[f-nsp] One port depending on another port.

Wed Aug 10 11:31:10 EDT 2011

On Sat, Aug 06 at 10:35:02 AM, Jonas Frey (Probe Networks) wrote:
> There is a way to do this...somewhat.
>
> You need to create a lag (link aggregation) of 2 or more ports. Then
> within the lag you can set "trunk-threshold". If the number set there of
> links fail then the whole lag is shut down (for example if you have 2
> links and set that value to 1 then the lag is shutdown if one link
> fails). I am not sure if it actually shuts down only the lag itself or
> if it shuts down all ports. Atleast there will be no more traffic flow.
> Guess thats worth a try...

It depends what type of link failure you are trying to detect,
and why.

LAG threshold only works if you connect both ports to the same
LAG obviously.

It is for the scenario where, for example, you have a ring made up of
N x 1G LAGs, for example 2 x 2G LAGs all the way round the ring.

Say you are currently passing 1.4G over this 2G LAG, and you
lost one of the two links.

In this case, your ring protocol for example MRP or STP would
technically still see the LAG as UP, but you wouldn't have enough
capacity, so the trunk threshold says to shut this entire LAG down,
in order that MRP or STP will fail over to an alternative
(working) LAG, rather than keep operating on a reduced capacity LAG.

Cisco have a feature called link state track (2960, 3750 etc.)
You configure an interface as an "upstream" interface, and one
or more downstream interfaces.

interface GigabitEthernet0/1
 link state group 1 upstream

interface FastEthernet0/3
 switchport access vlan 5
 switchport mode access
 link state group 1 downstream
!
interface FastEthernet0/4
 switchport access vlan 6
 switchport mode access
 link state group 1 downstream

Then enable it:

link state track 1

Then if GigabitEthernet0/1 goes down, it automatically shuts down all
the downstream interfaces.

Useful for example if you use the switch as a customer/CPE breakout
device on a site. There is a gigabit line off the site, but if
that line goes down, you want to shut down all the customer interfaces.

The customer equipment will see the link drop immediately, and so can
use backup routes (Rather than relying on routing protocol
timeouts or other L3 health check features.)

Brocade doesn't seem to have this feature (which is a shame, as in
certain situations it is very handy), but there might be something
you can do in the OAM features, if the device supports OAM.

Another useful feature Cisco support is backup links (Referred
to as Flex Link)

You can have two L2 connections in active/backup. If the active port
goes down, it brings up the standby port. (Handy when you don't or can't
run spanning tree etc, you just have a backup line)

Switch# configure terminal
Switch(conf)# interface fastethernet0/1
Switch(conf-if)# switchport backup interface fastethernet0/2
Switch(conf-if)# end

I don't think Brocade has an equivalent feature??

http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.2_20_se/configuration/guide/swflink.html

Another useful feature Cisco do is remote port shutdown.
For example, if one end of a customer circuit e.g. MPLS VLL goes
down, we can shut down the other end automatically. (So if the
customer shuts down the interface at one end of the line, the other
end will go down.)

http://www.cisco.com/en/US/docs/ios/12_2sr/12_2srb/feature/guide/srbrpsdn.html

Brocade does have OAM and CFM features, but when I was experimenting
some time ago with MPLS/VLL and OAM, I couldn't see how you can do
remote port shutdown without requiring the customer equipment itself
to also support the same OAM/CFM features. With CFM, Each end *knows*
about the status of the other, but I couldn't see any knobs to enable
to shut down one end based on the status of the other.

The conclusion I came to reading the docs was that if the customer's
device doesn't support CFM features also, you can't do it.

The documentation seemed incredibly complicated for what seemed like
quite a straightforward requirement: A VLL or circuit that behaves
like a "pseudowire" as transparently as possible.

So.. I could have missed something there.

Unless you can run something like BFD between devices, for example to
enable BGP or OSPF (and some boxes MPLS) to detect L2 network
brokenness and pull down the sessions/adjacencies.

Regards,

Rob

-- 
Rob Lister
NetSumo Limited
D: +44 (0) 20 7993 1707
S: +44 (0) 20 7993 1700
E: rob.lister at netsumo.com