Hello Can someone explain to me differences between setting bfd in BGP and setting fast-external-failover
Not configuration level, but operational level?
Thanks
Hello Abed,
* BFD is to to detect a communication failure between the FortiGate and the BGP peer. It can be a link-failure, of a software issue for example. As soon as the BFD packets stop to be received, the BGP process is informed and can take action. * fast-external-failover occurs when a physical link-failure is detected. In that case, it will shutdown the BGP peering and close the TCP connection .
Best regards, Benoit
Great explination
Thanks
If I may ask, what actions for example can be taken if the BFD packets stop to be received? Do you mean like graceful restart?
Thanks
Hi,
there is no action you can configure on the FortiGate. Basically, the BGP process will be inform that the link is down. Therefore, depending on your fortigate configuration, it can failover to the standby unit, re-route the traffic using another path, or simply try to re-establish the BGP peering.
You have implementation description in thie KB: https://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD30260
If you are in HA mode, then you can decide to use graceful-restart to let the traffic go through the FortiGate while the BGP route learning are in progress. https://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD31743 Benoit
Thanks
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.