01-19 ERPS (G 8032) Configuration

S1720&S2700&S5700&S6720 Series Ethernet Switches
Configuration Guide - Ethernet Switching 19 ERPS (G.8032) Configuration
19 ERPS (G.8032) Configuration
About This Chapter
This chapter describes how to configure Ethernet Ring Protection Switching (ERPS). ERPS is
a protocol defined by the International Telecommunication Union - Telecommunication
Standardization Sector (ITU-T) to eliminate loops at Layer 2. It implements convergence of
carrier-class reliability standards, and allows all ERPS-capable devices on a ring network to
communicate.
19.1 Overview of ERPS

19.2 Understanding ERPS
19.3 Application Scenarios for ERPS
19.4 Summary of ERPS Configuration Tasks
19.5 Licensing Requirements and Limitations for ERPS
19.6 Default Settings for ERPS
19.7 Configuring ERPSv1
19.9 Configuring the ERPS over VPLS Function
19.10 Clearing ERPS Statistics
19.11 Configuration Examples for ERPS
19.12 Troubleshooting ERPS
19.13 References for ERPS
19.1 Overview of ERPS
Issue 05 (2018-05-14) Huawei Proprietary and Confidential 1062

Copyright © Huawei Technologies Co., Ltd.
Definition
ERPS is a protocol defined by the International Telecommunication Union -
Telecommunication Standardization Sector (ITU-T) to eliminate loops at Layer 2. Because
the standard number is ITU-T G.8032/Y1344, ERPS is also called G.8032. ERPS defines
Ring Auto Protection Switching (RAPS) Protocol Data Units (PDUs) and protection
switching mechanisms.
ERPS has two versions: ERPSv1 released by ITU-T in June 2008 and ERPSv2 released in
August 2010. EPRSv2, fully compatible with ERPSv1, provides the following enhanced
functions:
l Multi-ring topologies, such as intersecting rings
l RAPS PDU transmission on virtual channels (VCs) and non-virtual-channels (NVCs) in
sub-rings
l Forced Switch (FS) and Manual Switch (MS)
l Revertive and non-revertive switching
Purpose
Generally, redundant links are used on an Ethernet switching network such as a ring network
to provide link backup and enhance network reliability. The use of redundant links, however,
may produce loops, causing broadcast storms and rendering the MAC address table unstable.
As a result, communication quality deteriorates, and communication services may even be
interrupted. Table 19-1 describes ring network protocols supported by devices.
Table 19-1 Ring network protocols supported by devices

Ring Network Advantage Disadvantage
Protocol
RRPP Provides fast convergence and l Supports only level-1 sub-

carrier-class reliability. ring in ring networking.
l Is a Huawei proprietary
protocol that cannot be used
for communication between
Huawei and non-Huawei
devices.
STP/RSTP/MSTP l Applies to all Layer 2 Provides low convergence on a

networks. large network, which cannot
l Is a standard IEEE protocol meet the carrier-class reliability
that allows Huawei devices requirement.
to communicate with non-
Huawei devices.

Ring Network Advantage Disadvantage

Protocol
SEP l Applies to all Layer 2 Is a Huawei proprietary

networks. protocol that cannot be used for
l Provides fast convergence communication between
and carrier-class reliability. Huawei and non-Huawei
devices.
l Displays the topology of an
entire ring, facilitating fault
location and device
maintenance.
ERPS l Provides fast convergence Requires the network topology

and carrier-class reliability. to be planned in advance. The
l Is a standard ITU-T configuration is complex.
protocol that allows Huawei
devices to communicate
with non-Huawei devices.
l Supports single-ring and
multi-ring topologies in
ERPSv2.
Ethernet networks demand faster protection switching. STP does not meet the requirement for
fast convergence. RRPP and SEP are Huawei proprietary ring protocols, which cannot be
used for communication between Huawei and non-Huawei devices on a ring network.
ERPS, a standard ITU-T protocol, prevent loops on ring networks. It optimizes detection and
performs fast convergence. ERPS allows all ERPS-capable devices on a ring network to
communicate.
Benefits
l Prevents broadcast storms and implements fast traffic switchover on a network where
there are loops.
l Provides fast convergence and carrier-class reliability.
l Allows all ERPS-capable devices on a ring network to communicate.
19.2 Understanding ERPS
19.2.1 Basic ERPS Concepts

ERPS eliminates loops at the link layer of an Ethernet network. ERPS works for ERPS rings.
There are several nodes in an ERPS ring. ERPS blocks the RPL owner port and controls
common ports to switch the port status between Forwarding and Discarding and eliminate
loops. ERPS uses the control VLAN, data VLAN, and Ethernet Ring Protection (ERP)
instance.
On the network shown in Figure 19-1, SwitchA through SwitchD constitute a ring and are
dual-homed to the upstream network. This access mode will cause a loop on the entire

network. To eliminate redundant links and ensure link connectivity, ERPS is used to prevent
loops.
Figure 19-1 ERPS single-ring networking
Network
Router1 Router2
SwitchA SwitchD
ERPS
RPL SwitchC
SwitchB
User
network
RPL owner
RPL neighbour
ERPS can be deployed on the network shown in Figure 19-1.
ERPS Ring
An ERPS ring consists of interconnected Layer 2 switching devices configured with the same
control VLAN.
An ERPS ring can be a major ring or a sub-ring. By default, an ERPS ring is a major ring.
The major ring is a closed ring, whereas a sub-ring is a non-closed ring. The major ring and
sub-ring are configured using commands. On the network shown in Figure 19-2, SwitchA
through SwitchD constitute a major ring, and SwitchC through SwitchF constitute a sub-ring.
Only ERPSv2 supports sub-rings.

Figure 19-2 ERPS major ring and sub-ring networking
SwitchC
SwitchA SwitchE
Major Ring Sub-Ring
SwitchB SwitchF
SwitchD
Node
A node refers to a Layer 2 switching device added to an ERPS ring. A maximum of two ports
on each node can be added to the same ERPS ring. SwitchA through SwitchD in Figure 19-2
are nodes in an ERPS major ring.
Port Role
ERPS defines three port roles: RPL owner port, RPL neighbor port (only in ERPSv2), and
common port.
l RPL owner port
An RPL owner port is responsible for blocking traffic over the Ring Protection Link
(RPL) to prevent loops. An ERPS ring has only one RPL owner port.
When the node on which the RPL owner port resides receives an RAPS PDU indicating
a link or node fault in an ERPS ring, the node unblocks the RPL owner port. Then the
RPL owner port can send and receive traffic to ensure nonstop traffic forwarding.
The link where the RPL owner port resides is the RPL.
l RPL neighbor port
An RPL neighbor port is directly connected to an RPL owner port.
Both the RPL owner port and RPL neighbor ports are blocked in normal situations to
prevent loops.
If an ERPS ring fails, both the RPL owner and neighbor ports are unblocked.
The RPL neighbor port helps reduce the number of FDB entry updates on the device
where the RPL neighbor port resides.
l Common port
Common ports are ring ports other than the RPL owner and neighbor ports.
A common port monitors the status of the directly connected ERPS link and sends RAPS
PDUs to notify the other ports of its link status changes.
Port Status
On an ERPS ring, an ERPS-enabled port has two statuses:
l Forwarding: forwards user traffic and sends and receives RAPS PDUs.
l Discarding: only sends and receives RAPS PDUs.

Control VLAN
A control VLAN is configured in an ERPS ring to transmit RAPS PDUs.
Each ERPS ring must be configured with a control VLAN. After a port is added to an ERPS
ring configured with a control VLAN, the port is added to the control VLAN automatically.
Different ERPS rings must use different control VLANs.
Data VLAN
Unlike control VLANs, data VLANs are used to transmit data packets.
ERP Instance
On a Layer 2 device running ERPS, the VLAN in which RAPS PDUs and data packets are
transmitted must be mapped to an Ethernet Ring Protection (ERP) instance so that ERPS
forwards or blocks the packets based on configured rules. If the mapping is not configured,
the preceding packets may cause broadcast storms on the ring network. As a result, the
network becomes unavailable.
Timer
ERPS defines four timers: Guard timer, WTR timer, Holdoff timer, and WTB timer (only in
ERPSv2).
l Guard timer
After a faulty link or node recovers or a clear operation is executed, the device sends
RAPS No Request (NR) messages to inform the other nodes of the link or node recovery
and starts the Guard timer. Before the Guard timer expires, the device does not process
any RAPS (NR) messages to avoid receiving out-of-date RAPS (NR) messages. After
the Guard timer expires, if the device still receives an RAPS (NR) message, the local
port enters the Forwarding state.
l WTR timer
If an RPL owner port is unblocked due to a link or node fault, the involved port may not
go Up immediately after the link or node recovers. Blocking the RPL owner port may
cause network flapping. To prevent this problem, the node where the RPL owner port
resides starts the wait to restore (WTR) timer after receiving an RAPS (NR) message. If
the node receives an RAPS Signal Fail (SF) message before the timer expires, it
terminates the WTR timer. If the node does not receive any RAPS (SF) message before
the timer expires, it blocks the RPL owner port when the timer expires and sends an
RAPS (no request, root blocked) message. After receiving this RAPS (NR, RB)
message, the nodes set their recovered ports on the ring to the Forwarding state.
l Holdoff timer
On Layer 2 networks running EPRS, there may be different requirements for protection
switching. For example, on a network where multi-layer services are provided, after a
server fails, users may require a period of time to rectify the server fault so that clients do
not detect the fault. You can set the Holdoff timer. If the fault occurs, the fault is not
immediately sent to ERPS until the Holdoff timer expires.
l WTB timer
The wait to block (WTB) timer starts when Forced Switch (FS) or Manual Switch (MS)
is performed. Because multiple nodes on an ERPS ring may be in FS or MS state, the

clear operation takes effect only after the WTB timer expires. This prevents the RPL
owner port from being blocked immediately.
The WTB timer value cannot be configured. Its value is the Guard timer value plus 5.
The default WTB timer value is 7s.
Revertive and Non-revertive Switching

After link faults in an ERPS ring are rectified, re-blocking the RPL owner port depends on the
switching mode:
l In revertive switching, the RPL owner port is re-blocked after the WTR timer expires,
and the RPL is blocked.
l In non-revertive switching, the WTR timer is not started, and the original faulty link is
still blocked.
ERPS rings use revertive switching by default.
ERPSv1 supports only revertive switching. ERPSv2 supports both revertive and non-revertive
switching.
Port Blocking Modes

Because the Ring Protection Link (RPL) may have high bandwidth, you can block the low-
bandwidth link so that user traffic can be transmitted on the RPL. ERPSv2 supports both
Forced Switch (FS) and Manual Switch (MS) modes for blocking an ERPS port:
l FS: forcibly blocks a port immediately after FS is configured, irrespective of whether
link failures have occurred.
l MS: blocks a port on which MS is configured when the ERPS ring is in Idle or Pending
state.
In addition to FS and MS operations, ERPS also supports the clear operation. The clear
operation has the following functions:
l Clears an existing FS or MS operation.
l Triggers revertive switching before the WTR or WTB timer expires in the case of
revertive switching operations.
l Triggers revertive switching in the case of non-revertive switching operations.
Only ERPSv2 supports port blocking modes.
RAPS PDU Transmission Mode in a Sub-ring

ERPSv2 supports single-ring and multi-ring topologies. In multi-ring topologies, both the
virtual channel (VC) and non-virtual-channel (NVC) can be used to transmit RAPS PDUs in
sub-rings.
l VC: RAPS PDUs in sub-rings are transmitted to the major ring through interconnected
nodes. The RPL owner port of the sub-ring blocks both RAPS PDUs and data traffic.
l NVC: RAPS PDUs in sub-rings are terminated on the interconnected nodes. The RPL
owner port blocks data traffic but not RAPS PDUs in each sub-ring.
On the network shown in Figure 19-3, a major ring is interconnected with two sub-rings. The
sub-ring on the left has a VC, whereas the sub-ring on the right has an NVC.

Figure 19-3 Interconnected rings with a VC or NVC
Major Ring
Sub-Ring Sub-Ring
with virtual without virtual
channel channel
Ethernet Ring Node
Interconnection Node
RPL owner Interface
RAPS Virtual Channel
By default, sub-rings use NVCs to transmit RAPS PDUs, except for the scenario shown in
Figure 19-4.
NOTE
When sub-ring links are discontiguous, VCs must be used.
On the network shown in Figure 19-4, links b and d belong to major rings 1 and 2
respectively; links a and c belong to the sub-ring. As links a and c are discontiguous, they
cannot detect the status change between each other, so VCs must be used for RAPS PDU
transmission.

Figure 19-4 VC networking

a
Sub-Ring
with virtual
channel
b d
Major Major
Ring1 Ring2
c
Ethernet Ring Node
Interconnection Node
RPL owner Interface
RAPS Virtual Channel
Table 19-2 lists the advantages and disadvantages of RAPS PDU transmission modes in sub-
rings with VCs or NVCs.
Table 19-2 Comparison between RAPS PDU transmission modes in a sub-ring with VCs or
NVCs
RAPS Advantage Disadvantage
PDU
Transmis
sion
Mode in
a Sub-
ring
VC Applies to scenarios in which Requires VC resource reservation and

sub-ring links are controls VLAN assignment from adjacent
discontiguous. rings.
NVC Does not need to reserve Is not applicable to scenarios in which sub-
resources or control VLAN ring links are discontiguous.
assignment from adjacent rings.

19.2.2 RAPS PDUs
ERPS protocol packets are called Ring Auto Protection Switching (RAPS) Protocol Data
Units (PDUs), which are transmitted in ERPS rings to convey ERPS ring information. Figure
19-5 shows the RAPS PDU format.
Figure 19-5 RAPS PDU format

1 2 34
8 7 6 5 4 3 2 1 8 7 6 5 4 3 2 1 8 7 6 5 4 3 2 1 8 7 6 5 4 3 2 1
1
MEL Version(0) OpCode(R-APS=40) Flags(0) TLV Offset(32)
5
... R-APS Specific Information(32 octets)
...
37
[optional TLV starts here;otherwise End TLV]
last End TLV(0)
Table 19-3 describes the fields in an RAPS PDU.
Table 19-3 Fields in an RAPS PDU

Field Lengt Description
h
MEL 3 bits Identifies the maintenance entity group (MEG) level of the
RAPS PDU.
Version 5 bits l 0x00: ERPSv1

l 0x01: EPRSv2
OpCode 8 bits Indicates an RAPS PDU. The value of this field is 0x28.
Flags 8 bits Is ignored upon RAPS PDU receiving. The value of this field
is 0x00.
TLV Offset 8 bits Indicates that the TLV starts after an offset of 32 bytes. The
value of this field is 0x20.
R-APS Specific 32x8 Is the core field in an RAPS PDU and carries ERPS ring
Information bits information. There are differences between sub-fields in
ERPSv1 and ERPSv2. Figure 19-6 shows the R-APS
Specific Information field format in ERPSv1. Figure 19-7
shows the R-APS Specific Information field format in
ERPSv2.
TLV Not Describes information to be loaded. The end TLV value is

limite 0x00.
d

Figure 19-6 Format of the R-APS Specific Information field in ERPSv1

1 2 34
8 7 6 5 4 3 2 1 8 7 6 5 4 3 2 1 8 7 6 5 4 3 2 1 8 7 6 5 4 3 2 1
Request Reserved Status Node ID(6 octets)

/State 1 R D
Status
B N
Reserved
F
(Node ID)
Reserved 2(24 octets)
Figure 19-7 Format of the R-APS Specific Information field in ERPSv2
Table 19-4 describes sub-fields in the R-APS Specific Information field.
Table 19-4 Sub-fields in the R-APS Specific Information field
Sub-Field Length Description
Request/ 4 bits Indicates that this RAPS PDU is a request or state PDU. The
State value can be:
l 1101: forced switch (FS)
l 1110: Event
l 1011: signal failed (SF)
l 0111: manual switch (MS)
l 0000: no request (NR)
l Others: reserved
Reserved 1 4 bits Reserved 1 is used in ERPSv1 for message reply or protection

identifier.
Sub-code is used in ERPSv2. The value depends on the
Request/State field value:

Sub-Field Length Description
Sub-code l If the Request/State field value is 1110, the Sub-code value

is 0000, indicating FDB entry update.
l If the Request/State field value is any other value than
1110, the Sub-code value is 0000 and ignored upon RAPS
PDU receiving.
Status 8 bits Includes the following status information:

l RPL Blocked (RB) (1 bit): The value 1 indicates that the
RPL owner port is blocked; the value 0 indicates that the
RPL owner port is unblocked. The nodes where the RPL
owner port is not configured set this sub-field to 0 in
outgoing RAPS PDUs.
l Do Not Flush (DNF) (1 bit): The value 1 indicates that
FDB entries are not updated when RAPS PDUs are
received; the value 0 indicates that FDB entries may be
updated when RAPS PDUs are received.
l Blocked port reference (BPR) (1 bit): The value 0 indicates
that ring link 0 is blocked; The value 1 indicates that ring
link 1 is blocked.
BPR is valid only in ERPSv2.
l Status Reserved: This sub-field is reserved. This sub-field
is all 0s during RAPS PDU transmission, and is ignored
upon RAPS PDU receiving. In ERPSv1, this sub-field has
6 bits. In ERPSv2, this sub-field has 5 bits.
Node ID 6 x 8 bits Identifies the MAC address of a node in an ERPS ring. It is

informational and does not affect protection switching in the
ERPS ring.
Reserved 2 24 x 8 bits Is reserved and ignored upon RAPS PDU receiving. The value
is all 0 during RAPS PDU transmission.
19.2.3 ERPS Single-ring Implementation

ERPS is a standard ring protocol used to prevent loops in ERPS rings at the Ethernet link
layer. A maximum of two ports on each Layer 2 switching device can be added to the same
ERPS ring.
To prevent loops in an ERPS ring, you can enable a loop-breaking mechanism to block the
Ring Protection Link (RPL) owner port to eliminate loops. If a link on the ring network fails,
the ERPS-enabled device immediately unblocks the blocked port and performs link switching
to restore communication between nodes on the ring network.
This section describes how ERPS is implemented on a single-ring network when links are
normal, when a link fails, and when the link recovers (including protection switching
operations).

Links Are Normal

On the network shown in Figure 19-8, SwitchA through SwitchE constitute a ring network,
and they can communicate with each other.
1. To prevent loops, ERPS blocks the RPL owner port and also the RPL neighbor port (if
any is configured). All other ports can transmit service traffic.
2. The RPL owner port sends RAPS (NRRB) messages to all other nodes in the ring at an
interval of 5s, indicating that ERPS links are normal.
Figure 19-8 ERPS single-ring networking (links are normal)
Network
Router1 Router2
SwitchA SwitchE
ERPS
RPL SwitchD
SwitchB
RPL owner SwitchC
User
network
Blocked Interface
Data Flow
A Link Fails
As shown in Figure 19-9, if the link between SwitchD and SwitchE fails, the ERPS
protection switching mechanism is triggered. The ports on both ends of the faulty link are
blocked, and the RPL owner port and RPL neighbor port are unblocked to send and receive
traffic. This mechanism ensures nonstop traffic transmission. The process is as follows:
1. After SwitchD and SwitchE detect the link fault, they block their ports on the faulty link
and update Filtering Database (FDB) entries.
2. SwitchD and SwitchE send three consecutive RAPS Signal Fail (SF) messages to the
other LSWs and send one RAPS (SF) message at an interval of 5s afterwards.

3. After receiving an RAPS (SF) message, the other LSWs update their FDB entries.
SwitchC on which the RPL owner port resides and SwitchB on which the RPL neighbor
port resides unblock the respective RPL owner port and RPL neighbor port, and update
FDB entries.
Figure 19-9 ERPS single-ring networking (unblocking the RPL owner port and RPL neighbor
port if a link fails)
Network
Router1 Router2
SwitchA SwitchE
ERPS
SwitchB RPL
SwitchD
RPL owner SwitchC
User
network Failed Link
Blocked Interface
Data Flow
The Link Recovers

After the link fault is rectified, either of two situations may occur:
l If the ERPS ring uses revertive switching, the RPL owner port is blocked again, and the
link that has recovered is used to forward traffic.
l If the ERPS ring uses non-revertive switching, the RPL remains unblocked, and the link
that has recovered is still blocked.
The following example uses revertive switching to illustrate the process after the link
recovers.
1. After the link between SwitchD and SwitchE recovers, SwitchD and SwitchE start the
Guard timer to avoid receiving out-of-date RAPS PDUs. The two switches do not
receive any RAPS PDUs before the timer expires. At the same time, SwitchD and
SwitchE send RAPS (NR) messages to the other LSWs.

2. After receiving an RAPS (NR) message, SwitchC on which the RPL owner port resides
starts the WTR timer. After the WTR timer expires, SwitchC blocks the RPL owner port
and sends RAPS (NR, RB) messages.
3. After receiving an RAPS (NR, RB) message, SwitchD and SwitchE unblock the ports at
the two ends of the link that has recovered, stop sending RAPS (NR) messages, and
update FDB entries. The other LSWs also update FDB entries after receiving an RAPS
(NR, RB) message.
Protection Switching
l Forced switch
On the network shown in Figure 19-10, SwitchA through SwitchE in the ERPS ring can
communicate with each other. A forced switch (FS) operation is performed on the
SwitchE's port that connects to SwitchD, and the SwitchE's port is blocked. Then the
RPL owner port and RPL neighbor port are unblocked to send and receive traffic. This
mechanism ensures nonstop traffic transmission. The process is as follows:
a. After the SwitchD's port that connects to SwitchE is forcibly blocked, SwitchE
update FDB entries.
b. SwitchE sends three consecutive RAPS (SF) messages to the other LSWs and sends
one RAPS (SF) message at an interval of 5s afterwards.
c. After receiving an RAPS (SF) message, the other LSWs update their FDB entries.
SwitchC on which the RPL owner port resides and SwitchB on which the RPL
neighbor port resides unblock the respective RPL owner port and RPL neighbor
port, and update FDB entries.
Figure 19-10 Layer 2 ERPS ring networking (blocking a port in FS mode)
Network
Router1 Router2
SwitchA SwitchE
ERPS
SwitchB RPL
SwitchD
RPL owner SwitchC
User
network
Blocked Interface
Data Flow

l Clear
After a clear operation is performed on SwitchE, the port that is forcibly blocked by FS
sends RAPS (NR) messages to all other ports in the ERPS ring.
– If the ERPS ring uses revertive switching, the RPL owner port starts the WTB timer
after receiving an RAPS (NR) message. After the WTB timer expires, the FS
operation is cleared. Then the RPL owner port is blocked, and the blocked port on
SwitchE is unblocked. If you perform a clear operation on SwitchC on which the
RPL owner port resides before the WTB timer expires, the RPL owner port is
immediately blocked, and the blocked port on SwitchE is unblocked.
– If the ERPS ring uses non-revertive switching and you want to block the RPL
owner port, perform a clear operation on SwitchC on which the RPL owner port
resides.
l Manual switch
The MS process in an ERPS ring is similar to the FS process. The difference is that the
MS operation does not take effect when the ERPS ring is not idle or pending.
19.2.4 ERPS Multi-ring Implementation

Ethernet Ring Protection Switching Version 1 (ERPSv1) supports only single-ring topology,
whereas ERPSv2 supports single-ring and multi-ring topologies.
A multi-ring network consists of one or more major rings and sub-rings. A sub-ring can have
a virtual channel (VC) or non-virtual channel (NVC), depending on whether RAPS PDUs in
the sub-ring will be transmitted to a major ring.
This section describes how ERPS is implemented on a multi-ring network where sub-rings
use NVCs when links are normal, when a link fails, and when the link recovers.
Links Are Normal

On the multi-ring network shown in Figure 19-11, SwitchA through SwitchE constitute a
major ring; SwitchB, SwitchC, and SwitchF constitute sub-ring 1, and SwitchC, SwitchD, and
SwitchG constitute sub-ring 2. The LSWs in each ring can communicate with each other.
1. To prevent loops, each ring blocks its RPL owner port. All other ports can transmit
service traffic.
2. The RPL owner port on each ring sends RAPS (NRRB) messages to all other nodes in
the same ring at an interval of 5s. The RAPS (NRRB) messages in the major ring are
transmitted only in this ring. The RAPS (NRRB) messages in each sub-ring are
terminated on the interconnected nodes and therefore are not transmitted to the major
ring.
Traffic between PC1 and the upper-layer network travels along the path PC1 -> SwitchF ->
SwitchB -> SwitchA -> Router1; traffic between PC2 and the upper-layer network travels
along the path PC2 -> SwitchG -> SwitchD -> SwitchE -> Router2.

Figure 19-11 ERPS multi-ring networking (links are normal)
Network
Router1 Router2
SwitchA SwitchE
Major Ring SwitchD

SwitchB
L
RP
Sub-Ring2
Sub-Ring1 RP
L SwitchC L
RP
SwitchF SwitchG
PC1 PC2
RPL owner
Data Flow
A Link Fails
As shown in Figure 19-12, if the link between SwitchD and SwitchG fails, the ERPS
protection switching mechanism is triggered. The ports on both ends of the faulty link are
blocked, and the RPL owner port in sub-ring 2 is unblocked to send and receive traffic. In this
situation, traffic from PC1 still travels along the original path. SwitchC and SwitchD inform
the other nodes in the major ring of the topology change so that traffic from PC2 is also not
interrupted. Traffic between PC2 and the upper-layer network travels along the path PC2 ->
SwitchG -> SwitchC -> SwitchB -> SwitchA -> SwitchE -> Router2. The process is as
follows:
1. After SwitchD and SwitchG detect the link fault, they block their ports on the faulty link
and update Filtering Database (FDB) entries.

2. SwitchG sends three consecutive RAPS (SF) messages to the other LSWs and sends one
RAPS (SF) message at an interval of 5s afterwards.
3. SwitchG then unblocks the RPL owner port and updates FDB entries.
4. After the interconnected node SwitchC receives an RAPS (SF) message, it updates FDB
entries. SwitchC and SwitchD then send RAPS Event messages within the major ring to
notify the topology change in sub-ring 2.
5. After receiving an RAPS Event message, the other LSWs in the major ring update FDB
entries.
Then traffic from PC2 is switched to a normal link.
Figure 19-12 ERPS multi-ring networking (unblocking the RPL owner port if a link fails)
Network
Router1 Router2
SwitchA SwitchE
Major Ring SwitchD

SwitchB
L
RP
Sub-Ring2
Sub-Ring1 RP
L L
RP SwitchC
SwitchG
PC1 PC2
Blocked Interface
Data Flow

The Link Recovers

After the link fault is rectified, either of two situations may occur:
l If the ERPS ring uses revertive switching, the RPL owner port is blocked again, and the
link that has recovered is used to forward traffic.
l If the ERPS ring uses non-revertive switching, the RPL remains unblocked, and the link
that has recovered is still blocked.
The following example uses revertive switching to illustrate the process after the link
recovers.
1. After the link between SwitchD and SwitchG recovers, SwitchD and SwitchG start the
Guard timer to avoid receiving out-of-date RAPS PDUs. The two devices do not receive
any RAPS PDUs before the timer expires. Then SwitchD and SwitchG send RAPS (NR)
messages within sub-ring 2.
2. SwitchG on which the RPL owner port resides starts the WTR timer. After the WTR
timer expires, SwitchG blocks the RPL owner port and unblocks its port on the link that
has recovered and then sends RAPS (NR, RB) messages within sub-ring 2.
3. After receiving an RAPS (NR, RB) message from SwitchG, SwitchD unblocks its port
on the recovered link, stops sending RAPS (NR) messages, and updates FDB entries.
SwitchC also updates FDB entries.
4. SwitchC and SwitchD (interconnected nodes) send RAPS Event messages within the
major ring to notify the link recovery of sub-ring 2.
5. After receiving an RAPS Event message, the other LSWs in the major ring update FDB
entries.
Then traffic changes to the normal state, as shown in Figure 19-11.
19.2.5 ERPS Multi-instance

On a common ERPS network, a physical ring can be configured with a single ERPS ring, and
only one blocked port can be specified in the ring. When the ERPS ring is in normal state, the
blocked port prohibits all service packets from passing through. As a result, all service data is
transmitted through one path over the ERPS ring, and the other link on the blocked port
becomes idle, wasting bandwidth. As shown in Figure 19-13, when only ERPS Ring1 is
configured, Interface1 is blocked and data is forwarded through the path where Data Flow1
travels. The link SwitchC -> SwitchD -> SwitchE is idle.

Figure 19-13 Networking diagram of ERPS multi-instance
Network
Router1 Router2
SwitchE
SwitchA
ERPS Ring2
ERPS Ring1
SwitchD
SwitchB
Interface2 Interface1
SwitchC
Ring1 Blocked Port
CE1 Ring2 Blocked Port
Data Flow1
VLAN 100-200 Data Flow2
and VLAN 300-
400
To improve link use efficiency, only two logical rings can be configured in the same physical
ring in the ERPS multi-instance. A port may have different roles in different ERPS rings and
different ERPS rings use different control VLANs. A physical ring can have two blocked
ports accordingly. Each blocked port independently monitors the physical ring status and is
blocked or unblocked. An ERPS ring must be configured with an ERP instance, and each
ERP instance specifies a range of VLANs. The topology calculated for a specific ERPS ring
only takes effect in the ERPS ring. Different VLANs can use separate paths, implementing
traffic load balancing and link backup.
As shown in Figure 19-13, you can configure ERPS Ring1 and ERPS Ring2 in the physical
ring consisting of SwitchA through SwitchE. Interface1 is the blocked port in ERPS Ring1.
The VLANs mapping to the ERP instance is VLANs 100 to 200. Interface2 is the blocked
port in ERPS Ring2. The VLANs mapping to the ERP instance is VLANs 300 to 400. After
the configuration is completed, data from VLANs 100 to 200 is forwarded through Data
Flow1, and data from VLANs 300 to 400 is forwarded through Data Flow2. In this manner,
load balancing is implemented and link use efficiency is improved.
19.3 Application Scenarios for ERPS

Generally, redundant links are used on an Ethernet switching network to provide link backup
and enhance network reliability. The use of redundant links, however, may produce loops,
causing broadcast storms and rendering the MAC address table unstable. As a result,
communication quality deteriorates, and communication services may even be interrupted.
To prevent loops caused by redundant links, enable ERPS on the nodes of the ring network.
ERPS is a Layer 2 loop-breaking protocol defined by the ITU-T, and provides fast
convergence of carrier-class reliability standards.
Figure 19-14 Layer 2 application of ERPS
Network
Router1 Router2
SwitchE
SwitchA
ERPS SwitchD
SwitchB
RPL
RPL Owner
SwitchC
User User
network1 network3
User
network2
Blocked Port
Data Flow1
Data Flow2
Data Flow3
As shown in Figure 19-14, SwitchA through SwitchE constitute a ring. The ring runs ERPS
to provide protection switching for Layer 2 redundant links and prevent loops that cause
broadcast storms and render the MAC address table unstable.

Generally, the RPL owner port is blocked and does not forward service packets, preventing
loops. If a fault occurs on the link between SwitchA and SwitchB, ERPS will unblock the
blocked RPL owner port and traffic from User network1 and User network2 is forwarded
through the path SwitchC ->SwitchD ->SwitchE.
19.4 Summary of ERPS Configuration Tasks

After a single ERPS ring or intersecting ERPS ring is configured, a specified port can be
blocked to remove loops. Table 19-5 describes the ERPS configuration tasks.
Table 19-5 ERPS configuration tasks

Scenario Description Task
Configure ERPS single-ring You can configure ERPS 19.7 Configuring ERPSv1
networking single-ring networking when
there is only one ring in the
network topology.
Configure ERPS You can configure ERPS 19.8 Configuring ERPSv2

intersecting-ring networking intersecting-ring networking
when there are two or more
rings in the network
topology and many common
nodes between two rings.
Configure association ERPS cannot automatically 19.7.7 (Optional)

between ERPS and CFM detect link faults. When Configuring Association
there are transmission Between ERPS and
devices in an ERPS ring, Ethernet CFM
ERPS cannot detect whether
faults on transmission
devices cause slow
convergence and traffic
interruption. Association
between ERPS and CFM
solves this problem.
19.5 Licensing Requirements and Limitations for ERPS
Involved Network Elements

Other network elements are required to support ERPS functions.
Licensing Requirements
ERPS configuration commands are available only after the S1720GW, S1720GWR, and
S1720X have the license (WEB management to full management Electronic RTU License)
loaded and activated and the switches are restarted. ERPS configuration commands on other
models are not under license control.

For details about how to apply for a license, see S Series Switch License Use Guide.
Version Requirements
Table 19-6 Products and versions supporting ERPS
Product Product Software Version

Model
S1700 S1720GFR Not supported
S1720GW, V200R010C00, V200R011C00, V200R011C10

S1720GWR
S1720GW- V200R010C00, V200R011C00, V200R011C10

E,
S1720GWR-
E
S1720X, V200R011C00, V200R011C10

S1720X-E
Other S1700 Models that cannot be configured using commands. For

models details about features and versions, see S1700
Documentation Bookshelf.
S2700 S2700SI Not supported
S2700EI V100R005C01, V100R006(C00&C01&C03&C05)
S2710SI Not supported
S2720EI V200R006C10, V200R009C00, V200R010C00,

V200R011C10
S2750EI V200R003C00, V200R005C00SPC300, V200R006C00,

V200R007C00, V200R008C00, V200R009C00,
V200R010C00, V200R011C00, V200R011C10
S3700 S3700SI Not supported
S3700EI Not supported
S3700HI V200R001C00
S5700 S5700LI V200R001C00, V200R002C00,

V200R003(C00&C02&C10), V200R005C00SPC300,
V200R006C00, V200R007C00, V200R008C00,
V200R009C00, V200R010C00, V200R011C00,
V200R011C10
S5700S-LI Not supported
S5710-C-LI V200R001C00
S5710-X-LI V200R008C00, V200R009C00, V200R010C00,

V200R011C00, V200R011C10

Product Product Software Version

Model
S5700SI V200R001C00, V200R002C00, V200R003C00,

V200R005C00
S5700EI V200R001(C00&C01), V200R002C00, V200R003C00,

V200R005(C00&C01&C02&C03)
S5710EI V200R001C00, V200R002C00, V200R003C00,

V200R005(C00&C02)
S5720EI V200R007C00, V200R008C00, V200R009C00,

V200R010C00, V200R011C00, V200R011C10
S5700HI V200R001(C00&C01), V200R002C00, V200R003C00,

V200R005(C00&C01&C02)
S5710HI V200R003C00, V200R005(C00&C02&C03)
S5720HI V200R006C00, V200R007(C00&C10), V200R008C00,

V200R009C00, V200R010C00, V200R011C00,
V200R011C10
S5720LI, V200R010C00, V200R011C00, V200R011C10

S5720S-LI
S5720SI, V200R008C00, V200R009C00, V200R010C00,

S5720S-SI V200R011C00, V200R011C10
S5730SI V200R011C10
S5730S-EI V200R011C10
S6700 S6700EI V200R001(C00&C01), V200R002C00, V200R003C00,

V200R005(C00&C01&C02)
S6720EI V200R008C00, V200R009C00, V200R010C00,

V200R011C00, V200R011C10
S6720S-EI V200R009C00, V200R010C00, V200R011C00,

V200R011C10
S6720LI, V200R011C00, V200R011C10

S6720S-LI
S6720SI, V200R011C00, V200R011C10

S6720S-SI
NOTE
To know details about software mappings, see Hardware Query Tool.
Feature Limitations
l V200R002 and earlier versions support only ERPSv1.

l Before adding a port to an ERPS ring, ensure that port security has been disabled on the
port. Otherwise, loops cannot be eliminated.
l Before adding a port to an ERPS ring, ensure that the Spanning Tree Protocol (STP),
Rapid Ring Protection Protocol (RRPP), Smart Ethernet Protection (SEP), or Smart Link
is not enabled on the port.
l The service loopback function and ERPS cannot be configured on an Eth-Trunk
simultaneously.
l The S6700EI does not support association between an ERPS interface and Ethernet
CFM.
19.6 Default Settings for ERPS

Table 19-7 describes default ERPS settings.
Table 19-7 Default setting for ERPS

Parameter Default Setting
ERPS ring Not created
Guard timer 200 centiseconds
Wait to restore (WTR) timer 5 minutes
Holdoff timer 0 deciseconds
ERPS version ERPSv1
19.7.1 Creating an ERPS Ring
Context
ERPS works for ERPS rings. An ERPS ring consists of interconnected Layer 2 switching
devices configured with the same control VLAN and data VLAN. Before configuring other
ERPS functions, you must configure an ERPS ring.
Procedure
Step 1 Run:
system-view
The system view is displayed.
Step 2 Run:
erps ring ring-id

An ERPS ring is created and the ERPS ring view is displayed.
Step 3 (Optional) Run:

description
The description of the device is configured. The description can contain the ERPS ring ID,
which facilitate device maintenance in an ERPS ring.
By default, the description of an ERPS ring is the ERPS ring name, for example, Ring 1.
----End
19.7.2 Configuring the Control VLAN
Context
In an ERPS ring, the control VLAN is used only to forward RAPS PDUs but not service
packets, so the security of ERPS is improved. All the devices in an ERPS ring must be
configured with the same control VLAN, and different ERPS rings must use different control
VLANs.
Procedure
Step 1 Run:
system-view
Step 2 Run:
erps ring ring-id
The ERPS ring view is displayed.
Step 3 Run:
control-vlan vlan-id
The control VLAN of the ERPS ring is configured.
l The control VLAN specified by vlan-id must be a VLAN that has not been created or
used.
l If you run the control-vlan command multiple times, only the latest configuration takes
effect.
l If the ERPS ring contains ports, the control VLAN cannot be changed. To delete the
configured control VLAN, run the undo erps ring command in the interface view or the
undo port command in the ERPS ring view to delete ports from the ERPS ring, and run
the undo control-vlan command to delete the control VLAN.
l After a control VLAN is created, the vlan batch vlan-id1 [ to vlan-id2 ] &<1-10>
command used to create common VLANs is displayed in the configuration file.
l After a port is added to an ERPS ring configured with a control VLAN, the port is added
to the control VLAN.
– If the port is a trunk port, the port trunk allow-pass vlan vlan-id command is
displayed in the record of the port that has been added to the ERPS ring in the
configuration file.

– If the port is a hybrid port, the port hybrid tagged vlan vlan-id command is
configuration file.
----End
19.7.3 Configuring an ERP Instance and Activating the Mapping

Between the ERP Instance and VLAN
Context
transmitted must be mapped to an ERP instance so that ERPS forwards or blocks the packets
based on configured rules. If the mapping is not configured, the preceding packets may cause
broadcast storms on the ring network. As a result, the network becomes unavailable.
Procedure
Step 1 Run:
system-view

Step 2 Run:
erps ring ring-id

Step 3 Run:
protected-instance { all | { instance-id1 [ to instance-id2 ] &<1-10> } }
An ERP instance is created for the ERPS ring.

By default, no ERP instance is configured in an ERPS ring.
NOTE
l If the stp mode (system view) command is used to set the STP working mode to VLAN-based
Spanning Tree (VBST), the ERP instance specified by the protected-instance command must be the
created static instance.
l If you run the protected-instance command multiple times in the same ERPS ring, multiple ERP
instances are configured.
l If the ERPS ring contains ports, the ERP instance cannot be changed. To delete the configured ERP
instance, run the undo erps ring command in the interface view or the undo port command in the
ERPS ring view to delete ports from the ERPS ring, and run the undo protected instance command
to delete the ERP instance.
Step 4 Run:
quit

Step 5 Configure the mapping between an ERP instance and VLAN.
1. Run:
stp region-configuration
The Multiple Spanning Tree (MST) region view is displayed.

2. Run:
instance instance-id vlan { vlan-id [ to vlan-id ] } &<1-10>
The mapping between the ERP instance and VLAN is configured.

By default, all VLANs in an MST region are mapped to instance 0.
instance-id in this command must be the same as instance-id used by the protected-
instance command.
NOTE
– A VLAN cannot be mapped to multiple MSTIs. If you map a VLAN that has already been
mapped to an MSTI to another MSTI, the original mapping will be deleted.
– The vlan-mapping modulo modulo command configures the mapping between MSTIs and
VLANs based on the default algorithm. However, the mapping configured using this command
cannot always meet the actual demand. Therefore, running this command is not recommended.
– To configure the mapping between an ERP instance and a MUX VLAN, you are advised to
configure the principal VLAN, subordinate group VLANs, and subordinate separate VLANs
of the MUX VLAN in the same ERP instance. Otherwise, loops may occur.
3. Run:
active region-configuration
The mapping between the ERP instance and the VLAN is activated.
----End
19.7.4 Adding a Layer 2 Port to an ERPS Ring and Configuring the

Port Role
Context
After ERPS is configured, add Layer 2 ports to an ERPS ring and configure port roles so that
ERPS can work properly.
You can add a Layer 2 port to an ERPS ring in either of the following ways:
l In the ERPS ring view, add a specified port to the ERPS ring and configure the port role.
l In the interface view, add the current port to the ERPS ring and configure the port role.
NOTE
l A port can be added to at most two ERPS rings, but cannot be added to ERPS rings configured with
the same protected instance.
l An ERPS-enabled port needs to allow packets of control VLANs and data VLANs to pass through,
so the link type of the port must be configured as trunk or hybrid.
l Flush-FDB packets for updating MAC addresses cannot be separately sent, so do not configure a
direct link between two upstream nodes as the RPL.
l Before changing the port role, use the shutdown command to disable the port. When the port role is
changed, use the undo shutdown command to enable the port. This prevents traffic interruptions.
l Before adding an interface to an ERPS ring, disable port security on the interface; otherwise, loops
cannot be prevented.
Prerequisites
l The port is not a Layer 3 port. If the port is a Layer 3 port, run the portswitch command
to switch the port to the Layer 2 mode.

l Spanning Tree Protocol (STP), Rapid Ring Protection Protocol (RRPP), Smart Ethernet
Protection (SEP), or Smart Link is not enabled on the port.
– If the port has STP enabled, run the stp disable command in the interface view to
disable STP.
– If the port has RRPP enabled, run the undo ring ring-id command in the RRPP
domain view to disable RRPP.
– If the port has SEP enabled, run the undo sep segment segment-id command in the
interface view to disable SEP.
– If the port has Smart Link enabled, run the undo port command in the Smart Link
group view to disable Smart Link.
l The control-vlan command has been executed to configure a control VLAN and the
protected-instance command has been executed to configure an ERP instance.
Procedure
Step 1 Run:
system-view
Step 2 Add a Layer 2 port to an ERPS ring and configure the port role in either of the following
ways.
a. Run:
interface interface-type interface-number
The interface view is displayed.

b. Run:
stp disable
STP is disabled on the ERPS-enabled port.

c. Run:
port link-type trunk
The link type of the ERPS-enabled port is configured as trunk.

d. Run:
port trunk allow-pass vlan { { vlan-id1 [ to vlan-id2 ] }&<1-10> | all }
The VLANs allowed by the ERPS-enabled port are specified.

After the control-vlan command is used in the ERPS ring view to configure a
control VLAN and the port interface-type interface-number [ rpl owner ]
command is configured, the ports in the ERPS ring allow packets of the control
VLAN to pass through. Therefore, you need to specify only the IDs of data VLANs
in this step.
e. Run:
quit
Return to the system view.

f. Run:
erps ring ring-id

g. Run:
port interface-type interface-number [ rpl owner ]
The port is added to the ERPS ring and its role is configured. If rpl owner is
specified, the port is configured as an RPL owner port. If rpl owner is not
specified, the port is a common port.
a. Run:
The specified interface view is displayed.

b. Run:
stp disable

c. Run:

d. Run:

control VLAN and the port interface-type interface-number [ rpl owner ]
command is configured, the ports in the ERPS ring allow packets of the control
VLAN to pass through. Therefore, you need to specify only the IDs of data VLANs
in this step.
e. Run:
erps ring ring-id [ rpl owner ]
The current port is added to the ERPS ring and its role is configured. If rpl owner
is specified, the port is configured as an RPL owner port. If rpl owner is not
specified, the port is a common port.
----End
19.7.5 (Optional) Configuring Timers in an ERPS Ring
Context
After a link or node failure in an ERPS ring recovers, the device starts timers in the ERPS
ring to reduce traffic interruptions. This prevents network flapping.
Procedure
Step 1 Run:
system-view

Step 2 Run:
erps ring ring-id

Step 3 Configure the WTR timer, Guard timer, and Holdoff timer in the ERPS ring according to
actual networking.
l Run:
wtr-timer time-value
The WTR timer is set.

By default, the WTR timer is 5 minutes in an ERPS ring.
l Run:
guard-timer time-value
The Guard timer is set.

By default, the Guard timer is 200 centiseconds in an ERPS ring.
l Run:
holdoff-timer time-value
The Holdoff timer is set.

By default, the Holdoff timer is 0 deciseconds in an ERPS ring.
----End
19.7.6 (Optional) Configuring the MEL Value
Context
On a Layer 2 network running ERPS, if another fault detection protocol (for example, CFM)
is enabled, the MEL field in RAPS PDUs determines whether the RAPS PDUs can be
forwarded. If the MEL value in an ERPS ring is smaller than the MEL value of the fault
detection protocol, the RAPS PDUs have a lower priority and are discarded. If the MEL value
in an ERPS ring is larger than the MEL value of the fault detection protocol, the RAPS PDUs
can be forwarded. In addition, the MEL value can also be used for interworking with other
vendors' devices in an ERPS ring. The same MEL value ensures smooth communication
between devices.
Procedure
Step 1 Run:
system-view
Step 2 Run:
erps ring ring-id
Step 3 Run:
raps-mel level-id
The MEL value in the ERPS ring is set.
By default, the MEL value in RAPS PDUs is 7.
----End

19.7.7 (Optional) Configuring Association Between ERPS and

Ethernet CFM
Context
Association between Ethernet Connectivity Fault Management (CFM) and Ethernet Ring
Protection Switching (ERPS) on a port added to an ERPS ring accelerates fault detection,
implements fast convergence, and shortens traffic interruptions.
Before configuring association between ERPS and Ethernet CFM, configure basic CFM
functions on the port added to the ERPS ring. For details, see Configuring Basic Ethernet
CFM Functions in "CFM Configuration" in the S1720&S2700&S5700&S6720 V200R011C10
Configuration Guide - Reliability.
Procedure
Step 1 Run:
system-view
Step 2 Run:
Step 3 Run:
erps ring ring-id track cfm md md-name ma ma-name mep mep-id remote-mep rmep-id
ERPS is associated with Ethernet CFM to fast detect link failures.
The association between ERPS and CFM takes effect only when the interface has ERPS
associated with CFM and has an interface-based MEP created using the mep mep-id
command.
----End
Follow-up Procedure
After ERPS is associated with Ethernet CFM, ensure that the maintenance entity group level
(MEL) value of Ring Auto Protection Switching (RAPS) Protocol Data Units (PDUs) in
ERPS rings is larger than the MEL value in CFM protocol packets. Otherwise, Ethernet CFM
cannot allow RAPS PDUs to pass through. The MEL value can be used for interworking with
other vendors' devices in an ERPS ring. The same MEL value ensures smooth communication
between devices.
You can run the raps-mel level-id command in the ERPS ring view to set the MEL value in
RAPS PDUs.
By default, the MEL in RAPS PDUs is 7.

19.7.8 Verifying the ERPSv1 Configuration

Procedure
l Run the display erps [ ring ring-id ] [ verbose ] command to check the device ports
added to an ERPS ring and ERPS ring configurations.
l Run the display erps interface interface-type interface-number [ ring ring-id ]
command to check physical configurations of the port added to an ERPS ring.
----End
19.8.1 Creating an ERPS Ring
Context
ERPS works for ERPS rings. An ERPS ring consists of interconnected Layer 2 switching
devices configured with the same control VLAN and data VLAN. Before configuring other
ERPS functions, configure an ERPS ring.
Procedure
Step 1 Run:
system-view

Step 2 Run:
erps ring ring-id
An ERPS ring is created and the ERPS ring view is displayed.

By default, an ERPS ring configured using the erps ring ring-id command is a major ring.
Step 3 Run:
version v2
ERPSv2 is specified.
By default, ERPSv1 is used.
Before specifying ERPSv1 for an ERPSv2-enabled device, delete all ERPS configurations
that ERPSv1 does not support.
sub-ring
The ERPS ring is configured as a sub-ring.

By default, an ERPS ring is a major ring. Major rings are closed, and sub-rings are open. This
step is performed only when an existing ERPS ring needs to be used as a sub-ring.
An ERPS ring that has a port cannot be configured as a sub-ring. Before configuring an ERPS
ring that has a port as a sub-ring, run the undo erps ring command in the interface view or

the undo port command in the ERPS ring view to delete the port from the ERPS ring. Then
run the sub-ring command to configure the ERPS ring as a sub-ring.
virtual-channel { enable | disable }
The RAPS PDU transmission mode is specified in the sub-ring.

By default, sub-rings use non-virtual-channels (NVCs) to transmit RAPS PDUs. The default
transmission mode is recommended. When sub-ring links are noncontiguous, VCs must be
used. This step takes effect only in a sub-ring.
NOTE
If a virtual channel (VC) needs to be used, configure VCs on all nodes of a sub-ring and intersecting
point of the sub-ring and major ring.

description text
The description is configured for the ERPS ring.

By default, the description of an ERPS ring is the ERPS ring name, for example, Ring 1.
----End
19.8.2 Configuring the Control VLAN

Context
In an ERPS ring, the control VLAN is used only to forward RAPS PDUs but not service
packets, so the security of ERPS is improved. All the devices in an ERPS ring must be
configured with the same control VLAN, and different ERPS rings must use different control
VLANs.
Procedure
Step 1 Run:
system-view

Step 2 Run:
erps ring ring-id

Step 3 Run:
control-vlan vlan-id
The control VLAN of the ERPS ring is configured.

l The control VLAN specified by vlan-id must be a VLAN that has not been created or
used.
l If you run the control-vlan command multiple times, only the latest configuration takes
effect.
l If the ERPS ring contains ports, the control VLAN cannot be changed. To delete the
configured control VLAN, run the undo erps ring command in the interface view or the

undo port command in the ERPS ring view to delete ports from the ERPS ring, and run
the undo control-vlan command to delete the control VLAN.
l After a control VLAN is created, the vlan batch vlan-id1 [ to vlan-id2 ] &<1-10>
command used to create common VLANs is displayed in the configuration file.
l After a port is added to an ERPS ring configured with a control VLAN, the port is added
to the control VLAN.
– If the port is a trunk port, the port trunk allow-pass vlan vlan-id command is
configuration file.
– If the port is a hybrid port, the port hybrid tagged vlan vlan-id command is
configuration file.
----End
19.8.3 Configuring an ERP Instance and Activating the Mapping

Between the ERP Instance and VLAN
Context
transmitted must be mapped to an ERP instance so that ERPS forwards or blocks the packets
based on configured rules. If the mapping is not configured, the preceding packets may cause
broadcast storms on the ring network. As a result, the network becomes unavailable.
Procedure
Step 1 Run:
system-view

Step 2 Run:
erps ring ring-id

Step 3 Run:
protected-instance { all | { instance-id1 [ to instance-id2 ] &<1-10> } }
An ERP instance is created for the ERPS ring.

By default, no ERP instance is configured in an ERPS ring.
NOTE
l If the stp mode (system view) command is used to set the STP working mode to VLAN-based
Spanning Tree (VBST), the ERP instance specified by the protected-instance command must be the
created static instance.
l If you run the protected-instance command multiple times in the same ERPS ring, multiple ERP
instances are configured.
l If the ERPS ring contains ports, the ERP instance cannot be changed. To delete the configured ERP
instance, run the undo erps ring command in the interface view or the undo port command in the
ERPS ring view to delete ports from the ERPS ring, and run the undo protected instance command
to delete the ERP instance.

Step 4 Run:
quit

Step 5 Configure the mapping between an ERP instance and VLAN.
1. Run:
The Multiple Spanning Tree (MST) region view is displayed.

2. Run:
instance instance-id vlan { vlan-id [ to vlan-id ] } &<1-10>
The mapping between the ERP instance and VLAN is configured.

By default, all VLANs in an MST region are mapped to instance 0.
instance-id in this command must be the same as instance-id used by the protected-
instance command.
NOTE
– A VLAN cannot be mapped to multiple MSTIs. If you map a VLAN that has already been
mapped to an MSTI to another MSTI, the original mapping will be deleted.
– The vlan-mapping modulo modulo command configures the mapping between MSTIs and
VLANs based on the default algorithm. However, the mapping configured using this command
cannot always meet the actual demand. Therefore, running this command is not recommended.
– To configure the mapping between an ERP instance and a MUX VLAN, you are advised to
configure the principal VLAN, subordinate group VLANs, and subordinate separate VLANs
of the MUX VLAN in the same ERP instance. Otherwise, loops may occur.
3. Run:
The mapping between the ERP instance and the VLAN is activated.
----End
19.8.4 Adding a Layer 2 Port to an ERPS Ring and Configuring the

Port Role
Context
After ERPS is configured, add Layer 2 ports to an ERPS ring and configure port roles so that
ERPS can work properly.
You can add a Layer 2 port to an ERPS ring in either of the following ways:

NOTE
l A port can be added to a maximum of two ERPS rings.

l An ERPS-enabled port needs to allow packets of control VLANs and data VLANs to pass through,
so the link type of the port must be configured as trunk or hybrid.
l Flush-FDB packets for updating MAC addresses cannot be separately sent, so do not configure a
direct link between two upstream nodes as the RPL.
l Before changing the port role, use the shutdown command to disable the port. When the port role is
changed, use the undo shutdown command to enable the port. This prevents traffic interruptions.
l Before adding an interface to an ERPS ring, disable port security on the interface; otherwise, loops
cannot be prevented.
Prerequisites
l The port is not a Layer 3 port. If the port is a Layer 3 port, run the portswitch command
to switch the port to the Layer 2 mode.
l Spanning Tree Protocol (STP), Rapid Ring Protection Protocol (RRPP), Smart Ethernet
Protection (SEP), or Smart Link is not enabled on the port.
– If the port has STP enabled, run the stp disable command in the interface view to
disable STP.
– If the port has RRPP enabled, run the undo ring ring-id command in the RRPP
domain view to disable RRPP.
– If the port has SEP enabled, run the undo sep segment segment-id command in the
interface view to disable SEP.
– If the port has Smart Link enabled, run the undo port command in the Smart Link
group view to disable Smart Link.
l The control-vlan command has been executed to configure a control VLAN and the
protected-instance command has been executed to configure an ERP instance.
Procedure
Step 1 Run:
system-view

Step 2 Add a Layer 2 port to an ERPS ring and configure the port role in either of the following
ways.
a. Run:

b. Run:
stp disable

c. Run:

d. Run:


control VLAN and the port interface-type interface-number [ rpl { owner |
neighbour } ] command is configured, the ports in the ERPS ring allow packets of
the control VLAN to pass through. Therefore, you need to specify only the IDs of
data VLANs in this step.
e. Run:
quit

f. Run:
erps ring ring-id

g. Run:
port interface-type interface-number [ rpl { owner | neighbour } ]
The port is added to the ERPS ring and its role is configured.
a. Run:
The specified interface view is displayed.

b. Run:
stp disable

c. Run:

d. Run:

control VLAN and the port interface-type interface-number [ rpl { owner |
neighbour } ] command is configured, the ports in the ERPS ring allow packets of
the control VLAN to pass through. Therefore, you need to specify only the IDs of
data VLANs in this step.
e. Run:
erps ring ring-id [ rpl { owner | neighbour } ]
The current port is added to the ERPS ring and its role is configured.
----End
19.8.5 Configuring the Topology Change Notification Function

Context
If an upper-layer Layer 2 network is not notified of the topology change in an ERPS ring, the
MAC address entries remain unchanged on the upper-layer network and therefore user traffic
is interrupted. To ensure nonstop traffic transmission, configure the topology change
notification function and specify the ERPS rings that will be notified of the topology change.

In addition, if an ERPS ring frequently receives topology change notifications, its nodes will
have lower CPU processing capability and repeatedly update Flush-FDB packets, consuming
much bandwidth. To resolve this problem, set the topology change protection interval at
which topology change notifications are sent to suppress topology change notification
transmission, and set the maximum number of topology change notifications that can be
processed during the topology change protection interval to prevent frequent MAC address
and ARP entry updates.
Procedure
Step 1 Run:
system-view

Step 2 Run:
erps ring ring-id

Step 3 Run:
tc-notify erps ring { ring-id1 [ to ring-id2 ] } &<1-10>
The ERPS ring is configured to notify other ERPS rings of its topology change.
ring-id1 [ to ring-id2 ] specifies the start and end ring IDs of the ERPS rings that will be
notified of the topology change. Ensure that the ERPS rings specified by ring-id1 and ring-
id2 exist. If the specified rings do not exist, the topology change notification function does not
take effect.
After the ERPS rings receive the topology change notification from an ERPS ring, they send
Flush-FDB messages on their separate rings to instruct their nodes to update MAC addresses
so that user traffic is not interrupted.
tc-protection interval interval-value
The topology change protection interval at which topology change notification messages are
sent is set.
tc-protection threshold threshold-value
The number of times ERPS parses topology change notifications and updates forwarding
entries in the topology change protection interval is set.
The topology change protection interval is the one specified by the tc-protection interval
command.
----End
19.8.6 (Optional) Configuring ERPS Protection Switching
Context
To ensure that ERPS rings function normally when a node or link fails, configure revertive/
non-revertive switching, port blocking mode, and timers.

Procedure
Step 1 Run:
system-view

Step 2 Run:
erps ring ring-id

Step 3 Run:
revertive { enable | disable }
The protection switching mode is specified.

By default, ERPS rings use revertive switching.
Step 4 Run:
quit

Step 5 Run:

Step 6 Run:
erps ring ring-id protect-switch { force | manual }
A port blocking mode is specified.

The ERPS ring specified by ring ring-id must be the one to which the port belongs.
To delete the specified port blocking mode, run the clear command in the ERPS ring view.
Step 7 Run:
quit
----End
19.8.7 (Optional) Configuring Timers in an ERPS Ring
Context
After a link or node failure in an ERPS ring recovers, the device starts timers in the ERPS
ring to reduce traffic interruptions. This prevents network flapping.
Procedure
Step 1 Run:
system-view

Step 2 Run:
erps ring ring-id

Step 3 Configure the WTR timer, Guard timer, and Holdoff timer in the ERPS ring according to
actual networking.
l Run:
wtr-timer time-value
The WTR timer is set.

By default, the WTR timer is 5 minutes in an ERPS ring.
l Run:
guard-timer time-value
The Guard timer is set.

By default, the Guard timer is 200 centiseconds in an ERPS ring.
l Run:
holdoff-timer time-value
The Holdoff timer is set.

By default, the Holdoff timer is 0 deciseconds in an ERPS ring.
----End
19.8.8 (Optional) Configuring Association Between ERPS and

Ethernet CFM
Context
Association between Ethernet Connectivity Fault Management (CFM) and Ethernet Ring
Protection Switching (ERPS) on a port added to an ERPS ring accelerates fault detection,
implements fast convergence, and shortens traffic interruptions.
Before configuring association between ERPS and Ethernet CFM, configure basic CFM
functions on the port added to the ERPS ring. For details, see Configuring Basic Ethernet
CFM Functions in "CFM Configuration" in the S1720&S2700&S5700&S6720 V200R011C10
Configuration Guide - Reliability.
Procedure
Step 1 Run:
system-view

Step 2 Run:

Step 3 Run:
erps ring ring-id track cfm md md-name ma ma-name mep mep-id remote-mep rmep-id
ERPS is associated with Ethernet CFM to fast detect link failures.

The association between ERPS and CFM takes effect only when the interface has ERPS
associated with CFM and has an interface-based MEP created using the mep mep-id
command.
----End
Follow-up Procedure
After ERPS is associated with Ethernet CFM, ensure that the maintenance entity group level
(MEL) value of Ring Auto Protection Switching (RAPS) Protocol Data Units (PDUs) in
ERPS rings is larger than the MEL value in CFM protocol packets. Otherwise, Ethernet CFM
cannot allow RAPS PDUs to pass through. The MEL value can be used for interworking with
other vendors' devices in an ERPS ring. The same MEL value ensures smooth communication
between devices.
You can run the raps-mel level-id command in the ERPS ring view to set the MEL value in
RAPS PDUs.
By default, the MEL in RAPS PDUs is 7.
19.8.9 Verifying the ERPSv2 Configuration

Procedure
l Run the display erps [ ring ring-id ] [ verbose ] command to check the device ports
added to an ERPS ring and ERPS ring configurations.
l Run the display erps interface interface-type interface-number [ ring ring-id ]
command to check physical configurations of the port added to an ERPS ring.
----End
19.9 Configuring the ERPS over VPLS Function
Prerequisites
1. A routing protocol has been run on the PEs on the VPLS network to ensure that they can
communicate.
2. Basic MPLS capabilities have been configured on the VPLS network, and LDP LSPs has
been established.
3. VPLS connections have been established between each two PEs, and each Ethernet sub-
interface or VLANIF interface has been bound to a VSI.
4. Interfaces on CEs and PEs have been added to the ERPS ring.
Context
On the VPLS network shown in Figure 19-15, CEs are dual-homed to PEs. However, PE3
receives two copies of CE1 traffic from both PE1 and PE2. To resolve this problem, enable
ERPS on CE1, CE2, PE1, and PE2 and configure CE2's interface2 as an RPL owner port to
block traffic from CE1. In this way, CE1's traffic reaches PE3 over PE1 without traversing
CE2, thereby preventing any duplicate traffic or loops.
In Figure 19-15, the ERPS ring connects to a VPLS network through Ethernet sub-interfaces
or VLANIF interfaces. To ensure that the VPLS network can promptly detect topology

changes of the ERPS ring, enable topology change notification on the main interface through
which PE1 and PE2 access the ERPS ring.
Figure 19-15 Example for configuring ERPS over VPLS in scenarios where a CE is dual-
homed to PEs (through Ethernet sub-interfaces or VLANIF interfaces)
VPLS Network
CE1 PE1
interface1 interface1
interface2
interface2 interface1
ERPS PW
sub-ring PE3
PW interface2
interface2
interface1 interface1 interface2

CE2 PE2
RPL owner
Sub-interface
VLANIF interface
NOTE
Only the S5720EI, S5720HI, S6720EI, and S6720S-EI support this function.
Procedure
Step 1 Run:
system-view
Step 2 Run:
Step 3 Run:
erps vpls-subinterface enable
Topology change notification is enabled on the interface.
By default, the interface does not instruct VSI-bound sub-interfaces or VLANIF interfaces to
update MAC address entries promptly after the ERPS ring topology changes.
After topology change notification is enabled on the interface, when the forwarding status of
the interface changes to Discarding, its VSI-bound sub-interfaces or member interfaces of the
VLANIF interface will change to the Discarding state to prevent loops on the VPLS network
on which a CE is dual-homed to PEs.
----End

Verifying the Configuration

Run the display this command in the interface view to verify that topology change
notification is enabled.
19.10 Clearing ERPS Statistics
Context
Before recollecting ERPS statistics, run the reset erps command to clear existing ERPS
statistics.
NOTICE
The cleared ERPS statistics cannot be restored. Exercise caution when you run this command.
Procedure
Step 1 Run the reset erps [ ring ring-id ] statistics command to clear packet statistics in an ERPS
ring.
----End
19.11 Configuration Examples for ERPS
19.11.1 Example for Configuring ERPS Multi-instance
Networking Requirements
Figure 19-16 shows a network on which a multi-instance ERPS ring is used. SwitchA
through SwitchD constitute a ring network at the aggregation layer to implement service
aggregation at Layer 2 and process Layer 3 services. ERPS is used on the ring network to
provide protection switching for Layer 2 redundant links. ERPS ring 1 and ERPS ring 2 are
configured on SwitchA through SwitchD. P1 on SwitchB is a blocked port in ERPS ring 1,
and P2 on SwitchA is a blocked port in ERPS ring 2, implementing load balancing and link
backup.

Figure 19-16 ERPS multi-instance networking
Network
Router1 Router2
SwitchC GE0/0/1 SwitchD

GE0/0/2
GE0/0/1
GE0/0/2
ERPS
GE0/0/2
GE0/0/1
SwitchA P2 GE0/0/2
SwitchB
GE0/0/1 P1
VLAN: VLAN:
100~200 300~400
ERPS ring1
ERPS ring2
Blocked Port1
Blocked Port2
Data Flow1
Data Flow2
Configuration Roadmap
The configuration roadmap is as follows:
1. Configure the link type of all ports to be added to ERPS rings as trunk.
2. Create ERPS rings and configure control VLANs and Ethernet Ring Protection (ERP)
instances in the ERPS rings.
3. Add Layer 2 ports to ERPS rings and specify port roles.
4. Configure the Guard timers and WTR timers in the ERPS rings.
5. Configure Layer 2 forwarding on SwitchA through SwitchD.

Procedure
Step 1 Configure the link type of all ports to be added to an ERPS ring as trunk.
# Configure SwitchA.
<HUAWEI> system-view
[HUAWEI] sysname SwitchA
[SwitchA] interface gigabitethernet 0/0/1
[SwitchA-GigabitEthernet0/0/1] port link-type trunk
[SwitchA-GigabitEthernet0/0/1] quit
# Configure SwitchB.
[HUAWEI] sysname SwitchB
[SwitchB] interface gigabitethernet 0/0/1
[SwitchB-GigabitEthernet0/0/1] port link-type trunk
[SwitchB-GigabitEthernet0/0/1] quit
[SwitchB-GigabitEthernet0/0/2] port link-type trunk
# Configure SwitchC.
[HUAWEI] sysname SwitchC
[SwitchC] interface gigabitethernet 0/0/1
[SwitchC-GigabitEthernet0/0/1] port link-type trunk
[SwitchC-GigabitEthernet0/0/1] quit
[SwitchC-GigabitEthernet0/0/2] port link-type trunk
# Configure SwitchD.
[HUAWEI] sysname SwitchD
[SwitchD] interface gigabitethernet 0/0/1
[SwitchD-GigabitEthernet0/0/1] port link-type trunk
[SwitchD-GigabitEthernet0/0/1] quit
[SwitchD-GigabitEthernet0/0/2] port link-type trunk
Step 2 Create ERPS ring 1 and ERPS ring 2 and configure ERP instances in the two rings. Set the
control VLAN ID of ERPS ring 1 to 10 and the control VLAN ID of ERPS ring 2 to 20.
Enable ERPS ring 1 to transmit data packets from VLANs 100 to 200 and enable ERPS ring 2
to transmit data packets from VLANs 300 to 400.
[SwitchA] erps ring 1
[SwitchA-erps-ring1] control-vlan 10
[SwitchA-erps-ring1] protected-instance 1
[SwitchA-erps-ring1] quit
[SwitchA] stp region-configuration
[SwitchA-mst-region] instance 1 vlan 10 100 to 200
[SwitchA-mst-region] active region-configuration
[SwitchA-mst-region] quit

[SwitchA-mst-region] instance 2 vlan 20 300 to 400

[SwitchB] erps ring 1
[SwitchB-erps-ring1] control-vlan 10
[SwitchB-erps-ring1] protected-instance 1
[SwitchB-erps-ring1] quit
[SwitchB] stp region-configuration
[SwitchB-mst-region] instance 1 vlan 10 100 to 200
[SwitchB-mst-region] active region-configuration
[SwitchB-mst-region] quit
[SwitchB-erps-ring2] control-vlan 20
[SwitchB-erps-ring2] protected-instance 2
[SwitchB] stp region-configuration
[SwitchB-mst-region] instance 2 vlan 20 300 to 400
[SwitchB-mst-region] active region-configuration
[SwitchB-mst-region] quit
[SwitchC] erps ring 1
[SwitchC-erps-ring1] control-vlan 10
[SwitchC-erps-ring1] protected-instance 1
[SwitchC-erps-ring1] quit
[SwitchC] stp region-configuration
[SwitchC-mst-region] instance 1 vlan 10 100 to 200
[SwitchC-mst-region] active region-configuration
[SwitchC-mst-region] quit
[SwitchC-erps-ring2] control-vlan 20
[SwitchC-erps-ring2] protected-instance 2
[SwitchC] stp region-configuration
[SwitchC-mst-region] instance 2 vlan 20 300 to 400
[SwitchC-mst-region] active region-configuration
[SwitchC-mst-region] quit
[SwitchD] erps ring 1
[SwitchD-erps-ring1] control-vlan 10
[SwitchD-erps-ring1] protected-instance 1
[SwitchD-erps-ring1] quit
[SwitchD] stp region-configuration
[SwitchD-mst-region] instance 1 vlan 10 100 to 200
[SwitchD-mst-region] active region-configuration
[SwitchD-mst-region] quit
[SwitchD-erps-ring2] control-vlan 20
[SwitchD-erps-ring2] protected-instance 2
[SwitchD] stp region-configuration
[SwitchD-mst-region] instance 2 vlan 20 300 to 400
[SwitchD-mst-region] active region-configuration
[SwitchD-mst-region] quit
Step 3 Add Layer 2 ports to ERPS rings and specify port roles. Configure GE 0/0/1 on SwitchA and
GE 0/0/2 on SwitchB as their respective RPL owner ports.
[SwitchA-GigabitEthernet0/0/1] stp disable
[SwitchA-GigabitEthernet0/0/1] erps ring 1
[SwitchA-GigabitEthernet0/0/1] erps ring 2 rpl owner

[SwitchB-GigabitEthernet0/0/1] stp disable
[SwitchB-GigabitEthernet0/0/1] erps ring 1
[SwitchB-GigabitEthernet0/0/2] erps ring 1 rpl owner
[SwitchC-GigabitEthernet0/0/1] stp disable
[SwitchC-GigabitEthernet0/0/1] erps ring 1
[SwitchC-GigabitEthernet0/0/2] stp disable
[SwitchD-GigabitEthernet0/0/1] stp disable
[SwitchD-GigabitEthernet0/0/1] erps ring 1
[SwitchD-GigabitEthernet0/0/2] stp disable
Step 4 Configure the Guard timers and WTR timers in the ERPS rings.
[SwitchA-erps-ring1] wtr-timer 6
[SwitchA-erps-ring1] guard-timer 100
[SwitchB-erps-ring1] wtr-timer 6
[SwitchB-erps-ring1] guard-timer 100
[SwitchB-erps-ring2] wtr-timer 6
[SwitchB-erps-ring2] guard-timer 100

[SwitchC-erps-ring1] wtr-timer 6
[SwitchC-erps-ring1] guard-timer 100
[SwitchC-erps-ring2] wtr-timer 6
[SwitchC-erps-ring2] guard-timer 100
[SwitchD-erps-ring1] wtr-timer 6
[SwitchD-erps-ring1] guard-timer 100
[SwitchD-erps-ring2] wtr-timer 6
[SwitchD-erps-ring2] guard-timer 100
Step 5 Configure Layer 2 forwarding on SwitchA through SwitchD.

[SwitchA] vlan batch 100 to 200 300 to 400
[SwitchA-GigabitEthernet0/0/1] port trunk allow-pass vlan 100 to 200 300 to 400
[SwitchA-GigabitEthernet0/0/2] port trunk allow-pass vlan 100 to 200 300 to 400
[SwitchB] vlan batch 100 to 200 300 to 400
[SwitchB-GigabitEthernet0/0/1] port trunk allow-pass vlan 100 to 200 300 to 400
[SwitchB-GigabitEthernet0/0/2] port trunk allow-pass vlan 100 to 200 300 to 400
[SwitchC] vlan batch 100 to 200 300 to 400
[SwitchC-GigabitEthernet0/0/1] port trunk allow-pass vlan 100 to 200 300 to 400
[SwitchC-GigabitEthernet0/0/2] port trunk allow-pass vlan 100 to 200 300 to 400
[SwitchD] vlan batch 100 to 200 300 to 400
[SwitchD-GigabitEthernet0/0/1] port trunk allow-pass vlan 100 to 200 300 to 400
[SwitchD-GigabitEthernet0/0/2] port trunk allow-pass vlan 100 to 200 300 to 400
Step 6 Verify the configuration.

# After the network becomes stable, run the display erps command to check brief
information about the ERPS ring and ports added to the ERPS ring. SwitchB is used as an
example.

[SwitchB] display erps

D : Discarding
F : Forwarding
R : RPL Owner
N : RPL Neighbour
FS : Forced Switch
MS : Manual Switch
Total number of rings configured = 2
Ring Control WTR Timer Guard Timer Port 1 Port 2
ID VLAN (min) (csec)
--------------------------------------------------------------------------------
1 10 6 100 (F)GE0/0/1 (D,R)GE0/0/2
2 20 6 100 (F)GE0/0/1 (F)GE0/0/2
--------------------------------------------------------------------------------
# Run the display erps verbose command to check detailed information about the ERPS ring
and ports added to the ERPS ring. SwitchB is used as an example.
[SwitchB] display erps verbose
Ring ID : 1
Description : Ring 1
Control Vlan : 10
Protected Instance : 1
Service Vlan : 100 to 200
WTR Timer Setting (min) : 6 Running (s) : 0
Guard Timer Setting (csec) : 100 Running (csec) : 0
Holdoff Timer Setting (deciseconds) : 0 Running (deciseconds) : 0
WTB Timer Running (csec) : 0
Ring State : Idle
RAPS_MEL : 7
Revertive Mode : Revertive
R-APS Channel Mode : -
Version : 1
Sub-ring : No
Forced Switch Port : -
Manual Switch Port : -
TC-Notify : -
Time since last topology change : 0 days 0h:35m:5s
--------------------------------------------------------------------------------
Port Port Role Port Status Signal Status
--------------------------------------------------------------------------------
GE0/0/1 Common Forwarding Non-failed
GE0/0/2 RPL Owner Discarding Non-failed
Ring ID : 2
Control Vlan : 20
Ring State : Idle
RAPS_MEL : 7
Version : 1
Sub-ring : No
TC-Notify : -
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
----End

Configuration Files
l SwitchA configuration file
#
sysname SwitchA
#
vlan batch 10 20 100 to 200 300 to 400
#
instance 1 vlan 10 100 to 200
#
erps ring 1
control-vlan 10
protected-instance 1
wtr-timer 6
guard-timer 100
erps ring 2
control-vlan 20
wtr-timer 6
guard-timer 100
#
interface GigabitEthernet0/0/1
port trunk allow-pass vlan 10 20 100 to 200 300 to 400
stp disable
erps ring 1
erps ring 2 rpl owner
#
stp disable
erps ring 1
erps ring 2
#
return
l SwitchB configuration file

#
sysname SwitchB
#
vlan batch 10 20 100 to 200 300 to 400
#
#
erps ring 1
control-vlan 10
wtr-timer 6
guard-timer 100
erps ring 2
control-vlan 20
wtr-timer 6
guard-timer 100
#
stp disable
erps ring 1
erps ring 2
#

stp disable
erps ring 2
#
return
l SwitchC configuration file
#
sysname SwitchC
#
vlan batch 10 20 100 to 200 300 to 400
#
#
erps ring 1
control-vlan 10
wtr-timer 6
guard-timer 100
erps ring 2
control-vlan 20
wtr-timer 6
guard-timer 100
#
stp disable
erps ring 1
erps ring 2
#
stp disable
erps ring 1
erps ring 2
#
return
l SwitchD configuration file
#
sysname SwitchD
#
vlan batch 10 20 100 to 200 300 to 400
#
#
erps ring 1
control-vlan 10
wtr-timer 6
guard-timer 100
erps ring 2
control-vlan 20
wtr-timer 6
guard-timer 100
#


stp disable
erps ring 1
erps ring 2
#
stp disable
erps ring 1
erps ring 2
#
return
19.11.2 Example for Configuring Intersecting ERPS Rings
As shown in Figure 19-17, intersecting ERPS rings are used. SwitchA, SwitchB, SwitchC,
and SwitchD constitute the major ring, and SwitchA, LSW1, LSW2, LSW3, and SwitchD
constitute a sub-ring.

Figure 19-17 Networking of intersecting ERPS rings
Network
Router1 Router2
GE0/0/2
SwitchB GE0/0/2 SwitchC

GE0/0/1
GE0/0/1
major ring
ring 1
GE0/0/2 SwitchA SwitchD GE0/0/2
GE0/0/3
GE0/0/1 GE0/0/3 GE0/0/1
GE0/0/1 sub-ring GE0/0/2
ring 2 LSW3
LSW1
GE0/0/2 GE0/0/1
GE0/0/1 GE0/0/2
LSW2 RPL owner
1. Configure the link type of all ports to be added to ERPS rings as trunk.
2. Create ERPS rings and configure control VLANs and Ethernet Ring Protection (ERP)
instances in the ERPS rings.
3. Specify the ERPS version and configure a sub-ring.
4. Add Layer 2 ports to ERPS rings and specify port roles.
5. Configure the topology change notification and TC protection.
6. Configure the Guard timers and WTR timers in the ERPS rings.
7. Configure Layer 2 forwarding on SwitchA through SwitchD and LSW1 through LSW3.

Procedure
Step 1 Configure the link type of all ports to be added to ERPS rings as trunk.
# Configure SwitchA. The configurations of SwitchB, SwitchC, SwitchD, LSW1, LSW2, and
LSW3 are similar to the configuration of SwitchA, and are not mentioned here.
[HUAWEI] sysname SwitchA
Step 2 Create ERPS ring 1 and ERPS ring 2 and configure ERP instances in the two rings. Set the
control VLAN ID of ERPS ring 1 to 10 and the control VLAN ID of ERPS ring 2 to 20.
Enable ERPS rings 1 and 2 to transmit data packets from VLANs 100 to 200.
[SwitchA-mst-region] instance 1 vlan 10 20 100 to 200
Step 3 Specify ERPSv2 and configure ERPS ring 2 as a sub-ring.

LSW3 are similar to the configurations of SwitchA, and are not mentioned here.
[SwitchA-erps-ring1] version v2
[SwitchA-erps-ring2] version v2
[SwitchA-erps-ring2] sub-ring
Step 4 Add the ports to ERPS rings and specify port roles. Configure GE0/0/1 on SwitchB and
GE0/0/2 on LSW3 as their respective RPL owner ports.
# Configure SwitchA. The configurations of SwitchC, SwitchD, LSW1, and LSW2 are
similar to the configurations of SwitchA, and are not mentioned here.


# Configure SwitchB. The configurations of LSW3 are similar to the configurations of

SwitchB, and are not mentioned here.
[SwitchB-GigabitEthernet0/0/1] erps ring 1 rpl owner
Step 5 Configure the topology change notification function and TC protection on SwitchA and
SwitchD (interconnecting nodes).
[SwitchA-erps-ring1] tc-protection interval 200
[SwitchA-erps-ring1] tc-protection threshold 60
[SwitchA-erps-ring2] tc-notify erps ring 1
[SwitchD-erps-ring1] tc-protection interval 200
[SwitchD-erps-ring1] tc-protection threshold 60
[SwitchD-erps-ring2] tc-notify erps ring 1
Step 6 Configure the Guard timers and WTR timers in the ERPS rings.
Step 7 Configure Layer 2 forwarding on SwitchA through SwitchD.

[SwitchA] vlan batch 100 to 200
[SwitchA-GigabitEthernet0/0/1] port trunk allow-pass vlan 100 to 200


# After the network becomes stable, run the display erps command to check brief
information about the ERPS ring and ports added to the ERPS ring. SwitchB is used as an
example.
[SwitchB] display erps
D : Discarding
F : Forwarding
R : RPL Owner
N : RPL Neighbour
FS : Forced Switch
MS : Manual Switch
--------------------------------------------------------------------------------
1 10 6 100 (D,R)GE0/0/1 (F)GE0/0/2
--------------------------------------------------------------------------------
# Run the display erps verbose command to check detailed information about the ERPS ring
and ports added to the ERPS ring.
[SwitchB] display erps verbose
Ring ID : 1
Control Vlan : 10
Ring State : Idle
RAPS_MEL : 7
Version : 2
Sub-ring : No
TC-Notify : -
--------------------------------------------------------------------------------
--------------------------------------------------------------------------------
GE0/0/1 RPL Owner Discarding Non-failed
----End
Configuration Files
l SwitchA configuration file
#
sysname SwitchA
#
vlan batch 10 20 100 to 200
#
instance 1 vlan 10 20 100 to 200
#
erps ring 1
control-vlan 10
wtr-timer 6

guard-timer 100
version v2
tc-protection interval 200
tc-protection threshold 60
erps ring 2
control-vlan 20
wtr-timer 6
guard-timer 100
version v2
sub-ring
tc-notify erps ring 1
#
port trunk allow-pass vlan 20 100 to 200
stp disable
erps ring 2
#
stp disable
erps ring 1
#
stp disable
erps ring 1
#
return
l SwitchB configuration file
#
sysname SwitchB
#
vlan batch 10 100 to 200
#
#
erps ring 1
control-vlan 10
wtr-timer 6
guard-timer 100
version v2
#
stp disable
#
stp disable
erps ring 1
#
return
l SwitchC configuration file
#
sysname SwitchC
#
#

#
erps ring 1
control-vlan 10
wtr-timer 6
guard-timer 100
version v2
#
stp disable
erps ring 1
#
stp disable
erps ring 1
#
return
l SwitchD configuration file

#
sysname SwitchD
#
vlan batch 10 20 100 to 200
#
instance 1 vlan 10 20 100 to 200
#
erps ring 1
control-vlan 10
wtr-timer 6
guard-timer 100
version v2
tc-protection interval 200
tc-protection threshold 60
erps ring 2
control-vlan 20
wtr-timer 6
guard-timer 100
version v2
sub-ring
tc-notify erps ring 1
#
stp disable
erps ring 2
#
stp disable
erps ring 1
#
stp disable
erps ring 1

#
return
l LSW1 configuration file
#
sysname LSW1
#
#
#
erps ring 2
control-vlan 20
wtr-timer 6
guard-timer 100
version v2
sub-ring
#
stp disable
erps ring 2
#
stp disable
erps ring 2
#
return
#
sysname LSW2
#
#
#
erps ring 2
control-vlan 20
wtr-timer 6
guard-timer 100
version v2
sub-ring
#
stp disable
erps ring 2
#
stp disable
erps ring 2
#
return
#
sysname LSW3

#
#
#
erps ring 2
control-vlan 20
wtr-timer 6
guard-timer 100
version v2
sub-ring
#
stp disable
erps ring 2
#
stp disable
#
return
19.11.3 Example for Configuring ERPS over VPLS in Scenarios

Where a CE Is Dual-Homed to PEs (Through Ethernet Sub-
interfaces)
To configure ERPS over VPLS in scenarios where a CE is dual-homed to PEs, enable ERPS
on CE1, CE2, PE1, and PE2 and configure the ERPS sub-ring to access the VPLS network in
NVC mode. Using Ethernet sub-interfaces to access the VPLS network must have the TC
notification function enabled so that the VPLS network can have ARP and MAC address
entries updated promptly after receiving TC packets. On the VPLS network shown in Figure
19-18, CEs are dual-homed to PEs through Ethernet sub-interfaces. However, this networking
will cause PE3 to receive two copies of CE1 traffic from both PE1 and PE2. To resolve this
problem, enable ERPS on CE1, CE2, PE1, and PE2 and configure CE2's GE0/0/2 as an RPL
owner port to block traffic from CE1. In this way, CE1's traffic reaches PE3 over PE1 without
traversing CE2, thereby preventing any duplicate traffic or loops.
In Figure 19-18, the ERPS ring connects to a VPLS network through Ethernet sub-interfaces.

Figure 19-18 Configuring ERPS over VPLS in scenarios where a CE is dual-homed to PEs
(through Ethernet sub-interfaces)
VPLS Network
CE1 PE1
GE0/0/1 GE0/0/1.1
GE0/0/2
GE0/0/2 GE0/0/1
ERPS PW PE3
sub-ring GE0/0/3.1
PW GE0/0/2
GE0/0/2
GE0/0/1 GE0/0/1.1 GE0/0/2

CE2 PE2
RPL owner
Sub-interface
NOTE
This section uses CE dual-homing scenarios as an example. The configurations of ERPS over VPLS in
CE single-homing scenarios are similar to those in CE dual-homing scenarios.
The IP addresses of the interfaces on PE1, PE2, and PE3 are listed in Table 19-8.
Table 19-8 Data planning

Device Name Interface Name Interface IP Address
PE1 GE0/0/1.1 --
GE0/0/2 10.1.1.1/24
Loopback1 1.1.1.1/32
PE2 GE0/0/1.1 --
GE0/0/2 10.2.1.1/24
PE3 GE0/0/1 10.1.1.2/24
GE0/0/2 10.2.1.2/24
GE0/0/3.1 --

1. Run an IGP protocol on the PEs to ensure that they can communicate on the VPLS
network.
2. Configure basic MPLS capabilities on the VPLS network, and establish LDP LSPs.
3. Establish VPLS connections between every two PEs and bind each Ethernet sub-
interface to a VSI.
4. Configure ERPS, including:
– Enable ERPS on CE1, CE2, PE1, and PE2.
– Configure CE2's GE0/0/2 as an RPL owner port.
Data Preparation
To complete the configuration, you need the following data:
l Data needed for configuring OSPF: IP address of each interface, OSPF process ID, and
OSPF domain ID
l MPLS LSR ID (as the MPLS peer address)
l VSI name and VSI ID
l Names of the VSI-bound Ethernet sub-interfaces
l ERPS ring ID, control VLAN ID, and RPL owner port number
Procedure
Step 1 Assign an IP address to each interface and configure an IGP on the VPLS network to allow
PEs to communicate. This example uses OSPF as the IGP.
When configuring OSPF, advertise the 32-bit IP addresses of loopback interfaces, which are
used as LSR IDs, on the PEs.
For configuration details, see Configuration Files in this section.
Step 2 Configure basic MPLS capabilities on the MPLS backbone network, and set up LDP LSPs
among the PEs.
# Configure PE1.
[PE1] mpls lsr-id 1.1.1.1
[PE1] mpls
[PE1-mpls] quit
[PE1] mpls ldp
[PE1-mpls-ldp] quit
[PE1] interface gigabitethernet 0/0/2
[PE1-GigabitEthernet0/0/2] mpls
[PE1-GigabitEthernet0/0/2] mpls ldp
[PE1-GigabitEthernet0/0/2] quit
# Configure PE2.
[PE2] mpls
[PE2-mpls] quit
[PE2] mpls ldp
[PE2-mpls-ldp] quit
# Configure PE3.


[PE3] mpls
[PE3-mpls] quit
[PE3] mpls ldp
[PE3-mpls-ldp] quit
Step 3 Enable MPLS L2VPN on the PEs.

# Configure PE1.
[PE1] mpls l2vpn
[PE1-l2vpn] quit
# Configure PE2.
[PE2] mpls l2vpn
[PE2-l2vpn] quit
# Configure PE3.
[PE3] mpls l2vpn
[PE3-l2vpn] quit
Step 4 Configure a VPLS network.

# Configure PE1.
[PE1] vsi s1 static
[PE1-vsi-s1] pwsignal ldp
[PE1-vsi-s1-ldp] vsi-id 10
[PE1-vsi-s1-ldp] peer 3.3.3.3
[PE1-vsi-s1-ldp] quit
[PE1-vsi-s1] quit
[PE1] interface gigabitethernet 0/0/1.1
[PE1-GigabitEthernet0/0/1.1] shutdown
[PE1-GigabitEthernet0/0/1.1] dot1q termination vid 10
[PE1-GigabitEthernet0/0/1.1] l2 binding vsi s1
[PE1-GigabitEthernet0/0/1.1] undo shutdown
[PE1-GigabitEthernet0/0/1.1] quit
# Configure PE2.
[PE2] vsi s1 static
[PE2-vsi-s1] quit
# Configure PE3.
[PE3] vsi s1 static

[PE3-vsi-s1] quit
Step 5 Configure ERPS on PE1, PE2, CE1, and CE2.

# Configure PE1.
[PE1] erps ring 1
[PE1-erps-ring1] control-vlan 100
[PE1-erps-ring1] protected-instance 1
[PE1-erps-ring1] version v2
[PE1-erps-ring1] sub-ring
[PE1-erps-ring1] quit
[PE1] stp region-configuration
[PE1-mst-region] instance 1 vlan 10 100
[PE1-mst-region] active region-configuration
[PE1-mst-region] quit
[PE1-GigabitEthernet0/0/1] port link-type trunk
[PE1-GigabitEthernet0/0/1] stp disable
[PE1-GigabitEthernet0/0/1] erps ring 1
[PE1-GigabitEthernet0/0/1] erps vpls-subinterface enable
# Configure PE2.
[PE2] erps ring 1
# Configure CE1.
<Switch> system-view
[Switch] sysname CE1
[CE1] erps ring 1
[CE1-erps-ring1] control-vlan 100
[CE1-erps-ring1] protected-instance 1
[CE1-erps-ring1] version v2
[CE1-erps-ring1] sub-ring
[CE1-erps-ring1] quit
[CE1] stp region-configuration
[CE1-mst-region] instance 1 vlan 10 100
[CE1-mst-region] active region-configuration
[CE1-mst-region] quit
[CE1] interface gigabitethernet 0/0/1
[CE1-GigabitEthernet0/0/1] port link-type trunk
[CE1-GigabitEthernet0/0/1] port trunk allow-pass vlan 10
[CE1-GigabitEthernet0/0/1] stp disable
[CE1-GigabitEthernet0/0/1] erps ring 1
[CE1-GigabitEthernet0/0/1] quit


# Configure CE2.
[CE2] erps ring 1
[CE2-GigabitEthernet0/0/2] erps ring 1 rpl owner
After completing the configuration, run the display vsi name s1 verbose command on PE3.
The command output shows that PE3 has established PWs with PE1 (1.1.1.1) and PE2
(2.2.2.2).
[PE3] display vsi name s1 verbose
***VSI Name : s1
Administrator VSI : no
Isolate Spoken : disable
VSI Index : 2
PW Signaling : ldp
Member Discovery Style : static
PW MAC Learn Style : unqualify
Encapsulation Type : vlan
MTU : 1500
Diffserv Mode : uniform
Mpls Exp : --
DomainId : 255
Domain Name :
Ignore AcState : disable
P2P VSI : disable
Create Time : 0 days, 1 hours, 19 minutes, 38 seconds
VSI State : up
VSI ID : 10
*Peer Router ID : 1.1.1.1
Negotiation-vc-id : 10
primary or secondary : primary
ignore-standby-state : no
VC Label : 32891
Peer Type : dynamic
Session : up
Tunnel ID : 0x0000000001004c4b41
Broadcast Tunnel ID : --
Broad BackupTunnel ID : --

CKey : 2
NKey : 1862271177
Stp Enable : 0
PwIndex : 1
Control Word : disable
BFD for PW : unavailable
VC Label : 32892
Peer Type : dynamic
Session : up
Tunnel ID : 0x0000000001004c4b42
CKey : 2
NKey : 1862271178
Stp Enable : 0
PwIndex : 2
**PW Information:
*Peer Ip Address : 1.1.1.1

PW State : up
Local VC Label : 32891
Remote VC Label : 32890
Remote Control Word : disable
PW Type : label
Local VCCV : alert lsp-ping bfd
Remote VCCV : alert lsp-ping bfd
Tunnel ID : 0x0000000001004c4b41
Ckey : 2
Nkey : 1862271177
Main PW Token : 0x0
Slave PW Token : 0x0
Tnl Type : ldp
OutInterface : LDP LSP
Backup OutInterface : --
Stp Enable : 0
PW Last Up Time : 2016/06/14 17:35:12
PW Total Up Time : 0 days, 1 hours, 19 minutes, 38 seconds
PW State : up
PW Type : label
Tunnel ID : 0x0000000001004c4b42
Ckey : 2
Nkey : 1862271178
Main PW Token : 0x0
Tnl Type : ldp
Stp Enable : 0
PW Last Up Time : 2016/06/14 10:35:45
The command output also shows that the link between CE1 and CE2 is blocked.

[CE2] display erps

D : Discarding
F : Forwarding
R : RPL Owner
N : RPL Neighbour
FS : Forced Switch
MS : Manual Switch
--------------------------------------------------------------------------------
1 100 5 200 (F)GE0/0/1 (D,R)GE0/0/2
--------------------------------------------------------------------------------
----End
Configuration Files
l PE1 configuration file
#
sysname PE1
#
vlan batch 100
#
instance 1 vlan 10 100
#
erps ring 1
control-vlan 100
version v2
sub-ring
#
mpls lsr-id 1.1.1.1
#
mpls
#
mpls l2vpn
#
vsi s1 static
pwsignal ldp
vsi-id 10
peer 3.3.3.3
#
mpls ldp
#
port trunk allow-pass vlan 100
stp disable
erps ring 1
#
interface GigabitEthernet0/0/1.1
dot1q termination vid 10
l2 binding vsi s1
#
undo portswitch
ip address 10.1.1.1 255.255.255.0
mpls
mpls ldp
#
interface LoopBack1
ip address 1.1.1.1 255.255.255.255
#
ospf 1

area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 10.1.1.0 0.0.0.255
#
return
#
sysname PE2
#
vlan batch 100
#
#
erps ring 1
control-vlan 100
version v2
sub-ring
#
mpls lsr-id 2.2.2.2
#
mpls
#
mpls l2vpn
#
vsi s1 static
pwsignal ldp
vsi-id 10
peer 3.3.3.3
#
mpls ldp
#
stp disable
erps ring 1
#
l2 binding vsi s1
#
undo portswitch
ip address 10.2.1.1 255.255.255.0
mpls
mpls ldp
#
interface LoopBack1
ip address 2.2.2.2 255.255.255.255
#
ospf 1
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 10.2.1.0 0.0.0.255
#
return
#
sysname PE3
#
mpls lsr-id 3.3.3.3
#
mpls
#

mpls l2vpn
#
vsi s1 static
pwsignal ldp
vsi-id 10
peer 1.1.1.1
peer 2.2.2.2
#
mpls ldp
#
undo portswitch
ip address 10.1.1.2 255.255.255.0
mpls
mpls ldp
#
undo portswitch
ip address 10.2.1.2 255.255.255.0
mpls
mpls ldp
#
l2 binding vsi s1
#
interface LoopBack1
ip address 3.3.3.3 255.255.255.255
#
ospf 1
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 10.1.1.0 0.0.0.255
network 10.2.1.0 0.0.0.255
#
return
l CE1 configuration file
#
sysname CE1
#
vlan batch 10 100
#
#
erps ring 1
control-vlan 100
version v2
sub-ring
#
port trunk allow-pass vlan 10 100
stp disable
erps ring 1
#
stp disable
erps ring 1
#
return
#
sysname CE1

#
vlan batch 10 100
#
#
erps ring 1
control-vlan 100
version v2
sub-ring
#
stp disable
erps ring 1
#
stp disable
#
return
19.11.4 Example for Configuring ERPS over VPLS in Scenarios

Where a CE Is Dual-Homed to PEs (Through VLANIF Interfaces)
To configure ERPS over VPLS in scenarios where a CE is dual-homed to PEs, enable ERPS
on CE1, CE2, PE1, and PE2 and configure the ERPS sub-ring to access the VPLS network in
NVC mode. Using VLANIF interfaces to access the VPLS network must have the TC
notification function enabled so that the VPLS network can have ARP and MAC address
entries updated promptly after receiving TC packets. On the VPLS network shown in Figure
19-19, CEs are dual-homed to PEs. However, this networking will cause PE3 to receive two
copies of CE1 traffic from both PE1 and PE2. To resolve this problem, enable ERPS on CE1,
CE2, PE1, and PE2 and configure CE2's GE0/0/2 as an RPL owner port to block traffic from
CE1. In this way, CE1's traffic reaches PE3 over PE1 without traversing CE2, thereby
preventing any duplicate traffic or loops.
In Figure 19-19, the ERPS ring connects to a VPLS ring through VLANIF interfaces.

