Loop-Free Alternate Fast Reroute
This section contains basic OSPF Loop-Free Alternate Fast Reroute (LFA-FRR) configuration examples.
Overview
The goal of (LFA-FRR) is to reduce failure reaction time to 10s of milliseconds by using a pre-computed alternate next- hop in the event that the currently selected primary next-hop fails, so that the alternate can be rapidly used when the failure is detected. A network with this feature experiences less traffic loss and less micro-looping of packets than a network without LFA-FRR.
After enabling LFA-FRR on routers, routers calculate a backup path for each primary path to reach the destination.The backup path is calculated based on the attributes such as node protecting, link protecting, broadcast-link protecting and secondary path.
Topology
The diagram shows the configuration required to enable the OSPF LFA feature.
Figure 8-77: Basic OSPF-LFA Topology
R1
#configure terminal | Enter configure mode. |
(config)#int eth1 | Enter interface mode. |
(config-if)#ip address 10.1.1.1/24 | Configure the IP address of the interface |
(config-if)#exit | Exit interface mode. |
(config)#int eth2 | Enter interface mode. |
(config-if)#ip address 20.1.1.1/24 | Configure the IP address of the interface. |
(config-if)#exit | Exit interface mode. |
(config)#int eth3 | Enter interface mode. |
(config-if)#ip address 30.1.1.1/24 | Configure the IP address of the interface. |
(config-if)#exit | Exit interface mode. |
(config)#router ospf 1 | Configure the routing process and specify the Process ID (1). |
(config-router)#network 10.1.1.0/24 area 0 | Define the interface (10.1.1.0/24) on which OSPF runs, and associate the area ID (0) with the interface (area ID 0 specifies the backbone area). |
(config-router)#network 20.1.1.0/24 area 0 | Define the interface (20.1.1.0/24) on which OSPF runs, and associate the area ID (0) with the interface (area ID 0 specifies the backbone area). |
(config-router)#network 30.1.1.0/24 area 0 | Define the interface (30.1.1.0/24) on which OSPF runs, and associate the area ID (0) with the interface (area ID 0 specifies the backbone area). |
(config-router)#fast-reroute keep-all- paths | Configure LFA-FRR to calculate the available backup path. |
(config-router)#commit | Commit the candidate configuration to the running configuration. |
(config-router)#end | Exit router mode. |
R2
#configure terminal | Enter configure mode. |
(config)#int eth1 | Enter interface mode. |
(config-if)#ip address 10.1.1.2/24 | Configure the IP address of the interface |
(config-if)#exit | Exit interface mode. |
(config)#int eth2 | Enter interface mode. |
(config-if)#ip address 40.1.1.1/24 | Configure the IP address of the interface. |
(config-if)#exit | Exit interface mode. |
(config)#router ospf 1 | Configure the routing process, and specify the Process ID (1). The Process ID should be a unique positive integer identifying the routing process. |
(config-router)#network 10.1.1.0/24 area 0 | Define the interface (20.1.1.0/24) on which OSPF runs, and associate the area ID (0) with the interface (area ID 0 specifies the backbone area). |
(config-router)#network 40.1.1.0/24 area 0 | Define the interface (40.1.1.0/24) on which OSPF runs, and associate the area ID (0) with the interface (area ID 0 specifies the backbone area). |
(config-router)#commit | Commit the candidate configuration to the running configuration. |
(config-router)#end | Exit router mode. |
R3
#configure terminal | Enter configure mode. |
(config)#int eth1 | Enter interface mode. |
(config-if)#ip address 20.1.1.2/24 | Configure the IP address of the interface |
(config-if)#exit | Exit interface mode. |
(config)#int eth2 | Enter interface mode. |
(config-if)#ip address 50.1.1.1/24 | Configure the IP address of the interface. |
(config-if)#exit | Exit interface mode. |
(config)#router ospf 1 | Configure the routing process, and specify the Process ID (1). The Process ID should be a unique positive integer identifying the routing process. |
(config-router)#network 20.1.1.0/24 area 0 | Define the interface (20.1.1.0/24) on which OSPF runs, and associate the area ID (0) with the interface (area ID 0 specifies the backbone area). |
(config-router)#network 50.1.1.0/24 area 0 | Define the interface (50.1.1.0/24) on which OSPF runs, and associate the area ID (0) with the interface (area ID 0 specifies the backbone area). |
(config-router)#commit | Commit the candidate configuration to the running configuration. |
(config-router)#end | Exit router mode. |
R4
#configure terminal | Enter configure mode. |
(config)#int eth1 | Enter interface mode. |
(config-if)#ip address 30.1.1.2/24 | Configure the IP address of the interface |
(config-if)#exit | Exit interface mode. |
(config)#int eth2 | Enter interface mode. |
(config-if)#ip address 60.1.1.1/24 | Configure the IP address of the interface. |
(config-if)#exit | Exit interface mode. |
(config)#router ospf 1 | Configure the routing process, and specify the Process ID (1). The Process ID should be a unique positive integer identifying the routing process. |
(config-router)#network 30.1.1.0/24 area 0 | Define the interface (30.1.1.0/24) on which OSPF runs, and associate the area ID (0) with the interface (area ID 0 specifies the backbone area). |
(config-router)#network 60.1.1.0/24 area 0 | Define the interface (60.1.1.0/24) on which OSPF runs, and associate the area ID (0) with the interface (area ID 0 specifies the backbone area). |
(config-router)#commit | Commit the candidate configuration to the running configuration. |
(config-router)#end | Exit router mode. |
R5
#configure terminal | Enter configure mode. |
(config)#int eth1 | Enter interface mode. |
(config-if)#ip address 40.1.1.2/24 | Configure the IP address of the interface |
(config-if)#exit | Exit interface mode. |
(config)#int eth2 | Enter interface mode. |
(config-if)#ip address 50.1.1.1/24 | Configure the IP address of the interface. |
(config-if)#exit | Exit interface mode. |
(config)#int eth3 | Enter interface mode. |
(config-if)#ip address 60.1.1.1/24 | Configure the IP address of the interface. |
(config-if)#exit | Exit interface mode. |
(config)#router ospf 1 | Configure the routing process, and specify the Process ID (1). The Process ID should be a unique positive integer identifying the routing process. |
(config-router)#network 40.1.1.0/24 area 0 | Define the interface (30.1.1.0/24) on which OSPF runs, and associate the area ID (0) with the interface (area ID 0 specifies the backbone area). |
(config-router)#network 50.1.1.0/24 area 0 | Define the interface (30.1.1.0/24) on which OSPF runs, and associate the area ID (0) with the interface (area ID 0 specifies the backbone area). |
(config-router)#network 60.1.1.0/24 area 0 | Define the interface (30.1.1.0/24) on which OSPF runs, and associate the area ID (0) with the interface (area ID 0 specifies the backbone area). |
(config-router)#commit | Commit the candidate configuration to the running configuration. |
(config-router)#end | Exit router mode. |
Validation
R1
Check OSPF neighborship.
#show ip ospf neighbor
OSPF Process 100 VRF (default)
Neighbor ID Pri State Dead Time Address Interface Intance ID
2.2.2.2 1 Full/DR 00:00:33 10.1.1.2 eth1 0
3.3.3.3 1 Full/DR 00:00:33 20.1.1.2 eth2 0
4.4.4.4 1 Full/DR 00:00:39 30.1.1.2 eth2 0
#
Check the OSPF route installation and LFA-FRR backup path for the primary path.
#show ip route
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter
area
* - candidate default
IP Route Table for VRF "default"
C 10.1.1.0/24 is directly connected, eth1
C 20.1.1.0/24 is directly connected, eth2
C 30.1.1.0/24 is directly connected, eth3
O 40.1.1.0/24 [110/10] via 10.1.1.2, eth1, 00:16:43
O 50.1.1.0/24 [110/15] via 20.1.1.2, eth2, 00:16:43
O IA 60.1.1.0/24 [110/15] via 10.1.1.2, eth1, 00:16:43
O E2 70.1.1.0/24 [110/20] via 30.1.1.2, eth3, 00:16:43
O E2 80.1.1.0/24 [110/20] via 10.1.1.2, eth1, 00:16:43
C 127.0.0.0/8 is directly connected, lo
C 192.168.100.0/24 is directly connected, eth0
Gateway of last resort is not set
Not mandatory that for all primary path, there exists an LFA backup path only if inequality equation satisfies according to attributes configured on routers, backup path will be calculated.
#show ip route fast-reroute
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area ,p - stale info
* - candidate default
IP Route Table for VRF "default"
O 50.1.1.0/24 [110/15] via 20.1.1.2, eth2, 00:00:34
[FRR-NH] via 10.1.1.2, eth1
O 60.1.1.0/24 [110/15] via 10.1.1.2, eth1, 00:00:34
[FRR-NH] via 20.1.1.2, eth2
O 70.1.1.0/24 [110/20] via 30.1.1.2, eth3, 00:02:27
[FRR-NH] via 10.1.1.2, eth1
O 80.1.1.0/24 [110/20] via 10.1.1.2, eth1, 00:02:27
[FRR-NH] via 20.1.1.2, eth2
Not mandatory that for all primary path, there exists an LFA backup path only if inequality equation satisfies according to attributes configured on routers, backup path will be calculated.
To prohibit an interface from being used as a repair path, disable fast reroute calculation on the interface.
(config)#int eth3
(config-if)#ip ospf fast-reroute per-prefix candidate disable
(config-if)#end
Verify that the eth3 interface is not used for backup path calculation.
#show ip route
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default
IP Route Table for VRF "default"
O 10.1.1.0/24 [110/10] via 20.1.1.1, eth1, 00:34:04
C 20.1.1.0/24 is directly connected, eth1
O 30.1.1.0/24 [110/20] via 20.1.1.1, eth1, 00:34:04
O 40.1.1.0/24 [110/15] via 20.1.1.1, eth1, 00:34:04
[110/15] via 50.1.1.2, eth2, 00:34:04
C 50.1.1.0/24 is directly connected, eth2
O IA 60.1.1.0/24 [110/15] via 50.1.1.2, eth2, 01:08:29
O E2 70.1.1.0/24 [110/20] via 20.1.1.1, eth1, 00:34:03
O E2 80.1.1.0/24 [110/20] via 50.1.1.2, eth2, 01:11:17
C 127.0.0.0/8 is directly connected, lo
C 192.168.100.0/24 is directly connected, eth0
#show ip route fast-reroute
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area ,p - stale info
* - candidate default
IP Route Table for VRF "default"
O 10.1.1.0/24 [110/10] via 20.1.1.1, eth1, 00:00:34
[FRR-NH] via 50.1.1.2, eth2
O 30.1.1.0/24 [110/20] via 20.1.1.1, eth1, 00:00:34
[FRR-NH] via 50.1.1.2, eth2
O 60.1.1.0/24 [110/15] via 50.1.1.2, eth2, 00:02:27
[FRR-NH] via 20.1.1.1, eth1
O 70.1.1.0/24 [110/20] via 20.1.1.1, eth1, 00:02:27
[FRR-NH] via 50.1.1.2, eth2
O 80.1.1.0/24 [110/20] via 50.1.1.2, eth2, 00:02:27
Note: Now the LFA backup paths have been changed, eth3 is not used.
LFA Tie-Breaker
Based on the index values configured, if inequalities are satisfied, protections will be provided:
• Lower the index will have the highest priority, the path which provides protection with highest priority will be selected. If there are multiple paths providing the highest priority protection, then we will check which path provides the protection which has 2nd highest priority and so on.
• If all the paths provide same priority, then the LFA route is chosen on the basis of path cost.
• If none of the paths provides the protection with highest priority, then we will see which path provides the 2nd highest priority and so on.
config)#router ospf 100
(config-router)#fast-reroute tie-break ?
broadcast-interface-disjoint Prefer broadcast link protecting backup path
*Default value is 70
downstream-path Prefer backup path from downstream
*Default value is 90
interface-disjoint Prefer link protecting backup path
*Default value is 60
node-protecting Prefer node protecting backup path
*Default value is 30
primary-path Prefer backup path from ECMP set
*Default value is 20
secondary-path Prefer non-ECMP backup path
*Default value is 255
(config-router)#fast-reroute tie-break broadcast-interface-disjoint index 1
(config-router)#fast-reroute tie-break node-protecting index 2
(config-router)#commit
Verify show ip route and show ip route fast-reroute for backup path calculated according to attributes configured above.
#show ip route
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter
area
* - candidate default
IP Route Table for VRF "default"
C 10.1.1.0/24 is directly connected, eth1
C 20.1.1.0/24 is directly connected, eth2
C 30.1.1.0/24 is directly connected, eth3
O 40.1.1.0/24 [110/10] via 10.1.1.2, eth1, 01:07:26
O 50.1.1.0/24 [110/15] via 20.1.1.2, eth2, 01:07:26
O IA 60.1.1.0/24 [110/15] via 10.1.1.2, eth1, 01:07:26
O E2 70.1.1.0/24 [110/20] via 30.1.1.2, eth3, 01:07:26
O E2 80.1.1.0/24 [110/20] via 10.1.1.2, eth1, 01:07:26
C 127.0.0.0/8 is directly connected, lo
C 192.168.100.0/24 is directly connected, eth0
Gateway of last resort is not set
#show ip route fast-reroute
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area ,p - stale info
* - candidate default
IP Route Table for VRF "default"
O 50.1.1.0/24 [110/15] via 20.1.1.2, eth2, 00:00:34
[FRR-NH] via 10.1.1.2, eth1
O 60.1.1.0/24 [110/15] via 10.1.1.2, eth1, 00:02:27
[FRR-NH] via 20.1.1.2, eth2
O 70.1.1.0/24 [110/20] via 30.1.1.2, eth3, 00:02:27
[FRR-NH] via 10.1.1.2, eth1
O 80.1.1.0/24 [110/20] via 10.1.1.2, eth1, 00:02:27
[FRR-NH] via 20.1.1.2, eth2
#show ip ospf route fast-reroute
OSPF process 0:
Codes: C - connected, D - Discard, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
OSPF LFA attributes:
P - Primary, SP - Secondary-Path, ID - Interface Disjoint,
NP - Node Protecting, BID - Broadcast Interface Disjoint
O 50.1.1.0/24 [15] via 20.1.1.1, eth2, Area 0.0.0.0
Backup path:
via 10.1.1.2, eth1, Area 0.0.0.0
Attributes: Metric: [20] ,LP ,NP, BP
O 60.1.1.0/24 [15] via 10.1.1.2, eth1, Area 0.0.0.0
Backup path:
via 20.1.1.2, eth2, Area 0.0.0.0
Attributes: Metric: [15] ,LP ,NP,BP
O 70.1.1.0/24 [20] via 30.1.1.2, eth3, Area 0.0.0.0
Backup path:
via 10.1.1.2, eth1, Area 0.0.0.0
Attributes: Metric: [20] ,LP ,NP,BP
O 80.1.1.0/24 [20] via 10.1.1.2, eth1, Area 0.0.0.0
Backup path:
via 20.1.1.2, eth2, Area 0.0.0.0
Attributes: Metric: [20] ,LP,NP,BP
LFA Termination
A router MUST limit the amount of time an alternate next-hop is used after the primary next-hop has become unavailable. This ensures that the router will start using the new primary next-hops.
LFA termination avoids a micro looping in topology, when particular network goes down, LFA backup path will be installed and if termination interval is configured, LFA backup will be still used till the interval and it is used in order to verify new primary path is loop free.
R1
Configure termination interval on R1 in router mode:
(config)#router ospf 1 | Configure the routing process, and specify the Process ID (1). The Process ID should be a unique positive integer identifying the routing process. |
(config-router)#fast-reroute terminate-hold-on interval 100000 | Configure LFA termination interval |
(config-router)#commit | Commit the candidate configuration to the running configuration. |
(config-router)#exit | Exit router mode. |
(config)#exit | Exit config mode. |
If you check “show ip ospf” you can see the configured termination-hold on interval value along with ospf output:
#show ip ospf
IPFRR per-prefix tiebreakers:
Name Index
Primary path 20
Node Protecting 30
Interface disjoint 60
Broadcast interface disjoint 70
Secondary path 255
LFA termination hold-on timer : 100 secs 0 msecs
#show ip route fast-reroute
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area ,p - stale info
* - candidate default
IP Route Table for VRF "default"
O 50.1.1.0/24 [110/15] via 20.1.1.2, eth2, 00:00:34
[FRR-NH] via 10.1.1.2, eth1
O 60.1.1.0/24 [110/15 via 10.1.1.2, eth1, 00:00:34
[FRR-NH] via 20.1.1.2, eth2
O 70.1.1.0/24 [110/20] via 30.1.1.2, eth3, 00:02:27
[FRR-NH] via 10.1.1.2, eth1
O 80.1.1.0/24 [110/20] via 10.1.1.2, eth1, 00:02:27
[FRR-NH] via 20.1.1.2, eth2
Shut down one of the primary nexthops, here eth2 of rtr1:
(config)#interface eth2 | Enter interface mode. |
(config-if)#shutdown | Shutdown the interface |
(config-if)#commit | Commit the candidate configuration to the running configuration. |
(config-if)#exit | Exit interface mode |
(config-if)#exit | Exit interface mode. |
#show ip route fast-reroute
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area ,p - stale info
* - candidate default
IP Route Table for VRF "default"
O 50.1.1.0/24 [110/15] via 20.1.1.2, eth1, 00:00:34 <<<eth1 which was back-up path before got installed as new primary path
[FRR-NH] via 30.1.1.2, eth3
O 60.1.1.0/24 [110/15] via 10.1.1.2, eth1, 00:00:34
[FRR-NH] via 30.1.1.2, eth3
O 70.1.1.0/24 [110/20] via 30.1.1.2, eth3, 00:02:27
[FRR-NH] via 10.1.1.2, eth1
O 80.1.1.0/24 [110/20] via 10.1.1.2, eth1, 00:02:27
[FRR-NH] via 30.1.1.2, eth3
Last modified date: 10/16/2023