BFD - EIGRP - Tunnel Endpoint Liveness detection

Unanswered Question
Mar 27th, 2012

I would like to use BFD for Tunnel Endpoint Liveness detection (as mentioned in BFD white papers)

Router A:

interface GigabitEthernet0/0

  ip vrf forwarding INNER

  ip address 1.1.1.1 255.255.255.252

  bfd interval 50 min_rx 50 multiplier 3

interface Loopback1

  ip vrf forwarding INNER

  ip address 2.2.2.1 255.255.255.255

interface Tunnel1

  ip vrf forwarding OUTER

  ip address 3.3.3.1 255.255.255.2

  tunnel source 2.2.2.1

  tunnel destination 2.2.2.2

  tunnel mode ipsec ipv4

  tunnel protection ipsec profile WHATEVER

  tunnel vrf INNER

router eigrp 1

  address-family ipv4 vrf INNER autonomous-system 2

    bfd all-interfaces

    network 1.1.1.0 0.0.0.3

    network 2.2.2.0 0.0.0.255

  address-family ipv4 vrf OUTER autonomous-system 3

    network 3.3.3.0 0.0.0.3

Router B:

interface GigabitEthernet0/0

  ip vrf forwarding INNER

  ip address 1.1.1.2 255.255.255.252

  bfd interval 50 min_rx 50 multiplier 3

interface Loopback1

  ip vrf forwarding INNER

  ip address 2.2.2.2 255.255.255.255

interface Tunnel1

  ip vrf forwarding OUTER

  ip address 3.3.3.2 255.255.255.2

  tunnel source 2.2.2.2

  tunnel destination 2.2.2.1

  tunnel mode ipsec ipv4

  tunnel protection ipsec profile WHATEVER

  tunnel vrf INNER

router eigrp 1

  address-family ipv4 vrf INNER autonomous-system 2

    bfd all-interfaces

    network 1.1.1.0 0.0.0.3

    network 2.2.2.0 0.0.0.255

  address-family ipv4 vrf OUTER autonomous-system 3

    network 3.3.3.0 0.0.0.3

Routers A and B are connected via their respective interfaces Gi0/0. Network 1.1.1.0/30 comes up, EIGRP neighborship between 1.1.1.1 and 1.1.1.2 in VRF INNER is established and both sides learn about 2.2.2.1 and 2.2.2.2 respectively. This means the tunnel endpoints can be reached and Tunnel1 comes up, hence EIGRP neighborship between 3.3.3.1 and 3.3.3.2 in VRF OUTER ist established.

Now when I disconnect Gi0/0, BFD kicks in and tears down the EIGRP neighborship in VRF INNER almost instantly. This makes 2.2.2.2 unreachable from Router A, so I would expect Tunnel1 to go down the same moment because the tunnel endpoint can no longer be reached. Instead, the tunnel goes down not before 15 or 20 seconds have elapsed and likewise the EIGRP neighborship in VRF OUTER times out.

What I would like to see: connection loss between Router A and B tears down EIGRP neighborship in VRF OUTER in the sub second range. Can this be done?

Regards,

Robert

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 0 (0 ratings)
Mohamed Sobair Tue, 03/27/2012 - 14:57

Robert,

This symptoms can be resolved with (Tunnel Keepalive). You just need to add a Keepalive to the Tunnel interface and you should see faster notification.

In the Tunnel Interface add the following:

Interface Tunnel1

Keepalive 1 3

HTH

Mohamed

Actions

Login or Register to take actions

This Discussion

Posted March 27, 2012 at 1:56 PM
Stats:
Replies:3 Avg. Rating:
Views:1085 Votes:0
Shares:0

Related Content

Discussions Leaderboard