Skip to main content

Configuring Ethernet Over SVR for Active/Standby

EoSVR is a point-to-point L2 service that provides session resiliency even during a failover between different underlying networks. However, there may be cases where you also require redundancy at the service level when using L2 services in the network.

For example, in a network deployment where there are no loop detection mechanisms available, the EoSVR Active Standby configuration gives you the ability to configure two different endpoints on the P2P L2 service, while making sure only one is active at a time. In the configuration example below, VLAN A needs to be extended so that End Device 2 can be reached from either head-end, typically deployed in two different datacenters.

Ethernet over SVR Active Standby

Configuration Example

The EoSVR Active/Standby feature relies on the standard EoSVR functionality. To configure Active/Standby, the same LAN interface IP address needs to be defined on both head-ends.

Note that the peer service routes are generated by the conductor when an EoSVR service route is configured for each service. They are shown here for completeness.

Branch

name               Lan1
global-id          27
 
ethernet-over-svr name     br6
ethernet-over-svr enabled  true
 
ethernet-over-svr peer 169.254.50.5 SSR_HE1 ip-address  169.254.50.5
ethernet-over-svr peer 169.254.50.5 SSR_HE1 peer        SSR_HE1
tenant   branch.tenant1
 
address 169.254.50.6 ip-address     169.254.50.6
address 169.254.50.6 prefix-length  24

Headend 1

name               Lan
global-id          30
 
ethernet-over-svr name     br7
ethernet-over-svr enabled  true
 
ethernet-over-svr peer 169.254.50.6 SSR_BRANCH ip-address  169.254.50.6
ethernet-over-svr peer 169.254.50.6 SSR_BRANCH peer        SSR_BRANCH
tenant             he1.tenant1
 
address 169.254.50.5 ip-address     169.254.50.5
address 169.254.50.5 prefix-length  24

Headend 2

name               lan_l2
global-id          10
 
ethernet-over-svr name     br5
ethernet-over-svr enabled  true
 
ethernet-over-svr peer 169.254.50.6 SSR_BRANCH ip-address  169.254.50.6
ethernet-over-svr peer 169.254.50.6 SSR_BRANCH  peer        SSR_BRANCH 
tenant             he2.tenant1
 
address 169.254.50.5 ip-address     169.254.50.5
address 169.254.50.5 prefix-length  24

How It Works

EoSVR A/S relies on the SSR to send broadcast traffic using only one of the defined services (either the active or the backup), regardless of the fact that the traffic is being received from both of them.

ARP Traffic

In a standard EoSVR configuration there are typically two routers; R1 and R2. EoSVR is configured on the LAN of R1 and R2. There is a WAN connection between R1 and R2, and they communicate via SVR. Since EoSVR is configured on the LAN of R1 and R2, they both act as a virtual LAN. There are 2 services that are configured:

  • A service from R1 to R2 so that L2 and IP packets can go from R1 to R2. This service has the IP address of the interface with EoSVR enabled on R2. The service route on R2 is an EoSVR bridge.

  • A service for packets from R2 to R1 where the service address is the IP of the EoSVR interface on R2.

For EoSVR Active/Standby, all of the above holds true, but we now have R1 talking to Headend 1 and Headend 2. This means there will be:

  • one service for H1's EoSVR interface IP
  • one service for H2's EoSVR interface ip
  • one service for R1's EoSVR IP

In order to demonstrate the configuration, let's assume the scenario in the figure above.

Step 1: Configure LAN Interfaces

Configure the LAN network interfaces:

  • Both head-ends have their respective EoSVR bridges configured with the same IP address in the network interface and on the peer with the branch EoSVR bridge.

  • The branch EoSVR bridge peering is configured with the IP address used in both head-ends.

Branch

name               Lan1
global-id          27
 
ethernet-over-svr name     br6
ethernet-over-svr enabled  true
 
ethernet-over-svr peer 169.254.50.5 SSR_HE1 ip-address  169.254.50.5
ethernet-over-svr peer 169.254.50.5 SSR_HE1 peer        SSR_HE1
tenant   branch.tenant1
 
address 169.254.50.6 ip-address     169.254.50.6
address 169.254.50.6 prefix-length  24

Headend 1

name               Lan
global-id          30
 
ethernet-over-svr name     br7
ethernet-over-svr enabled  true
 
ethernet-over-svr peer 169.254.50.6 SSR_BRANCH ip-address  169.254.50.6
ethernet-over-svr peer 169.254.50.6 SSR_BRANCH peer        SSR_BRANCH
tenant             he1.tenant1
 
address 169.254.50.5 ip-address     169.254.50.5
address 169.254.50.5 prefix-length  24

Headend 2

name               lan_l2
global-id          10
 
ethernet-over-svr name     br5
ethernet-over-svr enabled  true
 
ethernet-over-svr peer 169.254.50.6 SSR_BRANCH ip-address  169.254.50.6
ethernet-over-svr peer 169.254.50.6 SSR_BRANCH  peer        SSR_BRANCH 
tenant             he2.tenant1
 
address 169.254.50.5 ip-address     169.254.50.5
address 169.254.50.5 prefix-length  24

Step 2: Configure Neighborhoods to determine active and standby services

In order to control which service is active and which is standby, two different neighborhoods are defined and vectors applied. Let's say you want to prefer H1 for all packets from R1 to the head-end. Only in a situation where H1 fails or all paths to H1 fail, will we want to send packets to H2.

Configure the neighborhood and the vectors; For the service towards the head-end (the H1-H2 service), set the vector values to prefer the paths to H1 (primary path), and then to H2 (secondary path).

Branch

name                   wan1
global-id              25
conductor              false

neighborhood wan1_standby name    wan1_standby
neighborhood wan1_standby vector  wan1_standby

neighborhood wan1_active name    wan1_active
neighborhood wan1_active vector  wan1_active

Headend 1

name                   wan1
global-id              7

neighborhood wan1_active name      wan1_active
neighborhood wan1_active topology  hub
neighborhood wan1_active vector    wan1_active

Headend 2

name                   wan1
global-id              28

neighborhood wan1_standby name      wan1_standby
neighborhood wan1_standby topology  hub
neighborhood wan1_standby vector    wan1_standby

Step 3: Configure Services

If you are not familiar with configuring L2 and L3 services, please refer to Create a Service for Ethernet Over SVR.

Create the service using a branch-to-head-end direction.

L2 service

name            l2_service
security        unencrypted
 
transport udp protocol    udp
 
transport udp port-range 1281 start-port  1281
address         169.254.50.5
 
access-policy branch.tenant1 source  branch.tenant1
service-policy  customer_L2

L3_service

name                  L3_service
security              unencrypted

transport tcp protocol  tcp

transport udp protocol  udp

transport icmp protocol  icmp
address               0.0.0.0/0

access-policy branch.tenant1 source  branch.tenant1
service-policy        customer_L2
share-service-routes  true

Headend 1

name          L2_service_SR
service-name  L2_service
bridge-name   br7
name          L3_service_SR
service-name  L3_service
bridge-name   br7

Headend 2

name          L2_service_SR
service-name  L2_service
bridge-name   br5
name          L3_service_SR
service-name  L3_service
bridge-name   br5

Step 4: Configure the Service Policy

When you configure the service policy, make sure session-resiliency is set to revertible failover. Configure the vector list according to the active / standby priorities. For information about configuring vectors and priorities, refer to the Configuration Element Reference.

name                  customer_L2
vector wan1_active name  wan1_active
vector wan1_standby name  wan1_standby
session-resiliency    revertible-failover
peer-path-resiliency  true