bfd does not work in a vrf

Alexander Zubkov green at qrator.net
Tue Jul 16 14:02:13 CEST 2019 

Hello,

I tried to run BFD in a VRF and looks like it is not working.

The similar config without VRFs works ok. Config without a VRF:

ipv4 table master4;
protocol device {}
protocol bfd {}
protocol bgp b {
    local 192.168.1.3 as 65003;
    neighbor 192.168.1.2 as 65002;
    strict bind yes;
    bfd yes;
    ipv4 {
        table master4;
        import none;
        export none;
    };
}

This runs well and I have both BGP established and BFD session up:

bird> show protocols
Name       Proto      Table      State  Since         Info
device1    Device     ---        up     11:29:24.831
bfd1       BFD        ---        up     11:29:24.831
b          BGP        ---        up     11:29:28.638  Established
bird> show bfd sessions
bfd1:
IP address                Interface  State      Since       Interval  Timeout
192.168.1.2               eth0       Up         11:29:25.574    0.100    0.500
bird>

But when it is run in a VRF with such config:

ipv4 table master4;
protocol device {}
protocol bfd { vrf "blue"; }
protocol bgp b {
    vrf "blue";
    local 192.168.0.1 as 65001;
    neighbor 192.168.0.2 as 65002;
    strict bind yes;
    bfd yes;
    ipv4 {
        table master4;
        import none;
        export none;
    };
}

Then BFD session does not go up:

bird> show protocols
Name       Proto      Table      State  Since         Info
device1    Device     ---        up     11:29:24.815
bfd1       BFD        ---        up     11:29:24.815
b          BGP        ---        up     11:29:28.879  Established
bird> show bfd sessions
bfd1:
IP address                Interface  State      Since       Interval  Timeout
192.168.0.2               eth0       Down       11:29:24.815    1.000    0.000
bird>

Adding or removing vrf "blue" to the BFD's config does not change
anything. And I am not sure it has to be there because only one BFD
instance is allowed.

The peer's session is in the "Init" state at the same time:

bird> show bfd sessions
bfd1:
IP address                Interface  State      Since       Interval  Timeout
192.168.1.3               eth1       Up         11:32:20.861    0.100    0.500
192.168.0.1               eth0       Init       11:32:20.968    1.000    5.000
bird>

In tcpdump I see that BFD control messages go in both directions, but
looks like the peer in VRD do not receive them. I suppose that it does
not binds the socket to listen it in the VRF.

Also if I set this sysctl value, the session wents up:
net.ipv4.udp_l3mdev_accept = 1

More information about the Bird-users mailing list