Beginning with the Cisco IOS XE 17.13.1 release, you can change VLANs when using a Precision Time Protocol (PTP) transparent clock. PTP runs on a single VLAN, and previously, you could not change VLANs if you used a transparent clock (TC). You had to use a PTP boundary clock (BC) if you wanted to change VLANs.

However, when you use a boundary clock, if the topology changes, the address of the BC also changes, which causes devices using PTP to have time faults. The ability to use a PTP TC when end devices exist on a different VLAN from the grandmaster clock instead of a boundary clock, enables you to build redundant networks that can tolerate a fault, and not cause time faults on those end devices.

In Cisco IOS XE 17.13.1, the ability to change VLANs with PTP TC is documented for use with the Device Level Ring (DLR) protocol. The following sections provide information about using PTP with DLR, including how the protocols work together and configuration instructions.

Beginning with the Cisco IOS XE 17.13.1 release, when you use Precision Time Protocol (PTP), you can use the transparent clock to change VLANs on a Device Level Ring (DLR). Previously, if you used the transparent clock while using PTP, you could not change VLANs unless you switched to a boundary clock.

This feature is supported only on Cisco Catalyst IE3400 Rugged Series Switches and Cisco Catalyst IE3400 Heavy Duty Series Switches. See Limitations and Restrictions.

The integration of PTP and DLR delivers fast convergence in a time-sensitive application while ensuring that neither DLR nor PTP cause any synchronization faults during an outage. The primary goal is to prevent PTP reconvergence on PTP endpoint devices when there is a DLR fault/recovery.

This guide provides information about PTP over DLR, including guidelines and configuration steps. For detailed information about PTP and DLR, see the following guides on cisco.com:

• The chapter "Precision Time Protocol" in this guide.

• The chapter "Device Level Ring" in Redundancy Protocol Configuration Guide, Cisco Catalyst IE3x00 and IE3100 Rugged, IE3400 Heavy Duty, and ESS3300 Series Switches

PTP is a protocol used for synchronizing clocks between networked devices to sub-microsecond accuracy. PTP uses the best master clock algorithm (BMCA) to elect a grandmaster clock (GM), which is the synchronization source for all other clocks in the network. However, the BMCA process can take several seconds, which can be a problem in the event of a DLR ring fault and subsequent recovery.

To address the issue, the feature takes additional cautions in how it makes PTP works and how it converges over a DLR network:

• GM election: The GM election process is optimized to reduce the time it takes to reconverge. This is achieved by using a combination of DLR fast link failure detection and DLR ring fault or recovery events to trigger reconvergence on all switches of the DLR ring simultaneously.

• Fault Detection and Isolation: DLR provides rapid link fault detection and isolation by using a redundant ring topology. When a link fails, the DLR ring automatically reconfigures to maintain connectivity. PTP takes advantage of this feature and ensure that it does not trigger a reconvergence on PTP end devices.

To support PTP on different VLANs, the PTP transparent clock on the Cisco switch needs to operate differently from "normal" transparent clocks in which the VLAN ID of PTP messaging is not changed. The Cisco switch now supports two PTP VLAN behaviors. The default is single vlan. The multi-VLAN feature must be enabled explicitly.

• When PTP packets are received from the grandmaster clock (GMC) and ordinary clocks (OCs), they are terminated, and new PTP packets are generated based on the PTP port VLAN configuration. That means that PTP packets with different VLAN IDs can be supported on a transparent clock.

• The PTP header and body data from the received packets are copied to the newly created packets at the PTP layer. As a result, DLR ring switches and PTP endpoints connected to DLR ring switches do not see any PTP parent change after a DLR ring fault or recovery.

• The PTP port VLAN configuration and behavior are same as in boundary clocks.

  • On access ports, the access VLAN is used to transmit and receive PTP packets.

  • On trunk ports, by default, the trunk native VLAN is used to transmit and receive PTP packets.

  • On trunk ports, the interface level CLI command ptp vlan vlan_id is supported to configure the trunk nonnative VLAN used to transmit and receive PTP packets. PTP packets are transmitted with VLAN tag when the nonnative VLAN is configured as PTP VLAN.

The following is the CLI command introduced in the Cisco IOS XE 17.13.1 release, applicable only for Cisco Catalyst IE3400 Rugged Series Switches and Cisco Catalyst IE3400 Heavy Duty Series Switches that support DLR: ptp mode e2etransparent multiple-vlan.

Note	For details about boundary and other clocks, see the section PTP Clocks in the chapter Configuring Precision Time Protocol in this guide.

You can use PTP over DLR in a variety of different topologies for different purposes. This section provides information for two common use cases and topologies.

The preceding illustration depicts a single-ring topology with the GMC off the ring and connected to the supervisor. The supervisor in transparent clock mode. The ring has no breaks in it, and, as a result, the supervisor blocks all traffic on Port 2 (P2) except for control traffic. The supervisor and DLR-enabled devices A, B, and C, are all in transparent clock mode. The configuration prevents devices on the ring from seeing changes within their PTP system when the Layer 1 infrastructure has a fault. It also causes DLR to open up P2.

In the illustration, a fault occurs between device A and B. Before the fault, device C would receive PTP messages on P1, because P2 is blocking. After fault, P2 on the supervisor goes to forwarding state, which means the device will receive PTP messages from the supervisor on P2.

If the supervisor is a device with multiple VLANs with normal transparent clock operation, its not possible to support the forwarding of PTP messages on different VLANs. We recommend that you configure the DLR supervisor node in transparent clock mode with multiple VLAN support. Doing so would allow the use of multiple VLANs while maintaining a single time source on the ring.

The preceding diagram shows a single DLR ring used with the Spanning Tree Protocol (STP), with the GMC off the ring. The supervisor in BC mode, the ring nodes, and STP switches are in TC mode.

When operating as a boundary clock (BC), all TCs and ordinary clocks view the supervisor as the PTP parent—more specifically, the parent and the port number that the parent transmits with the PTP messages. in the diagram above, the PTP messages are sent from Port 1. The PTP ID used by TCs and ordinary clocks recognizes the PTP parent based on the PTP clock ID of the supervisor, the port number (for example, P1), and other attributes. All devices are synchronized to the PTP parent based on messages transmitted from P1.

When a fault occurs in the ring, the supervisor recognizes the fault and opens P2. Doing so allows all traffic to transit that port to reconverge the topology and provide connectivity to devices. The supervisor sends PTP traffic messages with the port number changed to P2 instead of P1. The change causes the ordinary clocks (the end devices) to perceive a change of the PTP parent. The perception can cause the end devices to resynchronize with the new PTP parent, and synchronizing to a new PTP parent can be disruptive.

To overcome this limitation, we recommended that you configure the DLR supervisor node in TC mode with multiple VLAN support. Doing so would allow the use of multiple VLANs while maintaining a single time source on the ring. Because all nodes in the DLR ring are in TC mode, the parent ID and parent port number do not change when a failure occurs in the ring.

Be aware of the following limitations and restrictions when using multple VLAN support and PTP over DLR:

• Multiple VLAN support with TC has the following restrictions:

  • This feature is supported only on Cisco Catalyst Cisco Catalyst IE3400 Rugged Series Switches and Cisco Catalyst IE3400 Heavy Duty Series Switches.

  • DLR is the only Layer 2 redundancy protocol supported.

  • The following Layer 2 protocols have not been validated with multi-VLAN TC: REP, Spanning Tree, MRP, PRP, HSR.

• Only the following PTP modes are allowed on DLR primary and backup supervisor or gateway nodes:

  • Boundary clock

  • Transparent clock—multiple VLAN

• Transparent clock mode (without multiple VLAN support) is not allowed on DLR primary and backup supervisor or gateway nodes. Transparent clock mode (without multiple VLAN support) can be configured on DLR beacon nodes.

• PTP over DLR is not supported for PTP power profiles.

• The processing of PTP packets is restricted to Layer 3 packets exclusively across the DLR ring, and it is imperative to prevent any leakage of Layer 2 PTP packets into the DLR ring from external networks. Layer 2 PTP packets could lead to undesirable looping and MAC flapping.