]> Unaffiliated Bidirectional Forwarding Detection (BFD) Echo China Mobile
Beijing China chengweiqiang@chinamobile.com
China Mobile
Beijing China wangruixue@chinamobile.com
ZTE Corp.
Nanjing China xiao.min2@zte.com.cn
Equinix
Ottawa Canada reshad@yahoo.com
Juniper Networks
rchetan@juniper.net
RTG bfd single-ended BFD This document specifies an extension to the Bidirectional Forwarding Detection (BFD) protocol that enables the use of the BFD Echo function without the need for an associated BFD control session. This "Unaffiliated BFD Echo" mechanism allows rapid detection of forwarding path failures in networks where establishing BFD control sessions is impractical or undesirable. By decoupling the Echo function from the control plane, network devices can utilize BFD's fast failure detection capabilities in a simplified manner, enhancing network resiliency and operational efficiency. This document updates RFC 5880 by defining a new Unaffiliated BFD Echo mechanism.
Introduction To minimize the impact of device and link faults on services and to improve network availability in single-hop scenarios, a network device needs the capability to quickly detect communication faults with adjacent devices. Prompt detection allows for timely remedial actions to ensure service continuity. BFD provides a low-overhead, short-interval method for detecting faults on the communication path between adjacent forwarding engines, which may include interfaces, data links, and the forwarding engines themselves. BFD offers a unified mechanism to monitor any media and protocol layers in real time. BFD defines two primary modes -- Asynchronous mode and Demand mode -- to accommodate various deployment scenarios. Additionally, it supports an Echo function that reduces the level of BFD support required in device implementations, as described in . When the Echo function is activated, the local system sends BFD Echo packets, and the remote system loops back the received Echo packets through the forwarding path, as described in and . If several consecutive BFD Echo packets are not received by the local system, the BFD session is declared Down. There are two typical scenarios when using the BFD Echo function:
  • Full BFD protocol capability with adjunct Echo function (Affiliated BFD Echo): This scenario requires both the local device and the adjacent device to support the full BFD protocol. This operation remains unchanged from .
  • BFD Echo-Only method without full BFD protocol capability (Unaffiliated BFD Echo): This scenario requires only the local device to support sending and demultiplexing BFD Control packets. In this case, BFD Control packets are sent over the BFD Echo port, and the processing procedures for Asynchronous mode are used with the modifications specified in this document. Note that this method requires the local device to send packets with one of its own IP addresses as the destination address, upon receipt of which the adjacent device loops them back to the local device. Also note that this method monitors the connectivity to a device over a specific interface and does not verify the availability of a specific IP address at that device.
This document specifies the Unaffiliated BFD Echo scenario. indicates that the payload of an Affiliated BFD Echo packet is a local matter; therefore, its contents are outside the scope of that specification. This document, however, specifies the contents of the Unaffiliated BFD Echo packet and the procedures for handling them. While this may appear to contravene , the core behavior in that RFC states that the contents of BFD Echo packets are a local matter; this document is defining that "local matter". Regarding the selection of IP addresses, the rules stated in are applicable to the encapsulation of an Unaffiliated BFD Echo packet. Section 6.2.2 of describes a use case for the Unaffiliated BFD Echo. This document updates by defining a new method of BFD Echo-only operation which only impacts the sender of BFD Echo packets without requiring an implementation to support the BFD protocol at the loopback device, such that any IP forwarder can loop back the BFD Echo packets. It specifies the use of the Unaffiliated BFD Echo over IPv4 and IPv6 for a single IP hop. The reason why it cannot be used for multihop paths is that the Unaffiliated BFD Echo packets would be looped back by the first hop. A full description of the updates to is provided in .
Conventions Used in This Document The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 when, and only when, they appear in all capitals, as shown here.
Unaffiliated BFD Echo Procedures This section specifies the Unaffiliated BFD Echo procedures.
Unaffiliated BFD Echo Device A Device B Unaffiliated BFD Echo Session Unaffiliated BFD Echo BFD | packets looped BFD supported BFD not supported | | | | Session | | | | | | Unaffiliated BFD Echo | | | | -------------------------------| BFD | | | | | packets | | | <-------------------------------| looped | | |------------| | | | | | | | | | | +----------------+ +----------------+ BFD supported BFD not supported ]]>
As shown in , device A supports BFD, whereas device B is a regular IP forwarder that does not support BFD. Device A would send Unaffiliated BFD Echo packets, and after receiving the Unaffiliated BFD Echo packets sent from device A, the one-hop-away BFD peer device B immediately loops them back by normal IP forwarding. This allows device A to rapidly detect a connectivity loss to device B. Note that device B would not intercept any received Unaffiliated BFD Echo packet or parse any BFD protocol field within the Unaffiliated BFD Echo packet. An Unaffiliated BFD Echo session is not actually a BFD session because there is no coordination of BFD protocol state between the two link ends: the remote end does not support BFD and so cannot engage in a BFD session. From the standpoint of the local end (as an initiator), the Unaffiliated BFD Echo session may be regarded as a BFD session. For the Unaffiliated Echo procedure, an Unaffiliated BFD Echo session is established on device A. The session MUST adhere to the BFD state machine specified in , with the exception that the received state is not derived from BFD Control packets originating from the remote system, but rather from packets that are generated by the local system and looped back from the remote system. Consequently, the AdminDown state is not utilized in Unaffiliated BFD Echo. BFD Control packets are transmitted and received as Unaffiliated BFD Echo packets, using UDP destination port 3785, as defined in . The standard procedures for BFD Asynchronous sessions are applied to the looped BFD Control packets, including packet validation and authentication, in accordance with . Once an Unaffiliated BFD Echo session is created on device A, it starts sending Unaffiliated BFD Echo packets. Unaffiliated BFD Echo packets with zeroed "Your Discriminator" field are demultiplexed to the proper session based on the source IP address or UDP source port. After the remote system loops back the local discriminator, all further received packets are demultiplexed based on the "Your Discriminator" field only, which conforms to the procedure specified in . An Unaffiliated BFD Echo packet follows the same encapsulation rules as for a BFD Echo packet as specified in . All Unaffiliated BFD Echo packets for the session MUST be sent with a TTL or Hop Limit value of 255. Received packets MUST have a TTL or Hop Limit value of 254 (similar to to verify against a configured number of hops); otherwise, the received packets MUST be dropped. In the context of an Unaffiliated BFD Echo packet, the "Desired Min TX Interval" and "Required Min RX Interval" fields, as defined in , MUST be populated with a specific value to prevent the potential exposure of uninitialized memory. It is RECOMMENDED that these fields be set to a value of 1 second (1,000,000 microseconds). However, upon receipt, these values MUST be ignored and MUST NOT be used in the calculation of the Detection Time. The "Required Min Echo RX Interval" field, as defined in , MUST be populated with a specific value to prevent the potential exposure of uninitialized memory. It is RECOMMENDED that this field be set to 0. However, this value MUST be ignored upon receipt. The transmission interval for Unaffiliated BFD Echo packets when in the Up state MUST be provisioned on device A. The functionality of the Unaffiliated BFD Echo feature is dependent on device B performing IP forwarding. While this capability is typically expected to be supported on routers, it may not be enabled by default on hosts. The method for provisioning device B to loop back Unaffiliated BFD Echo packets is outside the scope of this document. Similar to what's specified in , the Unaffiliated BFD Echo session begins with the periodic, slow transmission of Unaffiliated BFD Echo packets. The slow transmission rate should be no greater than one packet per second, until the session on device A is Up. After the session is Up, the provisioned transmission interval is used. When the Unaffiliated BFD Echo session on device A goes Down, the slow transmission rate is resumed. The "Detect Mult" field defined in MUST be set to a value provisioned on device A. When the bfd.SessionState is Up and a "Detect Mult" number of Unaffiliated BFD Echo packets have not arrived at device A as they should, the device A "MUST set bfd.SessionState to Down and bfd.LocalDiag to 2 (Echo Function Failed)", as specified in . In summary, the Unaffiliated BFD Echo packet reuses the format of the BFD Control packet defined in , and the fields within the Unaffiliated BFD Echo packet are populated as follows:
  • My Discriminator: MUST be set to the provisioned local discriminator.
  • Your Discriminator: MUST initially be set to 0, and then MUST be set to the value of "My Discriminator" looped back from the remote system.
  • Desired Min TX Interval: MUST be set to a specific value, with a suggested value of 1 second (1,000,000 microseconds).
  • Required Min RX Interval: MUST be set to a specific value, with a suggested value of 1 second (1,000,000 microseconds).
  • Required Min Echo RX Interval: MUST be set to a specific value, with a suggested value of 0.
  • Detect Mult: MUST be set to the provisioned maximum allowable number of consecutively lost Unaffiliated BFD Echo packets.
Updates to RFC 5880 The Unaffiliated BFD Echo described in this document reuses the BFD Echo function as described in and , but does not require BFD Asynchronous or Demand mode. In the Unaffiliated BFD Echo operation, only the local system has the BFD protocol enabled, while the remote system simply loops back the received BFD Echo packets as ordinary data packets, without engaging in the BFD protocol. This document updates with respect to its descriptions on the BFD Echo function as follows. The fourth paragraph of is updated as below: OLD TEXT
An adjunct to both modes is the Echo function.
NEW TEXT
An adjunct to both modes is the Echo function, which can also be running independently.
OLD TEXT
Since the Echo function is handling the task of detection, the rate of periodic transmission of Control packets may be reduced (in the case of Asynchronous mode) or eliminated completely (in the case of Demand mode).
NEW TEXT
Since the Echo function is handling the task of detection, the rate of periodic transmission of Control packets may be reduced (in the case of Asynchronous mode) or eliminated completely (in the case of Demand mode). The Echo function may also be used independently, with neither Asynchronous nor Demand mode.
The third and ninth paragraphs of are updated as below: OLD TEXT
Once the BFD session is Up, a system can choose to start the Echo function if it desires and the other system signals that it will allow it. The rate of transmission of Control packets is typically kept low when the Echo function is active.
NEW TEXT
When a system is running with Asynchronous or Demand mode, once the BFD session is Up, it can choose to start the Echo function if it desires and the other system signals that it will allow it. The rate of transmission of Control packets is typically kept low for Asynchronous mode or eliminated completely for Demand mode when the Echo function is active.
OLD TEXT
If the session goes Down, the transmission of Echo packets (if any) ceases, and the transmission of Control packets goes back to the slow rate.
NEW TEXT
In Asynchronous mode or Demand mode, if the session goes Down, the transmission of Echo packets (if any) ceases, and the transmission of Control packets goes back to the slow rate.
The second paragraph of is updated as below: OLD TEXT
When a system is using the Echo function, it is advantageous to choose a sedate reception rate for Control packets, since liveness detection is being handled by the Echo packets. This can be controlled by manipulating the Required Min RX Interval field (see section 6.8.3).
NEW TEXT
When a system is using the Echo function with Asynchronous mode, it is advantageous to choose a sedate reception rate for Control packets, since liveness detection is being handled by the Echo packets. This can be controlled by manipulating the Required Min RX Interval field (see section ). Note that a system operating in Demand mode would direct the remote system to cease the periodic transmission of BFD Control packets, by setting the Demand (D) bit in its BFD Control packets.
The second paragraph of is updated as below: OLD TEXT
When a system is said to have "the Echo function active" it means that the system is sending BFD Echo packets, implying that the session is Up and the other system has signaled its willingness to loop back Echo packets.
NEW TEXT
When a system in Asynchronous or Demand mode is said to have "the Echo function active" it means that the system is sending BFD Echo packets, implying that the session is Up and the other system has signaled its willingness to loop back Echo packets.
The seventh paragraph of is updated as below: OLD TEXT
When the Echo function is active, a system SHOULD set bfd.RequiredMinRxInterval to a value of not less than one second (1,000,000 microseconds). This is intended to keep received BFD Control traffic at a negligible level, since the actual detection function is being performed using BFD Echo packets.
NEW TEXT
When the Echo function is active with Asynchronous mode, a system SHOULD set bfd.RequiredMinRxInterval to a value of not less than one second (1,000,000 microseconds). This is intended to keep received BFD Control traffic at a negligible level, since the actual detection function is being performed using BFD Echo packets. A system operating in Demand mode would not receive BFD Control traffic.
The first and second paragraphs of are updated as below: OLD TEXT
BFD Echo packets MUST NOT be transmitted when bfd.SessionState is not Up. BFD Echo packets MUST NOT be transmitted unless the last BFD Control packet received from the remote system contains a nonzero value in Required Min Echo RX Interval. BFD Echo packets MAY be transmitted when bfd.SessionState is Up. The interval between transmitted BFD Echo packets MUST NOT be less than the value advertised by the remote system in Required Min Echo RX Interval, except as follows: [...]
NEW TEXT
When a system is using the Echo function with either Asynchronous or Demand mode, BFD Echo packets MUST NOT be transmitted when bfd.SessionState is not Up, and BFD Echo packets MUST NOT be transmitted unless the last BFD Control packet received from the remote system contains a nonzero value in Required Min Echo RX Interval. When a system is using the Echo function with either Asynchronous or Demand mode, BFD Echo packets MAY be transmitted when bfd.SessionState is Up, and the interval between transmitted BFD Echo packets MUST NOT be less than the value advertised by the remote system in Required Min Echo RX Interval, except as follows: [...]
Operational Considerations All operational considerations from apply. Since this mechanism leverages existing BFD machinery, particularly periodic pacing of traffic based on configuration, there's no real possibility to create congestion. Moreover, creating congestion would be counterproductive to checking the bidirectional connectivity. Some devices that would benefit from the use of BFD may be unable to support the full BFD protocol. Examples of such devices include servers running virtual machines, or Internet of Things (IoT) devices. By using Unaffiliated BFD Echo, these devices only need to support a basic loopback function. As specified in of this document, some configuration is needed to make the Unaffiliated BFD Echo work, although the configuration won't go beyond the scope of . At a BFD-enabled local system, the Unaffiliated BFD Echo session can coexist with other types of BFD sessions. In that scenario, the remote system for the Unaffiliated BFD Echo session must be different from the remote system for any other type of BFD session, and the local system's discriminators for different BFD sessions must be different. At the same time, it's not necessary for the local system to differentiate the Unaffiliated BFD Echo session from the other types of BFD sessions.
Security Considerations All security considerations from and apply. Unaffiliated BFD Echo requires the remote device to loop Unaffiliated BFD Echo packets. In order to provide this service, the remote device cannot make use of Unicast Strict Reverse Path Forwarding (RPF) , otherwise the Unaffiliated BFD Echo packets might not pass the RPF check at the remote device. As described in , BFD Echo packets may be spoofed. Specifically for Unaffiliated BFD Echo, a DoS attacker may send spoofed Unaffiliated BFD Echo packets to the loopback device, so some form of authentication SHOULD be included. Considering the Unaffiliated BFD Echo packets in this document are also BFD Control packets, the "Authentication Section" as defined in for a BFD Control packet is RECOMMENDED to be included within the Unaffiliated BFD Echo packet. As stated in , in order to avoid unset values being a potential vector for disclosure of uninitialized memory, all fields of the Unaffiliated BFD Echo packet MUST be populated with a certain value, even if some of the fields are ignored on receipt.
IANA Considerations This document has no IANA actions.
References Normative References Informative References TR-146: Subscriber Sessions Broadband Forum Broadband Forum Technical Report, TR-146, Issue 1
Acknowledgements The authors would like to acknowledge , , , , , , , , , , , , , , , , and for their careful reviews and very helpful comments. The authors would like to acknowledge for his guidance, insightful review, and very helpful comments. The authors would like to acknowledge for his insightful comments during the discussion of this document. The authors would like to acknowledge for the very helpful discussion.
Contributors ZTE
liu.aihua@zte.com.cn
ZTE
qian.xin2@zte.com.cn
ZTE
zhao.yanhua3@zte.com.cn