Bidirectional Forwarding Detection (BFD)

BFD (Bidirectional Forwarding Detection) is a super fast protocol that is able to detect link failures within milliseconds or even microseconds.. All (routing) protocols have some sort of mechanism to detect link failures. OSPF uses hello packets and a dead interval, EIGRP uses hello packets and a holddown timer etc.

Networks that use real-time traffic like VoIP require fast convergence times. Routing protocols like OSPF or EIGRP are able to quickly select another path once they lose a neighbor but it takes a while for them to realize that something is wrong.

We can tune timers for fast convergence, for example OSPF can be configured to use a dead interval of only one second. The problem however is that all of these protocols were never really designed for sub-second failover. Hello packets and such are processed by the control plane so there is quite some overhead. BFD was designed to be fast, its packets can be processed by some interface modules or line cards so there isn’t much overhead.

BFD runs independent from any other (routing) protocols. Once it’s up and running, you can configure protocols like OSPF, EIGRP, BGP, HSRP, MPLS LDP etc. to use BFD for link failure detection instead of their own mechanisms. When the link fails, BFD will inform the protocol. Here’s how you can visualize this:

OSPF BFD R1 R2

R1 and R2 are configured to use BFD and will send control packets to each other. OSPF remains the same, it’s sending its OSPF packets. Once the link fails, this will happen:

BFD Informs OSPF Link Failure

 

When BFD doesn’t receive its control packets anymore it realizes we have a link failure and it will report this to OSPF. OSPF will then tear down the neighbor adjacency.

There are two operating modes to BFD, asynchronous mode and demand mode. The asynchronous mode is similar to the hello and holddown timers, BFD will keep sending hello packets (called BFD control packets) and when you don’t receive some of them, the session is teared down.

The demand mode is different, once BFD has found a neighbor it won’t continuously send control packets but only uses a polling mechanism. Another method has to be used to check reachability, for example it could check the receive and transmit statistics of the interface. Right now Cisco (or any other vendor I know of) doesn’t support BFD demand mode.

Both modes also support something called echo mode. When a device sends BFD echo packets then the receiver will return them without processing them. When the sender doesn’t get the echo packets back, it knows something is wrong and will tear down the session.

Anyway enough talk about BFD for now, let’s take a look at this in action!

Configuration

To see why BFD is great, we will look at a scenario with and without BFD. I’ll use OSPF but many other (routing) protocols can be used.

OSPF without BFD

This is the topology that we will use:

BFD R1 SW1 R2

Above we have two routers that are connected to a switch and running OSPF. Here’s the configuration:

R1 & R2
(config)#router ospf 1
(config-router)#network 192.168.12.0 0.0.0.255 area 0

Nothing special, just regular OSPF. Suddenly the link fails:

BFD Link Failure R1 SW1

Here’s what will happen:

R1#
Jul 30 11:54:46.011: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down
Jul 30 11:54:46.011: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.12.2 on FastEthernet0/0 from FULL to DOWN, Neighbor Down: Interface down or detached

R1 will detect this link failure right away since it’s directly connected to SW1. It will immediately drop the neighbor adjacency. What about R2?

R2#
Jul 30 11:55:14.667: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.12.1 on FastEthernet0/0 from FULL to DOWN, Neighbor Down: Dead timer expired

R2 stops receiving OSPF hello packets from R1 so once the dead interval expires, it decides that R1 is unreachable and it will drop the neighbor adjacency. This took about 28 seconds.

Even if you tune the OSPF timers, it will still take about one second. Let’s see how BFD performs…

OSPF with BFD

Let’s enable BFD on our two routers running OSPF. Here’s the topology again:

R1 SW1 R2

Let’s take a close look at the BFD command:

We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is why:

  • Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.
  • Try for Just $1. The Best Dollar You've Ever Spent on Your Cisco Career!
  • Full Access to our 660 Lessons. More Lessons Added Every Week!
  • Content created by Rene Molenaar (CCIE #41726)

503 Sign Ups in the last 30 days

satisfaction-guaranteed
100% Satisfaction Guaranteed!
You may cancel your monthly membership at any time.
No Questions Asked!

Forum Replies

  1. Hi Jason,

    These have to be match yes, otherwise no neighbor adjacency is established.

    Rene

  2. Dear Rene,
    Could enabling BFD be better option than reducing dead-hello timers regarding the consuming router resource?
    Which method do you recommend ?

  3. Hi Mohammad,

    A good question. I am referring to you to RFC which is a type of publication from the Internet Engineering Task Force (IETF) and the Internet Society (ISOC), the principal technical development and standards-setting bodies for the Internet.
    On April 1998, they have created the publication RFC 2328 for OSPF version 2, and on point 9.5 they spoke about “Sending Hello Packets” as following:

    “Hello packets are sent out each functioning router interface. They are used to discover and maintain neighbor relationships.[6] On broadcast and NBMA networks, He

    ... Continue reading in our forum

  4. sir
    1> you have this command ip ospf dead-interval minimal hello-multiplier 3 why you have used 3 what is the meaning of minimal hello-multiplier 3 , I understand that when we select minimal the =n our dead interval time will be 1 but why you used hello-multiplier 3 please explain it but if i am using 4 instead of 3 my neighbor adjancecy is working on R1 i have used hello-multiplier 3 and R2 i have used hello-multiplier 4 and they have neighbor adjancency please explain it

  5. Hello Bhai,

    The “3” in that command means how many hello packets will be sent in 1 second period. Also when you use that command, that is ip ospf dead-interval minimal hello-multiplier x; The x number or the number of hello packets sent per second doesn’t need to match between the two neighbors.

    The main important thing about this feature is for critical environment to be able to detect the loss of neighborship in 1 second.

    Regards,

7 more replies! Ask a question or join the discussion by visiting our Community Forum