Under very specific situations, a router may undergo certain well-known failure conditions that should not affect packet forwarding across the switching platform. Non Stop Forwarding (NSF) capability allows for the forwarding of data packets to continue along routes that are already known, while the routing protocol information is being restored. This capability is useful in cases in which there is a component failure (for example, a Route Processor [RP] crash with a backup RP taking over) or in which there is a scheduled hitless software upgrade.
Cisco implemented Cisco-proprietary NSF, referred to as Cisco NSF. The OSPF RFC 3623 Graceful Restart feature allows you to configure IETF NSF in multivendor networks. A router can only run in Cisco NSF or IETF NSF at any time. But a router can run in both modes when running in helper mode. This is the default for a helper router. Cisco NSF is not supported over Virtual-Links.
Cisco NSF Routing and Forwarding Operation
Cisco NSF is supported by the BGP, EIGRP, OSPF, and IS-IS protocols for routing and by Cisco Express Forwarding (CEF) for forwarding. The BGP, EIGRP, OSPF, and IS-IS routing protocols have been enhanced with NSF capability and awareness, which means that routers that run these protocols can detect a switchover and take the necessary actions to continue forwarding network traffic and to recover route information from the neighbor routers.
A device is said to be NSF-capable if it has been configured to support NSF; therefore, it would rebuild routing information from NSF-aware or NSF-capable neighbors. The NSF router modes of operation common to the Cisco and IETF NSF implementations are as follows:
- Restarting Mode — Also known as NSF-restarting mode or graceful-restarting mode. In this mode, the OSPF router process is performing nonstop forwarding recovery because of an RP switchover; this may result from an RP crash or a software upgrade on the active RP.
- Helper Mode — Also known as NSF-awareness. In this mode, a neighboring router is restarting, and this router is helping in the nonstop forwarding recovery.
Cisco Express Forwarding for NSF
A key element of NSF is packet forwarding. The OSPF protocol depends on CEF to continue forwarding packets during switchover while the routing protocols rebuild the Routing Information Base (RIB) tables. Once OSPF has converged, CEF updates the Forwarding Information Base (FIB) table and removes stale route entries. CEF then updates the line cards with the new FIB information. CEF maintains the FIB and uses the FIB information that was current at the time of a switchover to continue forwarding packets during the switchover. This feature reduces traffic interruption during the switchover.
During normal NSF operation, CEF on the active RP synchronizes its current FIB and adjacency databases with the FIB and adjacency databases on the standby RP. Upon switchover of the active RP, the standby RP initially has FIB and adjacency databases that are mirror images of those that were current on the active RP. For platforms with intelligent line cards, the line cards maintain the current forwarding information over a switchover; for platforms with forwarding engines, CEF keeps the forwarding engine on the standby RP current with changes that are sent to it by CEF on the active RP. In this way, the line cards or forwarding engines can continue forwarding after a switchover as soon as the interfaces and a data path are available.
As the OSPF routing protocol starts to repopulate the RIB on a prefix-by-prefix basis, the updates in turn cause prefix-by-prefix updates that CEF uses to update the FIB and adjacency databases. Existing and new entries receive the new version number, indicating that they have been refreshed. The forwarding information is updated on the line cards or forwarding engines during convergence. The RP signals when the RIB has converged. The software removes all FIB and adjacency entries that have an epoch older than the current switchover epoch. The FIB now reflects the newest routing protocol forwarding information.
The OSPF routing protocol runs on only the active RP, and OSPF receives routing updates from OSPF neighbor routers. The OSPF routing protocol does not run on the standby RP. Following a switchover, OSPF requests that the NSF-aware neighbor devices send state information to help rebuild the routing tables.
OSPF Graceful Restart Functionality per RFC 3623
RFC 3623 graceful restart nonstop forwarding enhancement to the OSPF routing protocol. An OSPF NSF-capable router that is reloading and attempting a graceful restart originates grace-lsas to notify its neighbors that it will perform graceful restart within the specified amount of time or grace period. During this grace period, the neighboring OSPF routers, called helper routers, continue to announce the restarting router in their LSAs as if it were fully adjacent, as long as the network topology remains static.
Graceful Restart Initiation
The restarting router becomes aware that it should start the graceful restart process when the network administrator issues the appropriate command or when an RP reloads and forces and Redundancy Facility (RF) switchover. The length of the grace period can be set by the network administrator or calculated by the OSPF software of the restarting router. In order to prevent the LSAs from the restarting router from aging out, the grace period should no t exceed an LSA refresh time of 1800 seconds.
In preparation for graceful restart, the restarting router must perform the following action before its software can be reloaded:
- The restarting router must ensure that its forwarding table is updated and will remain in place during the restart.
- No OSPF shutdown procedures are performed since neighbor routers must act as if the restarting router is still in service.
OSPF Processes During Graceful Restart
After the router has reloaded, it must modify its OSPF processes until it reestablishes full adjacencies with all former fully adjacent OSPF neighbors. During graceful restart, the restarting router modifies its OSPF processes in the following ways:
- The restarting router does not originate LSAs with LS types 1, 5, or 7 so that the other routers in the OSPF domain will use the LSAs that the restarting router had originated prior to reloading. The router does not modify or flush any self-originated LSAs.
- The restarting router runs its OSPF routing calculations in order to return any OSPF virtual links to operation. However, the restarting router does not install OSPF routes into the system’s forwarding table, and the router relies on the forwarding entries that it had installed prior to undergoing the graceful restart process.
- If the restarting router determines that is was the Designated Router on a given segment prior to the graceful restart, it will reelect itself.
Graceful Restart Process Exit
The restarting router exits the graceful restart process when one of the following events occur:
- The router has reestablished all adjacencies. The graceful restart was successful.
- The router receives an LSA that is inconsistent with an LSA from the same router prior to the graceful restart. The inconsistency can be mean either that the router does not support the graceful restart feature or that the router has terminated its helper mode for some reason. The graceful restart was unsuccessful.
- The grace period has expired. The graceful restart was not successful.
- Once the restarting router has completed the graceful restart process, it returns to normal OSPF operation, reoriginating LSAs based on the current state of the router and updating its forwarding tables based on current link-state database contents. At this time, it flushes the grace-lsas that it had originated during the initiation of the graceful restart process.
Helper Mode Initiation
When a neighbor router that is on the same network segment as the restarting router receives a grace-lsa from the restarting router, the neighbor enters helper mode as long as the following criteria are met:
- The neighbor must have a full adjacency with the restarting router over the associated network segment.
- There have been no changes to the link-state database since the restarting router began restarting.
- The grace period has not yet expired.
- Local policy allows the neighbor router to act as a helper router.
- The neighbor router must not be in its own graceful restart process.
- Helper mode for this router has not been disabled by the network administrator.
Helper Mode Exit
The helper router stops performing helper mode for its neighbor when one of the following events occur:
- The grace-lsa that was originated by the restarting router is flushed, to signify that the restarting router has exited the graceful restart process successfully.
- The grace period of the grace-lsa expires.
- A change in link-state database contents indicates a network topology change, forcing the termination of the graceful restart process when the strict-lsa-checking option is enabled on the helper.
Configure IETF NSF or Cisco NSF
To enable a router for graceful restart, apply the following commands under the OSPF router processor;
cisco Cisco Non-stop forwarding
ietf IETF graceful restart
Router(config-router)#nsf ietf restart-intererval 300
Now to enable or disable a router to be a helper in the NSF process configure your router as follows (remember a router is a NSF helper by default);
cisco Cisco Non-stop forwarding
ietf IETF graceful restart
Router(config-router)#nsf ietf helper ?
disable disable helper support
strict-lsa-checking enable helper strict LSA checking
Router(config-router)#nsf cisco helper ?
disable disable helper support
To check and see if your router is running NSF run the following show command;
Router#show ip ospf 1 | i helper
IETF NSF helper support enabled
Cisco NSF helper support enabled