Brocade 6910 Ethernet Access Switch Configuration Guide
Brocade 6910 Ethernet Access Switch Configuration Guide
2.2.0.0
Part Number: 53-1002651-01
documentation@brocade.com


Basic Administration Protocols : Ethernet Ring Protection Switching

Ethernet Ring Protection Switching
NOTE: Information in this section is based on ITU-T G.8032/Y.1344.
The ITU G.8032 recommendation specifies a protection switching mechanism and protocol for Ethernet layer network rings. Ethernet rings can provide wide-area multipoint connectivity more economically due to their reduced number of links. The mechanisms and protocol defined in G.8032 achieve highly reliable and stable protection; and never form loops, which would fatally affect network operation and service availability.
The G.8032 recommendation, also referred to as Ethernet Ring Protection Switching (ERPS), can be used to increase the availability and robustness of Ethernet rings. An Ethernet ring built using ERPS can provide resilience at a lower cost and than that provided by SONET or EAPS rings.
ERPS is more economical than EAPS in that only one physical link is required between each node in the ring. However, since it can tolerate only one break in the ring, it is not as robust as EAPS. ERPS supports up to 255 nodes in the ring structure. ERPS requires a higher convergence time when more that 16 nodes are used, but should always run under than 500 ms.
Operational Concept
Loop avoidance in the ring is achieved by guaranteeing that, at any time, traffic may flow on all but one of the ring links. This particular link is called the ring protection link (RPL), and under normal conditions this link is blocked to traffic. One designated node, the RPL owner, is responsible for blocking traffic over the RPL. When a ring failure occurs, the RPL owner is responsible for unblocking the RPL, allowing this link to be used for traffic.
Ring nodes may be in one of two states:
Idle – normal operation, no link/node faults detected in ring
Protection – Protection switching in effect after identifying a signal fault
In Idle state, the physical topology has all nodes connected in a ring. The logical topology guarantees that all nodes are connected without a loop by blocking the RPL. Each link is monitored by its two adjacent nodes using Connectivity Fault Management (CFM) protocol messages.
Protection switching (opening the RPL to traffic) occurs when a signal failure message generated by the Connectivity Fault Management (CFM) protocol is declared on one of the ring links, and the detected failure has a higher priority than any other request; or a Ring – Automatic Protection Switching protocol request (R-APS, as defined in Y.1731) is received which has a higher priority than any other local request.
A link/node failure is detected by the nodes adjacent to the failure. These nodes block the failed link and report the failure to the ring using R-APS (SF) messages. This message triggers the RPL owner to unblock the RPL, and all nodes to flush their forwarding database. The ring is now in protection state, but it remains connected in a logical topology.
When the failed link recovers, the traffic is kept blocked on the nodes adjacent to the recovered link. The nodes adjacent to the recovered link transmit R-APS (NR - no request) message indicating they have no local request. When the RPL owner receives an R-APS (NR) message it starts the Wait-To-Recover (WTR) timer. Once WTR timer expires, the RPL owner blocks the RPL and transmits an R-APS (NR, RB - ring blocked) message. Nodes receiving this message flush the forwarding database and unblock their previously blocked ports. The ring is now returned to Idle state.
Figure 285 ERPS Ring Components
Configuration Guidelines for ERPS
1.
Create an ERPS ring (Configure Domain – Add): The ring name is used as an index in the G.8032 database.
2.
Configure the east and west interfaces (Configure Domain – Configure Details): Each node on the ring connects to it through two ring ports. Configure one port connected to the next node in the ring to the east (or clockwise direction) and another port facing west in the ring.
3.
Configure the RPL owner (Configure Domain – Configure Details): Configure one node in the ring as the Ring Protection Link (RPL) owner. When this switch is configured as the RPL owner, the west ring port is set as being connected to the RPL. Under normal operations (Idle state), the RPL is blocked to ensure that a loop cannot form in the ring. If a signal failure brings down any other link in the ring, the RPL will be unblocked (Protection state) to ensure proper connectivity among all ring nodes until the failure is recovered.
4.
Configure ERPS timers (Configure Domain – Configure Details): Set the Guard timer to prevent ring nodes from receiving outdated R-APS messages, the Hold-off timer command to filter out intermittent link faults, and the WTR timer command to verify that the ring has stabilized before blocking the RPL after recovery from a signal failure.
5.
Configure the ERPS Control VLAN (Configure Domain – Configure Details): Specify the control VLAN (CVLAN) used to pass R-APS ring maintenance commands. The CVLAN must NOT be configured with an IP address. In addition, only ring ports may be added to the CVLAN (prior to configuring the VLAN as a CVLAN). No other ports can be members of this VLAN (once set as a CVLAN). Also, the ring ports of the CVLAN must be tagged. Failure to observe these restrictions can result in a loop in the network.
6.
Enable ERPS (Configure Global): Before enabling a ring as described in the next step, first globally enable ERPS on the switch. If ERPS has not yet been enabled or has been disabled, no ERPS rings will work.
7.
Enable an ERPS ring (Configure Domain – Configure Details): Before an ERPS ring can work, it must be enabled. When configuration is completed and the ring enabled, R-APS messages will start flowing in the control VLAN, and normal traffic will begin to flow in the data VLANs. A ring can be stopped by disabling the Admin Status on any node.
8.
Display ERPS status information (Configure Domain – Show): Display ERPS status information for all configured rings.
Configuration Limitations for ERPS
The following configuration limitations apply to ERPS:
ERPS Global Configuration
Use the Administration > ERPS (Configure Global) page to globally enable or disable ERPS on the switch.
CLI References
Parameters
These parameters are displayed:
ERPS Status – Enables ERPS on the switch. (Default: Disabled)
ERPS must be enabled globally on the switch before it can enabled on an ERPS ring (by setting the Admin Status on the Configure Domain – Configure Details page).
Interface
To globally enable ERPS on the switch:
1.
2.
3.
4.
Figure 286 Setting ERPS Global Status
ERPS Ring Configuration
Use the Administration > ERPS (Configure Domain) pages to configure ERPS rings.
CLI References
Command Usage
An ERPS ring containing one Control VLAN and one or more protected Data VLANs must be configured, and the global ERPS function enabled on the switch (see “ERPS Global Configuration”) before a ring can start running. Once enabled, the RPL owner node and non-owner node state machines will start, and the ring will enter the active state.
Parameters
These parameters are displayed:
Add
Domain Name – Name of an ERPS ring. (Range: 1-12 characters)
Up to 6 ERPS rings can be configured on the switch.
Show
Domain Name – Name of a configured ERPS ring.
Node State – Shows the following ERPS states:
MEG Level – The maintenance entity group (MEG) level providing a communication channel for ring automatic protection switching (R-APS) information.
Admin Status – Shows whether ERPS is enabled on the switch.
West Port – Shows the west ring port for this node.
East Port – Shows the east ring port for this node.
RPL Owner – Shows if this node is the RPL owner.
Control VLAN – Shows the Control VLAN ID.
Configure Details
Domain Name – Name of a configured ERPS ring.
Admin Status – Activates the current ERPS ring.
Before enabling a ring, the global ERPS function should be enabled see (“ERPS Global Configuration”), the east and west ring ports configured on each node, the RPL owner specified, and the control VLAN configured.
Once enabled, the RPL owner node and non-owner node state machines will start, and the ring will enter idle state if no signal failures are detected.
MEG Level – The maintenance entity group (MEG) level which provides a communication channel for ring automatic protection switching (R‑APS) information. (Range: 0-7)
This parameter is used to ensure that received R-APS PDUs are directed for this ring. A unique level should be configured for each local ring if there are many R-APS PDUs passing through this switch.
Node ID – A MAC address unique to the ring node. The MAC address must be specified in the format xx-xx-xx-xx-xx-xx or xxxxxxxxxxxx.
Node State – Refer to the parameters for the Show page.
West Port – Connects to next ring node to the west.
Each node must be connected to two neighbors on the ring. For convenience, the ports connected are referred to as east and west ports. Alternatively, the closest neighbor to the east should be the next node in the ring in a clockwise direction, and the closest neighbor to the west should be the next node in the ring in a counter-clockwise direction.
Once configured, this field shows the ring port for this node, and the interface state:
East Port – Connects to next ring node to the east.
RPL Port – If node is connected to the RPL, this shows by which interface.
RPL Owner – Configures a ring node to be the Ring Protection Link (RPL) owner.
Holdoff Timer – The hold-off timer is used to filter out intermittent link faults. Faults will only be reported to the ring protection mechanism if this timer expires. (Range: 0-10000 milliseconds, in steps of 100 milliseconds)
In order to coordinate timing of protection switches at multiple layers, a hold-off timer may be required. Its purpose is to allow, for example, a server layer protection switch to have a chance to fix the problem before switching at a client layer.
When a new defect or more severe defect occurs (new Signal Failure), this event will not be reported immediately to the protection switching mechanism if the provisioned hold-off timer value is non-zero. Instead, the hold-off timer will be started. When the timer expires, whether a defect still exists or not, the timer will be checked. If one does exist, that defect will be reported to the protection switching mechanism. The reported defect need not be the same one that started the timer.
Guard Timer – The guard timer is used to prevent ring nodes from receiving outdated R-APS messages. During the duration of the guard timer, all received R-APS messages are ignored by the ring protection control process, giving time for old messages still circulating on the ring to expire. (Range: 10-2000 milliseconds, in steps of 10 milliseconds)
The guard timer duration should be greater than the maximum expected forwarding delay for an R-APS message to pass around the ring. A side-effect of the guard timer is that during its duration, a node will be unaware of new or existing ring requests transmitted from other nodes.
WTR Timer – The wait-to-restore timer is used to verify that the ring has stabilized before blocking the RPL after recovery from a signal failure. (Range: 5-12 minutes)
If the switch goes into ring protection state due to a signal failure, after the failure condition is cleared, the RPL owner will start the wait-to-restore timer and wait until it expires to verify that the ring has stabilized before blocking the RPL and returning to the Idle (normal operating) state.
Control VLAN – A dedicated VLAN used for sending and receiving R-APS protocol messages. (Range: 1-4093)
Configure one control VLAN for each ERPS ring. First create the VLAN to be used as the control VLAN (see “Configuring VLAN Groups”), add the ring ports for the east and west interface as tagged members to this VLAN (see “Adding Static Members to VLANs”), and then use this parameter to add it to the ring.
The following restrictions are recommended to avoid creating a loop in the network or other problems which may occur under some situations:
Once the ring has been activated, the configuration of the control VLAN cannot be modified. Use the Admin Status parameter to stop the ERPS ring before making any configuration changes to the control VLAN.
Non-ERPS Device Protection – Sends non-standard health-check packets when an owner node enters protection state without any link down event having been detected through Signal Fault messages. (For more information on this feature, refer to the non-erps-dev-protect command.
Propagate TC – Enables propagation of topology change messages from a secondary ring to the primary ring. (Default: Disabled)
When a secondary ring detects a topology change, it can pass a message about this event to the major ring. When the major ring receives this kind of message from a secondary ring, it can clear the MAC addresses on its ring ports to help the second ay ring restore its connections more quickly through protection switching.
When the MAC addresses are cleared, data traffic may flood onto the major ring. The data traffic will become stable after the MAC addresses are learned again. The major ring will not be broken, but the bandwidth of data traffic on the major ring may suffer for a short period of time due to this flooding behavior.
Sub Domain – A secondary ERPS ring which uses this primary ring for sending control packets.
Major Domain – The ERPS ring used for sending control packets.
This switch can support up to two rings. However, ERPS control packets can only be sent on one ring. This parameter is used to indicate that the current ring is a secondary ring, and to specify the major ring which will be used to send ERPS control packets.
The Ring Protection Link (RPL) is the west port and can not be configured. So the physical port on a secondary ring must be the west port. In other words, if a domain has two physical ring ports, this ring can only be a major ring, not a secondary ring (or sub-domain) which can have only one physical ring port. The major domain therefore cannot be set if the east port is already configured.
West/East Port MEP – Specifies the CFM MEPs used to monitor the link on a ring node. (Range: 1-8191)
To ensure complete monitoring of a ring node, specify the CFM MEPs used to monitor both the east and west ports of the ring node.
If CFM MEPs are used to monitor the link status of an ERPS node with CFM continuity check messages, then the MEG Level must match the authorized maintenance level of the CFM domain to which the specified MEP belongs (see “Configuring CFM Maintenance Domains”).
If CFM determines that a MEP node which has been configured to monitor a ring port has gone down, this information is passed to ERPS, which in turn processes it as a ring node failure.
Interface
To create an ERPS ring:
1.
2.
3.
4.
5.
Figure 287 Creating an ERPS Ring
To configure the ERPS parameters for a ring:
1.
2.
3.
4.
5.
Figure 288 Creating an ERPS Ring (Primary Ring)
Figure 289 Creating an ERPS Ring (Secondary Ring)
To show the configure ERPS rings:
1.
2.
3.
Figure 290 Showing Configured ERPS Rings

Basic Administration Protocols : Ethernet Ring Protection Switching