Information Exchange Principles
The dual-active system that is set up based on M-LAG provides device-level reliability. Figure 4-3 shows the M-LAG establishment process. The process includes the following stages:
DFS group pairing
After two M-LAG devices are configured, they send DFS group Hello packets to each other through the peer-link. When receiving Hello packets from the remote device, the local device checks whether the DFS group ID in the packets is the same as that of the local device. If the DFS group IDs are the same, DFS group pairing of the two devices is successful.
DFS group master/backup negotiation
After the pairing is successful, the two devices send DFS group device information packets to each other. The devices determine the DFS group master and backup status based on the DFS group priorities and system MAC addresses carried in the packets.
SwitchB is used as an example. When receiving packets from SwitchA, SwitchB checks and records information about SwitchA, and compares its DFS group priority with that of SwitchA. If SwitchA has a higher DFS group priority than SwitchB, SwitchA is the DFS master device and SwitchB is the DFS backup device. If SwitchA and SwitchB have the same DFS group priority, the device with a smaller MAC address functions as the DFS master device.
A DFS group consists of a master device and a backup device. Under normal circumstances, both the master and backup devices forward service traffic and their forwarding behaviors are the same. The master and backup devices have different forwarding behaviors only when a fault occurs.
Master/backup negotiation of M-LAG member interfaces
After DFS group master/backup negotiation is successful, the two devices send M-LAG device information packets carrying configuration information of M-LAG member interfaces to each other through the peer-link. After member interface information is synchronized, master and backup M-LAG member interfaces are determined.
When the local and remote member interfaces synchronize information, the interface that changes from Down to Up first becomes the master M-LAG member interface, and the other interface becomes the backup M-LAG member interface. By default, revertive switching is not performed between the master and backup interfaces. That is, if the device where the original master M-LAG member interface resides recovers from a failure, the original backup interface that becomes the master interface remains in master state, and the original master interface that recovers from a failure is still in backup state. The master/backup negotiation mechanism of M-LAG member interfaces differs from that of the DFS group.
The master and backup M-LAG member interfaces have different forwarding behaviors only when the M-LAG forwards multicast traffic.
DAD
After M-LAG master and backup devices are negotiated, the two devices send M-LAG DAD packets at an interval of 1s through the DAD link. If a device detects that the peer-link fails, it sends three DAD packets at an interval of 100 ms to accelerate detection. If both devices can receive packets from each other, the dual-active system starts to work.
Under normal circumstances, the DAD link does not participate in any traffic forwarding behaviors in the M-LAG. It is only used to detect whether two master devices exist when the DFS group pairing or peer-link fails. Therefore, the M-LAG still works properly even if DAD fails. The DAD link can be an external link, for example, if the M-LAG is connected to an IP network and the two member devices can communicate through the IP network, the link that enables communication between the member devices can function as the DAD link. An independent link that provides Layer 3 reachability can also be configured as the DAD link, for example, a link between management interfaces of the member devices can function as the DAD link.- The DAD link is deployed between management interfaces. Management interface IP addresses bound to the DFS group must be reachable to each other, and VPN instances are bound to management interfaces to ensure that DAD packets and service packets are separated.
- The DAD link is deployed on a service network, and the IP address bound to the DFS group must be reachable at Layer 3. If peer-link interfaces establish a routing neighbor relationship, DAD packets on the service network are transmitted through the peer-link using the optimal route. If the peer-link fails, DAD packets are transmitted to the remote device through the suboptimal path during route convergence, and the DAD time is 0.5s or 1s longer.
In V200R005C10 and later versions, two devices send DAD packets at the specified interval immediately after the heartbeat link is Up. In secondary fault rectification scenarios where enhanced DAD for secondary faults is enabled, faults on the original DFS master or backup device are rectified and the peer-link fault persists. If the local and remote devices' IP addresses are bound to the DFS group, M-LAG devices negotiate the HB DFS master/backup status based on the DFS information carried in DAD packets, and the corresponding interfaces on the HB DFS backup device are triggered to enter the Error-Down state, preventing abnormal traffic forwarding in the scenario where two master devices exist.
M-LAG information synchronization
When working properly, the two devices send M-LAG synchronization packets through the peer-link to synchronize information with each other in real time. M-LAG synchronization packets include MAC address entries, ARP entries, STP and VRRP packets information. The devices also send the status of M-LAG member interfaces. In this way, traffic forwarding is not affected when any device fails, ensuring that normal services are not interrupted.
For the CE12800, and CE12800E, after a VLANIF or VBDIF interface is configured on an M-LAG member device, the real MAC address of the VLANIF or VBDIF interface is synchronized to the peer device through the M-LAG synchronization channel and delivered as a dynamic MAC address.
Table 4-2 M-LAG synchronization packet informationType
Description
MAC
MAC address entry synchronization
ARP
ARP packet synchronization
ND
ND packet synchronization
STP
STP status synchronization
Others
Information such as the status of an M-LAG member interface
