Description
Solution
The BFD timer variables are only available when BFD is enabled. They can be configured at global or interface level:
- Preferred minimum transmit interval for BFD packets: bfd-desired-min-tx.
- Required minimum receive interval for BFD packets: bfd-required-min-rx. The FortiGate unit will not transmit BFD packets at a slower rate than this, or in other words at a higher value than this.
- Number of times not detected before setting BFD status down: bfd-detect-mult.
Example configured on two Fortigates running firmware version 5.4:
Enable debugging:
To sniff BFD packets:
This article describes how to configure Bi-directional Forwarding Detection (BFD).
Solution
The BFD timer variables are only available when BFD is enabled. They can be configured at global or interface level:
- Preferred minimum transmit interval for BFD packets: bfd-desired-min-tx.
- Required minimum receive interval for BFD packets: bfd-required-min-rx. The FortiGate unit will not transmit BFD packets at a slower rate than this, or in other words at a higher value than this.
- Number of times not detected before setting BFD status down: bfd-detect-mult.
Example configured on two Fortigates running firmware version 5.4:
Fortigate_A.
# config sys settings
set bfd-desired-min-tx 1000
set bfd-required-min-rx 50000
set bfd-detect-mult 2
Fortigate_B.
# config sys settingsBoth bfd-desired-min-tx values satisfies bfd-required-min-rx of 50000ms.
set bfd-desired-min-tx 10000
set bfd-required-min-rx 50000
set bfd-detect-mult 2
Enable debugging:
# diagnose ip router bfd all enAs of FortiOS 6.0, debugging is enabled by running the commands:
# diagnose ip router bfd level info
# diagnose debug enable
# diagnose debug app bfdd -1Example of debug output:
# diagnose debug enable
2018-01-30 11:14:19 id=20301 logdesc="Routing log" msg="NSM: Session[10.151.1.44:10.151.1.75,port2,28]: Sending BFD packet"Sample of FGT router log:
2018-01-30 11:14:38 id=20301 logdesc="Routing log" msg="NSM: Session[10.151.1.44:10.151.1.75,port2,28]: Inactivity timer expired"
2018-01-30 11:14:38 id=20301 logdesc="Routing log" msg="NSM: Session[10.151.1.44:10.151.1.75,port2,28]: state UP -> DOWN local_diag=0x01"
2018-01-30 11:14:38 id=20301 logdesc="Routing log" msg="NSM: BFD session[10.151.1.44:10.151.1.75,port2,28]: state UP -> DOWN local_diag=0x01"
2018-01-30 11:14:38 id=20301 logdesc="Routing log" msg="NSM: Session[10.151.1.44:10.151.1.75,port2,28]: bfd_session_send_packet_now"
2018-01-30 11:14:38 id=20301 logdesc="Routing log" msg="NSM: BFD: Sending notification to protocol-id 4 client-type 8"
2018-01-30 11:14:38 id=20301 logdesc="Routing log" msg="NSM: BFD register message"
2018-01-30 11:14:38 id=20301 logdesc="Routing log" msg="NSM: Source Address: 10.151.1.44"
2018-01-30 11:14:38 id=20301 logdesc="Routing log" msg="NSM: Destination Address: 10.151.1.75"
2018-01-30 11:14:38 id=20301 logdesc="Routing log" msg="NSM: Interface index: 4"
2018-01-30 11:14:38 id=20301 logdesc="Routing log" msg="NSM: Flags: Delete"
2018-01-30 11:14:38 id=20301 logdesc="Routing log" msg="NSM: Client: OSPF"
To sniff BFD packets:
# diagnose sniffer packet any "udp port 3784" 6 0 aSample BFD packets seen with packet decoder:
