ā05-08-2024 02:00 AM
Does anyone know if any cisco ASA version supports Micro-BFD (RFC 7130) ?
I'm having a hard time finding it in the documentation so probably not.
maybe in an upcoming release?
Solved! Go to Solution.
ā05-08-2024 04:53 AM
Thanks for all the replies, but i think it's clear ASA doesn't support micro bfd
ā05-08-2024 02:03 AM
Why you are looking for BFD?
Do you have IGP you need to fast recovery by bfd?
MHM
ā05-08-2024 02:31 AM
Do you have IGP you need to fast recovery by bfd? YES
BFD is already running on the ASA, i'm looking to convert it it to Micro-BFD because it's connected the a Nexus VPC
When 1 of the links of the port-channel now goes down bfd is killiing the igp that's why i need micro-bfd RFC 7130
ā05-08-2024 02:36 AM
you run PO between ASA and vPC or redundancy interface ?
ā05-08-2024 03:07 AM
@Pim Scheffers, sorry if I'm asking something stupid, but are you talking about IGP through the ASA or to the ASA? So far as I know, ASA OSPF has not been integrated with BFD running on the ASA: the "CSCvh56774 ENH: Request to add BFD support for OSPF on ASA" enhancement has not been implemented. Also,
router ospf ...
bfd all-interfaces
is not available on the ASA (although I don't have latest version of the code in hands). Why does OSPF fail in this case when one of port-channel links goes down?
ā05-08-2024 02:32 AM
One ASA BFD is used 1) to support fast BGP fall-over and 2) for health monitoring and failure detection inside failover subsystem. For LAG monitoring and failure detection ASA/FXOS uses LACP. Micro BFD is not supported. Why do you need BFD on LAG interfaces?
ā05-08-2024 03:58 AM
So the setup is ASA with port-channel to nexus VPC pair - which connects to cisco asr1001-X also with a port-channel
between the ASA & ASR1001-x I have multiple bgp neigbourships with BFD fall-over configured
If i pull a link or reboot a switch from the vpc pair i see bgp neigbourships being torn down because of bfd which i can prevent if micro-bfd was supported, hope it's clear like this
ā05-08-2024 04:08 AM
Did you use bfd multihop also?
Since ebgp is multi hop then bfd need to be multi also
MHM
ā05-08-2024 04:38 AM - edited ā05-08-2024 04:38 AM
ebgp CAN be multi hop but it's not in this case the bgp neighbours are on the same segement.
I also don't read in the documentation that when you use bgp it MUST be multihop bfd i see loads of examples where it is single hop.
or maybe i'm misunderstanding
ā05-08-2024 04:40 AM
ASA-NSK-ASR
BGP run between ASA and ASR
the traffic pass through NSK L3 and it count as Hop
so BFD need to be multi in ASA to detect ASR
MHM
ā05-08-2024 04:45 AM
The nexus doesn't do L3 it's L2 Switch
ā05-08-2024 04:49 AM
can I see the ASA BFD and BGP config
also
show etherchannel summary <<- in NSK
MHM
ā05-08-2024 04:53 AM
Thanks for all the replies, but i think it's clear ASA doesn't support micro bfd
ā05-08-2024 04:57 AM
ASA not support micro BFD we agree
but ASA one link down loss BGP is not OK
the NSK see one link of PO not two, that Why when this link down the ASA loss BGP
anyway consider this NSK with vPC and PO sometime have issue
MHM
ā05-08-2024 05:06 AM
Ivan Pepelnjak already wrote a blogpost on it
https://blog.ipspace.net/2014/10/micro-bfd-bfd-over-lag-port-channel.html
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide