05-08-2024 02:00 AM
Does anyone know if any cisco ASA version supports Micro-BFD (RFC 7130) ?
I'm having a hard time finding it in the documentation so probably not.
maybe in an upcoming release?
Solved! Go to Solution.
05-08-2024 05:42 AM - edited 05-08-2024 05:57 AM
Noticed above that peers are on the same subnet, so removing misleading info.
Still, I don't understand why BFD between ASA and ASR1k fails if one link of the vPC fails and why micro-BFD is needed in this topology.
05-08-2024 06:21 AM - edited 05-08-2024 06:27 AM
So it depends on the hashing of the port-channel, not all bgp neighbors go down just the ones that travel over the link that is being pulled
lets's say:
bgp neigbor A travels over link 1 of the port-channel (because of src-dst ip hashing)
bgp neigbor B travels over link 2 of the port-channel (because of src-dst ip hashing)
link 2 gets disconnected
neihgbor A stays up
neighbor B gets torn down because bfd noticed the link down, after which neighbor B re-establishes over link 1
To prevent neighbor B from even being torn down and re-establishing you can use micro-bfd (if it's supported on your hardware)
also see the blog post from Ivan i posted before
05-08-2024 07:41 AM - edited 05-08-2024 07:54 AM
In my opinion, this can only happen if BFD timers on ASA and/or ASR1k are so small that a failure of a single link leads to the loss of few consecutive BFD packets, before the hash is re-programmed, in which case session is torn down. I might be mistaken. Increase timers and test?
On ASA BFD/UDP connection should be created with a port-channel as egress interface ("show conn all protocol udp port 3784"), so ASA should be able to switch to another physical link as soon as the other link is removed from the hash by the underlying code.
Micro-BFD would be run between the Nexus switch and the ASA on one side and the Nexus switch and the ASR1k on the other side, whilst your BGP is between the ASA and the ASR1k. How would this help?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide