Inter-network Ethernet Service Protection   Zehavit Alon  Nurit Sprecher John Lemon
Agenda <ul><ul><li>Inter-network Ethernet Service Protection </li></ul></ul><ul><ul><ul><li>Overview </li></ul></ul></ul><...
Ethernet Services over Interconnected Networks <ul><ul><li>Carrier Ethernet services are delivered over interconnected Eth...
<ul><ul><li>Each Ethernet network may deploy a different packet transport technology which provides its own mechanisms aim...
Interconnected Networks  Protection Mechanism:  Requirements <ul><ul><li>Protect against any single failure or degradation...
Interconnected Networks   Protection Mechanism:  Requirements (cont’d.) <ul><ul><li>Avoid modification of the protocols ru...
Possible Topologies  <ul><li>Mesh </li></ul><ul><li>Ring </li></ul>
Dual Attached Connectivity Three links are required Two links are required Ring Mesh
Enhanced Resiliency Dual attachment is widely deployed.  Resiliency is enhanced by adding a node and two links, and by rem...
Connectivity between adjacent networks A B C D Adjacent networks are connected by 8 connections: 2 direct connections  A-D...
Protection Path Load   Load sharing is supported across two links. When a link connecting the networks fails, all traffic ...
Load Sharing Capable of supporting only two nodes in each network Although nested rings are possible, they can significant...
Protection Path Cost Working Protection The cost of the protection path (in terms of the number of hops) is higher than th...
Multiple Failures   No traffic No traffic No traffic Mesh topology provides better resiliency  in the event of multiple fa...
Interconnection with Rings (G.8032) Shared Link G.8032 G.8032 A super loop is created. Protection in the interconnection z...
Proposed Topologies <ul><li>Mesh that supports dual-homing and that provides enhanced protection in the double dual-homing...
Solution Principles  Interconnect zone 4 3 1 2 7 A B D Blue traffic (VLAN X) is only sent through port 1 (which is protect...
Solution Principles  <ul><ul><li>The interconnected zone may include additional nodes, interfaces and links  </li></ul></u...
Solution Principles  <ul><ul><li>For each protected VLAN, one of the nodes is responsible for selecting the interface over...
Solution Principles <ul><li>For each VLAN, the master/deputy/slave nodes are configured according to the following options...
Solution Principles <ul><ul><li>The interface selection algorithm for each VLAN is based on  </li></ul></ul><ul><ul><ul><l...
Solution Principles <ul><ul><li>If a link fails, the master node uses the protection port (port 2) for VLAN X  </li></ul><...
Solution Principles <ul><ul><li>If the master fails, the deputy is informed about it by the slaves and it becomes active  ...
Solution Principles  <ul><ul><li>A protected VLAN x is defined on 2 ports: On port A, VLAN x is configured as working enti...
Solution Principles <ul><ul><li>The VPG forwards VLAN traffic to the port selected by the algorithm. </li></ul></ul><ul><u...
Solution Principles  Location of the new shim
Intention <ul><ul><li>Start a new project in the IEEE802.1 aimed at defining a protection mechanism for interconnected net...
Thank You [email_address] [email_address] [email_address]
Upcoming SlideShare
Loading in...5
×

Presentation new-alon-service-protection-in-interconnectned ...

272

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
272
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Presentation new-alon-service-protection-in-interconnectned ...

