The invention disclosed herein generally relates to systems, methods and articles of manufacture for providing route or path redundancy in communications networks. More particularly, the present invention relates to systems and methods for providing route redundancy across Layer 2 devices, as well as selected ports on L2 devices.
In recent years, the bandwidth in Local Area Networks (LAN) has increased rapidly, driven by the widespread adoption of Gigabit Ethernet (GbE), while bandwidth capacity in wide area networks (WAN) has exploded, driven by the proliferation of Dense Wave Division Multiplexing (DWDM) technology and high-speed OC-48/192 links. As a result, the new bottleneck is in the MAN, the traffic intersection of the LAN and WAN and the natural home for much of the world's bandwidth and next-generation network services. For this reason, the Metropolitan Area Networks (MAN) has emerged as a key network build-out point.
A MAN typically spans a single urban metropolitan environment and is one of the most important locations in the network today. Because the MAN resides in the crucial location between users and the core of the Internet, it must offer both the intelligence and bandwidth for service providers to deploy profitable new services. Enterprises are also deploying new MANs to obtain high speed site connectivity for storage networking, videoconferencing, IP telephony, supplier integration, and more. MANs, however present an environment that demands a design methodology that is highly resilient and can make any network outage seem transparent to the user by providing alternate routes around any outage.
Many MANs are moving towards a design topology primarily comprising a vast Layer 2 switched network in order to avoid latency problems associated with the use of Layer 3 devices such as routers. In a switched network, all hosts or end nodes connected to the same physical LAN segment reside in the same broadcast domain, which has the potential of flooding the network with traffic and making it essentially unusable as the network grows. VLANs are used by switches to create a division of the physical network segments into separate broadcast domains without the latency problems associated with routers. A router or device acting as such, however, is still needed to move between broadcast domains. The use of switches and VLANs allows a LAN to be created that is independent of physical location by grouping users into logical workgroups. Massive switched topologies such as MANs, therefore, require redundancy to be extended to Layer 2 as well as Layer 3 devices.
Among Layer 3 (L3) devices, techniques have been developed to provide failover between groups of L3 acting in concert as a virtual L3 device. One prominent protocol for providing this failover functionality is the Virtual Router Redundancy Protocol (VRRP). According to this protocol, multiple L3 devices connected to a network segment or segments are associated with a virtual address, which is provided to all hosts on the managed segment or segments. Only one of the L3 devices forming the virtual device, however, is active and utilizing the virtual address. When the active device experiences a failure, another device takes control of the virtual address and continues to route packets between the managed network segment and the outside network, ensuring continuous service at Layer 3.
Another solution to providing L3 failure protection is presented in U.S. Pat. No. 5,473,599, entitled “Standby Router Protocol” and assigned to Cisco Systems, Inc. According to this patent, a system and protocol are provided for routing data packets from a host on a LAN through a virtual address belonging to a group of routers. An active router in the group of routers emulates the virtual router. The host does not know which router from the group is actually handling the data packets it sends. If the standby router becomes inoperative or takes over for the active router, other routers in the group hold an election to determine which of them should take over for the standby router.
With regard to connectivity among Layer 2 (L2) devices, a primary concern is to avoid endless network loops. Endless loops occur in a network when multiple active paths are present between hosts on a network. When loops occur, hosts appear on multiple interfaces on some devices. This condition confuses the forwarding algorithm and allows duplicate frames to be forwarded to the same device, perhaps endlessly. Spanning-Tree Protocol (STP) eliminates this condition by forcing certain redundant data paths into a blocked or standby state. STP operates transparent to end stations, which are unaware whether they are connected to a single LAN segment or a switched LAN comprising multiple segments.
All switches in an extended LAN participating in STP gather information on other switches in the network through an exchange of data messages, referred to as bridge protocol data units (BPDU). The BPDU messages contain information about the transmitting switch and its ports, including switch and port Media Access Control (MAC) addresses, switch priority, and port cost. The exchange of messages results in the election of a unique root switch for the stable topology. The exchange further results in the election of a designated switch for every switched LAN segment and the removal of loops in the switched network by placing redundant switch ports in a back up state.
Unfortunately, VRRP and STP are unable to work together in concert on L2 devices to provide failover recovery while preventing network loops. STP cannot work with VRRP to coordinate multiple devices in a virtual L2/L3 device because the two operate independently from one another on different layers of the Open Systems Interconnection (OSI) multilayered communication model. Telecommunication traffic is divided into seven layers under the OSI model, the layers themselves spilt into two groups. The upper four layers are used whenever a message passes to or from a user. The lower three layers (up to the network layer) are used when any message passes through the host computer, whereas messages intended for the receiving computer pass to the upper layers. Messages destined for some other host are not passed up to the upper layers but are forwarded to another host. Layer 2 refers to the data-link layer, which provides synchronization for the physical level and furnishes transmission protocol knowledge and management. Layer 3, the network layer, handles the routing of the data, e.g., sending it in the right direction to the right destination on outgoing transmissions and receiving incoming transmissions at the packet level.
Proposed solutions to the redundancy problem in massive switched L2/L3 networks have been unsatisfactory. One of these proposed solutions is presented by Extreme Networks' Extreme Standby Router Protocol (ESRP), which provides both a Layer 3 default router and Layer 2 loop redundancy mechanisms. In ESRP, however, the router interface is shut down when acting as a backup device. By shutting down the router interface, the ESRP approach rules out remote management through the VLAN or VLANs that are controlled according to ESRP. Furthermore, the ESRP protocol can only achieve a limited number of redundancy levels (approximately four levels of redundancy) among groups of ESRP switches providing redundancy among each other. In addition to the foregoing, ESRP lacks any authentication mechanism in order to prevent malicious or fraudulent packets from being received from an intruder and acted upon.
There is thus a need for a system and method that provides a robust redundancy mechanism for providing failover among Layer 2 and Layer 2/Layer 3 devices that improves on the shortcomings of presently available solutions.