string: Specifies the key. Its plaintext form is a case-sensitive string of 1 to 16 characters. Its encrypted form is a case-sensitive string of 33 to 53 characters.

Usage guidelines

Use this command to enhance BFD session security.

If this command is executed in static BFD session view, it takes effect only on static BFD sessions used for single-hop detection.

BFD version 0 does not support this command. The configuration does not take effect.

Examples

# Configure GigabitEthernet 1/0/1 to perform simple authentication for single-hop BFD control packets, setting the authentication key ID to 1 and plaintext key to 123456.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] bfd authentication-mode simple 1 plain 123456

Related commands

bfd static

bfd demand enable

Use bfd demand enable to enable the Demand BFD session mode.

Use undo bfd demand enable to restore the default.

Syntax

bfd demand enable

undo bfd demand enable

Default

The BFD session is in Asynchronous mode.

Views

Interface view

Static BFD session view

Predefined user roles

network-admin

context-admin

Usage guidelines

In Demand mode, the device periodically sends BFD control packets. If the peer end is operating in Asynchronous mode (default), the peer end stops sending BFD control packets. If the peer end is operating in Demand mode, both ends stop sending BFD control packets. As a best practice, configure the bfd echo enable command together with this command to detect connectivity by sending Echo packets. If the device does not receive any Echo packets from the peer end, it considers the session down.

In Asynchronous mode, the device periodically sends BFD control packets. The device considers that the session is down if it does not receive any BFD control packets within a specific interval.

If this command is executed in static BFD session view, it takes effect only on static BFD sessions used for single-hop detection.

BFD version 0 does not support this command. The configuration does not take effect.

Examples

# Enable the Demand BFD session mode on GigabitEthernet 1/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] bfd demand enable

bfd detect-interface source-ip

Use bfd detect-interface source-ip to associate the interface state with BFD.

Use undo bfd detect-interface to remove the association between the interface state and BFD.

Syntax

bfd detect-interface source-ip ip-address [ template template-name ]

undo bfd detect-interface

Default

The interface state is not associated with BFD. BFD does not set the link layer protocol of the interface to DOWN(BFD) state when detecting a failure.

Views

Interface view

Predefined user roles

network-admin

context-admin

Parameters

ip-address: Specifies the source IP address for BFD control packets.

template template-name: Specifies a template by its name, a case-sensitive string of 1 to 63 characters. If you specify a nonexistent template or do not specify a template, the BFD session uses the BFD parameters configured in interface view. If you first specify a nonexistent template and then create the template, the BFD session uses the parameters configured in the template.

Usage guidelines

By creating a BFD session for single-hop detection through exchange of BFD control packets, this feature implements fast link detection. When BFD detects a link fault, it sets the link layer protocol state to DOWN(BFD). This behavior helps applications relying on the link layer protocol state achieve fast convergence.

The source IP address of control packets is specified manually, and the destination IP address is fixed at 224.0.0.184. As a best practice, specify the IP address of the interface as the source IP address. If the interface does not have an IP address, specify a unicast IP address other than 0.0.0.0 as the source IP address.

You can associate the state of the following interfaces with BFD:

· Layer 3 Ethernet interfaces and subinterfaces. For BFD detection to take effect, do not execute this command on both a Layer 3 Ethernet interface and its subinterface.

· Layer 3 aggregate interfaces, Layer 3 aggregate subinterfaces, and member ports (Layer 3 Ethernet interfaces only) in a Layer 3 aggregation group.

To configure this command on the preceding interfaces at the same time, you must manually specify the local and remote discriminators on each of the interfaces. As a best practice, do not configure this command on these interfaces at the same time.

· VLAN interfaces.

To modify your configuration, remove it by using the undo form of the command and then execute the bfd detect-interface source-ip command again.

The echo function does not take effect on BFD sessions associated with interface states.

If you specify an existing template for this command, the bfd demand enable command cannot take effect.

Examples

# Associate GigabitEthernet 1/0/1 with BFD to detect the interface state, and specify the source IP address as 20.1.1.1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] bfd detect-interface source-ip 20.1.1.1

Related commands

bfd demand enable

bfd echo enable

bfd template

bfd detect-interface first-fail-timer

Use bfd detect-interface first-fail-timer to configure the timer that delays reporting the first BFD session establishment failure to the data link layer.

Use undo bfd detect-interface first-fail-timer to restore the default.

Syntax

bfd detect-interface first-fail-timer seconds

undo bfd detect-interface first-fail-timer

Default

The first BFD session establishment failure is not reported to the data link layer.

Views

Interface view

Predefined user roles

network-admin

context-admin

Parameters

seconds: Specifies the timeout time that reports the first BFD session establishment failure to the data link layer. The value range for this argument is 1 to 10000 seconds.

Usage guidelines

If the BFD session fails to be established when the timer expires, BFD reports the failure to the data link layer and sets the data link layer state of the interface to DOWN(BFD). This behavior rapidly identifies the interfaces for which BFD sessions fail to be established. In this case, the BFD session state is displayed as Down in the display bfd session command output. The line protocol state of the interface is displayed as DOWN(BFD) in the display interface command output.

If you exeucte the bfd detect-interface source-ip command on the local end, the BFD session for detecting the local interface state fails to be established when the following conditions exist:

· The bfd detect-interface source-ip command is not executed on the remote end.

· The local and remote ends have mismatching BFD authentication settings.

Examples

# Configure the timer that delays reporting the first BFD session establishment failure as 10 seconds for GigabitEthernet 1/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] bfd detect-interface first-fail-timer 10

Related commands

bfd detect-interface source-ip

display interface (Interface Command Reference)

bfd detect-interface special-processing

Use bfd detect-interface special-processing to enable special processing for BFD sessions.

Use undo bfd detect-interface special-processing to disable special processing for BFD sessions.

Syntax

bfd detect-interface special-processing [ admin-down | authentication-change | session-up ] *

undo bfd detect-interface special-processing [ admin-down | authentication-change | session-up ] *

Default

All types of special processing for BFD sessions are disabled.

Views

Interface view

Predefined user roles

network-admin

context-admin

Parameters

admin-down: Notifies a session down event to the data link layer upon receipt of a BFD packet with the State field as AdminDown. This keyword helps rapidly discover interfaces on which BFD sessions are manually shut down. If you do not specify this keyword, the device sets the BFD session state to Down, but does not notify the session down event to the data link layer.

authentication-change: Immediately sets the session to down state upon a local authentication information change. This keyword helps rapidly discover interfaces with authentication information changes. If you do not specify this keyword, the device sets the session to down state if authentication information inconsistency still persists after a period of time.

session-up: Ignores authentication information inconsistency when the local session is up. If a large number of BFD sessions exist, examining authentication information consistency affects device performance. If you do not specify this keyword, the device examines authentication information in incoming BFD packets when the local session state is up. If the authentication information does not match on the two ends, the BFD session is declared down.

Usage guidelines

If you do not specify any parameters, this command enables or disables all types of special processing.

Examples

# Enable all types of special processing for BFD sessions on GigabitEthernet 1/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] bfd detect-interface special-processing admin-down authentication-change session-up

bfd detect-multiplier

Use bfd detect-multiplier to set the single-hop detection time multiplier for control packet mode and the detection time multiplier for echo packet mode.

Use undo bfd detect-multiplier to restore the default.

Syntax

bfd detect-multiplier value

undo bfd detect-multiplier

Default

The single-hop detection time multiplier for control packet mode and the detection time multiplier for echo packet mode are both 5.

Views

Interface view

BFD template view

Static BFD session view

Predefined user roles

network-admin

context-admin

Parameters

value: Specifies a detection time multiplier. The value range for this argument is 3 to 50.

Usage guidelines

The detection time multiplier determines the maximum number of concurrent BFD packets (including control packets and echo packets) that can be discarded.

Table 1 Detection interval calculation method

Mode	Detection interval
Echo packet mode	Detection time multiplier of the sender × actual packet sending interval of the sender
Control packet mode BFD session in asynchronous mode	Detection time multiplier of the receiver × actual packet sending interval of the receiver
Control packet mode BFD session in demand mode	Detection time multiplier of the sender × actual packet sending interval of the sender

If this command is executed in static BFD session view, it takes effect only on static BFD sessions used for single-hop detection.

Examples

# Set the single-hop detection time multiplier for control packet mode and the detection time multiplier for echo packet mode to 6 on GigabitEthernet 1/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] bfd detect-multiplier 6

bfd echo enable

Use bfd echo enable to enable the echo function.

Use undo bfd echo enable to disable the echo function.

Syntax

bfd echo [ receive | send ] enable

undo bfd echo [ receive | send ] enable

Default

The echo function is disabled.

Views

Interface view

Static BFD session view

Predefined user roles

network-admin

context-admin

Parameters

receive: Specifies the echo packet receiving capability.

send: Specifies the echo packet sending capability.

Usage guidelines

If you enable the echo function for a BFD session in which control packets are sent and the session comes up, BFD performs the following operations:

· Periodically sends echo packets to detect link connectivity.

· Decreases the control packet receiving rate at the same time.

To enable only the echo packet receiving capability, use the bfd echo receive enable command.

To enable only the echo packet sending capability, use the bfd echo send enable command.

If you do not specify the receive or send keyword, the command enables both the echo packet receiving and sending capabilities.

The echo function does not take effect on BFD sessions associated with interface states.

If this command is executed in static BFD session view, it takes effect only on static BFD sessions used for single-hop detection.

BFD version 0 does not support this command. The configuration does not take effect.

Examples

# Enable the echo function on GigabitEthernet 1/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] bfd echo enable

bfd echo-source-ip

Use bfd echo-source-ip to configure the source IP address of BFD echo packets.

Use undo bfd echo-source-ip to remove the configured source IP address of BFD echo packets.

Syntax

bfd echo-source-ip ip-address

undo bfd echo-source-ip

Default

No source IP address is configured for BFD echo packets.

Views

System view

Predefined user roles

network-admin

context-admin

Parameters

ip-address: Specifies the source IP address of BFD echo packets.

Usage guidelines

The source IP address cannot be on the same network segment as any local interface's IP address. Otherwise, a large number of ICMP redirect packets might be sent from the peer, resulting in link congestion.

Examples

# Configure the source IP address of BFD echo packets as 8.8.8.8.

<Sysname> system-view

[Sysname] bfd echo-source-ip 8.8.8.8

bfd echo-source-ipv6

Use bfd echo-source-ipv6 to configure the source IPv6 address of BFD echo packets.

Use undo bfd echo-source-ipv6 to remove the configured source IPv6 address of BFD echo packets.

Syntax

bfd echo-source-ipv6 ipv6-address

undo bfd echo-source-ipv6

Default

No source IPv6 address is configured for BFD echo packets.

