- Cisco Nexus 3000 Switch NX-OS Unicast Routing Configuration Guide, Release 6.x
- Contents
- Preface
- New and Changed Information
- Overview
- Part 1: IP
- Configuring IPv4
- Configuring IPv6
- Part 2: Routing
- Configuring OSPF
- Configuring OSPFv3
- Configuring EIGRP
- Configuring Basic BGP
- Configuring Advanced BGP
- Configuring BGP Additional Paths
- ECMP Recovery
- Configuring ECMP for Host Routes
- Configuring RIP
- Configuring Static Routing
- Configuring Layer 3 Virtualization
- Configuring the Unicast RIB and FIB
- Configuring Route Policy Manager
- Configuring Policy-Based Routing
- Configuring Bidirectional Forwarding Detection
- Part 3: First-Hop Redundancy Protocols
- Configuring HSRP
- Configuring VRRP
- Configuring Object Tracking
- IETF RFCs
- Glossary
- Index
- Information About BFD
- Licensing Requirements for BFD
- Prerequisites for BFD
- Guidelines and Limitations
- Default Settings
- Configuring BFD
- Configuration Hierarchy
- Task Flow for Configuring BFD
- Enabling the BFD Feature
- Configuring Global BFD Parameters
- Configuring BFD on an Interface
- Configuring BFD on a Port Channel
- Configuring the BFD Echo Function
- Configuring BFD on BGP
- Configuring BFD on PIM
- Configuring BFD on OSPFv2
- Configuring BFD for Static Routes
- Configuring BFD for IPv6
- Configuring Global BFD Parameters for IPv6
- Configuring Per Interface BFD Parameters for IPv6
- Configuring BFD for IPv6 on OSPFv3
- Configuring BFD on IPv6 Static Routes
- Configuring BFD Echo Mode for IPv6
- Configuring BFD Session Echo Interval for IPv6
- Configuring a BFD Echo Interface for IPv6
- Configuring BFD Slow Timer for IPv6
- Verifying the BFD Configuration
- Monitoring BFD
Configuring Bidirectional Forwarding Detection
This chapter describes how to configure Bidirectional Forwarding Detection (BFD).
Information About BFD
BFD is a detection protocol designed to provide fast forwarding-path failure detection times for media types, encapsulations, topologies, and routing protocols. You can use BFD to detect forwarding path failures at a uniform rate, rather than the variable rates for different protocol hello mechanisms. BFD makes network profiling and planning easier and reconvergence time consistent and predictable.
BFD provides subsecond failure detection between two adjacent devices.
This section includes the following topics:
Asynchronous Mode
Cisco NX-OS supports the BFD asynchronous mode, which sends BFD control packets between two adjacent devices to activate and maintain BFD neighbor sessions between the devices. You configure BFD on both devices (or BFD neighbors). Once BFD has been enabled on the appropriate protocols, Cisco NX-OS creates a BFD session, negotiates BFD session parameters, and begins to send BFD control packets to each BFD neighbor at the negotiated interval. The BFD session parameters include the following:
- Desired minimum transmit interval—The interval at which this device wants to send BFD hello messages.
- Required minimum receive interval—The minimum interval at which this device can accept BFD hello messages from another BFD device.
- Detect multiplier—The number of missing BFD hello messages from another BFD device before this local device detects a fault in the forwarding path.
BFD Detection of Failures
Once a BFD session has been established and timer negotiations are complete, BFD neighbors send BFD control packets that act in the same manner as an IGP hello protocol to detect liveliness, except at a more accelerated rate. BFD detects a failure, but the protocol must take action to bypass a failed peer.
BFD sends a failure detection notice to the BFD-enabled protocols when it detects a failure in the forwarding path. The local device can then initiate the protocol recalculation process and reduce the overall network convergence time.
When a failure occurs in the network, the following occurs:
1. The BFD neighbor session with the BFD neighbor router is torn down.
2. BFD notifies the local BFD process that the BFD neighbor is no longer reachable.
3. The local BFD process tears down the BFD neighbor relationship.
4. If an alternative path is available, the routers immediately start converging on it.
Note The BFD failure detection occurs in less than a second.
BFD Echo Function
The BFD echo function sends echo packets from the forwarding engine to the remote BFD neighbor. The BFD neighbor forwards the echo packet back along the same path in order to perform detection; the BFD neighbor does not participate in the actual forwarding of the echo packets. The echo function and the forwarding engine are responsible for the detection process. BFD can use the slow timer to slow down the asynchronous session when the echo function is enabled and reduce the number of BFD control packets that are sent between two BFD neighbors. Also, the forwarding engine tests the forwarding path on the remote (neighbor) system without involving the remote system, so there is less interpacket delay variability and faster failure detection times.
The echo function is asymmetrical when both BFD neighbors are running echo function.
Security
Cisco NX-OS uses the packet Time to Live (TTL) value to verify that the BFD packets came from an adjacent BFD peer. For all asynchronous and echo request packets, the BFD neighbor sets the TTL value to 255 and the local BFD process verifies the TTL value as 255 before processing the incoming packet. For the echo response packet, BFD sets the TTL value to 254.
Licensing Requirements for BFD
The following table shows the licensing requirements for this feature:
Prerequisites for BFD
BFD has the following prerequisites:
- You must enable the BFD feature (see the “Enabling the BFD Feature” section).
- For any client protocols that you want to enable BFD on, you enable BFD in that client protocol. See the “Configuring BFD for IPv6” section.
- For any client protocols that you want to enable BFD on, you enable BFD in that client protocol.
- Disable Internet Control Message Protocol (ICMP) redirect messages on a BFD-enabled interfaces.
- See other detailed prerequisites that are listed with the configuration tasks.
- Beginning with Cisco NX-OS Release 6.0(2)U4(1), BFD for IPv6 is supported.
Guidelines and Limitations
BFD has the following configuration guidelines and limitations:
- BFD supports BFD version 1.
- BFD supports IPv4, IPv6, OSPFv2, BGPv4 and static routes.
- BFD supports single-hop BFD.
- BFD for BGP supports single-hop eBGP and iBGP with an update source.
- BFD supports the following Layer 3 interfaces—physical interfaces, port channels, subinterfaces, and VLAN interfaces (SVI).
- BFD does not support authentication for BFD or per-link BFD sessions on a port channel.
- BFD depends on a Layer 3 adjacency information to discover topology changes, including Layer 2 topology changes. A BFD session on a VLAN interface (SVI) may not be up after the convergence of the Layer 2 topology if there is no Layer 3 adjacency information available.
- Port channel configuration limitations:
– For Layer 3 port channels used by BFD, you must enable the Link Aggregation Control Protocol (LACP) on the port channel.
– For Layer 2 port channels used by SVI sessions, you must enable LACP on the port channel.
– When you change the topology (for example, add or delete a link into a VLAN, delete a member from a Layer 2 port channel, and so on), the SVI session could be affected. It may go down first and then come up after the topology discovery is finished.
Tip If you do not want the SVI sessions to flap and you need to change the topology, you can disable the BFD feature before making the changes and reenable BFD after the changes have been made. You can also configure the BFD timer to be a large value (for example, 5 seconds), and change it back to a fast timer after the above events complete.
- Cisco NX-OS does not distribute the BFD operation to compatible modules to offload the CPU for BFD packet processing.
- BFD does not support stateless restarts and in-service software upgrades (ISSUs).
- If you want to enable BFD for a peer reachable through a port channel, you must configure LACP on the port channel.
- BFD echo mode and Unicast Reverse Path Forwarding (URPF) are mutually exclusive and cannot both be enabled on a BFD interface. If you want to configure an interface for BFD, you must disable either BFD echo mode or URPF.
- HSRP for IPv6, VRRPv3 for IPv6 are not supported with BFD.
- Static IPv6 routes are supported with BFD.
- The BFD echo function is supported only when using global IPv6 addresses and not when using IPv6 link-local addresses.
Default Settings
Table 18-1 lists the default settings for BFD parameters.
Configuring BFD
This section includes the following topics:
- Configuration Hierarchy
- Task Flow for Configuring BFD
- Enabling the BFD Feature
- Configuring Global BFD Parameters
- Configuring BFD on an Interface
- Configuring BFD on a Port Channel
- Configuring the BFD Echo Function
- Configuring BFD on BGP
- Configuring BFD on PIM
- Configuring BFD on OSPFv2
- Configuring BFD for Static Routes
- Configuring Global BFD Parameters for IPv6
- Configuring Per Interface BFD Parameters for IPv6
- Configuring BFD for IPv6 on OSPFv3
- Configuring BFD on IPv6 Static Routes
- Configuring BFD Echo Mode for IPv6
- Configuring BFD Session Echo Interval for IPv6
- Configuring a BFD Echo Interface for IPv6
- Configuring BFD Slow Timer for IPv6
Configuration Hierarchy
You can configure BFD at the global level, VRF level, at the interface or port channel level, or at the subinterface level (for physical interfaces and port channels). The VRF configuration overrides global configuration. The interface or port channel configuration overrides VRF or global configuration. On supported interfaces, the subinterface-level configuration overrides the interface or port channel configuration. See the “Configuring BFD on BGP” section for more information.
For physical ports that are members of a port channel, the member port inherits the master port channel BFD configuration. The member port subinterfaces can override the master port channel BFD configuration.
Task Flow for Configuring BFD
Follow these steps to configure BFD:
Step 1 Enabling the BFD Feature.
Step 2 Configuring Global BFD Parameters or Configuring BFD on an Interface.
Enabling the BFD Feature
You must enable the BFD feature before you can configure BFD on an interface and protocol.
Configuring Global BFD Parameters
You can configure the BFD session parameters for all BFD sessions on the device. The BFD session parameters are negotiated between the BFD peers in a three-way handshake.
See the “Configuring BFD on an Interface” section to override these global session parameters on an interface.
BEFORE YOU BEGIN
Enable the BFD feature. See the “Enabling the BFD Feature” section.
SUMMARY STEPS
2. bfd interval mintx min_rx msec multiplier value
3. bfd slow-timer [ interval ]
DETAILED STEPS
Configuring BFD on an Interface
You can configure the BFD session parameters for all BFD sessions on an interface. The BFD session parameters are negotiated between the BFD peers in a three-way handshake.
This configuration overrides the global session parameters for the configured interface.
BEFORE YOU BEGIN
Enable the BFD feature. See the “Enabling the BFD Feature” section.
SUMMARY STEPS
3. bfd interval mintx min_rx msec multiplier value
DETAILED STEPS
Configuring BFD on a Port Channel
You can configure the BFD session parameters for all BFD sessions on a port channel. For example, if the BFD session for one link on a port channel is up, BFD informs client protocols, such as BGP, that the port channel is up. The BFD session parameters are negotiated between the BFD peers in a three-way handshake.
This configuration overrides the global session parameters for the configured port channel. The member ports of the port channel inherit the port channel BFD session parameters, unless you configure subinterface-level BFD parameters on a member port. See the “Configuring BFD on BGP” section for more information.
BEFORE YOU BEGIN
Ensure that you enable LACP on the port channel before you enable BFD.
Enable the BFD feature. See the “Enabling the BFD Feature” section.
SUMMARY STEPS
2. interface port-channel number
3. (Optional) bfd interval mintx min_rx msec multiplier value
DETAILED STEPS
Configuring the BFD Echo Function
You can configure the BFD echo function on one or both ends of a BFD-monitored link. The echo function slows down the required minimum receive interval, based on the configured slow timer. The RequiredMinEchoRx BFD session parameter is set to zero if the echo function is disabled. The slow timer becomes the required minimum receive interval if the echo function is enabled.
BEFORE YOU BEGIN
Enable the BFD feature. See the “Enabling the BFD Feature” section.
Configure the BFD session parameters. See the “Configuring Global BFD Parameters” section or the “Configuring BFD on an Interface” section.
