With Cloud technologies and mobility, STP (Spanning Tree Protocol) can’t meet the requirements of today’s data centers. Hence Cisco enhanced TRILL (Transparent Interconnection of Lots of Links) to introduce FabricPath in the networking world.
What is Cisco FabricPath? Cisco FabricPath is a technology that is designed to overcome STP limitations including scalability, convergence and unnecessary flooding. It runs IS-IS in the control plane and for the same reason, it is also called Layer 2 routing.
FabricPath is in fact the solution to avoid STP and hence considered as a replacement for Spanning Tree Protocol.
It is important to note that STP does loop avoidance at Layer 2 whereas routing protocols do loop avoidance at Layer 3. As we know that routing protocols have got the intelligence to do load-sharing, but STP not being intelligent enough can’t do active-active forwarding. So, in order to do active-active forwarding and build loop free topology at the same time at Layer 2, FabricPath was introduced.
FabricPath is Cisco proprietary and works in the same way as TRILL that is an IETF standard. The biggest advantage of FabricPath is that it gives us the flexibility along with loop free connectivity that STP couldn’t do and is therefore run in Data Centers as a replacement of Spanning Tree Protocol.
Cisco FabricPath is about routing your data center traffic and helps doing load-sharing. It combines both Layer 2 and Layer 3 functions, thus giving simplicity of Layer 2 and also the intelligence of Layer 3. On the other hand, STP is only plug and play and does not have any Layer 3 intelligence.
FabricPath has got Layer 3 routing protocol at the background to support intelligence and that is IS-IS and it helps loop free topology. This IS-IS is called Layer 2 IS-IS and is independent of Layer 3 IS-IS. So, you can have IS-IS at Layer 3 in the network too at the same time.
It is important to note that FabricPath has still Ethernet as an underlying protocol same like the Spanning Tree Protocol. FabricPath is simple, flexible, resilient, scalable and offers ECMP (Equal Cost Multi-pathing).
FabricPath is also known as MAC-in-MAC routing or forwarding or encapsulation or tunneling because the frame is MAC-in-MAC encapsulated and routed over to the destination FabricPath switch. To understand this further, you can refer to the FabricPath header.
IMPORTANT: Each device in a FabricPath domain has a Switch ID that is either manually assigned or dynamically allocated via DRAP (Dynamic Resource Allocation Protocol). It is a 12-bit identifier and is used frequently in the Fabricpath header.
FabricPath offers following benefits:
- Simplified configuration
- Maximizes bandwidth availability using ECMP
- Provides design flexibility, redundancy and fault tolerance
- No STP is required. Each switch is going to have its own Layer 2 topology with the help of Dijkstra SPF calculation.
- FabricPath works by the principle of Conversational MAC learning. This enables selective learning
of the MAC addresses based on active flows
- It offers ECMP and loop prevention by using TTL
FabricPath uses ISIS so as to learn the shortest path to each Switch ID based on link metrics/path cost, upto 16 equal (ECMP) routes can be installed.
Layer 2 IS-IS:
Layer 2 IS-IS is different from Layer 3 IS-IS. It doesn’t require any configuration, you only need to enable FabricPath and the IS-IS runs automatically in the background.
It helps to have the same view of topology throughout the FabricPath network. It is also responsible for load-balancing traffic using ECMP.
FabricPath header consists of following:
- OMAC: Outer MAC address
- OSA: Outer Source address
- ODA: Outer Destination address
- Switch ID: Used for source and destination switches
- Ether type: Same as Classical Ethernet
- TTL: Same as Classical Ethernet
- FTag (Forwarding Tag): Used for traffic forwarding in the FabricPath domain
The ODA is used for known Unicast whereas the FTag is used for unknown Unicast, Multicast and Broadcast.
It is quite evident from the header that the outer MAC is FabricPath header and the inner MAC is Classical Ethernet header. Hence, clarifies the term MAC-in-MAC routing.
Highlight: STP is a control plane protocol, it does not have any header. On the contrary, FabricPath works in both Control and Data planes and has a header just like Ethernet therefore.
FabricPath is used for multi-path networking at Layer 2, has got built-in loop prevention and eradicates the need to run STP.
For a FabricPath network, FabricPath header is attached at the ingress interface and removed at the egress interface of the FabricPath domain.
As we know that in modern data centers, the Core/Aggregation/Access network topology has come out as leaf-spine wherein a series of leaf switches form the access layer fully meshed to a series of spine switches. FabricPath is generally run on Aggregation and Core switches, not on Access switches. So, we can have Classical Ethernet switches at the Access co-existing with the FabricPath domain at the Aggregation/Core.
FabricPath switch can be an Edge switch or a Core switch.
- The switch having one port as an edge port and the other port as the core port, connecting to both Classical Ethernet and FabricPath networks is called the Edge switch.
- The switch having all ports as core FabricPath ports is termed as the Core switch.
For a leaf and spine terminology, the leaf switch is in fact the Edge switch whereas the spine switch is the Core switch.
We can have different types of traffic in a FabricPath network:
- Known Unicast
- Unknown Unicast
For known Unicast traffic, ODA is used, but for unknown Unicast, Multicast and Broadcast, traffic forwarding in FabricPath is done on the basis of FTag that is responsible for multi-destination traffic. This is done by 2 FTag trees that are built by IS-IS in an FabricPath network and are called multi-destination trees. The 2 multi-destination loop free trees built by IS-IS are called FTag 1 and FTag 2. One tree is used for unknown Unicast, Multicast and Broadcast traffic whereas the second tree is for Multicast traffic only. Note that Multicast traffic can be Control plane or Data plane Multicast traffic and that is why it appears under both FTag trees (FTag 1 for Control Plane Multicast traffic, Ftag 2 for Data Plane Multicast traffic).
Each tree has its own Root node that can be based on root priority where the highest priority is preferred (unlike STP) in order to select the root switch for each FTag tree.
It is worth mentioning that FTag trees are logical topologies, built automatically by ISIS.
To sum it up, we can say that known Unicast traffic gets forwarded based on destination Switch IDs using ECMP and no FTag trees are consulted in that case. However, unknown Unicast, Multicast and Broadcast are forwarded by consulting FTag trees.
Note: Fabric path is only supported on F-series modules, not on M-series (L3) modules on Cisco Nexus switches.
By default, switches have Classical Ethernet VLANs. For FabricPath, you need to configure FabricPath VLANs and also need to change port mode to FabricPath. Note that only FabricPath VLANs can use FabricPath ports.
FabricPath mode of VLANs is only locally significant for VDC (Virtual Device Context). Each VDC has its own Switch ID in FabricPath.
FabricPath is per-VLAN basis and only those VLANs that are enabled for FabricPath mode will use FabricPath infrastructure. So, you can define certain VLANs as FabricPath VLANs and leave rest as Classic Ethernet VLANs.
Conversational MAC Learning:
Traffic switching is done based on Conversational MAC learning in FabricPath.
Before we delve into Conversation MAC learning, it is important to know that traditional MAC learning is source based learning. Switches build their CAM tables by learning source MAC addresses in order to switch traffic.
On the contrary, the Conversational MAC learning says, don’t learn the source MAC address of a frame unless until the destination MAC address is already learnt. In other words, learn MAC addresses for interested hosts only.
The advantage of this is that a FabricPath swtich has to learn fewer MAC addresses and the CAM table size reduces thus reducing memory requirement and achieving scalability.
IMPORTANT: For Classical Ethernet, the default method is traditional learning but you can set it to Conversational learning per VLAN basis whereas for FabricPath, it is always going to work on Conversational MAC learning!
The Conversational MAC learning consists of a 3-way handshake because MAC table learning completes after the communication takes place in 3 directions.
It is also interesting to note that Core switches in a FabricPath domain do forwarding based on Switch IDs, that is, they don’t have to learn MAC addresses. So, the FabricPath core becomes MAC free same as BGP free core in MPLS!!!
I’ll leave you with the following video “Cisco FabricPath” wherein the FabricPath technology is summarized in an easy but comprehensive manner.
In case you have any questions or feedback, please do comment below and I will surely get back to you as soon as possible.