Login
- Table of Contents
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 02-BFD configuration | 154.57 KB |
Contents
Single-hop detection and multihop detection
Restrictions and guidelines: BFD configuration
Configuring BFD sessions in echo packet mode
About BFD session creation methods
Configuring BFD session parameters for single-hop detection
Configuring BFD sessions in control packet mode
About BFD session creation methods
Configuring a static BFD session
Configuring BFD session parameters for single-hop detection
Associating the interface state with BFD
Configuring BFD session flapping suppression
Configuring BFD
About BFD
Bidirectional forwarding detection (BFD) provides a general-purpose, standard, medium- and protocol-independent fast failure detection mechanism. It can detect and monitor the connectivity of forwarding paths to detect communication failures quickly so that measures can be taken to ensure service continuity and enhance network availability.
BFD can uniformly and quickly detect the failures of the bidirectional forwarding paths between two devices for upper-layer protocols such as routing protocols. The hello mechanism used by upper-layer protocols needs seconds to detect a link failure, while BFD can provide detection measured in milliseconds.
Single-hop detection and multihop detection
BFD can be used for single-hop and multihop detections.
· Single-hop detection—Detects the IP connectivity between two directly connected systems.
· Multihop detection—Detects any of the paths between two systems. These paths have multiple hops, and might overlap.
BFD session modes
BFD session modes include echo mode (using echo packets) and control mode (using control packets).
Echo mode
Echo packets are encapsulated into UDP packets with port number 3785.
The local end of the link sends echo packets to establish BFD sessions and monitor link status. The peer end does not establish BFD sessions and only forwards the packets back to the originating end. If the local end does not receive echo packets from the peer end within the detection time, it considers the session to be down.
An echo-mode BFD session supports only single-hop detection and is independent of the operating mode.
Control mode
Control packets are encapsulated into UDP packets with port number 3784 for single-hop detection or port number 4784 for multihop detection.
The two ends of the link negotiate the establishment of BFD sessions by using the session parameters carried in control packets. Session parameters include session discriminators, desired minimum packet sending and receiving intervals, and local BFD session state.
Before a BFD session is established, BFD has two operating modes—active and passive.
· Active mode—BFD actively sends BFD control packets regardless of whether any BFD control packet is received from the peer.
· Passive mode—BFD does not send control packets until a BFD control packet is received from the peer.
At least one end must operate in active mode for a BFD session to be established.
After a BFD session is established, the two ends can operate in the following BFD operating modes:
· Asynchronous mode—The device periodically sends BFD control packets. The device considers that the session is down if it does not receive any BFD control packets within a specific interval.
· Demand mode—The device periodically sends BFD control packets with the D bit set. If the peer end is operating in Asynchronous mode (default), the peer end stops sending BFD control packets after receiving control packets with the D bit set. In this case, BFD detects only the connectivity from the local end to the peer end. If the peer end does not receive control packets within the detection time, the session is declared to be down. If the peer end is operating in Demand mode, both ends stop sending BFD control packets. The system uses other mechanisms such as Hello mechanism and hardware detection to detect links. The Demand mode can be used to reduce the overhead when a large number of BFD sessions exist.
Supported features
|
Features |
Reference |
|
Static routing IS-IS OSPF BGP IP fast reroute (FRR) |
Layer 3—IP Routing Configuration Guide |
|
IPv6 static routing OSPFv3 |
Layer 3—IP Routing Configuration Guide |
|
Ethernet link aggregation |
Layer 2—LAN Switching Configuration Guide |
Protocols and standards
· RFC 5880, Bidirectional Forwarding Detection (BFD)
· RFC 5881, Bidirectional Forwarding Detection (BFD) for IPv4 and IPv6 (Single Hop)
· RFC 5882, Generic Application of Bidirectional Forwarding Detection (BFD)
· RFC 5883, Bidirectional Forwarding Detection (BFD) for Multihop Paths
· RFC 7130, Bidirectional Forwarding Detection (BFD) on Link Aggregation Group (LAG) Interfaces
Restrictions and guidelines: BFD configuration
· By default, the device runs BFD version 1 and is compatible with BFD version 0. You cannot change the BFD version to 0 through commands. When the peer device runs BFD version 0, the local device automatically switches to BFD version 0.
· After a BFD session is established, the two ends negotiate BFD parameters, including minimum sending interval, minimum receiving interval, initialization mode, and packet authentication, by exchanging negotiation packets. They use the negotiated parameters without affecting the session status.
Configuring BFD sessions in echo packet mode
About BFD session creation methods
A BFD session can be created manually by using the bfd static command or created dynamically when an application module collaborates with BFD.
Restrictions and guidelines
When the same BFD session (with the same source IP address, destination IP address, interface, VPN, and destination port number) is associated with multiple upper layer applications, BFD selects the detection time settings for the BFD session as follows:
1. Minimum values of the following settings:
¡ Settings configured in static BFD session view.
¡ Settings configured in the BFD template specified by the upper layer application.
¡ Settings configured by the upper layer application.
2. Settings configured in interface view or system view.
3. Default settings.
When a BFD session is associated with only one upper layer application, BFD selects the detection time settings for the BFD session as follows:
1. BFD selects the detection time settings for the BFD session based on whether the upper layer application supports using a BFD template and configuring detection time settings:
¡ If a BFD template is specified and detection time settings are also configured for the upper layer application, BFD selects the settings configured in the specified BFD template.
¡ If a BFD template is specified for the upper layer application that does not support configuring detection time settings, BFD selects the settings configured in the specified BFD template.
¡ If detection time settings are configured for the upper layer application that does not support using a BFD template, BFD selects the configured settings.
2. Settings configured in interface view or system view.
3. Default settings.
Creating a static BFD session
About this task
A static BFD session in echo packet mode can be used to perform single-hop detection.
Restrictions and guidelines
You need to create a static BFD session in echo packet mode on only the local device to perform detection.
When creating a static BFD session, you must specify a peer IPv4 or IPv6 address. The system checks only the format of the IP address but not its correctness. If the peer IPv4 or IPv6 address is incorrect, the static BFD session cannot be established.
Different static BFD sessions cannot have the same local discriminator.
As a best practice, specify the source IP address for echo packets when creating a static BFD session. If you do not specify the source IP address, the device uses the IP address specified in the bfd echo-source-ip or bfd echo-source-ipv6 command as the source IP address of echo packets. If you do not specify the source IP address by using either method, the device uses the IP address specified in the destination-ip or destination-ipv6 command as the source IP address of echo packets.
Creating a static BFD session for single-hop detection
1. Enter system view.
system-view
2. (Optional.) Configure the source IP address of echo packets.
¡ Configure the source IP address of echo packets.
bfd echo-source-ip ip-address
By default, no source IPv4 address is configured for echo packets.
¡ Configure the source IPv6 address of echo packets.
bfd echo-source-ipv6 ipv6-address
By default, no source IPv6 address is configured for echo packets.
The source IPv6 address of echo packets can only be a global unicast address.
3. Create a static BFD session and enter static BFD session view.
IPv4:
bfd static session-name [ peer-ip ipv4-address interface interface-type interface-number destination-ip ipv4-address [ source-ip ipv4-address ] one-arm-echo [ discriminator auto ] ]
IPv6:
bfd static session-name [ peer-ipv6 ipv6-address interface interface-type interface-number destination-ipv6 ipv6-address [ source-ipv6 ipv6-address ] one-arm-echo [ discriminator auto ] ]
4. (Optional.) Specify a local discriminator for the static BFD session.
discriminator local local-value
By default, no local discriminator is specified.
You can use this command only if you do not specify a local discriminator when creating a static BFD session.
Creating a static BFD session for multihop detection
1. Enter system view.
system-view
2. (Optional.) Configure the source IP address of echo packets.
¡ Configure the source IPv4 address of echo packets.
bfd echo-source-ip ip-address
By default, no source IPv4 address is configured for echo packets.
¡ Configure the source IPv6 address of echo packets.
bfd echo-source-ipv6 ipv6-address
By default, no source IPv6 address is configured for echo packets.
The source IPv6 address of echo packets can only be a global unicast address.
3. Create a static BFD session and enter static BFD session view.
IPv4:
bfd static session-name [ peer-ip ipv4-address [ vpn-instance vpn-instance-name ] destination-ip ipv4-address [ source-ip ipv4-address ] one-arm-echo [ discriminator auto ] ]
IPv6:
bfd static session-name [ peer-ipv6 ipv6-address interface interface-type interface-number destination-ipv6 ipv6-address [ source-ipv6 ipv6-address ] one-arm-echo [ discriminator auto ] ]
4. (Optional.) Specify a local discriminator for the static BFD session.
discriminator local local-value
By default, no local discriminator is specified.
You can use this command only if you do not specify a local discriminator when creating a static BFD session.
Configuring BFD session parameters for single-hop detection
1. Enter system view.
system-view
2. Enter interface view or static BFD session view.
¡ Enter interface view.
interface interface-type interface-number
¡ Enter static BFD session view.
bfd static session-name
The static BFD session must already exist.
To configure parameters for a static BFD session, you must enter its view.
3. Set the minimum interval for receiving BFD echo packets.
bfd min-echo-receive-interval interval
By default, the minimum interval for receiving BFD echo packets is 400 milliseconds.
4. Set the detection time multiplier.
bfd detect-multiplier value
The default setting is 5.
Configuring BFD sessions in control packet mode
About BFD session creation methods
BFD sessions in control packet mode can be created statically or established dynamically.
BFD sessions are distinguished by the local discriminator and remote discriminator in control packets. The main difference between a statically created session and a dynamically established session is that they obtain the local discriminator and remote discriminator in different ways.
· The local discriminator and remote discriminator of a static BFD session are specified manually.
· The local discriminator of a dynamic BFD session is assigned by the device, and the remote discriminator is obtained during BFD session negotiation. A created session without manually specified local and remote discriminators is a dynamic BFD session.
Restrictions and guidelines
BFD version 0 does not support the following commands:
· bfd authentication-mode
· bfd demand enable
· bfd echo enable
· bfd session init-mode
Restrictions and guidelines
When the same BFD session (with the same source IP address, destination IP address, interface, VPN, and destination port number) is associated with multiple upper layer applications, BFD selects the detection time settings for the BFD session as follows:
1. Minimum values of the following settings:
¡ Settings configured in static BFD session view.
¡ Settings configured in the BFD template specified by the upper layer application.
¡ Settings configured by the upper layer application.
2. Settings configured in interface view or system view.
3. Default settings.
When a BFD session is associated with only one upper layer application, BFD selects the detection time settings for the BFD session as follows:
1. BFD selects the detection time settings for the BFD session based on whether the upper layer application supports using a BFD template and configuring detection time settings:
¡ If a BFD template is specified and detection time settings are also configured for the upper layer application, BFD selects the settings configured in the specified BFD template.
¡ If a BFD template is specified for the upper layer application that does not support configuring detection time settings, BFD selects the settings configured in the specified BFD template.
¡ If detection time settings are configured for the upper layer application that does not support using a BFD template, BFD selects the configured settings.
2. Settings configured in interface view or system view.
3. Default settings.
Configuring a static BFD session
Restrictions and guidelines for static BFD session configuration
If a static BFD session is created on the remote end, the static BFD session must be created on the local end.
When creating a static BFD session, you must specify a peer IPv4 or IPv6 address. The system checks only the format of the IP address but not its correctness. If the peer IPv4 or IPv6 address is incorrect, the static BFD session cannot be established.
Different static BFD sessions cannot have the same local discriminator.
Creating a static BFD session for single-hop detection
1. Enter system view.
system-view
2. Create a static BFD session and enter static BFD session view.
IPv4:
bfd static session-name [ peer-ip ipv4-address interface interface-type interface-number source-ip ipv4-address ]
For a static BFD session to be established, specify the IPv4 address of the peer interface where the static BFD session resides for the peer-ip ipv4-address option. Specify the IPv4 address of the local interface where the static BFD session resides for the source-ip ipv4-address option.
IPv6:
bfd static session-name [ peer-ipv6 ipv6-address interface interface-type interface-number source-ipv6 ipv6-address ]
For a static BFD session to be established, specify the IPv6 address of the peer interface where the static BFD session resides for the peer-ipv6 ipv6-address option. Specify the IPv6 address of the local interface where the static BFD session resides for the source-ipv6 ipv6-address option.
3. (Optional.) Specify the local and remote discriminators for the static BFD session.
discriminator { local local-value | remote remote-value }
By default, no local discriminator or remote discriminator is specified for a static BFD session.
Use this command only if you do not specify the local or remote discriminator when creating a static BFD session.
Create a static BFD session for multihop detection
1. Enter system view.
system-view
2. Create a static BFD session and enter static BFD session view.
IPv4:
bfd static session-name [ peer-ip ipv4-address [ vpn-instance vpn-instance-name ] source-ip ipv4-address ]
IPv6:
bfd static session-name [ peer-ipv6 ipv6-address [ vpn-instance vpn-instance-name ] source-ipv6 ipv6-address ]
3. (Optional.) Specify the local and remote discriminators for the static BFD session.
discriminator { local local-value | remote remote-value }
By default, no local discriminator or remote discriminator is specified for a static BFD session.
Use this command only if you do not specify the local or remote discriminator when creating a static BFD session.
Configuring BFD session parameters for single-hop detection
1. Enter system view.
system-view
2. Specify the mode for establishing a BFD session.
bfd session init-mode { active | passive }
By default, active is specified.
3. Enter interface view or static BFD session view.
¡ Enter interface view.
interface interface-type interface-number
¡ Enter static BFD session view.
bfd static session-name
The static BFD session must already exist.
To configure parameters for a static BFD session, you must enter its view.
4. (Optional.) Configure the authentication mode for single-hop control packets.
bfd authentication-mode { m-md5 | m-sha1 | md5 | sha1 | simple } key-id { cipher cipher-string | plain plain-string }
By default, single-hop BFD packets are not authenticated.
5. Enable the Demand BFD session mode.
bfd demand enable
By default, the BFD session is in Asynchronous mode.
6. Set the minimum interval for transmitting single-hop BFD control packets.
bfd min-transmit-interval interval
The default setting is 400 milliseconds.
7. Set the minimum interval for receiving single-hop BFD control packets.
bfd min-receive-interval interval
The default setting is 400 milliseconds.
8. Set the single-hop detection time multiplier.
bfd detect-multiplier value
The default setting is 5.
Enabling the echo function
About this task
This function enables the local system to periodically send echo packets to the remote system. The remote system loops back the echo packets to the local system without processing them. If the local system does not received the looped-back echo packets, it declares the BFD session down.
This function is supported only for single-hop detection.
Restrictions and guidelines
This function does not take effect on BFD sessions associated with interface states.
Procedure
1. Enter system view.
system-view
2. Enter interface view or static BFD session view.
¡ Enter interface view.
interface interface-type interface-number
¡ Enter static BFD session view.
bfd static session-name
The static BFD session must already exist.
3. Enable the echo function.
bfd echo [ receive | send ] enable
By default, the echo function is disabled.
Associating the interface state with BFD
About this task
By creating a BFD session for single-hop detection through exchange of BFD control packets, this feature implements fast link detection. When BFD detects a link fault, it sets the link layer protocol state to DOWN(BFD). This behavior helps applications relying on the link layer protocol state achieve fast convergence. The source IP address of control packets is specified manually, and the destination IP address is fixed at 224.0.0.184. As a best practice, specify the IP address of the interface as the source IP address. If the interface does not have an IP address, specify a unicast IP address other than 0.0.0.0 as the source IP address.
You can associate the state of the following interfaces with BFD:
· Layer 3 Ethernet interfaces.
· Member ports in a Layer 3 aggregation group.
Restrictions and guidelines
The echo function does not take effect on BFD sessions associated with interface states.
Procedure
1. Enter system view.
system-view
2. Enter interface view or.
interface interface-type interface-number
3. Associate the interface state with BFD.
bfd detect-interface source-ip ip-address [ discriminator local local-value remote remote-value ]
If the peer device does not support obtaining BFD session discriminators through autonegotiation, you must specify the discriminators on both the local and peer devices. Without the discriminators, the BFD session cannot come up.
Configuring BFD session flapping suppression
About this task
When BFD detects a link failure, it tears down the BFD session and notifies the upper-layer protocol of the failure. When the upper-layer protocol re-establishes a neighbor relationship, the BFD session comes up again. BFD session flaps occur when a link fails and recovers repeatedly, which consumes significant system resources and causes network instability.
This feature allows you to suppress BFD session flapping by using the initial-interval, secondary-interval, and maximum-interval arguments.
· A BFD session is suppressed within the specified interval. The suppression time does not exceed the maximum-interval.
· After a BFD session goes down for the second time, it cannot be re-established within the initial-interval.
· After a BFD session goes down for the third time, it cannot be re-established within the secondary-interval.
· After a BFD session goes down for the fourth time and at any later time, the following rules apply:
¡ If secondary-interval × 2n-3 is smaller than or equal to the maximum-interval, the BFD session cannot be re-established within the secondary-interval × 2n-3.
¡ If secondary-interval × 2n-3 is greater than the maximum-interval, the BFD session cannot be re-established within the maximum-interval.
The letter n, starting from 4, is the number of times the BFD session flaps.
Procedure
1. Enter system view.
system-view
2. Configure BFD session flapping suppression.
bfd dampening [ maximum maximum-interval initial initial-interval secondary secondary-interval ]
By default, BFD sessions are not suppressed.
The value for the initial-interval or secondary-interval argument cannot be greater than or equal to the value for the maximum-interval argument.
Configuring a BFD template
About this task
Perform this task to specify BFD parameters in a template for sessions without next hops. You can configure BFD parameters for LSPs and PWs through a BFD template.
Procedure
1. Enter system view.
system-view
2. Create a BFD template and enter BFD template view.
bfd template template-name
3. Configure the authentication mode for BFD control packets.
bfd authentication-mode { m-md5 | m-sha1 | md5 | sha1 | simple } key-id { cipher cipher-string | plain plain-string }
By default, no authentication is performed.
BFD version 0 does not support this command.
4. Set the detection time multiplier.
bfd detect-multiplier value
The default setting is 5.
5. Set the minimum interval for receiving BFD echo packets.
bfd min-echo-receive-interval interval
The default setting is 400 milliseconds.
6. Set the minimum interval for receiving BFD control packets.
bfd min-receive-interval interval
The default setting is 400 milliseconds.
7. Set the minimum interval for transmitting BFD control packets.
bfd min-transmit-interval interval
The default setting is 400 milliseconds.
Enabling SNMP notifications for BFD
About this task
To report critical BFD events to an NMS, enable SNMP notifications for BFD. For BFD event notifications to be sent correctly, you must also configure SNMP as described in Network Management and Monitoring Configuration Guide.
Procedure
1. Enter system view.
system-view
2. Enable SNMP notifications for BFD.
snmp-agent trap enable bfd
By default, SNMP notifications are enabled for BFD.
Verifying and maintaining BFD
To display BFD session information, execute the following command in any view:
display bfd session [ discriminator local-value | discriminator local local-value | static session-name | verbose ]
display bfd session [ [ dynamic ] [ control | echo ] [ ip ] [ state { admin-down | down | init | up } ] [ discriminator remote remote-value ] [ peer-ip ipv4-address [ vpn-instance vpn-instance-name ] ] [ verbose ] ]
display bfd session [ [ dynamic ] [ control | echo ] [ ipv6 ] [ state { admin-down | down | init | up } ] [ discriminator remote remote-value ] [ peer-ipv6 ipv6-address [ vpn-instance vpn-instance-name ] ] [ verbose ] ]
display bfd session [ [ static ] [ ip ] [ state { admin-down | down | init | up } ] [ discriminator remote remote-value ] [ peer-ip ipv4-address [ vpn-instance vpn-instance-name ] ] [ verbose ]
display bfd session [ [ static ] [ ipv6 ] [ state { admin-down | down | init | up } ] [ discriminator remote remote-value ] [ peer-ipv6 ipv6-address [ vpn-instance vpn-instance-name ] ] [ verbose ]
To clear BFD session statistics, execute the following command in user view:
reset bfd session statistics
