Вы находитесь на странице: 1из 42

(R)LFA и TI-FRR

Матвей Александров
системный инженер

matvey@juniper.net
Содержание
• LFA (Loop-Free Alternative)
• RLFA (Remote LFA)
• TI-FRR (Topology Independent Fast Re-Route)
О чем речь?
• Попытаться реализовать MPLS FRR в IP/LDP сетях
• Если в сети есть альтернативные маршруты – почему бы их не
посчитать заранее?
• … и запрограммировать в PFE (!) // магические 50 мс

10 Альтернативный
10
маршрут

Кратчайший маршрут

10
LFA (Loop-Free Alternative)
Терминология
• S – source (узел, вычисляющий топологию)
• D – destination (узел, который хотим достичь)
• E – primary next-hop
S
• N – сосед(и)

Кратчайший
маршрут
E N

D
Link-protecting LFA
S
• Узел N: link-protecting LFA для S, чтобы
достичь D
4 5
• Условие1: (N,D) < (N,S) + (S,D)
• 5+5 < 5 + 4+5 выполняется
• что будет в случае метрики 30 для линка E-N? E N
• Условие2: (N,D) < (N,E) + (E,D) 5 (30)

• 5+5 < 5 + 5 не выполняется


5
• Защита линка S-E, но не защита узла E
D
Node-Link protecting LFA
• Узел N: node-link protecting LFA для S, чтобы достичь D
• Условие1: (N,D) < (N,S) + (S,D)
• 5 < 5 + 4+5 выполняется S
• Условие2: (N,D) < (N,E) + (E,D)
• 5 < 5+4 + 5 выполняется 4 5
• Защита линка S-E, плюс защита узла E
E N

5 5
D
Виртуальный стенд
warrior@vmx-71# run show version | match "Junos:"
Junos: 17.3R1.10

warrior@vmx-71# show protocols ospf


VMX-71 reference-bandwidth 100g;
0 1
area 0.0.0.0 {
interface lo0.0 {
4 5
passive;
0.0/30 0.12/30
}

0 0
interface ge-0/0/0.0 {
interface-type p2p;
5
VMX-72 2 2 VMX-73 metric 4;
0.8/30
}
1 1 interface ge-0/0/1.0 {
interface-type p2p;
0.4/30 0.16/30
metric 5;
5 5 }
}
0 1
VMX-74
warrior@vmx-71# run show ospf overview | match "Backup"
Backup SPF: Not Needed
Топология_1: link защита
• VMX-73 это link-protecting LFA для VMX-71 чтобы достичь VMX-74
warrior@vmx-71# show | compare
VMX-71 [edit protocols ospf area 0.0.0.0 interface ge-0/0/0.0]
Link with (S)
protection 0 1 + link-protection;

warrior@vmx-71# run show route 7.0.0.74


4 0.0/30 0.12/30
5
inet.0: 14 routes (14 active, 0 holddown, 0 hidden)
7.0.0.74/32 *[OSPF/10] 00:00:03, metric 9
0 0
> to 10.10.0.2 via ge-0/0/0.0 // через VMX-72
VMX-72
5 VMX-73 to 10.10.0.14 via ge-0/0/1.0 // через VMX-73
2 2
(E) (N_i)
0.8/30 inet.3: 3 routes (3 active, 0 holddown, 0 hidden)
1 7.0.0.74/32 *[LDP/9] 00:00:03, metric 9
> to 10.10.0.2 via ge-0/0/0.0, Push 31
0.4/30 to 10.10.0.14 via ge-0/0/1.0, Push 30

5
// дополнительные вычисления алгоритма Shortest Path First
0
VMX-74
warrior@vmx-71# run show ospf overview | match "Backup"
(D) Backup SPF: Enabled
Топология_1: node-link защита
• Но мы не можем обеспечить node-link защиту в этой топологии
// меняем тип защиты на интерфейсе (пробуем node-link)
VMX-71
Link with (S) warrior@vmx-71# show | compare
protection 0 1
[edit protocols ospf area 0.0.0.0 interface ge-0/0/0.0]
- link-protection;
4 0.0/30 0.12/30
5 + node-link-protection;

0 0 // LFA отсутствует

VMX-72
5 VMX-73
warrior@vmx-71# run show route 7.0.0.74
(E)
2 2
(N_i) inet.0: 14 routes (14 active, 0 holddown, 0 hidden)
0.8/30
7.0.0.74/32 *[OSPF/10] 00:00:05, metric 9
1
> to 10.10.0.2 via ge-0/0/0.0
inet.3: 3 routes (3 active, 0 holddown, 0 hidden)
0.4/30
7.0.0.74/32 *[LDP/9] 00:00:05, metric 9
5 > to 10.10.0.2 via ge-0/0/0.0, Push 31
0
VMX-74
(D)
Топология_1: node-link защита + fallback
• Обеспечиваем link защиту, если не получается node-link защита
// включаем опцию
VMX-71
Link with (S) warrior@vmx-71# show | compare
protection 0 1
[edit protocols ospf]
+ backup-spf-options node-link-degradation;
4 0.0/30 0.12/30
5
// VMX-73 снова является LFA для VMX-71 чтобы достичь VMX-74
0 0 warrior@vmx-71# run show route 7.0.0.74

VMX-72
5 VMX-73
inet.0: 14 routes (14 active, 0 holddown, 0 hidden)
(E)
2 2
(N_i) 7.0.0.74/32 *[OSPF/10] 00:00:05, metric 9
0.8/30
> to 10.10.0.2 via ge-0/0/0.0 // через VMX-72
1
> to 10.10.0.14 via ge-0/0/1.0 // через VMX-73
inet.3: 3 routes (3 active, 0 holddown, 0 hidden)
0.4/30
7.0.0.74/32 *[LDP/9] 00:00:05, metric 9
5 > to 10.10.0.2 via ge-0/0/0.0, Push 31
0 > to 10.10.0.14 via ge-0/0/1.0, Push 33
VMX-74
(D)
Топология_1: downstream-paths-only
• (N,D) < (S,D): более жесткое условие (отсутствуют micro loops)
warrior@vmx-71# show area 0.0.0.0 interface ge-0/0/0.0
interface-type p2p;
VMX-71
Link with (S) link-protection;
protection 0 1
metric 4;
warrior@vmx-71# show backup-spf-options
4 0.0/30 0.12/30
5 downstream-paths-only;

0 0 // Если метрика 73-72 =5, LFA отсутствует

VMX-72
5 или 3 VMX-73
warrior@vmx-71# run show route 7.0.0.74 table inet.0

(E)
2 2
(N_i)
inet.0: 14 routes (14 active, 0 holddown, 0 hidden)
0.8/30
7.0.0.74/32 *[OSPF/10] 00:00:18, metric 9
1
> to 10.10.0.2 via ge-0/0/0.0

0.4/30
// Если метрика 73-72 =3, есть LFA
5 warrior@vmx-71# run show route 7.0.0.74 table inet.0
inet.0: 14 routes (14 active, 0 holddown, 0 hidden)
0
VMX-74 7.0.0.74/32 *[OSPF/10] 00:00:03, metric 9
(D)
> to 10.10.0.2 via ge-0/0/0.0
to 10.10.0.14 via ge-0/0/1.0
Топология_2: защита node-link
• VMX-73 это node-link protecting LFA for VMX-71 чтобы достичь VMX-74
// возвращаемся к “нормальной” конфигурации OSPF (слайд 8),
VMX-71
Link with (S) // и включаем node-link защиту:
protection 0 1

warrior@vmx-71# show | compare


4 0.0/30 0.12/30
5 [edit protocols ospf area 0.0.0.0 interface ge-0/0/0.0]
+ node-link-protection;

0 0
warrior@vmx-71# run show route 7.0.0.74
VMX-72 VMX-73 inet.0: 14 routes (14 active, 0 holddown, 0 hidden)
(E) (N_i)
7.0.0.74/32 *[OSPF/10] 00:00:03, metric 9
1 1 > to 10.10.0.2 via ge-0/0/0.0 // через VMX-72
to 10.10.0.14 via ge-0/0/1.0 // через VMX-73
0.4/30 0.16/30

5 5 inet.3: 3 routes (3 active, 0 holddown, 0 hidden)


7.0.0.74/32 *[LDP/9] 00:00:03, metric 9
0 1
VMX-74 > to 10.10.0.2 via ge-0/0/0.0, Push 31
(D) to 10.10.0.14 via ge-0/0/1.0, Push 30
Топология_2: no-eligible-backup
• Конкретные интерфейсы можно исключить из расчета LFA
VMX-71 warrior@vmx-71# show | compare
Link with (S) no-eligible- [edit protocols ospf area 0.0.0.0 interface ge-0/0/1.0]
protection 0 1 backup
+ no-eligible-backup;

4 0.0/30 0.12/30
5 // LFA отсутствует:

0 0 warrior@vmx-71# run show route 7.0.0.74


inet.0: 14 routes (14 active, 0 holddown, 0 hidden)
VMX-72 VMX-73
(E) (N_i) 7.0.0.74/32 *[OSPF/10] 00:00:03, metric 9
> to 10.10.0.2 via ge-0/0/0.0
1 1 inet.3: 3 routes (3 active, 0 holddown, 0 hidden)
7.0.0.74/32 *[LDP/9] 00:00:03, metric 9
0.4/30 0.16/30
> to 10.10.0.2 via ge-0/0/0.0, Push 31
5 5
0 1
VMX-74
(D)
Покрытие (Coverage) 1
warrior@vmx-71# show protocols ospf
reference-bandwidth 100g;
VMX-71
Link with (S) Link with area 0.0.0.0 {
protection 0 1 protection
interface lo0.0 {
passive;
4 0.0/30 0.12/30
5 }
interface ge-0/0/0.0 {
0 0 interface-type p2p;

VMX-72
5 VMX-73
link-protection;
(E)
2 2
(N_i) metric 4;
0.8/30
}
1
interface ge-0/0/1.0 {
interface-type p2p;
0.4/30
link-protection;
5 metric 5;
0 }
VMX-74 }
(D)
Покрытие (Coverage) 2
warrior@vmx-71# run show ospf route
Topology default Route Table:

VMX-71 Prefix Path Route NH Metric NextHop Nexthop


Link with (S) Link with Type Type Type Interface Address/LSP
protection 0 1 protection 7.0.0.72 Intra Router IP 4 ge-0/0/0.0 10.10.0.2
Bkup IP ge-0/0/1.0 10.10.0.14
7.0.0.73 Intra Router IP 5 ge-0/0/1.0 10.10.0.14
4 0.0/30 0.12/30
5 Bkup IP ge-0/0/0.0 10.10.0.2
7.0.0.74 Intra Router IP 9 ge-0/0/0.0 10.10.0.2
Bkup IP ge-0/0/1.0 10.10.0.14
0 0
7.0.0.71/32 Intra Network IP 0 lo0.0

VMX-72
5 VMX-73
7.0.0.72/32 Intra Network IP 4 ge-0/0/0.0 10.10.0.2
2 2 Bkup IP ge-0/0/1.0 10.10.0.14
(E) (N_i)
0.8/30 7.0.0.73/32 Intra Network IP 5 ge-0/0/1.0 10.10.0.14
Bkup IP ge-0/0/0.0 10.10.0.2
1
7.0.0.74/32 Intra Network IP 9 ge-0/0/0.0 10.10.0.2
Bkup IP ge-0/0/1.0 10.10.0.14
0.4/30 10.10.0.0/30 Intra Network IP 4 ge-0/0/0.0
10.10.0.4/30 Intra Network IP 9 ge-0/0/0.0 10.10.0.2
5 Bkup IP ge-0/0/1.0 10.10.0.14
0
10.10.0.8/30 Intra Network IP 9 ge-0/0/0.0 10.10.0.2
VMX-74 Bkup IP ge-0/0/1.0 10.10.0.14
(D) 10.10.0.12/30 Intra Network IP 5 ge-0/0/1.0
Покрытие (Coverage) 3
warrior@vmx-71# run show ospf backup coverage
Topology default coverage:
VMX-71
Link with (S) Link with
protection 0 1 protection Node Coverage:

4 0.0/30 0.12/30
5 Area Covered Total Percent
Nodes Nodes Covered
0.0.0.0 3 3 100.00% // VMX-72,73,74
0 0