Views

System view

Predefined user roles

network-admin

context-admin

Parameters

ipv6-address: Specifies the source IPv6 address for BFD echo packets.

Usage guidelines

The source IPv6 address of echo packets can only be a global unicast address.

The source IPv6 address cannot be on the same network segment as any local interface's IP address. Otherwise, a large number of ICMP redirect packets might be sent from the peer, resulting in link congestion.

Examples

# Configure the source IPv6 address of BFD echo packets as 80::2.

<Sysname> system-view

[Sysname] bfd echo-source-ipv6 80::2

bfd init-fail timer

Use bfd init-fail-timer to set the delay timer for BFD to notify upper-layer protocols of session establishment failures.

Use undo bfd init-fail-timer to restore the default.

Syntax

bfd init-fail-timer seconds

undo bfd init-fail-timer

Default

BFD does not notify upper-layer protocols of session establishment failures.

Views

System view

Predefined user roles

network-admin

context-admin

Parameters

seconds: Specifies the delay time in the range of 5 to 600 seconds. After the delay time, BFD notifies the upper-layer protocol of session establishment failures.

Usage guidelines

This command takes effect only for control packet mode.

In some cases, for an upper-layer protocol to act correctly, BFD must notify the upper-layer protocol of session establishment failures.

For session establishment failures caused by configuration mismatches at the two ends, this command can cause the upper-layer protocol to act incorrectly. Therefore, use this command with caution. BFD status mismatch and BFD authentication configuration mismatch are examples of configuration mismatches.

Examples

# Set the delay timer to 10 seconds for BFD to notify upper-layer protocols of session establishment failures.

<Sysname> system-view

[Sysname] bfd init-fail-timer 10

bfd min-echo-receive-interval

Use bfd min-echo-receive-interval to set the minimum interval for receiving BFD echo packets.

Use undo bfd min-echo-receive-interval to restore the default.

Syntax

bfd min-echo-receive-interval interval

undo bfd min-echo-receive-interval

Default

The minimum interval for receiving BFD echo packets is 400 milliseconds.

Views

Interface view

BFD template view

Static BFD session view

Predefined user roles

network-admin

context-admin

Parameters

interval: Specifies the minimum interval for receiving BFD echo packets, in milliseconds. The value takes 0 or is in the range of 100 to 1000.

Usage guidelines

This command sets the BFD echo packet receiving interval, which is the actual BFD echo packet sending interval.

The local end stops sending echo packets after autonegotiation with the remote end if the following conditions are met:

· The echo function is enabled on the local end.

· The minimum interval for receiving BFD echo packets is set to 0 milliseconds on the remote end.

If this command is executed in static BFD session view, it takes effect only on static BFD sessions used for single-hop detection.

Examples

# Set the minimum interval for receiving BFD echo packets to 500 milliseconds on GigabitEthernet 1/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] bfd min-echo-receive-interval 500

bfd min-receive-interval

Use bfd min-receive-interval to set the minimum interval for receiving single-hop BFD control packets.

Use undo bfd min-receive-interval to restore the default.

Syntax

bfd min-receive-interval interval

undo bfd min-receive-interval

Default

The minimum interval for receiving single-hop BFD control packets is 400 milliseconds.

Views

Interface view

BFD template view

Static BFD session view

Predefined user roles

network-admin

context-admin

Parameters

interval: Specifies the minimum interval for receiving single-hop BFD control packets, in milliseconds. The value range for this argument is 100 to 1000.

Usage guidelines

Use this command to prevent the control packet sending rate of the peer end from exceeding the control packet receiving rate of the local end.

The actual control packet sending interval of the peer end takes the greater value between the following values:

· Minimum interval for transmitting BFD control packets on the peer end.

· Minimum interval for receiving BFD control packets on the local end.

If this command is executed in static BFD session view, it takes effect only on static BFD sessions used for single-hop detection.

Examples

# Set the minimum interval for receiving single-hop BFD control packets to 500 milliseconds on GigabitEthernet 1/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] bfd min-receive-interval 500

bfd min-transmit-interval

Use bfd min-transmit-interval to set the minimum interval for transmitting single-hop BFD control packets.

Use undo bfd min-transmit-interval to restore the default.

Syntax

bfd min-transmit-interval interval

undo bfd min-transmit-interval

Default

The minimum interval for transmitting single-hop BFD control packets is 400 milliseconds.

Views

Interface view

BFD template view

Static BFD session view

Predefined user roles

network-admin

context-admin

Parameters

interval: Specifies the minimum interval for transmitting single-hop BFD control packets, in milliseconds. The value range for this argument is 100 to 1000.

Usage guidelines

Use this command to prevent the BFD packet sending rate from exceeding the device capability.

The actual BFD control packet transmitting interval on the local end is the greater value between the following values:

· Minimum interval for transmitting BFD control packets on the local end.

· Minimum interval for receiving BFD control packets on the peer end.

If this command is executed in static BFD session view, it takes effect only on static BFD sessions used for single-hop detection.

Examples

# Set the minimum interval for transmitting single-hop BFD control packets to 500 milliseconds on GigabitEthernet 1/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] bfd min-transmit-interval 500

bfd multi-hop authentication-mode

Use bfd multi-hop authentication-mode to configure the authentication mode for multihop BFD control packets.

Use undo bfd multi-hop authentication-mode to restore the default.

Syntax

bfd multi-hop authentication-mode { hmac-md5 | hmac-mmd5 | hmac-msha1 | hmac-sha1 | m-md5 | m-sha1 | md5 | sha1 | simple } key-id { cipher | plain } string

undo bfd multi-hop authentication-mode

Default

No authentication is performed.

Views

System view

Predefined user roles

network-admin

context-admin

Parameters

hmac-md5: Specifies the HMAC MD5 algorithm.

hmac-mmd5: Specifies the HMAC Meticulous MD5 algorithm.

hmac-msha1: Specifies the HMAC Meticulous SHA1 algorithm.

hmac-sha1: Specifies the HMAC SHA1 algorithm.

m-md5: Specifies the Meticulous MD5 algorithm.

m-sha1: Specifies the Meticulous SHA1 algorithm.

md5: Specifies the MD5 algorithm.

sha1: Specifies the SHA1 algorithm.

simple: Specifies the simple authentication mode.

key-id: Sets the authentication key ID in the range of 1 to 255.

cipher: Specifies a key in encrypted form.

plain: Specifies a key in plaintext form. For security purposes, the key specified in plaintext form will be stored in encrypted form.

string: Specifies the key. Its plaintext form is a case-sensitive string of 1 to 16 characters. Its encrypted form is a case-sensitive string of 33 to 53 characters.

Usage guidelines

Use this command to enhance BFD session security.

BFD version 0 does not support this command. The configuration does not take effect.

Examples

# Configure the simple authentication mode for multihop BFD control packets, setting the authentication key ID to 1 and key to 123456.

<Sysname> system-view

[Sysname] bfd multi-hop authentication-mode simple 1 plain 123456

bfd multi-hop destination-port

Use bfd multi-hop destination-port to configure the destination port number for multihop BFD control packets.

Use undo bfd multi-hop destination-port to restore the default.

Syntax

bfd multi-hop destination-port port-number

undo bfd multi-hop destination-port

Default

The destination port number for multihop BFD control packets is 4784.

Views

System view

Predefined user roles

network-admin

context-admin

Parameters

port-number: Specifies the destination port number of multihop BFD control packets, 3784 or 4784.

Examples

# Specify the destination port number for multihop BFD control packets as 3784.

<Sysname> system-view

[Sysname] bfd multi-hop destination-port 3784

bfd multi-hop detect-multiplier

Use bfd multi-hop detect-multiplier to set the multihop detection time multiplier for control packet mode.

Use undo bfd multi-hop detect-multiplier to restore the default.

Syntax

bfd multi-hop detect-multiplier value

undo bfd multi-hop detect-multiplier

Default

The multihop detection time multiplier for control packet mode is 5.

Views

System view

Predefined user roles

network-admin

context-admin

Parameters

value: Specifies the multihop detection time multiplier in the range of 3 to 50.

Usage guidelines

The detection time multiplier determines the maximum number of concurrent BFD control packets that can be discarded.

Table 2 Detection interval calculation method

Mode	Detection interval
Control packet mode BFD session in asynchronous mode	Detection time multiplier of the receiver × actual packet sending interval of the receiver
Control packet mode BFD session in demand mode	Detection time multiplier of the sender × actual packet sending interval of the sender

Examples

# Set the multihop detection time multiplier to 6.

<Sysname> system-view

[Sysname] bfd multi-hop detect-multiplier 6

bfd multi-hop min-receive-interval

Use bfd multi-hop min-receive-interval to set the minimum interval for receiving multihop BFD control packets.

Use undo bfd multi-hop min-receive-interval to restore the default.

Syntax

bfd multi-hop min-receive-interval interval

undo bfd multi-hop min-receive-interval

Default

The minimum interval for receiving multihop BFD control packets is 400 milliseconds.

Views

System view

Predefined user roles

network-admin

context-admin

Parameters

interval: Specifies the minimum interval for receiving multihop BFD control packets, in milliseconds. The value range for this argument is 100 to 1000.

Usage guidelines

Use this command to prevent the packet sending rate of the peer end from exceeding the packet receiving capability (minimum control packet receiving interval) of the local end. If the receiving capability is exceeded, the peer end dynamically adjusts the BFD control packet sending interval to the minimum control packet receiving interval of the local end.

Examples

# Set the minimum interval for receiving multihop BFD control packets to 500 milliseconds.

<Sysname> system-view

[Sysname] bfd multi-hop min-receive-interval 500

bfd multi-hop min-transmit-interval

Use bfd multi-hop min-transmit-interval to set the minimum interval for transmitting multihop BFD control packets.

Use undo bfd multi-hop min-transmit-interval to restore the default.

Syntax

bfd multi-hop min-transmit-interval interval

undo bfd multi-hop min-transmit-interval

Default

The minimum interval for transmitting multihop BFD control packets is 400 milliseconds.

Views

System view

Predefined user roles

network-admin

context-admin

Parameters

interval: Specifies the minimum interval for transmitting multihop BFD control packets, in milliseconds. The value range for this argument is 100 to 1000.

Usage guidelines

Use this command to prevent the BFD packet sending rate from exceeding the device capability.

The actual BFD control packet transmitting interval on the local end is the greater value between the following values:

· Minimum interval for transmitting BFD control packets on the local end.

· Minimum interval for receiving BFD control packets on the peer end.

Examples

# Set the minimum interval for transmitting multihop BFD control packets to 500 milliseconds.

<Sysname> system-view

[Sysname] bfd multi-hop min-transmit-interval 500

bfd session init-mode

Use bfd session init-mode to configure the mode for establishing a BFD session.