Figure 19-19 Configuring ERPS over VPLS in scenarios where CE1 is dual-homed to PE1
and PE2 through VLANIF interfaces
VPLS Network
CE1 PE1
GE0/0/1 VLANIF10
GE0/0/2
GE0/0/2 GE0/0/1
ERPS PW PE3
sub-ring VLANIF10
PW GE0/0/2
GE0/0/2
GE0/0/1 VLANIF10 GE0/0/2

CE2 PE2
RPL owner
Sub-interface
NOTE
This section uses CE dual-homing scenarios as an example. The configurations of ERPS over VPLS in
CE single-homing scenarios are similar to those in CE dual-homing scenarios.
The IP addresses of the interfaces on PE1, PE2, and PE3 are listed in Table 19-9.
Table 19-9 Data planning

Device Name Interface Name Interface IP Address
PE1 GE0/0/1 --
GE0/0/2 10.1.1.1/24
PE2 GE0/0/1 --
GE0/0/2 10.2.1.1/24
PE3 GE0/0/1 10.1.1.2/24
GE0/0/2 10.2.1.2/24
GE0/0/3 --

1. Run an IGP protocol on the PEs to ensure that they can communicate on the VPLS
network.
2. Configure basic MPLS capabilities on the VPLS network, and establish LDP LSPs.
3. Establish VPLS connections between each two PEs and bind each VLANIF interface to
a VSI.
4. Configure ERPS, including:
– Enable ERPS on CE1, CE2, PE1, and PE2.
– Configure CE2's GE0/0/2 as an RPL owner port.
Data Preparation
To complete the configuration, you need the following data:
l Data needed for configuring OSPF: IP address of each interface, OSPF process ID, and
OSPF domain ID
l MPLS LSR ID (as the MPLS peer address)
l VSI name and VSI ID
l VSI-bound VLANIF interfaces
l ERPS ring ID, control VLAN ID, and RPL owner port number
Procedure
Step 1 Assign an IP address to each interface and configure an IGP on the VPLS network to allow
PEs to communicate. This example uses OSPF as the IGP.
When configuring OSPF, advertise the 32-bit IP addresses of loopback interfaces, which are
used as LSR IDs, on the PEs.
For configuration details, see Configuration Files in this section.
Step 2 Configure basic MPLS capabilities on the MPLS backbone network, and set up LDP LSPs
among the PEs.
# Configure PE1.
[PE1] mpls
[PE1-mpls] quit
[PE1] mpls ldp
[PE1-mpls-ldp] quit
# Configure PE2.
[PE2] mpls
[PE2-mpls] quit
[PE2] mpls ldp
[PE2-mpls-ldp] quit
# Configure PE3.


[PE3] mpls
[PE3-mpls] quit
[PE3] mpls ldp
[PE3-mpls-ldp] quit
Step 3 Enable MPLS L2VPN on the PEs.

# Configure PE1.
[PE1] mpls l2vpn
[PE1-l2vpn] quit
# Configure PE2.
[PE2] mpls l2vpn
[PE2-l2vpn] quit
# Configure PE3.
[PE3] mpls l2vpn
[PE3-l2vpn] quit
Step 4 Configure a VPLS network.

# Configure PE1.
[PE1] vsi s1 static
[PE1-vsi-s1] quit
[PE1] vlan 10
[PE1-vlan10] quit
[PE1] interface vlanif10
[PE1-Vlanif10] l2 binding vsi s1
[PE1-Vlanif10] quit
# Configure PE2.
[PE2] vsi s1 static
[PE2-vsi-s1] quit
[PE2] vlan 10
[PE2-vlan10] quit
[PE2-Vlanif10] quit
# Configure PE3.
[PE3] vsi s1 static
[PE3-vsi-s1] quit

[PE3] vlan 10
[PE3-vlan10] quit
[PE3-GigabitEthernet0/0/3] port trunk allow-pass vlan 10
[PE3-Vlanif10] quit
Step 5 Configure ERPS on PE1, PE2, CE1, and CE2.

# Configure PE1.
[PE1] erps ring 1
# Configure PE2.
[PE2] erps ring 1
# Configure CE1.
[CE1] erps ring 1


# Configure CE2.
[CE2] erps ring 1
[CE2-GigabitEthernet0/0/2] erps ring 1 rpl owner
After completing the configuration, run the display vsi name s1 verbose command on PE3.
The command output shows that PE3 has established PWs with PE1 (1.1.1.1) and PE2
(2.2.2.2).
[PE3] display vsi name s1 verbose
***VSI Name : s1
Administrator VSI : no
Isolate Spoken : disable
VSI Index : 2
PW Signaling : ldp
Member Discovery Style : static
PW MAC Learn Style : unqualify
Encapsulation Type : vlan
MTU : 1500
Diffserv Mode : uniform
Mpls Exp : --
DomainId : 255
Domain Name :
Ignore AcState : disable
P2P VSI : disable
Create Time : 0 days, 1 hours, 19 minutes, 38 seconds
VSI State : up
VSI ID : 10
VC Label : 32891
Peer Type : dynamic
Session : up

Tunnel ID : 0x0000000001004c4b41
CKey : 2
NKey : 1862271177
Stp Enable : 0
PwIndex : 1
VC Label : 32892
Peer Type : dynamic
Session : up
Tunnel ID : 0x0000000001004c4b42
CKey : 2
NKey : 1862271178
Stp Enable : 0
PwIndex : 2
**PW Information:

PW State : up
PW Type : label
Tunnel ID : 0x0000000001004c4b41
Ckey : 2
Nkey : 1862271177
Main PW Token : 0x0
Tnl Type : ldp
Stp Enable : 0
PW Last Up Time : 2016/06/14 17:35:12
PW State : up
PW Type : label
Tunnel ID : 0x0000000001004c4b42
Ckey : 2
Nkey : 1862271178
Main PW Token : 0x0
Tnl Type : ldp
Stp Enable : 0

PW Last Up Time : 2016/06/14 10:35:45

The command output also shows that the link between CE1 and CE2 is blocked.
[CE2] display erps
D : Discarding
F : Forwarding
R : RPL Owner
N : RPL Neighbour
FS : Forced Switch
MS : Manual Switch
--------------------------------------------------------------------------------
1 100 5 200 (F)GE0/0/1 (D,R)GE0/0/2
--------------------------------------------------------------------------------
----End
Configuration Files
#
sysname PE1
#
vlan batch 10 100
#
#
erps ring 1
control-vlan 100
version v2
sub-ring
#
mpls lsr-id 1.1.1.1
#
mpls
#
mpls l2vpn
#
vsi s1 static
pwsignal ldp
vsi-id 10
peer 3.3.3.3
#
mpls ldp
#
interface Vlanif10
l2 binding vsi s1
#
stp disable
erps ring 1
#
undo portswitch
ip address 10.1.1.1 255.255.255.0
mpls
mpls ldp
#

interface LoopBack1
ip address 1.1.1.1 255.255.255.255
#
ospf 1
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 10.1.1.0 0.0.0.255
#
return
#
sysname PE2
#
vlan batch 10 100
#
#
erps ring 1
control-vlan 100
version v2
sub-ring
#
mpls lsr-id 2.2.2.2
#
mpls
#
mpls l2vpn
#
vsi s1 static
pwsignal ldp
vsi-id 10
peer 3.3.3.3
#
mpls ldp
#
interface Vlanif10
l2 binding vsi s1
#
stp disable
erps ring 1
#
undo portswitch
ip address 10.2.1.1 255.255.255.0
mpls
mpls ldp
#
interface LoopBack1
ip address 2.2.2.2 255.255.255.255
#
ospf 1
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 10.2.1.0 0.0.0.255
#
return
#
sysname PE3
#
vlan batch 10

#
mpls lsr-id 3.3.3.3
#
mpls
#
mpls l2vpn
#
vsi s1 static
pwsignal ldp
vsi-id 10
peer 1.1.1.1
peer 2.2.2.2
#
mpls ldp
#
interface Vlanif10
l2 binding vsi s1
suppression enable percent
broadcast-suppression percent 1
multicast-suppression percent 1
unknown-unicast-suppression percent 1
#
undo portswitch
ip address 10.1.1.2 255.255.255.0
mpls
mpls ldp
#
undo portswitch
ip address 10.2.1.2 255.255.255.0
mpls
mpls ldp
#
#
interface LoopBack1
ip address 3.3.3.3 255.255.255.255
#
ospf 1
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 10.1.1.0 0.0.0.255
network 10.2.1.0 0.0.0.255
#
return
#
sysname CE1
#
vlan batch 10 100
#
#
erps ring 1
control-vlan 100
version v2
sub-ring
#
stp disable
erps ring 1

#
stp disable
erps ring 1
#
return

#
sysname CE1
#
vlan batch 10 100
#
#
erps ring 1
control-vlan 100
version v2
sub-ring
#
stp disable
erps ring 1
#
stp disable
#
return
19.12 Troubleshooting ERPS
19.12.1 Traffic Forwarding Fails in an ERPS Ring
Fault Description
After ERPS is configured, user traffic cannot be properly forwarded due to abnormal ERPS
ring status.
Procedure
Step 1 Check the port roles in the ERPS ring and status of each device in the ring.
In an ERPS ring, there should be only one RPL owner port. Other ports are common ports or
RPL neighbor ports.
Run the display erps [ ring ring-id ] verbose command in any view to check whether the
value of Ring State is Idle. (Perform this operation on each device in the ERPS ring.)
If the ERPS ring is incomplete or its status is abnormal, perform the following operations:

1. Verify that all nodes in the ERPS ring are added to the ERPS ring.
2. Check whether the ERPS ring configuration including the ERPS version number and
major ring/sub-ring on devices in the ERPS ring are the same.
3. Verify that port roles, control VLANs, and protected instances are correctly configured
on all nodes in the ERPS ring.
4. Verify that ports can allow packets of the specified VLANs to pass.
----End
19.13 References for ERPS

The following table lists the references of this document.
Document Description Remark
s
ITU-T G.8032/Y.1344 Recommendation ITU-T G.8032/Y.1344 defines the ERPSv1

(06/2008) automatic protection switching (APS) protocol and
protection switching mechanisms for ETH layer
Ethernet ring topologies. Included are details
pertaining to Ethernet ring protection characteristics,
architectures and the ring APS (R-APS) protocol.
ITU-T G.8032/Y.1344 Recommendation ITU-T G.8032/Y.1344 defines the ERPSv2

(03/2010) automatic protection switching (APS) protocol and
protection switching mechanisms for ETH layer
Ethernet ring topologies. Included are details
pertaining to Ethernet ring protection characteristics,
architectures and the ring APS (R-APS) protocol.


01-19 ERPS (G 8032) Configuration

Transféré par

Informations du document

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

01-19 ERPS (G 8032) Configuration

Transféré par

Droits d'auteur :

Formats disponibles

S1720&S2700&S5700&S6720 Series Ethernet Switches

Configuration Guide - Ethernet Switching 19 ERPS (G.8032) Configuration

19 ERPS (G.8032) Configuration

About This Chapter

19.1 Overview of ERPS

19.1 Overview of ERPS

Issue 05 (2018-05-14) Huawei Proprietary and Confidential 1062

Table 19-1 Ring network protocols supported by devices

RRPP Provides fast convergence and l Supports only level-1 sub-

STP/RSTP/MSTP l Applies to all Layer 2 Provides low convergence on a

Issue 05 (2018-05-14) Huawei Proprietary and Confidential 1063

Ring Network Advantage Disadvantage

SEP l Applies to all Layer 2 Is a Huawei proprietary

ERPS l Provides fast convergence Requires the network topology

19.2 Understanding ERPS

19.2.1 Basic ERPS Concepts

Issue 05 (2018-05-14) Huawei Proprietary and Confidential 1064

Figure 19-1 ERPS single-ring networking

ERPS can be deployed on the network shown in Figure 19-1.

Issue 05 (2018-05-14) Huawei Proprietary and Confidential 1065

Figure 19-2 ERPS major ring and sub-ring networking

Major Ring Sub-Ring

Issue 05 (2018-05-14) Huawei Proprietary and Confidential 1066

Issue 05 (2018-05-14) Huawei Proprietary and Confidential 1067

Revertive and Non-revertive Switching

ERPS rings use revertive switching by default.

Port Blocking Modes

Only ERPSv2 supports port blocking modes.

RAPS PDU Transmission Mode in a Sub-ring

Issue 05 (2018-05-14) Huawei Proprietary and Confidential 1068

Figure 19-3 Interconnected rings with a VC or NVC

Ethernet Ring Node

RPL owner Interface

RAPS Virtual Channel

When sub-ring links are discontiguous, VCs must be used.

Issue 05 (2018-05-14) Huawei Proprietary and Confidential 1069

Figure 19-4 VC networking

Ethernet Ring Node

RPL owner Interface

RAPS Virtual Channel

VC Applies to scenarios in which Requires VC resource reservation and

Issue 05 (2018-05-14) Huawei Proprietary and Confidential 1070

19.2.2 RAPS PDUs

Figure 19-5 RAPS PDU format

... R-APS Specific Information(32 octets)

Table 19-3 describes the fields in an RAPS PDU.

Table 19-3 Fields in an RAPS PDU

Version 5 bits l 0x00: ERPSv1

TLV Not Describes information to be loaded. The end TLV value is

Issue 05 (2018-05-14) Huawei Proprietary and Confidential 1071

Figure 19-6 Format of the R-APS Specific Information field in ERPSv1

Request Reserved Status Node ID(6 octets)

Reserved 2(24 octets)

Figure 19-7 Format of the R-APS Specific Information field in ERPSv2

Table 19-4 describes sub-fields in the R-APS Specific Information field.

Table 19-4 Sub-fields in the R-APS Specific Information field

Sub-Field Length Description

Reserved 1 4 bits Reserved 1 is used in ERPSv1 for message reply or protection

Issue 05 (2018-05-14) Huawei Proprietary and Confidential 1072

Sub-Field Length Description

Sub-code l If the Request/State field value is 1110, the Sub-code value

Status 8 bits Includes the following status information:

Node ID 6 x 8 bits Identifies the MAC address of a node in an ERPS ring. It is

19.2.3 ERPS Single-ring Implementation