There are many methods of providing redundant connectivity to customers in a Co-Location facility. Dynamic Routing protocols such as BGP and OSPF can handle automated failover and redundancy. Unfortunately, these protocols can be difficult for customers to configure and maintain. Customer devices that support these protocols add an additional cost.
Redundant connectivity can also be achieved at Layer2. This type of redundancy supports a wide variety of customer equipment and may be easier to setup and maintain.
This document explores redundant connectivity options between co-location facilities and their customers leveraging Layer-2 technologies available in the Brocade FastIron family.
There are a number of Layer-2 loop detection and prevention technologies available in the Brocade FastIron family. This first group of technologies based on the Spanning Tree Protocol (STP) are described below.
Brocade offers loop detection, an alternative to STP. Ports or VLANs configured for loop detection send probes into the network. A loop is detected when probes are copied and returned to the originating switch. One or more ports will be placed in an error-disabled (errdisable) state when these loops are detected.
Brocade offers two modes of loop detection that are described below.
Loop Detection (Strict): Strict mode is configured at the interface level. Probe packets are sent from the interface, and if those probes are received back on the same interface, then that interface is placed in an errdisable state.
Loop Detection (Loose): Loose mode is configured at the VLAN level. Probe packets are sent from all ports in the configured VLAN. If any of those probes are received on any other interface in that VLAN, then both ports are placed in an errdisable state.
Ports in an errdisable state can be manually re-enabled by a network administrator, or automatically re-enabled after a specified interval.
If both STP and loop detect are configured on the same device, STP takes priority and operates first.
Enhancements to Spanning Tree
Brocade has developed additional configuration and management options to enhance and protect Spanning Tree that are described below.
· BPDU Guard: When an STP Bridge Protocol Data Unit (BPDU) is received on a physical interface configured with BPDU Guard, the port is placed in an errdisable state. This prevents customer equipment from participating and affecting the co-location facility's Spanning Tree.
There are multiple ways to provide redundant connectivity leveraging these technologies. There is not a single technology that is appropriate for all scenarios. However, different combinations of these technologies can handle almost any customer configuration and provide compatibility with a wide variety of equipment, including firewalls, routers, switches, hubs, and load balancers/application delivery controllers. Each configuration comes with unique capabilities, along with pros and cons.
To provide full redundancy, the co-location facility provides two connections to the customer from two separate switches. These connections are delivered by two physically separate switches or by a pair of switches in a stacked configuration.
These connections are connected to the customer equipment, either a single device with multiple ports (inverted triangle), or to multiple devices (square). Both the inverted triangle and square topologies must create a network loop at layer2. Brocade's loop prevention technologies manage these loops to provide redundancy to the co-location facility's customers.
Rapid Spanning Tree
The only difference between Rapid Spanning Tree and Standard STP is the change to 802.1w RSTP. If configured properly, this type of STP can bring failover and failback in less than 1 second. Proper configuration of RSTP requires co-location facilities and their customers to configure the looped interfaces as point-to-point links.
If the appropriate links are not configured as point-to-point, the failover behavior reverts to standard 802.1D mode and takes approximately 30 seconds.
Example 1: Sample Configuration
vlan 10 name Customer1 by port untagged ethe 1/1/10 ethe 2/1/10 router-interface ve 10 spanning-tree 802-1w spanning-tree 802-1w priority 4096 ! errdisable recovery cause all errdisable recovery interval 60 ! interface ethernet 1/1/10 port-name Customer1-Interface1 spanning-tree root-protect spanning-tree 802-1w admin-pt2pt-mac ! interface ethernet 2/1/10 port-name Customer1-Interface2 spanning-tree root-protect spanning-tree 802-1w admin-pt2pt-mac
The pros and cons for this scenario are listed below.