Académique Documents
Professionnel Documents
Culture Documents
This chapter describes how to configure Ethernet Ring Protection Switching (ERPS). ERPS is
a protocol defined by the International Telecommunication Union - Telecommunication
Standardization Sector (ITU-T) to eliminate loops at Layer 2. It implements convergence of
carrier-class reliability standards, and allows all ERPS-capable devices on a ring network to
communicate.
Definition
ERPS is a protocol defined by the International Telecommunication Union -
Telecommunication Standardization Sector (ITU-T) to eliminate loops at Layer 2. Because
the standard number is ITU-T G.8032/Y1344, ERPS is also called G.8032. ERPS defines
Ring Auto Protection Switching (RAPS) Protocol Data Units (PDUs) and protection
switching mechanisms.
ERPS has two versions: ERPSv1 released by ITU-T in June 2008 and ERPSv2 released in
August 2010. EPRSv2, fully compatible with ERPSv1, provides the following enhanced
functions:
l Multi-ring topologies, such as intersecting rings
l RAPS PDU transmission on virtual channels (VCs) and non-virtual-channels (NVCs) in
sub-rings
l Forced Switch (FS) and Manual Switch (MS)
l Revertive and non-revertive switching
Purpose
Generally, redundant links are used on an Ethernet switching network such as a ring network
to provide link backup and enhance network reliability. The use of redundant links, however,
may produce loops, causing broadcast storms and rendering the MAC address table unstable.
As a result, communication quality deteriorates, and communication services may even be
interrupted. Table 19-1 describes ring network protocols supported by devices.
Ethernet networks demand faster protection switching. STP does not meet the requirement for
fast convergence. RRPP and SEP are Huawei proprietary ring protocols, which cannot be
used for communication between Huawei and non-Huawei devices on a ring network.
ERPS, a standard ITU-T protocol, prevent loops on ring networks. It optimizes detection and
performs fast convergence. ERPS allows all ERPS-capable devices on a ring network to
communicate.
Benefits
l Prevents broadcast storms and implements fast traffic switchover on a network where
there are loops.
l Provides fast convergence and carrier-class reliability.
l Allows all ERPS-capable devices on a ring network to communicate.
network. To eliminate redundant links and ensure link connectivity, ERPS is used to prevent
loops.
Network
Router1 Router2
SwitchA SwitchD
ERPS
RPL SwitchC
SwitchB
User
network
RPL owner
RPL neighbour
ERPS Ring
An ERPS ring consists of interconnected Layer 2 switching devices configured with the same
control VLAN.
An ERPS ring can be a major ring or a sub-ring. By default, an ERPS ring is a major ring.
The major ring is a closed ring, whereas a sub-ring is a non-closed ring. The major ring and
sub-ring are configured using commands. On the network shown in Figure 19-2, SwitchA
through SwitchD constitute a major ring, and SwitchC through SwitchF constitute a sub-ring.
Only ERPSv2 supports sub-rings.
SwitchC
SwitchA SwitchE
SwitchB SwitchF
SwitchD
Node
A node refers to a Layer 2 switching device added to an ERPS ring. A maximum of two ports
on each node can be added to the same ERPS ring. SwitchA through SwitchD in Figure 19-2
are nodes in an ERPS major ring.
Port Role
ERPS defines three port roles: RPL owner port, RPL neighbor port (only in ERPSv2), and
common port.
l RPL owner port
An RPL owner port is responsible for blocking traffic over the Ring Protection Link
(RPL) to prevent loops. An ERPS ring has only one RPL owner port.
When the node on which the RPL owner port resides receives an RAPS PDU indicating
a link or node fault in an ERPS ring, the node unblocks the RPL owner port. Then the
RPL owner port can send and receive traffic to ensure nonstop traffic forwarding.
The link where the RPL owner port resides is the RPL.
l RPL neighbor port
An RPL neighbor port is directly connected to an RPL owner port.
Both the RPL owner port and RPL neighbor ports are blocked in normal situations to
prevent loops.
If an ERPS ring fails, both the RPL owner and neighbor ports are unblocked.
The RPL neighbor port helps reduce the number of FDB entry updates on the device
where the RPL neighbor port resides.
l Common port
Common ports are ring ports other than the RPL owner and neighbor ports.
A common port monitors the status of the directly connected ERPS link and sends RAPS
PDUs to notify the other ports of its link status changes.
Port Status
On an ERPS ring, an ERPS-enabled port has two statuses:
l Forwarding: forwards user traffic and sends and receives RAPS PDUs.
l Discarding: only sends and receives RAPS PDUs.
Control VLAN
A control VLAN is configured in an ERPS ring to transmit RAPS PDUs.
Each ERPS ring must be configured with a control VLAN. After a port is added to an ERPS
ring configured with a control VLAN, the port is added to the control VLAN automatically.
Different ERPS rings must use different control VLANs.
Data VLAN
Unlike control VLANs, data VLANs are used to transmit data packets.
ERP Instance
On a Layer 2 device running ERPS, the VLAN in which RAPS PDUs and data packets are
transmitted must be mapped to an Ethernet Ring Protection (ERP) instance so that ERPS
forwards or blocks the packets based on configured rules. If the mapping is not configured,
the preceding packets may cause broadcast storms on the ring network. As a result, the
network becomes unavailable.
Timer
ERPS defines four timers: Guard timer, WTR timer, Holdoff timer, and WTB timer (only in
ERPSv2).
l Guard timer
After a faulty link or node recovers or a clear operation is executed, the device sends
RAPS No Request (NR) messages to inform the other nodes of the link or node recovery
and starts the Guard timer. Before the Guard timer expires, the device does not process
any RAPS (NR) messages to avoid receiving out-of-date RAPS (NR) messages. After
the Guard timer expires, if the device still receives an RAPS (NR) message, the local
port enters the Forwarding state.
l WTR timer
If an RPL owner port is unblocked due to a link or node fault, the involved port may not
go Up immediately after the link or node recovers. Blocking the RPL owner port may
cause network flapping. To prevent this problem, the node where the RPL owner port
resides starts the wait to restore (WTR) timer after receiving an RAPS (NR) message. If
the node receives an RAPS Signal Fail (SF) message before the timer expires, it
terminates the WTR timer. If the node does not receive any RAPS (SF) message before
the timer expires, it blocks the RPL owner port when the timer expires and sends an
RAPS (no request, root blocked) message. After receiving this RAPS (NR, RB)
message, the nodes set their recovered ports on the ring to the Forwarding state.
l Holdoff timer
On Layer 2 networks running EPRS, there may be different requirements for protection
switching. For example, on a network where multi-layer services are provided, after a
server fails, users may require a period of time to rectify the server fault so that clients do
not detect the fault. You can set the Holdoff timer. If the fault occurs, the fault is not
immediately sent to ERPS until the Holdoff timer expires.
l WTB timer
The wait to block (WTB) timer starts when Forced Switch (FS) or Manual Switch (MS)
is performed. Because multiple nodes on an ERPS ring may be in FS or MS state, the
clear operation takes effect only after the WTB timer expires. This prevents the RPL
owner port from being blocked immediately.
The WTB timer value cannot be configured. Its value is the Guard timer value plus 5.
The default WTB timer value is 7s.
l In revertive switching, the RPL owner port is re-blocked after the WTR timer expires,
and the RPL is blocked.
l In non-revertive switching, the WTR timer is not started, and the original faulty link is
still blocked.
ERPSv1 supports only revertive switching. ERPSv2 supports both revertive and non-revertive
switching.
In addition to FS and MS operations, ERPS also supports the clear operation. The clear
operation has the following functions:
l Clears an existing FS or MS operation.
l Triggers revertive switching before the WTR or WTB timer expires in the case of
revertive switching operations.
l Triggers revertive switching in the case of non-revertive switching operations.
l VC: RAPS PDUs in sub-rings are transmitted to the major ring through interconnected
nodes. The RPL owner port of the sub-ring blocks both RAPS PDUs and data traffic.
l NVC: RAPS PDUs in sub-rings are terminated on the interconnected nodes. The RPL
owner port blocks data traffic but not RAPS PDUs in each sub-ring.
On the network shown in Figure 19-3, a major ring is interconnected with two sub-rings. The
sub-ring on the left has a VC, whereas the sub-ring on the right has an NVC.
Major Ring
Sub-Ring Sub-Ring
with virtual without virtual
channel channel
Interconnection Node
By default, sub-rings use NVCs to transmit RAPS PDUs, except for the scenario shown in
Figure 19-4.
NOTE
On the network shown in Figure 19-4, links b and d belong to major rings 1 and 2
respectively; links a and c belong to the sub-ring. As links a and c are discontiguous, they
cannot detect the status change between each other, so VCs must be used for RAPS PDU
transmission.
Sub-Ring
with virtual
channel
b d
Major Major
Ring1 Ring2
c
Interconnection Node
Table 19-2 lists the advantages and disadvantages of RAPS PDU transmission modes in sub-
rings with VCs or NVCs.
Table 19-2 Comparison between RAPS PDU transmission modes in a sub-ring with VCs or
NVCs
RAPS Advantage Disadvantage
PDU
Transmis
sion
Mode in
a Sub-
ring
NVC Does not need to reserve Is not applicable to scenarios in which sub-
resources or control VLAN ring links are discontiguous.
assignment from adjacent rings.
ERPS protocol packets are called Ring Auto Protection Switching (RAPS) Protocol Data
Units (PDUs), which are transmitted in ERPS rings to convey ERPS ring information. Figure
19-5 shows the RAPS PDU format.
...
37
[optional TLV starts here;otherwise End TLV]
last End TLV(0)
MEL 3 bits Identifies the maintenance entity group (MEG) level of the
RAPS PDU.
OpCode 8 bits Indicates an RAPS PDU. The value of this field is 0x28.
Flags 8 bits Is ignored upon RAPS PDU receiving. The value of this field
is 0x00.
TLV Offset 8 bits Indicates that the TLV starts after an offset of 32 bytes. The
value of this field is 0x20.
R-APS Specific 32x8 Is the core field in an RAPS PDU and carries ERPS ring
Information bits information. There are differences between sub-fields in
ERPSv1 and ERPSv2. Figure 19-6 shows the R-APS
Specific Information field format in ERPSv1. Figure 19-7
shows the R-APS Specific Information field format in
ERPSv2.
(Node ID)
Request/ 4 bits Indicates that this RAPS PDU is a request or state PDU. The
State value can be:
l 1101: forced switch (FS)
l 1110: Event
l 1011: signal failed (SF)
l 0111: manual switch (MS)
l 0000: no request (NR)
l Others: reserved
Reserved 2 24 x 8 bits Is reserved and ignored upon RAPS PDU receiving. The value
is all 0 during RAPS PDU transmission.
Network
Router1 Router2
SwitchA SwitchE
ERPS
RPL SwitchD
SwitchB
User
network
Blocked Interface
Data Flow
A Link Fails
As shown in Figure 19-9, if the link between SwitchD and SwitchE fails, the ERPS
protection switching mechanism is triggered. The ports on both ends of the faulty link are
blocked, and the RPL owner port and RPL neighbor port are unblocked to send and receive
traffic. This mechanism ensures nonstop traffic transmission. The process is as follows:
1. After SwitchD and SwitchE detect the link fault, they block their ports on the faulty link
and update Filtering Database (FDB) entries.
2. SwitchD and SwitchE send three consecutive RAPS Signal Fail (SF) messages to the
other LSWs and send one RAPS (SF) message at an interval of 5s afterwards.
3. After receiving an RAPS (SF) message, the other LSWs update their FDB entries.
SwitchC on which the RPL owner port resides and SwitchB on which the RPL neighbor
port resides unblock the respective RPL owner port and RPL neighbor port, and update
FDB entries.
Figure 19-9 ERPS single-ring networking (unblocking the RPL owner port and RPL neighbor
port if a link fails)
Network
Router1 Router2
SwitchA SwitchE
ERPS
SwitchB RPL
SwitchD
User
network Failed Link
Blocked Interface
Data Flow
l If the ERPS ring uses revertive switching, the RPL owner port is blocked again, and the
link that has recovered is used to forward traffic.
l If the ERPS ring uses non-revertive switching, the RPL remains unblocked, and the link
that has recovered is still blocked.
The following example uses revertive switching to illustrate the process after the link
recovers.
1. After the link between SwitchD and SwitchE recovers, SwitchD and SwitchE start the
Guard timer to avoid receiving out-of-date RAPS PDUs. The two switches do not
receive any RAPS PDUs before the timer expires. At the same time, SwitchD and
SwitchE send RAPS (NR) messages to the other LSWs.
2. After receiving an RAPS (NR) message, SwitchC on which the RPL owner port resides
starts the WTR timer. After the WTR timer expires, SwitchC blocks the RPL owner port
and sends RAPS (NR, RB) messages.
3. After receiving an RAPS (NR, RB) message, SwitchD and SwitchE unblock the ports at
the two ends of the link that has recovered, stop sending RAPS (NR) messages, and
update FDB entries. The other LSWs also update FDB entries after receiving an RAPS
(NR, RB) message.
Protection Switching
l Forced switch
On the network shown in Figure 19-10, SwitchA through SwitchE in the ERPS ring can
communicate with each other. A forced switch (FS) operation is performed on the
SwitchE's port that connects to SwitchD, and the SwitchE's port is blocked. Then the
RPL owner port and RPL neighbor port are unblocked to send and receive traffic. This
mechanism ensures nonstop traffic transmission. The process is as follows:
a. After the SwitchD's port that connects to SwitchE is forcibly blocked, SwitchE
update FDB entries.
b. SwitchE sends three consecutive RAPS (SF) messages to the other LSWs and sends
one RAPS (SF) message at an interval of 5s afterwards.
c. After receiving an RAPS (SF) message, the other LSWs update their FDB entries.
SwitchC on which the RPL owner port resides and SwitchB on which the RPL
neighbor port resides unblock the respective RPL owner port and RPL neighbor
port, and update FDB entries.
Network
Router1 Router2
SwitchA SwitchE
ERPS
SwitchB RPL
SwitchD
User
network
Blocked Interface
Data Flow
l Clear
After a clear operation is performed on SwitchE, the port that is forcibly blocked by FS
sends RAPS (NR) messages to all other ports in the ERPS ring.
– If the ERPS ring uses revertive switching, the RPL owner port starts the WTB timer
after receiving an RAPS (NR) message. After the WTB timer expires, the FS
operation is cleared. Then the RPL owner port is blocked, and the blocked port on
SwitchE is unblocked. If you perform a clear operation on SwitchC on which the
RPL owner port resides before the WTB timer expires, the RPL owner port is
immediately blocked, and the blocked port on SwitchE is unblocked.
– If the ERPS ring uses non-revertive switching and you want to block the RPL
owner port, perform a clear operation on SwitchC on which the RPL owner port
resides.
l Manual switch
The MS process in an ERPS ring is similar to the FS process. The difference is that the
MS operation does not take effect when the ERPS ring is not idle or pending.
Network
Router1 Router2
SwitchA SwitchE
Sub-Ring2
Sub-Ring1 RP
L SwitchC L
RP
SwitchF SwitchG
PC1 PC2
RPL owner
Data Flow
A Link Fails
As shown in Figure 19-12, if the link between SwitchD and SwitchG fails, the ERPS
protection switching mechanism is triggered. The ports on both ends of the faulty link are
blocked, and the RPL owner port in sub-ring 2 is unblocked to send and receive traffic. In this
situation, traffic from PC1 still travels along the original path. SwitchC and SwitchD inform
the other nodes in the major ring of the topology change so that traffic from PC2 is also not
interrupted. Traffic between PC2 and the upper-layer network travels along the path PC2 ->
SwitchG -> SwitchC -> SwitchB -> SwitchA -> SwitchE -> Router2. The process is as
follows:
1. After SwitchD and SwitchG detect the link fault, they block their ports on the faulty link
and update Filtering Database (FDB) entries.
2. SwitchG sends three consecutive RAPS (SF) messages to the other LSWs and sends one
RAPS (SF) message at an interval of 5s afterwards.
3. SwitchG then unblocks the RPL owner port and updates FDB entries.
4. After the interconnected node SwitchC receives an RAPS (SF) message, it updates FDB
entries. SwitchC and SwitchD then send RAPS Event messages within the major ring to
notify the topology change in sub-ring 2.
5. After receiving an RAPS Event message, the other LSWs in the major ring update FDB
entries.
Then traffic from PC2 is switched to a normal link.
Figure 19-12 ERPS multi-ring networking (unblocking the RPL owner port if a link fails)
Network
Router1 Router2
SwitchA SwitchE
SwitchG
PC1 PC2
Blocked Interface
Data Flow
Network
Router1 Router2
SwitchE
SwitchA
ERPS Ring2
ERPS Ring1
SwitchD
SwitchB
Interface2 Interface1
SwitchC
Ring1 Blocked Port
CE1 Ring2 Blocked Port
Data Flow1
VLAN 100-200 Data Flow2
and VLAN 300-
400
To improve link use efficiency, only two logical rings can be configured in the same physical
ring in the ERPS multi-instance. A port may have different roles in different ERPS rings and
different ERPS rings use different control VLANs. A physical ring can have two blocked
ports accordingly. Each blocked port independently monitors the physical ring status and is
blocked or unblocked. An ERPS ring must be configured with an ERP instance, and each
ERP instance specifies a range of VLANs. The topology calculated for a specific ERPS ring
only takes effect in the ERPS ring. Different VLANs can use separate paths, implementing
traffic load balancing and link backup.
As shown in Figure 19-13, you can configure ERPS Ring1 and ERPS Ring2 in the physical
ring consisting of SwitchA through SwitchE. Interface1 is the blocked port in ERPS Ring1.
The VLANs mapping to the ERP instance is VLANs 100 to 200. Interface2 is the blocked
port in ERPS Ring2. The VLANs mapping to the ERP instance is VLANs 300 to 400. After
the configuration is completed, data from VLANs 100 to 200 is forwarded through Data
Flow1, and data from VLANs 300 to 400 is forwarded through Data Flow2. In this manner,
load balancing is implemented and link use efficiency is improved.
Generally, redundant links are used on an Ethernet switching network to provide link backup
and enhance network reliability. The use of redundant links, however, may produce loops,
causing broadcast storms and rendering the MAC address table unstable. As a result,
communication quality deteriorates, and communication services may even be interrupted.
To prevent loops caused by redundant links, enable ERPS on the nodes of the ring network.
ERPS is a Layer 2 loop-breaking protocol defined by the ITU-T, and provides fast
convergence of carrier-class reliability standards.
Network
Router1 Router2
SwitchE
SwitchA
ERPS SwitchD
SwitchB
RPL
RPL Owner
SwitchC
User User
network1 network3
User
network2
Blocked Port
Data Flow1
Data Flow2
Data Flow3
As shown in Figure 19-14, SwitchA through SwitchE constitute a ring. The ring runs ERPS
to provide protection switching for Layer 2 redundant links and prevent loops that cause
broadcast storms and render the MAC address table unstable.
Generally, the RPL owner port is blocked and does not forward service packets, preventing
loops. If a fault occurs on the link between SwitchA and SwitchB, ERPS will unblock the
blocked RPL owner port and traffic from User network1 and User network2 is forwarded
through the path SwitchC ->SwitchD ->SwitchE.
Configure ERPS single-ring You can configure ERPS 19.7 Configuring ERPSv1
networking single-ring networking when
there is only one ring in the
network topology.
Licensing Requirements
ERPS configuration commands are available only after the S1720GW, S1720GWR, and
S1720X have the license (WEB management to full management Electronic RTU License)
loaded and activated and the switches are restarted. ERPS configuration commands on other
models are not under license control.
For details about how to apply for a license, see S Series Switch License Use Guide.
Version Requirements
S3700HI V200R001C00
S5710-C-LI V200R001C00
S5730SI V200R011C10
S5730S-EI V200R011C10
NOTE
To know details about software mappings, see Hardware Query Tool.
Feature Limitations
l V200R002 and earlier versions support only ERPSv1.
l Before adding a port to an ERPS ring, ensure that port security has been disabled on the
port. Otherwise, loops cannot be eliminated.
l Before adding a port to an ERPS ring, ensure that the Spanning Tree Protocol (STP),
Rapid Ring Protection Protocol (RRPP), Smart Ethernet Protection (SEP), or Smart Link
is not enabled on the port.
l The service loopback function and ERPS cannot be configured on an Eth-Trunk
simultaneously.
l The S6700EI does not support association between an ERPS interface and Ethernet
CFM.
Context
ERPS works for ERPS rings. An ERPS ring consists of interconnected Layer 2 switching
devices configured with the same control VLAN and data VLAN. Before configuring other
ERPS functions, you must configure an ERPS ring.
Procedure
Step 1 Run:
system-view
Step 2 Run:
erps ring ring-id
The description of the device is configured. The description can contain the ERPS ring ID,
which facilitate device maintenance in an ERPS ring.
By default, the description of an ERPS ring is the ERPS ring name, for example, Ring 1.
----End
Context
In an ERPS ring, the control VLAN is used only to forward RAPS PDUs but not service
packets, so the security of ERPS is improved. All the devices in an ERPS ring must be
configured with the same control VLAN, and different ERPS rings must use different control
VLANs.
Procedure
Step 1 Run:
system-view
Step 2 Run:
erps ring ring-id
Step 3 Run:
control-vlan vlan-id
l The control VLAN specified by vlan-id must be a VLAN that has not been created or
used.
l If you run the control-vlan command multiple times, only the latest configuration takes
effect.
l If the ERPS ring contains ports, the control VLAN cannot be changed. To delete the
configured control VLAN, run the undo erps ring command in the interface view or the
undo port command in the ERPS ring view to delete ports from the ERPS ring, and run
the undo control-vlan command to delete the control VLAN.
l After a control VLAN is created, the vlan batch vlan-id1 [ to vlan-id2 ] &<1-10>
command used to create common VLANs is displayed in the configuration file.
l After a port is added to an ERPS ring configured with a control VLAN, the port is added
to the control VLAN.
– If the port is a trunk port, the port trunk allow-pass vlan vlan-id command is
displayed in the record of the port that has been added to the ERPS ring in the
configuration file.
– If the port is a hybrid port, the port hybrid tagged vlan vlan-id command is
displayed in the record of the port that has been added to the ERPS ring in the
configuration file.
----End
Context
On a Layer 2 device running ERPS, the VLAN in which RAPS PDUs and data packets are
transmitted must be mapped to an ERP instance so that ERPS forwards or blocks the packets
based on configured rules. If the mapping is not configured, the preceding packets may cause
broadcast storms on the ring network. As a result, the network becomes unavailable.
Procedure
Step 1 Run:
system-view
NOTE
l If the stp mode (system view) command is used to set the STP working mode to VLAN-based
Spanning Tree (VBST), the ERP instance specified by the protected-instance command must be the
created static instance.
l If you run the protected-instance command multiple times in the same ERPS ring, multiple ERP
instances are configured.
l If the ERPS ring contains ports, the ERP instance cannot be changed. To delete the configured ERP
instance, run the undo erps ring command in the interface view or the undo port command in the
ERPS ring view to delete ports from the ERPS ring, and run the undo protected instance command
to delete the ERP instance.
Step 4 Run:
quit
2. Run:
instance instance-id vlan { vlan-id [ to vlan-id ] } &<1-10>
– A VLAN cannot be mapped to multiple MSTIs. If you map a VLAN that has already been
mapped to an MSTI to another MSTI, the original mapping will be deleted.
– The vlan-mapping modulo modulo command configures the mapping between MSTIs and
VLANs based on the default algorithm. However, the mapping configured using this command
cannot always meet the actual demand. Therefore, running this command is not recommended.
– To configure the mapping between an ERP instance and a MUX VLAN, you are advised to
configure the principal VLAN, subordinate group VLANs, and subordinate separate VLANs
of the MUX VLAN in the same ERP instance. Otherwise, loops may occur.
3. Run:
active region-configuration
The mapping between the ERP instance and the VLAN is activated.
----End
Context
After ERPS is configured, add Layer 2 ports to an ERPS ring and configure port roles so that
ERPS can work properly.
You can add a Layer 2 port to an ERPS ring in either of the following ways:
l In the ERPS ring view, add a specified port to the ERPS ring and configure the port role.
l In the interface view, add the current port to the ERPS ring and configure the port role.
NOTE
l A port can be added to at most two ERPS rings, but cannot be added to ERPS rings configured with
the same protected instance.
l An ERPS-enabled port needs to allow packets of control VLANs and data VLANs to pass through,
so the link type of the port must be configured as trunk or hybrid.
l Flush-FDB packets for updating MAC addresses cannot be separately sent, so do not configure a
direct link between two upstream nodes as the RPL.
l Before changing the port role, use the shutdown command to disable the port. When the port role is
changed, use the undo shutdown command to enable the port. This prevents traffic interruptions.
l Before adding an interface to an ERPS ring, disable port security on the interface; otherwise, loops
cannot be prevented.
Prerequisites
l The port is not a Layer 3 port. If the port is a Layer 3 port, run the portswitch command
to switch the port to the Layer 2 mode.
l Spanning Tree Protocol (STP), Rapid Ring Protection Protocol (RRPP), Smart Ethernet
Protection (SEP), or Smart Link is not enabled on the port.
– If the port has STP enabled, run the stp disable command in the interface view to
disable STP.
– If the port has RRPP enabled, run the undo ring ring-id command in the RRPP
domain view to disable RRPP.
– If the port has SEP enabled, run the undo sep segment segment-id command in the
interface view to disable SEP.
– If the port has Smart Link enabled, run the undo port command in the Smart Link
group view to disable Smart Link.
l The control-vlan command has been executed to configure a control VLAN and the
protected-instance command has been executed to configure an ERP instance.
Procedure
Step 1 Run:
system-view
Step 2 Add a Layer 2 port to an ERPS ring and configure the port role in either of the following
ways.
l In the ERPS ring view, add a specified port to the ERPS ring and configure the port role.
a. Run:
interface interface-type interface-number
g. Run:
port interface-type interface-number [ rpl owner ]
The port is added to the ERPS ring and its role is configured. If rpl owner is
specified, the port is configured as an RPL owner port. If rpl owner is not
specified, the port is a common port.
l In the interface view, add the current port to the ERPS ring and configure the port role.
a. Run:
interface interface-type interface-number
The current port is added to the ERPS ring and its role is configured. If rpl owner
is specified, the port is configured as an RPL owner port. If rpl owner is not
specified, the port is a common port.
----End
Context
After a link or node failure in an ERPS ring recovers, the device starts timers in the ERPS
ring to reduce traffic interruptions. This prevents network flapping.
Procedure
Step 1 Run:
system-view
Step 3 Configure the WTR timer, Guard timer, and Holdoff timer in the ERPS ring according to
actual networking.
l Run:
wtr-timer time-value
----End
Context
On a Layer 2 network running ERPS, if another fault detection protocol (for example, CFM)
is enabled, the MEL field in RAPS PDUs determines whether the RAPS PDUs can be
forwarded. If the MEL value in an ERPS ring is smaller than the MEL value of the fault
detection protocol, the RAPS PDUs have a lower priority and are discarded. If the MEL value
in an ERPS ring is larger than the MEL value of the fault detection protocol, the RAPS PDUs
can be forwarded. In addition, the MEL value can also be used for interworking with other
vendors' devices in an ERPS ring. The same MEL value ensures smooth communication
between devices.
Procedure
Step 1 Run:
system-view
Step 2 Run:
erps ring ring-id
Step 3 Run:
raps-mel level-id
----End
Context
Association between Ethernet Connectivity Fault Management (CFM) and Ethernet Ring
Protection Switching (ERPS) on a port added to an ERPS ring accelerates fault detection,
implements fast convergence, and shortens traffic interruptions.
Before configuring association between ERPS and Ethernet CFM, configure basic CFM
functions on the port added to the ERPS ring. For details, see Configuring Basic Ethernet
CFM Functions in "CFM Configuration" in the S1720&S2700&S5700&S6720 V200R011C10
Configuration Guide - Reliability.
Procedure
Step 1 Run:
system-view
Step 2 Run:
interface interface-type interface-number
Step 3 Run:
erps ring ring-id track cfm md md-name ma ma-name mep mep-id remote-mep rmep-id
The association between ERPS and CFM takes effect only when the interface has ERPS
associated with CFM and has an interface-based MEP created using the mep mep-id
command.
----End
Follow-up Procedure
After ERPS is associated with Ethernet CFM, ensure that the maintenance entity group level
(MEL) value of Ring Auto Protection Switching (RAPS) Protocol Data Units (PDUs) in
ERPS rings is larger than the MEL value in CFM protocol packets. Otherwise, Ethernet CFM
cannot allow RAPS PDUs to pass through. The MEL value can be used for interworking with
other vendors' devices in an ERPS ring. The same MEL value ensures smooth communication
between devices.
You can run the raps-mel level-id command in the ERPS ring view to set the MEL value in
RAPS PDUs.
Context
ERPS works for ERPS rings. An ERPS ring consists of interconnected Layer 2 switching
devices configured with the same control VLAN and data VLAN. Before configuring other
ERPS functions, configure an ERPS ring.
Procedure
Step 1 Run:
system-view
ERPSv2 is specified.
By default, ERPSv1 is used.
Before specifying ERPSv1 for an ERPSv2-enabled device, delete all ERPS configurations
that ERPSv1 does not support.
Step 4 (Optional) Run:
sub-ring
the undo port command in the ERPS ring view to delete the port from the ERPS ring. Then
run the sub-ring command to configure the ERPS ring as a sub-ring.
Step 5 (Optional) Run:
virtual-channel { enable | disable }
NOTE
If a virtual channel (VC) needs to be used, configure VCs on all nodes of a sub-ring and intersecting
point of the sub-ring and major ring.
----End
Procedure
Step 1 Run:
system-view
undo port command in the ERPS ring view to delete ports from the ERPS ring, and run
the undo control-vlan command to delete the control VLAN.
l After a control VLAN is created, the vlan batch vlan-id1 [ to vlan-id2 ] &<1-10>
command used to create common VLANs is displayed in the configuration file.
l After a port is added to an ERPS ring configured with a control VLAN, the port is added
to the control VLAN.
– If the port is a trunk port, the port trunk allow-pass vlan vlan-id command is
displayed in the record of the port that has been added to the ERPS ring in the
configuration file.
– If the port is a hybrid port, the port hybrid tagged vlan vlan-id command is
displayed in the record of the port that has been added to the ERPS ring in the
configuration file.
----End
Context
On a Layer 2 device running ERPS, the VLAN in which RAPS PDUs and data packets are
transmitted must be mapped to an ERP instance so that ERPS forwards or blocks the packets
based on configured rules. If the mapping is not configured, the preceding packets may cause
broadcast storms on the ring network. As a result, the network becomes unavailable.
Procedure
Step 1 Run:
system-view
NOTE
l If the stp mode (system view) command is used to set the STP working mode to VLAN-based
Spanning Tree (VBST), the ERP instance specified by the protected-instance command must be the
created static instance.
l If you run the protected-instance command multiple times in the same ERPS ring, multiple ERP
instances are configured.
l If the ERPS ring contains ports, the ERP instance cannot be changed. To delete the configured ERP
instance, run the undo erps ring command in the interface view or the undo port command in the
ERPS ring view to delete ports from the ERPS ring, and run the undo protected instance command
to delete the ERP instance.
Step 4 Run:
quit
– A VLAN cannot be mapped to multiple MSTIs. If you map a VLAN that has already been
mapped to an MSTI to another MSTI, the original mapping will be deleted.
– The vlan-mapping modulo modulo command configures the mapping between MSTIs and
VLANs based on the default algorithm. However, the mapping configured using this command
cannot always meet the actual demand. Therefore, running this command is not recommended.
– To configure the mapping between an ERP instance and a MUX VLAN, you are advised to
configure the principal VLAN, subordinate group VLANs, and subordinate separate VLANs
of the MUX VLAN in the same ERP instance. Otherwise, loops may occur.
3. Run:
active region-configuration
The mapping between the ERP instance and the VLAN is activated.
----End
Context
After ERPS is configured, add Layer 2 ports to an ERPS ring and configure port roles so that
ERPS can work properly.
You can add a Layer 2 port to an ERPS ring in either of the following ways:
l In the ERPS ring view, add a specified port to the ERPS ring and configure the port role.
l In the interface view, add the current port to the ERPS ring and configure the port role.
NOTE
Prerequisites
l The port is not a Layer 3 port. If the port is a Layer 3 port, run the portswitch command
to switch the port to the Layer 2 mode.
l Spanning Tree Protocol (STP), Rapid Ring Protection Protocol (RRPP), Smart Ethernet
Protection (SEP), or Smart Link is not enabled on the port.
– If the port has STP enabled, run the stp disable command in the interface view to
disable STP.
– If the port has RRPP enabled, run the undo ring ring-id command in the RRPP
domain view to disable RRPP.
– If the port has SEP enabled, run the undo sep segment segment-id command in the
interface view to disable SEP.
– If the port has Smart Link enabled, run the undo port command in the Smart Link
group view to disable Smart Link.
l The control-vlan command has been executed to configure a control VLAN and the
protected-instance command has been executed to configure an ERP instance.
Procedure
Step 1 Run:
system-view
The port is added to the ERPS ring and its role is configured.
l In the interface view, add the current port to the ERPS ring and configure the port role.
a. Run:
interface interface-type interface-number
The current port is added to the ERPS ring and its role is configured.
----End
In addition, if an ERPS ring frequently receives topology change notifications, its nodes will
have lower CPU processing capability and repeatedly update Flush-FDB packets, consuming
much bandwidth. To resolve this problem, set the topology change protection interval at
which topology change notifications are sent to suppress topology change notification
transmission, and set the maximum number of topology change notifications that can be
processed during the topology change protection interval to prevent frequent MAC address
and ARP entry updates.
Procedure
Step 1 Run:
system-view
The ERPS ring is configured to notify other ERPS rings of its topology change.
ring-id1 [ to ring-id2 ] specifies the start and end ring IDs of the ERPS rings that will be
notified of the topology change. Ensure that the ERPS rings specified by ring-id1 and ring-
id2 exist. If the specified rings do not exist, the topology change notification function does not
take effect.
After the ERPS rings receive the topology change notification from an ERPS ring, they send
Flush-FDB messages on their separate rings to instruct their nodes to update MAC addresses
so that user traffic is not interrupted.
Step 4 (Optional) Run:
tc-protection interval interval-value
The topology change protection interval at which topology change notification messages are
sent is set.
Step 5 (Optional) Run:
tc-protection threshold threshold-value
The number of times ERPS parses topology change notifications and updates forwarding
entries in the topology change protection interval is set.
The topology change protection interval is the one specified by the tc-protection interval
command.
----End
Context
To ensure that ERPS rings function normally when a node or link fails, configure revertive/
non-revertive switching, port blocking mode, and timers.
