Luca ,
When BFD goes DOWN it brings it’s CLIENT DOWN as well , in this case BFD brings DOWN BGP Session.
Only after Client is UP [ i.e Protocol Session UP ] , BFD can be programmed for Client .
Behavior you are observing is EXPECTED .
After BGP is brought DOWN by BFD , Client tries to Come UP again i.e BGP attempts to ESTABLISH SESSION again .
BGP Comes UP , but BFD cannot transition to UP due to Firewall Filter to Block BFD PDUs.
SO BGP stays up while BFD is DOWN .
DUT
=====
Scenario ==> I have BFD enabled for Multi-hop IBGP .
==========================================
regress@conjuring# run show bgp summary <=== CORE IBGP SESSION
Mar 02 00:22:55
Groups: 5 Peers: 5 Down peers: 0
Table Tot Paths Act Paths Suppressed History Damp State Pending
bgp.l3vpn.0
200006 200006 0 0 0 0
bgp.l3vpn-inet6.0
200006 200006 0 0 0 0
bgp.mvpn.0
3 3 0 0 0 0
bgp.mvpn-inet6.0
3 3 0 0 0 0
Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...
10.255.161.107 65000 13549 17567 0 1 1:46:37 Establ
bgp.l3vpn.0: 200006/200006/200006/0
bgp.l3vpn-inet6.0: 200006/200006/200006/0
bgp.mvpn.0: 3/3/3/0
bgp.mvpn-inet6.0: 3/3/3/0
vpna.inet.0: 200006/200006/200006/0
vpna.inet6.0: 200006/200006/200006/0
vpna.mvpn.0: 3/3/3/0
vpna.mvpn-inet6.0: 3/3/3/0
regress@conjuring# run show bfd session extensive <=== BFD FOR BGP [ CORE IBGP ]
Mar 02 00:29:24
Detect Transmit
Address State Interface Time Interval Multiplier
10.255.161.107 Up 0.450 0.150 3
Client BGP, TX interval 0.150, RX interval 0.150
Session up time 01:53:06
Local diagnostic None, remote diagnostic None
Remote state Up, version 1
Replicated
Session type: Multi hop BFD
Min async interval 0.150, min slow interval 1.000
Adaptive async TX interval 0.150, RX interval 0.150
Local min TX interval 0.150, minimum RX interval 0.150, multiplier 3
Remote min TX interval 0.150, min RX interval 0.150, multiplier 3
Local discriminator 52, remote discriminator 22
Echo mode disabled/inactive
Remote is control-plane independent
Multi-hop route table 0, local-address 10.255.162.157
Session ID: 0x0
Configure Firewall FiIlter to Discard Incoming BFD Packets.
===============================================
regress@conjuring# set firewall family inet filter mbfd_filterv4 term 1 from destination-port 4784
Mar 02 00:28:20
{master}[edit]
regress@conjuring# set firewall family inet filter mbfd_filterv4 term 1 then count mbfd_filter_count
Mar 02 00:28:36
{master}[edit]
regress@conjuring# set firewall family inet filter mbfd_filterv4 term 1 then discard
Mar 02 00:28:48
{master}[edit]
regress@conjuring# set firewall family inet filter mbfd_filterv4 term 2 then accept
Mar 02 00:28:54
{master}[edit]
regress@conjuring# set interfaces ae2 unit 0 family inet filter input mbfd_filterv4
Mar 02 00:29:19
{master}[edit]
regress@conjuring# commit
Mar 02 00:29:31
re0:
configuration check succeeds
re1:
commit complete
re0:
commit complete
{master}[edit]
regress@conjuring#
Output after enabling Filter to Block BFD Packets
=======================================
regress@conjuring# run show bfd session extensive
Mar 02 00:29:39
Detect Transmit
Address State Interface Time Interval Multiplier
10.255.161.107 AdminDown 0.450 1.000 3 <==== BFD Going DOWN
Session down time 00:00:03, previous up time 01:53:17
Local diagnostic CtlExpire, remote diagnostic None
Remote state Up, version 1
Replicated
Session type: Multi hop BFD
Min async interval 0.150, min slow interval 1.000
Adaptive async TX interval 0.150, RX interval 0.150
Local min TX interval 1.000, minimum RX interval 0.150, multiplier 3
Remote min TX interval 0.150, min RX interval 0.000, multiplier 3
Local discriminator 52, remote discriminator 0
Echo mode disabled/inactive, no-absorb, no-refresh
Remote is control-plane independent
Multi-hop route table 0, local-address 10.255.162.157
Session ID: 0x0
regress@conjuring# run show bgp summary <==== BGP brought DOWN by BFD
Mar 02 00:29:50
Groups: 5 Peers: 5 Down peers: 1
Table Tot Paths Act Paths Suppressed History Damp State Pending
bgp.l3vpn.0
0 0 0 0 0 0
bgp.l3vpn-inet6.0
0 0 0 0 0 0
bgp.mvpn.0
0 0 0 0 0 0
bgp.mvpn-inet6.0
0 0 0 0 0 0
Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...