5
VMX-72
2 2
VMX-73 Route Coverage:
(E) (N_i)
0.8/30

1 Path Type Covered Total Percent


Routes Routes Covered
0.4/30 Intra 5 8 62.50% // 4x /32 + 4x /30
5 Inter 0 0 100.00%
Ext1 0 0 100.00%
0
VMX-74 Ext2 0 0 100.00%
(D)
All 5 8 62.50%
Per-prefix LFA (1)
warrior@vmx-74# show protocols ospf area 0.0.0.0 interface ge-0/0/0.0
5 1 VMX-33 2 5
(D) interface-type p2p;
0.48/30 0.52/30
link-protection;
1 1
metric 5;
AREA 11
VMX-31 VMX-32
ABR 3 3 ABR
0.56/30 warrior@vmx-74# show protocols ospf area 0.0.0.0 interface ge-0/0/1.0
7.0.0.33

7.0.0.33
2 2
interface-type p2p;
5
link-protection;
5 0.40/30 0.44/30
11 metric 5;

1 1
// VMX-31 и VMX-32 оба инжектируют 7.0.0.33/32 в Area 0
VMX-21 AREA 0 VMX-22 // VMX-22 не является LFA для VMX-31 ( 5+5+5 < 11+5 )
// но мог бы быть LFA для VMX-32
2 2

warrior@vmx-74# run show route 7.0.0.33 table inet.0


5 0.4/30 0.16/30 5 inet.0: 19 routes (19 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

VMX-74
0 1
(S) 7.0.0.33/32 *[OSPF/10] 00:06:04, metric 15
> to 10.10.0.5 via ge-0/0/0.0 // через VMX-31
Per-prefix LFA (2)
warrior@vmx-74# show | compare
5 1 VMX-33 2 5
(D) [edit protocols ospf]
0.48/30 0.52/30
+ backup-spf-options {
1 1
+ per-prefix-calculation summary; // externals, stubs, all
AREA 11
VMX-31 VMX-32 + }
ABR 3 3 ABR
0.56/30
7.0.0.33

7.0.0.33
2 2
// Результат:
5
// VMX-22 становится LFA для VMX-74 чтобы достичь VMX-33 (7.0.0.33/32)
5 0.40/30 0.44/30
11
warrior@vmx-74# run show route 7.0.0.33 table inet.0
1 1

VMX-21 AREA 0 VMX-22 inet.0: 19 routes (19 active, 0 holddown, 0 hidden)


+ = Active Route, - = Last Active, * = Both
2 2

7.0.0.33/32 *[OSPF/10] 00:00:06, metric 15


5 0.4/30 0.16/30 5 > to 10.10.0.5 via ge-0/0/0.0 // через VMX-31
to 10.10.0.17 via ge-0/0/1.0 // через VMX-32

VMX-74
0 1
(S)
Политики для LFA – исходная топология
warrior@vmx-71# show protocols ospf area 0.0.0.0 interface ge-0/0/1.0
interface-type p2p;
VMX-71
0 2 link-protection;
(S)
metric 5;
7 1
8
0.0/30 0.4/30
warrior@vmx-71# run show route 7.0.0.74
1 1
LFA
VMX-21
0.24/30 5 VMX-23 inet.0: 20 routes (20 active, 0 holddown, 0 hidden)
3 3 + = Active Route, - = Last Active, * = Both
2 2

0.8/30
5 5 0.12/30
1
3 4 7.0.0.74/32 *[OSPF/10] 00:00:04, metric 10
VMX-22 > to 10.10.0.25 via ge-0/0/1.0 // через VMX-22
to 10.10.0.1 via ge-0/0/0.0 // LFA через VMX-21
2
0.16/30 0.20/30

0.28/30 5 inet.3: 4 routes (4 active, 0 holddown, 0 hidden)


