Sunday, June 23, 2013

CCIE DC: Bidirectional Forwarding Detection (BFD) on NX-OS

Hi Guys

Really quickly, BFD has been around for a while on many platforms, basically to cut a long and boring story short, the standard failover detection times of some routing protocols (up to 120 SECOND'S in some cases!) just doesn't cut the mustard anymore in this day and age of high availability and high uptime. seconds matter

So, a bunch of smart people got together and came up with a protocol called BFD to allow most routing protocols and other timer-based protocols to have a way to detect failure more quickly.

In this blog post we will go through the options available for it.

So, first of all you need to enable the feature:

N7K-1-2(config)# feature bfd

Simple enough, next we need to configure the neighbors to discover each other with BFD globally, the routing protocols, OSPF etc will then use this BFD session as part of there neighbor negotiation, they will speak to the BFD process and essentially say "Hey, do you have a session with this guy? Can I get you to tell me if he goes down? Thanks mate you rock"

(Cause you know.. routing protocols totally talk to each other)

Anyway, let's look at our config options here

N7K-1-1(config)# bfd interval 50 min_rx 50 multiplier 3

So here we are specifying how fast we want to send BFD hello's (the first 50 after the interval keyword, and the minimum receive time for keepalives we are willing to accept (i.e. if someone tries to negotiate a slower keepalive time, we will not peer with them on BFD), the multiplier specifies how many keepalives's we are willing to lose before we consider the neighbor down

Now, if you configure this on each of your interfaces and expect to see the show bfd neighbor show something... I am afraid it will not


SW1-3# show bfd neighbors
SW1-3#



This is because we have not actually configured a protocol to use it, let's start with OSPF

Create your OSPF interface and assign BFD to it:

router ospf 1
  bfd


interface Ethernet3/13
  ip router ospf 1 area 0.0.0.0


 Now if we do a show ip ospf neighbor they will be neighbors:


SW1-3# show ip ospf neighbor
 OSPF Process ID 1 VRF default
 Total number of neighbors: 1
 Neighbor ID     Pri State            Up Time  Address         Interface
 198.18.0.11       1 FULL/BDR         00:02:49 10.30.1.1       Eth3/21



 Now BFD will show correctly:

SW1-3# show bfd neighbors

OurAddr         NeighAddr       LD/RD                 RH/RS           Holdown(mu
lt)     State       Int                   Vrf                            
10.30.1.3       10.30.1.1       1124073475/1090519045 Up              4625(3)  
        Up          Eth3/21               default                        




It is trivially easy to add BFD to most routing protocols


OSPF, EIGRP and ISIS all have it done in the following way:

Either on the routing protocol:

SW1-1(config)# router eigrp  1
SW1-1(config-router)# ?
  autonomous-system      Specify AS number for Address Family
  bfd                    Enable BFD on all EIGRP interfaces



SW1-1(config-router)# router ospf 1
SW1-1(config-router)# ?
  bfd                    Enable BFD on all OSPF interfaces





SW1-1(config-router)# router isis 1
SW1-1(config-router)# ?
  address-family         Configure an address-family
  bfd                    Enable BFD



Or under the interface:

SW1-1(config-if)# ip ospf ?
  bfd                  Enable BFD on this interface



SW1-1(config-if)# ip eigrp 1 bfd


SW1-1(config-if)# isis ?

  bfd                   Interface BFD configuration



You can do it for the protocols HSRP, PIM etc, the configuration is shown here:


http://www.cisco.com/en/US/docs/switches/datacenter/sw/5_x/nx-os/interfaces/configuration/guide/if_bfd.html#wp1075512

1 comment: