There are many methods of providing redundant connectivity to customers in a Co-Location facility. Dynamic Routing protocols such as BGP and OSPF can handle automated failover and redundancy. Unfortunately, these protocols can be difficult for customers to configure and maintain. Customer devices that support these protocols add an additional cost.
Redundant connectivity can also be achieved at Layer2. This type of redundancy supports a wide variety of customer equipment and may be easier to setup and maintain. This document explores redundant connectivity options between co-location facilities and their customers leveraging Layer-2 technologies available in the Brocade FastIron family.
Layer-2 Loop Prevention Technologies
There are a number of Layer-2 loop detection and prevention technologies available in the Brocade FastIron family. This first group of technologies based on the Spanning Tree Protocol (STP) are described below.
Brocade offers loop detection, an alternative to STP. Ports or VLANs configured for loop detection send probes into the network. A loop is detected when probes are copied and returned to the originating switch. One or more ports will be placed in an error-disabled (errdisable) state when these loops are detected. Brocade offers two modes of loop detection that are described below.
Ports in an errdisable state can be manually re-enabled by a network administrator, or automatically re-enabled after a specified interval. If both STP and loop detect are configured on the same device, STP takes priority and operates first. Enhancements to Spanning Tree Brocade has developed additional configuration and management options to enhance and protect Spanning Tree that are described below.
There are multiple ways to provide redundant connectivity leveraging these technologies. There is not a single technology that is appropriate for all scenarios. However, different combinations of these technologies can handle almost any customer configuration and provide compatibility with a wide variety of equipment, including firewalls, routers, switches, hubs, and load balancers/application delivery controllers. Each configuration comes with unique capabilities, along with pros and cons. To provide full redundancy, the co-location facility provides two connections to the customer from two separate switches. These connections are delivered by two physically separate switches or by a pair of switches in a stacked configuration. These connections are connected to the customer equipment, either a single device with multiple ports (inverted triangle), or to multiple devices (square). Both the inverted triangle and square topologies must create a network loop at layer2. Brocade's loop prevention technologies manage these loops to provide redundancy to the co-location facility's customers. Co-location STP, No Customer STP In a co-location STP setup, the co-location facility switches maintain the same configurations as Standard STP and Rapid Spanning Tree setup. The main difference is that the customer is instructed to completely disable STP on their side. The Brocade FastIron switches still detect the loop and block traffic on the appropriate interface.
Example 1: Standard STP Configuration
vlan 10 name Customer1 by port untagged ethe 1/1/10 ethe 2/1/10 router-interface ve 10 spanning-tree spanning-tree priority 4096 ! errdisable recovery cause all errdisable recovery interval 60 ! interface ethernet 1/1/10 port-name Customer1-Interface1 spanning-tree root-protect ! interface ethernet 2/1/10 port-name Customer1-Interface2 spanning-tree root-protect
Example 2: Rapid Spanning Tree Configuration
vlan 10 name Customer1 by port untagged ethe 1/1/10 ethe 2/1/10 router-interface ve 10 spanning-tree 802-1w spanning-tree 802-1w priority 4096 ! errdisable recovery cause all errdisable recovery interval 60 ! interface ethernet 1/1/10 port-name Customer1-Interface1 spanning-tree root-protect spanning-tree 802-1w admin-pt2pt-mac ! interface ethernet 2/1/10 port-name Customer1-Interface2 spanning-tree root-protect spanning-tree 802-1w admin-pt2pt-mac
As mentioned above, each scenario comes with unique pros and cons. These pros and cons are listed below.
Since the customer equipment has STP disabled, BPDUs sent from one of the co-location facility interfaces will come back to the other/redundant interface on the co-location facility switch. This triggers a Root Guard event and one of the ports on the co-location switch is placed in an STP inconsistent state. After the pre-configured interval (30, 60, 120 seconds, etc.), the port is checked again for superior BPDUs. If they are found, the same port will be placed in an STP inconsistent state again. The co-location facility switch will send syslogs similar to the syslog shown below every interval. STP: VLAN 10 Root-protect port 2/1/10, inconsistent (Received superior BPDU)STP: VLAN 10 Port 2/1/10 STP State -> BLOCKING (DOT1wTransition)STP: VLAN 10 Root-protect port 2/1/10, consistent (Timeout)STP: VLAN 10 Port 2/1/10 STP State -> LEARNING (DOT1wTransition)STP: VLAN 10 Root-protect port 2/1/10, inconsistent (Received superior BPDU)