System Management Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches
Bias-Free Language
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Beginning with the Cisco IOS XE 17.13.1 release, you can change VLANs when using a Precision Time Protocol (PTP) transparent
clock. PTP runs on a single VLAN, and previously, you could not change VLANs if you used a transparent clock (TC). You had
to use a PTP boundary clock (BC) if you wanted to change VLANs.
However, when you use a boundary clock, if the topology changes, the address of the BC also changes, which causes devices
using PTP to have time faults. The ability to use a PTP TC when end devices exist on a different VLAN from the grandmaster
clock instead of a boundary clock, enables you to build redundant networks that can tolerate a fault, and not cause time faults
on those end devices.
In Cisco IOS XE 17.13.1, the ability to change VLANs with PTP TC is documented for use with the Device Level Ring (DLR) protocol.
The following sections provide information about using PTP with DLR, including how the protocols work together and configuration
instructions.
Precision Time Protocol over Device Level Ring
Beginning with the Cisco IOS XE 17.13.1 release, when you use Precision Time Protocol (PTP), you can use the transparent clock
to change VLANs on a Device Level Ring (DLR). Previously, if you used the transparent clock while using PTP, you could not
change VLANs unless you switched to a boundary clock.
This feature is supported only on Cisco Catalyst IE3400 Rugged Series Switches and Cisco Catalyst IE3400 Heavy Duty Series Switches. See Limitations and Restrictions.
The integration of PTP and DLR delivers fast convergence in a time-sensitive application while ensuring that neither DLR nor
PTP cause any synchronization faults during an outage. The primary goal is to prevent PTP reconvergence on PTP endpoint devices
when there is a DLR fault/recovery.
This guide provides information about PTP over DLR, including guidelines and configuration steps. For detailed information
about PTP and DLR, see the following guides on cisco.com:
PTP is a protocol used for synchronizing clocks between networked devices to sub-microsecond accuracy. PTP uses the best master
clock algorithm (BMCA) to elect a grandmaster clock (GM), which is the synchronization source for all other clocks in the
network. However, the BMCA process can take several seconds, which can be a problem in the event of a DLR ring fault and subsequent
recovery.
To address the issue, the feature takes additional cautions in how it makes PTP works and how it converges over a DLR network:
GM election: The GM election process is optimized to reduce the time it takes to reconverge. This is achieved by using a combination of
DLR fast link failure detection and DLR ring fault or recovery events to trigger reconvergence on all switches of the DLR
ring simultaneously.
Fault Detection and Isolation: DLR provides rapid link fault detection and isolation by using a redundant ring topology. When a link fails, the DLR ring
automatically reconfigures to maintain connectivity. PTP takes advantage of this feature and ensure that it does not trigger
a reconvergence on PTP end devices.
PTP Transparent Clock
To support PTP on different VLANs, the PTP transparent clock on the Cisco switch needs to operate differently from "normal"
transparent clocks in which the VLAN ID of PTP messaging is not changed. The Cisco switch now supports two PTP VLAN behaviors.
The default is single vlan. The multi-VLAN feature must be enabled explicitly.
When PTP packets are received from the grandmaster clock (GMC) and ordinary clocks (OCs), they are terminated, and new PTP
packets are generated based on the PTP port VLAN configuration. That means that PTP packets with different VLAN IDs can be
supported on a transparent clock.
The PTP header and body data from the received packets are copied to the newly created packets at the PTP layer. As a result,
DLR ring switches and PTP endpoints connected to DLR ring switches do not see any PTP parent change after a DLR ring fault
or recovery.
The PTP port VLAN configuration and behavior are same as in boundary clocks.
On access ports, the access VLAN is used to transmit and receive PTP packets.
On trunk ports, by default, the trunk native VLAN is used to transmit and receive PTP packets.
On trunk ports, the interface level CLI command ptpvlanvlan_id is supported to configure the trunk nonnative VLAN used to transmit and receive PTP packets. PTP packets are transmitted
with VLAN tag when the nonnative VLAN is configured as PTP VLAN.
The following is the CLI command introduced in the Cisco IOS XE 17.13.1 release, applicable only for Cisco Catalyst IE3400 Rugged Series Switches and Cisco Catalyst IE3400 Heavy Duty Series Switches that support DLR: ptp mode e2etransparent multiple-vlan.
You can use PTP over DLR in a variety of different topologies for different purposes. This section provides information for
two common use cases and topologies.
The preceding illustration depicts a single-ring topology with the GMC off the ring and connected to the supervisor. The supervisor
in transparent clock mode. The ring has no breaks in it, and, as a result, the supervisor blocks all traffic on Port 2 (P2)
except for control traffic. The supervisor and DLR-enabled devices A, B, and C, are all in transparent clock mode. The configuration
prevents devices on the ring from seeing changes within their PTP system when the Layer 1 infrastructure has a fault. It also
causes DLR to open up P2.
In the illustration, a fault occurs between device A and B. Before the fault, device C would receive PTP messages on P1, because
P2 is blocking. After fault, P2 on the supervisor goes to forwarding state, which means the device will receive PTP messages
from the supervisor on P2.
If the supervisor is a device with multiple VLANs with normal transparent clock operation, its not possible to support the
forwarding of PTP messages on different VLANs. We recommend that you configure the DLR supervisor node in transparent clock
mode with multiple VLAN support. Doing so would allow the use of multiple VLANs while maintaining a single time source on
the ring.
The preceding diagram shows a single DLR ring used with the Spanning Tree Protocol (STP), with the GMC off the ring. The supervisor
in BC mode, the ring nodes, and STP switches are in TC mode.
When operating as a boundary clock (BC), all TCs and ordinary clocks view the supervisor as the PTP parent—more specifically,
the parent and the port number that the parent transmits with the PTP messages. in the diagram above, the PTP messages are
sent from Port 1. The PTP ID used by TCs and ordinary clocks recognizes the PTP parent based on the PTP clock ID of the supervisor,
the port number (for example, P1), and other attributes. All devices are synchronized to the PTP parent based on messages
transmitted from P1.
When a fault occurs in the ring, the supervisor recognizes the fault and opens P2. Doing so allows all traffic to transit
that port to reconverge the topology and provide connectivity to devices. The supervisor sends PTP traffic messages with the
port number changed to P2 instead of P1. The change causes the ordinary clocks (the end devices) to perceive a change of the
PTP parent. The perception can cause the end devices to resynchronize with the new PTP parent, and synchronizing to a new
PTP parent can be disruptive.
To overcome this limitation, we recommended that you configure the DLR supervisor node in TC mode with multiple VLAN support.
Doing so would allow the use of multiple VLANs while maintaining a single time source on the ring. Because all nodes in the
DLR ring are in TC mode, the parent ID and parent port number do not change when a failure occurs in the ring.
Limitations and Restrictions
Be aware of the following limitations and restrictions when using multple VLAN support and PTP over DLR:
Multiple VLAN support with TC has the following restrictions:
This feature is supported only on Cisco Catalyst Cisco Catalyst IE3400 Rugged Series Switches and Cisco Catalyst IE3400 Heavy Duty Series Switches.
DLR is the only Layer 2 redundancy protocol supported.
The following Layer 2 protocols have not been validated with multi-VLAN TC: REP, Spanning Tree, MRP, PRP, HSR.
Only the following PTP modes are allowed on DLR primary and backup supervisor or gateway nodes:
Boundary clock
Transparent clock—multiple VLAN
Transparent clock mode (without multiple VLAN support) is not allowed on DLR primary and backup supervisor or gateway nodes.
Transparent clock mode (without multiple VLAN support) can be configured on DLR beacon nodes.
PTP over DLR is not supported for PTP power profiles.
The processing of PTP packets is restricted to Layer 3 packets exclusively across the DLR ring, and it is imperative to prevent
any leakage of Layer 2 PTP packets into the DLR ring from external networks. Layer 2 PTP packets could lead to undesirable
looping and MAC flapping.
Configuring PTP over DLR
Prerequisites
For information about PTP and DLR and configuration instructions, see the following documentation on cisco.com
Verify the configuration by entering the following command: sh run | in ptp
Example:
Switch#sh run | in ptp
ptp mode e2etransparent multiple-vlan
Configure the PTP Interface
Configure the PTP interface to allow users to choose which VLAN to use to transmit and receive PTP packets on a trunk port.
Before you begin
Create the required PTP VLAN using the vlanvlan_id CLI command. The PTP VLAN also must be allowed on the trunk port.
Procedure
Enter the following command: vlanvlan_id
Example:
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#vlan 20
Switch(config-vlan)#exit
Switch(config)#int gigabitEthernet 2/3
Switch(config-if)#switchport mode trunk
Switch(config-if)#switchport trunk allowed vlan add 20
Switch(config-if)#ptp vlan 20
Switch(config-if)#end
Switch#
Show CLI Commands
This section lists the show commands that you can use for PTP and examples of their output.
show ptp clock
switch#show ptp clock
PTP CLOCK INFO
PTP Device Type: End to End transparent clock - Multiple Vlan
PTP Device Profile: Default Profile
Clock Identity: 0x68:C8:EB:FF:FE:0:25:C0
Clock Domain: 0
Number of PTP ports: 10
Time Transfer: Linear Filter
Offset From Master(ns): 0
Mean Path Delay(ns): 0
TTL Value: 1
DSCP Value for Event Messages: 59
DSCP Value for General Messages: 47
Delay Mechanism: End to End
Local clock time: 21:38:35 UTC Mar 21 2023
switch#show ptp port gigabitEthernet 1/1
PTP PORT DATASET: GigabitEthernet1/5
Port identity: clock identity: 0xC:75:BD:FF:FE:C8:66:80
Port identity: port number: 1
PTP version: 2
Port state FAULTY: FALSE
Sync fault limit: 500000
Port PTP VLAN Id: 200
show ptp port gigabitEthernet 2/3
switch#show ptp port gigabitEthernet 2/3
PTP PORT DATASET: GigabitEthernet2/3
Port identity: clock identity: 0xC:75:BD:FF:FE:C8:66:80
Port identity: port number: 13
PTP version: 2
Port state FAULTY: FALSE
Sync fault limit: 500000
Port VLAN Id: 20
Rogue master block: False
show run int gigabitEthernet 2/3
switch#show run int gigabitEthernet 2/3
Building configuration...
Current configuration : 157 bytes
!
interface GigabitEthernet2/3
switchport trunk native vlan 10
switchport trunk allowed vlan 10,20,30
switchport mode trunk
ptp vlan 20
dlr ring 1
end
Feature History for Changing VLANs with PTP Transparent Clock
This table provides release and related information for features explained in this chapter. These features are available on
all releases subsequent to the one they were introduced in, unless noted otherwise.
Release
Feature
Feature information
Cisco IOS XE 17.13.1
Multiple VLAN selection with PTP transparent clock (TC)
Beginning in this release, you can change VLANs when using a Precision Time Protocol (PTP) TC. This feature is documented
for use with the Device Level Ring (DLR) protocol.