Bird BFD is not compliant to RFC5881

Christian Bruns bird-c at sernet.de
Thu Feb 17 13:09:33 CET 2022


Hi all,

we experienced issues with non-functional BFD Sessions. Debugging 
yielded that bird does not use RFC compliant BFD Port ranges.
RFC 5881 states: "" The source port MUST be in the range 49152 through 
65535. ""; however, the port range is not restricted within bird and 
thus using arbitrary high ports.
Some tier 1 transit providers like "Deutsche Telekom" apply strict 
filter for BFD and only allow RFC5881 compliant ports, hence the issue.

There is a workaround to limit the port range globally at system level 
(/proc/sys/net/ipv4/ip_local_port_range); this seems to work, but we 
have the strong feeling that restriction of port range for BFD sessions 
should happen within bird itself.

Kind regards,
Christian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://trubka.network.cz/pipermail/bird-users/attachments/20220217/0eacb7bd/attachment.htm>


More information about the Bird-users mailing list