The
information contained herein is subject to change without notice
Topics of Discussion
High Availability what is it and why we need it? High Availability problems to solve High Availability how to make it?
What
Five nines 99.999% - 5 minutes in a year downtime Service availability (always on, internet dial tone) Absolute reliability and survivability Data integrity and protection
Why
Internet centralized service model Many people rely on network delivered service (service dependency) Around the clock operation no maintenance time. Carrier-grade systems a buzzword Business downtime costs a lot of money
Problem
Equipment and software not reliable enough MTBF and MTTR availability = (MTBF + MTTR)/MTTR Complex systems combination of MTBF of components MTTR for HW/SW automatic recovery (reboot) still bad
How
No single point of failure hardware, software, network Redundancy for hardware Warm restarts for software (problematic) so better rely on hardware redundancy as well
Redundancy Types
Load sharing, Load balanced, Active/Active, hot standby, cold standby 1:1, 1:N, M:N Chain redundancy versus block redundancy
Network challenges
Faults and Fault isolation Failures result of faults Ways to recover redundancy hot failover Hardware failover switching HW resources (network, fans, CPUs) Software failover applications, protocols, databases etc
Design principles
Hot swappability support to replace faulty units (FRUs) Resource (equipment and software modules) model and management Logging, trace, reporting of failures/switchovers Checkpointing (data mirroring or synchronization) initially and continuously Provisioning redundancy state, software upgrades, different versions.
9 Internal Use Only. HP Confidential.
10
11
Convergence Layer
Modular
Access Layer
Expandable
Redundant
Service Layer
12 Internal Use Only. HP Confidential.
13
14
15
16
NSF schematic
As an important HA technology on the service plane, NSF ensures non-stop data forwarding when the control plane of the switch fails, for example, fault-triggered restart or routing oscillation, thus preventing various streams of the network from being impacted. To support NSF, a device should meet the following two requirements: The device should adopt the distributed architecture, with data forwarding separate from control, and support dual MPUs. When an active/standby switchover takes place, the standby MPU must save IP/MPLS forwarding entries (forwarding plane) successfully.
Status (control plane) of some protocols can be saved. For OSPF, IS-IS, BGP, LDP and other complicated protocols, it costs a lot or it is impossible to completely back up complicated status of the control plane. In contrast, by partly backing up some protocol status (or not backing up protocol status) and the help of adjacent devices, session connections on the control panel are not reset in the case of active/standby switchover so that forwarding is not interrupted.
17
GR schematic diagram
18
GR schematic
The technology for not resetting the control plane is called graceful restart (GR) of routing protocols, which shows that forwarding is not interrupted when routing protocols are restarted. The core of the GR mechanism is when the routing protocol of a device is restarted, it informs adjacent devices of keeping the neighbor relationship and routes to the device stable for a certain period. After the routing protocol is completely restarted, the adjacent devices help the device to synchronize the routing information and restore the routing information of the device to the state before the restart within the shortest time. During the entire protocol restart, network routes and forwarding are kept highly stable. The packet forwarding path is not changed in any way. The whole system can forward IP packets continually. The HP A-Series series switches support GR for OSFP/BGP/IS-IS/LDP/RSVP. When the active/standby switchover of MPUs takes place, the peer device continues keeping the protocol neighbor relationship with the local device, thus avoiding network oscillation and guaranteeing network stability.
19 Internal Use Only. HP Confidential.
Label Distribution Protocol (LDP) Resource Reservation Protocol (RSVP)
Link Aggregation Technology RRPP Technology Smart Link Technology DLDP Technology
20
21
22
23
RRPP Technology
2 4
24
RRPP Technology
Polling mechanism is that for master nodes on the RRPP ring to actively detect health of the ring network. The master node regularly sends Hello packets from its master port, which are transmitted on the ring by passing each transmit node in turn. If the loop is healthy, the secondary port on the master node receives the Hello packets before the timer expires and the master node keeps the blocking status of the slave port. If a loop is cut off, the secondary port on the primary node cannot receive Hello packets before the timer expires, the master node removes the blocking status of data VLAN on the secondary port and sends a Common-Flush-FDB packet to notify all transmit nodes of updating their own MAC entries and ARP/ND entries.
26
RRPP Technology
When discovering one of their ports in the RRPP domain is down, a transmit node, an edge node, or an auxiliary edge node sends a Link-Down packet immediately to the master node. After receiving the Link-Down packet, the master node removes the blocking status of the data VLAN on its secondary port and sends the Common-Flush-FDB packet to notify all transmit nodes, edge nodes, and auxiliary edge nodes of updating their own MAC entries and ARP/ND entries. After each node updates its own entry, data streams are switched over to normal links. In addition, RRPP can be configured on an aggregation group and link reliability is guaranteed by aggregation and RRPP.
27
2 8
28
29
When the original active link is failed over, the port is still in standby state without link status switchover, thus keeping traffic stable. This port is switched to be active only after next link switchover. Smart Link supports multiple instances. In different Smart Link instances, one port can assume different roles. For example, in instance 1, a port is an active port, while in instance 2, the port is a standby port. In this case, traffic load of different instances can be balanced between ports.
30
DLDP Technology
31
DLDP Technology
A special phenomenon occurs during actual networking, namely, unidirectional link. Unidirectional link means that the local end can receive the packets sent by the peer end over the link layer, but the peer end cannot receive the packets sent by the local end. Unidirectional link leads to a series of problems, such as loop in spanning tree topology.
Cross-connect of fibers
Take fiber as an example. A unidirectional link is classified into two cases: fibers are cross-connected; one fiber is disconnected or one fiber is cut off. Crossed fibers refer to the fibers which are connected reversely. Hollow lines indicate that one fiber is not connected or one fiber is cut off. 32 Internal Use Only. HP Confidential.
DLDP Technology
DLDP can monitor link status of fibers or copper twisted pairs. If a unidirectional link exists, DLDP automatically disables related ports or notifies users of manually disabling them according to user configuration to prevent network problems.
DLDP is a link layer protocol, which is used together with the protocols at the physical layer to monitor link status of devices. The automatic negotiation mechanism at the physical layer detects physical signals and faults. DLDP identifies peer devices and a unidirectional link, and disables an unreachable port. DLDP and the automatic negotiation mechanism at the physical layer work together to detect and disable physical and logical unidirectional connection. If the links at both local end and remote end can work properly at the physical layer, DLDP detects whether these links are properly connected and whether two ends can properly exchange packets at the link layer. This detection cannot be implemented by the automatic negotiation mechanism.
33
DLDP Technology
DLDP has the following two working modes: Common mode: In this mode, once the aging timer of a neighbor expires, one Advertisement packet with RSY tag/label is sent concurrently when the neighbor entry is deleted. Enhanced mode: In this mode, once the aging timer of a neighbor expires, the enhanced timer is started. Every one second, one Probe packet is sent to actively detect the neighbor. Eight Probe packets are continuously sent. If an Echo packet from the neighbor is not received when the Echo wait timer expires, the device is disabled.
34
DLDP Technology
In common mode of DLDP, the system can identify one type of unidirectional link only: cross-connected fibers. In enhanced mode of DLDP, the system can identify two types of unidirectional links. One is cross-connected fibers, and the other is one disconnected fiber or one broken fiber. When detecting the unidirectional link of the latter type, a port should be set to work in forced rate and forced full duplex modes. Otherwise, even if DLDP is enabled, DLDP is invalid. When the unidirectional link of the latter type occurs, the port that has optical signal at the receive end is disabled, while the port that does not have optical signal at the receive end is inactive.
35
36
VRRP
37
Virtual Router
Switch A
Switch B
Switch C
38
VRRP Parameters
VRRP priority
Range: 0-255 (0 and 255 are not configurable) If a router is the IP address owner: its priority becomes 255
Working mode
Preemptive Non-preemptive
Authentication mode
simple md5
39 Internal Use Only. HP Confidential.
Master / backup
Virtual Router
Switch A Master
10.1.1.2/24 Host A
Switch B Backup
10.1.1.3/24 Host B
Switch C Backup
10.1.1.4/24 Host C
40
Load Balancing
Virtual Router 1 Master Host A Virtual Router 2 Backup Virtual Router 3 Backup
Switch A
Backup Host B
Master
Backup
Switch B
Switch C
Host C
Backup
Backup
Master
41
Equivalent Route
4 2
42
Equivalent Route
The HP A-Series series switches support equal-cost multi-path routing (ECMP). Each route supports eight equivalent paths for load balancing of IP or MPLS traffic and also supports Hash load balancing by driving traffic. ECMP minimizes occurrence of disordered packets. After path switchover, traffic is rapidly switched over to other active links, thus guaranteeing service reliability.
43
BFD
4 4
44
BFD
BFD is a network wide unified detection mechanism for fast detecting and monitoring the connectivity of network links or IP route forwarding. To improve the existing network performance, the adjacent protocols should be able to fast detect a communication fault, thus quickly establishing a backup channel to restore communication. BFD: Defined by the IETF, BFD rapidly detects faults of nodes and links. By default, the handshake time is 10ms. BFD enables detection with light load and short duration. BFD can detect any medium and any protocol layer in real time. The detection time and overhead range are wide. BFD can detect faults on any type of channel between systems, including direct physical link, tunnel, MPLS LSP, multi-hop routing channel and indirect channel. BFD detection results can be applied to IGP fast convergence and FRR. BFD protocol has been accepted and recognized by the industry and deployed widely.
45
46
47
Currently, a number of new technologies are used in fast convergence of routing protocols. For example, shorten fault detection time by BFD, lessen the time for re-propagating routing information by Fast Flood, and decrease the time for route calculation by ISPF and PRC. As a result, route convergence is greatly quickened. Currently, in the case of 10,000 routes, traffic interruption time caused by a network fault can be within one second. However, voice, video and other new network services pose more stringent requirements on the traffic interruption time. A large number of carriers hope to control the traffic interruption time caused by network faults within 50 ms or less. This requirement cannot be satisfied by the traditional routing protocol fast convergence technologies. At present, the new method that is being researched for meeting such a requirement is to calculate backup route in advance. In other words, when detecting a fault, a router does not disseminate route information or calculate a route at once.
48
49
50
IRFv2 Overview
51
IRFv2 - Overview
No need for MSTP+VRRP
Common networking
52 Internal Use Only. HP Confidential.
IRFv1
IRFv2
53
Chassis-based Switches
MGMT (Master) MGMT (Slave) MGMT (Proxy) MGMT (Proxy) MGMT (Proxy) MGMT (Proxy) CTRL (Active) CTRL (Standby) CTRL (Proxy) CTRL (Proxy) CTRL (Proxy) CTRL (Proxy) FWD-Crossbar (Active) FWD-Crossbar (Backup or Load Sharing) FWD FWD FWD FWD
Switch
54
Chassis-based Switches
MGMT (Master)
MGMT (Slave) MGMT CTRL (Proxy) (Proxy) MGMT CTRL (Proxy) (Proxy) MGMT CTRL (Proxy) (Proxy)
CTRL (Active)
CTRL (Standby)
Unit #1
Chassis #1
CTRL (Standby) CTRL (Standby) FWD-Crossbar (Active) FWD-Crossbar (Backup or Load Sharing) FWD FWD FWD
Unit #3
SRPU #1 SRPU #2
Unit #4
MGMT (Slave) MGMT (Slave) MGMT CTRL (Proxy) (Proxy) MGMT CTRL (Proxy) (Proxy) MGMT CTRL (Proxy) (Proxy)
Chassis #2
IRF System
55 Internal Use Only. HP Confidential.
IRF System
Daisy Chain
Master
Slave
IRF-port 1 IRF-port 2
Slave
IRF-port 1
Ring
Master
IRF-port 1 IRF-port 2 IRF-port 1 IRF-port 2 IRF-port 1 IRF-port 2
Slave
IRF-port 1 IRF-port 2
Slave
56 Internal Use Only. HP Confidential.
Slave
57
Inexpensive Local Connection cables are available for CX4, SPF+ and XFP ports.
58
2. Assign a Member ID to each on of the other devices and reboot them. irf member current-member-id renumber newmember-id
59 Internal Use Only. HP Confidential.
In the HP S5800/S5820X and in the HP S7900E/HP S7500E interface ten-gigabit port-id shutdown irf-port 1/1 port group interface ten-gigabit port-id interface ten-gigabit port-id undo shutdown
60
Save the configuration of each device and turn them off. Connect the IRF links to build the IRF fabric.
Note: IRF-port 1 of one device must be connected to IRF-port 2 of the next device. Connecting IRF-ports of the same number will prevent the devices to recognize each other as members of the same IRF.
6.
7.
Repeat the process for each member (turn on and wait). This step is called device insertion. Always turn on a device connected to other devices that are already up and running.
61
Blocked Port
63
Uses a distributed Bridge Aggregation interface connected to a 3rd device to exchange MAD information To support this function LACP has been extended with MAD specific TLV fields.
MAD/BFD:
a special VLAN with ports in each member must be configured and each member device must be configured with an MAD IP address. These addresses are invisible for the rest of the network and no routing interface can be attached to an MAD/BFD enabled VLAN.
64 Internal Use Only. HP Confidential.
The part that contains the device with the lowest member-id remains in Normal state and the other goes into Recovery state. The ports of a device in recovery state become blocked. The administrator can exclude some ports from becoming blocked.
Failure Recovery
When the IRF link is back online, the IRF system detects that the IRF-ports are up and triggers the Recovery process. During the recovery, the part of the IRF that was in recovery state is rebooted to be re-inserted into the IRF.
65 Internal Use Only. HP Confidential.
Thank You!
66
2010 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice