BFD for Pseudowire VCCV

BFD for Pseudowire VCCV

The article BFD for MPLS LSP provided an overview of using BFD and LSP Ping in conjunction for detecting the failure in data plane for an LSP. This article will discuss about VCCV and using BFD with VCCV. First, an overview of VCCV.

VCCV: An Overview

Virtual Circuit Connection Verification (VCCV) is defined in RFC 5085. VCCV is a connection verification protocol for Pseudowire that is setup using LDP (more specifically, targeted-LDP or T-LDP). VCCV is a control channel between a Pseudowire's ingress and egress points over which connectivity verification messages can be sent.

It is important to understand why a new mechanism is required to detect the failure in data plane for Pseudowire, although LSP Ping is present. This can be explained from figure 1. Actually, VCCV uses LSP Ping with some extensions.

When PE1 sends an MPLS Echo Request packet to PE2 using LSP Ping procedure, PE1 router encapsulates the probe packets with VC (T-LDP) label (bottom) and transport (LDP or RSVP) label (top) like data packets. When the probe packets arrive at PE2 router with the VC label and if PE2 applies the normal forwarding procedure to this probe packet, it will forward the probe packet over to CE2 router as if they were data packets. There are 3 possible ways to fix this problem (figure 2 below) -

Type 1. TTL Expiry VCCV - Set the TTL of VC label to 1. When PE2 receives probe packets with VC label only (due to PHP), the TTL of VC label expires and the packet is sent to the control plane of PE2 router.

Type 2. Out-of-band VCCV - Insert a Router Alert label between the VC label and the transport label. When PE2 receives probe packets with Router Alert label on top, the packet is delivered to PE2 router's control plane. However, this does not satisfy the requirement of sending the probe packets and data packets with the same label stack.

Type 3. In-band VCCV - Insert a special header between label stack and MPLS payload. This is implemented by setting a bit in the Control Word to indicate the packet should be delivered to the Control Plane rather than being forwarded. This header is called the Pseudowire Associated Channel Header (PW-ACH).

Signalling

Before LSP Ping for Pseudowire can be used, the Pseudowire (PW) endpoints must agree on VCCV capabilities so that VCCV messages can be properly intercepted, interpreted and processed locally as OAM messages by the receiving PE router.

When a PW is first signaled by the initiating PE router using LDP, a message is sent to the remote PE router requesting that a PW be set up. This message is extended to include VCCV capability information. This information indicates to the remote PE router which combinations of Control Channel (CC) and Connectivity Verification (CV) Types it is capable of receiving. The remote PE router includes the same information after it agrees to set up the PW.

Once the PW is setup, the PE routers can send VCCV messages based on the CC and CV Type combinations. VCCV defines an encapsulation for these messages (CC Types 1/2/3 discussed above) that identifies them as belonging to the control channel for the PW and allow the remote PE router to process them functionally same as the data packets.

CC Types and CV Types

Control Channel (CC) Types defines the types of control channel that VCCV can support. These CC types are -

    • PW Control Word
    • MPLS Router Alert label
    • MPLS Inner label TTL

The control channels in turn carry several types of protocols defined by Connectivity Verification (CV) Types. These CV types are -

    • ICMP Ping
    • LSP Ping
    • BFD

The CC and CV Types information is signaled in the Interface Parameter sub-TLV of LDP messages. The following packet capture shows CC and CV Types information carried in LDP message between PE routers.

In Cisco IOS, LSP Ping for PW is tested using the following command.

PE1# ping mpls pseudowire <PW_end-point> <vc_id>

VCCV Summary

Since different options are available, it is necessary for pseudowire endpoints to negotiate which mechanism to use. VCCV defines how this negotiation is done and how the probe packets must be encapsulated, based on the negotiated values, re-using the LSP Ping procedures.

BFD for Pseudowire VCCV

RFC 5885 describes CV Types using BFD with VCCV. The RFC document introduces 4 new CV Types-

    1. BFD IP/UDP encapsulated for PW fault-detection only (CV Type 0x04)
    2. BFD IP/UDP encapsulated for PW fault-detection and AC/PW Fault Status Signalling (CV Type 0x08)
    3. BFD PW-ACH encapsulated for PW fault-detection only (CV Type 0x10)
    4. BFD PW-ACH encapsulated for PW fault-detection and AC/PW Fault Status Signalling (CV Type 0x20)

Operation

First the PW end-points must agree on the CV Type for BFD to use. Once the PW end-point has selected a valid CV Type, it begins sending BFD Control packets over the VCCV control channel to exchange BFD discriminator values. Both PW endpoints send initial BFD Control Packets with My Discriminator value uniquely chosen and Your Discriminator value set to 0.

The RFC documents proposes 2 ways in which BFD CV packet can be encapsulated over a VCCV control channel.

1. BFD IP/UDP encapsulated - BFD with IP/UDP Headers

In this method, the BFD Control packets are transmitted in the UDP header with destination port 3784 and source port within the range 49152 through 65535. The source IP address is the address of the sender while the destination IP address is randomly chosen from the range 127.0.0.0/8. The TTL is set to 255.

If PW-ACH header is used with IP/UDP headers, the Channel Type in PW-ACH header should be set to 0x0021 for IPv4 and 0x0057 for IPv6.

2. BFD PW-ACH encapsulated - BFD without IP/UDP Headers

In this method, the IP/UDP headers are omitted and the BFP Control packets are encapsulated directly over the PW-ACH header. The Channel type of PW-ACH is set to 0x0007 to indicate the BFD Control packet.

In Cisco IOS, BFD for VCCV is configured as follows. The example shows BFD without IP/UDP header. To include IP/UDP headers, replace "raw-bfd" keyword with "udp" keyword.

bfd-template single-hop BFD_FOR_VCCV

interval min_tx 100 min_rx 100 multiplier 3

!

pseudowire-class AToM

encapsulation mpls

vccv bfd template BFD_FOR_VCCV raw-bfd

!

interface fastethernet 0/0

no ip address

xconnect 4.4.4.4 100 pw-class AToM

!

Summary

The RFC document provides 2 ways to setup a single BFD session over VCCV for pseudowire data-plane fault detection. New CV Types are introduced to accomplish this.