Virtual Circuit Connection Verification and Bidirectional Forwarding Detection

As network operators deploy AToM services, the ability to provide end-to-end fault detection and diagnostics for an emulated pseudowire service is critical for the network operator. Cisco MPLS VCCV enhances the monitoring and troubleshooting of Layer 2 services across an MPLS network. VCCV creates a control channel between the two pseudowire PEs to uniquely identify the connectivity verification packets from the regular Layer 2 payloads. Ideally, such a control channel would be completely in band. When a control word is present on the virtual circuit, you can indicate the control channel by setting a bit in the control header. However, to ensure smooth interoperability between the various devices participating in the pseudowire service, the use of the MPLS router alert label to indicate the control channel is also supported.

In addition, the combination of VCCV and MPLS ping/traceroute allows a simplification of the operation, management, and troubleshooting of the emulated Layer 2 service end-to-end. BFD is a simple hello protocol that offers additional fault detection capability. Within the context of MPLS-based networks, you use the asynchronous mode of BFD. Together with diagnostic mechanisms such as MPLS LSP ping/Trace and VCCV, BFD provides an additional fault-detection benefit. Table 12-2 summarizes VCCV, and BFD is discussed in the next section.

When offering value-added services, such as MPLS VPN, with regard to OAM, the service provider has at its disposal a set of OAM tools, such as IP ping/traceroute, VRF-aware ping and traceroute, MIBs, and MPLS ping/trace.

Each tool can be used independently for verification and troubleshooting. An example of a troubleshooting sequence when dealing with VPN might be:

1. Use IP ping/trace from the CE to assess connectivity at the VPN level.

2. Use VRF-aware ping/trace to assess connectivity between PEs at the VPN level.

3. Use MPLS ping/trace to assess LSP liveliness between PEs.

4. Simultaneously gather MPLS-related MIBs at the LSR of interest for useful information/parameters. This topic is discussed later in this chapter.

Detection tools tend to be lightweight to minimize the processing load in both inserting and processing the messages and obtaining a useful result. An example of such a detection mechanism is BFD, a fixed hello protocol that is useful for fault detection. Neighbors exchange hello packets at negotiated regular intervals. A neighbor is declared down when expected hello packets do not show up.

BFD control packets are encapsulated in UDP datagram destination port 3784 and source port between 49252 to 65535, where the echo packets use source and destination UDP port 3785. VCCV-BFD can complement VCCV-Ping to detect a data plane failure in the forwarding path of a pseudowire. One point to note when using BFD for VCCV and MPLS LSP is that the mechanism induces a requirement on BFD to scale to a large number of sessions; therefore, distributed BFD implementations enhance scalability. The aggressive detection interval with a large number of BFD sessions increases the chance of false-positives when reporting results. Finally, if MPLS LSPs are fast reroutable, the BFD fault detection interval should be greater than the fast-reroute switchover time. Table 12-3 compares VCCV BFD mode with VCCV. VCCV BFD mode can complement VCCV to detect a data plane failure in the forwarding path of a pseudowire. VCCV BFD mode works over MPLS or IP networks, multiple PSN tunnel-type MPLS, IPSec, L2TP, GRE, and so on.