Information About HSR
High-availability Seamless Redundancy (HSR) is defined in International Standard IEC 62439-3-2016 clause 5. HSR is similar to Parallel Redundancy Protocol (PRP) but is designed to work in a ring topology. Instead of two parallel independent networks of any topology (LAN-A and LAN-B), HSR defines a ring with traffic in opposite directions. Port-A sends traffic counter clockwise in the ring, and Port-B sends traffic clockwise in the ring.
The HSR packet format is also different from PRP. To allow the router to determine and discard duplicate packets, additional protocol specific information is sent with the data frame. For PRP, this is sent as part of a trailer called the redundancy control trailer (RCT), whereas for HSR this is sent as part of the header called the HSR header. Both the RCT and HSR header contain a sequence number, which is the primary data used to determine if the received frame is the first instance or a duplicate instance.
The non-switching nodes with two interfaces attached to the HSR ring are referred to as Doubly Attached Nodes implementing HSR (DANHs). Similar to PRP, Singly Attached Nodes (SANs) are attached to the HSR ring through a device called a RedBox (Redundancy Box). The RedBox acts as a DANH for all traffic for which it is the source or the destination. The router implements RedBox functionality using Gigabit Ethernet port connections to the HSR ring.
The following figure shows an example of an HSR ring as described in IEC 62439-3. In this example, the RedBox is an IR8340.
Devices that do not support HSR out of the box (for example, laptops and printers) cannot be attached to the HSR ring directly because all HSR capable devices must be able to process the HSR header on packets received from the ring and add the HSR header to all packets sent into the ring. These nodes are attached to the HSR ring through a RedBox. As shown in the figure above, the RedBox has two ports on the DANH side. Non-HSR SAN devices are attached to the upstream switch ports. The RedBox generates the supervision frames on behalf of these devices so that they are seen as DANH devices on the ring. Because the RedBox emulates these as DANH, they are called Virtual Doubly Attached Nodes (VDAN).
Loop Avoidance
To avoid loops and use network bandwidth effectively, the RedBox does not transmit frames that are already transmitted in same direction. When a node injects a packet into the ring, the packet is handled as follows to avoid loops:
-
Unicast packet with destination inside the ring: When the unicast packet reaches the destination node, the packet is consumed by the respective node and is not forwarded.
-
Unicast packet with destination not inside the ring: Because this packet does not have a destination node in the ring, it is forwarded by every node in the ring until it reaches the originating node. Because every node has a record of the packet it sent, along with the direction in which it was sent, the originating node detects that packet has completed the loop and drops the packet.
-
Multicast packet: A multicast packet is forwarded by each node because there can be more than one consumer of this packet. For this reason a multicast packet always reaches the originating node. However, every node will check whether it has already forwarded the received packet through its outgoing interface. Once the packet reaches the originating node, the originating node determines that it already forwarded this packet and drops the packet instead of forwarding it again.
HSR RedBox Modes of Operation
An HSR RedBox can operate in one of the following modes that define how HSR handles packets in different scenarios:
-
HSR-SAN—This is the most basic mode. In this mode, the RedBox connects SAN devices to an HSR Ring. No other PRP or HSR network is involved in this configuration. In this mode, the traffic on the upstream switch port does not have HSR/PRP tags, and the RedBox represents the SAN device as a VDAN in the ring.
-
HSR-PRP—This configuration is used to bridge HSR and PRP networks. The RedBox extracts the data from the PRP frame and generates the HSR frame using this data, and it performs the reverse operation for packets in the opposite direction.
More than one PRP network can be bridged to one HSR ring and vice versa.
-
HSR-HSR—In this mode, two HSR rings are connected through a four-port device called a QuadBox. In this mode, two of the ports on the switch are associated with one HSR ring, and the other two ports are associated with the second HSR ring. The remaining ports on the switch are shut down.
 Note |
Only HSR-SAN mode is supported on IR8340 in Cisco IOS XE Release 17.8.x. |
HSR-SAN Mode
In HSR-SAN mode, the RedBox inserts the HSR tag on behalf of the host and forwards the ring traffic, except for frames sent by the node itself, duplicate frames, and frames for which the node is the unique destination. In this mode, packets are handled as follows:
-
A source DANH sends a frame passed from its upper layers ("C" frame), prefixes it with an HSR tag to identify frame duplicates, and sends the frame over each port ("A" frame and "B" frame).
-
A destination DANH receives two identical frames from each port within a certain interval. The destination DANH removes the HSR tag of the first frame before passing it to its upper layers and discards any duplicate.
-
Each node in the HSR ring forwards frames received from one port to the other port of the HSR pair. A node will not forward frames received on one port to the other under the following conditions:
-
The received frame returns to the originating node in the ring.
-
The frame is a unicast frame with a destination MAC address of a node upstream of the receiving node.
-
The node had already sent the same frame in the same direction. This rule prevents a frame from spinning in the ring in an infinite loop.
-
Note |
Maximum of 512 entries of node table and 512 entries of VDAN table is supported. |
HSR-SAN Interfaces
One HSR ring can be configured on the following specific port pairs:
-
Gi0/1/4, Gi0/1/5
-
Gi0/1/6, Gi0/1/7
Feedback