BFD – (Bidirectional Forwarding Detecetion) review, what problem it solves, configuration, and verification!

BFD1

The need for BFD (Bidirectional Forwarding Detection) is configured to speed up the “Detection” of a link down, which is 15 seconds by default without any Routing Protocols Hello / Dead Timers triggering this re-convergence (finding an alternate path), which now adays might as well be 15 hours.

Now of course this can be solved by IGP / EGP Timers, however they can generally only detect it with several missed Hellos over several seconds, whereas BFD uses milliseconds.

BFD also works with IGPs to provide this near instant detection, allowing for BFD configuration for interfaces configured within the IGP, as shown below (before the lab freaks out as Dynamips does not play nice with BFD for some reason).

So lets get to configuring BFD between Rtr1 and Rtr2

This is done on the Physical Interface on both ends of the link:

Rtr1(config-if)#int fa0/0
Rtr1(config-if)#bfd interval ?
<50-999> Milliseconds

Rtr1(config-if)#bfd interval 50 ?
min_rx Minimum receive interval capability

Rtr1(config-if)#bfd interval 50 min_rx ?
<50-999> Milliseconds

Rtr1(config-if)#bfd interval 50 min_rx 50 ?
multiplier Multiplier value used to compute holddown

Rtr1(config-if)#bfd interval 50 min_rx 50 multiplier ?
<3-50> value used to multiply the interval

Rtr1(config-if)#bfd interval 50 min_rx 50 multiplier 3 ?
<cr>

Rtr1(config-if)#bfd interval 50 min_rx 50 multiplier 3
Rtr1(config-if)#

The first # of 50ms is how fast it will send probes across the link, how quickly it expects to receive BFD Probes, and finally the “Multiplier” is the times a Probe can be missed before an Interface is considered to be Down and the network goes into action!

On Rtr3 without all the ?

Rtr2(config)#int fa0/0
Rtr2(config-if)#bfd interval 50 min_rx 50 multiplier 3
Rtr2(config-if)#

Now to configure OSPF for BFD, I am just going to enable “all” interfaces

Warning – The below command causes Dynamips to lose its BFP mind!

Given I wouldn’t want to have to define new interfaces every link I set this on, I’d rather a one and done configuration for all BFD:

Rtr1(config-if)#router ospf 1
Rtr1(config-router)#bfd all-interfaces
Rtr1(config-router)#
*Dec 16 09:19:20.595: %SYS-3-CPUHOG: Task is running for (2008)msecs, more than (2000)msecs (1/1),process = Exec.
-Traceback= 0x623897E8z 0x62AEC998z 0x623C7364z 0x623C74F8z 0x602CBBC8z
Rtr1(config-router)#
*Dec 16 09:19:22.183: %SCHED-5-INT_DISABLED_BEFORE_PREEMPTION: Detected interrupts being disabled in preemption handler. schedflag = (1) forkx = (ISG MIB jobs Manager) preempted process = (<Null>) preempted_process_epc = (0x6308BEDC) preemption_forced_suspend_level = (1) current interrupt level = (0) getinterruptindex() = (0) onintstack() = (FALSE)
-Traceback=
Rtr1(config-router)#
*Dec 16 09:19:22.939: %SCHED-5-INT_DISABLED_BEFORE_PREEMPTION: Detected interrupts being disabled in preemption handler. schedflag = (1) forkx = (ISG MIB jobs Manager) preempted process = (<Null>) preempted_process_epc = (0x637E8974) preemption_forced_suspend_level = (1) current interrupt level = (0) getinterruptindex() = (0) onintstack() = (FALSE)
-Traceback=
Rtr1(config-router)#
*Dec 16 09:19:23.883: %SCHED-5-INT_DISABLED_BEFORE_PREEMPTION: Detected interrupts being disabled in preemption handler. schedflag = (1) forkx = (BFD PP Process) preempted process = (<Null>) preempted_process_epc = (0x6308BEDC) preemption_forced_suspend_level = (1) current interrupt level = (0) getinterruptindex() = (0) onintstack() = (FALSE)
-Traceback=
*Dec 16 09:19:24.275: %SCHED-5-INT_DISABLED_BEFORE_PREEMPTION: Detected interrupts being disabled in preemption handler. schedflag = (1) forkx = (PfR BR Learn) preempted process = (<Null>) preempted_process_epc = (0x637E89AC) preemption_forced_suspend_level = (1) current interrupt level = (0) getinterruptindex() = (0) onintstack() = (FALSE)
-Traceback=
Rtr1(config-router)#

It just goes crazy until it finally crashes and dies (the router).

THIS IS what Anthony S advised of that BFD makes Dynamips freaks out, it froze Rtr1 completely, I cannot even close the Telnet window and re-open – That thing is STUCK.

Fortunately on Rtr2 I did a “no bfd all-interfaces” in router OSPF mode, then re-enabled it to stop it from having its own form of router heart attack, and it survived for us to run some verification commands to round off this lab!

Some different ways to verify BFD is running and detailed verification commands

Of course you can always just type “sh run” and BFD configuration will be in there too.

“sh run” – Will shown under interfaces if looking here

!
interface FastEthernet0/0
ip vrf forwarding Networking
ip address 172.16.0.2 255.255.255.0
duplex full
bfd interval 50 min_rx 50 multiplier 3
!

“sh ip ospf” – This shows EVERYTHING for OSPF on the local router including BFD!

Rtr2#sh ip ospf
Routing Process “ospf 1” with ID 172.16.2.1
Domain ID type 0x0005, value 0.0.0.1
Start time: 00:34:38.456, Time elapsed: 01:31:12.352
Supports only single TOS(TOS0) routes
Supports opaque LSA
Supports Link-local Signaling (LLS)
Supports area transit capability
Supports NSSA (compatible with RFC 3101)
Connected to MPLS VPN Superbackbone, VRF Networking
Event-log disabled
It is an area border router
Router is not originating router-LSAs with maximum metric
Initial SPF schedule delay 5000 msecs
Minimum hold time between two consecutive SPFs 10000 msecs
Maximum wait time between two consecutive SPFs 10000 msecs
Incremental-SPF disabled
Minimum LSA interval 5 secs
Minimum LSA arrival 1000 msecs
LSA group pacing timer 240 secs
Interface flood pacing timer 33 msecs
Retransmission pacing timer 66 msecs
Number of external LSA 0. Checksum Sum 0x000000
Number of opaque AS LSA 0. Checksum Sum 0x000000
Number of DCbitless external and opaque AS LSA 0
Number of DoNotAge external and opaque AS LSA 0
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Number of areas transit capable is 0
External flood list length 0
IETF NSF helper support enabled
Cisco NSF helper support enabled
BFD is enabled
Reference bandwidth unit is 100 mbps
Area BACKBONE(0)
Number of interfaces in this area is 2
Area has no authentication
SPF algorithm last executed 00:02:42.652 ago
SPF algorithm executed 5 times
Area ranges are
Number of LSA 5. Checksum Sum 0x02F7DB
Number of opaque link LSA 0. Checksum Sum 0x000000
Number of DCbitless LSA 0
Number of indication LSA 0
Number of DoNotAge LSA 0
Flood list length 0

Rtr2#

“sh bfd …” – These commands aren’t working because BFD killed Rtr1

One of those things I hate to do, but its just a limit of Dynamips that we need to deal with, I don’t have any rack rental tokens to try this on real gear currently (my physical lab is way too old to handle BFD).

Funny enough I tried to reboot Rtr1 to see if it’d come back online sane, and immediately Rtr2 started pumping out errors until it froze as well, so I think Rtr1 dying earlier is what actually allowed Rtr2 to stay alive.

Anyways I pulled these verification commands just to be aware of their syntax:

Rtr2#sh bfd ?
drops Display packets dropped
map BFD map entry DB
neighbors BFD neighbors
summary BFD summary

Rtr2#sh bfd summ ?
client BFD summary for clients
host BFD summary for sessions
session BFD summary for protocols
| Output modifiers
<cr>

Nothing. No output probably because Rtr1 froze up, I don’t think I can get much further with this topic on an emulator with BFD.

Rtr2#sh bfd summ session
Rtr2#sh bfd nei
Rtr2#sh bfd nei det
Rtr2#

Otherwise all these came up empty, so I apologize for that, I will need to come back around to update this thread once I get a chance with real output or at least a video link to some kind of verification for BFD

So that is as far as I can go with BFD on a Dynamips platform unfortunately!

Its pretty straight forward that it just uses Millseconds to detect links going down rather than seconds, IGPs can be used to detect this faster in SECONDS, however BFD’s claim to fame is doing this in conjunction with IGP to detect it within MILLIseconds!

And that is all I have to say about that!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s