IP Routing: OSPF Configuration Guide, Cisco IOS Release 15S
NSF-OSPF RFC 3623 OSPF Graceful Restart
Downloads: This chapterpdf (PDF - 1.35MB) The complete bookPDF (PDF - 5.9MB) | The complete bookePub (ePub - 1.21MB) | The complete bookePub (ePub - 1.21MB) | Feedback

NSF-OSPF RFC 3623 OSPF Graceful Restart

This document focuses on nonstop forwarding (NSF) for OSPFv2 in Cisco IOS software, using the IETF standardized graceful restart functionality that is described in RFC 3623. Under very specific situations, a router may undergo certain well-known failure conditions that should not affect packet forwarding across the switching platform. NSF capability allows for the forwarding of data packets to continue along routes that are already known, while the routing protocol information is being restored. This capability is useful in cases in which there is a component failure (for example, a Route Processor [RP] crash with a backup RP taking over) or in which there is a scheduled hitless software upgrade.

Prior to RFC 3623, Cisco implemented Cisco-proprietary NSF, referred to as Cisco NSF. The OSPF RFC 3623 Graceful Restart feature allows you to configure IETF NSF in multivendor networks. Configuring IETF NSF increases the availability of your network by allowing OSPF routers to stay on the forwarding path even as their OSPF software is restarted. This document refers to the two forms of NSF as Cisco NSF and IETF NSF. The OSPF RFC 3623 Graceful Restart feature is the latest addition to the Cisco High Availability portfolio.

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.

Prerequisites for Configuring IETF NSF or Cisco NSF

  • OSPF must be configured on the router.
  • The router undergoing OSPF graceful restart must be capable of performing a stateful switchover (SSO) operation.

Restrictions for Configuring IETF NSF or Cisco NSF

  • Only one of the possible methods for nonstop forwarding (Cisco NSF or IETF NSF) is supported at a time. For example, the restarting router uses either Cisco NSF or IETF NSF during switchover, depending on the configuration of the router. The helper mode for both methods is supported by default, based on the restarting method used by the restarting router. For example, if the restarting router is IETF NSF-capable, the helper router will use IETF NSF helper mode by default.
  • Neither Cisco NSF nor IETF NSF is supported over sham-links.
  • Cisco NSF is not support over virtual links.

Information About IETF NSF and Cisco NSF

Cisco NSF Routing and Forwarding Operation

Cisco NSF is supported by the BGP, EIGRP, OSPF, and IS-IS protocols for routing and by Cisco Express Forwarding (CEF) for forwarding. The BGP, EIGRP, OSPF, and IS-IS routing protocols have been enhanced with NSF capability and awareness, which means that routers that run these protocols can detect a switchover and take the necessary actions to continue forwarding network traffic and to recover route information from the neighbor routers.

In this document, a networking device is said to be NSF-aware if it is running NSF-compatible software. A device is said to be NSF-capable if it has been configured to support NSF; therefore, it would rebuild routing information from NSF-aware or NSF-capable neighbors. The NSF router modes of operation common to the Cisco and IETF NSF implementations are as follows:

  • Restarting Mode--Also known as NSF-restarting mode or graceful-restarting mode. In this mode, the OSPF router process is performing nonstop forwarding recovery because of an RP switchover; this may result from an RP crash or a software upgrade on the active RP.
  • Helper Mode--Also known as NSF-awareness. In this mode, a neighboring router is restarting, and this router is helping in the nonstop forwarding recovery.

Cisco Express Forwarding for NSF

A key element of NSF is packet forwarding. The OSPF protocol depends on CEF to continue forwarding packets during switchover while the routing protocols rebuild the Routing Information Base (RIB) tables. Once OSPF has converged, CEF updates the Forwarding Information Base (FIB) table and removes stale route entries. CEF then updates the line cards with the new FIB information. CEF maintains the FIB and uses the FIB information that was current at the time of a switchover to continue forwarding packets during the switchover. This feature reduces traffic interruption during the switchover.

During normal NSF operation, CEF on the active RP synchronizes its current FIB and adjacency databases with the FIB and adjacency databases on the standby RP. Upon switchover of the active RP, the standby RP initially has FIB and adjacency databases that are mirror images of those that were current on the active RP. For platforms with intelligent line cards, the line cards maintain the current forwarding information over a switchover; for platforms with forwarding engines, CEF keeps the forwarding engine on the standby RP current with changes that are sent to it by CEF on the active RP. In this way, the line cards or forwarding engines can continue forwarding after a switchover as soon as the interfaces and a data path are available.

As the OSPF routing protocol starts to repopulate the RIB on a prefix-by-prefix basis, the updates in turn cause prefix-by-prefix updates that CEF uses to update the FIB and adjacency databases. Existing and new entries receive the new version number, indicating that they have been refreshed. The forwarding information is updated on the line cards or forwarding engines during convergence. The RP signals when the RIB has converged. The software removes all FIB and adjacency entries that have an epoch older than the current switchover epoch. The FIB now reflects the newest routing protocol forwarding information.

The OSPF routing protocol runs on only the active RP, and OSPF receives routing updates from OSPF neighbor routers. The OSPF routing protocol does not run on the standby RP. Following a switchover, OSPF requests that the NSF-aware neighbor devices send state information to help rebuild the routing tables.


Note


For NSF operation, OSPF depends on CEF to continue forwarding packets while OSPF rebuilds the routing information.


OSPF Graceful Restart Functionality per RFC 3623

This section describes the RFC 3623 graceful restart nonstop forwarding enhancement to the OSPF routing protocol. An OSPF NSF-capable router that is reloading and attempting a graceful restart originates grace-lsas to notify its neighbors that it will perform graceful restart within the specified amount of time or grace period. During this grace period, the neighboring OSPF routers, called helper routers, continue to announce the restarting router in their LSAs as if it were fully adjacent, as long as the network topology remains static.

The following sections contain more detailed information about the graceful restart process:

Graceful Restart Router Operation

Graceful Restart Initiation

The restarting router becomes aware that it should start the graceful restart process when the network administrator issues the appropriate command or when an RP reloads and forces and Redundancy Facility (RF) switchover. The length of the grace period can be set by the network administrator or calculated by the OSPF software of the restarting router. In order to prevent the LSAs from the restarting router from aging out, the grace period should no t exceed an LSA refresh time of 1800 seconds.

In preparation for graceful restart, the restarting router must perform the following action before its software can be reloaded: The restarting router must ensure that its forwarding table is updated and will remain in place during the restart. No OSPF shutdown procedures are performed since neighbor routers must act as if the restarting router is still in service.

The OSPF software is reloaded on the router (it undergoes graceful restart).

OSPF Processes During Graceful Restart

After the router has reloaded, it must modify its OSPF processes until it reestablishes full adjacencies with all former fully adjacent OSPF neighbors. During graceful restart, the restarting router modifies its OSPF processes in the following ways:

  • The restarting router does not originate LSAs with LS types 1, 5, or 7 so that the other routers in the OSPF domain will use the LSAs that the restarting router had originated prior to reloading. The router does not modify or flush any self-originated LSAs.
  • The restarting router runs its OSPF routing calculations in order to return any OSPF virtual links to operation. However, the restarting router does not install OSPF routes into the system’s forwarding table, and the router relies on the forwarding entries that it had installed prior to undergoing the graceful restart process.
  • If the restarting router determines that is was the Designated Router on a given segment prior to the graceful restart, it will reelect itself.
Graceful Restart Process Exit

The restarting router exits the graceful restart process when one of the following events occur:

  • The router has reestablished all adjacencies. The graceful restart was successful.
  • The router receives an LSA that is inconsistent with an LSA from the same router prior to the graceful restart. The inconsistency can be mean either that the router does not support the graceful restart feature or that the router has terminated its helper mode for some reason. The graceful restart was unsuccessful.
  • The grace period has expired. The graceful restart was not successful.
  • Once the restarting router has completed the graceful restart process, it returns to normal OSPF operation, reoriginating LSAs based on the current state of the router and updating its forwarding tables based on current link-state database contents. At this time, it flushes the grace-lsas that it had originated during the initiation of the graceful restart process.

Graceful Restart Helper Mode Operation

Helper Mode Initiation

When a neighbor router that is on the same network segment as the restarting router receives a grace-lsa from the restarting router, the neighbor enters helper mode as long as the following criteria are met:

  • The neighbor must have a full adjacency with the restarting router over the associated network segment.
  • There have been no changes to the link-state database since the restarting router began restarting.
  • The grace period has not yet expired.
  • Local policy allows the neighbor router to act as a helper router.
  • The neighbor router must not be in its own graceful restart process.
  • Helper mode for this router has not been disabled by the network administrator.
Helper Mode Exit

The helper router stops performing helper mode for its neighbor when one of the following events occur:

  • The grace-lsa that was originated by the restarting router is flushed, to signify that the restarting router has exited the graceful restart process successfully.
  • The grace period of the grace-lsa expires.
  • A change in link-state database contents indicates a network topology change, forcing the termination of the graceful restart process when the strict-lsa-checking option is enabled on the helper.

For complete information regarding graceful restart functionality, see RFC 3623:

http:/​/​www.ietf.org/​rfc/​rfc3623.txt

How to Configure IETF NSF or Cisco NSF

Enabling IETF NSF or Cisco NSF on the Router

Complete the steps in the following task to configure and verify configuration of Cisco NSF or IETF NSF on the router.

Before You Begin

In order for the graceful restart process to work successfully, the OSPF neighbor (helper) routers need to run a version of Cisco IOS software that supports Cisco NSF or IETF NSF, or both.

SUMMARY STEPS

    1.    enable

    2.    configure terminal

    3.    router ospf process-id [vrf vpn-name]

    4.    nsf ietf [restart-interval seconds]

    5.    end

    6.    show ip ospf [process-id]


DETAILED STEPS
      Command or Action Purpose
    Step 1 enable


    Example:
    Router> enable
     

    Enables privileged EXEC mode.

    • Enter your password if prompted.
     
    Step 2 configure terminal


    Example:
    Router# configure terminal
     

    Enters global configuration mode.

     
    Step 3 router ospf process-id [vrf vpn-name]


    Example:
    Router(config)# router ospf 4
     

    Configures an Open Shortest Path First (OSPF) routing process and enters router configuration mode.

     
    Step 4 nsf ietf [restart-interval seconds]


    Example:
                
                  nsf cisco [enforce global]


    Example:
    Router(config-router)# nsf ietf restart-interval 600


    Example:
    Router(config-router)# nsf cisco 
     

    (Optional) Enables IETF NSF, or graceful restart, on the router.

    • Optionally configures a maximum graceful restart interval, in seconds, after the graceful restart process.

    or

    (Optional) Enables Cisco NSF on a Cisco router.

     
    Step 5 end


    Example:
    Router(config-router)# end
     

    Returns to privileged EXEC mode.

     
    Step 6 show ip ospf [process-id]


    Example:
    Router# show ip ospf 4
     

    Displays general information about OSPF routing processes and whether OSPF graceful restart is configured.

     

    Enabling Graceful Restart Strict LSA Checking on a Helper Router

    Graceful restart helper mode is enabled by default. It is not recommended to disable helper mode because the disabled neighbor will detect the lost adjacency and the graceful restart process will be terminated.

    The strict LSA checking feature allows a helper router to terminate the graceful restart process if it detects a changed LSA that would cause flooding during the graceful restart process. Strict LSA checking is disabled by default. You can enable strict LSA checking on an OSPF helper to have the router terminate graceful restart when there is a change to an LSA that would be flooded to the restarting router. You can configure strict LSA checking on both NSF-aware and NSF-capable routers; however, this feature will become effective only when the router is in helper mode.

    Complete the steps in the following task to disable helper mode or enable strict LSA checking on the NSF-aware (helper) router.

    SUMMARY STEPS

      1.    enable

      2.    configure terminal

      3.    router ospf process-id [vrf vpn-name]

      4.    nsf cisco helper disable

      5.    nsf ietf helper strict-lsa-checking

      6.    end

      7.    show ip ospf [process-id]


    DETAILED STEPS
        Command or Action Purpose
      Step 1 enable


      Example:
      Router> enable
       

      Enables privileged EXEC mode.

      • Enter your password if prompted.
       
      Step 2 configure terminal


      Example:
      Router# configure terminal
       

      Enters global configuration mode.

       
      Step 3 router ospf process-id [vrf vpn-name]


      Example:
      Router(config)# router ospf 454
       

      Configures an Open Shortest Path First (OSPF) routing process and enters router configuration mode.

       
      Step 4 nsf cisco helper disable


      Example:
                  
                    nsf ietf helper disable


      Example:
      Router(config-router)# nsf cisco helper disable


      Example:
      Router(config-router)# nsf ietf helper disable
       

      (Optional) Disables helper mode for Cisco NSF.

      or

      (Optional) Disables helper mode for IETF NSF.

       
      Step 5 nsf ietf helper strict-lsa-checking


      Example:
      Router(config-router)# nsf ietf helper strict-lsa-checking
       

      Enables strict LSA checking on an NSF-aware (helper) router.

       
      Step 6 end


      Example:
      Router(config-router)# end
       

      Returns to privileged EXEC mode.

       
      Step 7 show ip ospf [process-id]


      Example:
      Router# show ip ospf 454
       

      Displays general information about OSPF routing processes and whether helper mode or strict LSA checking is enabled for the NSF-aware (helper) router.

       

      Configuration Examples for IETF NSF or Cisco NSF

      Enabling and Verifying IETF NSF for OSPF Example

      The following example enables IETF NSF for OSPF process 10 on the router. The restart interval has been changed from the 120-second default value to 200 seconds.

