Non-Stop Forwarding with Stateful Switch Over
Layers 2–4 (MAC addresses, IP Routes and TCP/UDP Sessions) convergence time is enhanced in Cisco 4500 and 6500 series switches by purchasing redundant route processors (RP) and holding them both in the same 4500/6500 chassis using NSF with SSO.
When using SSO with NSF, only one RP is active. The standby RP synchronizes its configuration and dynamic state information (such as CEF, MAC, and FIB tables) with the active RP. When the active RP fails, SSO enables the standby RP to take over immediately. NSF keeps the switch forwarding traffic during the switchover, using the existing route and CEF tables.
The goal of NSF with SSO is to prevent routing adjacencies from resetting, which prevents a routing flap. The switchover to the new RP must be completed before routing timers expire, or the router’s neighbors will tear down their adjacency and routing will be disrupted.
When the new RP is up, the old routes are marked as stale, and the RP asks its routing peers to refresh them. When
routing is converged, it updates the routing and CEF tables on the switch and the linecards.
NSF is supported with EIGRP, OSPF, ISIS, and BGP. An NSF-capable router supports NSF; an NSF-aware router does
not support NSF but understands it and continues forwarding traffic during SSO.
Use NSF with SSO in locations where you do not have a duplicate switch for failover, such as at the user access or Enterprise network edge. Otherwise it can actually cause longer convergence. Routing protocols timers can be tuned very short to provide fast convergence. With SSO, the switchover to the standby RP might not occur before the tuned routing Dead timer expires, and the adjacency would be reset.