TE Tunnel Protection Group

A tunnel protection group provides end-to end protection for MPLS TE tunnels. If a working tunnel in a protection group fails, traffic is switched to a protection tunnel.

Concepts

Tunnel protection group concepts are as follows:

Working tunnel: protected tunnel.
Protection tunnel: tunnel that protects the working tunnel.
Protection switchover: If a working tunnel in a protection group fails, traffic is rapidly switched to a protection tunnel, enhancing network reliability.

Figure 1 Tunnel protection group

As shown in Figure 1, on LSRA, tunnel-3 is specified as the protection tunnel for working tunnel-1. When a failure of tunnel-1 is detected, the ingress node switches traffic to protection tunnel-3. After tunnel-1 is restored, the system determines whether to switch traffic back to the working tunnel according to the configured switchback policy.

Implementation

A tunnel protection group uses a configured protection tunnel to protect a working tunnel, improving tunnel reliability. Configuring working and protection tunnels over separate links is recommended.

Table 1 describes the process of implementing a tunnel protection group.

**Table 1** Tunnel protection group implementation
Step	Description
Tunnel setup	The process of setting up working and protection tunnels is the same as that of setting up a common tunnel. The working and protection tunnels must have the same ingress and egress nodes. Protection tunnel attributes, however, can differ from working tunnel attributes. To better protect the working tunnel, configure working and protection tunnels over separate links when deploying a tunnel protection group. NOTE: The protection tunnel cannot be protected by any other protection tunnel or enabled with TE FRR. You can configure independent attributes for the protection tunnel, which facilitates network planning.
Binding	After a tunnel protection group is configured for a working tunnel, the protection tunnel with a specified tunnel ID is bound to the working tunnel.
Fault detection	To implement fast protection switchover, the tunnel protection group detects faults using the BFD for CR-LSP mechanism in addition to MPLS TE's detection mechanism.
Protection switchover	The tunnel protection group supports the following switchover modes: Manual switchover: A network administrator runs a command to switch traffic. Auto switchover: The ingress node automatically switches traffic when detecting a fault on the working tunnel. In auto switchover mode, you can set the switchover period.
Switchback	After the working tunnel is restored, the ingress node determines whether to switch traffic back to the working tunnel according to the configured switchback policy.

1:1 and N:1 Protection

A tunnel protection group works in either 1:1 or N:1 mode. The 1:1 mode enables a protection tunnel to protect only one working tunnel. The N:1 mode enables a protection tunnel to protect multiple working tunnels.

Figure 2 Tunnel protection group in N:1 mode

Differences Between CR-LSP Backup and Tunnel Protection Group

CR-LSP backup and tunnel protection group are both end-to-end protection mechanisms for MPLS TE tunnels. Table 2 lists the differences between the two mechanisms.

**Table 2** Differences between CR-LSP backup and tunnel protection group
Item	CR-LSP Backup	Tunnel Protection Group
Protected object	Primary and backup CR-LSPs are set up in the same tunnel. The backup CR-LSP protects the primary CR-LSP.	The protection tunnel protects the working tunnel.
TE FRR	The primary CR-LSP supports TE FRR while the backup CR-LSP does not.	The working tunnel supports TE FRR while the tunnel protection does not.
LSP attributes	The primary and backup CR-LSPs have the same attributes (such as bandwidth, setup priority, and holding priority), except the TE FRR attributes.	Attributes of tunnels in a tunnel protection group are independent from each other. For example, a protection tunnel without bandwidth can protect a working tunnel requiring bandwidth protection.
Protection mode	Supports 1:1 protection mode. Each primary CR-LSP has a backup CR-LSP.	Supports 1:1 and N:1 protection modes. A protection tunnel can protect multiple working tunnels. If a working tunnel fails, data is switched to the shared protection tunnel.