OSPF Loop-Free Alternate (LFA) Fast Reroute (FRR)

coastiscleared · November 16, 2018, 12:00am

Could you please elaborate more on what means “LFA coverage on an interface”?
Say, we execute “show ip ospf fast-reroute prefix-summary” and we get this statistics per interface.
It’s quite confusing though. What means “100% of prefixes are protected on an interface”? Whose prefixes? All prefixes that are being kept in ospf database of a given router? In some labs I’ve seen tweaking cost value on some links to make this LSA coverage = 100% for an interface. In Cisco docs there’s some “madness” with several inequalities. This is one of the most complicated topics in the whole CCIE blueprint probably.

lagapidis · November 21, 2018, 11:08am

Hello Dmiry

Cisco’s documentation about this command states the following:

The following example displays information about prefixes that are protected by the OSPFv2 loop-free alternate FRR feature. It displays information on the number of prefixes by area and by priority (high or low) and how many are protected, that is, have repair paths configured.

Taken from this command reference document:

So the percentage is a percentage of the prefixes of that area that are protected via that interface. That interface has a directly ready alternate route configured for X% of the routes in the OSPF area.

I hope this has been helpful!

Laz

staut_stefanita · April 29, 2019, 5:31pm

Hello,

I have a question related to the node protected scenario. How does R1 know that R3 routes the traffic for 5.5.5.5/32 via R2 too (so when R2 fails, the best path fails for both R1 and R3 and R3 has to re-run the SPF)? As far as I know…R1 sees the destinations from his point of view.

Many thanks,
Stefanita

lagapidis · April 30, 2019, 10:09am

Hello Staut

Remember that OSPF is a link state routing protocol. One of the characteristics of a link state protocol is that it has a full picture of the network’s topology, including costs of particular links. This information is enough for a router, when node protection as a tie breaker is enabled, to know what the next hop of another router will be to reach a particular destination. If that next hop is the same as the primary next hop for the particular destination, then the node protection tie breaker kicks in and chooses another route as the repair route.

I hope this has been helpful!

Laz

staut_stefanita · May 3, 2019, 5:17pm

Many thanks! I forgot that OSPF keeps the topology table besides the routing table.

madhu_g1985 · August 27, 2019, 8:57pm

Is it beneficial to have OSPF remote LFA FRR considering the overhead of configuring LDP everywhere in network ? Is it really used practically ? Any known use case?

lagapidis · August 29, 2019, 6:39am

Hello Madhu

I personally haven’t seen OSPF LFA FRR implemented in a production network, however, there are many situations where it is beneficial, even with the substantial overhead involved in its configuration. Imagine a large corporate network where the headquarters is composed of five or six buildings in a campus setup with 3500 employees. Imagine also several branch locations, say 5 or 10 throughout the country each with at least 500 employees. Also, imagine that this corporate network relies on OSPF for routing.

Now such a network, providing network services to over 8000 employees across multiple sites will have hundreds, if not more subnets, with real-time services like VoIP and video conferencing that require continuous routing between these subnets. Additional services such as financial transactions that are sensitive to real-time fluctuations in network availability may also exist on the network.

Now there are literally thousands of such organizations throughout the world, and there are many that may have even larger infrastructures. For such organizations, it is imperative that voice/video/financial transaction communications have the utmost redundancy and resiliency, especially if these operations are mission critical to their business. A network failure where OSPF must rerun SPF may cause hundreds of phone or video conferences to go off line, causing them to have to redial and reconnect. Financial transactions will delay causing a possible change in their results.

So for such requirements, it is not unusual to require the implementation of LFA FRR.

I hope this has been helpful!

Laz

acoruzzi · December 16, 2019, 3:15pm

excuse but i don’t understand the following command what exactly do:
R1(config-router)#fast-reroute per-prefix tie-break node-protecting required index 5

you said:
Let’s enable node protecting and change the priority to the lowest value of all currently active tie breakers
and you show:

*>  5.5.5.5/32, Intra, cost 5, area 0
     SPF Instance 13, age 00:18:13
     Flags: RIB, HiPrio
      via 192.168.12.2, GigabitEthernet2 label 1048578
       Flags: RIB
       LSA: 1/5.5.5.5/5.5.5.5
      repair path via 192.168.14.4, GigabitEthernet4 label 1048578, cost 9
       Flags: RIB, Repair, IntfDj, BcastDj, NodeProt
       LSA: 1/5.5.5.5/5.5.5.5
      repair path via 192.168.13.3, GigabitEthernet3, cost 7
       Flags: Ignore, Repair, IntfDj, BcastDj, Downstr
       LSA: 1/5.5.5.5/5.5.5.5

the cost remain 9 for repair path via 192.168.14.4 and cost remain 7 for repair path via 192.168.13.3… i don’t understand

lagapidis · December 17, 2019, 12:30pm

Hello Andrea

The statement:

refers to the priorities that are given to the tie breakers. Remember the following in the lesson?

R1#show running-config all | incl break
 fast-reroute per-prefix tie-break primary-path index 10
 fast-reroute per-prefix tie-break interface-disjoint index 20
 fast-reroute per-prefix tie-break lowest-metric index 30
 fast-reroute per-prefix tie-break linecard-disjoint index 40
 fast-reroute per-prefix tie-break broadcast-interface-disjoint index 50

Here Rene is showing the priorities that are given to the tie breakers, which are shown at the end of each line. Originally, node protection is not included by default. But with the fast-reroute command, Rene assigns a priority to the tiebreaker of 5. This priority is the lowest value of all currently active tie breakers.

These changes do not actually change the OSPF cost of the repair paths. What it does do is it changes the way the paths are evaluated. That results in OSPF preferring router 4 with a cost of 9 over router 3 with a cost of 7 as the next repair path, simply because R3 has the same next hop as R1 originally did.

I hope this has been helpful!

Laz

jpsbcr2014 · January 3, 2020, 7:05am

Hi Rene,

thanks very much for this!!! What about iOS XR on ASR9K? OSPF LFA per prefix is supported?. I was reading the docs, but I did not find nothing clear about per-prefix support on iOS xr.

Thank you!

lagapidis · January 7, 2020, 1:45pm

Hello Juan

According to the following Cisco documentation, OSPF LFA per prefix is supported on the ASR9K.

Release 6.1.X is an XR IOS release.

I hope this has been helpful!

Laz

jpsbcr2014 · January 18, 2020, 11:04pm

Thanks very much Lazaros!! I will say that this feature is really useful, but unfortunately, it will not work in some scenarios like for example, when you have some kind of ECMP or like square design. Thats because Remote LFA comes here but in some topologies, it is not worth to add MPLS configuration .

thanks!!

lagapidis · April 15, 2020, 10:47am

2 posts were merged into an existing topic: OSPF Remote Loop-Free Alternate (LFA) Fast Reroute (FRR)

edelmann.lukas · February 18, 2021, 5:55pm

Could you please update your document?

High: it calculates an LFA for the the /32 prefixes
Low: it calculates an LFA for all prefixes

lagapidis · February 20, 2021, 9:32am

Hello Lukas

It seems that Rene has already updated the lesson. Specifically, it states:

There are two options; high and low. When you select the high priority, OSPF treats loopback and /32 prefixes with higher priority, calculating an LFA for these a bit earlier than other prefixes. When you select the low priority, it just calculates an LFA for all prefixes. Let’s go for the low priority option:

This text is found in the 1.2 With LFA FRR section. Is there somewhere else in the lesson where this information is missing?

Laz

edelmann.lukas · February 20, 2021, 9:53pm

Hi Laz,

I think this setence is wrong, because with the option “high” it won’t calcuate an LFA for other prefixes.

Best,

Lukas

lagapidis · February 25, 2021, 6:48am

Hello Lukas

Based on this post of the troubleshooting process that @ReneMolenaar performed, he came to the conclusion that:

In the lesson Rene says:

When you select the high priority, OSPF treats loopback and /32 prefixes with higher priority, calculating an LFA for these a bit earlier than other prefixes.

It is true that the high priority setting will only give high priority to loopbacks with /32 prefixes. That’s what the statement in the lesson seems to be saying as well… Am I missing something?

Laz

costaoliveira404 · March 3, 2022, 6:10pm

Hi Lagapides,

How can I simulate OSPF LFA FRR in GNS? please, advice link to download the router image.

lagapidis · March 5, 2022, 6:20am

Hello Costa

You can simulate OSFP LFA FRR by simply employing the lesson commands on any router image in GNS3 that supports it. Now keep in mind that the GNS3 emulator software is free, but the related Cisco IOS images you require to use it are not. Cisco owns the copyright on IOS so they can’t be shared freely. You’ll have to purchase them or get them from someone who has legal access to them.

I hope this has been helpful!

Laz

abdul.basit.shoaib · November 18, 2022, 10:05am

Hello,

I dont know if the topic fits here, but I,ll ask anyways :). I would like to configure a load balancing scenario for my Pseudowire service. I have configured OSPF area 0 and MPLS.
A Pseudowire is configured and pointing towards the loopback address of each Router. The routing table shows equal cost paths towards the loopback addresses for both devices (Load Balancing for OSPF). Will my Pseudowire
service also do load-balancing? if so, how can I verfiy this. Or can you suggest me how can I achieve the load-balancing of traffic using a single PW?