|
Graceful Restart lets FortiGate inform its adjacent neighbor that it will be undergoing a restart, and routes learned from it (FortiGate) should be preserved for this period of rebooting.
Graceful restart resides in the control plane and it is woven into each control plane protocol it serves.
For example, BGP graceful restart (RFC 4724) is different from OSPF graceful restart (RFC 3623).
While BFD on the other hand resides in the data plane and detects data plane failures.
This operational difference makes implementing BFD alongside graceful restart an option that should be carefully considered.
BGP graceful restart or OSPF graceful restart doesn’t work with BFD and it is not recommended.
For instance, if it is configured between FortiGate (on-premises router) and GCP (Google cloud platform), according to Google, GCP will turn off BFD and send AdminDown [BFD Event: bfd disabled, state [Up, NoDiagnostic] to [AdminDown, AdminDown] to on-premises router, but FortiGate will not respond to the AdminDown, and will interpret it as BFD is DOWN on neighbor ('Neighbor Signaled Session Down', not 'Administratively Down').
For more information on BFD/graceful restart on GCP:
https://cloud.google.com/network-connectivity/docs/router/concepts/bfd#graceful-restart-and-bfd
To implement BFD/Graceful restart at all costs, consider below tweak/workaround:
The workaround:
Under 'config router bfd', fine tune the following parameters:
bfd-desired-min-tx : 500 <----- Increase until it works.
bfd-required-min-rx : 600<----- Increase until it works.
bfd-detect-mult : 4 <----- Increase until it works.
|