Ensure that Internet Control Message Protocol (ICMP) redirect messages are disabled on BFD-enabled interfaces. Use the no ip redirects command on the interface.
DETAILED STEPS
BEFORE YOU BEGIN
Enable the BFD feature. See the “Enabling the BFD Feature” section.
Configure the BFD session parameters. See the “Configuring Global BFD Parameters” section or the “Configuring BFD on an Interface” section.
Enable the BGP feature. See the “Enabling the BGP Feature” section
SUMMARY STEPS
3. neighbor { ip-address | ipv6-address } remote-as as-number
DETAILED STEPS
BEFORE YOU BEGIN
Enable the BFD feature. See the “Enabling the BFD Feature” section.
Enable the PIM feature. See the Cisco Nexus 3000 Series NX-OS Multicast Routing Configuration Guide for more information.
DETAILED STEPS
BEFORE YOU BEGIN
Enable the BFD feature. See the “Enabling the BFD Feature” section.
Configure the BFD session parameters. See the “Configuring Global BFD Parameters” section or the “Configuring BFD on an Interface” section.
Enable the OSPFv2 feature. See the “Enabling the OSPFv2 Feature” section.
DETAILED STEPS
Configuring BFD for Static Routes
You can configure BFD for static routes on an interface. You can optionally configure BFD on a static route within a virtual routing and forwarding (VRF) instance.
BEFORE YOU BEGIN
Enable the BFD feature. See the “Enabling the BFD Feature” section.
SUMMARY STEPS
2. (Optional) vrf context vrf-name
3. ip route route interface if { nh-address | nh-prefix }
4. ip route static bfd interface { nh-address | nh-prefix }
DETAILED STEPS
Configuring BFD for IPv6
BEFORE YOU BEGIN
You can specify either the IPv4 or the IPv6 address family when you configure BFD parameters.
SUMMARY STEPS
2. bfd [ipv4 | ipv6] interval [interval min_rx milliseconds multiplier interval-multiplier]
DETAILED STEPS
SUMMARY STEPS
3. bfd [ipv4 | ipv6] interval [interval min_rx milliseconds multiplier interval-multiplier]
DETAILED STEPS
Configuring BFD for IPv6 on OSPFv3
You can configure BFD for IPv6 on the Open Shortest Path First Protocol (OSPFv3).
BEFORE YOU BEGIN
- Enable the BFD feature. See the “Enabling the BFD Feature” section.
- Enable the OSPFv3 feature. See the “Enabling OSPFv3” section
- Configure the BFD session parameters. See the “Configuring Global BFD Parameters for IPv6” section or the “Configuring Per Interface BFD Parameters for IPv6” section.
- Enable the OSPFv3 feature. See the Cisco Nexus 3000 Series NX-OS Unicast Routing Configuration Guide for more information.
DETAILED STEPS
Configuring BFD on IPv6 Static Routes
You can configure BFD for all IPv6 static routes on an interface.
SUMMARY STEPS
3. ipv6 route route interface {nh-address | nh-prefix}
4. ipv6 route static bfd network-interface {nh-address | nh-prefix}
5. (Optional) show bfd neighbors
DETAILED STEPS
Configuring BFD Echo Mode for IPv6
The echo function is enabled by default. You can disable it for IPv4, IPv6, or all address families.
DETAILED STEPS
DETAILED STEPS
Configuring a BFD Echo Interface for IPv6
Perform this task to configure the loopback interface as the source address for all echo frames.
DETAILED STEPS
Configuring BFD Slow Timer for IPv6
Echo mode is enabled by default. You can configure the slow-timer value and disable or enable echo mode for an address family.
Verifying the BFD Configuration
To display BFD configuration information, perform one of the following tasks:
For detailed information about the fields in the output from these commands, see the Cisco Nexus 3000 Series NX-OS Interfaces Command Reference, Release 6.x .
Monitoring BFD
Use the following commands to display BFD for IPv4 and IPv6 neighbors:
For detailed information about the fields in the output from these commands, see the Cisco Nexus 3000 Series Command Reference .
Feedback