new-martin-PBB-TE-segment-prot-1108-v00 by babbian

VIEWS: 0 PAGES: 32

									PBB-TE Segment Protection

           David W. Martin
        November 10-13th, 2008
             Dallas, TX
                 v00
Contents

 Problem Statement
 Segment and Protected Entity Definitions
 Segment Integrity Issues
 Segment Protection Options
 Conclusions




                                            2
Problem Statement

   For any connection oriented end-to-end path protection scheme (aka trail
   protection), as the total media length and the amount of intermediate
   equipment increases so does the probability of simultaneous failures (i.e.,
   within a 4hr MTTR window) along both the working and protection paths,
   eventually impacting the corresponding availability target (e.g., 99.999%
   or 5min/yr downtime)
   PBB-TE P802.1Qay 1:1 protection falls into the above category
   September (Seoul) presentation* provided requirements from two Service
   Providers in India for a PBB-TE local repair mechanism to mitigate the
   above problem




MTTR = Mean Time To Repair    * new-Protection-Vinod-Case-for-Segment-Protection-0908-v1.pps

                                                                                               3
PBB-TE Protected Domain: Expanded View
                     I-Tagged           West                                              East
                     Interface       B-Component                                       B-Component
                                                          BVID-1
                                                                   W
                                                                           BVID-2
P802.1Qay view:                                           BVID-3
                                                                   P
                                 CBP-A                                     BVID-4            CBP-B

                                               PNPs                                 PNPs




                                                   BCB                         BCB
Larger network view:

                                                               W       W
          West                                                                                             East
                                 W                                                             W
       B-Component                                 PNPs                        PNPs                     B-Component




      CBP-A                                                                                                   CBP-B
                                 P                 BCB                         BCB              P
                 PNPs                                                                                PNPs
                                                               P       P




                                                   PNPs                        PNPs



                                                                                                                      4
General Segmentation Approach

 The general solution is to split up the end-to-end paths and provide some
 type of local repair on a segment in order to improve overall availability

                         Create a segment



                           BCB                  BCB




                                   W        W
       West                                                        East
                     W                                  W
    B-Component            PNPs                 PNPs            B-Component




   CBP-A                                                              CBP-B
                     P     BCB                  BCB     P
              PNPs                                           PNPs
                                    P       P




                           PNPs                 PNPs



                                                                              5
PBB-TE TESI Segment Definition
                           W primary segment
                A   BCB                        BCB           BCB
                                                                    P

                                                                        W
            W

                    PNPs                       PNPs          PNPs




    W backup segment
                                 BCB                  BCB




                                 PNPs                 PNPs




 Primary segment (the protected entity) is the portion of a TESI between
 the PNPs on nodes A and P
 Backup segment is pre-established using the same TESI <B-DA, B-VID>
 Obviously this approach assumes that such an alternate route is available
                                                                             6
Contents

 Problem Statement
 Segment and Protected Entity Definitions
 Segment Integrity Issues
 Segment Protection Options
 Conclusions




                                            7
PBB-TE TESI Segment Creation
                           W primary segment
                A   BCB                        BCB           BCB
                                                                    P

                                                                        W
            W

                    PNPs                       PNPs          PNPs




    W backup segment
                                 BCB                  BCB




                                 PNPs                 PNPs




 Both primary and backup segments have same TESI <B-DA, B-VID> FDB
 entries, the only requirement being that those segments never cross
 Need to provide associated segment MAs in order to detect a segment fault
 to trigger and coordinate bi-directional switching, but how?
                                                                             8
 Segment Integrity Check Requirement
                                  W primary segment
                        A   BCB                       BCB           BCB
                                                                          P

                                                                              W
                    W

                            PNP                       PNPs          PNP




            W backup segment
                                        BCB                  BCB



MEP/MIP variant                                                                   MEP/MIP variant

   Backup CCMs                                                                    Primary CCMs
                                        PNPs                 PNPs
           Idle                                                                   ESP traffic




      If avoiding “blind switching” is desired, the integrity of each ESP 3-tuple
      datapath (i.e., each direction of the TESI) must be verified with CCMs over
      both the primary and backup segments simultaneously

                                                                                                    9
Segment Integrity Check I
                              W primary segment
                    A   BCB                       BCB
                                                           CCM        BCB
                                                                            P

                                CCM
                                                                                W
                W

                        PNP                       PNPs                PNP



                                CCM




                                                                CCM
        W backup segment
                                      BCB                BCB



 Backup MEP                                                                         Primary MEP

Backup CCMs                                                                         Primary CCMs
                                      PNPs               PNPs
       Idle                                                                         ESP traffic



  Introducing a new MA between nodes A and P on the primary segment
  would not verify the ESP 3-tuple datapath → different addressing
              <P, A, ESP-VID> ≠ <ESP-DA, ESP-SA, ESP-VID>
  Similar issue for the backup segment
                                                                                                   10
Segment Integrity Check II
                              W primary segment
                    A   BCB                       BCB                   BCB
                                                                              P
                                                                                  CCM
              CCM
                                                                                  W




                                PsegS
                W




                                                                atus
                        PNP                       PNPs                  PNP




                                                               PsegSt
                                 tatus
        W backup segment
                                        BCB              BCB



Backup MIP+                                                                             Primary MIP+

                                                                                        ESP CCMs
                                        PNPs             PNPs
       Idle                                                                             ESP traffic



  Snooping the existing ESP CCMs via MIPs at nodes A and P would require:
  significantly enhanced MIPs, status exchange (e.g., via backup segment),
  correlation of views → OAM processing load (CCMs & journaling), perhaps
  slower fault detect time due to synchronizing views
  No ESP CCMs on the backup segment → still risk of “blind switching”
                                                                                                       11
Segment Integrity Check III
                                W primary segment
                     A   BCB                        BCB                 BCB
                                                                              P
               CCM                CCM                            MIPs
                                                                                  W
                 W

                         PNPs                       PNPs                PNP




         W backup segment
                                        BCB                BCB



Backup MIP+                                                                           Primary MIP+
                                                CCM
  ESP CCMs                                                                            ESP CCMs
                                        PNPs               PNPs
 ESP traffic                                                                          ESP traffic



  Introducing a 1+1 bridge (ESP frame copy) would forward ESP data/CCMs
  via both primary and backup segments allowing MIPs at tail-end node P to
  monitor segments → not natural for a bridge to send an identical frame out
  two ports, need enhanced MIP functionality, operational risk
                                                                                                     12
Segment Integrity Check Summary

 A single approach to monitoring a segment MA is either
 insufficient or impractical
 Perhaps a combination of approaches could provide the
 required integrity coverage
 Need to explore such alternatives…




                                                          13
Contents

 Problem Statement
 Segment and Protected Entity Definitions
 Segment Integrity Issues
 Segment Protection Options
 Conclusions




                                            14
1:1 Segment Protection
    Switching (SPS)




                         15
1:1 Segment Protection Switching (SPS)

 Recall the goal of segment protection is to improve the overall
 availability of a PBB-TE protected domain, because there is an
 unacceptably high probability of simultaneous faults on working
 and protection TESIs
 Those faults can be divided into two categories:
  • “infrastructure faults” – the failure of links between bridges, or a
    catastrophic bridge failure affecting all its traffic
  • “datapath faults” – a fault within a bridge affecting one or more
    services, such as an FDB corruption (either due to an equipment fault
    or a configuration error)
 The combination of the segment integrity checks I and II provides
 coverage for:
  • infrastructure faults on either the primary or backup segment
  • datapath faults on the active segment
                                                                            16
Segment Infrastructure Integrity Check
                              W primary segment
                    A   BCB                       BCB
                                                           CCM        BCB
                                                                            P

                                CCM
                                                                                W
                W

                        PNP                       PNPs                PNP



                                CCM




                                                                CCM
        W backup segment
                                      BCB                BCB



 Backup MEP                                                                         Primary MEP

Backup CCMs                                                                         Primary CCMs
                                      PNPs               PNPs
       Idle                                                                         ESP traffic




  Introduce a MA between nodes A and P on the primary segment and a MA
  on the backup segment
  CCM addresses are the MACs of the associated PNPs
  A segment infrastructure fault would trigger protection for all client TESIs
                                                                                                   17
Segment Datapath Integrity Check - Primary
                              W primary segment
                    A   BCB                       BCB                   BCB
                                                                              P
                                                                                  CCM
              CCM
                                                                                  W




                                PsegS
                W




                                                                atus
                        PNP                       PNPs                  PNP




                                                               PsegSt
                                 tatus
        W backup segment
                                        BCB              BCB



Backup MIP+                                                                             Primary MIP+

                                                                                        ESP CCMs
                                        PNPs             PNPs
       Idle                                                                             ESP traffic



  Snoop existing ESP CCMs via MIPs on primary segment at nodes A and P
  Exchange primary segment status via backup segment and correlate views
  A segment datapath fault triggers protection only for the affected TESI
  Since there are no ESP CCMs on the backup segment to snoop, it would be
  a “blind switch”                                                                                     18
Segment Datapath Integrity Check - Backup
                               W primary segment
                     A   BCB                       BCB
                                                          BsegStatus   BCB
                                                                             P
                                                                                 CCM
               CCM              BsegStatus
                                                                                 W
                 W

                         PNP                       PNPs                PNP




         W backup segment
                                     BCB                   BCB



Backup MIP+                                                                            Primary MIP+

  ESP CCMs
                                     PNPs                  PNPs
 ESP traffic                                                                           Idle




  Snoop existing ESP CCMs via MIPs on backup segment at nodes A and P
  Exchange backup segment status via primary segment and correlate views
  Since there are no ESP CCMs on the primary segment to snoop, the
  reversion switch would be a “blind switch”
                                                                                                      19
1:1 Segment Protection Switching Summary

 The combination of the segment integrity checks I and II will
 provide coverage for:
  • infrastructure faults on either the primary or backup segment
  • datapath faults on the active segment (in addition to the fault coverage
    provided by the e2e PBB-TE protection)
 The only integrity coverage missing is that of the inactive segment
 datapath, the consequences being:
  • for a fault initiated switch to the inactive segment (with a latent datapath
    fault), the e2e PBB-TE protection mechanism would eventually execute
    following its hold-off timeout and if resources are available
  • for a manual switch to the inactive segment (with a latent datapath
    fault), there would be a brief traffic loss until that fault triggered a
    reversion switch
 So there is a corner case integrity exposure
                                                                               20
1:1 Segment Server
     Protection




                     21
1:1 Segment Server Protection

 Rather than attempt to provide a protection mechanism at the same
 layer, consider a hierarchal approach
 Fully encapsulate all e2e PBB-TE traffic along either the working or
 protection entity into a new PBB-TE protected domain for the
 extent of the segment
 Provides full integrity coverage
 Avoids defining a new protection mechanism




                                                                        22
PBB-TE 1:1 Segment Server Protection
                                 W primary segment/TESI
      A               IB-BEB                   BCB                      IB-BEB           P

 W                                                                                              W

         CNP    PIP      CBP                                            CBP      PIP   CNP

   S-Tagged      Internal                      PNPs                        Internal      S-Tagged
                               PNPs                              PNPs
   Interface    I-Tagged                                                  I-Tagged       Interface
 (1:1 mapped)   Interface                                                 Interface    (1:1 mapped)




            W backup segment/TESI
                                        BCB               BCB




                                        PNPs              PNPs



 Upgrade the BCBs at the edges of the segment to IB-BEBs and provide a
 PBB hierarchal (802.1ah 26.6.1) S-tagged interface (802.1ah 25.4)
 Each segment is now a new (server layer ) TESI in a regular PBB-TE 1:1
 TESI PG, with the corresponding TESI CCM integrity coverage

                                                                                                      23
1:1 Segment Server Protection (cont’d)

Frame at segment ingress/egress:                 B-DA     B-SA    B-TAG   I-Type   I-SID+ C-DA   C-SA   S-TAG   C-TAG   MSDU   B-FCS

                                                                                      I-TAG




Frame within segment:

                  B-DA   B-SA   B-TAG   I-Type   I-SID+    B-DA    B-SA   I-Type   I-SID+ C-DA   C-SA   S-TAG   C-TAG   MSDU   B-FCS

                                                     I-TAG                            I-TAG




   Segment B-MACs are the server IB-BEBs (nodes A and P) CBPs’ MACs
   Segment B-VID corresponds to either primary or backup segment
   Segment I-SID could be copied from client ESP I-SID
   Note the original ESP B-TAG is removed and reinserted according to the
   one-to-one S-tagged interface definition
   A fresh FCS would be calculated and appended over the segment
                                                                                                                                       24
PBB-TE 1:1 Segment Group Protection
                                     W primary segment/TESI
        A                 IB-BEB                   BCB                      IB-BEB           P
 P                                                                                                  P
                                                                                                    W
 Wx                                                                                                     x

                    PIP      CBP                                            CBP      PIP            W
 Wy                                                                                                     y

                      Internal                     PNPs                        Internal
          CNPs                     PNPs                              PNPs                  CNPs
                     I-Tagged                                                 I-Tagged
     S-Tagged        Interface                                                Interface     S-Tagged
     Interface                                                                              Interface
     (bundled)                                                                              (bundled)


                 W backup segment/TESI
                                            BCB               BCB




                                            PNPs              PNPs




 Alternatively, the IB-BEBs could provide a bundled S-tagged interface
 (802.1ah 25.4) for multiple client PBB-TE TESIs



                                                                                                            25
1:1 Segment Group Protection (cont’d)

Frame at segment ingress/egress:                   B-DA   B-SA   B-TAG   I-Type   I-SID+ C-DA   C-SA   S-TAG   C-TAG   MSDU   B-FCS

                                                                                     I-TAG




Frame within segment:

             B-DA   B-SA   B-TAG   I-Type I-SID+   B-DA   B-SA   B-TAG   I-Type   I-SID+ C-DA   C-SA   S-TAG   C-TAG   MSDU   B-FCS

                                              I-TAG                                  I-TAG




   Segment B-MACs are the server IB-BEBs (nodes A and P) CBPs’ MACs
   Segment B-VID corresponds to either primary or backup segment
   Segment I-SID would be specific to that protected domain
   Note the original ESP B-TAG is retained according to the bundled S-tagged
   interface definition
   A fresh FCS would be calculated and appended over the segment
                                                                                                                                      26
1:1 Segment Server Protection Summary

  No segment integrity coverage issue since the server layer provides
  necessary CCMs over both primary and backup segments (i.e., the
  server P802.1Qay working and protection entities)
  Protection within the segment is exactly as defined by P802.1Qay
  The segment group protection alternative provides a scalable
  solution for multiple client TESIs over a common segment
  No new work for 802.1
  The price tag is the additional PBB encap




Note that the P802.1Qay PAR scope statement “This project will not take account of multi-domain networks” is
referring to peered networks, not hierarchal networks such as discussed here

                                                                                                               27
M:1 PBB-TE Protection




                        28
M:1 PBB-TE Protection

 Rather than attempt to provide a protection mechanism at the same
 layer, or by a server layer protection mechanism, consider
 enhancing the P802.1Qay PBB-TE 1:1 TESI protection to M:1
 This addresses the problem of simultaneous working and protection
 entity faults by providing additional protection entities
 Note that in this context it is not a segment protection solution since
 it operates e2e




                                                                           29
Example 3:1 PBB-TE Protection Group
                 West                                                          East
I-Tagged      B-Component                                                   B-Component
Interface
            CBP-A                  BVID-1                                            CBP-B
                                                   W
                                                              BVID-2


                                   BVID-3
                                                  P-0
                                                              BVID-4


                                   BVID-7
                                                  P-1
                                                              BVID-8


                                   BVID-11
                                                  P-2
                                                              BVID-12

                            PNPs                                        PNPs




  Transmit CBP traffic is sent over a given TESI by altering the B-VID accordingly
  Received CBP traffic is the merge of traffic from all TESIs

                                                                                             30
M:1 PBB-TE Protection Summary

 Provides high availability by switching to whichever protection
 entity is available, by automatically escalating through a pre-
 established prioritized sequence
 Since it is e2e protection, there is no maintenance domain
 independence as is possible with the prior two approaches




                                                                   31
Conclusions

 1:1 Segment Protection
  • requires addition of segment MEPs for infrastructure protection (low
    overhead)
  • requires addition of enhanced MIP functionality, status exchange and
    correlation for datapath protection (higher overhead)
  • has a corner case integrity exposure
 P802.1Qay PBB-TE 1:1 Segment Server Protection
  • full integrity coverage, scalable
  • no new work for 802.1
  • requires additional PBB encap
 M:1 PBB-TE Protection
  • requires extensions to P802.1Qay 1:1 protection
  • does not provide maintenance domain independence

                                                                           32

								
To top