1
+ = Active Route, - = Last Active, * = Both
7 8
VMX-74 7.0.0.74/32 *[LDP/9] 00:00:04, metric 10
0 2
(D)
> to 10.10.0.25 via ge-0/0/1.0, Push 300800
to 10.10.0.1 via ge-0/0/0.0, Push 300752
Влияем на выбор LFA через политику
warrior@vmx-71# show | compare
[edit routing-options]
VMX-71
0 2 + backup-selection {
(S)
+ destination 7.0.0.74/32 {
7 1
8
0.0/30 0.4/30 + interface ge-0/0/1.0 {
+ node {
1 1
LFA + preference 7.0.0.23; // хотим через VMX-23
VMX-21
0.24/30 5 VMX-23 + }
3 3 + }
2 2

0.8/30
5 5 0.12/30 + }
1
3 4 + }
VMX-22
warrior@vmx-71# run show route 7.0.0.74 table inet.3
2
0.16/30 0.20/30

0.28/30 5 inet.3: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)


1
+ = Active Route, - = Last Active, * = Both
7 8
VMX-74 7.0.0.74/32 *[LDP/9] 00:00:10, metric 10
0 2
(D)
> to 10.10.0.25 via ge-0/0/1.0, Push 300800
to 10.10.0.5 via ge-0/0/2.0, Push 300224
Доступные критерии
warrior@vmx-71# set routing-options backup-selection destination 7.0.0.74/32 interface ge-0/0/1.0 ?
Possible completions:
> admin-group Administrative group policies for backup-selection
> backup-neighbor Backup Neighbor ID based policies for backup selection
bandwidth-greater-equal-primary Use backup nexthop only if bandwidth is >= bandwidth of primary nexthop
dest-metric Destination metric
downstream-paths-only Choose only the downstream nodes for backup
+ evaluation-order Interface policy criteria evaluation order
+ metric-order Metric evaluation order
> node Node ID based policies for backup selection
> node-tag Node tag policies
protection-type Type of protection to be considered
root-metric Root metric
srlg Evaluate Shared Risk Link Group(SRLG) characteristics for backup selection

Подробнее:
https://www.juniper.net/documentation/en_US/junos/topics/example/example-configuring-backup-selection-policy-for-ospf-
protocol.html
Remote LFA
LFA неэффективен в кольцевых топологиях
Link Link
protection protection warrior@vmx-71# run show ospf backup coverage
Topology default coverage:
VMX-71
5 0
(S)
1 5
0.0/30 0.12/30
Node Coverage:
1 1

VMX-21 VMX-31
Area Covered Total Percent
(D) (D) Nodes Nodes Covered
2 2 0.0.0.0 1 5 20.00% // VMX-74, ECMP

0.8/30 0.20/30
5 5 Route Coverage:

1 1
Path Type Covered Total Percent
VMX-22 VMX-32 Routes Routes Covered
(D) (D)
Intra 1 12 8.33% // VMX-74, ECMP
2 2
Inter 0 0 100.00%
Ext1 0 0 100.00%
5 0.4/30 0.16/30 5 Ext2 0 0 100.00%
VMX-74
0 1
(D) All 1 12 8.33%
Remote LFA - теория S
• (R1,R2,R3): extended P-space
Protected
link

• узлы, которые S и его соседи (R1) могут


достичь без использования линка S-R5 R1 R5
• (R3,R4): Q-space
• узлы, которые могут достичь R5 без
использования линка S-R5
• R3: PQ-node R2 R4
• пересечение extended P-space и Q-space
Extended
P-space

• узел, куда нужно построить защитный туннель Q-space

R3
RLFA – пример (1)
warrior@vmx-71# show protocols ldp
VMX-71
5 0
(S)
1 5 auto-targeted-session; // включаем automatic sessions
0.0/30 0.12/30
track-igp-metric;
1 1 interface ge-0/0/0.0;
VMX-31
interface ge-0/0/1.0;
VMX-21
(D) interface lo0.0;
2 2

warrior@vmx-71# show protocols ospf backup-spf-options


0.8/30 0.20/30
5 tLDP 5 remote-backup-calculation; // включаем RLFA

1 1
warrior@vmx-74# show protocols ldp
VMX-22 VMX-32 track-igp-metric;
interface ge-0/0/0.0;
2 2
interface ge-0/0/1.0;
interface lo0.0; // для работы targeted LDP
5 0.4/30 0.16/30 5
VMX-74
0 1
(PQ-node)
RLFA – пример (2)
warrior@vmx-71# run show route 7.0.0.31
VMX-71
5 0
(S)
1 5
0.0/30 0.12/30 inet.0: 18 routes (18 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
1 Основной 1
маршрут
VMX-21
VMX-31 7.0.0.31/32 *[OSPF/10] 00:13:03, metric 5
(D)
> to 10.10.0.14 via ge-0/0/1.0
2 2
to 10.10.0.2 via ge-0/0/0.0, Push 300416
0.8/30 0.20/30
5 tLDP 5 inet.3: 5 routes (5 active, 0 holddown, 0 hidden)

1 1
+ = Active Route, - = Last Active, * = Both

VMX-22 VMX-32 7.0.0.31/32 *[LDP/9] 00:13:02, metric 5

2 2
> to 10.10.0.14 via ge-0/0/1.0
Запасной
to 10.10.0.2 via ge-0/0/0.0, Push 56,
маршрут
5 5 Push 300416(top)
0.4/30 0.16/30
0
VMX-74
1
// 300416 – внешняя метка
(PQ-node)
// 56 - внутренняя метка
// Откуда берутся/что означают эти метки?
RLFA – пример (3)
// 300416 – внешняя (транспортная) метка
VMX-71 // чтобы достичь PQ-node (VMX-74) через ge-0/0/0 (!)
5 0
(S)
1 5
0.0/30 0.12/30

warrior@vmx-71# run show route 7.0.0.74


1 Основной 1
маршрут
VMX-31
VMX-21
(D)
inet.0: 18 routes (18 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
2 2

0.8/30 0.20/30 7.0.0.74/32 *[OSPF/10] 01:40:03, metric 15


5 tLDP 5
to 10.10.0.2 via ge-0/0/0.0
1 1 > to 10.10.0.14 via ge-0/0/1.0

VMX-22 VMX-32
inet.3: 5 routes (5 active, 0 holddown, 0 hidden)
2 2 + = Active Route, - = Last Active, * = Both
Запасной
маршрут
5 0.4/30 0.16/30 5 7.0.0.74/32 *[LDP/9] 01:40:03, metric 15
VMX-74 to 10.10.0.2 via ge-0/0/0.0, Push 300416
0 1
(PQ-node)
> to 10.10.0.14 via ge-0/0/1.0, Push 300320
RLFA – пример (4)
// 56 - внутренняя (сервисная) метка
VMX-71 // прилетела от VMX-74 по auto-targeted LDP сессии
5 0
(S)
1 5
0.0/30 0.12/30
warrior@vmx-71# run show ldp session auto-targeted
1 1
Address State Connection Hold time Adv. Mode
VMX-31
VMX-21
(D)
7.0.0.74 Operational Open 20 DU

2 2
warrior@vmx-71# run show ldp database
7.0.0.31/32


Label: 56

0.8/30 0.20/30
5 tLDP 5
Input label database, 7.0.0.71:0--7.0.0.74:0 // присылает vmx-74
1 1 Labels received: 6
Label Prefix
VMX-22 VMX-32
53 7.0.0.21/32
2 2 52 7.0.0.22/32
Запасной
маршрут 56 7.0.0.31/32 // метка 56 – это для vmx-31 (!)
5 0.4/30 0.16/30 5 55 7.0.0.32/32
VMX-74 54 7.0.0.71/32
0 1
(PQ-node)
3 7.0.0.74/32
RLFA – пример (5)
// что означает метка 56 для VMX-74?
VMX-71 // своп на метку 30032 и отправить через ge-0/0/1.0
5 0
(S)
1 5
0.0/30 0.12/30 // чтобы достичь VMX-31 (!)
1 1
warrior@vmx-74# run show route table mpls.0 label 56
VMX-31
VMX-21
(D)
mpls.0: 13 routes (13 active, 0 holddown, 0 hidden)
2 2
+ = Active Route, - = Last Active, * = Both
7.0.0.31/32
Label: 56

0.8/30 0.20/30
5 tLDP 5
56 *[LDP/9] 02:01:31, metric 1
1 1 > to 10.10.0.17 via ge-0/0/1.0, Swap 300032

VMX-22 VMX-32
warrior@vmx-74# run show route 7.0.0.31 table inet.3
2 2

inet.3: 5 routes (5 active, 0 holddown, 0 hidden)


5 0.4/30 0.16/30 5 + = Active Route, - = Last Active, * = Both
VMX-74
0 1
(PQ-node)
7.0.0.31/32 *[LDP/9] 02:04:11, metric 10
> to 10.10.0.17 via ge-0/0/1.0, Push 300032
RLFA – пример (6) warrior@vmx-71# run show ospf backup coverage
Node Coverage:
Area Covered Total Percent
VMX-71 Nodes Nodes Covered
5 0
(S)
1 5
0.0/30 0.12/30 0.0.0.0 5 5 100.00%
Route Coverage:
1 1
Path Type Covered Total Percent
VMX-31 Routes Routes Covered
VMX-21
(D)
Intra 9 12 75.00%
2 2
...
0.8/30 0.20/30 warrior@vmx-71# run show ospf route
5 tLDP 5 ...
1 1
7.0.0.21/32 Intra Network IP 5 ge-0/0/0.0 10.10.0.2
Bkup LSP LDP->7.0.0.74
VMX-22 VMX-32
7.0.0.22/32 Intra Network IP 10 ge-0/0/0.0 10.10.0.2
2 2
Bkup LSP LDP->7.0.0.74
7.0.0.31/32 Intra Network IP 5 ge-0/0/1.0 10.10.0.14
5 0.4/30 0.16/30 5 Bkup LSP LDP->7.0.0.74
0
VMX-74
1
7.0.0.32/32 Intra Network IP 10 ge-0/0/1.0 10.10.0.14
(PQ-node)
Bkup LSP LDP->7.0.0.74
...
Настройки для RLFA
warrior@vmx-71# set protocols ldp auto-targeted-session ?
Possible completions:
<[Enter]> Execute this command
+ apply-groups Groups from which to inherit configuration data
+ apply-groups-except Don't inherit configuration data from these groups
maximum-sessions Auto targeted maximum sessions (1..1000) // default = 100
teardown-delay Auto targeted session tear down delay (1..300 seconds) // default = 90 seconds
| Pipe through a command

warrior@vmx-71# set protocols ospf area 0.0.0.0 interface ge-0/0/0.0 ?


Possible completions:

no-eligible-remote-backup Not eligible for Remote-LFA backup traffic from protected interfaces

TI-FRR
TI-FRR: Topology Independent Fast Re-Route
• независимая от LFA/rLFA технология
• автоматические защитные RSVP LSP(s)
• 100% покрытие
• защита только для линков (link protection)

1 RSVP LSP 5 (=LFA невозможен)

Кратчайший маршрут

1
TI-FRR – пример (1)
warrior@vmx-71# show protocols
rsvp { // включили RSVP
VMX-71
link-protection interface ge-0/0/0.0;
5 0
(S)
1 5
0.0/30 0.12/30 interface ge-0/0/1.0;
}
1 1
mpls { .. } // стандартно
VMX-21 VMX-31 ospf {
traffic-engineering; // включили TED
2 2
.. // стандартно – без LFA/rLFA
0.8/30 0.20/30 }
5 5 ldp {

1 1
track-igp-metric;
interface ge-0/0/0.0;
VMX-22 VMX-32 interface ge-0/0/1.0 {

2 2
link-protection {
dynamic-rsvp-lsp; // включили защиту для линка

5 5 } // используя TI-FRR
0.4/30 0.16/30
0 VMX-74 1
}
interface lo0.0;
}
TI-FRR – пример (2)
link-protection warrior@vmx-71# run show mpls lsp
VMX-71
5 0
(S)
1 5 Ingress LSP: 1 sessions
0.0/30 0.12/30
To From State Rt P ActivePath LSPname
1 1 7.0.0.31 7.0.0.71 Up 0 * ge-0/0/1.0:BypassLSP->7.0.0.31

VMX-21 VMX-31
warrior@vmx-71# run show mpls lsp detail | find RRO
2
RSVP LSP 2 Received RRO (ProtectionFlag 1=Available 2=InUse 4=B/W 8=Node
10=SoftPreempt 20=Node-ID):
0.8/30 0.20/30
5 5 10.10.0.2 10.10.0.10 10.10.0.6 10.10.0.17 10.10.0.21

