Re: BFD over multipoint VPLS

ngthen · ‎06-19-2021

I have a 5 node VPLS setup through AT&T going into my various data centers. I'm currently using OSPF and would like faster failover to my VPN backup tunnels if the VPLS should go down. On a point-to-point link, BFD works as planned. On a VPLS network with all WAN interfaces on the same /24 it doesn't see all the sites when I issue "show bfd neighbors". Is BFD supported in this scenario? How world others get around it?

balaji.bandi · ‎06-20-2021

you can not see BFD neigh over VPN or VPLS?

Do you have BFD configured on the connected interface? show us some config

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

MHM Cisco World · ‎06-20-2021

as I know BGP with VPLS is use for autodiscver and signaling, are this what are looking for ?

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/mp_l2_vpns/configuration/xe-3s/asr903/mp-l2-vpns-xe-3s-asr903-book/mp-l2-vpns-xe-3s-asr903-book_chapter_01000.pdf

Giuseppe Larosa · ‎06-20-2021

Hello @ngthen ,

what you see might be normal if you consider that with OSPF and 5 nodes a DR is elected and a BDR is elected on the emulated VPLS broadcast domain.

Verify on the DR node if it sees all the other devices .

the BFD sessions might be used to protect full adjacencies that in this case are only with DR and BDR.

There is little interest on using BFD between DR other routers that are in Two Way State .

Hope to help

Giuseppe

ngthen · ‎06-21-2021

Giuseppe,

I didn't think about DR & BDR for BFD. I'll validate that this AM and then post the config sample as others have requested.

ngthen · ‎06-21-2021

So in looking, it appears the router is trying to reach the BDR when establishing a BFD session. For example, I was hoping to see something between 10.25.1.1 & 10.25.1.3, but instead it tries 10.25.1.1 <--> 10.25.1.5 AND 10.25.1.3 <--> 10.25.1.5. 10.25.1.5 is showing up as the BDR in both cases. This, I believe, is what Giuseppe is alluding to.

What I am trying to achieve would be if a VPLS node goes down somewhere in AT&T's network and their on-prem Ciena box is still up that I could fail over faster to my VPN backup rather than waiting for the hold down timer to expire. Right now if they have a failure at their CO my router still thinks the Interface is good and I need to wait the 40 seconds or so to flip. Now if I kill the interface on the router it is pretty much instant. Now on the other end, I don't need to trigger a full failover obviously as their VPLS node is still running and my remote sites other than the one in question should continue to use it.

How would others achieve this without lowering the timers?

Giuseppe Larosa · ‎06-21-2021

Hello @ngthen ,

if you have port based VPLS you can use VLANs to create a non flat topology a collection of point to point links over each of them you will run BFD on pairs of routers that you manage.

Hope to help

Giuseppe

ngthen · ‎06-25-2021

Although I don't have a designed solution yet, Giuseppe, you were able to give good direction on potential ways to go with a cause on what I am seeing. Thanks!