Ethernet Ring Protection Ethernet Ring Protection
I
N
T
E
R
N
A
L
U
S
E
O
N
L
Y
Ethernet Ring Protection
2
ERP
Defined in the International Telecommunication Union Telecommunication
Standardization (ITU-T) G.8032 recommendation, ERP provides highly reliable, stable,
and loop-free protection for Ethernet ring topologies. ERP is a solution for an Ethernet
ring where each ring node (switch) connects to two adjacent nodes, participating in
the same ring, using two independent links. The minimum number of nodes on a ring
is two. Because ERP can provide sub-50 ms, loop-free protection for a ring topology, it
can viably replace any spanning tree protocol on the ring. Using an Ethernet fiber ring
of less the 1200 km and less than 16 nodes, the switch completion time at the time of
failure should be less than 50 ms. Copper links can also be used, but we recommend
that you use connectivity fault management (CFM) to help detect failures between
nodes.
I
N
T
E
R
N
A
L
U
S
E
O
N
L
Y
Ethernet Ring Protection
3
Ring Protection Link
To protect the Ethernet ring, a single link between two nodes acts as the ring
protection link (RPL) on the ring. One of the adjacent nodes, which is referred to as the
RPL owner, controls the state of the RPL. During normal operation with no failures
(idle state), the RPL owner places the RPL in the blocking state, which results in a
loop-free topology. If a link failure occurs somewhere on the ring, the RPL owner
places the RPL in a forwarding state until the failed link is repaired. Once the failed
link is repaired, the Junos operating system acts in a revertive manner, returning the
RPL to the blocking state.
I
N
T
E
R
N
A
L
U
S
E
O
N
L
Y
Ethernet Ring Protection
4
RPL-Owner Node
The RPL owner controls the state of the RPL. During the idle state, it is the only node
that sends periodic Ring Automatic Protection Switching (R-APS) messages to notify
the other nodes about the state of the RPL. The next few slides discuss the details of
the Automatic Protection Switching (APS) protocol and R-APS messages.
Normal Node
A normal node is any other node on the ring besides the RPL owner. It listens to and
forwards R-APS messages. Also, if a local ring link failure occurs, a normal node
signals all other nodes that the failure has occurred using R-APS messages.
I
N
T
E
R
N
A
L
U
S
E
O
N
L
Y
Ethernet Ring Protection
5
APS
To coordinate the effort of protecting the Ethernet ring, each node participates in the
APS. Each of the two ports on each node must be configured for a dedicated channel
a virtual LAN (VLAN) or a bridge domainto communicate using the APS protocol.
Although the APS protocol uses a single VLAN to communicate, the changes in the
forwarding state of interfaces that occur as a result of the exchange of R-APS
messages affect the entire port of a node (all VLANs). ITU-T G.8032 specifies the use
of the CFM frame format as described in the Operation, Administration, and
Maintenance (OAM) material. To allow differentiation between an R-APS message
from a CFM message, an R-APS message uses a destination address of
01-19-A7-00-00-01, as well as an opcode of 40.
I
N
T
E
R
N
A
L
U
S
E
O
N
L
Y
Ethernet Ring Protection
6
R-APS Data Fields
Currently, APS has no specified type, length, and values (TLVs). The slide shows the
data fields found in an R-APS message. The following list describes each data field:
Request/State (4 bits): Currently only two values are defined. A value of
0000 is used when a node wants to signal that it detects no failure on
the ring (No request). A value of 1011 is used when a node wants to
signal that an interface has failed (Signal Fail state).
Reserved 1 (4 bits): This value is always 0000. This field is reserved for
future use.
RPL Blocked (1 bit): Usage for this field is shown on the slide. Only the
RPL owner can signal RPL Blocked.
Status Reserved (6 bits): This value is always 000000. This field is
reserved for future use.
Node ID (6 octets): This field is a MAC address unique to the ring node.
Reserved 2 (24 octets): This value is all zeros. This field is reserved for
future use.
I
N
T
E
R
N
A
L
U
S
E
O
N
L
Y
Ethernet Ring Protection
7
Idle State
When no failures occur on the Ethernet ring, all nodes are in the idle state. During the
idle state, the RPL owner places the RPL in a blocking state. Also, the RPL owner
sends periodic (every 5 seconds) R-APS messages that signal that no failure is
present on the ring (Request/State =no request), that all switches should flush their
MAC tables (Do not flush = 0), and that the RPL is currently blocked (RPL Blocked = 1).
All other switches flush their MAC tables once (on the first received R-APS message)
while unblocking both of their ring ports.
I
N
T
E
R
N
A
L
U
S
E
O
N
L
Y
Ethernet Ring Protection
8
Signal Failure: Part 1
A signal failure occurs when a node detects a failure on a ring port. In the example,
Node B and Node C detect a failure on the link between them. The Junos OS does not
currently support hold interval. In other words, Node B and Node C react immediately
to the failed link. The nodes switch from the idle state to the protection state, block
the failed ports, flush their MAC table, and signal to all the other nodes that a signal
failure has occurred using R-APS messages. The R-APS messages tell the other nodes
that a failure has occurred (Request/State = signal fail) and that the nodes should
flush their MAC tables (Do not flush= 0). Node B and Node C continually send R-APS
messages every 5 seconds until the signal failure condition clears.
I
N
T
E
R
N
A
L
U
S
E
O
N
L
Y
Ethernet Ring Protection
9
Signal Failure: Part 2
Upon receiving the signal fail R-APS messages from Node B and Node C, all other
nodes (including the RPL owner) switch to the protection state, flush their MAC tables,
and stop sending R-APS messages. The RPL owner unblocks the RPL and listens for
subsequent R-APS message from Node A and Node B.
I
N
T
E
R
N
A
L
U
S
E
O
N
L
Y
Ethernet Ring Protection
10
Restoration of a Failed Link: Part 1
When the failure is repaired between Node B and Node C, they begin sending out new
R-APS messages. The R-APS messages tell the other nodes that the failure (Request/
State = no request) is no longer present and that they should not flush their MAC
tables (Do not flush = 1). Node B and Node C keep the previously failed ports in the
blocked state (preventing a loop) until they receive R-APS messages from Node A as
described in the following slide.
I
N
T
E
R
N
A
L
U
S
E
O
N
L
Y
Ethernet Ring Protection
11
Restoration of Failed Link: Part 2
Upon receiving the no request R-APS messages from Node B and Node C, Node A
starts a restore timer. The default is 5 minutes. You can configure the restore timer in
1-minute steps between 5 and 12 minutes. Once the restore timer expires, Node A
blocks the RPL and transmits RPS messages that signal to the other nodes that no
failure is present on the ring (Request/State = no request), that the RPL has been
blocked (RPL Blocked = 1), and that the other nodes should flush their MAC tables (Do
not flush = 0). Once they receive the R-APS messages from Node A, the other nodes
flush their MAC tables and unblock any ring ports that had been blocked. At this point,
all switches will be in the idle state.
I
N
T
E
R
N
A
L
U
S
E
O
N
L
Y
Ethernet Ring Protection
12
ERP Configuration Options
The slide shows all of the options available when configuring ERP. You must configure
an east-interface and a west-interface. You need not configure the two
interfaces in any specific order. You can specify global or ring-specific versions of the
three intervals (timers) for ERP:
guard-interval (disabled by default): Configurable in 10 ms
intervals from 10 ms to 2000 ms. It is used to prevent a node from
receiving outdated R-APS messages. Once an R-APS message is
received, the guard timer starts. Any R-APS messages that arrive before
the expiration of the guard timer drop.
hold-interval: We described this interval on the previous slides.
restore-interval: We described this interval on the previous slides.
I
N
T
E
R
N
A
L
U
S
E
O
N
L
Y
Ethernet Ring Protection
13
RPL Owner Configuration
The slide shows a typical configuration for the RPL owner node. First, you must
configure the two interfaces that participate in the Ethernet ring for the APS channel
(VLAN and bridge domain). In this case, VLAN 100 is used as the communication
channel between nodes. Configure ERP under [edit protocols
protection-group]. The following are a few things to note about the ERP
configuration for the RPL owner:
You must configure the RPL owner node specifically as the
ring-protection-link-owner;
The interfaces are interchangeable with regard to selecting them to act
as the west-interface and east-interface as long as you
specify one of them as being the ring-protection-link-end; and
For trunk-mode interfaces, you must also specify the VLAN.
I
N
T
E
R
N
A
L
U
S
E
O
N
L
Y
Ethernet Ring Protection
14
Normal Node Configuration
The slide shows a typical configuration for a normal node.
I
N
T
E
R
N
A
L
U
S
E
O
N
L
Y
Ethernet Ring Protection
15
ERP Status
The slide shows all of the possible commands to monitor ERP. We discuss each one
on the next few slides.
I
N
T
E
R
N
A
L
U
S
E
O
N
L
Y
Ethernet Ring Protection
16
R-APS Information
The command on the slide shows the details of the R-APS messages to which the local
node is currently listening or which it is forwarding. Based on the output, you can tell
that the local node (Node A) is the RPL owner because the R-APS message originates
from it and it is advertising that the RPL is currently blocked.
I
N
T
E
R
N
A
L
U
S
E
O
N
L
Y
Ethernet Ring Protection
17
Interface Status
The command on the slide shows the state of the local node interfaces in relation to
ERP. Note that the Admin State shows that it is IFF ready. This state means that
the Ethernet flow forwarding function (the control channel) is available to forward
R-APS traffic.
I
N
T
E
R
N
A
L
U
S
E
O
N
L
Y
Ethernet Ring Protection
18
Local Node Details
The command on the slide shows the APS State of the local node, as well as some
of the locally configured timer values.
I
N
T
E
R
N
A
L
U
S
E
O
N
L
Y
Ethernet Ring Protection
19
APS Statistics
The command on the slide shows the quantities of specific events that have occurred.
You can reset these values to 0 by issuing the clear protection-group
ethernet-ring statistics group-name name command.
I
N
T
E
R
N
A
L
U
S
E
O
N
L
Y
Ethernet Ring Protection
20
I
N
T
E
R
N
A
L
U
S
E
O
N
L
Y