1 1 warrior@vmx-71# run show rsvp session


Ingress RSVP: 1 sessions
VMX-22 VMX-32
To From State Rt Style Labelin Labelout
2 2 LSPname
7.0.0.31 7.0.0.71 Up 0 1 FF - 300672 ge-
0/0/1.0:BypassLSP->7.0.0.31
5 0.4/30 0.16/30 5
0 VMX-74 1
TI-FRR – пример (3) warrior@vmx-71# run show route table inet.3

inet.3: 5 destinations, 6 routes (5 active, 0 holddown, 1 hidden)


link-protection + = Active Route, - = Last Active, * = Both
VMX-71
5 0
(S)
1 5
0.0/30 0.12/30
7.0.0.21/32 *[LDP/9] 01:43:16, metric 5
1 1 > to 10.10.0.2 via ge-0/0/0.0
VMX-31 7.0.0.22/32 *[LDP/9] 01:43:16, metric 10
VMX-21
(D)
> to 10.10.0.2 via ge-0/0/0.0, Push 300480
RSVP LSP
2 2 7.0.0.31/32 *[LDP/9] 00:47:28, metric 5
> to 10.10.0.14 via ge-0/0/1.0
0.8/30 0.20/30
5 5 to 10.10.0.2 via ge-0/0/0.0, label-switched-path
ge-0/0/1.0:BypassLSP->7.0.0.31
1 1
7.0.0.32/32 *[LDP/9] 00:47:27, metric 10

VMX-22
VMX-32 > to 10.10.0.14 via ge-0/0/1.0, Push 300384
(D)
to 10.10.0.2 via ge-0/0/0.0, label-switched-path
2 2 ge-0/0/1.0:BypassLSP->7.0.0.31
7.0.0.74/32 *[LDP/9] 01:38:00, metric 15
5 0.4/30 0.16/30 5 to 10.10.0.2 via ge-0/0/0.0, Push 300656
0 VMX-74 1 > to 10.10.0.14 via ge-0/0/1.0, Push 300512
TI-FRR – пример (4)
warrior@vmx-71# run show route 7.0.0.32 table inet.3 detail

link-protection
VMX-71
5 0
(S)
1 5 inet.3: 5 destinations, 6 routes (5 active, 0 holddown, 1 hidden)
0.0/30 0.12/30 7.0.0.32/32 (1 entry, 1 announced)

1 1

*LDP Preference: 9
VMX-31
VMX-21 Next hop: 10.10.0.14 via ge-0/0/1.0 weight 0x1, selected
(D)
RSVP LSP Label operation: Push 300384
2 2

трафик Next hop: 10.10.0.2 via ge-0/0/0.0 weight 0x8000


0.8/30 0.20/30 Label-switched-path ge-0/0/1.0:BypassLSP->7.0.0.31
5 5
Label operation: Push 300384, Push 300672(top)
1 1 Label TTL action: prop-ttl, prop-ttl(top)
VMX-32 Load balance label: Label 300384: None; Label 300672: None;
VMX-22
(D) …
2 2 warrior@vmx-71# run show rsvp session
Ingress RSVP: 1 sessions
5 0.4/30 0.16/30 5 To From State Rt Style Labelin Labelout
0 VMX-74 1 LSPname
7.0.0.31 7.0.0.71 Up 0 1 FF - 300672 ge-
0/0/1.0:BypassLSP->7.0.0.31
Дополнительная информация
Список RFC
• RFC 5286: Basic Specification for IP Fast Reroute: LFA
• RFC 5714: IP Fast Reroute Framework
• RFC 6571: LFA Applicability in Service Provider Networks
• RFC 7490: Remote LFA Fast Reroute
Реализация в Junos
• UNDERSTANDING AND DEPLOYING LOOP-FREE ALTERNATE FEATURE
https://kb.juniper.net/library/CUSTOMERSERVICE/GLOBAL_JTAC/technotes/8010056-001-
EN.pdf
• CLI Explorer
https://apps.juniper.net/cli-explorer/
Спасибо!
matvey@juniper.net