The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
The OSPFv2 Loop-Free Alternate IP Fast Reroute feature uses a precomputed alternate next hop to reduce failure reaction time when the primary next hop fails. It lets you configure a per-prefix Loop-Free Alternate (LFA) path that redirects traffic to a next hop other than the primary neighbor. The forwarding decision is made and service is restored without other routers’ knowledge of the failure.
Open Shortest Path First (OSPF) supports IP Fast Reroute (FRR) only on platforms that support this feature in the forwarding plane. See the Cisco Feature Navigator at http://www.cisco.com/go/cfn for information on platform support. An account on Cisco.com is not required.
IPv6 LFA IP FRR is not supported.
LFA IP FRR is not supported with primary path or backup path as Multiprotocol Label Switching (MPLS).
LFA IP FRR is not supported with primary path or backup path as Equal-Cost Multipath (ECMP).
LFA IP FRR is not supported for OSPFv2 VRF-Lite.
LFA IP FRR is only available at the network-advantage license level.
Generic Routing Encapsulation (GRE) tunnel as primary path is not supported.
The convergence time may be higher in cases of high CPU utilization.
The convergence time is dependent on the primary link status detection, and so, if the physical link goes down in cases of logical interfaces such as Switched Virtual interface (SVI) and port channels, the convergence time is expected to be higher.
The following sections provide detailed information about OSPFv2 Loop-Free Alternate IP Fast Reroute.
The following figure shows how the OSPFv2 Loop-Free Alternate IP Fast Reroute feature reroutes traffic if a link fails. A protecting router precomputes per-prefix repair paths and installs them in the global routing information base (RIB). When the protected primary path fails, the protecting router diverts live traffic from the primary path to the stored repair path without other routers having to recompute the network topology or even be aware that the network topology has changed.
When a primary path fails, many paths are possible repair candidates. The Loop-Free Alternate IP Fast Reroute feature's default selection policy prioritizes attributes in the following order:
srlg
primary-path
interface-disjoint
lowest-metric
linecard-disjoint
node-protecting
broadcast-interface-disjoint
If the evaluation does not select any candidate, the repair path is selected by implicit load balancing. This means that repair path selection varies depending on prefix.
Use the show ip ospf fast-reroute command to display the current configuration.
Use the fast-reroute tie-break command to configure one or more of the repair-path attributes described in the following sections:
A shared risk link group (SRLG) is a group of next-hop interfaces comprising repair and protected primary paths that have a high likelihood of failing simultaneously. The OSPFv2 Loop-Free Alternate IP Fast Reroute feature supports only the SRLGs that are locally configured on the computing router. VLANs on a single physical interface are an example of an SRLG. If the physical interface fails, all the VLAN interfaces will fail at the same time. The default repair-path attributes might result in the primary path on one VLAN being protected by a repair path over another VLAN. You can configure the srlg attribute to specify that LFA repair paths do not share the same SRLG ID as the primary path. Use the srlg command to assign an interface to an SRLG.
Point-to-point interfaces have no alternate next hop for rerouting if the primary gateway fails. You can set the interface-disjoint attribute to prevent the selection of such repair paths, thus protecting the interface.
LFA repair paths protect links when a repair path and a protected primary path use different next-hop interfaces. However, on broadcast interfaces, if the LFA repair path is computed through the same interface as the primary path, but their next-hop gateways are different, the node is protected, but the link might not be. You can set the broadcast-interface-disjoint attribute to specify that the repair path never crosses the broadcast network the primary path points to; that is, the repair path cannot use the interface and the broadcast network connected to it.
See Broadcast and Non-Broadcast Multi-Access (NBMA) Links in RFC 5286, Basic Specification for IP Fast Reroute: Loop-Free Alternates for information on network topologies that require this tiebreaker.
The default repair-path attributes might not protect the router that is the next hop in a primary path. You can configure the node-protecting attribute to specify that the repair path will bypass the primary-path gateway router.
In the case of a high-level network failure or multiple simultaneous network failures, traffic sent over an alternate path might loop until OSPF recomputes the primary paths. You can configure the downstream attribute to specify that the metric of any repair path to the protected destination must be lower than that of the protecting node to the destination. This might result in lost traffic, but it prevents looping.