  1. 1. Inter-network Ethernet Service Protection Zehavit Alon Nurit Sprecher John Lemon
  2. 2. Agenda <ul><ul><li>Inter-network Ethernet Service Protection </li></ul></ul><ul><ul><ul><li>Overview </li></ul></ul></ul><ul><ul><ul><li>Requirements </li></ul></ul></ul><ul><ul><ul><li>Network architecture </li></ul></ul></ul><ul><ul><ul><ul><li>Possible connectivity constructions between Ethernet Networks </li></ul></ul></ul></ul><ul><ul><ul><ul><li>Recommended construction </li></ul></ul></ul></ul><ul><ul><ul><li>Proposed solution </li></ul></ul></ul><ul><ul><li>Open discussion and next steps </li></ul></ul>
  3. 3. Ethernet Services over Interconnected Networks <ul><ul><li>Carrier Ethernet services are delivered over interconnected Ethernet networks - untagged, C-VLAN, S-VLAN, B-VLAN </li></ul></ul><ul><ul><li>Interconnected networks may, for example, consist of: </li></ul></ul><ul><ul><ul><li>a customer’s network connected to a service provider's network </li></ul></ul></ul><ul><ul><ul><li>that is also connected to other service providers' networks. </li></ul></ul></ul><ul><ul><li>An end-to-end carrier Ethernet service can span several interconnected packet networks. </li></ul></ul>PB PBB-TE PBB PBB-TE PB
  4. 4. <ul><ul><li>Each Ethernet network may deploy a different packet transport technology which provides its own mechanisms aimed at ensuring network survivability. Examples are: </li></ul></ul><ul><ul><ul><li>Bridged Ethernet with MSTP or SPB or G.8032 </li></ul></ul></ul><ul><ul><ul><li>Traffic Engineered Ethernet with PBB-TE protection switching </li></ul></ul></ul><ul><ul><li>A protection mechanism is required for the interconnected zone. </li></ul></ul>Ethernet Services over Interconnected Networks PB xSTP 1:1 SPB 1:1 PB xSTP PB PBB-TE PBB PBB-TE PB Interconnected Zone Interconnected Zone Interconnected Zone Interconnected Zone
  5. 5. Interconnected Networks Protection Mechanism: Requirements <ul><ul><li>Protect against any single failure or degradation of a facility (link or node) in the interconnected zone </li></ul></ul><ul><ul><li>Support all standard Ethernet frames: 802.1D, 802.1Q, 802.1ad, 802.1ah </li></ul></ul><ul><ul><li>Support interconnection between different network types (e.g. CN-PBN, PBN-PBN, PBN-PBBN, PBBN-PBBN, etc.) </li></ul></ul><ul><ul><li>Provide 50ms protection switching </li></ul></ul><ul><ul><li>Provide a clear indication of the protection state </li></ul></ul><ul><ul><li>Maintain an agnostic approach towards: </li></ul></ul><ul><ul><ul><li>the Ethernet technology running on each of the interconnected networks, and </li></ul></ul></ul><ul><ul><ul><li>the protection mechanism deployed by each of the interconnected networks </li></ul></ul></ul>
  6. 6. Interconnected Networks Protection Mechanism: Requirements (cont’d.) <ul><ul><li>Avoid modification of the protocols running inside each of the interconnected networks </li></ul></ul><ul><ul><li>Ensure that multicast and broadcast frames are delivered only once over the interconnected zone </li></ul></ul><ul><ul><li>Allow load balancing between the interfaces that connect the networks to ensure efficient utilization of resources </li></ul></ul>
  7. 7. Possible Topologies <ul><li>Mesh </li></ul><ul><li>Ring </li></ul>
  8. 8. Dual Attached Connectivity Three links are required Two links are required Ring Mesh
  9. 9. Enhanced Resiliency Dual attachment is widely deployed. Resiliency is enhanced by adding a node and two links, and by removing the redundant link. This operation may cause traffic disruption (if a facility fails during the upgrade operation). Resiliency is enhanced by adding a node with dual attachment to the adjacent network. This provides protection against node failure (with no traffic disruption). Ring Mesh
  10. 10. Connectivity between adjacent networks A B C D Adjacent networks are connected by 8 connections: 2 direct connections A-D, B-C 2 indirect connections A-D , B-C 2 indirect connections B-D 2 indirect connections A-C The network local link may also be used to transmit internal traffic in the network (which may result in the utilization of BW required for protection). Adjacent networks are connected by 4 direct (single-hop) connections: A-D, A-C, B-D, B-C Ring Mesh A B D C
  11. 11. Protection Path Load Load sharing is supported across two links. When a link connecting the networks fails, all traffic between the networks is transmitted via the other single link connecting the networks. When a node fails, all traffic between the networks is transmitted via the other single link connecting the networks. Load sharing is supported across all four links. When a link fails, traffic is shared between the three other links. When a node fails, traffic is shared between two links. Ring Mesh
