BFD Configuration Mode Commands

BFD provides a low-overhead, short duration method of detecting failures in the forwarding path between two BGP or OSPF adjacent routers, including the interfaces, data links, and forwarding plane. BFD must be enabled on both routers. The ASR 5500 supports BFD on Layer 3 clients only in asynchronous mode with optional Echo functionality.

Mode

The BFD Configuration Mode manages the protocol settings for Bidirectional Forwarding Detection (BFD).

Exec > Global Configuration > Context Configuration > BFD Configuration

configure > context context_name > bfd-protocol

Entering the above command sequence results in the following prompt: 

[context_name]host_name(config-bfd)#

Important

The commands or keywords/variables that are available are dependent on platform type, product version, and installed license(s).

bfd linkagg-peer

Enables member-link based BFD and configures the BFD link aggregation (linkagg) session values. Member-link based BFD detects individual link failures faster than LACP and reduces the overall session/traffic down period as a result of single member link failure.

Product

ASR 5500, All products

Privilege

Security Administrator, Administrator

Mode

Exec > Global Configuration > Context Configuration > BFD Configuration

configure > context context_name > bfd-protocol

Entering the above command sequence results in the following prompt: 

[context_name]host_name(config-bfd)#

Syntax

bfd linkagg-peer linkagg_group_id local-endpt-addr local_endpt_ipaddress remote-endpt-addr remote_endpt_ipaddress interval tx_interval min_rx rx_interval multiplier multiplier_value [ slot slot_number ] 
no bfd linkagg-peer linkagg_group_id [ slot slot_number ]

no

Disables this member-link BFD configuration.

linkagg_group_id

Specifies the LAG number as an integer from 1 through 255.

local-endpt-addr local_endpt_ipaddress

Specifies the source address of the multihop BFD session in IPv4 dotted-decimal or IPv6 colon-separated-hexadecimal format.

remote-endpt-addr remote_endpt_ipaddress

Specifies the remote address of the Multihop BFD session in IPv4 dotted-decimal or IPv6 colon-separated-hexadecimal format.

interval tx_interval

Specifies the transmit interval of control packets in milliseconds as an integer from 50 through 10000.

min_rx rx_interval

Specifies the minimum receive interval for control packets in milliseconds as an integer from 50 through 10000.

multiplier multiplier_value

Specifies the value used to compute hold-down time as an integer from 3 through 50.

slot slot_number

For a redundant active-standbylinkagg configuration, this option specifies the card for which this configuration is intended.

Usage Guidelines

Use this command to enables member-link based BFD and configures the BFD link aggregation session values (RFC 7130). Member-link based BFD detects individual link failures faster than LACP and reduces the overall session traffic down period as a result of single member link failure.

This command configures BFD interactions with the linkagg task. Once a session is configured, BFD creates per member link BFD sessions and starts sending packets on each of the linkagg member links. If a member link BFD session fails, StarOS notifies failures to the linkagg task.

If you define a linkagg-peer using a slot number, you may configure a linkagg-peer for the redundant slot which must also specify a slot. Likewise, if you configure a linkagg-peer without a slot, you must delete it before configuring a peer with a slot specified.


Important

Only one IPv4 or IPv6 BFD session-based configuration is allowed per link-agg interface for compliance with RFC 7130.

Example

The following command configures linkage group 50 with IPv4 endpoints, a 50ms transmission interval, a 50ms interval for receiving control packets, and a compute hold-down time multiplier of 3. 
bfd linkagg-peer 50 local-endpt-addr 2.2.2.1 remote-endpt-addr 2.2.2.2 interval 50 min_rx 50 multiplier 3

bfd multihop-peer

Configures parameters for any multihop-BFD sessions with the same destination address. If these parameters are not configured using this command, MH-BFD sessions with the same destination address are found in the Admin-down state.

Product

All

Privilege

Security Administrator, Administrator

Mode

Exec > Global Configuration > Context Configuration > BFD Configuration

configure > context context_name > bfd-protocol

Entering the above command sequence results in the following prompt: 

[context_name]host_name(config-bfd)#

Syntax

bfd multihop-peer dst-ip-address { authentication { md5 | meticulous-md5 | meticulous-sha1 plain-text | sha1 } { encrypted password-string | password  password-string } | interval tx_interval  min_rx rx_interval  multiplier value } 
no bfd multihop-peer dst-ip-address authentication

no

Removes all the parameters for the MH-BFD destination address. If there are any sessions with the same destination address, those sessions go to Admin-down state.

dst-ip-address

Specifies the destination address of the BFD enabled peer in IPv4 dotted-decimal or IPv6 colon-separated-hexadecimal notation. This destination address must have been previously configured via the ip route static bfd or ipv6 route static bfd command in the Context Configuration mode.

authentication { md5 | meticulous-md5 | meticulous-sha1 plain-text | sha1 }

Specifies the method for authenticating all multihop BFD sessions to the specified peer. By default, authentication for Multihop-BFD sessions to a destination address is disabled. The authentication type options include:

  • md5 – Message Digest 5

  • meticulous-md5 – MD5 using a secret key and sequence numbers that are updated for every packet

  • meticulous-sha1 – SHA1 with sequence numbers that are updated for every packet

  • plain-text – plain text (unencrypted)

  • sha1 – Secured Hash Algorithm 1

encrypted password-string | password password-string

Specifies the password for authentication of BFD sessions. The password must be the same between the peer neighbors for the BFD sessions to work. If the authentication password is configured incorrectly between the peers, the BFD sessions to the destination address will not come to the UP. If the password is configured for BFD sessions that are already UP, the BFD neighbors are reset.

  • encrypted password-string : Specifies the use of an encrypted password for authentication of BFD sessions as an alphanumeric string of up to 523 characters.

  • password password-string : Specifies the use of a plain text password for authentication of BFD sessions as an alphanumeric string of 1 to 19 characters.


Important
The destination address and its transmit or receive intervals must be configured before the password is applied to any MH-BFD sessions at a destination address.

interval tx_interval min_rx rx_interval multiplier value

interval tx_interval : Specifies the transmit interval (in milliseconds) between BFD packets as an integer from 50 to 999. Default: 50

min_rx rx_interval : Specifies the receive interval (in milliseconds) between BFD packets as an integer from 50 to 999. Default: 50

multiplier value : Specifies the multiplier value used to compute hold down as an integer from 3 to 50. Default: 3

Usage Guidelines

Use this command to configure the basic operating parameters between the BFD enabled peers.


Important

The VPC-DI CF switchover and SF migration events can cause multihop BFD sessions to go down if the session detect time exceeds the card fault detect/BFD recovery time (approximately 5 to 6 seconds). This does not pertain to a single hop BFD.

Example

The following are example command strings for configuring BFD multihop sessions: 
bfd multihop-peer 10.2.3.4 authentication md5 encrypted 5-klm7783 
bfd multihop-peer 10.2.3.4 interval 100 min_rx 100 multiplier 5

bfd nbr-group-name

Configures BFD neighbor groups.

Product

All

Privilege

Security Administrator, Administrator

Mode

Exec > Global Configuration > Context Configuration > BFD Configuration

configure > context context_name > bfd-protocol

Entering the above command sequence results in the following prompt: 

[context_name]host_name(config-bfd)#

Syntax

[ no ] bfd nbr-group-name neighbor_group { active-if-name if_name | passive-if-name if_name } gw_ip_address 
no bfd nbr-group-name neighbor_group

no

Removes all the parameters for the BFD neighbor group.

neighbor_group

Specifies an identifier for a BFD neighbor group as an alphanumeric string of 1 through 19 characters.

active-if-name if_name | passive-if-name if-name

Specifies the logical/physical interface associated with this BFD group.

active-if-name if_name : Specifies an active interface that notifies all passive interfaces in this group. There should be only one active interface in a group. if_name is a logical or physical interface specified as an alphanumeric string of 1 through 79 characters.

passive-if-name if_name : Specifies a passive interface that receives BFD notifications from the active interface in this group. if_name is a logical or physical interface specified as an alphanumeric string of 1 through 79 characters.

gw_ip_address

Specifies the gateway address of the BFD neighbor in IPv4 dotted-decimal or IPv6 colon-separated-hexadecimal notation (optional CIDR notation).

Usage Guidelines

Allow scaling of BFD sessions when a large number of logical interfaces are configured on a physical interface. A failure on the physical interface or a logical interface can be propagated to all passive interfaces in this group.

Example

The following command configures BFD group bgpgroup132: 
bfd nbr-group-name bgpgroup132 active-if-name bgpif02

echo

Enables or disables BFD echo mode functionality. The Echo function tests the forwarding path on the remote system. Echo is only used for single hop BFD sessions.

Product

All

Privilege

Security Administrator, Administrator

Mode

Exec > Global Configuration > Context Configuration > BFD Configuration

configure > context context_name > bfd-protocol

Entering the above command sequence results in the following prompt: 

[context_name]host_name(config-bfd)#

Syntax

[ no ] echo

no echo

Disables BFD echo functionality.

Usage Guidelines

Use this function to send a stream of Echo packets that the other endpoint then sends back via its forwarding plane. Echo tests the forwarding path on the remote system.

end

Exits the current configuration mode and returns to the Exec mode.

Product

All

Privilege

Security Administrator, Administrator

Syntax

end

Usage Guidelines

Use this command to return to the Exec mode.

exit

Exits the current mode and returns to the parent configuration mode.

Product

All

Privilege

Security Administrator, Administrator

Syntax

exit

Usage Guidelines

Use this command to return to the parent configuration mode.

slow-timers

Specifies the asynchronous mode control packet interval when Echo mode is enabled. In BFD asynchronous mode, BFD-enabled peers periodically send BFD Control packets to one another. If a number of those packets in a row are not received within the specified interval by the other peer, the session is declared to be down.

Product

All

Privilege

Security Administrator, Administrator

Mode

Exec > Global Configuration > Context Configuration > BFD Configuration

configure > context context_name > bfd-protocol

Entering the above command sequence results in the following prompt: 

[context_name]host_name(config-bfd)#

Syntax

slow-timers timer_value 
no slow-timers

no

Disables previously specified BFD slow timers.

timer_value

Specifies the BFD control packet interval (in milliseconds) for Echo mode as an integer from 1000 through 300000. Default: 2000

Usage Guidelines

Use this command to configure the interval between BFD control packets sent between peers in Echo mode.

Example

The following example command configures an asynchronous mode control packet interval of 10000ms (10 seconds):
slow-timers 10000