- Preface
- Product Overview
- Configuring the Router for the First Time
- Configuring a Supervisor Engine 720
- Configuring a Route Switch Processor 720
- Configuring NSF with SSO Supervisor Engine Redundancy
- ISSU and eFSU on Cisco 7600 Series Routers
- Configuring RPR and RPR+ Supervisor Engine Redundancy
- Configuring Interfaces
- Configuring a Supervisor Engine 32
- Configuring LAN Ports for Layer 2 Switching
- Configuring Flex Links
- Configuring EtherChannels
- Configuring VTP
- Configuring VLANs
- Configuring Private VLANs
- Configuring Cisco IP Phone Support
- Configuring IEEE 802.1Q Tunneling
- Configuring Layer 2 Protocol Tunneling
- Configuring L2TPv3
- Configuring STP and MST
- Configuring Optional STP Features
- Configuring Layer 3 Interfaces
- Configuring GTP-SLB IPV6 Support
- IP Subscriber Awareness over Ethernet
- Configuring UDE and UDLR
- Configuring Multiprotocol Label Switching on the PFC
- Configuring IPv4 Multicast VPN Support
- Configuring Multicast VPN Extranet Support
- Configuring IP Unicast Layer 3 Switching
- Configuring IPv6 Multicast PFC3 and DFC3 Layer 3 Switching
- Configuring IPv4 Multicast Layer 3 Switching
- Configuring MLDv2 Snooping for IPv6 Multicast Traffic
- Configuring IGMP Snooping for IPv4 Multicast Traffic
- Configuring PIM Snooping
- Configuring Network Security
- Understanding Cisco IOS ACL Support
- Configuring VRF aware 6RD Tunnels
- Configuring VLAN ACLs
- Private Hosts (Using PACLs)
- Configuring IPv6 PACL
- IPv6 First-Hop Security Features
- Configuring Online Diagnostics
- Configuring Denial of Service Protection
- Configuring DHCP Snooping
- Configuring Dynamic ARP Inspection
- Configuring Traffic Storm Control
- Unknown Unicast Flood Blocking
- Configuring PFC QoS
- Configuring PFC QoS Statistics Data Export
- Configuring MPLS QoS on the PFC
- Configuring LSM MLDP based MVPN Support
- Configuring IEEE 802.1X Port-Based Authentication
- Configuring IEEE 802.1ad
- Configuring Port Security
- Configuring UDLD
- Configuring NetFlow and NDE
- Configuring Local SPAN, RSPAN, and ERSPAN
- Configuring SNMP IfIndex Persistence
- Power Management and Environmental Monitoring
- Configuring Web Cache Services Using WCCP
- Using the Top N Utility
- Using the Layer 2 Traceroute Utility
- Configuring Bidirectional Forwarding and Detection over Switched Virtual Interface
- Configuring Call Home
- Configuring IPv6 Policy Based Routing
- Using the Mini Protocol Analyzer
- Configuring Resilient Ethernet Protocol
- Configuring Synchronous Ethernet
- Configuring Link State Tracking
- Configuring BGP PIC Edge and Core for IP and MPLS
- Configuring VRF aware IPv6 tunnels over IPv4 transport
- ISIS IPv4 Loop Free Alternate Fast Reroute (LFA FRR)
- Multicast Service Reflection
- Y.1731 Performance Monitoring
- Online Diagnostic Tests
- Acronyms
- Cisco IOS Release 15S Software Images
- Index
Configuring Bidirectional Forwarding and Detection over Switched Virtual Interface
This chapter describes how to configure Bidirectional Forwarding and Detection (BFD) over Switched Virtual Interface(SVI) on Cisco 7600 series routers.
Note For complete syntax and usage information of the commands used in this chapter, see the Cisco 7600 Series Routers Command References at this URL:
http://www.cisco.com/en/US/products/hw/routers/ps368/prod_command_reference_list.html
Understanding BFD over SVI
Switched Virtual Interface (SVI) is a type of interface designed to provide basic Layer 3 functions for Layer 2 switch ports that belongs to a specific Virtual Local Area Network (VLAN). SVI connects a Layer 2 domain to a Layer 3 routing domain through an IP address configured on the VLAN interface.
When you use SVI in layer 2 networks to provide access to Layer3 routing domain, you can use Bidirectional Forwarding Detection (BFD) to detect data traffic failures in the network.
Note
You should run the platform bfd allow-svi command on the15.1(1)S software before downgrading the software version from 15.1(1)S to 15.0(1)S when BFD over SVI feature is configured.
Restrictions and Usage Guidelines
Follow these restrictions and guidelines when you configure the BFD over SVI feature:
- BFD over SVI is supported on all the hardware platforms where BFD is supported.
- Timer support for BFD over SVI is similar to the BFD timer values supported on main and sub interfaces.
- If BFD runs on a port channel, BFD over SVI has a timer value restriction of 750 * 3 milliseconds.
- Run no ip redirect command on all the BFD interfaces to optimize the data path on the C7600 series routers.
Sample Network with BFD over SVI
Figure 1-1 shows an example of a network with BFD over SVI on REP enabled ring topology. The Cell Site Routers (CSR) on the left side of the network are aggregated on the C7600 routers over Layer 2 networks. The SVI configured on C7600 provides Layer 3 services to CSRs.
The routing of upstream traffic from CSR towards 7600 routers is achieved through static routes on CSRs, which points to one of the C7600 routers (7609-1) as a primary route, and to an alternate C7600 router (7609-2) that acts as a back-up node and as a secondary route. The static route preference is configured using the metric value in the static route configuration.
Figure 1-1 BFD over SVI Network
In such a topology, you can deploy node failure protection and link failure protection to handle data traffic failures in the network.
Node Failure
Node failure is handled through BFD protected static routes. If the primary node fails, BFD detects the failure and triggers a re-convergence of the network through the backup node. Since static routes are used on CSRs, the re-convergence only requires initialization of the secondary or backup route.
Figure 1-2 explains a node failure in a network with BFD over SVI on a REP enabled ring topology. The routers 7609-1, 7609-2 and the two 2941 routers in the network are protected nodes. If there is a failure on the primary node (7609-1), traffic is redirected to the secondary node (7609-2). The Layer 2 nodes that are numbered from 1 to 8 are not protected.
When the primary node encounters a failure, the following events take place:
1. At Layer 2 level, REP detects that the primary path is faulty and opens the secondary path.
2. At Layer 3 level, BFD detects the primary node failure and trigger network convergence to the secondary node.
Link Failure
Link failure in the Layer 2 network is handled by REP. In most cases, REP detects a link failure in less than 100 milliseconds in the ring. In case the primary Layer 2 path fails, REP opens the secondary Layer 2 path for Layer 3 traffic.
Figure 1-3 explains link failure in a network with BFD over SVI. If there is a primary link failure in the Layer 2 ring, REP detects at the Layer 2 level that the primary path is faulty and opens the secondary path. As there is no node failure, BFD does not detect and trigger any network change.
REP should detect and act on any fault in the network before BFD. Otherwise, BFD may wrongly detect a node failure. If there is a link failure in the primary Layer 2 path and REP takes longer time than BFD to unblock the secondary path, BFD could wrongly detect a node failure. In that case, after unblocking the secondary path by REP, traffic flows through the secondary node.
For more information on configuring REP, see the following link:
http://www.cisco.com/en/US/docs/routers/7600/ios/15S/configuration/guide/rep.html
Configuring BFD over SVI
Perform these steps to configure BFD over SVI.
Summary Steps
5. bfd interval milliseconds min_rx milliseconds multiplier interval-multiplier
6. ip route static bfd vlan number gateway
7. ip route [vrf vrf-name] mask { ip-address | vlan vlan-number [ ip-address ]} [dhcp] [ distance ] [name next-hop-name ] [permanent | track number ] [tag tag ]
Detailed Steps
Note If you are downgrading the software version from 15.1(1)S to 15.0(1)S and you have BFD over SVI configuration, you should first run the platform bfd allow-svi command on the15.1(1)S software and then start the software downgrade.
The following example shows BFD over SVI configuration on routers A and B in the same VLAN and verifies the configuration. The show bfd neighbors details command is used to verify that BFD session is created.
Feedback