Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ydong01
Staff
Staff

Created on ‎03-30-2020 02:45 AM Edited on ‎11-23-2021 07:50 AM By Anonymous

Article Id 193818

Technical Tip: Bi-directional forwarding detection diag code 0x03 0x23

Description
This article describes local_diag code 0x03 and 0x23 in bfd log.

BFD session state UP -> Down local_diag = 0x03.

BFD session state UP -> Down local_diag = 0x23.

Solution
When dynamic routing flap, such as OSPF or BGP state UP -> Down, check the log, BFD state is UP -> Down log before related routing protocol log, and local_diag code is 0x03 or 0x23.

Analysis.

In RFC 5880, it is defining the code from 0 -8, 9-31 was unassigned.

https://tools.ietf.org/html/rfc5880

Value BFD Diagnostic Code Name
----- ------------------------
0 No Diagnostic
1 Control Detection Time Expired
2 Echo Function Failed
3 Neighbor Signaled Session Down
4 Forwarding Plane Reset
5 Path Down
6 Concatenated Path Down
7 Administratively Down
8 Reverse Concatenated Path Down
9-31 Unassigned
For Fortinet, here is the define:
0x01: Local inactive timer expired.
0x03: Remote peer indicates it's down.
0x23: Remote peer indicates restarting.   

Solution.

So for BDF local_diag code 0x03 and 0x23, customer needs to investigate remote peers other than FGT.



Labels:
4447
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.