Presentation on theme: "Ethernet Automatic Protection Switching (EAPS)"— Presentation transcript:
1Ethernet Automatic Protection Switching (EAPS) A small comparison with Eternet Ring Protection Switching (ERPS)
2IntroductionEAPS is a protocol invented to increase the availability of Ethernet ringsDeveloped by Extreme Networks (RFC3619 – 2003)Objective:Provide a resilience level comparable to SONET ringsCurrent version (v ) has some enhancements over version 1 (RFC3619 – 2003)
3MotivationEthernet is widely used in Local Area Networks (LANs) and Metropolitan Area Networks (MANs)Typically present a ring topologyMAN operators want to reduce recovery timeSpanning Tree Protocol (STP) could take 30 – 60 second to recoverRapid Spanning Tree Protocol (RSTP) is faster...Convergence time depends on the number of nodesBoth STP and RSTP limit the number of nodesEAPS recovers in less than 1 second (100 ms)Does not limit the number of nodes!!!
4Basic Considerations (I) A ring is made up of two or more switchesEach switch has two ports connected to the ringAn EAPS domain exists on a single Ethernet ringA domain protects a group of VLANsA domain has a unique control VLANMultiple EAPS domains could coexist on the same ringMultiple control VLANs
5Basic Considerations (II) For each EAPS domain:One of the nodes is the Master (S1)One port is designated as the Primary port (P)The other is the Secondary Port (S)All other nodes (S2-S6) are known as Transit nodes
6Normal OperationThe Master node blocks its secondary port -> avoid loopsNon-control traffic is blocked (Control VLAN is NOT blocked)Master is in COMPLETE stateTransient nodes are in LINKS-UP stateThe Master sends health-check frames (HEALTH-CHECK- PDU) periodically (Hello timer)From primary port to secondary portControl frames consumed by the Master -> NOT forwarded
7Fault Operation When a fault is detected: The Master changes to FAILED stateUnblocks secondary portFlushes it bridging tableThe Master orders the other nodes to flush their tablesSends a RING-DOWN-FLUSH-FDB-PDU frameTransit nodes learn the new topology
8Fault Detection (I) 2 ways of detecting a failure Link Down Alert Ring PollingTransient nodes detect a link-downTransient detecting the failure changes to LINKS-DOWN stateTransient sends a LINK-DOWN-PDU frame to the MasterMaster changes to FAILED stateMaster unblocks secondary port...
9Fault Detection (II) Ring Polling (version 1 – RFC3619) Master sends HEALTH-CHECK-PDU frames periodicallyFrom primary to secondary portMaster has a Fail-period timerIf health check frame received before timer expires -> reset timerIf health check frame NOT received before timer expiresMaster changes to FAILED stateMaster unblocks secondary port...
10Fault Detection (III) Ring Polling (version 1.3) 2 options if the Fail-period timer expires (configurable)«Open Secondary Port» -> previous slice«Send-Alert»Master DO NOT unblock its secondary port yetMaster sends a QUERY-LINK-STATUS-PDU frame out of both portsTransit nodes with link failure reply with LINK-DOWN-PDU frameMaster changes to FAILED state...Prevents False FailuresHealth frames could not return to Master –> even if the ring is completeControl VLAN misconfigurationsToo much trafficMaster node’s CPU busyWhy?
