- About the Cisco IOS Documentation
- Chapter 1, Overview
- Chapter 2, CTC Operation
- Chapter 3, Initial Configuration
- Chapter 4, Configuring Interfaces
- Chapter 5, Configuring Bridging
- Chapter 6, Configuring STP and RSTP
- Chapter 7, Configuring VLANs
- Chapter 8, Configuring IEEE 802.1Q and Layer 2 Protocol Tunneling
- Chapter 9, Configuring Link Aggregation
- Chapter 10, Configuring Networking Protocols
- Chapter 11, Configuring IRB
- Chapter 12, Configuring VRF Lite
- Chapter 13, Configuring Quality of Service
- Chapter 14, Configuring the Switching Database Manager
- Chapter 15, Configuring Access Control Lists
- Chapter 16, Configuring Resilient Packet Ring
- Chapter 17, Configuring Ethernet over MPLS
- Appendix A, Command Reference
- Appendix B, Unsupported CLI Commands
- Appendix C, Using Technical Support
Configuring Resilient Packet Ring
Note 
The terms "Unidirectional Path Switched Ring" and "UPSR" may appear in Cisco literature. These terms do not refer to using Cisco ONS 15xxx products in a unidirectional path switched ring configuration. Rather, these terms, as well as "Path Protected Mesh Network" and "PPMN," refer generally to Cisco's path protection feature, which may be used in any topological network configuration. Cisco does not recommend using its path protection feature in any particular topological network configuration.
This chapter describes how to configure resilient packet ring (RPR) and Dual RPR Interconnect (DRPRI) for the ML-Series card.
This chapter contains the following major sections:
•Configuring Point-to-Point Circuits on CTC for RPR
•Understanding Dual RPR Interconnect
•Monitoring and Verifying DRPRI
Understanding RPR
RPR is an emerging network architecture designed for metro fiber ring networks. This new MAC protocol is designed to overcome the limitations of IEEE 802.1D Spanning Tree Protocol (STP), IEEE 802.1W Rapid Spanning Tree Protocol (RSTP), and SONET/SDH in packet-based networks. RPR operates at the Layer 2 level and is compatible with Ethernet and SONET/SDH.
The ML-Series card's RPR relies on the quality of service (QoS) features of the ML-Series card for efficient bandwidth utilization with service level agreement (SLA) support. ML-Series card QoS mechanisms apply to all SONET/SDH traffic on the ML-Series card, whether passed-through, bridged, or stripped.
When an ML-Series card is configured with RPR and made part of a shared packet ring (SPR), the ML-Series card assumes it is part of a ring. If a packet is not destined for devices attached to the specific ML-Series, the ML-Series card simply continues to forward this transit traffic along the SONET/SDH circuit relying on the circular path of the ring architecture to guarantee the packet will eventually arrive at the destination. This eliminates the need to queue and forward the packet flowing through the nondestination ML-Series card. From a Layer 2 or Layer 3 perspective, the entire RPR looks like one shared network segment.
RPR supports operation over protected and unprotected SONET/SDH circuits. On unprotected SONET/SDH circuits, RPR provides SONET/SDH-like protection without the redundant SONET/SDH protection path. Eliminating the need for a redundant SONET/SDH path frees bandwidth for additional traffic. RPR also incorporates spatial reuse of bandwidth through a hash algorithm for east/west packet transmission. RPR utilizes the entire ring bandwidth and does not need to block ring segments like STP or RSTP.
Packet Handling Operations
The RPR protocol, using the transmitted packet's header information, allows the interfaces to quickly determine the operation that needs to be applied to the packet. An ML-Series card configured with RPR is part of the ring and has three basic packet-handling operations: bridge, pass-through, or strip. Figure 16-1 illustrates these operations. Bridging connects and passes packets between the Ethernet ports on the ML-Series and the Packet over SONET/SDH (POS) circuit circling the ring. Pass-through lets the packets continue through the ML-Series card and along the ring, and stripping takes the packet off the ring and discards it. Because STP or RSTP is not in effect between nodes when RPR is configured, the transmitting RPR port strips its own packets after they return from circling the ring. A hash algorithm is used to determine the direction of the packet around the RPR.
Figure 16-1 RPR Packet Handling Operations
Ring Wrapping
RPR initiates ring wraps in the event of a fiber cut, node failure, node restoration, new node insertion, or other traffic problems. This protection mechanism redirects traffic to the original destination by sending it in the opposite direction around the ring after a link state change or after receiving SONET/SDH path level alarms. Ring wrapping on the ML-Series card allows sub-50-ms convergence times. RPR convergence times are comparable to SONET/SDH and much faster than STP or RSTP.
RPR on the ML-Series card survives both unidirectional and bidirectional transmission failures within the ring. Unlike STP or RSTP, RPR restoration is scalable, increasing the number of ML-Series cards in a ring does not increase the convergence time.
Note ML-Series card RPR convergence times might exceed 50 ms in the case of multiple failures in the same ring, or if traffic passes through an ML-Series card configured with DRPRI (in active mode) during the reloading of the ML-Series card, or in the case of mismatched microcode images on ML-Series cards.
RPR will initiate ring wraps immediately (default) or delay the wrap with a configured carrier delay time. When configured to wrap traffic after the carrier delay, a POS trigger delay time should be added to the carrier delay time to estimate approximate convergence times. The default and minimum POS trigger delay time for the ML-Series card is 200 ms. A carrier delay time of 200 ms (default) and a POS trigger delay time of 200 ms (default and minimum) combine for a total convergence time of approximately 400 ms. If the carrier delay is set to 0, then the convergence time would be approximately 200 ms. Figure 16-2 illustrates ring wrapping.
Figure 16-2 RPR Ring Wrapping
Note If the carrier delay time is changed from the default, the new carrier delay time must be configured on all the ML-Series card interfaces, including the SPR, POS, and GigabitEthernet or FastEthernet interfaces.
Note ML-Series card POS interfaces normally send PDI-P to the far-end when the POS link goes down or RPR wraps. ML-Series card POS interfaces do not send PDI-P to the far-end when PDI-P is detected, when RDI-P is being sent to the far-end or when the only defects detected are GFP LFD, GFP CSF, VCAT LOM or VCAT SQM.
MAC Address and VLAN Support
RPR improves MAC address support, because an ML-Series card does not need to learn the MAC address of pass-through packets. The ML-Series card's MAC address table only holds the MAC IDs of packets that have been bridged or stripped by that card. This allows the collective tables of the ML-Series cards in the ring to hold a greater number of MAC addresses.
RPR also enhances VLAN support relative to STP and RSTP. In an STP and RSTP, a new VLAN must configured on all POS interfaces on the ring. In RPR, the VLAN must only be added to the configuration of those interfaces that bridge or strip packets for that VLAN. The ML-Series card still has a 255 architectural maximum limit of VLAN/bridge-group per ML-Series card. But because the ML-Series card only needs to hold the VLANs incorporating that card, the collective number of VLANs held by all the ML-Series cards in the ring can be much greater.
Configuring Point-to-Point Circuits on CTC for RPR
RPR on the Cisco ONS 15454 enables two or more ML-Series cards to become one functional network segment or SPR. The bridged ML-Series cards are connected to each other through point-to-point STS/STM circuits, which use one of the first ML-Series card's POS ports as a source and one of the second ML-Series card's POS ports as a destination. All ML-Series cards in an SPR must be connected directly or indirectly by point-to-point circuits.
The point-to-point circuits use the ONS 15454 SONET/SDH network. Provision the point-to-point circuits using CTC or TL1 in the same manner as an ONS 15454 OC-N card STS/STM circuits. The Cisco ONS 15454 Procedure Guide or the Cisco ONS 15454 SDH Procedure Guide provides specific instructions about how to create an automatically routed optical circuit.
When configuring a point-to-point circuit on the ML-Series:
•Leave all CTC Circuit Creation Wizard options at default, except Fully Protected Path on the Circuit Routing Preferences dialog, which provides SONET/SDH protection and should be unchecked. RPR provides Layer 2 protection for SPR circuits.
•Check Using Required Nodes and Spans to route automatically in the Circuit Routing Preferences dialog box. If the source and destination nodes are adjacent on the ring, exclude all nodes except the source and destination in the Circuit Routing Preferences dialog box. This forces the circuit to be routed directly between source and destination and preserves STS/STM circuits, which would be consumed if the circuit routed through other nodes in the ring. If there is a node or nodes that do not contain an ML-Series card between the two nodes containing ML-Series card, include this node or nodes in the included nodes area in the Circuit Routing Preference dialog box, along with the source and destination nodes.
•Keep in mind that ML-Series card STS/STM circuits do not support unrelated circuit creation options, such as unidirectional traffic, creating cross-connects only (TL1-like), interdomain (unified control plane [UCP]), protected drops, or path protection selectors.
After the CTC circuit process is complete, begin a Cisco IOS session to configure RPR/SPR on the ML-Series card and interfaces.
Note A best practice is to configure SONET/SDH circuits in an east-to-west or west-to-east configuration, from port 0 (east) to port 1 (west) or port 1 (east) to port 0 (west), around the SONET/SDH ring. Do not configure port 0 to port 0 or port 1 to port 1. The east-to-west or west-to-east setup is required for the Cisco Transport Manager (CTM) network management software to recognize the ML-Series configuration as an SPR.
Configuring RPR on Cisco IOS
You configure RPR on the ML-Series cards by creating an SPR interface from the Cisco IOS CLI. The SPR is a virtual interface, similar to an EtherChannel interface. The POS interfaces are the physical interfaces associated with the RPR SPR interface. An ML-Series card supports a single SPR interface. The SPR interface has a single MAC address and provides all the normal attributes of a Cisco IOS interface, such as support for default routes. An SPR interface is considered a trunk port, and like all trunk ports, subinterfaces must be configured for the SPR interface to become part of a bridge group.
An SPR interface is configured similarly to a EtherChannel (port-channel) interface. The members of the SPR interface must be POS interfaces. Instead of using the channel-group command to define the members, you use the spr-intf-ID command. And like port-channel, you configure the SPR interfaces instead of the POS interface.
In configuring an SPR, if one ML-Series card is not configured with an SPR interface, but valid STS/STM circuits connect this ML-Series card to the other ML-Series cards in the SPR, no traffic will flood between the properly configured ML-Series cards in the SPR, and no alarms will indicate this condition. Cisco recommends that you configure all of the ML-Series cards in an SPR before sending traffic.
Do not use native VLANs for carrying traffic with RPR.
Note RPR is only supported with LEX encapsulation. LEX is the default encapsulation for the ML-Series.
To provision RPR, perform the following procedure, beginning in global configuration mode:
Each of the ML-Series card's two POS ports must be assigned to the SPR interface.
The SPR interface is the routed interface. Do not enable Layer 3 addresses or assign bridge groups on the POS interfaces assigned to the SPR interface.
When traffic coming in on an SPR interface needs to be policed, the same input service policy needs to be applied to both the POS ports that are part of the SPR interface.
To assign a POS interface on the ML-Series to the SPR, perform the following procedure, beginning in global configuration mode:
RPR Cisco IOS Configuration Example
Figure 16-3 shows an example of an RPR Cisco IOS configuration. The associated code is provided in Examples 16-1, 16-2, and 16-3. The configuration assumes that ML-Series card POS ports are already linked by point-to-point SONET/SDH circuits configured through CTC.
Figure 16-3 RPR Configuration Example
Example 16-1 SPR Station-ID 1 Configuration
bridge irb
!
interface SPR1
no ip address
no keepalive
spr station-ID 1
hold-queue 150 in
bridge-group 1
!
interface POS0
no ip address
spr-intf-ID 1
!
interface POS1
no ip address
spr-intf-ID 1
interface GigabitEthernet0
no ip address
no ip route-cache
bridge-group 1
interface GigabitEthernet1
no ip address
no ip route-cache
bridge-group 1
Example 16-2 SPR Station-ID 2 Configuration
bridge irb
!
interface SPR1
no ip address
no keepalive
spr station-ID 2
hold-queue 150 in
bridge-group 1
!
interface POS0
no ip address
spr-intf-ID 1
!
interface POS1
no ip address
spr-intf-ID 1
interface GigabitEthernet0
no ip address
no ip route-cache
bridge-group 1
interface GigabitEthernet1
no ip address
no ip route-cache
bridge-group 1
Example 16-3 SPR Station-ID 3 Configuration
bridge irb
!
interface SPR1
no ip address
no keepalive
spr station-ID 3
hold-queue 150 in
bridge-group 1
!
interface POS0
no ip address
spr-intf-ID 1
!
interface POS1
no ip address
spr-intf-ID 1
interface GigabitEthernet0
no ip address
no ip route-cache
bridge-group 1
interface GigabitEthernet1
no ip address
no ip route-cache
bridge-group 1
Monitoring and Verifying RPR
After RPR is configured, you can monitor its status using the show interface spr or show run interface spr command (Example 16-4).
Example 16-4 Monitor and Verify RPR
Router# show interfaces spr 1
SPR1 is up, line protocol is up
Hardware is POS-SPR, address is 0005.9a39.714a (bia 0000.0000.0000)
MTU 1500 bytes, BW 1244160 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ONS15454-G1000, loopback not set
Keepalive not set
DTR is pulsed for 33391 seconds on reset
ARP type: ARPA, ARP Timeout 04:00:00
No. of active members in this SPR interface: 2
Member 0 : POS0
Member 1 : POS1
Last input never, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/150/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/80 (size/max)
5 minute input rate 1000 bits/sec, 2 packets/sec
5 minute output rate 2000 bits/sec, 4 packets/sec
1014 packets input, 96950 bytes
Received 0 broadcasts (0 IP multicast)
0 runts, 0 giants, 0 throttles
0 parity
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 input packets with dribble condition detected
1640 packets output, 158832 bytes, 0 underruns
0 output errors, 0 applique, 9 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions
Understanding Dual RPR Interconnect
Cisco ML-Series RPR includes a mechanism to interconnect rings for protection from node failure. The bridge-group protocol, DRPRI, provides two parallel connections of the rings linked by a special instance of RSTP. One connection is the active node and the other is the standby node. During a failure of the active node, link, or card, a proprietary algorithm detects the failure and causes a switchover to the standby node. DRPRI provides a sub-200 msec recovery time for Layer 2 bridged traffic, when the ML-Series employs the enhanced microcode image. When the ML-Series employs the base or Multiprotocol Label Switching (MPLS) microcode images, the recovery time for Layer 2 bridged traffic is up to 12 seconds. With any microcode image the recovery time for Layer 3 unicast and multicast traffic also depends on the convergence time of the routing protocol implemented.
The paired ML1000-2 cards share the same station ID and are viewed by other members of the RPR as a single card. In Figure 16-4, paired cards A and B have the same SPR station ID, and paired cards C and D have the same station ID. The interconnected nodes do not need to be adjacent on the RPR. Bridging, IP routing, policing and bandwidth allocations can still be provisioned on DRPRI ML1000-2 cards.
Figure 16-4 Dual RPR Interconnect Network and Paired Cards
DRPRI has these characteristics:
•Four ML1000-2 cards are required.
•All four ML1000-2 cards must be part of the same bridge-group (VLAN).
•Each paired set of ML1000-2 cards must have the same SPR station ID.
•The bridge-group must be configured on SPR subinterfaces.
•The DRPRI bridge-group is limited to one protocol, so a bridge-group with DRPRI implemented cannot also implement RSTP or STP.
•On each of the four ML1000-2 cards, both GigabitEthernet ports must be joined in Gigabit EtherChannel (GEC) and the GEC interface included in the DRPRI bridge-group, or one GigabitEthernet port must be shut down and the other one included in the DRPRI bridge-group. We recommend the GEC method.
•A manual shutdown on subinterfaces or the GEC interface included in the DRPRI bridge-group must be issued on the interfaces at both ends of the GEC or Ethernet connection between the rings.
•The DRPRI bridge-group cannot also be used to carry data traffic.
•A DRPRI node can only be used for interconnecting two RPRs. The front ports of the cards should not be used to carry other traffic.
•Non-DRPRI bridge-groups carrying traffic between rings should not have STP or RSTP configured.
•Non-DRPRI bridge-groups carrying traffic between rings must be configured on each of the four ML-Series cards.
•QinQ and protocol tunnels cannot be started on DRPRI nodes, but DRPRI nodes can bridge QinQ and protocol tunnels across the connected rings.
•Users should not change the pathcost of members of the DRPRI bridge-group. The pathcost is assigned by the ML-Series card to ensure proper operation of DRPRI. A user configured pathcost will be overwritten by the assigned default DRPRI pathcost.
Configuring DRPRI
DRPRI requires two pairs of ML-Series cards with one pair configured as RPR and belonging to the first of two adjacent RPRs, and the second pair configured as RPR and belonging to the second RPR (Figure 16-4). DRPRI is configured on each of the four ML1000-2 cards that connect the two adjacent RPRs. The process of configuring DRPRI consists of the following tasks:
1. Configure a bridge-group with the DRPRI protocol.
2. Configure the SPR interface.
a. Assign a station ID number.
b. Assign a DRPRI ID of 0 or 1.
3. Create an SPR subinterface and assign the bridge-group to the subinterface.
4. Create a GEC interface.
5. Create a GEC subinterface and assign the bridge-group to the subinterface.
To enable and configure DRPRI, perform the following procedure, beginning in global configuration mode:
|
|
|
|
|---|---|---|
Step 1 |
Router(config)# bridge crb
|
Concurrent routing and bridging is disabled. When concurrent routing and bridging has been enabled, the default behavior is to bridge all protocols that are not explicitly routed in a bridge group. |
Step 2 |
Router(config)# bridge bridge-group-number protocol drpri-rstp |
Creates the bridge-group number shared by the four ML1000-2 cards and assigns the protocol for DRPRI to the bridge-group. The same command using the same bridge group number must be given on each of the four cards. |
Step 3 |
Router(config)# interface spr 1 |
Creates the SPR interface for RPR or enters the SPR interface configuration mode on a previously created SPR interface. The only valid SPR number is 1. |
Step 4 |
Router(config-if)# spr station-ID station-ID-number |
Configures a station identification number. The user must configure the same station ID on both the paired cards. Valid station ID numbers range from 1 to 254. |
Step 5 |
Router(config-if)# spr drpri-ID {0 | 1}
|
Creates a DRPRI identification number of 0 or 1 to differentiate between the ML1000-2 cards paired for DRPRI. |
Step 6 |
Router(config-if)# interface spr shared-packet-ring-sub-interface-number |
Creates the SPR subinterface. |
Step 7 |
Router(config-subif)# encapsulation dot1q vlan-ID |
Sets the SPR subinterface encapsulation to IEEE 802.1Q. |
Step 8 |
Router(config-subif)# bridge-group
bridge-group-number
|
Assigns the SPR subinterface to a bridge-group. |
Step 9 |
Router(config)# interface port-channel channel-number |
Creates the GEC interface or channel-group. |
Step 10 |
Router(config-if)# interface gigabitethernet number |
Enters interface configuration mode for the first GigabitEthernet interface that you want to assign to the GEC subinterface. |
Step 11 |
Router(config-if)# channel-group channel-number |
Assigns the GigabitEthernet interfaces to the GEC. The channel number must be the same channel number that you assigned to the EtherChannel interface. |
Step 12 |
Router(config-if)# interface gigabitethernet number |
Enters interface configuration mode for the second GigabitEthernet interface that you want to assign to the GEC subinterface. |
Step 13 |
Router(config-if)# channel-group channel-number |
Assigns the GigabitEthernet interfaces to the GEC. The channel number must be the same channel number that you assigned to the EtherChannel interface. |
Step 14 |
Router(config-subif)# interface
port-channel channel-sub-interface-number
|
Creates the GEC subinterface. |
Step 15 |
Router(config-subif)# encapsulation dot1q vlan-ID |
Sets subinterface encapsulation to IEEE 802.1Q. The VLAN ID used should be the same VLAN ID used in Step 7. |
Step 16 |
Router(config-subif)# bridge-group
bridge-group-number
|
Assigns the GEC subinterface to the bridge-group. |
Step 17 |
Router(config-if)# end
|
Exits to privileged EXEC mode. |
Step 18 |
Router# copy running-config startup-config |
(Optional) Saves configuration changes to NVRAM. |
DRPRI IOS Configuration Example
Figure 16-4 shows an example of RPR configuration. The associated code is provided in Examples 16-5, 16-6, 16-7, and 16-8.
Example 16-5 ML-Series A Configuration
hostname ML-Series A
bridge crb
bridge 100 protocol drpri-rstp
interface Port-channel1
no ip address
no ip route-cache
hold-queue 300 in
interface Port-channel1.1
encapsulation dot1Q 10
no ip route-cache
bridge-group 100
interface SPR1
no ip address
no keepalive
spr station-ID 1
hold-queue 150 in
interface SPR1.1
encapsulation dot1Q 10
bridge-group 100
interface GigabitEthernet0
no ip address
no ip route-cache
channel-group 1
interface GigabitEthernet1
no ip address
no ip route-cache
channel-group 1
interface POS0
no ip address
spr-intf-ID 1
crc 32
interface POS1
no ip address
spr-intf-ID 1
crc 32
ip classless
no ip http server
Example 16-6 ML-Series B Configuration
hostname ML-Series B
bridge crb
bridge 100 protocol drpri-rstp
interface Port-channel1
no ip address
no ip route-cache
hold-queue 300 in
interface Port-channel1.1
encapsulation dot1Q 10
no ip route-cache
bridge-group 100
interface SPR1
no ip address
no keepalive
spr station-ID 1
spr drpr-ID 1
hold-queue 150 in
interface SPR1.1
encapsulation dot1Q 10
bridge-group 100
interface GigabitEthernet0
no ip address
no ip route-cache
channel-group 1
interface GigabitEthernet1
no ip address
no ip route-cache
channel-group 1
interface POS0
no ip address
spr-intf-ID 1
crc 32
interface POS1
no ip address
spr-intf-ID 1
crc 32
ip classless
no ip http server
Example 16-7 ML-Series C Configuration
hostname ML-Series C
bridge crb
bridge 100 protocol drpri-rstp
interface Port-channel1
no ip address
no ip route-cache
hold-queue 300 in
interface Port-channel1.1
encapsulation dot1Q 10
no ip route-cache
bridge-group 100
interface SPR1
no ip address
no keepalive
spr station-ID 2
hold-queue 150 in
interface SPR1.1
encapsulation dot1Q 10
bridge-group 100
interface GigabitEthernet0
no ip address
no ip route-cache
channel-group 1
interface GigabitEthernet1
no ip address
no ip route-cache
channel-group 1
interface POS0
no ip address
spr-intf-ID 1
crc 32
interface POS1
no ip address
spr-intf-ID 1
crc 32
ip classless
no ip http server
Example 16-8 ML-Series D Configuration
hostname ML-Series D
bridge crb
bridge 100 protocol drpri-rstp
interface Port-channel1
no ip address
no ip route-cache
hold-queue 300 in
interface Port-channel1.1
encapsulation dot1Q 10
no ip route-cache
bridge-group 100
interface SPR1
no ip address
no keepalive
spr station-ID 2
spr drpr-ID 1
hold-queue 150 in
interface SPR1.1
encapsulation dot1Q 10
bridge-group 100
interface GigabitEthernet0
no ip address
no ip route-cache
channel-group 1
interface GigabitEthernet1
no ip address
no ip route-cache
channel-group 1
interface POS0
no ip address
spr-intf-ID 1
crc 32
interface POS1
no ip address
spr-intf-ID 1
crc 32
ip classless
no ip http server
Monitoring and Verifying DRPRI
After DRPRI is configured, you can monitor its status using the show bridge verbose command (Example 16-9).
Example 16-9 show bridge verbose Command
Router# show bridge bridge-group-number verbose
Feedback