The user enables the remote LFA next-hop calculation by the IGP LFA SPF by adding the remote-lfa option to the loopfree-alternate command that enables LFA calculation:
config>router>isis>loopfree-alternates remote-lfa
config>router>ospf>loopfree-alternates remote-lfa
SPF performs the additional remote LFA computation following the regular LFA next-hop calculation when both of the following conditions are met:
The remote-lfa option is enabled in an IGP instance.
The LFA next-hop calculation did not result in protection for one or more prefixes resolved to a specific interface.
Remote LFA extends the protection coverage of LFA-FRR to any topology by automatically computing and establishing, or tearing-down shortcut tunnels, also referred to as repair tunnels, to a remote LFA node which puts the packets back into the shortest without looping them back to the node which forwarded them over the repair tunnel. A repair tunnel can in theory be an RSVP LSP, an LDP-in-LDP tunnel, or an SR tunnel. In SRĀ OS, this feature is restricted to use a segment routing repair tunnel to the remote LFA node.
The remote LFA algorithm for link protection is described in RFC 7490, Remote Loop-Free Alternate (LFA) Fast Reroute (FRR). Unlike a typical LFA calculation, which is calculated per prefix, the LFA algorithm for link protection is a per-link LFA SPF calculation. As such, it provides protection for all destination prefixes which share the protected link by using the neighbor on the other side of the protected link as a proxy for all of these destinations. Figure: Remote LFA algorithm shows a sample remote LFA topology.
When the LFA SPF in node C computes the per-prefix LFA next hop, prefixes which use link C-B as the primary next hop has no LFA next hop because of the ring topology. If node C used node link C-D as a back-up next hop, node D would loop a packet back to node C. The remote LFA then runs the following algorithm, referred to as the PQ Algorithm in RFC 7490.
Compute the extended P space of Node C with respect to link C-B. The extended P space is the set of nodes reachable from node C without any path transiting the protected link (link C-B). This computation yields nodes D, E, and F.
The determination of the extended P space by node C uses the same computation as the regular LFA by running SPF on behalf of each of the neighbors of C.
The user can limit the search for candidate P-nodes to reduce the number of SPF calculations in topologies where many eligible P-nodes can exist. Use the following commands to configure the maximum IGP cost from node C for a P-node to be eligible:
config>router>isis>loopfree-alternates remote-lfa max-pq-cost value
config>router>ospf>loopfree-alternates remote-lfa max-pq-cost value
Compute the Q space of node B with respect to link C-B. The Q space is the set of nodes from which the destination proxy (node B) can be reached without any path transiting the protected link (link C-B).
The Q space calculation is effectively a reverse SPF on node B. In general, one reverse SPF is run on behalf of each neighbor of C to protect all destinations resolving over the link to the neighbor. This yields nodes F and A in the example shown in Figure: Remote LFA algorithm.
The user can limit the search for candidate Q-nodes to reduce the number of SPF calculations in topologies where many eligible Q-nodes can exist. The CLI command in step 1 is also used to configure the maximum IGP cost from node C for a Q node to be eligible.
Select the best alternate node which is the intersection of extended P and Q spaces. The best alternate node or PQ-node is node F in the example of Figure: Remote LFA algorithm. From node F onwards, traffic follows the IGP shortest path.
If many PQ-nodes exist, the lowest IGP cost from node C is used to narrow down the selection; if more than one PQ-node remains, the node with lowest router ID is selected.
The details of the label stack encoding when the packet is forwarded over the remote LFA next hop is shown in Figure: Remote LFA next hop in segment routing.
The label corresponding to the node SID of the PQ-node is pushed on top of the original label of the SID of the resolved destination prefix. If node C has resolved multiple node SIDs corresponding to different prefixes of the selected PQ-node, it pushes the lowest node SID label on the packet when forwarded over the remote LFA backup next-hop.
If the PQ-node is also the advertising router for the resolved prefix, the label stack is compressed in the following cases depending on the IGP:
In IS-IS, the label stack is always reduced to a single label, which is the label of the resolved prefix owned by the PQ-node.
In OSPF, the label stack is reduced to the single label of the resolved prefix when the PQ-node advertised a single node SID in this OSPF instance. If the PQ-node advertised a node SID for multiple of its loopback interfaces within this same OSPF instance, the label stack is reduced to a single label only in the case where the SID of the resolved prefix is the lowest SID value.
The following rules and limitations apply to the remote LFA implementation:
If the user excludes a network IP interface from being used as an LFA next hop using the CLI command loopfree-alternate-exclude under the IS-IS or OSPF context of the interface, the interface is also excluded from being used as the outgoing interface for a remote LFA tunnel next hop.
As with the regular LFA algorithm, the remote LFA algorithm computes a backup next hop to the ABR advertising an inter-area prefix and not to the destination prefix itself.