Dynamic Routing - BFD Tutorials

For more details go to: Dynamic Routing - BFD

BFD with OSPF or BGP

This guide provides a step-by-step setup to enable BFD for faster convergence times when link failures occur in the peering network. It is mostly needed for high availability setups where up to a minute of convergence with conventional BGP or OSPF mechanisms is not acceptable.

BFD can bring routing convergence times down to a second.

Setting up BFD is additional to the OSPF Tutorial or BGP Tutorial steps.

Create Firewall rules on Peering Interface

  • Firewall ‣ Rules ‣ Peering (igc2)

Action

Pass

Interface

Peering (igc2)

Direction

In

TCP/IP Version

IPv4

Protocol

UDP

Source

Peering Network

Source Port

Any

Destination

Peering IP (Router IP)

Destination Port

3784 (Single-Hop BFD)

Description

Allow BFD single-hop sessions

Note

BFD is unidirectional, both sides need rules to send and receive BFD packets. We only use single hop in our simple setup so this is the only rule we need.

Setup Router B

Create Firewall rules on Peering Interface

  • Firewall ‣ Rules ‣ Peering (igc2)

Action

Pass

Interface

Peering (igc2)

Direction

In

TCP/IP Version

IPv4

Protocol

UDP

Source

Peering Network

Source Port

Any

Destination

Peering IP (Router IP)

Destination Port

3784 (Single-Hop BFD)

Description

Allow BFD single-hop sessions

Verify the setup

Go to Routing ‣ Diagnostics ‣ BFD and look at the Summary tab to view the status of the BFD neighbors.

The real benefit of BFD can only be seen if there are multiple routes with different cost. When the BFD packets are interrupted, the route will quickly be discarted and the next best route will be installed and chosen. This will happen in just a ping or even faster.

An example for a setup that will benefit from BFD is IPsec Failover with VTI and OSPF