BFD (Bidirectional Forwarding Detection)

bfd-session-establishment

What is BFD?

For networks, failure detection is very important. There are vairous mechanisms used for this purpose. One of them is BFD (Bidirectional Forwarding Detection). In this lesson, we will learn bfd meaning, what is BFD and why we use this mechanism between nodes.

 

BFD is basically another Hello protocol based on UDP that detects link failures on forwarding plane. It runs on top of Layer 2 protocols that is in use between two adjacent systems. You can also view wiki definion for BFD.

 

Bidirectional Forwarding Detection is independent from media, routing protocols and data protocols. By being independant from media, routing protocols and data protocols, BFD mechanism can be used with all routing protocols and data protocols.

 

Routing protocols has an hello mechanism by default to detect the link failures. But this mechanism is differenciate from router to router. With Bidirectional Forwarding Detection, a common link failure detection mechanism created. And this mechanism can be used with all routing protocols. So, using Bidirectional Forwarding Detection mechanism provides a very fast convergence after a link failure if you compare with routing protocol hello mechanism.

 

Bidirectional Forwarding Detection is one way protocol. So tu use this mechanism, you need to configure both ends with this protocol.

 

As you know there are two planes in a network. One of them is control plane, in which, route processing is done. And the other is forwarding plane, in which, the data sending is done after the establishment of the session.


control-plane-forwarding-plane
Bidirectional Forwarding Detection operates in the forwarding plane. It detects the link failures on forwarding plane.

 

Bidirectional Forwarding Detection has two versions. These are Version 0 and Version 1.

 


You can Download Cisco Packet Tracer Labs!


 

BFD Session Establishment

After learning bfd meaning and answering what is BFD question and learnign some general information about it, now, let’s learn BFD Session Establishment. Session establishment is done throught BFD messages. These messages sets the states of both ends as mentioned below:

  • Down
  • Init
  • Up

 

Bidirectional Forwarding Detection has two different Session Establishment modes. This is divided into two according to how is the discriminators that differ Bidirectional Forwarding Detection sessions are configured. What are these Session Establishement modes? These are :

  • Static Session Establishment
  • Dynamic Session Establishment

 

In Static Session Establishment, local and remote discriminators in BFD messages are configured with commands. In Dynamic Session Establishment, this is done by system dynamically. Let’ s check these Session Establishment Steps one by one.

 

As you can below, BFD Session Establishment is done with a three-way handshake. There are three basic steps to establish BFD Session in other words.

 

bfd-session-establishment

  1. Firstly, the two ends are in down state.
  2. When a BFD message comes from one end to the other end, the state field is changed as Init in that end.
  3. When the other end receive this BFD message, the state filed is changed as UP.

 


 

How BFD Works?

Bidirectional Forwarding Detection mechanism uses packets to inform both ends that the protocol is configured. With these packets, it provides basic connectivity and the parameter negotiation.

 

The main role of Bidirectional Forwarding Detection is detecting the link failures by sending BFD packets in regular intervals. It sends the packet and wait. If there is no reply until a certain of time, it determines that the link is down. This is the same as Hello messages.

 

Let’s give an example to understand this mechanism better. Below, there is a topology, that BFD Sessions are also established in each ends. Think about that a traffic is coming from Router 1 to Router 2.

 


bfd-mechanism-example
 

What if the connection between these two routers fails?

 

bfd-mechanism-failure-example
Both end Routers are informed by BFD mecahnism about this link failure. They say that “Link failed! You need to do a new route calculation!”. And after this message, router calculates a new route to the same destination.


bfd-mechanism-after-failure
As you can see above, the traffic is go through the new calculated route, through Router 3.

 

Bidirectional Forwarding Detection has different operation modes. These are :

  • Async Mode
  • Demand Mode
  • Echo Mode

 

In Asyncronous Mode, two end nodes send Conrol Packets each other periodically. If they do not get some of the Control Packets, they decide that there is a failure. In Async Mode, Conrol Packets flow in each direction.


bfd-asyn-mode
In Demand Mode, two end nodes send Control Packets only for a short time to dedect if are there any failure or not. In Demand Mode, Conrol Packets flow in each direction.


bfd-demand-mode
In Echo Mode, Echo Packets also used between two end beside Conrol Packets. Echo packets is used to test forwarding plane not host stack.


bfd-echo-mode

 


 

BFD Applications

AS we mentioned above, Bidirectional Forwarding Detection is used to detect link failure. But, there can be many types of link failures. BFD is generally used to check the below availabilities:

  • Routing Protocol link availability
  • Ethernet Link availability
  • MPLS and GRE Tunnel link availability
  • Edge Network availablity

 


 

Protocols Used With BFD

Bidirectional Forwarding Detection is used with many protocols for link failure detection. These protocols are:

  • Static routes
  • IGPs (OSPF, IS-IS)
  • BGP (eBGP, iBGP)
  • LDP
  • RSVP

 


 

Disadvantages of BFD

Beside the advantages of BFD, it has also some disadvantages. First of all it can have more resource demands. This changes from platform to platform.

 

Secondly, Bidirectional Forwarding Detection is not aware of Layer 2 link bundelling. When you configure it on one link, it operetas for single link, rather than the other bunde member.

 


BFD Version 0 vs Version 1

What is the different between two Bidirectional Forwarding Detection versions? Mainlly, these versions shows how device exchange BFD control packets to detect any link failure. Let’s focus on each and learn the details of BFD versions.

 


BFD Version 0

The first version of Bidirectional Forwarding Detection. It uses hello packets , detection times and session establishment. There is no authentication and not good at error handling. So, it is not used in production networks.

 


BFD Version 1

The second version and the up to date version is BFD version 1. It is explained in RFC 5880. It is the enhanced version of version 0. Version 1 supports Authentication like MD5 and SHA1, diagnostic codes and admin control (up, down and init states).

 


Cisco BFD Configuration

BFD Configuration on a Cisco Router Interface

To enable bfd on a Cisco router interface, firstly, we will go under that interface. Here, we will configure it for GigabitEthernet1/1. Under this interface, we will use bfd interval, min_rx and multiplier parameters. Here, bfd interval means, send bfd packet every this interval.  Here, we will set it to 30 ms. Min_rx shows the interval of received bfd packets. We will use 30 ms Min_rx time. And multiplier means if you miss this number of packets, this means that connection is down. Here, we will use 5 as multiplier.

 

Router# configure terminal

Router(config)# interface GigabitEthernet1/1

Router(config-if)# bfd interval 30 min_rx 30 multiplier 5

Router(config-if)# exit

 

We can activate bfd under routing protocols. Below, you can find configuration examples that shows how to enable bfd under OSPF, EIGRP and BGP.

 


Enabling BFD For OSPF

To enable bfd under OSPF, we should go udenr OSPF process and here, with “bfd all-interfaces” command, we can enable it under all OSPF interfaces.

 

Router# configure terminal

Router(config)# router ospf 1

Router(config-router)# bfd all-interfaces

Router(config-router)# exit

 


Enabling BFD For EIGRP

To enable BFD under EIGRP, we use “bfd all-interfaces” command again to enable it for all EIGRP interafces under the EIGRP process.

 

Router# configure terminal

Router(config)# router eigrp 100

Router(config-router)# bfd all-interfaces

Router(config-router)# exit

 


Enabling BFD For A BGP Neighbor

To enable BFD for a BGP neighbor, firstly, we go under that bgp area and then we will define the neighbor. After neighbor configuration, we will use “fall-over bfd” command with the related neighbor. For our neighbor, we will use “neighbor 10.0.0.1 fall-over bfd” command. This command will enable BGP to register with BFD to receive fast peering session deactivation messages from BFD.

 

Router# configure terminal

Router(config)# router bgp 64000

Router(config-router)# neighbor 10.0.0.1 remote-as 65000

Router(config-router)# neighbor 10.0.0.1 fall-over bfd

Router(config-router)# exit

 


BFD Authentication

To configure authentication for BFD, firstly, we will use “bfd-template single-hop template-name” command. This command creates BFD template and goes to BFD configuration mode. Here, we will use MYBFD-AUTH as template name.

 

Under this mode, we can configure interval, min_rx and multiplier parameters again.

 

Then, we will use “authentication authentication-type keychain keychain-name ” command. We will use MD5 as authentication type and MYBFD_KEYS as keychain-name.

 

Router# configure terminal

Router(config)# bfd-template single-hop MYBFD-AUTH

Router(config-bfd-tmpl)# interval 30 min_rx 30 multiplier 5

Router(config-bfd-tmpl)# authentication md5 keychain MYBFD_KEYS

Router(config-bfd-tmpl)# exit

 

To configure key chain, we will enter key chain with “key chain chain-name” command. This defines an authentication key chain needed to enable authentication for routing protocols and enters key-chain configuration mode.

 

Then we will use “key key-id” command. This command defines an authentication key on the key chain and enters keychain-key configuration mode. We will use 1 as key id.

 

After that, we will use “key key-id” command. This command defines an authentication string for a key. Here, our key is ipciscokey.

 

Router(config)# key chain MYBFD_KEYS

Router(config-keychain)# key 1

Router(config-keychain-key)# key-string ipciscokey

Router(config-keychain-key)# exit

Router(config-keychain)# exit

 

For BFD Authentication, lastly, we will add this bfd authentication template MYBFD-AUTH, to interface. To do this, we will use “bfd template BFD-AUTH” command under the related interface.

 

Router(config)# interface GigabitEthernet1/1

Router(config-if)# bfd template MYBFD-AUTH

Router(config-if)# exit

 


How to verify BFD?

To verify bfd, we use “show bfd neighbors” and “show bfd neighbors detail” Cisco commands on Cisco routers. These commands verifies if BFD neigbor active or not. And it displays the routing protocols that use Bidirectional Forwarding Detection.

 

Router# show bfd neighbors

OurAddr NeighAddr LD/RD RH/RS Holdown(mult) State Int
10.0.0.1 10.0.0.2 5/3 1(RH) 124 (3 ) Up Gi1/1

 

Router# show bfd neighbors details
OurAddr       NeighAddr     LD/RD RH  Holdown(mult)  State     Int
10.0.0.1   10.0.0.2    1/2  1   356  (3 )      Up        Fa0/1          
Local Diag: 0, Demand mode: 0, Poll bit: 0
MinTxInt: 200000, MinRxInt: 200000, Multiplier: 5
Received MinRxInt: 1000, Received Multiplier: 3
Holdown (hits): 600(22), Hello (hits): 200(84453)
Rx Count: 32364, Rx Interval (ms) min/max/avg: 208/345/423 last: 55 ms ago
Tx Count: 52348, Tx Interval (ms) min/max/avg: 152/223/245 last: 63 ms ago
Registered protocols: OSPF

Uptime: 01:12:15
Last packet: Version: 0            - Diagnostic: 0
             I Hear You bit: 1     - Demand bit: 0
             Poll bit: 0           - Final bit: 0
             Multiplier: 3         - Length: 24
             My Discr.: 2          - Your Discr.: 1
             Min tx interval: 50000    - Min rx interval: 1000
             Min Echo interval: 0

 


Last Word

We have learned BFD meaning and the details of how it works. This one way protocol is basically a Hello protocol to detect link failures quickly. You will use this key protocol a lot in your networking operations.

 

Lesson tags: BFD
Back to: CCIE Enterprise Infrastructure > Routing Fundamentals

Leave a Reply

Your email address will not be published. Required fields are marked *

CCIE Enterprise Infrastructure

Collapse
Expand
Latest Blog Posts