Fault on the Remote PE - VPN FRR
In virtual private network (VPN) FRR scenarios, BFD can be used to detect the connectivity faults between PEs.
As shown in Figure 1, PE3 and PE4 access a VPN. If the user network on the left of PE1 needs to communicate with the user network on the right of PE3, PE1 can access the user network on the right through PE3 and PE4 that back up each other. VPN FRR is implemented on PE1.
Similar to other FRR technologies, VPN FRR has an available bypass path for fast switchovers if the primary path fails. For VPN FRR, two next hops (PE3 and PE4) are reserved for PE1 to access the remote VPN. One is the primary PE and the other is the backup PE. The primary and backup PEs can be manually configured.
As shown in the preceding figure, PE1 has two next hops, PE3 and PE4, for the remote VPN route. PE1 can select one of PE3 and PE4 as the active next hop and the other as the standby next hop.
- If VPN FRR has not been configured, only a primary next-hop entry is delivered from the control plane to the forwarding plane. When the primary next hop becomes invalid, the backup next-hop entry is delivered to the forwarding plane, which slows down switchovers.
- If VPN FRR has been configured, both the primary and backup next-hop entries are delivered from the control plane to the forwarding plane. When the primary next hop becomes invalid, the forwarding plane immediately uses the backup next hop, which speeds up switchovers.
After BFD detects that the primary next hop fails, a switchover is performed within a very short period, which implements high reliability.