3 **********************************
4 Bidirectional Forwarding Detection
5 **********************************
7 :abbr:`BFD (Bidirectional Forwarding Detection)` stands for
8 Bidirectional Forwarding Detection and it is described and extended by
16 Currently, there are two implementations of the BFD commands in FRR:
18 * :abbr:`PTM (Prescriptive Topology Manager)`: an external daemon which
20 * ``bfdd``: a BFD implementation that is able to talk with remote peers;
22 This document will focus on the later implementation: *bfdd*.
30 *bfdd* default configuration file is :file:`bfdd.conf`. *bfdd* searches
31 the current directory first then |INSTALL_PREFIX_ETC|/bfdd.conf. All of
32 *bfdd*'s command must be configured in :file:`bfdd.conf`.
34 *bfdd* specific invocation options are described below. Common options
35 may also be specified (:ref:`common-invocation-options`).
39 .. option:: --bfdctl <unix-socket>
41 Set the BFD daemon control socket location. If using a non-default
44 /usr/lib/frr/bfdd --bfdctl /tmp/bfdd.sock
47 The default UNIX socket location is:
49 #define BFDD_CONTROL_SOCKET "|INSTALL_PREFIX_STATE|/bfdd.sock"
51 This option overrides the location addition that the -N option provides
54 .. option:: --dplaneaddr <type>:<address>[<:port>]
56 Configure the distributed BFD data plane listening socket bind address.
58 One would expect the data plane to run in the same machine as FRR, so
59 the suggested configuration would be:
61 --dplaneaddr unix:/var/run/frr/bfdd_dplane.sock
65 --dplaneaddr ipv4:127.0.0.1
69 --dplaneaddr ipv6:[::1]
71 It is also possible to specify a port (for IPv4/IPv6 only):
73 --dplaneaddr ipv6:[::1]:50701
75 (if ommited the default port is ``50700``).
77 It is also possible to operate in client mode (instead of listening for
78 connections). To connect to a data plane server append the letter 'c' to
79 the protocol, example:
81 --dplaneaddr ipv4c:127.0.0.1
85 When using UNIX sockets don't forget to check the file permissions
86 before attempting to use it.
96 Opens the BFD daemon configuration node.
98 .. clicmd:: peer <A.B.C.D|X:X::X:X> [{multihop|local-address <A.B.C.D|X:X::X:X>|interface IFNAME|vrf NAME}]
100 Creates and configures a new BFD peer to listen and talk to.
102 `multihop` tells the BFD daemon that we should expect packets with
103 TTL less than 254 (because it will take more than one hop) and to
104 listen on the multihop port (4784). When using multi-hop mode
105 `echo-mode` will not work (see :rfc:`5883` section 3).
107 `local-address` provides a local address that we should bind our
108 peer listener to and the address we should use to send the packets.
109 This option is mandatory for IPv6.
111 `interface` selects which interface we should use.
113 `vrf` selects which domain we want to use.
116 .. clicmd:: profile WORD
118 Creates a peer profile that can be configured in multiple peers.
120 Deleting the profile will cause all peers using it to reset to the default
124 .. clicmd:: show bfd [vrf NAME] peers [json]
126 Show all configured BFD peers information and current status.
128 .. clicmd:: show bfd [vrf NAME] peer <WORD|<A.B.C.D|X:X::X:X> [{multihop|local-address <A.B.C.D|X:X::X:X>|interface IFNAME}]> [json]
130 Show status for a specific BFD peer.
132 .. clicmd:: show bfd [vrf NAME] peers brief [json]
134 Show all configured BFD peers information and current status in brief.
136 .. clicmd:: show bfd distributed
138 Show the BFD data plane (distributed BFD) statistics.
143 Peer / Profile Configuration
144 ----------------------------
146 BFD peers and profiles share the same BFD session configuration commands.
148 .. clicmd:: detect-multiplier (2-255)
150 Configures the detection multiplier to determine packet loss. The
151 remote transmission interval will be multiplied by this value to
152 determine the connection loss detection timer. The default value is
155 Example: when the local system has `detect-multiplier 3` and the
156 remote system has `transmission interval 300`, the local system will
157 detect failures only after 900 milliseconds without receiving
160 .. clicmd:: receive-interval (10-60000)
162 Configures the minimum interval that this system is capable of
163 receiving control packets. The default value is 300 milliseconds.
165 .. clicmd:: transmit-interval (10-60000)
167 The minimum transmission interval (less jitter) that this system
168 wants to use to send BFD control packets. Defaults to 300ms.
170 .. clicmd:: echo receive-interval <disabled|(10-60000)>
172 Configures the minimum interval that this system is capable of
173 receiving echo packets. Disabled means that this system doesn't want
174 to receive echo packets. The default value is 50 milliseconds.
176 .. clicmd:: echo transmit-interval (10-60000)
178 The minimum transmission interval (less jitter) that this system
179 wants to use to send BFD echo packets. Defaults to 50ms.
181 .. clicmd:: echo-mode
183 Enables or disables the echo transmission mode. This mode is disabled
184 by default. If you are not using distributed BFD then echo mode works
185 only when the peer is also FRR.
187 It is recommended that the transmission interval of control packets
188 to be increased after enabling echo-mode to reduce bandwidth usage.
189 For example: `transmit-interval 2000`.
191 Echo mode is not supported on multi-hop setups (see :rfc:`5883`
196 Enables or disables the peer. When the peer is disabled an
197 'administrative down' message is sent to the remote peer.
200 .. clicmd:: passive-mode
202 Mark session as passive: a passive session will not attempt to start
203 the connection and will wait for control packets from peer before it
206 This feature is useful when you have a router that acts as the
207 central node of a star network and you want to avoid sending BFD
208 control packets you don't need to.
210 The default is active-mode (or ``no passive-mode``).
212 .. clicmd:: minimum-ttl (1-254)
214 For multi hop sessions only: configure the minimum expected TTL for
215 an incoming BFD control packet.
217 This feature serves the purpose of thightening the packet validation
218 requirements to avoid receiving BFD control packets from other
221 The default value is 254 (which means we only expect one hop between
222 this system and the peer).
225 BFD Peer Specific Commands
226 --------------------------
228 .. clicmd:: label WORD
230 Labels a peer with the provided word. This word can be referenced
231 later on other daemons to refer to a specific peer.
234 .. clicmd:: profile BFDPROF
236 Configure peer to use the profile configurations.
240 - Profile configurations can be overridden on a peer basis by specifying
241 non-default parameters in peer configuration node.
242 - Non existing profiles can be configured and they will only be applied
243 once they start to exist.
244 - If the profile gets updated the new configuration will be applied to all
245 peers with the profile without interruptions.
248 .. _bfd-bgp-peer-config:
250 BGP BFD Configuration
251 ---------------------
253 The following commands are available inside the BGP configuration node.
255 .. clicmd:: neighbor <A.B.C.D|X:X::X:X|WORD> bfd
257 Listen for BFD events registered on the same target as this BGP
258 neighbor. When BFD peer goes down it immediately asks BGP to shutdown
259 the connection with its neighbor and, when it goes back up, notify
260 BGP to try to connect to it.
263 .. clicmd:: neighbor <A.B.C.D|X:X::X:X|WORD> bfd check-control-plane-failure
265 Allow to write CBIT independence in BFD outgoing packets. Also allow to
266 read both C-BIT value of BFD and lookup BGP peer status. This command is
267 useful when a BFD down event is caught, while the BGP peer requested that
268 local BGP keeps the remote BGP entries as staled if such issue is detected.
269 This is the case when graceful restart is enabled, and it is wished to
270 ignore the BD event while waiting for the remote router to restart.
272 Disabling this disables presence of CBIT independence in BFD outgoing
273 packets and pays attention to BFD down notifications. This is the default.
276 .. clicmd:: neighbor <A.B.C.D|X:X::X:X|WORD> bfd profile BFDPROF
278 Same as command ``neighbor <A.B.C.D|X:X::X:X|WORD> bfd``, but applies the
279 BFD profile to the sessions it creates or that already exist.
282 .. _bfd-isis-peer-config:
284 IS-IS BFD Configuration
285 -----------------------
287 The following commands are available inside the interface configuration node.
291 Listen for BFD events on peers created on the interface. Every time
292 a new neighbor is found a BFD peer is created to monitor the link
293 status for fast convergence.
295 Note that there will be just one BFD session per interface. In case both
296 IPv4 and IPv6 support are configured then just a IPv6 based session is
299 .. clicmd:: isis bfd profile BFDPROF
301 Use a BFD profile BFDPROF as provided in the BFD configuration.
304 .. _bfd-ospf-peer-config:
306 OSPF BFD Configuration
307 ----------------------
309 The following commands are available inside the interface configuration node.
311 .. clicmd:: ip ospf bfd
313 Listen for BFD events on peers created on the interface. Every time
314 a new neighbor is found a BFD peer is created to monitor the link
315 status for fast convergence.
317 .. clicmd:: ip ospf bfd profile BFDPROF
319 Same as command ``ip ospf bfd``, but applies the BFD profile to the sessions
320 it creates or that already exist.
323 .. _bfd-ospf6-peer-config:
325 OSPF6 BFD Configuration
326 -----------------------
328 The following commands are available inside the interface configuration node.
330 .. clicmd:: ipv6 ospf6 bfd [profile BFDPROF]
332 Listen for BFD events on peers created on the interface. Every time
333 a new neighbor is found a BFD peer is created to monitor the link
334 status for fast convergence.
336 Optionally uses the BFD profile ``BFDPROF`` in the created sessions under
340 .. _bfd-pim-peer-config:
342 PIM BFD Configuration
343 ---------------------
345 The following commands are available inside the interface configuration node.
347 .. clicmd:: ip pim bfd [profile BFDPROF]
349 Listen for BFD events on peers created on the interface. Every time
350 a new neighbor is found a BFD peer is created to monitor the link
351 status for fast convergence.
353 Optionally uses the BFD profile ``BFDPROF`` in the created sessions under
357 .. _bfd-rip-peer-config:
359 RIP BFD configuration
360 ---------------------
362 The following commands are available inside the interface configuration node:
364 .. clicmd:: ip rip bfd
366 Automatically create BFD session for each RIP peer discovered in this
367 interface. When the BFD session monitor signalize that the link is down
368 the RIP peer is removed and all the learned routes associated with that
372 .. clicmd:: ip rip bfd profile BFD_PROFILE_NAME
374 Selects a BFD profile for the BFD sessions created in this interface.
377 The following command is available in the RIP router configuration node:
379 .. clicmd:: bfd default-profile BFD_PROFILE_NAME
381 Selects a default BFD profile for all sessions without a profile specified.
384 .. _bfd-static-peer-config:
386 BFD Static Route Monitoring Configuration
387 -----------------------------------------
389 A monitored static route conditions the installation to the RIB on the
390 BFD session running state: when BFD session is up the route is installed
391 to RIB, but when the BFD session is down it is removed from the RIB.
393 The following commands are available inside the configuration node:
395 .. clicmd:: ip route A.B.C.D/M A.B.C.D bfd [{multi-hop|source A.B.C.D|profile BFDPROF}]
397 Configure a static route for ``A.B.C.D/M`` using gateway ``A.B.C.D`` and use
398 the gateway address as BFD peer destination address.
