BFD (Bidirectional Forwarding Detection) is a super fast protocol that is able to detect link failures within milliseconds or even microseconds.. All (routing) protocols have some sort of mechanism to detect link failures. OSPF uses hello packets and a dead interval, EIGRP uses hello packets and a holddown timer etc.
Networks that use real-time traffic like VoIP require fast convergence times. Routing protocols like OSPF or EIGRP are able to quickly select another path once they lose a neighbor but it takes a while for them to realize that something is wrong.
We can tune timers for fast convergence, for example OSPF can be configured to use a dead interval of only one second. The problem however is that all of these protocols were never really designed for sub-second failover. Hello packets and such are processed by the control plane so there is quite some overhead. BFD was designed to be fast, its packets can be processed by some interface modules or line cards so there isn’t much overhead.
BFD runs independent from any other (routing) protocols. Once it’s up and running, you can configure protocols like OSPF, EIGRP, BGP, HSRP, MPLS LDP etc. to use BFD for link failure detection instead of their own mechanisms. When the link fails, BFD will inform the protocol. Here’s how you can visualize this:
R1 and R2 are configured to use BFD and will send control packets to each other. OSPF remains the same, it’s sending its OSPF packets. Once the link fails, this will happen:
When BFD doesn’t receive its control packets anymore it realizes we have a link failure and it will report this to OSPF. OSPF will then tear down the neighbor adjacency.
There are two operating modes to BFD, asynchronous mode and demand mode. The asynchronous mode is similar to the hello and holddown timers, BFD will keep sending hello packets (called BFD control packets) and when you don’t receive some of them, the session is teared down.
The demand mode is different, once BFD has found a neighbor it won’t continuously send control packets but only uses a polling mechanism. Another method has to be used to check reachability, for example it could check the receive and transmit statistics of the interface. Right now Cisco (or any other vendor I know of) doesn’t support BFD demand mode.
Both modes also support something called echo mode. When a device sends BFD echo packets then the receiver will return them without processing them. When the sender doesn’t get the echo packets back, it knows something is wrong and will tear down the session.
Anyway enough talk about BFD for now, let’s take a look at this in action!
To see why BFD is great, we will look at a scenario with and without BFD. I’ll use OSPF but many other (routing) protocols can be used.
OSPF without BFD
This is the topology that we will use:
Above we have two routers that are connected to a switch and running OSPF. Here’s the configuration:
R1 & R2 (config)#router ospf 1 (config-router)#network 192.168.12.0 0.0.0.255 area 0
Nothing special, just regular OSPF. Suddenly the link fails:
Here’s what will happen:
R1# Jul 30 11:54:46.011: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to down Jul 30 11:54:46.011: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.12.2 on FastEthernet0/0 from FULL to DOWN, Neighbor Down: Interface down or detached
R1 will detect this link failure right away since it’s directly connected to SW1. It will immediately drop the neighbor adjacency. What about R2?
R2# Jul 30 11:55:14.667: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.12.1 on FastEthernet0/0 from FULL to DOWN, Neighbor Down: Dead timer expired
R2 stops receiving OSPF hello packets from R1 so once the dead interval expires, it decides that R1 is unreachable and it will drop the neighbor adjacency. This took about 28 seconds.
Even if you tune the OSPF timers, it will still take about one second. Let’s see how BFD performs…
OSPF with BFD
Let’s enable BFD on our two routers running OSPF. Here’s the topology again:
Let’s take a close look at the BFD command: