No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

NE40E V800R010C10SPC500 Feature Description - Virtual Access 01

This is NE40E V800R010C10SPC500 Feature Description - Virtual Access
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Principles of Virtual Access

Principles of Virtual Access

Control Plane of Virtual Access

The fundamental design principle of virtual access is to centralize control planes. Before virtual access is deployed, nodes' control planes are independent and distributed, and each node itself discovers the topology, calculates routes, and generates forwarding entries. To ensure control plane consistency, nodes must run many dynamic protocols (such as IGP, BGP, and LDP), which complicates the access network. After virtual access is deployed, a master collects the entire network's resources (including node label space and interface information), calculates internal forwarding tunnels' paths, and delivers forwarding entries to APs. APs are responsible only for forwarding. Because the access network's control plane is centralized on the master and dynamic protocols such as IGP, BGP, and LDP are no longer required, the access network is simplified.

Election of Primary and Secondary Masters

In the virtual access system, you can specify management priorities for masters connected to each AP according to a plan. You must configure management IP addresses for APs and masters. An AP and master notify their own management IP addresses to each other. Two masters notify their own management IP addresses and management priorities for the AP to each other. The roles of the two masters are determined based on the following rules:

  1. The system first checks the management priorities of the two masters. The master with a higher priority becomes the primary master, and the master with a lower priority becomes the secondary master.

  2. If the management priorities of the two masters are the same, the master with a smaller management IP address becomes the primary master, and the master with a larger management IP address becomes the secondary master.

Control Channel and Diameter Channel Establishment

As shown in Figure 3-6, a master uses the control channel to collect the AP's resource information and deliver forwarding entries to the AP. Tunnel paths are calculated and forwarding entries are generated only on a master, implementing control plane centralization. When an AP is dual-homed to two masters, the primary and secondary masters use the Diameter channel to synchronize path calculation results and negotiate the primary/secondary status of vaPWs.

Figure 3-6 Control channel and Diameter channel

Table 3-1 describes control channel and Diameter channel.

Table 3-1 Control channel and Diameter channel

Channel

Location

Establishment Mode

Description

Control channel

Between a master and an AP

The AP initiates a request for establishing control channels to the primary and secondary masters.

An AP and master exchange control information through a control channel. Specifically,

  • the AP registers with a master and reports its own resources (such as label space and interface information).

  • a master delivers virtual access LSP (vaLSP) and virtual access PW (vaPW) forwarding entries to the AP.

For details about vaLSPs and vaPWs, see Internal Forwarding Tunnel Establishment.

Diameter channel

Between the primary and secondary masters

The primary master initiates a request for establishing a Diameter channel based on a TCP connection to the secondary master.

NOTE:

If no direct link exists between the primary and secondary masters, the Diameter channel passes through the AP.

  • The primary master uses the Diameter channel to send the secondary master calculation results of the primary and backup vaLSPs from the secondary master to an AP.

  • The primary and secondary masters use the Diameter channel to transfer the vaPW status and determine the primary and secondary vaPWs through negotiation.

  • The primary and secondary masters exchange the status of the NETCONF channels to the AP to determine which master is used to deliver configurations.

Internal Forwarding Tunnel Establishment

After the control channel and Diameter channel are established, the virtual access system establishes internal forwarding tunnels (vaLSPs and vaPWs) according to the processes described in Table 3-2 to carry access services.

Table 3-2 Internal forwarding tunnel establishment

Process

Description

Establishment of dynamic resource pools

An AP registers with the primary and secondary masters and reports its own resources, including label space and interface information. The primary and secondary masters then store the information in a dynamic resource pool established for each AP.

Figure 3-7 Establishment of dynamic resource pools

Calculation of tunnel paths

After virtual access is enabled and master or AP roles are determined, the master and AP automatically create an IS-IS process and IS-IS is automatically enabled on the internal communication interfaces of the master and AP.

  1. The primary and secondary masters, the primary master and AP, and the secondary master and AP use IS-IS to advertise their own topology information to one another, and a global topology database is formed on the primary and secondary masters.

  2. The primary master uses the topology database to calculate the round-trip paths for vaLSP and vaPWbetween itself and the AP. Paths with more remaining bandwidths are preferentially selected.

  3. The secondary master uses the Diameter channel to send a path calculation request to the primary master. After receiving the request, the primary master calculates the round-trip paths between itself and the AP, between itself and the secondary master, and between the AP and secondary master and uses the Diameter channel to send information about the round-trip paths between the AP and secondary master to the secondary master. If the secondary master sends three path calculation requests to the primary master but does not receive path calculation results from the primary master, the secondary master calculates the round-trip paths between itself and the AP.

Figure 3-8 Calculation of tunnel paths

Generation and delivery of forwarding entries

  1. The primary and secondary masters select a vaLSP label from the vaLSP label space and a vaPW label from the vaPW label space in an AP's dynamic resource pool based on the path calculation results to form vaLSP and vaPW forwarding entries for the AP.

  2. After forwarding entries are generated, the primary and secondary masters use the control channel to deliver the forwarding entries to the AP.

Figure 3-9 Generation and delivery of forwarding entries

Establishment of vaLSPs and vaPWs

The AP delivers the forwarding entries from the primary and secondary masters to the local forwarding table. The vaLSPs and primary vaPW are established between the AP and primary master, and the vaLSPs and secondary vaPW are established between the AP and secondary master, as shown in Figure 3-10.

Figure 3-10 Establishment of vaLSPs and vaPWs

Data Plane of Virtual Access

At the data forwarding layer, an AP's external communication interface is responsible for receiving service data. An AP's external communication interface is connected to a master's local virtual access interface through a vaPW, which is carried over a vaLSP. For details about vaPW and vaLSP establishment, see Internal Forwarding Tunnel Establishment. The virtual access system carries services over vaPWs and vaLSPs, as shown in Figure 3-11.

Figure 3-11 Data plane of the virtual access system

Through the vaPW, the AP transparently transmits packets received by the external communication interface to the master, and the master transmits packets to the AP. After receiving the packets through the vaPW, the AP transparently transmits them through the external communication interface. The AP is responsible only for forwarding.

At the label operation layer, after receiving a data packet from the external communication interface, the AP adds the vaPW label at the inner layer based on the vaPW forwarding entry and the vaLSP label at the outer layer based on the vaLSP forwarding entry. When the data packet reaches the master, the master removes the outer vaLSP label based on the vaLSP forwarding entry and the inner vaPW label based on the vaPW forwarding entry, and then sends the data packet to the virtual access interface. The transmission process for a master-to-AP data packet is similar to that for an AP-to-master data packet.

AP PnP

In AP plug-and-play (PnP) mode, a master automatically detects and manages APs when APs go online, go offline, migrate, or restart or when the master restarts. The virtual access solution supports AP PnP, which simplifies network O&M and management. AP PnP involves the following processes:

An AP Goes Online for the First Time

Figure 3-12 shows the PnP process after an AP goes online for the first time.

Figure 3-12 PnP process after an AP goes online for the first time

Table 3-3 describes the PnP process.

Table 3-3 PnP process

Step

Description

1

A network administrator performs basic configurations required for AP PnP on an NMS, including:

  • AP's ESN

  • AP's management IP address

  • Login password and SFTP access directory for a user created on the AP

2

The AP starts with the default configuration, automatically enables the data communication network (DCN) function, and uses OSPF to advertise its ESN and initial PnP status in the virtual access system.

3

Masters 1 and 2 use the DCN function to detect the AP and identifies the initial PnP status. Masters 1 and 2 report the detected AP's information (such as the ESN) to the NMS.

4

The NMS sends the basic configurations required for AP PnP (see Step 1) to Masters 1 and 2.

5

Masters 1 and 2 check whether the AP's ESN has been locally configured. If the AP's ESN has been locally configured, Masters 1 and 2 start the PnP process. Otherwise, Masters 1 and 2 stop the PnP process.

NOTE:

To enable a master to manage an AP, configure the AP's ESN on the master.

6

Masters 1 and 2 use the initial user name and password to establish STelnet connections to the AP and issue a PnP start command to the AP.

7

The AP starts the PnP process and timer to wait for PnP process completion.

8

Masters 1 and 2 deliver the following basic configurations (including configurations that Masters 1 and 2 automatically generate and basic configurations that the NMS delivers) to the AP:

  • Virtual access capability enabling

  • AP role setting

  • AP's management IP address

  • Login password and SFTP access directory for a user created on the AP

If the preceding basic configurations are complete, the master delivers a PnP stop command. Otherwise, the master stops the PnP process.

9

The AP automatically performs the basic configurations.

If the AP receives a PnP stop command, it considers the basic configurations completed and stops the timer. If the AP does not receive a PnP stop command before the timer expires, it considers the basic configurations incomplete and automatically restarts itself to begin the PnP process again.

10

The AP uses OSPF to advertise the PnP stop status in the virtual access system.

11

Masters 1 and 2 detect the AP's PnP stop status and report it to the NMS. The PnP process ends, and the AP goes online successfully.

NOTE:
  • The preceding AP PnP process involves an NMS. If your scenario does not involve an NMS, you must perform basic configurations required for AP PnP on a master in advance. This operation also applies to the following PnP processes.

  • After the AP PnP process ends, the roles of Masters 1 and 2 are determined through election. For details, see Election of Primary and Secondary Masters.

An AP Restarts and Goes Online

Figure 3-13 shows the PnP process after an AP restarts and goes online.

Figure 3-13 PnP process after an AP restarts and goes online

Table 3-4 describes the PnP process.

Table 3-4 PnP process

Step

Description

1

After the AP restarts, it reads the locally stored PnP status and uses OSPF to advertise its own PnP status in the virtual access system.

2

The primary and secondary masters use the DCN function to detect the AP and identify the AP's PnP status.

NOTE:

If the AP restarts for configuration recovery, its PnP status is complete. If the AP restarts for configuration clearing, its PnP status is initial.

3

The primary and secondary masters notify the NMS that the AP has completed the PnP process.

4

The AP establishes NETCONF and control channels to the primary and secondary masters.

5

The primary master uses the NETCONF channel to reconcile configurations with the AP so that services are restored.

NOTE:

Configuration reconciliation means that the primary master checks whether configurations for the AP on it are the same as those on the AP. If any configurations are missing, the primary master uses the NETCONF channel to deliver the missing configurations to the AP.

The Primary Master Restarts

Figure 3-14 shows the AP PnP process after the primary master restarts.

Figure 3-14 AP PnP process after the primary master restarts

Table 3-5 describes the PnP process.

Table 3-5 PnP process

Step

Description

1

During the primary master's restart:

  • At the management layer, the primary/secondary status of a master does not immediately switch. The secondary master becomes the primary master only when the primary master is deleted from the topology of the virtual access system due to a timeout.

  • At the service layer, traffic is immediately switched to the secondary master based on vaPW detection results.

After the restart is complete, the primary master restores configurations. In this situation, configurations on the AP have existed.

2

The primary master uses the DCN function to detect the AP and identify the AP's PnP status.

NOTE:

In normal situations, the AP's PnP status is complete. If the AP restarts for configuration clearing, its PnP status is initial.

3

The AP establishes NETCONF and control channels to the primary master.

4

  • At the management layer, if the primary/secondary status of a master changes in Step 1, the master immediately switches back to the original state. Otherwise, the master's status does not change.

  • At the service layer, traffic is switched back to the primary master. A delayed switchback can be configured.

The Secondary Master Restarts

Figure 3-15 shows the AP PnP process after the secondary master restarts.

Figure 3-15 AP PnP process after the secondary master restarts

Table 3-6 describes the PnP process.

Table 3-6 PnP process

Step

Description

1

After the restart is complete, the secondary master restores configurations. In this situation, configurations on the AP have existed.

2

The secondary master uses the DCN function to detect the AP and identify the AP's PnP status.

NOTE:

In normal situations, the AP's PnP status is complete. If the AP restarts for configuration clearing, its PnP status is initial.

3

The AP establishes NETCONF and control channels to the secondary master.

4

If the secondary master is deleted from the topology of the virtual access system due to a timeout during the restart, the roles of the two masters are re-determined. Otherwise, the secondary master's status does not change after the restart.

An AP Goes Offline

Figure 3-16 shows the AP going-offline process.

Figure 3-16 AP going-offline process

Table 3-7 describes the going-offline process.

Table 3-7 Going-offline process

Step

Description

1

When the AP's routing information is deleted from the routing tables of the primary and secondary masters, the primary and secondary masters detect that the AP has gone offline and perform no action.

2

The primary and secondary masters report to the NMS information about the AP that goes offline.

An AP Migrates

Figure 3-17 shows the PnP process after the AP migrates. The AP migrates from Masters 1 and 2 to Master 3.

Figure 3-17 PnP process after the AP migrates

Table 3-8 describes the PnP process.

Table 3-8 PnP process

Step

Description

1

A carrier deletes the AP's ESN configuration from Masters 1 and 2.

2

The carrier uses a master or the NMS to log in to the AP and delete the AP's basic configurations and PnP status.

3

The AP starts a PnP process with Master 3. For details, see An AP Goes Online for the First Time.

Virtual Access Network Management

Scenario in Which an NMS Exists

In this scenario, management channels in the virtual access system are NETCONF and SNMP channels, as shown in Figure 3-18.

  • NETCONF channel

    • NETCONF channel between each master and the AP: The primary and secondary masters establish NETCONF channels to the AP. A master uses a NETCONF channel to deliver configurations, query commands (such as a command for querying the status of the AP's external communication interface), and maintenance commands (such as software package upgrade and AP restart commands) to the AP. In normal cases, the primary master delivers configurations to the AP. If the NETCONF channel between the primary master and AP fails, the secondary master delivers configurations to the AP.

    • NETCONF channel between the NMS and each master: The NMS uses this channel to deliver configuration or query tasks to each master. After the NETCONF channel between the NMS and master is connected to the NETCONF channel between the master and AP, the NMS can also deliver configuration or query tasks to the AP.

  • SNMP channel

    Each master and the AP establish SNMP channels to the NMS and use the SNMP channels to report alarms to the NMS.

    SNMP channels involve inband and outband management.
    • In inband management, the NMS uses the forwarding paths provided by managed devices to manage network devices. Services on a bearer network are usually carried over L3VPN to achieve reliable transmission of network management information.

      The principles are described as follows: A master communicates with the NMS through an interface board's service interface. AP-to-NMS packets enter the master's interface board and then are forwarded through the interface board.

    • In outband management, the NMS uses a dedicated physical network to transmit network management information. Compared with inband management, outband management provides reliable device management channels. Outband networking is usually planned by carriers themselves because of its complexity and high costs.

      The principles are described as follows: A master communicates with the NMS through a main control board's management interface. AP-to-NMS packets enter the master's interface board and then are forwarded through the main control board.

    To support outband management, you must enable software forwarding on a master, that is, disable isolation between management and service interfaces.

Figure 3-18 Network management in the virtual access system

The NMS provides the following functions in the virtual access system:

  • Participates in AP PnP. For details, see AP PnP.

  • Provides configuration, maintenance, and information query for masters and APs.

  • Receives alarm information from masters and APs, helping network administrators for troubleshooting.

Scenario in Which No NMS Exists

In this scenario, only the NETCONF channel between a master and AP is involved. You can manage an AP on a master in either of the following modes:

  • Configure, query, and maintain an AP directly on a master. The master uses the NETCONF channel to deliver the operations to the AP.

  • Use STelnet on a master to log in to an AP, and then query and maintain the AP.

NOTE:

When using STelnet on a master to log in to an AP, you can perform only query operations (such as querying the status of the AP's external communication interface) and maintenance operations (such as upgrading a software package and restarting the AP). You can configure AP services directly on a master only.

Multicast AP Replication

Background

When multicast services are deployed in virtual access scenarios, a master sends multicast traffic to APs over vaPWs by default and multicast traffic is replicated on the master. As shown in Figure 3-19, the master must replicate multiple copies of multicast traffic for each receiver, which causes the bandwidth to be repeatedly occupied and increases loads on the links between the master and APs.

Figure 3-19 Multicast traffic replication on the master

To resolve this issue, configure multicast AP replication. As shown in Figure 3-20, after multicast AP replication is deployed, virtual access P2MP (vaP2MP) tunnels are established between the master and APs. Multicast traffic is imported into the vaP2MP tunnels on the master, and is exported from the vaP2MP tunnels on the APs. Multicast traffic is replicated based only on tunnel paths in the vaP2MP tunnels. After reaching the APs, multicast traffic is locally replicated for receivers. In this situation, the master does not need to replicate multiple copies of multicast traffic for each receiver, which prevents the bandwidth from being repeatedly occupied and decreases loads on the links between the master and APs.

Figure 3-20 Multicast traffic replication on the APs
Benefits

Multicast AP replication offers the following benefits in virtual access scenarios:

  • Prevents multicast traffic from occupying the bandwidth repeatedly and optimizes bandwidth usage efficiency.

  • Works with virtual access IGMP multicast dual-device hot backup to achieve 1+1 multicast service protection.

Related Concepts

Figure 3-21 shows vaP2MP tunnels.

Figure 3-21 vaP2MP tunnels
Table 3-9 Concepts involved in vaP2MP tunnels

Name

Description

Corresponding Node

Root node

Ingress of a vaP2MP tunnel. A root node is an initiator for vaP2MP tunnel establishment and path calculation, and MPLS labels are added to multicast packets on this node (that is, packets are encapsulated as MPLS packets).

Master in Figure 3-21

Branch node

Transit node of a vaP2MP tunnel. A branch node replicates each incoming MPLS packet and then swaps labels.

AP1 in Figure 3-21

Leaf node

Egress of a vaP2MP tunnel. A leaf node removes MPLS labels from MPLS packets so that the MPLS packets become multicast packets.

AP3 and AP4 in Figure 3-21

Bud node

Transit node of a vaP2MP tunnel. A bud node serves as both a branch node and a leaf node. A bud node replicates an MPLS packet. This node swaps the label in one copy of the packet and then forwards the packet; this node removes the MPLS label from the other copy so that the packet becomes a multicast packet.

AP2 in Figure 3-21

Implementation

After multicast AP replication is enabled on the root node (master), vaP2MP tunnels are established. After vaP2MP tunnels are established successfully, multicast traffic is imported into the vaP2MP tunnels on the root node (master) and is replicated on demand in the tunnels. After reaching leaf nodes (APs), multicast traffic is exported from the vaP2MP tunnels. The leaf nodes then replicate multicast traffic for receivers.

vaP2MP tunnel establishment process

The vaP2MP tunnel establishment process is as follows:

  1. The root node traverses the virtual access interfaces/sub-interfaces and virtual access Eth-Trunk interfaces/sub-interfaces with PIM enabled in the public network instance or VPN instance, obtains the APs for the virtual access interfaces and virtual access Eth-Trunk member interfaces, and adds the APs to a leaf node list for a vaP2MP tunnel in turn.

  2. The root node calculates a vaP2MP tunnel path based on the leaf node list. For details, see the following description.

  3. The root node allocates tunnel labels and generates forwarding entries based on the tunnel path calculation results, and uses an control channel to deliver the forwarding entries to the nodes (including leaf and branch nodes) on the path for vaP2MP tunnel establishment.

vaP2MP tunnel path calculation

A typical topology is used as an example to describe vaP2MP tunnel path calculation methods.

  1. The root node adds APs to the tunnel path in turn based on the leaf node list for the vaP2MP tunnel, so that the APs become leaf nodes.