      Router(config)# router ospf 10
      Router(config-router)# nsf ietf restart-interval 200
      Router(config-router)# end
      

      When the show ip ospf command is entered for OSPF process 10, the output verifies that IETF NSF was configured on the router, with a maximum route lifetime interval set for 200 seconds. The command output also confirms that NSF helper mode is enabled by default for IETF NSF, as well as for Cisco NSF.

      Router# show ip ospf 10
       Routing Process "ospf 10" with ID 172.16.2.2
       Supports only single TOS(TOS0) routes
       Supports opaque LSA
       Supports Link-local Signaling (LLS)
       Supports area transit capability
       Initial SPF schedule delay 5000 msecs
       Minimum hold time between two consecutive SPFs 10000 msecs
       Maximum wait time between two consecutive SPFs 10000 msecs
       Incremental-SPF disabled
       Minimum LSA interval 5 secs
       Minimum LSA arrival 1000 msecs
       LSA group pacing timer 240 secs
       Interface flood pacing timer 33 msecs
       Retransmission pacing timer 66 msecs
       Number of external LSA 0. Checksum Sum 0x0
       Number of opaque AS LSA 0. Checksum Sum 0x0
       Number of DCbitless external and opaque AS LSA 0
       Number of DoNotAge external and opaque AS LSA 0
       Number of areas in this router is 1. 1 normal 0 stub 0 nssa
       Number of areas transit capable is 0
       External flood list length 0
       IETF Non-Stop Forwarding enabled
          restart-interval limit: 200 sec
       IETF NSF helper support enabled
       Cisco NSF helper support enabled
       Reference bandwidth unit is 100 mbps
          Area BACKBONE(0)
              Number of interfaces in this area is 4 (1 loopback)
              Area has no authentication
              SPF algorithm last executed 02:03:02.468 ago
              SPF algorithm executed 4 times
              Area ranges are
              Number of LSA 3. Checksum Sum 0x175DA
              Number of opaque link LSA 0. Checksum Sum 0x0
              Number of DCbitless LSA 0
              Number of indication LSA 0
              Number of DoNotAge LSA 0
              Flood list length 0

      Disabling Helper Mode for IETF NSF Example

      The following configuration disables helper support for IETF NSF on an OSPF router.

      Router(config)# router ospf 200
      Router(config-router)# nsf ietf helper disable
      

      Additional References

      The following sections provide references related to the OSPF RFC 3623 Graceful Restart feature.

      Related Documents

      Related Topic

      Document Title

      OSPF commands

      Cisco IOS IP Routing: OSPF Command Reference

      OSPF configuration

      Configuring OSPF

      Cisco nonstop forwarding

      Cisco Nonstop Forwarding

      OSPFv3 Graceful Restart

      OSPFv3 Graceful Restart’ module

      Standards

      Standard

      Title

      None

      --

      MIBs

      MIB

      MIBs Link

      None

      To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:

      http:/​/​www.cisco.com/​go/​mibs

      RFCs

      RFC

      Title

      RFC 2328

      OSPF Version 2

      RFC 3623

      Graceful OSPF Restart

      Technical Assistance

      Description

      Link

      The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies. Access to most tools on the Cisco Support website requires a Cisco.com user ID and password. If you have a valid service contract but do not have a user ID or password, you can register on Cisco.com.

      http:/​/​www.cisco.com/​techsupport

      Feature Information for NSF-OSPF RFC 3623 Graceful Restart

      The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

      Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.

      Table 1 Feature Information for NSF-OSPF RFC 3623 Graceful Restart

      Feature Name

      Releases

      Feature Information

      NSF--OSPF (RFC 3623 OSPF Graceful Restart)

      12.0(32)S 12.2(33)SRA 12.2(31)SB2 12.2(33)SXH

      This document focuses on nonstop forwarding (NSF) for OSPFv2 in Cisco IOS software, using the IETF standardized graceful restart functionality as described in RFC 3623.

      Glossary

      cutover --An event in which system control and routing protocol execution are transferred from an active processor to a standby processor. This may include transfer of the packet forwarding function as well.

      NSF --nonstop forwarding. The continuation of forwarding packets across line cards during RP cutover.

      OSPF --Open Shortest Path First. An interior gateway routing protocol.

      RF --Redundancy Facility. A state machine that controls the progression and state of the redundant processor cards.

      RP --Route Processor. A processor module in the Cisco 7000 series routers that contains the CPU, system software, and most of the memory components that are used in the router. Sometimes called a supervisory processor .

      switchover --See cutover.