Use undo bfd session init-mode to restore the default.

Syntax

bfd session init-mode { active | passive }

undo bfd session init-mode

Default

BFD uses the active mode.

Views

System view

Predefined user roles

network-admin

context-admin

Parameters

active: Specifies the active mode. In active mode, BFD actively transmits BFD control packets to the remote device, regardless of whether it receives a BFD control packet from the remote device.

passive: Specifies the passive mode. In passive mode, BFD does not actively transmit a BFD control packet to the remote end; it transmits a BFD control packet only after receiving a BFD control packet from the remote end.

Usage guidelines

A minimum of one end must operate in active mode for a BFD session to be established.

BFD version 0 does not support this command. The configuration does not take effect.

Examples

# Configure the session establishment mode as passive.

<Sysname> system-view

[Sysname] bfd session init-mode passive

bfd static

Use bfd static to create a static BFD session and enter its view, or enter the view of an existing static BFD session.

Use undo bfd static to delete a static BFD session and all its settings.

Syntax

bfd static session-name [ peer-ip ipv4-address [ vpn-instance vpn-instance-name | interface interface-type interface-number ] source-ip ipv4-address discriminator local local-value remote remote-value ]

bfd static session-name [ peer-ipv6 ipv6-address [ vpn-instance vpn-instance-name | interface interface-type interface-number ] source-ipv6 ipv6-address discriminator local local-value remote remote-value ]

bfd static session-name [ peer-ip default-ip interface interface-type interface-number source-ip ip-address discriminator local discr-value remote discr-value ]

undo bfd static session-name

Default

No static BFD sessions exist.

Views

System view

Predefined user roles

network-admin

context-admin

Parameters

session-name: Specifies a static BFD session name, a case-sensitive string of 1 to 15 characters.

peer-ip ipv4-address: Specifies the peer IPv4 address in dotted decimal notation. It must be a valid unicast IPv4 address.

peer-ipv6 ipv6-address: Specifies the peer IPv6 address.

default-ip: Specifies the peer IPv4 address as 224.0.0.184.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify this option, the static BFD session belongs to the public network.

interface interface-type interface-number: Specifies an interface by its type and number. The command performs single-hop detection on the link with the specified interface as the outgoing interface and the specified peer IP address as the next hop.

source-ip ipv4-address: Specifies the source IPv4 address for control packets, in dotted decimal notation. It must be a valid unicast IPv4 address.

source-ipv6 ipv6-address: Specifies the source IPv6 address for control packets.

discriminator: Specifies BFD session discriminators.

local local-value: Specifies the local discriminator in the range of 1 to 32768.

remote remote-value: Specifies the remote discriminator in the range of 1 to 4294967295.

Usage guidelines

A static BFD session can be used for single-hop detection and multihop detection. By working with Track, a static BFD session can provide fast failure detection. For more information about Track association with BFD, see Track in High Availability Configuration Guide.

The BFD session discriminators must match on the local and peer devices. For example, if you configure bfd static abc peer-ip 20.1.1.1 vpn-instance vpn1 source-ip 20.1.1.2 discriminator local 513 remote 514 on the local device, you must configure bfd static bcd peer-ip 20.1.1.2 vpn-instance vpn1 source-ip 20.1.1.1 discriminator local 514 remote 513 on the peer device.

When creating a static BFD session, you must specify a peer IP address. The system checks only the format of the IP address but not its correctness. If the peer IPv4 or IPv6 address is incorrect, the static BFD session cannot be established.

The bfd static session-name command without any parameters specified can only be used to enter the view of an existing static BFD session.

To modify a static BFD session, delete it and then configure a new static BFD session.

If you do not specify a VPN instance or an interface, the device performs multihop detection in the public network.

To detect network layer connectivity, execute the following commands:

· bfd static session-name peer-ip ipv4-address interface interface-type interface-number source-ip ipv4-address discriminator local local-value remote remote-value

For the static BFD session to be successfully established, make sure the IPv4 addresses of the local and peer interfaces where the static BFD session resides are used as the source and peer IPv4 addresses, respectivley.

· bfd static session-name peer-ipv6 ipv6-address interface interface-type interface-number source-ipv6 ipv6-address discriminator local local-value remote remote-value

For the static BFD session to be successfully established, make sure the IPv6 addresses of the local and peer interfaces where the static BFD session resides are used as the source and peer IPv6 addresses, respectivley.

To detect data link layer connectivity, execute the following command:

· bfd static session-name peer-ip default-ip interface interface-type interface-number source-ip ip-address discriminator local discr-value remote discr-value

If the process-interface-status command is also executed, BFD sets the interface state to DOWN(BFD) when detecting a link failure. Specify the IP address of the interface as the source IP address. If the interface does not have an IP address, specify a unicast IP address other than 0.0.0.0 as the source IP address. An interface can use only one static BFD session to detect data link layer connectivity.

BFD supports detecting data link connectivity for the following interface types:

· Layer 3 Ethernet interfaces and subinterfaces. For BFD detection to take effect, do not execute this command on both a Layer 3 Ethernet interface and its subinterface.

· Layer 3 aggregate interfaces, Layer 3 aggregate subinterfaces, and member ports in a Layer 3 aggregation group. For BFD detection to take effect, do not execute this command on any two of the interface types at the same time.

· VLAN interfaces.

Different static BFD sessions cannot have the same local discriminator.

Examples

# Create a static BFD session and enter its view. The static BFD session detects the link with the outgoing interface GigabitEthernet 1/0/1 and the next hop 1.1.1.2. The source IP address for the session is 1.1.1.1, the local discriminator is 1537, and the remote discriminator is 2048.

<Sysname> system-view

[Sysname] bfd static aaaa peer-ip 1.1.1.2 interface gigabitethernet 1/0/1 source-ip 1.1.1.1 discriminator local 1537 remote 2048

[Sysname-bfd-static-session-abc]

Related commands

process-interface-status

bfd template

Use bfd template to create a BFD template and enter its view, or enter the view of an existing BFD template.

Use undo bfd template to delete the BFD template.

Syntax

bfd template template-name

undo bfd template template-name

Default

No BFD templates exist.

Views

System view

Predefined user roles

network-admin

context-admin

Parameters

template-name: Specifies the template name, a case-sensitive string of 1 to 63 characters.

Examples

# Create BFD template bfd1 and enter BFD template view.

<Sysname> system-view

[Sysname] bfd template bfd1

[Sysname-bfd-template-bfd1]

display bfd session

Use display bfd session to display BFD session information.

Syntax

display bfd session [ discriminator local local-value | static session-name | verbose ]

display bfd session [ [ dynamic ] [ control | echo ] [ ip ] [ state { down | admin-down | init | up } ] [ discriminator remote remote-value ] [ peer-ip ipv4-address [ vpn-instance vpn-instance-name ] ] [ verbose ] ]

display bfd session [ [ dynamic ] [ control | echo ] [ ipv6 ] [ state { down | admin-down | init | up } ] [ discriminator remote remote-value ] [ peer-ipv6 ipv6-address [ vpn-instance vpn-instance-name ] ] [ verbose ] ]

display bfd session [ [ dynamic ] [ control | echo ] [ state { down | admin-down | init | up } ] [ discriminator remote remote-value ] [ [ peer-ip ipv4-address [ vpn-instance vpn-instance-name ] ] | [ peer-ipv6 ipv6-address [ vpn-instance vpn-instance-name ] ] ] [ verbose ] ]

display bfd session [ [ static ] [ ip ] [ state { down | admin-down | init | up } ] [ discriminator remote remote-value ] [ peer-ip ipv4-address [ vpn-instance vpn-instance-name ] ] [ verbose ]

display bfd session [ [ static ] [ ipv6 ] [ state { down | admin-down | init | up } ] [ discriminator remote remote-value ] [ peer-ipv6 ipv6-address [ vpn-instance vpn-instance-name ] ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

context-admin

context-operator

Parameters

discriminator local local-value: Specifies a BFD session by its local discriminator in the range of 1 to 4294967295.

static session-name: Specifies a static BFD session by its name, a case-sensitive string of 1 to 15 characters.

dynamic: Specifies dynamic BFD sessions.

static: Specifies static BFD sessions.

control: Specifies BFD sessions in control mode.

echo: Specifies BFD sessions in echo mode.

ip: Specifies BFD sessions used to detect IPv4 links.

ipv6: Specifies BFD sessions used to detect IPv6 links.

state: Displays BFD sessions by session state.

down: Specifies BFD sessions in Down state.

admin-down: Specifies BFD sessions in AdminDown state.

init: Specifies BFD sessions in Init state.

up: Specifies BFD sessions in Up state.

discriminator remote remote-value: Specifies a BFD session by its remote discriminator in the range of 1 to 4294967295.

peer-ip ipv4-address: Specifies a BFD session by the peer IPv4 address in dotted decimal notation.

peer-ipv6 ipv6-address: Specifies a BFD session by the peer IPv6 address.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify this option, the command displays information for the BFD sessions of the public network.

verbose: Displays detailed BFD session information.

Usage guidelines

If you do not specify the dynamic or static keyword, this command displays all dynamic and static BFD sessions.

Examples

# Display brief information about all BFD sessions.

<Sysname> display bfd session

Total sessions: 7 Up sessions: 7 Init mode: Active

IPv4 session working in control packet mode:

LD/RD SourceIP DestinationIP State Holdtime Interface

513/513 1.1.1.1 1.1.1.2 Up 2297ms GE1/0/1

IPv6 session working in control packet mode:

Local discr: 513 Remote discr: 513

Source IP: FE80::20C:29FF:FED4:7171

Destination IP: FE80::20C:29FF:FE72:AC4D

Session state: Up Interface: GE1/0/1

Hold time: 2142ms

IPv4 static session working in control packet mode:

LD/RD SourceIP DestinationIP State Holdtime Interface

1017/7101 2.1.1.1 2.1.1.2 Up 4988ms GE1/0/1

IPv6 static session working in control packet mode:

Local discr: 1226 Remote discr: 6221

Source IP: 12::1

Destination IP: 12::2

Session state: Up Interface: GE1/0/1

Hold time: 4812ms

Table 3 Command output

Field	Description
Total sessions	Total number of BFD sessions.
Up sessions	Total number of active BFD sessions.
Init mode	BFD operating mode: Active or Passive.
IPv4 session working in control packet mode	BFD session type and operating mode: · IPv4 session working in control packet mode. · IPv4 session working in echo mode. · IPv6 session working in control packet mode. · IPv6 session working in echo mode. · IPv4 static session working in control packet mode. · IPv6 static session working in control packet mode.
LD/RD	Local discriminator/Remote discriminator of the session.
Source IP	Source IPv4 address of the session.
Destination IP	Destination IPv4 address of the session.
State	Session state: Down, Init, Adown, or Up.
Holdtime	Length of time before session detection timer expires. For a BFD session in Down state, this field displays 0ms.
Interface	Name of the interface of the session.
Local discr	Local discriminator of the session.
Remote discr	Remote discriminator of the session.
Session state	Session state: Down, Adown, Init, or Up.
Hold time	Length of time before session detection timer expires. For a BFD session in Down state, this field displays 0ms.

