Rapid Ring Protection Protocol – HP Networking STP alternative?

Well, we all know STP as L2 loop-protection protocol running now in 99.9% of networks worldwide (where L2 loops are possible). HP Networking however developed a method that they hope can be a little better … I will leave the judgment of that to you and only present the Rapid Ring Protection Protocol (RRPP) in this article.

The whole idea as the name suggest is based on creating a network in “rings”. Single ring is a single loop, loop protection and transmission inside a single loop can have a good convergence time. HP elaborated on this and came with basic postulate to attack Spanning Tree Protocol: “As networks grow in size, STP takes longer and longer to converge. If we however limit every convergence to a single ring, then a single failure convergence time will still be on the same level as a single ring, despite how many rings the network is made of”. … so in summary we can create a large L2 domain made of “rings” and if there is a failure somewhere, the convergence will be only a matter of single logical ring and not affect other rings.This is interesting, but still fails to impress me as mostly I didn’t seen a L2 domain more than 6 switches in diameter in production, so Rapid STP can take care of this quite easily. On the other hand every one of these networks was designed by someone taking STP limitations into account.

HP claims that in this ring, a re-convergence is roughly about 50ms thanks to the failure notification/acknowledgment process (similar like Proposal/Agreement in Rapid STP).

Three building blocks topologies exist for RRPP shown below.

Single ring – Has only single Master and many Transit nodes.

RRPP Single Ring

RRPP Single Ring

Intersecting ring – multiple rings, with a central ring that all other sub-rings connect to. The central ring is “Primary” and considered “level 0”. Secondary are considered “level 1”. RRPP protocol data units (PDUs) propagate across Level 0 and Level 1 rings differently.

RRPP Intersecting Ring

RRPP Intersecting Ring

Tangent rings – Two rings that do not intersect and are this defined in separate domains utilizing the same switch or switches. This design is often used to create a load-balanced ring, where traffic can flow clockwise and counter-clockwise.

RRPP Tangent Rings

RRPP Tangent Rings

Basic ring operations

Lets take a single ring topology. In it you define a single Master (only one Master is defined in a single ring. In this ring, we have to create a “control VLAN”. this ia normal VLAN that will serve exclusively to forward control plane traffic. Then we define “Primary port” and “Secondary ports” on RRPP ring Master. The Primary port sends out loop-dectect packets and Secondary port listens for these packets arrival.

If the loop-detection packets arrive safely, the Master node switch has traffic filters on the Secondary port data VLANs and thus filtering any L2 loop in the ring topology.

Error detection has two possibilities. First, the loop-detection packets do not make it to the Secondary port in timeout and the Master considers the ring disconnected in some point. Alternative is that the node that detected any link issue will send “LINK-DOWN” message on the control VLAN notifying the Master that the ring is disconnected.

Then Master considers the ring disconnected, it will open the traffic path between his Primary and Secondary port in effort to open alternative path between all Transit nodes again. Master also sends a control message telling all Transit nodes to flush their forwarding L2 tables (mac tables if you will) on all data VLANs.

Recovery is simple again, either the loop-detection packets will start to flow again via the ring after connectivity is restored, or Transit nodes notify the Master node about the recovery. In any case when this happens, the Master filters again data VLANs on Secondary port and sends a message to flush L2 forwarding tables again in the whole ring.

Single Ring Configuration example

Let’s start with Single ring configuration example. We will use only single domain 0, and ring number 1. Control VLAN used will ne 4092 that cannot be used for data traffic anymore. The topology diagram is below.

RRPP Single Ring Configuration Topology

RRPP Single Ring Configuration Topology

And oddly enough, the first thing to configure is MSTP :). Yes, we will first do MSTP for all non-ring ports protection and also to have a starting topology. So in quick reference:

Different RRPP domains on the same RRPP ring are configured with different protected VLANs, and each RRPP domain controls the forwarding status of ports in it independently. By defining different MSTP instances in separate RRPP domains protected VLANs, load balancing of the ring can occur. But in these example, we will use only single domain 0.

Device A will be our Master, therefore the following configuration can be applied there.
Create RRPP domain 1, configure VLAN 4092 as the primary control VLAN of RRPP domain 1, and configure the VLANs mapped to MSTIs 0 through 47 as the protected VLANs of RRPP domain 1.[A] rrpp domain 1

Device B will be one of our Transit nodes, therefore we create RRPP domain 1, configure VLAN 4092 as the primary control VLAN of RRPP domain 1, and configure the VLANs mapped to MSTIs 0 through 47 as the protected VLANs of RRPP domain 1.

Intersecting Ring Configuration Extension

Now let’s move a little further and extend to a two layered ring topology. We will use our previous example as ring level 0 (main ring) and extend it with another ring on level 1 (sub-ring attached to main ring). The final topology, we will aim for, is shown below.

RRPP Interconecting Ring Configuration Topology

RRPP Interconnecting Ring Configuration Topology

You can note that the control packets really do flood via the whole control VLAN that spans both rings, and they are identified just by the ring ID number.

For this to work, maintain the whole configuration on Device A, B and on C and D and E, you should start with the MSTP and Ring links configurations as in the previous Single Ring configuration example.

For configuring Edge Node B, we create RRPP domain 1, configure VLAN 4092 as the primary control VLAN of RRPP domain 1, and configure the VLANs mapped to MSTIs 0 through 47 as the protected VLANs of RRPP domain 1.

For configuring Assistant Edge Node C, create RRPP domain 1, configure VLAN 4092 as the primary control VLAN of RRPP domain 1, and configure the VLANs mapped to MSTIs 0 through 47 as the protected VLANs of RRPP domain 1.

For configuring Sub-ring Master Node E, create RRPP domain 1, configure VLAN 4092 as the primary control VLAN of RRPP domain 1, and configure VLANs mapped to MSTIs 0 through 47 as the protected VLANs of RRPP domain 1.

Some verification commands to try on the real machines.

In summary

Well, in summary I cannot tell if I really like what I see here, innovation is good, but I still do not see a real benefit of Rapid Ring Protection Protocol compared to Rapid Spanning Tree in these topologies. Even in ring topologies, the Rapid STP Proposal/Acknowledgment process would be comparably quick and the configuration much less prone to errors as configuring separate VLANs and have all the rings basically designed only for the loop protection.

But it is good to know there are other things out there to challenge Spanning Tree, like Cisco Flex links, HP Monitor/Smart links, Stacking technologies like VSS and IRF and not one more called Rapid Ring Protection Protocol (RRPP).

I hope you enjoyed something “new” for a change.

If you enjoyed this blog, please share.

About Peter Havrila

Author's Profile