  12. 12. Load Sharing Capable of supporting only two nodes in each network Although nested rings are possible, they can significantly complicate the solution and the operation. Capable of supporting more than two nodes and two links in each network, for connecting the networks with support for load sharing Ring Mesh
  13. 13. Protection Path Cost Working Protection The cost of the protection path (in terms of the number of hops) is higher than that of the working path. (Revertive functionality is recommended.) The cost of the protection path (in terms of the number of hops) is identical to that of the working path. (Revertive functionality is optional.) Ring Mesh
  14. 14. Multiple Failures No traffic No traffic No traffic Mesh topology provides better resiliency in the event of multiple failures. Examples are: Ring Mesh
  15. 15. Interconnection with Rings (G.8032) Shared Link G.8032 G.8032 A super loop is created. Protection in the interconnection zone is not agnostic with regard to failures. A mechanism is required to prevent the transmission of internal traffic from the network in the west (shown above) to the two nodes in the network in the east. Protection in the interconnection zone is agnostic with regard to failures inside the ring. Ring Mesh
  16. 16. Proposed Topologies <ul><li>Mesh that supports dual-homing and that provides enhanced protection in the double dual-homing configuration </li></ul>
  17. 17. Solution Principles Interconnect zone 4 3 1 2 7 A B D Blue traffic (VLAN X) is only sent through port 1 (which is protected by port 2). Blue traffic is sent through port 2 in the event of failure of link 1-3, or of node B Blue traffic is sent through node C in the event that node A fails. 8 <ul><ul><li>The protection mechanism is available per Ethernet service in the interconnected zone (i.e. per VLAN). </li></ul></ul><ul><ul><li>An Ethernet service is carried only over one of the interfaces which connects the two adjacent networks. </li></ul></ul><ul><ul><li>In the event of a fault condition on the link or the peer node, traffic is redirected to the redundant interface. </li></ul></ul><ul><ul><li>The service may also be protected by another node to avoid a single point of failure. If a node is no longer able to carry traffic, traffic is redirected over the redundant node. </li></ul></ul>6 5 C
  18. 18. Solution Principles <ul><ul><li>The interconnected zone may include additional nodes, interfaces and links </li></ul></ul><ul><ul><li>Each protected VLAN is configured, (independently of other VLANs) on: </li></ul></ul><ul><ul><ul><li>Total of three nodes and four ports - on one of the networks, one node with two ports; on the other network, two nodes with one port on each (i.e. dual-homing) </li></ul></ul></ul><ul><ul><ul><li>Total of four nodes and eight ports - on both networks, two nodes with two ports each (i.e double dual-homing) </li></ul></ul></ul><ul><ul><li>Each protected VLAN can be transmitted over one out of two/four links. However, at any given time, it is only transmitted over one of the links crossing the interconnected zone. </li></ul></ul>Interconnect Area 4 3 1 2 8 7 A B D 10 11 11 9 13 12 6 5 C E F
  19. 19. Solution Principles <ul><ul><li>For each protected VLAN, one of the nodes is responsible for selecting the interface over which the traffic will be transmitted. This node functions as a master. </li></ul></ul><ul><ul><li>The master is connected to two nodes. These two nodes follow the master’s decisions and function as slaves. </li></ul></ul><ul><ul><li>The master node can be protected by a redundant node. In the event that the master fails, the redundant node functions as the master. This node is called a deputy. The deputy is connected to the same two slaves as the master. </li></ul></ul>M S S D M D M S S S S D <ul><ul><li>The role of each node (master, deputy and slave) is set for each VLAN by administrative configuration. </li></ul></ul><ul><ul><li>The same node may function as a master node for some VLANs (blue), as a deputy node for other VLANs (red), and a slave for other VLANs (green), thus enabling load sharing between the nodes. </li></ul></ul>
  20. 20. Solution Principles <ul><li>For each VLAN, the master/deputy/slave nodes are configured according to the following options: </li></ul><ul><ul><li>Additional parameters must be configured for the master and deputy nodes ( not for the slaves): </li></ul></ul><ul><ul><ul><li>working port – the default port to use for traffic </li></ul></ul></ul><ul><ul><ul><li>protection port – the port to use when the working port can not be used. </li></ul></ul></ul>
  21. 21. Solution Principles <ul><ul><li>The interface selection algorithm for each VLAN is based on </li></ul></ul><ul><ul><ul><li>local configuration </li></ul></ul></ul><ul><ul><ul><li>Information provided by link-level CCMs </li></ul></ul></ul><ul><ul><li>The protection state of all the protected VLANs is synchronized between peers by means of a single link-level CCM message. </li></ul></ul>Slave1 is active, and uses another port for VLAN X. Master chooses the configured working port 1 for VLAN X Master is working so deputy does not need to take over Slave1 follows master’s decision and uses port 3 for VLAN X Master uses this port for VLAN X Master uses another port for VLAN X Slave1 uses this port for VLAN X Slave2 follows master’s decision and does not use any of its ports for VLAN X Slave2 is not active for VLAN X Deputy is not active for VLAN X Deputy is not active for VLAN X Slave2 is not active for VLAN X 1 2 M 5 6 D 7 8 S 2 3 4 S 1
  22. 22. Solution Principles <ul><ul><li>If a link fails, the master node uses the protection port (port 2) for VLAN X </li></ul></ul>1 2 7 8 S 2 3 4 S 1 Slave is not active for VLAN x Slave2 is actctive and uses another port for VLAN X Master uses this port for VLAN X Deputy is npot active for VLAN X Slave2 uses this port for VLAN X Deputy is not active for VLAN X Slave1 does not receive anything from the master. It does not use any of its ports for VLAN X Master is working so deputy does not need to take over Slav2 follows master’s decision and uses port 7 for VLAN X Link on port 1 is not working, Master chooses the configured protection port 2 for VLAN X M 5 6 D
  23. 23. Solution Principles <ul><ul><li>If the master fails, the deputy is informed about it by the slaves and it becomes active </li></ul></ul>1 2 5 6 7 8 S 2 3 4 S 1 Slave1 does not work for VLAN X Slave2 does not work for VLAN X Deputy uses this port for VLAN X Master failed. Does not send anything Does not receive anything from master so it doesn't use any port for VLAN X Deputy sees that both slaved are not working. It understands that the master is not working so deputy takes over using its working port (6) Does not receive anything from master so it doesn't use any port for VLAN Slave2 follows deputy’s decision and uses port 8 for VLAN X Slave2 uses this this port for VLAN X Deputy uses another port for VLAN X does not use any of its ports for VLAN X Slave1 does not work for VLAN X M D
  24. 24. Solution Principles <ul><ul><li>A protected VLAN x is defined on 2 ports: On port A, VLAN x is configured as working entity, while on port B, VLAN x is configured as protection entity </li></ul></ul><ul><ul><li>In a live system, the VLAN is transmitted only on one of the ports (working or protection entity). </li></ul></ul><ul><ul><li>The 2 ports on which the VLAN is protected are grouped into a VLAN Protection Group (VPG). The VPG is a logical bridge port (as defined in 802.1Q + ad + ah). </li></ul></ul>Port A VPG VLAN x VLAN x Port B Port A VLAN x VLAN x Port B Port A VLAN x Working VLAN x Protection Port B
  25. 25. Solution Principles <ul><ul><li>The VPG forwards VLAN traffic to the port selected by the algorithm. </li></ul></ul><ul><ul><li>VLAN traffic received on a port is forwarded to the VPG. Learning occurs at the VPG level. </li></ul></ul><ul><ul><li>The CCMs are sent and received by ports A and B, and the selection algorithm is implemented on the VPG, based on the information received on both ports. </li></ul></ul>VPG Port A VLAN x VLAN x Port B VPG Port A VLAN x VLAN x Port B
  26. 26. Solution Principles Location of the new shim
  27. 27. Intention <ul><ul><li>Start a new project in the IEEE802.1 aimed at defining a protection mechanism for interconnected networks in the proposed topologies. The mechanism should comply with the requirements introduced in this presentation. </li></ul></ul><ul><ul><li>Decide whether we should send a liaison to the MEF in order to receive feedback on (1) the proposed connectivity construction and (2) the requirements. </li></ul></ul>
  28. 28. Thank You [email_address] [email_address] [email_address]
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×