‌

# Display detailed information about all BFD sessions.

<Sysname> display bfd session verbose

Total sessions: 7 Up sessions: 7 Init mode: Active

IPv4 session working in control packet mode:

Local discr: 33793 Remote discr: 33793

Source IP: 23.1.1.2 Destination IP: 23.1.1.3

Session state: Up

Interface: GigabitEthernet1/0/1

Min Tx interval: 1000ms Actual Tx interval: 1000ms

Min Rx interval: 1000ms Detection time: 5000ms

Rx count: 133 Tx count: 142

Connection type: Direct Up duration: 00:02:01

Hold time: 4571ms Auth mode: None

Detection mode: Async Slot: 0

Protocol: OSPF

Version: 1

Diag info: No Diagnostic

IPv6 session working in control packet mode:

Local discr: 33794 Remote discr: 33794

Source IP: FE80::5457:A5FF:FE0F:306

Destination IP: FE80::5457:A1FF:FEB5:206

Session state: Up

Interface: GigabitEthernet1/0/1

Min Tx interval: 1000ms Actual Tx interval: 1000ms

Min Rx interval: 1000ms Detection time: 5000ms

Rx count: 3262 Tx count: 3048

Connection type: Direct Up duration: 00:44:26

Hold time: 4409ms Auth mode: None

Detection mode: Async Slot: 0

Protocol: OSPFv3

Version: 1

Diag info: No Diagnostic

IPv4 static session working in control packet mode:

Session name: abc

Local discr: 1017 Remote discr: 7101

Source IP: 2.1.1.1 Destination IP: 2.1.1.2

Session state: Up

Interface: GigabitEthernet1/0/1

Min Tx interval: 1000ms Actual Tx interval: 1000ms

Min Rx interval: 1000ms Detection time: 5000ms

Rx count: 1012 Tx count: 1064

Connection type: Direct Up duration: 00:14:41

Hold time: 4438ms Auth mode: None

Detection mode: Async Slot: 0

Protocol: STATIC_IPv4

Version: 1

Diag info: No Diagnostic

IPv6 static session working in control packet mode:

Session name: blue

Local discr: 1226 Remote discr: 6221

Source IP: 12::1

Destination IP: 12::2

Session state: Up

Interface: GigabitEthernet1/0/1

Min Tx interval: 1000ms Actual Tx interval: 1000ms

Min Rx interval: 1000ms Detection time: 5000ms

Rx count: 225 Tx count: 266

Connection type: Direct Up duration: 00:03:13

Hold time: 4371ms Auth mode: None

Detection mode: Async Slot: 0

Protocol: STATIC_IPv6

Version: 1

Diag info: No Diagnostic

Table 4 Command output

Field	Description
Total sessions	Total number of BFD sessions.
Up sessions	Total number of active BFD sessions.
Init mode	BFD operating mode: Active or Passive.
IPv4 session working in control packet mode	BFD session type and operating mode: · IPv4 session working in control packet mode. · IPv4 session working in echo mode. · IPv6 session working in control packet mode. · IPv6 session working in echo mode. · IPv4 static session working in control packet mode. · IPv6 static session working in control packet mode.
Local discr	Local ID of the session.
Remote discr	Remote ID of the session.
Source IP	Source IP address of the session.
Destination IP	Destination IP address of the session.
Session state	Session state: Down, Init, or Up.
Interface	Name of the interface of the session.
Min Tx interval	Minimum transmit interval.
Min Rx interval	Minimum receive interval.
Actual Tx interval	Actual transmit interval.
Detection time	Actual session detection timer.
Rx count	Number of packets received.
Tx count	Number of packets sent.
Connection type	Connection type of the interface: Direct or indirect.
Up duration	Time period for which the session has been up.
Hold time	Length of time before session detection timer expires. For a BFD session in down state, this field displays 0ms.
Auth mode	Session authentication mode.
Connect type	Connection type of the interface: Direct or indirect.
Up duration	Time period for which the session has been up.
Detection mode	Detection mode: · Async—Asynchronous mode. · Demand—Demand mode. · Async/Echo—Asynchronous mode with echo function enabled. · Demand/Echo—Demand mode with echo function enabled.
Slot	Slot number of the card where the BFD session resides.
Protocol	Protocol associated with BFD: · OSPF. · ISIS_BR_L1—IS-IS with the network type as broadcast and the router type as Level 1. · ISIS_BR_L2—IS-IS with the network type as broadcast and the router type as Level 2. · ISIS_P2P—IS-IS with the network type as P2P. · ISIS6_BR_L1—IPv6 IS-IS with the network type as broadcast and the router type as Level 1. · ISIS6_BR_L2—IPv6 IS-IS with the network type as broadcast and the router type as Level 2. · ISIS6_P2P—IPv6 IS-IS with the network type as P2P. · BGP. · STATIC4—IPv4 static routing. · TRACK—Track. · RIP. · IPFRR—FIB IP FRR. · MAD. · OSPFv3. · BGP4+. · PIM. · STATIC6—IPv6 static routing. · RIPNG—RIPng. · Interface—Interface state. · TUNNEL. · STATIC_IPv4—IPv4 static BFD session. · STATIC_IPv6—IPv6 static BFD session.
Diag info	Diagnostic information about the session: · No Diagnostic. · Control Detection Time Expired—A control-mode BFD session goes down because local detection times out. · Echo Function Failed—An echo-mode BFD session goes down, because local detection times out or the source IP address of echo packets is deleted. · Neighbor Signaled Session Down—The remote end notifies the local end of BFD session down. · Administratively Down—The local system prevents a BFD session from being established.

‌

first-fail-timer

Use first-fail-timer to configure the timer that delays reporting the first BFD session establishment failure to the data link layer.

Use undo first-fail-timer to restore the default.

Syntax

first-fail-timer seconds

undo first-fail-timer

Default

The first BFD session establishment failure is not reported to the data link layer.

Views

Static BFD session view

Predefined user roles

network-admin

context-admin

Parameters

seconds: Specifies the timeout time that reports the first BFD session establishment failure to the data link layer. The value range for this argument is 1 to 10000 seconds.

Usage guidelines

This command takes effect only on static BFD sessions after you configure the process-interface-status command.

If the static BFD session fails to be established when the timer expires, BFD reports the failure to the data link layer and sets the data link layer state of the interface to DOWN(BFD). This behavior rapidly identifies the interfaces for which BFD sessions fail to be established. In this case, the BFD session state is displayed as Down in the display bfd session command output. The line protocol state of the interface is displayed as DOWN(BFD) in the display interface command output.

If you exeucte the command on the local end, the BFD session for detecting the local interface state fails to be established when the following conditions exist:

· The command is not executed on the remote end.

· The local and remote ends have mismatching BFD authentication settings.

Examples

# Configure the timer that delays reporting the first BFD session establishment failure as 100 seconds.

<Sysname> system-view

[Sysname] bfd static abc peer-ip default-ip interface gigabitethernet 1/0/1 source-ip 10.1.1.1 discriminator local 1 remote 1

[Sysname-bfd-static-session-1] first-fail-timer 100

Related commands

bfd static

display interface (Interface Command Reference)

processing-interface-status

process-interface-status

Use process-interface-status to associate the interface state with a static BFD session.

Use undo process-interface-status to restore the default.

Syntax

process-interface-status

undo process-interface-status

Default

The state of a static BFD session does not affect the state of the data link layer of the interface.

Views

Static BFD session view

Predefined user roles

network-admin

context-admin

Usage guidelines

This command enables a static BFD session with peer address 224.0.0.184 to set the link layer protocol of the interface to DOWN(BFD) when detecting a link failure. To display information about the link layer protocol state, use the display interface command.

Examples

# Associate the state of GigabitEthernet 1/0/1 with static BFD session abc.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname] bfd static abc peer-ip default-ip interface gigabitethernet 1/0/1 source-ip 10.1.1.1 discriminator local 1 remote 1

[Sysname-bfd-static-session-abc] process-interface-status

Related commands

bfd static

display interface

reset bfd session statistics

Use reset bfd session statistics to clear the BFD session statistics.

Syntax

reset bfd session statistics

Views

User view

Predefined user roles

network-admin

context-admin

Examples

# Clear the BFD session statistics.

<Sysname> reset bfd session statistics

snmp-agent trap enable bfd

Use snmp-agent trap enable bfd to enable SNMP notifications for BFD.

Use undo snmp-agent trap enable bfd to disable SNMP notifications for BFD.

Syntax

snmp-agent trap enable bfd

undo snmp-agent trap enable bfd

Default

All SNMP notifications are enabled for BFD.

Views

System view

Predefined user roles

network-admin

context-admin

Usage guidelines

To report critical BFD events to an NMS, enable SNMP notifications for BFD. For BFD event notifications to be sent correctly, you must also configure SNMP as described in the network management and monitoring configuration guide for the device.

Examples

# Disable SNMP notifications for BFD.

<Sysname> system-view

[Sysname] undo snmp-agent trap enable bfd

special-processing

Use special-processing to enable special processing for a static BFD session used to detect data link layer connectivity.

Use undo special-processing to disable special processing for the static BFD session.

Syntax

special-processing [ admin-down | authentication-change | session-up ] *

undo special-processing [ admin-down | authentication-change | session-up ] *

Default

All types of special processing are disabled for a static BFD session used to detect data link layer connectivity.

Views

Static BFD session view

Predefined user roles

network-admin

context-admin

Parameters

Usage guidelines

If you do not specify any parameters, this command enables or disables all types of special processing.

Examples

# Enable all types of special processing for a static BFD session whose outgoing interface is GigabitEthernet 1/0/1.

<Sysname> system-view

[Sysname] bfd static abc peer-ip default-ip interface gigabitethernet 1/0/1 source-ip 10.1.1.1 discriminator local 1 remote 1

[Sysname-bfd-static-session-1] special-processing

Related commands

bfd static

process-interface-status

16-High Availability Command Reference

BFD commands

bfd multi-hop authentication-mode

reset bfd session statistics

snmp-agent trap enable bfd

Cloud & AI

InterConnect

Intelligent Terminal Products

Product Support Services

Technical Service Solutions

Resource Center

Policy

Online Help

Become a Partner

Partner Resources

Partner Business Management

Company Information

News & Events

Contact Us