10.255.161.107 65000 13563 17589 0 2 14 Active
regress@conjuring# run show bgp neighbor 10.255.161.107
Mar 02 00:29:59
Peer: 10.255.161.107 AS 65000 Local: 10.255.162.157 AS 65000
Group: ibgp Routing-Instance: master
Forwarding routing-instance: master
Type: Internal State: Active Flags: <>
Last State: Idle Last Event: Start
Last Error: None
Options: <Preference LocalAddress AddressFamily Rib-group Refresh>
Options: <BfdEnabled>
Address families configured: inet-vpn-unicast inet6-vpn-unicast inet-mvpn inet6-mvpn
Local Address: 10.255.162.157 Holdtime: 90 Preference: 170
Number of flaps: 2
Last flap event: BfdDown <=== BGP was brought DOWN by BFD
{master}[edit]
regress@conjuring#
regress@conjuring# run show bgp summary <=== CORE IBGP SESSION is UP
Mar 02 00:43:58
Groups: 5 Peers: 5 Down peers: 0
Table Tot Paths Act Paths Suppressed History Damp State Pending
bgp.l3vpn.0
200006 200006 0 0 0 0
bgp.l3vpn-inet6.0
200006 200006 0 0 0 0
bgp.mvpn.0
3 3 0 0 0 0
bgp.mvpn-inet6.0
3 3 0 0 0 0
Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...
10.255.161.107 65000 2285 39 0 2 13:50 Establ <=== CORE IBGP SESSION is UP
bgp.l3vpn.0: 200006/200006/200006/0
bgp.l3vpn-inet6.0: 200006/200006/200006/0
bgp.mvpn.0: 3/3/3/0
bgp.mvpn-inet6.0: 3/3/3/0
vpna.inet.0: 200006/200006/200006/0
vpna.inet6.0: 200006/200006/200006/0
vpna.mvpn.0: 3/3/3/0
vpna.mvpn-inet6.0: 3/3/3/0
regress@conjuring# run show bfd session extensive
Mar 02 00:44:01
Detect Transmit
Address State Interface Time Interval Multiplier <===== BFD is DOWN as Filter is enabled to Block Incoming BFD Packets. BFD stays Down until Firewall filter is removed.
10.255.161.107 Down 0.000 2.000 3
Client BGP, TX interval 0.150, RX interval 0.150
Local diagnostic None, remote diagnostic None
Remote state AdminDown, version 1
Replicated
Session type: Multi hop BFD
Min async interval 0.150, min slow interval 2.000
Adaptive async TX interval 2.000, RX interval 2.000
Local min TX interval 2.000, minimum RX interval 0.150, multiplier 3
Remote min TX interval 0.000, min RX interval 0.000, multiplier 0
Local discriminator 71, remote discriminator 0
Echo mode disabled/inactive, no-absorb, no-refresh
Multi-hop route table 0, local-address 10.255.162.157
Session ID: 0x0
Regards,
Vinod Kumar.