No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - VPN

S7700 and S9700 V200R013C00

This document describes the configurations of VPN, including GRE, IPSec, BGP/MPLS IP VPN, BGP/MPLS IPv6 VPN, VLL, PWE3, VPLS, L2VPN Access to L3VPN.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
VPN FRR

VPN FRR

Definition

As networks develop rapidly, the time used for end-to-end service convergence if a fault occurs on a carrier's network has been used as an indicator to measure bearer network performance. MPLS TE Fast Reroute (FRR) is a commonly used fast switching technology. MPLS TE FRR creates an end-to-end TE tunnel between two PEs and a backup LSP that protects a primary LSP. When either PE detects the primary LSP is unavailable because of a node or link failure, the one that detects the failure switches the traffic to the backup LSP.

MPLS TE FRR protects services in case a link or node fails between two PEs at both ends of a TE tunnel. MPLS TE FRR, however, cannot protect services in case a PE device fails. If a fault occurs on the ingress or egress, services can only be restored through end-to-end route convergence and LSP convergence. The service convergence time is closely related to the number of routes inside an MPLS VPN and the number of LSP hops on the bearer network. More VPN routes mean longer service convergence time and more lost traffic.

VPN FRR sets forwarding entries in advance that point to active and standby PEs on a remote PE. VPN FRR collaborates with fast PE fault detection to reduce end-to-end service convergence time if a fault occurs in an MPLS VPN (where a CE is dual-homed to two PEs). In VPN FRR, service convergence time only depends on the time required to detect remote PE device faults and change tunnel status. The service convergence time is not affected by the number of VPN routes because of VPN FRR.

Implementation

Figure 3-29 shows an example of typical VPN FRR networking.

Figure 3-29  Typical VPN FRR networking

In Figure 3-29, normally, CE1 accesses CE2 over Link A. If PE2 is Down, CE1 accesses CE2 over Link B.
  • Both PE2 and PE3 advertise routes destined for CE2 to PE1, and assign VPN labels to these routes. They do so based on traditional BGP/MPLS VPN technology. PE1 then selects a preferred VPNv4 route based on the routing policy. In this example, the preferred route is the route advertised by PE2. Only the routing information, including the forwarding prefix, inner label, and selected LSP, advertised by PE2 is filled into the forwarding entry of the forwarding engine to guide packet forwarding.
  • If PE2 fails, PE1 detects the PE2 fault (the BGP peer relationship becomes Down or the outer LSP is unavailable). PE1 then selects the route advertised by PE3 and updates the forwarding entry to complete end-to-end convergence. Before PE1 delivers the forwarding entry matching the route advertised by PE3, CE1 cannot communicate with CE2 for a certain period because the destination of the outer LSP, PE2, is Down. As a result, end-to-end services are interrupted.
  • VPN FRR is an improvement on the traditional reliability technology. VPN FRR enables PE1 to add the optimal route advertised by PE2 and the secondary optimal route advertised by PE3 to a forwarding entry. The optimal route is used for traffic forwarding, and the secondary optimal route is used as a backup route.
  • If a fault occurs on PE2, the MPLS LSP between PE1 and PE2 becomes unavailable. After detecting the fault, PE1 marks the corresponding entry in the LSP status table as unavailable, and delivers the setting to the forwarding table. After selecting a forwarding entry, the forwarding engine examines the status of the LSP corresponding to the forwarding entry. If the LSP is unavailable, the forwarding engine uses the second-best route carried in the forwarding entry to forward packets. After being tagged with the inner labels assigned by PE3, packets are transmitted to PE3 over the LSP between PE1 and PE3 and then forwarded to CE2. In this manner, fast end-to-end service convergence is implemented and traffic from CE1 to CE2 is restored.

VPN FRR performs fast switching based on inner labels. Outer tunnels can be LDP LSPs or RSVP TE tunnels. When the forwarding engine detects the outer tunnel is unavailable, it triggers fast switching based on inner labels.

Translation
Download
Updated: 2019-04-08

Document ID: EDOC1100065751

Views: 38790

Downloads: 50

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next