Implementing IP Fast Reroute Loop-Free Alternate

IP Fast Reroute Loop-Free Alternate feature enables you to tunnel a packet around a failed link to a remote loop-free alternate that is more than one hop away.

Prerequisites for IPv4/IPv6 Loop-Free Alternate Fast Reroute

  • Loop-Free Alternate (LFA) Fast Reroute (FRR) can protect paths that are reachable through an interface only if the interface is a point-to-point interface.

  • When a LAN interface is physically connected to a single neighbor, you should configure the LAN interface as a point-to-point interface so that it can be protected through LFA FRR.

Restrictions for Loop-Free Alternate Fast Reroute

  • Load balance support is available for FRR-protected prefixes, but the 50 ms cutover time is not guaranteed.

  • A maximum of eight FRR-protected interfaces can simultaneously undergo a cutover.

  • Only Layer 3 VPN is supported.

  • The remote LFA backup path for MPLS traffic can be setup only using LDP.

  • LFA calculations are restricted to interfaces or links belonging to the same level or area. Hence, excluding all neighbors on the same LAN when computing the backup LFA can result in repairs being unavailable in a subset of topologies.

  • Only physical and physical port-channel interfaces are protected. Subinterfaces, tunnels, and virtual interfaces are not protected.

  • Border Gateway Protocol (BGP) Prefix-Independent Convergence (PIC) and IP FRR can be configured on the same interface as long as they are not used for the same prefix.

  • IPv6 LFA FRR not supported over TE tunnel.

IS-IS and IP FRR

When a local link fails in a network, IS-IS recomputes new primary next-hop routes for all affected prefixes. These prefixes are updated in the RIB and the Forwarding Information Base (FIB). Until the primary prefixes are updated in the forwarding plane, traffic directed towards the affected prefixes are discarded. This process can take hundreds of milliseconds.

In IP FRR, IS-IS computes LFA next-hop routes for the forwarding plane to use in case of primary path failures. LFA is computed per prefix.

When there are multiple LFAs for a given primary path, IS-IS uses a tiebreaking rule to pick a single LFA for a primary path. In case of a primary path with multiple LFA paths, prefixes are distributed equally among LFA paths.

Repair Paths

Repair paths forward traffic during a routing transition. When a link or a router fails, due to the loss of a physical layer signal, initially, only the neighboring routers are aware of the failure. All other routers in the network are unaware of the nature and location of this failure until information about this failure is propagated through a routing protocol, which may take several hundred milliseconds. It is, therefore, necessary to arrange for packets affected by the network failure to be steered to their destinations.

A router adjacent to the failed link employs a set of repair paths for packets that would have used the failed link. These repair paths are used from the time the router detects the failure until the routing transition is complete. By the time the routing transition is complete, all routers in the network revise their forwarding data and the failed link is eliminated from the routing computation.

Repair paths are precomputed in anticipation of failures so that they can be activated the moment a failure is detected.

The LFA FRR feature uses the following repair paths:
  • Equal Cost Multipath (ECMP) uses a link as a member of an equal cost path-split set for a destination. The other members of the set can provide an alternative path when the link fails.

  • LFA is a next-hop route that delivers a packet to its destination without looping back. Downstream paths are a subset of LFAs.

LFA Overview

LFA is a node other than the primary neighbor. Traffic is redirected to an LFA after a network failure. An LFA makes the forwarding decision without any knowledge of the failure.

An LFA must neither use a failed element nor use a protecting node to forward traffic. An LFA must not cause loops. By default, LFA is enabled on all supported interfaces as long as the interface can be used as a primary path.

Advantages of using per-prefix LFAs are as follows:
  • The repair path forwards traffic during transition when the primary path link is down.

  • All destinations having a per-prefix LFA are protected. This leaves only a subset (a node at the far side of the failure) unprotected.

LFA Calculation

The general algorithms to compute per-prefix LFAs can be found in RFC 5286. IS-IS implements RFC 5286 with a small change to reduce memory usage. Instead of performing a Shortest Path First (SPF) calculation for all neighbors before examining prefixes for protection, IS-IS examines prefixes after SPF calculation is performed for each neighbor. Because IS-IS examines prefixes after SPF calculation is performed, IS-IS retains the best repair path after SPF calculation is performed for each neighbor. IS-IS does not have to save SPF results for all neighbors.

Interaction Between RIB and Routing Protocols

A routing protocol computes repair paths for prefixes by implementing tiebreaking algorithms. The end result of the computation is a set of prefixes with primary paths, where some primary paths are associated with repair paths.

A tiebreaking algorithm considers LFAs that satisfy certain conditions or have certain attributes. When there is more than one LFA, configure the fast-reroute per-prefix command with the tie-break keyword. If a rule eliminates all candidate LFAs, then the rule is skipped.

A primary path can have multiple LFAs. A routing protocol is required to implement default tiebreaking rules and to allow you to modify these rules. The objective of the tiebreaking algorithm is to eliminate multiple candidate LFAs, select one LFA per primary path per prefix, and distribute the traffic over multiple candidate LFAs when the primary path fails.

Tiebreaking rules cannot eliminate all candidates.

The following attributes are used for tiebreaking:
  • Downstream—Eliminates candidates whose metric to the protected destination is lower than the metric of the protecting node to the destination.

  • Linecard-disjoint—Eliminates candidates sharing the same linecard with the protected path.

  • Shared Risk Link Group (SRLG)—Eliminates candidates that belong to one of the protected path SRLGs.

  • Load-sharing—Distributes remaining candidates among prefixes sharing the protected path.

  • Lowest-repair-path-metric—Eliminates candidates whose metric to the protected prefix is higher.

  • Node protecting—Eliminates candidates that are not node protected.

  • Primary-path—Eliminates candidates that are not ECMPs.

  • Secondary-path—Eliminates candidates that are ECMPs.

Configuring Fast Reroute Support


Note


LFA computations are enabled for all routes and FRR is enabled for all supported interfaces.


SUMMARY STEPS

  1. configure
  2. router isis process-id
  3. is-type{ level-1 | level-1-2 | level-2-only }
  4. net net
  5. address-family {ipv4 | ipv6} [unicast | multicast]
  6. metric-style wide
  7. exit
  8. interface bundle bundle-id
  9. address-family {ipv4 | ipv6} [unicast | multicast]
  10. fast-reroute per-prefix

DETAILED STEPS

  Command or Action Purpose

Step 1

configure

Example:

RP/0/RP0/CPU0:router# configure

Enters global configuration mode.

Step 2

router isis process-id

Example:

RP/0/RP0/CPU0:router(config-if)# router isis core

Enables IS-IS routing for the specified routing instance, and places the router in router configuration mode. By default, all IS-IS instances are automatically at Level 1 and Level 2. You can change this level by a particular routing instance using the is-type router configuration command.

Step 3

is-type{ level-1 | level-1-2 | level-2-only }

Example:

RP/0/RP0/CPU0:router(config-isis)#is-type level-2-only 

(Optional) Configures the system type (area or backbone router).

By default, every IS-IS instance acts as a level-1-2 router.

  • The level-1 keyword configures the software to perform only Level 1 (intra-area) routing. Only Level 1 adjacencies are established. The software only detects destinations within its area. Packets containing destinations outside the area if any, are sent to the nearest level-1-2 router in the area.

  • The level-2-only keyword configures the software to perform Level 2 (backbone) routing only, the router only establishes Level 2 adjacencies. It is established either with other Level 2-only routers or with level-1-2 routers.

  • The level-1-2 keyword configures the software to perform both Level 1 and Level 2 routing. Both Level 1 and Level 2 adjacencies are established. The router acts as a border router between the Level 2 backbone and its Level 1 area.

Step 4

net net

Example:

RP/0/RP0/CPU0:router(config-isis)# net 47.0001.0000.0000.8888.00

Configures an IS-IS network entity (NET) for a routing process.

Step 5

address-family {ipv4 | ipv6} [unicast | multicast]

Example:

RP/0/RP0/CPU0:router(config-isis)# address-family ipv4 unicast 

Specifies the IPv4 or IPv6 address family, and enters the interface address family configuration mode.

Step 6

metric-style wide

Example:

RP/0/RP0/CPU0:router(config-isis-af)# metric-style wide 

Configures a router to generate and accept wide link metrics only.

Step 7

exit

Example:

RP/0/RP0/CPU0:router(config-isis-af)# exit 

Exits router address family configuration mode, and resets the router to router configuration mode.

Step 8

interface bundle bundle-id

Example:

RP/0/RP0/CPU0:router(config-isis)# interface Bundle-Ether 9 

Creates and names a new Ethernet link bundle.

Step 9

address-family {ipv4 | ipv6} [unicast | multicast]

Example:

RP/0/RP0/CPU0:router(config-isis-if)# address-family ipv4 unicast 

Specifies the IPv4 or IPv6 address family, and enters interface address family configuration mode.

Step 10

fast-reroute per-prefix

Example:

RP/0/RP0/CPU0:router(config-isis-if-af)# fast-reroute per-prefix 

Enables per-prefix FRR.

Configuring IPv4 Loop-Free Alternate Fast Reroute Support: Example

The following example shows how to configure IPv4 LFA FRR.

router isis core
 is-type level-2-only
 net 47.0001.0000.0000.8888.00 
 address-family ipv4 unicast
  metric-style wide
	 exit  
 ! 
 interface Bundle-Ether 9
  point-to-point
  address-family ipv4 unicast
   fast-reroute per-prefix
  !
 !

Additional References

The following sections provide references related to implementing IPv4/IPv6 Loop-Free Alternate Fast Reroute.

Related Documents

Related Topic

Document Title

IS-IS commands

Routing Command Reference for Cisco NCS 6000 Series Routers

MPLS commands

Routing Command Reference for Cisco NCS 6000 Series Routers

MIBs

MIBs

MIBs Link

To locate and download MIBs using Cisco IOS XR software, use the Cisco MIB Locator found at the following URL and choose a platform under the Cisco Access Products menu: https://mibs.cloudapps.cisco.com/ITDIT/MIBS/servlet/index

Technical Assistance

Description

Link

The Cisco Technical Support website contains thousands of pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content.

http://www.cisco.com/techsupport