400 .. clicmd:: ipv6 route X:X::X:X/M [from X:X::X:X/M] X:X::X:X bfd [{multi-hop|source X:X::X:X|profile BFDPROF}]
402 Configure a static route for ``X:X::X:X/M`` using gateway
403 ``X:X::X:X`` and use the gateway address as BFD peer destination
406 The static routes when uninstalled will no longer show up in the output of
407 the command ``show ip route`` or ``show ipv6 route``, instead we must use the
408 BFD static route show command to see these monitored route status.
410 .. clicmd:: show bfd static route [json]
412 Show all monitored static routes and their status.
418 Showing BFD monitored static routes:
421 rtg1 peer 172.16.0.1 (status: uninstalled):
425 VRF default IPv4 Unicast:
426 192.168.100.0/24 peer 172.16.0.1 (status: uninstalled)
428 VRF default IPv4 Multicast:
430 VRF default IPv6 Unicast:
432 .. _bfd-configuration:
437 Before applying ``bfdd`` rules to integrated daemons (like BGPd), we must
438 create the corresponding peers inside the ``bfd`` configuration node.
440 Here is an example of BFD configuration:
451 neighbor 192.168.0.1 remote-as 65531
452 neighbor 192.168.0.1 bfd
453 neighbor 192.168.0.2 remote-as 65530
454 neighbor 192.168.0.2 bfd
455 neighbor 192.168.0.3 remote-as 65532
456 neighbor 192.168.0.3 bfd
459 Peers can be identified by its address (use ``multihop`` when you need
460 to specify a multi hop peer) or can be specified manually by a label.
462 Here are the available peer configurations:
467 ! Configure a fast profile
470 transmit-interval 150
473 ! Configure peer with fast profile
479 ! Configure peer with fast profile and override receive speed.
486 ! configure a peer on an specific interface
487 peer 192.168.0.1 interface eth0
491 ! configure a multihop peer
492 peer 192.168.0.2 multihop local-address 192.168.0.3
496 ! configure a peer in a different vrf
497 peer 192.168.0.3 vrf foo
501 ! configure a peer with every option possible
505 receive-interval 60000
506 transmit-interval 3000
510 ! configure a peer on an interface from a separate vrf
511 peer 192.168.0.5 interface eth1 vrf vrf2
516 no peer 192.168.0.3 vrf foo
524 You can inspect the current BFD peer status with the following commands:
534 Uptime: 1 minute(s), 51 second(s)
536 Remote diagnostics: ok
540 Receive interval: 300ms
541 Transmission interval: 300ms
542 Echo receive interval: 50ms
543 Echo transmission interval: disabled
546 Receive interval: 300ms
547 Transmission interval: 300ms
548 Echo receive interval: 50ms
555 Uptime: 1 minute(s), 53 second(s)
557 Remote diagnostics: ok
558 Peer Type: configured
561 Receive interval: 300ms
562 Transmission interval: 300ms
563 Echo receive interval: 50ms
564 Echo transmission interval: disabled
567 Receive interval: 300ms
568 Transmission interval: 300ms
569 Echo receive interval: 50ms
571 frr# show bfd peer 192.168.1.1
578 Uptime: 3 minute(s), 4 second(s)
580 Remote diagnostics: ok
584 Receive interval: 300ms
585 Transmission interval: 300ms
586 Echo receive interval: 50ms
587 Echo transmission interval: disabled
590 Receive interval: 300ms
591 Transmission interval: 300ms
592 Echo receive interval: 50ms
594 frr# show bfd peer 192.168.0.1 json
595 {"multihop":false,"peer":"192.168.0.1","id":1,"remote-id":1,"status":"up","uptime":161,"diagnostic":"ok","remote-diagnostic":"ok","receive-interval":300,"transmit-interval":300,"echo-receive-interval":50,"echo-transmit-interval":0,"detect-multiplier":3,"remote-receive-interval":300,"remote-transmit-interval":300,"remote-echo-receive-interval":50,"remote-detect-multiplier":3,"peer-type":"dynamic"}
597 If you are running IPV4 BFD Echo, on a Linux platform, we also
598 calculate round trip time for the packets. We display minimum,
599 average and maximum time it took to receive the looped Echo packets
602 You can inspect the current BFD peer status in brief with the following commands:
606 frr# show bfd peers brief
608 SessionId LocalAddress PeerAddress Status
609 ========= ============ =========== ======
610 1 192.168.0.1 192.168.0.2 up
613 You can also inspect peer session counters with the following commands:
617 frr# show bfd peers counters
619 peer 192.168.2.1 interface r2-eth2
620 Control packet input: 28 packets
621 Control packet output: 28 packets
622 Echo packet input: 0 packets
623 Echo packet output: 0 packets
625 Session down events: 0
626 Zebra notifications: 2
629 Control packet input: 54 packets
630 Control packet output: 103 packets
631 Echo packet input: 965 packets
632 Echo packet output: 966 packets
634 Session down events: 0
635 Zebra notifications: 4
637 frr# show bfd peer 192.168.0.1 counters
639 Control packet input: 126 packets
640 Control packet output: 247 packets
641 Echo packet input: 2409 packets
642 Echo packet output: 2410 packets
644 Session down events: 0
645 Zebra notifications: 4
647 frr# show bfd peer 192.168.0.1 counters json
648 {"multihop":false,"peer":"192.168.0.1","control-packet-input":348,"control-packet-output":685,"echo-packet-input":6815,"echo-packet-output":6816,"session-up":1,"session-down":0,"zebra-notifications":4}
650 You can also clear packet counters per session with the following commands, only the packet counters will be reset:
654 frr# clear bfd peers counters
656 frr# show bfd peers counters
658 peer 192.168.2.1 interface r2-eth2
659 Control packet input: 0 packets
660 Control packet output: 0 packets
661 Echo packet input: 0 packets
662 Echo packet output: 0 packets
664 Session down events: 0
665 Zebra notifications: 2
668 Control packet input: 0 packets
669 Control packet output: 0 packets
670 Echo packet input: 0 packets
671 Echo packet output: 0 packets
673 Session down events: 0
674 Zebra notifications: 4
682 The distributed BFD is the separation of the BFD protocol control plane from
683 the data plane. FRR implements its own BFD data plane protocol so vendors can
684 study and include it in their own software/hardware without having to modify
685 the FRR source code. The protocol definitions can be found at
686 ``bfdd/bfddp_packet.h`` header (or the installed
687 ``/usr/include/frr/bfdd/bfddp_packet.h``).
689 To use this feature the BFD daemon needs to be started using the command line
690 option :option:`--dplaneaddr`. When operating using this option the BFD daemon
691 will not attempt to establish BFD sessions, but it will offload all its work to
692 the data plane that is (or will be) connected. Data plane reconnection is also
695 The BFD data plane will be responsible for:
697 * Sending/receiving the BFD protocol control/echo packets
699 * Notifying BFD sessions state changes
701 * Keeping the number of packets/bytes received/transmitted per session
704 The FRR BFD daemon will be responsible for:
706 * Adding/updating BFD session settings
708 * Asking for BFD session counters
710 * Redistributing the state changes to the integrated protocols (``bgpd``,
714 BFD daemon will also keep record of data plane communication statistics with
715 the command :clicmd:`show bfd distributed`.
721 frr# show bfd distributed
728 Input current usage: 0
730 Output bytes peak: 136
732 Output full events: 0
733 Output current usage: 0
741 By default only informational, warning and errors messages are going to be
742 displayed. If you want to get debug messages and other diagnostics then make
743 sure you have `debugging` level enabled:
748 log file /var/log/frr/frr.log debugging
751 You may also fine tune the debug messages by selecting one or more of the
754 .. clicmd:: debug bfd distributed
756 Toggle BFD data plane (distributed BFD) debugging.
758 Activates the following debug messages:
760 * Data plane received / send messages
763 .. clicmd:: debug bfd network
765 Toggle network events: show messages about socket failures and unexpected
766 BFD messages that may not belong to registered peers.
768 .. clicmd:: debug bfd peer
770 Toggle peer event log messages: show messages about peer creation/removal
773 .. clicmd:: debug bfd zebra
775 Toggle zebra message events: show messages about interfaces, local
776 addresses, VRF and daemon peer registrations.