The (Unofficial) CCNP-SP Study Guide
  • About
    • About the Author
    • About This Study Guide
  • MPLS
    • LDP
      • LDP Transport Address
      • LDP Conditional Advertisement
      • LDP Authentication
      • LDP/IGP Sync
      • LDP Session Protection
    • MPLS-TE
      • MPLS-TE Basics, Pt. 1 (TED)
      • MPLS-TE Basics, Pt.2 (RSVP)
      • MPLS-TE Basics, Pt.3 (CSPF)
      • MPLS-TE Basics, Pt.4 (Routing)
      • MPLS-TE Fast Reroute (FRR)
      • MPLS-TE with OSPF
    • Unified MPLS
    • Segment Routing
      • Introduction, Theory Pt.1
      • Introduction, Lab (OSPF) Pt.2
      • Introduction, Lab (ISIS) Pt. 3
      • Multi-Area/Level Segment Routing
      • Segment Routing using BGP
      • Migrating LDP to SR
      • LDP/SR Interworking
      • TI-LFA Pt. 1 (Theory)
      • TI-LFA Pt. 2 (Implementation)
      • TI-LFA Pt. 3 (Node and SRLG Protection)
      • SR-TE Pt. 1 (Overview)
      • SR-TE Pt. 2 (Creating an SR-TE Policy)
      • SR-TE Pt. 3 (Using a PCE)
      • SR-TE Pt. 4 (Automated Steering)
      • SR-TE Pt. 5 (On-Demand Nexthop)
      • SR-TE Pt. 6 (Flex Algo)
    • MPLS OAM
      • Classic Traceroute Behavior in MPLS Networks
      • LSP Ping
      • LSP Traceroute
  • Routing
    • BGP
      • BGP Synchronization
      • BGP Load Sharing (Multipath)
      • An Intuitive Look at Path Attributes
      • AS Path Prepending on XE and XR
      • RPL
    • BGP Security
      • BGP TTL Security, Pt. 1
      • BGP TTL Security, Pt. 2 (IOS-XE)
      • BGP TTL Security, Pt. 3 (IOS-XR)
      • BGP MD5 Authentication
      • BGP Maximum Prefixes
      • BGP RFD (Route Flap Dampening)
      • RTBH
      • Flowspec
      • BGPsec
    • L3VPN
      • An In-Depth Look at RD and RT, Pt. 1
      • An In-Depth Look at RD and RT, Pt. 2
      • An In-Depth Look at RD and RT, Pt. 3
      • An In-Depth Look at RD and RT, Pt. 4
      • Inter-AS L3VPN Pt. 1, Overview
      • Inter-AS L3VPN Pt. 2, Option A
      • Inter-AS L3VPN Pt. 3, Option B
      • Inter-AS L3VPN Pt. 4, Option C
      • CSC (Carrier Supporting Carrier)
      • PE NAT
    • OSPF
      • Type 7 to Type 5 Translation
      • OSPF Authentication
      • Troubleshooting OSPF Adjacencies
      • OSPFv3 LSA Types
      • OSPFv3 LSAs Example (Single Area)
    • ISIS
      • The Potential for Asymmetric Routing with Multi-Area ISIS
      • Interarea Routing is Distance-Vector
      • Basic ISIS - LSPDB
      • Multitopology
      • What is the role of CLNS and CLNP in ISIS?
      • Troubleshooting ISIS Adjacencies
    • IPv6 Transition
      • Overview
      • NAT64
      • 6to4
      • 6RD (IPv6 Rapid Deployment)
      • DS Lite (Dual Stack Lite)
      • MAP (Mapping of Address and Port)
      • Tunneling IPv6 Dynamic Routing Protocols over IPv4
    • Multicast
      • Introduction
      • IP and MAC Addressing
      • Tree Formation and Packet Forwarding
      • IGMP
      • PIM-DM (Dense Mode)
      • PIM-SM (Sparse Mode)
      • PIM-SM SPT Switchover
      • PIM-SM Tunnel Interfaces
      • PIM DR and the Assert Message
      • PIM-SM RP Discovery
      • PIM-BiDir
      • PIM-SSM (Source-Specific Multicast)
      • Interdomain Multicast (PIM-SM)
      • IPv6 Multicast
      • mVPN Introduction
      • mVPN Profile 0
      • mVPN Profile 1
      • Multicast Routing on IOS-XR
  • L2VPN & Ethernet
    • IOS-XE Ethernet Services
      • Service Instances
      • E-Line
      • E-LAN (VPLS)
      • E-Tree
      • E-Access
      • VPLS with BGP Autodiscovery
      • Martini/Kompella Circuits
    • EVPN
      • Introduction to EVPN
      • Learning EVPN VXLAN First
      • E-Line (EVPN VPWS)
      • E-Line (EVPN VPWS) on IOS-XR
      • E-Line (EVPN VPWS) Multi-Homed
      • E-LAN (EVPN Single-Homed)
    • Carrier Ethernet
      • 802.1ah (MAC-in-MAC)
      • 802.3ah (Ethernet OAM)
      • 802.1ag (CFM)
      • Cisco REP (Resilient Ethernet Protocol)
      • ITU G.8032 ERPS (Ethernet Ring Protection Switching)
  • Security
    • CoPP (Control Plane Policing)
    • LPTS (Local Packet Transport Services)
  • Misc
    • QoS
      • QoS Introduction (Part 1)
      • QoS Tools Overview and QoS Models (Part 2)
      • QoS Classification and Marking (Part 3)
      • QoS Queuing/Congestion Management (Part 4)
      • QoS Shaping and Policing (Part 5)
      • QoS for IPv6
      • MPLS QoS Basics
      • MPLS QoS Modes
      • MPLS TE QoS (DS-TE)
      • MPLS TE CBTS/PBTS
    • Automation and Assurance
      • NSO
      • NSO Command Cheat Sheet
      • Intro to YANG/NETCONF
      • YANG In-Depth
      • NETCONF In-Depth
      • RESTCONF
      • Model-Driven Telemetry
      • Automation Tool Comparison
      • Netflow
      • SNMP
    • Virtualization
      • NFV (Network Function Virtualization)
      • OpenStack
    • Transport
      • xPON
      • SONET/SDH
      • WDM
      • 4G and 5G RAN
    • High Availability (HA)
      • NSF/GR
      • NSR
      • NSF/NSR Whitepapers
      • BFD
      • Link Aggregation on IOS-XE
      • Link Aggregation on IOS-XR
    • IOS Software Overview
  • Labs
    • Lab Challenges
      • How to Use These Labs
      • Basic LDP
      • Advanced LDP
      • BGP Security
      • Unified MPLS
      • BGP Fundamentals
      • Ethernet Services
      • L3VPN Extranet
      • Multicast
      • Inter-area OSPF
      • ISIS
      • MPLS-TE
      • Control Plane Policing
      • QoS
Powered by GitBook
On this page
  • REP Terms
  • Configuration
  • REP Advanced Features
  • Further Reading
  1. L2VPN & Ethernet
  2. Carrier Ethernet

Cisco REP (Resilient Ethernet Protocol)

Previous802.1ag (CFM)NextITU G.8032 ERPS (Ethernet Ring Protection Switching)

Last updated 2 years ago

REP is a Cisco proprietary protocol used to manage loops in Ethernet ring topologies. In a perfect ring, one link must always be blocked in order to prevent a loop. But in the event of another link failing, the blocked linked should forward again to restore reachability on the ring.

Take the following topology below:

In this ring, all devices can either be routers or switches but the links must all be layer 2. If all ports were forwarding and the topology was not running STP, you would have a forwarding loop, because BUM traffic would loop around the ring endlessly.

The problem with using STP in a carrier ethernet ring topology is that it is much too slow to converge. RSTP can converge from a link failure very quickly, but from a “soft failure” in which the link is still up but not passing traffic, RSTP will have to miss 3x BPDUs which are by default sent at 2 second intervals. A service provider needs failure detection and recovery that happens within tens of miliseconds.

A ring topology is actually a fairly simply layer 2 topology when it comes to loop prevention. In a ring you must always have one single port in blocking mode. If any other link in the ring fails, you must bring that “predetermined” blocking port back into forwarding. If more than one link fails, the ring will be broken no matter what. So a ring can only handle a single link failure.

For example, we can block Gi1 on R5:

The downside is that R5 now needs to forward traffic towards R1 all the way around the ring (R5-R4-R3-R2-R1) instead of directly to R1. However, we have N + 1 link redundancy, because if any link in the ring fails, R5 can bring Gi1 up again.

Essentially, loop free management of a ring turns it into a flat line:

REP Terms

Segment

In REP, the entire ring is called a segment. This can be a little confusing because your inclination is to think of each individual link as a segment. Instead the ring itself is a single segment, which REP will manage and block a single port on that segment. A segment ID uniquely defines the segment, and it is present in REP messages when the segment is built. All devices on the segment must be configured with the same segment ID, otherwise two devices will not form a REP adjacency.

Edge Ports

Every segment is terminated by two edge ports. These ports define the beginning and end of a segment. In a perfect ring, any two ports on a single node can be an edge port.

For example, we can make Gi1 and Gi2 on R1 edge ports:

REP now sees the segment as this:

Edge ports send End Port Advertisement messages, by default every four seconds. These are sent end-to-end through the segment to disocver the topology.

Open Port

An open port is comparable to an STP forwarding port. It operates normally and forwards traffic. In a closed ring under normal conditions, all ports will be Open except for one Alternate port.

Alternate Port

The port which is pre-selected to be blocked is called the alternate port. If any other link in the ring fails, this port will transition to Open.

Failed Port

This is a port which was previously Open, but the link has gone down (failed). If a Failed port exists in a ring topology, there should no longer be an Alternate port in the topology.

Link-Status Layer (LSL) PDUs

These are link-local messages used to detect a REP neighbor on the link and determine the helath of a link. REP uses local link failure detection. LSL PDUs can be sent at a very fast interval, which probably varies based on platform. When you lower the interval to say, 200ms, it uses up some CPU but allows for faster failover detection. A source says that by deafult a port will take five seconds to detect a fault that does not directly bring the interface down, but I cannot confirm this. When a link fails, each node at the edge of that failed link sends a notification up the segment.

Configuration

Unfortunately REP is not supported on any virtual platforms. If you wanted to test this yourself you would need ME switches or 3650s. However the configuration is quite basic, so I will explain it here so you get a sense of how REP is configured.

  1. Configure a REP admin VLAN on each switch/device.

    rep admin vlan vlan-id

    You will be able to see the REP admin vlan using show interface:

    show int Gi0/0/0 rep detail
    
    GigabitEthernet0/0 REP enabled
    Segment-id: 1 (Edge)
    <---snip--->

  2. Configure each interface as a REP segment and specify the segment ID. For edge ports, add the edge keyword.

    int Gi0/0/0
     rep segment 1 [edge]

This is the bare minimum needed to have a function REP topology. Of course there are more options but they are not detailed here because we can not test and verify them.

REP Advanced Features

Per-VLAN load balancing

REP can load balance per VLAN somewhat like per-vlan STP. You configure the alternate port to only block some VLANs, and all remaining VLANs are blocked on the primary edge port. In this way you have two separate forwarding paths for each group of VLANs.

Open Segments

In an open segment, the two edge ports do not connect to the same router. This is used when you have a partial ring that connects to another layer 2 network.

For example, let’s say we add more layer 2 devices to our existing ring. Below I’ve added R10 through R13 and connected the partial ring to R4 to form a second ring:

Segment 1 is represented by the black line and is a closed ring. Segment 2 is represented by the blue line and is an open ring. This allows us a more simple configuration, because R4 does not need to participate in two separate segments. Or in other cases, the operator of Segment 2 might not have administrative control of R4 and cannot configure it to even participate in REP.

The open ring works, because as long as any one port within Segment 2 is an alternate port, there will be no layer 2 loops. An open ring relies on connectivity to some other layer 2 network to provide connectivity between each “open” end of the ring.

Further Reading

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/lanswitch/configuration/xe-3s/lanswitch-xe-3s-book/lsw-cfg-rep.html
https://reaper81.wordpress.com/2013/11/11/resilient-ethernet-protocol-rep/
https://ipfiles.wordpress.com/2015/01/30/carrier-ethernet-design-with-resilient-ethernet-protocol-rep/
https://www.reddit.com/r/networking/comments/8nnrb4/cisco_resilient_ethernet_protocol_an_alternative/