End to End Convergence

1,129 views

Published on

Презентация для доклада, сделанного в рамках конференции Juniper New Network Day 01.01.2014.

Докладчик -- Product Line Manager компании Juniper Дмитрий Шокарев.

Видеозапись этого доклада с онлайн-трансляции конференции вы можете увидеть здесь: http://www.youtube.com/watch?v=R2groq4YMaQ

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,129
On SlideShare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
67
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

End to End Convergence

  1. 1. END TO END CONVERGENCE Dmitry Shokarev Product Line Management Routing Business Unit
  2. 2. 2 Copyright © 2010 Juniper Networks, Inc. www.juniper.net NETWORK RESILIENCY MECHANISMS * Sterbenz, James PG, et al. "Resilience and survivability in communication networks: Strategies, principles, and survey of disciplines." Computer Networks 54 (2010): 1245-1265. “Resilience as the ability of the network to provide and maintain an acceptable level of service in the face of various faults and challenges to normal operation.” * In general, many ways to quantify resilience, some suggest to use availability as a metric. Using this metric, resiliency can be improved by reducing repair time or improving convergence.
  3. 3. 3 Copyright © 2010 Juniper Networks, Inc. www.juniper.net Service Restored (sub-optimal path) WHAT CONTRIBUTES TO CONVERGENCE R3 R4R2 R5 R1 R6 R4 Failure R6 Detect Failure Flood Information Repair Locally (Update FIB) Select new path Update FIB Traffic re-routed over a backup path 10 – 40 ms <100 ms <10s <1s <100 ms Time R9 R8R10 R7
  4. 4. 4 Copyright © 2010 Juniper Networks, Inc. www.juniper.net FAILURE SCENARIOS, CORE INTERFACE FAILURE P PPE PE CPE CPE DETECTION Link Fault Signaling BFD Ethernet OAM (LFM or CFM) Other SCALING Hierarchical FIB (indirect, composite or selector next-hops) to converge independent of the number of prefixes / LSPs LOCAL REPAIR RSVP TE Facility Backup RSVP TE Fast Reroute (Detour) Loop Free Alternates Convergence mechanisms in use
  5. 5. 5 Copyright © 2010 Juniper Networks, Inc. www.juniper.net BFD PER MEMBER LINK IN A LAG OVERVIEW Transport Equipment Transport Equipment Problem Statement  When some other transmission equipment is in the path between routers, local link status may not be correctly propagated to the remote end (fast enough) and may even lead to black holes  Regular BFD can not guarantee failure detection at a particular link of a LAG bundle (BFD is IP based and subject to hashing / balancing) Solution  draft-mmm-bfd-on-lags-05 defines an approach where multiple micro-BFD sessions are deployed, one session per link  If micro-BFD session fails, link is declared down and removed from a group Local link status may not be propagated to the remote end (fast enough) Micro-BFD Session N Micro-BFD Session #1
  6. 6. 6 Copyright © 2010 Juniper Networks, Inc. www.juniper.net BFD PER MEMBER LINK IN A LAG PLATFORM SUPPORT AND SCALING N SESSIONS INTERVAL LEVEL 30 10 ms Line card 150 50 ms Line card 300 100 ms Line card 900 300 ms Line card PLATFORM MX, T, PTX LINE CARD Trio, Express, FPC4, FPC3 MX MIXED MODE Yes JUNOS 13.3 Software and hardware Regular Distributed BFD scaling applies PROTOCOLS IPv4 and IPv6 DRAFT/RFC Implementation is based on draft-mmm-bfd-on-lags-05 OTHER Can co-exist with LACP, Supported on Tagged / Untagged interfaces Configured directly on the ae interface Features
  7. 7. 7 Copyright © 2010 Juniper Networks, Inc. www.juniper.net FAILURE SCENARIOS, EDGE LINK FAILURE PE PE CPE CPE DETECTION Link Fault Signaling BFD Ethernet OAM (LFM or CFM) LOCAL REPAIR L2 Circuit Egress Protection L3 VPN Egress Protection Convergence mechanisms in use P
  8. 8. 8 Copyright © 2010 Juniper Networks, Inc. www.juniper.net L3 VPN EGRESS PROTECTION FOR BGP OVERVIEW PPE1 PE3 CPE1 CPE2 PE2 PE4 Prefix Preference Next-hop A Primary (0x1) CPE1 Backup (0x4000) Push Service Label L, PE2 PE1 L3VPN forwarding table (simplified view) iBGP Prefix Preference Next-hop A Primary (0x1) CPE1 Backup (0x4000) Push Service Label L’, PE1 PE2 L3VPN forwarding table (simplified view) Prefix Preference Next-hop A Backup (0x4000) Push Service Label L, PE2 PE1 L3VPN forwarding table (after failure), local repair Traffic Prefix A Service Label L
  9. 9. 9 Copyright © 2010 Juniper Networks, Inc. www.juniper.net L3 VPN EGRESS PROTECTION FOR BGP PLATFORM SUPPORT PLATFORM M/MX, T/TX LINE CARD Any JUNOS 12.3R1 Software and hardware PROTOCOL SUPPORT IPv4 and IPv6 PE-CE PROTOCOL BGP OTHER Compatible with eiBGP multipath Features
  10. 10. 10 Copyright © 2010 Juniper Networks, Inc. www.juniper.net Protecting LSP transport label, Ultimate Hop Popping is enabled to resolve ambiguity LSP to 5.5.5.5 (UHP ON) L2 CIRCUIT EGRESS PROTECTION OVERVIEW PPE1 (Primary) PE3 CPE1 CPE2 Virtual Circuit 2 Virtual Circuit 1PE2 (Protector) PE4 Label Preference Next-hop 100 Primary (0x1) ge-1/0/0.0 Backup (0x4000) Push 101, PE2 PE1 mpls.0 switching table Label Action / Next-hop 101 Pop to vt-, and lookup via __5.5.5.5__.mpls.0 PE2 mpls.0 switching table Label Action / Next-hop 100 ge-1/0/1.0 PE2 __5.5.5.5__.mpls.0 switching table Service Label is synchronized with Primary PE RSVP Label :101 Context Id (5.5.5.5) Identifies protection pair Protection VC PW Label :100
  11. 11. 11 Copyright © 2010 Juniper Networks, Inc. www.juniper.net L2 CIRCUIT EGRESS PROTECTION PLATFORM SUPPORT PLATFORM M/MX, T/TX LINE CARD Any ADDITIONAL REQUIREMENTS Tunnel Services JUNOS 10.4 Software and hardware PW SIGNALING LDP OTHER Features SW FEATURE 13.2 Egress protection for Inter-AS case 13.3 Egress protection for BGP-Labeled Unicast Related Features
  12. 12. 12 Copyright © 2010 Juniper Networks, Inc. www.juniper.net FAILURE SCENARIOS, EDGE LINK FAILURE (SWITCHED ACCESS) DETECTION Link Fault Signaling BFD Ethernet OAM (LFM or CFM) SCALING Hierarchical FIB (indirect, composite or selector next-hops) to converge independent of the number of prefixes / LSPs LOCAL REPAIR Host FRR Convergence mechanisms in use PE PE Host CPE P Local Area Network
  13. 13. 13 Copyright © 2010 Juniper Networks, Inc. www.juniper.net HOST FAST REROUTE OVERVIEW PPE1 PE3 CPE PE2 PE4 Prefix Preference Next-hop IP1 Primary (0x1) Host Backup (0x4000) Push Label, PE2 PE1 L3VPN forwarding table (simplified view) iBGP Prefix Preference Next-hop IP1 Primary (0x1) Host Backup (0x4000) Push Label, PE1 PE2 L3VPN forwarding table (simplified view) Prefix Preference Next-hop IP1 Backup (0x4000) Push Label, PE2 PE1 L3VPN forwarding table (after failure), local repair Traffic Local Area Network Host IP1 in Subnet A Subnet A Backup route selection is based on the exact match (local subnet A should match a prefix received from the backup) Populated during the ARP / NDP process (only v4 /32 or v6 /128 are subject to FRR backup selection)
  14. 14. 14 Copyright © 2010 Juniper Networks, Inc. www.juniper.net HOST FAST REROUTE PLATFORM SUPPORT PLATFORM M/MX, T/TX LINE CARD Any ADDITIONAL REQUIREMENTS vrf-table-label or vt- JUNOS 11.4R3 Software and hardware PROTOCOL SUPPORT IPv4 and IPv6 OTHER L3 VPN Features SW FEATURE Post 14.2 Support for static routes Post 14.2 Support for EIBGP learned routes Further Improvements
  15. 15. 15 Copyright © 2010 Juniper Networks, Inc. www.juniper.net FAILURE SCENARIOS, EDGE NODE FAILURE PPE PE CPE CPE DETECTION Link Fault Signaling BFD Ethernet OAM (LFM or CFM) SCALING Hierarchical FIB (indirect, composite or selector next-hops) to converge independent of the number of prefixes / LSPs LOCAL REPAIR L3 VPN Tail End Protection L2 Circuit Tail End protection Convergence mechanisms in use
  16. 16. 16 Copyright © 2010 Juniper Networks, Inc. www.juniper.net Context Id (5.5.5.5) Identifies protection pair L3 VPN TAIL END PROTECTION OVERVIEW P1PE1 (Primary) PE3 CPE1 CPE2 PE2 (Protector) PE4P2 Task 1: Program Local Repair (Loop Free Alternates case) Route 5.5.5.5 Per-prefix LFA Decision PE2 selected as a LFA for 5.5.5.5 prefix Label Preference Next-hop 100 Primary Pop, PE1 Backup Swap to 101, PE2 P1 mpls.0 switching table Implicit null label Route 5.5.5.5 Label 100
  17. 17. 17 Copyright © 2010 Juniper Networks, Inc. www.juniper.net L3 VPN TAIL END PROTECTION OVERVIEW P1PE1 (Primary) PE3 CPE1 CPE2 PE2 (Protector) PE4Context Id (5.5.5.5) Identifies protection pair P2 Task 2: Mirror Service Labels iBGP Label Action / Next-hop 101 Pop, lookup via __5.5.5.5__.mpls.0 PE2 mpls.0 switching table Label Action / Next-hop 16 See next task #3 PE2 __5.5.5.5__.mpls.0 switching table Label Preference Next-hop 16 Primary (0x1) ge-1/0/0.0 PE1 mpls.0 switching table iBGP VPNv4 route 10.0.0.1/24 Label 16
  18. 18. 18 Copyright © 2010 Juniper Networks, Inc. www.juniper.net Only routes with next hop set to 5.5.5.5 (context id) are selected L3 VPN TAIL END PROTECTION OVERVIEW P1PE1 (Primary) PE3 CPE1 CPE2 PE2 (Protector) PE4Context Id (5.5.5.5) Identifies protection pair P2 Task 3: Program a backup next-hop on the protector Label Action / Next-hop 16 vt- or table next-hop (__5.5.5.5-<vrf>__.inet.0) PE2 __5.5.5.5__.mpls.0 switching table Backup next-hop can be selected from direct routes / eBGP or iBGP. In general, protector and backup PE functionality can be decoupled. Protector does not have to have connectivity to the CPE device and can be located elsewhere Route Action / Next-hop IP ge-1/0/1.0 PE2 __5.5.5.5-<vrf>__.inet.0 (IP)
  19. 19. 19 Copyright © 2010 Juniper Networks, Inc. www.juniper.net L3 VPN TAIL END PROTECTION PLATFORM SUPPORT PLATFORM M/MX, T/TX LINE CARD Any PE ROUTER ADDITIONAL REQUIREMENTS vrf-table-label or vt- PROTECTOR ADDITIONAL REQUIREMENTS vt- for context lookup in non “enhanced-ip” JUNOS 11.4R3 Software and hardware PROTOCOL SUPPORT IPv4 and IPv6 IGP SUPPORT IS-IS (due to per- prefix LFA) SIGNALLING LDP OTHER L3 VPN Features TOPOLOGY REQUIREMENTS (JUNOS 11.4, LDP LFA-BASED) Protector should not be in the regular data path, otherwise traffic will get forwarded to the backup PE In general, the router performing local repair should have a direct link to the protector or a backup LSP to the protector
  20. 20. 20 Copyright © 2010 Juniper Networks, Inc. www.juniper.net Context Id (5.5.5.5) Identifies protection pair Loopback Address (1.1.1.1) Route 5.5.5.5 LDP STUB ALIAS MODE FOR LOCAL REPAIR P1PE1 (Primary) PE3 CPE1 CPE2 PE4P2 Steer traffic to a protector which is several hops away Route 5.5.5.5 Label Preference Next-hop 100 Primary Pop, PE1 Backup Swap to 101, Push 103 (top), P P1 mpls.0 switching table Implicit null label Route 5.5.5.5 Label 100 Label 101 (in an IGP TLV) Route 1.1.1.1PE2 (Protector) LDP Label 102 Route 1.1.1.1 Label 103 Populated from inet.5 table used to store stub-alias routes Route Protocol next-hop Next-hop 5.5.5.5 1.1.1.1 Push 101, Push 103 (top), P P1 inet.5 routing table Transport label to reach 1.1.1.1 (LDP) Identifies 5.5.5.5 context (comes from the IGP TLV)
  21. 21. 21 Copyright © 2010 Juniper Networks, Inc. www.juniper.net Description  CSPF algorithm at ingress PE will always choose paths that go through primary PE (preferred link to reach the stub node)  But CSPF algorithm at the core site (P1) will choose the paths through protector for next-nexthop bypass LSPs  Regular facility backup behavior applies, no change is required TAIL END PROTECTION RSVP TE SUPPORT P1PE1 (Primary) PE3 CPE1 CPE2 PE4P2 Enables tail end protection for RSVP signaling PE2 (Protector) Stub node, context id 5.5.5.5 RSVP TE LSP Bypass LSP Regular next- nexthop bypass LSP Regular Facility Backup Node Protection Advertised with zero bandwidth, and max TE metric
  22. 22. 22 Copyright © 2010 Juniper Networks, Inc. www.juniper.net STUB ALIAS AND STUB NODE FEATURES Software and features JUNOS 13.3 STUB ALIAS IMPLEMENTATION DRAFT COMPLIANCE draft-gredler-isis-label-advertisement-03 IGP SUPPORT FOR STUB ALIAS IS-IS IGP SUPPORT FOR STUB NODE IS-IS and OSPF PLATFORM SUPPORT MX/T
