Routing Configuration Guide, Cisco Catalyst SD-WAN Releases 17.x

PDF

Troubleshoot common BFD errors

Updated: February 6, 2026

Overview

Describes how to troubleshoot common BFD issues efficiently.

This section explains how to identify and resolve common BFD issues.

Check control connections

If you experience issues with BFD, start by checking the control connection between Cisco SD-WAN Manager and the edge router by running the show sdwan control connections command.

Device#show sdwan control connections 
                                                                                       PEER                                          PEER                                          CONTROLLER 
PEER    PEER PEER            SITE       DOMAIN PEER                                    PRIV  PEER                                    PUB                                           GROUP      
TYPE    PROT SYSTEM IP       ID         ID     PRIVATE IP                              PORT  PUBLIC IP                               PORT  LOCAL COLOR     PROXY STATE UPTIME      ID         
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
vsmart  dtls 172.16.255.19   100        1      10.0.5.19                               12355 10.0.5.19                               12355 lte             No    up     0:12:45:44  0           
vsmart  dtls 172.16.255.20   200        1      10.0.12.20                              12356 10.0.12.20                              12356 lte             No    up     0:15:59:45  0           
vmanage dtls 172.16.255.22   200        0      10.0.12.22
Issues in pushing device template to device

If you identify issues with pushing the device template to the device, collect debug logs on the edge device as shown below.

debug netconf all
request platform soft system shell
tail -f /var/log/confd/cia-netconf-trace.log

If Cisco SD-WAN Manager has successfully pushed the configuration to the device and the issue still persists, run the show sdwan running-config command to view all details related to BFD.

Issues with transport-side BFD

If the transport-side BFD session is down, check the packet filter data under the Cisco Catalyst SD-WAN tunnel interface to ensure that you have allowed the BFD packets to pass through on the transport side. Look for allow-service bgp and allow-service bfd in the output.

Device#show sdwan running-config  | sec sdwan
 tunnel mode sdwan
sdwan
 interface GigabitEthernet1
  tunnel-interface
   encapsulation ipsec
   color lte
   allow-service bgp
   allow-service bfd
   ……………

Troubleshoot BFD using radioactive tracing

Minimum supported releases: Cisco IOS XE Catalyst SD-WAN Release 17.15.1a and Cisco Catalyst SD-WAN Manager Release 20.15.1

BFD troubleshooting focuses on identifying and fixing issues in the BFD protocol, which detects faults between devices. You can use this feature to check device logs and run debugging commands to collect detailed information about BFD activity.

Radioactive tracing helps in selective debugging of a session. Tracing is enabled across the layers for intended BFD session that is identified by tloc-pair or a local discriminator. It enables debug level traces automatically for all the modules while processing a packet that matches the condition.

The following show and debug commands are used in BFD troubleshooting:

  • debug platform condition start

  • debug platform condition feature sdwan controlplane bfd

  • show platform hardware qfp active feature bfd datapath

  • show logging profile sdwan internal filter

For more information on these show commands, see the chapter Troubleshooting Commands in the Cisco IOS XE SD-WAN Qualified Command Reference guide.