RFC3619 Ethernet automatic protect switching.docx
《RFC3619 Ethernet automatic protect switching.docx》由会员分享,可在线阅读,更多相关《RFC3619 Ethernet automatic protect switching.docx(9页珍藏版)》请在冰豆网上搜索。
RFC3619Ethernetautomaticprotectswitching
NetworkWorkingGroupS.Shah
RequestforComments:
3619M.Yip
Category:
InformationalExtremeNetworks
October2003
ExtremeNetworks'
EthernetAutomaticProtectionSwitching(EAPS)
Version1
StatusofthisMemo
ThismemoprovidesinformationfortheInternetcommunity.Itdoes
notspecifyanInternetstandardofanykind.Distributionofthis
memoisunlimited.
CopyrightNotice
Copyright(C)TheInternetSociety(2003).AllRightsReserved.
Abstract
ThisdocumentdescribestheEthernetAutomaticProtectionSwitching
(EAPS)(tm)technologyinventedbyExtremeNetworkstoincreasethe
availabilityandrobustnessofEthernetrings.AnEthernetring
builtusingEAPScanhaveresiliencecomparabletothatprovidedby
SONETrings,atalowercostandwithfewerconstraints(e.g.,ring
size).
1.Introduction
ManyMetropolitanAreaNetworks(MANs)andsomeLocalAreaNetworks
(LANs)havearingtopology,asthefibreruns.TheEthernet
AutomaticProtectionSwitching(EAPS)technologydescribedhereworks
wellinringtopologiesforMANsorLANs.
MostMANoperatorswanttominimisetherecoverytimeintheevent
thatafibrecutoccurs.TheEthernetAutomaticProtectionSwitching
(EAPS)technologydescribedhereconvergesinlessthanonesecond,
ofteninlessthan50milliseconds.EAPStechnologydoesnotlimit
thenumberofnodesinthering,andtheconvergencetimeis
independentofthenumberofnodesinthering.
Shah&YipInformational[Page1]
RFC3619ExtremeNetworks'EAPSOctober2003
2.ConceptofOperation
AnEAPSDomainexistsonasingleEthernetring.AnyEthernet
VirtualLocalAreaNetwork(VLAN)thatistobeprotectedis
configuredonallportsintheringforthegivenEAPSDomain.Each
EAPSDomainhasasingledesignated"masternode".Allothernodes
onthatringarereferredtoas"transitnodes".
Ofcourse,eachnodeontheringwillhave2portsconnectedtothe
ring.Oneportofthemasternodeisdesignatedasthe"primary
port"tothering,whiletheotherportisdesignatedasthe
"secondaryport".
Innormaloperation,themasternodeblocksthesecondaryportfor
allnon-controlEthernetframesbelongingtothegivenEAPSDomain,
therebyavoidingaloopinthering.ExistingEthernetswitchingand
learningmechanismsoperateperexistingstandardsonthisring.
Thisispossiblebecausethemasternodemakestheringappearas
thoughthereisnoloopfromtheperspectiveoftheEthernetstandard
algorithmsusedforswitchingandlearning.Ifthemasternode
detectsaringfault,itunblocksitssecondaryportandallows
Ethernetdataframestopassthroughthatport.Thereisaspecial
"ControlVLAN"thatcanalwayspassthroughallportsintheEAPS
Domain,includingthesecondaryportofthemasternode.
EAPSusesbothapollingmechanismandanalertmechanism,described
below,toverifytheconnectivityoftheringandquicklydetectany
faults.
2.1.LinkDownAlert
Whenatransitnodedetectsalink-downonanyofitsportsinthe
EAPSDomain,thattransitnodeimmediatelysendsa"linkdown"
controlframeontheControlVLANtothemasternode.
Whenthemasternodereceivesthis"linkdown"controlframe,the
masternodemovesfromthe"normal"statetothering-faultstateand
unblocksitssecondaryport.Themasternodealsoflushesits
bridgingtable,andthemasternodealsosendsacontrolframetoall
otherringnodes,instructingthemtoflushtheirbridgingtablesas
well.Immediatelyafterflushingitsbridgingtable,eachnode
beginslearningthenewtopology.
Shah&YipInformational[Page2]
RFC3619ExtremeNetworks'EAPSOctober2003
2.2.RingPolling
Themasternodesendsahealth-checkframeontheControlVLANata
user-configurableinterval.Iftheringiscomplete,thehealth-
checkframewillbereceivedonitssecondaryport,wherethemaster
nodewillresetitsfail-periodtimerandcontinuenormaloperation.
Ifthemasternodedoesnotreceivethehealth-checkframebeforethe
fail-periodtimerexpires,themasternodemovesfromthenormal
statetothe"ring-fault"stateandunblocksitssecondaryport.The
masternodealsoflushesitsbridgingtableandsendsacontrolframe
toallothernodes,instructingthemtoalsoflushtheirbridging
tables.Immediatelyafterflushingitsbridgetable,eachnode
startslearningthenewtopology.Thisringpollingmechanism
providesabackupintheeventthattheLinkDownAlertframeshould
getlostforsomeunforeseenreason.
2.3.RingRestoration
Themasternodecontinuessendingperiodichealth-checkframesout
itsprimaryportevenwhenoperatinginthering-faultstate.Once
theringisrestored,thenexthealth-checkframewillbereceivedon
themasternode'ssecondaryport.Thiswillcausethemasternodeto
transitionbacktothenormalstate,logicallyblocknon-control
framesonthesecondaryport,flushitsownbridgetable,andsenda
controlframetothetransitnodes,instructingthemtoflushtheir
bridgingtablesandre-learnthetopology.
Duringthetimebetweenthetransitnodedetectingthatitslinkis
restoredandthemasternodedetectingthattheringisrestored,the
secondaryportofthemasternodeisstillopen--creatingthe
possibilityofatemporaryloopinthetopology.Topreventthis,
thetransitnodewillplacealltheprotectedVLANstransitingthe
newlyrestoredportintoatemporaryblockedstate,rememberwhich
porthasbeentemporarilyblocked,andtransitionintothe"pre-
forwarding"state.Whenthetransitnodeinthe"pre-forwarding"
statereceivesacontrolframeinstructingittoflushitsbridging
table,itwillflushthebridgingtable,unblockthepreviously
blockedprotectedVLANsonthenewlyrestoredport,andtransitionto
the"normal"state.
Shah&YipInformational[Page3]
RFC3619ExtremeNetworks'EAPSOctober2003
3.MultipleEAPSDomains
AnEAPS-enabledswitchcanbepartofmorethanonering.Hence,an
EAPS-enabledswitchcanbelongtomorethanoneEAPSDomainatthe
sametime.EachEAPSDomainonaswitchrequiresaseparateinstance
oftheEAPSprotocolonthatsameswitch,oneinstanceperEAPS-
protectedring.
OnecanalsohavemorethanoneEAPSdomainrunningonthesamering
atthesametime.EachEAPSDomainhasitsownuniquemasternode
anditsownsetofprotectedVLANs.Thisfacilitatesspatialreuse
ofthering'sbandwidth.
EAPSFrameFormat
012344
123456789012345678901234567890123456789012345678
+--------+--------+--------+--------+--------+--------+
|DestinationMACAddress(6bytes)|
+--------+--------+--------+--------+--------+--------+
|SourceMACAddress(6bytes)|
+--------+--------+--------+--------+--------+--------+
|EtherType|PRI|VLANID|FrameLength|
+--------+--------+--------+--------+--------+--------+
|DSAP/SSAP|CONTROL|OUI=0x00E02B|
+--------+--------+--------+--------+--------+--------+
|0x00bb|0x99|0x0b|EAPS_LENGTH|
+--------+--------+--------+--------+--------+--------+
|EAPS_VER|EAPSTYPE|CTRL_VLAN_ID|0x0000|
+--------+--------+--------+--------+--------+--------+
|0x0000|SYSTEM_MAC_ADDR(6bytes)|
+--------+--------+--------+--------+--------+--------+
||HELLO_TIMER|FAIL_TIMER|
+--------+--------+--------+--------+--------+--------+
|STATE|0x00|HELLO_SEQ|0x0000|
+--------+--------+--------+--------+--------+--------+
|RESERVED(0x000000000000)|
+--------+--------+--------+--------+--------+--------+
|RESERVED(0x000000000000)|
+--------+--------+--------+--------+--------+--------+
|RESERVED(0x000000000000)|
+--------+--------+--------+--------+--------+--------+
|RESERVED(0x000000000000)|
+--------+--------+--------+--------+--------+--------+
|RESERVED(0x000000000000)|
+--------+--------+--------+--------+--------+--------+
|RESERVED(0x000000000000)|
+--------+--------+--------+--------+--------+--------+
Shah&YipInformational[Page4]
RFC3619ExtremeNetworks'EAPSOctober2003
Where:
DestinationMACAddressisalways0x00e02b000004.
PRIcontains3bitsofpriority,with1otherbitreserved.
EtherTypeisalways0x8100.
DSAP/SSAPisalways0xAAAA.
CONTROLisalways0x03.
EAPS_LENGTHis0x40.
EAPS_VERSis0x0001.
CTRL_VLAN_IDistheVLANIDfortheControlVLANinuse.
SYSTEM_MAC_ADDRistheSystemMACAddressofthesendingnode.
HELLO_TIMERisthevaluesetbytheMasterNode.
FAIL_TIMERisthevaluesetbytheMasterNode.
HELLO_SEQisthesequencenumberoftheHelloFrame.
EAPSType(EAPSTYPE)values:
HEALTH=5
RING-UP-FLUSH-FDB=6
RING-DOWN-FLUSH-FDB=7
LINK-DOWN=8
Allothervaluesarereserved.
STATEvalues:
IDLE=0
COMPLETE=1
FAILED=2
LINKS-UP=3
LINK-DOWN=4
PRE-FORWARDING=5
Allothervaluesarereserved.
4.SecurityConsiderations
Anyonewithphysicalaccesstothephysicallayerconnectionscould
forgeanysortofEthernetframetheywished,includingbutnot
limitedtoBridgeframesorEAPSframes.Suchforgeriescouldbe
usedtodisruptanEthernetnetworkinvariousways,including
methodsthatarespecifictoEAPSorotherunrelatedmethods,suchas
forgedEthernetbridgeframes.
Assuch,itisrecommendedthatusersnotdeployEthernetwithout
someformofencryptioninenvironmentswheresuchactiveattacksare
consideredasignificantoperationalrisk.IEEEstandardsalready
existforlink-layerencryption.ThoseIEEEstandardscouldbeused
toprotectanEthernet'slinks.Alternately,upper-layersecurity
mechanismscouldbeusedifitismoreappropriatetothelocal
threatmodel.
Shah&YipInformationa