I use OSPFv3 between the two routers, where we use 2 address-families, 1 for IPv4 and one for IPv6. As the operation of strict-mode requires a bfd session to be up, before the OSPF adjacency will form, I'm facing the problem that because (I suppose) OSPFv3 uses the IPv6 link-local address for the hello singnalling, that no IPv4 BFD neighbor is forming and because of strict mode, the IPv4 AF OSPF adjacency will not form.
I've also tested to only enable BFD strict-mode for the IPv6 address-family, if I do that and the BFD neighbor is broken, BFD will tear down only the IPv6 OSPF adjacency, leaving the IPv4 adjacency up.
I’ve attached a drawing, that explains our configuration and setup. I've searched multiple configuration guides for different software releases, however we’ve not yet found an answer. We also use BGP in multi address-family mode (IPv4/IPv6) and BFD strict-mode does work in combination with BGP.
How should be implemented BFD for IPv4 unicast address family in OSPFv3?
According to RFC 5881 an IPv4 BFD session should be used for it, but your tests show that enabling BFD strict mode for IPv4 unicast family prevents neighbors to form adjacencies. In the case of OSPFv3 as described in the draft the OSPF session can be formed only for those neighbors having an active BFD session.
See in the first link in the draft
Init (with BFD strict-mode)
In this state, an Hello packet has recently been seen from the
neighbor. However, bidirectional communication has not yet been
established with the neighbor (i.e., the router itself did not
appear in the neighbor's Hello packet). A BFD session
establishment to the neighbor is requested, if not already done
(e.g. in the event of transition from 2-way state). All neighbors
in higher than Init state and those in Init state with BFD session
up are listed in the Hello packets sent from the associated
I would suggest you to open a Cisco TAC describing this issue. It looks like implementation needs to be tuned.
はじめに確認方法Version による Application name の変更について備考参考情報 はじめに本ドキュメントでは Cisco SD-WAN における Policy 上で設定可能な Application を確認する方法について記載しています。 確認方法サポートされている Application name についてはご使用されている vManage へ API を呼び出して確認することが可能です。https://<IP or FQDN>/...
DMVPN (Dynamic Multipoint VPN) Introduced by Cisco in late 2000 is a routing technology you can use to build a VPN network with multiple sites (spokes) without having to statically configure all devices. It’s a “hub and spoke” network, where the spok...
On 24th August 2021, Cisco announced the latest IOS XE release - Cisco IOS XE Bengaluru 17.6.1a
IOS XE 17.6.1a unlocks various routing features and enhancements comprehensively covering different technology segments such as voice, security,...
DMVPN (Dynamic Multipoint VPN) Introduced by Cisco in late 2000 is a routing technology you can use to build a VPN network with multiple sites (spokes) without having to statically configure all devices. It’s a “hub and spoke” network, where th...
SummaryRequirementsConfiguration StepsVerificationFAQTroubleshootingReferences & Tools
In the past when IOS 12.x was hot stuff we used MD5 to authenticate OSPF neighbors. This worked great on ethernet networks because OSPF is a m...