Contents

Configuring BFD ····························································································· 1

About BFD ························································································································································· 1
Single-hop detection and multihop detection ····························································································· 1
BFD session modes ··································································································································· 1
Supported features····································································································································· 2
Protocols and standards ···························································································································· 2
Restrictions and guidelines: BFD configuration ································································································· 3
Configuring BFD sessions in echo packet mode ······························································································· 3
Configuring BFD sessions in control packet mode ···························································································· 4
About BFD session creation methods ········································································································ 4
Restrictions and guidelines ························································································································ 4
Configuring a static BFD session ··············································································································· 4
Configuring BFD session parameters for single-hop detection ·································································· 6
Configuring BFD session parameters for multihop detection ····································································· 6
Enabling the echo function ································································································································· 7
Associating the interface state with BFD ··········································································································· 8
Configuring a BFD template ······························································································································· 8
Enabling SNMP notifications for BFD ················································································································ 9
Display and maintenance commands for BFD ··································································································· 9

i
Configuring BFD
About BFD
Bidirectional forwarding detection (BFD) provides a general-purpose, standard, medium- and
protocol-independent fast failure detection mechanism. It can detect and monitor the connectivity of
forwarding paths to detect communication failures quickly so that measures can be taken to ensure
service continuity and enhance network availability.
BFD can uniformly and quickly detect the failures of the bidirectional forwarding paths between two
devices for upper-layer protocols such as routing protocols. The hello mechanism used by
upper-layer protocols needs seconds to detect a link failure, while BFD can provide detection
measured in milliseconds.

Single-hop detection and multihop detection

BFD can be used for single-hop and multihop detections.
• Single-hop detection—Detects the IP connectivity between two directly connected systems.
• Multihop detection—Detects any of the paths between two systems. These paths have
multiple hops, and might overlap.

BFD session modes

BFD sessions use echo packets and control packets.
Echo packet mode
Echo packets are encapsulated into UDP packets with port number 3785.
The local end of the link sends echo packets to establish BFD sessions and monitor link status. The
peer end does not establish BFD sessions and only forwards the packets back to the originating end.
If the local end does not receive echo packets from the peer end within the detection time, it
considers the session to be down.
In echo packet mode, BFD supports multihop detection only for MPLS TE tunnel scenarios. Both
BFD sessions for single-hop detection and BFD sessions for multihop detection are independent of
the operating mode.
Control packet mode
Control packets are encapsulated into UDP packets with port number 3784 for single-hop detection
or port number 4784 for multihop detection.
The two ends of the link negotiate the establishment of BFD sessions by using the session
parameters carried in control packets. Session parameters include session discriminators, desired
minimum packet sending and receiving intervals, and local BFD session state.
Before a BFD session is established, BFD has two operating modes—active and passive.
• Active mode—BFD actively sends BFD control packets regardless of whether any BFD control
packet is received from the peer.
• Passive mode—BFD does not send control packets until a BFD control packet is received from
the peer.
At least one end must operate in active mode for a BFD session to be established.

1
 After a BFD session is established, the two ends can operate in the following BFD operating modes:
• Asynchronous mode—The device periodically sends BFD control packets. The device
considers that the session is down if it does not receive any BFD control packets within a
specific interval.
• Demand mode—The device periodically sends BFD control packets with the D bit set. If the
peer end is operating in Asynchronous mode (default), the peer end stops sending BFD control
packets after receiving control packets with the D bit set. In this case, BFD detects only the
connectivity from the local end to the peer end. If the peer end does not receive control packets
within the detection time, the session is declared down. If the peer end is operating in Demand
mode, both ends stop sending BFD control packets. The system uses other mechanisms such
as Hello mechanism and hardware detection to detect links. The Demand mode can be used to
reduce the overhead when a large number of BFD sessions exist.

Supported features
Features Reference

Static routing
IS-IS
OSPF
Layer 3—IP Routing Configuration Guide
RIP
BGP
IP fast reroute (FRR)
IPv6 static routing
Layer 3—IP Routing Configuration Guide
OSPFv3
PIM IP Multicast Configuration Guide
RSVP
MPLS
MPLS Configuration Guide
MPLS L3VPN
MPLS OAM
Track "Configuring Track"
Ethernet link aggregation Layer 2—LAN Switching Configuration Guide

Protocols and standards

• RFC 5880, Bidirectional Forwarding Detection (BFD)
• RFC 5881, Bidirectional Forwarding Detection (BFD) for IPv4 and IPv6 (Single Hop)
• RFC 5882, Generic Application of Bidirectional Forwarding Detection (BFD)
• RFC 5883, Bidirectional Forwarding Detection (BFD) for Multihop Paths
• RFC 5884, Bidirectional Forwarding Detection (BFD) for MPLS Label Switched Paths (LSPs)
• RFC 5885, Bidirectional Forwarding Detection (BFD) for the Pseudowire Virtual Circuit
Connectivity Verification (VCCV)
• RFC 7130, Bidirectional Forwarding Detection (BFD) on Link Aggregation Group (LAG)
Interfaces

2
Restrictions and guidelines: BFD configuration
• By default, the device runs BFD version 1 and is compatible with BFD version 0. You cannot
change the BFD version to 0 through commands. When the peer device runs BFD version 0,
the local device automatically switches to BFD version 0.
• After a BFD session is established, the two ends negotiate BFD parameters, including minimum
sending interval, minimum receiving interval, initialization mode, and packet authentication, by
exchanging negotiation packets. They use the negotiated parameters without affecting the
session status.
• BFD session flapping might occur on an aggregate interface with member ports on different
cards. When the card that receives and sends BFD packets is removed or restarted, the backup
card might not immediately take over. For example, the backup card will not take over when the
card has a short detection time or a large number of BFD sessions. (In IRF mode.)

Configuring BFD sessions in echo packet mode

Restrictions and guidelines
To avoid echo packet loss, do not configure the echo packet mode on a device with uRPF enabled.
For more information about uRPF, see Security Configuration Guide.
Procedure
1. Enter system view.
system-view
2. Configure the source IP address of echo packets.
 Configure the source IP address of echo packets.
bfd echo-source-ip ip-address
By default, no source IPv4 address is configured for echo packets.
As a best practice, do not configure the source IPv4 address to be on the same network
segment as any local interface's IPv4 address. If you configure such a source IPv4 address,
a large number of ICMP redirect packets might be sent from the peer, resulting in link
congestion.
 Configure the source IPv6 address of echo packets.
bfd echo-source-ipv6 ipv6-address
By default, no source IPv6 address is configured for echo packets.
The source IPv6 address of echo packets can only be a global unicast address.
3. (Optional.) Set the echo packet mode parameters.
a. Enter interface view.
interface interface-type interface-number
b. Set the minimum interval for receiving BFD echo packets.
bfd min-echo-receive-interval interval
The default setting is 400 milliseconds.
c. Set the detection time multiplier.
bfd detect-multiplier value
The default setting is 5.

3
Configuring BFD sessions in control packet mode
About BFD session creation methods
BFD sessions in control packet mode can be created statically or established dynamically.
BFD sessions are distinguished by the local discriminator and remote discriminator in control
packets. The main difference between a statically created session and a dynamically established
session is that they obtain the local discriminator and remote discriminator in different ways.
• The local discriminator and remote discriminator of a static BFD session are specified manually
in the bfd static command or in features associated with BFD.
• The local discriminator of a dynamic BFD session is assigned by the device, and the remote
discriminator is obtained during BFD session negotiation. A created session without manually
specified local and remote discriminators is a dynamic BFD session.

Restrictions and guidelines

BFD version 0 does not support the following commands:
• bfd session init-mode.
• bfd authentication-mode.
• bfd demand enable.
• bfd echo enable.

Configuring a static BFD session

About configuring a static BFD session
A static BFD session can be used for single-hop detection and multihop detection.
Restrictions and guidelines for static BFD session configuration
If a static BFD session is created on the remote end, the static BFD session must be created on the
local end.
When creating a static BFD session, you must specify a peer IPv4 or IPv6 address. The system
checks only the format of the IP address but not its correctness. If the peer IPv4 or IPv6 address is
incorrect, the static BFD session cannot be established.
Different static BFD sessions cannot have the same local discriminator.
Creating a static BFD session for single-hop detection of network layer connectivity
1. Enter system view.
system-view
2. Create a static BFD session and enter static BFD session view.
IPv4:
bfd static session-name peer-ip ipv4-address interface interface-type
interface-number source-ip ipv4-address discriminator
local local-value remote remote-value
For a static BFD session to be established, specify the IPv4 address of the peer interface where
the static BFD session resides for the peer-ip ipv4-address option. Specify the IPv4
address of the local interface where the static BFD session resides for
the source-ip ipv4-address option.

4
 IPv6:
bfd
static session-name peer-ipv6 ipv6-address interface interface-type
interface-number source-ipv6 ipv6-address discriminator
local local-value remote remote-value
For a static BFD session to be established, specify the IPv6 address of the peer interface where
the static BFD session resides for the peer-ipv6 ipv6-address option. Specify the IPv6
address of the local interface where the static BFD session resides for
the source-ipv6 ipv6-address option.
Creating a static BFD session for single-hop detection of data link layer connectivity
1. Enter system view.
system-view
2. Create a static BFD session and enter static BFD session view.
bfd static session-name peer-ip default-ip
interface interface-type interface-number source-ip ip-address discr
iminator local discr-value remote discr-value
For a static BFD session to be established, specify the IPv6 address of the local interface where
the static BFD session resides for the source-ip ip-address option.
3. (Optional.) Associate the interface state with the static BFD session.
process-interface-status
By default, the state of a static BFD session does not affect the state of the data link layer of the
interface.
4. (Optional.) Configure the timer that delays reporting the first static BFD session establishment
failure to the data link layer.
first-fail-timer seconds
By default, the first static BFD session establishment failure is not reported to the data link layer.
This command takes effect only after you configure the process-interface-status
command.
5. (Optional.) Enable special processing for the static BFD session.
special-processing [ admin-down | authentication-change |
session-up ] *
By default, all types of special processing are disabled for a static BFD session.
Creating a static BFD session for multihop detection
1. Enter system view.
system-view
2. Create a static BFD session and enter static BFD session view.
IPv4:
bfd
static session-name peer-ip ipv4-address [ vpn-instance vpn-instanc
e-name ] source-ip ipv4-address discriminator local local-value
remote remote-value
For a static BFD session to be established, specify the IPv4 address of the peer interface where
the static BFD session resides for the peer-ip ipv4-address option. Specify the IPv4
address of the local interface where the static BFD session resides for
the source-ip ipv4-address option.
IPv6:

5
 bfd
static session-name peer-ipv6 ipv6-address [ vpn-instance vpn-insta
nce-name ] source-ipv6 ipv6-address discriminator local local-value
remote remote-value
For a static BFD session to be established, specify the IPv6 address of the peer interface where
the static BFD session resides for the peer-ipv6 ipv6-address option. Specify the IPv6
address of the local interface where the static BFD session resides for
the source-ipv6 ipv6-address option.

Configuring BFD session parameters for single-hop detection

1. Enter system view.
system-view
2. Specify the mode for establishing a BFD session.
bfd session init-mode { active | passive }
By default, active is specified.
3. Enter interface view.
interface interface-type interface-number
4. (Optional.) Configure the authentication mode for single-hop control packets.
bfd authentication-mode { m-md5 | m-sha1 | md5 | sha1 |
simple } key-id { cipher cipher-string | plain plain-string }
By default, single-hop BFD packets are not authenticated.
5. Enable the Demand BFD session mode.
bfd demand enable
By default, the BFD session is in Asynchronous mode.
6. Set the minimum interval for transmitting single-hop BFD control packets.
bfd min-transmit-interval interval
The default setting is 400 milliseconds.
7. Set the minimum interval for receiving single-hop BFD control packets.
bfd min-receive-interval interval
The default setting is 400 milliseconds.
8. Set the single-hop detection time multiplier.
bfd detect-multiplier value
The default setting is 5.

Configuring BFD session parameters for multihop detection

1. Enter system view.
system-view
2. Specify the mode for establishing a BFD session.
bfd session init-mode { active | passive }
By default, active is specified.
3. Configure the authentication mode for multihop BFD control packets.
bfd multi-hop authentication-mode {
m-md5 | m-sha1 | md5 | sha1 | simple } key-id { cipher cipher-string | p
lain plain-string }

6
 By default, no authentication is performed.
4. Configure the destination port number for multihop BFD control packets.
bfd multi-hop destination-port port-number
The default setting is 4784.
5. Set the multihop detection time multiplier.
bfd multi-hop detect-multiplier value
The default setting is 5.
6. Set the minimum interval for receiving multihop BFD control packets.
bfd multi-hop min-receive-interval interval
The default setting is 400 milliseconds.
7. Set the minimum interval for transmitting multihop BFD control packets.
bfd multi-hop min-transmit-interval interval
The default setting is 400 milliseconds.
8. (Optional.) Set the delay timer for BFD to notify upper-layer protocols of session establishment
failures.
bfd init-fail-timer seconds
By default, BFD does not notify upper-layer protocols of session establishment failures.

Enabling the echo function

About the echo function
This function enables the local system to periodically send echo packets to the remote system. The
remote system loops back the echo packets to the local system without processing them. If the local
system does not receive the looped-back echo packets, it declares the BFD session down.
This function is supported only for single-hop detection.
Restrictions and guidelines
This function does not take effect on BFD sessions associated with interface states.
Procedure
1. Enter system view.
system-view
2. Enter interface view or static BFD session view.
 Enter interface view.
interface interface-type interface-number
 Enter static BFD session view.
bfd static session-name
The static BFD session must be an existing session used to detect data link layer
connectivity.
3. Enable the echo function.
bfd echo [ receive | send ] enable
By default, the echo function is disabled.

7
Associating the interface state with BFD
About associating the interface state with BFD
By creating a BFD session for single-hop detection through exchange of BFD control packets, this
feature implements fast link detection. When BFD detects a link fault, it sets the link layer protocol
state to DOWN(BFD). This behavior helps applications relying on the link layer protocol state
achieve fast convergence. The source IP address of control packets is specified manually, and the
destination IP address is fixed at 224.0.0.184. As a best practice, specify the IP address of the
interface as the source IP address. If the interface does not have an IP address, specify a unicast IP
address other than 0.0.0.0 as the source IP address.
You can associate the state of the following interfaces with BFD:
• Layer 3 Ethernet interfaces and subinterfaces. For BFD detection to take effect, do not
configure this feature on both a Layer 3 Ethernet interface and its subinterface.
• Layer 3 aggregate interfaces, Layer 3 aggregate subinterfaces, and member ports (Layer 3
Ethernet interfaces only) in a Layer 3 aggregation group. For BFD detection to take effect, do
not configure this feature on any two of the interface types at the same time.
• VLAN interfaces.
Restrictions and guidelines
This function does not take effect on BFD sessions associated with interface states.
Procedure
1. Enter system view.
system-view
2. Enter interface view.
interface interface-type interface-number
3. Associate the interface state with BFD.
bfd detect-interface source-ip ip-address [ template template-name ]
By default, the interface state is not associated with BFD. BFD does not set the link layer
protocol of the interface to DOWN(BFD) state when detecting a failure.
4. (Optional.) Configure the timer that delays reporting the first BFD session establishment failure
to the data link layer.
bfd detect-interface first-fail-timer seconds
By default, the first BFD session establishment failure is not reported to the data link layer.
5. (Optional.) Enable special processing for BFD sessions.
bfd detect-interface special-processing [ admin-down |
authentication-change | session-up ] *
By default, all types of special processing are disabled for BFD sessions.

Configuring a BFD template

About configuring a BFD template
Perform this task to specify BFD parameters in a template for sessions without next hops. You can
configure BFD parameters for LSPs and PWs through a BFD template.
Procedure
1. Enter system view.
system-view

8
 2. Create a BFD template and enter BFD template view.
bfd template template-name
3. (Optional.) Configure the authentication mode for BFD control packets.
bfd authentication-mode { hmac-md5 | hmac-mmd5 | hmac-msha1 |
hmac-sha1 |
m-md5 | m-sha1 | md5 | sha1 | simple } key-id { cipher cipher-string | pl
ain plain-string }
By default, no authentication is performed.
4. Set the detection time multiplier.
bfd detect-multiplier value
The default setting is 5.
5. Set the minimum interval for receiving BFD control packets.
bfd min-receive-interval interval
The default setting is 400 milliseconds.
6. Set the minimum interval for transmitting BFD control packets.
bfd min-transmit-interval interval
The default setting is 400 milliseconds.

Enabling SNMP notifications for BFD

About SNMP notifications for BFD
To report critical BFD events to an NMS, enable SNMP notifications for BFD. For BFD event
notifications to be sent correctly, you must also configure SNMP as described in Network
Management and Monitoring Configuration Guide.
Procedure
1. Enter system view.
system-view
2. Enable SNMP notifications for BFD.
snmp-agent trap enable bfd
By default, SNMP notifications are enabled for BFD.

Display and maintenance commands for BFD

Execute the display command in any view and the reset command in user view.

Task Command

display bfd session [ discriminator

local local-value | static session-name | verbose ]
display bfd session [ [ dynamic ] [ control | echo ] [ ip ] [
Display state { down | admin-down | init | up } ] [ discriminator
BFD remote remote-value ] [ peer-ip ipv4-address [
session
information
vpn-instance vpn-instance-name ] ] [ verbose ] ]
. display bfd session [ [ dynamic ] [ control | echo ] [ ipv6 ] [
state { down | admin-down | init | up } ] [ discriminator
remote remote-value ] [ peer-ipv6 ipv6-address [
vpn-instance vpn-instance-name ] ] [ verbose ] ]

9
Task Command
display bfd session [ [ dynamic ] [ control | echo ] [ lsp | te |
pw ] [ state { down | admin-down | init | up } ] [ discriminator
remote remote-value ] [ [ peer-ip ipv4-address [
vpn-instance vpn-instance-name ] ] | [ peer-ipv6 ipv6-address [
vpn-instance vpn-instance-name ] ] ] [ verbose ] ]
display bfd session [ [ static ] [ ip ] [ state { down |
admin-down | init | up } ] [
discriminator remote remote-value ] [ peer-ip ipv4-address [
vpn-instance vpn-instance-name ] ] [ verbose ]
display bfd session [ [ static ] [ ipv6 ] [ state { down |
admin-down | init | up } ] [
discriminator remote remote-value ] [ peer-ipv6 ipv6-address [
vpn-instance vpn-instance-name ] ] [ verbose ]
Clear BFD
session reset bfd session statistics
statistics.

10