BGP bfd and fast-external-failover

Forum|Forum|5 years ago
August 18, 2020
2 replies
9243 views

Hello Can someone explain to me differences between setting bfd in BGP and setting fast-external-failover

Not configuration level, but operational level?

Benoit_Rech_FTNT

Staff

Hello Abed,

* BFD is to to detect a communication failure between the FortiGate and the BGP peer. It can be a link-failure, of a software issue for example. As soon as the BFD packets stop to be received, the BGP process is informed and can take action. * fast-external-failover occurs when a physical link-failure is detected. In that case, it will shutdown the BGP peering and close the TCP connection .

Best regards, Benoit

live89Author

Explorer III

Great explination

Thanks

If I may ask, what actions for example can be taken if the BFD packets stop to be received? Do you mean like graceful restart?

Benoit_Rech_FTNT

Staff

Hi,

there is no action you can configure on the FortiGate. Basically, the BGP process will be inform that the link is down. Therefore, depending on your fortigate configuration, it can failover to the standby unit, re-route the traffic using another path, or simply try to re-establish the BGP peering.

You have implementation description in thie KB: https://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD30260

If you are in HA mode, then you can decide to use graceful-restart to let the traffic go through the FortiGate while the BGP route learning are in progress. https://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD31743 Benoit

live89Author

Explorer III

Thanks again

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded