Aruba R9Y16A, Networking Comware 5960 Switch Series High Availability, R9Y12A, R9Y13A, R9Y17A, R9Y18A, R9Y19A Configuration Guide

  • Hello! I've reviewed the HPE Networking Comware 5960 Switch Series High Availability Configuration Guide and am ready to assist you. This document covers key aspects of high-availability, such as using Monitor Link to manage interface states and BFD to quickly detect link failures. Feel free to ask me about these features, configuration steps, or any other aspect of the guide.
  • What is Monitor Link?
    What is BFD?
    What are BFD session modes?
    What are the requirements for creating a static BFD session?
HPE Networking Comware 5960 Switch Series
High Availability Configuration Guide
Software
version: Release 9126P01 and later
Document version: 6W100-20230428
© Copyright 2023 Hewlett Packard Enterprise Development LP
The information contained herein is subject to change without notice. The only warranties for Hewlett Packard
Enterprise products and services are set forth in the express warranty statements accompanying such
products and services. Nothing herein should be construed as constituting an additional warranty. Hewlett
Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein.
Confidential computer software. Valid license from Hewlett Packard Enterprise required for possession, use, or
copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software
Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor’s
standard commercial license.
Links to third-party websites take you outside the Hewlett Packard Enterprise website. Hewlett Packard
Enterprise has no control over and is not responsible for information outside the Hewlett Packard Enterprise
website.
Acknowledgments
Intel®, Itanium®, Pentium®, Intel Inside®, and the Intel Inside logo are trademarks of Intel Corporation in the
United States and other countries.
Microsoft® and Windows® are either registered trademarks or trademarks of Microsoft Corporation in the
United States and/or other countries.
Adobe® and Acrobat® are trademarks of Adobe Systems Incorporated.
Java and Oracle are registered trademarks of Oracle and/or its affiliates.
UNIX® is a registered trademark of The Open Group.
i
Contents
Configuring Monitor Link ················································································ 2
About Monitor Link ············································································································································· 2
Restrictions and guidelines: Monitor Link configuration ····················································································· 3
Monitor Link tasks at a glance···························································································································· 3
Enabling Monitor Link globally ··························································································································· 3
Creating a monitor link group ····························································································································· 3
Configuring monitor link group member interfaces ···························································································· 4
Restrictions and guidelines ························································································································ 4
Configuring monitor link group member interfaces in monitor link group view ··········································· 4
Configuring monitor link group member interfaces in interface view ·························································· 4
Configuring the uplink interface threshold for triggering monitor link group state switchover ···························· 5
Configuring the switchover delay for the downlink interfaces in a monitor link group ········································ 5
Verifying and maintaining Monitor Link ·············································································································· 5
Configuring BFD ···························································································· 6
About BFD·························································································································································· 6
Single-hop detection and multihop detection ····························································································· 6
BFD session modes ··································································································································· 6
Supported features ····································································································································· 7
Protocols and standards ···························································································································· 7
Restrictions and guidelines: BFD configuration ································································································· 7
Configuring BFD sessions in echo packet mode ······························································································· 8
About BFD session creation methods ········································································································ 8
Restrictions and guidelines ························································································································ 8
Creating a static BFD session ···················································································································· 8
Configuring BFD session parameters for single-hop detection ·································································· 9
Configuring BFD session parameters for multihop detection ··································································· 10
Configuring BFD sessions in control packet mode ·························································································· 10
About BFD session creation methods ······································································································ 10
Restrictions and guidelines ······················································································································ 10
Configuring a static BFD session ············································································································· 11
Configuring BFD session parameters for single-hop detection ································································ 12
Configuring BFD session parameters for multihop detection ··································································· 12
Enabling the echo function ······················································································································· 13
Associating the interface state with BFD ·································································································· 13
Configuring BFD session flapping suppression ······························································································· 14
Configuring a BFD template ····························································································································· 15
Enabling SNMP notifications for BFD ·············································································································· 15
Verifying and maintaining BFD························································································································· 16
Document conventions and icons ································································ 17
Conventions ····················································································································································· 17
Network topology icons ···································································································································· 18
Support and other resources ······································································· 19
Accessing Hewlett Packard Enterprise Support······························································································· 19
Accessing updates ··········································································································································· 19
Websites ·················································································································································· 20
Customer self repair ································································································································· 20
Remote support ········································································································································ 20
Documentation feedback ························································································································· 20
Index ············································································································ 22
2
Configuring Monitor Link
About Monitor Link
Monitor Link is an HPE-proprietary solution that associates the state of downlink interfaces with the
state of uplink interfaces in a monitor link group. When Monitor Link shuts down the downlink
interfaces because of an uplink failure, the downstream device changes connectivity to another link.
Figure 1 Monitor Link application scenario
A monitor link group contains uplink and downlink interfaces. An interface can belong to only one
monitor link group.
•
Uplink interfaces are the monitored interfaces.
•
Downlink interfaces are the monitoring interfaces.
As shown in Figure 1:
•
Port B1 and Port B2 of Device B form a monitor link group. Port B1 is an uplink interface, and
Port B2 is a downlink interface.
•
Port D1 and Port D2 of Device D form another monitor link group. Port D1 is an uplink interface,
and Port D2 is a downlink interface.
A monitor link group works independently of other monitor link groups. When a monitor link group
does not contain any uplink interface or all its uplink interfaces are down, the monitor link group goes
down. It forces all downlink interfaces down at the same time. When any uplink interface comes up,
the monitor link group comes up and brings up all the downlink interfaces.
Device A
Device DDevice B
Core network
Port A1
Port A2
Port B1
Port D1
Port B2
Port D2
Port C3
Port A3
User network
Uplink
Downlink
Monitor link group
Device C
Port C1
Port C2
3
Restrictions and guidelines: Monitor Link
configuration
Follow these restrictions and guidelines when you configure Monitor Link:
•
Do not manually shut down or bring up the downlink interfaces in a monitor link group.
•
To avoid frequent state changes of downlink interfaces in the event that uplink interfaces in the
monitor link group flap, you can configure a switchover delay. The switchover delay is the time
that the downlink interfaces wait before they come up following an uplink interface.
Monitor Link tasks at a glance
To configure Monitor Link, perform the following tasks:
•
Enabling Monitor Link globally
•
Creating a monitor link group
•
Configuring monitor link group member interfaces
•
(Optional.) Configuring the uplink interface threshold for triggering monitor link group state
switchover
•
(Optional.) Configuring the switchover delay for the downlink interfaces in a monitor link group
Enabling Monitor Link globally
About this task
All monitor link groups can operate only after you enable Monitor Link globally. When you disable
Monitor Link globally, all monitor link groups cannot operate and the downlink interfaces brought
down by the monitor link groups resume their original states.
Procedure
1. Enter system view.
system-view
2. Enable Monitor Link globally.
undo monitor-link disable
By default, Monitor Link is enabled globally.
Creating a monitor link group
1. Enter system view.
system-view
2. Create a monitor link group and enter monitor link group view.
monitor-link group group-id
4
Configuring monitor link group member interfaces
Restrictions and guidelines
•
An interface can be assigned to only one monitor link group.
•
To avoid undesired down/up state changes on the downlink interfaces, configure uplink
interfaces before you configure downlink interfaces.
•
If you have configured an interface as the downlink interface of a monitor link group, do not
configure its subinterfaces as the uplink interfaces of any monitor link group. Otherwise, the
Monitor Link operation might be interrupted.
•
The state of subinterfaces is associated with the state of the interface. Do not add the interface
and its subinterfaces to the same monitor link group. Otherwise, the monitor link group
performance might be affected.
•
If you have configured a Selected port of an aggregation group as the downlink interface of a
monitor link group, do not configure an Unselected port of the aggregation group as the uplink
interface of the monitor link group.
•
Do not add an aggregate interface and its member ports to the same monitor link group.
•
You can configure member interfaces for a monitor link group in monitor link group view or
interface view. Configurations made in these views have the same effect. The configuration is
supported by the following interfaces:
ï‚¡ Layer 2 Ethernet interfaces and Layer 2 aggregate interfaces.
ï‚¡ Layer 3 Ethernet interfaces/subinterfaces and Layer 3 aggregate interfaces/subinterfaces.
ï‚¡ Loopback interfaces.
Configuring monitor link group member interfaces in monitor
link group view
1. Enter system view.
system-view
2. Enter monitor link group view.
monitor-link group group-id
3. Configure member interfaces for the monitor link group.
port interface-type { interface-number | interface-number.subnumber }
{ downlink | uplink }
By default, no member interfaces exist in a monitor link group.
Configuring monitor link group member interfaces in interface
view
1. Enter system view.
system-view
2. Enter interface view or subinterface view.
interface interface-type { interface-number |
interface-number.subnumber }
3. Configure the interface as a member of a monitor link group.
port monitor-link group group-id { downlink | uplink }
5
By default, the interface is not a monitor link group member.
Configuring the uplink interface threshold for
triggering monitor link group state switchover
1. Enter system view.
system-view
2. Enter monitor link group view.
monitor-link group group-id
3. Configure the uplink interface threshold for triggering monitor link group state switchover.
uplink up-port-threshold number-of-port
By default, the uplink interface threshold for triggering monitor link group state switchover is 1.
Configuring the switchover delay for the downlink
interfaces in a monitor link group
1. Enter system view.
system-view
2. Enter monitor link group view.
monitor-link group group-id
3. Configure the switchover delay for the downlink interfaces in the monitor link group.
downlink up-delay delay
By default, the switchover delay is 0 seconds. The downlink interfaces come up as soon as an
uplink interface comes up.
Verifying and maintaining Monitor Link
To display Monitor Link group information, execute the following command in any view:
display monitor-link group { group-id | all }
6
Configuring BFD
About BFD
Bidirectional forwarding detection (BFD) provides a general-purpose, standard, medium- and
protocol-independent fast failure detection mechanism. It can detect and monitor the connectivity of
forwarding paths to detect communication failures quickly so that measures can be taken to ensure
service continuity and enhance network availability.
BFD can uniformly and quickly detect the failures of the bidirectional forwarding paths between two
devices for upper-layer protocols such as routing protocols. The hello mechanism used by
upper-layer protocols needs seconds to detect a link failure, while BFD can provide detection
measured in milliseconds.
Single-hop detection and multihop detection
BFD can be used for single-hop and multihop detections.
•
Single-hop detection—Detects the IP connectivity between two directly connected systems.
•
Multihop detection—Detects any of the paths between two systems. These paths have
multiple hops, and might overlap.
BFD session modes
BFD session modes include echo mode (using echo packets) and control mode (using control
packets).
Echo mode
Echo packets are encapsulated into UDP packets with port number 3785.
The local end of the link sends echo packets to establish BFD sessions and monitor link status. The
peer end does not establish BFD sessions and only forwards the packets back to the originating end.
If the local end does not receive echo packets from the peer end within the detection time, it
considers the session to be down.
An echo-mode BFD session supports only single-hop detection and is independent of the operating
mode.
Control mode
Control packets are encapsulated into UDP packets with port number 3784 for single-hop detection
or port number 4784 for multihop detection.
The two ends of the link negotiate the establishment of BFD sessions by using the session
parameters carried in control packets. Session parameters include session discriminators, desired
minimum packet sending and receiving intervals, and local BFD session state.
Before a BFD session is established, BFD has two operating modes—active and passive.
•
Active mode—BFD actively sends BFD control packets regardless of whether any BFD control
packet is received from the peer.
•
Passive mode—BFD does not send control packets until a BFD control packet is received from
the peer.
At least one end must operate in active mode for a BFD session to be established.
After a BFD session is established, the two ends can operate in the following BFD operating modes:
7
•
Asynchronous mode—The device periodically sends BFD control packets. The device
considers that the session is down if it does not receive any BFD control packets within a
specific interval.
•
Demand mode—The device periodically sends BFD control packets with the D bit set. If the
peer end is operating in Asynchronous mode (default), the peer end stops sending BFD control
packets after receiving control packets with the D bit set. In this case, BFD detects only the
connectivity from the local end to the peer end. If the peer end does not receive control packets
within the detection time, the session is declared to be down. If the peer end is operating in
Demand mode, both ends stop sending BFD control packets. The system uses other
mechanisms such as Hello mechanism and hardware detection to detect links. The Demand
mode can be used to reduce the overhead when a large number of BFD sessions exist.
Supported features
Features
Reference
Static routing
IS-IS
OSPF
BGP
IP fast reroute (FRR)
Layer 3—IP Routing Configuration Guide
IPv6 static routing
OSPFv3 Layer 3—IP Routing Configuration Guide
Ethernet link aggregation Layer 2—LAN Switching Configuration Guide
Protocols and standards
•
RFC 5880, Bidirectional Forwarding Detection (BFD)
•
RFC 5881, Bidirectional Forwarding Detection (BFD) for IPv4 and IPv6 (Single Hop)
•
RFC 5882, Generic Application of Bidirectional Forwarding Detection (BFD)
•
RFC 5883, Bidirectional Forwarding Detection (BFD) for Multihop Paths
•
RFC 7130, Bidirectional Forwarding Detection (BFD) on Link Aggregation Group (LAG)
Interfaces
Restrictions and guidelines: BFD configuration
•
By default, the device runs BFD version 1 and is compatible with BFD version 0. You cannot
change the BFD version to 0 through commands. When the peer device runs BFD version 0,
the local device automatically switches to BFD version 0.
•
After a BFD session is established, the two ends negotiate BFD parameters, including minimum
sending interval, minimum receiving interval, initialization mode, and packet authentication, by
exchanging negotiation packets. They use the negotiated parameters without affecting the
session status.
8
Configuring BFD sessions in echo packet mode
About BFD session creation methods
A BFD session can be created manually by using the bfd static command or created
dynamically when an application module collaborates with BFD.
Restrictions and guidelines
As a best practice, execute the bfd echo-source-ip or bfd echo-source-ipv6 command
only one end, and do not configure the source IPv4 or IPv6 address to be on the same network
segment as any local interface's IPv4 or IPv6 address. If you configure such a source IPv4 or IPv6
address, a large number of ICMP redirect packets might be sent from the peer, resulting in link
congestion.
Creating a static BFD session
About this task
A static BFD session in echo packet mode can be used to perform single-hop detection or multihop
detection.
Restrictions and guidelines
You need to create a static BFD session in echo packet mode on only the local device to perform
detection.
When creating a static BFD session, you must specify a peer IPv4 or IPv6 address. The system
checks only the format of the IP address but not its correctness. If the peer IPv4 or IPv6 address is
incorrect, the static BFD session cannot be established.
Different static BFD sessions cannot have the same local discriminator.
As a best practice, specify the source IP address for echo packets when creating a static BFD
session. If you do not specify the source IP address, the device uses the IP address specified in the
bfd echo-source-ip or bfd echo-source-ipv6 command as the source IP address of echo
packets. If you do not specify the source IP address by using either method, the device uses the IP
address specified in the destination-ip or destination-ipv6 command as the source IP
address of echo packets.
Creating a static BFD session for single-hop detection
1. Enter system view.
system-view
2. (Optional.) Configure the source IP address of echo packets.
ï‚¡ Configure the source IP address of echo packets.
bfd echo-source-ip ip-address
By default, no source IPv4 address is configured for echo packets.
ï‚¡ Configure the source IPv6 address of echo packets.
bfd echo-source-ipv6 ipv6-address
By default, no source IPv6 address is configured for echo packets.
The source IPv6 address of echo packets can only be a global unicast address.
3. Create a static BFD session and enter static BFD session view.
IPv4:
9
bfd static session-name [ peer-ip ipv4-address interface
interface-type interface-number destination-ip ipv4-address
[ source-ip ipv4-address ] one-arm-echo [ discriminator auto ] ]
IPv6:
bfd static session-name [ peer-ipv6 ipv6-address interface
interface-type interface-number destination-ipv6 ipv6-address
[ source-ipv6 ipv6-address ] one-arm-echo [ discriminator auto ] ]
4. (Optional.) Specify a local discriminator for the static BFD session.
discriminator local local-value
By default, no local discriminator is specified.
You can use this command only if you do not specify a local discriminator when creating a static
BFD session.
Creating a static BFD session for multihop detection
1. Enter system view.
system-view
2. (Optional.) Configure the source IP address of echo packets.
ï‚¡ Configure the source IPv4 address of echo packets.
bfd echo-source-ip ip-address
By default, no source IPv4 address is configured for echo packets.
ï‚¡ Configure the source IPv6 address of echo packets.
bfd echo-source-ipv6 ipv6-address
By default, no source IPv6 address is configured for echo packets.
The source IPv6 address of echo packets can only be a global unicast address.
3. Create a static BFD session and enter static BFD session view.
IPv4:
bfd static session-name [ peer-ip ipv4-address [ vpn-instance
vpn-instance-name ] destination-ip ipv4-address [ source-ip
ipv4-address ] one-arm-echo [ discriminator auto ] ]
IPv6:
bfd static session-name [ peer-ipv6 ipv6-address interface
interface-type interface-number destination-ipv6 ipv6-address
[ source-ipv6 ipv6-address ] one-arm-echo [ discriminator auto ] ]
4. (Optional.) Specify a local discriminator for the static BFD session.
discriminator local local-value
By default, no local discriminator is specified.
You can use this command only if you do not specify a local discriminator when creating a static
BFD session.
Configuring BFD session parameters for single-hop detection
1. Enter system view.
system-view
2. Enter interface view or static BFD session view.
ï‚¡ Enter interface view.
interface interface-type interface-number
ï‚¡ Enter static BFD session view.
10
bfd static session-name
The static BFD session must already exist.
To configure parameters for a static BFD session, you must enter its view.
3. Set the minimum interval for receiving BFD echo packets.
bfd min-echo-receive-interval interval
By default, the minimum interval for receiving BFD echo packets is 400 milliseconds.
4. Set the detection time multiplier.
bfd detect-multiplier value
The default setting is 5.
Configuring BFD session parameters for multihop detection
1. Enter system view.
system-view
2. (Optional.) Enter static BFD session view.
bfd static session-name
The static BFD session must already exist.
To configure parameters for a static BFD session, you must enter its view.
3. Set the minimum interval for receiving BFD echo packets.
bfd multi-hop min-echo-receive-interval interval
By default, the minimum interval for receiving BFD echo packets is 400 milliseconds.
4. Set the detection time multiplier.
bfd multi-hop detect-multiplier value
The default setting is 5.
Configuring BFD sessions in control packet mode
About BFD session creation methods
BFD sessions in control packet mode can be created statically or established dynamically.
BFD sessions are distinguished by the local discriminator and remote discriminator in control
packets. The main difference between a statically created session and a dynamically established
session is that they obtain the local discriminator and remote discriminator in different ways.
•
The local discriminator and remote discriminator of a static BFD session are specified manually.
•
The local discriminator of a dynamic BFD session is assigned by the device, and the remote
discriminator is obtained during BFD session negotiation. A created session without manually
specified local and remote discriminators is a dynamic BFD session.
Restrictions and guidelines
BFD version 0 does not support the following commands:
•
bfd authentication-mode
•
bfd demand enable
•
bfd echo enable
•
bfd session init-mode
11
Configuring a static BFD session
Restrictions and guidelines for static BFD session configuration
If a static BFD session is created on the remote end, the static BFD session must be created on the
local end.
When creating a static BFD session, you must specify a peer IPv4 or IPv6 address. The system
checks only the format of the IP address but not its correctness. If the peer IPv4 or IPv6 address is
incorrect, the static BFD session cannot be established.
Different static BFD sessions cannot have the same local discriminator.
Creating a static BFD session for single-hop detection
1. Enter system view.
system-view
2. Create a static BFD session and enter static BFD session view.
IPv4:
bfd static session-name [ peer-ip ipv4-address interface
interface-type interface-number source-ip ipv4-address ]
For a static BFD session to be established, specify the IPv4 address of the peer interface where
the static BFD session resides for the peer-ip ipv4-address option. Specify the IPv4
address of the local interface where the static BFD session resides for the source-ip
ipv4-address option.
IPv6:
bfd static session-name [ peer-ipv6 ipv6-address interface
interface-type interface-number source-ipv6 ipv6-address ]
For a static BFD session to be established, specify the IPv6 address of the peer interface where
the static BFD session resides for the peer-ipv6 ipv6-address option. Specify the IPv6
address of the local interface where the static BFD session resides for the source-ipv6
ipv6-address option.
3. (Optional.) Specify the local and remote discriminators for the static BFD session.
discriminator { local local-value | remote remote-value }
By default, no local discriminator or remote discriminator is specified for a static BFD session.
Use this command only if you do not specify the local or remote discriminator when creating a
static BFD session.
Create a static BFD session for multihop detection
1. Enter system view.
system-view
2. Create a static BFD session and enter static BFD session view.
IPv4:
bfd static session-name [ peer-ip ipv4-address [ vpn-instance
vpn-instance-name ] source-ip ipv4-address ]
IPv6:
bfd static session-name [ peer-ipv6 ipv6-address [ vpn-instance
vpn-instance-name ] source-ipv6 ipv6-address ]
3. (Optional.) Specify the local and remote discriminators for the static BFD session.
discriminator { local local-value | remote remote-value }
By default, no local discriminator or remote discriminator is specified for a static BFD session.
12
Use this command only if you do not specify the local or remote discriminator when creating a
static BFD session.
Configuring BFD session parameters for single-hop detection
1. Enter system view.
system-view
2. Specify the mode for establishing a BFD session.
bfd session init-mode { active | passive }
By default, active is specified.
3. Enter interface view or static BFD session view.
ï‚¡ Enter interface view.
interface interface-type interface-number
ï‚¡ Enter static BFD session view.
bfd static session-name
The static BFD session must already exist.
To configure parameters for a static BFD session, you must enter its view.
4. (Optional.) Configure the authentication mode for single-hop control packets.
bfd authentication-mode { m-md5 | m-sha1 | md5 | sha1 | simple } key-id
{ cipher cipher-string | plain plain-string }
By default, single-hop BFD packets are not authenticated.
5. Enable the Demand BFD session mode.
bfd demand enable
By default, the BFD session is in Asynchronous mode.
6. Set the minimum interval for transmitting single-hop BFD control packets.
bfd min-transmit-interval interval
The default setting is 400 milliseconds.
7. Set the minimum interval for receiving single-hop BFD control packets.
bfd min-receive-interval interval
The default setting is 400 milliseconds.
8. Set the single-hop detection time multiplier.
bfd detect-multiplier value
The default setting is 5.
Configuring BFD session parameters for multihop detection
1. Enter system view.
system-view
2. (Optional.) Enter static BFD session view.
bfd static session-name
The static BFD session must already exist.
To configure parameters for a static BFD session, you must enter its view.
3. Specify the mode for establishing a BFD session.
bfd session init-mode { active | passive }
By default, active is specified.
13
4. (Optional.) Configure the authentication mode for multihop BFD control packets.
bfd multi-hop authentication-mode { m-md5 | m-sha1 | md5 | sha1 | simple }
key-id { cipher cipher-string | plain plain-string }
By default, no authentication is performed.
5. Configure the destination port number for multihop BFD control packets.
bfd multi-hop destination-port port-number
The default setting is 4784.
6. Set the multihop detection time multiplier.
bfd multi-hop detect-multiplier value
The default setting is 5.
7. Set the minimum interval for receiving multihop BFD control packets.
bfd multi-hop min-receive-interval interval
The default setting is 400 milliseconds.
8. Set the minimum interval for transmitting multihop BFD control packets.
bfd multi-hop min-transmit-interval interval
The default setting is 400 milliseconds.
Enabling the echo function
About this task
This function enables the local system to periodically send echo packets to the remote system. The
remote system loops back the echo packets to the local system without processing them. If the local
system does not received the looped-back echo packets, it declares the BFD session down.
This function is supported only for single-hop detection.
Restrictions and guidelines
This function does not take effect on BFD sessions associated with interface states.
Procedure
1. Enter system view.
system-view
2. Enter interface view or static BFD session view.
ï‚¡ Enter interface view.
interface interface-type interface-number
ï‚¡ Enter static BFD session view.
bfd static session-name
The static BFD session must already exist.
3. Enable the echo function.
bfd echo [ receive | send ] enable
By default, the echo function is disabled.
Associating the interface state with BFD
About this task
By creating a BFD session for single-hop detection through exchange of BFD control packets, this
feature implements fast link detection. When BFD detects a link fault, it sets the link layer protocol
14
state to DOWN(BFD). This behavior helps applications relying on the link layer protocol state
achieve fast convergence. The source IP address of control packets is specified manually, and the
destination IP address is fixed at 224.0.0.184. As a best practice, specify the IP address of the
interface as the source IP address. If the interface does not have an IP address, specify a unicast IP
address other than 0.0.0.0 as the source IP address.
You can associate the state of the following interfaces with BFD:
•
Layer 3 Ethernet interfaces.
•
Member ports in a Layer 3 aggregation group.
Restrictions and guidelines
The echo function does not take effect on BFD sessions associated with interface states.
Procedure
1. Enter system view.
system-view
2. Enter interface view or.
interface interface-type interface-number
3. Associate the interface state with BFD.
bfd detect-interface source-ip ip-address [ discriminator local
local-value remote remote-value ]
If the peer device does not support obtaining BFD session discriminators through
autonegotiation, you must specify the discriminators on both the local and peer devices.
Without the discriminators, the BFD session cannot come up.
Configuring BFD session flapping suppression
About this task
When BFD detects a link failure, it tears down the BFD session and notifies the upper-layer protocol
of the failure. When the upper-layer protocol re-establishes a neighbor relationship, the BFD session
comes up again. BFD session flaps occur when a link fails and recovers repeatedly, which consumes
significant system resources and causes network instability.
This feature allows you to suppress BFD session flapping by using the initial-interval,
secondary-interval, and maximum-interval arguments.
•
A BFD session is suppressed within the specified interval. The suppression time does not
exceed the maximum-interval.
•
After a BFD session goes down for the second time, it cannot be re-established within the
initial-interval.
•
After a BFD session goes down for the third time, it cannot be re-established within the
secondary-interval.
•
After a BFD session goes down for the fourth time and at any later time, the following rules
apply:
 If secondary-interval × 2n-3 is smaller than or equal to the maximum-interval, the
BFD session cannot be re-established within the secondary-interval × 2n-3.
 If secondary-interval × 2n-3 is greater than the maximum-interval, the BFD
session cannot be re-established within the maximum-interval.
The letter n, starting from 4, is the number of times the BFD session flaps.
Procedure
1. Enter system view.
15
system-view
2. Configure BFD session flapping suppression.
bfd dampening [ maximum maximum-interval initial initial-interval
secondary secondary-interval ]
By default, BFD sessions are not suppressed.
The value for the initial-interval or secondary-interval argument cannot be
greater than the value for the maximum-interval argument.
Configuring a BFD template
About this task
Perform this task to specify BFD parameters in a template for sessions without next hops. You can
configure BFD parameters for LSPs and PWs through a BFD template.
Procedure
1. Enter system view.
system-view
2. Create a BFD template and enter BFD template view.
bfd template template-name
3. Configure the authentication mode for BFD control packets.
bfd authentication-mode { m-md5 | m-sha1 | md5 | sha1 | simple } key-id
{ cipher cipher-string | plain plain-string }
By default, no authentication is performed.
BFD version 0 does not support this command.
4. Set the detection time multiplier.
bfd detect-multiplier value
The default setting is 5.
5. Set the minimum interval for receiving BFD echo packets.
bfd min-echo-receive-interval interval
The default setting is 400 milliseconds.
6. Set the minimum interval for receiving BFD control packets.
bfd min-receive-interval interval
The default setting is 400 milliseconds.
7. Set the minimum interval for transmitting BFD control packets.
bfd min-transmit-interval interval
The default setting is 400 milliseconds.
Enabling SNMP notifications for BFD
About this task
To report critical BFD events to an NMS, enable SNMP notifications for BFD. For BFD event
notifications to be sent correctly, you must also configure SNMP as described in Network
Management and Monitoring Configuration Guide.
Procedure
1. Enter system view.
16
system-view
2. Enable SNMP notifications for BFD.
snmp-agent trap enable bfd
By default, SNMP notifications are enabled for BFD.
Verifying and maintaining BFD
To display BFD session information, execute the following command in any view:
display bfd session [ discriminator local-value | discriminator local
local-value | static session-name | verbose ]
display bfd session [ [ dynamic ] [ control | echo ] [ ip ] [ state
{ admin-down | down | init | up } ] [ discriminator remote remote-value ]
[ peer-ip ipv4-address [ vpn-instance vpn-instance-name ] ] [ verbose ] ]
display bfd session [ [ dynamic ] [ control | echo ] [ ipv6 ] [ state
{ admin-down | down | init | up } ] [ discriminator remote remote-value ]
[ peer-ipv6 ipv6-address [ vpn-instance vpn-instance-name ] ] [ verbose ] ]
display bfd session [ [ static ] [ ip ] [ state { admin-down | down | init
| up } ] [ discriminator remote remote-value ] [ peer-ip ipv4-address
[ vpn-instance vpn-instance-name ] ] [ verbose ]
display bfd session [ [ static ] [ ipv6 ] [ state { admin-down | down | init
| up } ] [ discriminator remote remote-value ] [ peer-ipv6 ipv6-address
[ vpn-instance vpn-instance-name ] ] [ verbose ]
To clear BFD session statistics, execute the following command in user view:
reset bfd session statistics
17
Document conventions and icons
Conventions
This section describes the conventions used in the documentation.
Command conventions
Convention
Description
Boldface Bold text represents commands and keywords that you enter literally as shown.
Italic Italic text represents arguments that you replace with actual values.
[ ] Square brackets enclose syntax choices (keywords or arguments) that are optional.
{ x | y | ... }
Braces enclose a set of required syntax choices separated by vertical bars, from which
you select one.
[ x | y | ... ]
Square brackets enclose a set of optional syntax choices separated by vertical bars,
from which you select one or none.
{ x | y | ... } *
Asterisk marked braces enclose a set of required syntax choices separated by vertical
bars, from which you select at least one.
[ x | y | ... ] *
Asterisk marked square brackets enclose optional syntax choices separated by vertical
bars, from which you select one choice, multiple choices, or none.
&<1-n> The argument or keyword and argument combination before the ampersand (&) sign
can be entered 1 to n times.
# A line that starts with a pound (#) sign is comments.
GUI conventions
Convention
Boldface Window names, button names, field names, and menu items are in Boldface. For
example, the New User window opens; click OK.
> Multi-level menus are separated by angle brackets. For example, File > Create >
Folder.
Symbols
Convention
WARNING! An alert that calls attention to important information that if not understood or followed
can result in personal injury.
CAUTION:
can result in data loss, data corruption, or damage to hardware or software.
IMPORTANT:
An alert that calls attention to essential information.
NOTE:
An alert that contains additional or supplementary information.
TIP:
An alert that provides helpful information.
18
Network topology icons
Convention
Represents a generic network device, such as a router, switch, or firewall.
Represents a routing-capable device, such as a router or Layer 3 switch.
Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that
supports Layer 2 forwarding and other Layer 2 features.
Represents an access controller, a unified wired-WLAN module, or the access
controller engine on a unified wired-WLAN switch.
Represents an access point.
Represents a wireless terminator unit.
Represents a wireless terminator.
Represents a mesh access point.
Represents omnidirectional signals.
Represents directional signals.
Represents a security product, such as a firewall, UTM, multiservice security
gateway, or load balancing device.
Represents a security module, such as a firewall, load balancing, NetStream, SSL
VPN, IPS, or ACG module.
Examples provided in this document
Examples in this document might use devices that differ from your device in hardware model,
configuration, or software version. It is normal that the port numbers, sample output, screenshots,
and other information in the examples differ from what you have on your device.
T
T
T
T
/