Resumo do conteúdo contido na página número 1
TM
AlliedWare OS
How To | Configure EPSR (Ethernet Protection Switching
Ring) to Protect a Ring from Loops
Introduction
Putting a ring of Ethernet switches at the core of a network is a simple way to increase the
network’s resilience—such a network is no longer susceptible to a single point of failure.
However, the ring must be protected from Layer 2 loops. Traditionally, STP-based
technologies are used to protect rings, but they are relatively slow to recover from link
failure. This can cr
Resumo do conteúdo contido na página número 2
Which products and software versions does it apply to? � "Example 3: EPSR and RSTP" on page 17 � "Example 4: EPSR with Nested VLANs" on page 20 � "Example 5: EPSR with management stacking" on page 23 � "Example 6: EPSR with an iMAP" on page 26 Next, it discusses important implementation details in the following sections: � "Classifiers and Hardware Filters" on page 29 � "Ports and Recovery Times" on page 30 � "IGMP Snooping and Recovery Times" on page 31 � "Health Message Priority" on page
Resumo do conteúdo contido na página número 3
2 _ 1 N _ A N L V N A L A a V L t V a a l t D o a r t D n o C How EPSR Works How EPSR Works EPSR operates on physical rings of switches (note, not on meshed networks). When all nodes and links in the ring EPSR Components are up, EPSR prevents a loop by blocking data transmission EPSR domain: across one port. When a node or link fails, EPSR detects the failure rapidly and responds by unblocking the blocked A protection scheme for an port so that data can flow around the ring. Ethernet
Resumo do conteúdo contido na página número 4
How EPSR Works Establishing a Ring Once you have configured EPSR on the switches, the following steps complete the EPSR ring: 1. The master node creates an EPSR Health message and sends it out the primary port. This increments the master node’s Transmit: Health counter in the show epsr count command. 2. The first transit node receives the Health message on one of its two ring ports and, using a hardware filter, sends the message out its other ring port. Note that transit nodes never generate
Resumo do conteúdo contido na página número 5
How EPSR Works Detecting a Fault EPSR uses a fault detection scheme that alerts the ring when a break occurs, instead of using a spanning tree- Master Node States like calculation to determine the best path. The ring then automatically heals itself by sending traffic over a Complete: protected reverse path. The state when there are no link or node failures on the ring. EPSR uses the following two methods to detect when a transit node or a link goes down: Failed: The state when there is a li
Resumo do conteúdo contido na página número 6
How EPSR Works new configuration, the nodes (master and transit) re-learn their layer 2 addresses. During this period, the master node continues to send Health messages over the control VLAN. This situation continues until the faulty link or node is repaired. For a multidomain ring, this process occurs separately for each domain within the ring. The following figure shows the flow of control frames when a link breaks. Control VLAN is forwarding Control VLAN is forwarding Data VLANs move from b
Resumo do conteúdo contido na página número 7
How EPSR Works Restoring Normal Operation Master Node Once the fault has been fixed, the master node’s Health messages traverse the whole ring and arrive at the master node’s secondary port. The master node then restores normal conditions by: 1. declaring the ring to be in a state of Complete 2. blocking its secondary port for data VLAN traffic (but not for the control VLAN) 3. flushing its forwarding database for its two ring ports 4. sending a Ring-Up-Flush-FDB message from its primary port,
Resumo do conteúdo contido na página número 8
How To Configure EPSR How To Configure EPSR This section first outlines, step-by-step, how to configure EPSR. Then it discusses changing the settings for the control VLAN, if you need to do this after initial configuration. Configuring EPSR 1. Connect your switches into a ring EPSR does not in itself limit the number of nodes that can exist on any given ring. Each switch can participate in up to 16 rings. If you already have a ring in a live network, disconnect the cable between any two of t
Resumo do conteúdo contido na página número 9
How To Configure EPSR iii. Remove the ring ports from the default VLAN If you leave all the ring ports in the default VLAN (vlan1), they will create a loop, unless vlan1 is part of the EPSR domain. To avoid loops, you need to do one of the following: � make vlan1 a data VLAN, or � remove the ring ports from vlan1, or � remove at least one of the ring ports from vlan1 on at least one of the switches. We do not recommend this option, because the action you have taken is less obvious when mainta
Resumo do conteúdo contido na página número 10
How To Configure EPSR Modifying the Control VLAN You cannot modify the control VLAN while EPSR is enabled. If you try to remove or add ports to the control VLAN, the switch generates an error message as follows: Manager> delete vlan=1000 port=1 Error (3089409): VLAN 1000 is a control VLAN in EPSR and cannot be modified Disable the EPSR domain and then make the required changes. Note that disabling EPSR will create a loop, so is not recommended on a network with live data. Of course, in a live
Resumo do conteúdo contido na página número 11
Example 1: A Basic Ring Example 1: A Basic Ring This example builds a simple 3-switch ring with one data VLAN, as shown in the following diagram. Control packets are transmitted around the ring on vlan1000 and data packets on vlan2. End User Ports port 1: primary port 2: secondary P S Master Node (A) port 1: ring port 1: ring End User Ports End User Ports port 2: ring port 2: ring Transit Transit Node Node (B) (C) epsr-example-basic-ring Configure the Master Node (A) 1. Create the contro
Resumo do conteúdo contido na página número 12
Example 1: A Basic Ring 5. Remove the ring ports from the default VLAN delete vlan=1 port=1-2 6. Create the EPSR domain This step creates the domain, specifying that this switch is the master node. It also specifies which VLAN is the control VLAN and which port is the primary port. create epsr=test mode=master controlvlan=vlan1000 primaryport=1 7. Add the data VLAN to the domain add epsr=test datavlan=vlan2 8. Enable EPSR enable epsr=test Configure the Transit Nodes (B and C) Each of the trans
Resumo do conteúdo contido na página número 13
Example 1: A Basic Ring 6. Create the EPSR domain This step creates the domain, specifying that this switch is the transit node. It also specifies which VLAN is the control VLAN. create epsr=test mode=transit controlvlan=vlan1000 7. Add the data VLAN to the domain add epsr=test datavlan=vlan2 8. Enable EPSR enable epsr=test Page 13 | AlliedWare™ OS How To Note: EPSR
Resumo do conteúdo contido na página número 14
Example 2: A Double Ring Example 2: A Double Ring This example adds to the previous ring by making two domains, as shown in the following diagram. Master Master Node Node port 1: port 4: (A) (C) primary primary port 2: port 5: secondary secondary port 1 port 4 Domain 1 Domain 2 control VLAN: 1000 control VLAN: 40 data VLAN: 2 data VLAN: 50 port 2 port 5 Transit port 1 port 4 Node (E) port 2 port 5 Transit Transit Node Node (B) (D) epsr-example-double-ring 1. Configure the master node (switc
Resumo do conteúdo contido na página número 15
Example 2: A Double Ring 2. Configure the transit node (switch B) that belongs just to domain 1 This transit node is the same as in the previous example (except that the domain has been renamed). create vlan=vlan1000 vid=1000 add vlan=1000 port=1-2 frame=tagged create vlan=vlan2 vid=2 add vlan=2 port=1-2 frame=tagged delete vlan=1 port=1-2 create epsr=domain1 mode=transit controlvlan=vlan1000 add epsr=domain1 datavlan=vlan2 enable epsr=domain1 3. Configure the master node (switch C) for domai
Resumo do conteúdo contido na página número 16
Example 2: A Double Ring Configure EPSR: create epsr=domain2 mode=transit controlvlan=vlan40 add epsr=domain2 datavlan=vlan50 enable epsr=domain2 5. Configure the transit node (switch E) that belongs to both domains Two separate EPSR domains are configured on this switch. Configure the control VLAN for domain 1: create vlan=vlan1000 vid=1000 add vlan=1000 port=1-2 frame=tagged Configure the control VLAN for domain 2: create vlan=vlan40 vid=40 add vlan=40 port=4-5 frame=tagged Configure the data
Resumo do conteúdo contido na página número 17
Example 3: EPSR and RSTP Example 3: EPSR and RSTP This example uses EPSR to protect one ring and RSTP to protect another overlapping ring. RSTP Master Switch Node (C) port 1: (A) port 10 primary port 2: port 11 secondary port 1 port 10 Domain 1 RSTP: control VLAN: 1000 STP VLAN: 10 data VLAN: 2 port 2 port 11 Switch port 1 port 10 (E) port 2 port 11 RSTP Transit Switch Node (D) (B) epsr-example-rstp 1. Configure the master node (switch A) for the EPSR domain The master node is the same as in
Resumo do conteúdo contido na página número 18
Example 3: EPSR and RSTP 2. Configure the transit node (switch B) that belongs just to the EPSR domain This transit node (B) is the same as in the previous example. create vlan=vlan1000 vid=1000 add vlan=1000 port=1-2 frame=tagged create vlan=vlan2 vid=2 add vlan=2 port=1-2 frame=tagged delete vlan=1 port=1-2 create epsr=domain1 mode=transit controlvlan=vlan1000 add epsr=domain1 datavlan=vlan2 enable epsr=domain1 3. Configure the switches that belong to the RSTP instance (switches C and D) Switc
Resumo do conteúdo contido na página número 19
Example 3: EPSR and RSTP 4. Configure switch E for EPSR and RSTP Configure the control VLAN for EPSR: create vlan=vlan1000 vid=1000 add vlan=1000 port=1-2 frame=tagged Configure the data VLAN for EPSR: create vlan=vlan2 vid=2 add vlan=2 port=1-2 frame=tagged Remove the ring ports from the default VLAN: delete vlan=1 port=1-2 Configure EPSR: create epsr=domain1 mode=transit controlvlan=vlan1000 add epsr=domain1 datavlan=vlan2 enable epsr=domain1 Configure the STP VLAN: create vlan=vlan10 vid=10 a
Resumo do conteúdo contido na página número 20
Example 4: EPSR with Nested VLANs Example 4: EPSR with Nested VLANs In this example: � client switches A and C are in the same end-user VLAN (vlan20) � client switches B and D are in the same end-user VLAN (vlan200) � traffic for vlan20 and vlan200 is nested inside vlan50 for transmission around the core � vlan50 is the data VLAN for the EPSR domain � vlan100 is the control VLAN for the EPSR domain Client Client Switch Switch (E) (H) port 20 port 10 port 22 port 22 port 2: port 2 secondary Mast