Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
live89
Contributor

BGP bfd and fast-external-failover

Hello Can someone explain to me differences between setting bfd in BGP and setting fast-external-failover

Not configuration level, but operational level?

 

 

Thanks

Thanks
4 REPLIES 4
Benoit_Rech_FTNT

Hello Abed,

* BFD is to to detect a communication failure between the FortiGate and the BGP peer. It can be a link-failure, of a software issue for example. As soon as the BFD packets stop to be received, the BGP process is informed and can take action.  * fast-external-failover occurs when a physical link-failure is detected. In that case, it will shutdown the BGP peering and close the TCP connection .

 

Best regards, Benoit

live89

Great explination

Thanks

If I may ask, what actions for example can be taken if the BFD packets stop to be received? Do you mean like graceful restart?

Thanks

Thanks
Benoit_Rech_FTNT

Hi,

there is no action you can configure on the FortiGate. Basically, the BGP process will be inform that the link is down. Therefore, depending on your fortigate configuration, it can failover to the standby unit, re-route the traffic using another path, or simply try to re-establish the BGP peering.

You have implementation description in thie KB: https://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD30260

If you are in HA mode, then you can decide to use graceful-restart to let the traffic go through the FortiGate while the BGP route learning are in progress. https://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD31743 Benoit

live89

Thanks again

Thanks

Thanks