Line-card interfaces are similar to SRLGs because all the interfaces on the same line card will fail at the same time if there is a problem with the line card, for example, line card online insertion and removal (OIR). You can configure the linecard-disjoint attribute to specify that LFA repair paths use interfaces that are different from those on the primary-path line card.
An LFA repair path need not be the most efficient of candidates. A high-cost repair path might be considered more attractive if it provides protection against higher-level network failures. You can configure the metric attribute to specify a repair-path policy that has the lowest metric.
Equal-cost multipath paths (ECMPs) found during the primary shortest path first (SPF) repair, might not be desirable in network designs where traffic is known to exceed the capacity of a single link. You can configure the primary-path attribute to specify an LFA repair path from the ECMP set, or the secondary-path attribute to specify an LFA repair path that is not from the ECMP set.
When OSPF computes a repair path, it keeps only the best candidate path in the local RIB in order to conserve memory. Use the fast-reroute keep-all-paths command to create a list of all the candidate repair paths that were considered. This information can be useful for troubleshooting, but because it can greatly increase memory consumption, it should be reserved for testing and debugging.
The following sections provide information about the various tasks that comprise the configuration of OSPFv2 Loop-Free Alternate IP Fast Reroute.
Perform this task to enable per-prefix OSPFv2 Loop-Free Alternate IP Fast Reroute and select the prefix priority in an OSPF area.
| Command or Action | Purpose | |
|---|---|---|
|
Step 1 |
enable Example: |
Enables privileged EXEC mode. Enter your password, if prompted. |
|
Step 2 |
configure terminal Example: |
Enters global configuration mode. |
|
Step 3 |
router ospf process-id Example: |
Enables OSPF routing and enters router configuration mode. |
|
Step 4 |
fast-reroute per-prefix enable prefix-priority priority-level Example: |
Enables repair-path computation and selects the priority level for repair paths. Low priority specifies that all the prefixes have the same eligibility for protection. High priority specifies that only high-priority prefixes are protected. |
|
Step 5 |
exit Example: |
Exits router configuration mode and returns to global configuration mode. |
Perform this task to specify which prefixes will be protected by LFA IP FRR. Only prefixes specified in the route map will be protected.
 Note |
Only the match tag , match route-type , and match ip address prefix-list match keywords are recognized in the route map: |
| Command or Action | Purpose | |
|---|---|---|
|
Step 1 |
enable Example: |
Enables privileged EXEC mode. Enter your password, if prompted. |
|
Step 2 |
configure terminal Example: |
Enters global configuration mode. |
|
Step 3 |
route-map map-tag [permit | deny] [sequence-number ] Example: |
Enters route-map configuration mode and specifies the map name. |
|
Step 4 |
match tag tag-name Example: |
Specifies the prefixes to be matched. Only prefixes that match the tag are protected. |
|
Step 5 |
exit Example: |
Exits route-map configuration mode and returns to global configuration mode. |
|
Step 6 |
router ospf process-id Example: |
Enables OSPF routing and enters router configuration mode. |
|
Step 7 |
prefix-priority priority-level route-map map-tag Example: |
Sets the priority level for repair paths and specifies the route map that defines the prefixes. |
|
Step 8 |
exit Example: |
Exits router configuration mode and returns to global configuration mode. |
Perform this task to configure a repair path selection policy, specifying a tiebreaking condition. See the LFA Repair Path Attributes for information on tiebreaking attributes.
| Command or Action | Purpose | |
|---|---|---|
|
Step 1 |
enable Example: |
Enables privileged EXEC mode. Enter your password if prompted. |
|
Step 2 |
configure terminal Example: |
Enters global configuration mode. |
|
Step 3 |
router ospf process-id Example: |
Enables OSPF routing and enters router configuration mode. |
|
Step 4 |
fast-reroute per-prefix tie-break attribute [required] index index-level Example: |
Configures a repair path selection policy by specifying a tie-breaking condition and setting its priority level. |
|
Step 5 |
exit Example: |
Exits router configuration mode and returns to global configuration mode. |
Perform this task to create a list of paths considered for LFA IP FRR.
| Command or Action | Purpose | |
|---|---|---|
|
Step 1 |
enable Example: |
Enables privileged EXEC mode. Enter your password if prompted. |
|
Step 2 |
configure terminal Example: |
Enters global configuration mode. |
|
Step 3 |
router ospf process-id Example: |
Enables OSPF routing and enters router configuration mode. |
|
Step 4 |
fast-reroute keep-all-paths Example: |
Specifies creating a list of repair paths considered for LFA IP FRR. |
|
Step 5 |
exit Example: |
Exits router configuration mode and returns to global configuration mode. |
Perform this task to prohibit an interface from being used as the next hop in a repair path.
| Command or Action | Purpose | |
|---|---|---|
|
Step 1 |
enable Example: |
Enables privileged EXEC mode. Enter your password if prompted. |
|
Step 2 |
configure terminal Example: |
Enters global configuration mode. |
|
Step 3 |
interface type number Example: |
Enters interface configuration mode for the interface specified. |
|
Step 4 |
ip ospf fast-reroute per-prefix candidate disable Example: |
Prohibits the interface from being used as the next hop in a repair path. |
|
Step 5 |
exit Example: |
Exits interface configuration mode and returns to global configuration mode. |
The following sections provide examples of OSPFv2 Loop-Free Alternate IP Fast Reroute configuration.
The following example shows how to enable per-prefix OSPFv2 LFA IP FRR and select the prefix priority in an OSPF area:
Device> enable
Device# configure terminal
Device(config)# router ospf 10
Device(config-router)# fast-reroute per-prefix enable prefix-priority low
Device(config-router)# end
The following example shows how to specify which prefixes will be protected by LFA FRR:
Device> enable
Device# configure terminal
Device(config)# router ospf 10
Device(config-router)# prefix-priority high route-map OSPF-PREFIX-PRIORITY
Device(config-router)# fast-reroute per-prefix enable prefix-priority high
Device(config-router)# network 192.0.2.1 255.255.255.0 area 0
Device(config-router)# route-map OSPF-PREFIX-PRIORITY permit 10
Device(config-router)# match tag 866
Device(config-router)# end
The following example shows how to configure a repair-path selection policy that sets SRLG, line card failure, and downstream as tiebreaking attributes, and sets their priority indexes:
Device> enable
Device# configure terminal
Device(config)# router ospf 10
Device(config-router)# fast-reroute per-prefix enable prefix-priority low
Device(config-router)# fast-reroute per-prefix tie-break srlg required index 10
Device(config-router)# fast-reroute per-prefix tie-break linecard-disjoint index 15
Device(config-router)# fast-reroute per-prefix tie-break downstream index 20
Device(config-router)# network 192.0.2.1 255.255.255.0 area 0
Device(config-router)# end
The following example shows how to keep a record of repair-path selection:
Device> enable
Device# configure terminal
Device(config)# router ospf 10
Device(config-router)# fast-reroute per-prefix enable prefix-priority low
Device(config-router)# fast-reroute keep-all-paths
Device(config-router)# network 192.0.2.1 255.255.255.0 area 0
Device(config-router)# end
The following example shows how to prohibit an interface from being a protecting interface:
Device> enable
Device# configure terminal
Device(config)# interface Ethernet 0/0
Device(config-if)# ip address 192.0.2.1 255.255.255.0
Device(config-if)# ip ospf fast-reroute per-prefix candidate disable
Device(config-if)# end
This table provides release and related information for the features explained in this module.
These features are available in all the releases subsequent to the one they were introduced in, unless noted otherwise.
|
Release |
Feature |
Feature Information |
|---|---|---|
|
Cisco IOS XE Amsterdam 17.3.1 |
OSPFv2 Loop-Free Alternate IP Fast Reroute |
The OSPFv2 Loop-Free Alternate IP Fast Reroute feature uses a precomputed alternate next hop to reduce failure reaction time when the primary next hop fails. |
Use the Cisco Feature Navigator to find information about platform and software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn.
Feedback