FabricPath

From cwhite's wiki
Jump to: navigation, search

General

IS-IS is used in the FabricPath core for layer 2 routing. The goal is to compute the SPT between all FabricPath nodes. IS-IS is not used for MAC address advertisements in FP. FabricPath functions pretty much like OSPF since they both use the SPF algorithm to determine what the SPT is. A couple reasons why FabricPath uses IS-IS rather than OSPF is because:

1. IS-IS uses it's own layer 3 transport so IP is not required.
2. Natively extensible meaning IS-IS supports new TLVs.
3. Natively support ECMP (up to 16 links active). This gives us L2 load balancing without STP, port-channels or vPC.

When it comes the the FP data plane, the CE frames are encapsulated with the new FabricPath header. FabricPath is not ethernet which is why hardware support is limited (eg Nexus 7K F modules and Nexus 5500/5600). FabricPath has similar logic to TRILL but they are not the same. FP has the SRC and DST FP switch IDs in the header. Traffic is L2 routed via the SPT to DST switch ID.


Terminology

Classical ethernet: regular ethernet with regular flooding, regular STP, etc.

Leaf switch: connects CE to FP domain.

Spine switch: FP backbone switch with all ports in the FP domain only.

FabricPath core Ports: Links on leaf up to spine or spine to spine. Basically these are the switchport mode fabricpath links.

CE edge ports: Links on leave switches connectiong to regular classic ethernet domain (ports in access or trunk).


Find the location of a MAC address with vPC+

When you are trying to find the port a MAC address lives off of, it can be a little bit difficult tracking it down if you are not use to FabricPath. FabricPath uses a couple of values to "route" traffic.

In this example, we will attempt to track down 0025.90a4.1cd1.

leaf1# show mac address-table address 0025.90a4.1cd1
 Note: MAC table entries displayed are getting read from software.
 Use the 'hardware-age' keyword to get information related to 'Age' 

 Legend: 
        * - primary entry, G - Gateway MAC, (R) - Routed MAC, O - Overlay MAC
        age - seconds since last seen,+ - primary entry using vPC Peer-Link,
        (T) - True, (F) - False ,  ~~~ - use 'hardware-age' keyword to retrieve age info 
   VLAN     MAC Address      Type      age     Secure NTFY Ports/SWID.SSID.LID
---------+-----------------+--------+---------+------+----+------------------
  801      0025.90a4.1cd1    dynamic     ~~~      F    F  3008.74.65535

You can see that instead of listing a port, it lists 3008.74.65535 which you can see is the SWID/SSID/LID.

SWID = the FabricPath switch ID SSID = the vPC+ port-channel identifier LID = the physical port mapping on the remote device (the ltl of the port on switch 3008)


Tracking down the switch that owns the SWID of 3008 is easy with the "show fabricpath route switchid $" command.

leaf1# show fabricpath route switchid 3008
FabricPath Unicast Route Table
'a/b/c' denotes ftag/switch-id/subswitch-id
'[x/y]' denotes [admin distance/metric]
ftag 0 is local ftag
subswitch-id 0 is default subswitch-id


FabricPath Unicast Route Table for Topology-Default

1/3008/0, number of next-hops: 2
        via Po301, [115/10], 0 day/s 17:27:33, isis_fabricpath-default
        via Po302, [115/10], 0 day/s 17:27:33, isis_fabricpath-default

From here, you would go to the device on the other end of Po301 or Po302 and then do the same thing until you reach the switch with FabricPath ID of 3008.

Once you are on the device with the SWID of 3008, you may be curious on how the switch uses 74 for the SSID. This is actually in the vPC+ database.

show vpc | grep -B 2 -A 2 "SWID.SSID"

leaf3# show vpc | grep -B 2 -A 2 "3008.74"
163  Po163     up     success     success          1,300-304,800 DF: No, FP  
                                                   -807,809,873, MAC:        
                                                   880,882-883,8 3008.74.6553
                                                   89-904,960,97 5           
                                                   3,982-983,999         ....

Now, when leaf3 received a frame destined to 3008.74.65535, it knows that it can just forward the frame out of the port-channel associated with the SSID of 74 which is port-channel 163. This is so the switch (leaf3) doesn't have to hit the CAM table to know where 0025.90a4.1cd1 lives, it already knows it is off of port-channel 163 because of the SSID of 74.

If you're not using vPC+, you would be looking for the LID instead of the SSID which can be found with the following commands (you need to convert the LID from decimal to HEX):

show system internal pixm info interface $PHYS_INT
show system internal pixm info ltl $HEX_LID