Procedure
Step 1 Run:
system-view
----End
Context
After a link or node failure in an ERPS ring recovers, the device starts timers in the ERPS
ring to reduce traffic interruptions. This prevents network flapping.
Procedure
Step 1 Run:
system-view
Step 2 Run:
erps ring ring-id
----End
Procedure
Step 1 Run:
system-view
The association between ERPS and CFM takes effect only when the interface has ERPS
associated with CFM and has an interface-based MEP created using the mep mep-id
command.
----End
Follow-up Procedure
After ERPS is associated with Ethernet CFM, ensure that the maintenance entity group level
(MEL) value of Ring Auto Protection Switching (RAPS) Protocol Data Units (PDUs) in
ERPS rings is larger than the MEL value in CFM protocol packets. Otherwise, Ethernet CFM
cannot allow RAPS PDUs to pass through. The MEL value can be used for interworking with
other vendors' devices in an ERPS ring. The same MEL value ensures smooth communication
between devices.
You can run the raps-mel level-id command in the ERPS ring view to set the MEL value in
RAPS PDUs.
By default, the MEL in RAPS PDUs is 7.
Prerequisites
1. A routing protocol has been run on the PEs on the VPLS network to ensure that they can
communicate.
2. Basic MPLS capabilities have been configured on the VPLS network, and LDP LSPs has
been established.
3. VPLS connections have been established between each two PEs, and each Ethernet sub-
interface or VLANIF interface has been bound to a VSI.
4. Interfaces on CEs and PEs have been added to the ERPS ring.
Context
On the VPLS network shown in Figure 19-15, CEs are dual-homed to PEs. However, PE3
receives two copies of CE1 traffic from both PE1 and PE2. To resolve this problem, enable
ERPS on CE1, CE2, PE1, and PE2 and configure CE2's interface2 as an RPL owner port to
block traffic from CE1. In this way, CE1's traffic reaches PE3 over PE1 without traversing
CE2, thereby preventing any duplicate traffic or loops.
In Figure 19-15, the ERPS ring connects to a VPLS network through Ethernet sub-interfaces
or VLANIF interfaces. To ensure that the VPLS network can promptly detect topology
changes of the ERPS ring, enable topology change notification on the main interface through
which PE1 and PE2 access the ERPS ring.
Figure 19-15 Example for configuring ERPS over VPLS in scenarios where a CE is dual-
homed to PEs (through Ethernet sub-interfaces or VLANIF interfaces)
VPLS Network
CE1 PE1
interface1 interface1
interface2
interface2 interface1
ERPS PW
sub-ring PE3
PW interface2
interface2
RPL owner
Sub-interface
VLANIF interface
NOTE
Only the S5720EI, S5720HI, S6720EI, and S6720S-EI support this function.
Procedure
Step 1 Run:
system-view
Step 2 Run:
interface interface-type interface-number
Step 3 Run:
erps vpls-subinterface enable
By default, the interface does not instruct VSI-bound sub-interfaces or VLANIF interfaces to
update MAC address entries promptly after the ERPS ring topology changes.
After topology change notification is enabled on the interface, when the forwarding status of
the interface changes to Discarding, its VSI-bound sub-interfaces or member interfaces of the
VLANIF interface will change to the Discarding state to prevent loops on the VPLS network
on which a CE is dual-homed to PEs.
----End
Context
Before recollecting ERPS statistics, run the reset erps command to clear existing ERPS
statistics.
NOTICE
The cleared ERPS statistics cannot be restored. Exercise caution when you run this command.
Procedure
Step 1 Run the reset erps [ ring ring-id ] statistics command to clear packet statistics in an ERPS
ring.
----End
Networking Requirements
Generally, redundant links are used on an Ethernet switching network to provide link backup
and enhance network reliability. The use of redundant links, however, may produce loops,
causing broadcast storms and rendering the MAC address table unstable. As a result,
communication quality deteriorates, and communication services may even be interrupted.
To prevent loops caused by redundant links, enable ERPS on the nodes of the ring network.
ERPS is a Layer 2 loop-breaking protocol defined by the ITU-T, and provides fast
convergence of carrier-class reliability standards.
Figure 19-16 shows a network on which a multi-instance ERPS ring is used. SwitchA
through SwitchD constitute a ring network at the aggregation layer to implement service
aggregation at Layer 2 and process Layer 3 services. ERPS is used on the ring network to
provide protection switching for Layer 2 redundant links. ERPS ring 1 and ERPS ring 2 are
configured on SwitchA through SwitchD. P1 on SwitchB is a blocked port in ERPS ring 1,
and P2 on SwitchA is a blocked port in ERPS ring 2, implementing load balancing and link
backup.
Network
Router1 Router2
ERPS
GE0/0/2
GE0/0/1
SwitchA P2 GE0/0/2
SwitchB
GE0/0/1 P1
VLAN: VLAN:
100~200 300~400
ERPS ring1
ERPS ring2
Blocked Port1
Blocked Port2
Data Flow1
Data Flow2
Configuration Roadmap
The configuration roadmap is as follows:
1. Configure the link type of all ports to be added to ERPS rings as trunk.
2. Create ERPS rings and configure control VLANs and Ethernet Ring Protection (ERP)
instances in the ERPS rings.
3. Add Layer 2 ports to ERPS rings and specify port roles.
4. Configure the Guard timers and WTR timers in the ERPS rings.
5. Configure Layer 2 forwarding on SwitchA through SwitchD.
Procedure
Step 1 Configure the link type of all ports to be added to an ERPS ring as trunk.
# Configure SwitchA.
<HUAWEI> system-view
[HUAWEI] sysname SwitchA
[SwitchA] interface gigabitethernet 0/0/1
[SwitchA-GigabitEthernet0/0/1] port link-type trunk
[SwitchA-GigabitEthernet0/0/1] quit
[SwitchA] interface gigabitethernet 0/0/2
[SwitchA-GigabitEthernet0/0/2] port link-type trunk
[SwitchA-GigabitEthernet0/0/2] quit
# Configure SwitchB.
<HUAWEI> system-view
[HUAWEI] sysname SwitchB
[SwitchB] interface gigabitethernet 0/0/1
[SwitchB-GigabitEthernet0/0/1] port link-type trunk
[SwitchB-GigabitEthernet0/0/1] quit
[SwitchB] interface gigabitethernet 0/0/2
[SwitchB-GigabitEthernet0/0/2] port link-type trunk
[SwitchB-GigabitEthernet0/0/2] quit
# Configure SwitchC.
<HUAWEI> system-view
[HUAWEI] sysname SwitchC
[SwitchC] interface gigabitethernet 0/0/1
[SwitchC-GigabitEthernet0/0/1] port link-type trunk
[SwitchC-GigabitEthernet0/0/1] quit
[SwitchC] interface gigabitethernet 0/0/2
[SwitchC-GigabitEthernet0/0/2] port link-type trunk
[SwitchC-GigabitEthernet0/0/2] quit
# Configure SwitchD.
<HUAWEI> system-view
[HUAWEI] sysname SwitchD
[SwitchD] interface gigabitethernet 0/0/1
[SwitchD-GigabitEthernet0/0/1] port link-type trunk
[SwitchD-GigabitEthernet0/0/1] quit
[SwitchD] interface gigabitethernet 0/0/2
[SwitchD-GigabitEthernet0/0/2] port link-type trunk
[SwitchD-GigabitEthernet0/0/2] quit
Step 2 Create ERPS ring 1 and ERPS ring 2 and configure ERP instances in the two rings. Set the
control VLAN ID of ERPS ring 1 to 10 and the control VLAN ID of ERPS ring 2 to 20.
Enable ERPS ring 1 to transmit data packets from VLANs 100 to 200 and enable ERPS ring 2
to transmit data packets from VLANs 300 to 400.
# Configure SwitchA.
[SwitchA] erps ring 1
[SwitchA-erps-ring1] control-vlan 10
[SwitchA-erps-ring1] protected-instance 1
[SwitchA-erps-ring1] quit
[SwitchA] stp region-configuration
[SwitchA-mst-region] instance 1 vlan 10 100 to 200
[SwitchA-mst-region] active region-configuration
[SwitchA-mst-region] quit
[SwitchA] erps ring 2
[SwitchA-erps-ring2] control-vlan 20
[SwitchA-erps-ring2] protected-instance 2
[SwitchA-erps-ring2] quit
[SwitchA] stp region-configuration
# Configure SwitchB.
[SwitchB] erps ring 1
[SwitchB-erps-ring1] control-vlan 10
[SwitchB-erps-ring1] protected-instance 1
[SwitchB-erps-ring1] quit
[SwitchB] stp region-configuration
[SwitchB-mst-region] instance 1 vlan 10 100 to 200
[SwitchB-mst-region] active region-configuration
[SwitchB-mst-region] quit
[SwitchB] erps ring 2
[SwitchB-erps-ring2] control-vlan 20
[SwitchB-erps-ring2] protected-instance 2
[SwitchB-erps-ring2] quit
[SwitchB] stp region-configuration
[SwitchB-mst-region] instance 2 vlan 20 300 to 400
[SwitchB-mst-region] active region-configuration
[SwitchB-mst-region] quit
# Configure SwitchC.
[SwitchC] erps ring 1
[SwitchC-erps-ring1] control-vlan 10
[SwitchC-erps-ring1] protected-instance 1
[SwitchC-erps-ring1] quit
[SwitchC] stp region-configuration
[SwitchC-mst-region] instance 1 vlan 10 100 to 200
[SwitchC-mst-region] active region-configuration
[SwitchC-mst-region] quit
[SwitchC] erps ring 2
[SwitchC-erps-ring2] control-vlan 20
[SwitchC-erps-ring2] protected-instance 2
[SwitchC-erps-ring2] quit
[SwitchC] stp region-configuration
[SwitchC-mst-region] instance 2 vlan 20 300 to 400
[SwitchC-mst-region] active region-configuration
[SwitchC-mst-region] quit
# Configure SwitchD.
[SwitchD] erps ring 1
[SwitchD-erps-ring1] control-vlan 10
[SwitchD-erps-ring1] protected-instance 1
[SwitchD-erps-ring1] quit
[SwitchD] stp region-configuration
[SwitchD-mst-region] instance 1 vlan 10 100 to 200
[SwitchD-mst-region] active region-configuration
[SwitchD-mst-region] quit
[SwitchD] erps ring 2
[SwitchD-erps-ring2] control-vlan 20
[SwitchD-erps-ring2] protected-instance 2
[SwitchD-erps-ring2] quit
[SwitchD] stp region-configuration
[SwitchD-mst-region] instance 2 vlan 20 300 to 400
[SwitchD-mst-region] active region-configuration
[SwitchD-mst-region] quit
Step 3 Add Layer 2 ports to ERPS rings and specify port roles. Configure GE 0/0/1 on SwitchA and
GE 0/0/2 on SwitchB as their respective RPL owner ports.
# Configure SwitchA.
[SwitchA] interface gigabitethernet 0/0/1
[SwitchA-GigabitEthernet0/0/1] stp disable
[SwitchA-GigabitEthernet0/0/1] erps ring 1
[SwitchA-GigabitEthernet0/0/1] erps ring 2 rpl owner
[SwitchA-GigabitEthernet0/0/1] quit
[SwitchA] interface gigabitethernet 0/0/2
[SwitchA-GigabitEthernet0/0/2] stp disable
[SwitchA-GigabitEthernet0/0/2] erps ring 1
[SwitchA-GigabitEthernet0/0/2] erps ring 2
[SwitchA-GigabitEthernet0/0/2] quit
# Configure SwitchB.
[SwitchB] interface gigabitethernet 0/0/1
[SwitchB-GigabitEthernet0/0/1] stp disable
[SwitchB-GigabitEthernet0/0/1] erps ring 1
[SwitchB-GigabitEthernet0/0/1] erps ring 2
[SwitchB-GigabitEthernet0/0/1] quit
[SwitchB] interface gigabitethernet 0/0/2
[SwitchB-GigabitEthernet0/0/2] stp disable
[SwitchB-GigabitEthernet0/0/2] erps ring 1 rpl owner
[SwitchB-GigabitEthernet0/0/2] erps ring 2
[SwitchB-GigabitEthernet0/0/2] quit
# Configure SwitchC.
[SwitchC] interface gigabitethernet 0/0/1
[SwitchC-GigabitEthernet0/0/1] stp disable
[SwitchC-GigabitEthernet0/0/1] erps ring 1
[SwitchC-GigabitEthernet0/0/1] erps ring 2
[SwitchC-GigabitEthernet0/0/1] quit
[SwitchC] interface gigabitethernet 0/0/2
[SwitchC-GigabitEthernet0/0/2] stp disable
[SwitchC-GigabitEthernet0/0/2] erps ring 1
[SwitchC-GigabitEthernet0/0/2] erps ring 2
[SwitchC-GigabitEthernet0/0/2] quit
# Configure SwitchD.
[SwitchD] interface gigabitethernet 0/0/1
[SwitchD-GigabitEthernet0/0/1] stp disable
[SwitchD-GigabitEthernet0/0/1] erps ring 1
[SwitchD-GigabitEthernet0/0/1] erps ring 2
[SwitchD-GigabitEthernet0/0/1] quit
[SwitchD] interface gigabitethernet 0/0/2
[SwitchD-GigabitEthernet0/0/2] stp disable
[SwitchD-GigabitEthernet0/0/2] erps ring 1
[SwitchD-GigabitEthernet0/0/2] erps ring 2
[SwitchD-GigabitEthernet0/0/2] quit
Step 4 Configure the Guard timers and WTR timers in the ERPS rings.
# Configure SwitchA.
[SwitchA] erps ring 1
[SwitchA-erps-ring1] wtr-timer 6
[SwitchA-erps-ring1] guard-timer 100
[SwitchA-erps-ring1] quit
[SwitchA] erps ring 2
[SwitchA-erps-ring2] wtr-timer 6
[SwitchA-erps-ring2] guard-timer 100
[SwitchA-erps-ring2] quit
# Configure SwitchB.
[SwitchB] erps ring 1
[SwitchB-erps-ring1] wtr-timer 6
[SwitchB-erps-ring1] guard-timer 100
[SwitchB-erps-ring1] quit
[SwitchB] erps ring 2
[SwitchB-erps-ring2] wtr-timer 6
[SwitchB-erps-ring2] guard-timer 100
[SwitchB-erps-ring2] quit
# Configure SwitchC.
[SwitchC] erps ring 1
[SwitchC-erps-ring1] wtr-timer 6
[SwitchC-erps-ring1] guard-timer 100
[SwitchC-erps-ring1] quit
[SwitchC] erps ring 2
[SwitchC-erps-ring2] wtr-timer 6
[SwitchC-erps-ring2] guard-timer 100
[SwitchC-erps-ring2] quit
# Configure SwitchD.
[SwitchD] erps ring 1
[SwitchD-erps-ring1] wtr-timer 6
[SwitchD-erps-ring1] guard-timer 100
[SwitchD-erps-ring1] quit
[SwitchD] erps ring 2
[SwitchD-erps-ring2] wtr-timer 6
[SwitchD-erps-ring2] guard-timer 100
[SwitchD-erps-ring2] quit
# Configure SwitchB.
[SwitchB] vlan batch 100 to 200 300 to 400
[SwitchB] interface gigabitethernet 0/0/1
[SwitchB-GigabitEthernet0/0/1] port trunk allow-pass vlan 100 to 200 300 to 400
[SwitchB-GigabitEthernet0/0/1] quit
[SwitchB] interface gigabitethernet 0/0/2
[SwitchB-GigabitEthernet0/0/2] port trunk allow-pass vlan 100 to 200 300 to 400
[SwitchB-GigabitEthernet0/0/2] quit
# Configure SwitchC.
[SwitchC] vlan batch 100 to 200 300 to 400
[SwitchC] interface gigabitethernet 0/0/1
[SwitchC-GigabitEthernet0/0/1] port trunk allow-pass vlan 100 to 200 300 to 400
[SwitchC-GigabitEthernet0/0/1] quit
[SwitchC] interface gigabitethernet 0/0/2
[SwitchC-GigabitEthernet0/0/2] port trunk allow-pass vlan 100 to 200 300 to 400
[SwitchC-GigabitEthernet0/0/2] quit
# Configure SwitchD.
[SwitchD] vlan batch 100 to 200 300 to 400
[SwitchD] interface gigabitethernet 0/0/1
[SwitchD-GigabitEthernet0/0/1] port trunk allow-pass vlan 100 to 200 300 to 400
[SwitchD-GigabitEthernet0/0/1] quit
[SwitchD] interface gigabitethernet 0/0/2
[SwitchD-GigabitEthernet0/0/2] port trunk allow-pass vlan 100 to 200 300 to 400
[SwitchD-GigabitEthernet0/0/2] quit
# Run the display erps verbose command to check detailed information about the ERPS ring
and ports added to the ERPS ring. SwitchB is used as an example.
[SwitchB] display erps verbose
Ring ID : 1
Description : Ring 1
Control Vlan : 10
Protected Instance : 1
Service Vlan : 100 to 200
WTR Timer Setting (min) : 6 Running (s) : 0
Guard Timer Setting (csec) : 100 Running (csec) : 0
Holdoff Timer Setting (deciseconds) : 0 Running (deciseconds) : 0
WTB Timer Running (csec) : 0
Ring State : Idle
RAPS_MEL : 7
Revertive Mode : Revertive
R-APS Channel Mode : -
Version : 1
Sub-ring : No
Forced Switch Port : -
Manual Switch Port : -
TC-Notify : -
Time since last topology change : 0 days 0h:35m:5s
--------------------------------------------------------------------------------
Port Port Role Port Status Signal Status
--------------------------------------------------------------------------------
GE0/0/1 Common Forwarding Non-failed
GE0/0/2 RPL Owner Discarding Non-failed
Ring ID : 2
Description : Ring 2
Control Vlan : 20
Protected Instance : 2
Service Vlan : 300 to 400
WTR Timer Setting (min) : 6 Running (s) : 0
Guard Timer Setting (csec) : 100 Running (csec) : 0
Holdoff Timer Setting (deciseconds) : 0 Running (deciseconds) : 0
WTB Timer Running (csec) : 0
Ring State : Idle
RAPS_MEL : 7
Revertive Mode : Revertive
R-APS Channel Mode : -
Version : 1
Sub-ring : No
Forced Switch Port : -
Manual Switch Port : -
TC-Notify : -
Time since last topology change : 0 days 0h:35m:30s
--------------------------------------------------------------------------------
Port Port Role Port Status Signal Status
--------------------------------------------------------------------------------
GE0/0/1 Common Forwarding Non-failed
GE0/0/2 Common Forwarding Non-failed
----End
Configuration Files
l SwitchA configuration file
#
sysname SwitchA
#
vlan batch 10 20 100 to 200 300 to 400
#
stp region-configuration
instance 1 vlan 10 100 to 200
instance 2 vlan 20 300 to 400
active region-configuration
#
erps ring 1
control-vlan 10
protected-instance 1
wtr-timer 6
guard-timer 100
erps ring 2
control-vlan 20
protected-instance 2
wtr-timer 6
guard-timer 100
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10 20 100 to 200 300 to 400
stp disable
erps ring 1
erps ring 2 rpl owner
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 10 20 100 to 200 300 to 400
stp disable
erps ring 1
erps ring 2
#
return
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 10 20 100 to 200 300 to 400
stp disable
erps ring 1 rpl owner
erps ring 2
#
return
l SwitchC configuration file
#
sysname SwitchC
#
vlan batch 10 20 100 to 200 300 to 400
#
stp region-configuration
instance 1 vlan 10 100 to 200
instance 2 vlan 20 300 to 400
active region-configuration
#
erps ring 1
control-vlan 10
protected-instance 1
wtr-timer 6
guard-timer 100
erps ring 2
control-vlan 20
protected-instance 2
wtr-timer 6
guard-timer 100
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10 20 100 to 200 300 to 400
stp disable
erps ring 1
erps ring 2
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 10 20 100 to 200 300 to 400
stp disable
erps ring 1
erps ring 2
#
return
l SwitchD configuration file
#
sysname SwitchD
#
vlan batch 10 20 100 to 200 300 to 400
#
stp region-configuration
instance 1 vlan 10 100 to 200
instance 2 vlan 20 300 to 400
active region-configuration
#
erps ring 1
control-vlan 10
protected-instance 1
wtr-timer 6
guard-timer 100
erps ring 2
control-vlan 20
protected-instance 2
wtr-timer 6
guard-timer 100
#
interface GigabitEthernet0/0/1
Networking Requirements
Generally, redundant links are used on an Ethernet switching network to provide link backup
and enhance network reliability. The use of redundant links, however, may produce loops,
causing broadcast storms and rendering the MAC address table unstable. As a result,
communication quality deteriorates, and communication services may even be interrupted.
To prevent loops caused by redundant links, enable ERPS on the nodes of the ring network.
ERPS is a Layer 2 loop-breaking protocol defined by the ITU-T, and provides fast
convergence of carrier-class reliability standards.
As shown in Figure 19-17, intersecting ERPS rings are used. SwitchA, SwitchB, SwitchC,
and SwitchD constitute the major ring, and SwitchA, LSW1, LSW2, LSW3, and SwitchD
constitute a sub-ring.
Network
Router1 Router2
GE0/0/2
GE0/0/3
GE0/0/1 GE0/0/3 GE0/0/1
GE0/0/1 sub-ring GE0/0/2
ring 2 LSW3
LSW1
GE0/0/2 GE0/0/1
GE0/0/1 GE0/0/2
LSW2 RPL owner
Configuration Roadmap
The configuration roadmap is as follows:
1. Configure the link type of all ports to be added to ERPS rings as trunk.
2. Create ERPS rings and configure control VLANs and Ethernet Ring Protection (ERP)
instances in the ERPS rings.
3. Specify the ERPS version and configure a sub-ring.
4. Add Layer 2 ports to ERPS rings and specify port roles.
5. Configure the topology change notification and TC protection.
6. Configure the Guard timers and WTR timers in the ERPS rings.
7. Configure Layer 2 forwarding on SwitchA through SwitchD and LSW1 through LSW3.
Procedure
Step 1 Configure the link type of all ports to be added to ERPS rings as trunk.
# Configure SwitchA. The configurations of SwitchB, SwitchC, SwitchD, LSW1, LSW2, and
LSW3 are similar to the configuration of SwitchA, and are not mentioned here.
<HUAWEI> system-view
[HUAWEI] sysname SwitchA
[SwitchA] interface gigabitethernet 0/0/1
[SwitchA-GigabitEthernet0/0/1] port link-type trunk
[SwitchA-GigabitEthernet0/0/1] quit
[SwitchA] interface gigabitethernet 0/0/2
[SwitchA-GigabitEthernet0/0/2] port link-type trunk
[SwitchA-GigabitEthernet0/0/2] quit
[SwitchA] interface gigabitethernet 0/0/3
[SwitchA-GigabitEthernet0/0/3] port link-type trunk
[SwitchA-GigabitEthernet0/0/3] quit
Step 2 Create ERPS ring 1 and ERPS ring 2 and configure ERP instances in the two rings. Set the
control VLAN ID of ERPS ring 1 to 10 and the control VLAN ID of ERPS ring 2 to 20.
Enable ERPS rings 1 and 2 to transmit data packets from VLANs 100 to 200.
# Configure SwitchA. The configurations of SwitchB, SwitchC, SwitchD, LSW1, LSW2, and
LSW3 are similar to the configuration of SwitchA, and are not mentioned here.
[SwitchA] stp region-configuration
[SwitchA-mst-region] instance 1 vlan 10 20 100 to 200
[SwitchA-mst-region] active region-configuration
[SwitchA-mst-region] quit
[SwitchA] erps ring 1
[SwitchA-erps-ring1] control-vlan 10
[SwitchA-erps-ring1] protected-instance 1
[SwitchA-erps-ring1] quit
[SwitchA] erps ring 2
[SwitchA-erps-ring2] control-vlan 20
[SwitchA-erps-ring2] protected-instance 1
[SwitchA-erps-ring2] quit
Step 4 Add the ports to ERPS rings and specify port roles. Configure GE0/0/1 on SwitchB and
GE0/0/2 on LSW3 as their respective RPL owner ports.
# Configure SwitchA. The configurations of SwitchC, SwitchD, LSW1, and LSW2 are
similar to the configurations of SwitchA, and are not mentioned here.
[SwitchA] interface gigabitethernet 0/0/1
[SwitchA-GigabitEthernet0/0/1] stp disable
[SwitchA-GigabitEthernet0/0/1] erps ring 2
[SwitchA-GigabitEthernet0/0/1] quit
[SwitchA] interface gigabitethernet 0/0/2
[SwitchA-GigabitEthernet0/0/2] stp disable
[SwitchA-GigabitEthernet0/0/2] erps ring 1
[SwitchA-GigabitEthernet0/0/2] quit
[SwitchA] interface gigabitethernet 0/0/3
Step 5 Configure the topology change notification function and TC protection on SwitchA and
SwitchD (interconnecting nodes).
# Configure SwitchA.
[SwitchA] erps ring 1
[SwitchA-erps-ring1] tc-protection interval 200
[SwitchA-erps-ring1] tc-protection threshold 60
[SwitchA-erps-ring1] quit
[SwitchA] erps ring 2
[SwitchA-erps-ring2] tc-notify erps ring 1
[SwitchA-erps-ring2] quit
# Configure SwitchD.
[SwitchD] erps ring 1
[SwitchD-erps-ring1] tc-protection interval 200
[SwitchD-erps-ring1] tc-protection threshold 60
[SwitchD-erps-ring1] quit
[SwitchD] erps ring 2
[SwitchD-erps-ring2] tc-notify erps ring 1
[SwitchD-erps-ring2] quit
Step 6 Configure the Guard timers and WTR timers in the ERPS rings.
# Configure SwitchA. The configurations of SwitchB, SwitchC, SwitchD, LSW1, LSW2, and
LSW3 are similar to the configuration of SwitchA, and are not mentioned here.
[SwitchA] erps ring 1
[SwitchA-erps-ring1] wtr-timer 6
[SwitchA-erps-ring1] guard-timer 100
[SwitchA-erps-ring1] quit
[SwitchA] erps ring 2
[SwitchA-erps-ring2] wtr-timer 6
[SwitchA-erps-ring2] guard-timer 100
[SwitchA-erps-ring2] quit
# Run the display erps verbose command to check detailed information about the ERPS ring
and ports added to the ERPS ring.
[SwitchB] display erps verbose
Ring ID : 1
Description : Ring 1
Control Vlan : 10
Protected Instance : 1
Service Vlan : 100 to 200
WTR Timer Setting (min) : 6 Running (s) : 0
Guard Timer Setting (csec) : 100 Running (csec) : 0
Holdoff Timer Setting (deciseconds) : 0 Running (deciseconds) : 0
WTB Timer Running (csec) : 0
Ring State : Idle
RAPS_MEL : 7
Revertive Mode : Revertive
R-APS Channel Mode : -
Version : 2
Sub-ring : No
Forced Switch Port : -
Manual Switch Port : -
TC-Notify : -
Time since last topology change : 0 days 4h:12m:20s
--------------------------------------------------------------------------------
Port Port Role Port Status Signal Status
--------------------------------------------------------------------------------
GE0/0/1 RPL Owner Discarding Non-failed
GE0/0/2 Common Forwarding Non-failed
----End
Configuration Files
l SwitchA configuration file
#
sysname SwitchA
#
vlan batch 10 20 100 to 200
#
stp region-configuration
instance 1 vlan 10 20 100 to 200
active region-configuration
#
erps ring 1
control-vlan 10
protected-instance 1
wtr-timer 6
guard-timer 100
version v2
tc-protection interval 200
tc-protection threshold 60
erps ring 2
control-vlan 20
protected-instance 1
wtr-timer 6
guard-timer 100
version v2
sub-ring
tc-notify erps ring 1
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 20 100 to 200
stp disable
erps ring 2
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 10 100 to 200
stp disable
erps ring 1
#
interface GigabitEthernet0/0/3
port link-type trunk
port trunk allow-pass vlan 10 100 to 200
stp disable
erps ring 1
#
return
l SwitchB configuration file
#
sysname SwitchB
#
vlan batch 10 100 to 200
#
stp region-configuration
instance 1 vlan 10 100 to 200
active region-configuration
#
erps ring 1
control-vlan 10
protected-instance 1
wtr-timer 6
guard-timer 100
version v2
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10 100 to 200
stp disable
erps ring 1 rpl owner
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 10 100 to 200
stp disable
erps ring 1
#
return
l SwitchC configuration file
#
sysname SwitchC
#
vlan batch 10 100 to 200
#
stp region-configuration
instance 1 vlan 10 100 to 200
active region-configuration
#
erps ring 1
control-vlan 10
protected-instance 1
wtr-timer 6
guard-timer 100
version v2
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10 100 to 200
stp disable
erps ring 1
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 10 100 to 200
stp disable
erps ring 1
#
return
#
return
l LSW1 configuration file
#
sysname LSW1
#
vlan batch 20 100 to 200
#
stp region-configuration
instance 1 vlan 20 100 to 200
active region-configuration
#
erps ring 2
control-vlan 20
protected-instance 1
wtr-timer 6
guard-timer 100
version v2
sub-ring
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 20 100 to 200
stp disable
erps ring 2
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 20 100 to 200
stp disable
erps ring 2
#
return
l LSW2 configuration file
#
sysname LSW2
#
vlan batch 20 100 to 200
#
stp region-configuration
instance 1 vlan 20 100 to 200
active region-configuration
#
erps ring 2
control-vlan 20
protected-instance 1
wtr-timer 6
guard-timer 100
version v2
sub-ring
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 20 100 to 200
stp disable
erps ring 2
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 20 100 to 200
stp disable
erps ring 2
#
return
l LSW3 configuration file
#
sysname LSW3
#
vlan batch 20 100 to 200
#
stp region-configuration
instance 1 vlan 20 100 to 200
active region-configuration
#
erps ring 2
control-vlan 20
protected-instance 1
wtr-timer 6
guard-timer 100
version v2
sub-ring
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 20 100 to 200
stp disable
erps ring 2
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 20 100 to 200
stp disable
erps ring 2 rpl owner
#
return
Networking Requirements
To configure ERPS over VPLS in scenarios where a CE is dual-homed to PEs, enable ERPS
on CE1, CE2, PE1, and PE2 and configure the ERPS sub-ring to access the VPLS network in
NVC mode. Using Ethernet sub-interfaces to access the VPLS network must have the TC
notification function enabled so that the VPLS network can have ARP and MAC address
entries updated promptly after receiving TC packets. On the VPLS network shown in Figure
19-18, CEs are dual-homed to PEs through Ethernet sub-interfaces. However, this networking
will cause PE3 to receive two copies of CE1 traffic from both PE1 and PE2. To resolve this
problem, enable ERPS on CE1, CE2, PE1, and PE2 and configure CE2's GE0/0/2 as an RPL
owner port to block traffic from CE1. In this way, CE1's traffic reaches PE3 over PE1 without
traversing CE2, thereby preventing any duplicate traffic or loops.
In Figure 19-18, the ERPS ring connects to a VPLS network through Ethernet sub-interfaces.
Figure 19-18 Configuring ERPS over VPLS in scenarios where a CE is dual-homed to PEs
(through Ethernet sub-interfaces)
VPLS Network
CE1 PE1
GE0/0/1 GE0/0/1.1
GE0/0/2
GE0/0/2 GE0/0/1
ERPS PW PE3
sub-ring GE0/0/3.1
PW GE0/0/2
GE0/0/2
RPL owner
Sub-interface
NOTE
This section uses CE dual-homing scenarios as an example. The configurations of ERPS over VPLS in
CE single-homing scenarios are similar to those in CE dual-homing scenarios.
The IP addresses of the interfaces on PE1, PE2, and PE3 are listed in Table 19-8.
PE1 GE0/0/1.1 --
GE0/0/2 10.1.1.1/24
Loopback1 1.1.1.1/32
PE2 GE0/0/1.1 --
GE0/0/2 10.2.1.1/24
Loopback1 2.2.2.2/32
GE0/0/2 10.2.1.2/24
GE0/0/3.1 --
Loopback1 3.3.3.3/32
Configuration Roadmap
The configuration roadmap is as follows:
1. Run an IGP protocol on the PEs to ensure that they can communicate on the VPLS
network.
2. Configure basic MPLS capabilities on the VPLS network, and establish LDP LSPs.
3. Establish VPLS connections between every two PEs and bind each Ethernet sub-
interface to a VSI.
4. Configure ERPS, including:
– Enable ERPS on CE1, CE2, PE1, and PE2.
– Configure CE2's GE0/0/2 as an RPL owner port.
Data Preparation
To complete the configuration, you need the following data:
l Data needed for configuring OSPF: IP address of each interface, OSPF process ID, and
OSPF domain ID
l MPLS LSR ID (as the MPLS peer address)
l VSI name and VSI ID
l Names of the VSI-bound Ethernet sub-interfaces
l ERPS ring ID, control VLAN ID, and RPL owner port number
Procedure
Step 1 Assign an IP address to each interface and configure an IGP on the VPLS network to allow
PEs to communicate. This example uses OSPF as the IGP.
When configuring OSPF, advertise the 32-bit IP addresses of loopback interfaces, which are
used as LSR IDs, on the PEs.
For configuration details, see Configuration Files in this section.
Step 2 Configure basic MPLS capabilities on the MPLS backbone network, and set up LDP LSPs
among the PEs.
# Configure PE1.
[PE1] mpls lsr-id 1.1.1.1
[PE1] mpls
[PE1-mpls] quit
[PE1] mpls ldp
[PE1-mpls-ldp] quit
[PE1] interface gigabitethernet 0/0/2
[PE1-GigabitEthernet0/0/2] mpls
[PE1-GigabitEthernet0/0/2] mpls ldp
[PE1-GigabitEthernet0/0/2] quit
# Configure PE2.
[PE2] mpls lsr-id 2.2.2.2
[PE2] mpls
[PE2-mpls] quit
[PE2] mpls ldp
[PE2-mpls-ldp] quit
[PE2] interface gigabitethernet 0/0/2
[PE2-GigabitEthernet0/0/2] mpls
[PE2-GigabitEthernet0/0/2] mpls ldp
[PE2-GigabitEthernet0/0/2] quit
# Configure PE3.
# Configure PE2.
[PE2] mpls l2vpn
[PE2-l2vpn] quit
# Configure PE3.
[PE3] mpls l2vpn
[PE3-l2vpn] quit
# Configure PE2.
[PE2] vsi s1 static
[PE2-vsi-s1] pwsignal ldp
[PE2-vsi-s1-ldp] vsi-id 10
[PE2-vsi-s1-ldp] peer 3.3.3.3
[PE2-vsi-s1-ldp] quit
[PE2-vsi-s1] quit
[PE2] interface gigabitethernet 0/0/1.1
[PE2-GigabitEthernet0/0/1.1] shutdown
[PE2-GigabitEthernet0/0/1.1] dot1q termination vid 10
[PE2-GigabitEthernet0/0/1.1] l2 binding vsi s1
[PE2-GigabitEthernet0/0/1.1] undo shutdown
[PE2-GigabitEthernet0/0/1.1] quit
# Configure PE3.
[PE3] vsi s1 static
[PE3-vsi-s1] pwsignal ldp
[PE3-vsi-s1-ldp] vsi-id 10
[PE3-vsi-s1-ldp] peer 1.1.1.1
[PE3-vsi-s1-ldp] peer 2.2.2.2
[PE3-vsi-s1-ldp] quit
[PE3-vsi-s1] quit
[PE3] interface gigabitethernet 0/0/3.1
[PE3-GigabitEthernet0/0/3.1] shutdown
[PE3-GigabitEthernet0/0/3.1] dot1q termination vid 10
[PE3-GigabitEthernet0/0/3.1] l2 binding vsi s1
[PE3-GigabitEthernet0/0/3.1] undo shutdown
[PE3-GigabitEthernet0/0/3.1] quit
# Configure PE2.
[PE2] erps ring 1
[PE2-erps-ring1] control-vlan 100
[PE2-erps-ring1] protected-instance 1
[PE2-erps-ring1] version v2
[PE2-erps-ring1] sub-ring
[PE2-erps-ring1] quit
[PE2] stp region-configuration
[PE2-mst-region] instance 1 vlan 10 100
[PE2-mst-region] active region-configuration
[PE2-mst-region] quit
[PE2] interface gigabitethernet 0/0/1
[PE2-GigabitEthernet0/0/1] port link-type trunk
[PE2-GigabitEthernet0/0/1] stp disable
[PE2-GigabitEthernet0/0/1] erps ring 1
[PE2-GigabitEthernet0/0/1] erps vpls-subinterface enable
[PE2-GigabitEthernet0/0/1] quit
# Configure CE1.
<Switch> system-view
[Switch] sysname CE1
[CE1] erps ring 1
[CE1-erps-ring1] control-vlan 100
[CE1-erps-ring1] protected-instance 1
[CE1-erps-ring1] version v2
[CE1-erps-ring1] sub-ring
[CE1-erps-ring1] quit
[CE1] stp region-configuration
[CE1-mst-region] instance 1 vlan 10 100
[CE1-mst-region] active region-configuration
[CE1-mst-region] quit
[CE1] interface gigabitethernet 0/0/1
[CE1-GigabitEthernet0/0/1] port link-type trunk
[CE1-GigabitEthernet0/0/1] port trunk allow-pass vlan 10
[CE1-GigabitEthernet0/0/1] stp disable
[CE1-GigabitEthernet0/0/1] erps ring 1
[CE1-GigabitEthernet0/0/1] quit
[CE1] interface gigabitethernet 0/0/2
# Configure CE2.
<Switch> system-view
[Switch] sysname CE2
[CE2] erps ring 1
[CE2-erps-ring1] control-vlan 100
[CE2-erps-ring1] protected-instance 1
[CE2-erps-ring1] version v2
[CE2-erps-ring1] sub-ring
[CE2-erps-ring1] quit
[CE2] stp region-configuration
[CE2-mst-region] instance 1 vlan 10 100
[CE2-mst-region] active region-configuration
[CE2-mst-region] quit
[CE2] interface gigabitethernet 0/0/1
[CE2-GigabitEthernet0/0/1] port link-type trunk
[CE2-GigabitEthernet0/0/1] port trunk allow-pass vlan 10
[CE2-GigabitEthernet0/0/1] stp disable
[CE2-GigabitEthernet0/0/1] erps ring 1
[CE2-GigabitEthernet0/0/1] quit
[CE2] interface gigabitethernet 0/0/2
[CE2-GigabitEthernet0/0/2] port link-type trunk
[CE2-GigabitEthernet0/0/2] port trunk allow-pass vlan 10
[CE2-GigabitEthernet0/0/2] stp disable
[CE2-GigabitEthernet0/0/2] erps ring 1 rpl owner
[CE2-GigabitEthernet0/0/2] quit
After completing the configuration, run the display vsi name s1 verbose command on PE3.
The command output shows that PE3 has established PWs with PE1 (1.1.1.1) and PE2
(2.2.2.2).
[PE3] display vsi name s1 verbose
***VSI Name : s1
Administrator VSI : no
Isolate Spoken : disable
VSI Index : 2
PW Signaling : ldp
Member Discovery Style : static
PW MAC Learn Style : unqualify
Encapsulation Type : vlan
MTU : 1500
Diffserv Mode : uniform
Mpls Exp : --
DomainId : 255
Domain Name :
Ignore AcState : disable
P2P VSI : disable
Create Time : 0 days, 1 hours, 19 minutes, 38 seconds
VSI State : up
VSI ID : 10
*Peer Router ID : 1.1.1.1
Negotiation-vc-id : 10
primary or secondary : primary
ignore-standby-state : no
VC Label : 32891
Peer Type : dynamic
Session : up
Tunnel ID : 0x0000000001004c4b41
Broadcast Tunnel ID : --
Broad BackupTunnel ID : --
CKey : 2
NKey : 1862271177
Stp Enable : 0
PwIndex : 1
Control Word : disable
BFD for PW : unavailable
*Peer Router ID : 2.2.2.2
Negotiation-vc-id : 10
primary or secondary : primary
ignore-standby-state : no
VC Label : 32892
Peer Type : dynamic
Session : up
Tunnel ID : 0x0000000001004c4b42
Broadcast Tunnel ID : --
Broad BackupTunnel ID : --
CKey : 2
NKey : 1862271178
Stp Enable : 0
PwIndex : 2
Control Word : disable
BFD for PW : unavailable
**PW Information:
The command output also shows that the link between CE1 and CE2 is blocked.
----End
Configuration Files
l PE1 configuration file
#
sysname PE1
#
vlan batch 100
#
stp region-configuration
instance 1 vlan 10 100
active region-configuration
#
erps ring 1
control-vlan 100
protected-instance 1
version v2
sub-ring
#
mpls lsr-id 1.1.1.1
#
mpls
#
mpls l2vpn
#
vsi s1 static
pwsignal ldp
vsi-id 10
peer 3.3.3.3
#
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 100
stp disable
erps ring 1
erps vpls-subinterface enable
#
interface GigabitEthernet0/0/1.1
dot1q termination vid 10
l2 binding vsi s1
#
interface GigabitEthernet0/0/2
undo portswitch
ip address 10.1.1.1 255.255.255.0
mpls
mpls ldp
#
interface LoopBack1
ip address 1.1.1.1 255.255.255.255
#
ospf 1
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 10.1.1.0 0.0.0.255
#
return
l PE2 configuration file
#
sysname PE2
#
vlan batch 100
#
stp region-configuration
instance 1 vlan 10 100
active region-configuration
#
erps ring 1
control-vlan 100
protected-instance 1
version v2
sub-ring
#
mpls lsr-id 2.2.2.2
#
mpls
#
mpls l2vpn
#
vsi s1 static
pwsignal ldp
vsi-id 10
peer 3.3.3.3
#
mpls ldp
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 100
stp disable
erps ring 1
erps vpls-subinterface enable
#
interface GigabitEthernet0/0/1.1
dot1q termination vid 10
l2 binding vsi s1
#
interface GigabitEthernet0/0/2
undo portswitch
ip address 10.2.1.1 255.255.255.0
mpls
mpls ldp
#
interface LoopBack1
ip address 2.2.2.2 255.255.255.255
#
ospf 1
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 10.2.1.0 0.0.0.255
#
return
l PE3 configuration file
#
sysname PE3
#
mpls lsr-id 3.3.3.3
#
mpls
#
mpls l2vpn
#
vsi s1 static
pwsignal ldp
vsi-id 10
peer 1.1.1.1
peer 2.2.2.2
#
mpls ldp
#
interface GigabitEthernet0/0/1
undo portswitch
ip address 10.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/2
undo portswitch
ip address 10.2.1.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/3.1
dot1q termination vid 10
l2 binding vsi s1
#
interface LoopBack1
ip address 3.3.3.3 255.255.255.255
#
ospf 1
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 10.1.1.0 0.0.0.255
network 10.2.1.0 0.0.0.255
#
return
l CE1 configuration file
#
sysname CE1
#
vlan batch 10 100
#
stp region-configuration
instance 1 vlan 10 100
active region-configuration
#
erps ring 1
control-vlan 100
protected-instance 1
version v2
sub-ring
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10 100
stp disable
erps ring 1
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 10 100
stp disable
erps ring 1
#
return
l CE2 configuration file
#
sysname CE1
#
vlan batch 10 100
#
stp region-configuration
instance 1 vlan 10 100
active region-configuration
#
erps ring 1
control-vlan 100
protected-instance 1
version v2
sub-ring
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10 100
stp disable
erps ring 1
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 10 100
stp disable
erps ring 1 rpl owner
#
return
Networking Requirements
To configure ERPS over VPLS in scenarios where a CE is dual-homed to PEs, enable ERPS
on CE1, CE2, PE1, and PE2 and configure the ERPS sub-ring to access the VPLS network in
NVC mode. Using VLANIF interfaces to access the VPLS network must have the TC
notification function enabled so that the VPLS network can have ARP and MAC address
entries updated promptly after receiving TC packets. On the VPLS network shown in Figure
19-19, CEs are dual-homed to PEs. However, this networking will cause PE3 to receive two
copies of CE1 traffic from both PE1 and PE2. To resolve this problem, enable ERPS on CE1,
CE2, PE1, and PE2 and configure CE2's GE0/0/2 as an RPL owner port to block traffic from
CE1. In this way, CE1's traffic reaches PE3 over PE1 without traversing CE2, thereby
preventing any duplicate traffic or loops.
In Figure 19-19, the ERPS ring connects to a VPLS ring through VLANIF interfaces.
Figure 19-19 Configuring ERPS over VPLS in scenarios where CE1 is dual-homed to PE1
and PE2 through VLANIF interfaces
VPLS Network
CE1 PE1
GE0/0/1 VLANIF10
GE0/0/2
GE0/0/2 GE0/0/1
ERPS PW PE3
sub-ring VLANIF10
PW GE0/0/2
GE0/0/2
RPL owner
Sub-interface
NOTE
This section uses CE dual-homing scenarios as an example. The configurations of ERPS over VPLS in
CE single-homing scenarios are similar to those in CE dual-homing scenarios.
The IP addresses of the interfaces on PE1, PE2, and PE3 are listed in Table 19-9.
PE1 GE0/0/1 --
GE0/0/2 10.1.1.1/24
Loopback1 1.1.1.1/32
PE2 GE0/0/1 --
GE0/0/2 10.2.1.1/24
Loopback1 2.2.2.2/32
GE0/0/2 10.2.1.2/24
GE0/0/3 --
Loopback1 3.3.3.3/32
Configuration Roadmap
The configuration roadmap is as follows:
1. Run an IGP protocol on the PEs to ensure that they can communicate on the VPLS
network.
2. Configure basic MPLS capabilities on the VPLS network, and establish LDP LSPs.
3. Establish VPLS connections between each two PEs and bind each VLANIF interface to
a VSI.
4. Configure ERPS, including:
– Enable ERPS on CE1, CE2, PE1, and PE2.
– Configure CE2's GE0/0/2 as an RPL owner port.
Data Preparation
To complete the configuration, you need the following data:
l Data needed for configuring OSPF: IP address of each interface, OSPF process ID, and
OSPF domain ID
l MPLS LSR ID (as the MPLS peer address)
l VSI name and VSI ID
l VSI-bound VLANIF interfaces
l ERPS ring ID, control VLAN ID, and RPL owner port number
Procedure
Step 1 Assign an IP address to each interface and configure an IGP on the VPLS network to allow
PEs to communicate. This example uses OSPF as the IGP.
When configuring OSPF, advertise the 32-bit IP addresses of loopback interfaces, which are
used as LSR IDs, on the PEs.
For configuration details, see Configuration Files in this section.
Step 2 Configure basic MPLS capabilities on the MPLS backbone network, and set up LDP LSPs
among the PEs.
# Configure PE1.
[PE1] mpls lsr-id 1.1.1.1
[PE1] mpls
[PE1-mpls] quit
[PE1] mpls ldp
[PE1-mpls-ldp] quit
[PE1] interface gigabitethernet 0/0/2
[PE1-GigabitEthernet0/0/2] mpls
[PE1-GigabitEthernet0/0/2] mpls ldp
[PE1-GigabitEthernet0/0/2] quit
# Configure PE2.
[PE2] mpls lsr-id 2.2.2.2
[PE2] mpls
[PE2-mpls] quit
[PE2] mpls ldp
[PE2-mpls-ldp] quit
[PE2] interface gigabitethernet 0/0/2
[PE2-GigabitEthernet0/0/2] mpls
[PE2-GigabitEthernet0/0/2] mpls ldp
[PE2-GigabitEthernet0/0/2] quit
# Configure PE3.
# Configure PE2.
[PE2] mpls l2vpn
[PE2-l2vpn] quit
# Configure PE3.
[PE3] mpls l2vpn
[PE3-l2vpn] quit
# Configure PE2.
[PE2] vsi s1 static
[PE2-vsi-s1] pwsignal ldp
[PE2-vsi-s1-ldp] vsi-id 10
[PE2-vsi-s1-ldp] peer 3.3.3.3
[PE2-vsi-s1-ldp] quit
[PE2-vsi-s1] quit
[PE2] vlan 10
[PE2-vlan10] quit
[PE2] interface vlanif10
[PE2-Vlanif10] l2 binding vsi s1
[PE2-Vlanif10] quit
# Configure PE3.
[PE3] vsi s1 static
[PE3-vsi-s1] pwsignal ldp
[PE3-vsi-s1-ldp] vsi-id 10
[PE3-vsi-s1-ldp] peer 1.1.1.1
[PE3-vsi-s1-ldp] peer 2.2.2.2
[PE3-vsi-s1-ldp] quit
[PE3-vsi-s1] quit
[PE3] vlan 10
[PE3-vlan10] quit
[PE3] interface gigabitethernet 0/0/3
[PE3-GigabitEthernet0/0/3] port link-type trunk
[PE3-GigabitEthernet0/0/3] port trunk allow-pass vlan 10
[PE3-GigabitEthernet0/0/3] quit
[PE3] interface vlanif10
[PE3-Vlanif10] l2 binding vsi s1
[PE3-Vlanif10] quit
# Configure PE2.
[PE2] erps ring 1
[PE2-erps-ring1] control-vlan 100
[PE2-erps-ring1] protected-instance 1
[PE2-erps-ring1] version v2
[PE2-erps-ring1] sub-ring
[PE2-erps-ring1] quit
[PE2] stp region-configuration
[PE2-mst-region] instance 1 vlan 10 100
[PE2-mst-region] active region-configuration
[PE2-mst-region] quit
[PE2] interface gigabitethernet 0/0/1
[PE2-GigabitEthernet0/0/1] port link-type trunk
[PE2-GigabitEthernet0/0/1] port trunk allow-pass vlan 10
[PE2-GigabitEthernet0/0/1] stp disable
[PE2-GigabitEthernet0/0/1] erps ring 1
[PE1-GigabitEthernet0/0/1] erps vpls-subinterface enable
[PE2-GigabitEthernet0/0/1] quit
# Configure CE1.
<Switch> system-view
[Switch] sysname CE1
[CE1] erps ring 1
[CE1-erps-ring1] control-vlan 100
[CE1-erps-ring1] protected-instance 1
[CE1-erps-ring1] version v2
[CE1-erps-ring1] sub-ring
[CE1-erps-ring1] quit
[CE1] stp region-configuration
[CE1-mst-region] instance 1 vlan 10 100
[CE1-mst-region] active region-configuration
[CE1-mst-region] quit
[CE1] interface gigabitethernet 0/0/1
[CE1-GigabitEthernet0/0/1] port link-type trunk
[CE1-GigabitEthernet0/0/1] port trunk allow-pass vlan 10
[CE1-GigabitEthernet0/0/1] stp disable
# Configure CE2.
<Switch> system-view
[Switch] sysname CE2
[CE2] erps ring 1
[CE2-erps-ring1] control-vlan 100
[CE2-erps-ring1] protected-instance 1
[CE2-erps-ring1] version v2
[CE2-erps-ring1] sub-ring
[CE2-erps-ring1] quit
[CE2] stp region-configuration
[CE2-mst-region] instance 1 vlan 10 100
[CE2-mst-region] active region-configuration
[CE2-mst-region] quit
[CE2] interface gigabitethernet 0/0/1
[CE2-GigabitEthernet0/0/1] port link-type trunk
[CE2-GigabitEthernet0/0/1] port trunk allow-pass vlan 10
[CE2-GigabitEthernet0/0/1] stp disable
[CE2-GigabitEthernet0/0/1] erps ring 1
[CE2-GigabitEthernet0/0/1] quit
[CE2] interface gigabitethernet 0/0/2
[CE2-GigabitEthernet0/0/2] port link-type trunk
[CE2-GigabitEthernet0/0/2] port trunk allow-pass vlan 10
[CE2-GigabitEthernet0/0/2] stp disable
[CE2-GigabitEthernet0/0/2] erps ring 1 rpl owner
[CE2-GigabitEthernet0/0/2] quit
After completing the configuration, run the display vsi name s1 verbose command on PE3.
The command output shows that PE3 has established PWs with PE1 (1.1.1.1) and PE2
(2.2.2.2).
[PE3] display vsi name s1 verbose
***VSI Name : s1
Administrator VSI : no
Isolate Spoken : disable
VSI Index : 2
PW Signaling : ldp
Member Discovery Style : static
PW MAC Learn Style : unqualify
Encapsulation Type : vlan
MTU : 1500
Diffserv Mode : uniform
Mpls Exp : --
DomainId : 255
Domain Name :
Ignore AcState : disable
P2P VSI : disable
Create Time : 0 days, 1 hours, 19 minutes, 38 seconds
VSI State : up
VSI ID : 10
*Peer Router ID : 1.1.1.1
Negotiation-vc-id : 10
primary or secondary : primary
ignore-standby-state : no
VC Label : 32891
Peer Type : dynamic
Session : up
Tunnel ID : 0x0000000001004c4b41
Broadcast Tunnel ID : --
Broad BackupTunnel ID : --
CKey : 2
NKey : 1862271177
Stp Enable : 0
PwIndex : 1
Control Word : disable
BFD for PW : unavailable
*Peer Router ID : 2.2.2.2
Negotiation-vc-id : 10
primary or secondary : primary
ignore-standby-state : no
VC Label : 32892
Peer Type : dynamic
Session : up
Tunnel ID : 0x0000000001004c4b42
Broadcast Tunnel ID : --
Broad BackupTunnel ID : --
CKey : 2
NKey : 1862271178
Stp Enable : 0
PwIndex : 2
Control Word : disable
BFD for PW : unavailable
**PW Information:
The command output also shows that the link between CE1 and CE2 is blocked.
[CE2] display erps
D : Discarding
F : Forwarding
R : RPL Owner
N : RPL Neighbour
FS : Forced Switch
MS : Manual Switch
Total number of rings configured = 1
Ring Control WTR Timer Guard Timer Port 1 Port 2
ID VLAN (min) (csec)
--------------------------------------------------------------------------------
1 100 5 200 (F)GE0/0/1 (D,R)GE0/0/2
--------------------------------------------------------------------------------
----End
Configuration Files
l PE1 configuration file
#
sysname PE1
#
vlan batch 10 100
#
stp region-configuration
instance 1 vlan 10 100
active region-configuration
#
erps ring 1
control-vlan 100
protected-instance 1
version v2
sub-ring
#
mpls lsr-id 1.1.1.1
#
mpls
#
mpls l2vpn
#
vsi s1 static
pwsignal ldp
vsi-id 10
peer 3.3.3.3
#
mpls ldp
#
interface Vlanif10
l2 binding vsi s1
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10 100
stp disable
erps ring 1
erps vpls-subinterface enable
#
interface GigabitEthernet0/0/2
undo portswitch
ip address 10.1.1.1 255.255.255.0
mpls
mpls ldp
#
interface LoopBack1
ip address 1.1.1.1 255.255.255.255
#
ospf 1
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 10.1.1.0 0.0.0.255
#
return
l PE2 configuration file
#
sysname PE2
#
vlan batch 10 100
#
stp region-configuration
instance 1 vlan 10 100
active region-configuration
#
erps ring 1
control-vlan 100
protected-instance 1
version v2
sub-ring
#
mpls lsr-id 2.2.2.2
#
mpls
#
mpls l2vpn
#
vsi s1 static
pwsignal ldp
vsi-id 10
peer 3.3.3.3
#
mpls ldp
#
interface Vlanif10
l2 binding vsi s1
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10 100
stp disable
erps ring 1
erps vpls-subinterface enable
#
interface GigabitEthernet0/0/2
undo portswitch
ip address 10.2.1.1 255.255.255.0
mpls
mpls ldp
#
interface LoopBack1
ip address 2.2.2.2 255.255.255.255
#
ospf 1
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 10.2.1.0 0.0.0.255
#
return
l PE3 configuration file
#
sysname PE3
#
vlan batch 10
#
mpls lsr-id 3.3.3.3
#
mpls
#
mpls l2vpn
#
vsi s1 static
pwsignal ldp
vsi-id 10
peer 1.1.1.1
peer 2.2.2.2
#
mpls ldp
#
interface Vlanif10
l2 binding vsi s1
suppression enable percent
broadcast-suppression percent 1
multicast-suppression percent 1
unknown-unicast-suppression percent 1
#
interface GigabitEthernet0/0/1
undo portswitch
ip address 10.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/2
undo portswitch
ip address 10.2.1.2 255.255.255.0
mpls
mpls ldp
#
interface GigabitEthernet0/0/3
port link-type trunk
port trunk allow-pass vlan 10
#
interface LoopBack1
ip address 3.3.3.3 255.255.255.255
#
ospf 1
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 10.1.1.0 0.0.0.255
network 10.2.1.0 0.0.0.255
#
return
l CE1 configuration file
#
sysname CE1
#
vlan batch 10 100
#
stp region-configuration
instance 1 vlan 10 100
active region-configuration
#
erps ring 1
control-vlan 100
protected-instance 1
version v2
sub-ring
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10 100
stp disable
erps ring 1
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 10 100
stp disable
erps ring 1
#
return
Fault Description
After ERPS is configured, user traffic cannot be properly forwarded due to abnormal ERPS
ring status.
Procedure
Step 1 Check the port roles in the ERPS ring and status of each device in the ring.
In an ERPS ring, there should be only one RPL owner port. Other ports are common ports or
RPL neighbor ports.
Run the display erps [ ring ring-id ] verbose command in any view to check whether the
value of Ring State is Idle. (Perform this operation on each device in the ERPS ring.)
If the ERPS ring is incomplete or its status is abnormal, perform the following operations:
1. Verify that all nodes in the ERPS ring are added to the ERPS ring.
2. Check whether the ERPS ring configuration including the ERPS version number and
major ring/sub-ring on devices in the ERPS ring are the same.
3. Verify that port roles, control VLANs, and protected instances are correctly configured
on all nodes in the ERPS ring.
4. Verify that ports can allow packets of the specified VLANs to pass.
----End