Download
Share
Print this page
Allied Telesis AT 9924SP AT-9924SP-30 AT-9924SP-30 Software Manual
  1. Manuals
  2. Brands
  3. Allied Telesis Manuals
  4. Switch
  5. AT 9924SP AT-9924SP-30 AT-9924SP-30
  6. Software manual
Allied Telesis AT 9924SP AT-9924SP-30 AT-9924SP-30 Software Manual

Allied Telesis AT 9924SP AT-9924SP-30 AT-9924SP-30 Software Manual

Configure epsr (ethernet protection switching ring) to protect a ring from loops
Hide thumbs

Advertisement

Quick Links

Download this manual
TM
AlliedWare
OS
Configure EPSR (Ethernet Protection Switching
How To |
Ring) to Protect a Ring from Loops
Introduction
Putting a ring of Ethernet switches at the core of a network is a simple way to increase the
network's resilience—such a network is no longer susceptible to a single point of failure.
However, the ring must be protected from Layer 2 loops. Traditionally, STP-based
technologies are used to protect rings, but they are relatively slow to recover from link
failure. This can create problems for applications that have strict loss requirements, such as
voice and video traffic, where the speed of recovery is highly significant.
This How To Note describes a fast alternative to STP: Ethernet Protection Switching Ring
(EPSR). EPSR enables rings to recover rapidly from link or node failures—within as little as
50ms, depending on port type and configuration. This is much faster than STP at 30 seconds
or even RSTP at 1 to 3 seconds.
What information will you find in this document?
This How To Note begins by describing EPSR in the following sections:
"How EPSR Works" on page 3
"Establishing a Ring" on page 4
"Detecting a Fault" on page 5
"Recovering from a Fault" on page 5
"Restoring Normal Operation" on page 7
Next it gives step-by-step configuration details and examples in the following sections:
"How To Configure EPSR" on page 8
"Example 1: A Basic Ring" on page 11
"Example 2: A Double Ring" on page 14
C613-16092-00 REV D
www.alliedtelesis.com

Advertisement

loading

Related Manuals for Allied Telesis AT 9924SP AT-9924SP-30 AT-9924SP-30

Summary of Contents for Allied Telesis AT 9924SP AT-9924SP-30 AT-9924SP-30

  • Page 1 AlliedWare Configure EPSR (Ethernet Protection Switching How To | Ring) to Protect a Ring from Loops Introduction Putting a ring of Ethernet switches at the core of a network is a simple way to increase the network’s resilience—such a network is no longer susceptible to a single point of failure. However, the ring must be protected from Layer 2 loops.
  • Page 2 2.8.1 or later • AT-9924Ts, x900-24XT, and x900-24XT-N switches running software version 3.1.1 or later EPSR is also available on the following Allied Telesis switches, running the AlliedWare Plus OS software version 5.2.1 or later: • SwitchBlade x908 •...
  • Page 3 How EPSR Works EPSR operates on physical rings of switches (note, not on meshed networks). When all nodes and links in the ring are up, EPSR prevents a loop by blocking data transmission across one port. When a node or link fails, EPSR detects the failure rapidly and responds by unblocking the blocked port so that data can flow around the ring.
  • Page 4 Establishing a Ring Once you have configured EPSR on the switches, the following steps complete the EPSR ring: 1. The master node creates an EPSR Health message and sends it out the primary port. This increments the master node’s Transmit: Health counter in the show epsr count command.
  • Page 5 Detecting a Fault EPSR uses a fault detection scheme that alerts the ring when a break occurs, instead of using a spanning tree- like calculation to determine the best path. The ring then automatically heals itself by sending traffic over a protected reverse path.
  • Page 6 new configuration, the nodes (master and transit) re-learn their layer 2 addresses. During this period, the master node continues to send Health messages over the control VLAN. This situation continues until the faulty link or node is repaired. For a multidomain ring, this process occurs separately for each domain within the ring. The following figure shows the flow of control frames when a link breaks.

  • Page 7: Restoring Normal Operation

    Transit Nodes with Both Ports Down The Allied Telesis implementation includes an extra feature to improve handling of double link failures. If both ports on a transit node are down and one port comes up, the node: 1.

  • Page 8: Configuring Epsr

    How To Configure EPSR This section first outlines, step-by-step, how to configure EPSR. Then it discusses the settings for the control Configuring EPSR 1. Connect your switches into a ring EPSR does not in itself limit the number of nodes that can exist on any given ring. Each switch can participate in up to 16 rings.
  • Page 9 iii. Remove the ring ports from the default VLAN If you leave all the ring ports in the default VLAN (vlan1), they will create a loop, unless vlan1 is part of the EPSR domain. To avoid loops, you need to do one of the following: •...
  • Page 10 Modifying the Control VLAN You cannot modify the control VLAN while EPSR is enabled. If you try to remove or add ports to the control VLAN, the switch generates an error message as follows: Manager> delete vlan=1000 port=1 Error (3089409): VLAN 1000 is a control VLAN in EPSR and cannot be modified Disable the EPSR domain and then make the required changes.
  • Page 11 Example 1: A Basic Ring This example builds a simple 3-switch ring with one data VLAN, as shown in the following diagram. Control packets are transmitted around the ring on vlan1000 and data packets on vlan2. End User Ports Configure the Master Node (A) 1.
  • Page 12 5. Remove the ring ports from the default VLAN delete vlan=1 port=1-2 6. Create the EPSR domain This step creates the domain, specifying that this switch is the master node. It also specifies which VLAN is the control VLAN and which port is the primary port. create epsr=test mode=master controlvlan=vlan1000 primaryport=1 7.
  • Page 13 6. Create the EPSR domain This step creates the domain, specifying that this switch is the transit node. It also specifies which VLAN is the control VLAN. create epsr=test mode=transit controlvlan=vlan1000 7. Add the data VLAN to the domain add epsr=test datavlan=vlan2 8.
  • Page 14 Example 2: A Double Ring This example adds to the previous ring by making two domains, as shown in the following diagram. Master Node port 2: secondary port 1 Transit Node 1. Configure the master node (switch A) for domain 1 The master node for domain 1 is the same as in the previous example (except that the domain has been renamed).
  • Page 15 2. Configure the transit node (switch B) that belongs just to domain 1 This transit node is the same as in the previous example (except that the domain has been renamed). create vlan=vlan1000 vid=1000 add vlan=1000 port=1-2 frame=tagged create vlan=vlan2 vid=2 add vlan=2 port=1-2 frame=tagged delete vlan=1 port=1-2 create epsr=domain1 mode=transit controlvlan=vlan1000...
  • Page 16 Configure EPSR: create epsr=domain2 mode=transit controlvlan=vlan40 add epsr=domain2 datavlan=vlan50 enable epsr=domain2 5. Configure the transit node (switch E) that belongs to both domains Two separate EPSR domains are configured on this switch. Configure the control VLAN for domain 1: create vlan=vlan1000 vid=1000 add vlan=1000 port=1-2 frame=tagged Configure the control VLAN for domain 2: create vlan=vlan40 vid=40...
  • Page 17 Example 3: EPSR and RSTP This example uses EPSR to protect one ring and RSTP to protect another overlapping ring. Master Node port 2: secondary port 1 Transit Node 1. Configure the master node (switch A) for the EPSR domain The master node is the same as in the previous example.
  • Page 18 2. Configure the transit node (switch B) that belongs just to the EPSR domain This transit node (B) is the same as in the previous example. create vlan=vlan1000 vid=1000 add vlan=1000 port=1-2 frame=tagged create vlan=vlan2 vid=2 add vlan=2 port=1-2 frame=tagged delete vlan=1 port=1-2 create epsr=domain1 mode=transit controlvlan=vlan1000 add epsr=domain1 datavlan=vlan2...
  • Page 19 4. Configure switch E for EPSR and RSTP Configure the control VLAN for EPSR: create vlan=vlan1000 vid=1000 add vlan=1000 port=1-2 frame=tagged Configure the data VLAN for EPSR: create vlan=vlan2 vid=2 add vlan=2 port=1-2 frame=tagged Remove the ring ports from the default VLAN: delete vlan=1 port=1-2 Configure EPSR: create epsr=domain1 mode=transit controlvlan=vlan1000...
  • Page 20 Example 4: EPSR with Nested VLANs In this example: • client switches A and C are in the same end-user VLAN (vlan20) • client switches B and D are in the same end-user VLAN (vlan200) • traffic for vlan20 and vlan200 is nested inside vlan50 for transmission around the core •...
  • Page 21 1. Configure the master node (switch A) for the EPSR domain Configure the EPSR control VLAN: create vlan=vlan100 vid=100 add vlan=100 port=1-2 frame=tagged Configure vlan50. This VLAN acts as both the nested VLAN and the EPSR data VLAN. The following commands create vlan50 and configure it as a nested VLAN: create vlan=vlan50 vid=50 nested add vlan=50 port=22 nestedtype=customer add vlan=50 port=1-2 nestedtype=core...
  • Page 22 3. Configure client switch E (connected to the master node) create vlan=vlan20 vid=20 add vlan=20 port=20 frame=tagged enable ip add ip interface=vlan20 ip=192.168.20.10 4. Configure client switch F (connected to transit node B) create vlan=vlan200 vid=200 add vlan=200 port=10 frame=tagged enable ip add ip interface=vlan200 ip=192.168.200.1 5.
  • Page 23 Example 5: EPSR with management stacking In this example: • three switches are stacked together, so you can manage all three switches by entering commands into the CLI of any one of them • the three switches are also configured as an EPSR domain •...
  • Page 24 1. Configure stacking on the master node for the EPSR domain (host1) The following commands must be entered into the CLI of this particular switch. First, give the switch a host ID number so that the stack can identify it: set system hostid=1 serialnumber=12345678 set system name=host1 Create the stacking VLAN and add the ring ports to it.
  • Page 25 4. Configure the other VLANs on the stacked switches The stack now exists, so you can configure all three switches from the CLI of the master node (or any other of the switches). However, the ports and IP addresses are different for each switch, so you need to make most of the commands host-directed.
  • Page 26 Example 6: EPSR with an iMAP This example is the same as three switches is an iMAP. We used an AT-TN7100 iMAP running 6.1.10. The ring ports on the iMAP are 5.0 and 5.1. The example first shows the configuration script for the iMAP as the master node, then as the transit node.
  • Page 27 Checking the Master Node Configuration To see a summary, use the command: show epsr The following diagram shows the expected output. --- EPSR Domain Information --------------------------------------------------- EPSR Domain Node Type Domain Status/ --------------- --------- --------------- ------- ---------------------------- test MASTER ------------------------------------------------------------------------------- To see details, use the command: show epsr=test The following diagram shows the expected output.
  • Page 28 Configure the AT -TN7100 iMAP as a Transit Node The following diagram shows a partial script for the iMAP, with the commands for configuring it as a transit node. CREATE EPSR=test TRANSIT CREATE VLAN=vlan2 VID=2 FORWARDINGMODE=STD CREATE VLAN=vlan1000 VID=1000 FORWARDINGMODE=STD DISABLE INTERFACE=0.0-0.15,1.0-1.15,2.0-2.15,4.0-4.1,5.0-5.1 ADD VLAN=2 INTERFACE=ETH:[5.0-1] FRAME=TAGGED ADD VLAN=1000 INTERFACE=ETH:[5.0-1] FRAME=TAGGED...
  • Page 29 To see details, use the command: show epsr=test The following diagram shows the expected output. --- EPSR Domain Information --------------------------------------------------- EPSR Domain Name... test EPSR Domain Node Type... Transit EPSR Domain State... LINKS-UP MAC Address of Master Node... 00:00:CD:24:02:4F EPSR Domain Status... Enabled Control Vlan...
  • Page 30 Ports and Recovery Times In practice, recovery time in an EPSR ring is generally between 50 and 100ms. However, it depends on the port type, because this determines how long it takes for the port to report that it is down and send a Link-Down message. The following ports report that they are down immediately or within a few milliseconds, which leads to an EPSR recovery time of 50 to 100ms: •...
  • Page 31 IGMP Snooping and Recovery Times IGMP Snooping and Recovery Times Since Software Version 281-03, IGMP snooping includes query solicitation, a new feature that minimises loss of multicast data after a topology change. When IGMP snooping is enabled on a VLAN, and EPSR changes the underlying link layer topology of that VLAN, this can interrupt multicast data flow for a significant length of time.
  • Page 32 EPSR State and Settings To display the EPSR state, the attached VLANs, the ring ports, and the timer values, use the command: show epsr The following diagram shows the output for a master node in a ring that is in a state of Master Node Complete.
  • Page 33 In contrast, the following diagram shows the output for a master node in a ring that is in a Master Node in a Failed Ring Failed state. Both ring ports are now forwarding. EPSR Information ------------------------------------------------------------------------ Name ... domain1 Mode ... Master Status ...

  • Page 34: Snmp Traps

    SNMP Traps You can use SNMP traps to notify you when events occur in the EPSR ring. Download the latest version of the Allied Telesis Enterprise MIB from www.alliedtelesis.co.nz/support/updates/patches.html. The EPSR Group is contained in the sub-file called atr-epsr.mib. The EPSR Group has the object identifier prefix epsr ({ modules 136}), and contains a collection of objects and traps for monitoring EPSR states.
  • Page 35 Counters The EPSR counters record the number of EPSR messages that the CPU received and transmitted. To display the counters, use the command: show epsr=domain1 count The following diagram shows the counters for a master node in a ring that has never had a Master node in a Complete link or node fail.
  • Page 36 Debugging This section walks you through the EPSR debugging output as links go down and come back up again. The debugging output comes from the ring in The output shows what happened when we took down two separate links in turn: •...
  • Page 37 2. The master node continues sending Health messages The master node continues sending Health messages, and increments the Hello Sequence number with each message. If all nodes and links in the ring are intact, these Health messages are the only debugging output you see. Manager x900-48-A>...
  • Page 38 4. The master node receives a Link-Down message on its secondary port The master node receives a Link-Down message on its secondary port (port 2) from transit node B, which is at the other end of the broken link. EPSR Port2 Rx: 00bb0100 00542484 00000000 0000cd24 024f990b 00400108 03e80000 00000000 cd24024f 00000000 04000000 EPSR Port2 Rx:...
  • Page 39 6. The Hello timer expires The Hello timer expires, which would normally trigger the master node to send a Health message out the primary port. However, the link between the primary port and the neighbouring transit node is down, so the master node does not send the Health message. Manager x900-48-A>...
  • Page 40 9. The master node receives the Health message on its secondary port The master node receives the Health message on its secondary port (port 2). This tells it that all links on the ring are up again. EPSR Port2 Rx: 00bb0100 00541dee 00000000 0000cd28 0619990b 00400105 03e80000 00000000 cd280619 00010002 020000fa EPSR Port2 Rx:...
  • Page 41 12. The master node transmits and receives Health messages The master node continues transmitting and receiving Health messages for as long as the ring stays in a state of Complete. Manager x900-48-A> epsrHelloTimeout: EPSR test Hello Timer expired EPSR Port1 Tx: 00bb0100 00541eed 00000000 0000cd28 0619990b 00400105 03e80000 00000000 cd280619 00010002 010000fb EPSR Port1 Tx:...
  • Page 42 Transit Node (Node B) Debug Output The following debugging shows the same events as the previous section, but on the transit node instead of the master node. It starts with the ring established and in a state of Complete. 1. The transit node receives Health messages The transit node receives Health messages on port 1, because that port is connected to the master node’s primary port.
  • Page 43 2. Port 1 on the transit node goes down The transit node detects that port 1 (between the transit node and the master node) has gone down. The transit node flushes its forwarding database, blocks port 1 for the data VLAN (to prevent a loop from forming when the master node comes back up), sends a Link- Down message towards the master node, sends a trap, and changes the EPSR state to Link- Down.
  • Page 44 4. Port 1 comes back up The transit node detects that port 1 has come back up. It sends a trap and changes the EPSR state to Pre-forwarding. Note that it leaves port 1 blocked for vlan2, to make sure there are no loops.
  • Page 45 6. Transit node receives a Ring-Up-Flush-FDB message. The Health message from the previous step reaches the master node and shows it that all links in the ring are now up. The master node sends a Ring-Up-Flush-FDB message. When it receives the message, the transit node unblocks port 1 for vlan2, flushes its FDB, sends a trap, and changes the state to Link-Up.
  • Page 46 7. The transit node receives Health messages The transit node continues receiving Health messages for as long as the ring stays in a state of Complete. This is the packet shown in step Manager 9924-B> EPSR Port1 Rx: 00bb0100 00541eed 00000000 0000cd28 0619990b 00400105 03e80000 00000000 cd280619 00010002 010000fb EPSR Port1 Rx: -----------------------------------------------------------------------...
  • Page 47 Link Down Between Two Transit Nodes This section shows the debugging output when the link between transit node B and transit node C goes down and comes back up again. It shows the debugging output for the complete failure and recovery cycle: •...
  • Page 48 2. The link between the two transit nodes goes down When the link goes down, the master node transmits a Health message but does not receive it on its secondary port. Manager x900-48-A> epsrHelloTimeout: EPSR test Hello Timer expired EPSR Port1 Tx: 00bb0100 00541ea0 00000000 0000cd28 0619990b 00400105 03e80000 00000000 cd280619 00010002 01000148 EPSR Port1 Tx:...
  • Page 49 4. The master node transmits a Ring-Down-Flush-FDB message In response to the Link-Down message, the master node transmits a Ring-Down-Flush-FDB message out both its primary and secondary ports. The message has to go out both ports to make sure it reaches the nodes on both sides of the broken link. The master node also unblocks its secondary port for vlan2, flushes its forwarding database, sends a trap, and changes the EPSR state to Failed.
  • Page 50 6. The master node continues sending Health messages The master node continues sending Health messages out its primary port. It does not receive any of these at the secondary port, which tells it that the link is still down. Manager x900-48-A> epsrHelloTimeout: EPSR test Hello Timer expired EPSR Port1 Tx: 00bb0100 00541d9f 00000000 0000cd28 0619990b 00400105 03e80000 00000000...
  • Page 51 8. The master node returns the ring to a state of Complete Now that the ring is back up, the master node blocks its secondary port for the data VLAN, transmits a Ring-Up-Flush-FDB message, flushes its FDB, sends a trap, and changes the EPSR state to Complete.
  • Page 52 10. The master node transmits and receives Health messages The master node continues transmitting and receiving Health messages for as long as the ring stays in a state of Complete. Manager x900-48-A> epsrHelloTimeout: EPSR test Hello Timer expired EPSR Port1 Tx: 00bb0100 00541e71 00000000 0000cd28 0619990b 00400105 03e80000 00000000 cd280619 00010002 01000177 EPSR Port1 Tx:...
  • Page 53 Transit Node (Node B) Debug Output The following debugging shows the same events as the previous section, but on the transit node instead of the master node. It starts with the ring established and in a state of Complete. 1. The transit node receives Health messages The transit node receives Health messages on port 1, because that port is connected to the master node’s primary port.
  • Page 54 3. The transit node receives a Ring-Down-Flush-FDB message In the meanwhile, the master node has received a Link-Down message from the switch at the other end of the broken link (in step the ring is broken and acts accordingly. As part of the recovery process, the master node sends a Ring-Down-Flush-FDB message.
  • Page 55 5. The transit node receives Health messages The transit node receives Health messages from the master node. These have a state of Failed, which shows that the ring is still broken. This is the packet shown in step Manager 9924-B> EPSR Port1 Rx: 00bb0100 00541d9f 00000000 0000cd28 0619990b 00400105 03e80000 00000000 cd280619 00010002 02000149...
  • Page 56 Singapor e 534182 T: +65 6383 3832 F: +65 6383 3830 Allied Telesis is a trademark or registered trademark of Allied Telesis, Inc. in the United States and other countries. STATE = COMPLETE SYSTEM = 00-00-cd-28-06-19 FAIL TIME = 0...

This manual is also suitable for:

At 9924t at-9924t-40 at-9924t-40X900-48feAt-9924t/4sp-a-20At-8948X900-48fe-nAt-9924t ... Show all