l***y
发帖数: 791 | 1 Working on getting HA to work with Junos&JunosE peering one way or another.
Here's a brief digestastic thingy:
For juniper JunosE:
It's interesting how the C bit in BFD packets will impact GR remote peer's
interpretation of BFD session lost and react differently.
ref:
http://www.juniper.net/techpubs/software/erx/junose93/swconfig-bgp-mpls/detecting-peer-reachability-with-bfd.html#jN17C3D
The ability to distribute BFD session to the line cards are line card
dependent. Apparantly, when BFD is dist | s*****g
发帖数: 1055 | 2 BFD is for data plane failure detection only, there is no standard for BFD interaction with GR/NSR, when a router is undergoing GR/NSR, you either disable BFD or force BFD to re-negotiate a longer timer. In very very rare scenario you will have a double failure, so this is really a moot point, as long as BFD resumes after GR/NSR, any kind of implementation is acceptable. | l***y
发帖数: 791 | 3 i am not saying what should be the behavior, only that the afore mentioned would be the behavior when GR/NSR occurs, based on juniper documentation and what our SE tells us.
if we can disable BFD when SRP/RE switchover occurs without getting the
remote peer to tear down the session, it'd be great. question is, do the routers do that?
interaction with GR/NSR, when a router is undergoing GR/NSR, you either
disable BFD or force BFD to re-negotiate a longer timer. In very very rare
scenario you wil
【在 s*****g 的大作中提到】
: BFD is for data plane failure detection only, there is no standard for BFD interaction with GR/NSR, when a router is undergoing GR/NSR, you either disable BFD or force BFD to re-negotiate a longer timer. In very very rare scenario you will have a double failure, so this is really a moot point, as long as BFD resumes after GR/NSR, any kind of implementation is acceptable.
| c*****i
发帖数: 631 | 4 what's the bfd timer which is used? I'm not sure Juniper, but for crs and
gsr, bfd and nsr can coexist without issue.
would be the behavior when GR/NSR occurs, based on juniper documentation
and what our SE tells us.
routers do that?
as
【在 l***y 的大作中提到】
: i am not saying what should be the behavior, only that the afore mentioned would be the behavior when GR/NSR occurs, based on juniper documentation and what our SE tells us.
: if we can disable BFD when SRP/RE switchover occurs without getting the
: remote peer to tear down the session, it'd be great. question is, do the routers do that?
:
: interaction with GR/NSR, when a router is undergoing GR/NSR, you either
: disable BFD or force BFD to re-negotiate a longer timer. In very very rare
: scenario you wil
| l***y
发帖数: 791 | 5 I guess, maybe, for crs and gsr, bfd is always distributed to the cards? coz
for junos/junosE, as long as the cards support distributed bfd, the GR/NSR
can coexist with bfd without problems. it's when bfd is dependent on the RE/
SRP, with C bit set to 0, when the card is dead, the bfd session is lost,
but the neighbor would hold the routing info assuming it is a RE/SRP switch
and wait as if RE/SRP switch has occured.
【在 c*****i 的大作中提到】
: what's the bfd timer which is used? I'm not sure Juniper, but for crs and
: gsr, bfd and nsr can coexist without issue.
:
: would be the behavior when GR/NSR occurs, based on juniper documentation
: and what our SE tells us.
: routers do that?
: as
| t*******r
发帖数: 3271 | 6 没听说过BFD和GR/NSR一起用出过什么问题, 唯一需要注意的是BFD如果是下到PFE层面(
delegate-processing, post version 8.5), 你要注意一般设为timer>100ms.
BFD:切换检测工具, 毫秒级
GR:只要helper可以, 你的流量不必中断
NSR:自己玩自己的,对方咋样都无所谓
BFD打开无非是检测你的IGP/BGP nbr down的快了一些而已, 除此之外还有啥?
只要查到NBR DOWN,就启用GR/NSR呗.
注意对JUNOS来说比较怪异的协议(如MVPN等)还是不要打开NSR, 个人感觉做的还是不太
完善. | t*******r
发帖数: 3271 | 7 前几个版本是RE/CPU起bfd的, 建议300ms以上~ | s*****g
发帖数: 1055 | 8 Your understanding of BFD interaction with GR/NSR is not correct, BFD
neighbor down should only trigger application protocol re-convergence, which
has nothing to do with GR/NSR.
面(
【在 t*******r 的大作中提到】
: 没听说过BFD和GR/NSR一起用出过什么问题, 唯一需要注意的是BFD如果是下到PFE层面(
: delegate-processing, post version 8.5), 你要注意一般设为timer>100ms.
: BFD:切换检测工具, 毫秒级
: GR:只要helper可以, 你的流量不必中断
: NSR:自己玩自己的,对方咋样都无所谓
: BFD打开无非是检测你的IGP/BGP nbr down的快了一些而已, 除此之外还有啥?
: 只要查到NBR DOWN,就启用GR/NSR呗.
: 注意对JUNOS来说比较怪异的协议(如MVPN等)还是不要打开NSR, 个人感觉做的还是不太
: 完善.
| t*******r
发帖数: 3271 | 9 application protocols? 我不太明白这个, 能解释一下吗? | s*****g
发帖数: 1055 | 10 Application protocols like BGP, OSPF, ISIS, MPLS LSP etc, BFD provides
service (data plane failure detection) to those applications, if BFD detects
data plane failure, it will notify its registered application protocols
that underlying data forwarding is broken, such that those application
protocols do not wait for its own dead timer (which means longer convergence
time) to expire to declare neighbor is down. | | | t*******r
发帖数: 3271 | 11 protocols down的话(不管你用不用BFD), 如果有GR或NSR的技术, 业务流量都不会断的
. | s*****g
发帖数: 1055 | 12 Huh? Huh? In order to maintain/operate a good network, you not only need to know how to configure network devices, but also need to understand the reasons why various technologies are used and for what purposes.
【在 t*******r 的大作中提到】
: protocols down的话(不管你用不用BFD), 如果有GR或NSR的技术, 业务流量都不会断的
: .
| t*******r
发帖数: 3271 | 13 我觉得你应该认识我的好多同事, 甚至是同一个TEAM的 | t*******r
发帖数: 3271 | 14 其实你说的很对. BFD其实和NSR/GRES关系不是很大 | z**r
发帖数: 17771 | 15 BFD一个很大的好处就是protocol independent
面(
【在 t*******r 的大作中提到】
: 没听说过BFD和GR/NSR一起用出过什么问题, 唯一需要注意的是BFD如果是下到PFE层面(
: delegate-processing, post version 8.5), 你要注意一般设为timer>100ms.
: BFD:切换检测工具, 毫秒级
: GR:只要helper可以, 你的流量不必中断
: NSR:自己玩自己的,对方咋样都无所谓
: BFD打开无非是检测你的IGP/BGP nbr down的快了一些而已, 除此之外还有啥?
: 只要查到NBR DOWN,就启用GR/NSR呗.
: 注意对JUNOS来说比较怪异的协议(如MVPN等)还是不要打开NSR, 个人感觉做的还是不太
: 完善.
| t*******r
发帖数: 3271 | 16 加精了?
zher不错~
继续灌~ 要不然那我老得输入验证码, shit~ | m********d
发帖数: 188 | 17 bfd and gr are indeed different things.
however, in practical, even gr works fine, it's hard not to interrupt
traffic, based on my experience. in lab, you can make things so fancy,
traffic generator detected no or a few packet loss, but in real world, it
will give you real hard time believe me. | t*******r
发帖数: 3271 | 18 我彻底不懂你的意思, 而且我想你是搞错了我要表达的意思了.
to know
how to configure network devices, but also need to understand the reasons
why various
technologies are used and for what purposes.
【在 s*****g 的大作中提到】
: Huh? Huh? In order to maintain/operate a good network, you not only need to know how to configure network devices, but also need to understand the reasons why various technologies are used and for what purposes.
| c*****i
发帖数: 631 | 19 如果bfd detect到nbr down,会直接inform bgp tear down nbr,和nsr/gr没有任何关系
. nsr/gr只是在HA的情况下,比如RP failover才有作用.
【在 t*******r 的大作中提到】
: 我彻底不懂你的意思, 而且我想你是搞错了我要表达的意思了.
:
: to know
: how to configure network devices, but also need to understand the reasons
: why various
: technologies are used and for what purposes.
| t*******r
发帖数: 3271 | 20 楼上的还是没明白. 我说的根本就不是那个意思.
不过, 我必须承认, 我先前说的的确是错的. 正确的说法是: BFD就是快速检测错误的,
NSR/GR是HA的特性. |
|
