1 [PEA-vpn-instance-vpn1] vpn frr route-policy vpn_frr_rp


18/18

www.huawei.com


Thank You

www.huawei.com

Date post:	04-Jun-2018
Category:	Documents
Upload:	randy-dookheran
View:	217 times
Download:	0 times

Odp500058 VPN Frr Technology Issue1.0_20070312_a

Documents