  2. When adding a new leaf node, the system preferentially selects the path with the most leaf nodes. As shown in Figure 3-22, when AP3 is added, the path calculated is M1 -> AP3. When AP2 is then added, the system preferentially selects the path M1 -> AP3 -> AP2 rather than the path M1 -> AP1 -> AP2 because AP1 has not been a leaf node.

  3. Adding a new leaf node does not affect the tunnel path of the existing leaf nodes. As shown in Figure 3-22, when AP2 is added, the path calculated is M1 -> AP1 -> AP2. When AP3 is then added, the path calculated is M1 -> AP3. In this situation, the M1-to-AP2 path with the most leaf nodes is M1 -> AP3 -> AP2, but AP2's end-to-end path is still M1 -> AP1 -> AP2.

  4. Deleting a leaf node does not affect the tunnel path of other leaf nodes. As shown in Figure 3-22, when AP3 is added, the path calculated is M1 -> AP3. When AP2 is then added, the path calculated is M1 -> AP3 -> AP2. When AP3 is then deleted, AP2's end-to-end path is still M1 -> AP3 -> AP2.

  5. Make-Before-Break (MBB) supports manual re-optimization. As shown in Figure 3-22, when AP2 is added, the path calculated is M1 -> AP1 -> AP2. When AP3 is then added, the path calculated is M1 -> AP3. In this situation, the M1-to-AP2 path with the most leaf nodes is M1 -> AP3 -> AP2. After manual re-optimization is performed, AP2's end-to-end path becomes M1 -> AP3 -> AP2.

    Figure 3-22 Single-master ring topology
  6. The link between the masters does not participate in path calculation. As shown in Figure 3-23, the link between M1 and M2 does not participate in the calculation of a vaP2MP tunnel path.
    Figure 3-23 Dual-master ring topology
Other Functions

BFD for vaP2MP

After vaP2MP tunnels are established, BFD sessions are automatically established between the root and leaf nodes to quickly detect faults on the vaP2MP tunnel paths. As shown in Figure 3-24, the primary master (root node) establishes two primary vaP2MP tunnels, and the secondary master (root node) establishes two backup vaP2MP tunnels. After BFD for vaP2MP sessions are established, the primary and secondary masters send BFD packets to the leaf nodes along the vaP2MP tunnel paths. If a leaf node does not receive BFD packets from the primary master within a period of time, the corresponding primary vaP2MP tunnel fails. Service traffic is rapidly switched to the corresponding backup vaP2MP tunnel, implementing rapid multicast service protection.

Virtual access IGMP multicast dual-device hot backup and 1+1 protection

Virtual access IGMP multicast dual-device hot backup implements synchronous backup of IGMP packets on the primary and secondary masters so that multicast traffic is imported into both the primary and secondary masters. Multicast traffic is sent to an AP through the primary and backup vaP2MP tunnels, and the AP selectively receives multicast traffic based on the primary/backup status of the vaP2MP tunnel, implementing 1+1 multicast service protection.

As shown in Figure 3-24, in virtual access dual-homing networking scenarios, multicast AP replication and IGMP multicast dual-device hot backup are deployed. After receiving an IGMP Join packet, the primary master generates host join information for multicast traffic transmission and generates multicast forwarding entries. In addition, the primary master backs up the IGMP Join packet to the secondary master. Based on the backup IGMP Join packet, the secondary master generates host join information for multicast traffic transmission and generates multicast forwarding entries. After receiving multicast traffic, the primary and secondary masters send the traffic to an AP through vaP2MP tunnels. The AP chooses to receive the multicast traffic from the primary master. If a BFD for vaP2MP session detects that the primary vaP2MP tunnel fails, the AP immediately chooses to receive multicast traffic from the backup vaP2MP tunnel, implementing rapid multicast service protection.

NOTE:

If a multicast source resides on the AP side, multicast AP replication does not support 1+1 dual feed and selective receiving.

Figure 3-24 IGMP multicast dual-device hot backup and 1+1 protection
Translation
Download
Updated: 2019-01-03

Document ID: EDOC1100055053

Views: 1570

Downloads: 28

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next