11Fault Restoration (I)Master in FAILED state -> continues sendind HEALTH-CHECK-PDU framesRing restored -> Master’s secondary port receives health frameMaster changes to COMPLETE stateBlocks non-control frames on secondary portFlushes its bridge tableOrders the other nodes to flush their tablesSends a RING-UP-FLUSH-FDB-PDU frameTransit nodes re-learn the topology
12Fault Restoration (II) – PREFORWARDING State Time betweenThe Transit node detecting its link is restoredThe Master detecting the ring is restoredMaster’s secondary port is unblockedPossible temporary loop !!!!When Transit node detects its link is restoredChanges to PREFORWARDING state and starts Preforwarding timerProtected VLANs in that port are temporary blockedWaits till a RING-UP-FLUSH-FDB-PDU is receivedChanges to LINKS-UP stateUnblocks previously blocked VLANsFlushes its bridge table and stops Preforwarding timerRe-learns topology
13Fault Restoration (III) – PREFORWARDING State Preforwarding timer deals with:Lost RING-UP-FLUSH-FDB-PDU from the MasterAnother break in the ringIf the transient node remains in PREFORWARDING state indefinitely -> disconnected networkPreforwarding timer is derived from the Hello-timer for HEALTH-CHECK-PDU frames
14Enhancements of version 1.3 «Send-alert» configuration for Ring Polling fault detection methodINIT stateMaster comes up for first time and its ports are upMaster does not know if the ring is upMaster starts in INIT state -> blocks secondary portWhen the first health frame is received -> changes to COMPLETE stateHelps spotting misconfigurations in control VLANLINK-UP-PDUTransient detects a link comes up -> sends LINK-UP-PDU to MasterTimestamp used for trouble-shootingIf the Master never changes to COMPLETE stateAllows use of EAPS Shared-Ports
15VLANs in Multiple EAPS domains (Multiple Rings) (I) EAPS could handle a simple configurationEach ring has a EAPS domain, a Master node and a Control VLANVLAN spanning in both rings is added as protected by both EAPS domains
16VLANs in Multiple EAPS domains (Multiple Rings) (I) Topologies with a common link could be problematicIf the common link failsBoth Masters open secondary portsProtected VLANs spanning both rings will have a loopS1-S2-S3-S4-S5-S6-S7-S8-S9-S10-S1EAPS Shared-Ports deals with itOut of the scope
17States and Control Frames Version 1 – RFC3619Version 1.3
18Ethernet Ring Protection Switching (I) Ethernet Ring Protection Switching (ERPS) is defined by ITU-T G > achieve sub-50 ms recovery times in ringsBasic considerations:One link is designated as the Ring Protection Link (RPL) -> blocked to prevent loopsThe node setting the block is the RPL Owner (Master in EAPS)Nodes monitor link failure using Ethernet Continuinity Check (ETH-CC) messagesFour defined local events:Local Signal Failure (local SF) -> detection of link failureLocal clear Signal Failure (local clear SF) -> detection of link restorationWait-To-Restore Expire (WTR-Expire) -> timer expirationWait-To-Restore Running (WTR-Running) -> timer running
19Ethernet Ring Protection Switching (II) Basic considerations (cont.):The protocol uses Ring Automatic Protection Switching (R-APS) messages:R-APS(SF): sent by the node detecting link failure (gets local SF)R-APS(NR): sent by the node detecting link restoration (gets local clear SF)R-APS(NR,RB): sent by RPL Owner indicating the RPL is blockedTwo important timersWait-To-Restore (WTR) Timer: used by the RPL Owner to verify that the ring has stabilized before blocking the RPL after failureGuard Timer: used by links detecting link restoration to avoid receiving outdated R-APS messagesThree states for nodesInitialization: first defining the nodeIdle: normal state, RPL blocked, all nodes/ports workingProtecting: protection switching is in effect
20Ethernet Ring Protection Switching (III) Basic considerations (cont.):An R-APS channel is configured using a VLAN -> transmitting R-APS messages
21ERPS Principle of Operation (I) In normal operation (nodes in state Idle): RPL is blockedLink failure (local SF): nodes detecting it block failed port, send R-APS(SF) and flush filtering database (FDB)Nodes receiving R-APS(SF) flush FDBsRPL Owner receives R-APS(SF): flushes FDB, unblocks RPLLink Restoration (local clear SF): detecting nodes send R-APS(NR) periodically and start Guard TimerRPL Owner receives R-APS(NR): starts WTR TimerWTR Timer expires: RPL Owner blocks RPL, sends R-APS(NR,RB) and flushes DFBNodes receiving R-APS(NR,RB) flush FDBsNodes detecting link restoration unblock recovered ports, stop sending R-APS(NR) and flush FDBs
23EAPS vs. ERPSSame basic idea: break the loop in the ring by blocking one portIn case of failure, unblock the blocked port and keep connectivityEAPS:Both the Master and Transient nodes can detect a failureOnly the Master detects the failed link is restoredERPS:Only the nodes adjacent to a failed link detect failures and restoration
24ReferencesS.Shah, M. Yip, «RFC3619: Extreme Networks’ Ethernet Protection Switching (EAPS), Version 1», Network Working Group, October 2003.A. Lim, S. Blake, S. Shah, «Extreme Networks’ Ethernet Protection Switching (EAPS), Version 1.3», Internet-Draft, July 2011.Extreme Networks Whitepaper «Ethernet Automatic Protection Switching (EAPS)», Extreme Networks, Inc., 2006.J. D. Ryoo, H. Long, Y. Yang, M. Holness. Z. Ahmad, J. K. Rhee, «Ethernet Ring Protection for Carrier Ethernet Networks», IEEE Comm. Magazine, September 2008