Fortinet black logo

Handbook

Home FortiADC 7.4.1 Handbook
7.4.1
7.4.3
7.4.2
7.4.1
7.4.0
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.1.4
7.1.3
7.1.2
7.1.1
7.1.0
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.2.6
6.2.5
6.2.4
6.2.3
6.2.2
6.2.1
6.2.0
6.1.6
6.1.5
6.1.4
6.1.3
6.1.2
6.1.1
6.1.0
6.0.1
6.0.0
5.4.3
5.4.2
5.4.1
5.4.0
5.3.6
5.3.5
5.3.4
5.3.3
5.3.2
5.3.1
5.3.0
5.2.7

Configuring Bidirectional Forwarding Detection (BFD)

Configuring Bidirectional Forwarding Detection (BFD)

You can use Bidirectional Forwarding Detection (BFD) to quickly detect Border Gateway Protocol (BGP) session failures by enabling quicker rerouting of traffic in the event of a link or peer failure. After you configure the BFD object, you can enable BFD in the BGP Neighbor configuration. For more information about the BGP, see Configuring BGP routes.

The BFD protocol serves as an uncomplicated Hello mechanism designed to identify network failures. Within this framework, Hello packets are transmitted at predetermined, regular intervals. The protocol detects a neighbor failure when a routing device ceases to receive a reply within a specified interval. The failure detection timers employed by BFD possess shorter time limits compared to default failure detection mechanisms for BGP, thereby delivering quicker detection capabilities and a marked decrease in reconvergence time.

After BGP neighbors are configured to perform rapid state detection through BFD, BGP will notify the BFD process. Based on the BGP neighbor's IP address, the BFD process establishes neighbors and starts the negotiation process. The bidirectional detection starts once the BFD neighbor status is UP. The interval between BFD packets is configurable within 200 milliseconds to 30 seconds. When BFD detects a path failure, a neighbor Down event is notified immediately to the BGP process, triggering a BGP neighbor status change.

Before you begin:
  • You must know how BGP has been implemented in your network, i.e., the configuration details of the implementation.
  • You must have Read-Write permission for System settings.
To configure BFD:
  1. Go to Network > Routing.
  2. Click the BFD tab.
  3. Click Create New to display the configuration editor.
  4. Configure the following Interface settings:

    Setting

    Description

    Name

    Specify a unique name for the BFD configuration object. Valid characters are A-Z, a-z, 0-9, _, and -. No space is allowed.

    Note: Once saved, the name of a BFD configuration cannot be changed

    Interface

    Specify the Interface to assign for BFD.

    The BFD Interface can refer to the Link Load Balance Ingress Interface specified in the Link Policy. Any Layer 3 interfaces that receive and send external packets can be assigned for BFD except for Loopback interfaces.

    Desired Min Transmit Interval

    Specify the desired minimum transmit interval for BFD liveness detection in milliseconds. Default: 750ms, Range: 200ms-30000ms.

    This refers to the interval that the FortiADC would like to use when transmitting BFD Control packets.

    Detect Multiplier

    Specify the detection time multiplier. Default: 3 Range: 1-20.

    The negotiated transmit interval, multiplied by this value, provides the Detection Time for the receiving system.

    Required Min Receive Interval

    Specify the required minimum receive interval for BFD liveness detection in milliseconds. Default: 500ms, Range: 200ms-30000ms.

    This refers to the minimum interval after which the local routing device must receive a reply from a neighbor with which it has established a BFD session.

  5. Click Save.
    Once you have saved the BFD object, you can enable BFD in a BGP Neighbor configuration.
Previous
Next

Configuring Bidirectional Forwarding Detection (BFD)

You can use Bidirectional Forwarding Detection (BFD) to quickly detect Border Gateway Protocol (BGP) session failures by enabling quicker rerouting of traffic in the event of a link or peer failure. After you configure the BFD object, you can enable BFD in the BGP Neighbor configuration. For more information about the BGP, see Configuring BGP routes.

The BFD protocol serves as an uncomplicated Hello mechanism designed to identify network failures. Within this framework, Hello packets are transmitted at predetermined, regular intervals. The protocol detects a neighbor failure when a routing device ceases to receive a reply within a specified interval. The failure detection timers employed by BFD possess shorter time limits compared to default failure detection mechanisms for BGP, thereby delivering quicker detection capabilities and a marked decrease in reconvergence time.

After BGP neighbors are configured to perform rapid state detection through BFD, BGP will notify the BFD process. Based on the BGP neighbor's IP address, the BFD process establishes neighbors and starts the negotiation process. The bidirectional detection starts once the BFD neighbor status is UP. The interval between BFD packets is configurable within 200 milliseconds to 30 seconds. When BFD detects a path failure, a neighbor Down event is notified immediately to the BGP process, triggering a BGP neighbor status change.

Before you begin:
  • You must know how BGP has been implemented in your network, i.e., the configuration details of the implementation.
  • You must have Read-Write permission for System settings.
To configure BFD:
  1. Go to Network > Routing.
  2. Click the BFD tab.
  3. Click Create New to display the configuration editor.
  4. Configure the following Interface settings:

    Setting

    Description

    Name

    Specify a unique name for the BFD configuration object. Valid characters are A-Z, a-z, 0-9, _, and -. No space is allowed.

    Note: Once saved, the name of a BFD configuration cannot be changed

    Interface

    Specify the Interface to assign for BFD.

    The BFD Interface can refer to the Link Load Balance Ingress Interface specified in the Link Policy. Any Layer 3 interfaces that receive and send external packets can be assigned for BFD except for Loopback interfaces.

    Desired Min Transmit Interval

    Specify the desired minimum transmit interval for BFD liveness detection in milliseconds. Default: 750ms, Range: 200ms-30000ms.

    This refers to the interval that the FortiADC would like to use when transmitting BFD Control packets.

    Detect Multiplier

    Specify the detection time multiplier. Default: 3 Range: 1-20.

    The negotiated transmit interval, multiplied by this value, provides the Detection Time for the receiving system.

    Required Min Receive Interval

    Specify the required minimum receive interval for BFD liveness detection in milliseconds. Default: 500ms, Range: 200ms-30000ms.

    This refers to the minimum interval after which the local routing device must receive a reply from a neighbor with which it has established a BFD session.

  5. Click Save.
    Once you have saved the BFD object, you can enable BFD in a BGP Neighbor configuration.
Previous
Next