BFD Configuration Mode Commands

The BFD Configuration Mode manages the protocol settings for Bidirectional Forwarding Detection (BFD).

BFD provides a low-overhead, short duration method of detecting failures in the forwarding path between two BGP adjacent routers, including the interfaces, data links, and forwarding plane. BFD must be enabled on both routers. The ASR 5000 and ASR 5500 supports BFD on Layer 3 clients only in asynchronous mode with optional Echo functionality.

IMPORTANT:

The commands or keywords/variables that are available are dependent on platform type, product version, and installed license(s).

bfd multihop-peer

Configures parameters for any multihop-BFD sessions with the same destination address. If these parameters are not configured via this command, MH-BFD sessions with the same destination address will be in the Admin-down state.

Platform:

ASR 5000

Product:

All


Privilege:

Security Administrator, Administrator


Syntax
bfd multihop-peer dst-ip-address { authentication { md5 | meticulous-md5 | meticulous-sha1
plain-text | sha1 } { encrypted password-string | password  password-string } | interval tx_interval  min_rx rx_interval  multiplier value }no bfd multihop-peer dst-ip-address authentication 
no

Removes all the parameters for the MH-BFD destination address and if there are any sessions with the same destination address, those sessions will go to Admin-down state.

dst-ip-address

Specifies the destination address of the BFD enabled peer in IPv4 dotted-decimal or IPv6 colon-separated-hexadecimal notation. This destination address must have been previously configured via the ip route static bfd commands in the Context Configuration mode.

authentication { md5 | meticulous-md5 | meticulous-sha1 plain-text | sha1
Specifies the method for authenticating all multihop BFD sessions to the specified peer. By default, authentication for Multihop-BFD sessions to a destination address is disabled. The authentication type options include:
  • md5 – Message Digest 5
  • meticulous-md5 – MD5 using a secret key and sequence numbers updated for every packet
  • meticulous-sha1 – SHA1 with sequence numbers updated for every packet
  • plain-text – plain text (unencrypted)
  • sha1 – Secured Hash Algorithm 1
encrypted password-string | password password-string
Specifies the password for authentication of BFD sessions. The password must be the same between the peer neighbors for the BFD sessions to work. If the authentication password is configured incorrectly between peers, the BFD sessions to the destination address will not come UP. If the password is configured for BFD sessions that are already UP, BFD neighbors will be reset.
  • encrypted password-string: Specifies the use of an encrypted password for authentication of BFD sessions as an alphanumeric string of up to 523 characters.
  • password password-string: Specifies the use of a plain text password for authentication of BFD sessions as an alphanumeric string of 1 through 19 characters.

IMPORTANT:

The destination address and its transmit/receive intervals must be configured before the password is applied to any MH-BFD sessions at a destination address.

interval tx_interval min_rx rx_interval multiplier value

interval tx_interval: Specifies the transmit interval (in milliseconds) between BFD packets as an integer from 50 through 999. Default: 50

min_rx rx_interval: Specifies the receive interval (in milliseconds) between BFD packets as an integer from 50 through 999. Default: 50

multiplier value: Specifies the multiplier value sued to compute holddown as an integer from 3 through 50. Default: 3


Usage:

Use this command to configure basic operating parameters between BFD enabled peers.


Example:
bfd multihop-peer
10.2.3.4 authentication md5 encrypted 5-klm7783bfd multihop-peer
10.2.3.4 interval 100 min_rx 100 multiplier 5
bfd nbr-group-name

Configures BFD neighbor groups.

Platform:

ASR 5000

Product:

All


Privilege:

Security Administrator, Administrator


Syntax
[no] bfd
nbr-group-name neighbor-group { active-if-name if-name | passive-if-name if-name } gw-ip-addressno bfd nbr-group-name neighbor-group
no

Removes all the parameters for the BFD neighbor group.

neighbor-group

Specifies an identifier for a BFD neighbor group as an alphanumeric string of 1 through 19 characters.

active-if-name if-name | passive-if-name if-name

Specifies the logical/physical interface associated with this BFD group.

active-if-name if-name: Specifies an active interface that notifies all passive interfaces in this group. There should be only one active interface in a group. if-name is a logical or physical interface specified as an alphanumeric string of 1 through 79 characters.

passive-if-name if-name: Specifies a passive interface that receives BFD notifications from the active interface in this group. if-name is a logical or physical interface specified as an alphanumeric string of 1 through 79 characters.

gw-ip-address

Specifies the gateway address of the BFD neighbor in IPv4 dotted-decimal or IPv6 colon-separated-hexadecimal notation (optional CIDR notation).


Usage:

Allow scaling of BFD sessions when a large number of logical interfaces are configured on a physical interface. A failure on the physical interface or a logical interface can be propagated to all passive interfaces in this group.


Example:
bfd nbr-group-name
bgpgroup132 active-if-name bgpif02
echo

Enables or disables BFD echo mode functionality. The Echo function tests the forwarding path on the remote system. Echo is only used for single hop BFD sessions

Platform:

ASR 5000

Product:

All


Privilege:

Security Administrator, Administrator


Syntax
[ no ] echo
no echo

Disables BFD echo functionality.


Usage:

Use this function to send a stream of Echo packets that the other endpoint then sends back via its forwarding plane. Echo tests the forwarding path on the remote system.

end

Exits the current configuration mode and returns to the Exec mode.

Product:

All


Privilege:

Security Administrator, Administrator


Syntax
end

Usage:

Use this command to return to the Exec mode.

exit

Exits the current mode and returns to the parent configuration mode.

Product:

All


Privilege:

Security Administrator, Administrator


Syntax
exit

Usage:

Use this command to return to the parent configuration mode.

slow-timers

Specifies the asynchronous mode control packet interval when Echo mode is enabled. In BFD asynchronous mode, BFD-enabled peers periodically send BFD Control packets to one another. If a number of those packets in a row are not received within the specified interval by the other peer, the session is declared to be down.

Platform:

ASR 5000

Product:

All


Privilege:

Security Administrator, Administrator


Syntax
slow-timers timer-valueno slow-timers
no

Disables previously specified BFD slow timers.

timer-value

Specifies the BFD control packet interval (in milliseconds) for Echo mode as an integer from 1000 through 300000. Default: 2000


Usage:

Use this command to configure the interval between BFD control packets sent between peers in Echo mode.


Example:
slow-timers 10000