BFD

This chapter covers some aspects related to the protocols bfd which is a feature that allows users to manage and monitor the BFD protocol.

BFD (Bidirectional Forwarding Detection) is a network protocol described in RFC 5880. It provides rapid detection of communication failures between adjacent forwarding engines (routers, switches). BFD provides sub-second failure detection that allows routing protocols such as BGP, OSPF and static routes to react much faster than relying on their own keepalive mechanisms.

BFD operates independently of the routing protocol that uses it. A BFD session is established between two endpoints, and if the session detects a failure, it notifies the associated routing protocol, which can then take corrective action (for example, tearing down a BGP session or removing a static route).

Configuration

The BFD protocol can be configured using protocols bfd. BFD sessions are typically created dynamically by other protocols (BGP, OSPF, static routes) when they enable BFD on a neighbor or route. BFD profiles allow defining a reusable set of parameters that can be applied to multiple sessions.

An explanation of each configurable parameter is provided below:

Peer

A BFD peer defines a direct session with a specific remote endpoint.

  • peer: IP address (IPv4 or IPv6) of the remote BFD peer. The following parameters can be configured per peer:

    • detect-multiplier: Detection multiplier. Specifies how many consecutive packets can be missed before declaring the session down. Valid range: 2-255. Default: 3.

    • echo-interval: Desired echo packet transmission interval in milliseconds. Valid range: 10-60000. Default: 50.

    • echo-mode: Enables echo mode. In echo mode, the local system sends echo packets that the remote system loops back through its forwarding path, allowing detection of path failures.

    • interface: Specifies the interface for this BFD peer session.

    • local-address: Local IPv4 address used for BFD packets.

    • minimum-ttl: Minimum expected TTL value on received packets. Acts as a security mechanism to limit the maximum number of hops a BFD packet could have traversed. Valid range: 1-254.

    • multihop: Enables multihop BFD session (RFC 5883). Required when the peer is not directly connected.

    • passive-mode: Don’t attempt to start sessions. The system will not begin sending BFD control packets until it receives one from the remote end.

    • profile: Associates a BFD profile with this peer, inheriting its configuration parameters.

    • receive-interval: Minimum required receive interval in milliseconds. Valid range: 10-60000. Default: 300.

    • shutdown: Disable BFD peer.

    • transmit-interval: Desired transmit interval in milliseconds. Valid range: 10-60000. Default: 300.

    • vrf: Associates the peer with a VRF.

Profile

BFD profiles provide a reusable set of parameters that can be applied to multiple BFD sessions. This simplifies management when multiple sessions share the same configuration. Profiles are referenced by name from BGP neighbors, OSPF interfaces, or static routes.

  • profile: BFD profile name. The following parameters can be configured per profile:

    • detect-multiplier: Detection multiplier. Specifies how many consecutive packets can be missed before declaring the session down. Valid range: 2-255. Default: 3.

    • echo-interval: Desired echo packet transmission interval in milliseconds. Valid range: 10-60000. Default: 50.

    • echo-mode: Enables echo mode. In echo mode, the local system sends echo packets that the remote system loops back through its forwarding path, allowing detection of path failures.

    • mark: Marks BFD packets for policy routing. This allows the network to direct BFD packets through the correct path in scenarios with VRFs and multiple WAN links. Valid range: 1-2147483647.

    • vrf-mark: Alternative to mark. Instead of specifying a numeric value, references a VRF and automatically calculates the appropriate mark value. Only one of mark or vrf-mark can be configured.

    • tos: Sets the Type of Service (ToS) field on BFD packets. By default, BFD uses CS6 (DSCP 48) as recommended by RFC 5881. This parameter allows overriding the default value for specific QoS requirements. Valid range: 0-255.

    • minimum-ttl: Minimum expected TTL value on received packets. Acts as a security mechanism to limit the maximum number of hops a BFD packet could have traversed. Valid range: 1-254.

    • passive-mode: Don’t attempt to start sessions. The system will not begin sending BFD control packets until it receives one from the remote end.

    • receive-interval: Minimum required receive interval in milliseconds. Valid range: 10-60000. Default: 300.

    • shutdown: Disable BFD peer.

    • transmit-interval: Desired transmit interval in milliseconds. Valid range: 10-60000. Default: 300.

Usage with BGP

To enable BFD on a BGP neighbor, use the bfd parameter within the neighbor configuration. Optionally, associate a profile:

set protocols bgp 10 neighbor peer remote-address 10.10.0.200
set protocols bgp 10 neighbor peer remote-as 20
set protocols bgp 10 neighbor peer bfd
set protocols bgp 10 neighbor peer bfd profile MY_PROFILE

Usage with OSPF

To enable BFD on an OSPF interface, optionally with a profile:

set interfaces ethernet eth0 ip ospf bfd
set interfaces ethernet eth0 ip ospf bfd profile MY_PROFILE

Usage with Static Routes

To enable BFD on a static route, optionally with a profile:

set protocols static route 10.0.0.0/24 next-hop 192.168.1.1 bfd
set protocols static route 10.0.0.0/24 next-hop 192.168.1.1 bfd profile MY_PROFILE

Monitoring

To monitor the status and configuration of BFD sessions, you can use the following commands:

  • protocols bfd show peers displays information about all BFD peers, including session status, timers, diagnostics, mark and ToS values.

    admin@osdx$ protocols bfd show peers
BFD Peers:
    peer 10.10.0.200 local-address 10.10.0.100 vrf default interface eth1
            ID: 886568408
            Remote ID: 2783626931
            Active mode
            Mark: 99
            ToS: 48
            Status: up
            Uptime: 6 minute(s), 23 second(s)
            Diagnostics: ok
            Remote diagnostics: ok
            Peer Type: dynamic
            Local timers:
                    Detect-multiplier: 3
                    Receive interval: 300ms
                    Transmission interval: 300ms

  • protocols bfd show peer <ipv4|ipv6> displays information about a specific BFD peer.

  • protocols bfd show static route displays BFD monitored static routes.

Examples

Mark

In this example, two eBGP routers are connected with BFD. A BFD profile is configured with mark 99 to ensure BFD packets are directed through the correct path when using policy routing.

Router A (10.10.0.100, AS 10) ---- Router B (10.10.0.200, AS 20)

Router A:

set interfaces ethernet eth1 address 10.10.0.100/24
set protocols bfd profile BFD_MARK mark 99
set protocols bgp 10 neighbor peer remote-address 10.10.0.200
set protocols bgp 10 neighbor peer remote-as 20
set protocols bgp 10 neighbor peer route-map import PERMIT
set protocols bgp 10 neighbor peer bfd profile BFD_MARK
set protocols route-map PERMIT rule 1 action permit

Router B:

set interfaces ethernet eth1 address 10.10.0.200/24
set interfaces dummy dum0 address 1.1.1.1/24
set protocols bfd profile BFD_MARK mark 99
set protocols bgp 20 neighbor peer remote-address 10.10.0.100
set protocols bgp 20 neighbor peer remote-as 10
set protocols bgp 20 neighbor peer route-map export PERMIT
set protocols bgp 20 neighbor peer bfd profile BFD_MARK
set protocols bgp 20 redistribute connected route-map REDIS
set protocols route-map PERMIT rule 1 action permit
set protocols route-map REDIS rule 1 action permit
set protocols route-map REDIS rule 1 match interface dum0

After committing, verify the mark is applied:

admin@osdx$ protocols bfd show peers
BFD Peers:
    peer 10.10.0.200 local-address 10.10.0.100 vrf default interface eth1
            Mark: 99
            Status: up

The mark value can be changed dynamically without restarting the BFD session:

set protocols bfd profile BFD_MARK mark 200

ToS

In this example, a BFD profile is configured with tos 184 (EF - Expedited Forwarding) to assign a specific QoS class to BFD packets instead of the default CS6:

set protocols bfd profile BFD_TOS tos 184
set protocols bgp 10 neighbor peer bfd profile BFD_TOS

After committing, verify the ToS is applied:

admin@osdx$ protocols bfd show peers
BFD Peers:
    peer 10.10.0.200 local-address 10.10.0.100 vrf default interface eth1
            ToS: 184
            Status: up

The ToS value can be changed dynamically without restarting the BFD session:

set protocols bfd profile BFD_TOS tos 48

Command Summary

Configuration commands

Operational commands