  23. 23. 23 Copyright © 2010 Juniper Networks, Inc. www.juniper.net Assumptions  Symmetric deployment with mutual protection  In tail end protection case, protector and backup PE are merged  Same context ID is used for all VRFs / VCs (2 context IDs per protection pair) PE ROUTER CONFIGURATION COMPLEXITY ANALYSIS FEATURE PRIMARY PE BACKUP PE STATEMENTS REFERENCES STATEMENTS REFERENCES L2 CIRCUIT EGRESS PROTECTION 1 per VC Backup PE IP 3 per VC Protected VC Egress PE Protected VC Ingress PE Protected VC ID L2 CIRCUIT TAILEND PROTECTION 1 per VC Backup PE IP 3 per VC Protected VC Egress PE Protected VC Ingress PE Protected VC ID L3 VPN EGRESS PROTECTION FOR BGP 2 per VRF 0 0 0 HOST FAST REROUTE 1 per interface 0 0 0 L3 VPN TAILEND PROTECTION 1 per VRF 0 0 0 New VC / VRF / interface – specific configuration statements and references Notes  Statement is a configuration statement such as “set routing-instances vrf1 protocols bgp family inet unicast protection“  Reference is an ID external to this router pair (e.q. Protected VC ID)
  24. 24. 24 Copyright © 2010 Juniper Networks, Inc. www.juniper.net TAILEND PROTECTION PLANS SW FEATURE 12.3 L2 Circuit support (LDP signaling) 13.3 RSVP Support (stub node) 13.3 IS-IS stub alias advertisements by PE and backup selection by P (protector may be multiple hops away from PLR in LDP case) 14.1 Support for labeled-unicast (Enables border router protection in Seamless MPLS designs) Support by software release
  25. 25. 25 Copyright © 2010 Juniper Networks, Inc. www.juniper.net Route BGP NH A1 PE-SITE-B-2 … AN PE-SITE-B-2 Route BGP NH A1 PE-SITE-B-1 … AN PE-SITE-B-1 BGP CONVERGENCE IMPROVEMENTS PREFIX INDEPENDENT CONVERGENCE  When one remote PE fails, next-hops for all routes have to be updated, process takes time and contributes to the service interruption (assuming no tailend protection is in place)  Without this feature, each route is updated individually  With this feature only one update is required for a given primary / backup router pair  The goal is to converge in less than 1s MPLS Core Prefix A1…AN Prefix A1…AN PE-SITE-B-1 PE-SITE-B-2 PE-SITE-A Routing Table (simplified view)
  26. 26. 26 Copyright © 2010 Juniper Networks, Inc. www.juniper.net BGP CONVERGENCE IMPROVEMENTS PLATFORM SUPPORT AND TEST RESULTS N OF ROUTES N OF PE PRIMARY / BACKUP PAIRS CONVERGENCE 100000 500 <1s 400000 500 <1s PLATFORM MX, T LINE CARD Trio MX MIXED MODE Yes, but enhanced-ip is preferred JUNOS 13.2 Software and hardware Convergence Test Results (in enhanced-ip mode) ADDRESS FAMILIES VPNv4 / VPNv6 TRANSPORT SIGNALING LDP OTHER Can be enabled with / without iBGP multipath Features
  27. 27. 27 Copyright © 2010 Juniper Networks, Inc. www.juniper.net MULTICAST RESILIENCY
  28. 28. 28 Copyright © 2010 Juniper Networks, Inc. www.juniper.net MULTICAST ONLY FAST REROUTE OVERVIEW Fast switchover to another multicast stream from the same source in case of an upstream interface failure R5R3 Multicast Source R2 R6 R4 Multicast Receiver Discards traffic from the backup path Sends joins to both upstreams R1 Problem Statement  Upstream interface failure will results in a traffic loss. The loss duration is in order of seconds. IGP convergence followed by a PIM join to the new path is required to complete. Solution  Join to both sources and use only one at a time  If one interface, switch to another immediately, no additional signaling required
  29. 29. 29 Copyright © 2010 Juniper Networks, Inc. www.juniper.net MULTICAST ONLY FAST REROUTE OVERVIEW PLATFORM SUPPORT PLATFORM MX LINE CARD Trio MIXED MODE No JUNOS VERSION 14.1 Software and hardware PROTOCOLS PIM and mLDP BACKUP INTERFACE SELECTION Same metric, next least metric, disjoint paths DRAFT/RFC draft-karan-mofrr- 02 Features

×