OSPFv3 Neighbor Relationship Flapping Suppression

Background

If the status of an interface carrying OSPFv3 services alternates between Up and Down, OSPFv3 neighbor relationship flapping occurs on the interface. During the flapping, OSPFv3 frequently sends Hello packets to reestablish the neighbor relationship, synchronizes LSDBs, and recalculates routes. In this process, a large number of packets are exchanged, adversely affecting neighbor relationship stability, OSPFv3 services, and other OSPFv3-dependent services, such as LDP and BGP. OSPFv3 neighbor relationship flapping suppression can address this problem by delaying OSPFv3 neighbor relationship reestablishment or preventing service traffic from passing through flapping links.

Related Concepts

Flapping_event: reported when the status of a neighbor relationship on an interface last changes from Full to a non-Full state. The flapping_event triggers flapping detection.

Flapping_count: number of times flapping has occurred.

Detect-interval: detection interval. The interval is used to determine whether to trigger a valid flapping_event.

Threshold: flapping suppression threshold. When the flapping_count reaches or exceeds threshold, flapping suppression takes effect.

Resume-interval: interval for exiting from OSPFv3 neighbor relationship flapping suppression. If the interval between two successive valid flapping_events is longer than resume-interval, the flapping_count is reset.

Implementation

Each OSPFv3 interface on which OSPFv3 neighbor relationship flapping suppression is enabled starts a flapping counter. If the interval between two flapping_events is shorter than the detect-interval, a valid flapping_event is recorded, and the flapping_count is incremented by 1. When the flapping_count reaches or exceeds threshold, flapping suppression takes effect. If the interval between two successive neighbor status changes from Full to a non-Full state is longer than resume-interval, the flapping_count is reset.

The detecting-interval, threshold, and resume-interval are configurable.

The value of resume-interval must be greater than that of detecting-interval.

Flapping suppression works in either Hold-down or Hold-max-cost mode.

• Hold-down mode: In the case of frequent flooding and topology changes during neighbor relationship establishment, interfaces prevent neighbor relationships from being reestablished during the suppression period, which minimizes LSDB synchronization attempts and packet exchanges.
• Hold-max-cost mode: If the traffic forwarding path changes frequently, interfaces use 65535 as the cost of the flapping link during Hold-max-cost suppression, which prevents traffic from passing through the flapping link.

Flapping suppression can also work first in Hold-down mode and then in Hold-max-cost mode.

By default, the Hold-max-cost mode takes effect. The mode and suppression duration can be changed manually.

If an attack causes frequent neighbor relationship flapping, Hold-down mode can minimize the impact of the attack.

When an interface enters the flapping suppression state, all neighbor relationships on the interface enter the state accordingly.

Interfaces exit from flapping suppression in the following scenarios:

• The suppression timer expires.
• The corresponding OSPFv3 process is reset.
• An OSPFv3 neighbor is reset.
• OSPFv3 neighbor relationship flapping suppression is disabled globally.
• A command is run to exit from flapping suppression.

Typical Scenarios

In Figure 1, the traffic forwarding path is SwitchA -> SwitchB -> SwitchC -> SwitchE before a link failure occurs. After the link between SwitchB and SwitchC fails, the forwarding path switches to SwitchA -> SwitchB -> SwitchD -> SwitchE. If the neighbor relationship between SwitchB and SwitchC frequently flaps at the early stage of the path switchover, the forwarding path will be switched frequently, causing traffic loss and affecting network stability. If the neighbor relationship flapping meets suppression conditions, flapping suppression takes effect.

• If flapping suppression works in Hold-down mode, the neighbor relationship between SwitchB and SwitchC is prevented from being reestablished during the suppression period, in which traffic is forwarded along the path SwitchA -> SwitchB -> SwitchD -> SwitchE.
• If flapping suppression works in Hold-max-cost mode, 65535 is used as the cost of the link between SwitchB and SwitchC during the suppression period, and traffic is forwarded along the path SwitchA -> SwitchB -> SwitchD -> SwitchE.

Figure 1 Flapping suppression in a basic scenario

When only one forwarding path exists on the network, the flapping of the neighbor relationship between any two switches on the path will interrupt traffic forwarding. In Figure 2, the traffic forwarding path is SwitchA -> SwitchB -> SwitchC -> SwitchE. If the neighbor relationship between SwitchB and SwitchC flaps, and the flapping meets suppression conditions, flapping suppression takes effect. However, if the neighbor relationship between SwitchB and SwitchC is prevented from being reestablished, the whole network will be divided. Therefore, Hold-max-cost mode (rather than Hold-down mode) is recommended. If flapping suppression works in Hold-max-cost mode, 65535 is used as the cost of the link between SwitchB and SwitchC during the suppression period. After the network stabilizes and the suppression timer expires, the link is restored.

By default, the Hold-max-cost mode takes effect.

Figure 2 Flapping suppression in a single-forwarding path scenario

In Figure 3, four switches are deployed on the same broadcast network using switches, and the switches are broadcast network neighbors. If SwitchC flaps due to a link failure, and SwitchA and SwitchB were deployed at different time (SwitchA was deployed earlier for example) or the flapping suppression parameters on SwitchA and SwitchB are different, SwitchA first detects the flapping and suppresses SwitchC. Consequently, the Hello packets sent by SwitchA do not carry SwitchC's Switch ID. However, SwitchB has not detected the flapping yet and still considers SwitchC a valid node. As a result, the DR candidates identified by SwitchA are SwitchB and SwitchD, whereas the DR candidates identified by SwitchB are SwitchA, SwitchC, and SwitchD. Different DR candidates result in a different DR election result, which may lead to route calculation errors. To prevent this problem in scenarios where an interface has multiple neighbors, such as on a broadcast, P2MP, or NBMA network, all neighbors on the interface are suppressed when the status of a neighbor relationship last changes to ExStart or Down. Specifically, if SwitchC flaps, SwitchA, SwitchB, and SwitchD on the broadcast network are all suppressed. After the network stabilizes and the suppression timer expires, SwitchA, SwitchB, and SwitchD are restored to normal status.

Figure 3 Flapping suppression on a broadcast network

In Figure 4, SwitchA, SwitchB, SwitchC, SwitchE, and SwitchF are connected in area 1, and SwitchB, SwitchD, and SwitchE are connected in backbone area 0. Traffic from SwitchA to SwitchF is preferentially forwarded along an intra-area route, and the forwarding path is SwitchA -> SwitchB -> SwitchC -> SwitchE -> SwitchF. When the neighbor relationship between SwitchB and SwitchC flaps and the flapping meets suppression conditions, flapping suppression takes effect in the default mode (Hold-max-cost). Consequently, 65535 is used as the cost of the link between SwitchB and SwitchC. However, the forwarding path remains unchanged because intra-area routes take precedence over inter-area routes during route selection according to OSPFv3 route selection rules. To prevent traffic loss in multi-area scenarios, configure Hold-down mode to prevent the neighbor relationship between SwitchB and SwitchC from being reestablished during the suppression period. During this period, traffic is forwarded along the path SwitchA -> SwitchB -> SwitchD -> SwitchE -> SwitchF.

By default, the Hold-max-cost mode takes effect. The mode can be changed to Hold-down manually.

Figure 4 Flapping suppression in a multi-area scenario