Bidirectional forwarding detection (BFD)
1. BFD template
2. Multihop BFD

Bidirectional forwarding detection (BFD)

RFC 5880, 5881
UDP 3784, 3785
hardware-based keepalive
- can be processed by ASIC in lieu of CPU (≈ 50ms detection)
- informs client process that peer is down
- client process is responsible for discovering peer: first negotiation, then keepalive
unicast MAC, point-to-point
requires CEF, IP routing
- client process is required to start session (e.g., IGP, BGP)
- NX-OS: disable IP IDS, because src = dst
modes:
- Async:
  - control only
  - continuous exchange
- Async demand:
  - control only
  - on peer liveness check
- Echo:
  - control + echo
  - looping packets back through peer
  - hardware
  - Echo packets have dst = src to verify TCP/IP stack

; BFD Echo enabled by default
(config-if)# no bfd echo

; not to overload CPU
(config-if)# no ip redirect

; ms: interval for generating Control and Echo packets
; rx_ms: min interval between ingress Control and Echo packets
; num: 3 default, number of sequentially lost packets to indicate that peer is down
(config-if)# bfd interval <ms> min-rx <rx_ms> [multiplier <N>]

; 1000ms default, interval for Control packets, Echo uses interface timers
(config)# bfd slow-timers <ms>

# show bfd neighbors [detail]

BFD template

(config)# bfd-template single-hop|multi-hop <NAME>
(config-bfd)# interval interval <ms> min-rx <rx_ms> [multiplier <N>]
(config-bfd)# echo
(config-bfd)# dampening <HALF_TIME> <REUSE> <SUPPRESS> <MAX_SUPPRESS>
(config-bfd)# authentication <MODE> keychain <CHAIN>

(config-if)# bfd template <NAME>

Multihop BFD

requires IGP to converge faster then BFD (e.g., OSPF SFP throttle)

(config)# bfd map ipv4|ipv6 <DST> <SRC> <NAME>

Networking and IT

Uncovering the Why

BFD

Bidirectional forwarding detection (BFD)

BFD template

Multihop BFD