< Home

Service Requirements and Solution Description

Service Requirements

Traveling by subway has become a major way to avoid traffic congestion in cities. The subway public transportation system must therefore be highly secure and reliable given the more diverse range of IP services and increasing data traffic. However, the legacy subway bearer network can no longer meet these requirements. A more robust, reliable bearer network is required by a digital subway system and needs to meet the following requirements:

  • Ensures high reliability and security: Subways belong to the public transportation system, requiring the subway bearer network to be reliable and secure.
  • Provides sufficient data capacity: The subway system has high passenger traffic and an increasing number of data terminals, requiring the subway bearer network to provide sufficient data capacity and data switching capacity.
  • Supports a diverse range of service types: The subway system involves different service types such as the control system, advertising media, and daily working, requiring the subway bearer network to support a diverse range of service types.

The IP data communication network is the mainstream data communication network. It supports various access modes and can scale to a large size. Therefore, the trend in constructing subway bearer networks has shifted towards IP.

Huawei offers the HoVPN-based HSR solution to implement secure and reliable subway system operation and support a diverse range of service types for the subway system. The HSR solution uses Huawei agile switches to construct a hierarchical network based on MPLS L3VPN technology, provides powerful service supporting capabilities and simple as well as flexible networking modes, and is suitable for large-scale subway bearer networks. This solution adopts multiple protection technologies, including hardware bidirectional forwarding detection (BFD), TE hot standby (HSB), VPN fast reroute (FRR), and traffic forwarding on the Virtual Route Redundancy Protocol (VRRP) backup device and provides protection switchovers within milliseconds to complete an end-to-end link switchover without being noticed by users.

Overview

The Hierarchy of VPN (HoVPN)-based High-Speed Self Recovery (HSR) solution is designed to ensure network reliability, scalability, maintainability, and multi-service supporting capability, provide a hierarchical network structure, and reduce networking costs. Figure 1 shows the network topology in the HSR solution.

Figure 1 Network topology

In Figure 1,

  • Three S9700 switches are fully connected on the core layer to form a core ring, while the data center site and two subway sites exchange data across the core ring.

  • Two S5720-HIs are deployed as aggregation switches in each subway site and form square networking with two S9700s on the core ring. Alternatively, S5720-HIs in multiple sites are connected in serial networking and then form square networking with two S9700s on the core ring. S5720-HIs have VRRP configured to function as user gateways of each subway site. The data center site uses two S9700s as aggregation switches and has the same services as S5720-HIs deployed.

  • Layer 2 switches are deployed on the access layer in each site to form an access ring and are dual-homed to two S5720-HIs in subway sites or two S9700s in the data center site.

This network transmits all service traffic of the subway system, including traffic of daily work, advertising media, and train control management.

Service Deployment

Table 1 Service deployment
Item Solution

IGP

Use OSPF as an IGP and run OSPF between aggregation and core switches to ensure that these switches can be reached through routes and set up Multiprotocol Label Switching (MPLS) Label Distribution Protocol (LDP) and MPLS Traffic Engineering (TE) over OSPF routes.

BGP

Deploy Multiprotocol Border Gateway Protocol (MP-BGP) to set up L3VPN tunnels over MP-BGP routes. Establish Internal BGP (IBGP) neighbor relationships between aggregation and core switches, and between core switches, and advertise VPN routes.

Routing policy

Use routing policies to set the preferred value, and community attribute to filter, select, and back up routes.

MPLS LDP

Run LDP between aggregation and core switches to transmit L3VPN data on links for label switching. Configure BFD for label switched paths (LSPs) to implement fast link switchovers.

MPLS TE

Deploy MPLS TE tunnels to transmit L3VPN traffic. That is, establish the primary and backup TE tunnels between each S5720-HI and its directly connected S9700, and establish the primary and backup tunnels between each S9700 and its directly connected S5720-HI. Enable TE HSB and configure BFD for TE HSB to allow traffic to be switched from the faulty primary TE tunnel to the backup TE tunnel within 50 ms.

L3VPN

Configure different VPNs for services such as daily office, advertising media, and train control management to isolate these services. In this scenario, one VPN is configured as an example.

BFD

Use BFD on each node to detect faults and implement fast traffic switchovers in case of faults. In this example, you need to deploy multiple services, including BFD for VRRP, BFD for LSP, and BFD for TE, to complete end-to-end switchovers within 50 ms.

TE HSB

Establish bidirectional TE tunnels between S5720-HI aggregation switches and S9700 core switches, and deploy HSB for MPLS TE tunnels to provide the primary and backup constraint-based routed label switched paths (CR-LSPs) for each TE tunnel. Configure BFD for CR-LSP to fast detect CR-LSP faults. When a fault occurs on the primary CR-LSP, L3VPN traffic can be fast switched to the backup CR-LSP, providing end-to-end traffic protection.

Hybrid fast reroute (FRR)

Enable IP+VPN hybrid FRR on S5720-HIs. When a fault occurs on the downlink access link, the connected interface on one S5720-HI will detect the fault and fast switch traffic to the peer S5720-HI, which then forwards traffic to access devices.

VRRP

Deploy VRRP between two S5720-HIs to implement gateway backup for access users. Configure BFD for VRRP to speed up fault detection, VRRP convergence, and traffic switchovers. To prevent traffic loss caused by aggregation switch faults and shorten service interruptions, you also need to configure the VRRP backup device to forward service traffic.

Device Selection and Restrictions

Table 2 Device selection and restrictions
Network Element Device Selection and Restrictions

Core nodes and data center aggregation nodes

Use S9706s or S9712s as core nodes and data center aggregation nodes, and install SRUDs and X series cards on these switches.

To provide high reliability, ensure that:
  • Eth-Trunk member interfaces reside on the same LPU.
  • On the same device, any two interfaces connected to other devices reside on different LPUs.

Aggregation nodes in subway sites

Use S5720-HIs as aggregation switches.

Version Mapping

Table 3 Version mapping
Version Device

V200R009C00 and later versions

Use S12700s, S9700s, or S7700s as core switches and S5720-HIs as aggregation switches.

NOTE:

This configuration example uses S series switches running V200R009C00.
Parent Topic: Example for Configuring High-Speed Self Recovery on a Subway Bearer Network
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
Next topic >