Hi, I have bfd (for ospf) and it appears to be working ok. I have min tx of 0.5 (bigger than the default 0.2), and it says it is 500ms when looking at a wireshark capture. Regards Roger Date sent: Wed, 21 Aug 2024 10:20:34 +1000 To: TFM Cloud - Dirk Bermingham <dirk@tfmcloud.au> Subject: Re: [MT-AU Public] Soooo, how does one get BFD to come up on ROS 7? :) From: Damien Gardner Jnr via Public <public@talk.mikrotik.com.au> Send reply to: MikroTik Australia Public List <public@talk.mikrotik.com.au> Copies to: Damien Gardner Jnr <rendrag@rendrag.net>, MikroTik Australia Public List <public@talk.mikrotik.com.au> [ Double-click this line for list subscription options ] Thanks, that got it sorted. It's a ROS7 bug, not honouring the configured min_tx on the BFD session, and always sending 1000ms for min_tx - which is above the maximum 999ms for Cisco Nexus, so BFD can't be established.. Would be good if their Documentation mentioned that this setting was not honoured, and was hardcoded to 1000ms... I guess I stay with ROS6! Wish I'd realised before I upgraded this router though :( Thanks for your time, Dirk! :) On Tue, 20 Aug 2024 at 17:53, TFM Cloud - Dirk Bermingham <dirk@tfmcloud.au> wrote:
One more thing, if you set up a BGP session without BFD, does the session show bfd in the capabilities for the remote end?
Whatever the issue is, it´ll be small and stupid and the session will suddenly come alive once you nail it down, BFD has been really solid for us.
On 20 Aug 2024, at 5:41PM, Damien Gardner Jnr <rendrag@rendrag.net> wrote:
Thanks Dirk,
Yep, it was all working on ROS6 before the upgrade. Allowing all in the firewall from the TOR switch interface IP. Good question though, I´ll setup a capture piped back to my workstation later tonight and see exactly what´s going over there!
(My bgp is internal to sau, announcing the smaller prefixes I use in my lab, not talking to the public routers - so it´s one physical link, no trunking - afaik we don´t support BFD unless you are directly peering on one of the `big´ routers for public BGP)
Thanks!
Damien
Damien Gardner Jnr VK2TDG. Dip EE. GradIEAust rendrag@rendrag.net - http://www.rendrag.net/ -- We rode on the winds of the rising storm, We ran to the sounds of thunder. We danced among the lightning bolts, and tore the world asunder
On Tue, 20 Aug 2024 at 5:36PM, TFM Cloud - Dirk Bermingham < dirk@tfmcloud.au> wrote:
What a way to spend a sick day :)
Dumb question, the remote end definitely supports bfd? (My SAU links don´t :( )
Are you permitting 3784 UDP and 3785 TCP/UDP in your input and output chains?
Can you see 3784/3785 traffic on your BGP interface?
BFD on my configs is pretty much as simple as yours, > interface listed in BFD > bfd = yes in BGP > firewall rules permitting...
Hope something in there helps,
DB
On 20 Aug 2024, at 4:52PM, Damien Gardner Jnr via Public < public@talk.mikrotik.com.au> wrote:
So, I was off work sick today, have been holding off on upgrading all
'production' gear to ROS 7 until BFD support was a thing. Supposedly it's now supported, so I upgraded one of my routers (RB1100AHx4). And yeah, BFD does not appear to work :(
Asked a few colleagues, and it's working for them. We compared configs, and identical configs basically, just different hardware on the other side.
Is there a trick to it? Is it only supported on specific Mikrotik hardware? Or only TO/FROM specific remote hardware? I tried enabling logging (/system logging add prefix=debug topics=bfd), which didn't really add anything.. Remote end is Cisco Nexus
Config is basically:
/routing bfd configuration add disabled=no interfaces=vlan300_WyongBGP /routing bgp connection add as=65001 connect=yes disabled=no hold-time=6s input.filter=BGP_SAU_TOR_IN_V4 keepalive-time=2s listen=yes local.address=103.235.x.x .role=ebgp name=SAU-TOR-WYONG-V4 output.filter-chain=BGP_SAU_TOR_OUT_V4 \ .network=bgp-networks .no-client-to-client-reflection=yes .redistribute=connected,static,vpn,dhcp remote.address=103.235.x.x/32 .as=64101 .port=179 router-id=103.235.x.x routing-table=main templates=SAU \ use-bfd=yes
If I watch the BFD sessions, I'll see it show as 'dead',. and then disappear, then show as dead, then disappear..
Any thoughts? I've set this one to a 6 second hold timer, and halted
other upgrades for now. I've also reset the config and configured from scratch incase it was a v6>v7 upgrade issue, but still the same
my the problem..
Thankyou! --
Damien Gardner Jnr VK2TDG. Dip EE. GradIEAust rendrag@rendrag.net - http://www.rendrag.net/ -- We rode on the winds of the rising storm, We ran to the sounds of thunder. We danced among the lightning bolts, and tore the world asunder _______________________________________________ Public mailing list Public@talk.mikrotik.com.au
http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.c om.au
-- Damien Gardner Jnr VK2TDG. Dip EE. GradIEAust rendrag@rendrag.net - http://www.rendrag.net/ -- We rode on the winds of the rising storm, We ran to the sounds of thunder. We danced among the lightning bolts, and tore the world asunder _______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com. au---------------------------- Roger Plant